@ruiapp/rapid-core 0.5.7 → 0.5.8

package/dist/index.d.ts

@@ -6,6 +6,7 @@ export * from "./core/server";
 export * from "./core/http-types";
 export * from "./core/actionHandler";
 export * from "./utilities/jwtUtility";
+export * from "./deno-std/http/cookie";
 export { mapDbRowToEntity } from "./dataAccess/entityMapper";
 export * as bootstrapApplicationConfig from "./bootstrapApplicationConfig";
 export { default as MetaManagePlugin } from "./plugins/metaManage/MetaManagePlugin";

package/dist/index.js

@@ -1402,6 +1402,130 @@ function setCookie(headers, cookie) {
     if (v) {
         headers.append("Set-Cookie", v);
     }
+}
+/**
+ * Set the cookie header with empty value in the headers to delete it
+ *
+ * > Note: Deleting a `Cookie` will set its expiration date before now. Forcing
+ * > the browser to delete it.
+ *
+ * @example
+ * ```ts
+ * import { deleteCookie } from "https://deno.land/std@$STD_VERSION/http/cookie.ts";
+ *
+ * const headers = new Headers();
+ * deleteCookie(headers, "deno");
+ *
+ * const cookieHeader = headers.get("set-cookie");
+ * console.log(cookieHeader); // deno=; Expires=Thus, 01 Jan 1970 00:00:00 GMT
+ * ```
+ *
+ * @param headers The headers instance to delete the cookie from
+ * @param name Name of cookie
+ * @param attributes Additional cookie attributes
+ */
+function deleteCookie(headers, name, attributes) {
+    setCookie(headers, {
+        name: name,
+        value: "",
+        expires: new Date(0),
+        ...attributes,
+    });
+}
+function parseSetCookie(value) {
+    const attrs = value.split(";").map((attr) => {
+        const [key, ...values] = attr.trim().split("=");
+        return [key, values.join("=")];
+    });
+    const cookie = {
+        name: attrs[0][0],
+        value: attrs[0][1],
+    };
+    for (const [key, value] of attrs.slice(1)) {
+        switch (key.toLocaleLowerCase()) {
+            case "expires":
+                cookie.expires = new Date(value);
+                break;
+            case "max-age":
+                cookie.maxAge = Number(value);
+                if (cookie.maxAge < 0) {
+                    console.warn("Max-Age must be an integer superior or equal to 0. Cookie ignored.");
+                    return null;
+                }
+                break;
+            case "domain":
+                cookie.domain = value;
+                break;
+            case "path":
+                cookie.path = value;
+                break;
+            case "secure":
+                cookie.secure = true;
+                break;
+            case "httponly":
+                cookie.httpOnly = true;
+                break;
+            case "samesite":
+                cookie.sameSite = value;
+                break;
+            default:
+                if (!Array.isArray(cookie.unparsed)) {
+                    cookie.unparsed = [];
+                }
+                cookie.unparsed.push([key, value].join("="));
+        }
+    }
+    if (cookie.name.startsWith("__Secure-")) {
+        /** This requirement is mentioned in https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie but not the RFC. */
+        if (!cookie.secure) {
+            console.warn("Cookies with names starting with `__Secure-` must be set with the secure flag. Cookie ignored.");
+            return null;
+        }
+    }
+    if (cookie.name.startsWith("__Host-")) {
+        if (!cookie.secure) {
+            console.warn("Cookies with names starting with `__Host-` must be set with the secure flag. Cookie ignored.");
+            return null;
+        }
+        if (cookie.domain !== undefined) {
+            console.warn("Cookies with names starting with `__Host-` must not have a domain specified. Cookie ignored.");
+            return null;
+        }
+        if (cookie.path !== "/") {
+            console.warn("Cookies with names starting with `__Host-` must have path be `/`. Cookie has been ignored.");
+            return null;
+        }
+    }
+    return cookie;
+}
+/**
+ * Parse set-cookies of a header
+ *
+ * @example
+ * ```ts
+ * import { getSetCookies } from "https://deno.land/std@$STD_VERSION/http/cookie.ts";
+ *
+ * const headers = new Headers([
+ *   ["Set-Cookie", "lulu=meow; Secure; Max-Age=3600"],
+ *   ["Set-Cookie", "booya=kasha; HttpOnly; Path=/"],
+ * ]);
+ *
+ * const cookies = getSetCookies(headers);
+ * console.log(cookies); // [{ name: "lulu", value: "meow", secure: true, maxAge: 3600 }, { name: "booya", value: "kahsa", httpOnly: true, path: "/ }]
+ * ```
+ *
+ * @param headers The headers instance to get set-cookies from
+ * @return List of cookies
+ */
+function getSetCookies(headers) {
+    // TODO(lino-levan): remove this ts-ignore when Typescript 5.2 lands in Deno
+    // @ts-ignore Typescript's TS Dom types will be out of date until 5.2
+    return headers
+        .getSetCookie()
+        /** Parse each `set-cookie` header separately */
+        .map(parseSetCookie)
+        /** Skip empty cookies */
+        .filter(Boolean);
 }
 
