@lobb-js/lobb-ext-auth 0.1.66 → 0.2.1

package/extensions/auth/tests/utils/addArticles.ts

@@ -0,0 +1,22 @@
+import type { Lobb } from "@lobb-js/core";
+import { articles } from "../utils/data/articles.ts";
+
+export async function createArticles(lobb: Lobb) {
+  const createdArticles: any[] = [];
+  for (let index = 0; index < articles.length; index++) {
+    const article = articles[index];
+    const createdArticle = (await lobb.collectionService.createOne({
+      collectionName: "articles",
+      data: article,
+    })).data;
+    createdArticles.push(createdArticle);
+  }
+
+  return createdArticles.map((article) => article.id);
+}
+
+export async function removeArticles(lobb: Lobb) {
+  await lobb.collectionService.deleteMany({
+    collectionName: "articles",
+  });
+}

package/extensions/auth/tests/utils/addSocialBlogArticles.ts

@@ -0,0 +1,52 @@
+import type { Lobb } from "@lobb-js/core";
+import { articles } from "./data/socialBlogArticles.ts";
+
+export async function createArticles(lobb: Lobb) {
+  // clean collections
+  await removeArticles(lobb);
+
+  // create the owner user
+  const user = (await lobb.collectionService.createOne({
+    collectionName: "auth_users",
+    data: {
+      email: "john@gmail.com",
+      password: "123456",
+      role: "author",
+    },
+  })).data;
+  const user2 = (await lobb.collectionService.createOne({
+    collectionName: "auth_users",
+    data: {
+      email: "doe@gmail.com",
+      password: "123456",
+      role: "author",
+    },
+  })).data;
+
+  // create the articles
+  const createdArticles: any[] = [];
+  for (let index = 0; index < articles.length; index++) {
+    const article: any = articles[index];
+    article["author_id"] = index > (articles.length / 2) ? user2.id : user.id;
+    const createdArticle = (await lobb.collectionService.createOne({
+      collectionName: "articles",
+      data: article,
+    })).data;
+    createdArticles.push(createdArticle);
+  }
+
+  return createdArticles.map((article) => article.id);
+}
+
+export async function removeArticles(lobb: Lobb) {
+  await lobb.collectionService.deleteMany({
+    collectionName: "articles",
+    filter: {},
+    force: true,
+  });
+  await lobb.collectionService.deleteMany({
+    collectionName: "auth_users",
+    filter: {},
+    force: true,
+  });
+}

package/extensions/auth/tests/utils/data/articles.ts

@@ -0,0 +1,65 @@
+export const articles = [
+  {
+    title: "The Future of AI: Trends Shaping Tomorrow's Technology",
+    body:
+      "Explore how artificial intelligence is evolving, from machine learning innovations to ethical challenges in AI governance. This article delves into the transformative potential AI holds for industries like healthcare, finance, and automation.",
+    number_of_likes: 454,
+    published: null,
+  },
+  {
+    title: "Climate Change and Its Impact on Global Food Security",
+    body:
+      "This article examines the effect of climate change on agriculture and global food production. It covers rising temperatures, changing weather patterns, and their implications for food supply chains, emphasizing the need for sustainable farming practices Wow.",
+    number_of_likes: 1212,
+  },
+  {
+    title: "The Rise of Remote Work: Is the Office Dead?",
+    body:
+      "A comprehensive analysis of How remote work has redefined the modern workplace post-pandemic. It discusses benefits and challenges for both employers and employees, and whether traditional office spaces will continue to exist in the future.",
+    number_of_likes: 9848,
+    published: true,
+  },
+  {
+    title: "Blockchain Beyond Cryptocurrency: Practical Applications in 2024",
+    body:
+      "Blockchain technology extends far beyond Bitcoin and digital currencies. This article explains its real-world uses in supply chain management, healthcare, and secure voting systems, highlighting successful implementations and ongoing experiments.",
+    number_of_likes: 10,
+  },
+  {
+    title: "Mental Health in the Digital Age: Navigating the New Challenges",
+    body:
+      "With increasing screen time and social media usage, mental health issues have taken new forms. This article addresses the growing concerns around digital addiction, online anxiety, and the role of tech companies in promoting well-being wow.",
+    number_of_likes: 5,
+  },
+  {
+    title: "Understanding Quantum Computing: The Next Tech Revolution",
+    body:
+      "Quantum computing promises to solve problems too complex for classical computers. This article breaks down the fundamentals of quantum technology, its current state, and its future potential across industries like pharmaceuticals, logistics, and cybersecurity.",
+    number_of_likes: 156,
+  },
+  {
+    title: "Sustainable Fashion: How the Industry is Going Green",
+    body:
+      "With environmental consciousness on the rise, the fashion industry is pivoting toward sustainability. This article looks at eco-friendly materials, ethical manufacturing processes, and how major brands are embracing the green movement wow.",
+    number_of_likes: 89,
+  },
+  {
+    title: "The Role of 5G in Revolutionizing Smart Cities",
+    body:
+      "As 5G networks roll out globally, smart cities are becoming a reality. This wow article covers how 5G technology wow will enable real-time data sharing, improve urban infrastructure, wow and enhance public services through IoT devices and smart sensors.",
+    number_of_likes: 15,
+  },
+  {
+    title: "Digital Marketing in 2024: Emerging Strategies for Success",
+    body:
+      "The landscape of digital marketing is rapidly changing with the rise of AI, personalized experiences, and social commerce. This article outlines the most promising strategies to stay ahead in 2024, from leveraging data analytics to mastering content creation wow.",
+    number_of_likes: 87,
+  },
+  {
+    title:
+      "The Future of Renewable Energy: Innovations Driving a Clean Energy Revolution",
+    body:
+      "As the world shifts toward green energy, this article highlights wow the latest innovations in solar, wind, and hydropower technologies. It also discusses policy trends, wow global investment in renewables, wow and the challenges in achieving net-zero emissions by 2050 wow.",
+    number_of_likes: 48,
+  },
+];

