@joystick.js/node-canary 0.0.0-canary.47 → 0.0.0-canary.470

package/src/app/generate_process_id.js

@@ -0,0 +1,30 @@
+import fs from 'fs';
+import generate_id from '../lib/generate_id.js';
+import path_exists from '../lib/path_exists.js';
+
+const { mkdir, writeFile, readFile } = fs.promises;
+
+const generate_process_id = async () => {
+	  // NOTE: Taint machine with a unique ID that can be used to identify a single running
+    // process/instance of Joystick (helpful when running in cluster mode or multiple servers).
+		const joystick_folder_path = './.joystick';
+		const joystick_process_id_path = './.joystick/PROCESS_ID';
+		const has_joystick_folder = await path_exists(joystick_folder_path);
+		const has_joystick_process_id = await path_exists(joystick_process_id_path);
+
+    if (!has_joystick_folder) {
+      await mkdir(joystick_folder_path);
+    }
+
+    if (!has_joystick_process_id) {
+    	const joystick_process_id = generate_id(32);
+      await writeFile(joystick_process_id_path, `${generate_id(32)}`);
+      return joystick_process_id;
+    }
+
+    const joystick_process_id = await readFile(joystick_process_id_path, 'utf-8');
+
+    return joystick_process_id?.trim();
+  };
+
+  export default generate_process_id;

package/src/app/get_ssl_certificates.js

@@ -0,0 +1,23 @@
+import fs from 'fs';
+
+const get_ssl_certificates = (ssl = null) => {
+  const push_certificate_path = '/root/push/certs/cert.pem';
+  const push_key_path = '/root/push/certs/key.pem';
+
+  const certificate_path = process.env.IS_PUSH_DEPLOYED ? push_certificate_path : (ssl?.certificate || null);
+  const key_path = process.env.IS_PUSH_DEPLOYED ? push_key_path : (ssl?.key || null);
+
+  const certificate_exists = certificate_path && fs.existsSync(certificate_path);
+  const key_exists = key_path && fs.existsSync(key_path);
+
+  if (['development', 'test'].includes(process.env.NODE_ENV) || !certificate_exists || !key_exists) {
+    return null;
+  }
+
+  return {
+    cert: fs.readFileSync(certificate_path),
+    key: fs.readFileSync(key_path),
+  };
+};
+
+export default get_ssl_certificates;

package/src/app/handle_process_errors.js

@@ -0,0 +1,101 @@
+const handle_process_errors = (event_listeners = {}) => {
+  process.on("disconnect", async () => {
+    if (event_listeners?.disconnect && typeof event_listeners.disconnect === "function") {
+      event_listeners.disconnect();
+    }
+  });
+  
+  process.on("beforeExit", async (code) => {
+    if (event_listeners?.beforeExit && typeof event_listeners.beforeExit === "function") {
+      event_listeners.beforeExit(code);
+    }
+  });
+
+  process.on("exit", async (code) => {
+    if (event_listeners?.exit && typeof event_listeners.exit === "function") {
+      event_listeners.exit(code);
+    }
+  });
+
+  process.on("message", async (message, sendHandle) => {
+    if (process.env.NODE_ENV !== "test") {
+      console.log(message);
+    }
+
+    if (event_listeners?.message && typeof event_listeners.message === "function") {
+      event_listeners.message(message, sendHandle);
+    }
+  });
+
+  process.on("multipleResolves", async (type, promise, value) => {
+    if (
+      event_listeners?.multipleResolves &&
+      typeof event_listeners.multipleResolves === "function"
+    ) {
+      event_listeners.multipleResolves(type, promise, value);
+    }
+  });
+
+  process.on("rejectionHandled", async (promise) => {
+    if (
+      event_listeners?.rejectionHandled &&
+      typeof event_listeners.rejectionHandled === "function"
+    ) {
+      event_listeners.rejectionHandled(promise);
+    }
+  });
+
+  process.on("uncaughtException", async (error, origin) => {
+    console.warn(error);
+
+    if (event_listeners?.error && typeof event_listeners.error === "function") {
+      event_listeners.error(error);
+    }
+
+    if (
+      event_listeners?.uncaughtException &&
+      typeof event_listeners.uncaughtException === "function"
+    ) {
+      event_listeners.uncaughtException(error, origin);
+    }
+  });
+
+  process.on("uncaughtExceptionMonitor", async (error) => {
+    if (
+      event_listeners?.uncaughtExceptionMonitor &&
+      typeof event_listeners.uncaughtExceptionMonitor === "function"
+    ) {
+      event_listeners.uncaughtExceptionMonitor(error);
+    }
+  });
+
+  process.on("unhandledRejection", async (error) => {
+    console.warn(error);
+
+    if (event_listeners?.error && typeof event_listeners.error === "function") {
+      event_listeners.error(error);
+    }
+
+    if (
+      event_listeners?.unhandledRejection &&
+      typeof event_listeners.unhandledRejection === "function"
+    ) {
+      event_listeners.unhandledRejection(error);
+    }
+  });
+
+  process.on("warning", async (warning) => {
+    if (event_listeners?.warning && typeof event_listeners.warning === "function") {
+      event_listeners.warning(warning);
+    }
+  });
+
+  process.on("worker", async (event) => {
+    if (event_listeners?.worker && typeof event_listeners.worker === "function") {
+      event_listeners.worker(event);
+    }
+  });
+};
+
+export default handle_process_errors;
+

