@axium/server 0.0.1 → 0.0.3

package/dist/database.js

@@ -51,31 +51,17 @@ var __disposeResources = (this && this.__disposeResources) || (function (Suppres
     return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
 });
 import { Kysely, PostgresDialect, sql } from 'kysely';
+import { exec } from 'node:child_process';
+import { randomBytes } from 'node:crypto';
 import pg from 'pg';
-export function normalizeConfig(config) {
-    config.host ??= 'localhost';
-    if (!config.port) {
-        const [hostname, port] = config.host.split(':');
-        config.port = port ? parseInt(port) : 5432;
-        config.host = hostname;
-    }
-    if (config.host.includes(':'))
-        config.host = config.host.split(':')[0];
-    return config;
-}
+import * as config from './config.js';
+import { logger } from './io.js';
 export let database;
-export function connect(config) {
+export function connect() {
     if (database)
         return database;
-    normalizeConfig(config);
     const _db = new Kysely({
-        dialect: new PostgresDialect({
-            pool: new pg.Pool({
-                ...config,
-                user: 'axium',
-                database: 'axium',
-            }),
-        }),
+        dialect: new PostgresDialect({ pool: new pg.Pool(config.db) }),
     });
     database = Object.assign(_db, {
         async [Symbol.asyncDispose]() {
@@ -84,16 +70,177 @@ export function connect(config) {
     });
     return database;
 }
-export async function status(config) {
+export async function status() {
+    const db = connect();
+    return {
+        users: (await db.selectFrom('User').select(db.fn.countAll().as('count')).executeTakeFirstOrThrow()).count,
+        accounts: (await db.selectFrom('Account').select(db.fn.countAll().as('count')).executeTakeFirstOrThrow()).count,
+        sessions: (await db.selectFrom('Session').select(db.fn.countAll().as('count')).executeTakeFirstOrThrow()).count,
+    };
+}
+export async function statusText() {
+    try {
+        const stats = await status();
+        return `${stats.users} users, ${stats.accounts} accounts, ${stats.sessions} sessions`;
+    }
+    catch (error) {
+        throw typeof error == 'object' && 'message' in error ? error.message : error;
+    }
+}
+/**
+ * TS can't tell when we do this inline
+ */
+function _fixOutput(opt) {
+    opt.output ??= () => { };
+}
+/**
+ * Convenience function for `sudo -u postgres psql -c "${command}"`, plus `report` coolness.
+ * @internal
+ */
+async function execSQL(opts, command, message) {
+    let stderr;
+    try {
+        opts.output('start', message);
+        const { promise, resolve, reject } = Promise.withResolvers();
+        exec(`sudo -u postgres psql -c "${command}"`, opts, (err, _, _stderr) => {
+            stderr = _stderr.startsWith('ERROR:') ? _stderr.slice(6).trim() : _stderr;
+            if (err)
+                reject('[command]');
+            else
+                resolve();
+        });
+        await promise;
+        opts.output('done');
+    }
+    catch (error) {
+        throw error == '[command]' ? stderr?.slice(0, 100) || 'failed.' : typeof error == 'object' && 'message' in error ? error.message : error;
+    }
+}
+function shouldRecreate(opt) {
+    if (opt.skip) {
+        opt.output('warn', 'already exists. (skipped)\n');
+        return true;
+    }
+    if (opt.force) {
+        opt.output('warn', 'already exists. (re-creating)\n');
+        return false;
+    }
+    opt.output('warn', 'already exists. Use --skip to skip or --force to re-create.\n');
+    throw 2;
+}
+export async function init(opt) {
     const env_1 = { stack: [], error: void 0, hasError: false };
     try {
-        normalizeConfig(config);
-        const db = __addDisposableResource(env_1, connect(config), true);
-        return {
-            users: (await db.selectFrom('User').select(db.fn.countAll().as('count')).executeTakeFirstOrThrow()).count,
