@opensaas/stack-auth 0.1.0 → 0.1.1

package/tests/lists.test.ts

@@ -0,0 +1,356 @@
+import { describe, it, expect } from 'vitest'
+import {
+  createUserList,
+  createSessionList,
+  createAccountList,
+  createVerificationList,
+  getAuthLists,
+} from '../src/lists/index.js'
+import { text } from '@opensaas/stack-core/fields'
+
+describe('createUserList', () => {
+  it('should create User list with required fields', () => {
+    const userList = createUserList()
+
+    expect(userList.fields).toHaveProperty('name')
+    expect(userList.fields).toHaveProperty('email')
+    expect(userList.fields).toHaveProperty('emailVerified')
+    expect(userList.fields).toHaveProperty('image')
+    expect(userList.fields).toHaveProperty('sessions')
+    expect(userList.fields).toHaveProperty('accounts')
+  })
+
+  it('should have email field marked as unique', () => {
+    const userList = createUserList()
+
+    expect(userList.fields.email.isIndexed).toBe('unique')
+  })
+
+  it('should have name field marked as required', () => {
+    const userList = createUserList()
+
+    expect(userList.fields.name.validation?.isRequired).toBe(true)
+  })
+
+  it('should have email field marked as required', () => {
+    const userList = createUserList()
+
+    expect(userList.fields.email.validation?.isRequired).toBe(true)
+  })
+
+  it('should have emailVerified field with default false', () => {
+    const userList = createUserList()
+
+    expect(userList.fields.emailVerified.defaultValue).toBe(false)
+  })
+
+  it('should extend User list with custom fields', () => {
+    const userList = createUserList({
+      fields: {
+        role: text(),
+        company: text(),
+      },
+    })
+
+    expect(userList.fields).toHaveProperty('role')
+    expect(userList.fields).toHaveProperty('company')
+    // Should also have base fields
+    expect(userList.fields).toHaveProperty('email')
+  })
+
+  it('should have default access control', () => {
+    const userList = createUserList()
+
+    expect(userList.access).toBeDefined()
+    expect(userList.access?.operation).toBeDefined()
+    expect(userList.access?.operation?.query).toBeDefined()
+    expect(userList.access?.operation?.create).toBeDefined()
+    expect(userList.access?.operation?.update).toBeDefined()
+    expect(userList.access?.operation?.delete).toBeDefined()
+  })
+
+  it('should allow querying users', () => {
+    const userList = createUserList()
+    const queryAccess = userList.access?.operation?.query
+
+    expect(typeof queryAccess).toBe('function')
+    expect(queryAccess?.({})).toBe(true)
+  })
+
+  it('should allow creating users', () => {
+    const userList = createUserList()
+    const createAccess = userList.access?.operation?.create
+
+    expect(typeof createAccess).toBe('function')
+    expect(createAccess?.({})).toBe(true)
+  })
+
+  it('should allow users to update their own record', () => {
+    const userList = createUserList()
+    const updateAccess = userList.access?.operation?.update
+
+    expect(typeof updateAccess).toBe('function')
+    expect(
+      updateAccess?.({
+        session: { userId: 'user-1' },
+        item: { id: 'user-1' },
+      }),
+    ).toBe(true)
+  })
+
+  it('should deny users from updating other users', () => {
+    const userList = createUserList()
+    const updateAccess = userList.access?.operation?.update
+
+    expect(
+      updateAccess?.({
+        session: { userId: 'user-1' },
+        item: { id: 'user-2' },
+      }),
+    ).toBe(false)
+  })
+
+  it('should allow custom access control', () => {
+    const customAccess = {
+      operation: {
+        query: () => false,
+        create: () => false,
+        update: () => false,
+        delete: () => false,
+      },
+    }
+
+    const userList = createUserList({
+      access: customAccess,
+    })
+
+    expect(userList.access).toEqual(customAccess)
+  })
+
+  it('should support custom hooks', () => {
+    const customHooks = {
+      resolveInput: async ({ resolvedData }: { resolvedData: unknown }) => resolvedData,
+    }
+
+    const userList = createUserList({
+      hooks: customHooks,
