@lowdefy/api 4.0.0-alpha.9 → 4.0.0-rc.0

package/dist/context/createApiContext.js

@@ -12,22 +12,24 @@
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
-*/ import createReadConfigFile from './readConfigFile.js';
-async function createApiContext({ buildDirectory , connections , logger , operators , secrets  }) {
+*/ import createAuthorize from './createAuthorize.js';
+import createReadConfigFile from './createReadConfigFile.js';
+function createApiContext({ buildDirectory , config , connections , fileCache , logger , operators , secrets , session ,  }) {
     const readConfigFile = createReadConfigFile({
-        buildDirectory
+        buildDirectory,
+        fileCache
     });
-    const config = await readConfigFile('config.json');
     return {
-        authenticated: false,
-        authorize: ()=>true
-        ,
+        authorize: createAuthorize({
+            session
+        }),
         config,
         connections,
         logger,
         operators,
         readConfigFile,
-        secrets
+        secrets,
+        user: session?.user
     };
 }
 export default createApiContext;

package/dist/context/createAuthorize.js

@@ -13,13 +13,16 @@
   See the License for the specific language governing permissions and
   limitations under the License.
 */ import { ServerError } from '../context/errors.js';
-function createAuthorize({ authenticated =false , roles =[]  }) {
+function createAuthorize({ session  }) {
+    // Next-auth getSession provides a session object if the user is authenticated
+    // else session will be null
+    const authenticated = !!session;
+    const roles = session?.user?.roles ?? [];
     function authorize({ auth  }) {
         if (auth.public === true) return true;
         if (auth.public === false) {
             if (auth.roles) {
-                return authenticated && auth.roles.some((role)=>roles.includes(role)
-                );
+                return authenticated && auth.roles.some((role)=>roles.includes(role));
             }
             return authenticated;
         }

package/dist/context/{readConfigFile.js → createReadConfigFile.js}

@@ -15,7 +15,7 @@
 */ import path from 'path';
 import { cachedPromises } from '@lowdefy/helpers';
 import { getFileExtension, readFile } from '@lowdefy/node-utils';
-function createReadConfigFile({ buildDirectory  }) {
+function createReadConfigFile({ buildDirectory , fileCache  }) {
     async function readConfigFile(filePath) {
         const fileContent = await readFile(path.resolve(buildDirectory, filePath));
         if (getFileExtension(filePath) === 'json') {
@@ -23,6 +23,9 @@ function createReadConfigFile({ buildDirectory  }) {
         }
         return fileContent;
     }
-    return cachedPromises(readConfigFile);
+    return cachedPromises({
+        cache: fileCache,
+        getter: readConfigFile
+    });
 }
 export default createReadConfigFile;

package/dist/context/errors.js

@@ -12,13 +12,7 @@
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
-*/ /* eslint-disable max-classes-per-file */ let AuthenticationError = class AuthenticationError extends Error {
-    constructor(message){
-        super(message);
-        this.name = 'AuthenticationError';
-    }
-};
-let ConfigurationError = class ConfigurationError extends Error {
+*/ /* eslint-disable max-classes-per-file */ let ConfigurationError = class ConfigurationError extends Error {
     constructor(message){
         super(message);
         this.name = 'ConfigurationError';
@@ -36,10 +30,4 @@ let ServerError = class ServerError extends Error {
         this.name = 'ServerError';
     }
 };
-let TokenExpiredError = class TokenExpiredError extends Error {
-    constructor(message){
-        super(message);
-        this.name = 'TokenExpiredError';
-    }
-};
-export { AuthenticationError, ConfigurationError, RequestError, ServerError, TokenExpiredError };
+export { ConfigurationError, RequestError, ServerError };

package/dist/index.js

@@ -15,7 +15,8 @@
 */ import callRequest from './routes/request/callRequest.js';
 import createApiContext from './context/createApiContext.js';
 import getHomeAndMenus from './routes/rootConfig/getHomeAndMenus.js';
+import getNextAuthConfig from './routes/auth/getNextAuthConfig.js';
 import getPageConfig from './routes/page/getPageConfig.js';
 import getRootConfig from './routes/rootConfig/getRootConfig.js';
-import { AuthenticationError, ConfigurationError, RequestError, ServerError, TokenExpiredError } from './context/errors.js';
-export { AuthenticationError, callRequest, ConfigurationError, createApiContext, getHomeAndMenus, getPageConfig, getRootConfig, RequestError, ServerError, TokenExpiredError };
+import { ConfigurationError, RequestError, ServerError } from './context/errors.js';
+export { callRequest, ConfigurationError, createApiContext, getHomeAndMenus, getNextAuthConfig, getPageConfig, getRootConfig, RequestError, ServerError };