 const GlobalRequest = global.Request;
@@ -6298,14 +6422,12 @@ async function handler$d(plugin, ctx, options) {
     if (!isMatch) {
         throw new Error("用户名或密码错误。");
     }
-    const secretKey = Buffer.from(server.config.jwtKey, "base64");
-    const token = createJwt({
-        iss: "authManager",
-        sub: "userAccessToken",
-        aud: "" + user.id,
-        iat: Math.floor(Date.now() / 1000),
-        act: user.login,
-    }, secretKey);
+    const authService = server.getService("authService");
+    const token = authService.createUserAccessToken({
+        issuer: "authManager",
+        userId: user.id,
+        userLogin: user.login,
+    });
     setCookie(response.headers, {
         name: ctx.server.config.sessionCookieName,
         value: token,
@@ -6539,10 +6661,31 @@ var signout$1 = {
 
 var pluginRoutes$7 = [changePassword, getMyProfile$1, resetPassword, signin$1, signout$1];
 
+class AuthService {
+    #server;
+    #jwtKey;
+    constructor(server, jwtKey) {
+        this.#server = server;
+        this.#jwtKey = jwtKey;
+    }
+    createUserAccessToken(options) {
+        const secretKey = Buffer.from(this.#jwtKey, "base64");
+        const token = createJwt({
+            iss: options.issuer,
+            sub: "userAccessToken",
+            aud: "" + options.userId,
+            iat: Math.floor(Date.now() / 1000),
+            act: options.userLogin,
+        }, secretKey);
+        return token;
+    }
+}
+
 /**
  * Auth manager plugin
  */
 class AuthPlugin {
+    #authService;
     get code() {
         return "authManager";
     }
@@ -6566,6 +6709,10 @@ class AuthPlugin {
     async configureModels(server, applicationConfig) {
         server.appendApplicationConfig({ models: pluginModels$5 });
     }
+    async configureServices(server, applicationConfig) {
+        this.#authService = new AuthService(server, server.config.jwtKey);
+        server.registerService("authService", this.#authService);
+    }
     async configureRoutes(server, applicationConfig) {
         server.appendApplicationConfig({ routes: pluginRoutes$7 });
     }
@@ -8549,6 +8696,10 @@ exports.WebhooksPlugin = WebhooksPlugin;
 exports.bootstrapApplicationConfig = bootstrapApplicationConfig$1;
 exports.createJwt = createJwt;
 exports.decodeJwt = decodeJwt;
+exports.deleteCookie = deleteCookie;
 exports.generateJwtSecretKey = generateJwtSecretKey;
+exports.getCookies = getCookies;
+exports.getSetCookies = getSetCookies;
 exports.mapDbRowToEntity = mapDbRowToEntity;
+exports.setCookie = setCookie;
 exports.verifyJwt = verifyJwt;

package/dist/plugins/auth/AuthPlugin.d.ts

@@ -5,6 +5,7 @@ import { RpdApplicationConfig } from "../../types";
 import { IRpdServer, RapidPlugin, RpdConfigurationItemOptions, RpdServerPluginConfigurableTargetOptions, RpdServerPluginExtendingAbilities } from "../../core/server";
 import { RouteContext } from "../../core/routeContext";
 declare class AuthPlugin implements RapidPlugin {
+    #private;
     get code(): string;
     get description(): string;
     get extendingAbilities(): RpdServerPluginExtendingAbilities[];
@@ -12,6 +13,7 @@ declare class AuthPlugin implements RapidPlugin {
     get configurations(): RpdConfigurationItemOptions[];
     registerActionHandlers(server: IRpdServer): Promise<any>;
     configureModels(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
+    configureServices(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
     configureRoutes(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any>;
     onPrepareRouteContext(server: IRpdServer, routeContext: RouteContext): Promise<void>;
 }

package/dist/plugins/auth/actionHandlers/createSession.d.ts

@@ -1,8 +1,4 @@
 import { ActionHandlerContext } from "../../../core/actionHandler";
 import { RapidPlugin } from "../../../core/server";
-export interface UserAccessToken {
-    sub: "userAccessToken";
-    aud: string;
-}
 export declare const code = "createSession";
 export declare function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, options: any): Promise<void>;

