@ozdao/prometheus-framework 0.1.7 → 0.1.9

package/dist/users.server.js

@@ -147,7 +147,14 @@ var user_model = (mongoose) => {
     username: String,
     phone: String,
     email: String,
+    apple_id: String,
     password: String,
+    status: {
+      type: String,
+      enum: ["active", "banned", "removed"],
+      default: "active",
+      required: true
+    },
     profile: {
       photo: {
         type: String,

package/dist/users.server.mjs

@@ -146,7 +146,14 @@ var user_model = (mongoose) => {
     username: String,
     phone: String,
     email: String,
+    apple_id: String,
     password: String,
+    status: {
+      type: String,
+      enum: ["active", "banned", "removed"],
+      default: "active",
+      required: true
+    },
     profile: {
       photo: {
         type: String,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ozdao/prometheus-framework",
-  "version": "0.1.7",
+  "version": "0.1.9",
   "description": "Web3 Framework focused on user experience and ease of development.",
   "author": "OZ DAO <hello@ozdao.dev>",
   "license": "GPL-3.0-or-later",
@@ -144,6 +144,7 @@
     "@googlemaps/google-maps-services-js": "^3.3.37",
     "@intlify/unplugin-vue-i18n": "^1.0.1",
     "@vuepic/vue-datepicker": "^7.0.0",
+    "jwk-to-pem": "^2.0.5",
     "libphonenumber-js": "^1.10.41",
     "mongoose": "^7.5.2",
     "multer": "^1.4.5-lts.1",

package/src/components/CardHeader/CardHeader.vue

@@ -50,12 +50,13 @@
 					>
 						{{owner.target.profile.name}}
 					</span>
+
 					<span
 						v-if="!creator.hidden && owner.target.profile.name !== creator.target.profile.name"
 						@click.stop="$router.push({
 							name: 'User Profile', 
 							params: {
-								_id: owner.target._id
+								_id: creator.target._id
 							}
 						})" 
 					>

package/src/modules/auth/components/pages/SignIn.vue

@@ -12,8 +12,8 @@
     "passwordPlaceholder": "Enter your password",
     "forgotPassword": "Forgot Password?",
     "signin": "Sign In",
+    "signin_apple": "Sign In with Apple",
     "soon": "SOON",
-    "signinMetamask": "Sign In with Apple"
   },
   "ru": {
     "title": "Приветствуем вас,",
@@ -27,8 +27,8 @@
     "passwordPlaceholder": "Введите ваш пароль",
     "forgotPassword": "Забыли пароль?",
     "signin": "Войти",
-    "soon": "СКОРО",
-    "signinMetamask": "Войти через Apple"
+    "signin_apple": "Войти через Apple",
+    "soon": "СКОРО"
   }
 }
 </i18n>
@@ -105,16 +105,29 @@
 		/>
 		<!-- Links -->
 		<div class="w-100 mn-big">
-			<router-link 	to="/auth/reset-password" class="underline d-block t-blue">{{ t('forgotPassword') }}</router-link>
+			<router-link
+				to="/auth/reset-password" 
+				class="underline d-block t-blue"
+			>
+				{{ t('forgotPassword') }}
+			</router-link>
 		</div>
 		<!-- Button -->
-		<Button :submit="onSubmit" :callback="redirectTo" class="mn-thin">{{ t('signin') }}</Button>
-
-		<button @click="appleSignIn" class="bg-black t-white w-100 button">
-			<div class=" flex-v-center flex">
-				<span class="mn-r-small">{{ t('signinMetamask') }}</span>
-			</div>
-		</button>	
+		<Button 
+			:submit="onSubmit" 
+			:callback="redirectTo" 
+			class="mn-thin"
+		>
+			{{ t('signin') }}
+		</Button>
+		
+		<Button 
+			:submit="onSubmitApple" 
+			:callback="redirectTo" 
+			class="mn-thin bg-black t-white"
+		>
+			{{ t('signin_apple') }}
+		</Button>
 	</section> 
 </template>
 
