@lobb-js/lobb-ext-auth 0.1.67 → 0.2.2

package/extensions/auth/openapi.ts

@@ -0,0 +1,469 @@
+export const openapi = {
+  components: {
+    email_provider: {
+      type: "object",
+      properties: {
+        provider: {
+          type: "string",
+          default: "email",
+          required: false,
+        },
+        email: {
+          type: "string",
+          example: "admin@test.com",
+          required: true,
+        },
+        password: {
+          type: "string",
+          required: true,
+        },
+      },
+    },
+    firebase_provider: {
+      type: "object",
+      properties: {
+        provider: {
+          type: "string",
+          const: "firebase",
+          required: true,
+        },
+        token: {
+          type: "string",
+          required: true,
+        },
+      },
+    },
+  },
+  paths: {
+    "/api/extensions/auth/login": {
+      post: {
+        tags: [
+          "auth",
+        ],
+        summary: `Login a user`,
+        description:
+          `This is used to login a user by email or any other adapter`,
+        requestBody: {
+          required: true,
+          content: {
+            "application/json": {
+              schema: {
+                oneOf: [
+                  {
+                    "$ref": "#/components/schemas/email_provider",
+                  },
+                  {
+                    "$ref": "#/components/schemas/firebase_provider",
+                  },
+                ],
+              },
+            },
+          },
+        },
+        responses: {
+          "200": {
+            description: "Successful operation",
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  properties: {
+                    access_token: {
+                      type: "object",
+                      example: {
+                        id: 67,
+                        email: "admin@test.com",
+                        password:
+                          "$argon2id$v=19$m=65536,t=3,p=4$861dgvjWHc9Lizr5YAHTTg$Nl7kRBPz4X4M5s46f286obEL4S7SrMtYPvmkUpo++kk",
+                        role: "admin",
+                      },
+                    },
+                    user: {
+                      type: "object",
+                      example: {
+                        token:
+                          "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6NjcsImVtYWlsIjoiYWRtaW5AdGVzdC5jb20iLCJwYXNzd29yZCI6IiRhcmdvbjJpZCR2PTE5JG09NjU1MzYsdD0zLHA9NCQ4NjFkZ3ZqV0hjOUxpenI1WUFIVFRnJE5sN2tSQlB6NFg0TTVzNDZmMjg2b2JFTDRTN1NyTXRZUHZta1Vwbysra2siLCJyb2xlIjoiYWRtaW4iLCJpc0F1dGhlbnRpY2F0ZWQiOnRydWUsImlhdCI6MTc0MjQ2OTkyMiwiZXhwIjoxNzQzNzY1OTIyfQ.wpyYRLgAE5atrSS8PHyXaSGQENiw4s-KjwPKaZ_ptB8",
+                        expires_in: 1743765922,
+                        issued_at: 1742469922,
+                      },
+                    },
+                  },
+                },
+              },
+            },
+          },
+          "500": {
+            description: "Internal Error",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: `#/components/schemas/internalErrorReponse`,
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+    "/api/extensions/auth/me": {
+      get: {
+        tags: [
+          "auth",
+        ],
+        summary: `Get current user`,
+        description: `This is used to get information of the logged in user`,
+        responses: {
+          "200": {
+            description: "Successful operation",
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  example: {
+                    email: "admin@test.com",
+                    role: "admin",
+                  },
+                },
+              },
+            },
+          },
+          "400": {
+            description: "Bad Request",
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  example: {
+                    "status": 400,
+                    "code": "BAD_REQUEST",
+                    "message": "You need to provide an access token.",
+                  },
+                },
+              },
+            },
+          },
+          "401": {
+            description: "Unauthorized",
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  example: {
+                    "status": 401,
+                    "code": "UNAUTHORIZED",
+                    "message":
+                      "The password provided is incorrect. Please verify and try again.",
+                  },
+                },
+              },
+            },
+          },
+          "500": {
+            description: "Internal Error",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: `#/components/schemas/internalErrorReponse`,
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+    "/api/extensions/auth/refresh": {
+      post: {
+        tags: [
+          "auth",
+        ],
+        summary: `Refresh Token`,
+        description: `This endpoint is used to refresh your access token`,
+        parameters: [
+          {
+            "name": "lobb_refresh_token",
+            "in": "cookie",
+            "required": true,
+            "description": "The refresh token cookie.",
+            "schema": {
+              "type": "string",
+              "example":
+                "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.dozjgNryP4J3jVmNHl0w5N_XgL0n3I9PlFUP0THsR8U",
+            },
+          },
+        ],
+        responses: {
+          "200": {
+            description: "Successful operation",
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  example: {
+                    access_token: {
+                      token:
+                        "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTAxLCJlbWFpbCI6ImFkbWluQHRlc3QuY29tIiwicGFzc3dvcmQiOiIkYXJnb24yaWQkdj0xOSRtPTY1NTM2LHQ9MyxwPTQkYVEvR3ZTbk5uL21wU3ZwZVhDbWNTQSRZNkk2S0h2L1BtTGRyQUp0QnUzRnZlS0JoTGpzVXpIWWgveWh2UnlxYklRIiwicm9sZSI6ImFkbWluIiwiaXNBdXRoZW50aWNhdGVkIjpmYWxzZSwiaWF0IjoxNzQyNDgwODcyLCJleHAiOjE3NDI0ODA4NzJ9.gGo65nmYi6-88JEG-zVJ8C65yo5dNqR5ATJPZJZZu0c",
+                      expires_in: 1742480872,
+                      issued_at: 1742480872,
+                    },
+                  },
+                },
+              },
+            },
+          },
+          "500": {
