npm - @base44-preview/cli - Versions diffs - 0.0.50-pr.475.145bd51 → 0.0.50-pr.475.235c44c - Mend

@base44-preview/cli 0.0.50-pr.475.145bd51 → 0.0.50-pr.475.235c44c

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/cli/index.js CHANGED Viewed

@@ -243211,6 +243211,7 @@ var package_default = {
     "@types/ejs": "^3.1.5",
     "@types/express": "^5.0.6",
     "@types/json-schema": "^7.0.15",
+    "@types/jsonwebtoken": "^9.0.10",
     "@types/lodash": "^4.17.24",
     "@types/multer": "^2.0.0",
     "@types/node": "^22.10.5",
@@ -243229,6 +243230,7 @@ var package_default = {
     globby: "^16.1.0",
     "http-proxy-middleware": "^3.0.5",
     "json-schema-to-typescript": "^15.0.4",
+    jsonwebtoken: "^9.0.3",
     json5: "^2.2.3",
     ky: "^1.14.2",
     lodash: "^4.17.23",
@@ -253321,7 +253323,9 @@ class Validator {
 }
 // src/cli/dev/dev-server/db/database.ts
+var PRIVATE_COLLECTION_PREFIX = "$";
 var USER_COLLECTION = "user";
+var PRIVATE_USER_COLLECTION = PRIVATE_COLLECTION_PREFIX + USER_COLLECTION;
 class Database {
   collections = new Map;
@@ -253343,6 +253347,7 @@ class Database {
     this.schemas.set(USER_COLLECTION, this.buildUserSchema(userEntity));
     const collection = new import_nedb.default;
     this.collections.set(USER_COLLECTION, collection);
+    this.collections.set(PRIVATE_USER_COLLECTION, new import_nedb.default);
     const userInfo = await readAuth();
     const now = getNowISOTimestamp();
     await collection.insertAsync({
@@ -253384,7 +253389,9 @@ class Database {
     return this.collections.get(this.normalizeName(name2));
   }
   getCollectionNames() {
-    return Array.from(this.collections.keys());
+    return Array.from(this.collections.keys()).filter((name2) => {
+      return !name2.startsWith(PRIVATE_COLLECTION_PREFIX);
+    });
   }
   dropAll() {
     for (const collection of this.collections.values()) {
@@ -253461,32 +253468,37 @@ var createJwtToken = (email3) => {
     expiresIn: "360d"
   });
 };
-var UserRegiterSchema = object({
-  id: string2(),
-  email: email2(),
-  otpCode: string2().length(6),
-  password: string2().min(8),
-  createdAt: number2().min(1)
-});
+var LoginBody = object({ email: email2(), password: string2() });
+var VerifyOtpBody = object({ email: email2(), otp_code: string2() });
 function createAuthRouter(db2, logger2) {
   const router = import_express2.Router({ mergeParams: true });
-  const userRegitrPendingMap = new Map;
   const parseBody = import_express2.json();
   router.post("/login", parseBody, async (req, res) => {
-    const { email: email3, password: _password } = req.body;
+    const { email: email3, password } = LoginBody.parse(req.body);
     const result = await db2.getCollection(USER_COLLECTION)?.findOneAsync({ email: email3 });
     if (result) {
-      res.json({
-        access_token: createJwtToken(email3),
-        success: true,
-        user: {}
-      });
+      const privateUserData = await db2.getCollection(PRIVATE_USER_COLLECTION)?.findOneAsync({ email: email3 });
+      if (result.role === "admin" || privateUserData?.password === password) {
+        res.json({
+          access_token: createJwtToken(email3),
+          success: true,
+          user: {}
+        });
+      } else {
+        res.status(400).json({
+          detail: "Invalid email or password",
+          error_type: "HTTPException",
+          message: "Invalid email or password",
+          request_id: null,
+          traceback: ""
+        });
+      }
       return;
     }
     res.status(401).json({ error: "Unauthorized" });
   });
   router.post("/register", parseBody, async (req, res) => {
-    const { email: email3, password } = req.body;
+    const { email: email3, password } = LoginBody.parse(req.body);
     if ((password || "").length < 8) {
       res.status(400).json({
         detail: "Password must be at least 8 characters long",
@@ -253508,15 +253520,30 @@ function createAuthRouter(db2, logger2) {
       });
       return;
     }
-    const otpCode = generateCode();
-    const id2 = nanoid3();
-    userRegitrPendingMap.set(email3, {
-      id: id2,
-      email: email3,
-      otpCode,
-      password,
-      createdAt: +Date.now()
+    const privateUserCollection = db2.getCollection(PRIVATE_USER_COLLECTION);
+    const privateUserData = await privateUserCollection?.findOneAsync({
+      email: email3
     });
+    const otpCode = generateCode();
+    const id2 = privateUserData ? privateUserData.id : nanoid3();
+    if (!privateUserData) {
+      await privateUserCollection?.insertAsync({
+        id: id2,
+        email: email3,
+        otpCode,
+        password,
+        createdAt: Date.now()
+      });
+    } else {
+      await privateUserCollection?.updateAsync({
+        email: email3
+      }, {
+        $set: {
+          otpCode,
+          createdAt: Date.now()
+        }
+      });
+    }
     logger2.log(theme.styles.info(`
 In order to complete registration use this verification code: ${otpCode}
 `));
@@ -253527,16 +253554,24 @@ In order to complete registration use this verification code: ${otpCode}
     });
   });
   router.post("/verify-otp", parseBody, async (req, res) => {
-    const { email: email3, otp_code } = req.body;
-    const userData = userRegitrPendingMap.get(email3);
-    if (userData && userData.otpCode === otp_code) {
-      if (+Date.now() - userData.createdAt < 10 * 60 * 1000) {
+    const { email: email3, otp_code } = VerifyOtpBody.parse(req.body);
+    const privateUserCollection = db2.getCollection(PRIVATE_USER_COLLECTION);
+    const privateUserData = await privateUserCollection?.findOneAsync({
+      email: email3
+    });
+    if (privateUserData && privateUserData.otpCode === otp_code) {
+      if (+Date.now() - privateUserData.createdAt < 10 * 60 * 1000) {
+        await privateUserCollection?.updateAsync({
+          email: email3
+        }, {
+          $unset: { otpCode: true }
+        });
         const collection = db2.getCollection(USER_COLLECTION);
         const now = getNowISOTimestamp();
         const nameFromEmailMatch = /^([^@]+)/.exec(email3);
         const fullName = nameFromEmailMatch ? nameFromEmailMatch[1] : email3;
         await collection?.insertAsync({
-          id: userData.id,
+          id: privateUserData.id,
           email: email3,
           full_name: fullName,
           is_service: false,
@@ -253548,7 +253583,7 @@ In order to complete registration use this verification code: ${otpCode}
           updated_date: now
         });
         res.json({
-          id: userData.id,
+          id: privateUserData.id,
           access_token: createJwtToken(email3),
           message: "Email verified successfully. You are now logged in.",
           success: true
@@ -260360,4 +260395,4 @@ export {
   CLIExitError
 };
-//# debugId=7F65D5426750E8BD64756E2164756E21
+//# debugId=8BC0D7129D49BDE164756E2164756E21