@boarteam/boar-pack-users-backend 8.0.0 → 8.1.1

package/src/jwt-auth/jwt-auth.srtategy.ts

@@ -1,83 +0,0 @@
-import { ExtractJwt, Strategy } from 'passport-jwt';
-import { PassportStrategy } from '@nestjs/passport';
-import { Injectable, Logger, UnauthorizedException } from '@nestjs/common';
-import { JWTAuthConfigService } from './jwt-auth.config';
-import { Request } from 'express';
-import { JWT_AUTH, tokenName } from '../auth';
-import { UsersService } from '../users';
-import { RevokedTokensService } from '../revoked-tokens';
-
-export type TJWTPayload = {
-  email: string;
-  sub: string;
-  iat?: string; // Issued At
-  exp?: number; // Expiration Time
-  jti?: string; // JWT ID, used for revocation
-  sid?: string; // Session ID to identify the family of tokens
-};
-
-export type TJWTRefreshPayload = {
-  sub: string; // User ID
-  jti?: string; // JWT ID, used for revocation
-  iat?: number; // Issued At
-  exp?: number; // Expiration Time
-  sid?: string; // Session ID to identify the family of tokens
-}
-
-@Injectable()
-export class JwtAuthStrategy extends PassportStrategy(Strategy, JWT_AUTH) {
-  private readonly logger = new Logger(JwtAuthStrategy.name);
-  constructor(
-    private usersService: UsersService,
-    private jwtAuthConfigService: JWTAuthConfigService,
-    private revokedTokensService: RevokedTokensService,
-  ) {
-    super({
-      jwtFromRequest: ExtractJwt.fromExtractors([
-        ExtractJwt.fromAuthHeaderAsBearerToken(),
-        (req: Request) => {
-          const cookies = req.headers.cookie?.split('; ');
-          if (!cookies) {
-            return null;
-          }
-
-          const cookie = cookies.find(c => c.startsWith(`${tokenName}=`));
-          if (!cookie) {
-            return null;
-          }
-
-          return cookie.split('=')[1];
-        },
-      ]),
-      ignoreExpiration: false,
-      secretOrKey: jwtAuthConfigService.config.jwtSecret,
-      passReqToCallback: true,
-    });
-  }
-
-  async validate(req: Request, payload: TJWTPayload) {
-    this.logger.debug(`Validating user with email: ${payload.email}`);
-
-    // Check if a token has been revoked
-    if (payload.jti) {
-      const isRevoked = await this.revokedTokensService.isTokenRevoked(payload.jti, payload.sid);
-      if (isRevoked) {
-        this.logger.debug(`Token with JTI ${payload.jti} has been revoked`);
-        throw new UnauthorizedException('Token has been revoked');
-      }
-    }
-
-    const userId = payload.sub;
-    const user = await this.usersService.findOne({
-      select: ['id', 'email', 'role', 'permissions'],
-      where: { id: userId },
-    });
-
-    if (!user) {
-      throw new UnauthorizedException();
-    }
-    req.jwt = payload; // Attach JWT payload to the request for further use
-
-    return user;
-  }
-}

package/src/revoked-tokens/entities/revoked-token.entity.ts

@@ -1,50 +0,0 @@
-import { Column, CreateDateColumn, Entity, Index, PrimaryGeneratedColumn } from 'typeorm';
-
-export enum TOKEN_TYPE {
-  ACCESS = 'access',
-  REFRESH = 'refresh',
-  SESSION = 'session',
-}
-
-@Entity('revoked_tokens')
-@Index('IDX_REVOKED_TOKEN_SID_TYPE', ['sid', 'tokenType'])
-export class RevokedToken {
-  @PrimaryGeneratedColumn('uuid')
-  id: string;
-
-  @Column({
-    unique: true,
-    type: 'uuid',
-  })
-  @Index('IDX_REVOKED_TOKEN_JTI')
-  jti: string;
-
-  @Column({
-    type: 'uuid',
-    nullable: true,
-    default: null,
-  })
-  sid: string | null;
-
-  @Column({
-    type: 'enum',
-    enum: TOKEN_TYPE,
-    default: TOKEN_TYPE.ACCESS,
-  })
-  tokenType: TOKEN_TYPE;
-
-  @Column({
-    name: 'expires_at',
-    type: 'timestamp with time zone',
-  })
-  @Index('IDX_REVOKED_TOKEN_EXPIRES_AT')
-  expiresAt: Date;
-
-  @CreateDateColumn({
-    name: 'created_at',
-    type: 'timestamp with time zone',
-  })
-  createdAt: Date;
-}
-
-export type TRevokedToken = Omit<RevokedToken, 'id' | 'createdAt'>;