+            description: "Internal Error",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: `#/components/schemas/internalErrorReponse`,
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+    "/api/extensions/auth/logout": {
+      delete: {
+        tags: [
+          "auth",
+        ],
+        summary: `Logout`,
+        description: `This endpoint is used to delete the refresh token`,
+        parameters: [
+          {
+            "name": "lobb_refresh_token",
+            "in": "cookie",
+            "required": true,
+            "description": "The refresh token cookie.",
+            "schema": {
+              "type": "string",
+              "example":
+                "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.dozjgNryP4J3jVmNHl0w5N_XgL0n3I9PlFUP0THsR8U",
+            },
+          },
+        ],
+        responses: {
+          "200": {
+            description: "Successful operation",
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  example: {
+                    message: "Successfully logged out",
+                  },
+                },
+              },
+            },
+          },
+          "500": {
+            description: "Internal Error",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: `#/components/schemas/internalErrorReponse`,
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+    "/api/extensions/auth/reset_password_request": {
+      post: {
+        tags: [
+          "auth",
+        ],
+        summary: `Reset password request`,
+        description: `Send a reset password request email to the user`,
+        requestBody: {
+          required: true,
+          content: {
+            "application/json": {
+              schema: {
+                type: "object",
+                example: {
+                  email: "admin@test.com",
+                },
+              },
+            },
+          },
+        },
+        responses: {
+          "200": {
+            description: "Successful operation",
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  example: {
+                    message: "Successfully logged out",
+                  },
+                },
+              },
+            },
+          },
+          "500": {
+            description: "Internal Error",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: `#/components/schemas/internalErrorReponse`,
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+    "/api/extensions/auth/reset_password": {
+      post: {
+        tags: [
+          "auth",
+        ],
+        summary: `Reset password`,
+        description: `Send a reset password request to the user's email`,
+        requestBody: {
+          required: true,
+          content: {
+            "application/json": {
+              schema: {
+                type: "object",
+                example: {
+                  token: "non_valid_token",
+                  new_password: "new_pass",
+                },
+              },
+            },
+          },
+        },
+        responses: {
+          "200": {
+            description: "Successful operation",
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  example: {
+                    message: "The reset token is not valid",
+                  },
+                },
+              },
+            },
+          },
+          "500": {
+            description: "Internal Error",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: `#/components/schemas/internalErrorReponse`,
+                },
+              },
+            },
+          },
+        },
+      },
+      get: {
+        tags: [
+          "auth",
+        ],
+        summary: `Reset password html Page`,
+        description: `Returns an html UI page`,
+        parameters: [
+          {
+            "name": "reset_token",
+            "in": "query",
+            "required": true,
+            "description": "The token thats used to reset the password.",
+            "schema": {
+              "type": "string",
+              "example":
+                "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.dozjgNryP4J3jVmNHl0w5N_XgL0n3I9PlFUP0THsR8U",
+            },
+          },
+        ],
+        responses: {
+          "200": {
+            description: "Successful operation",
+            content: {
+              "text/html": {
+                schema: {
+                  type: "string",
+                },
+              },
+            },
+          },
+          "500": {
+            description: "Internal Error",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: `#/components/schemas/internalErrorReponse`,
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+    "/api/extensions/auth/change_password": {
+      post: {
+        tags: [
+          "auth",
+        ],
+        summary: `Change Password`,
+        description: "This is used for the current user to change his password",
+        "parameters": [
+          {
+            "in": "header",
+            "name": "Authorization",
+            "schema": {
+              "type": "string",
+            },
+            "required": true,
+          },
+        ],
+        requestBody: {
+          required: true,
+          content: {
+            "application/json": {
+              schema: {
+                type: "object",
+                example: {
+                  old_password: "admin",
+                  new_password: "new_pass",
+                },
+              },
+            },
+          },
+        },
+        responses: {
+          "200": {
+            description: "Successful operation",
+            content: {
+              "application/json": {
+                schema: {
+                  type: "object",
+                  example: {
+                    message: "The password was changed successfully",
+                  },
+                },
+              },
+            },
+          },
+          "500": {
+            description: "Internal Error",
+            content: {
+              "application/json": {
+                schema: {
+                  $ref: `#/components/schemas/internalErrorReponse`,
+                },
+              },
+            },
+          },
+        },
+      },
+    },
+  },
+};

