@atproto/pds 0.5.11 → 0.5.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +46 -0
- package/dist/api/app/bsky/notification/index.d.ts.map +1 -1
- package/dist/api/app/bsky/notification/index.js +2 -0
- package/dist/api/app/bsky/notification/index.js.map +1 -1
- package/dist/api/app/bsky/notification/unregisterPush.d.ts +4 -0
- package/dist/api/app/bsky/notification/unregisterPush.d.ts.map +1 -0
- package/dist/api/app/bsky/notification/unregisterPush.js +48 -0
- package/dist/api/app/bsky/notification/unregisterPush.js.map +1 -0
- package/package.json +42 -38
- package/build.templates.cjs +0 -22
- package/example.env +0 -42
- package/jest.config.cjs +0 -27
- package/src/account-manager/account-manager.ts +0 -916
- package/src/account-manager/db/index.ts +0 -21
- package/src/account-manager/db/migrations/001-init.ts +0 -115
- package/src/account-manager/db/migrations/002-account-deactivation.ts +0 -17
- package/src/account-manager/db/migrations/003-privileged-app-passwords.ts +0 -12
- package/src/account-manager/db/migrations/004-oauth.ts +0 -122
- package/src/account-manager/db/migrations/005-oauth-account-management.ts +0 -136
- package/src/account-manager/db/migrations/006-oauth-permission-sets.ts +0 -20
- package/src/account-manager/db/migrations/007-lexicon-failures-index.ts +0 -14
- package/src/account-manager/db/migrations/index.ts +0 -17
- package/src/account-manager/db/schema/account-device.ts +0 -14
- package/src/account-manager/db/schema/account.ts +0 -16
- package/src/account-manager/db/schema/actor.ts +0 -17
- package/src/account-manager/db/schema/app-password.ts +0 -13
- package/src/account-manager/db/schema/authorization-request.ts +0 -30
- package/src/account-manager/db/schema/authorized-client.ts +0 -23
- package/src/account-manager/db/schema/device.ts +0 -18
- package/src/account-manager/db/schema/email-token.ts +0 -19
- package/src/account-manager/db/schema/index.ts +0 -43
- package/src/account-manager/db/schema/invite-code.ts +0 -24
- package/src/account-manager/db/schema/lexicon.ts +0 -15
- package/src/account-manager/db/schema/refresh-token.ts +0 -11
- package/src/account-manager/db/schema/repo-root.ts +0 -12
- package/src/account-manager/db/schema/token.ts +0 -38
- package/src/account-manager/db/schema/used-refresh-token.ts +0 -13
- package/src/account-manager/helpers/account-device.ts +0 -63
- package/src/account-manager/helpers/account.ts +0 -355
- package/src/account-manager/helpers/auth.ts +0 -222
- package/src/account-manager/helpers/authorization-request.ts +0 -90
- package/src/account-manager/helpers/authorized-client.ts +0 -75
- package/src/account-manager/helpers/device.ts +0 -47
- package/src/account-manager/helpers/email-token.ts +0 -87
- package/src/account-manager/helpers/invite.ts +0 -263
- package/src/account-manager/helpers/lexicon.ts +0 -67
- package/src/account-manager/helpers/password.ts +0 -136
- package/src/account-manager/helpers/repo.ts +0 -24
- package/src/account-manager/helpers/scrypt.ts +0 -53
- package/src/account-manager/helpers/token.ts +0 -158
- package/src/account-manager/helpers/used-refresh-token.ts +0 -30
- package/src/account-manager/oauth-store.ts +0 -880
- package/src/account-manager/scope-reference-getter.ts +0 -106
- package/src/actor-store/actor-store-reader.ts +0 -45
- package/src/actor-store/actor-store-resources.ts +0 -8
- package/src/actor-store/actor-store-transactor.ts +0 -31
- package/src/actor-store/actor-store-writer.ts +0 -17
- package/src/actor-store/actor-store.ts +0 -210
- package/src/actor-store/blob/reader.ts +0 -160
- package/src/actor-store/blob/transactor.ts +0 -383
- package/src/actor-store/db/index.ts +0 -20
- package/src/actor-store/db/migrations/001-init.ts +0 -105
- package/src/actor-store/db/migrations/index.ts +0 -5
- package/src/actor-store/db/schema/account-pref.ts +0 -11
- package/src/actor-store/db/schema/backlink.ts +0 -9
- package/src/actor-store/db/schema/blob.ts +0 -14
- package/src/actor-store/db/schema/index.ts +0 -23
- package/src/actor-store/db/schema/record-blob.ts +0 -8
- package/src/actor-store/db/schema/record.ts +0 -14
- package/src/actor-store/db/schema/repo-block.ts +0 -10
- package/src/actor-store/db/schema/repo-root.ts +0 -10
- package/src/actor-store/migrate.ts +0 -39
- package/src/actor-store/preference/reader.ts +0 -48
- package/src/actor-store/preference/transactor.ts +0 -55
- package/src/actor-store/preference/util.ts +0 -39
- package/src/actor-store/record/reader.ts +0 -374
- package/src/actor-store/record/transactor.ts +0 -111
- package/src/actor-store/repo/reader.ts +0 -31
- package/src/actor-store/repo/sql-repo-reader.ts +0 -150
- package/src/actor-store/repo/sql-repo-transactor.ts +0 -105
- package/src/actor-store/repo/transactor.ts +0 -227
- package/src/api/app/bsky/actor/getPreferences.ts +0 -57
