@wrytes/wrytes-api 0.0.1

package/package.json

@@ -0,0 +1,122 @@
+{
+	"name": "@wrytes/wrytes-api",
+	"version": "0.0.1",
+	"author": "Wrytes",
+	"license": "MIT",
+	"main": "pkg/index.js",
+	"types": "pkg/index.d.ts",
+	"files": [
+		"pkg"
+	],
+	"homepage": "https://api.wrytes.io",
+	"repository": {
+		"url": "git+https://github.com/wrytes/wrytes-api.git"
+	},
+	"scripts": {
+		"build": "nest build",
+		"format": "prettier --write \"src/**/*.ts\" \"test/**/*.ts\"",
+		"start": "nest start",
+		"dev": "nest start --watch",
+		"start:dev": "nest start --watch",
+		"start:debug": "nest start --debug --watch",
+		"start:prod": "node dist/main.js",
+		"lint": "eslint \"src/**/*.ts\" --fix",
+		"test": "jest",
+		"test:watch": "jest --watch",
+		"test:cov": "jest --coverage",
+		"test:e2e": "jest --config ./test/jest-e2e.json",
+		"infra:up": "docker stack deploy -c stack.testing.yml wrytes-api",
+		"infra:down": "docker stack remove wrytes-api",
+		"npm:build": "npx tsup",
+		"npm:publish": "npm publish --access public",
+		"db:generate": "prisma generate",
+		"db:push": "prisma db push",
+		"db:migrate": "prisma migrate dev",
+		"db:migrate:deploy": "prisma migrate deploy",
+		"db:studio": "prisma studio",
+		"db:reset": "prisma migrate reset",
+		"db:grant-admin": "ts-node --skip-project --compiler-options '{\"module\":\"commonjs\",\"moduleResolution\":\"node\",\"esModuleInterop\":true}' --transpile-only prisma/scripts/grant-admin.ts",
+		"db:list-users": "ts-node --skip-project --compiler-options '{\"module\":\"commonjs\",\"moduleResolution\":\"node\",\"esModuleInterop\":true}' --transpile-only prisma/scripts/list-users.ts",
+		"db:remove-user": "ts-node --skip-project --compiler-options '{\"module\":\"commonjs\",\"moduleResolution\":\"node\",\"esModuleInterop\":true}' --transpile-only prisma/scripts/remove-user.ts",
+		"script:deploy-safe": "ts-node --skip-project --compiler-options '{\"module\":\"commonjs\",\"moduleResolution\":\"node\",\"esModuleInterop\":true}' --transpile-only scripts/deploy-safe.ts"
+	},
+	"dependencies": {
+		"@anthropic-ai/sdk": "^0.39.0",
+		"@nestjs/bullmq": "^11.0.4",
+		"@nestjs/common": "^10.0.0",
+		"@nestjs/config": "^3.2.3",
+		"@nestjs/core": "^10.0.0",
+		"@nestjs/event-emitter": "^2.0.0",
+		"@nestjs/platform-express": "^10.0.0",
+		"@nestjs/schedule": "^4.0.0",
+		"@nestjs/swagger": "^7.3.1",
+		"@nestjs/terminus": "^10.2.3",
+		"@nestjs/throttler": "^6.0.0",
+		"@prisma/client": "^6.13.0",
+		"@safe-global/protocol-kit": "^7.0.0",
+		"@wrytes/deribit-api-client": "^1.0.2",
+		"bcrypt": "^5.1.1",
+		"bullmq": "^5.73.0",
+		"class-transformer": "^0.5.1",
+		"class-validator": "^0.14.2",
+		"ioredis": "^5.4.1",
+		"joi": "^17.13.3",
+		"nanoid": "^3.3.7",
+		"nestjs-pino": "^4.1.0",
+		"nestjs-telegraf": "^2.4.0",
+		"openai": "^6.34.0",
+		"pdf-parse": "1.1.1",
+		"pino": "^10.3.1",
+		"pino-http": "^11.0.0",
+		"pino-pretty": "^13.0.0",
+		"prisma": "^6.13.0",
+		"reflect-metadata": "^0.2.0",
+		"rxjs": "^7.8.1",
+		"telegraf": "^4.16.3",
+		"viem": "^2.47.10"
+	},
+	"devDependencies": {
+		"@nestjs/cli": "^10.0.0",
+		"@nestjs/schematics": "^10.0.0",
