@morojs/moro 1.0.3 → 1.2.0

package/src/core/middleware/built-in/auth.ts

@@ -1,39 +1,329 @@
-// Authentication Middleware
+// Auth.js Authentication Middleware
+
 import { MiddlewareInterface, HookContext } from '../../../types/hooks';
 import { createFrameworkLogger } from '../../logger';
+import {
+  AuthOptions,
+  AuthProvider,
+  AuthUser,
+  AuthSession,
+  AuthRequest,
+  OAuthProvider,
+  CredentialsProvider,
+  EmailProvider,
+} from '../../../types/auth';
 
 const logger = createFrameworkLogger('AuthMiddleware');
 
-export const auth = (options: any = {}): MiddlewareInterface => ({
+// Auth.js provider factory functions
+export const providers = {
+  google: (options: { clientId: string; clientSecret: string }): AuthProvider => ({
+    id: 'google',
+    name: 'Google',
+    type: 'oauth' as const,
+    authorization: 'https://accounts.google.com/oauth/authorize',
+    token: 'https://oauth2.googleapis.com/token',
+    userinfo: 'https://www.googleapis.com/oauth2/v2/userinfo',
+    ...options,
+  }),
+
+  github: (options: { clientId: string; clientSecret: string }): AuthProvider => ({
+    id: 'github',
+    name: 'GitHub',
+    type: 'oauth' as const,
+    authorization: 'https://github.com/login/oauth/authorize',
+    token: 'https://github.com/login/oauth/access_token',
+    userinfo: 'https://api.github.com/user',
+    ...options,
+  }),
+
+  discord: (options: { clientId: string; clientSecret: string }): AuthProvider => ({
+    id: 'discord',
+    name: 'Discord',
+    type: 'oauth' as const,
+    authorization: 'https://discord.com/api/oauth2/authorize',
+    token: 'https://discord.com/api/oauth2/token',
+    userinfo: 'https://discord.com/api/users/@me',
+    ...options,
+  }),
+
+  credentials: (options: {
+    name?: string;
+    credentials: Record<string, any>;
+    authorize: (credentials: any) => Promise<any>;
+  }): AuthProvider => ({
+    id: 'credentials',
+    name: options.name || 'Credentials',
+    type: 'credentials' as const,
+    ...options,
+  }),
+
+  email: (options: {
+    server: string | { host: string; port: number; auth: any };
+    from: string;
+  }): AuthProvider => ({
+    id: 'email',
+    name: 'Email',
+    type: 'email' as const,
+    ...options,
+  }),
+};
+
+// Auth.js middleware that integrates with MoroJS's hooks system
+export const auth = (options: AuthOptions): MiddlewareInterface => ({
   name: 'auth',
-  version: '1.0.0',
+  version: '2.0.0',
   metadata: {
     name: 'auth',
-    version: '1.0.0',
-    description: 'JWT authentication middleware with token validation',
+    version: '2.0.0',
+    description: 'Auth.js authentication middleware with OAuth, JWT, and session support',
     author: 'MoroJS Team',
+    dependencies: [], // No dependencies - auth middleware is self-contained
+    tags: ['authentication', 'oauth', 'jwt', 'security'],
   },
 
-  install: async (hooks: any, options: any = {}) => {
-    logger.debug(`Installing auth middleware with options`, 'Installation', {
-      options,
-    });
+  install: async (hooks: any, middlewareOptions: Partial<AuthOptions> = {}) => {
+    logger.debug('Installing Auth.js middleware', 'Installation', { options: middlewareOptions });
 
