@kava/kava-api-core 1.0.0

package/dist/validation.util.js

@@ -0,0 +1,237 @@
+import validator from "validator";
+import { db } from "@utils";
+// ==================================>
+// ## Check validate field from rules
+// ==================================>
+export async function validate(data, rules) {
+    const errors = {};
+    for (const field in rules) {
+        const fieldRules = normalizeRules(rules[field]);
+        if (field.includes("*")) {
+            // const [arrayPath, childPath] = field.split(".*.")
+            // const arr = getNestedValue(data, arrayPath)
+            // if (!Array.isArray(arr)) {
+            //   addError(errors, arrayPath, `${arrayPath} harus berupa array`)
+            //   continue
+            // }
+            // for (let i = 0; i < arr.length; i++) {
+            //   const value = childPath
+            //     ? getNestedValue(arr[i], childPath)
+            //     : arr[i]
+            //   const itemField = childPath
+            //     ? `${arrayPath}.${i}.${childPath}`
+            //     : `${arrayPath}.${i}`
+            //   await checkRules({ field: itemField, value, rules: fieldRules, data, errors })
+            // }
+            const segments = field.split(".");
+            await nestedValidation({ value: data, segments, rules: fieldRules, fieldPath: "", data, errors });
+            continue;
+        }
+        const value = getNestedValue(data, field) ?? "";
+        await checkRules({ field, value, rules: fieldRules, data, errors });
+    }
+    return {
+        valid: Object.keys(errors).length === 0,
+        errors
+    };
+}
+async function checkRules({ field, value, rules, data, errors }) {
+    for (const rule of rules) {
+        const [name, param] = rule.split(":");
+        switch (name) {
+            // === BASIC ===
+            case "required":
+                if (validator.isEmpty(String(value).trim())) {
+                    addError(errors, field, `${field} wajib diisi`);
+                }
+                break;
+            case "string":
+            case "text":
+                if (typeof value !== "string") {
+                    addError(errors, field, `${field} harus berupa string`);
+                }
+                break;
+            case "numeric":
+            case "number":
+                if (!validator.isNumeric(String(value))) {
+                    addError(errors, field, `${field} harus berupa angka`);
+                }
+                break;
+            case "boolean":
+                if (!(value === true || value === false || value === "true" || value === "false" || value === 1 || value === 0)) {
+                    addError(errors, field, `${field} harus berupa boolean`);
+                }
+                break;
+            case "email":
+                if (!validator.isEmail(String(value))) {
+                    addError(errors, field, `${field} harus berupa email yang valid`);
+                }
+                break;
+            case "url":
+                if (!validator.isURL(String(value))) {
+                    addError(errors, field, `${field} harus berupa URL yang valid`);
+                }
+                break;
+            case "date":
+                if (!validator.isDate(String(value))) {
+                    addError(errors, field, `${field} harus berupa tanggal yang valid`);
+                }
+                break;
+            // === LENGTH ===
+            case "min": {
+                const min = parseInt(param);
+                if (!validator.isLength(String(value), { min })) {
+                    addError(errors, field, `${field} minimal ${min} karakter`);
+                }
+                break;
+            }
+            case "max": {
+                const max = parseInt(param);
+                if (!validator.isLength(String(value), { max })) {
+                    addError(errors, field, `${field} maksimal ${max} karakter`);
+                }
+                break;
+            }
+            case "between": {
+                const [minVal, maxVal] = param.split(",").map(Number);
+                if (!validator.isLength(String(value), { min: minVal, max: maxVal })) {
+                    addError(errors, field, `${field} harus antara ${minVal} - ${maxVal} karakter`);
