@m5kdev/backend 0.1.4 → 0.2.0

package/src/modules/auth/auth.service.ts

@@ -1,261 +0,0 @@
-import { err, ok } from "neverthrow";
-import type {
-  AccountClaim,
-  AccountClaimMagicLinkOutput,
-  AccountClaimOutput,
-  Waitlist,
-  WaitlistOutput,
-} from "#modules/auth/auth.dto";
-import type { User } from "#modules/auth/auth.lib";
-import type { AuthRepository } from "#modules/auth/auth.repository";
-import type { ServerResultAsync } from "#modules/base/base.dto";
-import { BaseService } from "#modules/base/base.service";
-import type { BillingService } from "#modules/billing/billing.service";
-import type { EmailService } from "#modules/email/email.service";
-import { posthogCapture } from "#utils/posthog";
-
-type AuthServiceDependencies =
-  | { email: EmailService }
-  | { email: EmailService; billing: BillingService };
-
-export class AuthService extends BaseService<{ auth: AuthRepository }, AuthServiceDependencies> {
-  private getBillingService(): BillingService | null {
-    if (!("billing" in this.service)) return null;
-    return this.service.billing;
-  }
-
-  async getUserWaitlistCount({ user }: { user: User }): ServerResultAsync<number> {
-    if (user.role === "admin") return ok(0);
-    return this.repository.auth.getUserWaitlistCount(user.id);
-  }
-
-  async getOnboarding({ user }: { user: User }): ServerResultAsync<number> {
-    return this.repository.auth.getOnboarding(user.id);
-  }
-
-  async setOnboarding(onboarding: number, { user }: { user: User }): ServerResultAsync<number> {
-    posthogCapture({
-      distinctId: user.id,
-      event: "onboarding_set",
-      properties: {
-        onboarding,
-      },
-    });
-    return this.repository.auth.setOnboarding(user.id, onboarding);
-  }
-
-  async getPreferences({ user }: { user: User }): ServerResultAsync<Record<string, unknown>> {
-    return this.repository.auth.getPreferences(user.id);
-  }
-
-  async setPreferences(
-    preferences: Record<string, unknown>,
-    { user }: { user: User }
-  ): ServerResultAsync<Record<string, unknown>> {
-    posthogCapture({
-      distinctId: user.id,
-      event: "preferences_set",
-    });
-    return this.repository.auth.setPreferences(user.id, preferences);
-  }
-
-  async getMetadata({ user }: { user: User }): ServerResultAsync<Record<string, unknown>> {
-    return this.repository.auth.getMetadata(user.id);
-  }
-
-  async setMetadata(
-    metadata: Record<string, unknown>,
-    { user }: { user: User }
-  ): ServerResultAsync<Record<string, unknown>> {
-    posthogCapture({
-      distinctId: user.id,
-      event: "metadata_set",
-    });
-    return this.repository.auth.setMetadata(user.id, metadata);
-  }
-
-  async getFlags({ user }: { user: User }): ServerResultAsync<string[]> {
-    return this.repository.auth.getFlags(user.id);
-  }
-
-  async setFlags(flags: string[], { user }: { user: User }): ServerResultAsync<string[]> {
-    posthogCapture({
-      distinctId: user.id,
-      event: "flags_set",
-    });
-    return this.repository.auth.setFlags(user.id, flags);
-  }
-
-  async listAdminWaitlist(): ServerResultAsync<WaitlistOutput[]> {
-    return this.repository.auth.listAdminWaitlist();
-  }
-
-  async listWaitlist({ user }: { user: User }): ServerResultAsync<Waitlist[]> {
-    return this.repository.auth.listWaitlist(user.id);
-  }
-
-  async addToWaitlist({ email }: { email: string }): ServerResultAsync<WaitlistOutput> {
-    return this.repository.auth.addToWaitlist(email);
-  }
-
-  async inviteFromWaitlist({ id }: { id: string }): ServerResultAsync<Waitlist> {
-    const waitlist = await this.repository.auth.inviteFromWaitlist(id);
