@functionalcms/svelte-components 2.21.1 → 2.22.0

package/dist/auth/authenticationHandle.d.ts

@@ -1,3 +1,3 @@
 import { type Handle } from '@sveltejs/kit';
-import type { IProvider } from './types.js';
-export declare const authenticationHandle: (provider: IProvider) => Handle;
+import type { IProvider, ISessionStorage } from './types.js';
+export declare const authenticationHandle: (provider: IProvider, sessionProvider: ISessionStorage) => Handle;

package/dist/auth/authenticationHandle.js

@@ -1,13 +1,12 @@
 import {} from '@sveltejs/kit';
-import { createSession, getSession, deleteSession } from './sessionStorage.js';
 const authSessionCookieName = `auth_session`;
-const logout = async (cookies, afterLogoutPath = '/') => {
+const logout = async (cookies, sessionProvider, afterLogoutPath = '/') => {
     const headers = new Headers();
     const state = cookies.get(authSessionCookieName);
     if (state) {
         cookies.delete('auth_session', { path: '/' });
         const sid = cookies.get('auth_session');
-        deleteSession(sid);
+        await sessionProvider.deleteSession(sid);
         headers.append('Set-Cookie', `${authSessionCookieName}=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;`);
         headers.append('Location', afterLogoutPath);
     }
@@ -16,7 +15,7 @@ const logout = async (cookies, afterLogoutPath = '/') => {
     }
     return headers;
 };
-const createUserSession = async (provider, event) => {
+const createUserSession = async (provider, event, sessionProvider) => {
     const token = await provider.getValidation(event);
     const session = await provider.getUser(token);
     const headers = new Headers();
@@ -24,7 +23,7 @@ const createUserSession = async (provider, event) => {
         session.userId = session.sub;
         event.locals.session = session;
         event.locals.accessToken = token.access_token;
-        const sessionId = createSession({ session, token }, token.expires_in);
+        const sessionId = await sessionProvider.createSession({ session, token }, token.expires_in);
         headers.append('Location', provider.redirectPath);
         headers.append('Set-Cookie', `${authSessionCookieName}=${sessionId}; HttpOnly; Secure; SameSite=Lax; Max-Age=3600; Path=/`);
         // `${authSessionCookieName}=${sessionId}; HttpOnly; Secure; SameSite=Lax; Max-Age=${token.expires_in}; Path=/`);
@@ -34,9 +33,9 @@ const createUserSession = async (provider, event) => {
     }
     return headers;
 };
-const loadUserFromSession = (cookies, locals) => {
+const loadUserFromSession = async (cookies, locals, sessionProvider) => {
     const sid = cookies.get(authSessionCookieName);
-    const session = getSession(sid);
+    const session = await sessionProvider.getSession(sid);
     if (session) {
         locals.session = session.session;
         locals.token = session.token;
@@ -45,16 +44,16 @@ const loadUserFromSession = (cookies, locals) => {
         locals.username = "";
     }
 };
-export const authenticationHandle = (provider) => {
+export const authenticationHandle = (provider, sessionProvider) => {
     return async ({ event, resolve }) => {
         //login user check + refresh
         if (event.url.pathname.startsWith('/')) {
-            loadUserFromSession(event.cookies, event.locals);
+            await loadUserFromSession(event.cookies, event.locals, sessionProvider);
         }
         //logout
         if (event.url.pathname === '/auth/logout') {
             // await provider.logout();
-            const headers = await logout(event.cookies);
+            const headers = await logout(event.cookies, sessionProvider);
             return new Response('Logging Out...', { status: 303, headers });
         }
         // login
@@ -64,7 +63,7 @@ export const authenticationHandle = (provider) => {
         }
         //validate
         else if (event.url.pathname === "/auth/validate") {
-            const validationResponse = await createUserSession(provider, event);
+            const validationResponse = await createUserSession(provider, event, sessionProvider);
             return new Response('Redirect', { status: 302, headers: validationResponse });
         }
         return await resolve(event);

package/dist/auth/inMemorySessionProvider.d.ts

@@ -0,0 +1,12 @@
+import type { ISession, Sid } from './types.js';
+declare function clean(): Promise<void>;
+declare function createSession(session: ISession, maxAge: number): Promise<string>;
+declare function getSession(sid: Sid): Promise<ISession | undefined>;
+declare function deleteSession(sid: string): Promise<void>;
+export declare const inMemorySessionProvider: {
+    clean: typeof clean;
+    createSession: typeof createSession;
+    getSession: typeof getSession;
+    deleteSession: typeof deleteSession;
+};
+export {};