+    // Merge configuration
+    const config: AuthOptions = {
+      secret: process.env.NEXTAUTH_SECRET || process.env.AUTH_SECRET || 'default-secret',
+      session: {
+        strategy: 'jwt',
+        maxAge: 30 * 24 * 60 * 60, // 30 days
+        updateAge: 24 * 60 * 60, // 24 hours
+      },
+      basePath: '/api/auth',
+      trustHost: true,
+      debug: process.env.NODE_ENV === 'development',
+      ...options,
+      ...middlewareOptions,
+    };
+
+    if (!config.providers || config.providers.length === 0) {
+      throw new Error('At least one authentication provider must be configured');
+    }
+
+    // Initialize Auth.js
+    let authInstance: any;
+    try {
+      authInstance = await initializeAuthJS(config);
+      logger.info('Auth.js initialized successfully', 'Initialization');
+    } catch (error) {
+      logger.error('Failed to initialize Auth.js', 'InitializationError', { error });
+      throw error;
+    }
+
+    // Register hooks for request processing
     hooks.before('request', async (context: HookContext) => {
       const req = context.request as any;
-      const token = req.headers?.authorization?.replace('Bearer ', '');
+      const res = context.response as any;
+
+      // Handle Auth.js API routes first
+      if (req.url?.startsWith(config.basePath!)) {
+        try {
+          const response = await authInstance.handler(req, res);
+          if (response) {
+            // Auth.js handled the request, don't call next()
+            return response;
+          }
+        } catch (error) {
+          logger.error('Auth.js handler error', 'HandlerError', { error });
+          throw error;
+        }
+      }
+
+      // Add auth object to request for all other routes
+
+      // Extend request with auth methods
+      const authRequest: AuthRequest = {
+        user: undefined,
+        session: undefined,
+        token: undefined,
+        isAuthenticated: false,
+        signIn: async (provider?: string, options?: any) => {
+          return authInstance.signIn(provider, options);
+        },
+        signOut: async (options?: any) => {
+          return authInstance.signOut(options);
+        },
+        getSession: async () => {
+          return authInstance.getSession({ req });
+        },
+        getToken: async () => {
+          return authInstance.verifyJWT(authRequest.token || '');
+        },
+        getCsrfToken: async () => {
+          return authInstance.getCsrfToken();
+        },
+        getProviders: async () => {
+          return config.providers.reduce((acc: Record<string, AuthProvider>, provider) => {
+            acc[provider.id] = provider;
+            return acc;
+          }, {});
+        },
+      };
 