package/extensions/auth/studio/tests/login.spec.ts

@@ -0,0 +1,34 @@
+import { test, expect } from "@playwright/test";
+
+const ADMIN_EMAIL = "admin@example.com";
+const ADMIN_PASSWORD = "admin";
+const LOGIN_URL = "/studio/extensions/auth/login_page";
+const STUDIO_URL = "/studio";
+
+test.describe("Login page", () => {
+  test.beforeEach(async ({ page }) => {
+    await page.goto(LOGIN_URL);
+  });
+
+  test("shows the login form", async ({ page }) => {
+    await expect(page.getByText("Welcome back")).toBeVisible();
+    await expect(page.getByPlaceholder("email@example.com")).toBeVisible();
+    await expect(page.getByPlaceholder("••••••••")).toBeVisible();
+    await expect(page.getByRole("button", { name: "Sign In" })).toBeVisible();
+  });
+
+  test("logs in with valid credentials and redirects to studio", async ({ page }) => {
+    await page.getByPlaceholder("email@example.com").fill(ADMIN_EMAIL);
+    await page.getByPlaceholder("••••••••").fill(ADMIN_PASSWORD);
+    await page.getByRole("button", { name: "Sign In" }).click();
+
+    await page.waitForURL(STUDIO_URL);
+    expect(page.url()).toContain(STUDIO_URL);
+  });
+
+  test("shows error toast on empty form submission", async ({ page }) => {
+    await page.getByRole("button", { name: "Sign In" }).click();
+
+    await expect(page.getByText("Please complete all fields")).toBeVisible();
+  });
+});