package/dist/plugins/auth/services/AuthService.d.ts

@@ -0,0 +1,15 @@
+import { IRpdServer } from "../../../core/server";
+export interface UserAccessToken {
+    sub: "userAccessToken";
+    aud: string;
+}
+export interface CreateUserAccessTokenOptions {
+    issuer: string;
+    userId: number;
+    userLogin: string;
+}
+export default class AuthService {
+    #private;
+    constructor(server: IRpdServer, jwtKey: string);
+    createUserAccessToken(options: CreateUserAccessTokenOptions): string;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ruiapp/rapid-core",
-  "version": "0.5.7",
+  "version": "0.5.8",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/index.ts

@@ -12,6 +12,8 @@ export * from "./core/actionHandler";
 
 export * from "./utilities/jwtUtility";
 
+export * from "./deno-std/http/cookie";
+
 export { mapDbRowToEntity } from "./dataAccess/entityMapper";
 
 export * as bootstrapApplicationConfig from "./bootstrapApplicationConfig";

package/src/plugins/auth/AuthPlugin.ts

@@ -16,8 +16,11 @@ import pluginModels from "./models";
 import pluginRoutes from "./routes";
 import { RouteContext } from "~/core/routeContext";
 import { verifyJwt } from "~/utilities/jwtUtility";
+import AuthService from "./services/AuthService";
 
 class AuthPlugin implements RapidPlugin {
+  #authService!: AuthService;
+
   get code(): string {
     return "authManager";
   }
@@ -48,6 +51,11 @@ class AuthPlugin implements RapidPlugin {
     server.appendApplicationConfig({ models: pluginModels });
   }
 
+  async configureServices(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any> {
+    this.#authService = new AuthService(server, server.config.jwtKey);
+    server.registerService("authService", this.#authService);
+  }
+
   async configureRoutes(server: IRpdServer, applicationConfig: RpdApplicationConfig): Promise<any> {
     server.appendApplicationConfig({ routes: pluginRoutes });
   }

package/src/plugins/auth/actionHandlers/createSession.ts

@@ -1,15 +1,10 @@
 import bcrypt from "bcrypt";
 import { setCookie } from "~/deno-std/http/cookie";
-import { createJwt } from "~/utilities/jwtUtility";
 import { ActionHandlerContext } from "~/core/actionHandler";
 import { RapidPlugin } from "~/core/server";
 import LicenseService from "~/plugins/license/LicenseService";
 import { get } from "lodash";
-
-export interface UserAccessToken {
-  sub: "userAccessToken";
-  aud: string;
-}
+import AuthService from "../services/AuthService";
 
 export const code = "createSession";
 
@@ -54,17 +49,12 @@ export async function handler(plugin: RapidPlugin, ctx: ActionHandlerContext, op
     throw new Error("用户名或密码错误。");
   }
 
-  const secretKey = Buffer.from(server.config.jwtKey, "base64");
-  const token = createJwt(
-    {
-      iss: "authManager",
-      sub: "userAccessToken",
-      aud: "" + user.id,
-      iat: Math.floor(Date.now() / 1000),
-      act: user.login,
-    } as UserAccessToken,
-    secretKey,
-  );
+  const authService = server.getService<AuthService>("authService");
+  const token = authService.createUserAccessToken({
+    issuer: "authManager",
+    userId: user.id,
+    userLogin: user.login,
+  });
 
   setCookie(response.headers, {
     name: ctx.server.config.sessionCookieName,

package/src/plugins/auth/services/AuthService.ts

@@ -0,0 +1,39 @@
+import { IRpdServer } from "~/core/server";
+import { createJwt } from "~/utilities/jwtUtility";
+
+export interface UserAccessToken {
+  sub: "userAccessToken";
+  aud: string;
+}
+
+export interface CreateUserAccessTokenOptions {
+  issuer: string;
+  userId: number;
+  userLogin: string;
+}
+
+export default class AuthService {
+  #server: IRpdServer;
+  #jwtKey: string;
+
+  constructor(server: IRpdServer, jwtKey: string) {
+    this.#server = server;
+    this.#jwtKey = jwtKey;
+  }
+
+  createUserAccessToken(options: CreateUserAccessTokenOptions): string {
+    const secretKey = Buffer.from(this.#jwtKey, "base64");
+    const token = createJwt(
+      {
+        iss: options.issuer,
+        sub: "userAccessToken",
+        aud: "" + options.userId,
+        iat: Math.floor(Date.now() / 1000),
+        act: options.userLogin,
+      } as UserAccessToken,
+      secretKey,
+    );
+
+    return token;
+  }
+}