pangea-server 3.3.1 → 3.3.3

package/dist/auth/access-token.class.d.ts

@@ -0,0 +1,13 @@
+import { User } from '../database';
+import type { UserCtor } from './auth.types';
+export declare class AccessToken {
+    private __privateKey;
+    constructor(privateKey: string);
+    getKey(userCtor: UserCtor): string;
+    createToken(userCtor: UserCtor, id: ModelId): string;
+    verifyToken(token: string): Record<string, number>;
+    getTokenData(userCtor: UserCtor, user: User): {
+        accessToken: string;
+        user: User;
+    };
+}

package/dist/auth/access-token.class.js

@@ -0,0 +1,28 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AccessToken = void 0;
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+// helpers
+const pangea_helpers_1 = require("pangea-helpers");
+class AccessToken {
+    constructor(privateKey) {
+        this.__privateKey = privateKey;
+    }
+    getKey(userCtor) {
+        return `${(0, pangea_helpers_1.getFirstChartInLowercase)(userCtor.name)}Id`;
+    }
+    createToken(userCtor, id) {
+        const key = this.getKey(userCtor);
+        return jsonwebtoken_1.default.sign({ [key]: id }, this.__privateKey, { expiresIn: 60 * 60 * 24 * 365 });
+    }
+    verifyToken(token) {
+        return jsonwebtoken_1.default.verify(token, this.__privateKey);
+    }
+    getTokenData(userCtor, user) {
+        return { accessToken: this.createToken(userCtor, user.id), user };
+    }
+}
+exports.AccessToken = AccessToken;

package/dist/auth/auth.helpers.d.ts

@@ -0,0 +1,17 @@
+import { AccessToken } from './access-token.class';
+import { User } from '../database';
+import type { UserCtor, AuthMap } from './auth.types';
+type AuthHeader = string | undefined;
+export declare function login<U extends User>(authHeader: AuthHeader, db: Db, accessToken: AccessToken, userCtor: BaseModelCtor<U>, extraWhere?: Where<U>): Promise<{
+    accessToken: string;
+    user: User;
+}>;
+export declare function validateAccessToken(authHeader: AuthHeader, db: Db, accessToken: AccessToken, userCtor: UserCtor): Promise<{
+    accessToken: string;
+    user: User;
+}>;
+export declare function getUserFromToken(authHeader: AuthHeader, db: Db, accessToken: AccessToken, userCtor: UserCtor): Promise<User | null> | null;
+export declare function getUsersFromToken(authHeader: AuthHeader, db: Db, accessToken: AccessToken, authMap: AuthMap): Promise<{
+    [k: string]: User | null;
+}>;
+export {};

