@entity-access/server-pages 1.1.548 → 1.1.552

package/src/services/AuthorizationService.ts

@@ -0,0 +1,73 @@
+import { RegisterSingleton, ServiceProvider } from "@entity-access/entity-access/dist/di/di.js";
+import { SessionUser } from "../core/SessionUser.js";
+import DateTime from "@entity-access/entity-access/dist/types/DateTime.js";
+import type { IAuthorizationCookie } from "./IAuthorizationCookie.js";
+import type { SerializeOptions } from "cookie";
+import KeyProvider from "./KeyProvider.js";
+import { privateDecrypt, publicEncrypt } from "node:crypto";
+
+const secure = (process.env["SOCIAL_MAIL_AUTH_COOKIE_SECURE"] ?? "true") === "true";
+
+export interface ICookie {
+    name: string,
+    value: string,
+    options?: SerializeOptions
+}
+@RegisterSingleton
+export default class AuthorizationService {
+
+    authCookieName = "ec-1";
+    keyProvider: any;
+
+    async authorizeRequest(user: SessionUser, { ip, cookies }: { ip: string, cookies: Record<string, string>}) {
+        const cookie = cookies[this.authCookieName];
+        if (!cookie) {
+            return;
+        }
+        await this.loadUserSessionFromCookie(cookie, user);
+    }
+
+    async loadUserSessionFromCookie(cookie: string, user: SessionUser) {
+        const sessionID = await this.decode(cookie);
+        user.sessionID = sessionID;
+        // load session... 
+        await this.loadSession(sessionID, user);
+        (user as any).isAuthorized = true;
+    }
+
+    async loadSession(sessionID, user: SessionUser): Promise<void> {
+        user.userID = sessionID;
+    }
+
+    async setAuthCookie(user: SessionUser, authCookie: IAuthorizationCookie): Promise<ICookie> {
+
+        const maxAge = ((authCookie?.expiry ?  DateTime.from(authCookie.expiry) : null) ?? DateTime.now.addDays(30)).diff(DateTime.now).totalMilliseconds;
+        const name = this.authCookieName;
+        const value = await this.encode(authCookie?.sessionID ?? authCookie?.userID ?? "0");
+        const options = {
+            secure,
+            httpOnly: true,
+            maxAge
+        };
+        return { name, value, options };
+    }
+
+    async decode(cookie: string) {
+        this.keyProvider ??= ServiceProvider.resolve(this, KeyProvider, true) ?? new KeyProvider();
+        const keys = await this.keyProvider.getKeys();
+        const[id, value] = cookie.split(":")
+        for (const key of keys) {
+            if(key.id == id) {
+                return privateDecrypt(key.privateKey, value) as any as number;
+            }
+        }
+        throw new Error("no suitable key found");
+    }
+
+    async encode(sessionID) {
+        this.keyProvider ??= ServiceProvider.resolve(this, KeyProvider, true) ?? new KeyProvider();
+        const [key] = await this.keyProvider.getKeys();
+        return key.id + ":" + publicEncrypt(key.publicKey, sessionID.toString()).toString("base64url");
+    }
+
+}

