@skalfa/skalfa-api-core 1.0.3 → 1.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CONTRIBUTING.md +45 -0
- package/LICENSE +21 -0
- package/README.md +60 -0
- package/dist/auth/auth.d.ts +18 -15
- package/dist/auth/auth.js +20 -203
- package/dist/auth/auth.js.map +1 -1
- package/dist/auth/create-access-token.d.ts +4 -0
- package/dist/auth/create-access-token.js +26 -0
- package/dist/auth/create-access-token.js.map +1 -0
- package/dist/auth/create-user-mail-token.d.ts +4 -0
- package/dist/auth/create-user-mail-token.js +19 -0
- package/dist/auth/create-user-mail-token.js.map +1 -0
- package/dist/auth/helpers/generate-agent-id.d.ts +1 -0
- package/dist/auth/helpers/generate-agent-id.js +7 -0
- package/dist/auth/helpers/generate-agent-id.js.map +1 -0
- package/dist/auth/helpers/get-request-ip.d.ts +1 -0
- package/dist/auth/helpers/get-request-ip.js +4 -0
- package/dist/auth/helpers/get-request-ip.js.map +1 -0
- package/dist/auth/helpers/get-user-permissions.d.ts +1 -0
- package/dist/auth/helpers/get-user-permissions.js +9 -0
- package/dist/auth/helpers/get-user-permissions.js.map +1 -0
- package/dist/auth/helpers/index.d.ts +3 -0
- package/dist/auth/helpers/index.js +4 -0
- package/dist/auth/helpers/index.js.map +1 -0
- package/dist/auth/list-user-sessions.d.ts +1 -0
- package/dist/auth/list-user-sessions.js +10 -0
- package/dist/auth/list-user-sessions.js.map +1 -0
- package/dist/auth/revalidate-user-permissions-by-role.d.ts +1 -0
- package/dist/auth/revalidate-user-permissions-by-role.js +12 -0
- package/dist/auth/revalidate-user-permissions-by-role.js.map +1 -0
- package/dist/auth/revalidate-user-permissions.d.ts +1 -0
- package/dist/auth/revalidate-user-permissions.js +21 -0
- package/dist/auth/revalidate-user-permissions.js.map +1 -0
- package/dist/auth/revoke-access-token.d.ts +1 -0
- package/dist/auth/revoke-access-token.js +5 -0
- package/dist/auth/revoke-access-token.js.map +1 -0
- package/dist/auth/verify-access-token.d.ts +1 -0
- package/dist/auth/verify-access-token.js +47 -0
- package/dist/auth/verify-access-token.js.map +1 -0
- package/dist/auth/verify-user-mail-token.d.ts +1 -0
- package/dist/auth/verify-user-mail-token.js +21 -0
- package/dist/auth/verify-user-mail-token.js.map +1 -0
- package/dist/commands/cli.js +5 -3
- package/dist/commands/cli.js.map +1 -1
- package/dist/commands/make/basic-controller.js +1 -1
- package/dist/commands/make/basic-controller.js.map +1 -1
- package/dist/commands/make/basic-migration.d.ts +1 -1
- package/dist/commands/make/basic-migration.js +2 -2
- package/dist/commands/make/basic-migration.js.map +1 -1
- package/dist/commands/make/basic-model.js +1 -1
- package/dist/commands/make/basic-model.js.map +1 -1
- package/dist/commands/make/basic-seeder.js +1 -1
- package/dist/commands/make/basic-seeder.js.map +1 -1
- package/dist/commands/make/blueprint.js +1 -1
- package/dist/commands/make/blueprint.js.map +1 -1
- package/dist/commands/make/da-migration.js +3 -3
- package/dist/commands/make/da-migration.js.map +1 -1
- package/dist/commands/make/mail.js +2 -2
- package/dist/commands/make/mail.js.map +1 -1
- package/dist/commands/make/notification.js +1 -1
- package/dist/commands/make/notification.js.map +1 -1
- package/dist/commands/make/queue.js +1 -1
- package/dist/commands/make/queue.js.map +1 -1
- package/dist/commands/make/resource.d.ts +2 -0
- package/dist/commands/make/resource.js +19 -0
- package/dist/commands/make/resource.js.map +1 -0
- package/dist/commands/make/{light-controller.js → skalfa-controller.js} +3 -3
- package/dist/commands/make/skalfa-controller.js.map +1 -0
- package/dist/commands/make/{light-model.js → skalfa-model.js} +4 -4
- package/dist/commands/make/skalfa-model.js.map +1 -0
- package/dist/commands/runner/barrels.js.map +1 -1
- package/dist/commands/runner/blueprint/controller-generation.js.map +1 -1
- package/dist/commands/runner/blueprint/documentation-generation.js.map +1 -1
- package/dist/commands/runner/blueprint/migration-generation.js +1 -1
- package/dist/commands/runner/blueprint/migration-generation.js.map +1 -1
- package/dist/commands/runner/blueprint/model-generation.js.map +1 -1
- package/dist/commands/runner/blueprint/runner.js +2 -2
- package/dist/commands/runner/blueprint/runner.js.map +1 -1
- package/dist/commands/runner/blueprint/seeder-generation.js +1 -1
- package/dist/commands/runner/blueprint/seeder-generation.js.map +1 -1
- package/dist/commands/runner/da-migration.js +1 -2
- package/dist/commands/runner/da-migration.js.map +1 -1
- package/dist/commands/runner/migration.js +1 -1
- package/dist/commands/runner/migration.js.map +1 -1
- package/dist/commands/runner/seeder.js +1 -1
- package/dist/commands/runner/seeder.js.map +1 -1
- package/dist/context/context.js +6 -0
- package/dist/context/context.js.map +1 -1
- package/dist/controller/controller.d.ts +17 -30
- package/dist/controller/controller.js +39 -121
- package/dist/controller/controller.js.map +1 -1
- package/dist/controller/response.d.ts +6 -0
- package/dist/controller/response.js +63 -0
- package/dist/controller/response.js.map +1 -0
- package/dist/controller/storage.d.ts +9 -0
- package/dist/controller/storage.js +56 -0
- package/dist/controller/storage.js.map +1 -0
- package/dist/conversion/conversion.d.ts +3 -0
- package/dist/conversion/conversion.js +28 -4
- package/dist/conversion/conversion.js.map +1 -1
- package/dist/conversion/date.d.ts +1 -0
- package/dist/conversion/date.js +77 -0