+    })
+
+    expect(userList.hooks).toEqual(customHooks)
+  })
+})
+
+describe('createSessionList', () => {
+  it('should create Session list with required fields', () => {
+    const sessionList = createSessionList()
+
+    expect(sessionList.fields).toHaveProperty('token')
+    expect(sessionList.fields).toHaveProperty('expiresAt')
+    expect(sessionList.fields).toHaveProperty('ipAddress')
+    expect(sessionList.fields).toHaveProperty('userAgent')
+    expect(sessionList.fields).toHaveProperty('user')
+  })
+
+  it('should have token field marked as unique', () => {
+    const sessionList = createSessionList()
+
+    expect(sessionList.fields.token.isIndexed).toBe('unique')
+  })
+
+  it('should have token field marked as required', () => {
+    const sessionList = createSessionList()
+
+    expect(sessionList.fields.token.validation?.isRequired).toBe(true)
+  })
+
+  it('should have user relationship', () => {
+    const sessionList = createSessionList()
+
+    expect(sessionList.fields.user.type).toBe('relationship')
+    expect(sessionList.fields.user.ref).toBe('User.sessions')
+  })
+
+  it('should have restrictive access control', () => {
+    const sessionList = createSessionList()
+
+    expect(sessionList.access).toBeDefined()
+    expect(sessionList.access?.operation).toBeDefined()
+  })
+
+  it('should deny querying sessions without session', () => {
+    const sessionList = createSessionList()
+    const queryAccess = sessionList.access?.operation?.query
+
+    expect(queryAccess?.({})).toBe(false)
+    expect(queryAccess?.({ session: null })).toBe(false)
+  })
+
+  it('should allow querying own sessions with filter', () => {
+    const sessionList = createSessionList()
+    const queryAccess = sessionList.access?.operation?.query
+
+    const result = queryAccess?.({ session: { userId: 'user-1' } })
+    expect(result).toEqual({
+      user: { id: { equals: 'user-1' } },
+    })
+  })
+
+  it('should allow creating sessions', () => {
+    const sessionList = createSessionList()
+    const createAccess = sessionList.access?.operation?.create
+
+    expect(createAccess?.({})).toBe(true)
+  })
+
+  it('should deny manual session updates', () => {
+    const sessionList = createSessionList()
+    const updateAccess = sessionList.access?.operation?.update
+
+    expect(updateAccess?.({})).toBe(false)
+  })
+})
+
+describe('createAccountList', () => {
+  it('should create Account list with required fields', () => {
+    const accountList = createAccountList()
+
+    expect(accountList.fields).toHaveProperty('accountId')
+    expect(accountList.fields).toHaveProperty('providerId')
+    expect(accountList.fields).toHaveProperty('user')
+    expect(accountList.fields).toHaveProperty('accessToken')
+    expect(accountList.fields).toHaveProperty('refreshToken')
+    expect(accountList.fields).toHaveProperty('password')
+  })
+
+  it('should have accountId field marked as required', () => {
+    const accountList = createAccountList()
+
+    expect(accountList.fields.accountId.validation?.isRequired).toBe(true)
+  })
+
+  it('should have providerId field marked as required', () => {
+    const accountList = createAccountList()
+
+    expect(accountList.fields.providerId.validation?.isRequired).toBe(true)
+  })
+
+  it('should have user relationship', () => {
+    const accountList = createAccountList()
+
+    expect(accountList.fields.user.type).toBe('relationship')
+    expect(accountList.fields.user.ref).toBe('User.accounts')
+  })
+
+  it('should deny querying accounts without session', () => {
+    const accountList = createAccountList()
+    const queryAccess = accountList.access?.operation?.query
+
+    expect(queryAccess?.({})).toBe(false)
+    expect(queryAccess?.({ session: null })).toBe(false)
+  })
+
+  it('should allow querying own accounts with filter', () => {
+    const accountList = createAccountList()
+    const queryAccess = accountList.access?.operation?.query
+
+    const result = queryAccess?.({ session: { userId: 'user-1' } })
+    expect(result).toEqual({
+      user: { id: { equals: 'user-1' } },