+                }
+                break;
+            }
+            // === SET MEMBERSHIP ===
+            case "in": {
+                const allowed = param.split(",");
+                if (!allowed.includes(String(value))) {
+                    addError(errors, field, `${field} harus salah satu dari: ${allowed.join(", ")}`);
+                }
+                break;
+            }
+            case "not_in": {
+                const notAllowed = param.split(",");
+                if (notAllowed.includes(String(value))) {
+                    addError(errors, field, `${field} tidak boleh salah satu dari: ${notAllowed.join(", ")}`);
+                }
+                break;
+            }
+            case "array":
+                if (!Array.isArray(value)) {
+                    addError(errors, field, `${field} harus berupa array`);
+                }
+                break;
+            // === RELATIONAL ===
+            case "confirmed":
+                if (value !== getNestedValue(data, `${field}_confirmation`)) {
+                    addError(errors, field, `${field} tidak sama dengan konfirmasi`);
+                }
+                break;
+            case "same":
+                if (value !== getNestedValue(data, param)) {
+                    addError(errors, field, `${field} harus sama dengan ${param}`);
+                }
+                break;
+            case "different":
+                if (value === getNestedValue(data, param)) {
+                    addError(errors, field, `${field} harus berbeda dengan ${param}`);
+                }
+                break;
+            // === REGEX ===
+            case "regex":
+                try {
+                    const pattern = new RegExp(param);
+                    if (!pattern.test(String(value))) {
+                        addError(errors, field, `${field} tidak sesuai format`);
+                    }
+                }
+                catch {
+                    addError(errors, field, `Regex rule untuk ${field} tidak valid`);
+                }
+                break;
+            // === DATABASE VALIDATION ===
+            case "unique": {
+                const [table, column, exceptId] = param.split(",");
+                const query = db.table(table).where(column, value);
+                if (exceptId)
+                    query.whereNot("id", exceptId);
+                const existing = await query.first();
+                if (existing) {
+                    addError(errors, field, `${field} sudah digunakan`);
+                }
+                break;
+            }
+            case "exists": {
+                const [table, column] = param.split(",");
+                const existing = await db.table(table).where(column, value).first();
+                if (!existing) {
+                    addError(errors, field, `${field} tidak ditemukan di ${table}`);
+                }
+                break;
+            }
+        }
+    }
+}
+async function nestedValidation({ value, segments, rules, fieldPath, data, errors }) {
+    if (segments.length === 0) {
+        await checkRules({
+            field: fieldPath,
+            value,
+            rules,
+            data,
+            errors
+        });
+        return;
+    }
+    const [segment, ...rest] = segments;
+    if (segment === "*") {
+        if (!Array.isArray(value)) {
+            addError(errors, fieldPath, `${fieldPath} harus berupa array`);
+            return;
+        }
+        for (let i = 0; i < value.length; i++) {
+            await nestedValidation({
+                value: value[i],
+                segments: rest,
+                rules,
+                fieldPath: `${fieldPath}.${i}`,
+                data,
+                errors
+            });
+        }
+    }
+    else {
+        await nestedValidation({
+            value: value?.[segment],
+            segments: rest,
+            rules,
+            fieldPath: fieldPath ? `${fieldPath}.${segment}` : segment,
+            data,
+            errors
+        });
+    }
+}
+// ==================================>
+// ## Validation helpers
+// ==================================>
+function getNestedValue(obj, path) {
+    if (!obj || typeof obj !== "object")
