@rpcbase/server 0.380.0 → 0.381.0

package/src/auth/forgot_password_email.html

@@ -1,515 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <meta name="x-apple-disable-message-reformatting" />
-    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-    <meta name="color-scheme" content="light dark" />
-    <meta name="supported-color-schemes" content="light dark" />
-    <title></title>
-    <style type="text/css" rel="stylesheet" media="all">
-    /* Base ------------------------------ */
-
-    @import url("https://fonts.googleapis.com/css?family=Nunito+Sans:400,700&display=swap");
-    body {
-      width: 100% !important;
-      height: 100%;
-      margin: 0;
-      -webkit-text-size-adjust: none;
-    }
-
-    a {
-      color: #3869D4;
-    }
-
-    a img {
-      border: none;
-    }
-
-    td {
-      word-break: break-word;
-    }
-
-    .preheader {
-      display: none !important;
-      visibility: hidden;
-      mso-hide: all;
-      font-size: 1px;
-      line-height: 1px;
-      max-height: 0;
-      max-width: 0;
-      opacity: 0;
-      overflow: hidden;
-    }
-    /* Type ------------------------------ */
-
-    body,
-    td,
-    th {
-      font-family: "Nunito Sans", Helvetica, Arial, sans-serif;
-    }
-
-    h1 {
-      margin-top: 0;
-      color: #333333;
-      font-size: 22px;
-      font-weight: bold;
-      text-align: left;
-    }
-
-    h2 {
-      margin-top: 0;
-      color: #333333;
-      font-size: 16px;
-      font-weight: bold;
-      text-align: left;
-    }
-
-    h3 {
-      margin-top: 0;
-      color: #333333;
-      font-size: 14px;
-      font-weight: bold;
-      text-align: left;
-    }
-
-    td,
-    th {
-      font-size: 16px;
-    }
-
-    p,
-    ul,
-    ol,
-    blockquote {
-      margin: .4em 0 1.1875em;
-      font-size: 16px;
-      line-height: 1.625;
-    }
-
-    p.sub {
-      font-size: 13px;
-    }
-    /* Utilities ------------------------------ */
-
-    .align-right {
-      text-align: right;
-    }
-
-    .align-left {
-      text-align: left;
-    }
-
-    .align-center {
-      text-align: center;
-    }
-    /* Buttons ------------------------------ */
-
-    .button {
-      background-color: #3869D4;
-      border-top: 10px solid #3869D4;
-      border-right: 18px solid #3869D4;
-      border-bottom: 10px solid #3869D4;
-      border-left: 18px solid #3869D4;
-      display: inline-block;
-      color: #FFF;
-      text-decoration: none;
-      border-radius: 3px;
-      box-shadow: 0 2px 3px rgba(0, 0, 0, 0.16);
-      -webkit-text-size-adjust: none;
-      box-sizing: border-box;
-    }
-
-    .button--green {
-      background-color: #22BC66;
-      border-top: 10px solid #22BC66;
-      border-right: 18px solid #22BC66;
-      border-bottom: 10px solid #22BC66;
-      border-left: 18px solid #22BC66;
-    }
-
-    .button--red {
-      background-color: #FF6136;
-      border-top: 10px solid #FF6136;
-      border-right: 18px solid #FF6136;
-      border-bottom: 10px solid #FF6136;
-      border-left: 18px solid #FF6136;
-    }
-
-    @media only screen and (max-width: 500px) {
-      .button {
-        width: 100% !important;
-        text-align: center !important;
-      }
-    }
-    /* Attribute list ------------------------------ */
-
-    .attributes {
-      margin: 0 0 21px;
-    }
-
-    .attributes_content {
-      background-color: #F4F4F7;
-      padding: 16px;
-    }
-
-    .attributes_item {
-      padding: 0;
-    }
-    /* Related Items ------------------------------ */
-
-    .related {
-      width: 100%;
-      margin: 0;
-      padding: 25px 0 0 0;
-      -premailer-width: 100%;
-      -premailer-cellpadding: 0;
-      -premailer-cellspacing: 0;
-    }
-
-    .related_item {
-      padding: 10px 0;
-      color: #CBCCCF;
-      font-size: 15px;
-      line-height: 18px;
-    }
-
-    .related_item-title {
-      display: block;
-      margin: .5em 0 0;
-    }
-
-    .related_item-thumb {
-      display: block;
-      padding-bottom: 10px;
-    }
-
-    .related_heading {
-      border-top: 1px solid #CBCCCF;
-      text-align: center;
-      padding: 25px 0 10px;
-    }
-    /* Discount Code ------------------------------ */
-
-    .discount {
