@internetderdinge/api 1.224.2

package/src/organizations/organizations.validation.ts

@@ -0,0 +1,76 @@
+import { extendZodWithOpenApi } from "@asteasolutions/zod-to-openapi";
+import { z } from "zod";
+import { objectId } from "../validations/custom.validation.js";
+import {
+  zPagination,
+  zGet,
+  zObjectId,
+  zPatchBody,
+  zUpdate,
+  zDelete,
+} from "../utils/zValidations.js";
+
+extendZodWithOpenApi(z);
+
+export const createOrganizationSchema = {
+  body: z.object({
+    /*  name: z.string().openapi({
+      example: 'Acme Inc.',
+      description: 'The name of the organization',
+    }),
+    email: z.string().email().openapi({
+      example: 'contact@acme.com',
+      description: 'Contact email for the organization',
+    }), */
+    kind: z.string().openapi({
+      example: "private",
+      description: "The type or category of the organization",
+    }),
+  }),
+};
+
+export const queryOrganizationsSchema = zPagination;
+
+export const getOrganizationByIdSchema = zGet("organizationId");
+
+export const updateOrganizationSchema = {
+  ...zUpdate("organizationId"),
+  body: z.object({
+    name: z
+      .string()
+      .openapi({
+        example: "Acme Inc.",
+        description: "The name of the organization",
+      })
+      .optional(),
+    organization: zObjectId, // Legacy field, to be removed later
+    kind: z
+      .string()
+      .openapi({
+        example: "private",
+        description: "The type or category of the organization",
+      })
+      .optional(),
+    meta: z
+      .record(z.any())
+      .openapi({
+        example: { key: "value" },
+        description: "Additional metadata for the entry",
+      })
+      .optional(),
+  }),
+  //...zUpdate('organizationId'),
+  /* body: z.object({
+    meta: z.any,
+    /* organization: zObjectId,
+    kind: z
+      .string()
+      .openapi({
+        example: 'private',
+        description: 'The type or category of the organization',
+      })
+      .optional(),
+  }),*/
+};
+
+export const deleteOrganizationSchema = zDelete("organizationId");

package/src/pdf/pdf.controller.ts

@@ -0,0 +1,18 @@
+import httpStatus from "http-status";
+import catchAsync from "../utils/catchAsync.js";
+import pdfService from "./pdf.service.js";
+
+export const generatePdfFromUrl = catchAsync(async (req, res) => {
+  const fileName = "memo-print";
+
+  const authHeader = req.headers["authorization"];
+  const token = authHeader.split(" ")[1];
+
+  const result = await pdfService.generatePdfFromUrl({ ...req.query, token });
+
+  res.status(httpStatus.CREATED).send({ signed: result });
+});
+
+export default {
+  generatePdfFromUrl,
+};

package/src/pdf/pdf.route.ts

@@ -0,0 +1,28 @@
+import { Router } from "express";
+import buildRouterAndDocs from "../utils/buildRouterAndDocs.js";
+import { generatePdfSchema } from "./pdf.validation.js";
+import { pdfResponseSchema } from "./pdf.schemas.js";
+import { generatePdfFromUrl } from "./pdf.controller.js";
+import type { RouteSpec } from "../types/routeSpec";
+import auth from "../middlewares/auth.js";
+
+export const pdfRouteSpecs: RouteSpec[] = [
+  {
+    method: "get",
+    path: "/",
+    validate: [auth("manageUsers")],
+    requestSchema: generatePdfSchema,
+    responseSchema: pdfResponseSchema,
+    handler: generatePdfFromUrl,
+    summary: "Generate a PDF from a provided URL",
+    description:
+      "This endpoint allows users to generate a PDF document from a specified URL.",
+    memoOnly: true,
+  },
+];
+
+const router: Router = Router();
+
+buildRouterAndDocs(router, pdfRouteSpecs, "/pdf", ["PDF"]);
+
+export default router;

