@m5kdev/backend 0.1.0

package/src/modules/auth/auth.service.ts

@@ -0,0 +1,261 @@
+import { err, ok } from "neverthrow";
+import type {
+  AccountClaim,
+  AccountClaimMagicLinkOutput,
+  AccountClaimOutput,
+  Waitlist,
+  WaitlistOutput,
+} from "#modules/auth/auth.dto";
+import type { User } from "#modules/auth/auth.lib";
+import type { AuthRepository } from "#modules/auth/auth.repository";
+import type { ServerResultAsync } from "#modules/base/base.dto";
+import { BaseService } from "#modules/base/base.service";
+import type { BillingService } from "#modules/billing/billing.service";
+import type { EmailService } from "#modules/email/email.service";
+import { posthogCapture } from "#utils/posthog";
+
+type AuthServiceDependencies =
+  | { email: EmailService }
+  | { email: EmailService; billing: BillingService };
+
+export class AuthService extends BaseService<{ auth: AuthRepository }, AuthServiceDependencies> {
+  private getBillingService(): BillingService | null {
+    if (!("billing" in this.service)) return null;
+    return this.service.billing;
+  }
+
+  async getUserWaitlistCount({ user }: { user: User }): ServerResultAsync<number> {
+    if (user.role === "admin") return ok(0);
+    return this.repository.auth.getUserWaitlistCount(user.id);
+  }
+
+  async getOnboarding({ user }: { user: User }): ServerResultAsync<number> {
+    return this.repository.auth.getOnboarding(user.id);
+  }
+
+  async setOnboarding(onboarding: number, { user }: { user: User }): ServerResultAsync<number> {
+    posthogCapture({
+      distinctId: user.id,
+      event: "onboarding_set",
+      properties: {
+        onboarding,
+      },
+    });
+    return this.repository.auth.setOnboarding(user.id, onboarding);
+  }
+
+  async getPreferences({ user }: { user: User }): ServerResultAsync<Record<string, unknown>> {
+    return this.repository.auth.getPreferences(user.id);
+  }
+
+  async setPreferences(
+    preferences: Record<string, unknown>,
+    { user }: { user: User }
+  ): ServerResultAsync<Record<string, unknown>> {
+    posthogCapture({
+      distinctId: user.id,
+      event: "preferences_set",
+    });
+    return this.repository.auth.setPreferences(user.id, preferences);
+  }
+
+  async getMetadata({ user }: { user: User }): ServerResultAsync<Record<string, unknown>> {
+    return this.repository.auth.getMetadata(user.id);
+  }
+
+  async setMetadata(
+    metadata: Record<string, unknown>,
+    { user }: { user: User }
+  ): ServerResultAsync<Record<string, unknown>> {
+    posthogCapture({
+      distinctId: user.id,
+      event: "metadata_set",
+    });
+    return this.repository.auth.setMetadata(user.id, metadata);
+  }
+
+  async getFlags({ user }: { user: User }): ServerResultAsync<string[]> {
+    return this.repository.auth.getFlags(user.id);
+  }
+
+  async setFlags(flags: string[], { user }: { user: User }): ServerResultAsync<string[]> {
+    posthogCapture({
+      distinctId: user.id,
+      event: "flags_set",
+    });
+    return this.repository.auth.setFlags(user.id, flags);
+  }
+
+  async listAdminWaitlist(): ServerResultAsync<WaitlistOutput[]> {
+    return this.repository.auth.listAdminWaitlist();
+  }
+
+  async listWaitlist({ user }: { user: User }): ServerResultAsync<Waitlist[]> {
+    return this.repository.auth.listWaitlist(user.id);
+  }
+
+  async addToWaitlist({ email }: { email: string }): ServerResultAsync<WaitlistOutput> {
+    return this.repository.auth.addToWaitlist(email);
+  }
+
+  async inviteFromWaitlist({ id }: { id: string }): ServerResultAsync<Waitlist> {
+    const waitlist = await this.repository.auth.inviteFromWaitlist(id);
