@sqrzro/server 2.0.0-bz.0

package/LICENSE

@@ -0,0 +1,5 @@
+Copyright 2023 Richard Carter
+
+Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

package/README.md

@@ -0,0 +1 @@
+Square Zero Components

package/dist/AuthService.d.ts

@@ -0,0 +1,10 @@
+import type { NextRequest } from 'next/server';
+import { NextResponse } from 'next/server';
+import type { Errorable, UserObject } from './interfaces';
+export declare function handleLogin(formData: FormData, lookupFn: (email: string) => Promise<UserObject | null>): Promise<Errorable<UserObject>>;
+interface MeObject {
+    name: string;
+    email: string;
+}
+export declare function handleMe(request: NextRequest, lookupFn: (id: number) => Promise<MeObject | null>): Promise<NextResponse>;
+export {};

package/dist/AuthService.js

@@ -0,0 +1,36 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.handleMe = exports.handleLogin = void 0;
+const tslib_1 = require("tslib");
+const server_1 = require("next/server");
+const DataService_1 = require("./DataService");
+const PasswordService_1 = require("./PasswordService");
+const SessionService_1 = require("./SessionService");
+const LoginRequest_1 = tslib_1.__importDefault(require("./LoginRequest"));
+async function handleLogin(formData, lookupFn) {
+    async function mutateFn(data) {
+        const user = await lookupFn(data.email);
+        const isUserValid = await (0, PasswordService_1.verifyPassword)(data.password, user?.password);
+        return user && isUserValid ? user : null;
+    }
+    const response = await (0, DataService_1.mutate)({
+        fn: mutateFn,
+        formData,
+        request: LoginRequest_1.default,
+        onSuccess: async (user) => {
+            await (0, SessionService_1.createSessionForId)(user.id);
+        },
+    });
+    return response;
+}
+exports.handleLogin = handleLogin;
+async function handleMe(request, lookupFn) {
+    const token = new URL(request.url).searchParams.get('token');
+    const userId = await (0, SessionService_1.getIdFromToken)(token);
+    const me = await lookupFn(userId);
+    if (!me) {
+        return server_1.NextResponse.json({ valid: false }, { status: 401 });
+    }
+    return server_1.NextResponse.json({ name: me.name, email: me.email, valid: true });
+}
+exports.handleMe = handleMe;

package/dist/DataService.d.ts

@@ -0,0 +1,29 @@
+import type Joi from 'joi';
+import type { Errorable } from './interfaces';
+interface MutateArgs<F extends object> {
+    formData: FormData;
+    onSuccess?: (model: F) => Promise<void> | void;
+    onValidationError?: (errors: Record<string, string>) => void;
+    request: Promise<Joi.ObjectSchema<F>>;
+}
+interface MutateArgsWithFn<F extends object, M> extends Omit<MutateArgs<F>, 'onSuccess'> {
+    fn: (data: F) => Promise<M | null>;
+    onSuccess?: (model: M) => Promise<void> | void;
+}
+export declare function mutate<F extends object>(args: MutateArgs<F>): Promise<Errorable<F>>;
+export declare function mutate<F extends object, M>(args: MutateArgsWithFn<F, M>): Promise<Errorable<M>>;
+interface PaginationArgs {
+    skip: number;
+    take: number;
+}
+interface FindManyArgs extends PaginationArgs {
+    orderBy: Record<string, string>;
+    where: Record<string, string>;
+}
+interface GetListArgs<T> {
+    allowedFilters?: string[];
+    fn: (args: FindManyArgs) => Promise<T[]>;
+    searchParams?: Record<string, string>;
+}
+export declare function getList<T>({ allowedFilters, fn, searchParams, }: GetListArgs<T>): Promise<Errorable<T[]>>;
+export {};

