@studiocms/github 0.1.0-beta.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +27 -0
  3. package/dist/effect/github.d.ts +87 -0
  4. package/dist/effect/github.js +152 -0
  5. package/dist/endpoint.d.ts +24 -0
  6. package/dist/endpoint.js +18 -0
  7. package/dist/index.d.ts +21 -0
  8. package/dist/index.js +33 -0
  9. package/package.json +70 -0
package/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2025-present StudioCMS - withstudiocms (https://github.com/withstudiocms)
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
package/README.md ADDED
@@ -0,0 +1,27 @@
1
+ # @studiocms/github Plugin
2
+
3
+ This plugin integrates GitHub as an OAuth authentication provider for StudioCMS. It sets up the necessary authentication service, including the provider's name, endpoint paths and required environment variables.
4
+
5
+ ## Usage
6
+
7
+ Add this plugin in your StudioCMS config. (`studiocms.config.mjs`)
8
+
9
+ ```ts
10
+ import { defineStudioCMSConfig } from 'studiocms/config';
11
+ import github from '@studiocms/github';
12
+
13
+ export default defineStudioCMSConfig({
14
+ // other options here
15
+ plugins: [github()]
16
+ });
17
+ ```
18
+
19
+ ## Required ENV Variables
20
+
21
+ - `CMS_GITHUB_CLIENT_ID`
22
+ - `CMS_GITHUB_CLIENT_SECRET`
23
+ - `CMS_GITHUB_REDIRECT_URI`
24
+
25
+ ## License
26
+
27
+ [MIT Licensed](./LICENSE).
package/dist/effect/github.d.ts ADDED
@@ -0,0 +1,87 @@
1
+ import { HttpClient } from '@effect/platform';
2
+ import type { APIContext } from 'astro';
3
+ import { Effect, Schema } from 'studiocms/effect';
4
+ declare const GitHubUser_base: Schema.Class<GitHubUser, {
5
+ id: typeof Schema.Number;
6
+ html_url: typeof Schema.String;
7
+ login: typeof Schema.String;
8
+ avatar_url: typeof Schema.String;
9
+ name: Schema.optional<typeof Schema.String>;
10
+ blog: Schema.optional<typeof Schema.String>;
11
+ email: Schema.optional<typeof Schema.String>;
12
+ }, Schema.Struct.Encoded<{
13
+ id: typeof Schema.Number;
14
+ html_url: typeof Schema.String;
15
+ login: typeof Schema.String;
16
+ avatar_url: typeof Schema.String;
17
+ name: Schema.optional<typeof Schema.String>;
18
+ blog: Schema.optional<typeof Schema.String>;
19
+ email: Schema.optional<typeof Schema.String>;
20
+ }>, never, {
21
+ readonly id: number;
22
+ } & {
23
+ readonly html_url: string;
24
+ } & {
25
+ readonly login: string;
26
+ } & {
27
+ readonly avatar_url: string;
28
+ } & {
29
+ readonly name?: string | undefined;
30
+ } & {
31
+ readonly blog?: string | undefined;
32
+ } & {
33
+ readonly email?: string | undefined;
34
+ }, {}, {}>;
35
+ /**
36
+ * Represents a GitHub user profile as returned by the GitHub API.
37
+ *
38
+ * @property id - The unique identifier for the user.
39
+ * @property html_url - The URL to the user's GitHub profile.
40
+ * @property login - The user's GitHub username.
41
+ * @property avatar_url - The URL to the user's avatar image.
42
+ * @property name - The user's display name.
43
+ * @property blog - The user's blog URL.
44
+ * @property email - The user's public email address.