+    if (waitlist.isErr()) return err(waitlist.error);
+    if (!waitlist.value.code) return this.repository.auth.error("BAD_REQUEST");
+    if (!waitlist.value.email) return this.repository.auth.error("BAD_REQUEST");
+    await this.service.email.sendWaitlistInvite(waitlist.value.email, waitlist.value.code);
+    return ok(waitlist.value);
+  }
+
+  async inviteToWaitlist(
+    { email, name }: { email: string; name?: string },
+    { user }: { user: User }
+  ): ServerResultAsync<Waitlist> {
+    const count = await this.repository.auth.getUserWaitlistCount(user.id);
+    if (count.isErr()) return err(count.error);
+    if (count.value >= 3) return this.repository.auth.error("BAD_REQUEST", "Run out of invites");
+    const waitlist = await this.repository.auth.inviteToWaitlist({ email, userId: user.id, name });
+    if (waitlist.isErr()) return err(waitlist.error);
+    if (!waitlist.value.code) return this.repository.auth.error("BAD_REQUEST");
+    await this.service.email.sendWaitlistUserInvite(email, waitlist.value.code, user.name, name);
+    posthogCapture({
+      distinctId: user.id,
+      event: "waitlist_invite_sent",
+      properties: {
+        email,
+        name,
+      },
+    });
+    return ok(waitlist.value);
+  }
+
+  async createInvitationCode(
+    { name }: { name?: string },
+    { user }: { user: User }
+  ): ServerResultAsync<Waitlist> {
+    posthogCapture({
+      distinctId: user.id,
+      event: "waitlist_invitation_code_created",
+      properties: {
+        name,
+      },
+    });
+    return this.repository.auth.createInvitationCode({ userId: user.id, name });
+  }
+
+  async joinWaitlist({ email }: { email: string }): ServerResultAsync<WaitlistOutput> {
+    const waitlist = await this.repository.auth.joinWaitlist(email);
+    if (waitlist.isErr()) return err(waitlist.error);
+    await this.service.email.sendWaitlistConfirmation(email);
+    return ok(waitlist.value);
+  }
+
+  async removeFromWaitlist({ id }: { id: string }): ServerResultAsync<WaitlistOutput> {
+    return this.repository.auth.removeFromWaitlist(id);
+  }
+
+  async validateWaitlistCode(code: string): ServerResultAsync<{ status: string }> {
+    return this.repository.auth.validateWaitlistCode(code);
+  }
+
+  async createAccountClaimCode({
+    userId,
+    expiresInHours,
+  }: {
+    userId: string;
+    expiresInHours?: number;
+  }): ServerResultAsync<AccountClaim> {
+    return this.repository.auth.createAccountClaimCode({ userId, expiresInHours });
+  }
+
+  async listAccountClaims(): ServerResultAsync<AccountClaimOutput[]> {
+    return this.repository.auth.listAccountClaims();
+  }
+
+  async getMyAccountClaimStatus({ user }: { user: User }): ServerResultAsync<AccountClaim | null> {
+    return this.repository.auth.findPendingAccountClaimForUser(user.id);
+  }
+
+  async setMyAccountClaimEmail(
+    { email }: { email: string },
+    { user }: { user: User }
+  ): ServerResultAsync<{ status: boolean }> {
+    return this.repository.auth.setAccountClaimEmail({ userId: user.id, email });
+  }
+
+  async acceptMyAccountClaim({ user }: { user: User }): ServerResultAsync<{ status: boolean }> {
+    const pendingClaim = await this.repository.auth.findPendingAccountClaimForUser(user.id);
+    if (pendingClaim.isErr()) return err(pendingClaim.error);
+
+    const accepted = await this.repository.auth.acceptAccountClaim(user.id);
+    if (accepted.isErr()) return err(accepted.error);
+
+    if (pendingClaim.value) {
+      const billingService = this.getBillingService();
+      if (billingService) {
+        await billingService.createUserHook({ user });
+      }
+    }
+
+    return ok(accepted.value);
