@skalfa/skalfa-api-core 1.0.3 → 1.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CONTRIBUTING.md +45 -0
- package/LICENSE +21 -0
- package/README.md +60 -0
- package/dist/auth/auth.d.ts +18 -15
- package/dist/auth/auth.js +20 -203
- package/dist/auth/auth.js.map +1 -1
- package/dist/auth/create-access-token.d.ts +4 -0
- package/dist/auth/create-access-token.js +26 -0
- package/dist/auth/create-access-token.js.map +1 -0
- package/dist/auth/create-user-mail-token.d.ts +4 -0
- package/dist/auth/create-user-mail-token.js +19 -0
- package/dist/auth/create-user-mail-token.js.map +1 -0
- package/dist/auth/helpers/generate-agent-id.d.ts +1 -0
- package/dist/auth/helpers/generate-agent-id.js +7 -0
- package/dist/auth/helpers/generate-agent-id.js.map +1 -0
- package/dist/auth/helpers/get-request-ip.d.ts +1 -0
- package/dist/auth/helpers/get-request-ip.js +4 -0
- package/dist/auth/helpers/get-request-ip.js.map +1 -0
- package/dist/auth/helpers/get-user-permissions.d.ts +1 -0
- package/dist/auth/helpers/get-user-permissions.js +9 -0
- package/dist/auth/helpers/get-user-permissions.js.map +1 -0
- package/dist/auth/helpers/index.d.ts +3 -0
- package/dist/auth/helpers/index.js +4 -0
- package/dist/auth/helpers/index.js.map +1 -0
- package/dist/auth/list-user-sessions.d.ts +1 -0
- package/dist/auth/list-user-sessions.js +10 -0
- package/dist/auth/list-user-sessions.js.map +1 -0
- package/dist/auth/revalidate-user-permissions-by-role.d.ts +1 -0
- package/dist/auth/revalidate-user-permissions-by-role.js +12 -0
- package/dist/auth/revalidate-user-permissions-by-role.js.map +1 -0
- package/dist/auth/revalidate-user-permissions.d.ts +1 -0
- package/dist/auth/revalidate-user-permissions.js +21 -0
- package/dist/auth/revalidate-user-permissions.js.map +1 -0
- package/dist/auth/revoke-access-token.d.ts +1 -0
- package/dist/auth/revoke-access-token.js +5 -0
- package/dist/auth/revoke-access-token.js.map +1 -0
- package/dist/auth/verify-access-token.d.ts +1 -0
- package/dist/auth/verify-access-token.js +47 -0
- package/dist/auth/verify-access-token.js.map +1 -0
- package/dist/auth/verify-user-mail-token.d.ts +1 -0
- package/dist/auth/verify-user-mail-token.js +21 -0
- package/dist/auth/verify-user-mail-token.js.map +1 -0
- package/dist/commands/cli.js +18 -27
- package/dist/commands/cli.js.map +1 -1
- package/dist/commands/make/basic-controller.js +1 -1
- package/dist/commands/make/basic-controller.js.map +1 -1
- package/dist/commands/make/basic-migration.d.ts +1 -1
- package/dist/commands/make/basic-migration.js +2 -2
- package/dist/commands/make/basic-migration.js.map +1 -1
- package/dist/commands/make/basic-model.js +1 -1
- package/dist/commands/make/basic-model.js.map +1 -1
- package/dist/commands/make/basic-seeder.js +1 -1
- package/dist/commands/make/basic-seeder.js.map +1 -1
- package/dist/commands/make/blueprint.js +1 -1
- package/dist/commands/make/blueprint.js.map +1 -1
- package/dist/commands/make/da-migration.js +3 -3
- package/dist/commands/make/da-migration.js.map +1 -1
- package/dist/commands/make/mail.js +2 -2
- package/dist/commands/make/mail.js.map +1 -1
- package/dist/commands/make/notification.js +1 -1
- package/dist/commands/make/notification.js.map +1 -1
- package/dist/commands/make/queue.js +1 -1
- package/dist/commands/make/queue.js.map +1 -1
- package/dist/commands/make/resource.d.ts +2 -0
- package/dist/commands/make/resource.js +19 -0
- package/dist/commands/make/resource.js.map +1 -0
- package/dist/commands/make/skalfa-controller.d.ts +3 -0
- package/dist/commands/make/{light-controller.js → skalfa-controller.js} +9 -9
- package/dist/commands/make/skalfa-controller.js.map +1 -0
- package/dist/commands/make/skalfa-model.d.ts +3 -0
- package/dist/commands/make/{light-model.js → skalfa-model.js} +11 -11
- package/dist/commands/make/skalfa-model.js.map +1 -0
- package/dist/commands/runner/barrels.js.map +1 -1
- package/dist/commands/runner/blueprint/controller-generation.js +2 -2
- package/dist/commands/runner/blueprint/controller-generation.js.map +1 -1
- package/dist/commands/runner/blueprint/documentation-generation.js.map +1 -1
- package/dist/commands/runner/blueprint/migration-generation.js +3 -3
- package/dist/commands/runner/blueprint/migration-generation.js.map +1 -1
- package/dist/commands/runner/blueprint/model-generation.js +2 -2
- package/dist/commands/runner/blueprint/model-generation.js.map +1 -1
- package/dist/commands/runner/blueprint/runner.js +7 -8
- package/dist/commands/runner/blueprint/runner.js.map +1 -1
- package/dist/commands/runner/blueprint/seeder-generation.js +3 -3
- package/dist/commands/runner/blueprint/seeder-generation.js.map +1 -1
- package/dist/commands/runner/da-migration.js +1 -2
- package/dist/commands/runner/da-migration.js.map +1 -1
- package/dist/commands/runner/generate-docs.d.ts +2 -0
- package/dist/commands/runner/generate-docs.js +400 -0
- package/dist/commands/runner/generate-docs.js.map +1 -0
- package/dist/commands/runner/migration.js +1 -1
- package/dist/commands/runner/migration.js.map +1 -1
- package/dist/commands/runner/seeder.js +1 -1
- package/dist/commands/runner/seeder.js.map +1 -1
- package/dist/commands/stubs/index.d.ts +4 -4
- package/dist/commands/stubs/index.js +4 -4
- package/dist/commands/stubs/index.js.map +1 -1
- package/dist/context/context.js +6 -0
- package/dist/context/context.js.map +1 -1