package/dist/DataService.js

@@ -0,0 +1,64 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getList = exports.mutate = void 0;
+const utility_1 = require("@sqrzro/utility");
+const RequestService_1 = require("./RequestService");
+function hasFn(args) {
+    return Boolean(Object.prototype.hasOwnProperty.call(args, 'fn'));
+}
+async function mutate(args) {
+    const [validated, validationErrors] = await (0, RequestService_1.validateSchema)(args.formData, await args.request);
+    if (validationErrors) {
+        args.onValidationError?.(validationErrors);
+        return [null, validationErrors];
+    }
+    if (!hasFn(args)) {
+        try {
+            await args.onSuccess?.(validated);
+        }
+        catch (err) {
+            return [
+                null,
+                { $root: err instanceof Error ? `SERVER: ${err.message}` : 'SERVER_ERROR' },
+            ];
+        }
+        return [validated, null];
+    }
+    const model = await args.fn(validated);
+    if (!model) {
+        return [null, { $root: 'SERVER_ERROR' }];
+    }
+    try {
+        await args.onSuccess?.(model);
+    }
+    catch (err) {
+        return [null, { $root: err instanceof Error ? `SERVER: ${err.message}` : 'SERVER_ERROR' }];
+    }
+    return [model, null];
+}
+exports.mutate = mutate;
+const DEFAULT_SORT = 'id';
+const DEFAULT_DIR = 'asc';
+const DEFAULT_PAGE = 1;
+const DEFAULT_LIMIT = 10;
+function createPaginationArgs(page = DEFAULT_PAGE) {
+    return { skip: (page - 1) * DEFAULT_LIMIT, take: DEFAULT_LIMIT };
+}
+function createFindManyArgs(searchParams, allowedFilters = []) {
+    const { dir, page, sort, ...filters } = searchParams || {};
+    return {
+        ...createPaginationArgs(page ? parseInt(page, 10) : DEFAULT_PAGE),
+        orderBy: { [sort || DEFAULT_SORT]: dir || DEFAULT_DIR },
+        where: (0, utility_1.getFromObject)(filters, allowedFilters),
+    };
+}
+async function getList({ allowedFilters, fn, searchParams, }) {
+    try {
+        const args = createFindManyArgs(searchParams, allowedFilters);
+        return [await fn(args), null];
+    }
+    catch (err) {
+        return [null, { message: err instanceof Error ? err.message : 'SERVER_ERROR' }];
+    }
+}
+exports.getList = getList;

package/dist/LoginRequest.d.ts

@@ -0,0 +1,4 @@
+import Joi from 'joi';
+import type { LoginFormFields } from './interfaces';
+declare const LoginRequest: Promise<Joi.ObjectSchema<LoginFormFields>>;
+export default LoginRequest;

package/dist/LoginRequest.js

@@ -0,0 +1,11 @@
+"use strict";
+/* eslint-disable @typescript-eslint/no-magic-numbers */
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+const joi_1 = tslib_1.__importDefault(require("joi"));
+const RequestService_1 = require("./RequestService");
+const LoginRequest = (0, RequestService_1.createSchema)({
+    email: joi_1.default.string().email({ minDomainSegments: 2, tlds: false }).required(),
+    password: joi_1.default.string().min(8).required(),
+});
+exports.default = LoginRequest;

package/dist/PasswordService.d.ts

@@ -0,0 +1,6 @@
+type PasswordRule = 'lower' | 'min' | 'number' | 'symbol' | 'upper';
+export declare function createSecret(): Promise<string>;
+export declare function hashPassword(password: string): Promise<string>;
+export declare function verifyPassword(data?: string, encrypted?: string): Promise<boolean>;
+export declare function checkPasswordComplexity(password: string): Promise<PasswordRule[]>;
+export {};