- package/src/api/app/bsky/actor/getProfile.ts +0 -41
- package/src/api/app/bsky/actor/getProfiles.ts +0 -51
- package/src/api/app/bsky/actor/index.ts +0 -13
- package/src/api/app/bsky/actor/putPreferences.ts +0 -62
- package/src/api/app/bsky/feed/getActorLikes.ts +0 -63
- package/src/api/app/bsky/feed/getAuthorFeed.ts +0 -84
- package/src/api/app/bsky/feed/getFeed.ts +0 -47
- package/src/api/app/bsky/feed/getPostThread.ts +0 -251
- package/src/api/app/bsky/feed/getTimeline.ts +0 -50
- package/src/api/app/bsky/feed/index.ts +0 -15
- package/src/api/app/bsky/index.ts +0 -11
- package/src/api/app/bsky/notification/index.ts +0 -7
- package/src/api/app/bsky/notification/registerPush.ts +0 -71
- package/src/api/app/bsky/util/resolver.ts +0 -20
- package/src/api/com/atproto/admin/deleteAccount.ts +0 -22
- package/src/api/com/atproto/admin/disableAccountInvites.ts +0 -18
- package/src/api/com/atproto/admin/disableInviteCodes.ts +0 -21
- package/src/api/com/atproto/admin/enableAccountInvites.ts +0 -18
- package/src/api/com/atproto/admin/getAccountInfo.ts +0 -32
- package/src/api/com/atproto/admin/getAccountInfos.ts +0 -34
- package/src/api/com/atproto/admin/getInviteCodes.ts +0 -126
- package/src/api/com/atproto/admin/getSubjectStatus.ts +0 -76
- package/src/api/com/atproto/admin/index.ts +0 -31
- package/src/api/com/atproto/admin/sendEmail.ts +0 -47
- package/src/api/com/atproto/admin/updateAccountEmail.ts +0 -32
- package/src/api/com/atproto/admin/updateAccountHandle.ts +0 -47
- package/src/api/com/atproto/admin/updateAccountPassword.ts +0 -34
- package/src/api/com/atproto/admin/updateSubjectStatus.ts +0 -68
- package/src/api/com/atproto/admin/util.ts +0 -66
- package/src/api/com/atproto/identity/getRecommendedDidCredentials.ts +0 -50
- package/src/api/com/atproto/identity/index.ts +0 -17
- package/src/api/com/atproto/identity/requestPlcOperationSignature.ts +0 -59
- package/src/api/com/atproto/identity/resolveHandle.ts +0 -50
- package/src/api/com/atproto/identity/signPlcOperation.ts +0 -85
- package/src/api/com/atproto/identity/submitPlcOperation.ts +0 -65
- package/src/api/com/atproto/identity/updateHandle.ts +0 -66
- package/src/api/com/atproto/index.ts +0 -19
- package/src/api/com/atproto/moderation/createReport.ts +0 -41
- package/src/api/com/atproto/moderation/index.ts +0 -7
- package/src/api/com/atproto/repo/applyWrites.ts +0 -226
- package/src/api/com/atproto/repo/createRecord.ts +0 -143
- package/src/api/com/atproto/repo/deleteRecord.ts +0 -122
- package/src/api/com/atproto/repo/describeRepo.ts +0 -43
- package/src/api/com/atproto/repo/getRecord.ts +0 -40
- package/src/api/com/atproto/repo/importRepo.ts +0 -101
- package/src/api/com/atproto/repo/index.ts +0 -25
- package/src/api/com/atproto/repo/listMissingBlobs.ts +0 -29
- package/src/api/com/atproto/repo/listRecords.ts +0 -36
- package/src/api/com/atproto/repo/putRecord.ts +0 -211
- package/src/api/com/atproto/repo/uploadBlob.ts +0 -60
- package/src/api/com/atproto/server/activateAccount.ts +0 -37
- package/src/api/com/atproto/server/checkAccountStatus.ts +0 -51
- package/src/api/com/atproto/server/confirmEmail.ts +0 -39
- package/src/api/com/atproto/server/createAccount.ts +0 -327
- package/src/api/com/atproto/server/createAppPassword.ts +0 -53
- package/src/api/com/atproto/server/createInviteCode.ts +0 -38
- package/src/api/com/atproto/server/createInviteCodes.ts +0 -42
- package/src/api/com/atproto/server/createSession.ts +0 -97
- package/src/api/com/atproto/server/deactivateAccount.ts +0 -41
- package/src/api/com/atproto/server/deleteAccount.ts +0 -85
- package/src/api/com/atproto/server/deleteSession.ts +0 -23
- package/src/api/com/atproto/server/describeServer.ts +0 -29
- package/src/api/com/atproto/server/getAccountInviteCodes.ts +0 -142
- package/src/api/com/atproto/server/getServiceAuth.ts +0 -111
- package/src/api/com/atproto/server/getSession.ts +0 -80
- package/src/api/com/atproto/server/index.ts +0 -55
- package/src/api/com/atproto/server/listAppPasswords.ts +0 -45
- package/src/api/com/atproto/server/refreshSession.ts +0 -72
- package/src/api/com/atproto/server/requestAccountDelete.ts +0 -66
- package/src/api/com/atproto/server/requestEmailConfirmation.ts +0 -68
- package/src/api/com/atproto/server/requestEmailUpdate.ts +0 -86
- package/src/api/com/atproto/server/requestPasswordReset.ts +0 -52
- package/src/api/com/atproto/server/reserveSigningKey.ts +0 -15
- package/src/api/com/atproto/server/resetPassword.ts +0 -50
- package/src/api/com/atproto/server/revokeAppPassword.ts +0 -42
- package/src/api/com/atproto/server/updateEmail.ts +0 -52
- package/src/api/com/atproto/server/util.ts +0 -136
- package/src/api/com/atproto/sync/deprecated/getCheckout.ts +0 -27
- package/src/api/com/atproto/sync/deprecated/getHead.ts +0 -33
