@nocobase/plugin-auth 0.17.0-alpha.3 → 0.17.0-alpha.5

package/dist/externalVersion.js

@@ -1,14 +1,15 @@
 module.exports = {
-  "@nocobase/client": "0.17.0-alpha.3",
+  "@nocobase/client": "0.17.0-alpha.5",
   "react": "18.2.0",
   "react-router-dom": "6.14.1",
-  "@nocobase/auth": "0.17.0-alpha.3",
-  "@nocobase/database": "0.17.0-alpha.3",
-  "@nocobase/server": "0.17.0-alpha.3",
+  "@nocobase/auth": "0.17.0-alpha.5",
+  "@nocobase/database": "0.17.0-alpha.5",
+  "@nocobase/server": "0.17.0-alpha.5",
+  "@nocobase/cache": "0.17.0-alpha.5",
   "antd": "5.8.6",
   "@formily/react": "2.2.27",
   "@formily/shared": "2.2.27",
   "react-i18next": "11.18.6",
   "@ant-design/icons": "5.1.4",
-  "@nocobase/actions": "0.17.0-alpha.3"
+  "@nocobase/actions": "0.17.0-alpha.5"
 };

package/dist/node_modules/cron/package.json

@@ -1 +1 @@
-{"name":"cron","description":"Cron jobs for your node","version":"2.3.1","author":"Nick Campbell <nicholas.j.campbell@gmail.com> (https://github.com/ncb000gt)","bugs":{"url":"https://github.com/kelektiv/node-cron/issues"},"repository":{"type":"git","url":"https://github.com/kelektiv/node-cron.git"},"main":"lib/cron","scripts":{"lint":"eslint {lib,tests}/*.js","test":"jest --coverage","test:watch":"jest --watch --coverage"},"dependencies":{"luxon":"^3.2.1"},"devDependencies":{"chai":"~4.2.x","eslint":"~8.36.x","eslint-config-prettier":"^8.7.x","eslint-config-standard":"~17.0.x","eslint-plugin-import":"~2.27.x","eslint-plugin-jest":"~27.2.x","eslint-plugin-n":"~15.6.x","eslint-plugin-prettier":"~4.2.x","eslint-plugin-promise":"~6.1.x","jest":"~29.5.x","prettier":"~2.8.x","sinon":"^15.0.x"},"keywords":["cron","node cron","node-cron","schedule","scheduler","cronjob","cron job"],"license":"MIT","contributors":["Brandon der Blätter <https://interlucid.com/contact/> (https://github.com/intcreator)","Romain Beauxis <toots@rastageeks.org> (https://github.com/toots)","James Padolsey <> (https://github.com/jamespadolsey)","Finn Herpich <fh@three-heads.de> (https://github.com/ErrorProne)","Clifton Cunningham <clifton.cunningham@gmail.com> (https://github.com/cliftonc)","Eric Abouaf <eric.abouaf@gmail.com> (https://github.com/neyric)","humanchimp <morphcham@gmail.com> (https://github.com/humanchimp)","Craig Condon <craig@spiceapps.com> (https://github.com/spiceapps)","Dan Bear <daniel@hulu.com> (https://github.com/danhbear)","Vadim Baryshev <vadimbaryshev@gmail.com> (https://github.com/baryshev)","Leandro Ferrari <lfthomaz@gmail.com> (https://github.com/lfthomaz)","Gregg Zigler <greggzigler@gmail.com> (https://github.com/greggzigler)","Jordan Abderrachid <jabderrachid@gmail.com> (https://github.com/jordanabderrachid)","Masakazu Matsushita <matsukaz@gmail.com> (matsukaz)","Christopher Lunt <me@kirisu.co.uk> (https://github.com/kirisu)"],"jest":{"collectCoverage":true,"collectCoverageFrom":["lib/*.js"],"coverageThreshold":{"global":{"statements":80,"branches":80,"functions":70,"lines":80}}},"files":["lib","CHANGELOG.md","LICENSE","README.md"],"_lastModified":"2023-12-06T09:25:37.073Z"}
+{"name":"cron","description":"Cron jobs for your node","version":"2.3.1","author":"Nick Campbell <nicholas.j.campbell@gmail.com> (https://github.com/ncb000gt)","bugs":{"url":"https://github.com/kelektiv/node-cron/issues"},"repository":{"type":"git","url":"https://github.com/kelektiv/node-cron.git"},"main":"lib/cron","scripts":{"lint":"eslint {lib,tests}/*.js","test":"jest --coverage","test:watch":"jest --watch --coverage"},"dependencies":{"luxon":"^3.2.1"},"devDependencies":{"chai":"~4.2.x","eslint":"~8.36.x","eslint-config-prettier":"^8.7.x","eslint-config-standard":"~17.0.x","eslint-plugin-import":"~2.27.x","eslint-plugin-jest":"~27.2.x","eslint-plugin-n":"~15.6.x","eslint-plugin-prettier":"~4.2.x","eslint-plugin-promise":"~6.1.x","jest":"~29.5.x","prettier":"~2.8.x","sinon":"^15.0.x"},"keywords":["cron","node cron","node-cron","schedule","scheduler","cronjob","cron job"],"license":"MIT","contributors":["Brandon der Blätter <https://interlucid.com/contact/> (https://github.com/intcreator)","Romain Beauxis <toots@rastageeks.org> (https://github.com/toots)","James Padolsey <> (https://github.com/jamespadolsey)","Finn Herpich <fh@three-heads.de> (https://github.com/ErrorProne)","Clifton Cunningham <clifton.cunningham@gmail.com> (https://github.com/cliftonc)","Eric Abouaf <eric.abouaf@gmail.com> (https://github.com/neyric)","humanchimp <morphcham@gmail.com> (https://github.com/humanchimp)","Craig Condon <craig@spiceapps.com> (https://github.com/spiceapps)","Dan Bear <daniel@hulu.com> (https://github.com/danhbear)","Vadim Baryshev <vadimbaryshev@gmail.com> (https://github.com/baryshev)","Leandro Ferrari <lfthomaz@gmail.com> (https://github.com/lfthomaz)","Gregg Zigler <greggzigler@gmail.com> (https://github.com/greggzigler)","Jordan Abderrachid <jabderrachid@gmail.com> (https://github.com/jordanabderrachid)","Masakazu Matsushita <matsukaz@gmail.com> (matsukaz)","Christopher Lunt <me@kirisu.co.uk> (https://github.com/kirisu)"],"jest":{"collectCoverage":true,"collectCoverageFrom":["lib/*.js"],"coverageThreshold":{"global":{"statements":80,"branches":80,"functions":70,"lines":80}}},"files":["lib","CHANGELOG.md","LICENSE","README.md"],"_lastModified":"2023-12-12T15:14:36.703Z"}

