@flowerforce/flowerbase 1.2.1-beta.2 → 1.2.1-beta.21

package/src/services/mongodb-atlas/model.ts

@@ -1,5 +1,13 @@
 import { FastifyInstance } from 'fastify'
-import { Collection, Document, FindCursor, WithId } from 'mongodb'
+import {
+  Collection,
+  Document,
+  FindCursor,
+  FindOneAndUpdateOptions,
+  Filter as MongoFilter,
+  UpdateFilter,
+  WithId
+} from 'mongodb'
 import { User } from '../../auth/dtos'
 import { Filter, Rules } from '../../features/rules/interface'
 import { Role } from '../../utils/roles/interface'
@@ -50,11 +58,16 @@ export type GetOperatorsFunction = (
   updateOne: (
     ...params: Parameters<Method<'updateOne'>>
   ) => ReturnType<Method<'updateOne'>>
+  findOneAndUpdate: (
+    filter: MongoFilter<Document>,
+    update: UpdateFilter<Document> | Document[],
+    options?: FindOneAndUpdateOptions
+  ) => Promise<Document | null>
   find: (...params: Parameters<Method<'find'>>) => FindCursor
   watch: (...params: Parameters<Method<'watch'>>) => ReturnType<Method<'watch'>>
   aggregate: (
     ...params: [...Parameters<Method<'aggregate'>>, isClient: boolean]
-  ) => Promise<ReturnType<Method<'aggregate'>>>
+  ) => ReturnType<Method<'aggregate'>>
   insertMany: (
     ...params: Parameters<Method<'insertMany'>>
   ) => ReturnType<Method<'insertMany'>>
@@ -73,4 +86,4 @@ export enum CRUD_OPERATIONS {
   UPDATE = "UPDATE",
   DELETE = "DELETE"
 
-}
+}

package/src/services/mongodb-atlas/utils.ts

@@ -23,12 +23,14 @@ export const getValidRule = <T extends Role | Filter>({
   record = null
 }: GetValidRuleParams<T>) => {
   if (!filters.length) return []
+  const rootRecord = record ?? null
 
   return filters.filter((f) => {
     if (Object.keys(f.apply_when).length === 0) return true
 
     // expandQuery traduce i placeholder (%%user, %%true)
     const conditions = expandQuery(f.apply_when, {
+      '%%root': rootRecord,
       '%%user': user,
       '%%true': true
       /** values */
@@ -40,6 +42,7 @@ export const getValidRule = <T extends Role | Filter>({
       conditions as Parameters<typeof rulesMatcherUtils.checkRule>[0],
       {
         ...(record ?? {}),
+        '%%root': rootRecord,
         '%%user': user,
         '%%true': true
       },

package/src/shared/handleUserRegistration.ts

@@ -1,5 +1,7 @@
 import { AUTH_CONFIG, DB_NAME } from "../constants"
-import { hashPassword } from "../utils/crypto"
+import { StateManager } from "../state"
+import { GenerateContext } from "../utils/context"
+import { generateToken, hashPassword } from "../utils/crypto"
 import { HandleUserRegistration } from "./models/handleUserRegistration.model"
 
 /**
@@ -17,6 +19,10 @@ const handleUserRegistration: HandleUserRegistration = (app, opt) => async ({ em
     }
 
     const { authCollection } = AUTH_CONFIG
+    const localUserpassConfig = AUTH_CONFIG.localUserpassConfig
+    const autoConfirm = localUserpassConfig?.autoConfirm === true
+    const runConfirmationFunction = localUserpassConfig?.runConfirmationFunction === true
+    const confirmationFunctionName = localUserpassConfig?.confirmationFunctionName
     const mongo = app?.mongo
     const db = mongo.client.db(DB_NAME)
     const hashedPassword = await hashPassword(password)
@@ -29,7 +35,7 @@ const handleUserRegistration: HandleUserRegistration = (app, opt) => async ({ em
     const result = await db?.collection(authCollection!).insertOne({
         email,
         password: hashedPassword,
-        status: skipUserCheck ? 'confirmed' : 'pending',
+        status: skipUserCheck || autoConfirm ? 'confirmed' : 'pending',
         createdAt: new Date(),
         custom_data: {
             // TODO: aggiungere dati personalizzati alla registrazione
@@ -58,6 +64,81 @@ const handleUserRegistration: HandleUserRegistration = (app, opt) => async ({ em
         }
     )
 
