@lobb-js/lobb-ext-auth 0.1.58

package/lobb/lobb.ts

@@ -0,0 +1,108 @@
+import { Lobb } from "@lobb/core";
+import { auth } from "./src/mod.ts";
+
+Lobb.init({
+  project: {
+    name: "Social To Courier",
+    force_sync: true,
+  },
+  database: {
+    host: "localhost",
+    port: 5432,
+    username: "test",
+    password: "test",
+    database: "social_to_courier",
+  },
+  web_server: {
+    host: "0.0.0.0",
+    port: 3000,
+    cors: {
+      origin: "*",
+    },
+  },
+  extensions: [
+    auth({
+      admin: {
+        email: "admin@example.com",
+        password: "admin",
+      },
+      extend_users: {
+        fields: {
+          instagram_user_id: {
+            type: "string",
+            length: 255,
+          },
+          instagram_token: {
+            type: "string",
+            length: 255,
+          },
+        },
+      },
+      roles: {
+        public: {
+          permissions: true,
+        },
+      },
+    }),
+  ],
+  collections: {
+    articles: {
+      indexes: {},
+      fields: {
+        id: {
+          type: "integer",
+        },
+        image: {
+          type: "string",
+          length: 255,
+        },
+        title: {
+          type: "string",
+          length: 255,
+          validators: {
+            required: true,
+          },
+        },
+        description: {
+          type: "string",
+          length: 255,
+        },
+        body: {
+          type: "string",
+          length: 255,
+          validators: {
+            required: true,
+          },
+        },
+        status: {
+          type: "string",
+          length: 255,
+          validators: {
+            enum: ["public", "private"],
+          },
+        },
+      },
+    },
+    comments: {
+      indexes: {},
+      fields: {
+        id: {
+          type: "integer",
+        },
+        body: {
+          type: "string",
+          length: 255,
+          validators: {
+            required: true,
+          },
+        },
+        article_id: {
+          type: "integer",
+          validators: {
+            required: true,
+          },
+        },
+      },
+    },
+  },
+});

package/lobb/src/collections/activityFeed.ts

@@ -0,0 +1,53 @@
+import type { CollectionConfig } from "@lobb/core/types";
+
+export const activityFeedCollection: CollectionConfig = {
+  indexes: {},
+  fields: {
+    id: {
+      type: "integer",
+    },
+    user_id: {
+      type: "integer",
+      references: {
+        collection: "auth_users",
+        field: "id",
+      },
+      validators: {
+        required: true,
+      },
+    },
+    action: {
+      type: "string",
+      length: 255,
+      validators: {
+        required: true,
+        enum: [
+          "create",
+          "read",
+          "update",
+          "delete",
+        ],
+      },
+    },
+    collection: {
+      type: "string",
+      length: 255,
+      validators: {
+        required: true,
+      },
+    },
+    item_id: {
+      type: "string",
+      length: 255,
+      validators: {
+        required: true,
+      },
+    },
+    created_at: {
+      type: "datetime",
+      pre_processors: {
+        default: "{{ now }}",
+      },
+    },
+  },
+};

package/lobb/src/collections/collections.ts

@@ -0,0 +1,44 @@
+import type { CollectionConfig, Lobb } from "@lobb/core/types";
+import { usersCollection } from "./users.ts";
+import { sessionsCollection } from "./sessions.ts";
+import { getExtensionConfig } from "../config/config.ts";
+import { activityFeedCollection } from "./activityFeed.ts";
+
+export function collections(
+  lobb: Lobb,
+): Record<string, CollectionConfig> {
+  const collectionsSchemas: Record<string, CollectionConfig> = {};
+  collectionsSchemas["auth_users"] = usersCollection;
+  collectionsSchemas["auth_sessions"] = sessionsCollection;
+
+  // adding the additional fields and indexes if the extend_users property exists
+  const extensionConfig = getExtensionConfig();
+
+  if (extensionConfig.extend_users) {
+    collectionsSchemas["auth_users"].indexes = {
+      ...collectionsSchemas["auth_users"].indexes,
+      ...extensionConfig.extend_users.indexes,
+    };
+    collectionsSchemas["auth_users"].fields = {
+      ...collectionsSchemas["auth_users"].fields,
+      ...extensionConfig.extend_users.fields,
+    };
+  }
+
+  const authConfig = getExtensionConfig();
+
+  if (!authConfig.roles) {
+    authConfig.roles = {};
+  }
+
+  collectionsSchemas["auth_roles"] = lobb.utils.lockCollectionToObject(
+    {
+      collectionName: "auth_roles",
+      object: authConfig.roles,
+    },
+  );
+
+  collectionsSchemas["auth_activity_feed"] = activityFeedCollection;
+
+  return collectionsSchemas;
+}