- package/dist/controller/controller.d.ts +17 -30
- package/dist/controller/controller.js +39 -121
- package/dist/controller/controller.js.map +1 -1
- package/dist/controller/response.d.ts +6 -0
- package/dist/controller/response.js +63 -0
- package/dist/controller/response.js.map +1 -0
- package/dist/controller/storage.d.ts +9 -0
- package/dist/controller/storage.js +56 -0
- package/dist/controller/storage.js.map +1 -0
- package/dist/conversion/conversion.d.ts +3 -0
- package/dist/conversion/conversion.js +28 -4
- package/dist/conversion/conversion.js.map +1 -1
- package/dist/conversion/date.d.ts +1 -0
- package/dist/conversion/date.js +77 -0
- package/dist/conversion/date.js.map +1 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/logger/logger.js +33 -0
- package/dist/logger/logger.js.map +1 -1
- package/dist/mail/mail.js +6 -6
- package/dist/mail/mail.js.map +1 -1
- package/dist/middleware/access-log.d.ts +31 -0
- package/dist/middleware/access-log.js +13 -0
- package/dist/middleware/access-log.js.map +1 -0
- package/dist/middleware/auth.d.ts +37 -0
- package/dist/middleware/auth.js +16 -0
- package/dist/middleware/auth.js.map +1 -0
- package/dist/middleware/body-parse.d.ts +35 -0
- package/dist/middleware/body-parse.js +87 -0
- package/dist/middleware/body-parse.js.map +1 -0
- package/dist/middleware/context.d.ts +29 -0
- package/dist/middleware/context.js +8 -0
- package/dist/middleware/context.js.map +1 -0
- package/dist/middleware/cors.d.ts +31 -0
- package/dist/middleware/cors.js +27 -0
- package/dist/middleware/cors.js.map +1 -0
- package/dist/middleware/error-handler.d.ts +33 -0
- package/dist/middleware/error-handler.js +17 -0
- package/dist/middleware/error-handler.js.map +1 -0
- package/dist/middleware/middleware.d.ts +31 -10
- package/dist/middleware/middleware.js +41 -209
- package/dist/middleware/middleware.js.map +1 -1
- package/dist/middleware/private.d.ts +29 -0
- package/dist/middleware/private.js +8 -0
- package/dist/middleware/private.js.map +1 -0
- package/dist/middleware/rate-limiter.d.ts +32 -0
- package/dist/middleware/rate-limiter.js +30 -0
- package/dist/middleware/rate-limiter.js.map +1 -0
- package/dist/notification/index.d.ts +1 -0
- package/dist/notification/index.js +2 -0
- package/dist/notification/index.js.map +1 -0
- package/dist/notification/notification.d.ts +16 -0
- package/dist/notification/notification.js +64 -0
- package/dist/notification/notification.js.map +1 -0
- package/dist/permission/permission.js +9 -0
- package/dist/permission/permission.js.map +1 -1
- package/dist/registry/registry.d.ts +0 -6
- package/dist/registry/registry.js +6 -6
- package/dist/registry/registry.js.map +1 -1
- package/dist/storage/storage.d.ts +3 -3
- package/dist/storage/storage.js.map +1 -1
- package/dist/validation/validation.js +43 -51
- package/dist/validation/validation.js.map +1 -1
- package/package.json +4 -4
- package/src/auth/auth.ts +21 -252
- package/src/auth/create-access-token.ts +29 -0
- package/src/auth/create-user-mail-token.ts +24 -0
- package/src/auth/helpers/generate-agent-id.ts +8 -0
- package/src/auth/helpers/get-request-ip.ts +3 -0
- package/src/auth/helpers/get-user-permissions.ts +15 -0
- package/src/auth/helpers/index.ts +3 -0
- package/src/auth/list-user-sessions.ts +11 -0
- package/src/auth/revalidate-user-permissions-by-role.ts +13 -0
- package/src/auth/revalidate-user-permissions.ts +26 -0
- package/src/auth/revoke-access-token.ts +5 -0
- package/src/auth/verify-access-token.ts +56 -0
- package/src/auth/verify-user-mail-token.ts +24 -0
- package/src/commands/cli.ts +19 -29
- package/src/commands/make/basic-controller.ts +4 -2
- package/src/commands/make/basic-migration.ts +5 -3
- package/src/commands/make/basic-model.ts +3 -1
- package/src/commands/make/basic-seeder.ts +3 -1
- package/src/commands/make/blueprint.ts +3 -1
- package/src/commands/make/da-migration.ts +6 -5
- package/src/commands/make/mail.ts +4 -2
- package/src/commands/make/notification.ts +3 -1
- package/src/commands/make/queue.ts +3 -1
- package/src/commands/make/resource.ts +21 -0
- package/src/commands/make/{light-controller.ts → skalfa-controller.ts} +10 -8
- package/src/commands/make/{light-model.ts → skalfa-model.ts} +12 -10
- package/src/commands/runner/barrels.ts +4 -0
- package/src/commands/runner/blueprint/controller-generation.ts +4 -2
- package/src/commands/runner/blueprint/documentation-generation.ts +2 -0
- package/src/commands/runner/blueprint/migration-generation.ts +5 -3
- package/src/commands/runner/blueprint/model-generation.ts +4 -2
- package/src/commands/runner/blueprint/runner.ts +15 -8
- package/src/commands/runner/blueprint/seeder-generation.ts +5 -3
- package/src/commands/runner/da-migration.ts +3 -2
- package/src/commands/runner/generate-docs.ts +495 -0
- package/src/commands/runner/migration.ts +1 -1
- package/src/commands/runner/seeder.ts +1 -1
- package/src/commands/stubs/index.ts +4 -4
- package/src/context/context.ts +23 -17
- package/src/controller/controller.ts +124 -239
- package/src/controller/response.ts +78 -0
- package/src/controller/storage.ts +78 -0
- package/src/conversion/conversion.ts +90 -64
- package/src/conversion/date.ts +74 -0
- package/src/index.ts +2 -0
- package/src/logger/logger.ts +217 -176
- package/src/mail/mail.ts +85 -85
- package/src/middleware/access-log.ts +15 -0