package/src/pdf/pdf.schemas.ts

@@ -0,0 +1,7 @@
+import { z } from 'zod';
+
+export const pdfResponseSchema = z.object({
+  url: z.string().url(),
+  filename: z.string(),
+  size: z.number(),
+});

package/src/pdf/pdf.service.ts

@@ -0,0 +1,89 @@
+import puppeteer from 'puppeteer';
+import { v4 as uuidv4 } from 'uuid';
+import AWS from 'aws-sdk';
+import path from 'path';
+
+// Configure AWS SDK
+const s3 = new AWS.S3({
+  accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+  secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY,
+  region: process.env.AWS_REGION,
+});
+
+// Function to upload a file to S3
+const uploadBuffer = async (buffer: Buffer, fileName: string): Promise<string> => {
+  const params = {
+    Bucket: process.env.AWS_S3_BUCKET_NAME!,
+    Key: fileName,
+    Body: buffer,
+    ContentType: 'application/pdf',
+    ACL: 'private',
+  };
+
+  const data = await s3.upload(params).promise();
+  return data.Location;
+};
+
+// Generate a signed URL
+const generateSignedUrl = (fileName: string): string => {
+  const params = {
+    Bucket: process.env.AWS_S3_BUCKET_NAME!,
+    Key: fileName,
+    Expires: 60 * 60, // URL expiration time in seconds
+  };
+
+  return s3.getSignedUrl('getObject', params);
+};
+
+interface GeneratePdfOptions {
+  urlPath: string;
+  token: string;
+}
+
+const generatePdfFromUrl = async ({ urlPath, token }: GeneratePdfOptions): Promise<string> => {
+  const domain = process.env.FRONTEND_URL!;
+  const browser = await puppeteer.launch({
+    defaultViewport: {
+      width: 1300,
+      height: 1200,
+      deviceScaleFactor: 1,
+    },
+    executablePath: process.env.CHROME_BIN,
+    args: ['--no-sandbox'],
+  });
+
+  const page = await browser.newPage();
+
+  await page.goto(domain);
+
+  // Set the token in local storage
+  await page.evaluate((token) => {
+    localStorage.setItem('print-token', token);
+  }, token);
+
+  await page.goto(domain + urlPath, { waitUntil: 'networkidle2' });
+
+  await page.waitForSelector('.pdf-render-complete');
+
+  const pdf = await page.pdf({ format: 'A4', printBackground: true });
+
+  await page.evaluate(() => {
+    localStorage.setItem('print-token', '');
+  });
+
+  await browser.close();
+
+  const fileUrl = await uploadBuffer(pdf, `download-${uuidv4()}.pdf`);
+
+  console.log(`File uploaded successfully. File URL: ${fileUrl}`);
+
+  const fileName = path.basename(fileUrl);
+  const signedUrl = generateSignedUrl(fileName);
+  console.log(`Signed URL: ${signedUrl}`);
+
+  return signedUrl;
+};
+
+export default {
+  generatePdfFromUrl,
+};

package/src/pdf/pdf.validation.ts

@@ -0,0 +1,30 @@
+import { extendZodWithOpenApi } from '@asteasolutions/zod-to-openapi';
+import { z } from 'zod';
+
+extendZodWithOpenApi(z);
+
+export const generatePdfSchema = {
+  query: z.object({
+    urlPath: z
+      .string()
+      /* .url()
+      .refine(
+        (value) =>
+          value.startsWith('https://memo.wirewire.de') ||
+          value.startsWith('https://web.wirewire.de') ||
+          (process.env.NODE_ENV !== 'production' && value.startsWith('http://localhost:3200')),
+        {
+          message:
+            process.env.NODE_ENV !== 'production'
+              ? 'urlPath must start with https://memo.wirewire.de, https://web.wirewire.de, or http://localhost:3200'
+              : 'urlPath must start with https://memo.wirewire.de or https://web.wirewire.de',
+        }
+      ) */
+      .openapi({
+        example: 'https://memo.wirewire.de/example.pdf',
+        description:
+          'URL path to the PDF generation endpoint. Allowed domains: https://memo.wirewire.de, https://web.wirewire.de' +
+          (process.env.NODE_ENV !== 'production' ? ', or http://localhost:3200 (dev)' : ''),
+      }),
+  }),
+};