package/extensions/auth/studio/tests/package.json

@@ -0,0 +1 @@
+{"type": "commonjs"}

package/extensions/auth/studio/tests/playwright.config.cjs

@@ -0,0 +1,27 @@
+const { defineConfig, devices } = require("@playwright/test");
+
+module.exports = defineConfig({
+  testDir: __dirname,
+  testMatch: "**/*.spec.ts",
+  fullyParallel: true,
+  retries: 0,
+  expect: { timeout: 15000 },
+  use: {
+    baseURL: "http://localhost:3000",
+    trace: "on-first-retry",
+    headless: true,
+  },
+  projects: [
+    {
+      name: "chromium",
+      use: { ...devices["Desktop Chrome"] },
+    },
+  ],
+  // Automatically start the dev server before running tests
+  webServer: {
+    command: "bun run dev",
+    url: "http://localhost:3000/studio",
+    reuseExistingServer: true,
+    cwd: "../../../../", // packages/auth-ext root
+  },
+});

package/extensions/auth/tests/collections/extend_users_collection.test.ts

@@ -0,0 +1,61 @@
+import { Lobb } from "@lobb-js/core";
+import { afterAll, beforeAll, describe, it, expect } from "bun:test";
+import { authWithExtendUsersConfig } from "../configs/auth_with_extend_users.ts";
+
+describe("extend users collection", () => {
+  let lobb: Lobb;
+  let baseUrl: string;
+
+  beforeAll(async () => {
+    lobb = await Lobb.init(authWithExtendUsersConfig);
+    baseUrl = `http://127.0.0.1:${lobb.webServer.port}`;
+  });
+
+  afterAll(async () => {
+    await lobb.collectionService.deleteMany({
+      collectionName: "auth_users",
+      filter: {},
+      force: true,
+    });
+    await lobb.close();
+  });
+
+  it("should return a result with all the additional fields that exists in the (extend_users)", async () => {
+    const response = await fetch(
+      `${baseUrl}/api/collections/auth_users`,
+      {
+        method: "POST",
+        body: JSON.stringify({
+          data: {
+            email: "test@test.com",
+            password: "test",
+            role: "admin",
+            name: "test",
+            bio: "test",
+            language: "ar",
+          },
+        }),
+      },
+    );
+    await response.json();
+
+    const response2 = await fetch(
+      `${baseUrl}/api/collections/auth_users?sort=id`,
+      {
+        method: "GET",
+      },
+    );
+    const result2 = await response2.json();
+
+    expect(response2.status).toEqual(200);
+    expect(
+      result2.data[1],
+    ).toMatchObject({
+        role: "admin",
+        email: "test@test.com",
+        name: "test",
+        bio: "test",
+        language: "ar",
+    });
+  });
+});

package/extensions/auth/tests/configs/auth.ts

@@ -0,0 +1,73 @@
+import type { Config } from "@lobb-js/core";
+import auth from "../../index.ts";
+
+export const authConfig: Config = {
+  project: {
+    name: "Lobb",
+    force_sync: true,
+    support_email: "support@lobb.com",
+  },
+  database: {
+    host: "localhost",
+    port: 5432,
+    username: "test",
+    password: "test",
+    database: "*",
+
+  },
+  web_server: {
+    host: "0.0.0.0",
+    port: 0,
+  },
+  extensions: [
+    auth({
+      admin: {
+        password: "admin",
+        email: "admin@test.com",
+      },
+      extend_users: {
+        fields: {
+          name: {
+            type: "string",
+            length: 255,
+          },
+        },
+      },
+      roles: {
+        public: {
+          permissions: {
+            auth_users: {
+              create: true,
+            },
+          },
+        },
+      },
+    }),
+  ],
+  collections: {
+    articles: {
+      indexes: {},
+      fields: {
+        id: {
+          type: "integer",
+        },
+        title: {
+          type: "string",
+          length: 255,
+        },
+        body: {
+          type: "text",
+        },
+        published: {
+          type: "bool",
+        },
+        number_of_likes: {
+          type: "integer",
+        },
+        user_id: {
+          type: "integer",
+        },
+      },
+    },
+  },
+};