package/dist/routes/auth/callbacks/addUserFieldsToSession.js

@@ -0,0 +1,27 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ function addUserFieldsToSession(context, { session , token , authConfig , user  }) {
+    if (token) {
+        Object.keys(authConfig.userFields).forEach((fieldName)=>{
+            session.user[fieldName] = token[fieldName];
+        });
+    }
+    if (user) {
+        Object.keys(authConfig.userFields).forEach((fieldName)=>{
+            session.user[fieldName] = user[fieldName];
+        });
+    }
+}
+export default addUserFieldsToSession;

package/dist/routes/auth/callbacks/addUserFieldsToToken.js

@@ -0,0 +1,36 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import { get } from '@lowdefy/helpers';
+function addUserFieldsToToken(context, { account , authConfig , profile , token , user  }) {
+    // const { debug } = context.logger;
+    const objects = {
+        account,
+        profile,
+        user
+    };
+    // TODO: Add when debug is fixed.
+    // debug('Adding userFields to user. Available provider data is:');
+    // debug(objects);
+    Object.entries(authConfig.userFields).forEach(([lowdefyFieldName, providerFieldName])=>{
+        const value = get(objects, providerFieldName);
+        // debug(
+        //   `Adding provider field "${providerFieldName}" with value ${JSON.stringify(
+        //     value
+        //   )} as "${lowdefyFieldName}"`
+        // );
+        token[lowdefyFieldName] = value;
+    });
+}
+export default addUserFieldsToToken;

package/dist/routes/auth/callbacks/createCallbackPlugins.js

@@ -0,0 +1,21 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ function createCallbackPlugins({ authConfig , plugins , type  }) {
+    return authConfig.callbacks.map((callbackConfig)=>({
+            fn: plugins.callbacks[callbackConfig.type],
+            properties: callbackConfig.properties
+        })).filter((callback)=>callback.fn.meta.type === type);
+}
+export default createCallbackPlugins;

package/dist/routes/auth/callbacks/createCallbacks.js

@@ -0,0 +1,43 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import createJWTCallback from './createJWTCallback.js';
+import createRedirectCallback from './createRedirectCallback.js';
+import createSessionCallback from './createSessionCallback.js';
+import createSignInCallback from './createSignInCallback.js';
+function createCallbacks(context, { authConfig , plugins  }) {
+    const callbacks = {
+        session: createSessionCallback(context, {
+            authConfig,
+            plugins
+        })
+    };
+    const jwt = createJWTCallback(context, {
+        authConfig,
+        plugins
+    });
+    if (jwt) callbacks.jwt = jwt;
+    const redirect = createRedirectCallback(context, {
+        authConfig,
+        plugins
+    });
+    if (redirect) callbacks.redirect = redirect;
+    const signIn = createSignInCallback(context, {
+        authConfig,
+        plugins
+    });
+    if (signIn) callbacks.signIn = signIn;
+    return callbacks;
+}
+export default createCallbacks;

package/dist/routes/auth/callbacks/createJWTCallback.js

@@ -0,0 +1,75 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import addUserFieldsToToken from './addUserFieldsToToken.js';
+import createCallbackPlugins from './createCallbackPlugins.js';
+function createJWTCallback(context, { authConfig , plugins  }) {
+    const jwtCallbackPlugins = createCallbackPlugins({
+        authConfig,
+        plugins,
+        type: 'jwt'
+    });
+    async function jwtCallback({ token , user , account , profile , isNewUser  }) {
+        if (profile) {
+            const { sub , name , given_name , family_name , middle_name , nickname , preferred_username , profile: profile_claim , picture , website , email , email_verified , gender , birthdate , zoneinfo , locale , phone_number , phone_number_verified , address , updated_at ,  } = profile;
+            token = {
+                sub,
+                name,
+                given_name,
+                family_name,
+                middle_name,
+                nickname,
+                preferred_username,
+                profile: profile_claim,
+                picture,
+                website,
+                email,
+                email_verified,
+                gender,
+                birthdate,
+                zoneinfo,
+                locale,
+                phone_number,
+                phone_number_verified,
+                address,
+                updated_at,
+                ...token
+            };
+        }
+        if (profile || user) {
+            if (authConfig.userFields) {
+                addUserFieldsToToken(context, {
+                    authConfig,
+                    account,
+                    profile,
+                    token,
+                    user
+                });
+            }
+        }
+        for (const plugin of jwtCallbackPlugins){
+            token = await plugin.fn({
+                properties: plugin.properties ?? {},
+                account,
+                isNewUser,
+                profile,
+                token,
+                user
+            });
+        }
+        return token;
+    }
+    return jwtCallback;
+}
+export default createJWTCallback;

