@xenterprises/fastify-xconfig 1.0.1 → 1.1.0

package/package.json

@@ -1,42 +1,48 @@
 {
   "name": "@xenterprises/fastify-xconfig",
-  "version": "1.0.1",
-  "description": "[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](http://standardjs.com/)  ![CI workflow](__MY_PLUGIN_URL__ /workflows/CI%20workflow/badge.svg)",
-  "main": "index.js",
-  "directories": {
-    "test": "test"
-  },
+  "type": "module",
+  "version": "1.1.0",
+  "description": "Fastify configuration plugin for setting up middleware, services, and route handling.",
+  "main": "src/xConfig.js",
   "scripts": {
-    "test": "npm run lint && npm run unit && npm run test:typescript",
-    "lint": "standard && npm run lint:typescript",
-    "lint:typescript": "ts-standard",
-    "test:typescript": "tsd",
-    "unit": "node --test"
+    "start": "fastify start -l info server/app.js",
+    "dev": "fastify start -w -l info -P server/app.js",
+    "test": "node --test test/**/*.test.js"
   },
-  "keywords": [],
   "author": "Tim Mushen",
-  "license": "MIT",
-  "types": "index.d.ts",
-  "dependencies": {
-    "fastify-plugin": "^4.0.0"
-  },
+  "license": "ISC",
   "devDependencies": {
-    "@types/node": "^20.4.4",
+    "@types/node": "^22.7.4",
+    "c8": "^9.0.0",
+    "fastify": "^4.28.1",
+    "fastify-plugin": "^4.0.0",
     "fastify-tsconfig": "^2.0.0",
-    "standard": "^17.0.0",
-    "ts-standard": "^12.0.1",
-    "tsd": "^0.31.0",
-    "typescript": "^5.2.2"
-  },
-  "tsd": {
-    "directory": "test"
+    "typescript": "^5.6.3"
   },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/xenterprises/module-fastify-xconfig.git"
-  },
-  "bugs": {
-    "url": "https://github.com/xenterprises/module-fastify-xconfig/issues"
-  },
-  "homepage": "https://github.com/xenterprises/module-fastify-xconfig#readme"
+  "dependencies": {
+    "@fastify/autoload": "^6.0.2",
+    "@fastify/cookie": "^9.4.0",
+    "@fastify/cors": "^9.0.1",
+    "@fastify/multipart": "^8.3.0",
+    "@fastify/rate-limit": "^9.1.0",
+    "@fastify/sensible": "^5.6.0",
+    "@fastify/under-pressure": "^9.0.1",
+    "@prisma/client": "^6.3.1",
+    "@sendgrid/client": "^8.1.3",
+    "@sendgrid/mail": "^8.1.3",
+    "bcrypt": "^5.1.1",
+    "check-disk-space": "^3.4.0",
+    "fastify": "^4.28.1",
+    "fastify-bugsnag": "^4.1.4",
+    "fastify-cli": "^6.2.1",
+    "fastify-cloudinary": "^2.0.0",
+    "fastify-list-routes": "^1.0.0",
+    "fastify-multipart": "^5.4.0",
+    "fastify-plugin": "^4.0.0",
+    "fastify-rate-limit": "^5.9.0",
+    "jose": "^6.0.11",
+    "stripe": "^16.12.0",
+    "twilio": "^5.3.2",
+    "uncrypto": "^0.1.3"
+  }
 }

