@joystick.js/node-canary 0.0.0-canary.47 → 0.0.0-canary.471

package/src/app/accounts/login.js

@@ -0,0 +1,82 @@
+/* eslint-disable consistent-return */
+
+import bcrypt from "bcrypt";
+import accounts_query from "../databases/queries/accounts.js";
+import generate_account_session from "./generate_account_session.js";
+import get_output from "../api/get_output.js";
+import types from "../../lib/types.js";
+
+const add_session_to_user = (user_id = null, session = null) => {
+  return accounts_query("add_session", { user_id, session });
+};
+
+const get_existing_session = (user_id = null) => {
+  return accounts_query("get_existing_session", { user_id });
+};
+
+const delete_old_sessions = (user_id = null) => {
+  return accounts_query("delete_old_sessions", { user_id });
+};
+
+const check_if_valid_password = (password_from_login = null, password_hash_from_user = null) => {
+  return bcrypt.compareSync(password_from_login, password_hash_from_user);
+};
+
+const login = async (login_options = {}) => {
+  const user = await accounts_query("user", {
+    email_address: login_options.email_address || login_options.emailAddress,
+    username: login_options.username,
+  });
+
+  if (!user) {
+    throw new Error(
+      `A user with the ${
+        login_options.email_address || login_options.emailAddress ? "email address" : "username"
+      } ${login_options.email_address || login_options.emailAddress || login_options.username} could not be found.`
+    );
+  }
+
+  const is_valid_password = check_if_valid_password(
+    login_options.password,
+    user.password
+  );
+
+  if (!is_valid_password) {
+    throw new Error('Incorrect password.');
+  }
+
+  const user_id = user?._id || user?.user_id;
+
+  await delete_old_sessions(user_id);
+
+  let session = await get_existing_session(user_id);
+
+  if (!session) {
+    session = generate_account_session();
+    await add_session_to_user(user_id, session);
+  }
+
+  const { password, sessions, ...rest_of_user } = user;
+
+  if (
+    types.is_function(process.joystick?.app_options?.accounts?.events?.onLogin) || 
+    types.is_function(process.joystick?.app_options?.accounts?.events?.on_login)
+  ) {
+    (process.joystick?.app_options?.accounts?.events?.onLogin || process.joystick?.app_options?.accounts?.events?.on_login)({
+      ...session,
+      user,
+    });
+  }
+
+  return {
+    ...session,
+    user: get_output(
+      {
+        ...rest_of_user,
+      },
+      login_options?.output
+    ),
+  };
+};
+
+export default login;

package/src/app/accounts/recover_password.js

@@ -0,0 +1,58 @@
+import accounts_query from "../databases/queries/accounts.js";
+import generate_password_reset_token from "./generate_password_reset_token.js";
+import load_settings from "../settings/load.js";
+import send_email from "../email/send.js";
+import types from "../../lib/types.js";
+
+const settings = load_settings();
+
+const get_existing_reset_token = (user_id = '') => {
+  return accounts_query('get_password_reset_token', { user_id });
+};
+
+const get_user = (email_address = '') => {
+  return accounts_query('user', { email_address });
+};
+
+const recover_password = async (recover_password_options = {}) => {
+  const user = await get_user(recover_password_options?.email_address || recover_password_options?.emailAddress);
+
+  if (!user) {
+    throw new Error(`A user with the email address ${recover_password_options?.email_address || recover_password_options?.emailAddress} could not be found.`);
+  }
+
+  const existing_reset_token = await get_existing_reset_token(user?._id || user?.user_id);
+  const reset_token = existing_reset_token || await generate_password_reset_token(recover_password_options.email_address || recover_password_options.emailAddress);
+
+  const domain = process.env.ROOT_URL || `http://localhost:${process.env.PORT}`;
+  const url = `${domain}/reset-password/${reset_token}`;
+
+  if (process.env.NODE_ENV === "development") {
+    console.log(`Reset Password URL: ${url}`);
+  }
+
+  if (
+    types.is_function(process.joystick?.app_options?.accounts?.events?.onRecoverPassword) ||
+    types.is_function(process.joystick?.app_options?.accounts?.events?.on_recover_password)
+  ) {
+    (
+      process.joystick?.app_options?.accounts?.events?.onRecoverPassword ||
+      process.joystick?.app_options?.accounts?.events?.on_recover_password
+    )(recover_password_options?.email_address || recover_password_options?.emailAddress);
+  }
+
+  await send_email({
+    to: recover_password_options.email_address || recover_password_options?.emailAddress,
+    from: settings?.config?.email?.from,
+    subject: "Reset Your Password",
+    template: "reset_password",
+    props: {
+      email_address: recover_password_options.email_address || recover_password_options?.emailAddress,
+      url,
+    },
+  });
+
+  return reset_token;
+};
+
+export default recover_password;

