From 36cb394491a0f096b2f6852217cfc0b6f2a0056c Mon Sep 17 00:00:00 2001
From: Dipendra Upreti <dipendra@dzangolab.com>
Date: Thu, 11 Apr 2024 17:06:31 +0545
Subject: [PATCH] feat: insert roles and permissions in session

---
 .../config/session/createNewSession.ts        | 41 ++++++++++++++++---
 1 file changed, 36 insertions(+), 5 deletions(-)

diff --git a/packages/user/src/supertokens/recipes/config/session/createNewSession.ts b/packages/user/src/supertokens/recipes/config/session/createNewSession.ts
index 1cb2cca68..5b4e79d82 100644
--- a/packages/user/src/supertokens/recipes/config/session/createNewSession.ts
+++ b/packages/user/src/supertokens/recipes/config/session/createNewSession.ts
@@ -1,5 +1,12 @@
 import getUserService from "../../../../lib/getUserService";
+import RoleService from "../../../../model/roles/service";
 
+import type {
+  Role,
+  RoleCreateInput,
+  RoleUpdateInput,
+  User,
+} from "../../../../types";
 import type { FastifyError, FastifyInstance } from "fastify";
 import type { SessionRequest } from "supertokens-node/framework/fastify";
 import type { RecipeInterface } from "supertokens-node/recipe/session/types";
@@ -17,19 +24,43 @@ const createNewSession = (
     const request = input.userContext._default.request
       .request as SessionRequest;
 
-    const originalResponse = await originalImplementation.createNewSession(
-      input
+    const userService = getUserService(
+      request.config,
+      request.slonik,
+      request.dbSchema
     );
 
-    const userId = originalResponse.getUserId();
+    const user = (await userService.findById(input.userId)) as User;
 
-    const userService = getUserService(
+    const roleService = new RoleService<Role, RoleCreateInput, RoleUpdateInput>(
       request.config,
       request.slonik,
       request.dbSchema
     );
 
-    const user = await userService.findById(userId);
+    const roles = await roleService.list(undefined, undefined, {
+      OR: user.roles.map(({ role }) => ({
+        key: "role",
+        operator: "eq",
+        value: role,
+      })),
+    });
+
+    input.accessTokenPayload = {
+      ...input.accessTokenPayload,
+      "st-role": {
+        v: roles.data.map(({ role }) => role),
+        t: Date.now(),
+      },
+      "st-perm": {
+        v: [...new Set(roles.data.flatMap(({ permissions }) => permissions))],
+        t: Date.now(),
+      },
+    };
+
+    const originalResponse = await originalImplementation.createNewSession(
+      input
+    );
 
     if (user?.disabled) {
       await originalResponse.revokeSession();