-    if (waitlist.isErr()) return err(waitlist.error);
-    if (!waitlist.value.code) return this.repository.auth.error("BAD_REQUEST");
-    if (!waitlist.value.email) return this.repository.auth.error("BAD_REQUEST");
-    await this.service.email.sendWaitlistInvite(waitlist.value.email, waitlist.value.code);
-    return ok(waitlist.value);
-  }
-
-  async inviteToWaitlist(
-    { email, name }: { email: string; name?: string },
-    { user }: { user: User }
-  ): ServerResultAsync<Waitlist> {
-    const count = await this.repository.auth.getUserWaitlistCount(user.id);
-    if (count.isErr()) return err(count.error);
-    if (count.value >= 3) return this.repository.auth.error("BAD_REQUEST", "Run out of invites");
-    const waitlist = await this.repository.auth.inviteToWaitlist({ email, userId: user.id, name });
-    if (waitlist.isErr()) return err(waitlist.error);
-    if (!waitlist.value.code) return this.repository.auth.error("BAD_REQUEST");
-    await this.service.email.sendWaitlistUserInvite(email, waitlist.value.code, user.name, name);
-    posthogCapture({
-      distinctId: user.id,
-      event: "waitlist_invite_sent",
-      properties: {
-        email,
-        name,
-      },
-    });
-    return ok(waitlist.value);
-  }
-
-  async createInvitationCode(
-    { name }: { name?: string },
-    { user }: { user: User }
-  ): ServerResultAsync<Waitlist> {
-    posthogCapture({
-      distinctId: user.id,
-      event: "waitlist_invitation_code_created",
-      properties: {
-        name,
-      },
-    });
-    return this.repository.auth.createInvitationCode({ userId: user.id, name });
-  }
-
-  async joinWaitlist({ email }: { email: string }): ServerResultAsync<WaitlistOutput> {
-    const waitlist = await this.repository.auth.joinWaitlist(email);
-    if (waitlist.isErr()) return err(waitlist.error);
-    await this.service.email.sendWaitlistConfirmation(email);
-    return ok(waitlist.value);
-  }
-
-  async removeFromWaitlist({ id }: { id: string }): ServerResultAsync<WaitlistOutput> {
-    return this.repository.auth.removeFromWaitlist(id);
-  }
-
-  async validateWaitlistCode(code: string): ServerResultAsync<{ status: string }> {
-    return this.repository.auth.validateWaitlistCode(code);
-  }
-
-  async createAccountClaimCode({
-    userId,
-    expiresInHours,
-  }: {
-    userId: string;
-    expiresInHours?: number;
-  }): ServerResultAsync<AccountClaim> {
-    return this.repository.auth.createAccountClaimCode({ userId, expiresInHours });
-  }
-
-  async listAccountClaims(): ServerResultAsync<AccountClaimOutput[]> {
-    return this.repository.auth.listAccountClaims();
-  }
-
-  async getMyAccountClaimStatus({ user }: { user: User }): ServerResultAsync<AccountClaim | null> {
-    return this.repository.auth.findPendingAccountClaimForUser(user.id);
-  }
-
-  async setMyAccountClaimEmail(
-    { email }: { email: string },
-    { user }: { user: User }
-  ): ServerResultAsync<{ status: boolean }> {
-    return this.repository.auth.setAccountClaimEmail({ userId: user.id, email });
-  }
-
-  async acceptMyAccountClaim({ user }: { user: User }): ServerResultAsync<{ status: boolean }> {
-    const pendingClaim = await this.repository.auth.findPendingAccountClaimForUser(user.id);
-    if (pendingClaim.isErr()) return err(pendingClaim.error);
-
-    const accepted = await this.repository.auth.acceptAccountClaim(user.id);
-    if (accepted.isErr()) return err(accepted.error);
-
-    if (pendingClaim.value) {
-      const billingService = this.getBillingService();
-      if (billingService) {
-        await billingService.createUserHook({ user });
-      }
-    }
-
-    return ok(accepted.value);