45
+ */
46
+ export declare class GitHubUser extends GitHubUser_base {
47
+ }
48
+ declare const GitHubOAuthAPI_base: Effect.Service.Class<GitHubOAuthAPI, "GitHubOAuthAPI", {
49
+ readonly dependencies: readonly [import("effect/Layer").Layer<import("studiocms/lib/auth/session").Session, never, never>, import("effect/Layer").Layer<import("studiocms/lib/auth/verify-email").VerifyEmail, import("studiocms/lib/effects/smtp").SMTPError | import("effect/Cause").UnknownException, never>, import("effect/Layer").Layer<import("studiocms/lib/auth/user").User, import("studiocms/lib/effects/smtp").SMTPError | import("effect/Cause").UnknownException, never>, import("effect/Layer").Layer<HttpClient.HttpClient, never, never>];
50
+ readonly effect: Effect.Effect<{
51
+ initSession: (context: APIContext) => Effect.Effect<Response, import("studiocms/lib/auth/session").SessionError, never>;
52
+ initCallback: (context: APIContext) => Effect.Effect<Response, import("studiocms/sdk/effect/db").LibSQLDatabaseError | import("studiocms/sdk/errors").SDKCoreError | Error, never>;
53
+ }, never, import("studiocms/lib/auth/session").Session | import("studiocms/lib/auth/verify-email").VerifyEmail | import("studiocms/lib/auth/user").User | HttpClient.HttpClient>;
54
+ }>;
55
+ /**
56
+ * Provides GitHub OAuth authentication effects for the StudioCMS API.
57
+ *
58
+ * This service handles the OAuth flow with GitHub, including:
59
+ * - Initializing the OAuth session and redirecting users to GitHub for authorization.
60
+ * - Validating the authorization code returned by GitHub and fetching user data.
61
+ * - Handling the callback from GitHub, including:
62
+ * - Linking OAuth accounts to existing users.
63
+ * - Creating new users from GitHub profile data.
64
+ * - Verifying user email addresses.
65
+ * - Creating user sessions and redirecting to appropriate pages.
66
+ *
67
+ * @remarks
68
+ * - Depends on session management, user library, email verification, and SDK core services.
69
+ * - Handles both first-time setup and linking additional OAuth providers to existing accounts.
70
+ *
71
+ * @example
72
+ * ```typescript
73
+ * const githubOAuth = new GitHubOAuthAPI();
74
+ * yield* githubOAuth.initSession(context);
75
+ * yield* githubOAuth.initCallback(context);
76
+ * ```
77
+ *
78
+ * @see {@link Session}
79
+ * @see {@link SDKCore}
80
+ * @see {@link VerifyEmail}
81
+ * @see {@link User}
82
+ */
83
+ export declare class GitHubOAuthAPI extends GitHubOAuthAPI_base {
84
+ static ProviderID: string;
85
+ static ProviderCookieName: string;
86
+ }
87
+ export {};
package/dist/effect/github.js ADDED
@@ -0,0 +1,152 @@
1
+ import { getSecret } from "astro:env/server";
2
+ import { Session, User, VerifyEmail } from "studiocms:auth/lib";
3
+ import config from "studiocms:config";
4
+ import { StudioCMSRoutes } from "studiocms:lib";
5
+ import { SDKCore } from "studiocms:sdk";
6
+ import { FetchHttpClient, HttpClient, HttpClientResponse } from "@effect/platform";
7
+ import { GitHub, generateState } from "arctic";
8
+ import { Effect, genLogger, Schema } from "studiocms/effect";
9
+ import { getCookie, getUrlParam, ValidateAuthCodeError } from "studiocms/oAuthUtils";
10
+ class GitHubUser extends Schema.Class("GitHubUser")({
11
+ id: Schema.Number,
12
+ html_url: Schema.String,