package/src/revoked-tokens/index.ts

@@ -1,3 +0,0 @@
-export * from './entities/revoked-token.entity';
-export * from './revoked-tokens.module';
-export * from './revoked-tokens.service';

package/src/revoked-tokens/revoked-tokens.module.ts

@@ -1,29 +0,0 @@
-import { Module } from '@nestjs/common';
-import { TypeOrmModule, getDataSourceToken } from '@nestjs/typeorm';
-import { RevokedToken } from './entities/revoked-token.entity';
-import { RevokedTokensService } from './revoked-tokens.service';
-import { DataSource } from 'typeorm';
-import { ScheduleModule } from "@nestjs/schedule";
-
-@Module({})
-export class RevokedTokensModule {
-  static register(config: { dataSourceName?: string } = {}) {
-    return {
-      module: RevokedTokensModule,
-      imports: [
-        TypeOrmModule.forFeature([RevokedToken], config.dataSourceName),
-        ScheduleModule.forRoot(),
-      ],
-      providers: [
-        {
-          provide: RevokedTokensService,
-          inject: [getDataSourceToken(config.dataSourceName)],
-          useFactory: (dataSource: DataSource) => {
-            return new RevokedTokensService(dataSource.getRepository(RevokedToken));
-          }
-        },
-      ],
-      exports: [RevokedTokensService],
-    };
-  }
-}

package/src/revoked-tokens/revoked-tokens.service.ts

@@ -1,88 +0,0 @@
-import { Injectable, Logger } from '@nestjs/common';
-import { Repository } from 'typeorm';
-import { RevokedToken, TOKEN_TYPE, TRevokedToken } from './entities/revoked-token.entity';
-import { Cron, CronExpression } from "@nestjs/schedule";
-import ms, { StringValue } from "ms";
-import { FindOptionsWhere } from "typeorm/find-options/FindOptionsWhere";
-
-@Injectable()
-export class RevokedTokensService {
-  private readonly logger = new Logger(RevokedTokensService.name);
-
-  constructor(private revokedTokenRepository: Repository<RevokedToken>) {}
-
-  /**
-   * Revokes a JWT token by storing its JTI in the database
-   * @param token The token to revoke, containing at least the JTI and expiration date
-   * @param refreshTokenExpiration The expiration time for the refresh token. We use it to set the expiration date of
-   * the session token.
-   */
-  public async revokeToken(token: TRevokedToken, refreshTokenExpiration: StringValue): Promise<void> {
-    const tokens: TRevokedToken[] = [token];
-
-    if (token.sid) {
-      tokens.push({
-        jti: token.sid,
-        sid: token.sid,
-        expiresAt: new Date(Date.now() + ms(refreshTokenExpiration)),
-        tokenType: TOKEN_TYPE.SESSION,
-      });
-    }
-
-    await this.revokeTokens(tokens);
-  }
-
-  public async revokeRefreshToken(token: TRevokedToken): Promise<void> {
-    await this.revokeTokens([token]);
-  }
-
-  private revokeTokens(tokens: TRevokedToken[]): Promise<void> {
-    return this.revokedTokenRepository
-      .createQueryBuilder()
-      .insert()
-      .into(RevokedToken)
-      .values(tokens)
-      .orIgnore()
-      .execute()
-      .then(() => {
-        this.logger.debug(`Tokens with JTI ${tokens.map(t => t.jti).join(', ')} have been revoked`);
-      });
-  }
-
-  /**
-   * Checks if a token has been revoked
-   * @param jti The JWT token identifier
-   * @param sid Optional session identifier, used for session tokens
-   * @returns true if the token is revoked, false otherwise
-   */
-  public async isTokenRevoked(jti: string, sid?: string): Promise<boolean> {
-    const whereConditions: FindOptionsWhere<RevokedToken>[] = [{ jti }];
-
-    if (sid) {
-      whereConditions.push({ sid, tokenType: TOKEN_TYPE.SESSION });
-    }
-
-    const tokensCount = await this.revokedTokenRepository.count({
-      where: whereConditions,
-    });
-    return tokensCount > 0;
-  }
-
-  @Cron(CronExpression.EVERY_HOUR)
-  private async cleanupExpiredTokens() {
-    const now = new Date();
-    this.logger.debug('Starting cleanup of expired revoked tokens');
-
-    try {
-      const result = await this.revokedTokenRepository
-        .createQueryBuilder()
-        .delete()
-        .where('expiresAt < :now', { now })
-        .execute();
-
-      this.logger.log(`Cleaned up ${result.affected || 0} expired revoked tokens`);
-    } catch (error) {
-      this.logger.error(`Error during revoked tokens cleanup: ${error.message}`, error.stack);
-    }
-  }
-}

