cloudcommerce 0.0.50 → 0.0.53

package/packages/passport/src/firebase/handle-passport.ts

@@ -0,0 +1,149 @@
+import type { Response } from 'firebase-functions';
+import type { Customers } from '@cloudcommerce/types';
+import type { Firestore } from 'firebase-admin/firestore';
+// eslint-disable-next-line import/no-unresolved
+import { Auth } from 'firebase-admin/auth';
+import { logger } from 'firebase-functions';
+import api from '@cloudcommerce/api';
+
+const findCustomerByEmail = async (
+  email: string | undefined,
+  apiAuth: { authenticationId: string, apiKey: string },
+) => {
+  try {
+    const { data } = await api.get(`customers?main_email=${email}`, apiAuth);
+    if (data.result.length) {
+      return data.result[0];
+    }
+    return null;
+  } catch (e) {
+    logger.error(e);
+    return null;
+  }
+};
+
+const checkFirebaseAuth = async (
+  auth: Auth,
+  authToken: string | undefined | string [],
+) => {
+  if (authToken && !Array.isArray(authToken)) {
+    try {
+      const customer = await auth.verifyIdToken(authToken);
+      return customer;
+    } catch (e) {
+      return null;
+    }
+  } else {
+    return null;
+  }
+};
+
+const createCustomer = async (
+  customer: Customers,
+  apiAuth: { authenticationId: string, apiKey: string },
+) => {
+  try {
+    const { data } = await api.post('customers', customer, apiAuth);
+    return data._id;
+  } catch (e) {
+    logger.error(e);
+    return null;
+  }
+};
+
+const generateAccessToken = async (
+  firestore: Firestore,
+  customerId: string,
+  apiAuth: { authenticationId: string, apiKey: string },
+): Promise<null | {
+  customer_id: string,
+  access_token: string,
+  expires: string,
+}> => {
+  const docRef = firestore.doc(`customerTokens/${customerId}`);
+  const doc = await docRef.get();
+  const expires: string | undefined = doc.data()?.expires;
+  if (expires && new Date(expires).getTime() - Date.now() >= 2 * 60 * 1000) {
+    return doc.data() as { customer_id: string, access_token: string, expires: string };
+  }
+  try {
+    const { data } = await api({
+      endpoint: 'authenticate',
+      method: 'post',
+      body: {
+        _id: apiAuth.authenticationId,
+        api_key: apiAuth.apiKey,
+        customer_id: customerId,
+      },
+    });
+    const accessToken = {
+      access_token: data.access_token,
+      expires: data.expires,
+      customer_id: customerId,
+    };
+    docRef.set(accessToken).catch(logger.error);
+    return accessToken;
+  } catch (e) {
+    logger.error(e);
+    return null;
+  }
+};
+
+const getAuthCustomerApi = async (
+  firestore: Firestore,
+  apiAuth: { authenticationId: string, apiKey: string },
+  authtoken: string | string[] | undefined,
+  authFirebase: Auth,
+) => {
+  const customerFirebaseAuth = await checkFirebaseAuth(authFirebase, authtoken);
+  if (customerFirebaseAuth !== null && customerFirebaseAuth.email) {
+    const customer = await findCustomerByEmail(
+      customerFirebaseAuth.email,
+      apiAuth,
+    );
+    if (customer !== null) {
+      return generateAccessToken(firestore, customer._id, apiAuth);
+    }
+    const newCustomer = {
+      display_name: customerFirebaseAuth.name || '',
+      main_email: customerFirebaseAuth.email,
+      emails: [{
+        address: customerFirebaseAuth.email,
+        verified: customerFirebaseAuth.email_verified,
+      }],
+      oauth_providers: [{
+        provider: customerFirebaseAuth.firebase.sign_in_provider,
+        user_id: customerFirebaseAuth.user_id,
+      }],
+    } as Customers;
+    const customerId = await createCustomer(newCustomer, apiAuth);
+    if (customerId) {
+      return generateAccessToken(firestore, customerId, apiAuth);
+    }
+  }
+  // TODO: Find customer by phone number, generate token if found, otherwise unauthorize
+  return null;
+};
+
+const sendError = (
+  res: Response,
+  msg?: string,
+  status = 400,
+) => {
+  if (msg) {
+    res.status(status).json({
+      status,
+      error: msg,
+    });
+  } else {
+    res.status(500).json({
+      status: 500,
+      error: 'Internal server error',
+    });
+  }
+};
+
+export {
+  sendError,
+  getAuthCustomerApi,
+};

