npm - @wasp.sh/wasp-cli-darwin-arm64-unknown - Versions diffs - 0.17.2 - Mend

@wasp.sh/wasp-cli-darwin-arm64-unknown 0.17.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @wasp.sh/wasp-cli-darwin-arm64-unknown might be problematic. Click here for more details.

Files changed (291) hide show

package/data/Generator/templates/sdk/wasp/auth/forms/internal/usernameAndPassword/useUsernameAndPassword.ts ADDED Viewed

@@ -0,0 +1,29 @@
+import { login, signup } from '../../../username'
+// PRIVATE API
+export function useUsernameAndPassword({
+  onError,
+  onSuccess,
+  isLogin,
+}: {
+  onError: (error: Error) => void
+  onSuccess: () => void
+  isLogin: boolean
+}) {
+  async function handleSubmit(data) {
+    try {
+      if (!isLogin) {
+        await signup(data)
+      }
+      await login(data)
+      onSuccess()
+    } catch (err: unknown) {
+      onError(err as Error)
+    }
+  }
+  return {
+    handleSubmit,
+  }
+}

package/data/Generator/templates/sdk/wasp/auth/forms/types.ts ADDED Viewed

@@ -0,0 +1,52 @@
+{{={= =}=}}
+import { createTheme } from '@stitches/react'
+import { UseFormReturn, RegisterOptions } from 'react-hook-form'
+import type { LoginSignupFormFields } from './internal/common/LoginSignupForm'
+// PRIVATE API
+export enum State {
+  Login = 'login',
+  Signup = 'signup',
+  {=# isEmailAuthEnabled =}
+  ForgotPassword = 'forgot-password',
+  ResetPassword = 'reset-password',
+  VerifyEmail = 'verify-email',
+  {=/ isEmailAuthEnabled =}
+}
+// PUBLIC API
+export type CustomizationOptions = {
+  logo?: string
+  socialLayout?: 'horizontal' | 'vertical'
+  appearance?: Parameters<typeof createTheme>[0]
+}
+// PRIVATE API
+export type ErrorMessage = {
+  title: string
+  description?: string
+}
+// PRIVATE API
+export type FormState = {
+  isLoading: boolean
+}
+// PRIVATE API
+export type AdditionalSignupFieldRenderFn = (
+  hookForm: UseFormReturn<LoginSignupFormFields>,
+  formState: FormState
+) => React.ReactNode
+// PRIVATE API
+export type AdditionalSignupField = {
+  name: string
+  label: string
+  type: 'input' | 'textarea'
+  validations?: RegisterOptions<LoginSignupFormFields>
+}
+// PRIVATE API
+export type AdditionalSignupFields =
+  | (AdditionalSignupField | AdditionalSignupFieldRenderFn)[]
+  | AdditionalSignupFieldRenderFn

package/data/Generator/templates/sdk/wasp/auth/helpers/_Provider.tsx ADDED Viewed

@@ -0,0 +1,17 @@
+{{={= =}=}}
+import { config } from 'wasp/client'
+import { SocialButton } from '../forms/internal/social/SocialButton'
+import * as SocialIcons from '../forms/internal/social/SocialIcons'
+// PUBLIC API
+export const signInUrl: string = `${config.apiUrl}{= signInPath =}`
+// PUBLIC API
+export function SignInButton(): React.JSX.Element {
+  return (
+    <SocialButton href={signInUrl}>
+      <SocialIcons.{= displayName =} />
+    </SocialButton>
+  )
+}

package/data/Generator/templates/sdk/wasp/auth/helpers/user.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import { setSessionId } from 'wasp/client/api'
+import { invalidateAndRemoveQueries } from '../../client/operations/internal/resources.js'
+// PRIVATE API
+export async function initSession(sessionId: string): Promise<void> {
+    setSessionId(sessionId)
+    // We need to invalidate queries after login in order to get the correct user
+    // data in the React components (using `useAuth`).
+    // Redirects after login won't work properly without this.
+    // TODO(filip): We are currently removing all the queries, but we should
+    // remove only non-public, user-dependent queries - public queries are
+    // expected not to change in respect to the currently logged in user.
+    await invalidateAndRemoveQueries()
+}