-  }
-
-  async generateAccountClaimMagicLink({
-    claimId,
-    email,
-  }: {
-    claimId: string;
-    email?: string;
-  }): ServerResultAsync<AccountClaimMagicLinkOutput> {
-    const claim = await this.repository.auth.findAccountClaimById(claimId);
-    if (claim.isErr()) return err(claim.error);
-    if (!claim.value) return this.repository.auth.error("NOT_FOUND", "Claim not found");
-    if (!claim.value.claimUserId)
-      return this.repository.auth.error("BAD_REQUEST", "Claim has no user");
-    if (claim.value.status !== "INVITED") {
-      return this.repository.auth.error("BAD_REQUEST", "Claim is not pending");
-    }
-    if (claim.value.expiresAt && claim.value.expiresAt < new Date()) {
-      return this.repository.auth.error("BAD_REQUEST", "Claim is expired");
-    }
-
-    const targetEmail = email ?? claim.value.claimedEmail ?? undefined;
-    if (!targetEmail) {
-      return this.repository.auth.error("BAD_REQUEST", "Email required to generate magic link");
-    }
-
-    const setEmail = await this.repository.auth.setAccountClaimEmail({
-      userId: claim.value.claimUserId,
-      email: targetEmail,
-    });
-    if (setEmail.isErr()) return err(setEmail.error);
-
-    const response = await fetch(`${process.env.VITE_SERVER_URL}/api/auth/sign-in/magic-link`, {
-      method: "POST",
-      headers: {
-        "content-type": "application/json",
-      },
-      body: JSON.stringify({
-        email: targetEmail.toLowerCase(),
-        callbackURL: `${process.env.VITE_APP_URL}/claim-account?claim=${claimId}`,
-      }),
-    });
-
-    if (!response.ok) {
-      return this.repository.auth.error("INTERNAL_SERVER_ERROR", "Failed to generate magic link");
-    }
-
-    const latest = await this.repository.auth.latestAccountClaimMagicLink(claimId);
-    if (latest.isErr()) return err(latest.error);
-    if (!latest.value) return this.repository.auth.error("INTERNAL_SERVER_ERROR");
-    return ok(latest.value);
-  }
-
-  async listAccountClaimMagicLinks({
-    claimId,
-  }: {
-    claimId: string;
-  }): ServerResultAsync<AccountClaimMagicLinkOutput[]> {
-    return this.repository.auth.listAccountClaimMagicLinks(claimId);
-  }
-}

package/src/modules/auth/auth.trpc.ts

@@ -1,208 +0,0 @@
-import { z } from "zod";
-import {
-  accountClaimOutputSchema,
-  accountClaimMagicLinkOutputSchema,
-  accountClaimSchema,
-  waitlistOutputSchema,
-  waitlistSchema,
-} from "#modules/auth/auth.dto";
-import type { AuthService } from "#modules/auth/auth.service";
-import { adminProcedure, handleTRPCResult, procedure, publicProcedure, router } from "#trpc";
-
-export function createAuthTRPC(authService: AuthService) {
-  return router({
-    getUserWaitlistCount: procedure.output(z.number()).query(async ({ ctx }) => {
-      return handleTRPCResult(await authService.getUserWaitlistCount(ctx));
-    }),
-
-    createInvitationCode: procedure
-      .input(z.object({ name: z.string().optional() }))
-      .output(waitlistSchema)
-      .mutation(async ({ input, ctx }) => {
-        return handleTRPCResult(await authService.createInvitationCode(input, ctx));
-      }),
-
-    createAccountClaimCode: adminProcedure
-      .input(
-        z.object({
-          userId: z.string(),
-          expiresInHours: z.number().optional(),
-        })
-      )
-      .output(accountClaimSchema)
-      .mutation(async ({ input }) => {
-        return handleTRPCResult(await authService.createAccountClaimCode(input));
-      }),
-
-    listAccountClaims: adminProcedure.output(z.array(accountClaimOutputSchema)).query(async () => {
-      return handleTRPCResult(await authService.listAccountClaims());