- package/src/middleware/auth.ts +19 -0
- package/src/middleware/body-parse.ts +83 -0
- package/src/middleware/context.ts +11 -0
- package/src/middleware/cors.ts +31 -0
- package/src/middleware/error-handler.ts +20 -0
- package/src/middleware/middleware.ts +91 -288
- package/src/middleware/private.ts +8 -0
- package/src/middleware/rate-limiter.ts +41 -0
- package/src/notification/index.ts +1 -0
- package/src/notification/notification.ts +86 -0
- package/src/permission/permission.ts +140 -136
- package/src/registry/registry.ts +17 -15
- package/src/route/route.ts +11 -11
- package/src/storage/storage.ts +104 -106
- package/src/validation/validation.ts +322 -346
- package/dist/auth.util.d.ts +0 -19
- package/dist/auth.util.js +0 -183
- package/dist/auth.util.js.map +0 -1
- package/dist/commands/make/light-controller.d.ts +0 -3
- package/dist/commands/make/light-controller.js.map +0 -1
- package/dist/commands/make/light-model.d.ts +0 -3
- package/dist/commands/make/light-model.js.map +0 -1
- package/dist/context.util.d.ts +0 -7
- package/dist/context.util.js +0 -11
- package/dist/context.util.js.map +0 -1
- package/dist/controller.util.d.ts +0 -118
- package/dist/controller.util.js +0 -144
- package/dist/controller.util.js.map +0 -1
- package/dist/conversion.util.d.ts +0 -8
- package/dist/conversion.util.js +0 -52
- package/dist/conversion.util.js.map +0 -1
- package/dist/db/db.d.ts +0 -84
- package/dist/db/db.js +0 -177
- package/dist/db/db.js.map +0 -1
- package/dist/db/index.d.ts +0 -1
- package/dist/db/index.js +0 -2
- package/dist/db/index.js.map +0 -1
- package/dist/db.util.d.ts +0 -84
- package/dist/db.util.js +0 -177
- package/dist/db.util.js.map +0 -1
- package/dist/logger.util.d.ts +0 -30
- package/dist/logger.util.js +0 -126
- package/dist/logger.util.js.map +0 -1
- package/dist/mail.util.d.ts +0 -21
- package/dist/mail.util.js +0 -53
- package/dist/mail.util.js.map +0 -1
- package/dist/middleware.util.d.ts +0 -263
- package/dist/middleware.util.js +0 -233
- package/dist/middleware.util.js.map +0 -1
- package/dist/model/index.d.ts +0 -3
- package/dist/model/index.js +0 -4
- package/dist/model/index.js.map +0 -1
- package/dist/model/model.d.ts +0 -204
- package/dist/model/model.js +0 -1495
- package/dist/model/model.js.map +0 -1
- package/dist/model.util.d.ts +0 -204
- package/dist/model.util.js +0 -1495
- package/dist/model.util.js.map +0 -1
- package/dist/permission.util.d.ts +0 -38
- package/dist/permission.util.js +0 -91
- package/dist/permission.util.js.map +0 -1
- package/dist/registry.util.d.ts +0 -28
- package/dist/registry.util.js +0 -19
- package/dist/registry.util.js.map +0 -1
- package/dist/route.util.d.ts +0 -1
- package/dist/route.util.js +0 -12
- package/dist/route.util.js.map +0 -1
- package/dist/storage.util.d.ts +0 -56
- package/dist/storage.util.js +0 -82
- package/dist/storage.util.js.map +0 -1
- package/dist/validation.util.d.ts +0 -7
- package/dist/validation.util.js +0 -237
- package/dist/validation.util.js.map +0 -1
package/CONTRIBUTING.md
ADDED
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
# Contributing to @skalfa/skalfa-api-core
|
|
2
|
+
|
|
3
|
+
Thank you for your interest in contributing to Skalfa! We welcome contributions from the community to help make Skalfa the premier development framework.
|
|
4
|
+
|
|
5
|
+
## How to Contribute
|
|
6
|
+
|
|
7
|
+
To contribute to this package, please follow these standard open-source steps:
|
|
8
|
+
|
|
9
|
+
### 1. Fork the Repository
|
|
10
|
+
Fork the official Skalfa repository on GitHub to your personal account.
|
|
11
|
+
|
|
12
|
+
### 2. Clone Your Fork
|
|
13
|
+
Clone your personal fork to your local machine:
|
|
14
|
+
```bash
|
|
15
|
+
git clone https://github.com/your-username/skalfa.git
|
|
16
|
+
cd skalfa
|
|
17
|
+
```
|
|
18
|
+
|
|
19
|
+
### 3. Create a Feature Branch
|
|
20
|
+
Create a new branch for your feature or bugfix:
|
|
21
|
+
```bash
|
|
22
|
+
git checkout -b feature/amazing-new-feature
|
|
23
|
+
```
|
|
24
|
+
*(Use `bugfix/issue-description` for bugfixes).*
|
|
25
|
+
|
|
26
|
+
### 4. Implement and Commit Your Changes
|
|
27
|
+
Make your changes in the codebase. Write clean, formatted code and ensure all tests and typechecks pass. Commit your changes using semantic commit messages:
|
|
28
|
+
```bash
|
|
29
|
+
git commit -m "feat: add amazing new feature"
|
|
30
|
+
```
|
|
31
|
+
*(Use `fix: description` for bugfixes, and `docs: description` for documentation updates).*
|
|
32
|
+
|
|
33
|
+
### 5. Push to GitHub
|
|
34
|
+
Push your branch to your personal fork on GitHub:
|
|
35
|
+
```bash
|
|
36
|
+
git push origin feature/amazing-new-feature
|
|
37
|
+
```
|
|
38
|
+
|
|
39
|
+
### 6. Submit a Pull Request (PR)
|
|
40
|
+
Go to the official Skalfa repository on GitHub. You will see a prompt to submit a pull request. Click "New Pull Request", describe your changes in detail, link any related issues, and submit it for review by the maintainers.
|
|
41
|
+
|
|
42
|
+
## Guidelines
|
|
43
|
+
* **Code Style**: Ensure your code conforms to the project's ESLint rules and formatting guidelines.
|
|
44
|
+
* **Type Safety**: Write strict, type-safe TypeScript. Do not bypass the compiler.
|
|
45
|
+
* **Testing**: Run local tests and verify that the build compiles with 0 errors before submitting a PR.