-      width: 100%;
-      margin: 0;
-      padding: 24px;
-      -premailer-width: 100%;
-      -premailer-cellpadding: 0;
-      -premailer-cellspacing: 0;
-      background-color: #F4F4F7;
-      border: 2px dashed #CBCCCF;
-    }
-
-    .discount_heading {
-      text-align: center;
-    }
-
-    .discount_body {
-      text-align: center;
-      font-size: 15px;
-    }
-    /* Social Icons ------------------------------ */
-
-    .social {
-      width: auto;
-    }
-
-    .social td {
-      padding: 0;
-      width: auto;
-    }
-
-    .social_icon {
-      height: 20px;
-      margin: 0 8px 10px 8px;
-      padding: 0;
-    }
-    /* Data table ------------------------------ */
-
-    .purchase {
-      width: 100%;
-      margin: 0;
-      padding: 35px 0;
-      -premailer-width: 100%;
-      -premailer-cellpadding: 0;
-      -premailer-cellspacing: 0;
-    }
-
-    .purchase_content {
-      width: 100%;
-      margin: 0;
-      padding: 25px 0 0 0;
-      -premailer-width: 100%;
-      -premailer-cellpadding: 0;
-      -premailer-cellspacing: 0;
-    }
-
-    .purchase_item {
-      padding: 10px 0;
-      color: #51545E;
-      font-size: 15px;
-      line-height: 18px;
-    }
-
-    .purchase_heading {
-      padding-bottom: 8px;
-      border-bottom: 1px solid #EAEAEC;
-    }
-
-    .purchase_heading p {
-      margin: 0;
-      color: #85878E;
-      font-size: 12px;
-    }
-
-    .purchase_footer {
-      padding-top: 15px;
-      border-top: 1px solid #EAEAEC;
-    }
-
-    .purchase_total {
-      margin: 0;
-      text-align: right;
-      font-weight: bold;
-      color: #333333;
-    }
-
-    .purchase_total--label {
-      padding: 0 15px 0 0;
-    }
-
-    body {
-      background-color: #F4F4F7;
-      color: #51545E;
-    }
-
-    p {
-      color: #51545E;
-    }
-
-    p.sub {
-      color: #6B6E76;
-    }
-
-    .email-wrapper {
-      width: 100%;
-      margin: 0;
-      padding: 0;
-      -premailer-width: 100%;
-      -premailer-cellpadding: 0;
-      -premailer-cellspacing: 0;
-      background-color: #F4F4F7;
-    }
-
-    .email-content {
-      width: 100%;
-      margin: 0;
-      padding: 0;
-      -premailer-width: 100%;
-      -premailer-cellpadding: 0;
-      -premailer-cellspacing: 0;
-    }
-    /* Masthead ----------------------- */
-
-    .email-masthead {
-      padding: 25px 0;
-      text-align: center;
-    }
-
-    .email-masthead_logo {
-      width: 94px;
-    }
-
-    .email-masthead_name {
-      font-size: 16px;
-      font-weight: bold;
-      color: #A8AAAF;
-      text-decoration: none;
-      text-shadow: 0 1px 0 white;
-    }
-    /* Body ------------------------------ */
-
-    .email-body {
-      width: 100%;
-      margin: 0;
-      padding: 0;
-      -premailer-width: 100%;
-      -premailer-cellpadding: 0;
-      -premailer-cellspacing: 0;
-      background-color: #FFFFFF;
-    }
-
-    .email-body_inner {
-      width: 570px;
-      margin: 0 auto;
-      padding: 0;
-      -premailer-width: 570px;
-      -premailer-cellpadding: 0;
-      -premailer-cellspacing: 0;
-      background-color: #FFFFFF;
-    }
-
-    .email-footer {
-      width: 570px;
-      margin: 0 auto;
-      padding: 0;
-      -premailer-width: 570px;
-      -premailer-cellpadding: 0;
-      -premailer-cellspacing: 0;
-      text-align: center;
-    }
-
-    .email-footer p {
-      color: #6B6E76;
-    }
-
-    .body-action {
-      width: 100%;
-      margin: 30px auto;
-      padding: 0;
-      -premailer-width: 100%;
-      -premailer-cellpadding: 0;
-      -premailer-cellspacing: 0;
-      text-align: center;
-    }
-
-    .body-sub {
-      margin-top: 25px;
-      padding-top: 25px;
-      border-top: 1px solid #EAEAEC;
-    }
-
-    .content-cell {
-      padding: 35px;
-    }
-    /*Media Queries ------------------------------ */
-
-    @media only screen and (max-width: 600px) {
-      .email-body_inner,
-      .email-footer {
-        width: 100% !important;
-      }
-    }
-
-    @media (prefers-color-scheme: dark) {
-      body,
-      .email-body,
-      .email-body_inner,
-      .email-content,
-      .email-wrapper,
-      .email-masthead,
-      .email-footer {
-        background-color: #333333 !important;
