@rpcbase/server 0.73.0 → 0.74.0

package/bin.js

@@ -6,12 +6,14 @@ require("dotenv").config({path: path.join(__dirname, "./.env")})
 const yargs = require("yargs/yargs")
 const {hideBin} = require("yargs/helpers")
 
+const pack = require("./package.json")
 const start_server_infrastructure = require("./cli/start_server_infrastructure")
 const build_server = require("./cli/build_server")
 const run_agent = require("./cli/run_agent")
 
 let is_command = false
 
+console.log("PACKVER", pack.version)
 
 const args = yargs(hideBin(process.argv))
   .command("start", "runs server/infrastructure", () => {}, (args) => {
@@ -22,7 +24,7 @@ const args = yargs(hideBin(process.argv))
     is_command = true
     run_agent()
   })
-  .command("build", "build server", () => {}, (args) => {
+  .command("build", "Build the server package", () => {}, (args) => {
     is_command = true
     build_server()
   })

package/crypto/index.js

@@ -4,10 +4,12 @@ const crypto = require("crypto")
 const ALGORITHM = "aes-256-cbc"
 const {CRYPTO_SECRET} = process.env
 
-if (!CRYPTO_SECRET || CRYPTO_SECRET === "") {
+if (!CRYPTO_SECRET || CRYPTO_SECRET.trim() === "") {
   throw new Error("CRYPTO_SECRET not found in env")
 }
 
+// TODO: move to rb:std
+
 const key = crypto.createHash("sha256")
   .update(String(CRYPTO_SECRET))
   .digest()

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rpcbase/server",
-  "version": "0.73.0",
+  "version": "0.74.0",
   "license": "SSPL-1.0",
   "main": "./index.js",
   "bin": {
@@ -11,6 +11,7 @@
   },
   "dependencies": {
     "@rpcbase/agent": "0.9.0",
+    "@rpcbase/std": "0.2.0",
     "body-parser": "1.20.0",
     "connect-redis": "6.1.3",
     "cors": "2.8.5",

package/src/auth/sign_in.js

@@ -0,0 +1,44 @@
+/* @flow */
+const {compare_hash} = require("@rpcbase/std/crypto/hash")
+
+const mongoose = require("../../mongoose")
+
+const fail = () => ({
+  errors: {form: "Invalid email or password"}
+})
+
+const sign_in = async({email, password}, ctx) => {
+  const User = mongoose.model("User")
+
+  const {req} = ctx
+
+  // find the matching user
+  // TODO: document ctx param
+  // const user = await User.findOne({email}, null, {ctx})
+  const user = await User.findOne({email}, null)
+
+  // console.log("ICII2222", email, password, user)
+
+  if (!user) {
+    return fail()
+  }
+
+  const hashed_pass = user.password_hash
+
+  // TODO: fix broken bcrypt bins in docker
+  // const is_match = await bcrypt.compare(password, hashed_pass)
+  console.warn("warning: skipping bcrypt hash check")
+  const is_match = await compare_hash(password, hashed_pass)
+
+  if (is_match) {
+    req.session.user_id = user._id.toString()
+    await req.session.save()
+    return {
+      status: "ok"
+    }
+  } else {
+    return fail()
+  }
+}
+
+module.exports = sign_in

package/src/auth/sign_up.js

@@ -0,0 +1,57 @@
+/* @flow */
+const {hash_password} = require("@rpcbase/std/crypto/hash")
+
+const mongoose = require("../../mongoose")
+
+const sign_up = async({email, password}, ctx) => {
+  const User = mongoose.model("User")
+  const Invite = mongoose.model("Invite")
+
+  const {req} = ctx
+
+  // check if the user already exists
+  const existing_user = await User.findOne({email}, null, {ctx})
+
+  if (existing_user) {
+    return {
+      status: "error",
+      message: "User already exists"
+    }
+  }
+
+  // check if we have an invite for this user
+  const invite = await Invite.findOne({email}, null, {ctx})
+  if (invite && !invite.is_ready) {
+    console.log("found an invite, but not ready", email)
+    return {
+      status: "error",
+      message: "Your invite is still pending approval. Expect an email in the next weeks to activate your account."
+    }
+  } else if (!invite) {
+    console.log("no invite for signup email:", email)
+    return {
+      status: "error",
+      message: "No valid invite was found for this email"
+    }
+  }
+
+  const hash = await hash_password(password)
+
+  const user = new User({
+    email,
+    password_hash: hash
+  })
+
+  // sign the user in
+  req.session.user_id = user._id.toString()
+
+  await req.session.save()
+  await user.save({ctx})
+
+  return {
+    status: "ok",
+    user_id: user._id
+  }
+}
+
+module.exports = sign_up

package/{client → src/client}/client_router.js

@@ -3,6 +3,8 @@ const fs = require("fs")
 const path = require("path")
 const glob = require("glob")
 
+const async_wrapper = require("../helpers/async_wrapper")
+
 const src_path = path.join(process.cwd(), "./src/")
 const build_dir = path.join(process.cwd(), "build/")
 const client_build_dir = path.join(build_dir, "./client")
@@ -10,11 +12,6 @@ const client_build_dir = path.join(build_dir, "./client")
 
 // TODO: add build time static assets compression
 
-const async_wrapper = fn => (req, res, next) => {
-  Promise.resolve(fn(req, res, next))
-    .catch(next)
-}
-
 const get_client_routes = () => {
   const client_files = glob.sync(path.join(client_build_dir, "./**/*"))
   const routes = client_files

package/{rpc → src/rpc}/rpc_router.js

@@ -4,16 +4,12 @@ const path = require("path")
 const glob = require("glob")
 const debug = require("debug")
 
+const async_wrapper = require("../helpers/async_wrapper")
+
 const src_path = path.join(process.cwd(), "./src/")
 const build_dir = path.join(process.cwd(), "build/")
 
 
-const async_wrapper = fn => (req, res, next) => {
-  Promise.resolve(fn(req, res, next))
-    .catch(next)
-}
-
-
 const rpc_router = (app) => {
   const rpc_routes = glob.sync(path.join(build_dir, "./rpc/*"))