package/src/app/index.js

@@ -0,0 +1,253 @@
+import api_accounts_authenticated from "./api/accounts/authenticated.js";
+import api_accounts_login from "./api/accounts/login.js";
+import api_accounts_logout from "./api/accounts/logout.js";
+import api_accounts_recover_password from "./api/accounts/recover_password.js";
+import api_accounts_reset_password from "./api/accounts/reset_password.js";
+import api_accounts_signup from "./api/accounts/signup.js";
+import api_accounts_user from "./api/accounts/user.js";
+import api_accounts_verify_email from "./api/accounts/verify_email.js";
+import api_push_health from './api/push/health.js';
+import api_test_accounts_delete from "./api/test/accounts/delete.js";
+import api_test_accounts_signup from "./api/test/accounts/signup.js";
+import api_test_bootstrap from "./api/test/bootstrap.js";
+import api_test_process from "./api/test/process.js";
+import api_test_queues from "./api/test/queues.js";
+import create_mongodb_indexes from "./databases/mongodb/create_indexes.js";
+import create_postgresql_indexes from "./databases/postgresql/create_indexes.js";
+import create_postgresql_tables from "./databases/postgresql/create_tables.js";
+import generate_machine_id from "./generate_machine_id.js";
+import generate_process_id from "./generate_process_id.js";
+import get_target_database_connection from "./databases/get_target_database_connection.js";
+import handle_process_errors from "./handle_process_errors.js";
+import load_settings from "./settings/load.js";
+import Queue from "./queues/index.js";
+import register_app_options from "./register_app_options.js";
+import register_cron_jobs from "./cron_jobs/register.js";
+import register_database from './databases/register_database.js';
+import register_getters from "./api/register_getters.js";
+import register_route_from_function from './routes/register_route_from_function.js';
+import register_route_from_object from './routes/register_route_from_object.js';
+import register_setters from "./api/register_setters.js";
+import register_uploaders from "./uploaders/register.js";
+import register_websockets from "./websockets/register.js";
+import start_express from "./start_express.js";
+import start_node_as_cluster from "./start_node_as_cluster.js";
+import types from "../lib/types.js";
+import push_logs from "./push_logs.js";
+
+const app_settings = load_settings();
+
+if (process.env.NODE_ENV !== "development" && process.env.IS_PUSH_DEPLOYED) {
+  push_logs();
+}
+
+class App {
+	constructor(app_options = {}) {
+		handle_process_errors(app_options?.events);
+
+		register_app_options(this, app_options);
+
+		this.generate_machine_id();
+		this.generate_process_id();
+
+		process.title = process.env.NODE_ENV === 'test' ? "joystick_test_app" : 'joystick_app';
+
+		// NOTE: Make app_options passed to node.app() accessible globally. This is used
+		// for things like the account hooks.
+    process.joystick = {
+      app_options,
+    };
+	}
+
+	async connect_databases() {
+		const databases_from_settings = app_settings?.config?.databases;
+
+		for (let i = 0; i < databases_from_settings?.length; i += 1) {
+			const database_from_settings = databases_from_settings[i];
+      const database_port = parseInt(process.env.PORT, 10) + 10 + i;