package/dist/routes/auth/callbacks/createRedirectCallback.js

@@ -0,0 +1,36 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import createCallbackPlugins from './createCallbackPlugins.js';
+function createRedirectCallback(context, { authConfig , plugins  }) {
+    const redirectCallbackPlugins = createCallbackPlugins({
+        authConfig,
+        plugins,
+        type: 'redirect'
+    });
+    if (redirectCallbackPlugins.length === 0) return undefined;
+    if (redirectCallbackPlugins.length !== 1) {
+        throw new Error('More than one auth redirect callbacks are configured. Only one is allowed.');
+    }
+    const [plugin] = redirectCallbackPlugins;
+    async function redirectCallback({ url , baseUrl  }) {
+        return plugin.fn({
+            properties: plugin.properties ?? {},
+            baseUrl,
+            url
+        });
+    }
+    return redirectCallback;
+}
+export default createRedirectCallback;

package/dist/routes/auth/callbacks/createSessionCallback.js

@@ -0,0 +1,71 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import addUserFieldsToSession from './addUserFieldsToSession.js';
+import createCallbackPlugins from './createCallbackPlugins.js';
+function createSessionCallback(context, { authConfig , plugins  }) {
+    const sessionCallbackPlugins = createCallbackPlugins({
+        authConfig,
+        plugins,
+        type: 'session'
+    });
+    async function sessionCallback({ session , token , user  }) {
+        if (token) {
+            const { sub , name , given_name , family_name , middle_name , nickname , preferred_username , profile , picture , website , email , email_verified , gender , birthdate , zoneinfo , locale , phone_number , phone_number_verified , address , updated_at ,  } = token;
+            session.user = {
+                sub,
+                name,
+                given_name,
+                family_name,
+                middle_name,
+                nickname,
+                preferred_username,
+                profile,
+                picture,
+                website,
+                email,
+                email_verified,
+                gender,
+                birthdate,
+                zoneinfo,
+                locale,
+                phone_number,
+                phone_number_verified,
+                address,
+                updated_at,
+                ...session.user
+            };
+        }
+        if (authConfig.userFields) {
+            addUserFieldsToSession(context, {
+                authConfig,
+                session,
+                token,
+                user
+            });
+        }
+        for (const plugin of sessionCallbackPlugins){
+            // eslint-disable-next-line no-param-reassign
+            session = await plugin.fn({
+                properties: plugin.properties ?? {},
+                session,
+                token,
+                user
+            });
+        }
+        return session;
+    }
+    return sessionCallback;
+}
+export default createSessionCallback;

package/dist/routes/auth/callbacks/createSignInCallback.js

@@ -0,0 +1,40 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import createCallbackPlugins from './createCallbackPlugins.js';
+function createSignInCallback(context, { authConfig , plugins  }) {
+    const signInCallbackPlugins = createCallbackPlugins({
+        authConfig,
+        plugins,
+        type: 'signIn'
+    });
+    if (signInCallbackPlugins.length === 0) return undefined;
+    async function signInCallback({ account , credentials , email , profile , user  }) {
+        let allowSignIn = true;
+        for (const plugin of signInCallbackPlugins){
+            allowSignIn = await plugin.fn({
+                properties: plugin.properties ?? {},
+                account,
+                credentials,
+                email,
+                profile,
+                user
+            });
+            if (allowSignIn === false) break;
+        }
+        return allowSignIn;
+    }
+    return signInCallback;
+}
+export default createSignInCallback;