package/packages/passport/src/firebase/serve-passport-api.ts

@@ -0,0 +1,62 @@
+import type { Request, Response } from 'firebase-functions';
+// eslint-disable-next-line import/no-unresolved
+import type { Auth } from 'firebase-admin/auth';
+// eslint-disable-next-line import/no-unresolved
+import type { Firestore } from 'firebase-admin/firestore';
+import { logger } from 'firebase-functions';
+import {
+  sendError,
+  getAuthCustomerApi,
+} from './handle-passport';
+
+export default async (
+  req: Request,
+  res: Response,
+  apiAuth: { authenticationId: string, apiKey: string },
+  firestore: Firestore,
+  authFirebase: Auth,
+  storeId: number,
+) => {
+  const { method } = req;
+  if (method !== 'POST') {
+    return res.sendStatus(405);
+  }
+  if (
+    method === 'POST'
+    && (!req.body || typeof req.body !== 'object' || Array.isArray(req.body))
+  ) {
+    return res.sendStatus(400);
+  }
+
+  let { url } = req;
+  if (url.endsWith('.json')) {
+    url = url.slice(0, -5);
+  }
+  const endpoint = url.split('/')[1];
+  // endpoint /token
+  if (endpoint === 'token' && method === 'POST') {
+    const { authtoken } = req.body;
+    if (!firestore) {
+      return sendError(res, 'Firestore not found', 500);
+    } if (storeId < 100) {
+      return sendError(res, 'Invalid store');
+    }
+    try {
+      const authCustomerApi = await getAuthCustomerApi(
+        firestore,
+        apiAuth,
+        authtoken,
+        authFirebase,
+      );
+      if (authCustomerApi !== null) {
+        return res.send(authCustomerApi);
+      }
+      return sendError(res, 'Invalid token, unauthorized', 401);
+    } catch (e) {
+      logger.error(e);
+      return sendError(res);
+    }
+  } else {
+    return res.sendStatus(400);
+  }
+};

package/packages/passport/src/firebase.ts

@@ -1,16 +1,41 @@
-/* eslint-disable import/prefer-default-export */
-
 import 'source-map-support/register.js';
 // eslint-disable-next-line import/no-unresolved
 import { initializeApp } from 'firebase-admin/app';
 // eslint-disable-next-line import/no-unresolved
-import { onRequest } from 'firebase-functions/v2/https';
+import { getFirestore } from 'firebase-admin/firestore';
+// eslint-disable-next-line import/no-unresolved
+import { getAuth } from 'firebase-admin/auth';
+// eslint-disable-next-line import/no-unresolved
+import { HttpsOptions, onRequest } from 'firebase-functions/v2/https';
 import config from '@cloudcommerce/firebase/lib/config';
+import getEnv from '@cloudcommerce/firebase/lib/env';
+import servePassportApi from './firebase/serve-passport-api';
+
+// References:
+// https:// firebase.google.com/docs/auth/admin/manage-cookies
+// https://itnext.io/how-to-use-firebase-auth-with-a-custom-node-backend-99a106376c8a
+// https://www.geeksforgeeks.org/firebase-sign-in-with-google-authentication-in-node-js-using-firebase-ui-and-cookie-sessions/
+// https://firebase.google.com/docs/reference/rest/auth
 
 initializeApp();
-const options = config.get().httpsFunctionOptions;
+const authFirebase = getAuth();
+const firestore = getFirestore();
+
+const options = {
+  ...config.get().httpsFunctionOptions,
+  memory: '128MiB',
+} as HttpsOptions;
 
