nextjs-hasura-auth 0.1.2 → 0.1.3

package/dist/lib/authDbUtils.js

@@ -0,0 +1,183 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.hashPassword = hashPassword;
+exports.comparePassword = comparePassword;
+exports.getOrCreateUserAndAccount = getOrCreateUserAndAccount;
+const bcrypt_1 = __importDefault(require("bcrypt"));
+const client_1 = require("@apollo/client"); // Import ApolloError
+const debug_1 = __importDefault(require("./debug"));
+const debug = (0, debug_1.default)('auth:db-utils');
+const SALT_ROUNDS = 10;
+/**
+ * Hashes a password using bcrypt.
+ * @param password The plain text password.
+ * @returns The hashed password.
+ */
+function hashPassword(password) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const hashedPassword = yield bcrypt_1.default.hash(password, SALT_ROUNDS);
+        debug('Password hashed successfully.');
+        return hashedPassword;
+    });
+}
+/**
+ * Compares a plain text password with a hash.
+ * @param password The plain text password.
+ * @param hash The hash to compare against.
+ * @returns True if the password matches the hash, false otherwise.
+ */
+function comparePassword(password, hash) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const isMatch = yield bcrypt_1.default.compare(password, hash);
+        debug(`Password comparison result: ${isMatch}`);
+        return isMatch;
+    });
+}
+/**
+ * Finds or creates a user and their associated account based on provider information.
+ * This function handles the core logic of linking OAuth/Credentials logins to Hasura users.
+ *
+ * @param client The initialized NHA Client instance.
+ * @param provider The OAuth provider name (e.g., 'google', 'credentials').
+ * @param providerAccountId The user's unique ID from the provider.
+ * @param profile Optional profile information from the provider (name, email, image).
+ * @returns The Hasura user object associated with the account.
+ * @throws Error if user/account processing fails.
+ */
+function getOrCreateUserAndAccount(client, provider, providerAccountId, profile) {
+    return __awaiter(this, void 0, void 0, function* () {
+        var _a, _b, _c;
+        debug(`getOrCreateUserAndAccount called for provider: ${provider}, providerAccountId: ${providerAccountId}`);
+        // --- 1. Try to find the account --- 
+        let existingUser = null;
+        try {
+            const accountResult = yield client.select({
+                table: 'accounts',
+                where: {
+                    provider: { _eq: provider },
+                    provider_account_id: { _eq: providerAccountId },
+                },
+                returning: [
+                    { user: ['id', 'name', 'email', 'email_verified', 'image', 'password', 'created_at', 'updated_at', 'is_admin', 'hasura_role'] } // Removed extra backslashes
+                ],
+                limit: 1, // Optimization: we only need one
+            });
+            if (((_a = accountResult === null || accountResult === void 0 ? void 0 : accountResult.accounts) === null || _a === void 0 ? void 0 : _a.length) > 0 && accountResult.accounts[0].user) {
+                existingUser = accountResult.accounts[0].user;
+                debug(`Found existing account for ${provider}:${providerAccountId}. User ID: ${existingUser.id}`);
+                // Optionally update user profile info (name, image) from provider here if desired
+                // await client.update({ table: 'users', pk_columns: { id: existingUser.id }, _set: { name: profile.name, image: profile.image } });
+                return existingUser;
+            }
+        }
+        catch (error) {
+            debug(`Error searching for account ${provider}:${providerAccountId}:`, error);
+            throw new Error(`Failed to search for existing account: ${error.message}`);
+        }
+        debug(`No existing account found for ${provider}:${providerAccountId}. Proceeding to find/create user.`);
+        // --- 2. Try to find the user by email (if provided) ---
+        // Important: Only link if email is provided and preferably verified by the OAuth provider.
+        // For credentials, we find the user first in the `authorize` function.