+		"@nestjs/testing": "^10.0.0",
+		"@types/bcrypt": "^5.0.2",
+		"@types/express": "^4.17.17",
+		"@types/jest": "^29.5.2",
+		"@types/multer": "^2.1.0",
+		"@types/node": "^24.1.0",
+		"@types/pdf-parse": "^1.1.5",
+		"@types/supertest": "^6.0.0",
+		"@typescript-eslint/eslint-plugin": "^6.0.0",
+		"@typescript-eslint/parser": "^6.0.0",
+		"eslint": "^8.42.0",
+		"eslint-config-prettier": "^9.0.0",
+		"eslint-plugin-prettier": "^5.0.0",
+		"jest": "^29.5.0",
+		"prettier": "^3.0.0",
+		"source-map-support": "^0.5.21",
+		"supertest": "^6.3.3",
+		"ts-jest": "^29.1.0",
+		"ts-loader": "^9.4.3",
+		"ts-node": "^10.9.1",
+		"tsconfig-paths": "^4.2.0",
+		"tsup": "^8.5.1",
+		"typescript": "^5.1.3"
+	},
+	"jest": {
+		"moduleFileExtensions": [
+			"js",
+			"json",
+			"ts"
+		],
+		"rootDir": "src",
+		"testRegex": ".*\\.spec\\.ts$",
+		"transform": {
+			"^.+\\.(t|j)s$": "ts-jest"
+		},
+		"collectCoverageFrom": [
+			"**/*.(t|j)s"
+		],
+		"coverageDirectory": "../coverage",
+		"testEnvironment": "node"
+	}
+}

package/pkg/index.d.ts

@@ -0,0 +1,64 @@
+import * as _nestjs_common from '@nestjs/common';
+import { DynamicModule, CanActivate, ExecutionContext } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+
+interface WrytesUserProfile {
+    firstName: string | null;
+    lastName: string | null;
+    businessName: string | null;
+    isVerified: boolean;
+}
+interface WrytesUserWallet {
+    address: string;
+    label: string | null;
+}
+interface WrytesUser {
+    id: string;
+    telegramHandle: string | null;
+    notificationsEnabled: boolean;
+    scopes: string[];
+    wallets: WrytesUserWallet[];
+    profile: WrytesUserProfile | null;
+}
+
+declare const IS_PUBLIC_KEY = "isPublic";
+declare const SCOPES_KEY = "scopes";
+declare const Public: () => _nestjs_common.CustomDecorator<string>;
+declare const RequireScopes: (...scopes: string[]) => _nestjs_common.CustomDecorator<string>;
+declare const CurrentUser: (...dataOrPipes: unknown[]) => ParameterDecorator;
+
+interface WrytesAuthModuleOptions {
+    wrytesApiUrl: string;
+    global?: boolean;
+}
+declare class WrytesAuthModule {
+    static forRoot(options: WrytesAuthModuleOptions): DynamicModule;
+}
+
+declare const WRYTES_API_URL = "WRYTES_API_URL";
+declare class AuthProxyService {
+    private readonly wrytesApiUrl;
+    private readonly logger;
+    private readonly cache;
+    private readonly ttlMs;
+    constructor(wrytesApiUrl: string);
+    resolve(rawToken: string): Promise<WrytesUser>;
+    invalidate(rawToken: string): void;
+    private evict;
+}
+
+declare class AuthProxyGuard implements CanActivate {
+    private readonly authProxy;
+    private readonly reflector;
+    constructor(authProxy: AuthProxyService, reflector: Reflector);
+    canActivate(ctx: ExecutionContext): Promise<boolean>;
+    private extractToken;
+}
+
+declare class ScopesGuard implements CanActivate {
+    private readonly reflector;
+    constructor(reflector: Reflector);
+    canActivate(ctx: ExecutionContext): boolean;
+}
+
