@nocobase/plugin-auth 0.10.0-alpha.2

package/lib/server/model/authenticator.js

@@ -0,0 +1,72 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.AuthModel = void 0;
+function _database() {
+  const data = require("@nocobase/database");
+  _database = function _database() {
+    return data;
+  };
+  return data;
+}
+function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { Promise.resolve(value).then(_next, _throw); } }
+function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
+class AuthModel extends _database().Model {
+  findUser(uuid) {
+    var _this = this;
+    return _asyncToGenerator(function* () {
+      let user;
+      const users = yield _this.getUsers({
+        through: {
+          where: {
+            uuid
+          }
+        }
+      });
+      if (users.length) {
+        user = users[0];
+        return user;
+      }
+    })();
+  }
+  newUser(uuid, values) {
+    var _this2 = this;
+    return _asyncToGenerator(function* () {
+      let user;
+      const db = _this2.constructor.database;
+      yield _this2.sequelize.transaction( /*#__PURE__*/function () {
+        var _ref = _asyncToGenerator(function* (transaction) {
+          // Create a new user if not exists
+          user = yield _this2.createUser(values || {
+            nickname: uuid
+          }, {
+            through: {
+              uuid: uuid
+            },
+            transaction
+          });
+          yield db.emitAsync(`users.afterCreateWithAssociations`, user, {
+            transaction
+          });
+        });
+        return function (_x) {
+          return _ref.apply(this, arguments);
+        };
+      }());
+      return user;
+    })();
+  }
+  findOrCreateUser(uuid, userValues) {
+    var _this3 = this;
+    return _asyncToGenerator(function* () {
+      const user = yield _this3.findUser(uuid);
+      if (user) {
+        return user;
+      }
+      return yield _this3.newUser(uuid, userValues);
+    })();
+  }
+}
+exports.AuthModel = AuthModel;

package/lib/server/plugin.d.ts

@@ -0,0 +1,11 @@
+import { InstallOptions, Plugin } from '@nocobase/server';
+export declare class AuthPlugin extends Plugin {
+    afterAdd(): void;
+    beforeLoad(): Promise<void>;
+    load(): Promise<void>;
+    install(options?: InstallOptions): Promise<void>;
+    afterEnable(): Promise<void>;
+    afterDisable(): Promise<void>;
+    remove(): Promise<void>;
+}
+export default AuthPlugin;