- package/dist/conversion/date.js.map +1 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/logger/logger.js +33 -0
- package/dist/logger/logger.js.map +1 -1
- package/dist/mail/mail.js +6 -6
- package/dist/mail/mail.js.map +1 -1
- package/dist/middleware/access-log.d.ts +31 -0
- package/dist/middleware/access-log.js +13 -0
- package/dist/middleware/access-log.js.map +1 -0
- package/dist/middleware/auth.d.ts +37 -0
- package/dist/middleware/auth.js +16 -0
- package/dist/middleware/auth.js.map +1 -0
- package/dist/middleware/body-parse.d.ts +35 -0
- package/dist/middleware/body-parse.js +87 -0
- package/dist/middleware/body-parse.js.map +1 -0
- package/dist/middleware/context.d.ts +29 -0
- package/dist/middleware/context.js +8 -0
- package/dist/middleware/context.js.map +1 -0
- package/dist/middleware/cors.d.ts +31 -0
- package/dist/middleware/cors.js +27 -0
- package/dist/middleware/cors.js.map +1 -0
- package/dist/middleware/error-handler.d.ts +33 -0
- package/dist/middleware/error-handler.js +17 -0
- package/dist/middleware/error-handler.js.map +1 -0
- package/dist/middleware/middleware.d.ts +31 -10
- package/dist/middleware/middleware.js +41 -209
- package/dist/middleware/middleware.js.map +1 -1
- package/dist/middleware/private.d.ts +29 -0
- package/dist/middleware/private.js +8 -0
- package/dist/middleware/private.js.map +1 -0
- package/dist/middleware/rate-limiter.d.ts +32 -0
- package/dist/middleware/rate-limiter.js +30 -0
- package/dist/middleware/rate-limiter.js.map +1 -0
- package/dist/notification/index.d.ts +1 -0
- package/dist/notification/index.js +2 -0
- package/dist/notification/index.js.map +1 -0
- package/dist/notification/notification.d.ts +16 -0
- package/dist/notification/notification.js +64 -0
- package/dist/notification/notification.js.map +1 -0
- package/dist/permission/permission.js +9 -0
- package/dist/permission/permission.js.map +1 -1
- package/dist/registry/registry.d.ts +0 -6
- package/dist/registry/registry.js +6 -6
- package/dist/registry/registry.js.map +1 -1
- package/dist/storage/storage.d.ts +3 -3
- package/dist/storage/storage.js.map +1 -1
- package/dist/validation/validation.js +43 -51
- package/dist/validation/validation.js.map +1 -1
- package/package.json +4 -4
- package/src/auth/auth.ts +21 -252
- package/src/auth/create-access-token.ts +29 -0
- package/src/auth/create-user-mail-token.ts +24 -0
- package/src/auth/helpers/generate-agent-id.ts +8 -0
- package/src/auth/helpers/get-request-ip.ts +3 -0
- package/src/auth/helpers/get-user-permissions.ts +15 -0
- package/src/auth/helpers/index.ts +3 -0
- package/src/auth/list-user-sessions.ts +11 -0
- package/src/auth/revalidate-user-permissions-by-role.ts +13 -0
- package/src/auth/revalidate-user-permissions.ts +26 -0
- package/src/auth/revoke-access-token.ts +5 -0
- package/src/auth/verify-access-token.ts +56 -0
- package/src/auth/verify-user-mail-token.ts +24 -0
- package/src/commands/cli.ts +5 -3
- package/src/commands/make/basic-controller.ts +3 -1
- package/src/commands/make/basic-migration.ts +5 -3
- package/src/commands/make/basic-model.ts +3 -1
- package/src/commands/make/basic-seeder.ts +3 -1
- package/src/commands/make/blueprint.ts +3 -1
- package/src/commands/make/da-migration.ts +6 -5
- package/src/commands/make/mail.ts +4 -2
- package/src/commands/make/notification.ts +3 -1
- package/src/commands/make/queue.ts +3 -1
- package/src/commands/make/resource.ts +21 -0
- package/src/commands/make/{light-controller.ts → skalfa-controller.ts} +4 -2
- package/src/commands/make/{light-model.ts → skalfa-model.ts} +5 -3
- package/src/commands/runner/barrels.ts +4 -0
- package/src/commands/runner/blueprint/controller-generation.ts +2 -0
- package/src/commands/runner/blueprint/documentation-generation.ts +2 -0
- package/src/commands/runner/blueprint/migration-generation.ts +3 -1
- package/src/commands/runner/blueprint/model-generation.ts +2 -0
- package/src/commands/runner/blueprint/runner.ts +10 -2
- package/src/commands/runner/blueprint/seeder-generation.ts +3 -1
- package/src/commands/runner/da-migration.ts +3 -2
- package/src/commands/runner/migration.ts +1 -1
- package/src/commands/runner/seeder.ts +1 -1
- package/src/context/context.ts +23 -17
- package/src/controller/controller.ts +124 -239
- package/src/controller/response.ts +78 -0
- package/src/controller/storage.ts +78 -0
- package/src/conversion/conversion.ts +90 -64
- package/src/conversion/date.ts +74 -0
- package/src/index.ts +2 -0
- package/src/logger/logger.ts +217 -176
- package/src/mail/mail.ts +85 -85
- package/src/middleware/access-log.ts +15 -0
- package/src/middleware/auth.ts +19 -0
- package/src/middleware/body-parse.ts +83 -0
- package/src/middleware/context.ts +11 -0
- package/src/middleware/cors.ts +31 -0
- package/src/middleware/error-handler.ts +20 -0
- package/src/middleware/middleware.ts +91 -288
- package/src/middleware/private.ts +8 -0
- package/src/middleware/rate-limiter.ts +41 -0
- package/src/notification/index.ts +1 -0
- package/src/notification/notification.ts +86 -0
- package/src/permission/permission.ts +140 -136
- package/src/registry/registry.ts +17 -15
- package/src/route/route.ts +11 -11
- package/src/storage/storage.ts +104 -106
- package/src/validation/validation.ts +322 -346
- package/dist/auth.util.d.ts +0 -19
- package/dist/auth.util.js +0 -183
- package/dist/auth.util.js.map +0 -1
- package/dist/commands/make/light-controller.js.map +0 -1
- package/dist/commands/make/light-model.js.map +0 -1
- package/dist/context.util.d.ts +0 -7
