nodester 0.0.1

package/lib/facades/jwt.facade.js

@@ -0,0 +1,273 @@
+// Access to database.
+const Sequelize = require('sequelize');
+// JWT service.
+const JWT = require('nodester/services/jwt.service');
+// Utils:
+const { lowerCaseFirstLetter } = require('nodester/utils/strings.util');
+const { addSeconds } = require('nodester/utils/dates.util');
+const Params = require('nodester/facades/FacadeParams');
+
+
+module.exports = class JWTFacade {
+	constructor(
+		disabledRefreshToken,
+		roleModels=[],
+		accessTokenConfigs=null,
+		refreshTokenConfigs=null
+	) {
+		if (!disabledRefreshToken)
+			throw new Erroror('"disabledRefreshToken" argument is invalid.');
+
+		this.disabledRefreshToken = disabledRefreshToken;
+
+		this.roleModels = {};
+		roleModels.forEach(model => {
+			const name = lowerCaseFirstLetter(model?.options?.name?.singular);
+			this.roleModels[name] = model;
+		});
+
+		this.service = new JWT(accessTokenConfigs, refreshTokenConfigs);
+	}
+
+	async login(params) {
+		try {
+			const {
+				email,
+				password,
+				role
+			} = Params(params, {
+				email: null,
+				password: null,
+				role: null
+			});
+
+			if (Object.keys(this.roleModels).indexOf(role) === -1)
+				throw new Error();
+
+			// Extract model difinition of this type.
+			const modelDefinition = this.roleModels[role];
+			const instance = await modelDefinition?.findOneByEmail(email);
+
+			if (!instance)
+				throw new Error();
+
+			const compareResult = await instance?.comparePasswords(password);
+
+			if (compareResult === false)
+				throw new Error();
+
+			const result = {
+				role: role,
+				[role]: instance.toJSON(),
+				tokens: await this.issueTokens({ modelInstance: instance, modelName: role })
+			}
+
+			// Send output.
+			return Promise.resolve(result);
+		}
+		catch(error) {
+			console.error(error);
+
+			// Unauthorized on any error:
+			const err = new Error();
+			err.name = 'Unauthorized';
+			return Promise.reject(err);
+		}
+	}
+
+	async issueAccessToken(params) {
+		try {
+			const {
+				parsedRefreshToken,
+				modelInstance,
+				modelName
+			} = Params(params, {
+				parsedRefreshToken: null,
+				modelInstance: null,
+				modelName: null,
+			});
+
+			let newAccessToken = null;
+
+			if (!modelName && !parsedRefreshToken.role) {
+				const err = new Error('No "modelName" provided for JWT issue.');
+				err.name = "ValidationError";
+				err.status = 403;
+				throw err;
+			}
+
+			// If parsed refresh token was provided:
+			if (!!parsedRefreshToken) {
+				const payload = {
+					id: parsedRefreshToken?.id,
+					role: parsedRefreshToken.role,
+				};
+				newAccessToken = await this.service.issueAccessToken(payload);
+			}
+			// If modelInstance was provided:
+			else if (!!modelInstance) {
+				const payload = {
+					id: modelInstance?.id,
+					role: modelName
+				};
+				newAccessToken = await this.service.issueAccessToken(payload);
+			}
+			else {
+				const err = new Error('No "modelInstance" or "parsedRefreshToken" provided for JWT issue.');
+				err.name = "ValidationError";
+				err.status = 403;
+				throw err;
+			}
+
+			// Check if issue was successful.
+			if (!newAccessToken) {
