@exulu/backend 0.1.8 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +29 -2
- package/dist/index.js +29 -2
- package/package.json +1 -1
package/dist/index.cjs
CHANGED
|
@@ -398,6 +398,7 @@ var sanitizeName = (name) => {
|
|
|
398
398
|
};
|
|
399
399
|
|
|
400
400
|
// src/postgres/init-db.ts
|
|
401
|
+
var import_bcryptjs = __toESM(require("bcryptjs"), 1);
|
|
401
402
|
var up = async function(knex) {
|
|
402
403
|
if (!await knex.schema.hasTable("roles")) {
|
|
403
404
|
await knex.schema.createTable("roles", (table) => {
|
|
@@ -545,6 +546,11 @@ var up = async function(knex) {
|
|
|
545
546
|
});
|
|
546
547
|
}
|
|
547
548
|
};
|
|
549
|
+
var SALT_ROUNDS = 12;
|
|
550
|
+
async function encryptApiKey(apiKey) {
|
|
551
|
+
const hash = await import_bcryptjs.default.hash(apiKey, SALT_ROUNDS);
|
|
552
|
+
return hash;
|
|
553
|
+
}
|
|
548
554
|
var execute = async () => {
|
|
549
555
|
console.log("[EXULU] Initializing database.");
|
|
550
556
|
const { db: db2 } = await postgresClient();
|
|
@@ -563,6 +569,10 @@ var execute = async () => {
|
|
|
563
569
|
} else {
|
|
564
570
|
roleId = existingRole.id;
|
|
565
571
|
}
|
|
572
|
+
const newKeyName = "exulu_default_key";
|
|
573
|
+
const plainKey = `sk_${Math.random().toString(36).substring(2, 15)}_${Math.random().toString(36).substring(2, 15)}`;
|
|
574
|
+
const postFix = `/${newKeyName.toLowerCase().trim().replaceAll(" ", "_")}`;
|
|
575
|
+
const encryptedKey = await encryptApiKey(plainKey);
|
|
566
576
|
const existingUser = await db2.from("users").where({ email: "admin@exulu.com" }).first();
|
|
567
577
|
if (!existingUser) {
|
|
568
578
|
console.log("[EXULU] Creating default admin user.");
|
|
@@ -572,11 +582,28 @@ var execute = async () => {
|
|
|
572
582
|
super_admin: true,
|
|
573
583
|
createdAt: /* @__PURE__ */ new Date(),
|
|
574
584
|
updatedAt: /* @__PURE__ */ new Date(),
|
|
585
|
+
type: "user",
|
|
586
|
+
// password: "admin", todo add this again when we implement password auth / encryption as alternative to OTP
|
|
587
|
+
role: roleId
|
|
588
|
+
});
|
|
589
|
+
}
|
|
590
|
+
const existingApiUser = await db2.from("users").where({ email: "api@exulu.com" }).first();
|
|
591
|
+
if (!existingApiUser) {
|
|
592
|
+
console.log("[EXULU] Creating default api user.");
|
|
593
|
+
await db2.from("users").insert({
|
|
594
|
+
name: "exulu",
|
|
595
|
+
email: "admin@exulu.com",
|
|
596
|
+
super_admin: true,
|
|
597
|
+
createdAt: /* @__PURE__ */ new Date(),
|
|
598
|
+
updatedAt: /* @__PURE__ */ new Date(),
|
|
599
|
+
type: "user",
|
|
600
|
+
apikey: `${encryptedKey}${postFix}`,
|
|
575
601
|
// password: "admin", todo add this again when we implement password auth / encryption as alternative to OTP
|
|
576
602
|
role: roleId
|
|
577
603
|
});
|
|
578
604
|
}
|
|
579
605
|
console.log("[EXULU] Database initialized.");
|
|
606
|
+
console.log("[EXULU] Default api key: ", `${encryptedKey}${postFix}`);
|
|
580
607
|
return;
|
|
581
608
|
};
|
|
582
609
|
|
|
@@ -1428,7 +1455,7 @@ var import_express = require("express");
|
|
|
1428
1455
|
var import_jwt = require("next-auth/jwt");
|
|
1429
1456
|
|
|
1430
1457
|
// src/auth/auth.ts
|
|
1431
|
-
var
|
|
1458
|
+
var import_bcryptjs2 = __toESM(require("bcryptjs"), 1);
|
|
1432
1459
|
var authentication = async ({
|
|
1433
1460
|
apikey,
|
|
1434
1461
|
authtoken,
|
|
@@ -1523,7 +1550,7 @@ var authentication = async ({
|
|
|
1523
1550
|
for (const user of filtered) {
|
|
1524
1551
|
const lastSlashIndex = user.apiKey.lastIndexOf("/");
|
|
1525
1552
|
const compareValue = lastSlashIndex !== -1 ? user.apiKey.substring(0, lastSlashIndex) : user.apiKey;
|
|
1526
|
-
const isMatch = await
|
|
1553
|
+
const isMatch = await import_bcryptjs2.default.compare(keyValue, compareValue);
|
|
1527
1554
|
if (isMatch) {
|
|
