@volcanicminds/backend 0.2.27 → 0.2.29

package/lib/loader/router.ts

@@ -1,3 +1,4 @@
+import yn from '../util/yn'
 import { Route, ConfiguredRoute, RouteConfig } from '../../types/global'
 import { FastifyReply, FastifyRequest } from 'fastify'
 
@@ -8,6 +9,7 @@ const methods = ['GET', 'POST', 'PUT', 'DELETE', 'HEAD', 'PATCH', 'OPTIONS']
 export function load(): ConfiguredRoute[] {
   const validRoutes: ConfiguredRoute[] = []
   const patterns = [`${__dirname}/../api/**/routes.{ts,js}`, `${process.cwd()}/src/api/**/routes.{ts,js}`]
+  const authMiddlewares = ['global.isAuthenticated', 'global.isAdmin']
 
   patterns.forEach((pattern) => {
     log.t && log.trace('Looking for ' + pattern)
@@ -20,11 +22,6 @@ export function load(): ConfiguredRoute[] {
       const routesjs = require(f)
       const { routes = [], config: defaultConfig = {} } = routesjs || {}
 
-      // adjust default config
-      if (!defaultConfig.enable) defaultConfig.enable = true
-      if (defaultConfig.deprecated == null) defaultConfig.deprecated = false
-      if (defaultConfig.controller == null) defaultConfig.controller = 'controller'
-
       log.t && log.trace(`* Add ${routes.length} routes from ${file}`)
 
       routes.forEach((route: Route, index: number) => {
@@ -35,14 +32,15 @@ export function load(): ConfiguredRoute[] {
           handler,
           config = {} as RouteConfig,
           middlewares = [],
-          roles: requiredRole = []
+          roles: rs = []
         } = route
 
-        if (
-          !config?.security &&
-          (requiredRole.some((r) => r.code !== roles.public.code) ||
-            middlewares.some((m) => m === 'global.isAuthenticated'))
-        ) {
+        const requiredRoles = !rs.length ? [roles.public] : rs
+        const reqAuth: boolean =
+          middlewares.some((m) => authMiddlewares.includes(m)) ||
+          requiredRoles.every((r) => r.code !== roles.public.code)
+
+        if (!config?.security && reqAuth) {
           config.security = 'bearer'
         }
 
@@ -50,11 +48,11 @@ export function load(): ConfiguredRoute[] {
         const {
           title = '',
           description = '',
-          enable = defaultConfig.enable || true,
-          deprecated = defaultConfig.deprecated || false,
-          tags = defaultConfig.tags || false,
+          enable = yn(defaultConfig.enable, true),
+          deprecated = yn(defaultConfig.deprecated, false),
+          tags = defaultConfig.tags,
           version = defaultConfig.version || '',
-          security = defaultConfig.security || undefined,
+          security = defaultConfig.security,
           query,
           params,
           body,
@@ -90,25 +88,26 @@ export function load(): ConfiguredRoute[] {
           }
         }
 
-        if (errors.length == 0) {
-          enable
-            ? log.t &&
-              log.trace(
-                `* Method [${method}] path ${endpoint} handler ${handler} enabled with ${
-                  middlewares?.length || 0
-                } middlewares`
-              )
-            : log.w && log.warn(`* Method [${method}] path ${endpoint} handler ${handler} disabled. Skip.`)
-
+        const toAdd = enable && errors.length === 0
+        toAdd
+          ? log.t &&
+            log.trace(
+              `* Method [${method}] path ${endpoint} handler ${handler} enabled with ${
+                middlewares?.length || 0
+              } middlewares`
+            )
+          : log.w && log.warn(`* Method [${method}] path ${endpoint} handler ${handler} disabled. Skip.`)
+
+        toAdd &&
           validRoutes.push({
             handler,
             method,
             path: '/' + endpoint,
             middlewares,
-            roles: requiredRole,
+            roles: requiredRoles,
             enable,
             base,
-            file: path.join(base, defaultConfig.controller, handlerParts[0]),
+            file: path.join(base, defaultConfig.controller || 'controller', handlerParts[0]),
             func: handlerParts[1],
             // swagger: doc
             doc: {
@@ -124,7 +123,6 @@ export function load(): ConfiguredRoute[] {
               response
             }
           })
-        }
       })
     })
   })
@@ -133,26 +131,65 @@ export function load(): ConfiguredRoute[] {
   return validRoutes
 }
 