- package/src/api/com/atproto/sync/getBlob.ts +0 -61
- package/src/api/com/atproto/sync/getBlocks.ts +0 -37
- package/src/api/com/atproto/sync/getLatestCommit.ts +0 -33
- package/src/api/com/atproto/sync/getRecord.ts +0 -49
- package/src/api/com/atproto/sync/getRepo.ts +0 -75
- package/src/api/com/atproto/sync/getRepoStatus.ts +0 -34
- package/src/api/com/atproto/sync/index.ts +0 -27
- package/src/api/com/atproto/sync/listBlobs.ts +0 -33
- package/src/api/com/atproto/sync/listRepos.ts +0 -74
- package/src/api/com/atproto/sync/subscribeRepos.ts +0 -73
- package/src/api/com/atproto/sync/util.ts +0 -37
- package/src/api/com/atproto/temp/checkSignupQueue.ts +0 -34
- package/src/api/com/atproto/temp/index.ts +0 -7
- package/src/api/index.ts +0 -10
- package/src/api/proxy.ts +0 -44
- package/src/app-view.ts +0 -24
- package/src/auth-output.ts +0 -52
- package/src/auth-routes.ts +0 -64
- package/src/auth-scope.ts +0 -40
- package/src/auth-verifier.ts +0 -668
- package/src/background.ts +0 -65
- package/src/basic-routes.ts +0 -52
- package/src/bsky-app-view.ts +0 -33
- package/src/config/config.ts +0 -553
- package/src/config/env.ts +0 -167
- package/src/config/index.ts +0 -3
- package/src/config/secrets.ts +0 -54
- package/src/context.ts +0 -523
- package/src/crawlers.ts +0 -46
- package/src/db/cast.ts +0 -52
- package/src/db/db.ts +0 -140
- package/src/db/index.ts +0 -4
- package/src/db/migrator.ts +0 -40
- package/src/db/pagination.ts +0 -132
- package/src/db/tables/moderation.ts +0 -80
- package/src/db/util.ts +0 -108
- package/src/did-cache/db/index.ts +0 -21
- package/src/did-cache/db/migrations.ts +0 -17
- package/src/did-cache/db/schema.ts +0 -9
- package/src/did-cache/index.ts +0 -131
- package/src/disk-blobstore.ts +0 -172
- package/src/error.ts +0 -19
- package/src/handle/explicit-slurs.ts +0 -22
- package/src/handle/index.ts +0 -49
- package/src/handle/reserved.ts +0 -1059
- package/src/image/image-url-builder.ts +0 -16
- package/src/index.ts +0 -189
- package/src/lexicons.ts +0 -4
- package/src/logger.ts +0 -35
- package/src/mailer/index.ts +0 -111
- package/src/mailer/moderation.ts +0 -33
- package/src/mailer/templates/confirm-email.d.ts +0 -4
- package/src/mailer/templates/confirm-email.hbs +0 -158
- package/src/mailer/templates/delete-account.d.ts +0 -4
- package/src/mailer/templates/delete-account.hbs +0 -156
- package/src/mailer/templates/plc-operation.d.ts +0 -4
- package/src/mailer/templates/plc-operation.hbs +0 -153
- package/src/mailer/templates/reset-password.d.ts +0 -4
- package/src/mailer/templates/reset-password.hbs +0 -154
- package/src/mailer/templates/update-email.d.ts +0 -4
- package/src/mailer/templates/update-email.hbs +0 -153
- package/src/mailer/templates.ts +0 -17
- package/src/pipethrough.ts +0 -716
- package/src/rate-limits.ts +0 -59
- package/src/read-after-write/index.ts +0 -3
- package/src/read-after-write/types.ts +0 -35
- package/src/read-after-write/util.ts +0 -101
- package/src/read-after-write/viewer.ts +0 -290
- package/src/redis.ts +0 -25
- package/src/repo/index.ts +0 -2
- package/src/repo/prepare.ts +0 -266
- package/src/repo/types.ts +0 -65
- package/src/scripts/README.md +0 -40
- package/src/scripts/index.ts +0 -20
- package/src/scripts/publish-identity.ts +0 -60
- package/src/scripts/rebuild-repo.ts +0 -119
- package/src/scripts/rotate-keys.ts +0 -146
- package/src/scripts/sequencer-recovery/index.ts +0 -23
- package/src/scripts/sequencer-recovery/recoverer.ts +0 -297
- package/src/scripts/sequencer-recovery/recovery-db.ts +0 -65
- package/src/scripts/sequencer-recovery/repair-repos.ts +0 -49
- package/src/scripts/sequencer-recovery/user-queues.ts +0 -44
- package/src/scripts/util.ts +0 -7
- package/src/sequencer/db/index.ts +0 -21
- package/src/sequencer/db/migrations/001-init.ts +0 -35
- package/src/sequencer/db/migrations/index.ts +0 -5
- package/src/sequencer/db/schema.ts +0 -19
- package/src/sequencer/events.ts +0 -199
- package/src/sequencer/index.ts +0 -3
- package/src/sequencer/outbox.ts +0 -123
- package/src/sequencer/sequencer.ts +0 -290
- package/src/util/compression.ts +0 -16
- package/src/util/debug.ts +0 -10
- package/src/util/http.ts +0 -31
- package/src/util/types.ts +0 -7
- package/src/well-known.ts +0 -30
- package/test.env +0 -2
- package/tests/__snapshots__/takedown-appeal.test.ts.snap +0 -43
- package/tests/_oauth_client_assets_middleware.ts +0 -23
- package/tests/_puppeteer.ts +0 -147
- package/tests/_types.d.ts +0 -16
- package/tests/_util.ts +0 -191
- package/tests/account-deactivation.test.ts +0 -204
- package/tests/account-deletion.test.ts +0 -300
- package/tests/account-manager.test.ts +0 -462
- package/tests/account-migration.test.ts +0 -221
- package/tests/account-status.test.ts +0 -206
- package/tests/account.test.ts +0 -595
- package/tests/app-passwords.test.ts +0 -262
