@stravigor/socialite 0.1.1 → 0.2.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stravigor/socialite",
-  "version": "0.1.1",
+  "version": "0.2.0",
   "type": "module",
   "description": "OAuth social authentication for the Strav framework",
   "license": "MIT",
@@ -8,7 +8,7 @@
     ".": "./src/index.ts",
     "./*": "./src/*.ts"
   },
-  "files": ["src/", "package.json", "tsconfig.json", "CHANGELOG.md"],
+  "files": ["src/", "stubs/", "package.json", "tsconfig.json", "CHANGELOG.md"],
   "peerDependencies": {
     "@stravigor/core": "0.2.2"
   },

package/src/helpers.ts

@@ -1,6 +1,8 @@
 import type { AbstractProvider } from './abstract_provider.ts'
+import SocialAccount from './social_account.ts'
 import SocialiteManager from './socialite_manager.ts'
-import type { ProviderConfig } from './types.ts'
+import type { ProviderConfig, SocialiteUser } from './types.ts'
+import type { SocialAccountData } from './social_account.ts'
 
 export const socialite = {
   driver(name: string): AbstractProvider {
@@ -10,4 +12,20 @@ export const socialite = {
   extend(name: string, factory: (config: ProviderConfig) => AbstractProvider): void {
     SocialiteManager.extend(name, factory)
   },
+
+  /**
+   * Find an existing social account by provider or create a new one.
+   * If the account already exists, its tokens are updated.
+   *
+   * @example
+   * const socialUser = await socialite.driver('google').user(ctx)
+   * const { account, created } = await socialite.findOrCreate('google', socialUser, user)
+   */
+  findOrCreate(
+    provider: string,
+    socialUser: SocialiteUser,
+    user: unknown
+  ): Promise<{ account: SocialAccountData; created: boolean }> {
+    return SocialAccount.findOrCreate(provider, socialUser, user)
+  },
 }

package/src/index.ts

@@ -1,4 +1,5 @@
 export { default, default as SocialiteManager } from './socialite_manager.ts'
+export { default as SocialAccount } from './social_account.ts'
 export { socialite } from './helpers.ts'
 export { AbstractProvider, SocialiteError } from './abstract_provider.ts'
 export { GoogleProvider } from './providers/google_provider.ts'
@@ -7,3 +8,4 @@ export { DiscordProvider } from './providers/discord_provider.ts'
 export { FacebookProvider } from './providers/facebook_provider.ts'
 export { LinkedInProvider } from './providers/linkedin_provider.ts'
 export type { SocialiteUser, SocialiteConfig, ProviderConfig, TokenResponse } from './types.ts'
+export type { SocialAccountData } from './social_account.ts'

package/src/schema.ts

@@ -0,0 +1,13 @@
+import { defineSchema, t, Archetype } from '@stravigor/core/schema'
+
+export const schema = defineSchema('social_account', {
+  archetype: Archetype.Component,
+  parent: 'user',
+  fields: {
+    provider: t.varchar(50).required().index(),
+    providerId: t.varchar(255).required().index(),
+    token: t.text().required().sensitive(),
+    refreshToken: t.text().nullable().sensitive(),
+    expiresAt: t.timestamptz().nullable(),
+  },
+})