package/src/settings/dto/event-settings.dto.ts

@@ -1,3 +0,0 @@
-export class EventSettingsDto {
-  [key: string]: boolean;
-}

package/src/settings/entities/setting.entity.ts

@@ -1,19 +0,0 @@
-import { Column, CreateDateColumn, Entity, PrimaryGeneratedColumn, UpdateDateColumn, } from 'typeorm';
-
-@Entity('settings')
-export class Setting {
-  @PrimaryGeneratedColumn('uuid')
-  id: string;
-
-  @Column({ unique: true })
-  key: string;
-
-  @Column()
-  value: string;
-
-  @CreateDateColumn({ name: 'created_at' })
-  createdAt: Date;
-
-  @UpdateDateColumn({ name: 'updated_at' })
-  updatedAt: Date;
-}

package/src/settings/index.ts

@@ -1,5 +0,0 @@
-export * from './settings.module';
-export * from './settings.service';
-export * from './settings.constants';
-export * from './entities/setting.entity';
-export * from './settings.permissions';

package/src/settings/policies/manage-settings.policy.ts

@@ -1,8 +0,0 @@
-import { Setting } from "../entities/setting.entity";
-import { Action, AppAbility, IPolicyHandler } from "../../casl";
-
-export class ManageSettingsPolicy implements IPolicyHandler {
-  handle(ability: AppAbility) {
-    return ability.can(Action.Manage, Setting);
-  }
-}

package/src/settings/settings.constants.ts

@@ -1,9 +0,0 @@
-export enum Notifications {
-  QuotesByProviderStatus = 'notifications.quotes_by_provider_status',
-  QuotesByUserStatus = 'notifications.quotes_by_user_status',
-}
-
-export enum SettingsValues {
-  NO = 'no',
-  YES = 'yes',
-}

