@nixxie-cms/auth 1.0.1 → 1.1.0

package/src/schema.ts

@@ -1,84 +1,85 @@
-import { assertInputObjectType, GraphQLString, GraphQLID, parse, validate } from 'graphql'
-
-import { g } from '@nixxie-cms/core'
-import type { AuthGqlNames, AuthTokenTypeConfig, InitFirstItemConfig } from './types'
-import { getBaseAuthSchema } from './gql/getBaseAuthSchema'
-import { getInitFirstItemSchema } from './gql/getInitFirstItemSchema'
-
-export const getSchemaExtension = ({
-  authGqlNames,
-  listKey,
-  identityField,
-  secretField,
-  initFirstItem,
-  sessionData,
-}: {
-  authGqlNames: AuthGqlNames
-  listKey: string
-  identityField: string
-  secretField: string
-  initFirstItem?: InitFirstItemConfig<any>
-  passwordResetLink?: AuthTokenTypeConfig
-  magicAuthLink?: AuthTokenTypeConfig
-  sessionData: string
-}) =>
-  g.extend(base => {
-    const uniqueWhereInputType = assertInputObjectType(
-      base.schema.getType(authGqlNames.whereUniqueInputName)
-    )
-    const identityFieldOnUniqueWhere = uniqueWhereInputType.getFields()[identityField]
-    if (
-      base.schema.extensions.sudo &&
-      identityFieldOnUniqueWhere?.type !== GraphQLString &&
-      identityFieldOnUniqueWhere?.type !== GraphQLID
-    ) {
-      throw new Error(
-        `createAuth was called with an identityField of ${identityField} on the list ${listKey} ` +
-          `but that field doesn't allow being searched uniquely with a String or ID. ` +
-          `You should likely add \`isIndexed: 'unique'\` ` +
-          `to the field at ${listKey}.${identityField}`
-      )
-    }
-
-    const baseSchema = getBaseAuthSchema({
-      authGqlNames: authGqlNames,
-      identityField,
-      listKey,
-      secretField,
-      base,
-    })
-
-    // technically this will incorrectly error if someone has a schema extension that adds a field to the list output type
-    // and then wants to fetch that field with `sessionData` but it's extremely unlikely someone will do that since if
-    // they want to add a GraphQL field, they'll probably use a virtual field
-    const query = `query($id: ID!) { ${authGqlNames.itemQueryName}(where: { id: $id }) { ${sessionData} } }`
-
-    let ast
-    try {
-      ast = parse(query)
-    } catch (err) {
-      throw new Error(
-        `The query to get session data has a syntax error, the sessionData option in your createAuth usage is likely incorrect\n${err}`
-      )
-    }
-
-    const errors = validate(base.schema, ast)
-    if (errors.length) {
-      throw new Error(
-        `The query to get session data has validation errors, the sessionData option in your createAuth usage is likely incorrect\n${errors.join('\n')}`
-      )
-    }
-
-    return [
-      baseSchema.extension,
-      initFirstItem &&
-        getInitFirstItemSchema({
-          authGqlNames,
-          listKey,
-          fields: initFirstItem.fields,
-          defaultItemData: initFirstItem.itemData,
-          graphQLSchema: base.schema,
-          ItemAuthenticationWithPasswordSuccess: baseSchema.ItemAuthenticationWithPasswordSuccess,
-        }),
-    ].filter((x): x is Exclude<typeof x, undefined> => x !== undefined)
-  })
+import { assertInputObjectType, GraphQLString, GraphQLID, parse, validate } from 'graphql'
+
+import { g } from '@nixxie-cms/core'
+import type { AuthGqlNames, AuthTokenTypeConfig, InitFirstItemConfig } from './types'
+import { getBaseAuthSchema } from './gql/getBaseAuthSchema'
+import { getInitFirstItemSchema } from './gql/getInitFirstItemSchema'
+
+export const getSchemaExtension = ({
+  authGqlNames,
+  listKey,
+  identityField,
+  secretField,
+  initFirstItem,
+  sessionData,
+}: {
+  authGqlNames: AuthGqlNames
+  listKey: string
+  identityField: string
+  secretField: string
+  initFirstItem?: InitFirstItemConfig<any>
+  passwordResetLink?: AuthTokenTypeConfig
+  magicAuthLink?: AuthTokenTypeConfig
+  sessionData: string
+}) =>
+  g.extend(base => {
+    const uniqueWhereInputType = assertInputObjectType(
+      base.schema.getType(authGqlNames.whereUniqueInputName)
+    )
+    const identityFieldOnUniqueWhere = uniqueWhereInputType.getFields()[identityField]
+    if (
+      base.schema.extensions.sudo &&
+      identityFieldOnUniqueWhere?.type !== GraphQLString &&
+      identityFieldOnUniqueWhere?.type !== GraphQLID
+    ) {
+      throw new Error(
+        `createAuth was called with an identityField of ${identityField} on the list ${listKey} ` +
+          `but that field doesn't allow being searched uniquely with a String or ID. ` +
+          `You should likely add \`isIndexed: 'unique'\` ` +
+          `to the field at ${listKey}.${identityField}`
+      )
+    }
+
+    const baseSchema = getBaseAuthSchema({
+      authGqlNames: authGqlNames,
+      identityField,
+      listKey,
+      secretField,
+      base,
+    })
+
+    // technically this will incorrectly error if someone has a schema extension that adds a field to the list output type
+    // and then wants to fetch that field with `sessionData` but it's extremely unlikely someone will do that since if
+    // they want to add a GraphQL field, they'll probably use a virtual field
+    const query = `query($id: ID!) { ${authGqlNames.itemQueryName}(where: { id: $id }) { ${sessionData} } }`
+
+    let ast
+    try {
+      ast = parse(query)
+    } catch (err) {
+      throw new Error(
+        `The query to get session data has a syntax error, the sessionData option in your createAuth usage is likely incorrect\n${err}`,
+        { cause: err }
+      )
+    }
+
+    const errors = validate(base.schema, ast)
+    if (errors.length) {
+      throw new Error(
+        `The query to get session data has validation errors, the sessionData option in your createAuth usage is likely incorrect\n${errors.join('\n')}`
+      )
+    }
+
+    return [
+      baseSchema.extension,
+      initFirstItem &&
+        getInitFirstItemSchema({
+          authGqlNames,
+          listKey,
+          fields: initFirstItem.fields,
+          defaultItemData: initFirstItem.itemData,
+          graphQLSchema: base.schema,
+          ItemAuthenticationWithPasswordSuccess: baseSchema.ItemAuthenticationWithPasswordSuccess,
+        }),
+    ].filter((x): x is Exclude<typeof x, undefined> => x !== undefined)
+  })

