@archlast/server 0.1.4 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"system.controller.d.ts","sourceRoot":"","sources":["../../src/controllers/system.controller.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,MAAM,EAAK,MAAM,QAAQ,CAAC;
|
|
1
|
+
{"version":3,"file":"system.controller.d.ts","sourceRoot":"","sources":["../../src/controllers/system.controller.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,MAAM,EAAK,MAAM,QAAQ,CAAC;AAoGnC,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAkMxB,CAAC"}
|
|
@@ -49,14 +49,48 @@ const REVALIDATION_SECRET = process.env.REVALIDATION_SECRET;
|
|
|
49
49
|
const systemService = (0, system_service_js_1.createSystemService)();
|
|
50
50
|
/**
|
|
51
51
|
* Helper to enforce admin authentication for deploy endpoints
|
|
52
|
+
* Supports both session-based auth (cookies) and API key auth (x-api-key header)
|
|
52
53
|
* Returns 401 if auth fails, otherwise returns void
|
|
53
54
|
*/
|
|
54
55
|
async function enforceDeployAuth(request, set, requestPath) {
|
|
55
|
-
const auth =
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
56
|
+
const auth = (0, context_helper_js_1.getBetterAuth)();
|
|
57
|
+
// 1. Try session-based authentication first (cookies)
|
|
58
|
+
const sessionAuth = await (0, role_helpers_js_1.requireAdmin)(auth, request);
|
|
59
|
+
if (sessionAuth) {
|
|
60
|
+
return; // Session auth succeeded
|
|
61
|
+
}
|
|
62
|
+
// 2. Try API key authentication (x-api-key header)
|
|
63
|
+
const apiKey = request.headers.get("x-api-key");
|
|
64
|
+
if (apiKey) {
|
|
65
|
+
try {
|
|
66
|
+
// Verify the API key using Better-Auth
|
|
67
|
+
const result = await auth.api.verifyApiKey({
|
|
68
|
+
body: { key: apiKey },
|
|
69
|
+
});
|
|
70
|
+
if (result?.valid && result?.key) {
|
|
71
|
+
// API key is valid - fetch user from database to check role
|
|
72
|
+
const userId = result.key.userId;
|
|
73
|
+
if (userId) {
|
|
74
|
+
// Fetch user from database using server context
|
|
75
|
+
const serverCtx = (0, context_helper_js_1.getServerContext)();
|
|
76
|
+
const user = await serverCtx.db.get("system_auth_user", userId);
|
|
77
|
+
if (user) {
|
|
78
|
+
const userRole = user.role;
|
|
79
|
+
if (userRole === "admin" || userRole === "super-admin") {
|
|
80
|
+
return; // API key auth succeeded with admin role
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
catch (error) {
|
|
87
|
+
// API key verification failed, fall through to error
|
|
88
|
+
console.error("[Deploy Auth] API key verification error:", error instanceof Error ? error.message : String(error));
|
|
89
|
+
}
|
|
59
90
|
}
|
|
91
|
+
// Both authentication methods failed
|
|
92
|
+
set.status = 401;
|
|
93
|
+
throw new Error("Unauthorized: Admin authentication required. Please either:\n1. Sign in to the dashboard and use session cookies, or\n2. Create an API key in the dashboard (Settings → API Keys) and include it in the x-api-key header.");