-      if (token) {
+      // Get session/token from request
+      let session: AuthSession | null = null;
+      let token: string | null = null;
+
+      // Try JWT token first (Authorization header)
+      const authHeader = req.headers?.authorization;
+      if (authHeader?.startsWith('Bearer ')) {
+        token = authHeader.substring(7);
         try {
-          // Simple token validation (in production, use proper JWT verification)
-          if (token.startsWith('valid_')) {
-            req.user = { id: 1, role: 'user' };
-            logger.debug(`Auth: Verified token for request`, 'TokenValidation');
+          const decoded = await authInstance.verifyJWT(token);
+          if (decoded) {
+            session = await authInstance.getSession({ req: { ...req, token } });
           }
         } catch (error) {
-          throw new Error('Invalid token');
+          logger.debug('Invalid JWT token', 'TokenValidation', { error });
+        }
+      }
+
+      // Try session cookie if no valid token
+      if (!session) {
+        try {
+          session = await authInstance.getSession({ req });
+        } catch (error) {
+          logger.debug('No valid session found', 'SessionValidation', { error });
         }
       }
+
+      // Populate auth request
+      if (session?.user) {
+        authRequest.user = session.user;
+        authRequest.session = session;
+        authRequest.token = token || undefined;
+        authRequest.isAuthenticated = true;
+
+        logger.debug('User authenticated', 'Authentication', {
+          userId: session.user.id,
+          provider: session.user.provider || 'unknown',
+        });
+      }
+
+      // Attach auth to request
+      req.auth = authRequest;
     });
+
+    // Response processing hook
+    hooks.after('response', async (context: HookContext) => {
+      const req = context.request as any;
+
+      if (req.auth?.session) {
+        // Update session activity if needed
+        try {
+          await authInstance.updateSession(req.auth.session);
+        } catch (error) {
+          logger.warn('Failed to update session', 'SessionUpdate', { error });
+        }
+      }
+    });
+
+    logger.info(
+      `Auth.js middleware installed with ${config.providers.length} providers`,
+      'Installation'
+    );
   },
 });
+
+// Mock Auth.js implementation (would be replaced with actual Auth.js)
+async function initializeAuthJS(config: AuthOptions): Promise<any> {
+  return {
+    handler: async (req: any, res: any) => {
+      // Mock Auth.js request handler
+      const path = req.url.replace(config.basePath!, '');
+
+      if (path.startsWith('/signin')) {
+        // Handle sign in
+        return handleSignIn(req, res, config);
+      } else if (path.startsWith('/signout')) {
+        // Handle sign out
+        return handleSignOut(req, res, config);
+      } else if (path.startsWith('/callback')) {
+        // Handle OAuth callback
+        return handleCallback(req, res, config);
+      } else if (path.startsWith('/session')) {
+        // Handle session endpoint
+        return handleSession(req, res, config);
+      }
+
+      return null;
+    },
+
+    getSession: async ({ req }: { req: any }) => {
+      // Mock session retrieval
+      const sessionId =
+        req.cookies?.['next-auth.session-token'] ||
+        req.cookies?.['__Secure-next-auth.session-token'];
+
+      if (sessionId && req.session) {
+        return {
+          user: req.session.user || null,
+          expires: new Date(Date.now() + config.session!.maxAge! * 1000).toISOString(),
+        };
+      }
+
+      return null;
+    },
+
+    verifyJWT: async (token: string) => {
+      // Mock JWT verification
+      try {
+        // In real implementation, use jose or jsonwebtoken
+        const payload = JSON.parse(Buffer.from(token.split('.')[1], 'base64').toString());
+        return payload;
+      } catch {
+        return null;
+      }
+    },
+
+    signIn: async (provider?: string, options?: any) => {
+      // Mock sign in
+      return { url: `${config.basePath}/signin${provider ? `/${provider}` : ''}` };
+    },
+
+    signOut: async (options?: any) => {
+      // Mock sign out
+      return { url: `${config.basePath}/signout` };
+    },
+
+    updateSession: async (session: any) => {
+      // Mock session update
+      return session;
+    },
+
+    getCsrfToken: async () => {
+      // Mock CSRF token generation
+      const crypto = require('crypto');
+      return crypto.randomBytes(32).toString('hex');
+    },
+  };
+}
+
+// Mock Auth.js handlers
+async function handleSignIn(req: any, res: any, config: AuthOptions) {
+  // Implementation would depend on the provider
+  logger.debug('Handling sign in request', 'SignIn');
+  return null;
+}
+
+async function handleSignOut(req: any, res: any, config: AuthOptions) {
+  // Clear session and redirect
+  logger.debug('Handling sign out request', 'SignOut');
+  return null;
+}
+
+async function handleCallback(req: any, res: any, config: AuthOptions) {
+  // Handle OAuth callback
+  logger.debug('Handling OAuth callback', 'Callback');
+  return null;
+}
+
+async function handleSession(req: any, res: any, config: AuthOptions) {
+  // Return current session
+  logger.debug('Handling session request', 'Session');
+  return null;
+}

package/src/core/middleware/built-in/index.ts

@@ -18,6 +18,28 @@ export { session } from './session';
 export { cache } from './cache';
 export { cdn } from './cdn';
 
+// Auth Helpers and Extended Providers
+export {
+  requireAuth,
+  requireRole,
+  requirePermission,
+  requireAdmin,
+  guestOnly,
+  optionalAuth,
+  withAuth,
+  protectedRoute,
+  authUtils,
+  authResponses,
+  sessionHelpers,
+} from './auth-helpers';
+
+export {
+  extendedProviders,
+  enterpriseProviders,
+  createCustomOAuthProvider,
+  createCustomOIDCProvider,
+} from './auth-providers';
+
 // Import for collections
 import { auth } from './auth';
 import { rateLimit } from './rate-limit';

package/src/index.ts

@@ -11,6 +11,32 @@ export {
 
 export type { MoroOptions } from './core/framework';
 
