@drax/identity-back 0.0.30 → 0.1.0

package/src/services/UserApiKeyService.ts

@@ -0,0 +1,86 @@
+import {IUserApiKeyRepository} from "../interfaces/IUserApiKeyRepository";
+import {DraxConfig, ValidationError, ZodErrorToValidationError} from "@drax/common-back"
+import {userApiKeySchema} from "../zod/UserApiKeyZod.js";
+import {ZodError} from "zod";
+import {IUserApiKeyBase, IUserApiKey} from "@drax/identity-share";
+import {IDraxPaginateOptions, IDraxPaginateResult} from "@drax/common-share";
+import crypto from "node:crypto";
+import AuthUtils from "../utils/AuthUtils.js";
+import IdentityConfig from "../config/IdentityConfig.js";
+
+class UserApiKeyService {
+
+    _repository: IUserApiKeyRepository
+
+    constructor(userApiKeyRepostitory: IUserApiKeyRepository) {
+        this._repository = userApiKeyRepostitory
+        console.log("UserApiKeyService constructor")
+    }
+
+    async create(userApiKeyData: IUserApiKeyBase): Promise<IUserApiKey> {
+        try {
+            userApiKeyData.name = userApiKeyData?.name?.trim()
+            const secret = crypto.randomUUID()
+            const APIKEY_SECRET = DraxConfig.getOrLoad(IdentityConfig.ApiKeySecret)
+            userApiKeyData.secret = AuthUtils.generateHMAC(APIKEY_SECRET, secret)
+            await userApiKeySchema.parseAsync(userApiKeyData)
+            const userApiKey = await this._repository.create(userApiKeyData)
+            userApiKey.secret = secret
+            return userApiKey
+        } catch (e) {
+            if (e instanceof ZodError) {
+                throw ZodErrorToValidationError(e, userApiKeyData)
+            }
+            throw e
+        }
+    }
+
+    async update(id: string, userApiKeyData: IUserApiKeyBase) {
+        try {
+            userApiKeyData.name = userApiKeyData?.name?.trim()
+            delete userApiKeyData.secret
+            await userApiKeySchema.parseAsync(userApiKeyData)
+            const userApiKey = await this._repository.update(id, userApiKeyData)
+            return userApiKey
+        } catch (e) {
+            if (e instanceof ZodError) {
+                throw ZodErrorToValidationError(e, userApiKeyData)
+            }
+            throw e
+        }
+    }
+
+    async delete(id: string): Promise<boolean> {
+        const currentUserApiKey = await this.findById(id)
+        const deletedUserApiKey = await this._repository.delete(id);
+        return deletedUserApiKey;
+    }
+
+    async findById(id: string): Promise<IUserApiKey | null> {
+        const userApiKey: IUserApiKey = await this._repository.findById(id);
+        return userApiKey
+    }
+
+    async findBySecret(secret: string): Promise<IUserApiKey | null> {
+        const APIKEY_SECRET = DraxConfig.getOrLoad(IdentityConfig.ApiKeySecret)
+        const hashedSecret = AuthUtils.generateHMAC(APIKEY_SECRET, secret)
+        const userApiKey: IUserApiKey = await this._repository.findBySecret(hashedSecret);
+        return userApiKey
+    }
+
+
+    async paginate({
+                       page= 1,
+                       limit= 5,
+                       orderBy= '',
+                       orderDesc= false,
+                       search= '',
+                       filters= []} : IDraxPaginateOptions): Promise<IDraxPaginateResult<IUserApiKey>>{
+        const pagination = await this._repository.paginate({page, limit, orderBy, orderDesc, search, filters});
+        return pagination;
+    }
+
+
+}
+
+export default UserApiKeyService

package/src/setup/LoadIdentityConfigFromEnv.ts

@@ -2,12 +2,14 @@ import {DraxConfig} from "@drax/common-back";
 import IdentityConfig from "../config/IdentityConfig.js";
 
