@drax/identity-back 0.0.31 → 0.1.2

package/src/routes/UserApiKeyRoutes.ts

@@ -0,0 +1,128 @@
+import UserApiKeyServiceFactory from "../factory/UserApiKeyServiceFactory.js";
+import type {IUserApiKey} from "@drax/identity-share";
+import {ValidationError} from "@drax/common-back";
+import {IdentityPermissions} from "../permissions/IdentityPermissions.js";
+import UnauthorizedError from "../errors/UnauthorizedError.js";
+import {IDraxPaginateResult} from "@drax/common-share";
+
+
+async function UserApiKeyRoutes(fastify, options) {
+
+    fastify.get('/api/user-api-keys', async (request, reply): Promise<IDraxPaginateResult<IUserApiKey>> => {
+
+        try {
+            request.rbac.assertAuthenticated()
+
+            request.rbac.assertOrPermissions([
+                IdentityPermissions.ViewUserApiKey,
+                IdentityPermissions.ViewMyUserApiKey
+            ])
+
+            const filters = []
+
+            if(!request.rbac.hasPermission(IdentityPermissions.ViewUserApiKey)){
+                filters.push({field: "user", operator: "eq", value: request.rbac.authUser.id})
+            }
+
+            const page = request.query.page
+            const limit = request.query.limit
+            const orderBy = request.query.orderBy
+            const orderDesc = request.query.orderDesc
+            const search = request.query.search
+            const userApiKeyService = UserApiKeyServiceFactory()
+
+
+            let paginateResult = await userApiKeyService.paginate({page, limit, orderBy, orderDesc, search, filters})
+            return paginateResult
+        } catch (e) {
+            console.log("/api/user-api-keys",e)
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode
+                reply.send({error: e.message, inputErrors: e.errors})
+            } else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode
+                reply.send({error: e.message})
+            } else {
+                reply.statusCode = 500
+                reply.send({error: 'error.server'})
+            }
+        }
+    })
+
+    fastify.post('/api/user-api-keys', async (request, reply): Promise<IUserApiKey> => {
+        try {
+            request.rbac.assertPermission(IdentityPermissions.CreateUser)
+            const payload = request.body
+            payload.user = request.rbac.authUser.id
+
+            const userApiKeyService = UserApiKeyServiceFactory()
+
+            let userApiKey = await userApiKeyService.create(payload)
+            return userApiKey
+        } catch (e) {
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode
+                reply.send({error: e.message, inputErrors: e.errors})
+            } else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode
+                reply.send({error: e.message})
+            } else {
+                reply.statusCode = 500
+                reply.send({error: 'error.server'})
+            }
+        }
+
+    })
+
+    fastify.put('/api/user-api-keys/:id', async (request, reply): Promise<IUserApiKey> => {
+        try {
+            request.rbac.assertPermission(IdentityPermissions.UpdateUser)
+            const id = request.params.id
+            const payload = request.body
+            const userApiKeyService = UserApiKeyServiceFactory()
+            let userApiKey = await userApiKeyService.update(id, payload)
+            return userApiKey
+        } catch (e) {
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode
+                reply.send({error: e.message, inputErrors: e.errors})
+            }
+            if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode
+                reply.send({error: e.message})
+            } else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode
+                reply.send({error: e.message})
+            } else {
+                reply.statusCode = 500
+                reply.send({error: 'error.server'})
+            }
+        }
+    })
+
+    fastify.delete('/api/user-api-keys/:id', async (request, reply): Promise<any> => {
+        try {
+            request.rbac.assertPermission(IdentityPermissions.DeleteUser)
+            const id = request.params.id
+            const userApiKeyService = UserApiKeyServiceFactory()
+            let r = await userApiKeyService.delete(id)
+            return r
+        } catch (e) {
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode
+                reply.send({error: e.message, inputErrors: e.errors})
+            } else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode
+                reply.send({error: e.message})
+            } else {
+                reply.statusCode = 500
+                reply.send({error: 'error.server'})
+            }
+        }
+    })
+
+
+}
+
+export default UserApiKeyRoutes;
+export {UserApiKeyRoutes}

package/src/routes/UserRoutes.ts

@@ -32,6 +32,7 @@ async function UserRoutes(fastify, options) {
             if (request.authUser) {
                 const userService = UserServiceFactory()
                 let user = await userService.findById(request.authUser.id)
+                user.password = undefined
                 delete user.password
                 return user
             } else {
@@ -69,9 +70,12 @@ async function UserRoutes(fastify, options) {
                 filters.push({field: 'tenant', operator: '$eq', value: request.rbac.getAuthUser.tenantId})
             }
             let paginateResult = await userService.paginate({page, limit, orderBy, orderDesc, search, filters})
+            for(let item of paginateResult.items){
+                item.password = undefined
+                delete item.password
+            }
             return paginateResult
         } catch (e) {
-            console.log("/api/users",e)
             if (e instanceof ValidationError) {
                 reply.statusCode = e.statusCode
                 reply.send({error: e.message, inputErrors: e.errors})