package/src/templates/config.ts

@@ -1,9 +1,9 @@
-export default function ({ labelField }: { labelField: string }) {
-  return `import { type AdminConfig } from '@nixxie-cms/core/types'
-import makeNavigation from '@nixxie-cms/auth/components/Navigation'
-
-export const components: AdminConfig['components'] = {
-  Navigation: makeNavigation({ labelField: '${labelField}' }),
-}
-`
-}
+export default function ({ labelField }: { labelField: string }) {
+  return `import { type AdminConfig } from '@nixxie-cms/core/types'
+import makeNavigation from '@nixxie-cms/auth/components/Navigation'
+
+export const components: AdminConfig['components'] = {
+  Navigation: makeNavigation({ labelField: '${labelField}' }),
+}
+`
+}

package/src/templates/init.ts

@@ -1,22 +1,22 @@
-import type { BaseListTypeInfo } from '@nixxie-cms/core/types'
-import type { AuthGqlNames, AuthConfig } from '../types'
-
-export default function ({
-  authGqlNames,
-  listKey,
-  initFirstItem,
-}: {
-  authGqlNames: AuthGqlNames
-  listKey: string
-  initFirstItem: NonNullable<AuthConfig<BaseListTypeInfo>['initFirstItem']>
-}) {
-  return `import makeInitPage from '@nixxie-cms/auth/pages/InitPage'
-
-export default makeInitPage(${JSON.stringify({
-    listKey,
-    authGqlNames,
-    fieldPaths: initFirstItem.fields,
-    enableWelcome: !initFirstItem.skipNixxieWelcome,
-  })})
-`
-}
+import type { BaseCollectionTypeInfo } from '@nixxie-cms/core/types'
+import type { AuthGqlNames, AuthConfig } from '../types'
+
+export default function ({
+  authGqlNames,
+  listKey,
+  initFirstItem,
+}: {
+  authGqlNames: AuthGqlNames
+  listKey: string
+  initFirstItem: NonNullable<AuthConfig<BaseCollectionTypeInfo>['initFirstItem']>
+}) {
+  return `import makeInitPage from '@nixxie-cms/auth/pages/InitPage'
+
+export default makeInitPage(${JSON.stringify({
+    listKey,
+    authGqlNames,
+    fieldPaths: initFirstItem.fields,
+    enableWelcome: !initFirstItem.skipNixxieWelcome,
+  })})
+`
+}

package/src/templates/signin.ts

@@ -1,20 +1,20 @@
-import type { AuthGqlNames } from '../types'
-
-export default function ({
-  authGqlNames,
-  identityField,
-  secretField,
-}: {
-  authGqlNames: AuthGqlNames
-  identityField: string
-  secretField: string
-}) {
-  return `import makeSigninPage from '@nixxie-cms/auth/pages/SigninPage'
-
-export default makeSigninPage(${JSON.stringify({
-    authGqlNames,
-    identityField,
-    secretField,
-  })})
-`
-}
+import type { AuthGqlNames } from '../types'
+
+export default function ({
+  authGqlNames,
+  identityField,
+  secretField,
+}: {
+  authGqlNames: AuthGqlNames
+  identityField: string
+  secretField: string
+}) {
+  return `import makeSigninPage from '@nixxie-cms/auth/pages/SigninPage'
+
+export default makeSigninPage(${JSON.stringify({
+    authGqlNames,
+    identityField,
+    secretField,
+  })})
+`
+}

