@yimingliao/cms 0.0.24 → 0.0.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/server/index.d.ts +55 -10
- package/dist/server/index.js +131 -6
- package/package.json +1 -1
package/dist/server/index.d.ts
CHANGED
|
@@ -5,7 +5,8 @@ import Keyv from 'keyv';
|
|
|
5
5
|
import { Logger } from 'logry';
|
|
6
6
|
import { e as AdminRole, v as SingleItem, B as BaseTranslation, a as Admin, c as AdminFull, f as AdminSafe, D as DeviceInfo, d as AdminRefreshToken, k as File, m as FileFull, o as FileType, p as Folder, F as FolderFull, u as PostType, M as MultiItems, E as ExternalLink, j as Faq, T as TocItem, q as Post, s as PostListCard, t as PostTranslation, r as PostFull, S as SeoMetadata, g as AdminTranslation, n as FileTranslation, h as Alternate } from '../base-DbGnfZr6.js';
|
|
7
7
|
import { BaseTranslator, LocaleMessages } from 'intor';
|
|
8
|
-
import { S as SuccessResult, R as Result
|
|
8
|
+
import { S as SuccessResult, R as Result } from '../types-DHlRoJwv.js';
|
|
9
|
+
import { NextResponse } from 'next/server';
|
|
9
10
|
|
|
10
11
|
interface CreateJwtServiceOptions {
|
|
11
12
|
defaultSecret: string;
|
|
@@ -26,7 +27,7 @@ declare function createJwtService({ defaultSecret, ...options }: CreateJwtServic
|
|
|
26
27
|
|
|
27
28
|
declare function createArgon2Service(): {
|
|
28
29
|
hash: (password: string) => Promise<string>;
|
|
29
|
-
verify: (
|
|
30
|
+
verify: (digest: string, password: string) => Promise<boolean>;
|
|
30
31
|
};
|
|
31
32
|
|
|
32
33
|
interface CreateCryptoServiceOptions {
|
|
@@ -601,7 +602,7 @@ declare const POST_ORDER_BY: ({
|
|
|
601
602
|
type Action<D> = (translator: BaseTranslator<LocaleMessages>) => Promise<Omit<SuccessResult<D>, "success"> & {
|
|
602
603
|
i18nKey?: string;
|
|
603
604
|
}>;
|
|
604
|
-
interface
|
|
605
|
+
interface CreateExecuteActionOptions {
|
|
605
606
|
initI18n: () => Promise<BaseTranslator<LocaleMessages>>;
|
|
606
607
|
cacheResult: <T>({ key, ttl, load }: CacheResultOptions<T>) => Promise<T>;
|
|
607
608
|
cache: Keyv<unknown>;
|
|
@@ -612,13 +613,57 @@ interface ServerActionOptions {
|
|
|
612
613
|
key?: RawCacheKey;
|
|
613
614
|
ttl?: number;
|
|
614
615
|
}
|
|
615
|
-
declare function createExecuteAction({ initI18n, cacheResult, cache, logger, }:
|
|
616
|
+
declare function createExecuteAction({ initI18n, cacheResult, cache, logger, }: CreateExecuteActionOptions): <D = void>(fn: Action<D>, options?: ServerActionOptions) => Promise<Result<D>>;
|
|
616
617
|
|
|
617
|
-
|
|
618
|
-
|
|
619
|
-
|
|
620
|
-
|
|
621
|
-
|
|
618
|
+
type Api = (translator: BaseTranslator<LocaleMessages>) => Promise<NextResponse<unknown>>;
|
|
619
|
+
interface CreateExecuteApiOptions {
|
|
620
|
+
initI18n: () => Promise<BaseTranslator<LocaleMessages>>;
|
|
621
|
+
logger: Logger;
|
|
622
|
+
}
|
|
623
|
+
declare function createExecuteApi({ initI18n, logger, }: CreateExecuteApiOptions): (fn: Api) => Promise<NextResponse<unknown>>;
|
|
624
|
+
|
|
625
|
+
interface CreateAuthUseCases {
|
|
626
|
+
prisma: any;
|
|
627
|
+
adminQueryRepository: ReturnType<typeof createAdminQueryRepository>;
|
|
628
|
+
adminRefreshTokenCommandRepository: ReturnType<typeof createAdminRefreshTokenCommandRepository>;
|
|
629
|
+
jwtService: ReturnType<typeof createJwtService>;
|
|
630
|
+
argon2Service: ReturnType<typeof createArgon2Service>;
|
|
631
|
+
cryptoService: ReturnType<typeof createCryptoService>;
|
|
632
|
+
config: {
|
|
633
|
+
resetPasswordSecret: string;
|
|
634
|
+
resetPasswordTtl: number;
|
|
635
|
+
verifyEmailSecret: string;
|
|
636
|
+
verifyEmailTtl: number;
|
|
637
|
+
refreshTokenTtl: number;
|
|
638
|
+
};
|
|
639
|
+
}
|
|
640
|
+
declare function createAuthUseCases({ prisma, adminQueryRepository, adminRefreshTokenCommandRepository, jwtService, argon2Service, cryptoService, config, }: CreateAuthUseCases): {
|
|
641