package/src/app/accounts/reset_password.js

@@ -0,0 +1,69 @@
+import accounts_query from "../databases/queries/accounts.js";
+import generate_account_session from "./generate_account_session.js";
+import get_output from "../api/get_output.js";
+import hash_string from "../../lib/hash_string.js";
+import types from "../../lib/types.js";
+
+const remove_token_from_user = (user_id = null, token = null) => {
+  return accounts_query("remove_reset_token", { user_id, token });
+};
+
+const add_session_to_user = (user_id = null, session = null) => {
+  return accounts_query("add_session", { user_id, session });
+};
+
+const set_new_password_on_user = async (user_id = "", password = "") => {
+  const hashed_password = hash_string(password);
+  await accounts_query("set_new_password", { user_id, hashed_password });
+  return hashed_password;
+};
+
+const reset_user_sessions = (user_id = '') => {
+  return accounts_query("reset_user_sessions", { user_id });
+};
+
+const get_user_with_token = (token = "") => {
+  return accounts_query("user_with_reset_token", {
+    "passwordResetTokens.token": token,
+  });
+};
+
+const reset_password = async (reset_password_options = {}) => {
+  const user = await get_user_with_token(reset_password_options.token);
+
+  if (!user) {
+    throw new Error('Invalid password reset token.');
+  }
+
+  await reset_user_sessions(user?._id || user?.user_id);
+
+  await set_new_password_on_user(
+    user?._id || user?.user_id,
+    reset_password_options.password
+  );
+
+  const updated_user = await remove_token_from_user(
+    user?._id || user?.user_id,
+    reset_password_options.token
+  );
+
+  const session = generate_account_session();
+  await add_session_to_user(updated_user?._id || updated_user?.user_id, session);
+
+  if (
+    types.is_function(process.joystick?.app_options?.accounts?.events?.onResetPassword) ||
+    types.is_function(process.joystick?.app_options?.accounts?.events?.on_reset_password)
+  ) {
+    (process.joystick?.app_options?.accounts?.events?.onResetPassword || process.joystick?.app_options?.accounts?.events?.on_reset_password)({
+      user: updated_user,
+      ...session,
+    });
+  }
+
+  return {
+    user: get_output(updated_user, reset_password_options?.output),
+    ...session,
+  };
+};
+
+export default reset_password;

package/src/app/accounts/roles/add.js

@@ -0,0 +1,7 @@
+import accounts_query from "../../databases/queries/accounts.js";
+
+const add = (role = '') => {
+  return accounts_query("add_role", { role });
+};
+
+export default add;

package/src/app/accounts/roles/grant.js

@@ -0,0 +1,7 @@
+import accounts_query from "../../databases/queries/accounts.js";
+
+const grant = (user_id = '', role = '') => {
+  return accounts_query("grant_role", { user_id, role });
+};
+
+export default grant;

package/src/app/accounts/roles/index.js

@@ -0,0 +1,18 @@
+import add from './add.js';
+import remove from './remove.js';
+import list from './list.js';
+import grant from './grant.js';
+import revoke from './revoke.js';
+import user_has_role from './user_has_role.js';
+
+const roles = {
+  add,
+  remove,
+  list,
+  grant,
+  revoke,
+  userHasRole: user_has_role,
+  user_has_role,
+};
+
+export default roles;

package/src/app/accounts/roles/list.js

@@ -0,0 +1,7 @@
+import accounts_query from '../../databases/queries/accounts.js';
+
+const list = () => {
+  return accounts_query("list_roles");
+};
+
+export default list;

package/src/app/accounts/roles/remove.js

@@ -0,0 +1,7 @@
+import accounts_query from '../../databases/queries/accounts.js';
+
+const remove = (role = '') => {
+  return accounts_query("remove_role", { role });
+}
+
+export default remove;

package/src/app/accounts/roles/revoke.js

@@ -0,0 +1,7 @@
+import accounts_query from '../../databases/queries/accounts.js';
+
+const revoke = (user_id = '', role = '') => {
+  return accounts_query("revoke_role", { user_id, role });
+};
+
+export default revoke;