-function normalizeMiddlewarePath(base: string, middleware: string = '') {
+async function tryToLoadFile(fileName: string) {
+  return new Promise((resolve, reject) => {
+    try {
+      const required = fileName ? require(fileName) : null
+      resolve(required)
+    } catch (err) {
+      reject(err)
+    }
+  })
+}
+
+async function loadMiddleware(base: string, middleware: string = '') {
   const key = 'global.'
-  const idx = middleware.indexOf(key)
-  return idx == 0
-    ? path.resolve(__dirname + '/../middleware/' + middleware.substring(key.length))
-    : path.resolve(base + '/middleware/' + middleware)
+  const isGlobal = middleware.indexOf(key) > -1
+  let required: any = null
+
+  if (isGlobal) {
+    const name = middleware.substring(key.length)
+    required = await tryToLoadFile(path.resolve(process.cwd() + '/src/middleware/' + name)).catch(async () => {
+      return await tryToLoadFile(path.resolve(__dirname + '/../middleware/' + name))
+    })
+  } else {
+    required = await tryToLoadFile(path.resolve(base + '/middleware/' + middleware))
+  }
+
+  if (!required) {
+    log.error(`Middleware ${middleware} not loaded`)
+    throw new Error(`Middleware ${middleware} not loaded`)
+  }
+  return required
 }
 
+async function loadMiddlewares(base: string, middlewares: string[] = []) {
+  const midds = {}
+  await Promise.all(
+    middlewares.map(async (m) => {
+      const middleware = await loadMiddleware(base, m)
+      Object.keys(middleware).map((name) => (midds[name] = [...(midds[name] || []), middleware[name]]))
+    })
+  )
+  // log.debug(base + ' middleware ' + middlewares.length + ' -> ' + Object.keys(midds))
+  return midds
+}
+
+// preParsing, preValidation, preHandler, preSerialization, ..
+
 export function apply(server: any, routes: ConfiguredRoute[]): void {
   log.t && log.trace(`Apply ${routes.length} routes to server with pid ${process.pid}`)
 
   routes.forEach(async ({ handler, method, path, middlewares, roles, enable, base, file, func, doc }) => {
     if (enable) {
       log.t && log.trace(`* Add path ${method} ${path} on handle ${handler}`)
+      const midds = await loadMiddlewares(base, middlewares)
 
       server.route({
         method: method,
         path: path,
         schema: doc,
-        preHandler: (middlewares || []).map((m) => require(normalizeMiddlewarePath(base, m))),
+        ...midds,
         config: {
           requiredRoles: roles || []
         },

package/lib/loader/schemas.ts

@@ -15,9 +15,13 @@ export function apply(server: any): void {
       schemaNames.map((name) => {
         const schema = schemaClass[name]
         if (schema != null) {
-          log.trace(`* Schema [${schema.$id}] loaded from ${schemaFileName}`)
-          server.addSchema(schema)
-          schemaCount++
+          if (schema?.$id) {
+            log.trace(`* Schema [${schema.$id}] loaded from ${schemaFileName}`)
+            server.addSchema(schema)
+            schemaCount++
+          } else {
+            log.warn(`* Schema [${schema.$id}] not loaded from ${schemaFileName}`)
+          }
         }
       })
     })

package/lib/middleware/isAdmin.ts

@@ -1,11 +1,11 @@
 import { FastifyReply, FastifyRequest } from 'fastify'
 
-const log = global.log
-module.exports = (req: FastifyRequest, res: FastifyReply, next: any) => {
+export function preHandler(req: FastifyRequest, res: FastifyReply, done: any) {
   try {
     if (req.user && req.user.id && req.hasRole(roles.admin)) {
-      return next()
+      return done()
     }
+
     throw new Error('User without this privilege')
   } catch (err) {
     log.e && log.error(`Upps, something just happened ${err}`)

package/lib/middleware/isAuthenticated.ts

@@ -1,14 +1,14 @@
 import { FastifyReply, FastifyRequest } from 'fastify'
 
-const log = global.log
-module.exports = (req: FastifyRequest, res: FastifyReply, next: any) => {
+export function preHandler(req: FastifyRequest, res: FastifyReply, done: any) {
   try {
     if (!!req.user?.id) {
-      return next()
+      return done()
     }
-    throw new Error('User not authenticated')
+
+    throw new Error('Unauthorized')
   } catch (err) {
     log.e && log.error(`Upps, something just happened ${err}`)
-    res.code(403).send(err)
+    return res.code(401).send(err) // must be authorized first
   }
 }

package/lib/middleware/postAuth.ts

@@ -0,0 +1,5 @@
+import { FastifyReply, FastifyRequest } from 'fastify'
+
+export async function preSerialization(req: FastifyRequest, res: FastifyReply, payload) {
+  return payload
+}

package/lib/middleware/preAuth.ts

@@ -0,0 +1,3 @@
+import { FastifyReply, FastifyRequest } from 'fastify'
+
+export async function preHandler(req: FastifyRequest, res: FastifyReply) {}