package/src/services/TenantService.ts

@@ -21,6 +21,7 @@ class TenantService {
             const tenant = await this._repository.create(tenantData)
             return tenant
         } catch (e) {
+            console.error("Error creating tenant", e)
             if (e instanceof ZodError) {
                 throw ZodErrorToValidationError(e, tenantData)
             }
@@ -35,6 +36,7 @@ class TenantService {
             const tenant = await this._repository.update(id, tenantData)
             return tenant
         } catch (e) {
+            console.error("Error updating tenant", e)
             if (e instanceof ZodError) {
                 throw ZodErrorToValidationError(e, tenantData)
             }
@@ -43,35 +45,65 @@ class TenantService {
     }
 
     async delete(id: string): Promise<boolean> {
-        const currentTenant = await this.findById(id)
-        const deletedTenant = await this._repository.delete(id);
-        return deletedTenant;
+        try {
+            const deletedTenant = await this._repository.delete(id);
+            return deletedTenant;
+        } catch (e) {
+            console.error("Error deleting tenant", e)
+            throw e;
+        }
+
     }
 
     async findById(id: string): Promise<ITenant | null> {
-        const tenant: ITenant = await this._repository.findById(id);
-        return tenant
+        try {
+            const tenant: ITenant = await this._repository.findById(id);
+            return tenant
+        } catch (e) {
+            console.error("Error finding tenant by id", e)
+            throw e;
+        }
+
     }
 
     async findByName(name: string): Promise<ITenant | null> {
-        const tenant: ITenant = await this._repository.findByName(name);
-        return tenant
+        try {
+            const tenant: ITenant = await this._repository.findByName(name);
+            return tenant
+        } catch (e) {
+            console.error("Error finding tenant by name", e)
+            throw e;
+        }
+
     }
 
     async fetchAll(): Promise<ITenant[]> {
-        const tenants: ITenant[] = await this._repository.fetchAll();
-        return tenants
+        try {
+            const tenants: ITenant[] = await this._repository.fetchAll();
+            return tenants
+        } catch (e) {
+            console.error("Error fetching all tenants", e)
+            throw e;
+        }
+
     }
 
     async paginate({
-                       page= 1,
-                       limit= 5,
-                       orderBy= '',
-                       orderDesc= false,
-                       search= '',
-                       filters= []} : IDraxPaginateOptions): Promise<IDraxPaginateResult<ITenant>>{
-        const pagination = await this._repository.paginate({page, limit, orderBy, orderDesc, search, filters});
-        return pagination;
+                       page = 1,
+                       limit = 5,
+                       orderBy = '',
+                       orderDesc = false,
+                       search = '',
+                       filters = []
+                   }: IDraxPaginateOptions): Promise<IDraxPaginateResult<ITenant>> {
+        try {
+            const pagination = await this._repository.paginate({page, limit, orderBy, orderDesc, search, filters});
+            return pagination;
+        } catch (e) {
+            console.error("Error paginating tenants", e)
+            throw e;
+        }
+
     }
 
 