- package/dist/context.util.js +0 -11
- package/dist/context.util.js.map +0 -1
- package/dist/controller.util.d.ts +0 -118
- package/dist/controller.util.js +0 -144
- package/dist/controller.util.js.map +0 -1
- package/dist/conversion.util.d.ts +0 -8
- package/dist/conversion.util.js +0 -52
- package/dist/conversion.util.js.map +0 -1
- package/dist/db/db.d.ts +0 -84
- package/dist/db/db.js +0 -177
- package/dist/db/db.js.map +0 -1
- package/dist/db/index.d.ts +0 -1
- package/dist/db/index.js +0 -2
- package/dist/db/index.js.map +0 -1
- package/dist/db.util.d.ts +0 -84
- package/dist/db.util.js +0 -177
- package/dist/db.util.js.map +0 -1
- package/dist/logger.util.d.ts +0 -30
- package/dist/logger.util.js +0 -126
- package/dist/logger.util.js.map +0 -1
- package/dist/mail.util.d.ts +0 -21
- package/dist/mail.util.js +0 -53
- package/dist/mail.util.js.map +0 -1
- package/dist/middleware.util.d.ts +0 -263
- package/dist/middleware.util.js +0 -233
- package/dist/middleware.util.js.map +0 -1
- package/dist/model/index.d.ts +0 -3
- package/dist/model/index.js +0 -4
- package/dist/model/index.js.map +0 -1
- package/dist/model/model.d.ts +0 -204
- package/dist/model/model.js +0 -1495
- package/dist/model/model.js.map +0 -1
- package/dist/model.util.d.ts +0 -204
- package/dist/model.util.js +0 -1495
- package/dist/model.util.js.map +0 -1
- package/dist/permission.util.d.ts +0 -38
- package/dist/permission.util.js +0 -91
- package/dist/permission.util.js.map +0 -1
- package/dist/registry.util.d.ts +0 -28
- package/dist/registry.util.js +0 -19
- package/dist/registry.util.js.map +0 -1
- package/dist/route.util.d.ts +0 -1
- package/dist/route.util.js +0 -12
- package/dist/route.util.js.map +0 -1
- package/dist/storage.util.d.ts +0 -56
- package/dist/storage.util.js +0 -82
- package/dist/storage.util.js.map +0 -1
- package/dist/validation.util.d.ts +0 -7
- package/dist/validation.util.js +0 -237
- package/dist/validation.util.js.map +0 -1
- /package/dist/commands/make/{light-controller.d.ts → skalfa-controller.d.ts} +0 -0
- /package/dist/commands/make/{light-model.d.ts → skalfa-model.d.ts} +0 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validation.js","sourceRoot":"","sources":["../../src/validation/validation.ts"],"names":[],"mappings":"AAAA,OAAO,SAAS,MAAM,WAAW,CAAA;AACjC,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,
|
|
1
|
+
{"version":3,"file":"validation.js","sourceRoot":"","sources":["../../src/validation/validation.ts"],"names":[],"mappings":"AAAA,OAAO,SAAS,MAAM,WAAW,CAAA;AACjC,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AAgDxC,yCAAyC;AACzC,uCAAuC;AACvC,yCAAyC;AACzC,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,IAA6B,EAC7B,KAAyB;IAEzB,MAAM,MAAM,GAA6B,EAAE,CAAA;IAE3C,KAAK,MAAM,KAAK,IAAI,KAAK,EAAE,CAAC;QAC1B,MAAM,UAAU,GAAG,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAA;QAE/C,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAEjC,MAAM,gBAAgB,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,SAAS,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;YAEjG,SAAQ;QACV,CAAC;QAED,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,CAAA;QAE/C,MAAM,UAAU,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;IACrE,CAAC;IAED,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC;QACvC,MAAM;KACP,CAAA;AACH,CAAC;AAGD,KAAK,UAAU,UAAU,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAwG;IACnK,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAiC,CAAA;QAErE,QAAQ,IAAI,EAAE,CAAC;YACb,gBAAgB;YAChB,KAAK,UAAU;gBACb,IAAI,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;oBAC5C,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,cAAc,CAAC,CAAA;gBACjD,CAAC;gBACD,MAAK;YAEP,KAAK,QAAQ,CAAC;YACd,KAAK,MAAM;gBACT,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;oBAC9B,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,sBAAsB,CAAC,CAAA;gBACzD,CAAC;gBACD,MAAK;YAEP,KAAK,SAAS,CAAC;YACf,KAAK,QAAQ;gBACX,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACxC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,qBAAqB,CAAC,CAAA;gBACxD,CAAC;gBACD,MAAK;YAEP,KAAK,SAAS;gBACZ,IAAI,CAAC,CAAC,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,OAAO,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;oBAChH,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,uBAAuB,CAAC,CAAA;gBAC1D,CAAC;gBACD,MAAK;YAEP,KAAK,OAAO;gBACV,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACtC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,gCAAgC,CAAC,CAAA;gBACnE,CAAC;gBACD,MAAK;YAEP,KAAK,KAAK;gBACR,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACpC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,8BAA8B,CAAC,CAAA;gBACjE,CAAC;gBACD,MAAK;YAEP,KAAK,MAAM;gBACT,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACrC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,kCAAkC,CAAC,CAAA;gBACrE,CAAC;gBACD,MAAK;YAEP,iBAAiB;YACjB,KAAK,KAAK,CAAC,CAAC,CAAC;gBACX,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAM,CAAC,CAAA;gBAC5B,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;oBAChD,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,YAAY,GAAG,WAAW,CAAC,CAAA;gBAC7D,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,KAAK,CAAC,CAAC,CAAC;gBACX,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAM,CAAC,CAAA;gBAC5B,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;oBAChD,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,aAAa,GAAG,WAAW,CAAC,CAAA;gBAC9D,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,KAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