|
|
60
94
|
}
|
|
61
95
|
exports.systemController = new elysia_1.Elysia({ tags: ["System"] })
|
|
62
96
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"system.controller.js","sourceRoot":"","sources":["../../src/controllers/system.controller.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;AAEH,mCAAmC;AACnC,
|
|
1
|
+
{"version":3,"file":"system.controller.js","sourceRoot":"","sources":["../../src/controllers/system.controller.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;AAEH,mCAAmC;AACnC,iEAAoF;AACpF,6DAAoE;AACpE,qEAAiF;AAEjF,gBAAgB;AAChB,MAAM,YAAY,GAAG,UAAC,CAAC,MAAM,CAAC;IAC1B,KAAK,EAAE,UAAC,CAAC,KAAK,CACV,UAAC,CAAC,MAAM,CAAC;QACL,QAAQ,EAAE,UAAC,CAAC,MAAM,EAAE;QACpB,IAAI,EAAE,UAAC,CAAC,MAAM,EAAE;KACnB,CAAC,CACL;IACD,SAAS,EAAE,UAAC,CAAC,QAAQ,CAAC,UAAC,CAAC,MAAM,EAAE,CAAC;IACjC,SAAS,EAAE,UAAC,CAAC,QAAQ,CAAC,UAAC,CAAC,GAAG,EAAE,CAAC;IAC9B,MAAM,EAAE,UAAC,CAAC,QAAQ,CAAC,UAAC,CAAC,GAAG,EAAE,CAAC;CAC9B,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,UAAC,CAAC,MAAM,CAAC;IAC/B,SAAS,EAAE,UAAC,CAAC,MAAM,EAAE;IACrB,OAAO,EAAE,UAAC,CAAC,MAAM,CAAC;QACd,KAAK,EAAE,UAAC,CAAC,KAAK,CACV,UAAC,CAAC,MAAM,CAAC;YACL,QAAQ,EAAE,UAAC,CAAC,MAAM,EAAE;YACpB,IAAI,EAAE,UAAC,CAAC,MAAM,EAAE;SACnB,CAAC,CACL;QACD,QAAQ,EAAE,UAAC,CAAC,KAAK,CACb,UAAC,CAAC,MAAM,CAAC;YACL,QAAQ,EAAE,UAAC,CAAC,MAAM,EAAE;YACpB,IAAI,EAAE,UAAC,CAAC,MAAM,EAAE;SACnB,CAAC,CACL;QACD,OAAO,EAAE,UAAC,CAAC,KAAK,CAAC,UAAC,CAAC,MAAM,EAAE,CAAC;KAC/B,CAAC;IACF,YAAY,EAAE,UAAC,CAAC,QAAQ,CAAC,UAAC,CAAC,MAAM,EAAE,CAAC;CACvC,CAAC,CAAC;AAEH,MAAM,gBAAgB,GAAG,UAAC,CAAC,MAAM,CAAC;IAC9B,OAAO,EAAE,UAAC,CAAC,QAAQ,CAAC,UAAC,CAAC,KAAK,CAAC,UAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IACxC,IAAI,EAAE,UAAC,CAAC,QAAQ,CAAC,UAAC,CAAC,KAAK,CAAC,UAAC,CAAC,MAAM,EAAE,CAAC,CAAC;CACxC,CAAC,CAAC;AAEH,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;AAE5D,oCAAoC;AACpC,MAAM,aAAa,GAAG,IAAA,uCAAmB,GAAE,CAAC;AAE5C;;;;GAIG;AACH,KAAK,UAAU,iBAAiB,CAAC,OAAgB,EAAE,GAAQ,EAAE,WAAmB;IAC5E,MAAM,IAAI,GAAG,IAAA,iCAAa,GAAE,CAAC;IAE7B,sDAAsD;IACtD,MAAM,WAAW,GAAG,MAAM,IAAA,8BAAY,EAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IACtD,IAAI,WAAW,EAAE,CAAC;QACd,OAAO,CAAC,yBAAyB;IACrC,CAAC;IAED,mDAAmD;IACnD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAEhD,IAAI,MAAM,EAAE,CAAC;QACT,IAAI,CAAC;YACD,uCAAuC;YACvC,MAAM,MAAM,GAAG,MAAO,IAAY,CAAC,GAAG,CAAC,YAAY,CAAC;gBAChD,IAAI,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE;aACxB,CAAC,CAAC;YAEH,IAAI,MAAM,EAAE,KAAK,IAAI,MAAM,EAAE,GAAG,EAAE,CAAC;gBAC/B,4DAA4D;gBAC5D,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC;gBAEjC,IAAI,MAAM,EAAE,CAAC;oBACT,gDAAgD;oBAChD,MAAM,SAAS,GAAG,IAAA,oCAAgB,GAAE,CAAC;oBACrC,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,EAAE,CAAC,GAAG,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