package/lobb/src/collections/sessions.ts

@@ -0,0 +1,34 @@
+import type { CollectionConfig } from "@lobb/core/types";
+
+export const sessionsCollection: CollectionConfig = {
+  indexes: {},
+  fields: {
+    id: {
+      type: "integer",
+    },
+    user_id: {
+      type: "integer",
+      references: {
+        collection: "auth_users",
+        field: "id",
+      },
+      validators: {
+        required: true,
+      },
+    },
+    token: {
+      type: "string",
+      length: 255,
+      validators: {
+        maxLength: 255,
+        required: true,
+      },
+    },
+    expires_at: {
+      type: "datetime",
+      validators: {
+        required: true,
+      },
+    },
+  },
+};

package/lobb/src/collections/users.ts

@@ -0,0 +1,44 @@
+import type { CollectionConfig } from "@lobb/core/types";
+
+export const usersCollection: CollectionConfig = {
+  indexes: {
+    auth_users_email_index: {
+      unique: true,
+      fields: {
+        email: {
+          order: "asc",
+        },
+      },
+    },
+  },
+  fields: {
+    id: {
+      type: "integer",
+    },
+    email: {
+      type: "string",
+      length: 255,
+      validators: {
+        validator: {
+          name: "isEmail",
+        },
+        maxLength: 255,
+        required: true,
+      },
+    },
+    password: {
+      type: "string",
+      length: 255,
+      validators: {
+        required: true,
+      },
+    },
+    role: {
+      type: "string",
+      length: 255,
+      validators: {
+        required: true,
+      },
+    },
+  },
+};

package/lobb/src/config/config.ts

@@ -0,0 +1,11 @@
+import type { ExtensionConfig } from "./extensionConfigSchema.ts";
+
+let extensionConfig: ExtensionConfig;
+
+export function setExtensionConfig(config: ExtensionConfig) {
+  extensionConfig = config;
+}
+
+export function getExtensionConfig() {
+  return extensionConfig;
+}

package/lobb/src/config/extensionConfigSchema.ts

@@ -0,0 +1,47 @@
+import type { CollectionConfig } from "@lobb/core/types";
+import type { CreatePermissionAction } from "./permissionsAction/create.ts";
+import type { ReadPermissionAction } from "./permissionsAction/read.ts";
+import type { UpdatePermissionAction } from "./permissionsAction/update.ts";
+import type { DeletePermissionAction } from "./permissionsAction/delete.ts";
+
+export interface User {
+  id: number;
+  email: string;
+  password: string;
+  role: string;
+}
+
+export interface PermissionAction {}
+
+export type CollectionPermissionsActions = {
+  create?: true | CreatePermissionAction;
+  read?: true | ReadPermissionAction;
+  update?: true | UpdatePermissionAction;
+  delete?: true | DeletePermissionAction;
+};
+
+export type CollectionPermissionActionsKeys =
+  keyof CollectionPermissionsActions;
+export type CollectionPermissionsConfig =
+  | true
+  | CollectionPermissionsActions;
+export type PermissionsConfig =
+  | true
+  | Record<string, CollectionPermissionsConfig | undefined>;
+
+export type RolesConfig = {
+  permissions: PermissionsConfig;
+};
+
+export type ExtensionConfig = {
+  admin: {
+    password: string;
+    email: string;
+  };
+  dashboard_access_roles?: string[];
+  roles: Record<string, RolesConfig | undefined>;
+  extend_users?: {
+    indexes?: CollectionConfig["indexes"];
+    fields?: Omit<CollectionConfig["fields"], "id">;
+  };
+};