-        color: #FFF !important;
-      }
-      p,
-      ul,
-      ol,
-      blockquote,
-      h1,
-      h2,
-      h3,
-      span,
-      .purchase_item {
-        color: #FFF !important;
-      }
-      .attributes_content,
-      .discount {
-        background-color: #222 !important;
-      }
-      .email-masthead_name {
-        text-shadow: none !important;
-      }
-    }
-
-    :root {
-      color-scheme: light dark;
-      supported-color-schemes: light dark;
-    }
-    </style>
-    <!--[if mso]>
-    <style type="text/css">
-      .f-fallback  {
-        font-family: Arial, sans-serif;
-      }
-    </style>
-  <![endif]-->
-  </head>
-  <body>
-    <span class="preheader">Your password reset link is ready</span>
-    <table class="email-wrapper" width="100%" cellpadding="0" cellspacing="0" role="presentation">
-      <tr>
-        <td align="center">
-          <table class="email-content" width="100%" cellpadding="0" cellspacing="0" role="presentation">
-            <tr>
-              <td class="email-masthead">
-                <a href="https://example.com" class="f-fallback email-masthead_name">
-                [Product Name]
-              </a>
-              </td>
-            </tr>
-            <!-- Email Body -->
-            <tr>
-              <td class="email-body" width="100%" cellpadding="0" cellspacing="0">
-                <table class="email-body_inner" align="center" width="570" cellpadding="0" cellspacing="0" role="presentation">
-                  <!-- Body content -->
-                  <tr>
-                    <td class="content-cell">
-                      <div class="f-fallback">
-                        <h1>Your password reset link</h1>
-                        <p>The password reset link you have requested is ready. If you did not request a password reset, ignore this email.</p>
-                        <!-- Action -->
-                        <table class="body-action" align="center" width="100%" cellpadding="0" cellspacing="0" role="presentation">
-                          <tr>
-                            <td align="center">
-                              <!-- Border based button
-           https://litmus.com/blog/a-guide-to-bulletproof-buttons-in-email-design -->
-                              <table width="100%" border="0" cellspacing="0" cellpadding="0" role="presentation">
-                                <tr>
-                                  <td align="center">
-                                    <a href="<%= reset_url %>" class="f-fallback button" target="_blank">Reset My Password</a>
-                                  </td>
-                                </tr>
-                              </table>
-                            </td>
-                          </tr>
-                        </table>
-
-                        <table class="body-sub" role="presentation">
-                          <tr>
-                            <td>
-                              <p class="f-fallback sub">If you’re having trouble with the button above, copy and paste the URL below into your web browser.</p>
-                              <p class="f-fallback sub"><%= reset_url %></p>
-                            </td>
-                          </tr>
-                        </table>
-                      </div>
-                    </td>
-                  </tr>
-                </table>
-              </td>
-            </tr>
-            <tr>
-              <td>
-                <table class="email-footer" align="center" width="570" cellpadding="0" cellspacing="0" role="presentation">
-                  <tr>
-                    <td class="content-cell" align="center">
-                      <p class="f-fallback sub align-center">&copy; 2022 [Product Name]. All rights reserved.</p>
-                      <p class="f-fallback sub align-center">
-                        [Company Name, LLC]
-                        <br>1234 Street Rd.
-                        <br>Suite 1234
-                      </p>
-                    </td>
-                  </tr>
-                </table>
-              </td>
-            </tr>
-          </table>
-        </td>
-      </tr>
-    </table>
-  </body>
-</html>