;oBAEhE,IAAI,IAAI,EAAE,CAAC;wBACP,MAAM,QAAQ,GAAI,IAAY,CAAC,IAAI,CAAC;wBACpC,IAAI,QAAQ,KAAK,OAAO,IAAI,QAAQ,KAAK,aAAa,EAAE,CAAC;4BACrD,OAAO,CAAC,yCAAyC;wBACrD,CAAC;oBACL,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,qDAAqD;YACrD,OAAO,CAAC,KAAK,CAAC,2CAA2C,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACvH,CAAC;IACL,CAAC;IAED,qCAAqC;IACrC,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC;IACjB,MAAM,IAAI,KAAK,CAAC,2NAA2N,CAAC,CAAC;AACjP,CAAC;AAEY,QAAA,gBAAgB,GAAG,IAAI,eAAM,CAAC,EAAE,IAAI,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC;IAC5D;;;;OAIG;KACF,GAAG,CACA,kBAAkB,EAClB,KAAK,EAAE,GAAQ,EAAE,EAAE;IACf,MAAM,EAAE,iBAAiB,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,IAAA,0BAAM,EAAC,GAAG,CAAC,CAAC;IAExD,+BAA+B;IAC/B,MAAM,iBAAiB,CAAC,OAAO,EAAE,GAAG,EAAE,4BAA4B,CAAC,CAAC;IAEpE,IAAI,CAAC;QACD,OAAO,aAAa,CAAC,qBAAqB,CAAC,EAAE,iBAAiB,EAAE,CAAC,CAAC;IACtE,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,IAAI,KAAK,YAAY,+BAAW,EAAE,CAAC;YAC/B,GAAG,CAAC,MAAM,GAAG,KAAK,CAAC,UAAU,CAAC;YAC9B,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC;QACpC,CAAC;QACD,MAAM,KAAK,CAAC;IAChB,CAAC;AACL,CAAC,EACD;IACI,MAAM,EAAE,EAAE,OAAO,EAAE,gDAAgD,EAAE;CACxE,CACJ;IACD;;;;OAIG;KACF,IAAI,CACD,SAAS,EACT,KAAK,EAAE,GAAQ,EAAE,EAAE;IACf,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,IAAA,0BAAM,EAAC,GAAG,CAAC,CAAC;IAE5F,+BAA+B;IAC/B,MAAM,iBAAiB,CAAC,OAAO,EAAE,GAAG,EAAE,mBAAmB,CAAC,CAAC;IAE3D,IAAI,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,MAAM,CAAC;YACtC,iBAAiB;YACjB,SAAS;YACT,MAAM,EAAE,SAAS;YACjB,cAAc,EAAE,IAAI;SACvB,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YAClB,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC;QACrB,CAAC;QAED,OAAO,MAAM,CAAC;IAClB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,IAAI,KAAK,YAAY,+BAAW,EAAE,CAAC;YAC/B,GAAG,CAAC,MAAM,GAAG,KAAK,CAAC,UAAU,CAAC;YAC9B,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC;QACpC,CAAC;QACD,MAAM,KAAK,CAAC;IAChB,CAAC;AACL,CAAC,EACD;IACI,IAAI,EAAE,YAAY;IAClB,MAAM,EAAE,EAAE,OAAO,EAAE,gDAAgD,EAAE;CACxE,CACJ;IACD;;;;OAIG;KACF,IAAI,CACD,eAAe,EACf,KAAK,EAAE,GAAQ,EAAE,EAAE;IACf,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,IAAA,0BAAM,EAAC,GAAG,CAAC,CAAC;IAE5F,+BAA+B;IAC/B,MAAM,iBAAiB,CAAC,OAAO,EAAE,GAAG,EAAE,yBAAyB,CAAC,CAAC;IAEjE,IAAI,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,WAAW,CAAC;YAC3C,iBAAiB;YACjB,SAAS;YACT,MAAM,EAAE,SAAS;YACjB,cAAc,EAAE,IAAI;SACvB,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YAClB,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC;QACrB,CAAC;QAED,OAAO,MAAM,CAAC;IAClB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,IAAI,KAAK,YAAY,+BAAW,EAAE,CAAC;YAC/B,GAAG,CAAC,MAAM,GAAG,KAAK,CAAC,UAAU,CAAC;YAC9B,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC;QACpC,CAAC;QACD,MAAM,KAAK,CAAC;IAChB,CAAC;AACL,CAAC,EACD