+    })
+  })
+
+  it('should allow users to update their own accounts', () => {
+    const accountList = createAccountList()
+    const updateAccess = accountList.access?.operation?.update
+
+    expect(
+      updateAccess?.({
+        session: { userId: 'user-1' },
+        item: { user: { id: 'user-1' } },
+      }),
+    ).toBe(true)
+  })
+
+  it('should deny users from updating other accounts', () => {
+    const accountList = createAccountList()
+    const updateAccess = accountList.access?.operation?.update
+
+    expect(
+      updateAccess?.({
+        session: { userId: 'user-1' },
+        item: { user: { id: 'user-2' } },
+      }),
+    ).toBe(false)
+  })
+})
+
+describe('createVerificationList', () => {
+  it('should create Verification list with required fields', () => {
+    const verificationList = createVerificationList()
+
+    expect(verificationList.fields).toHaveProperty('identifier')
+    expect(verificationList.fields).toHaveProperty('value')
+    expect(verificationList.fields).toHaveProperty('expiresAt')
+  })
+
+  it('should have identifier field marked as required', () => {
+    const verificationList = createVerificationList()
+
+    expect(verificationList.fields.identifier.validation?.isRequired).toBe(true)
+  })
+
+  it('should have value field marked as required', () => {
+    const verificationList = createVerificationList()
+
+    expect(verificationList.fields.value.validation?.isRequired).toBe(true)
+  })
+
+  it('should deny querying verification tokens', () => {
+    const verificationList = createVerificationList()
+    const queryAccess = verificationList.access?.operation?.query
+
+    expect(queryAccess?.({})).toBe(false)
+  })
+
+  it('should allow creating verification tokens', () => {
+    const verificationList = createVerificationList()
+    const createAccess = verificationList.access?.operation?.create
+
+    expect(createAccess?.({})).toBe(true)
+  })
+
+  it('should deny updates to verification tokens', () => {
+    const verificationList = createVerificationList()
+    const updateAccess = verificationList.access?.operation?.update
+
+    expect(updateAccess?.({})).toBe(false)
+  })
+
+  it('should allow deleting verification tokens', () => {
+    const verificationList = createVerificationList()
+    const deleteAccess = verificationList.access?.operation?.delete
+
+    expect(deleteAccess?.({})).toBe(true)
+  })
+})
+
+describe('getAuthLists', () => {
+  it('should return all auth lists', () => {
+    const lists = getAuthLists()
+
+    expect(lists).toHaveProperty('User')
+    expect(lists).toHaveProperty('Session')
+    expect(lists).toHaveProperty('Account')
+    expect(lists).toHaveProperty('Verification')
+  })
+
+  it('should pass user config to createUserList', () => {
+    const lists = getAuthLists({
+      fields: {
+        role: text(),
+      },
+    })
+
+    expect(lists.User.fields).toHaveProperty('role')
+  })
+})

package/tests/schema-converter.test.ts

@@ -0,0 +1,304 @@
+import { describe, it, expect } from 'vitest'
+import { convertTableToList, convertBetterAuthSchema } from '../src/server/schema-converter.js'
+
+describe('convertTableToList', () => {
+  it('should convert string fields', () => {
+    const tableSchema = {
+      modelName: 'TestTable',
+      fields: {
+        name: { type: 'string', required: true },
+        bio: { type: 'string' },
+      },
+    }
+
+    const listConfig = convertTableToList('test_table', tableSchema)
+
+    expect(listConfig.fields).toHaveProperty('name')
+    expect(listConfig.fields).toHaveProperty('bio')
+    expect(listConfig.fields.name.type).toBe('text')
+    expect(listConfig.fields.name.validation?.isRequired).toBe(true)
+    expect(listConfig.fields.bio.validation?.isRequired).toBeUndefined()
+  })
+
+  it('should convert number fields', () => {
+    const tableSchema = {
+      modelName: 'TestTable',
+      fields: {
+        age: { type: 'number', required: true },
+        score: { type: 'number', defaultValue: 0 },
+      },
+    }
+
+    const listConfig = convertTableToList('test_table', tableSchema)
+