+export { AuthProxyGuard, AuthProxyService, CurrentUser, IS_PUBLIC_KEY, Public, RequireScopes, SCOPES_KEY, ScopesGuard, WRYTES_API_URL, WrytesAuthModule, type WrytesAuthModuleOptions, type WrytesUser, type WrytesUserProfile, type WrytesUserWallet };

package/pkg/index.js

@@ -0,0 +1,202 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __decorateClass = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  for (var i = decorators.length - 1, decorator; i >= 0; i--)
+    if (decorator = decorators[i])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result) __defProp(target, key, result);
+  return result;
+};
+var __decorateParam = (index, decorator) => (target, key) => decorator(target, key, index);
+
+// exports/index.ts
+var index_exports = {};
+__export(index_exports, {
+  AuthProxyGuard: () => AuthProxyGuard,
+  AuthProxyService: () => AuthProxyService,
+  CurrentUser: () => CurrentUser,
+  IS_PUBLIC_KEY: () => IS_PUBLIC_KEY,
+  Public: () => Public,
+  RequireScopes: () => RequireScopes,
+  SCOPES_KEY: () => SCOPES_KEY,
+  ScopesGuard: () => ScopesGuard,
+  WRYTES_API_URL: () => WRYTES_API_URL,
+  WrytesAuthModule: () => WrytesAuthModule
+});
+module.exports = __toCommonJS(index_exports);
+
+// exports/decorators.ts
+var import_common = require("@nestjs/common");
+var IS_PUBLIC_KEY = "isPublic";
+var SCOPES_KEY = "scopes";
+var Public = () => (0, import_common.SetMetadata)(IS_PUBLIC_KEY, true);
+var RequireScopes = (...scopes) => (0, import_common.SetMetadata)(SCOPES_KEY, scopes);
+var CurrentUser = (0, import_common.createParamDecorator)(
+  (_data, ctx) => ctx.switchToHttp().getRequest().user
+);
+
+// exports/auth-proxy.module.ts
+var import_common5 = require("@nestjs/common");
+var import_core = require("@nestjs/core");
+
+// exports/auth-proxy.service.ts
+var import_common2 = require("@nestjs/common");
+var import_crypto = require("crypto");
+var WRYTES_API_URL = "WRYTES_API_URL";
+var AuthProxyService = class {
+  constructor(wrytesApiUrl) {
+    this.wrytesApiUrl = wrytesApiUrl;
+    this.logger = new import_common2.Logger(AuthProxyService.name);
+    this.cache = /* @__PURE__ */ new Map();
+    this.ttlMs = 5 * 60 * 1e3;
+  }
+  async resolve(rawToken) {
+    const key = (0, import_crypto.createHash)("sha256").update(rawToken).digest("hex");
+    const cached = this.cache.get(key);
+    if (cached && cached.expiresAt > Date.now()) return cached.user;
+    if (cached) this.cache.delete(key);
+    const isApiKey = rawToken.startsWith("rw_prod_");
+    const headers = isApiKey ? { "x-api-key": rawToken } : { authorization: `Bearer ${rawToken}` };
+    let res;
+    try {
+      res = await fetch(`${this.wrytesApiUrl}/auth/me`, {
+        headers,
+        signal: AbortSignal.timeout(5e3)
+      });
+    } catch (err) {
+      this.logger.error(`/auth/me unreachable: ${err?.message}`);
+      throw new import_common2.UnauthorizedException("Auth service unavailable");
+    }
+    if (!res.ok) {
+      this.logger.warn(`/auth/me \u2192 ${res.status}`);
+      throw new import_common2.UnauthorizedException();
+    }
+    const user = await res.json();
+    this.cache.set(key, { user, expiresAt: Date.now() + this.ttlMs });
+    if (this.cache.size > 2e3) this.evict();
+    return user;
+  }