|
+
verifyCredentials: ({ email, password, }: {
|
|
642
|
+
email: string;
|
|
643
|
+
password: string;
|
|
644
|
+
}) => Promise<Admin>;
|
|
645
|
+
updatePassword: ({ email, password, }: {
|
|
646
|
+
email: string;
|
|
647
|
+
password: string;
|
|
648
|
+
}) => Promise<Admin>;
|
|
649
|
+
signPasswordResetToken: ({ admin }: {
|
|
650
|
+
admin: AdminSafe;
|
|
651
|
+
}) => string;
|
|
652
|
+
verifyPasswordResetToken: ({ token }: {
|
|
653
|
+
token: string;
|
|
654
|
+
}) => {
|
|
655
|
+
email: string;
|
|
656
|
+
};
|
|
657
|
+
signEmailVerificationToken: () => string;
|
|
658
|
+
verifyEmailAndUpdate: ({ token, admin, }: {
|
|
659
|
+
token: string;
|
|
660
|
+
admin: AdminSafe;
|
|
661
|
+
}) => Promise<AdminSafe>;
|
|
662
|
+
createRefreshToken: ({ admin, deviceInfo, ip, }: {
|
|
663
|
+
admin: AdminSafe;
|
|
664
|
+
deviceInfo: DeviceInfo;
|
|
665
|
+
ip: string;
|
|
666
|
+
}) => Promise<string>;
|
|
622
667
|
};
|
|
623
668
|
|
|
624
669
|
declare class ServerError extends Error {
|
|
@@ -639,4 +684,4 @@ declare class ServerError extends Error {
|
|
|
639
684
|
static internalServerError(): ServerError;
|
|
640
685
|
}
|
|
641
686
|
|
|
642
|
-
export { ADMIN_ORDER_BY, ORDER_BY, POST_ORDER_BY, type RawCacheKey, ServerError, createAdminCommandRepository, createAdminQueryRepository, createAdminRefreshTokenCommandRepository, createAdminRefreshTokenQueryRepository, createArgon2Service, createCache, createCacheResult, createCookieService, createCryptoService, createExecuteAction, createFileCommandRepository, createFileQueryRepository, createFolderCommandRepository, createFolderQueryRepository, createIpRateLimiter, createJwtService, createPostCommandRepository, createPostQueryRepository, createSeoMetadataCommandRepository, normalizeCacheKey
|
|
687
|
+
export { ADMIN_ORDER_BY, ORDER_BY, POST_ORDER_BY, type RawCacheKey, ServerError, createAdminCommandRepository, createAdminQueryRepository, createAdminRefreshTokenCommandRepository, createAdminRefreshTokenQueryRepository, createArgon2Service, createAuthUseCases, createCache, createCacheResult, createCookieService, createCryptoService, createExecuteAction, createExecuteApi, createFileCommandRepository, createFileQueryRepository, createFolderCommandRepository, createFolderQueryRepository, createIpRateLimiter, createJwtService, createPostCommandRepository, createPostQueryRepository, createSeoMetadataCommandRepository, normalizeCacheKey };
|
package/dist/server/index.js
CHANGED
|
@@ -8,6 +8,7 @@ import KeyvRedis from '@keyv/redis';
|
|
|
8
8
|
import Keyv from 'keyv';
|
|
9
9
|
import { ulid } from 'ulid';
|
|
10
10
|
import { ZodError } from 'zod';
|
|
11
|
+
import { NextResponse } from 'next/server';
|
|
11
12
|
|
|
12
13
|
function createJwtService({
|
|
13
14
|
defaultSecret,
|
|
@@ -53,8 +54,8 @@ function createArgon2Service() {
|
|
|
53
54
|
async function hash(password) {
|
|
54
55
|
return await argon2.hash(password, DEFAULT_OPTIONS);
|
|
55
56
|
}
|
|
56
|
-
async function verify(
|
|
57
|
-
return await argon2.verify(
|
|
57
|
+
async function verify(digest, password) {
|
|
58
|
+
return await argon2.verify(digest, password);
|
|
58
59
|
}
|
|
59
60
|
return {
|
|
60
61
|
hash,
|
|
@@ -1457,7 +1458,7 @@ var ServerError = class _ServerError extends Error {
|
|
|
1457
1458
|
}
|
|
1458
1459
|
};
|
|
1459
1460
|
|
|
1460
|
-
// src/server/interfaces/
|
|
1461
|
+
// src/server/interfaces/normalize-error.ts
|
|
1461
1462
|
var normalizeError = (error, translator) => {
|
|
1462
1463
|
if (error instanceof ZodError) {
|
|
1463
1464
|
const errors = error.issues.map((issue) => {
|
|
@@ -1496,7 +1497,7 @@ function createExecuteAction({
|
|
|
1496
1497
|
}) {
|
|
1497
1498
|
return async function executeAction(fn, options = {}) {
|
|
1498
1499
|
const translator = await initI18n();
|
|
1499
|
-
const withCache = options.