+				const err = new Error("Could not issue new access token.");
+				err.status = 401;
+				throw err;
+			}
+
+			// Send output.
+			return Promise.resolve(newAccessToken);
+		}
+		catch(error) {
+			return Promise.reject(error);
+		}
+	}
+
+	async issueTokens(params) {
+		try {
+			const {
+				modelInstance,
+				modelName,
+				noAccessToken,
+				noRefreshToken
+			} = Params(params, {
+				modelInstance: null,
+				modelName: null,
+				noAccessToken: false,
+				noRefreshToken: false
+			});
+
+			// Prepare payload container.
+			let payload = {};
+
+			if (!!modelInstance && !!modelName) {
+				payload = {
+					id: modelInstance?.id,
+					role: modelName
+				};
+			}
+			else {
+				const err = new Error('No "modelInstance" and "modelName" provided for JWT issue.');
+				err.name = "ValidationError";
+				err.status = 403;
+				throw err;
+			}
+
+			const accessToken = await this.service.issueAccessToken(payload);
+			const refreshToken = await this.service.issueRefreshToken(payload);
+
+			// Prepare output,
+			const tokens = {
+				accessToken,
+				refreshToken
+			};
+
+			if (noAccessToken)
+				delete tokens.accessToken;
+
+			if (noRefreshToken)
+				delete tokens.refreshToken;
+			
+			// Send output.
+			return Promise.resolve(tokens);
+		}
+		catch(error) {
+			return Promise.reject(error);
+		}
+	}
+
+	async refreshAccessToken(params) {
+		try {
+			const {
+				refreshToken,
+				parsedRefreshToken
+			} = Params(params, {
+				refreshToken: null,
+				parsedRefreshToken: null
+			});
+
+			// Check if token is not blocked:
+			const isActive = await this.isRefreshTokenActive({ refreshToken });
+			if (!isActive) {
+				const err = new Error('Invalid Token!');
+				err.name = 'InvalidToken';
+				throw err;
+			}
+
+			// Issue new access token, based on refresh token:
+			const accessToken = await this.issueAccessToken({ parsedRefreshToken });
+
+			// Send output.
+			return Promise.resolve(accessToken);
+		}
+		catch(error) {
+			return Promise.reject(error);
+		}
+	}
+
+	async isRefreshTokenActive(params) {
+		try {
+			const {
+				refreshToken
+			} = Params(params, {
+				refreshToken: null
+			});
+
+			const foundTokens = await this.disabledRefreshToken.selectAll({ token: refreshToken });
+
+			// Prepare output. Check if provided token was not disabled.
+			const isActive = foundTokens.length === 0;
+
+			// Send output.
+			return Promise.resolve(isActive);
+		}
+		catch(error) {
+			return Promise.reject(error);
+		}
+	}
+
+	async disableRefreshToken(params) {
+		try {
+			const {
+				refreshToken,
+				parsedToken
+			} = Params(params, {
+				refreshToken: null,
+				parsedToken: null
+			});
+
+			// Unwrap nessessary data.
+			const { id, role } = parsedToken;
+
+			// Find or create:
+			const cofParams = {
+				[`${ role }_id`]: id,
+				token: refreshToken
+			};
+			const [ disabledRefreshToken, created ] = await this.disabledRefreshToken.createOrFind(cofParams);
+
+			// Check result,
+			const createdStatus = created === true || !!disabledRefreshToken;
+
+			// Send output.
+			const result = {
+				status: createdStatus
+			}
+			return Promise.resolve(result);
+		}
+		catch(error) {
+			return Promise.reject(error);
+		}
+	}
+}