package/extensions/auth/tests/utils/data/socialBlogArticles.ts

@@ -0,0 +1,56 @@
+export const articles = [
+  {
+    title: "The Future of AI: Trends Shaping Tomorrow's Technology",
+    body:
+      "Explore how artificial intelligence is evolving, from machine learning innovations to ethical challenges in AI governance. This article delves into the transformative potential AI holds for industries like healthcare, finance, and automation.",
+    status: "public",
+  },
+  {
+    title: "Climate Change and Its Impact on Global Food Security",
+    body:
+      "This article examines the effect of climate change on agriculture and global food production. It covers rising temperatures, changing weather patterns, and their implications for food supply chains, emphasizing the need for sustainable farming practices Wow.",
+  },
+  {
+    title: "The Rise of Remote Work: Is the Office Dead?",
+    body:
+      "A comprehensive analysis of How remote work has redefined the modern workplace post-pandemic. It discusses benefits and challenges for both employers and employees, and whether traditional office spaces will continue to exist in the future.",
+  },
+  {
+    title: "Blockchain Beyond Cryptocurrency: Practical Applications in 2024",
+    body:
+      "Blockchain technology extends far beyond Bitcoin and digital currencies. This article explains its real-world uses in supply chain management, healthcare, and secure voting systems, highlighting successful implementations and ongoing experiments.",
+  },
+  {
+    title: "Mental Health in the Digital Age: Navigating the New Challenges",
+    body:
+      "With increasing screen time and social media usage, mental health issues have taken new forms. This article addresses the growing concerns around digital addiction, online anxiety, and the role of tech companies in promoting well-being wow.",
+    status: "public",
+  },
+  {
+    title: "Understanding Quantum Computing: The Next Tech Revolution",
+    body:
+      "Quantum computing promises to solve problems too complex for classical computers. This article breaks down the fundamentals of quantum technology, its current state, and its future potential across industries like pharmaceuticals, logistics, and cybersecurity.",
+  },
+  {
+    title: "Sustainable Fashion: How the Industry is Going Green",
+    body:
+      "With environmental consciousness on the rise, the fashion industry is pivoting toward sustainability. This article looks at eco-friendly materials, ethical manufacturing processes, and how major brands are embracing the green movement wow.",
+  },
+  {
+    title: "The Role of 5G in Revolutionizing Smart Cities",
+    body:
+      "As 5G networks roll out globally, smart cities are becoming a reality. This wow article covers how 5G technology wow will enable real-time data sharing, improve urban infrastructure, wow and enhance public services through IoT devices and smart sensors.",
+    status: "public",
+  },
+  {
+    title: "Digital Marketing in 2024: Emerging Strategies for Success",
+    body:
+      "The landscape of digital marketing is rapidly changing with the rise of AI, personalized experiences, and social commerce. This article outlines the most promising strategies to stay ahead in 2024, from leveraging data analytics to mastering content creation wow.",
+  },
+  {
+    title:
+      "The Future of Renewable Energy: Innovations Driving a Clean Energy Revolution",
+    body:
+      "As the world shifts toward green energy, this article highlights wow the latest innovations in solar, wind, and hydropower technologies. It also discusses policy trends, wow global investment in renewables, wow and the challenges in achieving net-zero emissions by 2050 wow.",
+  },
+];