package/src/services/CookieService.ts

@@ -1,157 +1,89 @@
-import Inject, { RegisterScoped, RegisterSingleton, ServiceProvider } from "@entity-access/entity-access/dist/di/di.js";
-import TokenService, { IAuthCookie } from "./TokenService.js";
-import TimedCache from "@entity-access/entity-access/dist/common/cache/TimedCache.js";
-import { BaseDriver } from "@entity-access/entity-access/dist/drivers/base/BaseDriver.js";
-import cluster from "cluster";
-import { SessionUser } from "../core/SessionUser.js";
-import UserSessionProvider from "./UserSessionProvider.js";
-import { WrappedResponse } from "../core/Wrapped.js";
-
-/**
- * This will track userID,cookie pair so we can
- * clear the logged in user's file permissions
- */
-const userCookies = new Map<number,string>();
-const sessionCache = new TimedCache<string, Partial<SessionUser>>();
-
-let cookieName = null;
-
-const tagForCache = Symbol("tagForCache");
-
-const cacheFR = new FinalizationRegistry<number>((heldValue) => {
-    userCookies.delete(heldValue);
-});
-
-const clearCache = (userID, broadcast = true) => {
-    const cookie = userCookies.get(userID);
-    if (cookie) {
-        sessionCache.delete(cookie);
-    }
-    if (!broadcast) {
-        return;
-    }
-    const clearMessage = {
-        type: "cookie-service-clear-cache",
-        userID
-    };
-    if (cluster.isWorker) {
-        process.send(clearMessage);
-    } else {
-        if(cluster.workers) {
-            for (const key in cluster.workers) {
-                if (Object.prototype.hasOwnProperty.call(cluster.workers, key)) {
-                    const element = cluster.workers[key];
-                    element.send(clearMessage);
-                }
-            }
-        }
-    }
-};
-
-process.on("message", (msg: any) => {
-    if (msg.type === "cookie-service-clear-cache") {
-        clearCache(msg.userID, false);
-    }
-});
-
-@RegisterScoped
-export default class CookieService {
-
-    @Inject
-    private tokenService: TokenService;
-
-    public clearCache = clearCache;
-
-    async createSessionUserFromCookie(cookie: string, ip: string) {
-        const user = ServiceProvider.resolve(this, SessionUser);
-        const ua = user as any;
-        ua.isAuthorized = true;
-        const value = null;
-        const userID = { value, enumerable: true, writable: true};
-        const sessionID = userID;
-        const userName = userID;
-        const expiry = userID;
-        Object.defineProperties(ua, {
-            authorize: {
-                value: () => null
-            },
-            sessionID,
-            userID,
-            userName,
-            expiry,
-            roles: {
-                value: [],
-                enumerable: true,
-                writable: true
-            }
-        });
-        try {
-            user.ipAddress = ip;
-            if (cookie) {
-                const userInfo = await this.getVerifiedUser(cookie);
-                if (userInfo?.sessionID) {
-                    (user as any).sessionID = userInfo.sessionID;
-                }
-                if (userInfo?.userID) {
-                    user[tagForCache] = userInfo;
-                    for (const key in userInfo) {
-                        if (Object.prototype.hasOwnProperty.call(userInfo, key)) {
-                            const element = userInfo[key];
-                            user[key] = element;
-                        }
-                    }
-                }
-            }
-            return user;
-        } catch (error) {
-            console.error(error);
-            return user;
-        }
-    }
-
-    private getVerifiedUser(cookie: string): Promise<Partial<SessionUser>> {
-
-        return sessionCache.getOrCreateAsync(cookie, async (k) => {
-
-            const parsedCookie = JSON.parse(cookie) as IAuthCookie;
-            if (!parsedCookie.id) {
-                return {};
-            }
-
-            if (typeof parsedCookie.expiry === "string") {
-                parsedCookie.expiry = new Date(parsedCookie.expiry);
-            }
-
-            if(!await this.tokenService.verifyContent(parsedCookie, false)) {
-                console.warn(`Cookie Verification failed for ${parsedCookie.id}: ${parsedCookie.userID}`);
-                return {};
-            }
-
-            if (!parsedCookie.active) {
-                return {
-                    sessionID: parsedCookie.id