 function LoadIdentityConfigFromEnv() {
-    DraxConfig.set(IdentityConfig.DbEngine, process.env[IdentityConfig.DbEngine])
-    DraxConfig.set(IdentityConfig.SqliteDbFile, process.env[IdentityConfig.SqliteDbFile])
-    DraxConfig.set(IdentityConfig.MongoDbUri, process.env[IdentityConfig.MongoDbUri])
+
     DraxConfig.set(IdentityConfig.JwtSecret, process.env[IdentityConfig.JwtSecret])
     DraxConfig.set(IdentityConfig.JwtExpiration, process.env[IdentityConfig.JwtExpiration])
     DraxConfig.set(IdentityConfig.JwtIssuer, process.env[IdentityConfig.JwtIssuer])
+    DraxConfig.set(IdentityConfig.ApiKeySecret, process.env[IdentityConfig.ApiKeySecret])
+
+    DraxConfig.set(IdentityConfig.RbacCacheTTL, process.env[IdentityConfig.RbacCacheTTL])
+    DraxConfig.set(IdentityConfig.AvatarDir, process.env[IdentityConfig.AvatarDir])
 }
 
 export default LoadIdentityConfigFromEnv

package/src/utils/AuthUtils.ts

@@ -2,6 +2,7 @@ import bcryptjs from "bcryptjs";
 import jsonwebtoken, {SignOptions, VerifyOptions} from "jsonwebtoken";
 import {DraxConfig} from "@drax/common-back";
 import IdentityConfig from "../config/IdentityConfig.js";
+import crypto from "crypto";
 
 class AuthUtils{
 
@@ -67,6 +68,16 @@ class AuthUtils{
 
         return token
     }
+
+    static generateHMAC(secret: string, apikey: string) {
+        // Crear un objeto HMAC utilizando el algoritmo SHA-256 y el secreto
+        const hmac = crypto.createHmac('sha256', secret);
+        // Actualizar el HMAC con la apikey
+        hmac.update(apikey);
+        // Generar el hash en formato hexadecimal
+        return hmac.digest('hex');
+    }
 }
 
 export default AuthUtils
+export {AuthUtils}

package/src/zod/UserApiKeyZod.ts

@@ -0,0 +1,15 @@
+import {array, object, string} from "zod"
+
+const userApiKeySchema = object({
+    name: string({ required_error: "validation.required" })
+        .min(1, "validation.required"),
+    ipv4: array(string().ip({version: "v4", message: 'validation.invalidIpv4'})),
+    ipv6: array(string().ip({version: "v6", message: 'validation.invalidIpv6'})),
+
+
+})
+
+
+export default userApiKeySchema
+
+export {userApiKeySchema}

package/test/data-obj/apikey/root-mongo-user-apikey.ts

@@ -0,0 +1,10 @@
+import user from "../users/root-mongo-user"
+
+const userApiKey = {
+  _id: "646a661e44c93567c23d8c22",
+  name: "root",
+  secret: "123",
+  user: user._id
+};
+
+export default userApiKey

package/test/data-obj/roles/admin-mongo-role.ts

@@ -1,6 +1,3 @@
-import {mongoose} from "@drax/common-back"
-import {IRole} from "../../../../identity-share/src/interfaces/IRole"
-
 