- package/tests/auth.test.ts +0 -405
- package/tests/blob-deletes.test.ts +0 -204
- package/tests/create-post.test.ts +0 -79
- package/tests/crud.test.ts +0 -1595
- package/tests/db.test.ts +0 -170
- package/tests/email-confirmation.test.ts +0 -227
- package/tests/entryway-mock.ts +0 -323
- package/tests/entryway.test.ts +0 -145
- package/tests/file-uploads.test.ts +0 -301
- package/tests/get-service-auth.test.ts +0 -81
- package/tests/handle-validation.test.ts +0 -56
- package/tests/handles.test.ts +0 -274
- package/tests/invite-codes.test.ts +0 -367
- package/tests/invites-admin.test.ts +0 -252
- package/tests/moderation.test.ts +0 -280
- package/tests/moderator-auth.test.ts +0 -177
- package/tests/oauth.test.ts +0 -334
- package/tests/plc-operations.test.ts +0 -239
- package/tests/preferences.test.ts +0 -352
- package/tests/proxied/__snapshots__/admin.test.ts.snap +0 -516
- package/tests/proxied/__snapshots__/feedgen.test.ts.snap +0 -215
- package/tests/proxied/__snapshots__/views.test.ts.snap +0 -4456
- package/tests/proxied/admin.test.ts +0 -340
- package/tests/proxied/feedgen.test.ts +0 -66
- package/tests/proxied/notif.test.ts +0 -85
- package/tests/proxied/procedures.test.ts +0 -175
- package/tests/proxied/proxy-catchall.test.ts +0 -256
- package/tests/proxied/proxy-header.test.ts +0 -239
- package/tests/proxied/proxy-oauth-aud.test.ts +0 -182
- package/tests/proxied/read-after-write.test.ts +0 -382
- package/tests/proxied/views.test.ts +0 -608
- package/tests/races.test.ts +0 -89
- package/tests/rate-limits.test.ts +0 -70
- package/tests/recovery.test.ts +0 -180
- package/tests/seeds/basic.ts +0 -165
- package/tests/seeds/follows.ts +0 -57
- package/tests/seeds/likes.ts +0 -14
- package/tests/seeds/reposts.ts +0 -18
- package/tests/seeds/thread.ts +0 -40
- package/tests/seeds/users-bulk.ts +0 -246
- package/tests/seeds/users.ts +0 -67
- package/tests/sequencer.test.ts +0 -251
- package/tests/server.test.ts +0 -151
- package/tests/sync/invertible-ops.test.ts +0 -99
- package/tests/sync/list.test.ts +0 -43
- package/tests/sync/subscribe-repos.test.ts +0 -672
- package/tests/sync/sync.test.ts +0 -316
- package/tests/takedown-appeal.test.ts +0 -166
- package/tsconfig.build.json +0 -9
- package/tsconfig.build.tsbuildinfo +0 -1
- package/tsconfig.json +0 -7
- package/tsconfig.tests.json +0 -8
|
@@ -1,43 +0,0 @@
|
|
|
1
|
-
import * as accountDevice from './account-device.js'
|
|
2
|
-
import * as account from './account.js'
|
|
3
|
-
import * as actor from './actor.js'
|
|
4
|
-
import * as appPassword from './app-password.js'
|
|
5
|
-
import * as oauthRequest from './authorization-request.js'
|
|
6
|
-
import * as authorizedClient from './authorized-client.js'
|
|
7
|
-
import * as device from './device.js'
|
|
8
|
-
import * as emailToken from './email-token.js'
|
|
9
|
-
import * as inviteCode from './invite-code.js'
|
|
10
|
-
import * as lexicon from './lexicon.js'
|
|
11
|
-
import * as refreshToken from './refresh-token.js'
|
|
12
|
-
import * as repoRoot from './repo-root.js'
|
|
13
|
-
import * as token from './token.js'
|
|
14
|
-
import * as usedRefreshToken from './used-refresh-token.js'
|
|
15
|
-
|
|
16
|
-
export type DatabaseSchema = actor.PartialDB &
|
|
17
|
-
account.PartialDB &
|
|
18
|
-
accountDevice.PartialDB &
|
|
19
|
-
authorizedClient.PartialDB &
|
|
20
|
-
device.PartialDB &
|
|
21
|
-
oauthRequest.PartialDB &
|
|
22
|
-
token.PartialDB &
|
|
23
|
-
usedRefreshToken.PartialDB &
|
|
24
|
-
refreshToken.PartialDB &
|
|
25
|
-
appPassword.PartialDB &
|
|
26
|
-
repoRoot.PartialDB &
|
|
27
|
-
inviteCode.PartialDB &
|
|
28
|
-
lexicon.PartialDB &
|
|
29
|
-
emailToken.PartialDB
|
|
30
|
-
|
|
31
|
-
export type { Actor, ActorEntry } from './actor.js'
|
|
32
|
-
export type { Account, AccountEntry } from './account.js'
|
|
33
|
-
export type { AccountDevice } from './account-device.js'
|
|
34
|
-
export type { Device } from './device.js'
|
|
35
|
-
export type { AuthorizationRequest } from './authorization-request.js'
|
|
36
|
-
export type { Token } from './token.js'
|
|
37
|
-
export type { Lexicon } from './lexicon.js'
|
|
38
|
-
export type { UsedRefreshToken } from './used-refresh-token.js'
|
|
39
|
-
export type { RepoRoot } from './repo-root.js'
|
|
40
|
-
export type { RefreshToken } from './refresh-token.js'
|
|
41
|
-
export type { AppPassword } from './app-password.js'
|
|
42
|
-
export type { InviteCode, InviteCodeUse } from './invite-code.js'
|
|
43
|
-
export type { EmailToken, EmailTokenPurpose } from './email-token.js'
|
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
import { DatetimeString, DidString } from '@atproto/lex'
|
|
2
|
-
|
|
3
|
-
export interface InviteCode {
|
|
4
|
-
code: string
|
|
5
|
-
availableUses: number
|
|
6
|
-
disabled: 0 | 1