package/lib/server/plugin.js

@@ -0,0 +1,130 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = exports.AuthPlugin = void 0;
+function _server() {
+  const data = require("@nocobase/server");
+  _server = function _server() {
+    return data;
+  };
+  return data;
+}
+function _path() {
+  const data = require("path");
+  _path = function _path() {
+    return data;
+  };
+  return data;
+}
+var _basicAuth = require("./basic-auth");
+var _preset = require("../preset");
+var _auth = _interopRequireDefault(require("./actions/auth"));
+var _authenticators = _interopRequireDefault(require("./actions/authenticators"));
+var _locale = require("./locale");
+var _authenticator = require("./model/authenticator");
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+function asyncGeneratorStep(gen, resolve, reject, _next, _throw, key, arg) { try { var info = gen[key](arg); var value = info.value; } catch (error) { reject(error); return; } if (info.done) { resolve(value); } else { Promise.resolve(value).then(_next, _throw); } }
+function _asyncToGenerator(fn) { return function () { var self = this, args = arguments; return new Promise(function (resolve, reject) { var gen = fn.apply(self, args); function _next(value) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "next", value); } function _throw(err) { asyncGeneratorStep(gen, resolve, reject, _next, _throw, "throw", err); } _next(undefined); }); }; }
+class AuthPlugin extends _server().Plugin {
+  afterAdd() {}
+  beforeLoad() {
+    var _this = this;
+    return _asyncToGenerator(function* () {
+      _this.app.i18n.addResources('zh-CN', _preset.namespace, _locale.zhCN);
+      _this.app.i18n.addResources('en-US', _preset.namespace, _locale.enUS);
+      _this.app.db.registerModels({
+        AuthModel: _authenticator.AuthModel
+      });
+    })();
+  }
+  load() {
+    var _this2 = this;
+    return _asyncToGenerator(function* () {
+      // Set up database
+      yield _this2.db.import({
+        directory: (0, _path().resolve)(__dirname, 'collections')
+      });
+      _this2.db.addMigrations({
+        namespace: 'auth',
+        directory: (0, _path().resolve)(__dirname, 'migrations'),
+        context: {
+          plugin: _this2
+        }
+      });
+      // Set up auth manager and register preset auth type
+      _this2.app.authManager.setStorer({
+        get: function () {
+          var _get = _asyncToGenerator(function* (name) {
+            const repo = _this2.db.getRepository('authenticators');
+            const authenticators = yield repo.find({
+              filter: {
+                enabled: true
+              }
+            });
+            const authenticator = authenticators.find(authenticator => authenticator.name === name);
+            return authenticator || authenticators[0];
+          });
+          function get(_x) {
+            return _get.apply(this, arguments);
+          }
+          return get;
+        }()
+      });
+      _this2.app.authManager.registerTypes(_preset.presetAuthType, {
+        auth: _basicAuth.BasicAuth
+      });
+      // Register actions
+      Object.entries(_auth.default).forEach(([action, handler]) => _this2.app.resourcer.registerAction(`auth:${action}`, handler));
+      Object.entries(_authenticators.default).forEach(([action, handler]) => _this2.app.resourcer.registerAction(`authenticators:${action}`, handler));
+      // Set up ACL
+      ['check', 'signIn', 'signUp'].forEach(action => _this2.app.acl.allow('auth', action));
+      ['signOut', 'changePassword'].forEach(action => _this2.app.acl.allow('auth', action, 'loggedIn'));
+      _this2.app.acl.allow('authenticators', 'publicList');
+      _this2.app.acl.registerSnippet({
+        name: `pm.${_this2.name}.authenticators`,
+        actions: ['authenticators:*']
+      });
+    })();
+  }
+  install(options) {
+    var _this3 = this;
+    return _asyncToGenerator(function* () {
+      const repository = _this3.db.getRepository('authenticators');
+      const exist = yield repository.findOne({
+        filter: {
+          name: _preset.presetAuthenticator
+        }
+      });
+      if (exist) {
+        return;
+      }
+      yield repository.create({
+        values: {
+          name: _preset.presetAuthenticator,
+          authType: _preset.presetAuthType,
+          description: 'Sign in with email and password.',
+          enabled: true,
+          options: {
+            public: {
+              allowSignUp: true
+            }
+          }
+        }
+      });
+    })();
+  }
+  afterEnable() {
+    return _asyncToGenerator(function* () {})();
+  }
+  afterDisable() {
+    return _asyncToGenerator(function* () {})();
+  }
+  remove() {
+    return _asyncToGenerator(function* () {})();
+  }
+}
+exports.AuthPlugin = AuthPlugin;
+var _default = AuthPlugin;
+exports.default = _default;

package/package.json

@@ -0,0 +1,17 @@
+{
+  "name": "@nocobase/plugin-auth",
+  "version": "0.10.0-alpha.2",
+  "main": "lib/server/index.js",
+  "devDependencies": {
+    "@nocobase/actions": "0.10.0-alpha.2",
+    "@nocobase/client": "0.10.0-alpha.2",
+    "@nocobase/database": "0.10.0-alpha.2",
+    "@nocobase/server": "0.10.0-alpha.2",
+    "@nocobase/test": "0.10.0-alpha.2"
+  },
+  "displayName": "Authentication",
+  "displayName.zh-CN": "用户认证",
+  "description": "Basic authentication and authenticator management.",
+  "description.zh-CN": "提供基础认证功能和扩展认证器管理功能。",
+  "gitHead": "85028ae1733fcbd46ecd5d291dacbdc175f7f073"
+}

package/server.d.ts

@@ -0,0 +1,3 @@
+// @ts-nocheck
+export * from './lib/server';
+export { default } from './lib/server';