|
package/LICENSE
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 Skalfa
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
package/README.md
ADDED
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
<p align="center">
|
|
2
|
+
<img src="https://skalfa.sejedigital.com/images/logo-skalfa.png" alt="Skalfa Logo" width="300" />
|
|
3
|
+
</p>
|
|
4
|
+
|
|
5
|
+
# @skalfa/skalfa-api-core
|
|
6
|
+
|
|
7
|
+
> Core framework engine and foundational utilities for the Skalfa API backend.
|
|
8
|
+
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
## About this Package
|
|
12
|
+
|
|
13
|
+
This package is part of the **Skalfa Framework**, a premium development ecosystem designed to build high-performance, modular web applications and APIs.
|
|
14
|
+
|
|
15
|
+
### Usage Scope & Standalone Status
|
|
16
|
+
> 🔒 **Skalfa Ecosystem Integration:** This package is designed to run **integrated within the Skalfa ecosystem** (such as Skalfa API or Skalfa App). It relies on the global service registry and core framework abstractions to operate.
|
|
17
|
+
|
|
18
|
+
---
|
|
19
|
+
|
|
20
|
+
## Documentation
|
|
21
|
+
|
|
22
|
+
See the usage documentation at [Documentation](https://skalfa.sejedigital.com).
|
|
23
|
+
|
|
24
|
+
---
|
|
25
|
+
|
|
26
|
+
## Installation
|
|
27
|
+
|
|
28
|
+
You can install this package using your preferred package manager:
|
|
29
|
+
|
|
30
|
+
```bash
|
|
31
|
+
# Using npm
|
|
32
|
+
npm install @skalfa/skalfa-api-core
|
|
33
|
+
|
|
34
|
+
# Using bun
|
|
35
|
+
bun add @skalfa/skalfa-api-core
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
---
|
|
39
|
+
|
|
40
|
+
## Pre-installed Dependencies
|
|
41
|
+
|
|
42
|
+
The following key dependencies are packaged and managed within this project:
|
|
43
|
+
|
|
44
|
+
| Dependency | Scope | Version |
|
|
45
|
+
| :--- | :--- | :--- |
|
|
46
|
+
| `@skalfa/skalfa-orm` | runtime | `file:../skalfa-orm` |
|
|
47
|
+
| `bcrypt` | runtime | `^6.0.0` |
|
|
48
|
+
| `commander` | runtime | `^12.1.0` |
|
|
49
|
+
| `dotenv` | runtime | `^17.2.2` |
|
|
50
|
+
| `elysia` | runtime | `^1.2.0` |
|
|
51
|
+
| `nodemailer` | runtime | `^7.0.9` |
|
|
52
|
+
| `validator` | runtime | `^13.15.15` |
|
|
53
|
+
| `@types/node` | development | `^26.0.0` |
|
|
54
|
+
| `typescript` | development | `^6.0.3` |
|
|
55
|
+
|
|
56
|
+
---
|
|
57
|
+
|
|
58
|
+
## License
|
|
59
|
+
|
|
60
|
+
This package is licensed under the **MIT License**. For full license text, see the [LICENSE](LICENSE) file.
|
package/dist/auth/auth.d.ts
CHANGED
|
@@ -1,19 +1,22 @@
|
|
|
1
|
+
import { createAccessToken } from './create-access-token';
|
|
2
|
+
import { revokeAccessToken } from './revoke-access-token';
|
|
3
|
+
import { verifyAccessToken } from './verify-access-token';
|
|
4
|
+
import { createUserMailToken } from './create-user-mail-token';
|
|
5
|
+
import { verifyUserMailToken } from './verify-user-mail-token';
|
|
6
|
+
import { listUserSessions } from './list-user-sessions';
|
|
7
|
+
import { revalidateUserPermissions } from './revalidate-user-permissions';
|
|
8
|
+
import { revalidateUserPermissionsByRole } from './revalidate-user-permissions-by-role';
|
|
9
|
+
export declare const TOKEN_PLAIN_LENGTH = 20;
|
|
10
|
+
export declare const AUTH_PERMISSION: boolean;
|
|
11
|
+
export declare const AUTH_CACHE: boolean;
|
|
12
|
+
export declare const AUTH_CACHE_TTL: number;
|
|
1
13
|
export declare const auth: {
|
|
2
|
-
createAccessToken
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
createUserMailToken(userId: number): Promise<{
|
|
9
|
-
token: string;
|
|
10
|
-
tokenId: any;
|
|
11
|
-
}>;
|
|
12
|
-
verifyUserMailToken(userId: number, token: string): Promise<boolean>;
|
|
13
|
-
listUserSessions(userId: number, currentTokenId?: number): Promise<any[]>;
|
|
14
|
+
createAccessToken: typeof createAccessToken;
|
|
15
|
+
revokeAccessToken: typeof revokeAccessToken;
|
|
16
|
+
verifyAccessToken: typeof verifyAccessToken;
|
|
17
|
+
createUserMailToken: typeof createUserMailToken;
|
|
18
|
+
verifyUserMailToken: typeof verifyUserMailToken;
|
|
19
|
+
listUserSessions: typeof listUserSessions;
|
|
14
20
|
revalidateUserPermissions: typeof revalidateUserPermissions;
|
|
15
21
|
revalidateUserPermissionsByRole: typeof revalidateUserPermissionsByRole;
|
|
16
22
|
};
|
|
17
|
-
declare function revalidateUserPermissions(userId: number): Promise<void>;
|
|
18
|
-
declare function revalidateUserPermissionsByRole(roleId: number): Promise<void>;
|
|
19
|
-
export {};
|
package/dist/auth/auth.js
CHANGED
|
@@ -1,227 +1,44 @@
|
|
|
1
|
-
import
|
|
2
|
-
import
|
|
3
|
-
import {
|
|
4
|
-
import {
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
const
|
|
10
|
-
const
|
|
11
|
-
const
|
|
1
|
+
import { createAccessToken } from './create-access-token';
|
|
2
|
+
import { revokeAccessToken } from './revoke-access-token';
|
|
3
|
+
import { verifyAccessToken } from './verify-access-token';
|
|
4
|
+
import { createUserMailToken } from './create-user-mail-token';
|
|
5
|
+
import { verifyUserMailToken } from './verify-user-mail-token';
|
|
6
|
+
import { listUserSessions } from './list-user-sessions';
|
|
7
|
+
import { revalidateUserPermissions } from './revalidate-user-permissions';
|
|
8
|
+