+  }
+
+  async generateAccountClaimMagicLink({
+    claimId,
+    email,
+  }: {
+    claimId: string;
+    email?: string;
+  }): ServerResultAsync<AccountClaimMagicLinkOutput> {
+    const claim = await this.repository.auth.findAccountClaimById(claimId);
+    if (claim.isErr()) return err(claim.error);
+    if (!claim.value) return this.repository.auth.error("NOT_FOUND", "Claim not found");
+    if (!claim.value.claimUserId)
+      return this.repository.auth.error("BAD_REQUEST", "Claim has no user");
+    if (claim.value.status !== "INVITED") {
+      return this.repository.auth.error("BAD_REQUEST", "Claim is not pending");
+    }
+    if (claim.value.expiresAt && claim.value.expiresAt < new Date()) {
+      return this.repository.auth.error("BAD_REQUEST", "Claim is expired");
+    }
+
+    const targetEmail = email ?? claim.value.claimedEmail ?? undefined;
+    if (!targetEmail) {
+      return this.repository.auth.error("BAD_REQUEST", "Email required to generate magic link");
+    }
+
+    const setEmail = await this.repository.auth.setAccountClaimEmail({
+      userId: claim.value.claimUserId,
+      email: targetEmail,
+    });
+    if (setEmail.isErr()) return err(setEmail.error);
+
+    const response = await fetch(`${process.env.VITE_SERVER_URL}/api/auth/sign-in/magic-link`, {
+      method: "POST",
+      headers: {
+        "content-type": "application/json",
+      },
+      body: JSON.stringify({
+        email: targetEmail.toLowerCase(),
+        callbackURL: `${process.env.VITE_APP_URL}/claim-account?claim=${claimId}`,
+      }),
+    });
+
+    if (!response.ok) {
+      return this.repository.auth.error("INTERNAL_SERVER_ERROR", "Failed to generate magic link");
+    }
+
+    const latest = await this.repository.auth.latestAccountClaimMagicLink(claimId);
+    if (latest.isErr()) return err(latest.error);
+    if (!latest.value) return this.repository.auth.error("INTERNAL_SERVER_ERROR");
+    return ok(latest.value);
+  }
+
+  async listAccountClaimMagicLinks({
+    claimId,
+  }: {
+    claimId: string;
+  }): ServerResultAsync<AccountClaimMagicLinkOutput[]> {
+    return this.repository.auth.listAccountClaimMagicLinks(claimId);
+  }
+}

package/src/modules/auth/auth.trpc.ts

@@ -0,0 +1,208 @@
+import { z } from "zod";
+import {
+  accountClaimOutputSchema,
+  accountClaimMagicLinkOutputSchema,
+  accountClaimSchema,
+  waitlistOutputSchema,
+  waitlistSchema,
+} from "#modules/auth/auth.dto";
+import type { AuthService } from "#modules/auth/auth.service";
+import { adminProcedure, handleTRPCResult, procedure, publicProcedure, router } from "#trpc";
+
+export function createAuthTRPC(authService: AuthService) {
+  return router({
+    getUserWaitlistCount: procedure.output(z.number()).query(async ({ ctx }) => {
+      return handleTRPCResult(await authService.getUserWaitlistCount(ctx));
+    }),
+
+    createInvitationCode: procedure
+      .input(z.object({ name: z.string().optional() }))
+      .output(waitlistSchema)
+      .mutation(async ({ input, ctx }) => {
+        return handleTRPCResult(await authService.createInvitationCode(input, ctx));
+      }),
+
+    createAccountClaimCode: adminProcedure
+      .input(
+        z.object({
+          userId: z.string(),
+          expiresInHours: z.number().optional(),
+        })
+      )
+      .output(accountClaimSchema)
+      .mutation(async ({ input }) => {
+        return handleTRPCResult(await authService.createAccountClaimCode(input));
+      }),
+
+    listAccountClaims: adminProcedure.output(z.array(accountClaimOutputSchema)).query(async () => {
+      return handleTRPCResult(await authService.listAccountClaims());