+  /** Force-expire a token from the cache (e.g. on logout) */
+  invalidate(rawToken) {
+    this.cache.delete((0, import_crypto.createHash)("sha256").update(rawToken).digest("hex"));
+  }
+  evict() {
+    const now = Date.now();
+    for (const [k, v] of this.cache) {
+      if (v.expiresAt <= now) this.cache.delete(k);
+    }
+  }
+};
+AuthProxyService = __decorateClass([
+  (0, import_common2.Injectable)(),
+  __decorateParam(0, (0, import_common2.Inject)(WRYTES_API_URL))
+], AuthProxyService);
+
+// exports/auth-proxy.guard.ts
+var import_common3 = require("@nestjs/common");
+var AuthProxyGuard = class {
+  constructor(authProxy, reflector) {
+    this.authProxy = authProxy;
+    this.reflector = reflector;
+  }
+  async canActivate(ctx) {
+    const isPublic = this.reflector.getAllAndOverride(IS_PUBLIC_KEY, [
+      ctx.getHandler(),
+      ctx.getClass()
+    ]);
+    if (isPublic) return true;
+    const req = ctx.switchToHttp().getRequest();
+    const token = this.extractToken(req);
+    if (!token) throw new import_common3.UnauthorizedException();
+    const user = await this.authProxy.resolve(token);
+    req["user"] = user;
+    req["scopes"] = user.scopes;
+    return true;
+  }
+  extractToken(req) {
+    const auth = req["headers"]?.["authorization"];
+    if (auth?.startsWith("Bearer ")) return auth.slice(7);
+    const key = req["headers"]?.["x-api-key"];
+    if (key) return key;
+    return null;
+  }
+};
+AuthProxyGuard = __decorateClass([
+  (0, import_common3.Injectable)()
+], AuthProxyGuard);
+
+// exports/scopes.guard.ts
+var import_common4 = require("@nestjs/common");
+var ScopesGuard = class {
+  constructor(reflector) {
+    this.reflector = reflector;
+  }
+  canActivate(ctx) {
+    const required = this.reflector.getAllAndOverride(SCOPES_KEY, [
+      ctx.getHandler(),
+      ctx.getClass()
+    ]);
+    if (!required?.length) return true;
+    const scopes = ctx.switchToHttp().getRequest()["scopes"] ?? [];
+    if (scopes.includes("ADMIN")) return true;
+    return required.every((s) => scopes.includes(s));
+  }
+};
+ScopesGuard = __decorateClass([
+  (0, import_common4.Injectable)()
+], ScopesGuard);
+
+// exports/auth-proxy.module.ts
+var WrytesAuthModule = class {
+  static forRoot(options) {
+    const applyGlobally = options.global !== false;
+    return {
+      module: WrytesAuthModule,
+      global: true,
+      providers: [
+        { provide: WRYTES_API_URL, useValue: options.wrytesApiUrl },
+        AuthProxyService,
+        AuthProxyGuard,
+        ScopesGuard,
+        ...applyGlobally ? [
+          { provide: import_core.APP_GUARD, useClass: AuthProxyGuard },
+          { provide: import_core.APP_GUARD, useClass: ScopesGuard }
+        ] : []
+      ],
+      exports: [AuthProxyService, AuthProxyGuard, ScopesGuard]
+    };
+  }
+};
+WrytesAuthModule = __decorateClass([
+  (0, import_common5.Module)({})
+], WrytesAuthModule);
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  AuthProxyGuard,
+  AuthProxyService,
+  CurrentUser,
+  IS_PUBLIC_KEY,
+  Public,
+  RequireScopes,
+  SCOPES_KEY,
+  ScopesGuard,
+  WRYTES_API_URL,
+  WrytesAuthModule
+});