@@ -150,32 +163,6 @@ const tabAuth = ref('phone')
 const clientId = inject('APPLE_CLIENTID')
 const redirectURI = inject('APPLE_REDIRECT_URL')
 
-const appleSignIn = async () => {
-
-	window.AppleID.auth.init({
-	  clientId: clientId,
-	  scope: 'email name',
-	  redirectURI: redirectURI,
-	  usePopup: true,
-	});
-  /** Signin to appleID */
-  return window.AppleID.auth
-    .signIn()
-    .then((response) => {
-      /** This is only called in case usePopup is true */
-      if (response) {
-      	console.log(response)
-      }
-      /** resolve with the reponse */
-      return response;
-    })
-    .catch((err) => {
-      /** Log the error to help debug */
-      console.error(err);
-      return null;
-    });
-};
-
 const loadExternalScript = (src) => {
   return new Promise((resolve, reject) => {
     const script = document.createElement('script');
@@ -211,6 +198,29 @@ async function onSubmit() {
  await auth.actions.login(auth.state.user, tabAuth.value)
 }
 
+async function onSubmitApple() {
+  try {
+    window.AppleID.auth.init({
+      clientId: clientId,
+      scope: 'email name',
+      redirectURI: redirectURI,
+      usePopup: true,
+    });
+
+    let response = await window.AppleID.auth.signIn();
+
+    if (response) {
+      console.log(response);
+      await auth.actions.login(response, 'apple');
+    }
+
+  } catch (error) {
+    console.error(error);
+    throw new Error('Error during Apple authentication');
+  }
+}
+
+
 function redirectTo () {
 	router.push({ name: 'User Profile', params: { _id: auth.state.user._id }})
 }
@@ -251,5 +261,4 @@ function redirectTo () {
   border: 1px solid red;
   box-shadow: 0 0 3px 0 red;
 }
-
-</style>
+</style>

package/src/modules/auth/controllers/auth.controller.js

@@ -2,17 +2,21 @@ const jwt = require("jsonwebtoken");
 const bcrypt = require("bcryptjs");
 const ObjectId = require('mongoose').Types.ObjectId;
 const { uuid } = require('uuidv4');
-
+// Utils
+const { verifyAppleIdToken } = require('../utils/server/verifyAppleIdToken')
+// Factory
 const controllerFactory = (db) => {
+  
   const User = db.user;
   const Membership = db.membership;
   const Invite = db.invite;
   const Role = db.role;
 
   const signin = async (req, res) => {
-    const { type, email, phone } = req.body;
+    const { type, email, phone, authorization } = req.body;
 
     let query;
+    let payload = null;
     
     if (type === 'phone' && phone) {
       query = { phone };
@@ -22,18 +26,45 @@ const controllerFactory = (db) => {
       query = { email };
     }
     
+    if (type === 'apple' && authorization.id_token) {
+
+      payload = await verifyAppleIdToken(authorization.id_token);
+
+      if (payload) {
+        query = { apple_id: payload.sub };
+      } else {
+        return res.status(401).send({ errorCode: "INVALID_APPLE_ID_TOKEN" });
+      }
+    }
+
     try {
-      const user = await User.findOne(query).populate('roles').exec();
-      
-      if (!user) {
-        return res.status(404).send({ errorCode: "USER_PHONE_OR_PASSWORD_NOT_FOUND" });
+
+      let user = await User.findOne(query).populate('roles').exec();
+
+      if ((type === 'email' || type === 'phone') && req.body.password) {
+
+        const passwordIsValid = bcrypt.compareSync(req.body.password, user.password);
+
+        if (!passwordIsValid) {
+          return res.status(401).send({ errorCode: "INCORRECT_PASSWORD_ENTERED", accessToken: null });
+        }
       }
-      
-      const passwordIsValid = bcrypt.compareSync(req.body.password, user.password);
-      
-      if (!passwordIsValid) {
-        return res.status(401).send({ errorCode: "INCORRECT_PASSWORD_ENTERED", accessToken: null });
+    
+      if (type === 'apple' && !user) {
+        const { firstName, lastName } = req.body.user.name;
+
+        const newUser = new User({
+          apple_id: payload.sub, 
+          email: payload.email,
+          profile: { name: `${firstName} ${lastName}` },
+        });
+
+        await newUser.save();
+        user = newUser;
+      } else if (!user) {
+        return res.status(404).send({ errorCode: "USER_NOT_FOUND" });
       }
+      
       const memberships = await Membership.findOne({ user: user._id });
       