-    }),
-
-    generateAccountClaimMagicLink: adminProcedure
-      .input(
-        z.object({
-          claimId: z.string(),
-          email: z.string().email().optional(),
-        })
-      )
-      .output(accountClaimMagicLinkOutputSchema)
-      .mutation(async ({ input }) => {
-        return handleTRPCResult(await authService.generateAccountClaimMagicLink(input));
-      }),
-
-    listAccountClaimMagicLinks: adminProcedure
-      .input(
-        z.object({
-          claimId: z.string(),
-        })
-      )
-      .output(z.array(accountClaimMagicLinkOutputSchema))
-      .query(async ({ input }) => {
-        return handleTRPCResult(await authService.listAccountClaimMagicLinks(input));
-      }),
-
-    getMyAccountClaimStatus: procedure.output(accountClaimSchema.nullable()).query(async ({ ctx }) => {
-      return handleTRPCResult(await authService.getMyAccountClaimStatus(ctx));
-    }),
-
-    setMyAccountClaimEmail: procedure
-      .input(
-        z.object({
-          email: z.string().email(),
-        })
-      )
-      .output(z.object({ status: z.boolean() }))
-      .mutation(async ({ input, ctx }) => {
-        return handleTRPCResult(await authService.setMyAccountClaimEmail(input, ctx));
-      }),
-
-    acceptMyAccountClaim: procedure
-      .output(z.object({ status: z.boolean() }))
-      .mutation(async ({ ctx }) => {
-        return handleTRPCResult(await authService.acceptMyAccountClaim(ctx));
-      }),
-
-    listWaitlist: procedure.output(z.array(waitlistSchema)).query(async ({ ctx }) => {
-      return handleTRPCResult(await authService.listWaitlist(ctx));
-    }),
-
-    listAdminWaitlist: adminProcedure.output(z.array(waitlistOutputSchema)).query(async () => {
-      return handleTRPCResult(await authService.listAdminWaitlist());
-    }),
-
-    addToWaitlist: adminProcedure
-      .input(
-        z.object({
-          email: z.string(),
-        })
-      )
-      .output(waitlistOutputSchema)
-      .mutation(async ({ input }) => {
-        return handleTRPCResult(await authService.addToWaitlist(input));
-      }),
-
-    inviteToWaitlist: procedure
-      .input(
-        z.object({
-          email: z.string(),
-          name: z.string().optional(),
-        })
-      )
-      .output(waitlistSchema)
-      .mutation(async ({ input, ctx }) => {
-        return handleTRPCResult(await authService.inviteToWaitlist(input, ctx));
-      }),
-
-    inviteFromWaitlist: adminProcedure
-      .input(
-        z.object({
-          id: z.string(),
-        })
-      )
-      .output(waitlistOutputSchema)
-      .mutation(async ({ input }) => {
-        return handleTRPCResult(await authService.inviteFromWaitlist(input));
-      }),
-
-    removeFromWaitlist: adminProcedure
-      .input(
-        z.object({
-          id: z.string(),
-        })
-      )
-      .output(waitlistOutputSchema)
-      .mutation(async ({ input }) => {
-        return handleTRPCResult(await authService.removeFromWaitlist(input));
-      }),
-
-    joinWaitlist: publicProcedure
-      .input(
-        z.object({
-          email: z.string(),
-        })
-      )
-      .output(waitlistOutputSchema)
-      .mutation(async ({ input }) => {
-        return handleTRPCResult(await authService.joinWaitlist(input));
-      }),
-
-    getOnboarding: procedure.output(z.number()).query(async ({ ctx }) => {
-      return handleTRPCResult(await authService.getOnboarding(ctx));
-    }),
-
-    setOnboarding: procedure
-      .input(z.number())
-      .output(z.number())
-      .mutation(async ({ ctx, input }) => {
-        return handleTRPCResult(await authService.setOnboarding(input, ctx));