import { revalidateUserPermissionsByRole } from './revalidate-user-permissions-by-role';
|
|
9
|
+
export const TOKEN_PLAIN_LENGTH = 20;
|
|
10
|
+
export const AUTH_PERMISSION = process.env.AUTH_CACHE === "true";
|
|
11
|
+
export const AUTH_CACHE = process.env.AUTH_CACHE === "true";
|
|
12
|
+
export const AUTH_CACHE_TTL = Number(process.env.AUTH_CACHE_TTL || 600);
|
|
12
13
|
export const auth = {
|
|
13
14
|
// =====================================>
|
|
14
15
|
// ## Auth: create access token with user id
|
|
15
16
|
// =====================================>
|
|
16
|
-
|
|
17
|
-
const plain = crypto.randomBytes(TOKEN_PLAIN_LENGTH).toString("hex");
|
|
18
|
-
const hash = await bcrypt.hash(plain, 10);
|
|
19
|
-
const agent = generateAgentId(req);
|
|
20
|
-
if (!db) {
|
|
21
|
-
// get user from db (fallback / stub for no ORM)
|
|
22
|
-
return {
|
|
23
|
-
token: `1|${plain}`,
|
|
24
|
-
tokenId: 1,
|
|
25
|
-
};
|
|
26
|
-
}
|
|
27
|
-
let permissions = [];
|
|
28
|
-
if (AUTH_PERMISSION && permission) {
|
|
29
|
-
permissions = await getUserPermissions(userId);
|
|
30
|
-
}
|
|
31
|
-
const [row] = await db("user_access_tokens").insert({
|
|
32
|
-
user_id: userId,
|
|
33
|
-
token: hash,
|
|
34
|
-
agent: agent,
|
|
35
|
-
permissions: JSON.stringify(permissions),
|
|
36
|
-
created_at: new Date(),
|
|
37
|
-
}).returning(["id"]);
|
|
38
|
-
return {
|
|
39
|
-
token: `${row.id}|${plain}`,
|
|
40
|
-
tokenId: row.id,
|
|
41
|
-
};
|
|
42
|
-
},
|
|
17
|
+
createAccessToken,
|
|
43
18
|
// =====================================>
|
|
44
19
|
// ## Auth: delete access token with user id
|
|
45
20
|
// =====================================>
|
|
46
|
-
|
|
47
|
-
if (!db) {
|
|
48
|
-
// delete user access token from db (stub for no ORM)
|
|
49
|
-
return;
|
|
50
|
-
}
|
|
51
|
-
return db.table('user_access_tokens').where("id", id).delete();
|
|
52
|
-
},
|
|
21
|
+
revokeAccessToken,
|
|
53
22
|
// =====================================>
|
|
54
23
|
// ## Auth: verify access token
|
|
55
24
|
// =====================================>
|
|
56
|
-
|
|
57
|
-
if (!token.includes("|"))
|
|
58
|
-
return null;
|
|
59
|
-
const [tokenId, plain] = token.split("|", 2);
|
|
60
|
-
const agent = req ? generateAgentId(req) : "";
|
|
61
|
-
const ip = req ? getRequestIp(req) : "";
|
|
62
|
-
const cacheKey = `auth:token:${tokenId}`;
|
|
63
|
-
if (AUTH_CACHE) {
|
|
64
|
-
const redis = registry.get('redis');
|
|
65
|
-
if (redis) {
|
|
66
|
-
const cached = await redis.get(cacheKey);
|
|
67
|
-
if (cached) {
|
|
68
|
-
const session = JSON.parse(cached);
|
|
69
|
-
if (session.agent !== agent)
|
|
70
|
-
return null;
|
|
71
|
-
return session;
|
|
72
|
-
}
|
|
73
|
-
}
|
|
74
|
-
}
|
|
75
|
-
if (!db) {
|
|
76
|
-
// get user and token from db (stub for no ORM)
|
|
77
|
-
const user = { id: 1, name: "Admin", email: "admin@example.com" };
|
|
78
|
-
const tokenRecord = { id: Number(tokenId), agent, permission: [] };
|
|
79
|
-
return { user, token: tokenRecord, permissions: [] };
|
|
80
|
-
}
|
|
81
|
-
const tokenRecord = await db("user_access_tokens").where("id", tokenId).first();
|
|
82
|
-
if (!tokenRecord)
|
|
83
|
-
return null;
|
|
84
|
-
if (tokenRecord.agent !== agent)
|
|
85
|
-
return null;
|
|
86
|
-
const valid = await bcrypt.compare(plain, tokenRecord.token);
|
|
87
|
-
if (!valid)
|
|
88
|
-
return null;
|
|
89
|
-
await db("user_access_tokens").where("id", tokenRecord.id).update({ last_used_at: new Date(), last_used_ip: ip });
|
|
90
|
-
const user = await db("users").where("id", tokenRecord.user_id).first();
|
|
91
|
-
if (AUTH_CACHE) {
|
|
92
|
-
const redis = registry.get('redis');
|
|
93
|
-
if (redis) {
|
|
94
|
-
await redis.setex(cacheKey, AUTH_CACHE_TTL, JSON.stringify({
|
|
95
|
-
user: user,
|
|
96
|
-
agent: tokenRecord.agent,
|
|
97
|
-
permissions: tokenRecord.permission,
|
|
98
|
-
}));
|
|
99
|
-
}
|
|
100
|
-
}
|
|
101
|
-
return { user, token: tokenRecord, permissions: tokenRecord.permission };
|
|
102
|
-
},
|
|
25
|
+
verifyAccessToken,
|
|
103
26
|
// =====================================>
|
|
104
27
|
// ## Auth: create user mail token
|
|
105
28
|
// =====================================>
|
|
106
|
-
|
|
107
|
-
const token = Math.floor(100000 + Math.random() * 900000).toString();
|
|
108
|
-
if (!db) {
|
|
109
|
-
// create user mail token in db (stub for no ORM)
|
|
110
|
-
return {
|
|
111
|
-
token: token,
|
|
112
|
-
tokenId: 1
|
|
113
|
-
};
|
|
114
|
-
}
|
|
115
|
-
const hash = crypto.createHash('sha256').update(token).digest('hex');
|
|
116
|
-
const trx = await db.transaction();
|
|
117
|
-
await trx.table('user_mail_tokens').insert({
|
|
118
|
-
user_id: userId,
|
|
119
|
-
token: hash,
|
|
120
|
-
created_at: new Date(),
|
|
121
|
-
});
|
|
122
|
-
const record = await trx.table('user_mail_tokens').orderBy('id', 'desc').first();
|
|
123
|
-
await trx.commit();
|
|
124
|
-
return {
|
|
125
|
-
token: token,
|
|
126
|
-
tokenId: record.id
|
|
127
|
-
};
|
|
128
|
-
},
|
|
29
|
+
createUserMailToken,
|
|
129
30
|
// =====================================>
|
|
130
31
|
// ## Auth: Verify user mail token
|
|
131
32
|
// =====================================>
|
|
132
|
-
|
|
133
|
-
if (!db) {
|
|
134
|
-
// verify user mail token in db (stub for no ORM)