package/dist/server/plugin.d.ts

@@ -1,5 +1,7 @@
 import { InstallOptions, Plugin } from '@nocobase/server';
+import { Cache } from '@nocobase/cache';
 export declare class AuthPlugin extends Plugin {
+    cache: Cache;
     afterAdd(): void;
     beforeLoad(): Promise<void>;
     load(): Promise<void>;

package/dist/server/plugin.js

@@ -40,7 +40,9 @@ var import_basic_auth = require("./basic-auth");
 var import_locale = require("./locale");
 var import_authenticator = require("./model/authenticator");
 var import_token_blacklist = require("./token-blacklist");
+var import_storer = require("./storer");
 class AuthPlugin extends import_server.Plugin {
+  cache;
   afterAdd() {
   }
   async beforeLoad() {
@@ -59,14 +61,16 @@ class AuthPlugin extends import_server.Plugin {
         plugin: this
       }
     });
-    this.app.authManager.setStorer({
-      get: async (name) => {
-        const repo = this.db.getRepository("authenticators");
-        const authenticators = await repo.find({ filter: { enabled: true } });
-        const authenticator = authenticators.find((authenticator2) => authenticator2.name === name);
-        return authenticator || authenticators[0];
-      }
+    this.cache = await this.app.cacheManager.createCache({
+      name: "auth",
+      prefix: "auth",
+      store: "memory"
+    });
+    const storer = new import_storer.Storer({
+      db: this.db,
+      cache: this.cache
     });
+    this.app.authManager.setStorer(storer);
     if (!this.app.authManager.jwt.blacklist) {
       this.app.authManager.setTokenBlacklistService(new import_token_blacklist.TokenBlacklistService(this));
     }
@@ -90,6 +94,14 @@ class AuthPlugin extends import_server.Plugin {
       name: `pm.${this.name}.authenticators`,
       actions: ["authenticators:*"]
     });
+    this.app.db.on("users.afterSave", async (user) => {
+      const cache = this.app.cache;
+      await cache.set(`auth:${user.id}`, user.toJSON());
+    });
+    this.app.db.on("users.afterDestroy", async (user) => {
+      const cache = this.app.cache;
+      await cache.del(`auth:${user.id}`);
+    });
   }
   async install(options) {
     const repository = this.db.getRepository("authenticators");

package/dist/server/storer.d.ts

@@ -0,0 +1,16 @@
+import { Storer as IStorer } from '@nocobase/auth';
+import { Cache } from '@nocobase/cache';
+import { Database } from '@nocobase/database';
+import { AuthModel } from './model/authenticator';
+export declare class Storer implements IStorer {
+    db: Database;
+    cache: Cache;
+    key: string;
+    constructor({ db, cache }: {
+        db: Database;
+        cache: Cache;
+    });
+    getCache(): Promise<AuthModel[]>;
+    setCache(authenticators: AuthModel[]): Promise<void>;
+    get(name: string): Promise<AuthModel>;
+}