1528
1555
|
await db2.from("users").where({ id: user.id }).update({
|
|
1529
1556
|
lastUsed: /* @__PURE__ */ new Date()
|
package/dist/index.js
CHANGED
|
@@ -357,6 +357,7 @@ var sanitizeName = (name) => {
|
|
|
357
357
|
};
|
|
358
358
|
|
|
359
359
|
// src/postgres/init-db.ts
|
|
360
|
+
import bcrypt from "bcryptjs";
|
|
360
361
|
var up = async function(knex) {
|
|
361
362
|
if (!await knex.schema.hasTable("roles")) {
|
|
362
363
|
await knex.schema.createTable("roles", (table) => {
|
|
@@ -504,6 +505,11 @@ var up = async function(knex) {
|
|
|
504
505
|
});
|
|
505
506
|
}
|
|
506
507
|
};
|
|
508
|
+
var SALT_ROUNDS = 12;
|
|
509
|
+
async function encryptApiKey(apiKey) {
|
|
510
|
+
const hash = await bcrypt.hash(apiKey, SALT_ROUNDS);
|
|
511
|
+
return hash;
|
|
512
|
+
}
|
|
507
513
|
var execute = async () => {
|
|
508
514
|
console.log("[EXULU] Initializing database.");
|
|
509
515
|
const { db: db2 } = await postgresClient();
|
|
@@ -522,6 +528,10 @@ var execute = async () => {
|
|
|
522
528
|
} else {
|
|
523
529
|
roleId = existingRole.id;
|
|
524
530
|
}
|
|
531
|
+
const newKeyName = "exulu_default_key";
|
|
532
|
+
const plainKey = `sk_${Math.random().toString(36).substring(2, 15)}_${Math.random().toString(36).substring(2, 15)}`;
|
|
533
|
+
const postFix = `/${newKeyName.toLowerCase().trim().replaceAll(" ", "_")}`;
|
|
534
|
+
const encryptedKey = await encryptApiKey(plainKey);
|
|
525
535
|
const existingUser = await db2.from("users").where({ email: "admin@exulu.com" }).first();
|
|
526
536
|
if (!existingUser) {
|
|
527
537
|
console.log("[EXULU] Creating default admin user.");
|
|
@@ -531,11 +541,28 @@ var execute = async () => {
|
|
|
531
541
|
super_admin: true,
|
|
532
542
|
createdAt: /* @__PURE__ */ new Date(),
|
|
533
543
|
updatedAt: /* @__PURE__ */ new Date(),
|
|
544
|
+
type: "user",
|
|
545
|
+
// password: "admin", todo add this again when we implement password auth / encryption as alternative to OTP
|
|
546
|
+
role: roleId
|
|
547
|
+
});
|
|
548
|
+
}
|
|
549
|
+
const existingApiUser = await db2.from("users").where({ email: "api@exulu.com" }).first();
|
|
550
|
+
if (!existingApiUser) {
|
|
551
|
+
console.log("[EXULU] Creating default api user.");
|
|
552
|
+
await db2.from("users").insert({
|
|
553
|
+
name: "exulu",
|
|
554
|
+
email: "admin@exulu.com",
|
|
555
|
+
super_admin: true,
|
|
556
|
+
createdAt: /* @__PURE__ */ new Date(),
|
|
557
|
+
updatedAt: /* @__PURE__ */ new Date(),
|
|
558
|
+
type: "user",
|
|
559
|
+
apikey: `${encryptedKey}${postFix}`,
|
|
534
560
|
// password: "admin", todo add this again when we implement password auth / encryption as alternative to OTP
|
|
535
561
|
role: roleId
|
|
536
562
|
});
|
|
537
563
|
}
|
|
538
564
|
console.log("[EXULU] Database initialized.");
|
|
565
|
+
console.log("[EXULU] Default api key: ", `${encryptedKey}${postFix}`);
|
|
539
566
|
return;
|
|
540
567
|
};
|
|
541
568
|
|
|
@@ -1387,7 +1414,7 @@ import "express";
|
|
|
1387
1414
|
import { getToken } from "next-auth/jwt";
|
|
1388
1415
|
|
|
1389
1416
|
// src/auth/auth.ts
|
|
1390
|
-
import
|
|
1417
|
+
import bcrypt2 from "bcryptjs";
|
|
1391
1418
|
var authentication = async ({
|
|
1392
1419
|
apikey,
|
|
1393
1420
|
authtoken,
|
|
@@ -1482,7 +1509,7 @@ var authentication = async ({
|
|
|
1482
1509
|
for (const user of filtered) {
|
|
1483
1510
|
const lastSlashIndex = user.apiKey.lastIndexOf("/");
|
|
1484
1511
|
const compareValue = lastSlashIndex !== -1 ? user.apiKey.substring(0, lastSlashIndex) : user.apiKey;
|
|
1485
|
-
const isMatch = await
|
|
1512
|
+
const isMatch = await bcrypt2.compare(keyValue, compareValue);
|
|
1486
1513
|
if (isMatch) {
|
|
1487
1514
|
await db2.from("users").where({ id: user.id }).update({
|
|
1488
1515
|
lastUsed: /* @__PURE__ */ new Date()
|