|
|
7
|
-
forAccount: string
|
|
8
|
-
createdBy: string
|
|
9
|
-
createdAt: DatetimeString
|
|
10
|
-
}
|
|
11
|
-
|
|
12
|
-
export interface InviteCodeUse {
|
|
13
|
-
code: string
|
|
14
|
-
usedBy: DidString
|
|
15
|
-
usedAt: DatetimeString
|
|
16
|
-
}
|
|
17
|
-
|
|
18
|
-
export const tableName = 'invite_code'
|
|
19
|
-
export const supportingTableName = 'invite_code_use'
|
|
20
|
-
|
|
21
|
-
export type PartialDB = {
|
|
22
|
-
[tableName]: InviteCode
|
|
23
|
-
[supportingTableName]: InviteCodeUse
|
|
24
|
-
}
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
import type { LexiconDocument } from '@atproto/oauth-provider'
|
|
2
|
-
import { DateISO, JsonEncoded } from '../../../db/cast.js'
|
|
3
|
-
|
|
4
|
-
export interface Lexicon {
|
|
5
|
-
nsid: string
|
|
6
|
-
createdAt: DateISO
|
|
7
|
-
updatedAt: DateISO
|
|
8
|
-
lastSucceededAt: null | DateISO
|
|
9
|
-
uri: null | string
|
|
10
|
-
lexicon: null | JsonEncoded<LexiconDocument>
|
|
11
|
-
}
|
|
12
|
-
|
|
13
|
-
export const tableName = 'lexicon'
|
|
14
|
-
|
|
15
|
-
export type PartialDB = { [tableName]: Lexicon }
|
|
@@ -1,38 +0,0 @@
|
|
|
1
|
-
import { Generated, Selectable } from 'kysely'
|
|
2
|
-
import {
|
|
3
|
-
ClientAuth,
|
|
4
|
-
ClientAuthLegacy,
|
|
5
|
-
Code,
|
|
6
|
-
DeviceId,
|
|
7
|
-
Did,
|
|
8
|
-
OAuthAuthorizationDetails,
|
|
9
|
-
OAuthAuthorizationRequestParameters,
|
|
10
|
-
OAuthClientId,
|
|
11
|
-
RefreshToken,
|
|
12
|
-
TokenId,
|
|
13
|
-
} from '@atproto/oauth-provider'
|
|
14
|
-
import { DateISO, JsonEncoded } from '../../../db/cast.js'
|
|
15
|
-
|
|
16
|
-
export interface Token {
|
|
17
|
-
id: Generated<number>
|
|
18
|
-
did: Did
|
|
19
|
-
|
|
20
|
-
tokenId: TokenId
|
|
21
|
-
createdAt: DateISO
|
|
22
|
-
updatedAt: DateISO
|
|
23
|
-
expiresAt: DateISO
|
|
24
|
-
clientId: OAuthClientId
|
|
25
|
-
clientAuth: JsonEncoded<ClientAuth | ClientAuthLegacy>
|
|
26
|
-
deviceId: DeviceId | null
|
|
27
|
-
parameters: JsonEncoded<OAuthAuthorizationRequestParameters>
|
|
28
|
-
details: JsonEncoded<OAuthAuthorizationDetails> | null
|
|
29
|
-
code: Code | null
|
|
30
|
-
currentRefreshToken: RefreshToken | null
|
|
31
|
-
scope: string | null
|
|
32
|
-
}
|
|
33
|
-
|
|
34
|
-
export type TokenEntry = Selectable<Token>
|
|
35
|
-
|
|
36
|
-
export const tableName = 'token'
|
|
37
|
-
|
|
38
|
-
export type PartialDB = { [tableName]: Token }
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
import { Selectable } from 'kysely'
|
|
2
|
-
import { RefreshToken } from '@atproto/oauth-provider'
|
|
3
|
-
|
|
4
|
-
export interface UsedRefreshToken {
|
|
5
|
-
tokenId: number
|
|
6
|
-
refreshToken: RefreshToken
|
|
7
|
-
}
|
|
8
|
-
|
|
9
|
-
export type UsedRefreshTokenEntry = Selectable<UsedRefreshToken>
|
|
10
|
-
|
|
11
|
-
export const tableName = 'used_refresh_token'
|
|
12
|
-
|
|
13
|
-
export type PartialDB = { [tableName]: UsedRefreshToken }
|
|
@@ -1,63 +0,0 @@
|
|
|
1
|
-
import assert from 'node:assert'
|
|
2
|
-
import { DeviceId, Did } from '@atproto/oauth-provider'
|
|
3
|
-
import { toDateISO } from '../../db/index.js'
|
|
4
|
-
import { AccountDb } from '../db/index.js'
|
|
5
|
-
import { selectAccountQB } from './account.js'
|
|
6
|
-
|
|
7
|
-
export function upsertQB(db: AccountDb, deviceId: DeviceId, did: string) {
|
|
8
|
-
const now = new Date()
|
|
9
|
-
|
|
10
|
-
return db.db
|
|
11
|
-
.insertInto('account_device')
|
|
12
|
-
.values({
|
|
13
|
-
did,
|
|
14
|
-
deviceId,
|
|
15
|
-
createdAt: toDateISO(now),
|
|
16
|
-
updatedAt: toDateISO(now),
|
|
17
|
-
})
|
|
18
|
-
.onConflict((oc) =>
|
|
19
|
-
// uses pk
|
|
20
|
-
oc.columns(['deviceId', 'did']).doUpdateSet({
|
|
21
|
-
updatedAt: toDateISO(now),
|
|
22
|
-
}),
|
|
23
|
-
)
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
export function selectQB(
|
|
27
|
-
db: AccountDb,
|
|
28
|
-
filter: { did?: Did; deviceId?: DeviceId },
|
|
29
|
-
) {
|
|
30
|
-
assert(
|
|
31
|
-
filter.did != null || filter.deviceId != null,
|
|
32
|
-
'Either sub or deviceId must be provided',
|
|
33
|
-
)
|
|
34
|
-
|
|
35
|
-
return (
|
|
36
|
-
selectAccountQB(db, { includeDeactivated: true })
|
|
37
|
-
// note: query planner should use "account_device_pk" index
|
|
38
|
-
.innerJoin('account_device', 'account_device.did', 'actor.did')
|
|
39
|
-
.select([
|
|
40
|
-
'account_device.deviceId',
|
|
41
|
-
'account_device.createdAt as adCreatedAt',
|
|
42
|
-
'account_device.updatedAt as adUpdatedAt',
|
|
43
|
-
])
|
|
44
|
-
.innerJoin('device', 'device.id', 'account_device.deviceId')
|
|
45
|
-
.select([
|
|
46
|
-
'device.sessionId',
|
|
47
|
-
'device.userAgent',
|
|
48
|
-
'device.ipAddress',
|
|
49
|
-
'device.lastSeenAt',
|
|
50
|
-
])
|
|
51
|
-
.$if(filter.did != null, (qb) => qb.where('actor.did', '=', filter.did!))