package/dist/PasswordService.js

@@ -0,0 +1,63 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkPasswordComplexity = exports.verifyPassword = exports.hashPassword = exports.createSecret = void 0;
+const tslib_1 = require("tslib");
+const bcryptjs_1 = tslib_1.__importDefault(require("bcryptjs"));
+const PW_SALT_ROUNDS = 12;
+const PASSWORD_RULES = {
+    min: 8,
+    upper: 1,
+    lower: 1,
+    number: 1,
+    symbol: 1,
+};
+function checkPasswordMin(password, value) {
+    return password.length >= value;
+}
+function checkPasswordUpper(password, value) {
+    return password.replace(/[^A-Z]/gu, '').length >= value;
+}
+function checkPasswordLower(password, value) {
+    return password.replace(/[^a-z]/gu, '').length >= value;
+}
+function checkPasswordNumber(password, value) {
+    return password.replace(/[^0-9]/gu, '').length >= value;
+}
+function checkPasswordSymbol(password, value) {
+    return password.replace(/[^$]/gu, '').length >= value;
+}
+const PASSWORD_FUNCTIONS = {
+    min: checkPasswordMin,
+    upper: checkPasswordUpper,
+    lower: checkPasswordLower,
+    number: checkPasswordNumber,
+    symbol: checkPasswordSymbol,
+};
+async function createSecret() {
+    const secret = await bcryptjs_1.default.genSalt(PW_SALT_ROUNDS);
+    return secret;
+}
+exports.createSecret = createSecret;
+async function hashPassword(password) {
+    const hash = await bcryptjs_1.default.hash(password, PW_SALT_ROUNDS);
+    return hash;
+}
+exports.hashPassword = hashPassword;
+async function verifyPassword(data, encrypted) {
+    if (!data || !encrypted) {
+        return false;
+    }
+    const verified = await bcryptjs_1.default.compare(data, encrypted);
+    return verified;
+}
+exports.verifyPassword = verifyPassword;
+async function checkPasswordComplexity(password) {
+    const entries = Object.entries(PASSWORD_RULES);
+    const rules = entries
+        .map(([key, value]) => (PASSWORD_FUNCTIONS[key](password, value) ? key : null))
+        .filter(Boolean);
+    return new Promise((resolve) => {
+        resolve(rules);
+    });
+}
+exports.checkPasswordComplexity = checkPasswordComplexity;

package/dist/RequestService.d.ts

@@ -0,0 +1,21 @@
+import Joi from 'joi';
+import type { ErrorablePromise } from './interfaces';
+export declare function validate(): typeof Joi;
+/**
+ * This function takes FormData and a schema. It then attempts to transform the FormData into an
+ * object that matches `T`. This is because the FormData object is not typed and we want to be able
+ * to validate it properly typed.
+ *
+ * Once transformed, the object is validated against the schema. This will result in either a
+ * properly typed `T` object or an array of validation errors.
+ * @param formData
+ * @param validation
+ * @returns
+ */
+export declare function validateSchema<T extends object>(formData: FormData, validation: Joi.ObjectSchema<T>): ErrorablePromise<T>;
+export declare function createSchema<T>(schema: Joi.PartialSchemaMap<T>): Promise<Joi.ObjectSchema<T>>;
+interface ExtendSchemaOptions {
+    required?: string[];
+}
+export declare function extendSchema<T>(schema: Promise<Joi.ObjectSchema<T>>, appends: Joi.PartialSchemaMap<T>, options?: ExtendSchemaOptions): Promise<Joi.ObjectSchema<T>>;
+export {};