+    expect(listConfig.fields.age.type).toBe('integer')
+    expect(listConfig.fields.age.validation?.isRequired).toBe(true)
+    expect(listConfig.fields.score.defaultValue).toBe(0)
+  })
+
+  it('should convert boolean fields', () => {
+    const tableSchema = {
+      modelName: 'TestTable',
+      fields: {
+        active: { type: 'boolean', defaultValue: true },
+        verified: { type: 'boolean' },
+      },
+    }
+
+    const listConfig = convertTableToList('test_table', tableSchema)
+
+    expect(listConfig.fields.active.type).toBe('checkbox')
+    expect(listConfig.fields.active.defaultValue).toBe(true)
+    expect(listConfig.fields.verified.type).toBe('checkbox')
+  })
+
+  it('should convert date fields', () => {
+    const tableSchema = {
+      modelName: 'TestTable',
+      fields: {
+        expiresAt: { type: 'date' },
+        createdOn: { type: 'date', defaultValue: 'now' },
+      },
+    }
+
+    const listConfig = convertTableToList('test_table', tableSchema)
+
+    expect(listConfig.fields.expiresAt.type).toBe('timestamp')
+    expect(listConfig.fields.createdOn.type).toBe('timestamp')
+    expect(listConfig.fields.createdOn.defaultValue).toEqual({ kind: 'now' })
+  })
+
+  it('should handle unique fields', () => {
+    const tableSchema = {
+      modelName: 'TestTable',
+      fields: {
+        email: { type: 'string', unique: true },
+      },
+    }
+
+    const listConfig = convertTableToList('test_table', tableSchema)
+
+    expect(listConfig.fields.email.isIndexed).toBe('unique')
+  })
+
+  it('should skip system fields', () => {
+    const tableSchema = {
+      modelName: 'TestTable',
+      fields: {
+        id: { type: 'string', required: true },
+        name: { type: 'string' },
+        createdAt: { type: 'date' },
+        updatedAt: { type: 'date' },
+      },
+    }
+
+    const listConfig = convertTableToList('test_table', tableSchema)
+
+    // System fields should be skipped
+    expect(listConfig.fields).not.toHaveProperty('id')
+    expect(listConfig.fields).not.toHaveProperty('createdAt')
+    expect(listConfig.fields).not.toHaveProperty('updatedAt')
+    // Regular fields should be included
+    expect(listConfig.fields).toHaveProperty('name')
+  })
+
+  it('should handle reference fields as text', () => {
+    const tableSchema = {
+      modelName: 'TestTable',
+      fields: {
+        userId: {
+          type: 'string',
+          required: true,
+          references: {
+            model: 'User',
+            field: 'id',
+          },
+        },
+      },
+    }
+
+    const listConfig = convertTableToList('test_table', tableSchema)
+
+    expect(listConfig.fields).toHaveProperty('userId')
+    expect(listConfig.fields.userId.type).toBe('text')
+    expect(listConfig.fields.userId.validation?.isRequired).toBe(true)
+  })
+
+  it('should handle unknown field types', () => {
+    const tableSchema = {
+      modelName: 'TestTable',
+      fields: {
+        customField: { type: 'unknown-type' },
+      },
+    }
+
+    const listConfig = convertTableToList('test_table', tableSchema)
+
+    // Should default to text
+    expect(listConfig.fields.customField.type).toBe('text')
+  })
+
+  it('should apply default access control for User table', () => {
+    const tableSchema = {
+      modelName: 'User',
+      fields: {
+        name: { type: 'string' },
+      },
+    }
+
+    const listConfig = convertTableToList('user', tableSchema)
+
+    expect(listConfig.access).toBeDefined()
+    expect(listConfig.access?.operation?.query?.({})).toBe(true)
+    expect(listConfig.access?.operation?.create?.({})).toBe(true)
+  })
+
+  it('should apply default access control for Session table', () => {
+    const tableSchema = {
+      modelName: 'Session',
+      fields: {
+        token: { type: 'string' },
+      },
+    }
+
+    const listConfig = convertTableToList('session', tableSchema)
+
+    expect(listConfig.access?.operation?.query?.({ session: null })).toBe(false)
+    expect(listConfig.access?.operation?.create?.({})).toBe(true)
+    expect(listConfig.access?.operation?.update?.({})).toBe(false)