package/server.js

@@ -0,0 +1,65 @@
+'use strict';
+
+function _getRequireWildcardCache(nodeInterop) {
+  if (typeof WeakMap !== 'function') return null;
+  var cacheBabelInterop = new WeakMap();
+  var cacheNodeInterop = new WeakMap();
+  return (_getRequireWildcardCache = function _getRequireWildcardCache(nodeInterop) {
+    return nodeInterop ? cacheNodeInterop : cacheBabelInterop;
+  })(nodeInterop);
+}
+
+function _interopRequireWildcard(obj, nodeInterop) {
+  if (!nodeInterop && obj && obj.__esModule) {
+    return obj;
+  }
+  if (obj === null || (typeof obj !== 'object' && typeof obj !== 'function')) {
+    return { default: obj };
+  }
+  var cache = _getRequireWildcardCache(nodeInterop);
+  if (cache && cache.has(obj)) {
+    return cache.get(obj);
+  }
+  var newObj = {};
+  var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor;
+  for (var key in obj) {
+    if (key !== 'default' && Object.prototype.hasOwnProperty.call(obj, key)) {
+      var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null;
+      if (desc && (desc.get || desc.set)) {
+        Object.defineProperty(newObj, key, desc);
+      } else {
+        newObj[key] = obj[key];
+      }
+    }
+  }
+  newObj.default = obj;
+  if (cache) {
+    cache.set(obj, newObj);
+  }
+  return newObj;
+}
+
+var _index = _interopRequireWildcard(require('./lib/server'));
+
+Object.defineProperty(exports, '__esModule', {
+  value: true,
+});
+var _exportNames = {};
+Object.defineProperty(exports, 'default', {
+  enumerable: true,
+  get: function get() {
+    return _index.default;
+  },
+});
+
+Object.keys(_index).forEach(function (key) {
+  if (key === 'default' || key === '__esModule') return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _index[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function get() {
+      return _index[key];
+    },
+  });
+});

package/src/client/basic/Options.tsx

@@ -0,0 +1,31 @@
+import { SchemaComponent } from '@nocobase/client';
+import React from 'react';
+import { useAuthTranslation } from '../locale';
+
+export const Options = () => {
+  const { t } = useAuthTranslation();
+  return (
+    <SchemaComponent
+      scope={{ t }}
+      schema={{
+        type: 'object',
+        properties: {
+          public: {
+            type: 'object',
+            properties: {
+              allowSignup: {
+                'x-decorator': 'FormItem',
+                type: 'boolean',
+                title: '{{t("Allow to sign up")}}',
+                'x-component': 'Checkbox',
+                'x-component-props': {
+                  defaultChecked: true,
+                },
+              },
+            },
+          },
+        },
+      }}
+    />
+  );
+};

package/src/client/basic/SigninPage.tsx

@@ -0,0 +1,65 @@
+import { Authenticator, SchemaComponent, SignupPageContext, useSignIn } from '@nocobase/client';
+import { ISchema } from '@formily/react';
+import React, { useContext } from 'react';
+
+const passwordForm: ISchema = {
+  type: 'object',
+  name: 'passwordForm',
+  'x-component': 'FormV2',
+  properties: {
+    email: {
+      type: 'string',
+      required: true,
+      'x-component': 'Input',
+      'x-validator': 'email',
+      'x-decorator': 'FormItem',
+      'x-component-props': { placeholder: '{{t("Email")}}', style: {} },
+    },
+    password: {
+      type: 'string',
+      'x-component': 'Password',
+      required: true,
+      'x-decorator': 'FormItem',
+      'x-component-props': { placeholder: '{{t("Password")}}', style: {} },
+    },
+    actions: {
+      type: 'void',
+      'x-component': 'div',
+      properties: {
+        submit: {
+          title: '{{t("Sign in")}}',
+          type: 'void',
+          'x-component': 'Action',
+          'x-component-props': {
+            htmlType: 'submit',
+            block: true,
+            type: 'primary',
+            useAction: `{{ useBasicSignIn }}`,
+            style: { width: '100%' },
+          },
+        },
+      },
+    },
+    signup: {
+      type: 'void',
+      'x-component': 'Link',
+      'x-component-props': {
+        to: '{{ signupLink }}',
+      },
+      'x-content': '{{t("Create an account")}}',
+      'x-visible': '{{ allowSignUp }}',
+    },
+  },
+};
+export default (props: { authenticator: Authenticator }) => {
+  const authenticator = props.authenticator;
+  const { authType, name, options } = authenticator;
+  const signupPages = useContext(SignupPageContext);
+  const allowSignUp = !!signupPages[authType] && options?.allowSignup;
+  const signupLink = `/signup?authType=${authType}&name=${name}`;
+
+  const useBasicSignIn = () => {
+    return useSignIn(name);
+  };
+  return <SchemaComponent schema={passwordForm} scope={{ useBasicSignIn, allowSignUp, signupLink }} />;
+};

