feat: fix

2024-09-06 18:48:51 +07:00 · 2024-09-06 18:48:51 +07:00 · 552e70bcf3
parent c6bd7825ce
commit 552e70bcf3
3 changed files with 21 additions and 16 deletions
--- a/apps/backend/src/api/routes/auth.controller.ts
+++ b/apps/backend/src/api/routes/auth.controller.ts
@ -6,8 +6,8 @@ import { LoginUserDto } from '@gitroom/nestjs-libraries/dtos/auth/login.user.dto
 import { AuthService } from '@gitroom/backend/services/auth/auth.service';
 import { ForgotReturnPasswordDto } from '@gitroom/nestjs-libraries/dtos/auth/forgot-return.password.dto';
 import { ForgotPasswordDto } from '@gitroom/nestjs-libraries/dtos/auth/forgot.password.dto';
-import { removeSubdomain } from '@gitroom/helpers/subdomain/subdomain.management';
 import { ApiTags } from '@nestjs/swagger';
+import { getCookieUrlFromDomain } from '@gitroom/helpers/subdomain/subdomain.management';

@ApiTags('Auth')
@Controller('/auth')
@ -37,8 +37,7 @@ export class AuthController {
      }

      response.cookie('auth', jwt, {
-        domain:
-          '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+        domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
        secure: true,
        httpOnly: true,
        sameSite: 'none',
@ -47,8 +46,7 @@ export class AuthController {

      if (typeof addedOrg !== 'boolean' && addedOrg?.organizationId) {
        response.cookie('showorg', addedOrg.organizationId, {
-          domain:
-            '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+          domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
          secure: true,
          httpOnly: true,
          sameSite: 'none',
@ -83,8 +81,7 @@ export class AuthController {
      );

      response.cookie('auth', jwt, {
-        domain:
-          '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+        domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
        secure: true,
        httpOnly: true,
        sameSite: 'none',
@ -93,8 +90,7 @@ export class AuthController {

      if (typeof addedOrg !== 'boolean' && addedOrg?.organizationId) {
        response.cookie('showorg', addedOrg.organizationId, {
-          domain:
-            '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+          domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
          secure: true,
          httpOnly: true,
          sameSite: 'none',
@ -149,8 +145,7 @@ export class AuthController {
    }

    response.cookie('auth', activate, {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
      secure: true,
      httpOnly: true,
      sameSite: 'none',
@ -173,8 +168,7 @@ export class AuthController {
    }

    response.cookie('auth', jwt, {
-      domain:
-        '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+      domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
      secure: true,
      httpOnly: true,
      sameSite: 'none',
--- a/apps/backend/src/services/auth/auth.middleware.ts
+++ b/apps/backend/src/services/auth/auth.middleware.ts
@ -4,12 +4,12 @@ import { AuthService } from '@gitroom/helpers/auth/auth.service';
 import { User } from '@prisma/client';
 import { OrganizationService } from '@gitroom/nestjs-libraries/database/prisma/organizations/organization.service';
 import { UsersService } from '@gitroom/nestjs-libraries/database/prisma/users/users.service';
-import { removeSubdomain } from '@gitroom/helpers/subdomain/subdomain.management';
+import { getCookieUrlFromDomain } from '@gitroom/helpers/subdomain/subdomain.management';
 import { HttpForbiddenException } from '@gitroom/nestjs-libraries/services/exception.filter';

 export const removeAuth = (res: Response) => {
  res.cookie('auth', '', {
-    domain: '.' + new URL(removeSubdomain(process.env.FRONTEND_URL!)).hostname,
+    domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
    secure: true,
    httpOnly: true,
    sameSite: 'none',
--- a/libraries/helpers/src/subdomain/subdomain.management.ts
+++ b/libraries/helpers/src/subdomain/subdomain.management.ts
@ -1,8 +1,8 @@
 import {allTwoLevelSubdomain} from "./all.two.level.subdomain";
+const ipRegex = /^(https?:\/\/)?(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(:\d+)?$/;

 export function removeSubdomain(domain: string) {
    // Check if the domain is an IP address with optional port
-    const ipRegex = /^(https?:\/\/)?(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(:\d+)?$/;
    if (ipRegex.test(domain)) {
        return domain; // Return the original domain if it's an IP address
    }
@ -24,3 +24,14 @@ export function removeSubdomain(domain: string) {
    // Return the last two parts for standard domains
    return 'https://' + parts.slice(-2).join('.');
 }
+
+
+export function getCookieUrlFromDomain(domain: string) {
+    const url = removeSubdomain(domain);
+    const urlObj = new URL(url);
+    if (!ipRegex.test(domain)) {
+        return '.' + urlObj.hostname
+    }
+
+    return urlObj.hostname;
+}