-export const passport = onRequest(options, (request, response) => {
-  process.env.ECOM_API_KEY = '***';
-  response.send('Hello passport!');
+// eslint-disable-next-line import/prefer-default-export
+export const passport = onRequest(options, (req, res) => {
+  const { apiAuth } = getEnv();
+  const { storeId } = config.get();
+  servePassportApi(
+    req,
+    res,
+    apiAuth,
+    firestore,
+    authFirebase,
+    storeId,
+  );
 });

package/packages/ssr/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@cloudcommerce/ssr",
   "type": "module",
-  "version": "0.0.50",
+  "version": "0.0.53",
   "description": "E-Com Plus Cloud Commerce storefront SSR",
   "main": "lib/index.js",
   "exports": {

package/packages/storefront/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@cloudcommerce/storefront",
   "type": "module",
-  "version": "0.0.50",
+  "version": "0.0.53",
   "description": "E-Com Plus Cloud Commerce storefront with Astro",
   "main": "src/index.js",
   "repository": {
@@ -19,7 +19,17 @@
     "build": "echo '@ecomplus/storefront'"
   },
   "dependencies": {
+    "@astrojs/mdx": "^0.9.0",
+    "@astrojs/node": "^1.0.0",
+    "@astrojs/partytown": "^1.0.0",
+    "@astrojs/prefetch": "^0.0.7",
+    "@astrojs/sitemap": "^1.0.0",
+    "@astrojs/tailwind": "^1.0.0",
+    "@astrojs/vue": "^1.0.0",
     "@cloudcommerce/api": "workspace:*",
-    "astro": "1.0.0-rc.3"
+    "@picocss/pico": "^1.5.3",
+    "astro": "^1.0.5",
+    "rollup": "^2.78.0",
+    "vue": "^3.2.37"
   }
 }

package/packages/types/index.ts

@@ -42,6 +42,14 @@ type AppModuleName = 'apply_discount'
   | 'list_payments'
   | 'create_transaction';
 
+type AppModuleBody = {
+  module: AppModuleName,
+  params: {
+    [key: string]: any,
+  },
+  application: Applications,
+};
+
 export type {
   Products,
   Categories,
@@ -60,6 +68,7 @@ export type {
   EventsResult,
   AppEventsTopic,
   AppModuleName,
+  AppModuleBody,
   ApplyDiscountParams,
   ApplyDiscountResponse,
   CalculateShippingParams,

package/packages/types/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@cloudcommerce/types",
   "type": "module",
-  "version": "0.0.50",
+  "version": "0.0.53",
   "description": "E-Com Plus Cloud Commerce reusable type definitions",
   "main": "index.ts",
   "repository": {

package/packages/firebase/lib/handlers/auth-callback.d.ts

@@ -1,3 +0,0 @@
-import type { Request, Response } from 'firebase-functions';
-declare const _default: (req: Request, res: Response) => Promise<void>;
-export default _default;

package/packages/firebase/lib/handlers/auth-callback.js

@@ -1,45 +0,0 @@
-// eslint-disable-next-line import/no-unresolved
-import { getFirestore } from 'firebase-admin/firestore';
-import api from '@cloudcommerce/api';
-import config from '../config.js';
-
-export default async (req, res) => {
-  const { storeId, apps } = config.get();
-  const { body } = req;
-  if (Number(req.get('X-Store-ID')) === storeId
-        && body && body.store_id === storeId) {
-    const { application, authentication } = body;
-    if (application && authentication) {
-      const matchApp = Object.keys(apps).find((slug) => {
-        return apps[slug].appId === application.app_id;
-      });
-      if (matchApp) {
-        const authenticationId = authentication.authentication_id;
-        const firestoreDoc = getFirestore().doc(`installedApps/${authenticationId}`);
-        const installedApp = await firestoreDoc.get();
-        if (installedApp.exists) {
-          res.sendStatus(200);
-          return;
-        }
-        const appDataEndpoint = `applications/${application._id}/hidden_data`;
-        try {
-          await api.patch(appDataEndpoint, {
-            __installedAt: new Date().toISOString(),
-          }, {
-            authenticationId: authentication._id,
-            apiKey: authentication.api_key,
-          });
-        } catch (e) {
-          res.sendStatus(403);
-          return;
-        }
-        // Received app authentication is valid
-        await firestoreDoc.set({ application, authentication });
-        res.sendStatus(201);
-        return;
-      }
-    }
-  }
-  res.sendStatus(400);
-};
-// # sourceMappingURL=auth-callback.js.map