package/dist/auth/auth.helpers.js

@@ -0,0 +1,73 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getUsersFromToken = exports.getUserFromToken = exports.validateAccessToken = exports.login = void 0;
+// helpers
+const helpers_1 = require("../helpers");
+async function login(authHeader, db, accessToken, userCtor, extraWhere = {}) {
+    if (!authHeader?.startsWith('Basic '))
+        helpers_1.AppError.ThrowInvalidCredentials();
+    const base64 = authHeader.slice(6);
+    const decoded = Buffer.from(base64, 'base64').toString('utf-8');
+    const [username, password] = decoded.split(':');
+    if (!username || !password)
+        helpers_1.AppError.ThrowInvalidCredentials();
+    const where = { ...extraWhere, username };
+    const user = await db.findOneOrNull(userCtor, where, { scopes: ['withHiddenAttributes'] });
+    if (!user)
+        helpers_1.AppError.ThrowInvalidCredentials();
+    const isPasswordValid = await (0, helpers_1.comparePasswords)(password, user.password);
+    if (!isPasswordValid)
+        helpers_1.AppError.ThrowInvalidCredentials();
+    return accessToken.getTokenData(userCtor, user);
+}
+exports.login = login;
+async function validateAccessToken(authHeader, db, accessToken, userCtor) {
+    const user = await getUserFromToken(authHeader, db, accessToken, userCtor);
+    if (!user)
+        helpers_1.AppError.ThrowUnauthorized();
+    return accessToken.getTokenData(userCtor, user);
+}
+exports.validateAccessToken = validateAccessToken;
+function getUserFromToken(authHeader, db, accessToken, userCtor) {
+    try {
+        const token = getBearerToken(authHeader);
+        const payload = accessToken.verifyToken(token);
+        const key = accessToken.getKey(userCtor);
+        const id = payload[key];
+        if (!id)
+            return null;
+        return db.findOneOrNull(userCtor, id);
+    }
+    catch {
+        return null;
+    }
+}
+exports.getUserFromToken = getUserFromToken;
+async function getUsersFromToken(authHeader, db, accessToken, authMap) {
+    try {
+        const token = getBearerToken(authHeader);
+        const payload = accessToken.verifyToken(token);
+        const results = await Promise.all(Object.entries(authMap).map(async ([type, userCtor]) => {
+            const key = accessToken.getKey(userCtor);
+            const id = payload[key];
+            if (!id)
+                return [type, null];
+            const user = await db.findOneOrNull(userCtor, id);
+            return [type, user];
+        }));
+        return Object.fromEntries(results);
+    }
+    catch {
+        return Object.fromEntries(Object.keys(authMap).map((type) => [type, null]));
+    }
+}
+exports.getUsersFromToken = getUsersFromToken;
+// internal functions
+function getBearerToken(authHeader) {
+    if (!authHeader)
+        throw new Error('Missing authorization header');
+    const [type, token] = authHeader.split(' ');
+    if (type !== 'Bearer' || !token)
+        throw new Error('Invalid authorization format');
+    return token;
+}

package/dist/auth/auth.types.d.ts

@@ -0,0 +1,11 @@
+import { BaseAuth } from './base-auth.class';
+import { User } from '../database';
+export type UserCtor = BaseModelCtor<User>;
+export type AuthMap = Record<string, UserCtor>;
+export type UserType<AM extends AuthMap> = keyof AM;
+export type AuthUsers<AM extends AuthMap> = {
+    [K in keyof AM]: InstanceType<AM[K]> | null;
+};
+export interface AuthCtor<AM extends AuthMap, AU extends AuthUsers<AM>, BA extends BaseAuth<AM>> {
+    new (authUsers: AU): BA;
+}

package/dist/auth/auth.types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/auth/base-auth.class.d.ts

@@ -0,0 +1,11 @@
+import type { AuthMap, UserType, AuthUsers } from './auth.types';
+export declare abstract class BaseAuth<AM extends AuthMap> {
+    private __authUsers;
+    constructor(authUsers: AuthUsers<AM>);
+    free(): void;
+    notSetYet(): void;
+    notAllowed(): void;
+    isUserAuth<T extends UserType<AM>>(type: T): boolean;
+    getUserAuth<T extends UserType<AM>>(type: T): NonNullable<AuthUsers<AM>[T]>;
+    getUsersAuth<const T extends readonly UserType<AM>[]>(types: T): { [I in keyof T]: InstanceType<AM[T[I]]> | null; };
+}

package/dist/auth/base-auth.class.js

@@ -0,0 +1,35 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BaseAuth = void 0;
+// helpers
+const helpers_1 = require("../helpers");
+class BaseAuth {
+    constructor(authUsers) {
+        this.__authUsers = authUsers;
+    }
+    free() {
+        (0, helpers_1.printWarning)('auth', 'free access');
+    }
+    notSetYet() {
+        (0, helpers_1.printWarning)('auth', 'auth not set yet');
+    }
+    notAllowed() {
+        helpers_1.AppError.ThrowUnauthorized();
+    }
+    isUserAuth(type) {
+        return !!this.__authUsers[type];
+    }
+    getUserAuth(type) {
+        const user = this.__authUsers[type];
+        if (!user)
+            helpers_1.AppError.ThrowUnauthorized();
+        return user;
+    }
+    getUsersAuth(types) {
+        const users = types.map((type) => this.__authUsers[type]);
+        if (users.every((user) => !user))
+            helpers_1.AppError.ThrowUnauthorized();
+        return users;
+    }
+}
+exports.BaseAuth = BaseAuth;