package/src/tokens/tokens.controller.ts

@@ -0,0 +1,81 @@
+import httpStatus from "http-status";
+import type { Request, Response, NextFunction } from "express";
+import * as tokensService from "./tokens.service.js";
+import pick from "../utils/pick.js";
+
+export const getTokens = async (
+  req: Request,
+  res: Response,
+  next: NextFunction,
+): Promise<void> => {
+  const filter = pick({ ...req.query, owner: res.req.auth.sub }, [
+    "name",
+    "role",
+    "owner",
+  ]);
+  const options = pick(req.query, ["sortBy", "limit", "page"]);
+  const result = await tokensService.queryTokens(filter, options);
+  res.send(result);
+};
+
+// Create a new token
+export const createToken = async (
+  req: Request,
+  res: Response,
+  next: NextFunction,
+): Promise<void> => {
+  try {
+    const tokenData = {
+      ...req.body,
+      owner: res.req.auth.sub, // Always set owner from authenticated user
+    };
+    const token = await tokensService.createToken(tokenData);
+    res.status(httpStatus.CREATED).send(token);
+  } catch (error) {
+    next(error);
+  }
+};
+
+// Get a token by ID
+export const getToken = async (
+  req: Request,
+  res: Response,
+  next: NextFunction,
+): Promise<void> => {
+  try {
+    const token = await tokensService.getTokenById(req.params.tokenId);
+    if (!token) {
+      return res
+        .status(httpStatus.NOT_FOUND)
+        .send({ message: "Token not found" });
+    }
+    res.send(token);
+  } catch (error) {
+    next(error);
+  }
+};
+
+// Delete a token by ID
+export const deleteToken = async (
+  req: Request,
+  res: Response,
+  next: NextFunction,
+): Promise<void> => {
+  try {
+    const token = await tokensService.deleteTokenById(req.params.tokenId);
+    if (!token) {
+      return res
+        .status(httpStatus.NOT_FOUND)
+        .send({ message: "Token not found" });
+    }
+    res.status(httpStatus.NO_CONTENT).send();
+  } catch (error) {
+    next(error);
+  }
+};
+
+export default {
+  createToken,
+  getToken,
+  deleteToken,
+};

package/src/tokens/tokens.model.ts

@@ -0,0 +1,24 @@
+import mongoose, { Schema, Model } from "mongoose";
+import crypto from "crypto";
+import { toJSON, paginate } from "../models/plugins/index.js";
+
+const tokenSchema: Schema = new mongoose.Schema(
+  {
+    name: { type: String, required: true, trim: true },
+    value: { type: String, required: true, select: false }, // Store hash only
+    owner: { type: String, required: true, index: true, trim: true },
+    expiresAt: { type: Date, required: false, index: true },
+    usedAt: { type: Date, required: false, index: true },
+    meta: { type: Schema.Types.Mixed, required: false },
+  },
+  {
+    timestamps: true,
+  },
+);
+
+tokenSchema.plugin(toJSON, true);
+tokenSchema.plugin(paginate);
+
+const Token: Model<any> = mongoose.model("Token", tokenSchema);
+
+export default Token;