-                };
-            }
-
-            const r = await this.createUserInfo(cookie, parsedCookie);
-            return r;
-        });
-    }
-
-    private async createUserInfo(cookie: string, parsedCookie: IAuthCookie) {
-        const usp = ServiceProvider.resolve(this, UserSessionProvider, true) ?? new UserSessionProvider();
-        const r = await usp.getUserSession(parsedCookie);
-        if (r === null) {
-            console.warn(`Failed to get userSession for ${parsedCookie.id}: ${parsedCookie.userID}`);
-            return {};
-        }
-        if (r.expiry.getTime() < Date.now() || r.invalid) {
-            console.warn(`Session expired for ${parsedCookie.id}: ${parsedCookie.userID}`);
-            return {};
-        }
-        cacheFR.register(r, r.userID);
-        userCookies.set(r.userID, cookie);
-        return r;
-    }
-
-}
+// import Inject, { RegisterScoped, RegisterSingleton, ServiceProvider } from "@entity-access/entity-access/dist/di/di.js";
+// import TokenService, { IAuthCookie } from "./TokenService.js";
+// import TimedCache from "@entity-access/entity-access/dist/common/cache/TimedCache.js";
+// import { BaseDriver } from "@entity-access/entity-access/dist/drivers/base/BaseDriver.js";
+// import cluster from "cluster";
+// import { SessionUser } from "../core/SessionUser.js";
+// import UserSessionProvider from "./UserSessionProvider.js";
+// import { WrappedResponse } from "../core/Wrapped.js";
+
+// let cookieName = null;
+
+// @RegisterScoped
+// export default class CookieService {
+
+//     @Inject
+//     private tokenService: TokenService;
+
+//     async createSessionUserFromCookie(cookie: string, ip: string) {
+//         const user = ServiceProvider.resolve(this, SessionUser);
+//         const ua = user as any;
+//         ua.isAuthorized = true;
+//         const value = null;
+//         const userID = { value, enumerable: true, writable: true};
+//         const sessionID = userID;
+//         const userName = userID;
+//         const expiry = userID;
+//         Object.defineProperties(ua, {
+//             authorize: {
+//                 value: () => null
+//             },
+//             sessionID,
+//             userID,
+//             userName,
+//             expiry,
+//             roles: {
+//                 value: [],
+//                 enumerable: true,
+//                 writable: true
+//             }
+//         });
+//         try {
+//             user.ipAddress = ip;
+//             if (cookie) {
+//                 const userInfo = await this.getVerifiedUser(cookie);
+//                 if (userInfo?.sessionID) {
+//                     (user as any).sessionID = userInfo.sessionID;
+//                 }
+//                 if (userInfo?.userID) {
+//                     for (const key in userInfo) {
+//                         if (Object.prototype.hasOwnProperty.call(userInfo, key)) {
+//                             const element = userInfo[key];
+//                             user[key] = element;
+//                         }
+//                     }
+//                 }
+//             }
+//             return user;
+//         } catch (error) {
+//             console.error(error);
+//             return user;
+//         }
+//     }
+
+//     private getVerifiedUser(cookie: string): Promise<Partial<SessionUser>> {
+
+//         return sessionCache.getOrCreateAsync(cookie, async (k) => {
+//             const parsedCookie = await this.tokenService.decryptContent(cookie);
+//             const r = await this.createUserInfo(cookie, parsedCookie);
+//             return r;
+//         });
+//     }
+
+//     private async createUserInfo(cookie: string, parsedCookie: IAuthCookie) {
+//         const usp = ServiceProvider.resolve(this, UserSessionProvider, true) ?? new UserSessionProvider();
+//         const r = await usp.getUserSession(parsedCookie);
+//         if (r === null) {
+//             console.warn(`Failed to get userSession for ${parsedCookie.id}: ${parsedCookie.userID}`);
+//             return {};
+//         }
+//         if (r.expiry.getTime() < Date.now() || r.invalid) {
+//             console.warn(`Session expired for ${parsedCookie.id}: ${parsedCookie.userID}`);
+//             return {};
+//         }
+//         cacheFR.register(r, r.userID);
+//         userCookies.set(r.userID, cookie);
+//         return r;
+//     }
+
+// }