|
|
135
|
-
return true;
|
|
136
|
-
}
|
|
137
|
-
const hashedToken = crypto.createHash("sha256").update(token).digest("hex");
|
|
138
|
-
const record = await db.table("user_mail_tokens")
|
|
139
|
-
.where("user_id", userId)
|
|
140
|
-
.whereNull("used_at")
|
|
141
|
-
.orderBy("id", "desc")
|
|
142
|
-
.first();
|
|
143
|
-
if (!record)
|
|
144
|
-
return false;
|
|
145
|
-
if (record.token !== hashedToken)
|
|
146
|
-
return false;
|
|
147
|
-
const createdAt = new Date(record.created_at);
|
|
148
|
-
const now = new Date();
|
|
149
|
-
const diffMinutes = (now.getTime() - createdAt.getTime()) / (1000 * 60);
|
|
150
|
-
if (diffMinutes > 10)
|
|
151
|
-
return false;
|
|
152
|
-
return true;
|
|
153
|
-
},
|
|
33
|
+
verifyUserMailToken,
|
|
154
34
|
// =====================================>
|
|
155
35
|
// ## Auth: list user sessions
|
|
156
36
|
// =====================================>
|
|
157
|
-
|
|
158
|
-
if (!db) {
|
|
159
|
-
// list user sessions from db (stub for no ORM)
|
|
160
|
-
return [];
|
|
161
|
-
}
|
|
162
|
-
const rows = await db("user_access_tokens").select(["id", "agent", "created_at", "last_used_at", "last_used_ip", "expired_at"]).where("user_id", userId).orderBy("last_used_at", "desc");
|
|
163
|
-
return rows.map((r) => ({
|
|
164
|
-
...r,
|
|
165
|
-
is_active: r.revoked_at === null,
|
|
166
|
-
is_current: r.id === currentTokenId,
|
|
167
|
-
}));
|
|
168
|
-
},
|
|
37
|
+
listUserSessions,
|
|
169
38
|
// =====================================>
|
|
170
39
|
// ## Auth: revalidate user permission
|
|
171
40
|
// =====================================>
|
|
172
|
-
revalidateUserPermissions
|
|
173
|
-
revalidateUserPermissionsByRole
|
|
41
|
+
revalidateUserPermissions,
|
|
42
|
+
revalidateUserPermissionsByRole,
|
|
174
43
|
};
|
|
175
|
-
function generateAgentId(req) {
|
|
176
|
-
const ua = req.headers.get("user-agent") ?? "";
|
|
177
|
-
const acc = req.headers.get("accept") ?? "";
|
|
178
|
-
return crypto.createHash("sha256").update(ua + acc).digest("hex");
|
|
179
|
-
}
|
|
180
|
-
function getRequestIp(req) {
|
|
181
|
-
return (req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() || req.headers.get("x-real-ip") || "unknown");
|
|
182
|
-
}
|
|
183
|
-
async function getUserPermissions(userId) {
|
|
184
|
-
if (!db) {
|
|
185
|
-
// get user permissions from db (stub for no ORM)
|
|
186
|
-
return [];
|
|
187
|
-
}
|
|
188
|
-
const roleIds = await db("user_roles").where("user_id", userId).pluck("role_id");
|
|
189
|
-
if (roleIds.length === 0)
|
|
190
|
-
return [];
|
|
191
|
-
const rows = await db("permissions").whereIn("role_id", roleIds).pluck("permissions");
|
|
192
|
-
return Array.from(new Set(rows.flatMap((p) => p ?? [])));
|
|
193
|
-
}
|
|
194
|
-
async function revalidateUserPermissions(userId) {
|
|
195
|
-
if (!db) {
|
|
196
|
-
// revalidate user permissions in db (stub for no ORM)
|
|
197
|
-
return;
|
|
198
|
-
}
|
|
199
|
-
const permissions = await getUserPermissions(userId);
|
|
200
|
-
const tokenIds = await db("user_access_tokens").where("user_id", userId).pluck("id");
|
|
201
|
-
if (tokenIds.length === 0)
|
|
202
|
-
return;
|
|
203
|
-
await db("user_access_tokens").whereIn("id", tokenIds).update({
|
|
204
|
-
permissions: JSON.stringify(permissions),
|
|
205
|
-
updated_at: new Date(),
|
|
206
|
-
});
|
|
207
|
-
if (AUTH_CACHE) {
|
|
208
|
-
const redis = registry.get('redis');
|
|
209
|
-
if (redis) {
|
|
210
|
-
await Promise.all(tokenIds.map((id) => redis.del(`auth:token:${id}`)));
|
|
211
|
-
}
|
|
212
|
-
}
|
|
213
|
-
}
|
|
214
|
-
async function revalidateUserPermissionsByRole(roleId) {
|
|
215
|
-
if (!db) {
|
|
216
|
-
// revalidate user permissions by role in db (stub for no ORM)
|
|
217
|
-
return;
|
|
218
|
-
}
|
|
219
|
-
const userIds = await db("user_roles").where("role_id", roleId).pluck("user_id");
|
|
220
|
-
const queue = registry.get('queue');
|
|
221
|
-
if (queue) {
|
|
222
|
-
for (const userId of userIds) {
|
|
223
|
-
await queue.add("auth:revalidate-permission", { userId });
|
|
224
|
-
}
|
|
225
|
-
}
|
|
226
|
-
}
|
|
227
44
|
//# sourceMappingURL=auth.js.map
|
package/dist/auth/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/auth/auth.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/auth/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAA;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAA;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAA;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAA;AACzE,OAAO,EAAE,+BAA+B,EAAE,MAAM,uCAAuC,CAAA;AAEvF,MAAM,CAAC,MAAM,kBAAkB,GAAK,EAAE,CAAA;AACtC,MAAM,CAAC,MAAM,eAAe,GAAQ,OAAO,CAAC,GAAG,CAAC,UAAU,KAAO,MAAM,CAAA;AACvE,MAAM,CAAC,MAAM,UAAU,GAAa,OAAO,CAAC,GAAG,CAAC,UAAU,KAAO,MAAM,CAAA;AACvE,MAAM,CAAC,MAAM,cAAc,GAAS,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,GAAG,CAAC,CAAA;AAE7E,MAAM,CAAC,MAAM,IAAI,GAAG;IAClB,yCAAyC;IACzC,4CAA4C;IAC5C,yCAAyC;IACzC,iBAAiB;IAEjB,yCAAyC;IACzC,4CAA4C;IAC5C,yCAAyC;IACzC,iBAAiB;IAEjB,yCAAyC;IACzC,+BAA+B;IAC/B,yCAAyC;IACzC,iBAAiB;IAEjB,yCAAyC;IACzC,kCAAkC;IAClC,yCAAyC;IACzC,mBAAmB;IAEnB,yCAAyC;IACzC,kCAAkC;IAClC,yCAAyC;IACzC,mBAAmB;IAEnB,yCAAyC;IACzC,8BAA8B;IAC9B,yCAAyC;IACzC,gBAAgB;IAEhB,yCAAyC;IACzC,sCAAsC;IACtC,yCAAyC;IACzC,yBAAyB;IACzB,+BAA+B;CAChC,CAAA"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