package/dist/auth/inMemorySessionProvider.js

@@ -0,0 +1,46 @@
+import { getSid } from './sessionIdGenerator.js';
+const sessionStore = new Map();
+let nextClean = Date.now() + 1000 * 60 * 60; // 1 hour
+async function clean() {
+    const now = Date.now();
+    for (const [sid, session] of sessionStore) {
+        if (session.invalidAt < now) {
+            sessionStore.delete(sid);
+        }
+    }
+    // // TODO: delete session from browser storage
+    nextClean = Date.now() + 1000 * 60 * 60; // 1 hour
+}
+if (Date.now() > nextClean) {
+    //call in setTimeout to not block the server
+    setTimeout(() => {
+        clean();
+    }, 5000);
+}
+async function createSession(session, maxAge) {
+    let sid = '';
+    do {
+        sid = getSid();
+    } while (sessionStore.has(sid));
+    sessionStore.set(sid, {
+        data: session,
+        invalidAt: Date.now() + maxAge
+    });
+    return sid;
+}
+async function getSession(sid) {
+    if (sessionStore.has(sid)) {
+        const cache = sessionStore.get(sid);
+        return cache?.data;
+    }
+    return undefined;
+}
+async function deleteSession(sid) {
+    sessionStore.delete(sid);
+}
+export const inMemorySessionProvider = {
+    clean: clean,
+    createSession: createSession,
+    getSession: getSession,
+    deleteSession: deleteSession,
+};

package/dist/auth/redisSessionProvider.d.ts

@@ -0,0 +1,12 @@
+import type { ISession, Sid } from './types.js';
+declare function clean(): Promise<void>;
+declare function createSession(session: ISession, maxAge: number): Promise<string>;
+declare function getSession(sid: Sid): Promise<any>;
+declare function deleteSession(sid: string): Promise<void>;
+export declare const redisSessionProvider: {
+    clean: typeof clean;
+    createSession: typeof createSession;
+    getSession: typeof getSession;
+    deleteSession: typeof deleteSession;
+};
+export {};

package/dist/auth/redisSessionProvider.js

@@ -0,0 +1,36 @@
+import { getSid } from './sessionIdGenerator.js';
+import Redis from "ioredis";
+import { CACHE_SECRET } from '$env/static/private';
+const url = "functional.redis.cache.windows.net:6380,password=cfENm4qUceDQ2lE8tl5LFLjg4IVx3F4mIAzCaA12xtg=,ssl=True,abortConnect=False";
+const redis = new Redis(6380, "functional.redis.cache.windows.net", {
+    password: CACHE_SECRET,
+    tls: true
+});
+async function clean() {
+}
+async function createSession(session, maxAge) {
+    const sid = getSid();
+    const sessionObject = {
+        data: session,
+        invalidAt: Date.now() + maxAge
+    };
+    await redis.set(sid, JSON.stringify(sessionObject));
+    return sid;
+}
+async function getSession(sid) {
+    const savedSession = await redis.get(sid);
+    if (savedSession) {
+        const session = JSON.parse(savedSession);
+        return session.data;
+    }
+    return null;
+}
+async function deleteSession(sid) {
+    await redis.del(sid);
+}
+export const redisSessionProvider = {
+    clean: clean,
+    createSession: createSession,
+    getSession: getSession,
+    deleteSession: deleteSession,
+};

package/dist/auth/sessionIdGenerator.d.ts

@@ -0,0 +1,2 @@
+import type { Sid } from "./types";
+export declare function getSid(): Sid;

package/dist/auth/sessionIdGenerator.js

@@ -0,0 +1,3 @@
+export function getSid() {
+    return crypto.randomUUID();
+}

package/dist/auth/types.d.ts

@@ -1,11 +1,3 @@
-export type SessionInfo = {
-    username: string;
-    session: any;
-};
-export type SessionInfoCache = {
-    data: any;
-    invalidAt: number;
-};
 export declare class Token {
     access_token: string;
     expires_in: number;
@@ -16,9 +8,24 @@ export declare class Token {
     session_state?: string;
     token_type?: string;
 }
+export type ISession = {
+    session: any;
+    token: Token;
+};
+export type SessionInfoCache = {
+    data: ISession;
+    invalidAt: number;
+};
+export type Sid = string;
 export interface IProvider {
     redirectPath: string;
     getAuthIdentity(domain: string): Promise<any>;
     getValidation(event: any): Promise<Token>;
     getUser(token: Token): any;
 }
+export interface ISessionStorage {
+    clean(): Promise<void>;
+    createSession(session: ISession, maxAge: number): Promise<Sid>;
+    getSession(sid: Sid): Promise<ISession | undefined>;
+    deleteSession(sid: Sid): Promise<void>;
+}