package/dist/routes/auth/createAdapter.js

@@ -0,0 +1,24 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ function createAdapter(context, { authConfig , plugins  }) {
+    const adapterConfig = authConfig.adapter;
+    if (!adapterConfig) {
+        return undefined;
+    }
+    return plugins.adapters[adapterConfig.type]({
+        properties: adapterConfig.properties
+    });
+}
+export default createAdapter;

package/dist/routes/auth/createProviders.js

@@ -0,0 +1,25 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ // TODO: docs:
+// Callback url to configure with provider will be: {{ protocol }}{{ host }}/api/auth/callback/{{ providerId }}
+// This depends on providerId, which might cause some issues if users copy an example and change the id.
+// We need to allow users to configure ids, since they might have more than one of the same type.
+function createProviders(context, { authConfig , plugins  }) {
+    return authConfig.providers.map((providerConfig)=>plugins.providers[providerConfig.type]({
+            ...providerConfig.properties,
+            id: providerConfig.id
+        }));
+}
+export default createProviders;

package/dist/routes/auth/events/createCreateUserEvent.js

@@ -0,0 +1,33 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import createEventPlugins from './createEventPlugins.js';
+function createCreateUserEvent(context, { authConfig , plugins  }) {
+    const createUserPlugins = createEventPlugins({
+        authConfig,
+        plugins,
+        type: 'createUser'
+    });
+    if (createUserPlugins.length === 0) return undefined;
+    async function createUserEvent({ user  }) {
+        for (const plugin of createUserPlugins){
+            await plugin.fn({
+                properties: plugin.properties ?? {},
+                user
+            });
+        }
+    }
+    return createUserEvent;
+}
+export default createCreateUserEvent;

package/dist/routes/auth/events/createEventPlugins.js

@@ -0,0 +1,21 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ function createEventPlugins({ authConfig , plugins , type  }) {
+    return authConfig.events.map((eventConfig)=>({
+            fn: plugins.events[eventConfig.type],
+            properties: eventConfig.properties
+        })).filter((event)=>event.fn.meta.type === type);
+}
+export default createEventPlugins;

package/dist/routes/auth/events/createEvents.js

@@ -0,0 +1,55 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import createCreateUserEvent from './createCreateUserEvent.js';
+import createLinkAccountEvent from './createLinkAccountEvent.js';
+import createSessionEvent from './createSessionEvent.js';
+import createSignInEvent from './createSignInEvent.js';
+import createSignOutEvent from './createSignOutEvent.js';
+import createUpdateUserEvent from './createUpdateUserEvent.js';
+function createEvents(context, { authConfig , plugins  }) {
+    const events = {};
+    const createUser = createCreateUserEvent(context, {
+        authConfig,
+        plugins
+    });
+    if (createUser) events.createUser = createUser;
+    const linkAccount = createLinkAccountEvent(context, {
+        authConfig,
+        plugins
+    });
+    if (linkAccount) events.linkAccount = linkAccount;
+    const session = createSessionEvent(context, {
+        authConfig,
+        plugins
+    });
+    if (session) events.session = session;
+    const signIn = createSignInEvent(context, {
+        authConfig,
+        plugins
+    });
+    if (signIn) events.signIn = signIn;
+    const signOut = createSignOutEvent(context, {
+        authConfig,
+        plugins
+    });
+    if (signOut) events.signOut = signOut;
+    const updateUser = createUpdateUserEvent(context, {
+        authConfig,
+        plugins
+    });
+    if (updateUser) events.updateUser = updateUser;
+    return events;
+}
+export default createEvents;

package/dist/routes/auth/events/createLinkAccountEvent.js

@@ -0,0 +1,35 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import createEventPlugins from './createEventPlugins.js';
+function createLinkAccountEvent(context, { authConfig , plugins  }) {
+    const linkAccountPlugins = createEventPlugins({
+        authConfig,
+        plugins,
+        type: 'linkAccount'
+    });
+    if (linkAccountPlugins.length === 0) return undefined;
+    async function linkAccountEvent({ account , profile , user  }) {
+        for (const plugin of linkAccountPlugins){
+            await plugin.fn({
+                properties: plugin.properties ?? {},
+                account,
+                profile,
+                user
+            });
+        }
+    }
+    return linkAccountEvent;
+}
+export default createLinkAccountEvent;