package/server/app.js

@@ -0,0 +1,78 @@
+// server/app.js
+import Fastify from 'fastify';
+import xConfig from '../src/xConfig.js';  // Import your plugin correctly
+
+const fastify = Fastify();
+
+
+export default async function (fastify, opts) {
+  fastify.register(xConfig, {
+    professional: false,
+    fancyErrors: true,
+    prisma: {
+      active: false,
+    },
+    bugsnag: {
+      apiKey: process.env.BUGSNAG_API_KEY
+    },
+    rateLimit: {
+      max: process.env.RATE_LIMIT_MAX || 100,
+      timeWindow: process.env.RATE_LIMIT_TIME_WINDOW || '1 minute'
+    },
+    stripe: {
+      active: false,
+      apiKey: process.env.STRIPE_API_KEY
+    },
+    sendGrid: {
+      active: true,
+      apiKey: process.env.SENDGRID_API_KEY,
+      apiKeyEmailValidation: process.env.SENDGRID_API_EMAIL_VALIDATION_KEY,
+      fromEmail: process.env.SENDGRID_FROM_EMAIL || 'ops@getx.io',
+    },
+    twilio: {
+      active: true,
+      accountSid: process.env.TWILIO_ACCOUNT_SID,
+      authToken: process.env.TWILIO_AUTH_TOKEN,
+      phoneNumber: process.env.TWILIO_PHONE_NUMBER
+    },
+    cloudinary: {
+      active: false,
+      cloudName: process.env.CLOUDINARY_CLOUD_NAME,
+      apiKey: process.env.CLOUDINARY_API_KEY,
+      apiSecret: process.env.CLOUDINARY_API_SECRET,
+      basePath: process.env.CLOUDINARY_BASE_PATH || 'basepath'
+    },
+    cors: {
+      active: true,
+      origin: process.env.CORS_ORIGIN || ['http://localhost:3000', 'https://app.bandmate.io'],
+      credentials: true
+    },
+    auth: {
+      excludedPaths: ['/public', '/portal/auth/register'],
+      admin: {
+        active: true,
+        secret: process.env.ADMIN_STACK_PROJECT_ID,
+      },
+      user: {
+        active: true,
+        portalStackProjectId: process.env.STACK_PROJECT_ID,
+        me: {
+          isOnboarded: true
+        },
+        registerEmail: {
+          subject: 'Welcome to Bandmate!',
+          templateId: ''
+        }
+      },
+    },
+    geocode: {
+      active: true,
+      apiKey: process.env.GEOCODIO_API_KEY
+    }
+  });  // Register the default export, which should be a function
+  fastify.get('/', async (request, reply) => {
+    console.log(fastify.xEcho())
+    return { status: fastify.xEcho() }
+  })
+
+};

