refactor(backend,web): make uri to /auth/google

also renames controller method from verifyGAuthSession to verifyGToken to more accurately represent what's happening. Compass doesn't maintain a persistent session with Google like it does with it's user's session (via Supertokens). Instead, it just passes the access token in requests

Author: tyler-dane

packages/backend/src/auth/auth.routes.config.ts

@@ -5,26 +5,35 @@ import { CommonRoutesConfig } from "@backend/common/common.routes.config";
 import authController from "./controllers/auth.controller";
 import authMiddleware from "./middleware/auth.middleware";
 
+/**
+ * Routes with the verifyIsDev middleware are
+ * only available when running the app in dev,
+ * as they are not called by production code.
+ */
 export class AuthRoutes extends CommonRoutesConfig {
   constructor(app: express.Application) {
     super(app, "AuthRoutes");
   }
 
   configureRoutes(): express.Application {
     /**
-     * Convenience routes for debugging (eg via Postman)
-     *
-     * Production code shouldn't call these
-     * directly, which is why they're limited to devs only
+     * Checks whether user's google access token is still valid
      */
+    this.app.route(`/api/auth/google`).get([
+      verifySession(),
+      //@ts-expect-error res.promise is not returning response types correctly
+      authController.verifyGToken,
+    ]);
+
     this.app
       .route(`/api/auth/session`)
       .all(authMiddleware.verifyIsDev)
-      //@ts-ignore
+      //@ts-expect-error res.promise is not returning response types correctly
+      // eslint-disable-next-line @typescript-eslint/no-misused-promises
       .post(authController.createSession)
       .get([
         verifySession(),
-        //@ts-ignore
+        //@ts-expect-error res.promise is not returning response types correctly
         authController.getUserIdFromSession,
       ]);
 
@@ -38,20 +47,10 @@ export class AuthRoutes extends CommonRoutesConfig {
      */
     this.app.route(`/api/oauth/google`).post([
       authMiddleware.verifyGoogleOauthCode,
-      //@ts-ignore
+      //@ts-expect-error res.promise is not returning response types correctly
       authController.loginOrSignup,
     ]);
 
-    /**
-     * Ensures a user's google session is still valid, since
-     * we need to occasionally sync events
-     */
-    this.app.route(`/api/auth/session/gauth/verify`).get([
-      verifySession(),
-      //@ts-expect-error TODO: fix TS for this and other controller methods in this file
-      authController.verifyGAuthSession,
-    ]);
-
     return this.app;
   }
 }

packages/backend/src/auth/controllers/auth.controller.ts

@@ -66,7 +66,7 @@ class AuthController {
     res.promise({ userId });
   };
 
-  verifyGAuthSession = async (req: SessionRequest, res: Res_Promise) => {
+  verifyGToken = async (req: SessionRequest, res: Res_Promise) => {
     try {
       const userId = req.session?.getUserId();
 

packages/web/src/auth/gauth.util.ts

@@ -3,13 +3,10 @@ import { ENV_WEB } from "@web/common/constants/env.constants";
 export class GoogleOAuthSession {
   static async verifySession() {
     try {
-      const res = await fetch(
-        `${ENV_WEB.API_BASEURL}/auth/session/gauth/verify`,
-        {
-          method: "GET",
-          credentials: "include",
-        }
-      );
+      const res = await fetch(`${ENV_WEB.API_BASEURL}/auth/google`, {
+        method: "GET",
+        credentials: "include",
+      });
 
       if (!res.ok) return false;