+    }),
+
+    generateAccountClaimMagicLink: adminProcedure
+      .input(
+        z.object({
+          claimId: z.string(),
+          email: z.string().email().optional(),
+        })
+      )
+      .output(accountClaimMagicLinkOutputSchema)
+      .mutation(async ({ input }) => {
+        return handleTRPCResult(await authService.generateAccountClaimMagicLink(input));
+      }),
+
+    listAccountClaimMagicLinks: adminProcedure
+      .input(
+        z.object({
+          claimId: z.string(),
+        })
+      )
+      .output(z.array(accountClaimMagicLinkOutputSchema))
+      .query(async ({ input }) => {
+        return handleTRPCResult(await authService.listAccountClaimMagicLinks(input));
+      }),
+
+    getMyAccountClaimStatus: procedure.output(accountClaimSchema.nullable()).query(async ({ ctx }) => {
+      return handleTRPCResult(await authService.getMyAccountClaimStatus(ctx));
+    }),
+
+    setMyAccountClaimEmail: procedure
+      .input(
+        z.object({
+          email: z.string().email(),
+        })
+      )
+      .output(z.object({ status: z.boolean() }))
+      .mutation(async ({ input, ctx }) => {
+        return handleTRPCResult(await authService.setMyAccountClaimEmail(input, ctx));
+      }),
+
+    acceptMyAccountClaim: procedure
+      .output(z.object({ status: z.boolean() }))
+      .mutation(async ({ ctx }) => {
+        return handleTRPCResult(await authService.acceptMyAccountClaim(ctx));
+      }),
+
+    listWaitlist: procedure.output(z.array(waitlistSchema)).query(async ({ ctx }) => {
+      return handleTRPCResult(await authService.listWaitlist(ctx));
+    }),
+
+    listAdminWaitlist: adminProcedure.output(z.array(waitlistOutputSchema)).query(async () => {
+      return handleTRPCResult(await authService.listAdminWaitlist());
+    }),
+
+    addToWaitlist: adminProcedure
+      .input(
+        z.object({
+          email: z.string(),
+        })
+      )
+      .output(waitlistOutputSchema)
+      .mutation(async ({ input }) => {
+        return handleTRPCResult(await authService.addToWaitlist(input));
+      }),
+
+    inviteToWaitlist: procedure
+      .input(
+        z.object({
+          email: z.string(),
+          name: z.string().optional(),
+        })
+      )
+      .output(waitlistSchema)
+      .mutation(async ({ input, ctx }) => {
+        return handleTRPCResult(await authService.inviteToWaitlist(input, ctx));
+      }),
+
+    inviteFromWaitlist: adminProcedure
+      .input(
+        z.object({
+          id: z.string(),
+        })
+      )
+      .output(waitlistOutputSchema)
+      .mutation(async ({ input }) => {
+        return handleTRPCResult(await authService.inviteFromWaitlist(input));
+      }),
+
+    removeFromWaitlist: adminProcedure
+      .input(
+        z.object({
+          id: z.string(),
+        })
+      )
+      .output(waitlistOutputSchema)
+      .mutation(async ({ input }) => {
+        return handleTRPCResult(await authService.removeFromWaitlist(input));
+      }),
+
+    joinWaitlist: publicProcedure
+      .input(
+        z.object({
+          email: z.string(),
+        })
+      )
+      .output(waitlistOutputSchema)
+      .mutation(async ({ input }) => {
+        return handleTRPCResult(await authService.joinWaitlist(input));
+      }),
+
+    getOnboarding: procedure.output(z.number()).query(async ({ ctx }) => {
+      return handleTRPCResult(await authService.getOnboarding(ctx));
+    }),
+
+    setOnboarding: procedure
+      .input(z.number())
+      .output(z.number())
+      .mutation(async ({ ctx, input }) => {
+        return handleTRPCResult(await authService.setOnboarding(input, ctx));