package/src/services/IAuthKey.ts

@@ -0,0 +1,7 @@
+import DateTime from "@entity-access/entity-access/dist/types/DateTime.js";
+
+export interface IAuthKey {
+    publicKey: string,
+    privateKey: string,
+    expires: DateTime
+}

package/src/services/IAuthorizationCookie.ts

@@ -1,7 +1,5 @@
 export interface IAuthorizationCookie {
-    id: number;
-    userID: number;
+    sessionID: number;
+    userID: any;
     expiry: Date;
-    version: string;
-    active?: boolean;
 }

package/src/services/KeyProvider.ts

@@ -5,6 +5,7 @@ import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
 import { join } from "node:path";
 
 export interface IAuthKey {
+    id: number,
     publicKey: string,
     privateKey: string,
     expires: DateTime
@@ -51,6 +52,7 @@ export default class KeyProvider {
             },
                (error, publicKey, privateKey) => {
                 resolve({
+                    id: 1,
                     publicKey,
                     privateKey,
                     expires

package/src/socket/SocketService.ts

@@ -1,23 +1,15 @@
 /* eslint-disable no-console */
-import Inject, { RegisterSingleton, ServiceProvider, injectServiceKeysSymbol } from "@entity-access/entity-access/dist/di/di.js";
-import { Http2SecureServer } from "http2";
-import { Server as HttpServer } from "http";
-import { Server as HttpsServer } from "https";
+import { ServiceProvider, injectServiceKeysSymbol } from "@entity-access/entity-access/dist/di/di.js";
 import { parse } from "cookie";
 
 import { Server, Socket } from "socket.io";
-import CookieService from "../services/CookieService.js";
-import TokenService from "../services/TokenService.js";
 import SocketNamespace, { SocketNamespaceClient } from "./SocketNamespace.js";
 import { camelToChain } from "../core/camelToChain.js";
-import AuthenticationService from "../services/AuthenticationService.js";
+import AuthorizationService from "../services/AuthorizationService.js";
 import { SessionUser } from "../core/SessionUser.js";
 
 export default abstract class SocketService {
 
-    @Inject
-    private tokenService: TokenService;
-
     protected server: Server;
 
     constructor() {
@@ -70,11 +62,11 @@ export default abstract class SocketService {
             socket.onAny(async (methodName, ... args: any[]) => {
                 const cookies = parse(socket.request.headers.cookie);
                 const scope = ServiceProvider.createScope(this);
-                const authService = ServiceProvider.resolve(this, AuthenticationService);
+                const authService = ServiceProvider.resolve(this, AuthorizationService);
                 try {
                     const user = scope.resolve(SessionUser);
                     const ip = socket.conn.remoteAddress;
-                    await authService.authorize(user, { ip, cookies });
+                    await authService.authorizeRequest(user, { ip, cookies });
                     scope.add(Socket, socket);
                     const clientClass = sns.clientClass ?? SocketNamespaceClient;
                     let c = scope.resolve(clientClass, true);

package/dist/services/AuthenticationService.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthenticationService.d.ts","sourceRoot":"","sources":["../../src/services/AuthenticationService.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAIrD,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAC;AAI/C,MAAM,WAAW,OAAO;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,gBAAgB,CAAA;CAC7B;AAED,MAAM,CAAC,OAAO,OAAO,qBAAqB;IAEhC,SAAS,CAAC,IAAI,EAAE,WAAW,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAAC;IAS5F,aAAa,CAAC,IAAI,EAAE,WAAW,EAAE,UAAU,EAAE,oBAAoB,GAAG,OAAO,CAAC,OAAO,CAAC;CAgB7F"}

package/dist/services/AuthenticationService.js

@@ -1,40 +0,0 @@
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-import { RegisterSingleton, ServiceProvider } from "@entity-access/entity-access/dist/di/di.js";
-import CookieService from "./CookieService.js";
-import TokenService from "./TokenService.js";
-import DateTime from "@entity-access/entity-access/dist/types/DateTime.js";
-const secure = (process.env["SOCIAL_MAIL_AUTH_COOKIE_SECURE"] ?? "true") === "true";
-let AuthenticationService = class AuthenticationService {
-    async authorize(user, { ip, cookies }) {
-        const scope = ServiceProvider.from(user);
-        const cookieService = scope.resolve(CookieService);
-        const tokenService = scope.resolve(TokenService);
-        const cookie = cookies[tokenService.authCookieName];
-        await cookieService.createSessionUserFromCookie(cookie, ip);
-        user.isAuthorized = true;
-    }
-    async setAuthCookie(user, authCookie) {
-        const scope = ServiceProvider.from(user);
-        const tokenService = scope.resolve(TokenService);
-        const cookie = await tokenService.getAuthToken(authCookie);
-        const maxAge = ((authCookie?.expiry ? DateTime.from(authCookie.expiry) : null) ?? DateTime.now.addDays(30)).diff(DateTime.now).totalMilliseconds;
-        const name = cookie.cookieName;
-        const value = cookie.cookie;
-        const options = {
-            secure,
-            httpOnly: true,
-            maxAge
-        };
-        return { name, value, options };
-    }
-};
-AuthenticationService = __decorate([
-    RegisterSingleton
-], AuthenticationService);
-export default AuthenticationService;
-//# sourceMappingURL=AuthenticationService.js.map