13
+ login: Schema.String,
14
+ avatar_url: Schema.String,
15
+ name: Schema.optional(Schema.String),
16
+ blog: Schema.optional(Schema.String),
17
+ email: Schema.optional(Schema.String)
18
+ }) {
19
+ }
20
+ const GITHUB = {
21
+ CLIENT_ID: getSecret("GITHUB_CLIENT_ID") ?? "",
22
+ CLIENT_SECRET: getSecret("GITHUB_CLIENT_SECRET") ?? "",
23
+ REDIRECT_URI: getSecret("GITHUB_REDIRECT_URI") ?? null
24
+ };
25
+ class GitHubOAuthAPI extends Effect.Service()("GitHubOAuthAPI", {
26
+ dependencies: [Session.Default, VerifyEmail.Default, User.Default, FetchHttpClient.layer],
27
+ effect: genLogger("studiocms/routes/api/auth/github/effect")(function* () {
28
+ const [
29
+ sdk,
30
+ fetchClient,
31
+ { setOAuthSessionTokenCookie, createUserSession },
32
+ { isEmailVerified, sendVerificationEmail },
33
+ { getUserData, createOAuthUser }
34
+ ] = yield* Effect.all([SDKCore, HttpClient.HttpClient, Session, VerifyEmail, User]);
35
+ const { CLIENT_ID, CLIENT_SECRET, REDIRECT_URI } = GITHUB;
36
+ const github = new GitHub(CLIENT_ID, CLIENT_SECRET, REDIRECT_URI);
37
+ const validateAuthCode = (code) => genLogger("studiocms/routes/api/auth/github/effect.validateAuthCode")(function* () {
38
+ const tokens = yield* Effect.tryPromise(() => github.validateAuthorizationCode(code));
39
+ return yield* fetchClient.get("https://api.github.com/user", {
40
+ headers: {
41
+ Authorization: `Bearer ${tokens.accessToken}`
42
+ }
43
+ }).pipe(
44
+ Effect.flatMap(HttpClientResponse.schemaBodyJson(GitHubUser)),
45
+ Effect.catchAll(
46
+ (error) => Effect.fail(
47
+ new ValidateAuthCodeError({
48
+ provider: GitHubOAuthAPI.ProviderID,
49
+ message: `Failed to fetch user info: ${error.message}`
50
+ })
51
+ )
52
+ )
53
+ );
54
+ });
55
+ return {
56
+ initSession: (context) => genLogger("studiocms/routes/api/auth/github/effect.initSession")(function* () {
57
+ const state = generateState();
58
+ const scopes = ["user:email", "repo"];
59
+ const url = github.createAuthorizationURL(state, scopes);
60
+ yield* setOAuthSessionTokenCookie(context, GitHubOAuthAPI.ProviderCookieName, state);
61
+ return context.redirect(url.toString());
62
+ }),
63
+ initCallback: (context) => genLogger("studiocms/routes/api/auth/github/effect.initCallback")(function* () {
64
+ const { cookies, redirect } = context;
65
+ const [code, state, storedState] = yield* Effect.all([
66
+ getUrlParam(context, "code"),
67
+ getUrlParam(context, "state"),
68
+ getCookie(context, GitHubOAuthAPI.ProviderCookieName)
69
+ ]);
70
+ if (!code || !state || !storedState || state !== storedState) {
71
+ return redirect(StudioCMSRoutes.authLinks.loginURL);
72
+ }
73
+ const githubUser = yield* validateAuthCode(code);
74
+ const { id: githubUserId, login: githubUsername } = githubUser;
75
+ const existingOAuthAccount = yield* sdk.AUTH.oAuth.searchProvidersForId(
76
+ GitHubOAuthAPI.ProviderID,
77
+ `${githubUserId}`
78
+ );
79
+ if (existingOAuthAccount) {
80
+ const user = yield* sdk.GET.users.byId(existingOAuthAccount.userId);
81
+ if (!user) {
82
+ return new Response("User not found", { status: 404 });
83
+ }
84
+ const isEmailAccountVerified2 = yield* isEmailVerified(user);
85
+ if (!isEmailAccountVerified2) {
86
+ return new Response("Email not verified, please verify your account first.", {
87
+ status: 400
