create-dacosta-proj 1.0.15 → 1.0.16

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-dacosta-proj",
-  "version": "1.0.15",
+  "version": "1.0.16",
   "bin": {
     "create-dacosta-proj": "./index.js"
   }

package/template/.env.template

@@ -7,16 +7,8 @@ PROJECT_WEB_PORT=
 
 # Supabase
 
-SUPABASE_PROJECT_URL=
-SUPABASE_SECRET_KEY=
-
-# API
-
-API_PORT=
-API_BYPASS_TOKEN=
+SUPABASE_PROJECT_URL_DEV=
+SUPABASE_SECRET_KEY_DEV=
 
-# Encryption
-
-ENCRYPTION_KEY=
-SIGNATURE_KEY=
-SIGNATURE_REF=
+SUPABASE_PROJECT_URL=
+SUPABASE_SECRET_KEY=

package/template/jsconfig.json

@@ -1,5 +1,6 @@
 {
     "compilerOptions": {
+            "ignoreDeprecations": "6.0",
             "baseUrl": ".",
             "paths": {
             "@/*": ["src/*"]

package/template/package.json

@@ -8,15 +8,11 @@
   },
   "dependencies": {
     "cors": "^2.8.6",
-    "cryptr": "^6.4.0",
     "dotenv": "^17.3.1",
-    "express": "^5.2.1",
     "module-alias": "^2.3.4",
     "nanoid": "^5.1.6",
-    "rate-limiter-flexible": "^9.1.1",
     "redis": "^5.11.0",
-    "simple-supabase": "^2.0.5",
-    "zod": "^4.3.6"
+    "simple-supabase": "^2.0.10"
   },
   "devDependencies": {
     "eslint": "^9.39.3",

package/template/src/config/global.js

@@ -2,13 +2,11 @@
  * @type {{
  * db: import('simple-supabase').DB | null,
  * redis: import('redis').RedisClientType | null,
- * cryptr: import('cryptr'),
  * }}
 */
 
 const global = {
 	db: null,
 	redis: null,
-	cryptr: null,
 };
 module.exports = { global };

package/template/src/index.js

@@ -5,10 +5,10 @@ require('module-alias/register');
 
 // Packages / Helpers
 
+const dev = require('@/../devref.json');
 const { global } = require('@/config/global');
 const { SimpleSupabase } = require('simple-supabase');
 const { createClient: createRedisClient } = require('redis');
-const Cryptr = require('cryptr');
 const fs = require('fs');
 const path = require('path');
 
@@ -26,11 +26,11 @@ const path = require('path');
 
 	// Database / Redis
 
+	const projectUrl = process.env[`SUPABASE_PROJECT_URL${dev ? '_DEV' : ''}`]
+	const serviceKey = process.env[`SUPABASE_SECRET_KEY${dev ? '_DEV' : ''}`]
+
 	let db = await SimpleSupabase({
-		credentials: {
-			projectUrl: process.env.SUPABASE_PROJECT_URL,
-			serviceKey: process.env.SUPABASE_SECRET_KEY
-		},
+		credentials: { projectUrl, serviceKey },
 		redisPrefix: process.env.PROJECT_ID
 	});
 
@@ -43,12 +43,6 @@ const path = require('path');
 
 	global.redis = redis;
 
-	// Cryptr
-
-	const cryptr = new Cryptr(process.env.ENCRYPTION_KEY);
-
-	global.cryptr = cryptr;
-
 	// Start Services
 
 	fs.readdirSync(path.join(__dirname, 'services'))

