@layer-ai/core 2.0.6 → 2.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -6,6 +6,7 @@ export declare const db: {
|
|
|
6
6
|
getUserByEmail(email: string): Promise<User | null>;
|
|
7
7
|
getUserById(id: string): Promise<User | null>;
|
|
8
8
|
createUser(email: string, passwordHash: string): Promise<User>;
|
|
9
|
+
getUserStatus(userId: string): Promise<string | null>;
|
|
9
10
|
getApiKeyByHash(keyHash: string): Promise<ApiKey | null>;
|
|
10
11
|
createApiKey(userId: string, keyHash: string, keyPrefix: string, name: string): Promise<ApiKey>;
|
|
11
12
|
updateApiKeyLastUsed(keyHash: string): Promise<void>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"postgres.d.ts","sourceRoot":"","sources":["../../../src/lib/db/postgres.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAyB,WAAW,EAAE,MAAM,eAAe,CAAC;AAO5F,iBAAS,OAAO,IAAI,EAAE,CAAC,IAAI,CAqB1B;AA0BD,eAAO,MAAM,EAAE;gBAEK,MAAM,WAAW,GAAG,EAAE;0BASZ,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;oBAQnC,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;sBAQ3B,MAAM,gBAAgB,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"postgres.d.ts","sourceRoot":"","sources":["../../../src/lib/db/postgres.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAyB,WAAW,EAAE,MAAM,eAAe,CAAC;AAO5F,iBAAS,OAAO,IAAI,EAAE,CAAC,IAAI,CAqB1B;AA0BD,eAAO,MAAM,EAAE;gBAEK,MAAM,WAAW,GAAG,EAAE;0BASZ,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;oBAQnC,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;sBAQ3B,MAAM,gBAAgB,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;0BAQxC,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;6BAS5B,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;yBAQnC,MAAM,WAAW,MAAM,aAAa,MAAM,QAAQ,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;kCAQjE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;8BAO1B,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;qBAQnC,MAAM,UAAU,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;iCAS7B,MAAM,YAAY,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;+BAQjD,MAAM,UAAU,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;4BAQhD,MAAM,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;uBAQ7B,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC;oBA8BpC,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;mBAQ9B,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;mBAkDxC,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;qBAUvB,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC;2BAkBhC,MAAM,YACJ;QACR,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,SAAS,CAAC,EAAE,IAAI,CAAC;QACjB,OAAO,CAAC,EAAE,IAAI,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,GACA,OAAO,CAAC,GAAG,EAAE,CAAC;iCAuCkB,MAAM,GAAG,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,IAAI,CAAA;KAAE,GAAG,IAAI,CAAC;6BAQhE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;qCAehB,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;2BAQhC,MAAM,YAAY,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;4BAQrD,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;8BASnD,MAAM,YACJ,MAAM,gBACF;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,aACrD,MAAM,GAChB,OAAO,CAAC,WAAW,CAAC;8BAWb,MAAM,YACJ,MAAM,gBACF;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,aACrD,MAAM,GAChB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;8BAWE,MAAM,YAAY,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;oCAQrC,MAAM,YAAY,MAAM,YAAY,OAAO,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