88
+ });
89
+ }
90
+ yield* createUserSession(user.id, context);
91
+ return redirect(StudioCMSRoutes.mainLinks.dashboardIndex);
92
+ }
93
+ const loggedInUser = yield* getUserData(context);
94
+ const linkNewOAuth = !!cookies.get(User.LinkNewOAuthCookieName)?.value;
95
+ if (loggedInUser.user && linkNewOAuth) {
96
+ const existingUser2 = yield* sdk.GET.users.byId(loggedInUser.user.id);
97
+ if (existingUser2) {
98
+ yield* sdk.AUTH.oAuth.create({
99
+ userId: existingUser2.id,
100
+ provider: GitHubOAuthAPI.ProviderID,
101
+ providerUserId: `${githubUserId}`
102
+ });
103
+ const isEmailAccountVerified2 = yield* isEmailVerified(existingUser2);
104
+ if (!isEmailAccountVerified2) {
105
+ return new Response("Email not verified, please verify your account first.", {
106
+ status: 400
107
+ });
108
+ }
109
+ yield* createUserSession(existingUser2.id, context);
110
+ return redirect(StudioCMSRoutes.mainLinks.dashboardIndex);
111
+ }
112
+ }
113
+ const newUser = yield* createOAuthUser(
114
+ {
115
+ // @ts-expect-error drizzle broke the id variable...
116
+ id: crypto.randomUUID(),
117
+ username: githubUsername,
118
+ email: githubUser.email,
119
+ name: githubUser.name || githubUsername,
120
+ avatar: githubUser.avatar_url,
121
+ createdAt: /* @__PURE__ */ new Date(),
122
+ url: githubUser.blog
123
+ },
124
+ { provider: GitHubOAuthAPI.ProviderID, providerUserId: `${githubUserId}` }
125
+ );
126
+ if ("error" in newUser) {
127
+ return new Response("Error creating user", { status: 500 });
128
+ }
129
+ if (config.dbStartPage) {
130
+ return redirect("/done");
131
+ }
132
+ yield* sendVerificationEmail(newUser.id, true);
133
+ const existingUser = yield* sdk.GET.users.byId(newUser.id);
134
+ const isEmailAccountVerified = yield* isEmailVerified(existingUser);
135
+ if (!isEmailAccountVerified) {
136
+ return new Response("Email not verified, please verify your account first.", {
137
+ status: 400
138
+ });
139
+ }
140
+ yield* createUserSession(newUser.id, context);
141
+ return redirect(StudioCMSRoutes.mainLinks.dashboardIndex);
142
+ })
143
+ };
144
+ })
145
+ }) {
146
+ static ProviderID = "github";
147
+ static ProviderCookieName = "github_oauth_state";
148
+ }
149
+ export {
150
+ GitHubOAuthAPI,
151
+ GitHubUser
152
+ };
package/dist/endpoint.d.ts ADDED
@@ -0,0 +1,24 @@
1
+ import type { APIRoute } from 'astro';
2
+ /**
3
+ * API route handler for initializing a GitHub session.
4
+ *
5
+ * This function uses the Effect system to compose asynchronous operations,
6
+ * retrieving the `initSession` method from the `GitHubOAuthAPI` and invoking it
7
+ * with the provided API context. The result is converted to a vanilla response
8
+ * using `convertToVanilla`.
9
+ *
10
+ * @param context - The API context containing request and environment information.
11
+ * @returns A promise resolving to the API response after session initialization.
12
+ */
13
+ export declare const initSession: APIRoute;
14
+ /**
15
+ * Handles the GitHub OAuth callback endpoint.
16
+ *
17
+ * This API route initializes the GitHub OAuth callback process by invoking the `initCallback`
18
+ * method from the `GitHubOAuthAPI`. It uses the Effect system to manage dependencies and
19
+ * asynchronous control flow, providing the default implementation of `GitHubOAuthAPI`.