package/dist/services/AuthenticationService.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthenticationService.js","sourceRoot":"","sources":["../../src/services/AuthenticationService.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,4CAA4C,CAAC;AAEhG,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,YAAY,MAAM,mBAAmB,CAAC;AAC7C,OAAO,QAAQ,MAAM,qDAAqD,CAAC;AAI3E,MAAM,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,IAAI,MAAM,CAAC,KAAK,MAAM,CAAC;AAQrE,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAEtC,KAAK,CAAC,SAAS,CAAC,IAAiB,EAAE,EAAE,EAAE,EAAE,OAAO,EAAkD;QAC9F,MAAM,KAAK,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QACnD,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QACjD,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC;QACpD,MAAM,aAAa,CAAC,2BAA2B,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAC3D,IAAY,CAAC,YAAY,GAAG,IAAI,CAAC;IACtC,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,IAAiB,EAAE,UAAgC;QAEnE,MAAM,KAAK,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QACjD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAG,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAE,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,iBAAiB,CAAC;QAClJ,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC;QAC/B,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5B,MAAM,OAAO,GAAG;YACZ,MAAM;YACN,QAAQ,EAAE,IAAI;YACd,MAAM;SACT,CAAC;QACF,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;IACpC,CAAC;CAEJ,CAAA;AA3BoB,qBAAqB;IADzC,iBAAiB;GACG,qBAAqB,CA2BzC;eA3BoB,qBAAqB"}

package/dist/services/TokenService.d.ts

@@ -1,31 +0,0 @@
-import DateTime from "@entity-access/entity-access/dist/types/DateTime.js";
-export interface IAuthCookie {
-    id: number;
-    userID: number;
-    expiry: Date;
-    sign: string;
-    version: string;
-    active?: boolean;
-}
-export interface IAuthKey {
-    publicKey: string;
-    privateKey: string;
-    expires: DateTime;
-}
-export type ISignedContent<T> = T & {
-    sign: string;
-};
-export default class TokenService {
-    authCookieName: string;
-    shareCookieName: string;
-    private keyProvider;
-    getAuthToken(authCookie: Omit<IAuthCookie, "sign">): Promise<{
-        cookieName: string;
-        cookie: string;
-    }>;
-    signContent<T>(content: T): Promise<ISignedContent<T>>;
-    verifyContent<T>(content: ISignedContent<T>, fail?: boolean): Promise<boolean>;
-    verify(content: string | Buffer, signature: string, key: IAuthKey, fail?: boolean): boolean;
-    private sign;
-}
-//# sourceMappingURL=TokenService.d.ts.map

package/dist/services/TokenService.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"TokenService.d.ts","sourceRoot":"","sources":["../../src/services/TokenService.ts"],"names":[],"mappings":"AACA,OAAO,QAAQ,MAAM,qDAAqD,CAAC;AAM3E,MAAM,WAAW,WAAW;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,IAAI,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,QAAQ;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,QAAQ,CAAA;CACpB;AAED,MAAM,MAAM,cAAc,CAAC,CAAC,IAAI,CAAC,GAAG;IAChC,IAAI,EAAE,MAAM,CAAC;CAChB,CAAC;AAGF,MAAM,CAAC,OAAO,OAAO,YAAY;IAEtB,cAAc,SAAW;IAEzB,eAAe,SAAY;IAElC,OAAO,CAAC,WAAW,CAAc;IAEpB,YAAY,CAAC,UAAU,EAAE,IAAI,CAAC,WAAW,EAAE,MAAM,CAAC,GAAG,OAAO,CAAC;QAAE,UAAU,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAC,CAAC;IAKnG,WAAW,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IAOtD,aAAa,CAAC,CAAC,EAAE,OAAO,EAAE,cAAc,CAAC,CAAC,CAAC,EAAE,IAAI,UAAO;IAc9D,MAAM,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,UAAO;IAYrF,OAAO,CAAC,IAAI;CAOf"}