-            accounts: (await db.selectFrom('Account').select(db.fn.countAll().as('count')).executeTakeFirstOrThrow()).count,
-            sessions: (await db.selectFrom('Session').select(db.fn.countAll().as('count')).executeTakeFirstOrThrow()).count,
+        _fixOutput(opt);
+        if (!config.db.password) {
+            config.save({ db: { password: randomBytes(32).toString('base64') } }, true);
+            logger.debug('Generated password and wrote to global config');
+        }
+        const _sql = (command, message) => execSQL(opt, command, message);
+        await _sql('CREATE DATABASE axium', 'Creating database').catch(async (error) => {
+            if (error != 'database "axium" already exists')
+                throw error;
+            if (shouldRecreate(opt))
+                return;
+            await _sql('DROP DATABASE axium', 'Dropping database');
+            await _sql('CREATE DATABASE axium', 'Re-creating database');
+        });
+        const createQuery = `CREATE USER axium WITH ENCRYPTED PASSWORD '${config.db.password}' LOGIN`;
+        await _sql(createQuery, 'Creating user').catch(async (error) => {
+            if (error != 'role "axium" already exists')
+                throw error;
+            if (shouldRecreate(opt))
+                return;
+            await _sql('REVOKE ALL PRIVILEGES ON SCHEMA public FROM axium', 'Revoking schema privileges');
+            await _sql('DROP USER axium', 'Dropping user');
+            await _sql(createQuery, 'Re-creating user');
+        });
+        await _sql('GRANT ALL PRIVILEGES ON DATABASE axium TO axium', 'Granting database privileges');
+        await _sql('GRANT ALL PRIVILEGES ON SCHEMA public TO axium', 'Granting schema privileges');
+        await _sql('ALTER DATABASE axium OWNER TO axium', 'Setting database owner');
+        await _sql('SELECT pg_reload_conf()', 'Reloading configuration');
+        const db = __addDisposableResource(env_1, connect(), true);
+        const relationExists = (table) => (error) => {
+            error = typeof error == 'object' && 'message' in error ? error.message : error;
+            if (error == `relation "${table}" already exists`)
+                opt.output('warn', 'already exists.');
+            else
+                throw error;
         };
+        opt.output('start', 'Creating table User');
+        await db.schema
+            .createTable('User')
+            .addColumn('id', 'uuid', col => col.primaryKey().defaultTo(sql `gen_random_uuid()`))
+            .addColumn('name', 'text')
+            .addColumn('email', 'text', col => col.unique().notNull())
+            .addColumn('emailVerified', 'timestamptz')
+            .addColumn('image', 'text')
+            .addColumn('password', 'text')
+            .addColumn('salt', 'text')
+            .execute()
+            .catch(relationExists('User'));
+        opt.output('done');
+        opt.output('start', 'Creating table Account');
+        await db.schema
+            .createTable('Account')
+            .addColumn('id', 'uuid', col => col.primaryKey().defaultTo(sql `gen_random_uuid()`))
+            .addColumn('userId', 'uuid', col => col.references('User.id').onDelete('cascade').notNull())
+            .addColumn('type', 'text', col => col.notNull())
+            .addColumn('provider', 'text', col => col.notNull())
+            .addColumn('providerAccountId', 'text', col => col.notNull())
+            .addColumn('refresh_token', 'text')
+            .addColumn('access_token', 'text')
+            .addColumn('expires_at', 'bigint')
+            .addColumn('token_type', 'text')
+            .addColumn('scope', 'text')
+            .addColumn('id_token', 'text')
+            .addColumn('session_state', 'text')
+            .execute()
+            .catch(relationExists('Account'));
+        opt.output('done');
