hexabot/api/src/app.controller.ts

/*
 * Copyright © 2024 Hexastack. All rights reserved.
 *
 * Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms:
 * 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission.
 * 2. All derivative works must include clear attribution to the original creator and software, Hexastack and Hexabot, in a prominent location (e.g., in the software's "About" section, documentation, and README file).
 */

import {
  BadRequestException,
  Controller,
  Get,
  Req,
  Res,
  Session,
} from '@nestjs/common';
import { CsrfCheck, CsrfGenAuth } from '@tekuconcept/nestjs-csrf';
import { CsrfGenerator } from '@tekuconcept/nestjs-csrf/dist/csrf.generator';
import { Request, Response } from 'express';
import { Session as ExpressSession } from 'express-session';

import { AppService } from './app.service';
import { config } from './config';
import { LoggerService } from './logger/logger.service';
import { Roles } from './utils/decorators/roles.decorator';

@Controller()
export class AppController {
  constructor(
    private readonly appService: AppService,
    private readonly logger: LoggerService,
  ) {}

  @Roles('public')
  @Get()
  getHello(): string {
    return this.appService.getHello();
  }

  @Roles('public')
  @Get('csrftoken')
  @CsrfCheck(false)
  @CsrfGenAuth(true)
  csrf(@Session() session: ExpressSession) {
    return {
      _csrf: session?.csrfSecret
        ? new CsrfGenerator().create(session.csrfSecret)
        : '',
    };
  }

  @Roles('public')
  @Get('__getcookie')
  cookies(@Req() req: Request): string {
    req.session.anonymous = true;
    return '_sailsIoJSConnect();';
  }

  // @TODO : remove once old frontend is abandoned
  @Get('logout')
  logout(@Req() req: Request, @Res({ passthrough: true }) res: Response) {
    res.clearCookie(config.session.name);

    req.session.destroy((error) => {
      if (error) {
        this.logger.error(error);
        throw new BadRequestException();
      }
    });
    return { status: 'ok' };
  }
}
feat: initial commit 2024-09-10 09:50:11 +00:00			`/*`
			`* Copyright © 2024 Hexastack. All rights reserved.`
			`*`
			`* Licensed under the GNU Affero General Public License v3.0 (AGPLv3) with the following additional terms:`
			`* 1. The name "Hexabot" is a trademark of Hexastack. You may not use this name in derivative works without express written permission.`
			`* 2. All derivative works must include clear attribution to the original creator and software, Hexastack and Hexabot, in a prominent location (e.g., in the software's "About" section, documentation, and README file).`
			`*/`

			`import {`
			`BadRequestException,`
			`Controller,`
			`Get,`
			`Req,`
			`Res,`
			`Session,`
			`} from '@nestjs/common';`
			`import { CsrfCheck, CsrfGenAuth } from '@tekuconcept/nestjs-csrf';`
			`import { CsrfGenerator } from '@tekuconcept/nestjs-csrf/dist/csrf.generator';`
			`import { Request, Response } from 'express';`
			`import { Session as ExpressSession } from 'express-session';`

			`import { AppService } from './app.service';`
			`import { config } from './config';`
			`import { LoggerService } from './logger/logger.service';`
			`import { Roles } from './utils/decorators/roles.decorator';`

			`@Controller()`
			`export class AppController {`
			`constructor(`
			`private readonly appService: AppService,`
			`private readonly logger: LoggerService,`
			`) {}`

			`@Roles('public')`
			`@Get()`
			`getHello(): string {`
			`return this.appService.getHello();`
			`}`

			`@Roles('public')`
			`@Get('csrftoken')`
			`@CsrfCheck(false)`
			`@CsrfGenAuth(true)`
			`csrf(@Session() session: ExpressSession) {`
			`return {`
			`_csrf: session?.csrfSecret`
			`? new CsrfGenerator().create(session.csrfSecret)`
			`: '',`
			`};`
			`}`

			`@Roles('public')`
			`@Get('__getcookie')`
			`cookies(@Req() req: Request): string {`
			`req.session.anonymous = true;`
			`return '_sailsIoJSConnect();';`
			`}`

			`// @TODO : remove once old frontend is abandoned`
			`@Get('logout')`
			`logout(@Req() req: Request, @Res({ passthrough: true }) res: Response) {`
			`res.clearCookie(config.session.name);`

			`req.session.destroy((error) => {`
			`if (error) {`
			`this.logger.error(error);`
			`throw new BadRequestException();`
			`}`
			`});`
			`return { status: 'ok' };`
			`}`
			`}`