package/dist/routes/auth/events/createSessionEvent.js

@@ -0,0 +1,34 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import createEventPlugins from './createEventPlugins.js';
+function createSessionEvent(context, { authConfig , plugins  }) {
+    const sessionPlugins = createEventPlugins({
+        authConfig,
+        plugins,
+        type: 'session'
+    });
+    if (sessionPlugins.length === 0) return undefined;
+    async function sessionEvent({ session , token  }) {
+        for (const plugin of sessionPlugins){
+            await plugin.fn({
+                properties: plugin.properties ?? {},
+                session,
+                token
+            });
+        }
+    }
+    return sessionEvent;
+}
+export default createSessionEvent;

package/dist/routes/auth/events/createSignInEvent.js

@@ -0,0 +1,36 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import createEventPlugins from './createEventPlugins.js';
+function createSignInEvent(context, { authConfig , plugins  }) {
+    const signInPlugins = createEventPlugins({
+        authConfig,
+        plugins,
+        type: 'signIn'
+    });
+    if (signInPlugins.length === 0) return undefined;
+    async function signInEvent({ account , isNewUser , profile , user  }) {
+        for (const plugin of signInPlugins){
+            await plugin.fn({
+                properties: plugin.properties ?? {},
+                account,
+                isNewUser,
+                profile,
+                user
+            });
+        }
+    }
+    return signInEvent;
+}
+export default createSignInEvent;

package/dist/routes/auth/events/createSignOutEvent.js

@@ -0,0 +1,34 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import createEventPlugins from './createEventPlugins.js';
+function createSignOutEvent(context, { authConfig , plugins  }) {
+    const signInPlugins = createEventPlugins({
+        authConfig,
+        plugins,
+        type: 'signOut'
+    });
+    if (signInPlugins.length === 0) return undefined;
+    async function signInEvent({ session , token  }) {
+        for (const plugin of signInPlugins){
+            await plugin.fn({
+                properties: plugin.properties ?? {},
+                session,
+                token
+            });
+        }
+    }
+    return signInEvent;
+}
+export default createSignOutEvent;

package/dist/routes/auth/events/createUpdateUserEvent.js

@@ -0,0 +1,33 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import createEventPlugins from './createEventPlugins.js';
+function createUpdateUserEvent(context, { authConfig , plugins  }) {
+    const updateUserPlugins = createEventPlugins({
+        authConfig,
+        plugins,
+        type: 'updateUser'
+    });
+    if (updateUserPlugins.length === 0) return undefined;
+    async function updateUserEvent({ user  }) {
+        for (const plugin of updateUserPlugins){
+            await plugin.fn({
+                properties: plugin.properties ?? {},
+                user
+            });
+        }
+    }
+    return updateUserEvent;
+}
+export default createUpdateUserEvent;

package/dist/routes/auth/getNextAuthConfig.js

@@ -0,0 +1,66 @@
+/*
+  Copyright 2020-2022 Lowdefy, Inc
+
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*/ import { NodeParser } from '@lowdefy/operators';
+import { getSecretsFromEnv } from '@lowdefy/node-utils';
+import { _secret } from '@lowdefy/operators-js/operators/server';
+import createAdapter from './createAdapter.js';
+import createCallbacks from './callbacks/createCallbacks.js';
+import createEvents from './events/createEvents.js';
+import createProviders from './createProviders.js';
+const nextAuthConfig = {};
+let initialized = false;
+function getNextAuthConfig(context, { authJson , plugins  }) {
+    if (initialized) return nextAuthConfig;
+    const secrets = getSecretsFromEnv();
+    // TODO: Add logger
+    const operatorsParser = new NodeParser({
+        operators: {
+            _secret
+        },
+        payload: {},
+        secrets,
+        user: {}
+    });
+    const { output: authConfig , errors: operatorErrors  } = operatorsParser.parse({
+        input: authJson,
+        location: 'auth'
+    });
+    if (operatorErrors.length > 0) {
+        throw new Error(operatorErrors[0]);
+    }
+    nextAuthConfig.adapter = createAdapter(context, {
+        authConfig,
+        plugins
+    });
+    nextAuthConfig.callbacks = createCallbacks(context, {
+        authConfig,
+        plugins
+    });
+    nextAuthConfig.events = createEvents(context, {
+        authConfig,
+        plugins
+    });
+    nextAuthConfig.providers = createProviders(context, {
+        authConfig,
+        plugins
+    });
+    nextAuthConfig.session = authConfig.session;
+    nextAuthConfig.theme = authConfig.theme;
+    nextAuthConfig.pages = authConfig.authPages;
+    nextAuthConfig.cookies = authConfig?.advanced?.cookies;
+    initialized = true;
+    return nextAuthConfig;
+}
+export default getNextAuthConfig;