package/extensions/auth/utils.ts

@@ -0,0 +1,17 @@
+import type { Context } from "hono";
+
+export function getBearerToken(c: Context): string | null {
+  const authHeader = c.req.header("Authorization");
+  if (!authHeader) return null;
+
+  const [scheme, token] = authHeader.split(" ");
+  if (scheme !== "Bearer" || !token) return null;
+
+  return token;
+}
+
+export function generateRandomId(): string {
+  const array = new Uint8Array(32);
+  crypto.getRandomValues(array);
+  return Array.from(array).map((b) => b.toString(16).padStart(2, "0")).join("");
+}

package/extensions/auth/workflows/baseWorkflow.ts

@@ -0,0 +1,159 @@
+import type { Workflow } from "@lobb-js/core";
+import type { Context } from "hono";
+import type { User } from "../config/extensionConfigSchema.ts";
+import { generateRandomId, getBearerToken } from "../utils.ts";
+import { verify } from "argon2";
+
+export const baseWorkflows: Workflow[] = [
+  {
+    name: "auth_BearerTokenHandler",
+    eventName: "core.webserver.middlwares.pre",
+    handler: async (input, ctx) => {
+      const token = getBearerToken(input.context);
+      if (token) {
+        const sessionsResult = await ctx.workflows.collectionService({
+          method: "findAll",
+          props: {
+            collectionName: "auth_sessions",
+            params: {
+              filter: {
+                token,
+              },
+            },
+          },
+        });
+
+        const session = sessionsResult.data[0];
+
+        if (session) {
+          const usersResult = await ctx.workflows.collectionService({
+            method: "findAll",
+            props: {
+              collectionName: "auth_users",
+              params: {
+                filter: {
+                  id: session.user_id,
+                },
+              },
+            },
+          });
+          const user = usersResult.data[0];
+
+          const context = input.context as Context;
+          context.set("auth_session", session);
+          context.set("auth_user", user);
+        }
+      }
+    },
+  },
+  // auth_logins workflows
+  {
+    name: "auth_userLoginsHandler",
+    eventName: "core.controllers.preCreateOne",
+    handler: async (input, ctx) => {
+      if (input.collectionName === "auth_sessions") {
+        const payloadEmail = input.body.data.email;
+        const payloadPassword = input.body.data.password;
+
+        const users = await ctx.workflows.collectionService({
+          method: "findAll",
+          props: {
+            collectionName: "auth_users",
+            params: {
+              filter: {
+                email: payloadEmail,
+              },
+            },
+          },
+        });
+
+        if (!users.data.length) {
+          throw new ctx.LobbError({
+            code: "NOT_FOUND",
+            message: `The user with this email (${payloadEmail}) doesnt exist.`,
+          });
+        }
+
+        const user = users.data[0] as User;
+        const hashedPassword = user.password;
+
+        const passwordIsCorrect = await verify(
+          hashedPassword,
+          payloadPassword,
+        );
+        if (!passwordIsCorrect) {
+          throw new ctx.LobbError({
+            code: "UNAUTHORIZED",
+            message:
+              "The password provided is incorrect. Please verify and try again.",
+          });
+        }
+
+        const sessionPayload = {
+          token: generateRandomId(),
+          expires_at: new Date(Date.now() + 3600 * 1000),
+          user_id: user.id,
+        };
+
+        const sessionResult = await ctx.workflows.collectionService({
+          method: "createOne",
+          props: {
+            collectionName: "auth_sessions",
+            data: sessionPayload,
+          },
+        });
+
+        throw new Response(
+          JSON.stringify({
+            data: {
+              access_token: {
+                token: sessionPayload.token,
+                expires_at: sessionResult.data.expires_at,
+              },
+              user: {
+                id: user.id,
+                email: user.email,
+                role: user.role,
+              },
+            },
+          }),
+        );
+      }
+    },
+  },
+  {
+    name: "auth_userLogoutHandler",
+    eventName: "core.controllers.preDeleteMany",
+    handler: async (input, ctx) => {
+      if (input.collectionName === "auth_sessions") {
+        const context = input.context as Context;
+        const token = getBearerToken(context);
+
+        if (!token) {
+          throw new ctx.LobbError({
+            code: "BAD_REQUEST",
+            message:
+              "You should pass session's token through the bearer header",
+          });
+        }
+
+        await ctx.workflows.collectionService({
+          method: "deleteMany",
+          props: {
+            collectionName: "auth_sessions",
+            filter: {
+              token: token,
+            },
+          },
+        });
+
+        throw new Response(
+          null,
+          {
+            status: 204,
+          },
+        );
+      }
+    },
+  },
+];