+        if ((profile === null || profile === void 0 ? void 0 : profile.email) && provider !== 'credentials') { // Avoid linking for credentials here
+            try {
+                const userByEmailResult = yield client.select({
+                    table: 'users',
+                    where: { email: { _eq: profile.email } },
+                    returning: ['id', 'name', 'email', 'email_verified', 'image', 'password', 'created_at', 'updated_at', 'is_admin', 'hasura_role'], // Removed extra backslashes
+                    limit: 1,
+                });
+                if (((_b = userByEmailResult === null || userByEmailResult === void 0 ? void 0 : userByEmailResult.users) === null || _b === void 0 ? void 0 : _b.length) > 0) {
+                    existingUser = userByEmailResult.users[0];
+                    debug(`Found existing user by email ${profile.email}. User ID: ${existingUser.id}. Linking account.`);
+                    // Link account to this existing user
+                    yield client.insert({
+                        table: 'accounts',
+                        object: {
+                            user_id: existingUser.id,
+                            provider: provider,
+                            provider_account_id: providerAccountId,
+                            type: provider === 'credentials' ? 'credentials' : 'oauth', // Set type based on provider
+                        },
+                        returning: ['id'], // Removed extra backslashes
+                    });
+                    debug(`Account ${provider}:${providerAccountId} linked to user ${existingUser.id}.`);
+                    return existingUser;
+                }
+            }
+            catch (error) {
+                // Handle potential duplicate account insertion error gracefully if needed
+                if (error instanceof client_1.ApolloError && error.message.includes('Uniqueness violation')) {
+                    debug(`Account ${provider}:${providerAccountId} likely already linked during concurrent request. Attempting to refetch.`);
+                    // Retry finding the account, as it might have been created concurrently
+                    return getOrCreateUserAndAccount(client, provider, providerAccountId, profile);
+                }
+                else {
+                    debug(`Error searching for user by email ${profile.email} or linking account:`, error);
+                    throw new Error(`Failed to process user by email or link account: ${error.message}`);
+                }
+            }
+        }
+        // --- 3. Create new user and account --- 
+        debug(`No existing user found by email or account link. Creating new user and account for ${provider}:${providerAccountId}.`);
+        try {
+            // We need to insert the user first, then the account linking to it.
+            // Hasura doesn't directly support nested inserts with linking back in the same mutation easily via the generator.
+            const newUserInput = {
+                name: profile === null || profile === void 0 ? void 0 : profile.name,
+                email: profile === null || profile === void 0 ? void 0 : profile.email, // Will be null for credentials initially, set later?
+                image: profile === null || profile === void 0 ? void 0 : profile.image,
+                hasura_role: 'user', // Default role
+                // email_verified: profile?.email_verified ? new Date().toISOString() : null, // Need verification logic for OAuth
+            };
+            // For credentials, the user is created *after* email verification, but we handle it here for OAuth
+            const newUserResult = yield client.insert({
+                table: 'users',
+                object: newUserInput,
+                // Return all fields needed for the session/JWT
+                returning: ['id', 'name', 'email', 'email_verified', 'image', 'password', 'created_at', 'updated_at', 'is_admin', 'hasura_role'], // Removed extra backslashes
+            });
+            if (!((_c = newUserResult === null || newUserResult === void 0 ? void 0 : newUserResult.insert_users_one) === null || _c === void 0 ? void 0 : _c.id)) {
+                throw new Error('Failed to create new user or retrieve its ID.');
+            }
+            const newUser = newUserResult.insert_users_one;
+            debug(`New user created with ID: ${newUser.id}`);
+            // Now create the account linked to the new user
+            yield client.insert({
+                table: 'accounts',
+                object: {
+                    user_id: newUser.id,
+                    provider: provider,
+                    provider_account_id: providerAccountId,
+                    type: provider === 'credentials' ? 'credentials' : 'oauth', // Set type based on provider
+                },
+                returning: ['id'], // Removed extra backslashes
+            });
+            debug(`Account ${provider}:${providerAccountId} created and linked to new user ${newUser.id}.`);
+            return newUser;
+        }
+        catch (error) {
+            debug('Error creating new user or account:', error);
+            // Handle potential duplicate user email error more gracefully if necessary
+            if (error instanceof client_1.ApolloError && error.message.includes('Uniqueness violation') && error.message.includes('users_email_key')) {
+                debug(`User with email ${profile === null || profile === void 0 ? void 0 : profile.email} likely already exists. Attempting to find and link.`);
+                // If user creation failed due to duplicate email, retry finding by email and linking account
+                if ((profile === null || profile === void 0 ? void 0 : profile.email) && provider !== 'credentials') {
+                    return getOrCreateUserAndAccount(client, provider, providerAccountId, profile);
+                }
+            }
+            throw new Error(`Failed to create new user/account: ${error.message}`);
+        }
+    });
+}

package/dist/lib/client.d.ts

@@ -1,54 +1,54 @@
-import { ApolloClient, ApolloError, FetchResult, Observable, OperationVariables, useQuery as useApolloQuery, useSubscription as useApolloSubscription } from '@apollo/client';
-import { GenerateOptions, GenerateResult } from './generator';
-/**
- * Represents the result structure from Apollo hooks, including potential errors.