package/data/Generator/templates/sdk/wasp/auth/index.ts ADDED Viewed

@@ -0,0 +1,9 @@
+// PUBLIC API
+export {
+  getEmail,
+  getUsername,
+  getFirstProviderUserId,
+} from './user.js'
+// PUBLIC API
+export { type AuthUser } from '../server/auth/user.js'

package/data/Generator/templates/sdk/wasp/auth/jwt.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import * as jwt from 'oslo/jwt'
+import { config } from 'wasp/server'
+const JWT_SECRET = new TextEncoder().encode(config.auth.jwtSecret)
+const JWT_ALGORITHM = 'HS256'
+// PRIVATE API
+export function createJWT(
+  data: Parameters<typeof jwt.createJWT>[2],
+  options: Parameters<typeof jwt.createJWT>[3],
+): Promise<string> {
+  return jwt.createJWT(JWT_ALGORITHM, JWT_SECRET, data, options)
+}
+// PRIVATE API
+export async function validateJWT<Payload>(token: string): Promise<Payload> {
+  const { payload } = await jwt.validateJWT(JWT_ALGORITHM, JWT_SECRET, token)
+  return payload as Payload
+}
+// PRIVATE API
+export { TimeSpan } from 'oslo'

package/data/Generator/templates/sdk/wasp/auth/logout.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { api, removeLocalUserData } from 'wasp/client/api'
+import { invalidateAndRemoveQueries } from '../client/operations/internal/resources.js'
+// PUBLIC API
+export default async function logout(): Promise<void> {
+  try {
+    await api.post('/auth/logout')
+  } finally {
+    // Even if the logout request fails, we still want to remove the local user data
+    // in case the logout failed because of a network error and the user walked away
+    // from the computer.
+    removeLocalUserData()
+    // TODO(filip): We are currently invalidating and removing  all the queries, but
+    // we should remove only the non-public, user-dependent ones.
+    await invalidateAndRemoveQueries()
+  }
+}

package/data/Generator/templates/sdk/wasp/auth/lucia.ts ADDED Viewed

@@ -0,0 +1,53 @@
+{{={= =}=}}
+import { Lucia } from "lucia";
+import { PrismaAdapter } from "@lucia-auth/adapter-prisma";
+import { prisma } from 'wasp/server'
+import { type {= userEntityUpper =} } from "wasp/entities"
+const prismaAdapter = new PrismaAdapter(
+  prisma.{= sessionEntityLower =},
+  prisma.{= authEntityLower =},
+);
+// PRIVATE API
+/**
+ * We are using Lucia for session management.
+ *
+ * Some details:
+ * 1. We are using the Prisma adapter for Lucia.
+ * 2. We are not using cookies for session management. Instead, we are using
+ *    the Authorization header to send the session token.
+ * 3. Our `Session` entity is connected to the `Auth` entity.
+ * 4. We are exposing the `userId` field from the `Auth` entity to
+ *    make fetching the User easier.
+ */
+export const auth = new Lucia<{}, {
+  userId: {= userEntityUpper =}['id']
+}>(prismaAdapter, {
+  // Since we are not using cookies, we don't need to set any cookie options.
+  // But in the future, if we decide to use cookies, we can set them here.
+  // sessionCookie: {
+  //   name: "session",
+  //   expires: true,
+  //   attributes: {
+  //     secure: !config.isDevelopment,
+  //     sameSite: "lax",
+  //   },
+  // },
+  getUserAttributes({ userId }) {
+    return {
+      userId,
+    };
+  },
+});
+declare module "lucia" {
+  interface Register {
+    Lucia: typeof auth;
+    DatabaseSessionAttributes: {};
+    DatabaseUserAttributes: {
+      userId: {= userEntityUpper =}['id']
+    };
+  }
+}