+// Export auth types and middleware
+export type {
+  AuthOptions,
+  AuthProvider,
+  AuthUser,
+  AuthSession,
+  AuthRequest,
+  AuthAccount,
+  AuthJWT,
+  AuthCallbacks,
+  AuthEvents,
+  AuthPages,
+  AuthAdapter,
+  OAuthProvider,
+  CredentialsProvider,
+  EmailProvider,
+  SignInOptions,
+  SignOutOptions,
+} from './types/auth';
+
+// Export native @auth/morojs adapter
+export { createAuthMiddleware, MoroJSAuth } from './core/auth/morojs-adapter';
+
+// Export Auth.js middleware and providers
+export { auth, providers } from './core/middleware/built-in/auth';
+
 // Runtime system exports
 export type {
   RuntimeType,
@@ -136,7 +162,10 @@ export {
   getConfigValue,
 } from './core/config/utils';
 
-export { initializeConfig, getGlobalConfig, isConfigInitialized } from './core/config';
+export { initializeConfig, getGlobalConfig, isConfigInitialized, resetConfig } from './core/config';
+
+// Export configuration types for TypeScript users
+export type { AppConfig } from './core/config';
 
 // Middleware System
 export { MiddlewareManager } from './core/middleware';

package/src/moro.ts

@@ -11,6 +11,7 @@ import {
   logger as globalLogger,
   applyLoggingConfiguration,
 } from './core/logger';
+import { MiddlewareManager } from './core/middleware';
 import { IntelligentRoutingManager } from './core/routing/app-integration';
 import { RouteBuilder, RouteSchema, CompiledRoute } from './core/routing';
 import { AppDocumentationManager, DocsConfig } from './core/docs';
@@ -46,6 +47,8 @@ export class Moro extends EventEmitter {
   // Runtime system
   private runtimeAdapter: RuntimeAdapter;
   private runtimeType: RuntimeType;
+  // Middleware system
+  private middlewareManager: MiddlewareManager;
 
   constructor(options: MoroOptions = {}) {
     super(); // Call EventEmitter constructor
@@ -77,6 +80,15 @@ export class Moro extends EventEmitter {
 
     this.coreFramework = new MoroCore();
 
+    // Initialize middleware system
+    this.middlewareManager = new MiddlewareManager();
+
+    // Integrate hooks system with HTTP server
+    const httpServer = (this.coreFramework as any).httpServer;
+    if (httpServer && httpServer.setHookManager) {
+      httpServer.setHookManager((this.middlewareManager as any).hooks);
+    }
+
     // Access enterprise event bus from core framework
     this.eventBus = (this.coreFramework as any).eventBus;
 
@@ -263,7 +275,23 @@ export class Moro extends EventEmitter {
       return this;
     }
 
-    // Advanced middleware pipeline integration
+    // Advanced middleware pipeline integration - check if it's a MiddlewareInterface
+    if (
+      middlewareOrFunction &&
+      typeof middlewareOrFunction === 'object' &&
+      middlewareOrFunction.install &&
+      middlewareOrFunction.metadata
+    ) {
+      // This is a MiddlewareInterface object - install it with the MiddlewareManager
+      this.logger.debug(
+        `Installing MiddlewareInterface: ${middlewareOrFunction.metadata.name}`,
+        'Middleware'
+      );
+      this.middlewareManager.install(middlewareOrFunction, config);
+      return this;
+    }
+
+    // Fallback: emit event for unknown middleware types
     this.eventBus.emit('middleware:advanced', {
       middleware: middlewareOrFunction,
       config,