- */
-export interface HookResult<TData = any> {
-    loading: boolean;
-    data?: TData;
-    error?: ApolloError;
-    [key: string]: any;
-    generatedQuery?: GenerateResult['query'];
-    generatedVariables?: GenerateResult['variables'];
+import { QueryHookOptions as ApolloQueryHookOptions, SubscriptionHookOptions as ApolloSubscriptionHookOptions, MutationHookOptions as ApolloMutationHookOptions, MutationTuple, QueryResult, SubscriptionResult, OperationVariables, ApolloClient, NormalizedCacheObject, FetchResult, Observable } from '@apollo/client';
+import { GenerateOptions } from './generator';
+interface ClientMethodOptions extends Omit<GenerateOptions, 'operation'> {
+    role?: string;
 }
 export declare class Client {
     private apolloClient;
     private generate;
-    constructor(apolloClient: ApolloClient<any>);
+    constructor(apolloClient: ApolloClient<NormalizedCacheObject>);
     /**
      * Executes a GraphQL query (select operation).
-     * @param options - Options for generating the query.
+     * @param options - Options for generating the query, including an optional `role`.
      * @returns Promise resolving with the query result data.
      * @throws ApolloError if the query fails or returns GraphQL errors.
      */
-    select<TData = any>(options: Omit<GenerateOptions, 'operation'>): Promise<TData>;
+    select<TData = any>(options: ClientMethodOptions): Promise<TData>;
     /**
      * Executes a GraphQL insert mutation.
-     * @param options - Options for generating the mutation.
+     * @param options - Options for generating the mutation, including an optional `role`.
      * @returns Promise resolving with the mutation result data.
      * @throws ApolloError if the mutation fails or returns GraphQL errors.
      */
-    insert<TData = any>(options: Omit<GenerateOptions, 'operation'>): Promise<TData>;
+    insert<TData = any>(options: ClientMethodOptions): Promise<TData>;
     /**
      * Executes a GraphQL update mutation.
-     * @param options - Options for generating the mutation.
+     * @param options - Options for generating the mutation, including an optional `role`.
      * @returns Promise resolving with the mutation result data.
      * @throws ApolloError if the mutation fails or returns GraphQL errors.
      */
-    update<TData = any>(options: Omit<GenerateOptions, 'operation'>): Promise<TData>;
+    update<TData = any>(options: ClientMethodOptions): Promise<TData>;
     /**
      * Executes a GraphQL delete mutation.
-     * @param options - Options for generating the mutation.
+     * @param options - Options for generating the mutation, including an optional `role`.
      * @returns Promise resolving with the mutation result data.
      * @throws ApolloError if the mutation fails or returns GraphQL errors.
      */
-    delete<TData = any>(options: Omit<GenerateOptions, 'operation'>): Promise<TData>;
+    delete<TData = any>(options: ClientMethodOptions): Promise<TData>;
     /**
      * Initiates a GraphQL subscription.
-     * @param options - Options for generating the subscription.
+     * Note: Role support via context might not work for WebSockets depending on Apollo Link setup.
+     * Role is typically set during WebSocket connection establishment.
+     * @param options - Options for generating the subscription, including an optional `role`.
      * @returns An Observable for the subscription results.
      */
-    subscribe<TData = any, TVariables extends OperationVariables = OperationVariables>(options: Omit<GenerateOptions, 'operation'>): Observable<FetchResult<TData>>;
+    subscribe<TData = any, TVariables extends OperationVariables = OperationVariables>(options: ClientMethodOptions): Observable<FetchResult<TData>>;
+    useSubscription<TData = any, TVariables extends OperationVariables = OperationVariables>(generateOptions: ClientGeneratorOptions, hookOptions?: SubscriptionHookOptions<TData, TVariables> & {
+        variables?: TVariables;
+    }): SubscriptionResult<TData, TVariables>;
+    useQuery<TData = any, TVariables extends OperationVariables = OperationVariables>(generateOptions: ClientGeneratorOptions, hookOptions?: QueryHookOptions<TData, TVariables> & {
+        variables?: TVariables;
+    }): QueryResult<TData, TVariables>;
 }
 /**
  * Hook to get the Apollo Client instance.