;gBACtD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;oBACrE,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,iBAAiB,MAAM,MAAM,MAAM,WAAW,CAAC,CAAA;gBACjF,CAAC;gBACD,MAAK;YACP,CAAC;YAED,yBAAyB;YACzB,KAAK,IAAI,CAAC,CAAC,CAAC;gBACV,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,MAAM,OAAO,GAAG,KAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBACjC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACrC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,2BAA2B,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAClF,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,MAAM,UAAU,GAAG,KAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBACpC,IAAI,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBACvC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,iCAAiC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAC3F,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,OAAO,CAAC,CAAC,CAAC;gBACb,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC1B,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,qBAAqB,CAAC,CAAA;gBACxD,CAAC;gBACD,MAAK;YACP,CAAC;YAED,qBAAqB;YACrB,KAAK,WAAW;gBACd,IAAI,KAAK,KAAK,cAAc,CAAC,IAAI,EAAE,GAAG,KAAK,eAAe,CAAC,EAAE,CAAC;oBAC5D,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,+BAA+B,CAAC,CAAA;gBAClE,CAAC;gBACD,MAAK;YAEP,KAAK,MAAM;gBACT,IAAI,KAAK,KAAK,cAAc,CAAC,IAAI,EAAE,KAAM,CAAC,EAAE,CAAC;oBAC3C,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,sBAAsB,KAAK,EAAE,CAAC,CAAA;gBAChE,CAAC;gBACD,MAAK;YAEP,KAAK,WAAW;gBACd,IAAI,KAAK,KAAK,cAAc,CAAC,IAAI,EAAE,KAAM,CAAC,EAAE,CAAC;oBAC3C,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,yBAAyB,KAAK,EAAE,CAAC,CAAA;gBACnE,CAAC;gBACD,MAAK;YAEP,gBAAgB;YAChB,KAAK,OAAO;gBACV,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,IAAI,CAAC;oBACH,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,KAAM,CAAC,CAAA;oBAClC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;wBACjC,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,sBAAsB,CAAC,CAAA;oBACzD,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,oBAAoB,KAAK,cAAc,CAAC,CAAA;gBAClE,CAAC;gBACD,MAAK;YAEP,8BAA8B;YAC9B,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,GAAG,KAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBACnD,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;gBAClD,IAAI,QAAQ;oBAAE,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;gBAE5C,IAAI,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE,CAAC;oBACnD,KAAK,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;gBAC/B,CAAC;gBAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAA;gBACpC,IAAI,QAAQ,EAAE,CAAC;oBACb,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,kBAAkB,CAAC,CAAA;gBACrD,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,IAAI,CAAC,KAAK;oBAAE,MAAK;gBACjB,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,KAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBACzC,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;gBAElD,IAAI,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE,CAAC;oBACnD,KAAK,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;gBAC/B,CAAC;gBAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAA;gBACpC,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACd,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,KAAK,uBAAuB,KAAK,EAAE,CAAC,CAAA;gBACjE,CAAC;gBACD,MAAK;YACP,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAID,KAAK,UAAU,gBAAgB,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAOhF;IACC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,MAAM,UAAU,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;QAElE,OAAM;IACR,CAAC;IAED,MAAM,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,QAAQ,CAAA;IAEnC,IAAI,OAAO,KAAK,GAAG,EAAE,CAAC;QACpB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1B,QAAQ,CAAC,MAAM,EAAE,SAAS,EAAE,GAAG,SAAS,qBAAqB,CAAC,CAAA;YAE9D,OAAM;QACR,CAAC;QAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,gBAAgB,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,SAAS,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;QAClH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,gBAAgB,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,GAAG,SAAS,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,MAAM,EAAC,CAAC,CAAA;IACrJ,CAAC;AACH,CAAC;AAID,sCAAsC;AACtC,wBAAwB;AACxB,sCAAsC;AACtC,SAAS,cAAc,CAAC,GAAQ,EAAE,IAAY;IAC5C,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,SAAS,CAAA;IAErD,MAAM,cAAc,GAAG,IAAI;SACxB,OAAO,CAAC,YAAY,EAAE,KAAK,CAAC;SAC5B,OAAO,CAAC,gBAAgB,EAAE,KAAK,CAAC;SAChC,OAAO,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;IAEnC,OAAO,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACnD,IAAI,GAAG,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC,GAAG,CAAC,CAAA;QAE1E,OAAO,SAAS,CAAA;IAClB,CAAC,EAAE,GAAG,CAAC,CAAA;AACT,CAAC;AAED,SAAS,cAAc,CAAC,KAAgC;IACtD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAA;IAEtC,OAAO,KAAK,CAAC,KAAK,CAAC,GAAG,CAAqB,CAAA;AAC7C,CAAC;AAED,SAAS,QAAQ,CAAC,MAAgC,EAAE,KAAa,EAAE,OAAe;IAChF,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,EAAE,OAAO,CAAC,CAAA;AACrD,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@skalfa/skalfa-api-core",
|
|
3
|
-
"version": "1.0.
|
|
4
|
-
"description": "Core
|
|
3
|
+
"version": "1.0.7",
|
|
4
|
+
"description": "Core framework engine and foundational utilities for the Skalfa API backend.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
7
7
|
"scripts": {
|
|
@@ -15,11 +15,11 @@
|
|
|
15
15
|
"author": "",
|
|
16
16
|