package/src/tokens/tokens.route.ts

@@ -0,0 +1,66 @@
+import { Router } from "express";
+import buildRouterAndDocs from "../utils/buildRouterAndDocs.js";
+import {
+  createTokenSchema,
+  getTokenSchema,
+  deleteTokenSchema,
+} from "./tokens.validation.js";
+import { tokenResponseSchema } from "./tokens.schemas.js";
+import {
+  createToken,
+  getToken,
+  deleteToken,
+  getTokens,
+} from "./tokens.controller.js";
+import auth from "../middlewares/auth.js";
+import type { RouteSpec } from "../types/routeSpec";
+import { validateParamsToken } from "../middlewares/validateTokens.js";
+
+export const tokensRouteSpecs: RouteSpec[] = [
+  {
+    method: "get",
+    path: "/",
+    validate: [auth("manageTokens")],
+    requestSchema: {},
+    responseSchema: tokenResponseSchema,
+    handler: getTokens,
+    privateDocs: true,
+    summary: "List all tokens of the current user",
+  },
+  {
+    method: "post",
+    path: "/",
+    validate: [auth("manageTokens")],
+    requestSchema: createTokenSchema,
+    responseSchema: tokenResponseSchema,
+    handler: createToken,
+    privateDocs: true,
+    summary: "Create a new token",
+  },
+  {
+    method: "get",
+    path: "/:tokenId",
+    validate: [auth("getTokens"), validateParamsToken],
+    requestSchema: getTokenSchema,
+    responseSchema: tokenResponseSchema,
+    handler: getToken,
+    privateDocs: true,
+    summary: "Get a token by ID",
+  },
+  {
+    method: "delete",
+    path: "/:tokenId",
+    validate: [auth("manageTokens"), validateParamsToken],
+    requestSchema: deleteTokenSchema,
+    responseSchema: tokenResponseSchema,
+    handler: deleteToken,
+    privateDocs: true,
+    summary: "Delete a token by ID",
+  },
+];
+
+const router: Router = Router();
+
+buildRouterAndDocs(router, tokensRouteSpecs, "/tokens", ["Tokens"]);
+
+export default router;

package/src/tokens/tokens.schemas.ts

@@ -0,0 +1,15 @@
+import { z } from 'zod';
+
+export const tokenResponseSchema = z.object({
+  // unique identifier of the token
+  tokenId: z.string().uuid(),
+  // the owning user
+  userId: z.string().uuid(),
+  // optional name or description
+  name: z.string().optional(),
+  // the token value (never returned after creation in real-world apps)
+  token: z.string(),
+  // timestamps
+  createdAt: z.string().datetime(),
+  updatedAt: z.string().datetime(),
+});

package/src/tokens/tokens.service.ts

@@ -0,0 +1,46 @@
+import crypto from "crypto";
+import type { Document } from "mongoose";
+import Token from "./tokens.model.js";
+
+export const queryTokens = async (
+  filter: Record<string, any>,
+  options: { sortBy?: string; limit?: number; page?: number },
+): Promise<QueryResult> => {
+  return Token.paginate(filter, options);
+};
+
+export const createToken = async (
+  tokenData: Record<string, any>,
+): Promise<{ raw: string } & Document> => {
+  // 1. Generate raw token
+  const rawToken = crypto.randomBytes(32).toString("hex");
+  // 2. Hash the token (e.g., using SHA-256)
+  const hashedToken = crypto
+    .createHash("sha256")
+    .update(rawToken)
+    .digest("hex");
+
+  const tokenDataHased = {
+    ...tokenData,
+    value: hashedToken,
+  };
+
+  const newToken = await Token.create(tokenDataHased);
+  return {
+    ...newToken.toObject(),
+    raw: rawToken, // Return the raw token to the user
+  };
+};
+
+export const getTokenById = async (
+  tokenId: string,
+): Promise<Document | null> => {
+  return Token.findById(tokenId);
+};
+
+// Delete a token by ID
+export const deleteTokenById = async (
+  tokenId: string,
+): Promise<Document | null> => {
+  return Token.findByIdAndDelete(tokenId);
+};

package/src/tokens/tokens.validation.ts

@@ -0,0 +1,13 @@
+import { extendZodWithOpenApi } from "@asteasolutions/zod-to-openapi";
+import { z } from "zod";
+import { zGet, zDelete } from "../utils/zValidations.js";
+
+export const createTokenSchema = {
+  body: z.object({
+    name: z.string().openapi({ example: "my sample token" }),
+  }),
+};
+
+export const getTokenSchema = zGet("tokenId");
+
+export const deleteTokenSchema = zDelete("tokenId");

package/src/types/routeSpec.ts

@@ -0,0 +1 @@
+export type { RouteSpec } from "../utils/buildRouterAndDocs.js";