|
|
52
|
-
.$if(filter.deviceId != null, (qb) =>
|
|
53
|
-
qb.where('account_device.deviceId', '=', filter.deviceId!),
|
|
54
|
-
)
|
|
55
|
-
)
|
|
56
|
-
}
|
|
57
|
-
|
|
58
|
-
export function removeQB(db: AccountDb, deviceId: DeviceId, did: string) {
|
|
59
|
-
return db.db
|
|
60
|
-
.deleteFrom('account_device')
|
|
61
|
-
.where('deviceId', '=', deviceId)
|
|
62
|
-
.where('did', '=', did)
|
|
63
|
-
}
|
|
@@ -1,355 +0,0 @@
|
|
|
1
|
-
import { DAY } from '@atproto/common'
|
|
2
|
-
import {
|
|
3
|
-
AtIdentifierString,
|
|
4
|
-
DatetimeString,
|
|
5
|
-
DidString,
|
|
6
|
-
HandleString,
|
|
7
|
-
currentDatetimeString,
|
|
8
|
-
isDidIdentifier,
|
|
9
|
-
} from '@atproto/lex'
|
|
10
|
-
import { isErrUniqueViolation, notSoftDeletedClause } from '../../db/index.js'
|
|
11
|
-
import { com } from '../../lexicons/index.js'
|
|
12
|
-
import { AccountDb, ActorEntry } from '../db/index.js'
|
|
13
|
-
|
|
14
|
-
export class UserAlreadyExistsError extends Error {
|
|
15
|
-
name = 'UserAlreadyExistsError'
|
|
16
|
-
constructor(
|
|
17
|
-
message = 'This email address is already in use, please use a different email.',
|
|
18
|
-
options?: ErrorOptions,
|
|
19
|
-
) {
|
|
20
|
-
super(message, options)
|
|
21
|
-
}
|
|
22
|
-
}
|
|
23
|
-
|
|
24
|
-
export type ActorAccount = ActorEntry & {
|
|
25
|
-
email: string | null
|
|
26
|
-
emailConfirmedAt: string | null
|
|
27
|
-
invitesDisabled: 0 | 1 | null
|
|
28
|
-
}
|
|
29
|
-
|
|
30
|
-
export type AvailabilityFlags = {
|
|
31
|
-
includeTakenDown?: boolean
|
|
32
|
-
includeDeactivated?: boolean
|
|
33
|
-
}
|
|
34
|
-
|
|
35
|
-
export enum AccountStatus {
|
|
36
|
-
Active = 'active',
|
|
37
|
-
Takendown = 'takendown',
|
|
38
|
-
Suspended = 'suspended',
|
|
39
|
-
Deleted = 'deleted',
|
|
40
|
-
Deactivated = 'deactivated',
|
|
41
|
-
}
|
|
42
|
-
|
|
43
|
-
export const selectAccountQB = (db: AccountDb, flags?: AvailabilityFlags) => {
|
|
44
|
-
const { includeTakenDown = false, includeDeactivated = false } = flags ?? {}
|
|
45
|
-
const { ref } = db.db.dynamic
|
|
46
|
-
return db.db
|
|
47
|
-
.selectFrom('actor')
|
|
48
|
-
.leftJoin('account', 'actor.did', 'account.did')
|
|
49
|
-
.$if(!includeTakenDown, (qb) =>
|
|
50
|
-
qb.where(notSoftDeletedClause(ref('actor'))),
|
|
51
|
-
)
|
|
52
|
-
.$if(!includeDeactivated, (qb) =>
|
|
53
|
-
qb.where('actor.deactivatedAt', 'is', null),
|
|
54
|
-
)
|
|
55
|
-
.select([
|
|
56
|
-
'actor.did',
|
|
57
|
-
'actor.handle',
|
|
58
|
-
'actor.createdAt',
|
|
59
|
-
'actor.takedownRef',
|
|
60
|
-
'actor.deactivatedAt',
|
|
61
|
-
'actor.deleteAfter',
|
|
62
|
-
'account.email',
|
|
63
|
-
'account.emailConfirmedAt',
|
|
64
|
-
'account.invitesDisabled',
|
|
65
|
-
])
|
|
66
|
-
}
|
|
67
|
-
|
|
68
|
-
export const getAccount = async (
|
|
69
|
-
db: AccountDb,
|
|
70
|
-
handleOrDid: AtIdentifierString,
|
|
71
|
-
flags?: AvailabilityFlags,
|
|
72
|
-
): Promise<ActorAccount | null> => {
|
|
73
|
-
const found = await selectAccountQB(db, flags)
|
|
74
|
-
.where((eb) => {
|
|
75
|
-
if (isDidIdentifier(handleOrDid)) {
|
|
76
|
-
return eb('actor.did', '=', handleOrDid)
|
|
77
|
-
} else {
|
|
78
|
-
return eb('actor.handle', '=', handleOrDid)
|
|
79
|
-
}
|
|
80
|
-
})
|
|
81
|
-
.executeTakeFirst()
|
|
82
|
-
return found || null
|
|
83
|
-
}
|
|
84
|
-
|
|
85
|
-
export const getAccounts = async (
|
|
86
|
-
db: AccountDb,
|
|
87
|
-
dids: DidString[],
|
|
88
|
-
flags?: AvailabilityFlags,
|
|
89
|
-
): Promise<Map<string, ActorAccount>> => {
|
|
90
|
-
const results = new Map<string, ActorAccount>()
|
|
91
|
-
|
|
92
|
-
if (!dids.length) {
|
|
93
|
-
return results