+      }),
+
+    getPreferences: procedure.output(z.record(z.string(), z.unknown())).query(async ({ ctx }) => {
+      return handleTRPCResult(await authService.getPreferences(ctx));
+    }),
+
+    setPreferences: procedure
+      .input(z.record(z.string(), z.unknown()))
+      .output(z.record(z.string(), z.unknown()))
+      .mutation(async ({ ctx, input }) => {
+        return handleTRPCResult(await authService.setPreferences(input, ctx));
+      }),
+
+    getMetadata: procedure.output(z.record(z.string(), z.unknown())).query(async ({ ctx }) => {
+      return handleTRPCResult(await authService.getMetadata(ctx));
+    }),
+
+    setMetadata: procedure
+      .input(z.record(z.string(), z.unknown()))
+      .output(z.record(z.string(), z.unknown()))
+      .mutation(async ({ ctx, input }) => {
+        return handleTRPCResult(await authService.setMetadata(input, ctx));
+      }),
+
+    getFlags: procedure.output(z.array(z.string())).query(async ({ ctx }) => {
+      return handleTRPCResult(await authService.getFlags(ctx));
+    }),
+
+    setFlags: procedure
+      .input(z.array(z.string()))
+      .output(z.array(z.string()))
+      .mutation(async ({ ctx, input }) => {
+        return handleTRPCResult(await authService.setFlags(input, ctx));
+      }),
+
+    validateWaitlistCode: publicProcedure
+      .input(
+        z.object({
+          code: z.string(),
+        })
+      )
+      .output(
+        z.object({
+          status: z.string(),
+        })
+      )
+      .query(async ({ input }) => {
+        return handleTRPCResult(await authService.validateWaitlistCode(input.code));
+      }),
+  });
+}

package/src/modules/auth/auth.utils.ts

@@ -0,0 +1,117 @@
+import { desc, eq } from "drizzle-orm";
+import type { LibSQLDatabase } from "drizzle-orm/libsql";
+import { v4 as uuidv4 } from "uuid";
+import * as auth from "#modules/auth/auth.db";
+
+const schema = { ...auth };
+type Schema = typeof schema;
+export type Orm = LibSQLDatabase<Schema>;
+
+export async function getActiveOrganizationAndTeam<O extends Orm, S extends Schema>(
+  orm: O,
+  schema: S,
+  userId: string
+): Promise<{
+  organizationId: string | undefined;
+  teamId: string | undefined;
+  organizationRole: string | undefined;
+  teamRole: string | undefined;
+}> {
+  let organizationId: string | undefined;
+  let teamId: string | undefined;
+  let organizationRole: string | undefined;
+  let teamRole: string | undefined;
+  const [lastSession] = await orm
+    .select({
+      activeOrganizationId: schema.sessions.activeOrganizationId,
+      activeTeamId: schema.sessions.activeTeamId,
+      activeOrganizationRole: schema.sessions.activeOrganizationRole,
+      activeTeamRole: schema.sessions.activeTeamRole,
+    })
+    .from(schema.sessions)
+    .where(eq(schema.sessions.userId, userId))
+    .orderBy(desc(schema.sessions.createdAt))
+    .limit(1);
+  if (lastSession) {
+    organizationId = lastSession.activeOrganizationId ?? undefined;
+    teamId = lastSession.activeTeamId ?? undefined;
+    organizationRole = lastSession.activeOrganizationRole ?? undefined;
+    teamRole = lastSession.activeTeamRole ?? undefined;
+  }
+
+  if (!organizationId || !organizationRole) {
+    const [member] = await orm
+      .select({ organizationId: schema.members.organizationId, role: schema.members.role })
+      .from(schema.members)
+      .orderBy(desc(schema.members.createdAt))
+      .where(eq(schema.members.userId, userId))
+      .limit(1);
+    organizationId = member?.organizationId;
+    organizationRole = member?.role;
+  }
+
+  if (!teamId || !teamRole) {
+    const [teamMember] = await orm