+			const has_multiple_of_provider = (databases_from_settings?.filter((database) => database_from_settings?.provider === database?.provider))?.length > 1;
+
+			await register_database(database_from_settings, database_port, has_multiple_of_provider);
+		}
+
+		if (databases_from_settings?.length > 0) {
+			const queues_database = get_target_database_connection('queues');
+			const sessions_database = get_target_database_connection('sessions');
+			const users_database = get_target_database_connection('users');
+
+	    process.databases._queues = queues_database?.connection;
+	    process.databases._sessions = sessions_database?.connection;
+	    process.databases._users = users_database?.connection;
+
+	    const internal_database_targets = [queues_database, sessions_database, users_database];
+
+	    const mongodb_targets = internal_database_targets?.filter((target) => target?.provider === 'mongodb')?.map((target) => target?.database_type);
+	    await create_mongodb_indexes(mongodb_targets);
+
+	    const postgresql_targets = internal_database_targets?.filter((target) => target?.provider === 'postgresql')?.map((target) => target?.database_type);
+	    await create_postgresql_tables(postgresql_targets);
+	    await create_postgresql_indexes(postgresql_targets);
+		}
+	}
+
+	async generate_machine_id() {
+		this.joystick_machine_id = await generate_machine_id();
+	}
+
+	async generate_process_id() {
+		this.joystick_process_id = await generate_process_id();
+	}
+
+	on_after_start_server(express = {}) {
+		// NOTE: Any console.log here is picked up by the stdout listener inside of
+    // the start script of the CLI.
+    process.on("message", (message) => {
+      if (typeof message === 'string') {
+        const parsed_message = JSON.parse(message);
+
+        if (parsed_message?.type === 'BUILD_ERROR') {
+          process.BUILD_ERROR = JSON.parse(message);
+        }
+      }
+    });
+
+    console.log(`App running at: http://localhost:${express.port}`);
+	}
+
+	register_accounts() {
+		this.express.app.get('/api/_accounts/authenticated', api_accounts_authenticated);
+		this.express.app.post('/api/_accounts/user', api_accounts_user);
+		this.express.app.post('/api/_accounts/login', api_accounts_login);
+		this.express.app.post('/api/_accounts/logout', api_accounts_logout);
+		this.express.app.post('/api/_accounts/recover-password', api_accounts_recover_password);
+		this.express.app.post('/api/_accounts/reset-password', api_accounts_reset_password);
+		this.express.app.post('/api/_accounts/signup', api_accounts_signup);
+		this.express.app.post('/api/_accounts/verify-email', api_accounts_verify_email);
+	}
+
+	register_api() {
+    const getters = this?.options?.api?.getters;
+    const setters = this?.options?.api?.setters;
+    const api_options = this?.options?.api?.options;
+    const api_context = this?.options?.api?.context;
+
+    if (getters && types.is_object(getters) && Object.keys(getters || {}).length > 0) {
+      register_getters(this.express.app, Object.entries(getters || {}), api_context, api_options);
+    }
+
+    if (setters && types.is_object(setters) && Object.keys(setters || {}).length > 0) {