+    if (!result?.insertedId || skipUserCheck || autoConfirm) {
+        return result
+    }
+
+    if (!runConfirmationFunction) {
+        throw new Error('Missing confirmation function')
+    }
+
+    if (!confirmationFunctionName) {
+        throw new Error('Missing confirmation function name')
+    }
+
+    const functionsList = StateManager.select('functions')
+    const services = StateManager.select('services')
+    const confirmationFunction = functionsList[confirmationFunctionName]
+    if (!confirmationFunction) {
+        throw new Error(`Confirmation function not found: ${confirmationFunctionName}`)
+    }
+
+    const token = generateToken()
+    const tokenId = generateToken()
+    await db?.collection(authCollection!).updateOne(
+        { _id: result.insertedId },
+        {
+            $set: {
+                confirmationToken: token,
+                confirmationTokenId: tokenId
+            }
+        }
+    )
+
+    type ConfirmationResult = { status?: 'success' | 'pending' | 'fail' }
+    let confirmationStatus: ConfirmationResult['status'] = 'fail'
+    try {
+        const response = await GenerateContext({
+            args: [{
+                token,
+                tokenId,
+                username: email
+            }],
+            app,
+            rules: {},
+            user: {},
+            currentFunction: confirmationFunction,
+            functionsList,
+            services,
+            runAsSystem: true
+        }) as ConfirmationResult
+        confirmationStatus = response?.status ?? 'fail'
+    } catch {
+        confirmationStatus = 'fail'
+    }
+
+    if (confirmationStatus === 'success') {
+        await db?.collection(authCollection!).updateOne(
+            { _id: result.insertedId },
+            {
+                $set: { status: 'confirmed' },
+                $unset: { confirmationToken: '', confirmationTokenId: '' }
+            }
+        )
+        return result
+    }
+
+    if (confirmationStatus === 'pending') {
+        return result
+    }
+
+    await db?.collection(authCollection!).updateOne(
+        { _id: result.insertedId },
+        {
+            $set: { status: 'failed' },
+            $unset: { confirmationToken: '', confirmationTokenId: '' }
+        }
+    )
     return result
 
 }

package/src/shared/models/handleUserRegistration.model.ts

@@ -28,5 +28,6 @@ export type HandleUserRegistration = (
 
 export enum PROVIDER {
   LOCAL_USERPASS = "local-userpass",
-  CUSTOM_FUNCTION = "custom-function"
+  CUSTOM_FUNCTION = "custom-function",
+  ANON_USER = "anon-user"
 }

package/src/utils/__tests__/registerPlugins.test.ts

@@ -3,6 +3,7 @@ import fastifyMongodb from '@fastify/mongodb'
 import { authController } from '../../auth/controller'
 import jwtAuthPlugin from '../../auth/plugins/jwt'
 import fastifyRawBody from 'fastify-raw-body'
+import { anonUserController } from '../../auth/providers/anon-user/controller'
 import { customFunctionController } from '../../auth/providers/custom-function/controller'
 import { localUserPassController } from '../../auth/providers/local-userpass/controller'
 import { Functions } from '../../features/functions/interface'
@@ -36,7 +37,7 @@ describe('registerPlugins', () => {
     })
 
     // Check Plugins Registration
-    expect(registerMock).toHaveBeenCalledTimes(7)
+    expect(registerMock).toHaveBeenCalledTimes(8)
     expect(registerMock).toHaveBeenCalledWith(cors, {
       origin: '*',
       methods: ['POST', 'GET']
@@ -63,6 +64,9 @@ describe('registerPlugins', () => {
     expect(registerMock).toHaveBeenCalledWith(customFunctionController, {
       prefix: `${MOCKED_API_VERSION}/app/:appId/auth/providers/custom-function`
     })
+    expect(registerMock).toHaveBeenCalledWith(anonUserController, {
+      prefix: `${MOCKED_API_VERSION}/app/:appId/auth/providers/anon-user`
+    })
   })
 
   it('should handle errors in the catch block', async () => {

package/src/utils/context/index.ts

@@ -1,10 +1,116 @@
 import { createRequire } from 'node:module'
+import path from 'node:path'
+import { pathToFileURL } from 'node:url'
 import vm from 'vm'
 import { EJSON } from 'bson'
 import { StateManager } from '../../state'
 import { generateContextData } from './helpers'
 import { GenerateContextParams } from './interface'
 