package/lobb/src/config/permissionsAction/create.ts

@@ -0,0 +1,20 @@
+import type { PermissionAction, User } from "../extensionConfigSchema.ts";
+
+interface FieldTrasnsformerFnParams {
+  value: unknown;
+  payload: Record<string, unknown>;
+  user?: User;
+}
+type FieldTrasnsformerFn = (params: FieldTrasnsformerFnParams) => unknown;
+
+interface CreateGuardProps {
+  payload: Record<string, unknown>;
+  user?: User;
+}
+type CreateGuardFn = (props: CreateGuardProps) => true | void;
+
+export interface CreatePermissionAction extends PermissionAction {
+  payloadGuard?: CreateGuardFn;
+  fields?: Record<string, true>;
+  mutate?: Record<string, FieldTrasnsformerFn>;
+}

package/lobb/src/config/permissionsAction/delete.ts

@@ -0,0 +1,3 @@
+import type { PermissionAction } from "../extensionConfigSchema.ts";
+
+export interface DeletePermissionAction extends PermissionAction {}

package/lobb/src/config/permissionsAction/read.ts

@@ -0,0 +1,10 @@
+import type { Filter } from "@lobb/core/types";
+import type { PermissionAction, User } from "../extensionConfigSchema.ts";
+
+export interface ReadPermissionAction extends PermissionAction {
+  /**
+   * Filter that gets passed to the db select query condition
+   */
+  filter?: Filter<{ user?: User }>;
+  fields?: Record<string, true>;
+}

package/lobb/src/config/permissionsAction/update.ts

@@ -0,0 +1,20 @@
+import type { PermissionAction, User } from "../extensionConfigSchema.ts";
+
+interface FieldTrasnsformerFnParams {
+  value: unknown;
+  payload: Record<string, unknown>;
+  user?: User;
+}
+type FieldTrasnsformerFn = (params: FieldTrasnsformerFnParams) => unknown;
+
+interface UpdateGuardProps {
+  payload: Record<string, unknown>;
+  user?: User;
+}
+type UpdateGuardFn = (props: UpdateGuardProps) => true | void;
+
+export interface UpdatePermissionAction extends PermissionAction {
+  payloadGuard?: UpdateGuardFn;
+  fields?: Record<string, true>;
+  mutate?: Record<string, FieldTrasnsformerFn>;
+}

package/lobb/src/database/init.ts

@@ -0,0 +1,51 @@
+import type { Lobb } from "@lobb/core/types";
+import { verify } from "@bronti/argon2";
+import { getExtensionConfig } from "../config/config.ts";
+import { checkCollectionsInPermissions } from "./utils.ts";
+
+export async function init(lobb: Lobb) {
+  checkCollectionsInPermissions(lobb);
+  await syncincAdminUserInDB(lobb);
+}
+
+async function syncincAdminUserInDB(lobb: Lobb) {
+  // syncinc the admin user in users collection
+  const config = getExtensionConfig();
+  const adminUserData = config.admin;
+  const users = lobb.utils.getCollectionService({
+    collectionName: "auth_users",
+  });
+  const entries = (await users.findAll({
+    params: {
+      filter: {
+        role: "admin",
+      },
+      sort: "id",
+    },
+  })).data;
+  const adminUser = entries[0];
+  if (!adminUser) {
+    await users.createOne({
+      data: {
+        email: adminUserData.email,
+        password: adminUserData.password,
+        role: "admin",
+      },
+    });
+  } else {
+    const passwordIdentical = await verify(
+      adminUserData.password,
+      adminUser.password,
+    );
+
+    if (adminUser.email !== adminUserData.email || !passwordIdentical) {
+      await users.updateOne({
+        id: adminUser.id,
+        data: {
+          email: adminUserData.email,
+          password: adminUserData.password,
+        },
+      });
+    }
+  }
+}