import crypto from 'crypto';
|
|
2
|
+
import bcrypt from "bcrypt";
|
|
3
|
+
import { db } from '@skalfa/skalfa-orm';
|
|
4
|
+
import { TOKEN_PLAIN_LENGTH, AUTH_PERMISSION } from './auth';
|
|
5
|
+
import { getUserPermissions, generateAgentId } from './helpers';
|
|
6
|
+
export async function createAccessToken(userId, req, permission = true) {
|
|
7
|
+
const plain = crypto.randomBytes(TOKEN_PLAIN_LENGTH).toString("hex");
|
|
8
|
+
const hash = await bcrypt.hash(plain, 10);
|
|
9
|
+
const agent = generateAgentId(req);
|
|
10
|
+
let permissions = [];
|
|
11
|
+
if (AUTH_PERMISSION && permission) {
|
|
12
|
+
permissions = await getUserPermissions(userId);
|
|
13
|
+
}
|
|
14
|
+
const [row] = await db("user_access_tokens").insert({
|
|
15
|
+
user_id: userId,
|
|
16
|
+
token: hash,
|
|
17
|
+
agent: agent,
|
|
18
|
+
permissions: JSON.stringify(permissions),
|
|
19
|
+
created_at: new Date(),
|
|
20
|
+
}).returning(["id"]);
|
|
21
|
+
return {
|
|
22
|
+
token: `${row.id}|${plain}`,
|
|
23
|
+
tokenId: row.id,
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
//# sourceMappingURL=create-access-token.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"create-access-token.js","sourceRoot":"","sources":["../../src/auth/create-access-token.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AACvC,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,QAAQ,CAAA;AAC5D,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AAE/D,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAc,EAAE,GAAY,EAAE,aAAsB,IAAI;IAC9F,MAAM,KAAK,GAAK,MAAM,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IACtE,MAAM,IAAI,GAAM,MAAM,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IAC5C,MAAM,KAAK,GAAK,eAAe,CAAC,GAAG,CAAC,CAAA;IAEpC,IAAI,WAAW,GAAa,EAAE,CAAA;IAC9B,IAAI,eAAe,IAAI,UAAU,EAAE,CAAC;QAClC,WAAW,GAAG,MAAM,kBAAkB,CAAC,MAAM,CAAC,CAAA;IAChD,CAAC;IAED,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,EAAE,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC;QAClD,OAAO,EAAS,MAAM;QACtB,KAAK,EAAW,IAAI;QACpB,KAAK,EAAW,KAAK;QACrB,WAAW,EAAK,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;QAC3C,UAAU,EAAM,IAAI,IAAI,EAAE;KAC3B,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA;IAEpB,OAAO;QACL,KAAK,EAAO,GAAG,GAAG,CAAC,EAAE,IAAI,KAAK,EAAE;QAChC,OAAO,EAAK,GAAG,CAAC,EAAE;KACnB,CAAA;AACH,CAAC"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import crypto from 'crypto';
|
|
2
|
+
import { db } from '@skalfa/skalfa-orm';
|
|
3
|
+
export async function createUserMailToken(userId) {
|
|
4
|
+
const token = Math.floor(100000 + Math.random() * 900000).toString();
|
|
5
|
+
const hash = crypto.createHash('sha256').update(token).digest('hex');
|
|
6
|
+
const trx = await db.transaction();
|
|
7
|
+
await trx.table('user_mail_tokens').insert({
|
|
8
|
+
user_id: userId,
|
|
9
|
+
token: hash,
|
|
10
|
+
created_at: new Date(),
|
|
11
|
+
});
|
|
12
|
+
const record = await trx.table('user_mail_tokens').orderBy('id', 'desc').first();
|
|
13
|
+
await trx.commit();
|
|
14
|
+
return {
|
|
15
|
+
token: token,
|
|
16
|
+
tokenId: record.id
|
|
17
|
+
};
|
|
18
|
+
}
|
|
19
|
+
//# sourceMappingURL=create-user-mail-token.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"create-user-mail-token.js","sourceRoot":"","sources":["../../src/auth/create-user-mail-token.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AAEvC,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,MAAc;IACtD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAA;IAEpE,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACpE,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,WAAW,EAAE,CAAA;IAElC,MAAM,GAAG,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;QACzC,OAAO,EAAO,MAAM;QACpB,KAAK,EAAS,IAAI;QAClB,UAAU,EAAI,IAAI,IAAI,EAAE;KACzB,CAAC,CAAA;IAEF,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,KAAK,EAAE,CAAA;IAEhF,MAAM,GAAG,CAAC,MAAM,EAAE,CAAA;IAElB,OAAO;QACL,KAAK,EAAM,KAAK;QAChB,OAAO,EAAI,MAAM,CAAC,EAAE;KACrB,CAAA;AACH,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function generateAgentId(req: Request): string;
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import crypto from 'crypto';
|
|
2
|
+
export function generateAgentId(req) {
|
|
3
|
+
const ua = req.headers.get("user-agent") ?? "";
|
|
4
|
+
const acc = req.headers.get("accept") ?? "";
|
|
5
|
+
return crypto.createHash("sha256").update(ua + acc).digest("hex");
|
|
6
|
+
}
|
|
7
|
+
//# sourceMappingURL=generate-agent-id.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"generate-agent-id.js","sourceRoot":"","sources":["../../../src/auth/helpers/generate-agent-id.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAE3B,MAAM,UAAU,eAAe,CAAC,GAAY;IAC1C,MAAM,EAAE,GAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAM,EAAE,CAAA;IACnD,MAAM,GAAG,GAAK,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAU,EAAE,CAAA;IAEnD,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACnE,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function getRequestIp(req: Request): string;
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"get-request-ip.js","sourceRoot":"","sources":["../../../src/auth/helpers/get-request-ip.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,YAAY,CAAC,GAAY;IACvC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,SAAS,CAAC,CAAA;AACjH,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function getUserPermissions(userId: number): Promise<string[]>;