+        opt.output('start', 'Creating index for Account.userId');
+        db.schema.createIndex('Account_userId_index').on('Account').column('userId').execute().catch(relationExists('Account_userId_index'));
+        opt.output('done');
+        opt.output('start', 'Creating table Session');
+        await db.schema
+            .createTable('Session')
+            .addColumn('id', 'uuid', col => col.primaryKey().defaultTo(sql `gen_random_uuid()`))
+            .addColumn('userId', 'uuid', col => col.references('User.id').onDelete('cascade').notNull())
+            .addColumn('sessionToken', 'text', col => col.notNull().unique())
+            .addColumn('expires', 'timestamptz', col => col.notNull())
+            .execute()
+            .catch(relationExists('Session'));
+        opt.output('done');
+        opt.output('start', 'Creating index for Session.userId');
+        db.schema.createIndex('Session_userId_index').on('Session').column('userId').execute().catch(relationExists('Session_userId_index'));
+        opt.output('done');
+        opt.output('start', 'Creating table VerificationToken');
+        await db.schema
+            .createTable('VerificationToken')
+            .addColumn('identifier', 'text', col => col.notNull())
+            .addColumn('token', 'text', col => col.notNull().unique())
+            .addColumn('expires', 'timestamptz', col => col.notNull())
+            .execute()
+            .catch(relationExists('VerificationToken'));
+        opt.output('done');
+        opt.output('start', 'Creating table Authenticator');
+        await db.schema
+            .createTable('Authenticator')
+            .addColumn('credentialID', 'text', col => col.primaryKey().notNull())
+            .addColumn('userId', 'uuid', col => col.notNull().references('User.id').onDelete('cascade').onUpdate('cascade'))
+            .addColumn('providerAccountId', 'text', col => col.notNull())
+            .addColumn('credentialPublicKey', 'text', col => col.notNull())
+            .addColumn('counter', 'integer', col => col.notNull())
+            .addColumn('credentialDeviceType', 'text', col => col.notNull())
+            .addColumn('credentialBackedUp', 'boolean', col => col.notNull())
+            .addColumn('transports', 'text')
+            .execute()
+            .catch(relationExists('Authenticator'));
+        opt.output('done');
+        opt.output('start', 'Creating index for Authenticator.credentialID');
+        db.schema.createIndex('Authenticator_credentialID_key').on('Authenticator').column('credentialID').execute().catch(relationExists('Authenticator_credentialID_key'));
+        opt.output('done');
+        return config.db;
     }
     catch (e_1) {
         env_1.error = e_1;
@@ -105,12 +252,24 @@ export async function status(config) {
             await result_1;
     }
 }
-export async function statusText(config) {
-    try {
-        const stats = await status(config);
-        return `${stats.users} users, ${stats.accounts} accounts, ${stats.sessions} sessions`;
-    }
-    catch (error) {
-        throw typeof error == 'object' && 'message' in error ? error.message : error;
+/**
+ * Completely remove Axium from the database.
+ */
+export async function uninstall(opt) {
+    _fixOutput(opt);
+    await execSQL(opt, 'DROP DATABASE axium', 'Dropping database');
+    await execSQL(opt, 'REVOKE ALL PRIVILEGES ON SCHEMA public FROM axium', 'Revoking schema privileges');
+    await execSQL(opt, 'DROP USER axium', 'Dropping user');
+}
+/**
+ * Removes all data from tables.
+ */
+export async function wipe(opt) {
+    _fixOutput(opt);
+    const db = connect();
+    for (const table of ['User', 'Account', 'Session', 'VerificationToken', 'Authenticator']) {
+        opt.output('start', `Removing data from ${table}`);
+        await db.deleteFrom(table).execute();
+        opt.output('done');
     }
 }