package/extensions/auth/workflows/hashHandlerWorkflows.ts

@@ -0,0 +1,29 @@
+import type { Workflow } from "@lobb-js/core";
+import { hash } from "argon2";
+
+export const hashHandlerWorkflows: Workflow[] = [
+  // hash passwords on user create
+  {
+    name: "auth_hashPasswordWorkflow",
+    eventName: "core.store.preCreateOne",
+    handler: async (input) => {
+      if (input.collectionName === "auth_users") {
+        input.data.password = await hash(input.data.password);
+      }
+      return input;
+    },
+  },
+  // hash passwords on user update
+  {
+    name: "auth_hashPasswordWorkflowForUpdate",
+    eventName: "core.store.preUpdateOne",
+    handler: async (input) => {
+      if (input.collectionName === "auth_users") {
+        if (input.data.password) {
+          input.data.password = await hash(input.data.password);
+        }
+      }
+      return input;
+    },
+  },
+];

package/extensions/auth/workflows/index.ts

@@ -0,0 +1,29 @@
+import type { Workflow } from "@lobb-js/core";
+import type { ExtensionConfig } from "../config/extensionConfigSchema.ts";
+import { getPoliciesWorkflows } from "./policiesWorkflows.ts";
+import { meAliasWorkflows } from "./meAliasWorkflows.ts";
+import { baseWorkflows } from "./baseWorkflow.ts";
+import { hashHandlerWorkflows } from "./hashHandlerWorkflows.ts";
+
+export function getWorkflows(extensionConfig: ExtensionConfig): Workflow[] {
+  return [
+    ...baseWorkflows,
+    ...hashHandlerWorkflows,
+
+    // TODO: think about putting the below workflows above at the beggining
+    // this will give us the ability to specify which roles have the ability to login, register etc
+
+    // workflows that handles policies
+    ...meAliasWorkflows,
+    ...getPoliciesWorkflows(extensionConfig),
+    // TODO: record users activity feed
+    // {
+    //   name: "auth_activityFeedCreateWorkflow",
+    //   eventName: "core.store.createOne",
+    //   handler: async (input) => {
+    //     // TODO: insert a activity feed in here
+    //     return input;
+    //   },
+    // },
+  ];
+}

package/extensions/auth/workflows/meAliasWorkflows.ts

@@ -0,0 +1,48 @@
+import type { EventContext, Workflow } from "@lobb-js/core";
+import type { Context } from "hono";
+import type { User } from "../config/extensionConfigSchema.ts";
+
+function resolveMeAlias(input: any, ctx: EventContext): number {
+  if (input.collectionName === "auth_users" && input.id === "me") {
+    const context = input.context as Context;
+    const currentUser = context.get("auth_user") as User | undefined;
+
+    if (!currentUser) {
+      throw new ctx.LobbError({
+        code: "BAD_REQUEST",
+        message: "You need to provide an access token.",
+      });
+    }
+
+    return currentUser.id;
+  }
+
+  return input.id;
+}
+
+export const meAliasWorkflows: Workflow[] = [
+  {
+    name: "auth_userFindOneMeAlias",
+    eventName: "core.store.preFindOne",
+    handler: async (input, ctx) => {
+      input.id = resolveMeAlias(input, ctx);
+      return input;
+    },
+  },
+  {
+    name: "auth_userPreUpdateMeAlias",
+    eventName: "core.store.preUpdateOne",
+    handler: async (input, ctx) => {
+      input.id = resolveMeAlias(input, ctx);
+      return input;
+    },
+  },
+  {
+    name: "auth_userPreDeleteMeAlias",
+    eventName: "core.store.preDeleteOne",
+    handler: async (input, ctx) => {
+      input.id = resolveMeAlias(input, ctx);
+      return input;
+    },
+  },
+];