+const dynamicImport = new Function('specifier', 'return import(specifier)') as (
+  specifier: string
+) => Promise<Record<string, unknown>>
+
+const transformImportsToRequire = (code: string): string => {
+  let importIndex = 0
+  const lines = code.split(/\r?\n/)
+
+  return lines
+    .map((line) => {
+      const trimmed = line.trim()
+
+      if (/^import\s+type\s+/.test(trimmed)) {
+        return ''
+      }
+
+      const sideEffectMatch = trimmed.match(/^import\s+['"]([^'"]+)['"]\s*;?$/)
+      if (sideEffectMatch) {
+        return `require('${sideEffectMatch[1]}')`
+      }
+
+      const match = trimmed.match(/^import\s+(.+?)\s+from\s+['"]([^'"]+)['"]\s*;?$/)
+      if (!match) return line
+
+      const [, importClause, source] = match
+      const clause = importClause.trim()
+
+      if (clause.startsWith('{') && clause.endsWith('}')) {
+        const named = clause.slice(1, -1).trim()
+        return `const { ${named} } = require('${source}')`
+      }
+
+      const namespaceMatch = clause.match(/^\*\s+as\s+(\w+)$/)
+      if (namespaceMatch) {
+        return `const ${namespaceMatch[1]} = require('${source}')`
+      }
+
+      if (clause.includes(',')) {
+        const [defaultPart, restRaw] = clause.split(',', 2)
+        const defaultName = defaultPart.trim()
+        const rest = restRaw.trim()
+        const tmpName = `__fb_import_${importIndex++}`
+        const linesOut = [`const ${tmpName} = require('${source}')`]
+
+        if (defaultName) {
+          linesOut.push(`const ${defaultName} = ${tmpName}`)
+        }
+
+        if (rest.startsWith('{') && rest.endsWith('}')) {
+          const named = rest.slice(1, -1).trim()
+          linesOut.push(`const { ${named} } = ${tmpName}`)
+        } else {
+          const nsMatch = rest.match(/^\*\s+as\s+(\w+)$/)
+          if (nsMatch) {
+            linesOut.push(`const ${nsMatch[1]} = ${tmpName}`)
+          }
+        }
+
+        return linesOut.join('\n')
+      }
+
+      return `const ${clause} = require('${source}')`
+    })
+    .join('\n')
+}
+
+const wrapEsmModule = (code: string): string => {
+  const prelude = [
+    'const __fb_module = { exports: {} };',
+    'let exports = __fb_module.exports;',
+    'let module = __fb_module;',
+    'const __fb_require = globalThis.__fb_require;',
+    'const require = __fb_require;',
+    'const __filename = globalThis.__fb_filename;',
+    'const __dirname = globalThis.__fb_dirname;'
+  ].join('\n')
+
+  const trailer = [
+    'globalThis.__fb_module = __fb_module;',
+    'globalThis.__fb_exports = exports;'
+  ].join('\n')
+
+  return `${prelude}\n${code}\n${trailer}`
+}
+
+const resolveImportTarget = (specifier: string, customRequire: NodeRequire): string => {
+  try {
+    const resolved = customRequire.resolve(specifier)
+    if (resolved.startsWith('node:')) return resolved
+    if (path.isAbsolute(resolved)) {
+      return pathToFileURL(resolved).href
+    }
+    return resolved
+  } catch {
+    return specifier
+  }
+}
+
+const shouldFallbackFromVmModules = (error: unknown): boolean => {
+  if (!error || typeof error !== 'object') return false
+  const code = (error as { code?: string }).code
+  return code === 'ERR_VM_MODULES_DISABLED' || code === 'ERR_VM_MODULES_NOT_SUPPORTED'
+}
+
 /**
  * > Used to generate the current context
  * @testable
@@ -28,7 +134,7 @@ export async function GenerateContext({
   deserializeArgs = true,
   enqueue,
   request
-}: GenerateContextParams) {
+}: GenerateContextParams): Promise<unknown> {
   if (!currentFunction) return
 
   const functionsQueue = StateManager.select("functionsQueue")
@@ -48,28 +154,142 @@ export async function GenerateContext({
       request
     })
 