;kCAW3E,MAAM,YAAY,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;qCAQzC,MAAM,GAAQ,OAAO,CAAC,WAAW,EAAE,CAAC;8BAahE,MAAM,QACR,OAAO,CAAC,IAAI,CAAC,aACR,MAAM,GAAG,MAAM,kBACV,MAAM,EAAE,GACvB,OAAO,CAAC,IAAI,CAAC;2BA8Ca,MAAM,UAAS,MAAM,GAAQ,OAAO,CAAC,GAAG,EAAE,CAAC;2BAW3C,MAAM,GAAG,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC;+BAQxB,MAAM,UAAS,MAAM,GAAS,OAAO,CAAC,GAAG,EAAE,CAAC;8BAcnE,MAAM,UACN,MAAM,GAAG,IAAI,UACb,eAAe,GAAG,aAAa,GAAG,YAAY,GAAG,UAAU,WAC1D,GAAG,GACX,OAAO,CAAC,IAAI,CAAC;2BAQa,MAAM,UAAS,MAAM,GAAQ,OAAO,CAAC,GAAG,EAAE,CAAC;gCAWtC,MAAM,UAAS,MAAM,GAAS,OAAO,CAAC,GAAG,EAAE,CAAC;4BAchD,MAAM,UAAS,MAAM,GAAS,OAAO,CAAC,GAAG,EAAE,CAAC;yBAa/C,MAAM,aAAa,MAAM,UAAU,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;CA+E5F,CAAC;AAEF,eAAe,OAAO,CAAC"}
|
package/dist/lib/db/postgres.js
CHANGED
|
@@ -64,6 +64,10 @@ export const db = {
|
|
|
64
64
|
const result = await getPool().query('INSERT INTO users (email, password_hash) VALUES ($1, $2) RETURNING *', [email, passwordHash]);
|
|
65
65
|
return toCamelCase(result.rows[0]);
|
|
66
66
|
},
|
|
67
|
+
async getUserStatus(userId) {
|
|
68
|
+
const result = await getPool().query('SELECT status FROM users WHERE id = $1', [userId]);
|
|
69
|
+
return result.rows[0]?.status || null;
|
|
70
|
+
},
|
|
67
71
|
// API Keys
|
|
68
72
|
async getApiKeyByHash(keyHash) {
|
|
69
73
|
const result = await getPool().query('SELECT * FROM api_keys WHERE key_hash = $1 AND is_active = true', [keyHash]);
|
|
@@ -86,15 +90,15 @@ export const db = {
|
|
|
86
90
|
},
|
|
87
91
|
// Gates
|
|
88
92
|
async getGateByUserAndName(userId, gateName) {
|
|
89
|
-
const result = await getPool().query('SELECT * FROM gates WHERE user_id = $1 AND name = $2', [userId, gateName]);
|
|
93
|
+
const result = await getPool().query('SELECT * FROM gates WHERE user_id = $1 AND name = $2 AND deleted_at IS NULL', [userId, gateName]);
|
|
90
94
|
return result.rows[0] ? toCamelCase(result.rows[0]) : null;
|
|
91
95
|
},
|
|
92
96
|
async getGateByUserAndId(userId, gateId) {
|
|
93
|
-
const result = await getPool().query('SELECT * FROM gates WHERE user_id = $1 AND id = $2', [userId, gateId]);
|
|
97
|
+
const result = await getPool().query('SELECT * FROM gates WHERE user_id = $1 AND id = $2 AND deleted_at IS NULL', [userId, gateId]);
|
|
94
98
|
return result.rows[0] ? toCamelCase(result.rows[0]) : null;
|
|
95
99
|
},
|
|
96
100
|
async getGatesForUser(userId) {
|
|
97
|
-
const result = await getPool().query('SELECT * FROM gates WHERE user_id = $1 ORDER BY created_at DESC', [userId]);
|
|
101
|
+
const result = await getPool().query('SELECT * FROM gates WHERE user_id = $1 AND deleted_at IS NULL ORDER BY created_at DESC', [userId]);
|
|
98
102
|
return result.rows.map(toCamelCase);
|
|
99
103
|
},
|
|
100
104
|
async createGate(userId, data) {
|
|
@@ -124,7 +128,7 @@ export const db = {
|
|
|
124
128
|
return toCamelCase(result.rows[0]);
|
|
125
129
|
},
|
|
126
130
|
async getGateById(id) {
|
|
127
|
-
const result = await getPool().query('SELECT * FROM gates WHERE id = $1', [id]);
|
|
131
|
+
const result = await getPool().query('SELECT * FROM gates WHERE id = $1 AND deleted_at IS NULL', [id]);
|
|
128
132
|
return result.rows[0] ? toCamelCase(result.rows[0]) : null;
|
|
129
133
|
},
|
|
130
134
|
async updateGate(id, data) {
|
|
@@ -174,7 +178,8 @@ export const db = {
|
|
|
174
178
|
return result.rows[0] ? toCamelCase(result.rows[0]) : null;
|
|
175
179
|
},
|
|
