update session handler

CAFECA-IO · Jan 8, 2025 · 3547482 · 3547482
1 parent d8797f6
commit 3547482
Show file tree

Hide file tree

Showing 14 changed files with 212 additions and 76 deletions.
diff --git a/prisma/seed_json/file.json b/prisma/seed_json/file.json
@@ -1,4 +1,60 @@
 [
+  {
+    "id": 0,
+    "name": "0.jpg",
+    "size": 0,
+    "mimeType": "image/jpeg",
+    "type": "invoice",
+    "url": "N/A",
+    "isEncrypted": false,
+    "encryptedSymmetricKey": "=",
+    "iv": "",
+    "createdAt": 0,
+    "updatedAt": 0,
+    "deletedAt": null
+  },
+  {
+    "id": 1,
+    "name": "1.jpg",
+    "size": 0,
+    "mimeType": "image/jpeg",
+    "type": "invoice",
+    "url": "N/A",
+    "isEncrypted": false,
+    "encryptedSymmetricKey": "=",
+    "iv": "",
+    "createdAt": 0,
+    "updatedAt": 0,
+    "deletedAt": null
+  },
+  {
+    "id": 2,
+    "name": "2.jpg",
+    "size": 0,
+    "mimeType": "image/jpeg",
+    "type": "invoice",
+    "url": "N/A",
+    "isEncrypted": false,
+    "encryptedSymmetricKey": "=",
+    "iv": "",
+    "createdAt": 0,
+    "updatedAt": 0,
+    "deletedAt": null
+  },
+  {
+    "id": 555,
+    "name": "555.jpg",
+    "size": 0,
+    "mimeType": "image/jpeg",
+    "type": "invoice",
+    "url": "N/A",
+    "isEncrypted": false,
+    "encryptedSymmetricKey": "=",
+    "iv": "",
+    "createdAt": 0,
+    "updatedAt": 0,
+    "deletedAt": null
+  },
   {
     "id": 1000,
     "name": "100000.jpg",

diff --git a/prisma/seed_json/user.json b/prisma/seed_json/user.json
@@ -1,34 +1,34 @@
 [
   {
-    "id": 1000,
-    "name": "Test_User_1",
-    "email": "[email protected]",
-    "imageFileId": 1002,
-    "createdAt": 1,
-    "updatedAt": 1
+    "id": 0,
+    "name": "PROCESSING",
+    "email": "[email protected]",
+    "imageFileId": 0,
+    "createdAt": 0,
+    "updatedAt": 0
   },
   {
-    "id": 1001,
-    "name": "Test_User_2",
-    "email": "[email protected]",
-    "imageFileId": 1003,
-    "createdAt": 1,
-    "updatedAt": 1
+    "id": 1,
+    "name": "GUEST",
+    "email": "[email protected]",
+    "imageFileId": 1,
+    "createdAt": 0,
+    "updatedAt": 0
   },
   {
-    "id": 1002,
-    "name": "Test_User_3",
-    "email": "[email protected]",
-    "imageFileId": 1004,
-    "createdAt": 1,
-    "updatedAt": 1
+    "id": 2,
+    "name": "SYSTEM",
+    "email": "[email protected]",
+    "imageFileId": 2,
+    "createdAt": 0,
+    "updatedAt": 0
   },
   {
-    "id": 1003,
-    "name": "Test_User",
-    "email": "[email protected]",
-    "imageFileId": 1005,
-    "createdAt": 1,
-    "updatedAt": 1
+    "id": 555,
+    "name": "UNKNOWN",
+    "email": "[email protected]",
+    "imageFileId": 555,
+    "createdAt": 0,
+    "updatedAt": 0
   }
 ]
diff --git a/src/constants/default_value.ts b/src/constants/default_value.ts
@@ -1,4 +1,4 @@
-import { ONE_DAY_IN_MS } from '@/constants/time';
+import { ONE_DAY_IN_MS, ONE_HOUR_IN_MS } from '@/constants/time';
 