+      register_setters(this.express.app, Object.entries(setters || {}), api_context, api_options);
+    }
+	}
+
+	register_cron_jobs() {
+		register_cron_jobs(this.options.cronJobs || this.options.cron_jobs);
+	}
+
+  register_fixtures() {
+    if (types.is_function(this.options.fixtures)) {
+      this.options.fixtures();
+    }
+  }
+
+  register_indexes() {
+    if (types.is_function(this.options.indexes)) {
+      this.options.indexes();
+    }
+  }
+
+  register_push() {
+    this.express.app.get("/api/_push/health", api_push_health);
+  }
+
+  register_queues() {
+    if (types.is_object(this.options.queues)) {
+      const queue_definitions = Object.entries(this.options.queues || {});
+      for (let i = 0; i < queue_definitions.length; i += 1) {
+        const [queue_name, queue_options] = queue_definitions[i];
+        process.queues = {
+          ...(process.queues || {}),
+          [queue_name]: new Queue(queue_name, queue_options),
+        };
+      }
+    }
+  }
+
+	register_routes() {
+		const routes = Object.entries(this?.options?.routes || {});
+
+		for (let i = 0; i < routes?.length; i += 1) {
+			const [route_path, route_handler] = routes[i];
+			const is_object_route = types.is_object(route_handler);
+			const is_function_route = types.is_function(route_handler);
+
+			if (is_function_route) {
+				register_route_from_function(this.express.app, route_path, route_handler);
+			}
+
+			if (is_object_route) {
+				register_route_from_object(this.express.app, route_path, route_handler);
+			}
+		}
+	}
+
+	register_tests() {
+		this.express.app.get('/api/_test/bootstrap', (req = {}, res = {}) => api_test_bootstrap(req, res, this));
+		this.express.app.get('/api/_test/process', api_test_process);
+		this.express.app.delete('/api/_test/accounts', api_test_accounts_delete);
+		this.express.app.post('/api/_test/accounts/signup', api_test_accounts_signup);
+		this.express.app.post('/api/_test/queues', (req = {}, res = {}) => api_test_queues(req, res, this));
+	}
+
+	register_uploaders() {
+		register_uploaders(this.options.uploaders, this);
+	}
+
+	register_websockets() {
+		register_websockets(this.options.websockets, this);
+	}
+
+	async start() {
+		// NOTE: Order here is intentionally not alphabetical to ensure load
+		// order plays nice with things like tests.
+		await this.connect_databases();
+		this.register_cron_jobs();
+		this.register_queues();
+		this.start_express();
+		this.register_tests();
+		this.register_accounts();
+		this.register_push();
+		this.register_api();
+		this.register_routes();
+		this.register_websockets();
+		this.register_uploaders();
+		this.register_fixtures();
+		this.register_indexes();
+	}
+
+	start_express() {
+		this.express = start_express(this.on_after_start_server, this);
+	}
+}
+
+const start_app = async (options = {}) => {
+  const app = new App(options);
+  await app.start(options);
+  return app;
+};
+
+const app = (options = {}) => {
+	return new Promise(async (resolve) => {
+		if (options?.cluster) {
+			start_node_as_cluster(async () => {
+				const app = await start_app(options);
+        return resolve(app.express);
+			});
+		} else {
+			const app = await start_app(options);
+      return resolve(app.express);
+		}
+	});
+};
+
+export default app;