@@ -57,26 +57,25 @@ export declare class Client {
  * @returns The ApolloClient instance.
  * @throws Error if no client is found.
  */
-export declare function useClient(providedClient?: ApolloClient<any> | null): ApolloClient<any>;
-/**
- * Hook to perform a GraphQL query using the generator.
- * @template TData - The expected data type.
- * @param options - Options for the generator (operation is automatically set to 'query').
- * @param providedClient - Optional ApolloClient instance to use instead of context.
- * @param hookOptions - Optional additional options passed directly to Apollo's useQuery hook.
- * @returns An object containing loading state, data, error, and the generated query/variables.
- */
-export declare function useQuery<TData = any>(options: Omit<GenerateOptions, 'operation'>, providedClient?: ApolloClient<any> | null, hookOptions?: Omit<Parameters<typeof useApolloQuery>[1], 'variables' | 'client' | 'query'>): HookResult<TData>;
-/** Alias for useQuery */
+export declare function useClient(providedClient?: ApolloClient<any> | null): Client;
+type BaseHookOptions = {
+    role?: string;
+};
+type QueryHookOptions<TData, TVariables extends OperationVariables> = BaseHookOptions & Omit<ApolloQueryHookOptions<TData, TVariables>, 'query' | 'variables' | 'context'>;
+type SubscriptionHookOptions<TData, TVariables extends OperationVariables> = BaseHookOptions & Omit<ApolloSubscriptionHookOptions<TData, TVariables>, 'query' | 'variables' | 'context'>;
+type MutationHookOptions<TData, TVariables extends OperationVariables> = BaseHookOptions & Omit<ApolloMutationHookOptions<TData, TVariables>, 'mutation' | 'variables' | 'context'>;
+type ClientGeneratorOptions = Omit<GenerateOptions, 'operation'>;
+export declare function useQuery<TData = any, TVariables extends OperationVariables = OperationVariables>(generateOptions: ClientGeneratorOptions, hookOptions?: QueryHookOptions<TData, TVariables> & {
+    variables?: TVariables;
+}): QueryResult<TData, TVariables>;
+export declare function useSubscription<TData = any, TVariables extends OperationVariables = OperationVariables>(generateOptions: ClientGeneratorOptions, hookOptions?: SubscriptionHookOptions<TData, TVariables> & {
+    variables?: TVariables;
+}): SubscriptionResult<TData, TVariables>;
+export declare function useMutation<TData = any, TVariables extends OperationVariables = OperationVariables>(generateOptions: GenerateOptions, // Use full GenerateOptions for mutations
+hookOptions?: MutationHookOptions<TData, TVariables>): MutationTuple<TData, TVariables>;
 export declare const useSelect: typeof useQuery;
-/**
- * Hook to perform a GraphQL subscription using the generator.
- * @template TData - The expected data type.
- * @param options - Options for the generator (operation is automatically set to 'subscription').
- * @param providedClient - Optional ApolloClient instance to use instead of context.
- * @param hookOptions - Optional additional options passed directly to Apollo's useSubscription hook.
- * @returns An object containing loading state, data, error, and the generated query/variables.
- */
-export declare function useSubscription<TData = any>(options: Omit<GenerateOptions, 'operation'>, providedClient?: ApolloClient<any> | null, hookOptions?: Omit<Parameters<typeof useApolloSubscription>[1], 'variables' | 'client' | 'query'>): HookResult<TData>;
-/** Alias for useSubscription */
+export declare const useInsert: (genOpts: Omit<GenerateOptions, "operation">, hookOpts?: MutationHookOptions<any, any>) => MutationTuple<any, any>;
+export declare const useUpdate: (genOpts: Omit<GenerateOptions, "operation">, hookOpts?: MutationHookOptions<any, any>) => MutationTuple<any, any>;
+export declare const useDelete: (genOpts: Omit<GenerateOptions, "operation">, hookOpts?: MutationHookOptions<any, any>) => MutationTuple<any, any>;
 export declare const useSubscribe: typeof useSubscription;
+export {};