package/src/auth/admin.js

@@ -0,0 +1,181 @@
+import * as jose from "jose";
+const isProduction = process.env.NODE_ENV === 'production';
+
+export async function setupAdminAuth(fastify, options) {
+  if (options.admin?.active !== false) {
+    // Get configuration
+    const projectId = options.admin.stackProjectId || process.env.ADMIN_STACK_PROJECT_ID;
+    const publishableKey = options.admin.publishableKey || process.env.ADMIN_STACK_PUBLISHABLE_CLIENT_KEY;
+    const secretKey = options.admin.secretKey || process.env.ADMIN_STACK_SECRET_SERVER_KEY;
+
+    if (!projectId) {
+      throw new Error("Stack Auth admin project ID is required");
+    }
+
+    if (!publishableKey || !secretKey) {
+      throw new Error("Stack Auth admin publishable and secret keys are required");
+    }
+
+    const adminExcludedPaths = options.admin.excludedPaths || [
+      "/admin/auth/login",
+      "/admin/auth/logout",
+    ];
+
+    // Base URL for Stack Auth API
+    const stackAuthBaseUrl = `https://api.stack-auth.com/api/v1`;
+    const jwksUrl = `${stackAuthBaseUrl}/projects/${projectId}/.well-known/jwks.json`;
+
+    // Create JWKS for token verification
+    const jwks = jose.createRemoteJWKSet(new URL(jwksUrl));
+
+    // Helper for Stack Auth API headers
+    fastify.decorate('getAdminStackAuthHeaders', function (accessType = "server") {
+      const headers = {
+        'Content-Type': 'application/json',
+        'Accept': 'application/json',
+        'X-Stack-Access-Type': accessType,
+        'X-Stack-Project-Id': projectId,
+      };
+
+      if (accessType === "client") {
+        headers['X-Stack-Publishable-Client-Key'] = publishableKey;
+      } else if (accessType === "server") {
+        headers['X-Stack-Secret-Server-Key'] = secretKey;
+      }
+
+      return headers;
+    });
+
+    // JWT verification helper
+    fastify.decorate('verifyAdminStackJWT', async function (accessToken) {
+      try {
+        // Add validation to ensure accessToken is a valid string
+        if (!accessToken || typeof accessToken !== 'string') {
+          fastify.log.error('Invalid admin token format: token must be a non-empty string');
+          return null;
+        }
+
+        const { payload } = await jose.jwtVerify(accessToken, jwks);
+
+        // Verify the payload has expected properties
+        if (!payload || !payload.sub) {
+          fastify.log.error('Invalid admin token payload: missing required claims');
+          return null;
+        }
+
+        return payload;
+      } catch (error) {
+        fastify.log.error(error);
+        return null;
+      }
+    });
+
+    // Admin authentication hook
+    fastify.addHook("onRequest", async (request, reply) => {
+      const url = request.url;
+
+      // Skip authentication for excluded paths
+      if (adminExcludedPaths.some((path) => url.startsWith(path))) {
+        return;
+      }
+
+      if (url.startsWith("/admin")) {
+        try {
+          // Get token from header
+          const authHeader = request.headers.authorization;
+          if (!authHeader || !authHeader.startsWith("Bearer ")) {
+            return reply.code(401).send({ error: "Admin access token required" });
+          }
+
+          // Verify token
+          const token = authHeader.slice(7);
+          const payload = await fastify.verifyAdminStackJWT(token);
+
+          if (!payload) {
+            return reply.code(401).send({ error: "Invalid admin token" });
+          }
+
+          // Set admin info on request
+          request.admin = payload;
+          request.adminAuth = { id: payload.sub };
+        } catch (err) {
+          return reply.code(401).send({ error: "Admin authentication failed" });
+        }
+      }
+    });
+
+    // Admin login endpoint
+    fastify.post("/admin/auth/login", async (req, reply) => {
+      try {
+        const { email, password } = req.body;
+
+        if (!email || !password) {
+          return reply.code(400).send({ error: "Email and password required" });
+        }
+
+        // Call Stack Auth API for password sign-in
+        const response = await fetch(
+          `${stackAuthBaseUrl}/auth/password/sign-in`,
+          {
+            method: 'POST',
+            headers: fastify.getAdminStackAuthHeaders("server"),
+            body: JSON.stringify({ email, password })
+          }
+        );
+
+        const data = await response.json().catch(() => ({}));
+
+        if (!response.ok) {
+          return reply.code(response.status || 400).send({
+            error: data.message || "Authentication failed"
+          });
+        }
+
+        // Check if we have the expected response properties
+        if (!data.access_token || !data.refresh_token || !data.user_id) {
+          return reply.code(500).send({ error: "Invalid response from authentication service" });
+        }
+
+        // Verify token
+        const payload = await fastify.verifyAdminStackJWT(data.access_token);
+        if (!payload) {
+          return reply.code(401).send({ error: "Invalid token received" });
+        }
+
+        reply.send({
+          accessToken: data.access_token,
+          refreshToken: data.refresh_token,
+          admin: payload,
+          adminId: data.user_id
+        });
+      } catch (err) {
+        fastify.log.error(err);
+        reply.code(500).send({ error: "Internal server error" });
+      }
+    });
+
+    // Admin info endpoint
+    fastify.get("/admin/auth/me", async (req, reply) => {
+      reply.send(req.admin || { authenticated: false });
+    });
+
+    // Token verification endpoint
+    fastify.post("/admin/auth/verify", async (req, reply) => {
+      const { token } = req.body;
+
+      if (!token) {
+        return reply.code(400).send({ error: "Token required" });
+      }
+
+      const payload = await fastify.verifyAdminStackJWT(token);
+
+      if (!payload) {
+        return reply.code(401).send({ valid: false });
+      }
+
+      reply.send({ valid: true, admin: payload });
+    });
+
+    console.info("   ✅ Auth Admin Enabled");
+  }
+}