package/lib/factories/errors/CustomError.js

@@ -0,0 +1,22 @@
+class CustomError extends Error {
+	constructor(message) {
+		super(message);
+		this.name = this.constructor.name;
+		this.status = 500;
+
+		// Remove constructor info from stack.
+		Error.captureStackTrace(this, this.constructor);
+	}
+
+	replicate(originalError) {
+		this.name = originalError?.name ?? this.name;
+		this.code = originalError?.code ?? this.code;
+		this.status = originalError?.status ?? this.status;
+
+		// Append stack from original error.
+		const messageLines = (this.message.match(/\n/g)||[]).length + 1
+		this.stack = this.stack.split('\n').slice(0, messageLines+1).join('\n') + '\n' + originalError.stack;
+	}
+}
+
+module.exports = CustomError;

package/lib/factories/errors/index.js

@@ -0,0 +1,9 @@
+/*
+ * Add all your custom errors in this file.
+ */
+const Err = require('./CustomError');
+
+
+module.exports = {
+	Err
+}

package/lib/factories/responses/api.js

@@ -0,0 +1,90 @@
+const ResponseFormats = require('nodester/constants/ResponseFormats');
+
+
+module.exports = class APIResponseFactory {
+	constructor() {}
+
+	/*
+		Format for all API responses will be JSON
+		{
+			content: {...}
+			error: {...}
+		}
+		Status code is sent in header.
+
+		If error is not present, error should be null.
+		If error is present, content can be null (But it's not required).
+	*/
+	createGenericResponse(
+		options = {
+			res: null,
+			status: 200,
+			content: {},
+			error: null,
+			format: ResponseFormats.JSON
+		}
+	) {
+		try {
+			const data = {
+				content: options?.content ?? null,
+				error: options?.error ?? null
+			};
+
+			switch(options?.format) {
+				case ResponseFormats.JSON:
+					return options?.res.status(options?.status).json(data);
+				case ResponseFormats.XML:
+					break;
+				default: {
+					const err = new Error("No response format specified.");
+					throw err;
+				}
+			}
+		}
+		catch(error) {
+			const err = new Error(`Could not create generic response: ${error.message}`);
+			err.name = error?.name;
+			err.code = error?.code;
+
+			console.error(err);
+
+			throw err;
+		}
+	}
+
+	/**
+	 * Sends response with status code 200.
+	 * Should be called on all successful respones.
+	 *
+	 * @param <Object> res
+	 * @param <Object> content
+	 * @param <String> format
+	 */
+	createOKResponse(options) {
+
+		return this.createGenericResponse({ 
+			...options,
+			status: 200,
+			format: options?.format ?? ResponseFormats.JSON
+		});
+	}
+
+	/**
+	 * Sends response with provided error code.
+	 * Should be called on all failed respones.
+	 *
+	 * @param <Object> res
+	 * @param <Object> error
+	 * @param <Object> content (optional)
+	 * @param <Int>		 status
+	 * @param <String> format
+	 */
+	createErrorResponse(options) {
+
+		return this.createGenericResponse({
+			...options,
+			status: options?.status ?? 500,
+			format: options?.format ?? ResponseFormats.JSON
+		});
+	}
+}

package/lib/factories/responses/html.js

@@ -0,0 +1,55 @@
+const Params = require('nodester/facades/FacadeParams');
+
+
+module.exports = class WebResponseFactory {
+	constructor() {}
+
+	/**
+	 * Sends rendererd HTML view with status code 200.
+	 * Should be called on all successful respones.
+	 *
+	 * @param <Object> res
+	 * @param <String> viewName
+	 * @param <Object> params
+	 */
+	createOKResponse(params) {
+		const {
+			res,
+			viewName,
+			viewParams,
+		} = Params(params, {
+			res: null,
+			viewName: null,
+			viewParams: {},
+		});
+
+		return res.render(viewName, viewParams);
+	}
+
+	/**
+	 * Sends response with provided error code.
+	 * Should be called on all failed respones.
+	 *
+	 * @param <Object> res
+	 * @param <Object> error
+	 * @param <Int>		 code
+	 */
+	createErrorResponse(params) {
+		const {
+			res,
+			error,
+			code,
+		} = Params(params, {
+			res: null,
+			error: {},
+			code: 500,
+		});
+
+		const statusCode = error?.status ?? code;
+		const viewParams = {
+			title: `${statusCode} error`,
+			heading: `${statusCode} | ${error.message}.`
+		};
+		return res.render('error', viewParams);
+	}
+}

package/lib/logger/console.js

@@ -0,0 +1,24 @@
+/*!
+ * /nodester
+ * MIT Licensed
+ */
+
+'use strict';
+
+
+exports = module.exports = {
+	error: _error
+}
+
+/**
+ * Log error using console.error.
+ *
+ * @param {Error} err
+ *
+ * @alias error
+ * @public
+ */
+
+function _error(err) {
+  console.error(err.stack || err.toString());
+}

package/lib/models/DisabledRefreshToken.js

@@ -0,0 +1,68 @@
+const defineModel = require('./define');
+// ORM.
+const { DataTypes } = require('sequelize');
+
+
+module.exports = _defineDisabledRefreshToken;
+
+function _defineDisabledRefreshToken(
+	database,
+	roleIds=[],
+	options={}
+) {
+
+	const fields = {
+		id: {
+			type: DataTypes.INTEGER.UNSIGNED,
+			allowNull: false,
+			primaryKey: true,
+			autoIncrement: true,
+			_autoGenerated: true
+		},
+		
+		token: {
+			type: DataTypes.STRING,
+			required: true,
+			allowNull: false,
+			unique: true
+		}
+	};
+
+	roleIds.forEach(roleId => fields[roleId] = {
+		type: DataTypes.INTEGER.UNSIGNED,
+		allowNull: true
+	});
+
+	const disabledRefreshToken = defineModel(database, 'DisabledRefreshToken',
+		(DataTypes) => ( fields ),
+		{ ...options }
+	);
+
+	disabledRefreshToken.createOrFind = function({ 
+		token,
+		...roleInfo
+	}) {
+		const where = {
+			token
+		};
+
+		const defaults = {
+			token: token,
+			...roleInfo
+		};
+
+		const query = {
+			where,
+			defaults
+		};
+		return this.findOrCreate(query);
+	}
+
+	disabledRefreshToken.selectAll = function({ token }) {
+		const where = { token };
+		const query = { where };
+		return this.findAll(query);
+	}
+
+	return disabledRefreshToken;
+}