package/dist/auth/index.d.ts

@@ -0,0 +1,4 @@
+export * from './access-token.class';
+export * from './auth.helpers';
+export * from './auth.types';
+export * from './base-auth.class';

package/dist/auth/index.js

@@ -0,0 +1,20 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./access-token.class"), exports);
+__exportStar(require("./auth.helpers"), exports);
+__exportStar(require("./auth.types"), exports);
+__exportStar(require("./base-auth.class"), exports);

package/dist/helpers/job.helpers.d.ts

@@ -1,6 +1,18 @@
 import { Db } from '../database';
-type Task = (db: Db) => Promise<void>;
-type Timezone = 'UTC' | 'America/New_York' | 'America/Los_Angeles' | 'America/Argentina/Buenos_Aires' | 'America/Sao_Paulo' | 'Europe/London' | 'Europe/Madrid' | 'Africa/Johannesburg' | 'Asia/Tokyo' | 'Australia/Sydney';
+type Now = {
+    year: number;
+    yearStr: string;
+    month: number;
+    monthStr: string;
+    day: number;
+    dayStr: string;
+    hour: number;
+    hourStr: string;
+    minute: number;
+    minuteStr: string;
+};
+type Timezone = 'UTC' | 'America/Argentina/Buenos_Aires';
+type Task = (db: Db, now: Now) => Promise<void>;
 type ScheduleConfig = {
     expression: string;
     timezone: Timezone;
@@ -10,6 +22,7 @@ type ScheduleConfig = {
 export declare abstract class Job {
     static Schedule(config: ScheduleConfig): void;
     private static __Run;
+    private static __GetNow;
 }
 export interface JobCtor {
     Init(): void;

package/dist/helpers/job.helpers.js

@@ -9,13 +9,14 @@ const database_1 = require("../database");
 class Job {
     static Schedule(config) {
         const { expression, timezone, task, runOnInit = false } = config;
-        node_cron_1.default.schedule(expression, () => this.__Run(task), { timezone, runOnInit });
+        node_cron_1.default.schedule(expression, () => this.__Run(timezone, task), { timezone, runOnInit });
     }
-    static async __Run(task) {
+    static async __Run(timezone, task) {
         const tx = await (0, database_1.getDbClient)().transaction();
         const db = new database_1.Db(tx);
+        const now = this.__GetNow(timezone);
         try {
-            await task(db);
+            await task(db, now);
             await tx.commit();
         }
         catch (err) {
@@ -23,5 +24,36 @@ class Job {
             throw err;
         }
     }
+    static __GetNow(timezone) {
+        const today = new Date();
+        const parts = new Intl.DateTimeFormat(undefined, {
+            timeZone: timezone,
+            year: 'numeric',
+            month: 'numeric',
+            day: 'numeric',
+            hour: 'numeric',
+            minute: 'numeric',
+            hour12: false,
+        }).formatToParts(today);
+        const getNum = (type) => Number(parts.find((p) => p.type === type).value);
+        const pad = (num) => String(num).padStart(2, '0');
+        const year = getNum('year');
+        const month = getNum('month');
+        const day = getNum('day');
+        const hour = getNum('hour');
+        const minute = getNum('minute');
+        return {
+            year,
+            yearStr: String(year),
+            month,
+            monthStr: pad(month),
+            day,
+            dayStr: pad(day),
+            hour,
+            hourStr: pad(hour),
+            minute,
+            minuteStr: pad(minute),
+        };
+    }
 }
 exports.Job = Job;