"license": "UNLICENSED",
|
|
17
17
|
"dependencies": {
|
|
18
|
-
"@skalfa/skalfa-orm": "
|
|
18
|
+
"@skalfa/skalfa-orm": "^1.0.0",
|
|
19
19
|
"bcrypt": "^6.0.0",
|
|
20
20
|
"commander": "^12.1.0",
|
|
21
21
|
"dotenv": "^17.2.2",
|
|
22
|
-
"elysia": "
|
|
22
|
+
"elysia": "^1.2.0",
|
|
23
23
|
"nodemailer": "^7.0.9",
|
|
24
24
|
"validator": "^13.15.15"
|
|
25
25
|
},
|
package/src/auth/auth.ts
CHANGED
|
@@ -1,282 +1,51 @@
|
|
|
1
|
-
import
|
|
2
|
-
import
|
|
3
|
-
import {
|
|
4
|
-
import {
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
const
|
|
11
|
-
const
|
|
12
|
-
const
|
|
1
|
+
import { createAccessToken } from './create-access-token'
|
|
2
|
+
import { revokeAccessToken } from './revoke-access-token'
|
|
3
|
+
import { verifyAccessToken } from './verify-access-token'
|
|
4
|
+
import { createUserMailToken } from './create-user-mail-token'
|
|
5
|
+
import { verifyUserMailToken } from './verify-user-mail-token'
|
|
6
|
+
import { listUserSessions } from './list-user-sessions'
|
|
7
|
+
import { revalidateUserPermissions } from './revalidate-user-permissions'
|
|
8
|
+
import { revalidateUserPermissionsByRole } from './revalidate-user-permissions-by-role'
|
|
9
|
+
|
|
10
|
+
export const TOKEN_PLAIN_LENGTH = 20
|
|
11
|
+
export const AUTH_PERMISSION = process.env.AUTH_CACHE === "true"
|
|
12
|
+
export const AUTH_CACHE = process.env.AUTH_CACHE === "true"
|
|
13
|
+
export const AUTH_CACHE_TTL = Number(process.env.AUTH_CACHE_TTL || 600)
|
|
13
14
|
|
|
14
15
|
export const auth = {
|
|
15
|
-
|
|
16
16
|
// =====================================>
|
|
17
17
|
// ## Auth: create access token with user id
|
|
18
18
|
// =====================================>
|
|
19
|
-
|
|
20
|
-
const plain = crypto.randomBytes(TOKEN_PLAIN_LENGTH).toString("hex")
|
|
21
|
-
const hash = await bcrypt.hash(plain, 10)
|
|
22
|
-
const agent = generateAgentId(req)
|
|
23
|
-
|
|
24
|
-
if (!db) {
|
|
25
|
-
// get user from db (fallback / stub for no ORM)
|
|
26
|
-
return {
|
|
27
|
-
token: `1|${plain}`,
|
|
28
|
-
tokenId: 1,
|
|
29
|
-
}
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
let permissions: string[] = []
|
|
33
|
-
if (AUTH_PERMISSION && permission) {
|
|
34
|
-
permissions = await getUserPermissions(userId)
|
|
35
|
-
}
|
|
36
|
-
|
|
37
|
-
const [row] = await db("user_access_tokens").insert({
|
|
38
|
-
user_id : userId,
|
|
39
|
-
token : hash,
|
|
40
|
-
agent : agent,
|
|
41
|
-
permissions : JSON.stringify(permissions),
|
|
42
|
-
created_at : new Date(),
|
|
43
|
-
}).returning(["id"])
|
|
44
|
-
|
|
45
|
-
return {
|
|
46
|
-
token : `${row.id}|${plain}`,
|
|
47
|
-
tokenId : row.id,
|
|
48
|
-
}
|
|
49
|
-
},
|
|
19
|
+
createAccessToken,
|
|
50
20
|
|
|
51
21
|
// =====================================>
|
|
52
22
|
// ## Auth: delete access token with user id
|
|
53
23
|
// =====================================>
|
|
54
|
-
|
|
55
|
-
if (!db) {
|
|
56
|
-
// delete user access token from db (stub for no ORM)
|
|
57
|
-
return;
|
|
58
|
-
}
|
|
59
|
-
return db.table('user_access_tokens').where("id", id).delete()
|
|
60
|
-
},
|
|
24
|
+
revokeAccessToken,
|
|
61
25
|
|
|
62
26
|
// =====================================>
|
|
63
27
|
// ## Auth: verify access token
|
|
64
28
|
// =====================================>
|
|
65
|
-
|
|
66
|
-
if (!token.includes("|")) return null
|
|
67
|
-
|
|
68
|
-
const [tokenId, plain] = token.split("|", 2)
|
|
69
|
-
const agent = req ? generateAgentId(req) : ""
|
|
70
|
-
const ip = req ? getRequestIp(req) : ""
|
|
71
|
-
|
|
72
|
-
const cacheKey = `auth:token:${tokenId}`
|
|
73
|
-
|
|
74
|
-
if (AUTH_CACHE) {
|
|
75
|
-
const redis = registry.get('redis')
|
|
76
|
-
if (redis) {
|
|
77
|
-
const cached = await redis.get(cacheKey)
|
|
78
|
-
if (cached) {
|
|
79
|
-
const session = JSON.parse(cached)
|
|
80
|
-
if (session.agent !== agent) return null
|
|
81
|
-
return session
|
|
82
|
-
}
|
|
83
|
-
}
|
|
84
|
-
}
|
|
85
|
-
|
|
86
|
-
if (!db) {
|
|
87
|
-
// get user and token from db (stub for no ORM)
|
|
88
|
-
const user = { id: 1, name: "Admin", email: "admin@example.com" }
|
|
89
|
-
const tokenRecord = { id: Number(tokenId), agent, permission: [] }
|
|
90
|
-
return { user, token: tokenRecord, permissions: [] }
|
|
91
|
-
}
|
|
92
|
-
|
|
93
|
-
const tokenRecord = await db("user_access_tokens").where("id", tokenId).first()
|
|
94
|
-
|
|
95
|
-
if (!tokenRecord) return null
|
|
96
|
-
if (tokenRecord.agent !== agent) return null
|
|
97
|
-
|
|
98
|
-
const valid = await bcrypt.compare(plain, tokenRecord.token)
|
|
99
|
-
if (!valid) return null
|
|
100
|
-
|
|
101
|
-
await db("user_access_tokens").where("id", tokenRecord.id).update({ last_used_at: new Date(), last_used_ip: ip })
|
|
102
|
-
|
|
103
|
-
const user = await db("users").where("id", tokenRecord.user_id).first()
|
|
104
|
-
|
|
105
|
-
if (AUTH_CACHE) {
|
|
106
|
-
const redis = registry.get('redis')
|
|
107
|
-
if (redis) {
|
|
108
|
-
await redis.setex(
|
|
109
|
-
cacheKey,
|
|
110
|
-
AUTH_CACHE_TTL,
|
|
111
|
-
JSON.stringify({
|
|
112
|
-
user : user,
|
|
113
|
-
agent : tokenRecord.agent,
|
|
114
|
-
permissions : tokenRecord.permission,
|
|
115
|
-
})
|
|
116
|
-
)
|
|
117
|
-
}
|
|
118
|
-
}
|
|
119
|
-
|
|
120
|
-
return { user, token: tokenRecord, permissions: tokenRecord.permission }
|
|
121
|
-
},
|
|
29
|
+
verifyAccessToken,
|
|
122
30
|
|
|
123
31
|
// =====================================>
|
|
124
32
|
// ## Auth: create user mail token