package/dist/server/storer.js

@@ -0,0 +1,69 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var storer_exports = {};
+__export(storer_exports, {
+  Storer: () => Storer
+});
+module.exports = __toCommonJS(storer_exports);
+class Storer {
+  db;
+  cache;
+  key = "authenticators";
+  constructor({ db, cache }) {
+    this.db = db;
+    this.cache = cache;
+    this.db.on("authenticators.afterSave", async (model) => {
+      if (!model.enabled) {
+        await this.cache.delValueInObject(this.key, model.name);
+        return;
+      }
+      await this.cache.setValueInObject(this.key, model.name, model);
+    });
+    this.db.on("authenticators.afterDestroy", async (model) => {
+      await this.cache.delValueInObject(this.key, model.name);
+    });
+  }
+  async getCache() {
+    const authenticators = await this.cache.get(this.key);
+    if (!authenticators) {
+      return [];
+    }
+    return Object.values(authenticators);
+  }
+  async setCache(authenticators) {
+    const obj = authenticators.reduce((obj2, authenticator) => {
+      obj2[authenticator.name] = authenticator;
+      return obj2;
+    }, {});
+    await this.cache.set(this.key, obj);
+  }
+  async get(name) {
+    let authenticators = await this.getCache();
+    if (!authenticators.length) {
+      const repo = this.db.getRepository("authenticators");
+      authenticators = await repo.find({ filter: { enabled: true } });
+      await this.setCache(authenticators);
+    }
+    const authenticator = authenticators.find((authenticator2) => authenticator2.name === name);
+    return authenticator || authenticators[0];
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  Storer
+});

package/dist/server/token-blacklist.d.ts

@@ -2,10 +2,13 @@ import { ITokenBlacklistService } from '@nocobase/auth';
 import { Repository } from '@nocobase/database';
 import { CronJob } from 'cron';
 import AuthPlugin from './plugin';
+import { BloomFilter } from '@nocobase/cache';
 export declare class TokenBlacklistService implements ITokenBlacklistService {
     protected plugin: AuthPlugin;
     repo: Repository;
     cronJob: CronJob;
+    bloomFilter: BloomFilter;
+    cacheKey: string;
     constructor(plugin: AuthPlugin);
     get app(): import("@nocobase/server").default<import("@nocobase/server").DefaultState, import("@nocobase/server").DefaultContext>;
     has(token: string): Promise<boolean>;

package/dist/server/token-blacklist.js

@@ -24,13 +24,33 @@ class TokenBlacklistService {
   constructor(plugin) {
     this.plugin = plugin;
     this.repo = plugin.db.getRepository("tokenBlacklist");
+    plugin.app.on("beforeStart", async () => {
+      try {
+        this.bloomFilter = await plugin.app.cacheManager.createBloomFilter();
+        await this.bloomFilter.reserve(this.cacheKey, 1e-3, 1e6);
+        const data = await this.repo.find({ fields: ["token"], raw: true });
+        const tokens = data.map((item) => item.token);
+        await this.bloomFilter.mAdd(this.cacheKey, tokens);
+      } catch (error) {
+        plugin.app.logger.error("token-blacklist: create bloom filter failed", error);
+        this.bloomFilter = null;
+      }
+    });
   }
   repo;
   cronJob;
+  bloomFilter;
+  cacheKey = "token-black-list";
   get app() {
     return this.plugin.app;
   }
   async has(token) {
+    if (this.bloomFilter) {
+      const exists = await this.bloomFilter.exists(this.cacheKey, token);
+      if (!exists) {
+        return false;
+      }
+    }
     return !!await this.repo.findOne({
       filter: {
         token
@@ -39,10 +59,14 @@ class TokenBlacklistService {
   }
   async add(values) {
     await this.deleteExpiredTokens();
+    const { token } = values;
+    if (this.bloomFilter) {
+      await this.bloomFilter.add(this.cacheKey, token);
+    }
     return this.repo.model.findOrCreate({
       defaults: values,
       where: {
-        token: values.token
+        token
       }
     });
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nocobase/plugin-auth",
-  "version": "0.17.0-alpha.3",
+  "version": "0.17.0-alpha.5",
   "main": "./dist/server/index.js",
   "devDependencies": {
     "@ant-design/icons": "5.x",
@@ -24,5 +24,5 @@
   "displayName.zh-CN": "用户认证",
   "description": "Basic authentication and authenticator management",
   "description.zh-CN": "提供基础认证功能和扩展认证器管理功能",
-  "gitHead": "8fb3aace819722ceb845ea63ec3009f324a897a9"
+  "gitHead": "80ae6768a0f4108afa8ac342463627ef3960663f"
 }