176
180
|
async deleteGate(id) {
|
|
177
|
-
|
|
181
|
+
// Soft delete: set deleted_at timestamp instead of hard delete
|
|
182
|
+
const result = await getPool().query('UPDATE gates SET deleted_at = NOW() WHERE id = $1 AND deleted_at IS NULL', [id]);
|
|
178
183
|
return (result.rowCount ?? 0) > 0;
|
|
179
184
|
},
|
|
180
185
|
// Request Logging
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAK1D,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,OAAO;YACf,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,UAAU,CAAC,EAAE,MAAM,CAAC;SACrB;KACF;CACF;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAChC,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAK1D,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,OAAO,CAAC;QAChB,UAAU,OAAO;YACf,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,UAAU,CAAC,EAAE,MAAM,CAAC;SACrB;KACF;CACF;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAChC,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,OAAO,CAAC,IAAI,CAAC,CAyHf;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAC1B,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,IAAI,CAWN"}
|
package/dist/middleware/auth.js
CHANGED
|
@@ -48,6 +48,22 @@ export async function authenticate(req, res, next) {
|
|
|
48
48
|
});
|
|
49
49
|
return;
|
|
50
50
|
}
|
|
51
|
+
// Check user status before allowing access
|
|
52
|
+
const userStatus = await db.getUserStatus(apiKeyRecord.userId);
|
|
53
|
+
if (userStatus === 'suspended') {
|
|
54
|
+
res.status(403).json({
|
|
55
|
+
error: 'account_suspended',
|
|
56
|
+
message: 'Your account has been suspended. Please contact support.',
|
|
57
|
+
});
|
|
58
|
+
return;
|
|
59
|
+
}
|
|
60
|
+
if (userStatus === 'banned') {
|
|
61
|
+
res.status(403).json({
|
|
62
|
+
error: 'account_banned',
|
|
63
|
+
message: 'Your account has been banned.',
|
|
64
|
+
});
|
|
65
|
+
return;
|
|
66
|
+
}
|
|
51
67
|
// Attach userId to request for downstream handlers
|
|
52
68
|
req.userId = apiKeyRecord.userId;
|
|
53
69
|
req.apiKeyId = apiKeyRecord.id;
|
|
@@ -62,6 +78,22 @@ export async function authenticate(req, res, next) {
|
|
|
62
78
|
// Not an API key, try session key
|
|
63
79
|
const sessionKey = await db.getSessionKeyByHash(tokenHash);
|
|
64
80
|
if (sessionKey) {
|
|
81
|
+
// Check user status for session keys as well
|
|
82
|
+
const userStatus = await db.getUserStatus(sessionKey.userId);
|
|
83
|
+
if (userStatus === 'suspended') {
|
|
84
|
+
res.status(403).json({
|
|
85
|
+
error: 'account_suspended',
|
|
86
|
+
message: 'Your account has been suspended. Please contact support.',
|
|
87
|
+
});
|
|
88
|
+
return;
|
|
89
|
+
}
|
|
90
|
+
if (userStatus === 'banned') {
|
|
91
|
+
res.status(403).json({
|
|
92
|
+
error: 'account_banned',
|
|
93
|
+
message: 'Your account has been banned.',
|
|
94
|
+
});
|
|
95
|
+
return;
|
|
96
|
+
}
|
|
65
97
|
req.userId = sessionKey.userId;
|
|
66
98
|
next();
|
|
67
99
|
return;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@layer-ai/core",
|
|
3
|
-
"version": "2.0.
|
|
3
|
+
"version": "2.0.8",
|
|
4
4
|
"description": "Core API routes and services for Layer AI",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -36,7 +36,7 @@
|
|
|
36
36
|
"nanoid": "^5.0.4",
|
|
37
37
|
"openai": "^4.24.0",
|
|
38
38
|
"pg": "^8.11.3",
|
|
39
|
-
"@layer-ai/sdk": "^2.5.
|
|
39
|
+
"@layer-ai/sdk": "^2.5.1"
|
|
40
40
|
},
|
|
41
41
|
"devDependencies": {
|
|
42
42
|
"@types/bcryptjs": "^2.4.6",
|