From 5bcdeae66377aa896e460b1241a52ed64cbda5de Mon Sep 17 00:00:00 2001 From: Rafi Arrafif Date: Fri, 9 Jan 2026 14:10:56 +0700 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7=20chore:=20change=20selected=20dat?= =?UTF-8?q?a=20when=20create=20user=20session?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These changes include: 1. Changes to the response structure when logging in with a third-party provider, by wrapping the token in `authToken` instead of directly entering it in the return data section. 2. Adding a type to user session creation by taking only the important elements. This is to prevent data leaks because important data is in jwt. --- .../controllers/githubCallback.controller.ts | 11 ++--- .../controllers/googleCallback.controller.ts | 11 ++--- .../createUserSession.repository.ts | 42 +++++++++++++++---- 3 files changed, 41 insertions(+), 23 deletions(-) diff --git a/src/modules/auth/controllers/githubCallback.controller.ts b/src/modules/auth/controllers/githubCallback.controller.ts index 245a3b7..1c727cf 100644 --- a/src/modules/auth/controllers/githubCallback.controller.ts +++ b/src/modules/auth/controllers/githubCallback.controller.ts @@ -10,13 +10,10 @@ export const githubCallbackController = async ( try { const userHeaderInfo = getUserHeaderInformation(ctx); - const userData = await githubCallbackService(ctx.query, userHeaderInfo); - return returnWriteResponse( - ctx.set, - 200, - "Authenticated successfully!", - userData - ); + const authToken = await githubCallbackService(ctx.query, userHeaderInfo); + return returnWriteResponse(ctx.set, 200, "Authenticated successfully!", { + authToken, + }); } catch (error) { return mainErrorHandler(ctx.set, error); } diff --git a/src/modules/auth/controllers/googleCallback.controller.ts b/src/modules/auth/controllers/googleCallback.controller.ts index af05c6c..fcb501e 100644 --- a/src/modules/auth/controllers/googleCallback.controller.ts +++ b/src/modules/auth/controllers/googleCallback.controller.ts @@ -10,13 +10,10 @@ export const googleCallbackController = async ( try { const userHeaderInfo = getUserHeaderInformation(ctx); - const userData = await googleCallbackService(ctx.query, userHeaderInfo); - return returnReadResponse( - ctx.set, - 200, - "Authenticated successfully!", - userData - ); + const authToken = await googleCallbackService(ctx.query, userHeaderInfo); + return returnReadResponse(ctx.set, 200, "Authenticated successfully!", { + authToken, + }); } catch (error) { return mainErrorHandler(ctx.set, error); } diff --git a/src/modules/userSession/repositories/createUserSession.repository.ts b/src/modules/userSession/repositories/createUserSession.repository.ts index b23aea6..4cb66b1 100644 --- a/src/modules/userSession/repositories/createUserSession.repository.ts +++ b/src/modules/userSession/repositories/createUserSession.repository.ts @@ -2,22 +2,46 @@ import { Prisma } from "@prisma/client"; import { ErrorForwarder } from "../../../helpers/error/instances/forwarder"; import { userSessionModel } from "../userSession.model"; +type CreateUserSessionResponse = Prisma.UserSessionGetPayload<{ + select: { + id: true; + deviceType: true; + isAuthenticated: true; + validUntil: true; + user: { + select: { + id: true; + name: true; + email: true; + username: true; + avatar: true; + birthDate: true; + bioProfile: true; + }; + }; + }; +}>; + export const createUserSessionRepository = async ( data: Prisma.UserSessionUncheckedCreateInput ) => { try { return await userSessionModel.create({ data, - include: { + select: { + id: true, + deviceType: true, + isAuthenticated: true, + validUntil: true, user: { - omit: { - password: true, - providerToken: true, - providerPayload: true, - deletedAt: true, - }, - include: { - preference: true, + select: { + id: true, + name: true, + email: true, + username: true, + avatar: true, + birthDate: true, + bioProfile: true, }, }, },