+        return undefined;
+    const normalizedPath = path
+        .replace(/\[(\w+)\]/g, '.$1')
+        .replace(/\['([^']+)'\]/g, '.$1')
+        .replace(/\["([^"]+)"\]/g, '.$1');
+    return normalizedPath.split('.').reduce((acc, key) => {
+        if (acc && Object.prototype.hasOwnProperty.call(acc, key)) {
+            return acc[key];
+        }
+        return undefined;
+    }, obj);
+}
+function normalizeRules(rules) {
+    if (Array.isArray(rules))
+        return rules;
+    return rules.split("|");
+}
+function addError(errors, field, message) {
+    errors[field] = [...(errors[field] || []), message];
+}
+//# sourceMappingURL=validation.util.js.map

package/dist/validation.util.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.util.js","sourceRoot":"","sources":["../src/validation.util.ts"],"names":[],"mappings":"AAAA,OAAO,SAAS,MAAM,WAAW,CAAA;AACjC,OAAO,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAA;AA6C3B,sCAAsC;AACtC,qCAAqC;AACrC,sCAAsC;AACtC,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,IAAyB,EACzB,KAAsB;IAEtB,MAAM,MAAM,GAA6B,EAAE,CAAA;IAE3C,KAAK,MAAM,KAAK,IAAI,KAAK,EAAE,CAAC;QAC1B,MAAM,UAAU,GAAG,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAA;QAE/C,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,oDAAoD;YACpD,8CAA8C;YAE9C,6BAA6B;YAC7B,mEAAmE;YACnE,aAAa;YACb,IAAI;YAEJ,yCAAyC;YACzC,4BAA4B;YAC5B,0CAA0C;YAC1C,eAAe;YAEf,gCAAgC;YAChC,yCAAyC;YACzC,4BAA4B;YAE5B,mFAAmF;YACnF,IAAI;YACJ,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAEjC,MAAM,gBAAgB,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;YAEjG,SAAQ;QACV,CAAC;QAGD,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,CAAA;QAE/C,MAAM,UAAU,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;IACrE,CAAC;IAED,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC;QACvC,MAAM;KACP,CAAA;AACH,CAAC;AAGD,KAAK,UAAU,UAAU,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAwG;IACnK,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAiC,CAAA;QAErE,QAAQ,IAAI,EAAE,CAAC;YACb,gBAAgB;YAChB,KAAK,UAAU;gBACb,IAAI,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;oBAC5C,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,cAAc,CAAC,CAAA;gBACjD,CAAC;gBACD,MAAK;YAEP,KAAK,QAAQ,CAAC;YACd,KAAK,MAAM;gBACT,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;oBAC9B,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,sBAAsB,CAAC,CAAA;gBACzD,CAAC;gBACD,MAAK;YAEP,KAAK,SAAS,CAAC;YACf,KAAK,QAAQ;gBACX,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACxC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,qBAAqB,CAAC,CAAA;gBACxD,CAAC;gBACD,MAAK;YAEP,KAAK,SAAS;gBACZ,IAAI,CAAC,CAAC,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,OAAO,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;oBAChH,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,uBAAuB,CAAC,CAAA;gBAC1D,CAAC;gBACD,MAAK;YAEP,KAAK,OAAO;gBACV,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACtC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,gCAAgC,CAAC,CAAA;gBACnE,CAAC;gBACD,MAAK;YAEP,KAAK,KAAK;gBACR,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACpC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,8BAA8B,CAAC,CAAA;gBACjE,CAAC;gBACD,MAAK;YAEP,KAAK,MAAM;gBACT,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACrC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,kCAAkC,CAAC,CAAA;gBACrE,CAAC;gBACD,MAAK;YAEP,iBAAiB;YACjB,KAAK,KAAK,CAAC,CAAC,CAAC;gBACX,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAM,CAAC,CAAA;gBAC5B,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;oBAChD,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,YAAY,GAAG,WAAW,CAAC,CAAA;gBAC7D,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,KAAK,CAAC,CAAC,CAAC;gBACX,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAM,CAAC,CAAA;gBAC5B,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;oBAChD,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,aAAa,GAAG,WAAW,CAAC,CAAA;gBAC9D,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,KAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;gBACtD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;oBACrE,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,iBAAiB,MAAM,MAAM,MAAM,WAAW,CAAC,CAAA;gBACjF,CAAC;gBACD,MAAK;YACP,CAAC;YAED,yBAAyB;YACzB,KAAK,IAAI,CAAC,CAAC,CAAC;gBACV,MAAM,OAAO,GAAG,KAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBACjC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACrC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,2BAA2B,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAClF,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,UAAU,GAAG,KAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBACpC,IAAI,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACvC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,iCAAiC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAC3F,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,OAAO;gBACZ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC1B,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,qBAAqB,CAAC,CAAA;gBACxD,CAAC;gBACD,MAAK;YAEL,qBAAqB;YACrB,KAAK,WAAW;gBACd,IAAI,KAAK,KAAK,cAAc,CAAC,IAAI,EAAE,GAAG,KAAK,eAAe,CAAC,EAAE,CAAC;oBAC5D,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,+BAA+B,CAAC,CAAA;gBAClE,CAAC;gBACD,MAAK;YAEP,KAAK,MAAM;gBACT,IAAI,KAAK,KAAK,cAAc,CAAC,IAAI,EAAE,KAAM,CAAC,EAAE,CAAC;oBAC3C,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,sBAAsB,KAAK,EAAE,CAAC,CAAA;gBAChE,CAAC;gBACD,MAAK;YAEP,KAAK,WAAW;gBACd,IAAI,KAAK,KAAK,cAAc,CAAC,IAAI,EAAE,KAAM,CAAC,EAAE,CAAC;oBAC3C,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,yBAAyB,KAAK,EAAE,CAAC,CAAA;gBACnE,CAAC;gBACD,MAAK;YAEP,gBAAgB;YAChB,KAAK,OAAO;gBACV,IAAI,CAAC;oBACH,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,KAAM,CAAC,CAAA;oBAClC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;wBACjC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,sBAAsB,CAAC,CAAA;oBACzD,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,oBAAoB,KAAK,cAAc,CAAC,CAAA;gBAClE,CAAC;gBACD,MAAK;YAEP,8BAA8B;YAC9B,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,GAAG,KAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBACnD,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;gBAClD,IAAI,QAAQ;oBAAE,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;gBAC5C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAA;gBACpC,IAAI,QAAQ,EAAE,CAAC;oBACb,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,kBAAkB,CAAC,CAAA;gBACrD,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,KAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBACzC,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,KAAK,EAAE,CAAA;gBACnE,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACd,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,uBAAuB,KAAK,EAAE,CAAC,CAAA;gBACjE,CAAC;gBACD,MAAK;YACP,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAID,KAAK,UAAU,gBAAgB,CAAC,EAC9B,KAAK,EACL,QAAQ,EACR,KAAK,EACL,SAAS,EACT,IAAI,EACJ,MAAM,EAQP;IACC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,MAAM,UAAU,CAAC;YACf,KAAK,EAAE,SAAS;YAChB,KAAK;YACL,KAAK;YACL,IAAI;YACJ,MAAM;SACP,CAAC,CAAA;QACF,OAAM;IACR,CAAC;IAED,MAAM,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,QAAQ,CAAA;IAEnC,IAAI,OAAO,KAAK,GAAG,EAAE,CAAC;QACpB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1B,QAAQ,CAAC,MAAM,EAAE,SAAS,EAAE,GAAG,SAAS,qBAAqB,CAAC,CAAA;YAC9D,OAAM;QACR,CAAC;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,gBAAgB,CAAC;gBACrB,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBACf,QAAQ,EAAE,IAAI;gBACd,KAAK;gBACL,SAAS,EAAE,GAAG,SAAS,IAAI,CAAC,EAAE;gBAC9B,IAAI;gBACJ,MAAM;aACP,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,gBAAgB,CAAC;YACrB,KAAK,EAAE,KAAK,EAAE,CAAC,OAAO,CAAC;YACvB,QAAQ,EAAE,IAAI;YACd,KAAK;YACL,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,SAAS,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,OAAO;YAC1D,IAAI;YACJ,MAAM;SACP,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAID,sCAAsC;AACtC,wBAAwB;AACxB,sCAAsC;AACtC,SAAS,cAAc,CAAC,GAAQ,EAAE,IAAY;IAC5C,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,SAAS,CAAA;IAErD,MAAM,cAAc,GAAG,IAAI;SACxB,OAAO,CAAC,YAAY,EAAE,KAAK,CAAC;SAC5B,OAAO,CAAC,gBAAgB,EAAE,KAAK,CAAC;SAChC,OAAO,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;IAEnC,OAAO,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACnD,IAAI,GAAG,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;YAC1D,OAAO,GAAG,CAAC,GAAG,CAAC,CAAA;QACjB,CAAC;QACD,OAAO,SAAS,CAAA;IAClB,CAAC,EAAE,GAAG,CAAC,CAAA;AACT,CAAC;AAED,SAAS,cAAc,CAAC,KAAgC;IACtD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAA;IACtC,OAAO,KAAK,CAAC,KAAK,CAAC,GAAG,CAAqB,CAAA;AAC7C,CAAC;AAED,SAAS,QAAQ,CAAC,MAAgC,EAAE,KAAa,EAAE,OAAe;IAChF,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,EAAE,OAAO,CAAC,CAAA;AACrD,CAAC"}