package/template/src/api/v1/public/signature.js

@@ -1,45 +0,0 @@
-// Packages / Helpers
-
-const crypto = require('crypto');
-const { global } = require('@/config/global');
-const { default: zod } = require('zod');
-
-async function GET({ headers }) {
-
-	try {
-		// Get Details
-
-		const userId = headers['user-id'];
-		const accessToken = headers['access-token'];
-
-		// Format Signature
-
-		const expires = Date.now() + (1_000 * 60 * 60 * 1); // 1 Hour
-
-		const hmac = crypto.createHmac('sha256', process.env.SIGNATURE_KEY)
-			.update(`${userId}:${accessToken}:${expires}:${process.env.SIGNATURE_REF}`)
-			.digest('hex');
-
-		const signature = global.cryptr.encrypt(`${expires}.${hmac}`);
-
-		return {
-			code: 200,
-			json: { signature }
-		};
-	}
-	catch (err) { console.log('Signature Generation Failed', err); return { code: 500, json: { error: 'Failed to generate signature!' } }; }
-}
-
-module.exports = {
-	GET,
-	settings: {
-		requires_bypass: true
-	},
-	schemas: {
-		headers: zod.object({
-			'user-id': zod.string(),
-			'access-token': zod.string(),
-			'bypass': zod.string()
-		})
-	}
-};

package/template/src/config/config.js

@@ -1,4 +0,0 @@
-const config = {
-	api_version: 1
-};
-module.exports = { config };

package/template/src/helpers/verifySignature.js

@@ -1,28 +0,0 @@
-const crypto = require('crypto');
-const { global } = require('@/config/global');
-
-module.exports = (signature, userId, accessToken) => {
-
-	try {
-		signature = global.cryptr.decrypt(signature);
-
-		const parts = signature.split('.');
-		if (parts.length !== 2) return false;
-		const [sigExpires, sigHmac] = parts;
-
-		if (Date.now() > Number(sigExpires)) return false;
-
-		const expectedHmac = crypto.createHmac('sha256', process.env.SIGNATURE_KEY)
-			.update(`${userId}:${accessToken}:${sigExpires}:${process.env.SIGNATURE_REF}`)
-			.digest('hex');
-
-		const isValid = crypto.timingSafeEqual(
-			Uint8Array.from([...sigHmac].map(c => c.charCodeAt(0))),
-			Uint8Array.from([...expectedHmac].map(c => c.charCodeAt(0)))
-		);
-		if (!isValid) return false;
-
-		return true;
-	}
-	catch (err) { console.log('Signature Verification Failed', err); return false; }
-};

