gatsby-tv · neboman11 · Aug 5, 2021 · Aug 11, 2021 · Aug 11, 2021 · Aug 11, 2021
diff --git a/src/index.d.ts b/src/index.d.ts
@@ -1,4 +1,5 @@
 import { IPFSContent, Token } from "@gatsby-tv/types";
+import { ClientSession } from "mongoose";
 
 declare global {
   declare namespace NodeJS {
@@ -12,6 +13,7 @@ declare global {
     interface Request {
       decodedToken?: Token;
       ipfsContent?: IPFSContent;
+      session?: ClientSession;
     }
   }
 }
diff --git a/src/index.ts b/src/index.ts
@@ -61,6 +61,12 @@ app.use(
       return;
     }
 
+    if (req.session) {
+      // TODO: Abort transaction is async
+      req.session.abortTransaction();
+      req.session.endSession();
+    }
+
     // Check if error is specific with response code
     if (error instanceof WestEggError) {
       return res.status(error.statusCode).json({ error } as ErrorResponse);

diff --git a/src/middleware/transaction.ts b/src/middleware/transaction.ts
@@ -0,0 +1,16 @@
+import { NextFunction, Request, Response } from "express";
+import mongoose from "mongoose";
+
+export const useTransaction = async (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  const session = await mongoose.startSession();
+
+  req.session = session;
+  session.startTransaction();
+  next();
+  await session.commitTransaction();
+  session.endSession();
+};
diff --git a/src/routes/auth.ts b/src/routes/auth.ts
@@ -1,7 +1,3 @@
-import { Router } from "express";
-import { createHmac } from "crypto";
-import jwt from "jsonwebtoken";
-import { keys as keysOf } from "ts-transformer-keys";
 import {
   ErrorMessage,
   GetAuthSignInKeyRequest,
@@ -13,7 +9,6 @@ import {
   PostAuthSignInResponse,
   StatusCode
 } from "@gatsby-tv/types";
-
 import { InvalidToken } from "@src/entities/InvalidToken";
 import { PersistSignInKey } from "@src/entities/PersistSignInKey";
 import { SignInKey } from "@src/entities/SignInKey";
@@ -22,7 +17,12 @@ import logger from "@src/logger";
 import mail from "@src/mail";
 import { isValidBody } from "@src/middleware";
 import { isAuthenticated, validateSignin } from "@src/middleware/auth";
+import { useTransaction } from "@src/middleware/transaction";
 import { randomString } from "@src/utilities";
+import { createHmac } from "crypto";
+import { Router } from "express";
+import jwt from "jsonwebtoken";
+import { keys as keysOf } from "ts-transformer-keys";
 
 const router = Router();
 
@@ -32,6 +32,7 @@ const router = Router();
 router.post(
   "/signin",
   validateSignin,
+  useTransaction,
   (req, res, next) => {
     isValidBody(keysOf<PostAuthSignInRequest>(), req, res, next);
   },
@@ -115,7 +116,7 @@ router.get("/signin/:key", async (req, res, next) => {
 /**
  * POST /auth/signin/:key/persist
  */
-router.post("/signin/:key/persist", async (req, res, next) => {
+router.post("/signin/:key/persist", useTransaction, async (req, res, next) => {
   try {
     const params = req.params as PostAuthPersistSignInKeyRequestParams;
 
@@ -158,20 +159,25 @@ router.get("/token/refresh", isAuthenticated, async (req, res, next) => {
 /**
  * POST /auth/token/invalidate
  */
-router.post("/token/invalidate", isAuthenticated, async (req, res, next) => {
-  try {
-    const invalid = new InvalidToken({
-      expire: Date.now()
-    });
-    await InvalidToken.findByIdAndUpdate(req.decodedToken!._id, invalid, {
-      upsert: true,
-      setDefaultsOnInsert: true
-    });
+router.post(
+  "/token/invalidate",
+  isAuthenticated,
+  useTransaction,
+  async (req, res, next) => {
+    try {
+      const invalid = new InvalidToken({
+        expire: Date.now()
+      });
+      await InvalidToken.findByIdAndUpdate(req.decodedToken!._id, invalid, {
+        upsert: true,
+        setDefaultsOnInsert: true
+      });
 
-    res.sendStatus(StatusCode.CREATED);
-  } catch (error) {
-    next(error);
+      res.sendStatus(StatusCode.CREATED);
+    } catch (error) {
+      next(error);
+    }
   }
-});
+);
 
 export default router;
diff --git a/src/routes/channel.ts b/src/routes/channel.ts
@@ -39,6 +39,7 @@ import {
 } from "@src/middleware/channel";
 import { upload } from "@src/middleware/multipart";
 import { isMongoDuplicateKeyError, projection } from "@src/utilities";
+import { useTransaction } from "@src/middleware/transaction";
 
 const router = Router();
 