 const role = {
   _id: "646a661e44c93567c23d8d62",

package/test/initializers/RoleMongoInitializer.ts

@@ -13,3 +13,4 @@ class RoleMongoInitializer {
 }
 
 export default RoleMongoInitializer
+export {RoleMongoInitializer}

package/test/initializers/RoleSqliteInitializer.ts

@@ -16,3 +16,4 @@ async function RoleSqliteInitializer(): Promise<IRole> {
 }
 
 export default RoleSqliteInitializer
+export {RoleSqliteInitializer}

package/test/initializers/UserMongoInitializer.ts

@@ -0,0 +1,18 @@
+import UserService from "../../src/services/UserService";
+import {IUser} from "../../../identity-share/src/interfaces/IUser";
+import UserMongoRepository from "../../src/repository/mongo/UserMongoRepository";
+
+class UserMongoInitializer {
+
+    static async initRootUser(): Promise<IUser>{
+        const userService = new UserService(new UserMongoRepository())
+        let data = (await import("../data-obj/users/root-mongo-user")).default
+        let userCreated = await userService.create(data)
+        return userCreated
+    }
+}
+
+export default UserMongoInitializer
+export {
+    UserMongoInitializer
+}

package/test/repository/mongo/user-apikey-mongo-repository.test.ts

@@ -0,0 +1,73 @@
+import {before, after, describe, it, test} from "node:test"
+import assert, {equal} from "assert";
+import UserApiKeyMongoRepository from "../../../src/repository/mongo/UserApiKeyMongoRepository";
+import MongoInMemory from "../../db/MongoInMemory";
+import RoleMongoInitializer from "../../initializers/RoleMongoInitializer";
+import UserMongoInitializer from "../../initializers/UserMongoInitializer";
+import {IUserApiKey} from "../../../../identity-share/src/interfaces/IUserApiKey";
+import type {IDraxPaginateResult} from "@drax/common-share";
+import {mongoose, ValidationError} from "@drax/common-back";
+
+
+test.describe("UserApiKeyRepositoryTest", function () {
+
+    let userApiKeyRepository = new UserApiKeyMongoRepository()
+    let data
+    let adminRole
+    let rootUser
+
+    before(async () => {
+        await MongoInMemory.connect()
+        adminRole = await RoleMongoInitializer.initAdminRole()
+        rootUser = await UserMongoInitializer.initRootUser()
+
+        //console.log("BEFORE USER", MongoInMemory.mongooseStatus, MongoInMemory.serverStatus)
+        return
+    })
+
+    after(async () => {
+        await MongoInMemory.DropAndClose()
+        //console.log("AFTER USER", MongoInMemory.status, MongoInMemory.serverStatus)
+        return
+    })
+
+    test("Create mongo user apikey successfully", async function () {
+        data = (await import("../../data-obj/apikey/root-mongo-user-apikey")).default
+        let userApiKeyCreated = await userApiKeyRepository.create(data)
+        equal(userApiKeyCreated.name, data.name)
+    })
+
+    test("Find mongo user by ID successfully", async function () {
+        data = (await import("../../data-obj/apikey/root-mongo-user-apikey")).default
+        let userApiKeyFound = await userApiKeyRepository.findById(data._id)
+
+        equal(userApiKeyFound.name, data.name)
+    })
+
+    test("Find mongo user by secret successfully", async function () {
+        data = (await import("../../data-obj/apikey/root-mongo-user-apikey")).default
+        console.log("Data:",data)
+        let userApiKeyFound = await userApiKeyRepository.findBySecret(data.secret)
+        console.log("userApiKeyFound",userApiKeyFound)
+        equal(userApiKeyFound.secret, data.secret)
+    })
+
+
+    test("Update mongo user apikey successfully.", async function () {
+        data = (await import("../../data-obj/apikey/root-mongo-user-apikey")).default
+        data.name = "AdminUpdated"
+        let userUpdated: IUserApiKey = await userApiKeyRepository.update(data._id, data)
+        equal(userUpdated.name, userUpdated.name)
+    })
+
+
+    test("Paginate mongo users successfully.", async function () {
+        let paginateUsersApiKey: IDraxPaginateResult<IUserApiKey> = await userApiKeyRepository.paginate({
+            page: 1,
+            limit: 5
+        })
+        equal(paginateUsersApiKey.items.length, 1)
+        equal(paginateUsersApiKey.total, 1)
+        equal(paginateUsersApiKey.page, 1)
+    })
+})