package/src/services/UserApiKeyService.ts

@@ -0,0 +1,111 @@
+import {IUserApiKeyRepository} from "../interfaces/IUserApiKeyRepository";
+import {DraxConfig, ValidationError, ZodErrorToValidationError} from "@drax/common-back"
+import {userApiKeySchema} from "../zod/UserApiKeyZod.js";
+import {ZodError} from "zod";
+import {IUserApiKeyBase, IUserApiKey} from "@drax/identity-share";
+import {IDraxPaginateOptions, IDraxPaginateResult} from "@drax/common-share";
+import crypto from "node:crypto";
+import AuthUtils from "../utils/AuthUtils.js";
+import IdentityConfig from "../config/IdentityConfig.js";
+
+class UserApiKeyService {
+
+    _repository: IUserApiKeyRepository
+
+    constructor(userApiKeyRepostitory: IUserApiKeyRepository) {
+        this._repository = userApiKeyRepostitory
+        console.log("UserApiKeyService constructor")
+    }
+
+    async create(userApiKeyData: IUserApiKeyBase): Promise<IUserApiKey> {
+        try {
+            userApiKeyData.name = userApiKeyData?.name?.trim()
+            const secret = crypto.randomUUID()
+            const APIKEY_SECRET = DraxConfig.getOrLoad(IdentityConfig.ApiKeySecret)
+            userApiKeyData.secret = AuthUtils.generateHMAC(APIKEY_SECRET, secret)
+            await userApiKeySchema.parseAsync(userApiKeyData)
+            const userApiKey = await this._repository.create(userApiKeyData)
+            userApiKey.secret = secret
+            return userApiKey
+        } catch (e) {
+            console.error("Error creating userApiKey", e)
+            if (e instanceof ZodError) {
+                throw ZodErrorToValidationError(e, userApiKeyData)
+            }
+            throw e
+        }
+    }
+
+    async update(id: string, userApiKeyData: IUserApiKeyBase) {
+        try {
+            userApiKeyData.name = userApiKeyData?.name?.trim()
+            delete userApiKeyData.secret
+            await userApiKeySchema.parseAsync(userApiKeyData)
+            const userApiKey = await this._repository.update(id, userApiKeyData)
+            return userApiKey
+        } catch (e) {
+            console.error("Error updating userApiKey", e)
+            if (e instanceof ZodError) {
+                throw ZodErrorToValidationError(e, userApiKeyData)
+            }
+            throw e
+        }
+    }
+
+    async delete(id: string): Promise<boolean> {
+        try {
+            const deletedUserApiKey = await this._repository.delete(id);
+            return deletedUserApiKey;
+        } catch (e) {
+            console.error("Error deleting userApiKey", e)
+            throw e
+        }
+
+    }
+
+    async findById(id: string): Promise<IUserApiKey | null> {
+        try{
+            const userApiKey: IUserApiKey = await this._repository.findById(id);
+            return userApiKey
+        }catch (e){
+            console.error("Error finding userApiKey by id", e)
+            throw e
+        }
+
+    }
+
+    async findBySecret(secret: string): Promise<IUserApiKey | null> {
+        try{
+            const APIKEY_SECRET = DraxConfig.getOrLoad(IdentityConfig.ApiKeySecret)
+            const hashedSecret = AuthUtils.generateHMAC(APIKEY_SECRET, secret)
+            const userApiKey: IUserApiKey = await this._repository.findBySecret(hashedSecret);
+            return userApiKey
+        }catch (e){
+            console.error("Error finding userApiKey by secret", e)
+            throw e
+        }
+
+    }
+
+
+    async paginate({
+                       page = 1,
+                       limit = 5,
+                       orderBy = '',
+                       orderDesc = false,
+                       search = '',
+                       filters = []
+                   }: IDraxPaginateOptions): Promise<IDraxPaginateResult<IUserApiKey>> {
+        try {
+            const pagination = await this._repository.paginate({page, limit, orderBy, orderDesc, search, filters});
+            return pagination;
+        } catch (e) {
+            console.error("Error paginating userApiKeys", e)
+            throw e
+        }
+    }
+
+
+}
+
+export default UserApiKeyService

package/src/services/UserService.ts

@@ -16,68 +16,68 @@ class UserService {
         console.log("UserService constructor")
     }
 
-    async auth(username : string, password : string){
+    async auth(username: string, password: string) {
         let user = null
-        console.log("auth username",username)
+        console.log("auth username", username)
         user = await this.findByUsername(username)
         if (user && user.active && AuthUtils.checkPassword(password, user.password)) {
             //TODO: Generar Sesion
             const session = '123'
             const accessToken = AuthUtils.generateToken(user.id.toString(), user.username, user.role.id, user.tenant?.id, session)
             return {accessToken: accessToken}
-        }else{
+        } else {
             throw new BadCredentialsError()
         }
     }
 
-    async changeUserPassword(userId : string, newPassword : string){
+    async changeUserPassword(userId: string, newPassword: string) {
         const user = await this.findById(userId)
-        if(user){
-            newPassword =  AuthUtils.hashPassword(newPassword)
+        if (user) {
+            newPassword = AuthUtils.hashPassword(newPassword)
             await this._repository.changePassword(userId, newPassword)
             return true
-        }else{
+        } else {
             throw new ValidationError([{field: 'userId', reason: 'validation.notFound'}])
         }
     }
 
 
-    async changeOwnPassword(userId : string, currentPassword : string, newPassword : string){
+    async changeOwnPassword(userId: string, currentPassword: string, newPassword: string) {
         const user = await this.findById(userId)
 