+  })
+
+  it('should apply default access control for Verification table', () => {
+    const tableSchema = {
+      modelName: 'Verification',
+      fields: {
+        value: { type: 'string' },
+      },
+    }
+
+    const listConfig = convertTableToList('verification', tableSchema)
+
+    expect(listConfig.access?.operation?.query?.({})).toBe(false)
+    expect(listConfig.access?.operation?.create?.({})).toBe(true)
+    expect(listConfig.access?.operation?.update?.({})).toBe(false)
+    expect(listConfig.access?.operation?.delete?.({})).toBe(true)
+  })
+
+  it('should apply restrictive default access for unknown tables', () => {
+    const tableSchema = {
+      modelName: 'UnknownTable',
+      fields: {
+        data: { type: 'string' },
+      },
+    }
+
+    const listConfig = convertTableToList('unknown_table', tableSchema)
+
+    expect(listConfig.access?.operation?.query?.({})).toBe(false)
+    expect(listConfig.access?.operation?.create?.({})).toBe(false)
+    expect(listConfig.access?.operation?.update?.({})).toBe(false)
+    expect(listConfig.access?.operation?.delete?.({})).toBe(false)
+  })
+
+  it('should handle OAuth application table', () => {
+    const tableSchema = {
+      modelName: 'OAuthApplication',
+      fields: {
+        clientId: { type: 'string', required: true },
+        userId: { type: 'string', required: true },
+      },
+    }
+
+    const listConfig = convertTableToList('oauthapplication', tableSchema)
+
+    expect(listConfig.access?.operation?.query?.({ session: null })).toBe(false)
+    expect(listConfig.access?.operation?.create?.({})).toBe(true)
+  })
+})
+
+describe('convertBetterAuthSchema', () => {
+  it('should convert multiple tables', () => {
+    const schema = {
+      user: {
+        modelName: 'User',
+        fields: {
+          name: { type: 'string' },
+        },
+      },
+      session: {
+        modelName: 'Session',
+        fields: {
+          token: { type: 'string' },
+        },
+      },
+    }
+
+    const lists = convertBetterAuthSchema(schema)
+
+    expect(lists).toHaveProperty('User')
+    expect(lists).toHaveProperty('Session')
+  })
+
+  it('should use modelName for list key', () => {
+    const schema = {
+      custom_table: {
+        modelName: 'CustomTable',
+        fields: {
+          data: { type: 'string' },
+        },
+      },
+    }
+
+    const lists = convertBetterAuthSchema(schema)
+
+    expect(lists).toHaveProperty('CustomTable')
+    expect(lists).not.toHaveProperty('custom_table')
+  })
+
+  it('should convert snake_case to PascalCase if no modelName', () => {
+    const schema = {
+      oauth_application: {
+        modelName: '',
+        fields: {
+          data: { type: 'string' },
+        },
+      },
+    }
+
+    const lists = convertBetterAuthSchema(schema)
+
+    expect(lists).toHaveProperty('OauthApplication')
+  })
+
+  it('should handle empty schema', () => {
+    const lists = convertBetterAuthSchema({})
+
+    expect(lists).toEqual({})
+  })
+
+  it('should convert complex schema with multiple field types', () => {
+    const schema = {
+      test_table: {
+        modelName: 'TestTable',
+        fields: {
+          name: { type: 'string', required: true },
+          age: { type: 'number', defaultValue: 0 },
+          active: { type: 'boolean', defaultValue: true },
+          expiresAt: { type: 'date', defaultValue: 'now' },
+          userId: {
+            type: 'string',
+            references: { model: 'User', field: 'id' },
+          },
+        },
+      },
+    }
+
+    const lists = convertBetterAuthSchema(schema)
+
+    expect(lists.TestTable.fields).toHaveProperty('name')
+    expect(lists.TestTable.fields).toHaveProperty('age')
+    expect(lists.TestTable.fields).toHaveProperty('active')
+    expect(lists.TestTable.fields).toHaveProperty('expiresAt')
+    expect(lists.TestTable.fields).toHaveProperty('userId')
+  })
+})

package/tsconfig.test.json

@@ -0,0 +1,7 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "types": ["vitest/globals", "node"]
+  },
+  "include": ["src/**/*", "tests/**/*"]
+}