Chore/added google login from mobile app#311
Merged
chamikaJ merged 24 commits intorelease-v2.1.4from Aug 11, 2025
Merged
Conversation
- Added `googleMobileAuth` method in `AuthController` to handle mobile Google sign-in. - Validates ID token and checks for email verification before proceeding. - Handles user registration and login, creating a session for authenticated users. - Updated API routes to include the new mobile authentication endpoint.
- Added validation for token audience, issuer, and expiry in the `googleMobileAuth` method of `AuthController`. - Improved error handling for invalid tokens and expired sessions, ensuring robust authentication flow.
- Updated the `googleMobileAuth` method in `AuthController` to accept multiple client IDs (web, Android, iOS) for token audience validation. - Improved error handling for invalid token audiences, ensuring a more flexible and robust authentication process.
…ntication - Introduced console logs in the `googleMobileAuth` method to display the token audience, allowed client IDs, and the status of relevant environment variables. - This enhancement aids in debugging and ensures better visibility into the authentication process.
…thub.com/Worklenz/worklenz into upstreame-release-v2.1.4
…tachments - Added functionality to retrieve user avatar URL and comment details, including created_at timestamp. - Implemented logic to fetch and format comment attachments for the response. - Transformed the response structure to include avatar, attachments, and other relevant comment data.
Origin release v2.1.4
…ategy - Added a new Passport strategy for mobile Google authentication. - Introduced `googleMobileAuthPassport` method in `AuthController` to handle authentication flow. - Updated routes to utilize the new Passport strategy for mobile sign-in. - Added `passport-custom` dependency for custom authentication strategy. - Updated `package.json` and `package-lock.json` to reflect new dependencies and version requirements.
- Introduced console logs in the `verify` and `googleMobileAuthPassport` methods to provide insights into session data, authentication status, and potential errors. - Enhanced debugging capabilities by logging session IDs, user information, and response details during the authentication flow. - This update aims to improve visibility and traceability of authentication events for better troubleshooting.
…cation - Improved session management by ensuring the session is saved before sending the response in the `AuthController`. - Added detailed logging for session save operations and included the session ID in the response for better debugging. - Updated session middleware configuration to enhance security and support mobile applications, including adjustments to cookie settings based on the production environment.
…in process - Enhanced session management by implementing session regeneration to prevent session fixation during login. - Added detailed logging for session regeneration, save operations, and response headers to aid in debugging. - Ensured the user is re-established in the new session and included session cookie details in the response for better traceability.
- Updated the session passport assignment to use a type assertion for better TypeScript compatibility. - This change ensures that the session object is correctly recognized, improving type safety in the authentication process.
- Improved session regeneration process to enhance security against session fixation attacks. - Added detailed logging for session regeneration errors and fallback mechanisms. - Introduced a new debug endpoint to provide insights into session data, cookies, and authentication status for easier troubleshooting. - Updated response structure to include session ID and cookie name for mobile app integration, ensuring proper session handling.
- Modified session management to allow the use of existing sessions for mobile applications, improving session continuity. - Added detailed logging for session ID usage, response headers, and session save operations to aid in debugging. - Updated session middleware to support header-based session IDs, ensuring proper handling when cookies are not available. - Included additional session information in the response for mobile app integration, facilitating better session management.
- Enhanced session middleware to create or replace session cookies based on header values, ensuring proper session management for mobile applications. - Added detailed logging for cookie headers and session ID usage to facilitate debugging and traceability. - Updated logic to maintain existing cookies while injecting the session cookie, improving compatibility with other cookies.
- Improved logging within the session middleware to provide detailed insights into session ID, cookie headers, and authentication status. - Added error handling for the session middleware to capture and log any issues during session processing. - Ensured proper construction of session cookies for mobile applications, maintaining compatibility with existing cookies.
…e handling - Introduced the `@types/cookie-signature` dependency to facilitate proper signing of session cookies. - Updated session middleware to create a securely signed cookie using the session secret, improving session management for mobile applications. - Enhanced logging for cookie creation and error handling to aid in debugging session issues.
- Replaced the `uid-safe` library with `crypto.randomBytes` for generating session IDs, improving security and randomness. - Updated session cookie construction to use template literals for better readability. - Standardized cookie header parsing to use consistent quotation marks, enhancing code clarity.
- Eliminated console logs from the `verify` and `googleMobileAuthPassport` methods to streamline the code and reduce noise in the logs. - Updated session middleware to enhance cookie handling for mobile applications, ensuring proper session management without excessive logging. - Improved session cookie configuration for production and development environments, maintaining compatibility with mobile app requirements.
- Added detailed debug logging to the session middleware for improved visibility into request processing, including URL, method, and header information. - Updated error handling to log session middleware errors and session ID status after processing. - Ensured compatibility with mobile applications by refining cookie handling based on header values.
- Updated session middleware to remove debug logging and streamline cookie handling for mobile applications. - Adjusted session cookie configuration to disable secure and domain settings for local development. - Removed the debug endpoint from the authentication routes to reduce noise in the codebase.
feat(task-comments): enhance reactions structure in comment response.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.