package/src/settings/settings.controller.ts

@@ -1,32 +0,0 @@
-import { Body, Controller, Get, Patch } from "@nestjs/common";
-import { SettingsService } from "./settings.service";
-import { ManageSettingsPolicy } from "./policies/manage-settings.policy";
-import { ApiOkResponse, ApiTags } from "@nestjs/swagger";
-import { CheckPolicies, ManageAllPolicy } from "../casl";
-import { EventSettingsDto } from "./dto/event-settings.dto";
-
-@CheckPolicies(new ManageAllPolicy())
-@ApiTags('Settings')
-@Controller('settings')
-export class SettingsController {
-  constructor(
-    private readonly settingsService: SettingsService,
-  ) {}
-
-  @CheckPolicies(new ManageSettingsPolicy())
-  @Get('events')
-  @ApiOkResponse({
-    type: EventSettingsDto,
-  })
-  getEventSettings(): Promise<EventSettingsDto> {
-    return this.settingsService.getEventSettings();
-  }
-
-  @CheckPolicies(new ManageSettingsPolicy())
-  @Patch('events')
-  setEventSettings(
-    @Body() events: EventSettingsDto,
-  ) {
-    return this.settingsService.setEventSettings(events);
-  }
-}

package/src/settings/settings.module.ts

@@ -1,46 +0,0 @@
-import { DynamicModule, Module } from '@nestjs/common';
-import { getDataSourceToken, TypeOrmModule } from '@nestjs/typeorm';
-import { SettingsController } from "./settings.controller";
-import { SettingsService } from "./settings.service";
-import { Setting } from "./entities/setting.entity";
-import { DataSource } from "typeorm";
-import { Action, CaslAbilityFactory } from "../casl";
-import { SettingsPermissions } from "./settings.permissions";
-
-@Module({})
-export class SettingsModule {
-  static register(config: {
-    withControllers: boolean,
-    dataSourceName: string,
-  }): DynamicModule {
-    return {
-      module: SettingsModule,
-      imports: [
-        TypeOrmModule.forFeature([Setting], config.dataSourceName),
-      ],
-      controllers: config.withControllers ? [
-        SettingsController,
-      ] : [],
-      providers: [
-        {
-          provide: SettingsService,
-          inject: [getDataSourceToken(config.dataSourceName)],
-          useFactory: (dataSource: DataSource) => {
-            return new SettingsService(dataSource.getRepository(Setting));
-          }
-        }
-      ],
-      exports: [
-        SettingsService,
-      ],
-    };
-  }
-
-  constructor() {
-    CaslAbilityFactory.addPermissionToAction({
-      permission: SettingsPermissions.MANAGE,
-      action: Action.Manage,
-      subject: Setting,
-    });
-  }
-}

package/src/settings/settings.permissions.ts

@@ -1,3 +0,0 @@
-export enum SettingsPermissions {
-  MANAGE = 'manage_settings',
-}

package/src/settings/settings.service.ts

@@ -1,51 +0,0 @@
-import { Injectable } from "@nestjs/common";
-import { In, Like, Repository } from "typeorm";
-import { Setting } from "./entities/setting.entity";
-import { EventSettingsDto } from "./dto/event-settings.dto";
-import { SettingsValues } from "./settings.constants";
-
-@Injectable()
-export class SettingsService {
-  constructor(readonly repo: Repository<Setting>) {
-  }
-
-  public getSettings(settingsNames: string[]): Promise<Setting[]> {
-    return this.repo.find({
-      where: {
-        key: In(settingsNames),
-      }
-    });
-  }
-
-  async updateSettings(settings: Pick<Setting, 'key' | 'value'>[]): Promise<void> {
-    await this.repo.upsert(settings, ['key']);
-  }
-
-  async getEventSettings(): Promise<EventSettingsDto> {
-    const settings = await this.repo.find({
-      where: {
-        key: Like('notifications.%'),
-      }
-    });
-
-    const eventSettings = new EventSettingsDto();
-    settings.forEach(setting => {
-      eventSettings[setting.key] = setting.value === SettingsValues.YES
-    });
-
-    return eventSettings;
-  }
-
-  async setEventSettings(updateDto: EventSettingsDto): Promise<void> {
-    const settings: Pick<Setting, 'key' | 'value'>[] = [];
-
-    for (const key in updateDto) {
-      settings.push({
-        key: key,
-        value: updateDto[key] ? SettingsValues.YES : SettingsValues.NO,
-      });
-    }
-
-    await this.repo.upsert(settings, ['key']);
-  }
-}