-      }),
-
-    getPreferences: procedure.output(z.record(z.string(), z.unknown())).query(async ({ ctx }) => {
-      return handleTRPCResult(await authService.getPreferences(ctx));
-    }),
-
-    setPreferences: procedure
-      .input(z.record(z.string(), z.unknown()))
-      .output(z.record(z.string(), z.unknown()))
-      .mutation(async ({ ctx, input }) => {
-        return handleTRPCResult(await authService.setPreferences(input, ctx));
-      }),
-
-    getMetadata: procedure.output(z.record(z.string(), z.unknown())).query(async ({ ctx }) => {
-      return handleTRPCResult(await authService.getMetadata(ctx));
-    }),
-
-    setMetadata: procedure
-      .input(z.record(z.string(), z.unknown()))
-      .output(z.record(z.string(), z.unknown()))
-      .mutation(async ({ ctx, input }) => {
-        return handleTRPCResult(await authService.setMetadata(input, ctx));
-      }),
-
-    getFlags: procedure.output(z.array(z.string())).query(async ({ ctx }) => {
-      return handleTRPCResult(await authService.getFlags(ctx));
-    }),
-
-    setFlags: procedure
-      .input(z.array(z.string()))
-      .output(z.array(z.string()))
-      .mutation(async ({ ctx, input }) => {
-        return handleTRPCResult(await authService.setFlags(input, ctx));
-      }),
-
-    validateWaitlistCode: publicProcedure
-      .input(
-        z.object({
-          code: z.string(),
-        })
-      )
-      .output(
-        z.object({
-          status: z.string(),
-        })
-      )
-      .query(async ({ input }) => {
-        return handleTRPCResult(await authService.validateWaitlistCode(input.code));
-      }),
-  });
-}

package/src/modules/auth/auth.utils.ts

@@ -1,117 +0,0 @@
-import { desc, eq } from "drizzle-orm";
-import type { LibSQLDatabase } from "drizzle-orm/libsql";
-import { v4 as uuidv4 } from "uuid";
-import * as auth from "#modules/auth/auth.db";
-
-const schema = { ...auth };
-type Schema = typeof schema;
-export type Orm = LibSQLDatabase<Schema>;
-
-export async function getActiveOrganizationAndTeam<O extends Orm, S extends Schema>(
-  orm: O,
-  schema: S,
-  userId: string
-): Promise<{
-  organizationId: string | undefined;
-  teamId: string | undefined;
-  organizationRole: string | undefined;
-  teamRole: string | undefined;
-}> {
-  let organizationId: string | undefined;
-  let teamId: string | undefined;
-  let organizationRole: string | undefined;
-  let teamRole: string | undefined;
-  const [lastSession] = await orm
-    .select({
-      activeOrganizationId: schema.sessions.activeOrganizationId,
-      activeTeamId: schema.sessions.activeTeamId,
-      activeOrganizationRole: schema.sessions.activeOrganizationRole,
-      activeTeamRole: schema.sessions.activeTeamRole,
-    })
-    .from(schema.sessions)
-    .where(eq(schema.sessions.userId, userId))
-    .orderBy(desc(schema.sessions.createdAt))
-    .limit(1);
-  if (lastSession) {
-    organizationId = lastSession.activeOrganizationId ?? undefined;
-    teamId = lastSession.activeTeamId ?? undefined;
-    organizationRole = lastSession.activeOrganizationRole ?? undefined;
-    teamRole = lastSession.activeTeamRole ?? undefined;
-  }
-
-  if (!organizationId || !organizationRole) {
-    const [member] = await orm
-      .select({ organizationId: schema.members.organizationId, role: schema.members.role })
-      .from(schema.members)
-      .orderBy(desc(schema.members.createdAt))
-      .where(eq(schema.members.userId, userId))
-      .limit(1);
-    organizationId = member?.organizationId;
-    organizationRole = member?.role;
-  }
-
-  if (!teamId || !teamRole) {
-    const [teamMember] = await orm