       const token = jwt.sign({ 

package/src/modules/auth/store/auth.js

@@ -46,21 +46,13 @@
   const actions = {
     async login (user, type) {
       try {
-
-        console.log(user.phone.number)
-        
         const response = await $axios.post('/api/auth/signin', {
-            email: user.email,
-            phone: user.phone.number,
-            password: user.password,
-            passwordRepeat: '',
+          ...user,
           type
         })
 
         setCookie('user', response.data);
 
-        console.log(response.data)
-
         Object.assign(state.user, {
           ...response.data
         });
@@ -76,7 +68,8 @@
 
         Object.assign(state.access, {
           token: null,
-          status: false
+          status: false,
+          roles: null
         });
 
         setError(error)

package/src/modules/auth/utils/server/verifyAppleIdToken.js

@@ -0,0 +1,57 @@
+const jwt = require('jsonwebtoken');
+const fetch = require('node-fetch');
+const jwkToPem = require('jwk-to-pem');
+
+async function verifyAppleIdToken(id_token) {
+    // Decode the token (without verification)
+    const decodedToken = jwt.decode(id_token, { complete: true });
+    if (!decodedToken) {
+        throw new Error('Failed to decode token.');
+    }
+
+    // Check iss claim
+    if (decodedToken.payload.iss !== 'https://appleid.apple.com') {
+        throw new Error('Invalid issuer.');
+    }
+
+    // Check aud claim - Replace YOUR_APP_CLIENT_ID with your client ID
+    if (decodedToken.payload.aud !== process.env.APPLE_CLIENTID) {
+        throw new Error('Invalid audience.');
+    }
+
+    // Ensure the token has not expired
+    const currentTimestamp = Math.floor(Date.now() / 1000);
+    if (currentTimestamp > decodedToken.payload.exp) {
+        throw new Error('Token has expired.');
+    }
+
+    // Fetch Apple's public keys
+    const applePublicKeys = await fetch('https://appleid.apple.com/auth/keys')
+        .then(response => response.json())
+        .catch(err => {
+            throw new Error('Failed to fetch Apple public keys.');
+        });
+
+    const appleKey = applePublicKeys.keys.find(key => key.kid === decodedToken.header.kid);
+    if (!appleKey) {
+        throw new Error('Invalid token key ID.');
+    }
+
+    // Convert JWK to PEM
+    const pem = jwkToPem(appleKey);
+
+    // Verify the token's signature using the PEM
+    try {
+        jwt.verify(id_token, pem, {
+            algorithms: ['RS256'],
+            issuer: 'https://appleid.apple.com'
+        });
+    } catch (err) {
+        console.log(err);
+        throw new Error('Token signature verification failed.');
+    }
+
+    return decodedToken.payload; // or return the entire payload, depending on your needs
+}
+
+module.exports = { verifyAppleIdToken };

package/src/modules/users/components/pages/Profile.vue

@@ -3,6 +3,14 @@
 		class="for-transition w-100"
 	>
 		<div 
+			v-if="users.state.current.status === 'removed'"
+			class="flex-center flex pd-medium radius-big bg-grey uppercase t-semi w-100 h-100"
+		>
+			Sorry, user has been removed.
+		</div>
+
+		<div 
+			v-else
 			_id="dash" 
 			class="pd-b-extra pd-thin w-100"
 		>
@@ -41,13 +49,19 @@
 				<h3 
 					class="mn-thin"
 				>
-					{{users.state.current.profile.name ? users.state.current.profile.name : 'Не указан' }}
+					{{users.state.current.profile.name ? users.state.current.profile.name : 'Not specified' }}
 				</h3>
 				