-    try {
-      const entryFile = require.main?.filename ?? process.cwd();
-      const customRequire = createRequire(entryFile);
-
-      vm.runInContext(functionToRun.code, vm.createContext({
-        ...contextData, require: customRequire,
-        exports,
-        module,
-        __filename: __filename,
-        __dirname: __dirname
-      }));
+    type ExportedFunction = (...args: unknown[]) => unknown
+    type SandboxModule = { exports: unknown }
+    type SandboxContext = vm.Context & {
+      exports?: unknown
+      module?: SandboxModule
+      __fb_module?: SandboxModule
+      __fb_exports?: unknown
+      __fb_require?: NodeRequire
+      __fb_filename?: string
+      __fb_dirname?: string
+    }
+
+    const isExportedFunction = (value: unknown): value is ExportedFunction =>
+      typeof value === 'function'
+
+    const getDefaultExport = (value: unknown): ExportedFunction | undefined => {
+      if (!value || typeof value !== 'object') return undefined
+      if (!('default' in value)) return undefined
+      const maybeDefault = (value as { default?: unknown }).default
+      return isExportedFunction(maybeDefault) ? maybeDefault : undefined
     }
-    catch (e) {
-      console.log(e)
+
+    const resolveExport = (ctx: SandboxContext): ExportedFunction | undefined => {
+      const moduleExports = ctx.module?.exports ?? ctx.__fb_module?.exports
+      if (isExportedFunction(moduleExports)) return moduleExports
+      const contextExports = ctx.exports ?? ctx.__fb_exports
+      if (isExportedFunction(contextExports)) return contextExports
+      return getDefaultExport(moduleExports) ?? getDefaultExport(contextExports)
+    }
+
+    const sandboxModule: SandboxModule = { exports: {} }
+
+    try {
+      const entryFile = require.main?.filename ?? process.cwd()
+      const customRequire = createRequire(entryFile)
+
+      const vmContext: SandboxContext = vm.createContext({
+        ...contextData,
+        require: customRequire,
+        exports: sandboxModule.exports,
+        module: sandboxModule,
+        __filename,
+        __dirname,
+        __fb_require: customRequire,
+        __fb_filename: __filename,
+        __fb_dirname: __dirname
+      }) as SandboxContext
+
+      const vmModules = vm as typeof vm & {
+        SourceTextModule?: typeof vm.SourceTextModule
+        SyntheticModule?: typeof vm.SyntheticModule
+      }
+      const hasStaticImport = /\bimport\s+/.test(functionToRun.code)
+      let usedVmModules = false
+
+      if (hasStaticImport && vmModules.SourceTextModule && vmModules.SyntheticModule) {
+        try {
+          const moduleCache = new Map<string, vm.Module>()
+
+          const loadModule = async (specifier: string): Promise<vm.Module> => {
+            const importTarget = resolveImportTarget(specifier, customRequire)
+            const cached = moduleCache.get(importTarget)
+            if (cached) return cached
+
+            const namespace = await dynamicImport(importTarget)
+            const exportNames = Object.keys(namespace)
+            if ('default' in namespace && !exportNames.includes('default')) {
+              exportNames.push('default')
+            }
+
+            const syntheticModule = new vmModules.SyntheticModule(
+              exportNames,
+              function () {
+                for (const name of exportNames) {
+                  this.setExport(name, namespace[name])
+                }
+              },
+              { context: vmContext, identifier: importTarget }
+            )
+
+            moduleCache.set(importTarget, syntheticModule)
+            return syntheticModule
+          }
+
+          const importModuleDynamically =
+            ((specifier: string) => loadModule(specifier) as unknown as vm.Module) as unknown as
+              vm.SourceTextModuleOptions['importModuleDynamically']
+
+          const sourceModule = new vmModules.SourceTextModule(
+            wrapEsmModule(functionToRun.code),
+            {
+              context: vmContext,
+              identifier: entryFile,
+              initializeImportMeta: (meta) => {
+                meta.url = pathToFileURL(entryFile).href
+              },
+              importModuleDynamically
+            }
+          )
+
+          await sourceModule.link(loadModule)
+          await sourceModule.evaluate()
+          usedVmModules = true
+        } catch (error) {
+          if (!shouldFallbackFromVmModules(error)) {
+            throw error
+          }
+        }
+      }
+
+      if (!usedVmModules) {
+        const codeToRun = functionToRun.code.includes('import ')
+          ? transformImportsToRequire(functionToRun.code)
+          : functionToRun.code
+        vm.runInContext(codeToRun, vmContext)
+      }
+
+      sandboxModule.exports = resolveExport(vmContext) ?? sandboxModule.exports
+    } catch (error) {
+      console.error(error)
+      throw error
     }
 
     if (deserializeArgs) {
-      return await module.exports(...EJSON.deserialize(args))
+      return await (sandboxModule.exports as ExportedFunction)(
+        ...EJSON.deserialize(args)
+      )
     }
 
-    return await module.exports(...args)
+    return await (sandboxModule.exports as ExportedFunction)(...args)
+  }
+  try {
+    const res = await functionsQueue.add(run, enqueue)
+    return res
+  } catch (error) {
+    console.error(error)
+    throw error
   }
-  const res = await functionsQueue.add(run, enqueue)
-  return res
 }

package/src/utils/context/interface.ts

@@ -20,5 +20,5 @@ export interface GenerateContextParams {
 
 type ContextRequest = Pick<FastifyRequest, "ips" | "host" | "hostname" | "url" | "method" | "ip" | "id">
 export interface GenerateContextDataParams extends Omit<GenerateContextParams, 'args'> {
-  GenerateContext: (params: GenerateContextParams) => Promise<void>
+  GenerateContext: (params: GenerateContextParams) => Promise<unknown>
 }

package/src/utils/crypto/index.ts

@@ -36,6 +36,10 @@ export const comparePassword = async (plaintext: string, storedPassword: string)
  * > Generate a random token
  * @param length -> the token length
  */
-export const generateToken = (length = 32) => {
+export const generateToken = (length = 64) => {
   return crypto.randomBytes(length).toString('hex')
 }
+
+export const hashToken = (token: string) => {
+  return crypto.createHash('sha256').update(token).digest('hex')
+}

package/src/utils/initializer/exposeRoutes.ts

@@ -18,7 +18,7 @@ export const exposeRoutes = async (fastify: FastifyInstance) => {
       const headerHost = req.headers.host ?? 'localhost:3000'
       const hostname = headerHost.split(':')[0]
       const port = DEFAULT_CONFIG?.PORT ?? 3000
-      const host = `${hostname}:${port}`
+      const host = port === 8080 ? hostname : `${hostname}:${port}`
       const wsSchema = 'wss'
 
       return {

package/src/utils/initializer/registerPlugins.ts

@@ -5,6 +5,7 @@ import fastifyRawBody from 'fastify-raw-body'
 import { CorsConfig } from '../../'
 import { authController } from '../../auth/controller'
 import jwtAuthPlugin from '../../auth/plugins/jwt'
+import { anonUserController } from '../../auth/providers/anon-user/controller'
 import { customFunctionController } from '../../auth/providers/custom-function/controller'
 import { localUserPassController } from '../../auth/providers/local-userpass/controller'
 import { API_VERSION } from '../../constants'
@@ -133,6 +134,13 @@ const getRegisterConfig = async ({
       options: {
         prefix: `${API_VERSION}/app/:appId/auth/providers/custom-function`
       }
+    },
+    {
+      pluginName: 'anonUserController',
+      plugin: anonUserController,
+      options: {
+        prefix: `${API_VERSION}/app/:appId/auth/providers/anon-user`
+      }
     }
   ] as RegisterConfig[]
 }

package/src/utils/roles/helpers.ts

@@ -34,7 +34,7 @@ const evaluateComplexExpression = async (
   condition: [string, Record<string, any>],
   params: MachineContext['params'],
   user: MachineContext['user']
-) => {
+): Promise<boolean> => {
   const [key, config] = condition
 
   const functionConfig = config['%function']
@@ -67,5 +67,6 @@ const evaluateComplexExpression = async (
     functionsList,
     services
   })
-  return key === '%%true' ? response : !response
+  const isTruthy = Boolean(response)
+  return key === '%%true' ? isTruthy : !isTruthy
 }

package/src/utils/rules-matcher/utils.ts

@@ -154,6 +154,9 @@ const rulesMatcherUtils: RulesMatcherUtils = {
   },
   forceArray: (a) => (Array.isArray(a) ? a : [a]),
   getPath: (path, prefix) => {
+    if (typeof path !== 'string' || path.length === 0) {
+      return ''
+    }
     if (path.indexOf('^') === 0) {
       return _trimStart(path, '^')
     }