|
|
1500
|
+
const withCache = options.type === "query" && options.key;
|
|
1500
1501
|
try {
|
|
1501
1502
|
const { data, i18nKey, message, meta } = withCache ? await cacheResult({
|
|
1502
1503
|
key: options.key,
|
|
@@ -1507,7 +1508,7 @@ function createExecuteAction({
|
|
|
1507
1508
|
const finalMessage = i18nKey ? translator.t(i18nKey) : message;
|
|
1508
1509
|
return result.success({
|
|
1509
1510
|
...finalMessage ? { message: finalMessage } : {},
|
|
1510
|
-
...data ? { data
|
|
1511
|
+
...data !== void 0 ? { data } : {},
|
|
1511
1512
|
...meta ? { meta } : {}
|
|
1512
1513
|
});
|
|
1513
1514
|
} catch (error) {
|
|
@@ -1520,5 +1521,129 @@ function createExecuteAction({
|
|
|
1520
1521
|
}
|
|
1521
1522
|
};
|
|
1522
1523
|
}
|
|
1524
|
+
function createExecuteApi({
|
|
1525
|
+
initI18n,
|
|
1526
|
+
logger
|
|
1527
|
+
}) {
|
|
1528
|
+
return async function serverApi(fn) {
|
|
1529
|
+
const translator = await initI18n();
|
|
1530
|
+
try {
|
|
1531
|
+
return await fn(translator);
|
|
1532
|
+
} catch (error) {
|
|
1533
|
+
const { message, errors, statusCode, isInternal } = normalizeError(
|
|
1534
|
+
error,
|
|
1535
|
+
translator
|
|
1536
|
+
);
|
|
1537
|
+
logger.error({ message, errors });
|
|
1538
|
+
return NextResponse.json(
|
|
1539
|
+
result.error({
|
|
1540
|
+
message: isInternal ? "Internal server error" : message,
|
|
1541
|
+
...errors ? { errors } : {}
|
|
1542
|
+
}),
|
|
1543
|
+
{ status: statusCode }
|
|
1544
|
+
);
|
|
1545
|
+
}
|
|
1546
|
+
};
|
|
1547
|
+
}
|
|
1548
|
+
|
|
1549
|
+
// src/server/applications/auth/create-auth-use-cases.ts
|
|
1550
|
+
function createAuthUseCases({
|
|
1551
|
+
prisma,
|
|
1552
|
+
adminQueryRepository,
|
|
1553
|
+
adminRefreshTokenCommandRepository,
|
|
1554
|
+
jwtService,
|
|
1555
|
+
argon2Service,
|
|
1556
|
+
cryptoService,
|
|
1557
|
+
config
|
|
1558
|
+
}) {
|
|
1559
|
+
async function verifyCredentials({
|
|
1560
|
+
email,
|
|
1561
|
+
password
|
|
1562
|
+
}) {
|
|
1563
|
+
const found = await adminQueryRepository.findWithPasswordHash({ email });
|
|
1564
|
+
if (found) {
|
|
1565
|
+
const isValid = await argon2Service.verify(found.passwordHash, password);
|
|
1566
|
+
if (isValid) return found;
|
|
1567
|
+
}
|
|
1568
|
+
throw new ServerError({ i18nKey: "error.credentials-incorrect" });
|
|
1569
|
+
}
|
|
1570
|
+
async function updatePassword({
|
|
1571
|
+
email,
|
|
1572
|
+
password
|
|
1573
|
+
}) {
|
|
1574
|
+
const updatedAdmin = await prisma.admin.update({
|
|
1575
|
+
where: { email },
|
|
1576
|
+
data: { passwordHash: await argon2Service.hash(password) }
|
|
1577
|
+
});
|
|
1578
|
+
return updatedAdmin;
|
|
1579
|
+
}
|
|
1580
|
+
function signPasswordResetToken({ admin }) {
|
|
1581
|
+
const payload = { email: admin.email };
|
|
1582
|
+
const passwordResetToken = jwtService.sign({
|
|
1583
|
+
payload,
|
|
1584
|
+
secret: config.resetPasswordSecret,
|
|
1585
|
+
expiresIn: config.resetPasswordTtl
|
|
1586
|
+
});
|
|
1587
|
+
return passwordResetToken;
|
|
1588
|
+
}
|
|
1589
|
+
function verifyPasswordResetToken({ token }) {
|
|
1590
|
+
const payload = jwtService.verify({