package/src/auth/portal.js

@@ -0,0 +1,177 @@
+import * as jose from "jose";
+import fetch from "node-fetch";
+
+export async function setupAuth(fastify, options) {
+  if (options.user?.active !== false) {
+    // Get configuration
+    const projectId = options.user.portalStackProjectId || process.env.STACK_PROJECT_ID;
+    const publishableKey = options.user.publishableKey || process.env.STACK_PUBLISHABLE_CLIENT_KEY;
+    const secretKey = options.user.secretKey || process.env.STACK_SECRET_SERVER_KEY;
+
+    if (!projectId) {
+      throw new Error("Stack Auth project ID is required");
+    }
+
+    if (!publishableKey || !secretKey) {
+      throw new Error("Stack Auth publishable and secret keys are required");
+    }
+
+    const userExcludedPaths = options.user.excludedPaths || [
+      "/portal/auth/login",
+      "/portal/auth/logout",
+      "/portal/auth/register",
+      "/portal/auth/forgot-password",
+      "/portal/auth/reset-password"
+    ];
+
+    // Base URL for Stack Auth API
+    const stackAuthBaseUrl = `https://api.stack-auth.com/api/v1`;
+    const jwksUrl = `${stackAuthBaseUrl}/projects/${projectId}/.well-known/jwks.json`;
+
+    // Create JWKS for token verification
+    const jwks = jose.createRemoteJWKSet(new URL(jwksUrl));
+
+    // Helper for Stack Auth API headers
+    fastify.decorate('getStackAuthHeaders', function (accessType = "server") {
+      const headers = {
+        'Content-Type': 'application/json',
+        'Accept': 'application/json',
+        'X-Stack-Access-Type': accessType,
+        'X-Stack-Project-Id': projectId,
+      };
+
+      if (accessType === "client") {
+        headers['X-Stack-Publishable-Client-Key'] = publishableKey;
+      } else if (accessType === "server") {
+        headers['X-Stack-Secret-Server-Key'] = secretKey;
+      }
+
+      return headers;
+    });
+
+    // JWT verification helper
+    fastify.decorate('verifyStackJWT', async function (accessToken) {
+      try {
+        const { payload } = await jose.jwtVerify(accessToken, jwks);
+        return payload;
+      } catch (error) {
+        fastify.log.error(error);
+        return null;
+      }
+    });
+
+    // API URL helper
+    fastify.decorate('getStackAuthApiUrl', function () {
+      return stackAuthBaseUrl;
+    });
+
+    // Authentication middleware
+    fastify.addHook("onRequest", async (request, reply) => {
+      const url = request.url;
+
+      // Skip excluded paths
+      if (userExcludedPaths.some(path => url.startsWith(path))) {
+        return;
+      }
+
+      if (url.startsWith("/portal")) {
+        try {
+          // Get token from header
+          const authHeader = request.headers.authorization;
+          if (!authHeader || !authHeader.startsWith("Bearer ")) {
+            return reply.code(401).send({ error: "Access token required" });
+          }
+
+          // Verify token
+          const token = authHeader.slice(7);
+          const payload = await fastify.verifyStackJWT(token);
+
+          if (!payload) {
+            return reply.code(401).send({ error: "Invalid token" });
+          }
+
+          // Set user info on request
+          request.user = payload;
+          request.userAuth = { id: payload.sub };
+        } catch (err) {
+          return reply.code(401).send({ error: "Authentication failed" });
+        }
+      }
+    });
+
+    // Login endpoint
+    fastify.post("/portal/auth/login", async (req, reply) => {
+      try {
+        const { email, password } = req.body;
+
+        if (!email || !password) {
+          return reply.code(400).send({ error: "Email and password required" });
+        }
+
+        // Call Stack Auth API for password sign-in
+        const response = await fetch(
+          `${stackAuthBaseUrl}/auth/password/sign-in`,
+          {
+            method: 'POST',
+            headers: fastify.getStackAuthHeaders("server"),
+            body: JSON.stringify({ email, password })
+          }
+        );
+
+        const data = await response.json().catch(() => ({}));
+
+        if (!response.ok) {
+          return reply.code(response.status || 400).send({
+            error: data.message || "Authentication failed"
+          });
+        }
+
+        // Check if we have the expected response properties
+        if (!data.access_token || !data.refresh_token || !data.user_id) {
+          return reply.code(500).send({ error: "Invalid response from authentication service" });
+        }
+
+        // Verify token
+        const payload = await fastify.verifyStackJWT(data.access_token);
+        if (!payload) {
+          return reply.code(401).send({ error: "Invalid token received" });
+        }
+
+        reply.send({
+          accessToken: data.access_token,
+          refreshToken: data.refresh_token,
+          user: payload,
+          userId: data.user_id
+        });
+      } catch (err) {
+        fastify.log.error(err);
+        reply.code(500).send({ error: "Internal server error" });
+      }
+    });
+
+
+    // User info endpoint
+    fastify.get("/portal/auth/me", async (req, reply) => {
+      reply.send(req.user || { authenticated: false });
+    });
+
+    // Token verification endpoint
+    fastify.post("/portal/auth/verify", async (req, reply) => {
+      const { token } = req.body;
+
+      if (!token) {
+        return reply.code(400).send({ error: "Token required" });
+      }
+
+      const payload = await fastify.verifyStackJWT(token);
+
+      if (!payload) {
+        return reply.code(401).send({ valid: false });
+      }
+
+      reply.send({ valid: true, user: payload });
+    });
+
+    console.info("   ✅ Auth User Enabled");
+  }
+}