package/dist/routes/page/getPageConfig.js

@@ -15,8 +15,11 @@
 */ async function getPageConfig({ authorize , readConfigFile  }, { pageId  }) {
     const pageConfig = await readConfigFile(`pages/${pageId}/${pageId}.json`);
     if (pageConfig && authorize(pageConfig)) {
-        delete pageConfig.auth;
-        return pageConfig;
+        // eslint-disable-next-line no-unused-vars
+        const { auth , ...rest } = pageConfig;
+        return {
+            ...rest
+        };
     }
     return null;
 }

package/dist/routes/request/callRequest.js

@@ -23,11 +23,12 @@ import getConnectionConfig from './getConnectionConfig.js';
 import getRequestConfig from './getRequestConfig.js';
 import getRequestResolver from './getRequestResolver.js';
 import validateSchemas from './validateSchemas.js';
-async function callRequest(context, { pageId , payload , requestId  }) {
+async function callRequest(context, { blockId , pageId , payload , requestId  }) {
     const { logger  } = context;
     logger.debug({
         route: 'request',
         params: {
+            blockId,
             pageId,
             payload,
             requestId
@@ -50,9 +51,10 @@ async function callRequest(context, { pageId , payload , requestId  }) {
         connection,
         requestConfig
     });
+    const deserializedPayload = serializer.deserialize(payload);
     const { connectionProperties , requestProperties  } = evaluateOperators(context, {
         connectionConfig,
-        payload: serializer.deserialize(payload),
+        payload: deserializedPayload,
         requestConfig
     });
     checkConnectionRead(context, {
@@ -75,10 +77,12 @@ async function callRequest(context, { pageId , payload , requestId  }) {
         requestProperties
     });
     const response = await callRequestResolver(context, {
+        blockId,
         connectionProperties,
+        payload: deserializedPayload,
         requestConfig,
-        requestResolver,
-        requestProperties
+        requestProperties,
+        requestResolver
     });
     return {
         id: requestConfig.id,

package/dist/routes/request/callRequestResolver.js

@@ -13,11 +13,15 @@
   See the License for the specific language governing permissions and
   limitations under the License.
 */ import { RequestError } from '../../context/errors.js';
-async function callRequestResolver({ logger  }, { connectionProperties , requestConfig , requestProperties , requestResolver  }) {
+async function callRequestResolver({ logger  }, { blockId , connectionProperties , payload , requestConfig , requestProperties , requestResolver  }) {
     try {
         const response = await requestResolver({
+            blockId,
+            connection: connectionProperties,
+            pageId: requestConfig.pageId,
+            payload,
             request: requestProperties,
-            connection: connectionProperties
+            requestId: requestConfig.requestId
         });
         return response;
     } catch (error) {

package/dist/routes/rootConfig/getHomeAndMenus.js

@@ -26,8 +26,7 @@ async function getHomeAndMenus(context) {
             menus
         };
     }
-    let defaultMenu = menus.find((menu)=>menu.menuId === 'default'
-    );
+    let defaultMenu = menus.find((menu)=>menu.menuId === 'default');
     if (!defaultMenu) {
         // eslint-disable-next-line prefer-destructuring
         defaultMenu = menus[0];

package/dist/routes/rootConfig/getRootConfig.js

@@ -20,7 +20,6 @@ async function getRootConfig(context) {
         getHomeAndMenus(context), 
     ]);
     return {
-        authenticated: context.authenticated,
         home,
         lowdefyGlobal,
         menus

package/dist/routes/rootConfig/menus/filterMenuList.js

@@ -36,7 +36,6 @@ function filterMenuList(context, { menuList  }) {
             }
         }
         return null;
-    }).filter((item)=>item !== null
-    );
+    }).filter((item)=>item !== null);
 }
 export default filterMenuList;