@@ -86,6 +87,7 @@ router.get(
 router.post(
   "/",
   isAuthenticated,
+  useTransaction,
   (req, res, next) => {
     isValidBody(keysOf<PostChannelRequest>(), req, res, next);
   },
@@ -198,6 +200,7 @@ router.put(
   isAuthenticated,
   hasPermissionToPutChannelRequest,
   validatePutChannelHandleRequest,
+  useTransaction,
   (req, res, next) => {
     isValidBody(keysOf<PutChannelHandleRequest>(), req, res, next);
   },
@@ -239,6 +242,7 @@ router.put(
   "/:id/avatar",
   isAuthenticated,
   hasPermissionToPutChannelRequest,
+  useTransaction,
   (req, res, next) => {
     upload(req, res, next, 2);
   },
@@ -273,6 +277,7 @@ router.put(
   "/:id/banner",
   isAuthenticated,
   hasPermissionToPutChannelRequest,
+  useTransaction,
   (req, res, next) => {
     upload(req, res, next, 2);
   },
@@ -307,6 +312,7 @@ router.put(
   "/:id/poster",
   isAuthenticated,
   hasPermissionToPutChannelRequest,
+  useTransaction,
   (req, res, next) => {
     upload(req, res, next, 2);
   },

diff --git a/src/routes/user.ts b/src/routes/user.ts
@@ -37,6 +37,7 @@ import {
   validatePutUserRequest
 } from "@src/middleware/user";
 import { isMongoDuplicateKeyError, projection } from "@src/utilities";
+import { useTransaction } from "@src/middleware/transaction";
 
 const router = Router();
 
@@ -85,6 +86,7 @@ router.post(
   (req, res, next) => {
     isValidBody(keysOf<PostUserCompleteSignupRequest>(), req, res, next);
   },
+  useTransaction,
   async (req, res, next) => {
     try {
       const body = req.body as PostUserCompleteSignupRequest;
@@ -196,6 +198,7 @@ router.put(
     isValidBody(keysOf<PutUserRequest>(), req, res, next);
   },
   hasPermissionToPutUserRequest,
+  useTransaction,
   async (req, res, next) => {
     try {
       const body = req.body as PutUserRequest;
@@ -230,6 +233,7 @@ router.put(
   isAuthenticated,
   hasPermissionToPutUserRequest,
   validatePutUserRequest,
+  useTransaction,
   (req, res, next) => {
     upload(req, res, next, 2);
   },
@@ -267,6 +271,7 @@ router.put(
   "/:id/banner",
   isAuthenticated,
   hasPermissionToPutUserRequest,
+  useTransaction,
   (req, res, next) => {
     upload(req, res, next, 2);
   },
@@ -305,6 +310,7 @@ router.put(
     isValidBody(keysOf<PutUserSubscriptionRequest>(), req, res, next);
   },
   hasPermissionToPutUserRequest,
+  useTransaction,
   async (req, res, next) => {
     try {
       const body = req.body as PutUserSubscriptionRequest;

diff --git a/src/routes/video.ts b/src/routes/video.ts
@@ -24,6 +24,7 @@ import {
   validateVideoExists
 } from "@src/middleware/video";
 import { projection } from "@src/utilities";
+import { useTransaction } from "@src/middleware/transaction";
 
 const router = Router();
 
@@ -56,6 +57,7 @@ router.post(
   "/",
   isAuthenticated,
   validatePostVideo,
+  useTransaction,
   (req, res, next) => {
     isValidBody(keysOf<PostVideoRequest>(), req, res, next);
   },
@@ -103,6 +105,7 @@ router.post(
 router.put(
   "/:id",
   isAuthenticated,
+  useTransaction,
   (req, res, next) => {
     isValidBody(keysOf<PutVideoRequest>(), req, res, next);
   },
@@ -128,6 +131,7 @@ router.put(
   "/:id/view",
   isAuthenticated,
   validateVideoExists,
+  useTransaction,
   async (req, res, next) => {
     try {
       const params = req.params as PutVideoViewRequestParams;
@@ -155,6 +159,7 @@ router.delete(
   "/:id",
   isAuthenticated,
   validateVideoExists,
+  useTransaction,
   async (req, res, next) => {
     try {
       const request = req.params as DeleteVideoRequest;