20
+ *
21
+ * @param context - The API context containing request and response objects.
22
+ * @returns A promise resolving to the result of the GitHub OAuth callback process.
23
+ */
24
+ export declare const initCallback: APIRoute;
package/dist/endpoint.js ADDED
@@ -0,0 +1,18 @@
1
+ import { convertToVanilla, Effect } from "studiocms/effect";
2
+ import { GitHubOAuthAPI } from "./effect/github.js";
3
+ const initSession = async (context) => await convertToVanilla(
4
+ Effect.gen(function* () {
5
+ const { initSession: initSession2 } = yield* GitHubOAuthAPI;
6
+ return yield* initSession2(context);
7
+ }).pipe(Effect.provide(GitHubOAuthAPI.Default))
8
+ );
9
+ const initCallback = async (context) => await convertToVanilla(
10
+ Effect.gen(function* () {
11
+ const { initCallback: initCallback2 } = yield* GitHubOAuthAPI;
12
+ return yield* initCallback2(context);
13
+ }).pipe(Effect.provide(GitHubOAuthAPI.Default))
14
+ );
15
+ export {
16
+ initCallback,
17
+ initSession
18
+ };
package/dist/index.d.ts ADDED
@@ -0,0 +1,21 @@
1
+ /**
2
+ * These triple-slash directives defines dependencies to various declaration files that will be
3
+ * loaded when a user imports the StudioCMS plugin in their Astro configuration file. These
4
+ * directives must be first at the top of the file and can only be preceded by this comment.
5
+ */
6
+ import { type StudioCMSPlugin } from 'studiocms/plugins';
7
+ /**
8
+ * Creates and returns the StudioCMS GitHub plugin configuration.
9
+ *
10
+ * This plugin integrates GitHub as an OAuth authentication provider for StudioCMS.
11
+ * It sets up the necessary authentication service, including the provider's name,
12
+ * endpoint path, required environment variables, and SVG logo.
13
+ *
14
+ * @returns {StudioCMSPlugin} The configured StudioCMS GitHub plugin.
15
+ *
16
+ * @example
17
+ * import { studiocmsGithub } from '@studiocms/github';
18
+ * const githubPlugin = studiocmsGithub();
19
+ */
20
+ export declare function studiocmsGithub(): StudioCMSPlugin;
21
+ export default studiocmsGithub;
package/dist/index.js ADDED
@@ -0,0 +1,33 @@
1
+ import { createResolver } from "astro-integration-kit";
2
+ import { definePlugin } from "studiocms/plugins";
3
+ function studiocmsGithub() {
4
+ const { resolve } = createResolver(import.meta.url);
5
+ const packageIdentifier = "@studiocms/github";
6
+ return definePlugin({
7
+ identifier: packageIdentifier,
8
+ name: "StudioCMS GitHub Plugin",
9
+ studiocmsMinimumVersion: "0.1.0-beta.22",
10
+ hooks: {
11
+ "studiocms:config:setup": ({ setAuthService }) => {
12
+ setAuthService({
13
+ oAuthProvider: {
14
+ name: "github",
15
+ formattedName: "GitHub",
16
+ endpointPath: resolve("./endpoint.js"),
17
+ requiredEnvVariables: [
18
+ "CMS_GITHUB_CLIENT_ID",
19
+ "CMS_GITHUB_CLIENT_SECRET",
20
+ "CMS_GITHUB_REDIRECT_URI"
21
+ ],
22