|
|
125
33
|
// =====================================>
|
|
126
|
-
|
|
127
|
-
const token = Math.floor(100000 + Math.random() * 900000).toString()
|
|
128
|
-
|
|
129
|
-
if (!db) {
|
|
130
|
-
// create user mail token in db (stub for no ORM)
|
|
131
|
-
return {
|
|
132
|
-
token: token,
|
|
133
|
-
tokenId: 1
|
|
134
|
-
}
|
|
135
|
-
}
|
|
136
|
-
|
|
137
|
-
const hash = crypto.createHash('sha256').update(token).digest('hex')
|
|
138
|
-
const trx = await db.transaction()
|
|
139
|
-
|
|
140
|
-
await trx.table('user_mail_tokens').insert({
|
|
141
|
-
user_id : userId,
|
|
142
|
-
token : hash,
|
|
143
|
-
created_at : new Date(),
|
|
144
|
-
})
|
|
145
|
-
|
|
146
|
-
const record = await trx.table('user_mail_tokens').orderBy('id', 'desc').first()
|
|
147
|
-
|
|
148
|
-
await trx.commit()
|
|
149
|
-
|
|
150
|
-
return {
|
|
151
|
-
token : token,
|
|
152
|
-
tokenId : record.id
|
|
153
|
-
}
|
|
154
|
-
},
|
|
34
|
+
createUserMailToken,
|
|
155
35
|
|
|
156
36
|
// =====================================>
|
|
157
37
|
// ## Auth: Verify user mail token
|
|
158
38
|
// =====================================>
|
|
159
|
-
|
|
160
|
-
if (!db) {
|
|
161
|
-
// verify user mail token in db (stub for no ORM)
|
|
162
|
-
return true
|
|
163
|
-
}
|
|
164
|
-
|
|
165
|
-
const hashedToken = crypto.createHash("sha256").update(token).digest("hex");
|
|
166
|
-
|
|
167
|
-
const record = await db.table("user_mail_tokens")
|
|
168
|
-
.where("user_id", userId)
|
|
169
|
-
.whereNull("used_at")
|
|
170
|
-
.orderBy("id", "desc")
|
|
171
|
-
.first();
|
|
172
|
-
|
|
173
|
-
if (!record) return false
|
|
174
|
-
|
|
175
|
-
if (record.token !== hashedToken) return false;
|
|
176
|
-
|
|
177
|
-
const createdAt = new Date(record.created_at);
|
|
178
|
-
const now = new Date();
|
|
179
|
-
const diffMinutes = (now.getTime() - createdAt.getTime()) / (1000 * 60);
|
|
180
|
-
|
|
181
|
-
if (diffMinutes > 10) return false;
|
|
182
|
-
|
|
183
|
-
return true;
|
|
184
|
-
},
|
|
39
|
+
verifyUserMailToken,
|
|
185
40
|
|
|
186
41
|
// =====================================>
|
|
187
42
|
// ## Auth: list user sessions
|
|
188
43
|
// =====================================>
|
|
189
|
-
|
|
190
|
-
if (!db) {
|
|
191
|
-
// list user sessions from db (stub for no ORM)
|
|
192
|
-
return []
|
|
193
|
-
}
|
|
194
|
-
|
|
195
|
-
const rows = await db("user_access_tokens").select(["id", "agent", "created_at", "last_used_at", "last_used_ip","expired_at"]).where("user_id", userId).orderBy("last_used_at", "desc")
|
|
196
|
-
|
|
197
|
-
return rows.map((r: any) => ({
|
|
198
|
-
...r,
|
|
199
|
-
is_active : r.revoked_at === null,
|
|
200
|
-
is_current : r.id === currentTokenId,
|
|
201
|
-
}))
|
|
202
|
-
},
|
|
44
|
+
listUserSessions,
|
|
203
45
|
|
|
204
46
|
// =====================================>
|
|
205
47
|
// ## Auth: revalidate user permission
|
|
206
48
|
// =====================================>
|
|
207
|
-
revalidateUserPermissions
|
|
208
|
-
revalidateUserPermissionsByRole
|
|
209
|
-
}
|
|
210
|
-
|
|
211
|
-
function generateAgentId(req: Request) {
|
|
212
|
-
const ua = req.headers.get("user-agent") ?? ""
|
|
213
|
-
const acc = req.headers.get("accept") ?? ""
|
|
214
|
-
|
|
215
|
-
return crypto.createHash("sha256").update(ua + acc).digest("hex")
|
|
216
|
-
}
|
|
217
|
-
|
|
218
|
-
function getRequestIp(req: Request) {
|
|
219
|
-
return (req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || req.headers.get("x-real-ip") || "unknown")
|
|
220
|
-
}
|
|
221
|
-
|
|
222
|
-
async function getUserPermissions(userId: number): Promise<string[]> {
|
|
223
|
-
if (!db) {
|
|
224
|
-
// get user permissions from db (stub for no ORM)
|
|
225
|
-
return []
|
|
226
|
-
}
|
|
227
|
-
|
|
228
|
-
const roleIds = await db("user_roles").where("user_id", userId).pluck("role_id")
|
|
229
|
-
|
|
230
|
-
if (roleIds.length === 0) return []
|
|
231
|
-
|
|
232
|
-
const rows = await db("permissions").whereIn("role_id", roleIds).pluck("permissions")
|
|
233
|
-
|
|
234
|
-
return Array.from(
|
|
235
|
-
new Set(
|
|
236
|
-
rows.flatMap((p: any) => p ?? [])
|
|
237
|
-
)
|
|
238
|
-
)
|
|
239
|
-
}
|
|
240
|
-
|
|
241
|
-
async function revalidateUserPermissions(userId: number) {
|
|
242
|
-
if (!db) {
|
|
243
|
-
// revalidate user permissions in db (stub for no ORM)
|
|
244
|
-
return
|
|
245
|
-
}
|
|
246
|
-
|
|
247
|
-
const permissions = await getUserPermissions(userId)
|
|
248
|
-
|
|
249
|
-
const tokenIds = await db("user_access_tokens").where("user_id", userId).pluck("id")
|
|
250
|
-
|
|
251
|
-
if (tokenIds.length === 0) return
|
|
252
|
-
|
|
253
|
-
await db("user_access_tokens").whereIn("id", tokenIds).update({
|
|
254
|
-
permissions : JSON.stringify(permissions),
|
|
255
|
-
updated_at : new Date(),
|
|
256
|
-
})
|
|
257
|
-
|
|
258
|
-
if (AUTH_CACHE) {
|
|
259
|
-
const redis = registry.get('redis')
|
|
260
|
-
if (redis) {
|
|
261
|
-
await Promise.all(
|
|
262
|
-
tokenIds.map((id: any) => redis.del(`auth:token:${id}`))
|
|
263
|
-
)
|
|
264
|
-
}
|
|
265
|
-
}
|
|
266
|
-
}
|
|
267
|
-
|
|
268
|
-
async function revalidateUserPermissionsByRole(roleId: number) {
|
|
269
|
-
if (!db) {
|
|
270
|
-
// revalidate user permissions by role in db (stub for no ORM)
|
|
271
|
-
return
|
|
272
|
-
}
|
|
273
|
-
|
|
274
|
-
const userIds = await db("user_roles").where("role_id", roleId).pluck("user_id")
|
|
275
|
-
|
|
276
|
-
const queue = registry.get('queue')
|
|
277
|
-