 
-        if(user && user.active){
+        if (user && user.active) {
 
-            if(currentPassword === newPassword){
+            if (currentPassword === newPassword) {
                 throw new ValidationError([{field: 'newPassword', reason: 'validation.password.currentDifferent'}])
             }
 
             if (AuthUtils.checkPassword(currentPassword, user.password)) {
-                newPassword =  AuthUtils.hashPassword(newPassword)
+                newPassword = AuthUtils.hashPassword(newPassword)
                 await this._repository.changePassword(userId, newPassword)
                 return true
-            }else{
+            } else {
                 throw new ValidationError([{field: 'currentPassword', reason: 'validation.notMatch'}])
             }
 
-        }else{
+        } else {
             throw new BadCredentialsError()
         }
     }
 
-    async changeAvatar(userId : string, avatar: string){
+    async changeAvatar(userId: string, avatar: string) {
         const user = await this.findById(userId)
-        if(user && user.active){
-                await this._repository.changeAvatar(userId, avatar)
-                return true
-        }else{
+        if (user && user.active) {
+            await this._repository.changeAvatar(userId, avatar)
+            return true
+        } else {
             throw new BadCredentialsError()
         }
     }
 
 
     async create(userData: IUserCreate): Promise<IUser> {
-        try{
+        try {
             userData.name = userData?.name?.trim()
             userData.username = userData.username.trim()
             userData.password = userData.password.trim()
@@ -89,9 +89,10 @@ class UserService {
 
             const user: IUser = await this._repository.create(userData)
             return user
-        }catch (e){
-            if(e instanceof ZodError){
-                throw ZodErrorToValidationError(e,userData)
+        } catch (e) {
+            console.error("Error creating user", e)
+            if (e instanceof ZodError) {
+                throw ZodErrorToValidationError(e, userData)
             }
             throw e
         }
@@ -100,50 +101,75 @@ class UserService {
     }
 
     async update(id: string, userData: IUserUpdate) {
-        try{
-        userData.name = userData.name.trim()
-        userData.username = userData.username.trim()
-        delete userData.password
-        userData.tenant = userData.tenant === "" ? null : userData.tenant
+        try {
+            userData.name = userData.name.trim()
+            userData.username = userData.username.trim()
+            delete userData.password
+            userData.tenant = userData.tenant === "" ? null : userData.tenant
 
-        await editUserSchema.parseAsync(userData)
+            await editUserSchema.parseAsync(userData)
 
 
-        const user: IUser = await this._repository.update(id, userData)
-        return user
-        }catch (e){
-            if(e instanceof ZodError){
-                throw ZodErrorToValidationError(e,userData)
+            const user: IUser = await this._repository.update(id, userData)
+            return user
+        } catch (e) {
+            console.error("Error updating user", e)
+            if (e instanceof ZodError) {
+                throw ZodErrorToValidationError(e, userData)
             }
             throw e
         }
     }
 
     async delete(id: string): Promise<boolean> {
-        const deletedRole: boolean = await this._repository.delete(id);
-        return deletedRole;
+        try {
+            const deletedRole: boolean = await this._repository.delete(id);
+            return deletedRole;
+        } catch (e) {
+            console.error("Error deleting user", e)
+            throw e
+        }
+
     }
 
     async findById(id: string): Promise<IUser> {
-        const user: IUser = await this._repository.findById(id);
-        return user
+        try {
+            const user: IUser = await this._repository.findById(id);
+            return user
+        } catch (e) {
+            console.error("Error finding user by id", e)
+            throw e
+        }
+
     }
 
     async findByUsername(username: string): Promise<IUser | null> {
-        const user: IUser = await this._repository.findByUsername(username);
-        return user
+        try {
+            const user: IUser = await this._repository.findByUsername(username);
+            return user
+        } catch (e) {
+            console.error("Error finding user by username", e)
+            throw e
+        }
+
     }
 
     async paginate({
-                       page= 1,
-                       limit= 5,
-                       orderBy= '',
-                       orderDesc= false,
-                       search= '',
-                       filters= []} : IDraxPaginateOptions): Promise<IDraxPaginateResult<IUser>>{
-
-        const pagination = await this._repository.paginate( {page, limit, orderBy, orderDesc, search, filters});
-        return pagination;
+                       page = 1,
+                       limit = 5,
+                       orderBy = '',
+                       orderDesc = false,
+                       search = '',
+                       filters = []
+                   }: IDraxPaginateOptions): Promise<IDraxPaginateResult<IUser>> {
+        try {
+            const pagination = await this._repository.paginate({page, limit, orderBy, orderDesc, search, filters});
+            return pagination;
+        } catch (e) {
+            console.error("Error paginating users", e)
+            throw e;
+        }
+
     }
 }
 