package/data/Generator/templates/sdk/wasp/auth/password.ts ADDED Viewed

@@ -0,0 +1,36 @@
+import { hash, verify, Version, type Options } from "@node-rs/argon2";
+// The options are the same as the ones used in the oslo/password library
+const hashingOptions: Options = {
+  memoryCost: 19456,
+  timeCost: 2,
+  outputLen: 32,
+  parallelism: 1,
+  version: Version.V0x13,
+};
+// PRIVATE API
+export async function hashPassword(password: string): Promise<string> {
+  return hash(normalizePassword(password), hashingOptions);
+}
+// PRIVATE API
+export async function verifyPassword(
+  hashedPassword: string,
+  password: string
+): Promise<void> {
+  const validPassword = await verify(
+    hashedPassword,
+    normalizePassword(password),
+    hashingOptions
+  );
+  if (!validPassword) {
+    throw new Error("Invalid password");
+  }
+}
+// We are normalising the password to ensure that the password is always hashed in the same way
+// We have the same normalising process as oslo/password did in the past
+function normalizePassword(password: string): string {
+  return password.normalize("NFKC");
+}

package/data/Generator/templates/sdk/wasp/auth/providers/index.ts ADDED Viewed

@@ -0,0 +1,9 @@
+{{={= =}=}}
+{=# emailUserSignupFields.isDefined =}
+export type { UserEmailSignupFields } from './types';
+{=/ emailUserSignupFields.isDefined =}
+{=# usernameAndPasswordUserSignupFields.isDefined =}
+export type { UserUsernameAndPasswordSignupFields } from './types';
+{=/ usernameAndPasswordUserSignupFields.isDefined =}

package/data/Generator/templates/sdk/wasp/auth/providers/types.ts ADDED Viewed

@@ -0,0 +1,68 @@
+{{={= =}=}}
+import type { Router, Request } from 'express'
+import type { Prisma } from '@prisma/client'
+import type { Expand, Exact } from 'wasp/universal/types'
+import type { ProviderName } from '../utils'
+// PUBLIC API
+export function defineUserSignupFields<T extends UserSignupFields>(
+  fields: Exact<UserSignupFields, T>
+): T {
+  return fields
+}
+{=# emailUserSignupFields.isDefined =}
+{=& emailUserSignupFields.importStatement =}
+// PUBLIC API
+export type UserEmailSignupFields = InferUserSignupFields<typeof {= emailUserSignupFields.importIdentifier =}>;
+{=/ emailUserSignupFields.isDefined =}
+{=# usernameAndPasswordUserSignupFields.isDefined =}
+{=& usernameAndPasswordUserSignupFields.importStatement =}
+// PUBLIC API
+export type UserUsernameAndPasswordSignupFields = InferUserSignupFields<typeof {= usernameAndPasswordUserSignupFields.importIdentifier =}>;
+{=/ usernameAndPasswordUserSignupFields.isDefined =}
+/**
+ * Extracts the result types from a UserSignupFields object.
+ *
+ * This type transforms an object containing field getter functions
+ * into an object with the same keys but whose values are the return types
+ * of those functions.
+ */
+type InferUserSignupFields<T extends UserSignupFields> = {
+  [K in keyof T]: T[K] extends FieldGetter<PossibleUserFieldValues>
+    ? ReturnType<T[K]>
+    : never
+}
+type UserEntityCreateInput = Prisma.{= userEntityUpper =}CreateInput
+// PRIVATE API
+export type ProviderConfig = {
+    // Unique provider identifier, used as part of URL paths
+    id: ProviderName;
+    displayName: string;
+    // Every provider must have a setupRouter method which returns the Express router.
+    // In this function we are flexibile to do what ever is necessary to make the provider work.
+    createRouter(provider: ProviderConfig): Router;
+};
+// PRIVATE API
+export type RequestWithWasp = Request & { wasp?: { [key: string]: any } }
+// PRIVATE API
+export type PossibleUserFields = Expand<Partial<UserEntityCreateInput>>
+// PRIVATE API
+export type UserSignupFields = {
+  [key in keyof PossibleUserFields]: FieldGetter<
+    PossibleUserFields[key]
+  >
+}
+type FieldGetter<T extends PossibleUserFieldValues> = (
+  data: { [key: string]: unknown }
+) => Promise<T | undefined> | T | undefined
+type PossibleUserFieldValues = PossibleUserFields[keyof PossibleUserFields]