package/lib/util/generate.ts

@@ -0,0 +1,6 @@
+const { customAlphabet } = require('nanoid')
+const nanoid = customAlphabet('AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz0123456789')
+
+export function newAuthCode() {
+  return nanoid(Number(process.env.AUTH_CODE_SIZE) || 10)
+}

package/lib/util/regexp.ts

@@ -1,32 +1,34 @@
-module.exports = {
-  /*
-   * min 3 max 33, one special character (. _ -) only in the middle
-   * username can have uppercase or lowercase chars
-   */
-  username: /(?=^.{3,33}$)^[a-z][a-z0-9]*[._-]?[a-z0-9]+$/gi,
-  emailAlt:
-    /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/,
-  /*
-   * email can have multiple words
-   * email can use . - or + for smart labeling
-   */
-  email: /^\w+([\.+-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/,
-  /*
-   * password must contain 1 number (0-9)
-   * password must contain 1 uppercase chars
-   * password must contain 1 lowercase chars
-   * password must contain 1 non-alpha number
-   * password is 8-64 characters with no space
-   */
-  password: /^(?=.*\d)(?=.*[A-Z])(?=.*[a-z])(?=.*[^\w\d\s:])([^\s]){8,64}$/gi,
-  zipCode: /(^\d{5}$)|(^\d{5}-\d{4}$)/,
-  taxCodePersona: /^[a-zA-Z]{6}[0-9]{2}[abcdehlmprstABCDEHLMPRST]{1}[0-9]{2}([a-zA-Z]{1}[0-9]{3})[a-zA-Z]{1}$/,
-  /*
-   * taxCode can have 2 letter (IT,DE,..) and 11 digits
-   */
-  taxCodeCompany: /^([A-Z]{2}|)[0-9]{11}$/,
-  iban: /^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$/,
-  mobilePhone: /^((00|\+)39)?3[0-9]{8,9}$/,
-  landLinePhone: /^(((00|\+)39))?[\s]?(0{1}[1-9]{1,3})[\s]?(\d{4,6})$/,
-  tollFreePhone: /^((00|\+)39)?(800|803|167)\d{3,6}$/
-}
+/*
+ * min 3 max 33, one special character (. _ -) only in the middle
+ * username can have uppercase or lowercase chars
+ */
+export const username = /(?=^.{3,33}$)^[a-z][a-z0-9]*[._-]?[a-z0-9]+$/gi
+export const emailAlt =
+  /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/
+
+/*
+ * email can have multiple words
+ * email can use . - or + for smart labeling
+ */
+export const email = /^\w+([\.+-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/
+
+/*
+ * password must contain 1 number (0-9)
+ * password must contain 1 uppercase chars
+ * password must contain 1 lowercase chars
+ * password must contain 1 non-alpha number
+ * password is 8-64 characters with no space
+ */
+export const password = /^(?=.*\d)(?=.*[A-Z])(?=.*[a-z])(?=.*[^\w\d\s:])([^\s]){8,16}$/
+export const zipCode = /(^\d{5}$)|(^\d{5}-\d{4}$)/
+export const taxCodePersona =
+  /^[a-zA-Z]{6}[0-9]{2}[abcdehlmprstABCDEHLMPRST]{1}[0-9]{2}([a-zA-Z]{1}[0-9]{3})[a-zA-Z]{1}$/
+
+/*
+ * taxCode can have 2 letter (IT,DE,..) and 11 digits
+ */
+export const taxCodeCompany = /^([A-Z]{2}|)[0-9]{11}$/
+export const iban = /^[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}$/
+export const mobilePhone = /^((00|\+)39)?3[0-9]{8,9}$/
+export const landLinePhone = /^(((00|\+)39))?[\s]?(0{1}[1-9]{1,3})[\s]?(\d{4,6})$/
+export const tollFreePhone = /^((00|\+)39)?(800|803|167)\d{3,6}$/

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@volcanicminds/backend",
-  "version": "0.2.27",
+  "version": "0.2.29",
   "codename": "turin",
   "license": "MIT",
   "description": "The volcanic (minds) backend",

package/types/global.d.ts

@@ -2,7 +2,7 @@ import { FastifyRequest, FastifyReply } from 'fastify'
 
 export interface AuthenticatedUser {
   id: number
-  name: string
+  username: string
   email: string
   roles: Role[]
 }
@@ -68,6 +68,20 @@ export interface ConfiguredRoute {
   }
 }
 
