@ozdao/prometheus-framework 0.2.137 → 0.2.139

package/dist/index-Tcyehi73.mjs

@@ -0,0 +1,260 @@
+import require$$0 from "jsonwebtoken";
+import require$$0$1 from "crypto";
+import require$$0$2 from "mongodb";
+var authJwt;
+var hasRequiredAuthJwt;
+function requireAuthJwt() {
+  if (hasRequiredAuthJwt) return authJwt;
+  hasRequiredAuthJwt = 1;
+  const jwt = require$$0;
+  const middlewareFactory = (db) => {
+    const User = db.user;
+    const Role = db.role;
+    const verifyToken = (continueOnFail = false) => {
+      return async (req, res, next) => {
+        try {
+          if (!req.cookies.user) {
+            req.userId = null;
+            if (continueOnFail) {
+              return next();
+            } else {
+              return res.status(401).send({ message: "Unauthorized: No user cookie" });
+            }
+          }
+          let user = JSON.parse(req.cookies.user);
+          let token = req.headers["x-access-token"] || user.accessToken;
+          if (!token) {
+            req.userId = null;
+            if (continueOnFail) {
+              return next();
+            } else {
+              return res.status(401).send({ message: "Unauthorized: No token provided" });
+            }
+          }
+          const decoded = jwt.verify(token, process.env.SECRET_KEY);
+          req.userId = decoded._id;
+          next();
+        } catch (err) {
+          console.log(err);
+          req.userId = null;
+          if (continueOnFail) {
+            next();
+          } else {
+            res.status(401).send({ message: "Unauthorized: Invalid token" });
+          }
+        }
+      };
+    };
+    const checkRole = (roleToCheck) => async (req, res, next) => {
+      try {
+        const user = await User.findById(req.userId).exec();
+        if (!user) {
+          return res.status(404).send({ message: "User Not found." });
+        }
+        const roles = await Role.find({ _id: { $in: user.roles } }).exec();
+        for (let role of roles) {
+          if (role.name === roleToCheck) {
+            next();
+            return;
+          }
+        }
+        res.status(403).send({ message: `Require ${roleToCheck} Role!` });
+      } catch (err) {
+        res.status(500).send({ message: err.message });
+      }
+    };
+    const isAdmin = checkRole("admin");
+    const isModerator = checkRole("moderator");
+    return {
+      verifyToken,
+      isAdmin,
+      isModerator
+    };
+  };
+  authJwt = middlewareFactory;
+  return authJwt;
+}
+var authSecret;
+var hasRequiredAuthSecret;
+function requireAuthSecret() {
+  if (hasRequiredAuthSecret) return authSecret;
+  hasRequiredAuthSecret = 1;
+  const crypto = require$$0$1;
+  const middlewareFactory = () => {
+    const verifySecret = (method, endpoint, secret) => async (req, res, next) => {
+      const requestSignature = req.headers.signature;
+      const signature = crypto.createHmac("sha256", secret).update(method + endpoint).digest("hex");
+      if (signature === requestSignature) {
+        return next();
+      }
+      res.status(403).send("Forbidden");
+    };
+    return { verifySecret };
+  };
+  authSecret = middlewareFactory;
+  return authSecret;
+}
+var verifySignUp;
+var hasRequiredVerifySignUp;
+function requireVerifySignUp() {
+  if (hasRequiredVerifySignUp) return verifySignUp;
+  hasRequiredVerifySignUp = 1;
+  const middlewareFactory = (db) => {
+    const User = db.user;
+    db.role;
+    const checkDuplicateUsernameOrEmail = async (req, res, next) => {
+      const { type, email, phone } = req.body;
+      console.log(req.body);
+      let query;
+      if (type === "phone" && phone) {
+        query = { phone };
+      }
+      if (type === "email" && email) {
+        query = { email };
+      }
+      try {
+        const user = await User.findOne(query).exec();
+        if (user) {
+          console.log(`USER_ALREADY_REGISTERED`);
+          res.status(400).send({ errorCode: "USER_ALREADY_REGISTERED" });
+          return;
+        }
+        next();
+      } catch (err) {
+        console.log(err);
