npm - @skroz/profile-api - Versions diffs - 1.0.16 → 1.0.18 - Mend

@skroz/profile-api 1.0.16 → 1.0.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

package/dist/adapters/TypeOrmProfileAdapter.d.ts +4 -1
package/dist/adapters/TypeOrmProfileAdapter.js +15 -1
package/dist/dto/OauthInput.d.ts +14 -0
package/dist/dto/OauthInput.js +65 -0
package/dist/dto/index.d.ts +1 -0
package/dist/dto/index.js +4 -1
package/dist/entities/TypeOrmBaseUser.d.ts +5 -0
package/dist/entities/TypeOrmBaseUser.js +20 -0
package/dist/index.d.ts +2 -0
package/dist/index.js +2 -0
package/dist/oauth/AppleOauth.d.ts +13 -0
package/dist/oauth/AppleOauth.js +84 -0
package/dist/oauth/GoogleOauth.d.ts +12 -0
package/dist/oauth/GoogleOauth.js +54 -0
package/dist/oauth/MailOauth.d.ts +12 -0
package/dist/oauth/MailOauth.js +53 -0
package/dist/oauth/OAuthProvider.d.ts +9 -0
package/dist/oauth/OAuthProvider.js +2 -0
package/dist/oauth/VKOauth.d.ts +12 -0
package/dist/oauth/VKOauth.js +47 -0
package/dist/oauth/YandexOauth.d.ts +11 -0
package/dist/oauth/YandexOauth.js +56 -0
package/dist/oauth/index.d.ts +6 -0
package/dist/oauth/index.js +22 -0
package/dist/resolvers/ProfileResolver.js +5 -3
package/dist/resolvers/createOauthResolver.d.ts +12 -0
package/dist/resolvers/createOauthResolver.js +146 -0
package/dist/types/index.d.ts +4 -1
package/package.json +3 -2
package/src/adapters/TypeOrmProfileAdapter.ts +13 -2
package/src/dto/OauthInput.ts +37 -0
package/src/dto/index.ts +1 -0
package/src/entities/TypeOrmBaseUser.ts +15 -0
package/src/index.ts +2 -0
package/src/oauth/AppleOauth.ts +83 -0
package/src/oauth/GoogleOauth.ts +47 -0
package/src/oauth/MailOauth.ts +49 -0
package/src/oauth/OAuthProvider.ts +10 -0
package/src/oauth/VKOauth.ts +43 -0
package/src/oauth/YandexOauth.ts +49 -0
package/src/oauth/index.ts +6 -0
package/src/resolvers/ProfileResolver.ts +8 -6
package/src/resolvers/createOauthResolver.ts +136 -0
package/src/types/index.ts +3 -1