package/packages/firebase/lib/handlers/auth-callback.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth-callback.js","sourceRoot":"","sources":["../../src/handlers/auth-callback.ts"],"names":[],"mappings":"AACA,gDAAgD;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,GAAoB,MAAM,oBAAoB,CAAC;AACtD,OAAO,MAAM,MAAM,WAAW,CAAC;AAE/B,eAAe,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,EAAE;IACnD,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC;IACvC,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC;IACrB,IACE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,KAAK,OAAO;WACtC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,OAAO,EACpC;QACA,MAAM,EAAE,WAAW,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC;QAC7C,IAAI,WAAW,IAAI,cAAc,EAAE;YACjC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE;gBAC/C,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,WAAW,CAAC,MAAM,CAAC;YACjD,CAAC,CAAC,CAAC;YACH,IAAI,QAAQ,EAAE;gBACZ,MAAM,gBAAgB,GAAG,cAAc,CAAC,iBAAiB,CAAC;gBAC1D,MAAM,YAAY,GAAG,YAAY,EAAE,CAAC,GAAG,CAAC,iBAAiB,gBAAgB,EAAE,CAAC,CAAC;gBAC7E,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,GAAG,EAAE,CAAC;gBAC9C,IAAI,YAAY,CAAC,MAAM,EAAE;oBACvB,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;oBACpB,OAAO;iBACR;gBAED,MAAM,eAAe,GAAgB,gBAAgB,WAAW,CAAC,GAAG,cAAc,CAAC;gBACnF,IAAI;oBACF,MAAM,GAAG,CAAC,KAAK,CAAC,eAAe,EAAE;wBAC/B,aAAa,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;qBACxC,EAAE;wBACD,gBAAgB,EAAE,cAAc,CAAC,GAAG;wBACpC,MAAM,EAAE,cAAc,CAAC,OAAO;qBAC/B,CAAC,CAAC;iBACJ;gBAAC,OAAO,CAAC,EAAE;oBACV,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;oBACpB,OAAO;iBACR;gBAED,uCAAuC;gBACvC,MAAM,YAAY,CAAC,GAAG,CAAC,EAAE,WAAW,EAAE,cAAc,EAAE,CAAC,CAAC;gBACxD,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBACpB,OAAO;aACR;SACF;KACF;IACD,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;AACtB,CAAC,CAAC"}

package/packages/firebase/src/handlers/auth-callback.ts

@@ -1,49 +0,0 @@
-import type { Request, Response } from 'firebase-functions';
-// eslint-disable-next-line import/no-unresolved
-import { getFirestore } from 'firebase-admin/firestore';
-import api, { ApiEndpoint } from '@cloudcommerce/api';
-import config from '../config';
-
-export default async (req: Request, res: Response) => {
-  const { storeId, apps } = config.get();
-  const { body } = req;
-  if (
-    Number(req.get('X-Store-ID')) === storeId
-    && body && body.store_id === storeId
-  ) {
-    const { application, authentication } = body;
-    if (application && authentication) {
-      const matchApp = Object.keys(apps).find((slug) => {
-        return apps[slug].appId === application.app_id;
-      });
-      if (matchApp) {
-        const authenticationId = authentication.authentication_id;
-        const firestoreDoc = getFirestore().doc(`installedApps/${authenticationId}`);
-        const installedApp = await firestoreDoc.get();
-        if (installedApp.exists) {
-          res.sendStatus(200);
-          return;
-        }
-
-        const appDataEndpoint: ApiEndpoint = `applications/${application._id}/hidden_data`;
-        try {
-          await api.patch(appDataEndpoint, {
-            __installedAt: new Date().toISOString(),
-          }, {
-            authenticationId: authentication._id,
-            apiKey: authentication.api_key,
-          });
-        } catch (e) {
-          res.sendStatus(403);
-          return;
-        }
-
-        // Received app authentication is valid
-        await firestoreDoc.set({ application, authentication });
-        res.sendStatus(201);
-        return;
-      }
-    }
-  }
-  res.sendStatus(400);
-};