 				<p 
-					class="mn-small t-main t-semi"
+					class="mn-thin t-main t-semi"
 				>
-					@{{ users.state.current.username ? users.state.current.username : 'Не указан' }}
+					@{{ users.state.current.username ? users.state.current.username : 'Not specified' }}
+				</p>
+
+				<p 
+					class="mn-small p-medium"
+				>
+				 {{ users.state.current.profile.description ? users.state.current.profile.description : 'Not specified' }}
 				</p>
 				
 				<div class="mn-medium flex-center flex-nowrap flex">
@@ -75,7 +89,7 @@
 		      :isMember="users.state.current.isMember" 
 		      :targetId="users.state.current._id" 
 		      :userId="auth.state.user._id"
-		      class="w-min mn-auto" 
+		      class="w-min mn-medium	mn-r-auto mn-l-auto" 
 		      @updateMembership="handleMembershipUpdate"
 	    	/>
 
@@ -142,8 +156,8 @@
 			    <span 
 			    	class="t-red"
 			    >
-			    		Logout
-			    	</span>
+			    	Logout
+			    </span>
 			  </MenuItem>
 			</Menu>
 

package/src/modules/users/components/pages/ProfileEdit.vue

@@ -12,7 +12,7 @@
 
     <Field 
       v-model:field="user.username"     
-      label="Username"  
+      label="@"  
       placeholder="Not specified" 
       class="mn-thin w-100 bg-grey pd-medium radius-small" 
       disabled="true"
@@ -88,8 +88,6 @@
     />
     <!--  -->
     <h3 class="mn-small">Account</h3>
-    
-    <p class="mn-thin">If you want to change your account details please contact the administratior: admin@thecommunephuket.com</p>
       
     <Field 
       v-model:field="user.phone"     
@@ -104,12 +102,14 @@
       v-model:field="user.email"     
       label="Email"  
       placeholder="Not specified" 
-      class="mn-thin  bg-grey pd-medium radius-small" 
+      class="mn-semi  bg-grey pd-medium radius-small" 
       :disabled="true"
       :validation="organizationName" 
     />
 
-		<Button :submit="onSubmit" :callback="redirectTo" class="mn-thin">Сохранить</Button>
+    <Button :submit="onSubmit" :callback="redirectTo" class="mn-thin">Save</Button>
+
+		<Button :submit="onSubmitDelete" :callback="a = () => {router.push({name: 'Sign In'})}" class="mn-thin bg-red t-white">Delete Account</Button>
 	</div>
 </template>
 
@@ -141,7 +141,17 @@
   async function onSubmit() {
     await users.actions.update(users.state.current)
   }
+  async function onSubmitDelete() {
+    const confirmation = window.confirm("Are you sure you want to delete your account? Restoration will be possible only with the help of an administrator.");
+    
+    if (!confirmation) {
+        return;
+    }
 
+    users.state.current.status = 'removed'
+    await users.actions.update(users.state.current)
+    auth.actions.logout()
+  }
   function redirectTo () {
     router.replace({ name: 'User Profile', params: { _id: users.state.current._id }});
   }

package/src/modules/users/models/user.model.js

@@ -5,8 +5,16 @@ module.exports = (mongoose) => {
     
     phone: String,
     email: String,
+    apple_id: String,
     password: String,
-  
+
+    status: {
+      type: String,
+      enum: ['active','banned','removed'], 
+      default: 'active',
+      required: true,
+    },
+    
     profile: {
       photo: {
           type: String,

package/src/modules/users/store/users.js

@@ -13,6 +13,8 @@ const state =  reactive({
     email: "",
     phone: "",
 
+    status: "",
+
     profile: {
       name: "",
       photo: "",
@@ -71,7 +73,6 @@ const actions = {
   },
 
   async update(user) {
-    console.log(user)
     try {
       const response = await $axios.put(`/api/users/${user._id}`, user);
       mutations.set(response.data, 'current');