package/data/Generator/templates/sdk/wasp/auth/session.ts ADDED Viewed

@@ -0,0 +1,78 @@
+{{={= =}=}}
+import { Request as ExpressRequest } from "express";
+import { type {= userEntityUpper =} } from '../entities/index.js';
+import { type AuthUserData } from '../server/auth/user.js';
+import { auth } from "./lucia.js";
+import type { Session } from "lucia";
+import { createInvalidCredentialsError } from "./utils.js";
+import { prisma } from 'wasp/server';
+import { createAuthUserData } from "../server/auth/user.js";
+// PRIVATE API
+// Creates a new session for the `authId` in the database
+export async function createSession(authId: string): Promise<Session> {
+  return auth.createSession(authId, {});
+}
+type SessionAndUser = {
+  session: Session;
+  user: AuthUserData;
+}
+// PRIVATE API
+export async function getSessionAndUserFromBearerToken(req: ExpressRequest): Promise<SessionAndUser | null> {
+  const authorizationHeader = req.headers["authorization"];
+  if (typeof authorizationHeader !== "string") {
+    return null;
+  }
+  const sessionId = auth.readBearerToken(authorizationHeader);
+  if (!sessionId) {
+    return null;
+  }
+  return getSessionAndUserFromSessionId(sessionId);
+}
+// PRIVATE API
+export async function getSessionAndUserFromSessionId(sessionId: string): Promise<SessionAndUser | null> {
+  const { session, user: authEntity } = await auth.validateSession(sessionId);
+  if (!session || !authEntity) {
+    return null;
+  }
+  return {
+    session,
+    user: await getAuthUserData(authEntity.userId)
+  }
+}
+async function getAuthUserData(userId: {= userEntityUpper =}['id']): Promise<AuthUserData> {
+  const user = await prisma.{= userEntityLower =}
+    .findUnique({
+      where: { id: userId },
+      include: {
+        {= authFieldOnUserEntityName =}: {
+          include: {
+            {= identitiesFieldOnAuthEntityName =}: true
+          }
+        }
+      }
+    })
+  if (!user) {
+    throw createInvalidCredentialsError()
+  }
+  return createAuthUserData(user);
+}
+// PRIVATE API
+export function invalidateSession(sessionId: string): Promise<void> {
+  return auth.invalidateSession(sessionId);
+}

package/data/Generator/templates/sdk/wasp/auth/types.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ // todo(filip): turn into a proper import/path
2	+ export type { ProviderName } from 'wasp/server/_types'

package/data/Generator/templates/sdk/wasp/auth/useAuth.ts ADDED Viewed

@@ -0,0 +1,37 @@
+{{={= =}=}}
+import { deserialize } from 'wasp/core/serialization'
+import { useQuery, buildAndRegisterQuery } from 'wasp/client/operations'
+import type { QueryFunction, Query  } from 'wasp/client/operations/rpc'
+import { api, handleApiError } from 'wasp/client/api'
+import { HttpMethod } from 'wasp/client'
+import type { AuthUser, AuthUserData } from '../server/auth/user.js'
+import { makeAuthUserIfPossible } from '../auth/user.js'
+import { UseQueryResult } from '@tanstack/react-query'
+// PUBLIC API
+export const getMe: Query<void, AuthUser | null> = createUserGetter()
+// PUBLIC API
+export default function useAuth(): UseQueryResult<AuthUser | null> {
+  return useQuery(getMe)
+}
+function createUserGetter(): Query<void, AuthUser | null> {
+  const getMeRelativePath = 'auth/me'
+  const getMeRoute = { method: HttpMethod.Get, path: `/${getMeRelativePath}` }
+  const getMe: QueryFunction<void, AuthUser | null> = async () =>  {
+    try {
+      const response = await api.get(getMeRoute.path)
+      const userData = deserialize<AuthUserData | null>(response.data)
+      return makeAuthUserIfPossible(userData)
+    } catch (error) {
+      throw handleApiError(error)
+    }
+  }
+  return buildAndRegisterQuery(getMe, {
+    queryCacheKey: [getMeRelativePath],
+    queryRoute: getMeRoute,
+    entitiesUsed: {=& entitiesGetMeDependsOn =},
+  })
+}