package/src/telegraf/dto/telegram-settings-update.dto.ts

@@ -1,13 +0,0 @@
-import Joi from "joi";
-import { JoiSchema } from 'nestjs-joi';
-
-export class TelegramSettingsUpdateDto {
-  @JoiSchema(Joi.boolean().optional())
-  enabled?: boolean;
-
-  @JoiSchema(Joi.string().trim().optional().allow(''))
-  botToken?: string;
-
-  @JoiSchema(Joi.string().trim().optional().allow(''))
-  chatId?: string;
-}

package/src/telegraf/dto/telegram-settings.dto.ts

@@ -1,5 +0,0 @@
-export class TelegramSettingsDto {
-  enabled: boolean;
-  botToken: string | null;
-  chatId: string | null;
-}

package/src/telegraf/index.ts

@@ -1,3 +0,0 @@
-export * from './telegraf.module';
-export * from './telegraf.service';
-export * from './telegraf.constants';

package/src/telegraf/telegraf.constants.ts

@@ -1,5 +0,0 @@
-export const Telegram = {
-  BotToken: 'telegram.bot_token',
-  ChatId: 'telegram.chat_id',
-  Enabled: 'telegram.enabled',
-} as const;

package/src/telegraf/telegraf.controller.ts

@@ -1,40 +0,0 @@
-import { Body, Controller, Get, Patch, Post } from "@nestjs/common";
-import { TelegrafService } from "./telegraf.service";
-import { ApiOkResponse, ApiTags } from "@nestjs/swagger";
-import { ManageSettingsPolicy } from "../settings/policies/manage-settings.policy";
-import { CheckPolicies, ManageAllPolicy } from "../casl";
-import { TelegramSettingsDto } from "./dto/telegram-settings.dto";
-import { TelegramSettingsUpdateDto } from "./dto/telegram-settings-update.dto";
-
-@CheckPolicies(new ManageAllPolicy())
-@ApiTags('Telegraf')
-@Controller('telegraf')
-export class TelegrafController {
-  constructor(
-    private readonly telegrafService: TelegrafService,
-  ) {
-  }
-
-  @CheckPolicies(new ManageSettingsPolicy())
-  @Get('telegram')
-  @ApiOkResponse({
-    type: TelegramSettingsDto,
-  })
-  getTelegramSettings(): Promise<TelegramSettingsDto> {
-    return this.telegrafService.getTelegramSettings();
-  }
-
-  @CheckPolicies(new ManageSettingsPolicy())
-  @Patch('telegram')
-  setTelegramSettings(
-    @Body() telegram: TelegramSettingsUpdateDto,
-  ) {
-    return this.telegrafService.setTelegramSettings(telegram);
-  }
-
-  @CheckPolicies(new ManageSettingsPolicy())
-  @Post('test')
-  async testTelegraf() {
-    return await this.telegrafService.test();
-  }
-}

package/src/telegraf/telegraf.module.ts

@@ -1,28 +0,0 @@
-import { DynamicModule, Module } from "@nestjs/common";
-import { TelegrafService } from "./telegraf.service";
-import { SettingsModule } from "../settings/settings.module";
-import { TelegrafController } from "./telegraf.controller";
-
-@Module({})
-export class TelegrafModule {
-  static register(config: {
-    withControllers: boolean,
-    dataSourceName: string,
-  }): DynamicModule {
-    return {
-      module: TelegrafModule,
-      imports: [
-        SettingsModule.register({ withControllers: false, dataSourceName: config.dataSourceName }),
-      ],
-      controllers: config.withControllers ? [
-        TelegrafController,
-      ] : [],
-      providers: [
-        TelegrafService,
-      ],
-      exports: [
-        TelegrafService,
-      ],
-    };
-  }
-}

