chore: nodejs: remove migrated endpoints

dbarrosop commented 1 week ago

PR Type

Enhancement, Other

Description

Removed OpenAPI route setup and related schema definitions.
Removed various routes and handlers including Personal Access Token (PAT), email-password sign-in, passwordless email sign-in, and sign-up routes.
Cleaned up middleware and route usage in the main application file.

Changes walkthrough 📝

Relevant files

Enhancement

22 files

app.ts `Remove OpenAPI route and clean up middleware usage` src/app.ts Removed the import and usage of `addOpenApiRoute`. Cleaned up middleware and route usage.	+0/-3
index.ts `Remove OpenAPI route setup and schema definitions` src/openapi/index.ts Deleted the entire file which contained OpenAPI route setup and schema definitions.	+0/-119
responses.ts `Remove OpenAPI response models` src/openapi/responses.ts Deleted the entire file which contained response models for OpenAPI schemas.	+0/-66
index.ts `Remove PAT and sign-up routes` src/routes/index.ts - Removed imports and usage of `patRouter` and `signUpRouter`.	+0/-4
index.ts `Remove Personal Access Token (PAT) route` src/routes/pat/index.ts Deleted the entire file which contained the Personal Access Token (PAT) route.	+0/-26
pat.ts `Remove PAT handler and schema` src/routes/pat/pat.ts Deleted the entire file which contained the handler and schema for creating PATs.	+0/-66
email-password.ts `Remove email-password sign-in handler and schema` src/routes/signin/email-password.ts Deleted the entire file which contained the email-password sign-in handler and schema.	+0/-55
index.ts `Remove email-password, PAT, and passwordless email sign-in routes` src/routes/signin/index.ts Removed imports and usage of email-password, PAT, and passwordless email sign-in handlers and schemas.	+0/-53
email.ts `Remove passwordless email sign-in handler and schema` src/routes/signin/passwordless/email.ts Deleted the entire file which contained the passwordless email sign-in handler and schema.	+0/-134
index.ts `Remove passwordless email sign-in export` src/routes/signin/passwordless/index.ts - Removed export of passwordless email sign-in.	+0/-1
pat.ts `Remove PAT sign-in handler and schema` src/routes/signin/pat.ts Deleted the entire file which contained the PAT sign-in handler and schema.	+0/-60
email-password.ts `Remove email-password sign-up handler and schema` src/routes/signup/email-password.ts Deleted the entire file which contained the email-password sign-up handler and schema.	+0/-54
index.ts `Remove sign-up routes` src/routes/signup/index.ts - Deleted the entire file which contained the sign-up routes.	+0/-66
index.ts `Remove WebAuthn sign-up and verification exports` src/routes/signup/webauthn/index.ts - Removed exports for WebAuthn sign-up and verification.	+0/-2
signup.ts `Remove WebAuthn sign-up handler and schema` src/routes/signup/webauthn/signup.ts Deleted the entire file which contained the WebAuthn sign-up handler and schema.	+0/-82
verify.ts `Remove WebAuthn sign-up verification handler and schema` src/routes/signup/webauthn/verify.ts Deleted the entire file which contained the WebAuthn sign-up verification handler and schema.	+0/-162
index.ts `Remove token refresh route` src/routes/token/index.ts - Removed import and usage of token refresh handler and schema.	+0/-12
deanonymize.ts `Remove user deanonymize handler and schema` src/routes/user/deanonymize.ts Deleted the entire file which contained the user deanonymize handler and schema.	+0/-53
change.ts `Remove user email change handler and schema` src/routes/user/email/change.ts Deleted the entire file which contained the user email change handler and schema.	+0/-112
index.ts `Remove user email change and verification exports` src/routes/user/email/index.ts Removed exports for user email change and send verification email handlers.	+0/-2
send-verification-email.ts `Remove user email send verification email handler and schema` src/routes/user/email/send-verification-email.ts Deleted the entire file which contained the user email send verification email handler and schema.	+0/-106
index.ts `Remove user email, password reset, and deanonymize routes` src/routes/user/index.ts Removed imports and usage of user email change, send verification email, password reset, and deanonymize handlers and schemas.	+0/-73

💡 PR-Agent usage: Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

codiumai-pr-agent-pro[bot] commented 1 week ago

PR Reviewer Guide 🔍

⏱️ Estimated effort to review [1-5]	4
🧪 Relevant tests	No
🔒 Security concerns	No
⚡ Key issues to review	Possible Bug: The removal of OpenAPI route setup and related schema definitions could lead to undocumented API endpoints. Ensure that the API documentation is updated or maintained elsewhere if necessary.
	Dependency Check: Ensure that no other parts of the application depend on the removed OpenAPI setup or the removed routes. This includes any front-end components or external systems that might be using these endpoints.
	Configuration Changes: The removal of environment variables and configurations related to the removed features should be verified to ensure they are no longer needed or referenced elsewhere in the application.

