Merge pull request #24 from veracity/bugfix/memcache-issue

Bugfix/memcache issue

.vscode/launch.json

@@ -27,6 +27,12 @@
 			"console": "integratedTerminal",
 			"internalConsoleOptions": "neverOpen",
 			"port": 9229
+		},
+		{
+			"type": "node",
+			"request": "launch",
+			"name": "Launch 101-JS-Auth",
+			"program": "${workspaceFolder}\\samples\\101-JS-Auth\\start.js"
 		}
 	]
 }

README.md

@@ -1,6 +1,9 @@
 # Veracity Authentication library for NodeJS
 This library provides utilities that help with authentication against the Veracity Identity Provider.
 
+## Version 2.0 released
+The libray now store user data in the session object from [`express-session`](https://www.npmjs.com/package/express-session) (`req.session`). This change is done due to issues found with the version 1 of this package when running multiple node.exe processes on the same server.
+
 ## Version 1.0 released
 Version `1.0.0` is the first officially released and supported implementation of this library. The API has been changed from version `0.3.1-beta` and is not backwards compatible. This documentation as been revamped to describe the new library. See the code samples for detailed implementation instructions.
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@veracity/node-auth",
-  "version": "1.0.6",
+  "version": "2.0.0",
   "description": "A library for authenticating with Veracity and retrieving one or more access tokens for communicating with APIs.",
   "scripts": {
     "build:copy-files": "ts-node -T scripts/copy-files.ts",
@@ -39,8 +39,8 @@
     "request-promise-native": "^1.0.7"
   },
   "devDependencies": {
-    "@types/express": "^4.17.1",
-    "@types/express-session": "^1.15.14",
+    "@types/express": "^4.17.2",
+    "@types/express-session": "^1.15.16",
     "@types/jest": "^24.0.18",
     "@types/jsonwebtoken": "^8.3.4",
     "@types/lodash.omit": "^4.5.6",

samples/102-TS-Auth/package.json

@@ -23,8 +23,8 @@
   },
   "homepage": "https://developer.veracity.com",
   "devDependencies": {
-    "@types/express": "^4.17.1",
-    "@types/express-session": "^1.15.14",
+    "@types/express": "^4.17.2",
+    "@types/express-session": "^1.15.16",
     "ts-node": "^8.4.1",
     "typescript": "^3.6.3"
   },

src/api/VIDPWebAppStrategy.ts

@@ -7,7 +7,14 @@ import { VIDPOpenIDContext } from "../auth/VIDPOpenIDContext"
 import { VERACITY_API_SCOPES, VERACITY_METADATA_ENDPOINT } from "../constants"
 import { VIDPError, VIDPErrorSources, VIDPStrategyErrorCodes } from "../errors"
 import { IVIDPTokenData, IVIDPWebAppStrategySettings } from "../interfaces"
-import { MemCache, memCacheInstance } from "../utils/MemCache"
+
+/**
+ * Express request object with key session that is express-session
+ * or other, compatable session manager
+ */
+interface IRequestWithSession extends Request {
+	session: any
+}
 
 export type VIDPWebAppStrategyVerifier<TUser = any> = (
 	data: IVIDPTokenData, req: Request, done: (err: any, user?: TUser, info?: any) => void) => void | Promise<void>
@@ -28,8 +35,7 @@ export class VIDPWebAppStrategy<TUser = any> implements Strategy {
 
 	public constructor(
 		settings: IVIDPWebAppStrategySettings,
-		private verifier: VIDPWebAppStrategyVerifier<TUser>,
-		private memCache: MemCache = memCacheInstance
+		private verifier: VIDPWebAppStrategyVerifier<TUser>
 	) {
 		this.settings = {
 			apiScopes: [VERACITY_API_SCOPES.services],
@@ -67,14 +73,14 @@ export class VIDPWebAppStrategy<TUser = any> implements Strategy {
 		}
 	}
 
-	public async authenticate(req: Request, options?: any) {
+	public async authenticate(req: IRequestWithSession, options?: any) {
 		try {
 			const metadata = await getVIDPMetadata(this.settings.metadataURL)
 			const context = new VIDPOpenIDContext(req, {
 				apiScopes: this.settings.apiScopes,
 				authParams: this.authParams,
 				accessTokenParams: this.accessTokenParams
-			}, metadata, this.memCache)
+			}, metadata)
 
 			const nextOp = await context.next()
 			if (!nextOp) { // We are done with authentication