@canmingir/link-express 1.7.6 → 1.7.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/src/routes/oauth.ts +109 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@canmingir/link-express",
3
- "version": "1.7.6",
3
+ "version": "1.7.7",
4
4
  "description": "",
5
5
  "main": "index.ts",
6
6
  "types": "index.ts",
package/src/routes/oauth.ts CHANGED
@@ -230,6 +230,22 @@ router.get("/user", async (req: Request, res: Response): Promise<Response> => {
230
230
  return res.status(401).end();
231
231
  }
232
232
 
233
+ if (identityProvider.toUpperCase() === "DEMO") {
234
+ const avatarSeed = userId || "1001";
235
+ const avatarUrl = `https://api.dicebear.com/7.x/bottts/svg?seed=${avatarSeed}`;
236
+
237
+ return res.status(200).json({
238
+ user: {
239
+ id: userId || "1001",
240
+ identityProvider: "DEMO",
241
+ name: "admin",
242
+ displayName: "Demo Admin",
243
+ avatarUrl,
244
+ email: "admin@demo.local",
245
+ },
246
+ });
247
+ }
248
+
233
249
  const providerConfig = project.oauth?.providers[identityProvider] as {
234
250
  userUrl: string;
235
251
  userFields: {
@@ -271,4 +287,97 @@ router.get("/user", async (req: Request, res: Response): Promise<Response> => {
271
287
  });
272
288
  });
273
289
 
290
+ router.post("/demo", async (req: Request, res: Response): Promise<Response> => {
291
+ const { appId, projectId, username, password } = Joi.attempt(
292
+ req.body,
293
+ Joi.object({
294
+ appId: Joi.string().required(),
295
+ projectId: Joi.string().optional(),
296
+ username: Joi.string().required(),
297
+ password: Joi.string().required(),
298
+ })
299
+ .required()
300
+ .options({ stripUnknown: true })
301
+ ) as {
302
+ appId: string;
303
+ projectId?: string;
304
+ username: string;
305
+ password: string;
306
+ };
307
+
308
+ if (username !== "admin" || password !== "admin") {
309
+ throw new AuthenticationError("Invalid demo credentials");
310
+ }
311
+
312
+ const userId = "1001";
313
+
314
+ let accessToken: string;
315
+
316
+ if (projectId) {
317
+ const permissions = await Permission.findAll({
318
+ where: { userId, projectId, appId },
319
+ });
320
+
321
+ if (!permissions.length) {
322
+ accessToken = jwt.sign(
323
+ {
324
+ sub: userId,
325
+ iss: "nuc",
326
+ aid: appId,
327
+ aud: projectId,
328
+ oid: "dfb990bb-81dd-4584-82ce-050eb8f6a12f",
329
+ rls: "OWNER",
330
+ identityProvider: "DEMO",
331
+ iat: Math.floor(Date.now() / 1000),
332
+ },
333
+ process.env.JWT_SECRET as string,
334
+ { expiresIn: "12h" }
335
+ );
336
+ } else {
337
+ accessToken = jwt.sign(
338
+ {
339
+ sub: userId,
340
+ iss: "nuc",
341
+ aud: projectId,
342
+ oid: permissions[0].organizationId,
343
+ aid: appId,
344
+ rls: permissions.map((p) => p.role),
345
+ identityProvider: "DEMO",
346
+ iat: Math.floor(Date.now() / 1000),
347
+ },
348
+ process.env.JWT_SECRET as string,
349
+ { expiresIn: "12h" }
350
+ );
351
+ }
352
+ } else {
353
+ accessToken = jwt.sign(
354
+ {
355
+ sub: userId,
356
+ iss: "nuc",
357
+ aid: appId,
358
+ identityProvider: "DEMO",
359
+ iat: Math.floor(Date.now() / 1000),
360
+ },
361
+ process.env.JWT_SECRET as string,
362
+ { expiresIn: "12h" }
363
+ );
364
+ }
365
+
366
+ const refreshToken = jwt.sign(
367
+ {
368
+ sub: userId,
369
+ type: "refresh",
370
+ identityProvider: "DEMO",
371
+ iat: Math.floor(Date.now() / 1000),
372
+ },
373
+ process.env.JWT_SECRET as string,
374
+ { expiresIn: "30d" }
375
+ );
376
+
377
+ return res.status(200).json({
378
+ accessToken,
379
+ refreshToken,
380
+ });
381
+ });
382
+
274
383
  export default router;