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+export * as auth from './auth.js';
+export * as db from './database.js';
+export * as config from './config.js';

package/dist/index.js

@@ -1 +1,3 @@
+export * as auth from './auth.js';
 export * as db from './database.js';
+export * as config from './config.js';

package/dist/io.d.ts

@@ -0,0 +1,21 @@
+import { Logger } from 'logzen';
+/**
+ * Find the Axium directory.
+ * This directory includes things like config files, secrets, etc.
+ */
+export declare function findDir(global: boolean): string;
+export declare const logger: Logger;
+export declare const output: {
+    constructor: {
+        name: string;
+    };
+    error(message: string): void;
+    warn(message: string): void;
+    info(message: string): void;
+    log(message: string): void;
+    debug(message: string): void;
+};
+/** Yet another convenience function */
+export declare function exit(message: string | Error, code?: number): never;
+/** Convenience function for `example... [done. / error]` */
+export declare function report<T>(promise: Promise<T>, message: string, success?: string): Promise<T>;

package/dist/io.js

@@ -0,0 +1,63 @@
+import { Logger } from 'logzen';
+import { mkdirSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { join } from 'node:path/posix';
+import { styleText } from 'node:util';
+/**
+ * Find the Axium directory.
+ * This directory includes things like config files, secrets, etc.
+ */
+export function findDir(global) {
+    if (process.env.AXIUM_DIR)
+        return process.env.AXIUM_DIR;
+    if (global && process.getuid?.() === 0)
+        return '/etc/axium';
+    if (global)
+        return join(homedir(), '.axium');
+    return '.axium';
+}
+if (process.getuid?.() === 0)
+    mkdirSync('/etc/axium', { recursive: true });
+mkdirSync(findDir(false), { recursive: true });
+export const logger = new Logger({
+    hideWarningStack: true,
+    noGlobalConsole: true,
+});
+export const output = {
+    constructor: { name: 'Console' },
+    error(message) {
+        console.error(message.startsWith('\x1b') ? message : styleText('red', message));
+    },
+    warn(message) {
+        console.warn(message.startsWith('\x1b') ? message : styleText('yellow', message));
+    },
+    info(message) {
+        console.info(message.startsWith('\x1b') ? message : styleText('blue', message));
+    },
+    log(message) {
+        console.log(message);
+    },
+    debug(message) {
+        console.debug(message.startsWith('\x1b') ? message : styleText('gray', message));
+    },
+};
+logger.attach(output);
+/** Yet another convenience function */
+export function exit(message, code = 1) {
+    if (message instanceof Error)
+        message = message.message;
+    output.error(message);
+    process.exit(code);
+}
+/** Convenience function for `example... [done. / error]` */
+export async function report(promise, message, success = 'done.') {
+    process.stdout.write(message + '... ');
+    try {
+        const result = await promise;
+        console.log(success);
+        return result;
+    }
+    catch (error) {
+        throw typeof error == 'object' && 'message' in error ? error.message : error;
+    }
+}

package/package.json

@@ -1,7 +1,6 @@
 {
 	"name": "@axium/server",
-	"version": "0.0.1",
-	"main": "dist/index.js",
+	"version": "0.0.3",
 	"author": "James Prevett <axium@jamespre.dev> (https://jamespre.dev)",
 	"funding": {
 		"type": "individual",
@@ -15,23 +14,39 @@
 	"bugs": {
 		"url": "https://github.com/james-pre/axium/issues"
 	},
-	"types": "dist/index.d.ts",
 	"type": "module",
+	"main": "dist/index.js",
+	"types": "dist/index.d.ts",
 	"files": [
-		"dist"
+		"dist",
+		"web"
 	],
 	"bin": {
-		"axium": "./dist/cli.js"
+		"axium": "dist/cli.js"
 	},
 	"scripts": {
 		"build": "tsc"
 	},
+	"peerDependencies": {
+		"@axium/core": ">=0.0.1"
+	},
 	"dependencies": {
+		"@auth/core": "^0.38.0",
+		"@auth/kysely-adapter": "^1.8.0",
 		"@types/pg": "^8.11.11",
-		"chalk": "^5.4.1",
+		"bcryptjs": "^3.0.2",
 		"commander": "^13.1.0",
 		"kysely": "^0.27.5",
+		"logzen": "^0.6.2",
 		"pg": "^8.14.1",
-		"@auth/kysely-adapter": "^1.8.0"
+		"utilium": "^2.2.3"
+	},
+	"devDependencies": {
+		"@auth/sveltekit": "^1.8.0",
+		"@sveltejs/adapter-node": "^5.2.12",
+		"@sveltejs/kit": "^2.20.2",
+		"@vitejs/plugin-basic-ssl": "^2.0.0",
+		"svelte": "^5.25.3",
+		"vite-plugin-mkcert": "^1.17.8"
 	}
 }