package/src/app/accounts/roles/user_has_role.js

@@ -0,0 +1,7 @@
+import accounts_query from '../../databases/queries/accounts.js';
+
+const user_has_role = (user_id = '', role = '') => {
+  return accounts_query("user_has_role", { user_id, role });
+};
+
+export default user_has_role;

package/src/app/accounts/send_email_verification.js

@@ -0,0 +1,48 @@
+import accounts_query from "../databases/queries/accounts.js";
+import load_settings from "../settings/load.js";
+import send_email from "../email/send.js";
+
+const send_verification_email = (email_address = "", token = "") => {
+  const settings = load_settings();
+
+  return send_email({
+    to: email_address,
+    from: settings?.config?.email?.from,
+    subject:
+      settings?.config?.email?.verify?.subject || "Verify your email address",
+    template: settings?.config?.email?.verify?.template || "verify_email",
+    props: {
+      // NOTE: Keep camelCase for backwards compatibility.
+      emailAddress: email_address,
+      email_address,
+      url:
+        process.env.NODE_ENV === "development"
+          ? `http://localhost:${process.env.PORT}/api/_accounts/verify_email?token=${token}`
+          : `${process.env.ROOT_URL}/api/_accounts/verify_email?token=${token}`,
+    },
+  });
+};
+
+const get_email_verification_token = (user_id = "") => {
+  return accounts_query("create_email_verification_token", {
+    user_id,
+  });
+};
+
+const get_user = (user_id = "") => {
+  return accounts_query("user", { _id: user_id });
+};
+
+const send_email_verification = async (user_id = '') => {
+  const user = await get_user(user_id);
+
+  if (!user?.emailVerified && !user?.emailVerifiedAt) {
+    const token = await get_email_verification_token(user?._id || user?.user_id);
+    await send_verification_email(user?.emailAddress, token);
+  }
+
+  return true;
+};
+
+export default send_email_verification;
+

package/src/app/accounts/set_account_cookie.js

@@ -0,0 +1,12 @@
+import set_cookie from "../../lib/set_cookie.js";
+
+const set_account_cookie = (res = null, authentication = null) => {
+  if (!res || !authentication) return null;
+
+  set_cookie(res, 'joystick_login_token', authentication.token, authentication.token_expires_at);
+  set_cookie(res, 'joystick_login_token_expires_at', authentication.token_expires_at, authentication.token_expires_at);
+
+  return res;
+};
+
+export default set_account_cookie;

package/src/app/accounts/set_password.js

@@ -0,0 +1,46 @@
+import accounts_query from "../databases/queries/accounts.js";
+import hash_string from "../../lib/hash_string.js";
+import types from "../../lib/types.js";
+
+const reset_user_sessions = (user_id = null) => {
+  return accounts_query("reset_user_sessions", { user_id });
+};
+
+const set_new_password_on_user = async (user_id = "", password = "") => {
+  const hashed_password = hash_string(password);
+  await accounts_query("set_new_password", { user_id, hashed_password });
+  return hashed_password;
+};
+
+const get_user = (user_id = "") => {
+  return accounts_query("user", { _id: user_id });
+};
+
+const set_password = async (set_password_options = {}) => {
+  if (!set_password_options?.user_id || !set_password_options?.password) {
+    throw new Error('Must provider a user_id and password to set.');
+  }
+
+  const user = await get_user(set_password_options?.user_id);
+
+  if (!user) {
+    throw new Error("Invalid user_id.");
+  }
+
+  await set_new_password_on_user(user?._id || user?.user_id, set_password_options?.password);
+  await reset_user_sessions(user?._id || user?.user_id);
+  
+  if (
+    types.is_function(process.joystick?.app_options?.accounts?.events?.onSetPassword) ||
+    types.is_function(process.joystick?.app_options?.accounts?.events?.on_set_password)
+  ) {
+    (
+      process.joystick?.app_options?.accounts?.events?.onSetPassword ||
+      process.joystick?.app_options?.accounts?.events?.on_set_password
+    )(set_password_options?.user_id);
+  }
+
+  return true;
+};
+
+export default set_password;