package/dist/RequestService.js

@@ -0,0 +1,121 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.extendSchema = exports.createSchema = exports.validateSchema = exports.validate = void 0;
+const tslib_1 = require("tslib");
+const joi_1 = tslib_1.__importDefault(require("joi"));
+function validate() {
+    return joi_1.default;
+}
+exports.validate = validate;
+function isExternalError(value) {
+    return Boolean(typeof value === 'object' && Object.prototype.hasOwnProperty.call(value, 'code'));
+}
+function checkExternalErrors(validated) {
+    const externalErrors = Object.values(validated).filter((value) => isExternalError(value));
+    if (externalErrors.length) {
+        return [
+            null,
+            externalErrors.reduce((acc, value) => ({ ...acc, [value.path[0]]: value.code }), {}),
+        ];
+    }
+    return [validated, null];
+}
+function transformErrors(error) {
+    return error.details.reduce((acc, cur) => ({ ...acc, [cur.path[0]]: cur.message }), {});
+}
+function transformString(value) {
+    return value;
+}
+function transformNumber(value) {
+    return parseInt(value, 10);
+}
+function transformBoolean(value) {
+    return value === 'true' || value === '1';
+}
+function transformDate(value) {
+    if (!value) {
+        return null;
+    }
+    return new Date(value);
+}
+const transformMap = {
+    string: transformString,
+    number: transformNumber,
+    boolean: transformBoolean,
+    date: transformDate,
+};
+function transformValue(value, type) {
+    return transformMap[type](String(value));
+}
+/**
+ * Take the formData and the validation schema and transform the formData into an object that
+ * contains the correct types, as defined by the validation schema. This is because the FormData
+ * object will only contain strings (or File/Blob objects) and we want to be able to use the object
+ * correctly typed. For example, if the validation schema defines a property as a boolean, we want
+ * the value to be either true or false, not the string "true" or "false".
+ *
+ * @param formData
+ * @param validation
+ */
+function transform(formData, validation) {
+    const keys = validation.describe().keys;
+    const entries = Object.entries(Object.fromEntries(formData.entries()));
+    const result = {};
+    entries.forEach(([key, value]) => {
+        const entry = keys[key];
+        if (entry) {
+            result[key] = transformValue(value, entry.type);
+        }
+        else {
+            result[key] = value;
+        }
+    });
+    return result;
+}
+/**
+ * This function takes FormData and a schema. It then attempts to transform the FormData into an
+ * object that matches `T`. This is because the FormData object is not typed and we want to be able
+ * to validate it properly typed.
+ *
+ * Once transformed, the object is validated against the schema. This will result in either a
+ * properly typed `T` object or an array of validation errors.
+ * @param formData
+ * @param validation
+ * @returns
+ */
+async function validateSchema(formData, validation) {
+    try {
+        const transformed = transform(formData, validation);
+        const validated = await validation.validateAsync(transformed, {
+            abortEarly: false,
+        });
+        return checkExternalErrors(validated);
+    }
+    catch (err) {
+        if (err instanceof joi_1.default.ValidationError) {
+            return [null, transformErrors(err)];
+        }
+        if (err instanceof Error) {
+            return [null, { $root: `Validation error occured: ${err.message}` }];
+        }
+        return [null, { $root: 'Unknown validation error occured' }];
+    }
+}
+exports.validateSchema = validateSchema;
+async function createSchema(schema) {
+    return new Promise((resolve) => {
+        resolve(joi_1.default.object(schema));
+    });
+}
+exports.createSchema = createSchema;
+async function extendSchema(schema, appends, options) {
+    const extended = (await schema).concat(joi_1.default.object(appends));
+    const required = (options?.required || []).reduce((acc, cur) => ({
+        ...acc,
+        [cur]: extended.extract(cur).required(),
+    }), {});
+    return new Promise((resolve) => {
+        resolve(extended.concat(joi_1.default.object(required)));
+    });
+}
+exports.extendSchema = extendSchema;

package/dist/SessionService.d.ts

@@ -0,0 +1,5 @@
+export declare function createSessionForId(id: number): Promise<void>;
+export declare function getIdFromToken(token: string | null): Promise<number>;
+export declare function getIdFromSession(): Promise<number>;
+export declare function checkSessionExists(): Promise<boolean>;
+export declare function removeSession(): Promise<void>;

package/dist/SessionService.js

@@ -0,0 +1,56 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.removeSession = exports.checkSessionExists = exports.getIdFromSession = exports.getIdFromToken = exports.createSessionForId = void 0;
+const jose_1 = require("jose");
+const uuid_1 = require("uuid");
+const headers_1 = require("next/headers");
+const SESSION_COOKIE_EXPIRY = 7200;
+async function createSessionForId(id) {
+    const token = await new jose_1.SignJWT({})
+        .setExpirationTime('1w')
+        .setIssuedAt()
+        .setJti((0, uuid_1.v4)())
+        .setProtectedHeader({ alg: 'HS256' })
+        .setSubject(id.toString())
+        .sign(new TextEncoder().encode('secret'));
+    (0, headers_1.cookies)().set('token', token, {
+        httpOnly: true,
+        maxAge: SESSION_COOKIE_EXPIRY,
+    });
+}
+exports.createSessionForId = createSessionForId;
+async function getIdFromToken(token) {
+    if (!token) {
+        throw new Error('Could not get ID. Token does not exist.');
+    }
+    try {
+        const verified = await (0, jose_1.jwtVerify)(token, new TextEncoder().encode('secret'));
+        return verified.payload.sub ? parseInt(verified.payload.sub, 10) : 0;
+    }
+    catch (err) {
+        throw new Error('Could not get ID. Token is invalid.');
+    }
+}
+exports.getIdFromToken = getIdFromToken;
+async function getIdFromSession() {
+    const userId = await getIdFromToken((0, headers_1.cookies)().get('token')?.value || null);
+    return userId;
+}
+exports.getIdFromSession = getIdFromSession;
+async function checkSessionExists() {
+    try {
+        await getIdFromSession();
+        return true;
+    }
+    catch (err) {
+        return false;
+    }
+}
+exports.checkSessionExists = checkSessionExists;
+async function removeSession() {
+    return new Promise((resolve) => {
+        (0, headers_1.cookies)().set('token', '', { httpOnly: true, maxAge: 0 });
+        resolve();
+    });
+}
+exports.removeSession = removeSession;