package/src/types.ts

@@ -1,57 +1,57 @@
-import type { BaseListTypeInfo, NixxieContext } from '@nixxie-cms/core/types'
-
-export type AuthGqlNames = {
-  itemQueryName: string
-  whereUniqueInputName: string
-
-  authenticateItemWithPassword: string
-  ItemAuthenticationWithPasswordResult: string
-  ItemAuthenticationWithPasswordSuccess: string
-  ItemAuthenticationWithPasswordFailure: string
-
-  CreateInitialInput: string
-  createInitialItem: string
-}
-
-export type SendTokenFn = (args: {
-  itemId: string | number | bigint
-  identity: string
-  token: string
-  context: NixxieContext
-}) => Promise<void> | void
-
-export type AuthTokenTypeConfig = {
-  /** Called when a user should be sent the magic signin token they requested */
-  sendToken: SendTokenFn
-  /** How long do tokens stay valid for from time of issue, in minutes **/
-  tokensValidForMins?: number
-}
-
-export type AuthConfig<ListTypeInfo extends BaseListTypeInfo> = {
-  /** The key of the list to authenticate users with */
-  listKey: ListTypeInfo['key']
-  /** The path of the field the identity is stored in; must be text-ish */
-  identityField: ListTypeInfo['fields']
-  /** The path of the field the secret is stored in; must be password-ish */
-  secretField: ListTypeInfo['fields']
-  /** The initial user/db seeding functionality */
-  initFirstItem?: InitFirstItemConfig<ListTypeInfo>
-  /** Session data population */
-  sessionData?: string
-}
-
-export type InitFirstItemConfig<ListTypeInfo extends BaseListTypeInfo> = {
-  /** Array of fields to collect, e.g ['name', 'email', 'password'] */
-  fields: readonly ListTypeInfo['fields'][]
-  /** Suppresses the second screen where we ask people to subscribe and follow Nixxie */
-  skipNixxieWelcome?: boolean
-  /** Extra input to add for the create mutation */
-  itemData?: Partial<ListTypeInfo['inputs']['create']>
-}
-
-export type AuthTokenRedemptionErrorCode = 'FAILURE' | 'TOKEN_EXPIRED' | 'TOKEN_REDEEMED'
-
-export type SecretFieldImpl = {
-  generateHash: (secret: string) => Promise<string>
-  compare: (secret: string, hash: string) => Promise<boolean>
-}
+import type { BaseCollectionTypeInfo, NixxieContext } from '@nixxie-cms/core/types'
+
+export type AuthGqlNames = {
+  itemQueryName: string
+  whereUniqueInputName: string
+
+  authenticateItemWithPassword: string
+  ItemAuthenticationWithPasswordResult: string
+  ItemAuthenticationWithPasswordSuccess: string
+  ItemAuthenticationWithPasswordFailure: string
+
+  CreateInitialInput: string
+  createInitialItem: string
+}
+
+export type SendTokenFn = (args: {
+  itemId: string | number | bigint
+  identity: string
+  token: string
+  context: NixxieContext
+}) => Promise<void> | void
+
+export type AuthTokenTypeConfig = {
+  /** Called when a user should be sent the magic signin token they requested */
+  sendToken: SendTokenFn
+  /** How long do tokens stay valid for from time of issue, in minutes **/
+  tokensValidForMins?: number
+}
+
+export type AuthConfig<CollectionTypeInfo extends BaseCollectionTypeInfo> = {
+  /** The key of the list to authenticate users with */
+  listKey: CollectionTypeInfo['key']
+  /** The path of the field the identity is stored in; must be text-ish */
+  identityField: CollectionTypeInfo['fields']
+  /** The path of the field the secret is stored in; must be password-ish */
+  secretField: CollectionTypeInfo['fields']
+  /** The initial user/db seeding functionality */
+  initFirstItem?: InitFirstItemConfig<CollectionTypeInfo>
+  /** Session data population */
+  sessionData?: string
+}
+
+export type InitFirstItemConfig<CollectionTypeInfo extends BaseCollectionTypeInfo> = {
+  /** Array of fields to collect, e.g ['name', 'email', 'password'] */
+  fields: readonly CollectionTypeInfo['fields'][]
+  /** Suppresses the second screen where we ask people to subscribe and follow Nixxie */
+  skipNixxieWelcome?: boolean
+  /** Extra input to add for the create mutation */
+  itemData?: Partial<CollectionTypeInfo['inputs']['create']>
+}
+
+export type AuthTokenRedemptionErrorCode = 'FAILURE' | 'TOKEN_EXPIRED' | 'TOKEN_REDEEMED'
+
+export type SecretFieldImpl = {
+  generateHash: (secret: string) => Promise<string>
+  compare: (secret: string, hash: string) => Promise<boolean>
+}