package/src/app/accounts/signup.js

@@ -0,0 +1,158 @@
+import accounts_query from "../databases/queries/accounts.js";
+import camel_pascal_to_snake from "../../lib/camel_pascal_to_snake.js";
+import create_accounts_metadata_table_columns from "../databases/postgresql/accounts/create_accounts_metadata_table_columns.js";
+import database_type_map from "../databases/database_type_map.js";
+import generate_account_session from "./generate_account_session.js";
+import get_output from "../api/get_output.js";
+import get_target_database_connection from "../databases/get_target_database_connection.js";
+import hash_string from "../../lib/hash_string.js";
+import roles from "./roles/index.js";
+import types from "../../lib/types.js";
+
+const add_session_to_user = (user_id = null, session = null) => {
+  return accounts_query("add_session", { user_id, session });
+};
+
+const get_user_by_user_id = (user_id = "") => {
+  return accounts_query("user", { _id: user_id });
+};
+
+const insert_user_in_database = async (user = {}) => {
+  return accounts_query("create_user", user);
+};
+
+const sqlize_metadata = (metadata = {}) => {
+  return Object.entries(metadata || {}).reduce((sqlized = {}, [key, value]) => {
+    sqlized[camel_pascal_to_snake(key)] = value;
+    return sqlized;
+  }, {});
+};
+
+const get_user_to_create = async (options = {}) => {
+  const users_database = get_target_database_connection('users');
+  const users_database_type = database_type_map[users_database?.provider];
+
+  let user = {
+    password: hash_string(options.password),
+  };
+
+  if (options?.email_address || options?.emailAddress) {
+    user.emailAddress = options?.email_address || options.emailAddress;
+  }
+
+  if (options?.username) {
+    user.username = options?.username;
+  }
+
+  if (
+    options?.metadata &&
+    types.is_object(options.metadata) &&
+    users_database_type === 'sql'
+  ) {
+    const sqlized_metadata = sqlize_metadata(options.metadata);
+    await create_accounts_metadata_table_columns(users_database, sqlized_metadata);
+
+    const metadata = { ...(options?.metadata || {}) };
+
+    if (metadata?.roles) {
+      // NOTE: We don't need roles information here so trash it.
+      delete metadata.roles;
+    }
+
+    user = {
+      ...(sqlize_metadata(metadata)),
+      ...user,
+    }
+  }
+
+  if (options?.metadata && types.is_object(options.metadata) && users_database_type === 'nosql') {
+    let metadata = { ...(options?.metadata || {}) };
+
+    if (metadata?.roles) {
+      // NOTE: We don't need roles information here so trash it.
+      delete metadata.roles;
+    }
+
+    // NOTE: Put metadata first to avoid overrides of account fields (e.g., passing
+    // metadata.password or metadata.email_address).
+    user = {
+      ...(metadata || {}),
+      ...user,
+    };
+  }
+
+  return user;
+};
+
+const get_existing_user = (email_address = "", username = "") => {
+  return accounts_query("existing_user", { email_address, username });
+};
+
+const signup = async (signup_options = {}) => {
+  if (!signup_options.email_address && !signup_options.emailAddress) {
+    throw new Error("Email address is required.");
+  }
+
+  if (!signup_options.password) {
+    throw new Error("Password is required.");
+  }
+
+  const existing_user = await get_existing_user(
+    signup_options.email_address || signup_options.emailAddress,
+    signup_options?.username
+  );
+
+  if (existing_user && process.env.NODE_ENV !== 'test') {
+    throw new Error(
+      `A user with the ${existing_user.existing_username ? "username" : "email address"} ${
+        existing_user.existing_username || existing_user.existing_email_address
+      } already exists.`
+    );
+  }
+
+  let user_to_create;
+  // NOTE: _id on nosql databases and user_id on sql databases.
+  let user_id = existing_user?._id || existing_user?.user_id;
+
+  if (!existing_user) {
+    user_to_create = await get_user_to_create(signup_options);
+    user_id = await insert_user_in_database(user_to_create);
+  }
+
+  const user = await get_user_by_user_id(user_id);
+  const session = generate_account_session();
+
+  if (user_id) {
+    await add_session_to_user(user_id, session);
+  }
+
+  // NOTE: Add roles to user ONLY if we're in a test environment. Do this to avoid
+  // client-side attacks assigning unauthorized privileges.
+  if (signup_options?.metadata?.roles?.length > 0 && process.env.NODE_ENV === 'test') {
+    for (let i = 0; i < signup_options?.metadata?.roles?.length; i += 1) {
+      const role = signup_options?.metadata?.roles[i];
+      roles.grant(user?.user_id, role);
+    }
+  }
+
+  if (
+    types.is_function(process.joystick?.app_options?.accounts?.events?.onSignup) ||
+    types.is_function(process.joystick?.app_options?.accounts?.events?.on_signup)
+  ) {
+    (process.joystick?.app_options?.accounts?.events?.onSignup || process.joystick?.app_options?.accounts?.events?.on_signup)({
+      ...session,
+      user_id,
+      userId: user_id,
+      user,
+    });
+  }
+
+  return {
+    ...session,
+    userId: user_id,
+    user_id,
+    user: get_output(user, signup_options?.output),
+  };
+};
+
+export default signup;