+ svg: '<svg width="24px" height="24px" viewBox="0 0 98 96" xmlns="http://www.w3.org/2000/svg" class="oauth-logo"><path fill-rule="evenodd" clip-rule="evenodd" d="M48.854 0C21.839 0 0 22 0 49.217c0 21.756 13.993 40.172 33.405 46.69 2.427.49 3.316-1.059 3.316-2.362 0-1.141-.08-5.052-.08-9.127-13.59 2.934-16.42-5.867-16.42-5.867-2.184-5.704-5.42-7.17-5.42-7.17-4.448-3.015.324-3.015.324-3.015 4.934.326 7.523 5.052 7.523 5.052 4.367 7.496 11.404 5.378 14.235 4.074.404-3.178 1.699-5.378 3.074-6.6-10.839-1.141-22.243-5.378-22.243-24.283 0-5.378 1.94-9.778 5.014-13.2-.485-1.222-2.184-6.275.486-13.038 0 0 4.125-1.304 13.426 5.052a46.97 46.97 0 0 1 12.214-1.63c4.125 0 8.33.571 12.213 1.63 9.302-6.356 13.427-5.052 13.427-5.052 2.67 6.763.97 11.816.485 13.038 3.155 3.422 5.015 7.822 5.015 13.2 0 18.905-11.404 23.06-22.324 24.283 1.78 1.548 3.316 4.481 3.316 9.126 0 6.6-.08 11.897-.08 13.526 0 1.304.89 2.853 3.316 2.364 19.412-6.52 33.405-24.935 33.405-46.691C97.707 22 75.788 0 48.854 0z" fill="currentColor"/></svg>'
23
+ }
24
+ });
25
+ }
26
+ }
27
+ });
28
+ }
29
+ var index_default = studiocmsGithub;
30
+ export {
31
+ index_default as default,
32
+ studiocmsGithub
33
+ };
package/package.json ADDED
@@ -0,0 +1,70 @@
1
+ {
2
+ "name": "@studiocms/github",
3
+ "version": "0.1.0-beta.23",
4
+ "description": "Add GitHub OAuth Support to your StudioCMS project.",
5
+ "author": {
6
+ "name": "withstudiocms",
7
+ "url": "https://studiocms.dev"
8
+ },
9
+ "repository": {
10
+ "type": "git",
11
+ "url": "git+https://github.com/withstudiocms/studiocms.git",
12
+ "directory": "packages/@studiocms/github"
13
+ },
14
+ "contributors": [
15
+ "Adammatthiesen",
16
+ "jdtjenkins",
17
+ "dreyfus92",
18
+ "code.spirit"
19
+ ],
20
+ "license": "MIT",
21
+ "keywords": [
22
+ "astro",
23
+ "astrocms",
24
+ "astrodb",
25
+ "astrostudio",
26
+ "astro-integration",
27
+ "astro-studio",
28
+ "astro-studiocms",
29
+ "cms",
30
+ "studiocms",
31
+ "withastro",
32
+ "plugin",
33
+ "studiocms-plugin"
34
+ ],
35
+ "homepage": "https://studiocms.dev",
36
+ "publishConfig": {
37
+ "access": "public",
38
+ "provenance": true
39
+ },
40
+ "sideEffects": false,
41
+ "files": [
42
+ "dist"
43
+ ],
44
+ "exports": {
45
+ ".": {
46
+ "types": "./dist/index.d.ts",
47
+ "default": "./dist/index.js"
48
+ }
49
+ },
50
+ "type": "module",
51
+ "dependencies": {
52
+ "astro-integration-kit": "^0.18",
53
+ "arctic": "^3.7.0"
54
+ },
55
+ "devDependencies": {
56
+ "@types/node": "^22.0.0"
57
+ },
58
+ "peerDependencies": {
59
+ "@effect/platform": "^0.90.0",
60
+ "astro": "^5.12.6",
61
+ "effect": "^3.17.3",
62
+ "vite": "^6.3.4",
63
+ "studiocms": "0.1.0-beta.23"
64
+ },
65
+ "scripts": {
66
+ "build": "buildkit build 'src/**/*.{ts,astro,css,json,png}'",
67
+ "dev": "buildkit dev 'src/**/*.{ts,astro,css,json,png}'",
68
+ "typecheck": "tspc -p tsconfig.tspc.json"
69
+ }
70
+ }