chore: improve logging and bump Node.js to v18 (#398)

* chore(logs): improve logging in production

- bump Node.js to v18

* chore: add changeset

.changeset/little-lions-eat.md

@@ -0,0 +1,5 @@
+---
+'hasura-auth': patch
+---
+
+chore(logs): improve logging in production

.changeset/swift-roses-trade.md

@@ -0,0 +1,5 @@
+---
+'hasura-auth': minor
+---
+
+chore(node): bump Node.js to v18

.github/actions/install-dependencies/action.yaml

@@ -5,7 +5,7 @@ runs:
   steps:
     - uses: pnpm/[email protected]
       with:
-        version: 8.5.1
+        version: 8.6.2
         run_install: false
     - name: Get pnpm cache directory
       id: pnpm-cache-dir
@@ -19,10 +19,10 @@ runs:
           ~/.cache/Cypress
         key: ${{ runner.os }}-node-${{ hashFiles('pnpm-lock.yaml') }}
         restore-keys: ${{ runner.os }}-node-
-    - name: Use Node.js 16
+    - name: Use Node.js v18
       uses: actions/setup-node@v3
       with:
-        node-version: 16
+        node-version: 18
     - shell: bash
       name: Install packages
       run: pnpm install --frozen-lockfile

Dockerfile

@@ -1,18 +1,18 @@
-FROM node:16-alpine AS builder
+FROM node:18-alpine AS builder
 WORKDIR /app
-RUN npm i -g pnpm@8.5.1
+RUN npm i -g pnpm@8.6.2
 COPY package.json pnpm-lock.yaml tsconfig.json tsconfig.build.json ./
 RUN pnpm install --frozen-lockfile
 COPY src/ ./src/
 COPY types/ ./types/
 RUN pnpm run build
 
-FROM node:16-alpine as remover
+FROM node:18-alpine as remover
 ARG NODE_ENV=production
 ENV NODE_ENV $NODE_ENV
 ENV AUTH_PORT 4000
 WORKDIR /app
-RUN npm i -g pnpm@8.5.1
+RUN npm i -g pnpm@8.6.2
 COPY package.json pnpm-lock.yaml ./
 RUN pnpm install --frozen-lockfile --prod  && pnpm store prune
 COPY migrations/ ./migrations/

package.json

@@ -134,7 +134,7 @@
     "typescript": "4.5.4"
   },
   "engines": {
-    "node": ">=16 <17"
+    "node": ">=18 <19"
   },
   "commitlint": {
     "extends": [

src/errors.ts

@@ -3,27 +3,6 @@ import { StatusCodes } from 'http-status-codes';
 
 import { ENV, generateRedirectUrl } from './utils';
 
-/**
- * This is a custom error middleware for Express.
- * https://expressjs.com/en/guide/error-handling.html
- */
-export async function serverErrors(
-  error: Error,
-  _req: Request,
-  res: Response,
-  // * See: https://stackoverflow.com/a/61464426
-  // eslint-disable-next-line @typescript-eslint/no-unused-vars
-  _next: NextFunction
-): Promise<unknown> {
-  if (process.env.NODE_ENV === 'production') {
-    return res.status(StatusCodes.INTERNAL_SERVER_ERROR).send();
-  } else {
-    return res.status(StatusCodes.INTERNAL_SERVER_ERROR).send({
-      message: error.message,
-    });
-  }
-}
-
 // TODO Errors must be put in a shared package that the SDK also uses
 export type ErrorPayload = {
   error: string;
@@ -195,17 +174,28 @@ export const sendError = (
   return res.status(status).send({ status, message, error: code });
 };
 
+/**
+ * This is a custom error middleware for Express.
+ * https://expressjs.com/en/guide/error-handling.html
+ */
+export async function serverErrors(
+  error: Error,
+  _req: Request,
+  res: Response,
+  // * See: https://stackoverflow.com/a/61464426
+  // eslint-disable-next-line @typescript-eslint/no-unused-vars
+  _next: NextFunction
+): Promise<unknown> {
+  return sendError(res, 'internal-error', {
+    customMessage: error.message || 'An unknown error occurred',
+  });
+}
+
 export const sendUnspecifiedError = (res: Response, e: unknown) => {
   const error = e as Error;
   if (error.message in ERRORS) {
     return sendError(res, error.message as keyof typeof ERRORS);
   } else {
-    return sendError(
-      res,
-      'internal-error',
-      process.env.NODE_ENV !== 'production'
-        ? { customMessage: error.message }
-        : undefined
-    );
+    return sendError(res, 'internal-error', { customMessage: error.message });
   }
 };

src/routes/signup/email-password.ts

@@ -1,10 +1,10 @@
 import { RequestHandler } from 'express';
 
-import { getSignInResponse, getUserByEmail, ENV } from '@/utils';
-import { UserRegistrationOptionsWithRedirect } from '@/types';
 import { sendError } from '@/errors';
-import { Joi, email, passwordInsert, registrationOptions } from '@/validation';
+import { UserRegistrationOptionsWithRedirect } from '@/types';
+import { ENV, getSignInResponse, getUserByEmail } from '@/utils';
 import { createUserAndSendVerificationEmail } from '@/utils/user/email-verification';
+import { Joi, email, passwordInsert, registrationOptions } from '@/validation';
 
 export const signUpEmailPasswordSchema = Joi.object({
   email: email.required(),
@@ -37,17 +37,14 @@ export const signUpEmailPasswordHandler: RequestHandler<
 
   // SIGNIN_EMAIL_VERIFIED_REQUIRED = true => User must verify their email before signing in.
   // SIGNIN_EMAIL_VERIFIED_REQUIRED = false => User don't have to verify their email before signin in.
-
-  if (!ENV.AUTH_EMAIL_SIGNIN_EMAIL_VERIFIED_REQUIRED) {
-    const signInResponse = await getSignInResponse({
-      userId: user.id,
-      checkMFA: false,
-    });
-
-    // return logged in session because user does not have to verify their email
-    // to sign in
-    return res.send(signInResponse);
+  if (ENV.AUTH_EMAIL_SIGNIN_EMAIL_VERIFIED_REQUIRED) {
+    return res.send({ session: null, mfa: null });
   }
 
-  return res.send({ session: null, mfa: null });
+  const signInResponse = await getSignInResponse({
+    userId: user.id,
+    checkMFA: false,
+  });
+
+  return res.send(signInResponse);
 };