|
|
94
|
-
}
|
|
95
|
-
|
|
96
|
-
const accounts = await selectAccountQB(db, flags)
|
|
97
|
-
.where('actor.did', 'in', dids)
|
|
98
|
-
.execute()
|
|
99
|
-
|
|
100
|
-
accounts.forEach((account) => {
|
|
101
|
-
results.set(account.did, account)
|
|
102
|
-
})
|
|
103
|
-
|
|
104
|
-
return results
|
|
105
|
-
}
|
|
106
|
-
|
|
107
|
-
export const getAccountByEmail = async (
|
|
108
|
-
db: AccountDb,
|
|
109
|
-
email: string,
|
|
110
|
-
flags?: AvailabilityFlags,
|
|
111
|
-
): Promise<ActorAccount | null> => {
|
|
112
|
-
const found = await selectAccountQB(db, flags)
|
|
113
|
-
.where('email', '=', email.toLowerCase())
|
|
114
|
-
.executeTakeFirst()
|
|
115
|
-
return found || null
|
|
116
|
-
}
|
|
117
|
-
|
|
118
|
-
export const registerActor = async (
|
|
119
|
-
db: AccountDb,
|
|
120
|
-
opts: {
|
|
121
|
-
did: DidString
|
|
122
|
-
handle: HandleString
|
|
123
|
-
deactivated?: boolean
|
|
124
|
-
},
|
|
125
|
-
) => {
|
|
126
|
-
const { did, handle, deactivated } = opts
|
|
127
|
-
const now = Date.now()
|
|
128
|
-
const createdAt = new Date(now).toISOString()
|
|
129
|
-
const [registered] = await db.executeWithRetry(
|
|
130
|
-
db.db
|
|
131
|
-
.insertInto('actor')
|
|
132
|
-
.values({
|
|
133
|
-
did,
|
|
134
|
-
handle,
|
|
135
|
-
createdAt,
|
|
136
|
-
deactivatedAt: deactivated ? createdAt : null,
|
|
137
|
-
deleteAfter: deactivated ? new Date(now + 3 * DAY).toISOString() : null,
|
|
138
|
-
})
|
|
139
|
-
.onConflict((oc) => oc.doNothing())
|
|
140
|
-
.returning('did'),
|
|
141
|
-
)
|
|
142
|
-
if (!registered) {
|
|
143
|
-
throw new UserAlreadyExistsError()
|
|
144
|
-
}
|
|
145
|
-
}
|
|
146
|
-
|
|
147
|
-
export const registerAccount = async (
|
|
148
|
-
db: AccountDb,
|
|
149
|
-
opts: {
|
|
150
|
-
did: string
|
|
151
|
-
email: string
|
|
152
|
-
passwordScrypt: string
|
|
153
|
-
},
|
|
154
|
-
) => {
|
|
155
|
-
const { did, email, passwordScrypt } = opts
|
|
156
|
-
const [registered] = await db.executeWithRetry(
|
|
157
|
-
db.db
|
|
158
|
-
.insertInto('account')
|
|
159
|
-
.values({
|
|
160
|
-
did,
|
|
161
|
-
email: email.toLowerCase(),
|
|
162
|
-
passwordScrypt,
|
|
163
|
-
})
|
|
164
|
-
.onConflict((oc) => oc.doNothing())
|
|
165
|
-
.returning('did'),
|
|
166
|
-
)
|
|
167
|
-
if (!registered) {
|
|
168
|
-
throw new UserAlreadyExistsError()
|
|
169
|
-
}
|
|
170
|
-
}
|
|
171
|
-
|
|
172
|
-
export const deleteAccount = async (
|
|
173
|
-
db: AccountDb,
|
|
174
|
-
did: DidString,
|
|
175
|
-
): Promise<void> => {
|
|
176
|
-
// Not done in transaction because it would be too long, prone to contention.
|
|
177
|
-
// Also, this can safely be run multiple times if it fails.
|
|
178
|
-
await db.executeWithRetry(
|
|
179
|
-
db.db.deleteFrom('repo_root').where('did', '=', did),
|
|
180
|
-
)
|
|
181
|
-
await db.executeWithRetry(
|
|
182
|
-
db.db.deleteFrom('email_token').where('did', '=', did),
|
|
183
|
-
)
|
|
184
|
-
await db.executeWithRetry(
|
|
185
|
-
db.db.deleteFrom('refresh_token').where('did', '=', did),
|
|
186
|
-
)
|
|
187
|
-
await db.executeWithRetry(
|
|
188
|
-
db.db.deleteFrom('account').where('account.did', '=', did),
|
|
189
|
-
)
|
|
190
|
-
await db.executeWithRetry(
|
|
191
|
-
db.db.deleteFrom('actor').where('actor.did', '=', did),
|
|
192
|
-
)
|
|
193
|
-
}
|
|
194
|
-
|
|
195
|
-
export const updateHandle = async (
|
|
196
|
-
db: AccountDb,
|
|
197
|
-
did: DidString,
|
|
198
|
-
handle: HandleString,
|
|
199
|
-
) => {
|
|
200
|
-
// No-op if the handle is the same, but still returns 1 row affected, so that
|
|
201
|
-
// it can be used to check for existence of the account.
