From 5d43ef8540ad9a96b21534c871d20e8888e98427 Mon Sep 17 00:00:00 2001
From: Ankit Singh Tomar <ankit.singh@donorthreesixty.com>
Date: Wed, 10 Jan 2024 10:59:23 +0530
Subject: [PATCH] auth flow

---
 package.json          |  1 +
 src/lib/middleware.ts | 56 +++++++++++++++++++++++++++++++++++++++----
 2 files changed, 53 insertions(+), 4 deletions(-)

diff --git a/package.json b/package.json
index 0f437c355..18c6dfee5 100644
--- a/package.json
+++ b/package.json
@@ -94,6 +94,7 @@
     "maxmind": "^4.3.6",
     "moment-timezone": "^0.5.35",
     "next": "14.0.4",
+    "next-auth": "^4.24.5",
     "next-basics": "^0.39.0",
     "node-fetch": "^3.2.8",
     "npm-run-all": "^4.1.5",
diff --git a/src/lib/middleware.ts b/src/lib/middleware.ts
index 91fb6c7c4..71c7a211f 100644
--- a/src/lib/middleware.ts
+++ b/src/lib/middleware.ts
@@ -15,6 +15,48 @@ import {
 } from 'next-basics';
 import { NextApiRequestCollect } from 'pages/api/send';
 import { getUserById } from '../queries';
+import NextAuth from "next-auth"
+import CognitoProvider from "next-auth/providers/cognito";
+import { to } from '@react-spring/web';
+
+
+export const authOptions = {
+  providers: [
+    CognitoProvider({
+      clientId: process.env.COGNITO_CLIENT_ID,
+      clientSecret: process.env.COGNITO_CLIENT_SECRET ,
+      issuer: process.env.COGNITO_DOMAIN ,
+      idToken: true,
+      name: 'Cognito',
+      checks: 'nonce',
+    }),
+  ],
+  callbacks: {
+    async jwt({ token, user, account }) {
+      console.log("in next auth::::",token)
+      if (account) {
+        if (account['provider'] === 'cognito') {
+          var tokenParsed = JSON.parse(Buffer.from(token.split('.')[1], 'base64').toString());
+          console.log("token parsed",tokenParsed )
+          // token.refreshToken = account?.refresh_token;
+          // token.accessTokenExpires = account.expires_at * 1000;
+          console.log("token parsed::::",tokenParsed['cognito:username'],tokenParsed['iat'])
+          return { userId: tokenParsed['cognito:username'], iat: tokenParsed['iat'] };
+        }
+      }
+      // Return previous token if the access token has not expired yet
+      if ((Date.now()) < (token.accessTokenExpires ?? 0)) {
+        return token;
+      }
+
+      // Access token has expired, try to update it
+    },
+  }
+}
+
+
+
+export default NextAuth(authOptions)
 
 const log = debug('umami:middleware');
 
@@ -50,11 +92,18 @@ export const useSession = createMiddleware(async (req, res, next) => {
 
 export const useAuth = createMiddleware(async (req, res, next) => {
   const token = getAuthToken(req);
+  //console.log("got auth token",token)
   const payload = parseSecureToken(token, secret());
   const shareToken = await parseShareToken(req as any);
-
+  //console.log("got shareToken",shareToken);
+  let cognitoPayload = {};
+  if(!payload){
+    cognitoPayload =  await authOptions.callbacks.jwt({token:token,user:"",account:{provider:"cognito"}});
+  }
+  console.log("cognito auth payload",cognitoPayload)
+  console.log("umami auth payload ",payload);
   let user = null;
-  const { userId, authKey, grant } = payload || {};
+  const { userId, authKey, grant } = payload || cognitoPayload || {};
 
   if (userId) {
     user = await getUserById(userId);
@@ -94,7 +143,6 @@ export const useValidate = async (schema, req, res) => {
   return createMiddleware(async (req: any, res, next) => {
     try {
       const rules = schema[req.method];
-
       if (rules) {
         rules.validateSync({ ...req.query, ...req.body });
       }
@@ -104,4 +152,4 @@ export const useValidate = async (schema, req, res) => {
 
     next();
   })(req, res);
-};
+};
\ No newline at end of file