package/dist/test/testContext.js

@@ -20,13 +20,10 @@ function testContext({ config ={} , connections ={} , headers ={} , host ='host'
     warn: ()=>{}
 } , operators ={
     _test: ()=>'test'
-} , readConfigFile , roles , secrets ={} , setHeader , user , protocol ='https' ,  } = {}) {
-    const authenticated = user && !!user.sub;
+} , readConfigFile , secrets ={} , setHeader , session , protocol ='https' ,  } = {}) {
     return {
-        authenticated,
         authorize: createAuthorize({
-            authenticated,
-            roles
+            session
         }),
         config,
         connections,
@@ -38,7 +35,7 @@ function testContext({ config ={} , connections ={} , headers ={} , host ='host'
         readConfigFile,
         secrets,
         setHeader,
-        user
+        user: session?.user
     };
 }
 export default testContext;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@lowdefy/api",
-  "version": "4.0.0-alpha.9",
-  "licence": "Apache-2.0",
+  "version": "4.0.0-rc.0",
+  "license": "Apache-2.0",
   "description": "",
   "homepage": "https://lowdefy.com",
   "keywords": [
@@ -34,29 +34,28 @@
     "dist/*"
   ],
   "scripts": {
-    "build": "yarn swc",
+    "build": "swc src --out-dir dist --config-file ../../.swcrc --delete-dir-on-start",
     "clean": "rm -rf dist",
-    "prepare": "yarn build",
-    "swc": "swc src --out-dir dist --config-file ../../.swcrc --delete-dir-on-start",
-    "test": "yarn node --experimental-vm-modules $(yarn bin jest)"
+    "prepublishOnly": "pnpm build",
+    "test": "node --experimental-vm-modules node_modules/jest/bin/jest.js"
   },
   "dependencies": {
-    "@lowdefy/ajv": "4.0.0-alpha.9",
-    "@lowdefy/helpers": "4.0.0-alpha.9",
-    "@lowdefy/node-utils": "4.0.0-alpha.9",
-    "@lowdefy/nunjucks": "4.0.0-alpha.9",
-    "@lowdefy/operators": "4.0.0-alpha.9"
+    "@lowdefy/ajv": "4.0.0-rc.0",
+    "@lowdefy/helpers": "4.0.0-rc.0",
+    "@lowdefy/node-utils": "4.0.0-rc.0",
+    "@lowdefy/nunjucks": "4.0.0-rc.0",
+    "@lowdefy/operators": "4.0.0-rc.0",
+    "@lowdefy/operators-js": "4.0.0-rc.0"
   },
   "devDependencies": {
-    "@jest/globals": "27.5.1",
-    "@lowdefy/operators-js": "4.0.0-alpha.9",
-    "@swc/cli": "0.1.55",
-    "@swc/core": "1.2.135",
-    "@swc/jest": "0.2.17",
-    "jest": "27.5.1"
+    "@jest/globals": "28.1.0",
+    "@swc/cli": "0.1.57",
+    "@swc/core": "1.2.194",
+    "@swc/jest": "0.2.21",
+    "jest": "28.1.0"
   },
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "98b544eca231bdcfca6c3a8601a891835d5ce571"
+  "gitHead": "f6872d7ff6da421710096536fce7b2016ef8f35c"
 }

package/dist/context/createContext.js

@@ -1,46 +0,0 @@
-/*
-  Copyright 2020-2022 Lowdefy, Inc
-
-  Licensed under the Apache License, Version 2.0 (the "License");
-  you may not use this file except in compliance with the License.
-  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
-*/ import createAuthorize from './createAuthorize.js';
-import createReadConfigFile from './readConfigFile.js';
-import verifyAuthorizationHeader from './verifyAuthorizationHeader.js';
-async function createContext({ buildDirectory , connections , secrets  }) {
-    const readConfigFile = createReadConfigFile({
-        buildDirectory
-    });
-    const config = await readConfigFile('config.json');
-    function contextFn({ headers , host , logger , protocol , setHeader  }) {
-        const context = {
-            config,
-            connections,
-            headers,
-            host,
-            logger,
-            protocol,
-            readConfigFile,
-            secrets,
-            setHeader
-        };
-        const { authenticated , user , roles  } = verifyAuthorizationHeader(context);
-        context.authorize = createAuthorize({
-            authenticated,
-            roles
-        });
-        context.authenticated = authenticated;
-        context.user = user;
-        return context;
-    }
-    return contextFn;
-}
-export default createContext;