package/web/app.html

@@ -0,0 +1,15 @@
+<!doctype html>
+<html lang="en">
+	<head>
+		<meta charset="utf-8" />
+		<link rel="icon" href="%sveltekit.assets%/favicon.svg" />
+		<meta name="viewport" content="width=device-width, initial-scale=1" />
+		<meta name="color-scheme" content="dark light" />
+		<link rel="stylesheet" href="/axium.css" />
+		%sveltekit.head%
+	</head>
+
+	<body>
+		<div style="display: contents">%sveltekit.body%</div>
+	</body>
+</html>

package/web/auth.ts

@@ -0,0 +1,12 @@
+import { SvelteKitAuth } from '@auth/sveltekit';
+import { createWriteStream } from 'node:fs';
+import { join } from 'node:path/posix';
+import { getConfig } from '../src/auth.js';
+import { loadDefaults as loadDefaultConfigs } from '../src/config.js';
+import { findDir, logger } from '../src/io.js';
+import { allLogLevels } from 'logzen';
+
+logger.attach(createWriteStream(join(findDir(false), 'server.log')), { output: allLogLevels });
+loadDefaultConfigs();
+
+export const { handle, signIn, signOut } = SvelteKitAuth(getConfig());

package/web/hooks.server.ts

@@ -0,0 +1 @@
+export { handle } from './auth.js';

package/web/lib/Icon.svelte

@@ -0,0 +1,42 @@
+<script lang="ts">
+	import { onMount } from 'svelte';
+
+	const { id, style = 'solid' } = $props();
+
+	const href = `https://site-assets.fontawesome.com/releases/v6.7.2/svgs/${style}/${id}.svg`;
+
+	let content = $state('');
+
+	// Fetch and inline the SVG content on component mount
+	onMount(async () => {
+		const res = await fetch(href);
+
+		if (!res.ok) {
+			console.error('Failed to fetch icon:', res.statusText);
+			return;
+		}
+
+		const text = await res.text();
+
+		const doc = new DOMParser().parseFromString(text, 'image/svg+xml');
+		const errorNode = doc.querySelector('parsererror');
+
+		if (errorNode || doc.documentElement?.nodeName != 'svg') {
+			console.error('Invalid SVG');
+			return;
+		}
+
+		content = text;
+	});
+</script>
+
+<span>{@html content}</span>
+
+<style>
+	span {
+		width: 1em;
+		height: 1em;
+		display: inline-block;
+		fill: #bbb;
+	}
+</style>

package/web/routes/+page.server.ts

@@ -0,0 +1,14 @@
+import { redirect } from '@sveltejs/kit';
+import { adapter } from '../../src/auth.js';
+import type { PageServerLoadEvent } from './$types';
+
+export async function load(event: PageServerLoadEvent) {
+	const session = await event.locals.auth();
+
+	if (!session) redirect(307, '/auth/signin');
+	if (!session.user.name) redirect(307, '/edit/name');
+
+	const user = await adapter.getUserByEmail(session.user.email);
+
+	return { session, user };
+}