package/src/integrations/cloudinary.js

@@ -0,0 +1,98 @@
+import { v2 as Cloudinary } from "cloudinary";
+
+export async function setupCloudinary(fastify, options) {
+
+  if (options.active !== false) {
+    if (
+      !options.cloudName ||
+      !options.apiKey ||
+      !options.apiSecret
+    ) {
+      throw new Error(
+        "Cloudinary cloudName, apiKey, and apiSecret must be provided."
+      );
+    }
+
+    Cloudinary.config({
+      cloud_name: options.cloudName,
+      api_key: options.apiKey,
+      api_secret: options.apiSecret,
+    },
+    );
+
+    fastify.decorate('cloudinary', {
+      upload: async (fileStream, options = {}) => {
+        return new Promise((resolve, reject) => {
+          if (options.folder) {
+            options.folder = options.folder || options.folder;
+          }
+          options.resource_type = options.resource_type || 'auto';
+          options.timestamp = Math.floor(Date.now() / 1000);  // Add timestamp to options
+          options.use_filename = options.use_filename !== undefined ? options.use_filename : true;
+          options.unique_filename = options.unique_filename !== undefined ? options.unique_filename : true;
+
+          const uploadStream = Cloudinary.uploader.upload_stream(options, (error, result) => {
+            if (error) {
+              fastify.log.error("Cloudinary upload failed:", error);
+              reject(new Error(`Failed to upload to Cloudinary: ${JSON.stringify(error)}`));
+            } else {
+              resolve(result);  // Resolve with the result from Cloudinary
+            }
+          });
+
+          fileStream.pipe(uploadStream)
+            .on('error', (streamError) => {
+              fastify.log.error("Stream error:", streamError);
+              reject(new Error(`Stream error during Cloudinary upload: ${streamError.message}`));
+            })
+            .on('end', () => {
+              fastify.log.info("Stream ended successfully.");
+            });
+        });
+      },
+
+      uploadLarge: async (fileStream, options = {}) => {
+        return new Promise((resolve, reject) => {
+          if (options.folder) {
+            options.folder = options.folder || options.folder;
+          }
+          options.resource_type = options.resource_type || 'auto';
+          options.timestamp = Math.floor(Date.now() / 1000);
+          options.use_filename = options.use_filename !== undefined ? options.use_filename : true;
+          options.unique_filename = options.unique_filename !== undefined ? options.unique_filename : true;
+          options.overwrite = options.overwrite !== undefined ? options.overwrite : false;
+
+          const uploadStream = Cloudinary.uploader.upload_stream(options, (error, result) => {
+            if (error) {
+              fastify.log.error("Cloudinary upload failed:", error);
+              reject(new Error(`Failed to upload to Cloudinary: ${JSON.stringify(error)}`));
+            } else {
+              resolve(result);
+            }
+          });
+
+          fileStream.pipe(uploadStream)
+            .on('error', (streamError) => {
+              fastify.log.error("Stream error:", streamError);
+              reject(new Error(`Stream error during Cloudinary upload: ${streamError.message}`));
+            })
+            .on('end', () => {
+              fastify.log.info("Stream ended successfully.");
+            });
+        });
+      },
+
+      delete: async (publicId) => {
+        try {
+          const response = await Cloudinary.uploader.destroy(publicId);
+          return response;
+        } catch (error) {
+          fastify.log.error("Cloudinary delete failed:", error);
+          throw new Error("Failed to delete from Cloudinary.");
+        }
+      }
+    });
+
+    console.info("   ✅ Cloudinary Enabled");
+  }
+}