package/template/src/services/api.js

@@ -1,160 +0,0 @@
-// Packages / Helpers
-
-const fs = require('fs');
-const path = require('path');
-const express = require('express');
-const cors = require('cors');
-const { RateLimiterRedis } = require('rate-limiter-flexible');
-const verifySignature = require('@/helpers/verifySignature');
-const { global } = require('@/config/global');
-const { config } = require('@/config/config');
-
-module.exports = async () => {
-
-	// Start API
-
-	const api = express();
-	api.use(express.urlencoded({ limit: '10mb', extended: true }));
-	api.use(express.json({ limit: '10mb' }));
-
-	const allowedOrigins = [
-		`https://${process.env.PROJECT_WEB_DOMAIN}`,
-		`http://localhost:${process.env.PROJECT_WEB_PORT}`
-	];
-
-	api.use(cors({
-		origin: (origin, callback) => {
-			if (!origin || allowedOrigins.includes(origin)) return callback(null, true);
-			return callback(new Error('Not allowed by CORS'));
-		}
-	}));
-
-	// Get Endpoints
-
-	const endpoints = fs.readdirSync(path.join(__dirname, '..', 'api'), { recursive: true })
-		.filter(f => f.endsWith('.js') && !f.startsWith('_'))
-		.map(endpoint => endpoint.replace('.js', ''));
-
-	const slashEndpoints = endpoints.map(e => `/${e}`);
-
-	// Endpoint Data
-
-	let endpointRateLimiter = {};
-	let endpointSettings = {};
-	let endpointSchemas = {};
-
-	endpoints.forEach(endpoint => {
-		try {
-			const data = require(`@/api/${endpoint}`);
-			endpointRateLimiter[`/${endpoint}`] = new RateLimiterRedis({
-				storeClient: global.redis,
-				keyPrefix: `${process.env.PROJECT_ID}_request_rate_limit_${endpoint}`,
-				...(data?.rate_limit || { points: 1, duration: 2 }),
-				useRedisPackage: true
-			});
-			endpointSettings[`/${endpoint}`] = data?.settings || {};
-			endpointSchemas[`/${endpoint}`] = data?.schemas || {};
-		}
-		catch (err) {
-			console.log('API Endpoint Data Listing Error', `Endpoint: ${endpoint}`, err);
-			endpointSettings[`/${endpoint}`] = {};
-			endpointSchemas[`/${endpoint}`] = {};
-		}
-	});
-
-	// API Authentication
-
-	api.use('/', async (req, res, next) => {
-
-		// Get Endpoint Data
-
-		const endpoint = req?.path || '';
-		const rateLimiter = endpointRateLimiter[endpoint];
-		const settings = endpointSettings[endpoint];
-		const schemas = endpointSchemas[endpoint];
-
-		// Check Endpoint
-
-		if (!slashEndpoints.includes(endpoint)) return res.sendStatus(404);
-
-		// Check Schemas
-
-		const invalidSchema = ['query','headers','body']
-			.filter(schema => schemas[schema])
-			.map(schema => {
-				return { id: schema, parsed: schemas[schema].safeParse(req[schema] || {}) };
-			})
-			.find(schema => !schema?.parsed?.success);
-
-		if (invalidSchema?.id) return res.status(400).json({ error: 'Missing params!' });
-
-		// Check Bypass
-
-		if (settings?.requires_bypass) {
-			const bypass = req.headers['bypass'];
-			if (bypass !== process.env.API_BYPASS_TOKEN) return res.sendStatus(401);
-		}
-
-		// Public Endpoint
-
-		if (endpoint.includes(`/v${config.api_version}/public`)) return next();
-
-		// Private Endpoint
-
-		try {
-			// Get Request Details
-
-			const userId = req.headers['user-id'];
-			const accessToken = req.headers['access-token'];
-			const signature = req.headers['signature'];
-
-			if (!userId || !accessToken || !signature) return res.sendStatus(401);
-
-			// Check Rate Limit
-
-			try { await rateLimiter.consume(userId, 1); }
-			catch (err) { return res.status(429).json({ error: 'Too many requests!', resets_at: new Date(Date.now() + (err?.msBeforeNext || 0)).toISOString() }); }
-
-			// Verify Signature
-
-			const signatureIsValid = verifySignature(signature, userId, accessToken);
-			if (!signatureIsValid) return res.sendStatus(401);
-
-			// Verify User
-
-			// TODO: Create user verification logic!
-
-			// Return
-
-			return next();
-		}
-		catch (err) { console.log('API Middleware Error', `Endpoint: ${endpoint}`, err); return res.sendStatus(500); }
-	});
-
-	// Start API Endpoints
-
-	endpoints.forEach(endpoint => {
-
-		let endpointMethods = require(`@/api/${endpoint}`);
-
-		api.all(`/${endpoint}`, async (req, res) => {
-
-			const method = endpointMethods[(req?.method || 'GET').toUpperCase()];
-			if (!method) return res.sendStatus(405);
-
-			try {
-				const result = await method({ userId: req.headers['user-id'], req, res, endpoint, headers: req.headers || {}, body: req?.body || {}, query: req?.query || {} });
-				return res.status(result?.code || 200).json(result?.json);
-			}
-			catch (err) {
-				console.log('API Error', `Endpoint: ${endpoint}`, err);
-				try { return res.sendStatus(500); }
-				catch {}
-			}
-		});
-	});
-
-	// Listen
-
-	api.listen(Number(process.env.API_PORT), () => console.log(`[API] Running on port ${process.env.API_PORT}`));
-};