package/src/client/basic/SignupPage.tsx

@@ -0,0 +1,91 @@
+import { SchemaComponent, useSignup } from '@nocobase/client';
+import { ISchema } from '@formily/react';
+import React from 'react';
+import { uid } from '@formily/shared';
+
+const signupPageSchema: ISchema = {
+  type: 'object',
+  name: uid(),
+  'x-component': 'FormV2',
+  properties: {
+    email: {
+      type: 'string',
+      required: true,
+      'x-component': 'Input',
+      'x-validator': 'email',
+      'x-decorator': 'FormItem',
+      'x-component-props': { placeholder: '{{t("Email")}}', style: {} },
+    },
+    password: {
+      type: 'string',
+      required: true,
+      'x-component': 'Password',
+      'x-decorator': 'FormItem',
+      'x-component-props': { placeholder: '{{t("Password")}}', checkStrength: true, style: {} },
+      'x-reactions': [
+        {
+          dependencies: ['.confirm_password'],
+          fulfill: {
+            state: {
+              selfErrors: '{{$deps[0] && $self.value && $self.value !== $deps[0] ? t("Password mismatch") : ""}}',
+            },
+          },
+        },
+      ],
+    },
+    confirm_password: {
+      type: 'string',
+      required: true,
+      'x-component': 'Password',
+      'x-decorator': 'FormItem',
+      'x-component-props': { placeholder: '{{t("Confirm password")}}', style: {} },
+      'x-reactions': [
+        {
+          dependencies: ['.password'],
+          fulfill: {
+            state: {
+              selfErrors: '{{$deps[0] && $self.value && $self.value !== $deps[0] ? t("Password mismatch") : ""}}',
+            },
+          },
+        },
+      ],
+    },
+    actions: {
+      type: 'void',
+      'x-component': 'div',
+      properties: {
+        submit: {
+          title: '{{t("Sign up")}}',
+          type: 'void',
+          'x-component': 'Action',
+          'x-component-props': {
+            block: true,
+            type: 'primary',
+            htmlType: 'submit',
+            useAction: '{{ useBasicSignup }}',
+            style: { width: '100%' },
+          },
+        },
+      },
+    },
+    link: {
+      type: 'void',
+      'x-component': 'div',
+      properties: {
+        link: {
+          type: 'void',
+          'x-component': 'Link',
+          'x-component-props': { to: '/signin' },
+          'x-content': '{{t("Log in with an existing account")}}',
+        },
+      },
+    },
+  },
+};
+
+export default (props: { name: string }) => {
+  const useBasicSignup = () => {
+    return useSignup({ authenticator: props.name });
+  };
+  return <SchemaComponent schema={signupPageSchema} scope={{ useBasicSignup }} />;
+};

package/src/client/index.tsx

@@ -0,0 +1,41 @@
+import {
+  OptionsComponentProvider,
+  SettingsCenterProvider,
+  SigninPageProvider,
+  SignupPageProvider,
+} from '@nocobase/client';
+import React from 'react';
+import { Authenticator } from './settings/Authenticator';
+import SigninPage from './basic/SigninPage';
+import { presetAuthType } from '../preset';
+import SignupPage from './basic/SignupPage';
+import { useAuthTranslation } from './locale';
+import { Options } from './basic/Options';
+
+export default (props) => {
+  const { t } = useAuthTranslation();
+  return (
+    <SettingsCenterProvider
+      settings={{
+        auth: {
+          title: t('Authentication'),
+          icon: 'LoginOutlined',
+          tabs: {
+            authenticators: {
+              title: t('Authenticators'),
+              component: () => <Authenticator />,
+            },
+          },
+        },
+      }}
+    >
+      <OptionsComponentProvider authType={presetAuthType} component={Options}>
+        <SigninPageProvider authType={presetAuthType} tabTitle={t('Sign in via email')} component={SigninPage}>
+          <SignupPageProvider authType={presetAuthType} component={SignupPage}>
+            {props.children}
+          </SignupPageProvider>
+        </SigninPageProvider>
+      </OptionsComponentProvider>
+    </SettingsCenterProvider>
+  );
+};

package/src/client/locale/index.ts

@@ -0,0 +1,7 @@
+import { useTranslation } from 'react-i18next';
+
+export const NAMESPACE = 'auth';
+
+export function useAuthTranslation() {
+  return useTranslation(NAMESPACE);
+}