package/src/app/middleware/account.js

@@ -0,0 +1,28 @@
+import accounts_query from '../databases/queries/accounts.js';
+import has_login_token_expired from '../accounts/has_login_token_expired.js';
+import unset_account_cookie from "../accounts/unset_account_cookie.js";
+
+const account_middleware = async (req, res, next) => {
+  const login_token_has_expired = has_login_token_expired(
+    res,
+    req?.cookies?.joystick_login_token,
+    req?.cookies?.joystick_login_token_expires_at
+  );
+
+  if (login_token_has_expired) {
+    unset_account_cookie(res);
+  }
+
+  const user = !login_token_has_expired ? await accounts_query("user_with_login_token", {
+    token: req?.cookies?.joystick_login_token,
+  }) : null;
+
+  req.context = {
+    ...(req?.context || {}),
+    user,
+  };
+
+  next();
+};
+
+export default account_middleware;

package/src/app/middleware/body_parser.js

@@ -0,0 +1,18 @@
+import express from "express";
+
+const body_parser = (config = {}) => {
+  return (req, res, next) => {
+    const content_Type = req.headers["content-type"];
+
+    if (content_Type && content_Type === "application/x-www-form-urlencoded") {
+      return express.urlencoded({
+        extended: true,
+        ...(config?.urlencoded || {}),
+      })(req, res, next);
+    }
+
+    return express.json(config?.json)(req, res, next);
+  };
+};
+
+export default body_parser;

package/src/app/middleware/build_error.js

@@ -0,0 +1,18 @@
+import generate_joystick_error_page from './generate_joystick_error_page.js';
+
+const build_error_middleware = (_req, res, next) => {
+  if (process.BUILD_ERROR) {
+    const error = process.BUILD_ERROR.paths && process.BUILD_ERROR.paths[0];
+    const joystick_error_page = generate_joystick_error_page({
+      path: error.path,
+      stack: error.error.stack,
+      frame: error.error.snippet,
+    });
+
+    return res.send(joystick_error_page);
+  }
+
+  next();
+};
+
+export default build_error_middleware;

package/src/app/middleware/built_in.js

@@ -0,0 +1,76 @@
+import compression from 'compression';
+import cookieParser from "cookie-parser";
+import cors from 'cors';
+import express from 'express';
+import favicon from "serve-favicon";
+import account_middleware from './account.js';
+import body_parser from './body_parser.js';
+import build_error_middleware from './build_error.js';
+import context_middleware from './context.js';
+import get_joystick_build_path from '../../lib/get_joystick_build_path.js';
+import hmr_client_middleware from './hmr_client.js';
+import insecure_middleware from './insecure.js';
+import path_exists from '../../lib/path_exists.js';
+import process_browser_polyfill_middleware from './process_browser_polyfill.js';
+import render_middleware from './render/index.js';
+import request_methods_middleware from './request_methods.js';
+import session_middleware from './session.js';
+
+const build_path = get_joystick_build_path();
+
+const built_in = (options = {}) => {
+	options.express_app.set('trust proxy', 1);
+
+	if (!['development', 'test'].includes(process.env.NODE_ENV)) {
+		options.express_app.use(insecure_middleware);
+	}
+
+	options.express_app.use(build_error_middleware);
+	options.express_app.use(request_methods_middleware);
+
+	if (options?.csp_config) {
+		options.express_app.use((req, res, next) => csp(req, res, next, options?.csp_config));
+	}
+
+	if (process.env.NODE_ENV !== 'development') {
+		options.express_app.use(compression());
+	}
+
+  options.express_app.use(express.static('public'));
+  options.express_app.use('/css', express.static('css'));
+  options.express_app.use('/_joystick/utils/process.js', process_browser_polyfill_middleware);
+  options.express_app.use('/_joystick/index.client.js', express.static(`${options?.joystick_build_path}index.client.js`));
+  options.express_app.use('/_joystick/index.css', express.static(`${options?.joystick_build_path}index.css`));
+  options.express_app.use('/_joystick/ui', express.static(`${build_path}ui`));
+
+  if (process.env.NODE_ENV === 'development') {
+  	options.express_app.use("/_joystick/hmr/client.js", hmr_client_middleware);
+  }
+
+  options.express_app.use(async (req, res, next) => {
+    const favicon_exists = await path_exists('public/favicon.ico');
+    if (favicon_exists) {
+      favicon('public/favicon.ico')(req, res, next);
+    } else {
+      next();
+    }
+  });
+
+  options.express_app.use(cookieParser());
+  options.express_app.use(body_parser(options?.middleware_config?.bodyParser));
+  options.express_app.use(cors(options?.middleware_config?.cors, options?.port));
+
+  if (process.databases?._sessions) {
+    options.express_app.use((req, res, next) => session_middleware(req, res, next));
+  }
+
+  if (process.databases?._users) {
+    options.express_app.use((req, res, next) => account_middleware(req, res, next));
+  }
+
+  options.express_app.use((req, res, next) => context_middleware(req, res, next));
+  
+  options.express_app.use((req, res, next) => render_middleware(req, res, next, options?.app_instance));
+};
+
+export default built_in;