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+export * from './LoginRequest';
+export * from './AuthService';
+export * from './PasswordService';
+export * from './DataService';
+export * from './RequestService';
+export * from './SessionService';
+export * from './interfaces';

package/dist/index.js

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+tslib_1.__exportStar(require("./LoginRequest"), exports);
+tslib_1.__exportStar(require("./AuthService"), exports);
+tslib_1.__exportStar(require("./PasswordService"), exports);
+tslib_1.__exportStar(require("./DataService"), exports);
+tslib_1.__exportStar(require("./RequestService"), exports);
+tslib_1.__exportStar(require("./SessionService"), exports);
+tslib_1.__exportStar(require("./interfaces"), exports);

package/dist/interfaces.d.ts

@@ -0,0 +1,11 @@
+export type CastType = 'date';
+export type CastObject<T extends object> = Partial<Record<keyof T, CastType>>;
+export type Errorable<T> = [null, Record<string, string>] | [T, null];
+export type ErrorablePromise<T> = Promise<Errorable<T>>;
+export interface LoginFormFields {
+    email: string;
+    password: string;
+}
+export interface UserObject extends LoginFormFields {
+    id: number;
+}

package/dist/interfaces.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/middleware.d.ts

@@ -0,0 +1,3 @@
+import { NextResponse } from 'next/server';
+import type { NextRequest } from 'next/server';
+export declare function runMiddleware(request: NextRequest): Promise<NextResponse>;

package/dist/middleware.js

@@ -0,0 +1,35 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runMiddleware = void 0;
+const server_1 = require("next/server");
+async function getUrl(url) {
+    return new Promise((resolve) => {
+        resolve(`http://localhost:8080/${url}`);
+    });
+}
+async function redirect(request, pathname) {
+    if (new URL(request.url).pathname !== `/${pathname}`) {
+        return server_1.NextResponse.redirect(await getUrl(pathname));
+    }
+    return server_1.NextResponse.next();
+}
+async function getMe(token) {
+    if (!token) {
+        return null;
+    }
+    try {
+        const response = await fetch(await getUrl(`/api/me?token=${token}`));
+        return (await response.json());
+    }
+    catch (err) {
+        return null;
+    }
+}
+async function runMiddleware(request) {
+    const me = await getMe(request.cookies.get('token')?.value);
+    if (!me?.valid) {
+        return redirect(request, 'auth/login');
+    }
+    return server_1.NextResponse.next();
+}
+exports.runMiddleware = runMiddleware;

package/package.json

@@ -0,0 +1,45 @@
+{
+    "name": "@sqrzro/server",
+    "version": "2.0.0-bz.0",
+    "main": "dist/index.js",
+    "types": "dist/index.d.ts",
+    "exports": {
+        ".": "./dist/index.js",
+        "./middleware": "./dist/middleware.js"
+    },
+    "license": "ISC",
+    "files": [
+        "dist"
+    ],
+    "dependencies": {
+        "@sqrzro/utility": "bz",
+        "bcryptjs": "^2.4.3",
+        "joi": "^17.11.0",
+        "jose": "^5.0.1",
+        "next": "^14.0.0",
+        "react": "^18.2.0",
+        "react-dom": "^18.2.0",
+        "uuid": "^9.0.1"
+    },
+    "devDependencies": {
+        "@sqrzro/eslint-plugin": "bz",
+        "@sqrzro/prettier-config": "bz",
+        "@types/bcryptjs": "^2.4.6",
+        "@types/react": "^18.0.28",
+        "@types/uuid": "^9.0.7",
+        "esbuild": "^0.19.5",
+        "eslint": "^8.55.0",
+        "prettier": "^2.8.4",
+        "rimraf": "^4.1.2",
+        "typescript": "^5.2.2"
+    },
+    "scripts": {
+        "build": "yarn clean && tsc --project tsconfig.build.json",
+        "clean": "rimraf ./dist",
+        "dev": "tsc -p tsconfig.build.json -w",
+        "lint": "tsc --noEmit && eslint \"./src/**/*.ts\"",
+        "prepare": "yarn build",
+        "prettier": "prettier --write \"./src/**/*.ts\"",
+        "start": "yarn dev"
+    }
+}