package/src/integrations/geocode.js

@@ -0,0 +1,43 @@
+export async function setupGeocode(fastify, options) {
+  if (options.active !== false) {
+    if (!options.apiKey) {
+      throw new Error("Geocode API key must be provided.");
+    }
+    const geocodioEndpoint = 'https://api.geocod.io/v1.7/geocode';
+    const geocodioApiKey = options.apiKey;
+
+    fastify.decorate('geocode', {
+      // Method to get lat/long and county from a zip code
+      async getLatLongByZip(zipCode) {
+        try {
+          const url = `${geocodioEndpoint}?q=${zipCode}&fields=cd,stateleg&api_key=${geocodioApiKey}`;
+          const response = await fetch(url);
+          const result = await response.json();
+
+          if (result.results && result.results.length > 0) {
+            const location = result.results[0].location;
+            const addressComponents = result.results[0].address_components;
+
+            return {
+              zip: zipCode,
+              lat: location.lat,
+              lng: location.lng,
+              city: addressComponents.city,
+              county: addressComponents.county,
+              country: addressComponents.country,
+              state: addressComponents.state,
+              addressComponents: addressComponents
+            };
+          } else {
+            throw new Error('No results found for the provided zip code.');
+          }
+        } catch (error) {
+          fastify.log.error('Failed to fetch geolocation data:', error);
+          throw new Error('Failed to fetch geolocation data.');
+        }
+      }
+    });
+
+    console.info('   ✅ Geocodio Enabled');
+  }
+}

package/src/integrations/prisma.js

@@ -0,0 +1,30 @@
+
+import { PrismaClient } from "@prisma/client";
+export async function setupPrisma(fastify, options) {
+  if (options.active !== false) {
+    delete options.active;
+    const prisma = new PrismaClient(options);
+
+    // Connect to the database
+    await prisma.$connect();
+
+    // Decorate Fastify instance with Prisma Client
+    fastify.decorate("prisma", prisma);
+
+    // Disconnect Prisma Client when Fastify closes
+    fastify.addHook("onClose", async () => {
+      await fastify.prisma.$disconnect();
+    });
+
+    console.info("   ✅ Prisma Enabled");
+  }
+  /*
+  ===== Ensure Proper Cleanup on Server Shutdown =====
+  */
+  fastify.addHook("onClose", async () => {
+    if (fastify.prisma) {
+      await fastify.prisma.$disconnect();
+    }
+    // Add additional cleanup for other services if necessary
+  });
+}