package/dist/services/TokenService.js

@@ -1,60 +0,0 @@
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-import { RegisterSingleton, ServiceProvider } from "@entity-access/entity-access/dist/di/di.js";
-import { createSign, createVerify } from "node:crypto";
-import KeyProvider from "./KeyProvider.js";
-let TokenService = class TokenService {
-    constructor() {
-        this.authCookieName = "ea-c1";
-        this.shareCookieName = "ea-ca1";
-    }
-    async getAuthToken(authCookie) {
-        const cookie = await this.signContent(authCookie);
-        return { cookieName: this.authCookieName, cookie: JSON.stringify(cookie) };
-    }
-    async signContent(content) {
-        this.keyProvider ??= ServiceProvider.resolve(this, KeyProvider, true) ?? new KeyProvider();
-        const [key] = await this.keyProvider.getKeys();
-        const sign = this.sign(JSON.stringify(content), key);
-        return { ...content, sign };
-    }
-    async verifyContent(content, fail = true) {
-        this.keyProvider ??= ServiceProvider.resolve(this, KeyProvider, true) ?? new KeyProvider();
-        const { sign, ...c } = content;
-        const keys = await this.keyProvider.getKeys();
-        for (const iterator of keys) {
-            if (this.verify(JSON.stringify(c), sign, iterator, false)) {
-                return true;
-            }
-        }
-        if (fail) {
-            throw new Error("Signature verification failed");
-        }
-    }
-    verify(content, signature, key, fail = true) {
-        const verify = createVerify("SHA256");
-        verify.write(content);
-        verify.end();
-        if (verify.verify(key.publicKey, signature, "hex")) {
-            return true;
-        }
-        if (fail) {
-            throw new Error("Invalid signature");
-        }
-    }
-    sign(content, key) {
-        const sign = createSign("SHA256");
-        sign.write(content);
-        sign.end();
-        return sign.sign(key.privateKey, "hex");
-    }
-};
-TokenService = __decorate([
-    RegisterSingleton
-], TokenService);
-export default TokenService;
-//# sourceMappingURL=TokenService.js.map

package/dist/services/TokenService.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"TokenService.js","sourceRoot":"","sources":["../../src/services/TokenService.ts"],"names":[],"mappings":";;;;;;AAAA,OAAe,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,4CAA4C,CAAC;AAExG,OAAO,EAAE,UAAU,EAAE,YAAY,EAAmB,MAAM,aAAa,CAAC;AAGxE,OAAO,WAAW,MAAM,kBAAkB,CAAC;AAsB5B,IAAM,YAAY,GAAlB,MAAM,YAAY;IAAlB;QAEJ,mBAAc,GAAG,OAAO,CAAC;QAEzB,oBAAe,GAAG,QAAQ,CAAC;IAiDtC,CAAC;IA7CU,KAAK,CAAC,YAAY,CAAC,UAAqC;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QAClD,OAAO,EAAE,UAAU,EAAE,IAAI,CAAC,cAAc,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;IAC/E,CAAC;IAEM,KAAK,CAAC,WAAW,CAAI,OAAU;QAClC,IAAI,CAAC,WAAW,KAAK,eAAe,CAAC,OAAO,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,IAAI,IAAI,WAAW,EAAE,CAAC;QAC3F,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;QAC/C,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC;QACrD,OAAO,EAAE,GAAI,OAAO,EAAE,IAAI,EAAC,CAAC;IAChC,CAAC;IAEM,KAAK,CAAC,aAAa,CAAI,OAA0B,EAAE,IAAI,GAAG,IAAI;QACjE,IAAI,CAAC,WAAW,KAAK,eAAe,CAAC,OAAO,CAAC,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,IAAI,IAAI,WAAW,EAAE,CAAC;QAC3F,MAAM,EAAE,IAAI,EAAG,GAAI,CAAC,EAAE,GAAG,OAAO,CAAC;QACjC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;QAC9C,KAAK,MAAM,QAAQ,IAAI,IAAI,EAAE,CAAC;YAC1B,IAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,EAAE,CAAC;gBACvD,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACrD,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,OAAwB,EAAE,SAAiB,EAAE,GAAa,EAAE,IAAI,GAAG,IAAI;QACjF,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtB,MAAM,CAAC,GAAG,EAAE,CAAC;QACb,IAAG,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,SAAS,EAAE,KAAK,CAAC,EAAE,CAAC;YAChD,OAAO,IAAI,CAAC;QAChB,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACzC,CAAC;IACL,CAAC;IAEO,IAAI,CAAC,OAAe,EAAE,GAAa;QACvC,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACpB,IAAI,CAAC,GAAG,EAAE,CAAC;QACX,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;IAC5C,CAAC;CAEJ,CAAA;AArDoB,YAAY;IADhC,iBAAiB;GACG,YAAY,CAqDhC;eArDoB,YAAY"}