package/src/social_account.ts

@@ -0,0 +1,184 @@
+import { extractUserId } from '@stravigor/core/helpers'
+import SocialiteManager from './socialite_manager.ts'
+import type { SocialiteUser } from './types.ts'
+
+/** The DB record for a social account link. */
+export interface SocialAccountData {
+  id: number
+  userId: string | number
+  provider: string
+  providerId: string
+  token: string
+  refreshToken: string | null
+  expiresAt: Date | null
+  createdAt: Date
+  updatedAt: Date
+}
+
+/**
+ * Static helper for managing social account records.
+ *
+ * Follows the same pattern as AccessToken: all methods are static,
+ * database access goes through the parent manager (SocialiteManager.db).
+ *
+ * @example
+ * const account = await SocialAccount.findByProvider('github', '12345')
+ * const accounts = await SocialAccount.findByUser(user)
+ * const created = await SocialAccount.create({ user, provider: 'google', ... })
+ */
+export default class SocialAccount {
+  private static get sql() {
+    return SocialiteManager.db.sql
+  }
+
+  private static get fk() {
+    return SocialiteManager.userFkColumn
+  }
+
+  /**
+   * Find a social account by provider name and provider-specific user ID.
+   * This is the primary lookup used during OAuth callback.
+   */
+  static async findByProvider(
+    provider: string,
+    providerId: string
+  ): Promise<SocialAccountData | null> {
+    const rows = await SocialAccount.sql`
+      SELECT * FROM "social_account"
+      WHERE "provider" = ${provider}
+        AND "provider_id" = ${providerId}
+      LIMIT 1
+    `
+    return rows.length > 0 ? SocialAccount.hydrate(rows[0] as Record<string, unknown>) : null
+  }
+
+  /**
+   * Find all social accounts linked to a user.
+   */
+  static async findByUser(user: unknown): Promise<SocialAccountData[]> {
+    const userId = extractUserId(user)
+    const fk = SocialAccount.fk
+    const rows = await SocialAccount.sql.unsafe(
+      `SELECT * FROM "social_account" WHERE "${fk}" = $1 ORDER BY "created_at" ASC`,
+      [userId]
+    )
+    return rows.map((r: any) => SocialAccount.hydrate(r))
+  }
+
+  /**
+   * Create a new social account link.
+   */
+  static async create(data: {
+    user: unknown
+    provider: string
+    providerId: string
+    token: string
+    refreshToken?: string | null
+    expiresAt?: Date | null
+  }): Promise<SocialAccountData> {
+    const userId = extractUserId(data.user)
+    const fk = SocialAccount.fk
+    const rows = await SocialAccount.sql.unsafe(
+      `INSERT INTO "social_account" ("${fk}", "provider", "provider_id", "token", "refresh_token", "expires_at")
+       VALUES ($1, $2, $3, $4, $5, $6)
+       RETURNING *`,
+      [
+        userId,
+        data.provider,
+        data.providerId,
+        data.token,
+        data.refreshToken ?? null,
+        data.expiresAt ?? null,
+      ]
+    )
+    return SocialAccount.hydrate(rows[0] as Record<string, unknown>)
+  }
+
+  /**
+   * Find an existing social account by provider or create a new one.
+   * If the account already exists, its tokens are updated.
+   */
+  static async findOrCreate(
+    provider: string,
+    socialUser: SocialiteUser,
+    user: unknown
+  ): Promise<{ account: SocialAccountData; created: boolean }> {
+    const existing = await SocialAccount.findByProvider(provider, socialUser.id)
+    if (existing) {
+      await SocialAccount.updateTokens(
+        existing.id,
+        socialUser.token,
+        socialUser.refreshToken,
+        socialUser.expiresIn ? new Date(Date.now() + socialUser.expiresIn * 1000) : null
+      )
+      existing.token = socialUser.token
+      existing.refreshToken = socialUser.refreshToken
+      existing.expiresAt = socialUser.expiresIn
+        ? new Date(Date.now() + socialUser.expiresIn * 1000)
+        : null
+      return { account: existing, created: false }
+    }
+
+    const account = await SocialAccount.create({
+      user,
+      provider,
+      providerId: socialUser.id,
+      token: socialUser.token,
+      refreshToken: socialUser.refreshToken,
+      expiresAt: socialUser.expiresIn ? new Date(Date.now() + socialUser.expiresIn * 1000) : null,
+    })
+    return { account, created: true }
+  }
+
+  /**
+   * Update OAuth tokens for an existing social account.
+   */
+  static async updateTokens(
+    id: number,
+    token: string,
+    refreshToken: string | null,
+    expiresAt: Date | null
+  ): Promise<void> {
+    await SocialAccount.sql`
+      UPDATE "social_account"
+      SET "token" = ${token},
+          "refresh_token" = ${refreshToken},
+          "expires_at" = ${expiresAt},
+          "updated_at" = NOW()
+      WHERE "id" = ${id}
+    `
+  }
+
+  /** Delete a social account by its database ID. */
+  static async delete(id: number): Promise<void> {
+    await SocialAccount.sql`
+      DELETE FROM "social_account" WHERE "id" = ${id}
+    `
+  }
+
+  /** Delete all social accounts for a user. */
+  static async deleteByUser(user: unknown): Promise<void> {
+    const userId = extractUserId(user)
+    const fk = SocialAccount.fk
+    await SocialAccount.sql.unsafe(`DELETE FROM "social_account" WHERE "${fk}" = $1`, [userId])
+  }
+
+  // ---------------------------------------------------------------------------
+  // Internal
+  // ---------------------------------------------------------------------------
+
+  private static hydrate(row: Record<string, unknown>): SocialAccountData {
+    const fk = SocialAccount.fk
+    return {
+      id: row.id as number,
+      userId: row[fk] as string | number,
+      provider: row.provider as string,
+      providerId: row.provider_id as string,
+      token: row.token as string,
+      refreshToken: (row.refresh_token as string) ?? null,
+      expiresAt: (row.expires_at as Date) ?? null,
+      createdAt: row.created_at as Date,
+      updatedAt: row.updated_at as Date,
+    }
+  }
+}