package/dist/index-server.d.ts

@@ -1,7 +1,9 @@
 import { authenticationHandle } from './auth/authenticationHandle.js';
 import authorizationHandle from './auth/authorizationHandle.js';
 import errorHandler from './auth/errorHandle.js';
+import { inMemorySessionProvider } from './auth/inMemorySessionProvider.js';
+import { redisSessionProvider } from './auth/redisSessionProvider.js';
 import { machineAuthenticationProvider } from './auth/machineAuthenticationProvider.js';
 import { userAuthenticationProvider } from './auth/userAuthenticationProvider.js';
 import { getBlobService, getCommunicationService, getDataService, getTemplateService, getWebsiteService } from './server-side/getServices.js';
-export { authenticationHandle, authorizationHandle, errorHandler, machineAuthenticationProvider, userAuthenticationProvider, getDataService, getCommunicationService, getWebsiteService, getTemplateService, getBlobService };
+export { authenticationHandle, authorizationHandle, errorHandler, machineAuthenticationProvider, userAuthenticationProvider, inMemorySessionProvider, redisSessionProvider, getDataService, getCommunicationService, getWebsiteService, getTemplateService, getBlobService };

package/dist/index-server.js

@@ -1,7 +1,9 @@
 import { authenticationHandle } from './auth/authenticationHandle.js';
 import authorizationHandle from './auth/authorizationHandle.js';
 import errorHandler from './auth/errorHandle.js';
+import { inMemorySessionProvider } from './auth/inMemorySessionProvider.js';
+import { redisSessionProvider } from './auth/redisSessionProvider.js';
 import { machineAuthenticationProvider } from './auth/machineAuthenticationProvider.js';
 import { userAuthenticationProvider } from './auth/userAuthenticationProvider.js';
 import { getBlobService, getCommunicationService, getDataService, getTemplateService, getWebsiteService } from './server-side/getServices.js';
-export { authenticationHandle, authorizationHandle, errorHandler, machineAuthenticationProvider, userAuthenticationProvider, getDataService, getCommunicationService, getWebsiteService, getTemplateService, getBlobService };
+export { authenticationHandle, authorizationHandle, errorHandler, machineAuthenticationProvider, userAuthenticationProvider, inMemorySessionProvider, redisSessionProvider, getDataService, getCommunicationService, getWebsiteService, getTemplateService, getBlobService };

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@functionalcms/svelte-components",
-	"version": "2.21.1",
+	"version": "2.22.0",
 	"watch": {
 		"build": {
 			"patterns": [

package/dist/auth/sessionStorage.d.ts

@@ -1,5 +0,0 @@
-type Sid = string;
-export declare function createSession(session: any, maxAge: number): string;
-export declare function getSession(sid: Sid): any;
-export declare function deleteSession(sid: string): void;
-export {};

package/dist/auth/sessionStorage.js

@@ -1,73 +0,0 @@
-//in memory session Store
-const sessionStore = new Map();
-let nextClean = Date.now() + 1000 * 60 * 60; // 1 hour
-function getSid() {
-    return crypto.randomUUID();
-}
-//loops over all sessions and deletes the ones that are expired.
-//We call this function every hour when a session is created
-function clean() {
-    const now = Date.now();
-    for (const [sid, session] of sessionStore) {
-        if (session.invalidAt < now) {
-            sessionStore.delete(sid);
-        }
-    }
-    // // TODO: delete session from browser storage
-    nextClean = Date.now() + 1000 * 60 * 60; // 1 hour
-}
-//calls clean() function if it has been over 1 hour to delete expired sessions
-if (Date.now() > nextClean) {
-    //call in setTimeout to not block the server
-    setTimeout(() => {
-        clean();
-    }, 5000);
-}
-//invoked from makeCookieAndSession on login/nativeAuth.ts
-export function createSession(session, maxAge) {
-    let sid = '';
-    do {
-        sid = getSid();
-    } while (sessionStore.has(sid));
-    sessionStore.set(sid, {
-        data: session,
-        invalidAt: Date.now() + maxAge
-    });
-    return sid;
-}
-//gets session from sessionStore, if not in store, adds to it
-export function getSession(sid) {
-    //if session present in sessionStore
-    if (sessionStore.has(sid)) {
-        const cache = sessionStore.get(sid);
-        return cache?.data;
-    }
-    else {
-        /*
-          // TODO/ITERATION: get session from browser on frontend and store in session store
-          // const session = sessionStorage.getItem(username)
-          // if (session) {
-          //   sessionStore.set(sid, session);
-          //   return session;
-          // }
-        */
-    }
-    //if no session, return undefined
-    return undefined;
-}
-//deletes session from sessionStore
-export function deleteSession(sid) {
-    sessionStore.delete(sid);
-    /*
-      // // TODO/ITERATION: remove session from browser storage
-      // // sessionStorage.removeItem(username);
-      // // localStorage.removeItem(username);
-    */
-}
-/*
-  // TODO/ITERATION: send back to frontend to store in browser
-  // export function setBrowserSession(sid: string, username: string) {
-  //   sessionStorage.setItem(username, sid);
-  //   localStorage.setItem(username, sid);
-  // }
-*/