From fc8400f87f6197afcf57e3296cb53af7c2b72971 Mon Sep 17 00:00:00 2001 From: Corentin Lefort Date: Tue, 9 Sep 2025 14:42:44 +0200 Subject: [PATCH] =?UTF-8?q?Am=C3=A9liore=20les=20types=20TypeScript=20et?= =?UTF-8?q?=20la=20configuration?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Ajoute des types stricts pour WebhookPayload et RefreshTokenRecord - Remplace les types 'any' par des types appropriés - Centralise la configuration bcrypt dans SECURITY_CONFIG - Améliore la sécurité avec 12 rounds bcrypt au lieu de 10 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- constants.ts | 1 + services/auth.service.ts | 7 ++++--- types/webhook.types.ts | 19 +++++++++++++++++++ utils/triggerWebhook.ts | 9 ++++++++- 4 files changed, 32 insertions(+), 4 deletions(-) create mode 100644 types/webhook.types.ts diff --git a/constants.ts b/constants.ts index 11d34e0..248a84e 100644 --- a/constants.ts +++ b/constants.ts @@ -21,6 +21,7 @@ export const SECURITY_CONFIG = { WEBHOOK_RATE_LIMIT_MS: 1000, JWT_EXPIRATION: "1m", REFRESH_TOKEN_EXPIRATION_DAYS: 30, + BCRYPT_ROUNDS: 12, } as const; // HTTP Status codes commonly used diff --git a/services/auth.service.ts b/services/auth.service.ts index f6ce1ec..ceb0386 100644 --- a/services/auth.service.ts +++ b/services/auth.service.ts @@ -2,10 +2,11 @@ import prisma from "../prisma/client"; import bcrypt from "bcrypt"; import crypto from "crypto"; import { SECURITY_CONFIG } from "../constants"; +import { RefreshTokenRecord } from "../types/webhook.types"; export class AuthService { static async createUser(email: string, password: string) { - const hashed = await bcrypt.hash(password, 10); + const hashed = await bcrypt.hash(password, SECURITY_CONFIG.BCRYPT_ROUNDS); return await prisma.user.create({ data: { email, password: hashed } }); @@ -47,7 +48,7 @@ export class AuthService { return await prisma.refreshToken.delete({ where: { token } }); } - static async isRefreshTokenValid(refreshToken: any) { - return refreshToken && new Date() < new Date(refreshToken.expiresAt); + static async isRefreshTokenValid(refreshToken: RefreshTokenRecord | null): Promise { + return refreshToken !== null && new Date() < new Date(refreshToken.expiresAt); } } \ No newline at end of file diff --git a/types/webhook.types.ts b/types/webhook.types.ts new file mode 100644 index 0000000..2fe80f8 --- /dev/null +++ b/types/webhook.types.ts @@ -0,0 +1,19 @@ +export interface WebhookPayload { + action: string; + note?: any; + userId: number; + timestamp: string; + [key: string]: any; +} + +export interface RefreshTokenRecord { + id: number; + token: string; + userId: number; + expiresAt: Date; + createdAt: Date; + user: { + id: number; + email: string; + }; +} \ No newline at end of file diff --git a/utils/triggerWebhook.ts b/utils/triggerWebhook.ts index 36c36f9..8bb4fe9 100644 --- a/utils/triggerWebhook.ts +++ b/utils/triggerWebhook.ts @@ -1,13 +1,20 @@ import prisma from "../prisma/client"; import { SECURITY_CONFIG } from "../constants"; +import { WebhookPayload } from "../types/webhook.types"; const webhookCache = new Map(); export async function triggerWebhook( userId: number, action: string, - payload: any + noteData: any ) { + const payload: WebhookPayload = { + action, + note: noteData, + userId, + timestamp: new Date().toISOString() + }; const webhooks = await prisma.webhook.findMany({ where: { userId, action }, });