package/src/telegraf/telegraf.service.ts

@@ -1,110 +0,0 @@
-import { BadRequestException, Injectable, Logger } from "@nestjs/common";
-import { Notifications, Setting, SettingsService, SettingsValues } from "../settings";
-import { FmtString } from "telegraf/format";
-
-import { Telegraf } from "telegraf";
-import { Telegram } from "./telegraf.constants";
-import { TelegramSettingsDto } from "./dto/telegram-settings.dto";
-import { TelegramSettingsUpdateDto } from "./dto/telegram-settings-update.dto";
-
-export const settingsToDtoPropMap = {
-  [Telegram.Enabled]: 'enabled',
-  [Telegram.BotToken]: 'botToken',
-  [Telegram.ChatId]: 'chatId',
-} as const;
-
-@Injectable()
-export class TelegrafService {
-  private readonly logger = new Logger(TelegrafService.name);
-
-  constructor(
-    private readonly settingsService: SettingsService,
-  ) {
-  }
-
-  async getTelegramSettings(): Promise<TelegramSettingsDto> {
-    const settings = await this.settingsService.getSettings([
-      Telegram.Enabled,
-      Telegram.BotToken,
-      Telegram.ChatId
-    ])
-
-    const telegramSettings = {
-      enabled: false,
-      botToken: '',
-      chatId: '',
-    };
-    settings.forEach((setting) => {
-      switch (setting.key) {
-        case Telegram.Enabled:
-          telegramSettings[settingsToDtoPropMap[setting.key]] = setting.value === SettingsValues.YES;
-          break;
-
-        case Telegram.BotToken:
-        case Telegram.ChatId:
-          telegramSettings[settingsToDtoPropMap[setting.key]] = setting.value;
-          break;
-      }
-    });
-
-    return telegramSettings;
-  }
-
-  async setTelegramSettings(updateDto: TelegramSettingsUpdateDto): Promise<void> {
-    const settings: Pick<Setting, 'key' | 'value'>[] = [];
-
-    if (updateDto.enabled) {
-      settings.push({
-        key: Telegram.Enabled,
-        value: updateDto.enabled ? SettingsValues.YES : SettingsValues.NO,
-      });
-    }
-
-    if (updateDto.botToken) {
-      settings.push({
-        key: Telegram.BotToken,
-        value: updateDto.botToken,
-      });
-    }
-
-    if (updateDto.chatId) {
-      settings.push({
-        key: Telegram.ChatId,
-        value: updateDto.chatId,
-      });
-    }
-
-    await this.settingsService.updateSettings(settings);
-  }
-
-  async sendMessage(message: string | FmtString, type: Notifications | null): Promise<void> {
-    const config = await this.getTelegramSettings();
-    if (!config.enabled) {
-      this.logger.log('Suppressed telegram message because it is disabled');
-      return;
-    }
-
-    if (!config.botToken || !config.chatId) {
-      this.logger.log('Suppressed telegram message because bot token or chat id is not set');
-      return;
-    }
-
-    const bot = new Telegraf(config.botToken);
-
-    try {
-      await bot.telegram.sendMessage(config.chatId, message);
-    } catch (e) {
-      this.logger.error('Failed to send telegram message');
-      this.logger.error(e, e.stack);
-    }
-  }
-
-  async test() {
-    try {
-      return await this.sendMessage('Test message', null);
-    } catch (e) {
-      this.logger.error(e, e.stack);
-      throw new BadRequestException('Wrong bot token or chat id')
-    }
-  }
-}

package/src/tokens/dto/token-create.dto.ts

@@ -1,7 +0,0 @@
-import Joi from "joi";
-import { JoiSchema } from 'nestjs-joi';
-
-export class TokenCreateDto {
-  @JoiSchema(Joi.string().required())
-  name: string;
-}

package/src/tokens/dto/token-update.dto.ts

@@ -1,7 +0,0 @@
-import Joi from "joi";
-import { JoiSchema } from 'nestjs-joi';
-
-export class TokenUpdateDto {
-  @JoiSchema(Joi.string().optional())
-  name?: string;
-}