this handles the settings for the cookie session. The secret and the lifeTime of the cookie can be configured.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This makes it possible that we can get identities from any user object even if we didn't specify that while getting them from the orm
Signed-off-by: Philip Molares <philip.molares@udo.edu>
As these methods will be used in both the AuthService and the IdentityService, it makes sense to extract them and use them in this manner. Especially if one considers that they are quite standalone functions.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This is used to give identities a type and to easily get the identity any auth method would need.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This should help to make clear why code is executed when the TokenAuthGuard is encountered by a request. Currently, one has to connect both files via the string 'token', which is a bit cryptic
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The functions now expect a `Note` object instead of a noteId to
make it more consistent with other functions.
Signed-off-by: David Mehren <git@herrmehren.de>
The function now expects a `Note` object instead of a noteId
and a `User` instead of a username to
make it more consistent with other functions.
Signed-off-by: David Mehren <git@herrmehren.de>
As we now have a GetNotePipe, we can easily get rid of this function.
All clients can directly provide a `Note` instance
and use `getEntryByNote`.
Signed-off-by: David Mehren <git@herrmehren.de>
The function now expects a `Note` object instead of a noteId to
make it more consistent with other functions.
Signed-off-by: David Mehren <git@herrmehren.de>
The function now expects a `Note` object instead of a noteId to
make it more consistent with `updateHistoryEntryTimestamp`.
Signed-off-by: David Mehren <git@herrmehren.de>
This renames `createOrUpdateHistoryEntry` to `updateHistoryEntryTimestamp`,
which reduces confusion with the similarly named
`updateHistoryEntry` function.
Signed-off-by: David Mehren <git@herrmehren.de>
This replaces repeated calls to `noteService.getNoteByIdOrAlias`
and associated error handling with the `GetNotePipe`
in the `Param` decorator.
Signed-off-by: David Mehren <git@herrmehren.de>
`getNoteMetadata` does not use a method that
can throw a `PermissionsUpdateInconsistentError`.
The try/catch-block seems to be a copy-paste error.
Signed-off-by: David Mehren <git@herrmehren.de>
This replaces repeated calls to `noteService.getNoteByIdOrAlias`
and associated error handling with the `GetNotePipe`
in the `Param` decorator.
Signed-off-by: David Mehren <git@herrmehren.de>
This pipe transforms a note ID or alias to a Note object
by loading it from the database.
It also performs error handling
Signed-off-by: David Mehren <git@herrmehren.de>
This introduces the `RequestUser` decorator
to extract the `User` from a request.
It reduces code duplication across the public API
and allows us to drop the override of the `Request` type from express.
Signed-off-by: David Mehren <git@herrmehren.de>
This enables the prettier ESLint plugin.
In contrast to the prettier ESLint config (which is already enabled),
the plugin also runs checks against prettiers format rules
as part of ESLint.
This enables instant feedback in the editor,
when code violates the format rules and allows for quick-fix actions.
See also https://github.com/prettier/eslint-plugin-prettier#recommended-configuration
Signed-off-by: David Mehren <git@herrmehren.de>