🔧 chore: change selected data when create user session

These changes include: 1. Changes to the response structure when logging in with a third-party provider, by wrapping the token in `authToken` instead of directly entering it in the return data section. 2. Adding a type to user session creation by taking only the important elements. This is to prevent data leaks because important data is in jwt.
2026-01-09 14:10:56 +07:00
parent 0cd253750a
commit 5bcdeae663
3 changed files with 41 additions and 23 deletions
--- a/src/modules/auth/controllers/githubCallback.controller.ts
+++ b/src/modules/auth/controllers/githubCallback.controller.ts
@ -10,13 +10,10 @@ export const githubCallbackController = async (
  try {
    const userHeaderInfo = getUserHeaderInformation(ctx);

-    const userData = await githubCallbackService(ctx.query, userHeaderInfo);
-    return returnWriteResponse(
-      ctx.set,
-      200,
-      "Authenticated successfully!",
-      userData
-    );
+    const authToken = await githubCallbackService(ctx.query, userHeaderInfo);
+    return returnWriteResponse(ctx.set, 200, "Authenticated successfully!", {
+      authToken,
+    });
  } catch (error) {
    return mainErrorHandler(ctx.set, error);
  }
--- a/src/modules/auth/controllers/googleCallback.controller.ts
+++ b/src/modules/auth/controllers/googleCallback.controller.ts
@ -10,13 +10,10 @@ export const googleCallbackController = async (
  try {
    const userHeaderInfo = getUserHeaderInformation(ctx);

-    const userData = await googleCallbackService(ctx.query, userHeaderInfo);
-    return returnReadResponse(
-      ctx.set,
-      200,
-      "Authenticated successfully!",
-      userData
-    );
+    const authToken = await googleCallbackService(ctx.query, userHeaderInfo);
+    return returnReadResponse(ctx.set, 200, "Authenticated successfully!", {
+      authToken,
+    });
  } catch (error) {
    return mainErrorHandler(ctx.set, error);
  }
--- a/src/modules/userSession/repositories/createUserSession.repository.ts
+++ b/src/modules/userSession/repositories/createUserSession.repository.ts
@ -2,22 +2,46 @@ import { Prisma } from "@prisma/client";
 import { ErrorForwarder } from "../../../helpers/error/instances/forwarder";
 import { userSessionModel } from "../userSession.model";

+type CreateUserSessionResponse = Prisma.UserSessionGetPayload<{
+  select: {
+    id: true;
+    deviceType: true;
+    isAuthenticated: true;
+    validUntil: true;
+    user: {
+      select: {
+        id: true;
+        name: true;
+        email: true;
+        username: true;
+        avatar: true;
+        birthDate: true;
+        bioProfile: true;
+      };
+    };
+  };
+}>;
+
 export const createUserSessionRepository = async (
  data: Prisma.UserSessionUncheckedCreateInput
 ) => {
  try {
    return await userSessionModel.create({
      data,
-      include: {
+      select: {
+        id: true,
+        deviceType: true,
+        isAuthenticated: true,
+        validUntil: true,
        user: {
-          omit: {
-            password: true,
-            providerToken: true,
-            providerPayload: true,
-            deletedAt: true,
-          },
-          include: {
-            preference: true,
+          select: {
+            id: true,
+            name: true,
+            email: true,
+            username: true,
+            avatar: true,
+            birthDate: true,
+            bioProfile: true,
          },
        },
      },