if (queue) {
|
|
278
|
-
for (const userId of userIds) {
|
|
279
|
-
await queue.add("auth:revalidate-permission", { userId })
|
|
280
|
-
}
|
|
281
|
-
}
|
|
49
|
+
revalidateUserPermissions,
|
|
50
|
+
revalidateUserPermissionsByRole,
|
|
282
51
|
}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import crypto from 'crypto'
|
|
2
|
+
import bcrypt from "bcrypt";
|
|
3
|
+
import { db } from '@skalfa/skalfa-orm'
|
|
4
|
+
import { TOKEN_PLAIN_LENGTH, AUTH_PERMISSION } from './auth'
|
|
5
|
+
import { getUserPermissions, generateAgentId } from './helpers'
|
|
6
|
+
|
|
7
|
+
export async function createAccessToken(userId: number, req: Request, permission: boolean = true) {
|
|
8
|
+
const plain = crypto.randomBytes(TOKEN_PLAIN_LENGTH).toString("hex")
|
|
9
|
+
const hash = await bcrypt.hash(plain, 10)
|
|
10
|
+
const agent = generateAgentId(req)
|
|
11
|
+
|
|
12
|
+
let permissions: string[] = []
|
|
13
|
+
if (AUTH_PERMISSION && permission) {
|
|
14
|
+
permissions = await getUserPermissions(userId)
|
|
15
|
+
}
|
|
16
|
+
|
|
17
|
+
const [row] = await db("user_access_tokens").insert({
|
|
18
|
+
user_id : userId,
|
|
19
|
+
token : hash,
|
|
20
|
+
agent : agent,
|
|
21
|
+
permissions : JSON.stringify(permissions),
|
|
22
|
+
created_at : new Date(),
|
|
23
|
+
}).returning(["id"])
|
|
24
|
+
|
|
25
|
+
return {
|
|
26
|
+
token : `${row.id}|${plain}`,
|
|
27
|
+
tokenId : row.id,
|
|
28
|
+
}
|
|
29
|
+
}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import crypto from 'crypto'
|
|
2
|
+
import { db } from '@skalfa/skalfa-orm'
|
|
3
|
+
|
|
4
|
+
export async function createUserMailToken(userId: number) {
|
|
5
|
+
const token = Math.floor(100000 + Math.random() * 900000).toString()
|
|
6
|
+
|
|
7
|
+
const hash = crypto.createHash('sha256').update(token).digest('hex')
|
|
8
|
+
const trx = await db.transaction()
|
|
9
|
+
|
|
10
|
+
await trx.table('user_mail_tokens').insert({
|
|
11
|
+
user_id : userId,
|
|
12
|
+
token : hash,
|
|
13
|
+
created_at : new Date(),
|
|
14
|
+
})
|
|
15
|
+
|
|
16
|
+
const record = await trx.table('user_mail_tokens').orderBy('id', 'desc').first()
|
|
17
|
+
|
|
18
|
+
await trx.commit()
|
|
19
|
+
|
|
20
|
+
return {
|
|
21
|
+
token : token,
|
|
22
|
+
tokenId : record.id
|
|
23
|
+
}
|
|
24
|
+
}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { db } from '@skalfa/skalfa-orm'
|
|
2
|
+
|
|
3
|
+
export async function getUserPermissions(userId: number): Promise<string[]> {
|
|
4
|
+
const roleIds = await db("user_roles").where("user_id", userId).pluck("role_id")
|
|
5
|
+
|
|
6
|
+
if (roleIds.length === 0) return []
|
|
7
|
+
|
|
8
|
+
const rows = await db("permissions").whereIn("role_id", roleIds).pluck("permissions")
|
|
9
|
+
|
|
10
|
+
return Array.from(
|
|
11
|
+
new Set(
|
|
12
|
+
rows.flatMap((p: any) => p ?? [])
|
|
13
|
+
)
|
|
14
|
+
)
|
|
15
|
+
}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { db } from '@skalfa/skalfa-orm'
|
|
2
|
+
|
|
3
|
+
export async function listUserSessions(userId: number, currentTokenId?: number) {
|
|
4
|
+
const rows = await db("user_access_tokens").select(["id", "agent", "created_at", "last_used_at", "last_used_ip","expired_at"]).where("user_id", userId).orderBy("last_used_at", "desc")
|
|
5
|
+
|
|
6
|
+
return rows.map((r: any) => ({
|
|
7
|
+
...r,
|
|
8
|
+
is_active : r.revoked_at === null,
|
|
9
|
+
is_current : r.id === currentTokenId,
|
|
10
|
+
}))
|
|
11
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { db } from '@skalfa/skalfa-orm'
|
|
2
|
+
import { registry } from '@utils/registry'
|
|
3
|
+
|
|
4
|
+
export async function revalidateUserPermissionsByRole(roleId: number) {
|
|
5
|
+
const userIds = await db("user_roles").where("role_id", roleId).pluck("user_id")
|
|
6
|
+
|
|
7
|
+
const queue = registry.get('queue')
|
|
8
|
+
if (queue) {
|
|
9
|
+
for (const userId of userIds) {
|
|
10
|
+
await queue.add("auth:revalidate-permission", { userId })
|
|
11
|
+
}
|
|
12
|
+
}
|
|
13
|
+
}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
import { db } from '@skalfa/skalfa-orm'
|
|
2
|
+
import { registry } from '@utils/registry'
|
|
3
|
+
import { AUTH_CACHE } from './auth'
|
|
4
|
+
import { getUserPermissions } from './helpers'
|
|
5
|
+
|
|
6
|
+
export async function revalidateUserPermissions(userId: number) {
|
|
7
|
+
const permissions = await getUserPermissions(userId)
|
|
8
|
+
|
|
9
|
+
const tokenIds = await db("user_access_tokens").where("user_id", userId).pluck("id")
|
|
10
|
+
|
|
11
|
+
if (tokenIds.length === 0) return
|
|
12
|
+
|
|
13
|
+
await db("user_access_tokens").whereIn("id", tokenIds).update({
|
|
14
|
+
permissions : JSON.stringify(permissions),
|
|
15
|
+
updated_at : new Date(),
|
|
16
|
+
})
|
|
17
|
+
|
|
18
|
+
if (AUTH_CACHE) {
|
|
19
|
+
const redis = registry.get('redis')
|
|
20
|
+
if (redis) {
|
|
21
|
+
await Promise.all(
|
|
22
|
+
tokenIds.map((id: any) => redis.del(`auth:token:${id}`))
|
|
23
|
+
)
|
|
24
|
+
}
|
|
25
|
+
}
|
|
26
|
+
}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
import bcrypt from "bcrypt";
|
|
2
|
+
import { db } from '@skalfa/skalfa-orm'
|
|
3
|
+
import { registry } from '@utils/registry'
|
|
4
|
+
import { AUTH_CACHE, AUTH_CACHE_TTL } from './auth'
|
|
5
|
+
import { generateAgentId, getRequestIp } from './helpers'
|
|
6
|
+
|
|
7
|
+
export async function verifyAccessToken(token: string, req?: Request) {
|
|
8
|
+
if (!token.includes("|")) return null
|
|
9
|
+
|
|
10
|
+