package/package.json

@@ -0,0 +1,34 @@
+{
+  "name": "@kava/kava-api-core",
+  "version": "1.0.0",
+  "description": "Core utility functions for Kava API framework.",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsc"
+  },
+  "keywords": [
+    "aluna",
+    "core",
+    "utility"
+  ],
+  "author": "",
+  "license": "UNLICENSED",
+  "dependencies": {
+    "bcrypt": "^6.0.0",
+    "dotenv": "^17.2.2",
+    "elysia": "latest",
+    "knex": "^3.1.0",
+    "nodemailer": "^7.0.9",
+    "pg": "^8.16.3",
+    "validator": "^13.15.15"
+  },
+  "devDependencies": {
+    "@types/bcrypt": "^6.0.0",
+    "@types/node": "^26.0.0",
+    "@types/nodemailer": "^7.0.2",
+    "@types/validator": "^13.15.3",
+    "bun-types": "latest",
+    "typescript": "^6.0.3"
+  }
+}

package/src/auth.util.ts

@@ -0,0 +1,242 @@
+import crypto from 'crypto'
+import bcrypt from "bcrypt";
+import { db } from '@utils'
+
+
+
+// =====================================>
+// ## Auth: User Access Token
+// =====================================>
+const TOKEN_PLAIN_LENGTH  =  20
+const AUTH_PERMISSION     =  process.env.AUTH_CACHE  ===  "true"
+// const AUTH_CACHE          =  process.env.AUTH_CACHE  ===  "true"
+// const AUTH_CACHE_TTL      =  Number(process.env.AUTH_CACHE_TTL || 600)
+
+
+
+export const auth = {
+
+  // =====================================>
+  // ## Auth: create access token with user id
+  // =====================================>
+  async createAccessToken(userId: number, req: Request, permission: boolean = true) {
+    const plain  =  crypto.randomBytes(TOKEN_PLAIN_LENGTH).toString("hex")
+    const hash   =  await bcrypt.hash(plain, 10)
+    const agent  =  generateAgentId(req)
+
+    let permissions: string[] = []
+    if (AUTH_PERMISSION && permission) {
+      permissions = await getUserPermissions(userId)
+    }
+
+    const [row] = await db("user_access_tokens").insert({
+      user_id      :  userId,
+      token        :  hash,
+      agent        :  agent,
+      permissions  :  JSON.stringify(permissions),
+      created_at   :  new Date(),
+    }).returning(["id"])
+
+    return {
+      token    :  `${row.id}|${plain}`,
+      tokenId  :  row.id,
+    }
+  },
+
+
+
+  // =====================================>
+  // ## Auth: delete access token with user id
+  // =====================================>
+  async revokeAccessToken(id: number) {
+    return db.table('user_access_tokens').where("id", id).delete()
+  },
+
+
+
+  // =====================================>
+  // ## Auth: verify access token
+  // =====================================>
+  async verifyAccessToken(token: string, req?: Request) {
+    if (!token.includes("|")) return null
+
+    const [tokenId, plain]  =  token.split("|", 2)
+    const agent             =  req ? generateAgentId(req) : ""
+    const ip                =  req ? getRequestIp(req) : ""
+
+    const cacheKey = `auth:token:${tokenId}`
+
+    // if (AUTH_CACHE) {
+    //   const cached = await redis.get(cacheKey)
+
+    //   if (cached) {
+    //     const session = JSON.parse(cached)
+
+    //     if (session.agent !== agent) return null
+
+    //     return session
+    //   }
+    // }
+
+    const tokenRecord = await db("user_access_tokens").where("id", tokenId).first()
+
+    if (!tokenRecord) return null
+    if (tokenRecord.agent !== agent) return null
+
+    const valid = await bcrypt.compare(plain, tokenRecord.token)
+    if (!valid) return null
+
+    await db("user_access_tokens").where("id", tokenRecord.id).update({ last_used_at: new Date(), last_used_ip: ip })
+
+    const user = await db("users").where("id", tokenRecord.user_id).first()
+
+    // if (AUTH_CACHE) {
+    //   await redis.setex(
+    //     cacheKey,
+    //     AUTH_CACHE_TTL,
+    //     JSON.stringify({
+    //       user         :  user,
+    //       agent        :  tokenRecord.agent,
+    //       permissions  :  tokenRecord.permission,
+    //     })
+    //   )
+    // }
+
+    return { user, token: tokenRecord, permissions: tokenRecord.permission }
+  },
+
+
+
+  // =====================================>