package/lobb/src/database/migrations.ts

@@ -0,0 +1,56 @@
+import type { Migrations } from "@lobb/core/types";
+
+export const migrations: Migrations = {
+  "create_users_collections": {
+    async up(props) {
+      await props.driver.createCollection("auth_users", {
+        "indexes": {
+          "email_index": {
+            "unique": true,
+            "fields": {
+              "email": {
+                "order": "asc",
+              },
+            },
+          },
+        },
+        "fields": {
+          "id": {
+            "type": "integer",
+          },
+          "email": {
+            "type": "string",
+            "length": 255,
+            "validators": {
+              "required": true,
+              "validator": {
+                "name": "isEmail",
+              },
+              "maxLength": 255,
+            },
+          },
+          "password": {
+            "type": "string",
+            "length": 255,
+            "validators": {
+              "required": true,
+            },
+            "pre_processors": {
+              "hash": true,
+            },
+          },
+          "role": {
+            "type": "string",
+            "length": 255,
+            "validators": {
+              "required": true,
+            },
+          },
+        },
+      });
+    },
+    async down(props) {
+      await props.driver.dropCollection("auth_users");
+    },
+  },
+};

package/lobb/src/database/utils.ts

@@ -0,0 +1,35 @@
+import type { Lobb } from "@lobb/core/types";
+import { LobbError } from "@lobb/core";
+import { getExtensionConfig } from "../config/config.ts";
+
+export function checkCollectionsInPermissions(
+  lobb: Lobb,
+) {
+  const authExtensionConfig = getExtensionConfig();
+  for (const roleName in authExtensionConfig.roles) {
+    const role = authExtensionConfig.roles[roleName];
+
+    if (typeof role === "undefined") {
+      throw new LobbError({
+        code: "INTERNAL_SERVER_ERROR",
+        message: `The (${roleName}) role in the auth permissions doesnt exist`,
+      });
+    }
+
+    const permissions = role.permissions;
+    const collectionNames = Object.keys(permissions);
+    for (let index = 0; index < collectionNames.length; index++) {
+      const collectionName = collectionNames[index];
+      const collectionExists = lobb.configManager.collectionExists(
+        collectionName,
+      );
+      if (!collectionExists) {
+        throw new LobbError({
+          code: "INTERNAL_SERVER_ERROR",
+          message:
+            `The (${collectionName}) collection in the auth permissions doesnt exist`,
+        });
+      }
+    }
+  }
+}

package/lobb/src/extension.json

@@ -0,0 +1 @@
+{}

package/lobb/src/meta/meta.ts

@@ -0,0 +1,11 @@
+import type { Lobb } from "@lobb/core/types";
+import { getExtensionConfig } from "../config/config.ts";
+
+export async function meta(lobb: Lobb) {
+  const config = getExtensionConfig();
+  const meta: any = {};
+
+  meta["dashboard_access_roles"] = config.dashboard_access_roles ?? ["admin"];
+
+  return meta;
+}

package/lobb/src/mod.ts

@@ -0,0 +1,27 @@
+import type { Extension } from "@lobb/core/types";
+import type { ExtensionConfig } from "./config/extensionConfigSchema.ts";
+
+import denoJson from "../../deno.json" with { type: "json" };
+import extension from "./extension.json" with { type: "json" };
+import { init } from "./database/init.ts";
+import { collections } from "./collections/collections.ts";
+import { meta } from "./meta/meta.ts";
+import { migrations } from "./database/migrations.ts";
+import { setExtensionConfig } from "./config/config.ts";
+import { getWorkflows } from "./workflows/index.ts";
+// import { openapi } from "./openapi.ts";
+
+export function auth(extensionConfig: ExtensionConfig): Extension {
+  setExtensionConfig(extensionConfig);
+  return {
+    version: denoJson.version,
+    name: "auth",
+    init: init,
+    collections: collections,
+    migrations: migrations,
+    meta: meta,
+    workflows: getWorkflows(),
+    dashboard: extension,
+    // openapi: openapi,
+  };
+}