package/src/client/locale/zh-CN.ts

@@ -0,0 +1,10 @@
+const locale = {
+  'Auth Type': '认证类型',
+  Authenticators: '认证器',
+  Authentication: '用户认证',
+  'Sign in via email': '邮箱登录',
+  'Not allowed to sign up': '禁止注册',
+  'Allow to sign up': '允许注册',
+};
+
+export default locale;

package/src/client/settings/Authenticator.tsx

@@ -0,0 +1,95 @@
+import {
+  ActionContextProvider,
+  SchemaComponent,
+  useAPIClient,
+  useActionContext,
+  useAsyncData,
+  useRequest,
+} from '@nocobase/client';
+import { Card } from 'antd';
+import React, { useState } from 'react';
+import { authenticatorsSchema, createFormSchema } from './schemas/authenticators';
+import { Button, Dropdown } from 'antd';
+import { PlusOutlined, DownOutlined } from '@ant-design/icons';
+import { AuthTypeContext, AuthTypesContext, useAuthTypes } from './authType';
+import { useValuesFromOptions, Options } from './Options';
+import { useTranslation } from 'react-i18next';
+
+const useCloseAction = () => {
+  const { setVisible } = useActionContext();
+  return {
+    async run() {
+      setVisible(false);
+    },
+  };
+};
+
+const AddNew = () => {
+  const { t } = useTranslation();
+  const [visible, setVisible] = useState(false);
+  const [type, setType] = useState('');
+  const types = useAuthTypes();
+  const items = types.map((item) => ({
+    ...item,
+    onClick: () => {
+      setVisible(true);
+      setType(item.value);
+    },
+  }));
+
+  return (
+    <ActionContextProvider value={{ visible, setVisible }}>
+      <AuthTypeContext.Provider value={{ type }}>
+        <Dropdown menu={{ items }}>
+          <Button icon={<PlusOutlined />} type={'primary'}>
+            {t('Add new')} <DownOutlined />
+          </Button>
+        </Dropdown>
+        <SchemaComponent scope={{ useCloseAction, types, setType }} schema={createFormSchema} />
+      </AuthTypeContext.Provider>
+    </ActionContextProvider>
+  );
+};
+
+// Disable delete button when there is only one authenticator
+const useCanNotDelete = () => {
+  const { data } = useAsyncData();
+  // return data?.meta?.count === 1;
+  return false;
+};
+
+export const Authenticator = () => {
+  const [types, setTypes] = useState([]);
+  const api = useAPIClient();
+  useRequest(
+    () =>
+      api
+        .resource('authenticators')
+        .listTypes()
+        .then((res) => {
+          const types = res?.data?.data || [];
+          return types.map((type: string) => ({
+            key: type,
+            label: type,
+            value: type,
+          }));
+        }),
+    {
+      onSuccess: (types) => {
+        setTypes(types);
+      },
+    },
+  );
+
+  return (
+    <Card bordered={false}>
+      <AuthTypesContext.Provider value={{ types }}>
+        <SchemaComponent
+          schema={authenticatorsSchema}
+          components={{ AddNew, Options }}
+          scope={{ types, useValuesFromOptions, useCanNotDelete }}
+        />
+      </AuthTypesContext.Provider>
+    </Card>
+  );
+};

package/src/client/settings/Options.tsx

@@ -0,0 +1,35 @@
+import { useRequest, useRecord, useActionContext } from '@nocobase/client';
+import { useEffect } from 'react';
+import { useOptionsComponent } from '@nocobase/client';
+import { observer, useForm } from '@formily/react';
+
+export const useValuesFromOptions = (options) => {
+  const record = useRecord();
+  const result = useRequest(
+    () =>
+      Promise.resolve({
+        data: {
+          ...record.options,
+        },
+      }),
+    {
+      ...options,
+      manual: true,
+    },
+  );
+  const { run } = result;
+  const ctx = useActionContext();
+  useEffect(() => {
+    if (ctx.visible) {
+      run();
+    }
+  }, [ctx.visible, run]);
+  return result;
+};
+
+export const Options = observer(() => {
+  const form = useForm();
+  const record = useRecord();
+  const component = useOptionsComponent(form.values.authType || record.authType);
+  return component;
+});