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { db } from '@skalfa/skalfa-orm';
|
|
2
|
+
export async function getUserPermissions(userId) {
|
|
3
|
+
const roleIds = await db("user_roles").where("user_id", userId).pluck("role_id");
|
|
4
|
+
if (roleIds.length === 0)
|
|
5
|
+
return [];
|
|
6
|
+
const rows = await db("permissions").whereIn("role_id", roleIds).pluck("permissions");
|
|
7
|
+
return Array.from(new Set(rows.flatMap((p) => p ?? [])));
|
|
8
|
+
}
|
|
9
|
+
//# sourceMappingURL=get-user-permissions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"get-user-permissions.js","sourceRoot":"","sources":["../../../src/auth/helpers/get-user-permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AAEvC,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,MAAc;IACrD,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IAEhF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IAEnC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;IAErF,OAAO,KAAK,CAAC,IAAI,CACf,IAAI,GAAG,CACL,IAAI,CAAC,OAAO,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAClC,CACF,CAAA;AACH,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/auth/helpers/index.ts"],"names":[],"mappings":"AAAA,cAAc,qBAAqB,CAAA;AACnC,cAAc,kBAAkB,CAAA;AAChC,cAAc,wBAAwB,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function listUserSessions(userId: number, currentTokenId?: number): Promise<any[]>;
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { db } from '@skalfa/skalfa-orm';
|
|
2
|
+
export async function listUserSessions(userId, currentTokenId) {
|
|
3
|
+
const rows = await db("user_access_tokens").select(["id", "agent", "created_at", "last_used_at", "last_used_ip", "expired_at"]).where("user_id", userId).orderBy("last_used_at", "desc");
|
|
4
|
+
return rows.map((r) => ({
|
|
5
|
+
...r,
|
|
6
|
+
is_active: r.revoked_at === null,
|
|
7
|
+
is_current: r.id === currentTokenId,
|
|
8
|
+
}));
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=list-user-sessions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"list-user-sessions.js","sourceRoot":"","sources":["../../src/auth/list-user-sessions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AAEvC,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAAc,EAAE,cAAuB;IAC5E,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,cAAc,EAAC,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,cAAc,EAAE,MAAM,CAAC,CAAA;IAEvL,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;QAC3B,GAAG,CAAC;QACJ,SAAS,EAAI,CAAC,CAAC,UAAU,KAAO,IAAI;QACpC,UAAU,EAAG,CAAC,CAAC,EAAE,KAAe,cAAc;KAC/C,CAAC,CAAC,CAAA;AACL,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function revalidateUserPermissionsByRole(roleId: number): Promise<void>;
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { db } from '@skalfa/skalfa-orm';
|
|
2
|
+
import { registry } from '@utils/registry';
|
|
3
|
+
export async function revalidateUserPermissionsByRole(roleId) {
|
|
4
|
+
const userIds = await db("user_roles").where("role_id", roleId).pluck("user_id");
|
|
5
|
+
const queue = registry.get('queue');
|
|
6
|
+
if (queue) {
|
|
7
|
+
for (const userId of userIds) {
|
|
8
|
+
await queue.add("auth:revalidate-permission", { userId });
|
|
9
|
+
}
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
//# sourceMappingURL=revalidate-user-permissions-by-role.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"revalidate-user-permissions-by-role.js","sourceRoot":"","sources":["../../src/auth/revalidate-user-permissions-by-role.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAA;AACvC,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAE1C,MAAM,CAAC,KAAK,UAAU,+BAA+B,CAAC,MAAc;IAClE,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IAEhF,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;IACnC,IAAI,KAAK,EAAE,CAAC;QACV,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,KAAK,CAAC,GAAG,CAAC,4BAA4B,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;QAC3D,CAAC;IACH,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function revalidateUserPermissions(userId: number): Promise<void>;
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { db } from '@skalfa/skalfa-orm';
|
|
2
|
+
import { registry } from '@utils/registry';
|
|
3
|
+
import { AUTH_CACHE } from './auth';
|
|
4
|
+
import { getUserPermissions } from './helpers';
|
|
5
|
+
export async function revalidateUserPermissions(userId) {
|
|
6
|
+
const permissions = await getUserPermissions(userId);
|
|
7
|
+
const tokenIds = await db("user_access_tokens").where("user_id", userId).pluck("id");
|
|
8
|
+
if (tokenIds.length === 0)
|
|
9
|
+
return;
|
|
10
|
+
await db("user_access_tokens").whereIn("id", tokenIds).update({
|
|
11
|
+
permissions: JSON.stringify(permissions),
|
|
12
|
+
updated_at: new Date(),
|
|
13
|
+
});
|
|
14
|
+
if (AUTH_CACHE) {
|
|
15
|
+
const redis = registry.get('redis');
|
|
16
|
+
if (redis) {
|
|
17
|
+
await Promise.all(tokenIds.map((id) => redis.del(`auth:token:${id}`)));
|
|
18
|
+
}
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=revalidate-user-permissions.js.map
|