codiumai-pr-agent-pro[bot] commented 1 week ago

PR Code Suggestions ✨

Category	Suggestion	Score
Enhancement	Add error handling middleware to improve application robustness ___ Consider adding a fallback or error handling middleware for the routes. This can help manage errors that are not caught within the route handlers, improving the robustness of the application. [src/routes/index.ts [28-34]](https://github.com/nhost/hasura-auth/pull/537/files#diff-4c1a276a826a5147689418cdbf9bde24c8326cedb30a61144fe7867bd99113efR28-R34) ```diff router.use(signInRouter); router.use(signOutRouter); router.use(elevateRouter); router.use(userRouter); router.use(mfaRouter); router.use(tokenRouter); router.use(verifyRouter); +router.use(errorHandlingMiddleware); // Add this line ``` - [ ] Apply this suggestion Suggestion importance[1-10]: 8 Why: Adding error handling middleware is a good practice to catch unhandled errors and improve the robustness of the application. This suggestion is contextually accurate and enhances the new code introduced in the PR.	8
Possible issue	Ensure alternative authentication methods are provided after removing some sign-in methods ___ Since the email-password and passwordless email sign-in methods have been removed, ensure that there is a clear migration path or alternative authentication methods provided to users to prevent access issues. [src/routes/signin/index.ts [6-15]](https://github.com/nhost/hasura-auth/pull/537/files#diff-26afd2e4ccfcac5d8a5fdbd1312ac77bfa6d2269f06b7180b4ca75c8d523d642R6-R15) ```diff import { signInAnonymousHandler, signInAnonymousSchema } from './anonymous'; import { signInMfaTotpHandler, signInMfaTotpSchema } from './mfa'; import { signInPasswordlessSmsHandler, signInPasswordlessSmsSchema, } from './passwordless'; import { signInOtpHandler, signInOtpSchema } from './passwordless/sms/otp'; import { signInVerifyWebauthnHandler, signInVerifyWebauthnSchema, } from './webauthn'; +// Consider adding alternative methods here or ensure migration is handled ``` - [ ] Apply this suggestion Suggestion importance[1-10]: 7 Why: The suggestion correctly identifies the removal of certain authentication methods and advises ensuring alternative methods or migration paths. This is important for maintaining user access and preventing issues.	7
	Re-add or ensure coverage for user email change and verification functionalities ___ It appears that the user email change and send verification email functionalities have been removed. If these features are still needed, consider re-adding them or ensuring that their functionality is covered elsewhere in the application. [src/routes/user/index.ts [7-16]](https://github.com/nhost/hasura-auth/pull/537/files#diff-14d43bc8570c6586d8a64c92ea9fe4ddd2a6fd85db68a8d0de8f7292c1476f36R7-R16) ```diff import { userMFAHandler, userMfaSchema } from './mfa'; import { userHandler } from './user'; import { userPasswordHandler, userPasswordSchema } from './password'; import { userProviderTokensHandler, userProviderTokensSchema, } from './provider-tokens'; import { addSecurityKeyHandler, addSecurityKeyVerifyHandler, } from './security-keys'; +// Re-add or ensure coverage for user email change and verification ``` - [ ] Apply this suggestion Suggestion importance[1-10]: 7 Why: The suggestion highlights the removal of important user functionalities and advises ensuring these features are covered elsewhere. This is crucial for user management and maintaining application functionality.	7
	Consider re-adding the token refresh endpoint if still required ___ The removal of the token refresh endpoint could lead to issues with token management. If token refreshing is still required, consider re-adding this endpoint or providing a new mechanism for token management. [src/routes/token/index.ts [3-7]](https://github.com/nhost/hasura-auth/pull/537/files#diff-c2bb5010a945faf6edfb700cde9fd283e19df6130afda9c2264e83b70267304cR3-R7) ```diff import { asyncWrapper as aw } from '@/utils'; import { bodyValidator } from '@/validation'; import { verifyTokenHandler, verifyTokenSchema } from './verify'; +import { tokenHandler, tokenSchema } from './token'; // Re-add this if needed const router = Router(); ``` - [ ] Apply this suggestion Suggestion importance[1-10]: 7 Why: The suggestion correctly points out the potential issues with token management due to the removal of the token refresh endpoint. Re-adding this endpoint or providing an alternative mechanism is important for maintaining secure and efficient token management.	7

nhost / hasura-auth

chore: nodejs: remove migrated endpoints #537

PR Type

Description

Changes walkthrough 📝

PR Reviewer Guide 🔍

PR Code Suggestions ✨