+  // ## Auth: create user mail token
+  // =====================================>
+  async createUserMailToken(userId: number) {
+    const token = Math.floor(100000 + Math.random() * 900000).toString()
+    const hash = crypto.createHash('sha256').update(token).digest('hex')
+  
+    const trx = await db.transaction()
+
+    await trx.table('user_mail_tokens').insert({
+      user_id     : userId,
+      token       : hash,
+      created_at  : new Date(),
+    })
+    
+    const record = await trx.table('user_mail_tokens').orderBy('id', 'desc').first()
+    
+    await trx.commit()
+
+    return {
+      token    : token,
+      tokenId  : record.id
+    }
+  },
+
+
+
+  // =====================================>
+  // ## Auth: Verify user mail token
+  // =====================================>
+  async verifyUserMailToken(userId: number, token: string) {
+    const hashedToken = crypto.createHash("sha256").update(token).digest("hex");
+
+    const record = await db.table("user_mail_tokens")
+      .where("user_id", userId)
+      .whereNull("used_at")
+      .orderBy("id", "desc")
+      .first();
+
+    if (!record) return false
+
+    if (record.token !== hashedToken) return false;
+
+    const createdAt = new Date(record.created_at);
+    const now = new Date();
+    const diffMinutes = (now.getTime() - createdAt.getTime()) / (1000 * 60);
+
+    if (diffMinutes > 10) return false;
+
+    return true;
+  },
+
+
+
+  // =====================================>
+  // ## Auth: list user sessions
+  // =====================================>
+  async listUserSessions(userId: number, currentTokenId?: number) {
+    const rows = await db("user_access_tokens").select(["id", "agent", "created_at", "last_used_at", "last_used_ip","expired_at"]).where("user_id", userId).orderBy("last_used_at", "desc")
+
+    return rows.map(r => ({
+      ...r,
+      is_active  : r.revoked_at  ===  null,
+      is_current : r.id          ===  currentTokenId,
+    }))
+  },
+
+
+
+  // =====================================>
+  // ## Auth: revalidate user permission
+  // =====================================>
+  revalidateUserPermissions: revalidateUserPermissions,
+  revalidateUserPermissionsByRole: revalidateUserPermissionsByRole,
+}
+
+
+
+function generateAgentId(req: Request) {
+  const ua   =  req.headers.get("user-agent")  ??  ""
+  const acc  =  req.headers.get("accept")      ??  ""
+
+  return crypto.createHash("sha256").update(ua + acc).digest("hex")
+}
+
+
+function getRequestIp(req: Request) {
+  return (req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || req.headers.get("x-real-ip") || "unknown")
+}
+
+
+async function getUserPermissions(userId: number): Promise<string[]> {
+  const roleIds = await db("user_roles").where("user_id", userId).pluck("role_id")
+
+  if (roleIds.length === 0) return []
+
+  const rows = await db("permissions").whereIn("role_id", roleIds).pluck("permissions")
+
+  return Array.from(
+    new Set(
+      rows.flatMap(p => p ?? [])
+    )
+  )
+}
+
+
+async function revalidateUserPermissions(userId: number) {
+  const permissions = await getUserPermissions(userId)
+
+  const tokenIds = await db("user_access_tokens").where("user_id", userId).pluck("id")
+
+  if (tokenIds.length === 0) return
+
+  await db("user_access_tokens").whereIn("id", tokenIds).update({
+    permissions  :  JSON.stringify(permissions),
+    updated_at   :  new Date(),
+  })
+
+  // if (AUTH_CACHE) {
+  //   await Promise.all(
+  //     tokenIds.map(id => redis.del(`auth:token:${id}`))
+  //   )
+  // }
+}
+
+
+async function revalidateUserPermissionsByRole(roleId: number) {
+  const userIds = await db("user_roles").where("role_id", roleId).pluck("user_id")
+
+  // for (const userId of userIds) {
+  //   await queue.add("auth:revalidate-permission", { userId })
+  // }
+}

package/src/context.util.ts

@@ -0,0 +1,17 @@
+import { AsyncLocalStorage } from 'node:async_hooks'
+
+export type AppContext = { 
+  user_id?: number,
+}
+
+const storage = new AsyncLocalStorage<AppContext>()
+
+export const context = {
+  run<T>(ctx: AppContext, fn: () => T) {
+    return storage.run(ctx, fn)
+  },
+
+  get<K extends keyof AppContext>(key: K): AppContext[K] {
+    return storage.getStore()?.[key]
+  },
+}