feat: Migrate Session.controller.js to typescript

package.json

@@ -137,6 +137,7 @@
     "@testing-library/react": "^12.1.2",
     "@types/bcryptjs": "^2.4.6",
     "@types/classnames": "^2.3.0",
+    "@types/express-session": "^1.18.2",
     "@types/friendly-words": "^1.2.2",
     "@types/jest": "^29.5.14",
     "@types/js-cookie": "^3.0.6",

server/controllers/session.controller.ts

@@ -0,0 +1,100 @@
+import passport from 'passport';
+import { RequestHandler } from 'express';
+import type { Request, Response, NextFunction } from 'express';
+import { userResponse } from './user.controller';
+import type { UserDocument } from '../types';
+import {
+  CreateSessionRequestBody,
+  CreateSessionResponseBody,
+  GetSessionResponseBody,
+  DestroySessionResponseBody
+} from '../types';
+
+/**
+ * - Method: `POST`
+ * - Endpoint: `/login`
+ * - Authenticated: `false`
+ * - Id: `SessionController.createSession`
+ *
+ * Description:
+ *   - Authenticate a user with local strategy and create a session
+ */
+export const createSession: RequestHandler<
+  {},
+  CreateSessionResponseBody,
+  CreateSessionRequestBody
+> = (req: Request, res: Response, next: NextFunction) => {
+  passport.authenticate(
+    'local',
+    (err: Error | null, user: UserDocument | false) => {
+      if (err) {
+        next(err);
+        return;
+      }
+      if (!user) {
+        res.status(401).json({ message: 'Invalid username or password.' });
+        return;
+      }
+
+      req.logIn(user, (innerErr) => {
+        if (innerErr) {
+          next(innerErr);
+          return;
+        }
+        res.json(userResponse(req.user!));
+      });
+    }
+  )(req, res, next);
+};
+
+/**
+ * - Method: `GET`
+ * - Endpoint: `/session`
+ * - Authenticated: `false`
+ * - Id: `SessionController.getSession`
+ *
+ * Description:
+ *   - Returns the current session user, or null if not logged in
+ */
+export const getSession: RequestHandler<{}, GetSessionResponseBody> = (
+  req: Request,
+  res: Response
+) => {
+  if (!req.user) {
+    return res.status(200).send({ user: null });
+  }
+  if (req.user.banned) {
+    return res.status(403).send({ message: 'Forbidden: User is banned.' });
+  }
+
+  return res.json(userResponse(req.user));
+};
+
+/**
+ * - Method: `GET`
+ * - Endpoint: `/logout`
+ * - Authenticated: `false`
+ * - Id: `SessionController.destroySession`
+ *
+ * Description:
+ *   - Logs out the user and destroys the session
+ */
+export const destroySession: RequestHandler<{}, DestroySessionResponseBody> = (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  req.logout((err: Error | null) => {
+    if (err) {
+      next(err);
+      return;
+    }
+    req.session.destroy((error: Error | null) => {
+      if (error) {
+        next(error);
+        return;
+      }
+      res.json({ success: true });
+    });
+  });
+};

server/types/index.ts

@@ -2,5 +2,6 @@ export * from './apiKey';
 export * from './email';
 export * from './express';
 export * from './mongoose';
+export * from './session';
 export * from './user';
 export * from './userPreferences';

server/types/session.ts

@@ -0,0 +1,15 @@
+import { PublicUser, GenericResponseBody } from '.';
+
+export interface CreateSessionRequestBody {
+  username: string;
+  password: string;
+}
+
+export type CreateSessionResponseBody = PublicUser | { message: string };
+
+export type GetSessionResponseBody =
+  | { user: null }
+  | PublicUser
+  | GenericResponseBody;
+
+export type DestroySessionResponseBody = { success: boolean };