 // Info: (20241128 - Luphia) Default Value for Undefined Parameter
 export const DefaultValue = {
@@ -7,6 +7,7 @@ export const DefaultValue = {
     UNKNOWN: 555,
   },
   COMPANY_ID: {
+    PROCESSING: 0,
     UNKNOWN: 555,
   },
   COUNTER_PARTY_ID: {
@@ -23,8 +24,10 @@ export const DefaultValue = {
     SYSTEM: 2,
     UNKNOWN: 555,
   },
+  SESSION_ID: 'GUEST',
   SESSION_OPTION: {
     GC_INTERVAL: ONE_DAY_IN_MS,
+    SESSION_EXPIRE: ONE_HOUR_IN_MS,
     FILE_PATH: './session.store',
     SECRET: 'SECRET',
   },

diff --git a/src/constants/session.ts b/src/constants/session.ts
@@ -2,12 +2,9 @@ import { DefaultValue } from '@/constants/default_value';
 import { ISessionData } from '@/interfaces/session';
 
 export const SESSION_GUEST: ISessionData = {
+  sid: DefaultValue.SESSION_ID,
+  expires: 0,
   userId: DefaultValue.USER_ID.GUEST,
   companyId: 0,
   roleId: 0,
-  cookie: {
-    httpOnly: true,
-    path: '/',
-    secure: true,
-  },
 };
diff --git a/src/interfaces/session.ts b/src/interfaces/session.ts
@@ -1,21 +1,24 @@
-import { SessionData } from 'node_modules/next-session/lib/types';
-
 export interface ISessionOption {
   sid?: string;
   cookie?: {
-    httpOnly: boolean;
-    path: string;
-    secure: boolean;
+    sid?: string;
+    httpOnly?: boolean;
+    path?: string;
+    secure?: boolean;
+    sameSite?: 'string';
   };
 }
 
 export interface ISessionHandlerOption {
+  sessionExpires: number;
   gcInterval: number;
   filePath: string;
   secret: string;
 }
 
-export interface ISessionData extends SessionData {
+export interface ISessionData {
+  sid: string;
+  expires: number;
   userId: number;
   companyId: number;
   roleId: number;

diff --git a/src/lib/utils/auth_check_v2.ts b/src/lib/utils/auth_check_v2.ts
@@ -123,7 +123,7 @@ export function isWhitelisted(apiName: APIName, req: NextApiRequest): boolean {
     if (!queryMatches) return false;
   }
 
-  loggerBack.info(
+  loggerBack.debug(
     `Auth check passed for whitelisted API: ${apiName} and query: ${JSON.stringify(req.query)}`
   );
 

diff --git a/src/lib/utils/middleware.ts b/src/lib/utils/middleware.ts
@@ -23,14 +23,10 @@ export async function checkSessionUser(
   }
 
   // Info: (20241128 - Luphia) If there is no user_id, it will be considered as a guest
-  if (!session.userId) {
+  if (!session.userId || session.userId === DefaultValue.USER_ID.GUEST) {
     isLogin = false;
-    loggerError({
-      userId: DefaultValue.USER_ID.GUEST,
-      errorType: 'Unauthorized Access',
-      errorMessage: 'User ID is missing in session',
-    });
   }
+
   return isLogin;
 }
 
@@ -78,10 +74,19 @@ export async function logUserAction<T extends APIName>(
   req: NextApiRequest,
   statusMessage: string
 ) {
+  const userId = session.userId || DefaultValue.USER_ID.GUEST;
+  const sessionId = session.sid;
+
+  // Info: (20250108 - Luphia) Sometimes the user action log is not necessary
+  if (userId === DefaultValue.USER_ID.GUEST && apiName !== APIName.SIGN_IN) {
+    // Info: (20250108 - Luphia) Skip logging user action for guest user
+    return;
+  }
+
   try {
     const userActionLog = {
-      sessionId: session.id || '',
-      userId: session.userId || DefaultValue.USER_ID.GUEST,
+      sessionId,
+      userId,
       actionType: UserActionLogActionType.API,
       actionDescription: apiName,
       ipAddress: (req.headers['x-forwarded-for'] as string) || '',
@@ -94,7 +99,7 @@ export async function logUserAction<T extends APIName>(
     await createUserActionLog(userActionLog);
   } catch (error) {
     loggerError({
-      userId: session.userId || DefaultValue.USER_ID.GUEST,
+      userId,
       errorType: `Failed to log user action for ${apiName} in middleware.ts`,
       errorMessage: error as Error,
     });