+export interface UserManagement {
+  createUser(data: any): any | null
+  resetExternalId(data: any): any | null
+  updateUserById(id: string, user: any): any | null
+  retrieveUserById(id: string): any | null
+  retrieveUserByEmail(email: string): any | null
+  retrieveUserByExternalId(externalId: string): any | null
+  retrieveUserByPassword(email: string, password: string): any | null
+  changePassword(email: string, password: string, oldPassword: string): any | null
+  enableUserById(id: string): any | null
+  disableUserById(id: string): any | null
+  isValidUser(data: any): boolean
+}
+
 declare module 'fastify' {
   export interface FastifyRequest {
     user?: AuthenticatedUser

package/dist/lib/api/auth/controller/password.js

@@ -1,23 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.newAuthCode = exports.valid = exports.compare = exports.hash = void 0;
-const { customAlphabet } = require('nanoid');
-const nanoid = customAlphabet('AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz0123456789');
-const bcrypt = require('bcrypt');
-function hash(password) {
-    return bcrypt.hashSync(password, bcrypt.genSaltSync());
-}
-exports.hash = hash;
-function compare(password, encryptedPassword) {
-    return bcrypt.compareSync(password, encryptedPassword);
-}
-exports.compare = compare;
-function valid(password) {
-    return true;
-}
-exports.valid = valid;
-function newAuthCode() {
-    return nanoid(Number(process.env.AUTH_CODE_SIZE) || 10);
-}
-exports.newAuthCode = newAuthCode;
-//# sourceMappingURL=password.js.map

package/dist/lib/api/auth/controller/password.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"password.js","sourceRoot":"","sources":["../../../../../lib/api/auth/controller/password.ts"],"names":[],"mappings":";;;AAAA,MAAM,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAA;AAC5C,MAAM,MAAM,GAAG,cAAc,CAAC,gEAAgE,CAAC,CAAA;AAE/F,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAA;AAGhC,SAAgB,IAAI,CAAC,QAAgB;IACnC,OAAO,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,WAAW,EAAE,CAAC,CAAA;AACxD,CAAC;AAFD,oBAEC;AAED,SAAgB,OAAO,CAAC,QAAgB,EAAE,iBAAyB;IACjE,OAAO,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAA;AACxD,CAAC;AAFD,0BAEC;AAED,SAAgB,KAAK,CAAC,QAAgB;IACpC,OAAO,IAAI,CAAA;AACb,CAAC;AAFD,sBAEC;AAED,SAAgB,WAAW;IACzB,OAAO,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAA;AACzD,CAAC;AAFD,kCAEC"}

package/dist/lib/middleware/example.js

@@ -1,13 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const log = global.log;
-module.exports = (req, res, next) => {
-    try {
-        return next();
-    }
-    catch (err) {
-        log.e && log.error(`Upps, something just happened ${err}`);
-        res.code(403).send(err);
-    }
-};
-//# sourceMappingURL=example.js.map

package/dist/lib/middleware/example.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"example.js","sourceRoot":"","sources":["../../../lib/middleware/example.ts"],"names":[],"mappings":";;AAEA,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAA;AACtB,MAAM,CAAC,OAAO,GAAG,CAAC,GAAmB,EAAE,GAAiB,EAAE,IAAS,EAAE,EAAE;IACrE,IAAI;QAEF,OAAO,IAAI,EAAE,CAAA;KACd;IAAC,OAAO,GAAG,EAAE;QACZ,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,iCAAiC,GAAG,EAAE,CAAC,CAAA;QAC1D,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;KACxB;AACH,CAAC,CAAA"}

package/lib/api/auth/controller/password.ts

@@ -1,21 +0,0 @@
-const { customAlphabet } = require('nanoid')
-const nanoid = customAlphabet('AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz0123456789')
-
-const bcrypt = require('bcrypt')
-// const validator = require('../../../loader/validator')
-
-export function hash(password: string): string {
-  return bcrypt.hashSync(password, bcrypt.genSaltSync())
-}
-
-export function compare(password: string, encryptedPassword: string): boolean {
-  return bcrypt.compareSync(password, encryptedPassword)
-}
-
-export function valid(password: string): boolean {
-  return true //password?.length > 7 && validator.password(password)
-}
-
-export function newAuthCode() {
-  return nanoid(Number(process.env.AUTH_CODE_SIZE) || 10)
-}

package/lib/middleware/example.ts

@@ -1,12 +0,0 @@
-import { FastifyReply, FastifyRequest } from 'fastify'
-
-const log = global.log
-module.exports = (req: FastifyRequest, res: FastifyReply, next: any) => {
-  try {
-    // TODO: do something and then you can throw an exception or call next()..
-    return next()
-  } catch (err) {
-    log.e && log.error(`Upps, something just happened ${err}`)
-    res.code(403).send(err)
-  }
-}