package/src/auth/get_account.js

@@ -1,35 +0,0 @@
-/* @flow */
-const assert = require("assert")
-
-const mongoose = require("../../mongoose")
-const User = require("../models/User")
-
-
-const get_account = async(payload, ctx) => {
-  const {user_id} = payload
-  assert(user_id, "missing user_id")
-
-  // verify we are only requesting our own account's info
-  const session_user_id = ctx.req.session.user_id
-  assert(user_id === session_user_id, "user ids don't match")
-
-  const user = await User.findOne(
-    {_id: user_id},
-    {
-      email: 1,
-      first_name: 1,
-      last_name: 1,
-      initials: 1,
-      avatar_color: 1,
-    },
-    {ctx},
-  )
-
-  return {
-    status: "ok",
-    // when user has been deleted return null, this case shouldn't really happen though
-    user: user?.toObject() || null,
-  }
-}
-
-module.exports = get_account

package/src/auth/get_accounts.js

@@ -1,42 +0,0 @@
-/* @flow */
-const Promise = require("bluebird")
-
-const get_account = require("./get_account")
-
-
-const is_dev = process.env.NODE_ENV === "development"
-
-// TODO: RM this method when live reload works in dev mode behind the reverse proxy
-const MAX_CONCURRENCY = 256
-
-const get_accounts = async(payload, ctx) => {
-  if (!is_dev)
-    throw new Error(
-      "cannot call the get_accounts api when NODE_ENV isn't development, this api must be called through the reverse proxy",
-    )
-
-  const user_ids = [ctx.req.session.user_id, ctx.req.session.user_id, ctx.req.session.user_id]
-
-  const accounts = await Promise.map(
-    user_ids,
-    async(user_id) => {
-      if (!user_id) return null
-      const res = await get_account({user_id}, ctx)
-
-      return {
-        user: res.user,
-        tenant: {
-          name: "MOCK",
-        },
-      }
-    },
-    {concurrency: MAX_CONCURRENCY},
-  )
-
-  return {
-    status: "ok",
-    accounts: accounts.filter((account) => !!account),
-  }
-}
-
-module.exports = get_accounts

package/src/auth/index.js

@@ -1,24 +0,0 @@
-/* @flow */
-const sign_up = require("./sign_up")
-const sign_in = require("./sign_in")
-const sign_out = require("./sign_out")
-const reset_password = require("./reset_password")
-const set_new_password = require("./set_new_password")
-const check_session = require("./check_session")
-
-const get_accounts = require("./get_accounts")
-const get_account = require("./get_account")
-
-
-module.exports = (app) => {
-  app.handler("/rb-api/v1/auth/sign_in", sign_in)
-  app.handler("/rb-api/v1/auth/sign_out", sign_out)
-
-  app.handler("/rb-api/v1/auth/reset_password", reset_password)
-  app.handler("/rb-api/v1/auth/set_new_password", set_new_password)
-
-  app.handler("/rb-api/v1/auth/check_session", check_session)
-
-  app.handler("/rb-api/v1/auth/get_account", get_account)
-  app.handler("/rb-api/v1/auth/get_accounts", get_accounts)
-}

package/src/auth/reset_password.js

@@ -1,70 +0,0 @@
-/* @flow */
-const _template = require("lodash/template")
-const fs = require("fs")
-const path = require("path")
-const debug = require("debug")
-const isEmail = require("validator/lib/isEmail")
-
-const {hash_password} = require("@rpcbase/std/crypto/hash")
-const {get_random_str} = require("@rpcbase/std/crypto/get_random_str")
-
-const mailer = require("../../mailer")
-const mongoose = require("../../mongoose")
-
-const ResetPasswordToken = require("../models/ResetPasswordToken")
-const User = require("../models/User")
-
-const log = debug("rb:auth:reset_password")
-
-const {APP_DOMAIN, MAILER_FROM_EMAIL} = process.env
-
-const email_tpl = _template(require("./forgot_password_email.html"))
-
-
-const reset_password = async({email}, ctx) => {
-  if (!isEmail(email)) {
-    throw new Error("reset_password:: invalid email")
-  }
-
-  const user = await User.findOne({email}, null, {ctx})
-
-  if (!user) {
-    log("attempting to reset password for a user that was not found", email)
-    // TODO: add random delay to prevent detecting if account exists based on response time
-    return {status: "ok"}
-  }
-
-  const token = get_random_str(32)
-  const token_hash = await hash_password(token)
-
-  const reset_token = new ResetPasswordToken({
-    user_id: user._id,
-    token_hash,
-  })
-
-  await reset_token.save()
-
-  const reset_url = `https://${APP_DOMAIN}/set-new-password?uid=${user._id}&token=${token}`
-
-  log("will send reset password email to", user.email)
-
-  const res = await mailer.sendEmail({
-    From: MAILER_FROM_EMAIL,
-    To: user.email,
-    Subject: "Your password reset link",
-    HtmlBody: email_tpl({
-      reset_url,
-    }),
-  })
-
-  log("res", res)
-
-  // cleanup if email wasn't sent
-  if (res.Message !== "OK") {
-    await reset_token.delete()
-  }
-
-  return {status: "ok"}
-}
-
-module.exports = reset_password