package/src/app/accounts/unset_account_cookie.js

@@ -0,0 +1,12 @@
+import unset_cookie from "../../lib/unset_cookie.js";
+
+const unset_account_cookie = (res = null) => {
+  if (!res) return null;
+
+  unset_cookie('joystick_login_token', res);
+  unset_cookie('joystick_login_token_expires_at', res);
+
+  return res;
+};
+
+export default unset_account_cookie;

package/src/app/accounts/verify_email.js

@@ -0,0 +1,32 @@
+/* eslint-disable consistent-return */
+
+import accounts_query from "../databases/queries/accounts.js";
+
+const mark_email_verified_at = (user_id = "", token = "") => {
+  return accounts_query("mark_email_verified_at", { user_id, token });
+};
+
+const get_user_from_token = (verify_email_token = "") => {
+  return accounts_query("user_with_verify_email_token", {
+    token: verify_email_token,
+  });
+};
+
+const verify_email = async (verify_email_options = {}) => {
+  const user = await get_user_from_token(verify_email_options?.token);
+
+  if (!user) {
+    throw new Error(`A user with this token could not be found.`);
+  }
+
+  await mark_email_verified_at(user?._id || user?.user_id, verify_email_options?.token);
+
+  if (typeof process.joystick?.app_options?.accounts?.events?.onVerifyEmail === 'function') {
+    process.joystick?.app_options?.accounts?.events?.onVerifyEmail(user?.emailAddress || user?.email_address);
+  }
+
+  return true;
+};
+
+export default verify_email;
+

package/src/app/api/accounts/authenticated.js

@@ -0,0 +1,17 @@
+import has_login_token_expired from "../../accounts/has_login_token_expired.js";
+
+const authenticated = (req = {}, res = {}) => {
+  const login_token_has_expired = has_login_token_expired(
+    res,
+    req?.cookies?.joystick_login_token,
+    req?.cookies?.joystick_login_token_expires_at
+  );
+
+  const status = !login_token_has_expired ? 200 : 401;
+
+  return res
+    .status(status)
+    .send(JSON.stringify({ status, authenticated: !login_token_has_expired }));
+};
+
+export default authenticated;

package/src/app/api/accounts/login.js

@@ -0,0 +1,36 @@
+import accounts from "../../accounts/index.js";
+import default_user_output_fields from "../../accounts/default_user_output_fields.js";
+import handle_api_error from '../handle_api_error.js';
+
+const login = async (req = {}, res = {}) => {
+  try {
+    const login = await accounts.login({
+      email_address: req?.body?.emailAddress || req?.body?.email_address,
+      username: req?.body?.username,
+      password: req?.body?.password,
+      output: req?.body?.output || default_user_output_fields,
+    });
+
+    if (process.env.NODE_ENV !== 'test') {
+      accounts._set_account_cookie(res, {
+        token: login?.token,
+        token_expires_at: login?.token_expires_at || login?.tokenExpiresAt,
+      });
+    }
+
+    const response = {
+      ...(login?.user || {}),
+    };
+
+    if (process.env.NODE_ENV === 'test') {
+      response.joystick_token = login?.token;
+      response.joystick_login_token_expires_at = login?.token_expires_at;
+    }
+
+    res.status(200).send(JSON.stringify(response));
+  } catch(error) {
+    handle_api_error('accounts.login', error, res);
+  }
+};
+
+export default login;

package/src/app/api/accounts/logout.js

@@ -0,0 +1,20 @@
+import accounts from "../../accounts/index.js";
+import types from "../../../lib/types.js";
+
+const logout = (req = {}, res = {}) => {
+  accounts._unset_account_cookie(res);
+
+  if (
+  	types.is_function(process?.joystick?.app_options?.accounts?.events?.onLogout) ||
+  	types.is_function(process?.joystick?.app_options?.accounts?.events?.on_logout)
+  ) {
+    (
+      process?.joystick?.app_options?.accounts?.events?.onLogout ||
+      process?.joystick?.app_options?.accounts?.events?.on_logout
+    )(req?.context?.user);
+  }
+
+  res.status(200).send(JSON.stringify({}));
+};
+
+export default logout;