const [tokenId, plain] = token.split("|", 2)
|
|
11
|
+
const agent = req ? generateAgentId(req) : ""
|
|
12
|
+
const ip = req ? getRequestIp(req) : ""
|
|
13
|
+
|
|
14
|
+
const cacheKey = `auth:token:${tokenId}`
|
|
15
|
+
|
|
16
|
+
if (AUTH_CACHE) {
|
|
17
|
+
const redis = registry.get('redis')
|
|
18
|
+
if (redis) {
|
|
19
|
+
const cached = await redis.get(cacheKey)
|
|
20
|
+
if (cached) {
|
|
21
|
+
const session = JSON.parse(cached)
|
|
22
|
+
if (session.agent !== agent) return null
|
|
23
|
+
return session
|
|
24
|
+
}
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
const tokenRecord = await db("user_access_tokens").where("id", tokenId).first()
|
|
29
|
+
|
|
30
|
+
if (!tokenRecord) return null
|
|
31
|
+
if (tokenRecord.agent !== agent) return null
|
|
32
|
+
|
|
33
|
+
const valid = await bcrypt.compare(plain, tokenRecord.token)
|
|
34
|
+
if (!valid) return null
|
|
35
|
+
|
|
36
|
+
await db("user_access_tokens").where("id", tokenRecord.id).update({ last_used_at: new Date(), last_used_ip: ip })
|
|
37
|
+
|
|
38
|
+
const user = await db("users").where("id", tokenRecord.user_id).first()
|
|
39
|
+
|
|
40
|
+
if (AUTH_CACHE) {
|
|
41
|
+
const redis = registry.get('redis')
|
|
42
|
+
if (redis) {
|
|
43
|
+
await redis.setex(
|
|
44
|
+
cacheKey,
|
|
45
|
+
AUTH_CACHE_TTL,
|
|
46
|
+
JSON.stringify({
|
|
47
|
+
user : user,
|
|
48
|
+
agent : tokenRecord.agent,
|
|
49
|
+
permissions : tokenRecord.permission,
|
|
50
|
+
})
|
|
51
|
+
)
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
|
|
55
|
+
return { user, token: tokenRecord, permissions: tokenRecord.permission }
|
|
56
|
+
}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import crypto from 'crypto'
|
|
2
|
+
import { db } from '@skalfa/skalfa-orm'
|
|
3
|
+
|
|
4
|
+
export async function verifyUserMailToken(userId: number, token: string) {
|
|
5
|
+
const hashedToken = crypto.createHash("sha256").update(token).digest("hex");
|
|
6
|
+
|
|
7
|
+
const record = await db.table("user_mail_tokens")
|
|
8
|
+
.where("user_id", userId)
|
|
9
|
+
.whereNull("used_at")
|
|
10
|
+
.orderBy("id", "desc")
|
|
11
|
+
.first();
|
|
12
|
+
|
|
13
|
+
if (!record) return false
|
|
14
|
+
|
|
15
|
+
if (record.token !== hashedToken) return false;
|
|
16
|
+
|
|
17
|
+
const createdAt = new Date(record.created_at);
|
|
18
|
+
const now = new Date();
|
|
19
|
+
const diffMinutes = (now.getTime() - createdAt.getTime()) / (1000 * 60);
|
|
20
|
+
|
|
21
|
+
if (diffMinutes > 10) return false;
|
|
22
|
+
|
|
23
|
+
return true;
|
|
24
|
+
}
|
package/src/commands/cli.ts
CHANGED
|
@@ -4,15 +4,16 @@ import { Command } from "commander";
|
|
|
4
4
|
|
|
5
5
|
// Basic commands (always available)
|
|
6
6
|
import { makeControllerCommand } from "./make/basic-controller";
|
|
7
|
-
import { makeLightControllerCommand } from "./make/
|
|
7
|
+
import { makeLightControllerCommand } from "./make/skalfa-controller";
|
|
8
8
|
import { barrelsCommand, watchBarrelsCommand } from "./runner/barrels";
|
|
9
9
|
|
|
10
10
|
// ORM commands (optional)
|
|
11
11
|
import { makeModelCommand } from "./make/basic-model";
|
|
12
12
|
import { makeSeederCommand } from "./make/basic-seeder";
|
|
13
13
|
import { makeMigrationCommand } from "./make/basic-migration";
|
|
14
|
-
import { makeLightModelCommand } from "./make/
|
|
14
|
+
import { makeLightModelCommand } from "./make/skalfa-model";
|
|
15
15
|
import { makeBlueprintCommand } from "./make/blueprint";
|
|
16
|
+
import { makeResourceCommand } from "./make/resource";
|
|
16
17
|
import { migrateCommand, migrateFreshCommand } from "./runner/migration";
|
|
17
18
|
import { seederCommand } from "./runner/seeder";
|
|
18
19
|
import { blueprintCommand } from "./runner/blueprint/runner";
|
|
@@ -42,7 +43,7 @@ export function runCli() {
|
|
|
42
43
|
const hasDa = !!dependencies["@skalfa/da"] || !!dependencies["skalfa-da"] || !!dependencies["@clickhouse/client"];
|
|
43
44
|
|
|
44
45
|
const program = new Command();
|
|
45
|
-
program.name("skalfa").description("Skalfa
|
|
46
|
+
program.name("skalfa").description("Skalfa-api CLI").version("1.0.0");
|
|
46
47
|
|
|
47
48
|
// 1. Add Core / Basic commands
|
|
48
49
|
program.addCommand(makeControllerCommand);
|
|
@@ -57,6 +58,7 @@ export function runCli() {
|
|
|
57
58
|
program.addCommand(makeSeederCommand);
|
|
58
59
|
program.addCommand(makeLightModelCommand);
|
|
59
60
|
program.addCommand(makeBlueprintCommand);
|
|
61
|
+
program.addCommand(makeResourceCommand);
|
|
60
62
|
program.addCommand(migrateCommand);
|
|
61
63
|
program.addCommand(migrateFreshCommand);
|
|
62
64
|
program.addCommand(seederCommand);
|
|
@@ -4,6 +4,8 @@ import { Command } from "commander";
|
|
|
4
4
|
import { conversion, logger } from "@utils";
|
|
5
5
|
import { basicControllerStub } from "../stubs";
|
|
6
6
|
|
|
7
|
+
|
|
8
|
+
|
|
7
9
|
// =====================================>
|
|
8
10
|
// ## Command: make:controller
|
|
9
11
|
// =====================================>
|
|
@@ -11,7 +13,7 @@ export const makeControllerCommand = new Command("make:controller")
|
|
|
11
13
|
.argument("<name>", "Name of controller")
|
|
12
14
|
.description("Create new controller")
|
|
13
15
|
.action((controllerName) => {
|
|
14
|
-
const basePath = path.join(process.cwd(), "
|
|
16
|
+
const basePath = path.join(process.cwd(), "app", "controllers");
|
|
15
17
|
|
|
16
18
|
if (!controllerName || controllerName.trim() === "") {
|
|
17
19
|
logger.error("Controller name invalid!");
|