-      .select({ teamId: schema.teamMembers.teamId, role: schema.teamMembers.role })
-      .from(schema.teamMembers)
-      .orderBy(desc(schema.teamMembers.createdAt))
-      .where(eq(schema.teamMembers.userId, userId))
-      .limit(1);
-    teamId = teamMember?.teamId;
-    teamRole = teamMember?.role;
-  }
-
-  return { organizationId, teamId, organizationRole, teamRole };
-}
-
-export async function createOrganizationAndTeam<O extends Orm, S extends Schema>(
-  orm: O,
-  schema: S,
-  user: { id: string; email: string }
-): Promise<void> {
-  const organizationId = uuidv4();
-  await orm.transaction(async (tx) => {
-    const [organization] = await tx
-      .insert(schema.organizations)
-      .values({
-        id: organizationId,
-        name: organizationId,
-        slug: organizationId,
-      })
-      .returning();
-
-    if (!organization) throw new Error("createOrganizationAndTeam: Failed to create organization");
-
-    const [member] = await tx
-      .insert(schema.members)
-      .values({
-        userId: user.id,
-        organizationId: organization.id,
-        role: "owner",
-      })
-      .returning();
-
-    if (!member) throw new Error("createOrganizationAndTeam: Failed to create member");
-
-    const [team] = await tx
-      .insert(schema.teams)
-      .values({
-        name: organization.id,
-        organizationId: organization.id,
-      })
-      .returning();
-
-    if (!team) throw new Error("createOrganizationAndTeam: Failed to create team");
-
-    const [teamMember] = await tx
-      .insert(schema.teamMembers)
-      .values({
-        userId: user.id,
-        teamId: team.id,
-        role: "owner",
-      })
-      .returning();
-
-    if (!teamMember) throw new Error("createOrganizationAndTeam: Failed to create team member");
-  });
-}

package/src/modules/base/base.abstract.ts

@@ -1,62 +0,0 @@
-import type { TRPC_ERROR_CODE_KEY } from "@trpc/server";
-import { err } from "neverthrow";
-import type { ServerResult, ServerResultAsync } from "#modules/base/base.dto";
-import type { ServerErrorLayer } from "#modules/base/base.types";
-import { reportError, ServerError } from "#utils/errors";
-import { logger } from "#utils/logger";
-
-export abstract class Base {
-  public layer: ServerErrorLayer;
-  public logger: ReturnType<typeof logger.child>;
-
-  constructor(layer: ServerErrorLayer) {
-    this.layer = layer;
-    this.logger = logger.child({ layer: this.layer, layerName: this.constructor.name });
-  }
-
-  error(
-    code: TRPC_ERROR_CODE_KEY,
-    message?: string,
-    {
-      cause,
-      clientMessage,
-      log = process.env.NODE_ENV === "development",
-    }: { cause?: unknown; clientMessage?: string; log?: boolean } = {}
-  ) {
-    const serverError = new ServerError({
-      code,
-      layer: this.layer,
-      layerName: this.constructor.name,
-      message,
-      clientMessage,
-      cause,
-      captureBoundary: true,
-    });
-    if (serverError.is5xxError()) reportError(serverError);
-    if (log) logger.error(serverError);
-    return err(serverError);
-  }
-
-  handleUnknownError(error: unknown) {
-    return ServerError.fromUnknown("INTERNAL_SERVER_ERROR", error, {
-      layer: this.layer,
-      layerName: this.constructor.name,
-    });
-  }
-
-  throwable<T>(fn: () => ServerResult<T>): ServerResult<T> {
-    try {
-      return fn();
-    } catch (error) {
-      return err(this.handleUnknownError(error));
-    }
-  }
-
-  async throwableAsync<T>(fn: () => ServerResultAsync<T>): ServerResultAsync<T> {
-    try {
-      return fn();
-    } catch (error) {
-      return err(this.handleUnknownError(error));
-    }
-  }
-}