package/src/resolvers/createOauthResolver.ts ADDED Viewed

@@ -0,0 +1,136 @@
+import crypto from 'crypto';
+import { nanoid } from 'nanoid';
+import { Arg, Ctx, Mutation, Resolver } from 'type-graphql';
+import { ProfileAuthService } from '../services/ProfileAuthService';
+import { OAuthProvider } from '../oauth/OAuthProvider';
+import { OauthLoginInput, TelegramAuthData } from '../dto/OauthInput';
+import { ProfileContext } from '../types';
+export interface OauthResolverDependencies<
+  TContext extends ProfileContext = ProfileContext
+> {
+  authService: ProfileAuthService | ((ctx: TContext) => ProfileAuthService);
+  userType: any;
+  providers: Record<string, OAuthProvider>;
+  telegramBotToken?: string;
+  onUserCreated?: (user: any, ctx: TContext) => Promise<void>;
+  onLogin?: (user: any, ctx: TContext) => Promise<void>;
+}
+function validateTelegramHash(data: TelegramAuthData, botToken: string): boolean {
+  const { hash, ...rest } = data;
+  const sorted = Object.keys(rest)
+    .filter((k) => {
+      const value = (rest as any)[k];
+      return value !== undefined && value !== null && value !== '';
+    })
+    .sort()
+    .map((k) => `${k}=${(rest as any)[k]}`)
+    .join('\n');
+  const secret = crypto.createHash('sha256').update(botToken).digest();
+  const hmac = crypto.createHmac('sha256', secret as unknown as crypto.BinaryLike).update(sorted).digest('hex');
+  return hmac === hash;
+}
+export function createOauthResolver<
+  TContext extends ProfileContext = ProfileContext
+>(deps: OauthResolverDependencies<TContext>): any {
+  const {
+    authService,
+    userType,
+    providers,
+    telegramBotToken,
+    onUserCreated,
+    onLogin,
+  } = deps;
+  const getAuthService = (ctx: TContext): ProfileAuthService => {
+    if (typeof authService === 'function') return authService(ctx);
+    return authService;
+  };
+  @Resolver(() => userType)
+  class OauthResolver {
+    @Mutation(() => userType)
+    async oauthLogin(
+      @Arg('input') input: OauthLoginInput,
+      @Ctx() ctx: TContext
+    ) {
+      const service = getAuthService(ctx);
+      let user: any;
+      let isNew = false;
+      if (input.provider === 'telegram') {
+        if (!input.tgData) throw new Error('tgData is required for Telegram login');
+        if (!telegramBotToken) throw new Error('Telegram bot token is not configured');
+        if (!validateTelegramHash(input.tgData, telegramBotToken)) {
+          throw new Error('Telegram auth verification failed');
+        }
+        user = await service.db.findUserByTelegramId(input.tgData.id);
+        if (!user) {
+          const passwordHash = await service.hashPassword(nanoid(20));
+          user = await service.db.createUser({
+            email: null,
+            passwordHash,
+            isTempPassword: true,
+          });
+          await service.db.updateUserProviderId(user.id, 'telegram', input.tgData.id);
+          isNew = true;
+        }
+      } else {
+        if (!input.code) throw new Error('code is required for OAuth login');
+        const provider = providers[input.provider];
+        if (!provider) throw new Error(`Unknown OAuth provider: ${input.provider}`);
+        const profile = await provider.exchangeCode(input.code);
+        // 1. Find by provider ID
+        user = await service.db.findUserByProviderId(input.provider, profile.providerId);
+        if (!user && profile.email) {
+          // 2. Find by email — link provider ID to existing account
+          user = await service.db.findUserByEmail(profile.email);
+          if (user) {
+            await service.db.updateUserProviderId(user.id, input.provider, profile.providerId);
+          }
+        }
+        if (!user) {
+          // 3. Create new user
+          const passwordHash = await service.hashPassword(nanoid(20));
+          user = await service.db.createUser({
+            email: profile.email,
+            passwordHash,
+            isTempPassword: true,
+          });
+          await service.db.updateUserProviderId(user.id, input.provider, profile.providerId);
+          isNew = true;
+        }
+      }
+      if (user.isBanned) throw new Error('User is banned');
+      const userAgent = decodeURI(ctx.req.get('user-agent') || '');
+      await ctx.req.session.create({
+        userId: user.id,
+        ip: ctx.req.ip,
+        userAgent: userAgent.slice(0, 500),
+      });
+      if (isNew && onUserCreated) await onUserCreated(user, ctx);
+      if (!isNew && onLogin) await onLogin(user, ctx);
+      return user;
+    }
+  }
+  return OauthResolver;
+}

package/src/types/index.ts CHANGED Viewed

@@ -19,8 +19,10 @@ export interface ProfileDbAdapter {
     findUserByEmail(email: string): Promise<AuthUser | null>;
     findUserById(id: number): Promise<AuthUser | null>;
     findUserByTelegramId(telegramId: string): Promise<AuthUser | null>;
-    createUser(data: { email: string; passwordHash: string }): Promise<AuthUser>;
+    createUser(data: { email?: string | null; passwordHash: string; isTempPassword?: boolean }): Promise<AuthUser>;
     isEmailTaken(email: string, excludeUserId?: number): Promise<boolean>;
+    findUserByProviderId(provider: string, id: string): Promise<AuthUser | null>;
+    updateUserProviderId(userId: number, provider: string, id: string): Promise<void>;
 }
 export interface ProfileAuthConfig {