package/dist/services/UserSessionProvider.d.ts

@@ -1,6 +0,0 @@
-import { SessionUser } from "../core/SessionUser.js";
-import { IAuthCookie } from "./TokenService.js";
-export default class UserSessionProvider {
-    getUserSession({ userID, id: sessionID, expiry }: IAuthCookie): Promise<Partial<SessionUser>>;
-}
-//# sourceMappingURL=UserSessionProvider.d.ts.map

package/dist/services/UserSessionProvider.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserSessionProvider.d.ts","sourceRoot":"","sources":["../../src/services/UserSessionProvider.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAErD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAEhD,MAAM,CAAC,OAAO,OAAO,mBAAmB;IAE9B,cAAc,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,EAAC,EAAE,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;CAQrG"}

package/dist/services/UserSessionProvider.js

@@ -1,10 +0,0 @@
-export default class UserSessionProvider {
-    async getUserSession({ userID, id: sessionID, expiry }) {
-        return {
-            sessionID,
-            userID,
-            expiry
-        };
-    }
-}
-//# sourceMappingURL=UserSessionProvider.js.map

package/dist/services/UserSessionProvider.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"UserSessionProvider.js","sourceRoot":"","sources":["../../src/services/UserSessionProvider.ts"],"names":[],"mappings":"AAKA,MAAM,CAAC,OAAO,OAAO,mBAAmB;IAEpC,KAAK,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,EAAc;QAC9D,OAAO;YACH,SAAS;YACT,MAAM;YACN,MAAM;SACT,CAAA;IACL,CAAC;CAEJ"}

package/src/services/AuthenticationService.ts

@@ -1,44 +0,0 @@
-import { RegisterSingleton, ServiceProvider } from "@entity-access/entity-access/dist/di/di.js";
-import { SessionUser } from "../core/SessionUser.js";
-import CookieService from "./CookieService.js";
-import TokenService from "./TokenService.js";
-import DateTime from "@entity-access/entity-access/dist/types/DateTime.js";
-import type { IAuthorizationCookie } from "./IAuthorizationCookie.js";
-import type { SerializeOptions } from "cookie";
-
-const secure = (process.env["SOCIAL_MAIL_AUTH_COOKIE_SECURE"] ?? "true") === "true";
-
-export interface ICookie {
-    name: string,
-    value: string,
-    options?: SerializeOptions
-}
-@RegisterSingleton
-export default class AuthenticationService {
-
-    async authorize(user: SessionUser, { ip, cookies }: { ip: string, cookies: Record<string, string>}) {
-        const scope = ServiceProvider.from(user);
-        const cookieService = scope.resolve(CookieService);
-        const tokenService = scope.resolve(TokenService);
-        const cookie = cookies[tokenService.authCookieName];
-        await cookieService.createSessionUserFromCookie(cookie, ip);
-        (user as any).isAuthorized = true;
-    }
-
-    async setAuthCookie(user: SessionUser, authCookie: IAuthorizationCookie): Promise<ICookie> {
-
-        const scope = ServiceProvider.from(user);
-        const tokenService = scope.resolve(TokenService);
-        const cookie = await tokenService.getAuthToken(authCookie);
-        const maxAge = ((authCookie?.expiry ?  DateTime.from(authCookie.expiry) : null) ?? DateTime.now.addDays(30)).diff(DateTime.now).totalMilliseconds;
-        const name = cookie.cookieName;
-        const value = cookie.cookie;
-        const options = {
-            secure,
-            httpOnly: true,
-            maxAge
-        };
-        return { name, value, options };
-    }
-
-}