package/src/setup/LoadIdentityConfigFromEnv.ts

@@ -2,12 +2,14 @@ import {DraxConfig} from "@drax/common-back";
 import IdentityConfig from "../config/IdentityConfig.js";
 
 function LoadIdentityConfigFromEnv() {
-    DraxConfig.set(IdentityConfig.DbEngine, process.env[IdentityConfig.DbEngine])
-    DraxConfig.set(IdentityConfig.SqliteDbFile, process.env[IdentityConfig.SqliteDbFile])
-    DraxConfig.set(IdentityConfig.MongoDbUri, process.env[IdentityConfig.MongoDbUri])
+
     DraxConfig.set(IdentityConfig.JwtSecret, process.env[IdentityConfig.JwtSecret])
     DraxConfig.set(IdentityConfig.JwtExpiration, process.env[IdentityConfig.JwtExpiration])
     DraxConfig.set(IdentityConfig.JwtIssuer, process.env[IdentityConfig.JwtIssuer])
+    DraxConfig.set(IdentityConfig.ApiKeySecret, process.env[IdentityConfig.ApiKeySecret])
+
+    DraxConfig.set(IdentityConfig.RbacCacheTTL, process.env[IdentityConfig.RbacCacheTTL])
+    DraxConfig.set(IdentityConfig.AvatarDir, process.env[IdentityConfig.AvatarDir])
 }
 
 export default LoadIdentityConfigFromEnv

package/src/utils/AuthUtils.ts

@@ -2,6 +2,7 @@ import bcryptjs from "bcryptjs";
 import jsonwebtoken, {SignOptions, VerifyOptions} from "jsonwebtoken";
 import {DraxConfig} from "@drax/common-back";
 import IdentityConfig from "../config/IdentityConfig.js";
+import crypto from "crypto";
 
 class AuthUtils{
 
@@ -67,6 +68,16 @@ class AuthUtils{
 
         return token
     }
+
+    static generateHMAC(secret: string, apikey: string) {
+        // Crear un objeto HMAC utilizando el algoritmo SHA-256 y el secreto
+        const hmac = crypto.createHmac('sha256', secret);
+        // Actualizar el HMAC con la apikey
+        hmac.update(apikey);
+        // Generar el hash en formato hexadecimal
+        return hmac.digest('hex');
+    }
 }
 
 export default AuthUtils
+export {AuthUtils}

package/src/zod/UserApiKeyZod.ts

@@ -0,0 +1,15 @@
+import {array, object, string} from "zod"
+
+const userApiKeySchema = object({
+    name: string({ required_error: "validation.required" })
+        .min(1, "validation.required"),
+    ipv4: array(string().ip({version: "v4", message: 'validation.invalidIpv4'})),
+    ipv6: array(string().ip({version: "v6", message: 'validation.invalidIpv6'})),
+
+
+})
+
+
+export default userApiKeySchema
+
+export {userApiKeySchema}

package/test/data-obj/apikey/root-mongo-user-apikey.ts

@@ -0,0 +1,10 @@
+import user from "../users/root-mongo-user"
+
+const userApiKey = {
+  _id: "646a661e44c93567c23d8c22",
+  name: "root",
+  secret: "123",
+  user: user._id
+};
+
+export default userApiKey

package/test/data-obj/roles/admin-mongo-role.ts

@@ -1,6 +1,3 @@
-import {mongoose} from "@drax/common-back"
-import {IRole} from "../../../../identity-share/src/interfaces/IRole"
-
 
 const role = {
   _id: "646a661e44c93567c23d8d62",

package/test/initializers/RoleMongoInitializer.ts

@@ -13,3 +13,4 @@ class RoleMongoInitializer {
 }
 
 export default RoleMongoInitializer
+export {RoleMongoInitializer}

package/test/initializers/RoleSqliteInitializer.ts

@@ -16,3 +16,4 @@ async function RoleSqliteInitializer(): Promise<IRole> {
 }
 
 export default RoleSqliteInitializer
+export {RoleSqliteInitializer}

package/test/initializers/UserMongoInitializer.ts

@@ -0,0 +1,18 @@
+import UserService from "../../src/services/UserService";
+import {IUser} from "../../../identity-share/src/interfaces/IUser";
+import UserMongoRepository from "../../src/repository/mongo/UserMongoRepository";
+
+class UserMongoInitializer {
+
+    static async initRootUser(): Promise<IUser>{
+        const userService = new UserService(new UserMongoRepository())
+        let data = (await import("../data-obj/users/root-mongo-user")).default
+        let userCreated = await userService.create(data)
+        return userCreated
+    }
+}
+
+export default UserMongoInitializer
+export {
+    UserMongoInitializer
+}