package/src/socialite_manager.ts

@@ -1,6 +1,8 @@
 import { inject } from '@stravigor/core/core'
 import type Configuration from '@stravigor/core/config/configuration'
+import type Database from '@stravigor/core/database/database'
 import { ConfigurationError } from '@stravigor/core/exceptions/errors'
+import { toSnakeCase } from '@stravigor/core/schema'
 import type { AbstractProvider } from './abstract_provider.ts'
 import type { ProviderConfig, SocialiteConfig } from './types.ts'
 import { GoogleProvider } from './providers/google_provider.ts'
@@ -11,15 +13,32 @@ import { LinkedInProvider } from './providers/linkedin_provider.ts'
 
 @inject
 export default class SocialiteManager {
+  private static _db: Database
   private static _config: SocialiteConfig
+  private static _userFkColumn: string
   private static _extensions = new Map<string, (config: ProviderConfig) => AbstractProvider>()
 
-  constructor(config: Configuration) {
+  constructor(db: Database, config: Configuration) {
+    SocialiteManager._db = db
+
+    const userKey = config.get('socialite.userKey', 'id') as string
+    SocialiteManager._userFkColumn = `user_${toSnakeCase(userKey)}`
+
     SocialiteManager._config = {
+      userKey,
       providers: config.get('socialite.providers', {}) as Record<string, ProviderConfig>,
     }
   }
 
+  static get db(): Database {
+    if (!SocialiteManager._db) {
+      throw new ConfigurationError(
+        'SocialiteManager not configured. Resolve it through the container first.'
+      )
+    }
+    return SocialiteManager._db
+  }
+
   static get config(): SocialiteConfig {
     if (!SocialiteManager._config) {
       throw new ConfigurationError(
@@ -29,6 +48,11 @@ export default class SocialiteManager {
     return SocialiteManager._config
   }
 
+  /** The FK column name on the social_account table (e.g. `user_id`, `user_uid`). */
+  static get userFkColumn(): string {
+    return SocialiteManager._userFkColumn ?? 'user_id'
+  }
+
   /**
    * Get a fresh provider instance by name.
    * Returns a new instance each call because fluent methods mutate state.

package/src/types.ts

@@ -20,6 +20,7 @@ export interface ProviderConfig {
 }
 
 export interface SocialiteConfig {
+  userKey: string
   providers: Record<string, ProviderConfig>
 }
 

package/stubs/config/socialite.ts

@@ -0,0 +1,22 @@
+import { env } from '@stravigor/core/helpers'
+
+export default {
+  userKey: 'id',
+  providers: {
+    // google: {
+    //   clientId: env('GOOGLE_CLIENT_ID', ''),
+    //   clientSecret: env('GOOGLE_CLIENT_SECRET', ''),
+    //   redirectUrl: env('GOOGLE_REDIRECT_URL', 'http://localhost:3000/auth/google/callback'),
+    // },
+    // github: {
+    //   clientId: env('GITHUB_CLIENT_ID', ''),
+    //   clientSecret: env('GITHUB_CLIENT_SECRET', ''),
+    //   redirectUrl: env('GITHUB_REDIRECT_URL', 'http://localhost:3000/auth/github/callback'),
+    // },
+    // discord: {
+    //   clientId: env('DISCORD_CLIENT_ID', ''),
+    //   clientSecret: env('DISCORD_CLIENT_SECRET', ''),
+    //   redirectUrl: env('DISCORD_REDIRECT_URL', 'http://localhost:3000/auth/discord/callback'),
+    // },
+  },
+}

package/stubs/schemas/social_account.ts

@@ -0,0 +1,13 @@
+import { defineSchema, t, Archetype } from '@stravigor/core/schema'
+
+export default defineSchema('social_account', {
+  archetype: Archetype.Component,
+  parent: 'user',
+  fields: {
+    provider: t.varchar(50).required().index(),
+    providerId: t.varchar(255).required().index(),
+    token: t.text().required().sensitive(),
+    refreshToken: t.text().nullable().sensitive(),
+    expiresAt: t.timestamptz().nullable(),
+  },
+})