;IACI,IAAI,EAAE,iBAAiB;IACvB,MAAM,EAAE,EAAE,OAAO,EAAE,uDAAuD,EAAE;CAC/E,CACJ;IACD;;;;OAIG;KACF,IAAI,CACD,aAAa,EACb,KAAK,EAAE,GAAQ,EAAE,EAAE;IACf,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,IAAA,0BAAM,EAAC,GAAG,CAAC,CAAC;IAE3E,qEAAqE;IACrE,MAAM,IAAI,GAAG,MAAM,IAAA,8BAAY,EAAC,IAAA,iCAAa,GAAE,EAAE,OAAO,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,IAAI,EAAE,CAAC;IAC/C,MAAM,KAAK,GAAG,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAE1E,iDAAiD;IACjD,MAAM,aAAa,GAAG,mBAAmB,IAAI,KAAK,KAAK,mBAAmB,CAAC;IAC3E,IAAI,CAAC,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QAC1B,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC;QACjB,OAAO,EAAE,KAAK,EAAE,oCAAoC,EAAE,CAAC;IAC3D,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC;QACvC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;QACxD,CAAC,CAAC,EAAE,CAAC;IACT,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;QACjC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;QACrD,CAAC,CAAC,EAAE,CAAC;IAET,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC;QACjB,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC;IACpC,CAAC;IAED,MAAM,aAAa,CAAC,UAAU,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IAEzE,GAAG,CAAC,MAAM,GAAG,GAAG,CAAC;IACjB,OAAO,IAAI,CAAC;AAChB,CAAC,EACD;IACI,IAAI,EAAE,gBAAgB;IACtB,MAAM,EAAE,EAAE,OAAO,EAAE,yCAAyC,EAAE;CACjE,CACJ;IACD;;;;;;;;;;OAUG;KACF,GAAG,CACA,OAAO,EACP,KAAK,EAAE,GAAQ,EAAE,EAAE;IACf,MAAM,EAAE,iBAAiB,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,IAAA,0BAAM,EAAC,GAAG,CAAC,CAAC;IAE/D,+BAA+B;IAC/B,MAAM,iBAAiB,CAAC,OAAO,EAAE,GAAG,EAAE,iBAAiB,CAAC,CAAC;IAEzD,IAAI,CAAC;QACD,OAAO,aAAa,CAAC,mBAAmB,CAAC;YACrC,iBAAiB;YACjB,UAAU,EAAE,KAAK,CAAC,KAAK;YACvB,QAAQ,EAAE,KAAK,CAAC,IAAI,KAAK,MAAM;YAC/B,WAAW,EAAE,KAAK,CAAC,OAAO,KAAK,MAAM;YACrC,gBAAgB,EAAE,KAAK,CAAC,MAAM;SACjC,CAAC,CAAC;IACP,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,IAAI,KAAK,YAAY,+BAAW,EAAE,CAAC;YAC/B,GAAG,CAAC,MAAM,GAAG,KAAK,CAAC,UAAU,CAAC;YAC9B,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC;QACpC,CAAC;QACD,MAAM,KAAK,CAAC;IAChB,CAAC;AACL,CAAC,EACD;IACI,KAAK,EAAE,UAAC,CAAC,MAAM,CAAC;QACZ,KAAK,EAAE,UAAC,CAAC,QAAQ,CAAC,UAAC,CAAC,MAAM,EAAE,CAAC;QAC7B,IAAI,EAAE,UAAC,CAAC,QAAQ,CAAC,UAAC,CAAC,MAAM,EAAE,CAAC;QAC5B,MAAM,EAAE,UAAC,CAAC,QAAQ,CAAC,UAAC,CAAC,MAAM,EAAE,CAAC;QAC9B,OAAO,EAAE,UAAC,CAAC,QAAQ,CAAC,UAAC,CAAC,MAAM,EAAE,CAAC;KAClC,CAAC;IACF,MAAM,EAAE,EAAE,OAAO,EAAE,8CAA8C,EAAE;CACtE,CACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -10,7 +10,7 @@ services:
|
|
|
10
10
|
volumes:
|
|
11
11
|
- ${ARCHLAST_DATA_VOLUME:-archlast-data}:/data
|
|
12
12
|
- ./config:/config:ro
|
|
13
|
-
- ./.archlast-deploy:/app/server/.archlast-deploy:
|
|
13
|
+
- ./.archlast-deploy:/app/server/.archlast-deploy:rw
|
|
14
14
|
environment:
|
|
15
15
|
- NODE_ENV=${NODE_ENV:-development}
|
|
16
16
|
- PORT=${PORT:-4000}
|