package/src/app/middleware/context.js

@@ -0,0 +1,34 @@
+const if_logged_in = (redirect_path = "", callback = null, http = {}) => {
+  if (!!http?.req?.context?.user && redirect_path) {
+    return http?.res.redirect(redirect_path);
+  }
+
+  if (callback) {
+    return callback();
+  }
+};
+
+const if_not_logged_in = (redirect_path = "", callback = null, http = {}) => {
+  if (!http?.req?.context?.user && redirect_path) {
+    return http?.res.redirect(redirect_path);
+  }
+
+  if (callback) {
+    return callback();
+  }
+};
+
+const context_middleware = async (req, res, next) => {
+  req.context = {
+    ...(req?.context || {}),
+    if_logged_in: (redirect_path = '', callback) => if_logged_in(redirect_path, callback, { req, res }),
+	  ifLoggedIn: (redirect_path = '', callback) => if_logged_in(redirect_path, callback, { req, res }),
+	  if_not_logged_in: (redirect_path = '', callback) => if_not_logged_in(redirect_path, callback, { req, res }),
+	  ifNotLoggedIn: (redirect_path = '', callback) => if_not_logged_in(redirect_path, callback, { req, res }),
+	  ...(process.databases || {}),
+  };
+
+  next();
+};
+
+export default context_middleware;

package/src/app/middleware/cors.js

@@ -0,0 +1,23 @@
+import cors from "cors";
+
+const cors_middleware = (config = {}, port = "") => {
+  return (req, res, next) => {
+    const allowed_urls = [
+      `http://localhost:${port}`,
+      ...(config?.allowedUrls || []),
+    ];
+
+    return cors({
+      credentials: true,
+      origin: function (origin, callback) {
+        if (!origin || allowed_urls.includes(origin)) {
+          callback(null, true);
+        } else {
+          callback(new Error(`${origin} not permitted by CORS policy.`));
+        }
+      },
+    })(req, res, next);
+  };
+};
+
+export default cors_middleware;

package/src/app/middleware/csp.js

@@ -0,0 +1,54 @@
+import types from '../../lib/types.js';
+
+const csp_middleware = (_req, res, next, csp_config = null) => {
+  if (csp_config && types.is_object(csp_config)) {
+    // NOTE: Redefine for each request so it doesn't get stuck in memory.
+    const directive_defaults = {
+      'base-uri': ["'self'"],
+      'child-src': ["'self'"],
+      'connect-src': ["'self'", "wss:"],
+      'default-src': ["'self'"],
+      'font-src': ["'self'"],
+      'form-action': ["'self'"],
+      'frame-src': ["'self'"],
+      'img-src': ["'self'"],
+      'manifest-src': ["'self'"],
+      'media-src': ["'self'"],
+      'navigate-to': ["'self'"],
+      'object-src': ["'self'"],
+      'script-src': ["'self'"],
+      'script-src-attr': ["'self'"],
+      'script-src-elem': ["'self'"],
+      'style-src': ["'self'"],
+      'style-src-attr': ["'self'"],
+      'style-src-elem': ["'self'"],
+      'worker-src': ["'self'"],
+    };
+    
+    if (process.env.NODE_ENV === "development") {
+      directive_defaults["script-src"].push("'unsafe-eval'");
+      directive_defaults["connect-src"].push("ws:");
+    }
+    
+    const directive_names = Object.keys(directive_defaults || {});
+    
+    for (let i = 0; i < directive_names?.length; i += 1) {
+      const directive = directive_names[i];
+      directive_defaults[directive] = [
+        ...(directive_defaults[directive] || []),
+        ...(csp_config?.unrestrictedOrigins || csp_config?.unrestricted_origins || []),
+        ...((csp_config?.directives && csp_config?.directives[directive]) || []),
+      ];
+    }
+    
+    const csp = Object.keys(directive_defaults || {}).map((source) => {
+      return `${source} ${directive_defaults[source].join(" ")}`;
+    })?.join('; ');
+    
+    res.setHeader('Content-Security-Policy', csp);
+  }
+  
+  next();
+};
+
+export default csp_middleware;