|
|
1591
|
+
token,
|
|
1592
|
+
secret: config.resetPasswordSecret
|
|
1593
|
+
});
|
|
1594
|
+
return payload;
|
|
1595
|
+
}
|
|
1596
|
+
function signEmailVerificationToken() {
|
|
1597
|
+
const emailVerificationToken = jwtService.sign({
|
|
1598
|
+
payload: {},
|
|
1599
|
+
secret: config.verifyEmailSecret,
|
|
1600
|
+
expiresIn: config.verifyEmailTtl
|
|
1601
|
+
});
|
|
1602
|
+
return emailVerificationToken;
|
|
1603
|
+
}
|
|
1604
|
+
async function verifyEmailAndUpdate({
|
|
1605
|
+
token,
|
|
1606
|
+
admin
|
|
1607
|
+
}) {
|
|
1608
|
+
let updatedAdmin = admin;
|
|
1609
|
+
jwtService.verify({
|
|
1610
|
+
token,
|
|
1611
|
+
secret: config.verifyEmailSecret
|
|
1612
|
+
});
|
|
1613
|
+
updatedAdmin = await prisma.admin.update({
|
|
1614
|
+
where: { email: admin.email },
|
|
1615
|
+
data: { emailVerifiedAt: /* @__PURE__ */ new Date() }
|
|
1616
|
+
});
|
|
1617
|
+
return updatedAdmin;
|
|
1618
|
+
}
|
|
1619
|
+
async function createRefreshToken({
|
|
1620
|
+
admin,
|
|
1621
|
+
deviceInfo,
|
|
1622
|
+
ip
|
|
1623
|
+
}) {
|
|
1624
|
+
const token = cryptoService.generateToken();
|
|
1625
|
+
const tokenHash = cryptoService.hash(token);
|
|
1626
|
+
await adminRefreshTokenCommandRepository.create({
|
|
1627
|
+
tokenHash,
|
|
1628
|
+
ip,
|
|
1629
|
+
deviceInfo,
|
|
1630
|
+
expiresAt: new Date(Date.now() + config.refreshTokenTtl * 1e3),
|
|
1631
|
+
adminId: admin.id,
|
|
1632
|
+
email: admin.email
|
|
1633
|
+
});
|
|
1634
|
+
return token;
|
|
1635
|
+
}
|
|
1636
|
+
return {
|
|
1637
|
+
verifyCredentials,
|
|
1638
|
+
updatePassword,
|
|
1639
|
+
// reset password
|
|
1640
|
+
signPasswordResetToken,
|
|
1641
|
+
verifyPasswordResetToken,
|
|
1642
|
+
// verify email
|
|
1643
|
+
signEmailVerificationToken,
|
|
1644
|
+
verifyEmailAndUpdate,
|
|
1645
|
+
createRefreshToken
|
|
1646
|
+
};
|
|
1647
|
+
}
|
|
1523
1648
|
|
|
1524
|
-
export { ADMIN_ORDER_BY, ORDER_BY, POST_ORDER_BY, ServerError, createAdminCommandRepository, createAdminQueryRepository, createAdminRefreshTokenCommandRepository, createAdminRefreshTokenQueryRepository, createArgon2Service, createCache, createCacheResult, createCookieService, createCryptoService, createExecuteAction, createFileCommandRepository, createFileQueryRepository, createFolderCommandRepository, createFolderQueryRepository, createIpRateLimiter, createJwtService, createPostCommandRepository, createPostQueryRepository, createSeoMetadataCommandRepository, normalizeCacheKey
|
|
1649
|
+
export { ADMIN_ORDER_BY, ORDER_BY, POST_ORDER_BY, ServerError, createAdminCommandRepository, createAdminQueryRepository, createAdminRefreshTokenCommandRepository, createAdminRefreshTokenQueryRepository, createArgon2Service, createAuthUseCases, createCache, createCacheResult, createCookieService, createCryptoService, createExecuteAction, createExecuteApi, createFileCommandRepository, createFileQueryRepository, createFolderCommandRepository, createFolderQueryRepository, createIpRateLimiter, createJwtService, createPostCommandRepository, createPostQueryRepository, createSeoMetadataCommandRepository, normalizeCacheKey };
|