|
|
202
|
-
const [res] = await db.executeWithRetry(
|
|
203
|
-
db.db
|
|
204
|
-
.updateTable('actor')
|
|
205
|
-
.set({ handle })
|
|
206
|
-
.where('did', '=', did)
|
|
207
|
-
.where(({ not, exists }) =>
|
|
208
|
-
not(
|
|
209
|
-
exists(
|
|
210
|
-
db.db
|
|
211
|
-
.selectFrom('actor')
|
|
212
|
-
.where('handle', '=', handle)
|
|
213
|
-
.where('did', '!=', did)
|
|
214
|
-
.selectAll(),
|
|
215
|
-
),
|
|
216
|
-
),
|
|
217
|
-
),
|
|
218
|
-
)
|
|
219
|
-
if (res.numUpdatedRows < 1) {
|
|
220
|
-
throw new UserAlreadyExistsError(
|
|
221
|
-
'Handle is already in use, please choose a different handle.',
|
|
222
|
-
)
|
|
223
|
-
}
|
|
224
|
-
}
|
|
225
|
-
|
|
226
|
-
export const updateEmail = async (
|
|
227
|
-
db: AccountDb,
|
|
228
|
-
did: DidString,
|
|
229
|
-
email: string,
|
|
230
|
-
) => {
|
|
231
|
-
try {
|
|
232
|
-
await db.executeWithRetry(
|
|
233
|
-
db.db
|
|
234
|
-
.updateTable('account')
|
|
235
|
-
.set({
|
|
236
|
-
email: email.toLowerCase(),
|
|
237
|
-
emailConfirmedAt: null,
|
|
238
|
-
})
|
|
239
|
-
.where('did', '=', did),
|
|
240
|
-
)
|
|
241
|
-
} catch (err) {
|
|
242
|
-
if (isErrUniqueViolation(err)) {
|
|
243
|
-
throw new UserAlreadyExistsError()
|
|
244
|
-
}
|
|
245
|
-
throw err
|
|
246
|
-
}
|
|
247
|
-
}
|
|
248
|
-
|
|
249
|
-
export const setEmailConfirmedAt = async (
|
|
250
|
-
db: AccountDb,
|
|
251
|
-
did: DidString,
|
|
252
|
-
emailConfirmedAt: DatetimeString,
|
|
253
|
-
) => {
|
|
254
|
-
await db.executeWithRetry(
|
|
255
|
-
db.db
|
|
256
|
-
.updateTable('account')
|
|
257
|
-
.set({ emailConfirmedAt })
|
|
258
|
-
.where('did', '=', did),
|
|
259
|
-
)
|
|
260
|
-
}
|
|
261
|
-
|
|
262
|
-
export const getAccountAdminStatus = async (
|
|
263
|
-
db: AccountDb,
|
|
264
|
-
did: DidString,
|
|
265
|
-
): Promise<{
|
|
266
|
-
takedown: com.atproto.admin.defs.StatusAttr
|
|
267
|
-
deactivated: com.atproto.admin.defs.StatusAttr
|
|
268
|
-
} | null> => {
|
|
269
|
-
const res = await db.db
|
|
270
|
-
.selectFrom('actor')
|
|
271
|
-
.select(['takedownRef', 'deactivatedAt'])
|
|
272
|
-
.where('did', '=', did)
|
|
273
|
-
.executeTakeFirst()
|
|
274
|
-
if (!res) return null
|
|
275
|
-
const takedown = res.takedownRef
|
|
276
|
-
? { applied: true, ref: res.takedownRef }
|
|
277
|
-
: { applied: false }
|
|
278
|
-
const deactivated = res.deactivatedAt ? { applied: true } : { applied: false }
|
|
279
|
-
return { takedown, deactivated }
|
|
280
|
-
}
|
|
281
|
-
|
|
282
|
-
export const updateAccountTakedownStatus = async (
|
|
283
|
-
db: AccountDb,
|
|
284
|
-
did: DidString,
|
|
285
|
-
takedown: com.atproto.admin.defs.StatusAttr,
|
|
286
|
-
) => {
|
|
287
|
-
const takedownRef = takedown.applied
|
|
288
|
-
? takedown.ref ?? currentDatetimeString()
|
|
289
|
-
: null
|
|
290
|
-
await db.executeWithRetry(
|
|
291
|
-
db.db.updateTable('actor').set({ takedownRef }).where('did', '=', did),
|
|
292
|
-
)
|
|
293
|
-
}
|
|
294
|
-
|
|
295
|
-
export const deactivateAccount = async (
|
|
296
|
-
db: AccountDb,
|
|
297
|
-
did: DidString,
|
|
298
|
-
deleteAfter: string | null,
|
|
299
|
-
): Promise<boolean> => {
|
|
300
|
-
const [res] = await db.executeWithRetry(
|
|
301
|
-
db.db
|
|
302
|
-
.updateTable('actor')
|
|
303
|
-
.set({
|
|
304
|
-
deactivatedAt: currentDatetimeString(),
|
|
305
|
-
deleteAfter,
|
|
306
|
-
})
|
|
307
|
-
.where('did', '=', did),
|
|
308
|
-
)
|
|
309
|
-
|
|
310
|
-
return res.numUpdatedRows > 0
|
|
311
|
-
}
|
|
312
|
-
|
|
313
|
-
export const activateAccount = async (
|
|
314
|
-
db: AccountDb,
|
|
315
|
-
did: DidString,
|
|
316
|
-
flags?: AvailabilityFlags,
|
|
317
|
-
): Promise<boolean> => {
|
|
318
|
-
const { includeTakenDown = false, includeDeactivated = true } = flags ?? {}
|
|
319
|
-
const { ref } = db.db.dynamic
|
|
320
|
-
|
|
321
|
-
const [res] = await db.executeWithRetry(
|
|
322
|
-
db.db
|
|
323
|
-
.updateTable('actor')
|
|
324
|
-
.set({
|
|
325
|
-
deactivatedAt: null,
|
|
326
|
-
deleteAfter: null,
|
|
327
|
-
})
|
|
328
|
-
.where('did', '=', did)
|
|
329
|
-
.$if(!includeTakenDown, (q) =>
|
|
330
|
-
q.where(notSoftDeletedClause(ref('actor'))),
|
|
331
|
-
)
|
|
332
|
-
.$if(!includeDeactivated, (q) =>
|
|
333
|
-
q.where('actor.deactivatedAt', 'is not', null),
|
|
334
|
-
),
|
|
335
|
-
)
|
|
336
|
-
|
|
337
|
-
return res.numUpdatedRows > 0
|
|
338
|
-
}
|
|
339
|
-
|
|
340
|
-
export const formatAccountStatus = (
|
|
341
|
-
account: null | {
|
|
342
|
-
takedownRef: string | null
|
|
343
|
-
deactivatedAt: string | null
|
|
344
|
-
},
|
|
345
|
-
) => {
|
|
346
|
-
if (!account) {
|
|
347
|
-
return { active: false, status: AccountStatus.Deleted } as const
|
|
348
|
-
} else if (account.takedownRef) {
|
|
349
|
-
return { active: false, status: AccountStatus.Takendown } as const
|
|
350
|
-
} else if (account.deactivatedAt) {
|
|
351
|
-
return { active: false, status: AccountStatus.Deactivated } as const
|
|
352
|
-
} else {
|
|
353
|
-
return { active: true, status: undefined } as const
|
|
354
|
-
}
|
|
355
|
-
}
|