package/data/Generator/templates/sdk/wasp/auth/user.ts ADDED Viewed

@@ -0,0 +1,63 @@
+import { type ProviderName } from '../server/_types/index.js'
+import type {
+  AuthUserData,
+  AuthUser,
+  UserEntityWithAuth,
+} from '../server/auth/user.js'
+import { isNotNull } from '../universal/predicates.js'
+/**
+ * We split the user.ts code into two files to avoid some server-only
+ * code (Oslo's hashing functions) being imported on the client.
+ */
+// PUBLIC API
+export function getEmail(user: UserEntityWithAuth): string | null {
+  return findUserIdentity(user, "email")?.providerUserId ?? null;
+}
+// PUBLIC API
+export function getUsername(user: UserEntityWithAuth): string | null {
+  return findUserIdentity(user, "username")?.providerUserId ?? null;
+}
+// PUBLIC API
+export function getFirstProviderUserId(user?: UserEntityWithAuth): string | null {
+  if (!user || !user.auth || !user.auth.identities || user.auth.identities.length === 0) {
+    return null;
+  }
+  return user.auth.identities[0].providerUserId ?? null;
+}
+// PRIVATE API (used in SDK and server)
+export type { AuthUserData, AuthUser } from '../server/auth/user.js'
+// PRIVATE API (used in SDK and server)
+export function makeAuthUserIfPossible(user: null): null
+export function makeAuthUserIfPossible(user: AuthUserData): AuthUser
+export function makeAuthUserIfPossible(user: AuthUserData | null): AuthUser | null
+export function makeAuthUserIfPossible(
+  user: AuthUserData | null,
+): AuthUser | null {
+  return user ? makeAuthUser(user) : null
+}
+function makeAuthUser(data: AuthUserData): AuthUser {
+  return {
+    ...data,
+    getFirstProviderUserId: () => {
+      const identities = Object.values(data.identities).filter(isNotNull);
+      return identities.length > 0 ? identities[0].id : null;
+    },
+  };
+}
+function findUserIdentity(user: UserEntityWithAuth, providerName: ProviderName): NonNullable<UserEntityWithAuth['auth']>['identities'][number] | null {
+  if (!user.auth) {
+    return null;
+  }
+  return user.auth.identities.find(
+    (identity) => identity.providerName === providerName
+  ) ?? null;
+}

package/data/Generator/templates/sdk/wasp/auth/username/actions/login.ts ADDED Viewed

@@ -0,0 +1,13 @@
+{{={= =}=}}
+import { api, handleApiError } from 'wasp/client/api'
+import { initSession } from '../../helpers/user'
+export async function login(data: { username: string, password: string }): Promise<void> {
+  try {
+    const response = await api.post('{= loginPath =}', data)
+    await initSession(response.data.sessionId)
+  } catch (error) {
+    throw handleApiError(error)
+  }
+}

package/data/Generator/templates/sdk/wasp/auth/username/actions/signup.ts ADDED Viewed

@@ -0,0 +1,20 @@
+{{={= =}=}}
+import { api, handleApiError } from 'wasp/client/api'
+{=# usernameAndPasswordUserSignupFields.isDefined =}
+import { type UserUsernameAndPasswordSignupFields } from '../../providers'
+{=/ usernameAndPasswordUserSignupFields.isDefined =}
+type UsernameSignupData = {
+  username: string
+  password: string
+}{=# usernameAndPasswordUserSignupFields.isDefined =} & UserUsernameAndPasswordSignupFields{=/ usernameAndPasswordUserSignupFields.isDefined =}
+// PUBLIC API
+export async function signup(data: UsernameSignupData): Promise<void> {
+  try {
+    await api.post('{= signupPath =}', data)
+  } catch (error) {
+    throw handleApiError(error)
+  }
+}

package/data/Generator/templates/sdk/wasp/auth/username/index.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { login } from './actions/login'
2	+ export { signup } from './actions/signup'