+        res.status(500).send({ message: err.message });
+      }
+    };
+    const checkRolesExisted = (req, res, next) => {
+      if (req.body.roles) {
+        for (let i = 0; i < req.body.roles.length; i++) {
+          if (!ROLES.includes(req.body.roles[i])) {
+            console.log(`Failed! Role ${req.body.roles[i]} does not exist!`);
+            res.status(400).send({
+              message: `Failed! Role ${req.body.roles[i]} does not exist!`
+            });
+            return;
+          }
+        }
+      }
+      next();
+    };
+    return {
+      checkDuplicateUsernameOrEmail,
+      checkRolesExisted
+    };
+  };
+  verifySignUp = middlewareFactory;
+  return verifySignUp;
+}
+var verifyUser;
+var hasRequiredVerifyUser;
+function requireVerifyUser() {
+  if (hasRequiredVerifyUser) return verifyUser;
+  hasRequiredVerifyUser = 1;
+  const middlewareFactory = (db) => {
+    const User = db.user;
+    db.role;
+    const checkUserExist = async (req, res, next) => {
+      const { type, email, phone } = req.body;
+      let query;
+      if (type === "phone" && phone) {
+        query = { phone };
+      }
+      if (type === "email" && email) {
+        query = { email };
+      }
+      try {
+        const user = await User.findOne(query).exec();
+        if (!user) {
+          console.log(query);
+          res.status(400).send({ errorCode: "USER_NOT_REGISTERED_YET" });
+          return;
+        }
+        next();
+      } catch (err) {
+        res.status(500).send({ message: err.message });
+      }
+    };
+    return {
+      checkUserExist
+    };
+  };
+  verifyUser = middlewareFactory;
+  return verifyUser;
+}
+var verifyInvites;
+var hasRequiredVerifyInvites;
+function requireVerifyInvites() {
+  if (hasRequiredVerifyInvites) return verifyInvites;
+  hasRequiredVerifyInvites = 1;
+  const { ObjectId } = require$$0$2;
+  const middlewareFactory = (db) => {
+    const User = db.user;
+    const Invite = db.invite;
+    const Membership = db.membership;
+    const checkInviteExist = async (req, res, next) => {
+      for (let invite of req.body.invites) {
+        let query;
+        if (invite.contact.includes("@")) {
+          query = { invitedEmail: invite.contact };
+        } else {
+          query = { invitedPhone: invite.contact };
+        }
+        query["owner.target"] = req.body.owner.target;
+        const userInvite = await Invite.findOne(query).exec();
+        if (userInvite) {
+          console.log(userInvite);
+          res.status(400).send({ message: "Инвайт c таким email или телефоном уже создан!" });
+          return;
+        }
+      }
+      next();
+    };
+    const checkUsersExist = async (req, res, next) => {
+      for (let invite of req.body.invites) {
+        let query;
+        if (invite.contact.includes("@")) {
+          query = { email: invite.contact };
+        } else {
+          query = { phone: invite.contact };
+        }
+        const user = await User.findOne(query).exec();
+        console.log(req.params);
+        if (user) {
+          const membership = await Membership.findOne({ user: new ObjectId(user._id), "owner.target": req.body.owner.target }).exec();
+          if (membership) {
+            console.log(membership);
+            res.status(400).send({ message: "Пользователь с таким email или телефоном уже добавлен в организацию!" });
+            return;
+          }
+        }
+      }
+      next();
+    };
+    return {
+      checkInviteExist,
+      checkUsersExist
+    };
+  };
+  verifyInvites = middlewareFactory;
+  return verifyInvites;
+}
+const middlewareIndexFactory = (db) => {
+  const authJwt2 = requireAuthJwt()(db);
+  const authSecret2 = requireAuthSecret()();
+  const verifySignUp2 = requireVerifySignUp()(db);
+  const verifyUser2 = requireVerifyUser()(db);
+  const verifyInvites2 = requireVerifyInvites()(db);
+  return {
+    authJwt: authJwt2,
+    authSecret: authSecret2,
+    verifySignUp: verifySignUp2,
+    verifyUser: verifyUser2,
+    verifyInvites: verifyInvites2
+  };
+};
+var middlewares = middlewareIndexFactory;
+export {
+  middlewares as m
+};