+      .select({ teamId: schema.teamMembers.teamId, role: schema.teamMembers.role })
+      .from(schema.teamMembers)
+      .orderBy(desc(schema.teamMembers.createdAt))
+      .where(eq(schema.teamMembers.userId, userId))
+      .limit(1);
+    teamId = teamMember?.teamId;
+    teamRole = teamMember?.role;
+  }
+
+  return { organizationId, teamId, organizationRole, teamRole };
+}
+
+export async function createOrganizationAndTeam<O extends Orm, S extends Schema>(
+  orm: O,
+  schema: S,
+  user: { id: string; email: string }
+): Promise<void> {
+  const organizationId = uuidv4();
+  await orm.transaction(async (tx) => {
+    const [organization] = await tx
+      .insert(schema.organizations)
+      .values({
+        id: organizationId,
+        name: organizationId,
+        slug: organizationId,
+      })
+      .returning();
+
+    if (!organization) throw new Error("createOrganizationAndTeam: Failed to create organization");
+
+    const [member] = await tx
+      .insert(schema.members)
+      .values({
+        userId: user.id,
+        organizationId: organization.id,
+        role: "owner",
+      })
+      .returning();
+
+    if (!member) throw new Error("createOrganizationAndTeam: Failed to create member");
+
+    const [team] = await tx
+      .insert(schema.teams)
+      .values({
+        name: organization.id,
+        organizationId: organization.id,
+      })
+      .returning();
+
+    if (!team) throw new Error("createOrganizationAndTeam: Failed to create team");
+
+    const [teamMember] = await tx
+      .insert(schema.teamMembers)
+      .values({
+        userId: user.id,
+        teamId: team.id,
+        role: "owner",
+      })
+      .returning();
+
+    if (!teamMember) throw new Error("createOrganizationAndTeam: Failed to create team member");
+  });
+}

package/src/modules/base/base.abstract.ts

@@ -0,0 +1,62 @@
+import type { TRPC_ERROR_CODE_KEY } from "@trpc/server";
+import { err } from "neverthrow";
+import type { ServerResult, ServerResultAsync } from "#modules/base/base.dto";
+import type { ServerErrorLayer } from "#modules/base/base.types";
+import { reportError, ServerError } from "#utils/errors";
+import { logger } from "#utils/logger";
+
+export abstract class Base {
+  public layer: ServerErrorLayer;
+  public logger: ReturnType<typeof logger.child>;
+
+  constructor(layer: ServerErrorLayer) {
+    this.layer = layer;
+    this.logger = logger.child({ layer: this.layer, layerName: this.constructor.name });
+  }
+
+  error(
+    code: TRPC_ERROR_CODE_KEY,
+    message?: string,
+    {
+      cause,
+      clientMessage,
+      log = process.env.NODE_ENV === "development",
+    }: { cause?: unknown; clientMessage?: string; log?: boolean } = {}
+  ) {
+    const serverError = new ServerError({
+      code,
+      layer: this.layer,
+      layerName: this.constructor.name,
+      message,
+      clientMessage,
+      cause,
+      captureBoundary: true,
+    });
+    if (serverError.is5xxError()) reportError(serverError);
+    if (log) logger.error(serverError);
+    return err(serverError);
+  }
+
+  handleUnknownError(error: unknown) {
+    return ServerError.fromUnknown("INTERNAL_SERVER_ERROR", error, {
+      layer: this.layer,
+      layerName: this.constructor.name,
+    });
+  }
+
+  throwable<T>(fn: () => ServerResult<T>): ServerResult<T> {
+    try {
+      return fn();
+    } catch (error) {
+      return err(this.handleUnknownError(error));
+    }
+  }
+
+  async throwableAsync<T>(fn: () => ServerResultAsync<T>): ServerResultAsync<T> {
+    try {
+      return fn();
+    } catch (error) {
+      return err(this.handleUnknownError(error));
+    }
+  }
+}