package/dist/index.d.ts

@@ -1,5 +1,5 @@
 export { startServer } from './main';
-export * from './authentication';
+export * from './auth';
 export * from './database';
 export * from './helpers';
 export * from './resources';

package/dist/index.js

@@ -17,7 +17,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.startServer = void 0;
 var main_1 = require("./main");
 Object.defineProperty(exports, "startServer", { enumerable: true, get: function () { return main_1.startServer; } });
-__exportStar(require("./authentication"), exports);
+__exportStar(require("./auth"), exports);
 __exportStar(require("./database"), exports);
 __exportStar(require("./helpers"), exports);
 __exportStar(require("./resources"), exports);

package/dist/router/app-router.class.d.ts

@@ -1,6 +1,6 @@
 import { Router } from 'express';
-import { BaseAuth } from '../authentication';
-import type { AuthMap, AuthUsers } from '../authentication/authentication.types';
+import { BaseAuth } from '../auth';
+import type { AuthMap, AuthUsers } from '../auth/auth.types';
 import type { RouteValidator as Validator, RouteValidate as Validate } from '../validator/validator.types';
 import type { SetRouteArgs, AuthConfig } from './router.types';
 type ApiMethod = 'get' | 'post' | 'put' | 'patch' | 'delete';

package/dist/router/call-controller.d.ts

@@ -1,5 +1,5 @@
-import { BaseAuth } from '../authentication';
-import type { AuthMap, AuthUsers } from '../authentication/authentication.types';
+import { BaseAuth } from '../auth';
+import type { AuthMap, AuthUsers } from '../auth/auth.types';
 import type { RouteValidator, RouteValidate } from '../validator/validator.types';
 import type { Controller, AuthConfig } from './router.types';
 export declare function callController<V extends RouteValidator, AM extends AuthMap, AU extends AuthUsers<AM>, BA extends BaseAuth<AM>>(controller: Controller<V, AM, BA>, validate: RouteValidate<V>, appVersion: string, authConfig: AuthConfig<AM, AU, BA>): (req: Req, res: Res) => Promise<void>;

package/dist/router/call-controller.js

@@ -7,8 +7,8 @@ const helpers_1 = require("../helpers");
 const pangea_helpers_1 = require("pangea-helpers");
 // database
 const database_1 = require("../database");
-// authentication
-const authentication_1 = require("../authentication");
+// auth
+const auth_1 = require("../auth");
 // validator
 const validate_request_1 = require("../validator/validate-request");
 function callController(controller, validate, appVersion, authConfig) {
@@ -24,7 +24,7 @@ function callController(controller, validate, appVersion, authConfig) {
         const db = new database_1.Db(tx);
         let result;
         try {
-            const authUsers = await (0, authentication_1.getUsersFromToken)(headers.authorization, db, accessToken, authMap);
+            const authUsers = await (0, auth_1.getUsersFromToken)(headers.authorization, db, accessToken, authMap);
             const auth = new authCtor(authUsers);
             result = await controller(ctx, db, auth);
             await tx.commit();

package/dist/router/router.types.d.ts

@@ -1,5 +1,5 @@
-import { BaseAuth, AccessToken } from '../authentication';
-import type { AuthMap, AuthUsers, AuthCtor } from '../authentication/authentication.types';
+import { BaseAuth, AccessToken } from '../auth';
+import type { AuthMap, AuthUsers, AuthCtor } from '../auth/auth.types';
 import type { RouteValidator } from '../validator/validator.types';
 export type Middleware = (req: Req, res: Res, next: Next) => void;
 export type Controller<V extends RouteValidator, AM extends AuthMap, BA extends BaseAuth<AM>> = (ctx: Ctx<V>, db: Db, auth: BA) => unknown;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "pangea-server",
   "description": "",
-  "version": "3.3.1",
+  "version": "3.3.3",
   "files": [
     "dist"
   ],