package/web/routes/+page.svelte

@@ -0,0 +1,99 @@
+<script lang="ts">
+	import { page } from '$app/state';
+	import Icon from '$lib/Icon.svelte';
+	import { getUserImage } from '@axium/core';
+
+	const { user } = page.data;
+
+	const image = getUserImage(user);
+</script>
+
+<svelte:head>
+	<title>Axium Account</title>
+</svelte:head>
+
+<div id="content">
+	<img id="pfp" src={image} alt="User profile" />
+	<p id="greeting">Welcome, {user.name}</p>
+	<div class="main">
+		<div>
+			<p>Name</p>
+			<p>{user.name}</p>
+			<a href="/edit/name"><Icon id="chevron-right" /></a>
+		</div>
+		<div>
+			<p>Email</p>
+			<p>{user.email}</p>
+			<a href="/edit/email"><Icon id="chevron-right" /></a>
+		</div>
+		<div>
+			<p>User ID <dfn title="This is your UUID."><Icon id="circle-info" style="regular" /></dfn></p>
+			<p>{user.id}</p>
+		</div>
+		<a id="signout" href="/auth/signout"><button>Sign out</button></a>
+	</div>
+</div>
+
+<style>
+	#content {
+		display: flex;
+		align-items: center;
+		flex-direction: column;
+	}
+
+	#pfp {
+		width: 100px;
+		height: 100px;
+		border-radius: 50%;
+		border: 1px solid #8888;
+		margin: 3em auto 2em;
+	}
+
+	#greeting {
+		font-size: 2em;
+		margin-bottom: 1em;
+	}
+
+	.main {
+		width: 50%;
+		padding-top: 4em;
+
+		> div:has(+ div) {
+			border-bottom: 1px solid #8888;
+		}
+	}
+
+	.main > div {
+		display: grid;
+		grid-template-columns: 10em 1fr 2em;
+		align-items: center;
+		width: 100%;
+		gap: 1em;
+		text-wrap: nowrap;
+		padding-bottom: 1em;
+
+		> :first-child {
+			margin: 0 5em 0 1em;
+			color: #bbbb;
+			font-size: 0.9em;
+			grid-column: 1;
+		}
+
+		> :nth-child(2) {
+			margin: 0;
+			grid-column: 2;
+		}
+
+		> a:last-child {
+			margin: 0;
+			display: inline;
+			grid-column: 3;
+			font-size: 0.75em;
+			cursor: pointer;
+		}
+	}
+
+	#signout {
+		margin-top: 2em;
+	}
+</style>

package/web/routes/edit/email/+page.server.ts

@@ -0,0 +1,35 @@
+import { fail, redirect, type Actions } from '@sveltejs/kit';
+import { adapter } from '../../../../src/auth';
+import * as z from 'zod';
+import type { PageServerLoadEvent } from './$types';
+
+export async function load(event: PageServerLoadEvent) {
+	const session = await event.locals.auth();
+	if (!session) redirect(307, '/auth/signin');
+	return { session };
+}
+
+export const actions = {
+	async default(event) {
+		const session = await event.locals.auth();
+
+		const rawEmail = (await event.request.formData()).get('email');
+		const { data: email, success, error } = z.string().email().safeParse(rawEmail);
+
+		if (!success)
+			return fail(400, {
+				email,
+				error: error.flatten().formErrors[0] || Object.values(error.flatten().fieldErrors).flat()[0],
+			});
+
+		const user = await adapter.getUserByEmail(session.user.email);
+		if (!user) return fail(500, { email, error: 'User does not exist' });
+
+		try {
+			await adapter.updateUser({ id: user.id, email, image: user.image });
+		} catch (error: any) {
+			return fail(400, { email, error: typeof error === 'string' ? error : error.message });
+		}
+		redirect(303, '/');
+	},
+} satisfies Actions;

package/web/routes/edit/email/+page.svelte

@@ -0,0 +1,25 @@
+<script lang="ts">
+	import { enhance } from '$app/forms';
+	import { page } from '$app/state';
+	const { user } = page.data.session;
+	let { form } = $props();
+</script>
+
+<svelte:head>
+	<title>Edit Email</title>
+</svelte:head>
+
+<div>
+	<form method="POST" class="main" use:enhance>
+		{#if form?.error}
+			<div class="error">
+				{typeof form.error === 'string' ? form.error : JSON.stringify(form.error)}
+			</div>
+		{/if}
+		<div>
+			<label for="email">Email Address</label>
+			<input name="email" type="email" value={form?.email || user.email || ''} required />
+		</div>
+		<button type="submit">Continue</button>
+	</form>
+</div>