prostgles-server 4.2.270 → 4.2.272

package/lib/Auth/getClientAuth.ts

@@ -5,25 +5,43 @@ import {
   CHANNELS,
   getObjectEntries,
   isEmpty,
+  isObject,
 } from "prostgles-types";
-import { AuthClientRequest, LoginWithOAuthConfig, AuthResultWithSID } from "./AuthTypes";
+import {
+  AuthClientRequest,
+  LoginWithOAuthConfig,
+  AuthResultWithSID,
+  type AuthResult,
+} from "./AuthTypes";
 import { AUTH_ROUTES_AND_PARAMS, AuthHandler } from "./AuthHandler";
 
 export async function getClientAuth(
   this: AuthHandler,
   clientReq: AuthClientRequest
-): Promise<{ auth: AuthSocketSchema; userData: AuthResultWithSID }> {
+): Promise<{ auth: AuthSocketSchema; userData: AuthResultWithSID } | "new-session-redirect"> {
   let pathGuard = false;
-  if (
-    this.opts.loginSignupConfig?.publicRoutes &&
-    !this.opts.loginSignupConfig.disableSocketAuthGuard
-  ) {
+  const {
+    loginWithOAuth,
+    signupWithEmail: signupWithEmailAndPassword,
+    localLoginMode,
+    login,
+    publicRoutes,
+    disableSocketAuthGuard,
+  } = this.opts.loginSignupConfig ?? {};
+
+  if (publicRoutes && !disableSocketAuthGuard) {
     pathGuard = true;
 
     /**
      * Due to SPA nature of some clients, we need to check if the connected client ends up on a protected route
      */
     if (clientReq.socket) {
+      const getUserFromRequest = async (clientReq: AuthClientRequest): Promise<AuthResult> => {
+        const sidAndUser = await this.getSidAndUserFromRequest(clientReq);
+        if (isObject(sidAndUser) && sidAndUser.sid && sidAndUser.user) {
+          return sidAndUser;
+        }
+      };
       const { socket } = clientReq;
       socket.removeAllListeners(CHANNELS.AUTHGUARD);
       socket.on(
@@ -48,7 +66,7 @@ export async function getClientAuth(
               pathname &&
               typeof pathname === "string" &&
               this.isUserRoute(pathname) &&
-              !(await this.getUserFromRequest({ socket }))
+              !(await getUserFromRequest({ socket }))
             ) {
               cb(null, { shouldReload: true });
             } else {
@@ -64,13 +82,9 @@ export async function getClientAuth(
   }
 
   const userData = await this.getSidAndUserFromRequest(clientReq);
-  const {
-    loginWithOAuth,
-    signupWithEmail: signupWithEmailAndPassword,
-    localLoginMode,
-    login,
-  } = this.opts.loginSignupConfig ?? {};
-
+  if (userData === "new-session-redirect") {
+    return userData;
+  }
   const auth: AuthSocketSchema = {
     providers: getOAuthProviders(loginWithOAuth),
     signupWithEmailAndPassword: signupWithEmailAndPassword && {

package/lib/Auth/login.ts

@@ -1,6 +1,6 @@
 import { DBOFullyTyped } from "../DBSchemaBuilder";
 import { AuthHandler, getClientRequestIPsInfo, HTTP_FAIL_CODES } from "./AuthHandler";
-import { ExpressReq, LoginParams } from "./AuthTypes";
+import { ExpressReq, LoginParams, type BasicSession } from "./AuthTypes";
 import { LoginResponseHandler } from "./endpoints/setLoginRequestHandler";
 import { throttledAuthCall } from "./utils/throttledReject";
 
@@ -30,22 +30,9 @@ export async function login(
       return result;
     }
 
-    const { sid, expires } = result.session;
-    if (!sid) {
-      console.error("Invalid sid");
-      return "server-error";
-    }
-    if (sid && (typeof sid !== "string" || typeof expires !== "number")) {
-      console.error(
-        "Bad login result type. \nExpecting: undefined | null | { sid: string; expires: number }"
-      );
-      return "server-error";
-    }
-    if (expires < Date.now()) {
-      console.error(
-        "auth.login() is returning an expired session. Can only login with a session.expires greater than Date.now()"
-      );
-      return "server-error";
+    const sessionErrorCode = getBasicSessionErrorCode(result.session);
+    if (sessionErrorCode) {
+      return sessionErrorCode;
     }
 
     return result;
@@ -76,3 +63,23 @@ export async function login(
   }
   this.setCookieAndGoToReturnURLIFSet(loginResponse.session, { req, res });
 }
+
+export const getBasicSessionErrorCode = (session: Pick<BasicSession, "expires" | "sid">) => {
+  const { sid, expires } = session;
+  if (!sid) {
+    console.error("Invalid sid");
+    return "server-error";
+  }
+  if (sid && (typeof sid !== "string" || typeof expires !== "number")) {
+    console.error(
+      "Bad login result type. \nExpecting: undefined | null | { sid: string; expires: number }"
+    );
+    return "server-error";
+  }
+  if (expires < Date.now()) {
+    console.error(
+      "auth.login() is returning an expired session. Can only login with a session.expires greater than Date.now()"
+    );
+    return "server-error";
+  }
+};

package/lib/Auth/setupAuthRoutes.ts

@@ -42,17 +42,23 @@ export function setupAuthRoutes(this: AuthHandler) {
   if (onUseOrSocketConnected) {
     const prostglesUseMiddleware: RequestHandler = async (req, res, next) => {
       const reqInfo = { httpReq: req, res };
-      const errorInfo = await onUseOrSocketConnected(
+      const errorInfoOrSession = await onUseOrSocketConnected(
         this.getSIDNoError(reqInfo),
         getClientRequestIPsInfo(reqInfo),
         reqInfo
       );
 
-      if (errorInfo) {
-        const { error, httpCode } = errorInfo;
+      if (errorInfoOrSession && "error" in errorInfoOrSession) {
+        const { error, httpCode } = errorInfoOrSession;
         res.status(httpCode).json({ error });
         return;
       }
+
+      if (errorInfoOrSession && "session" in errorInfoOrSession) {
+        const { session } = errorInfoOrSession;
+        this.validateSessionAndSetCookie(session, { req, res });
+        return;
+      }
       next();
     };
     upsertNamedExpressMiddleware(app, prostglesUseMiddleware, "prostglesonUseOrSocketConnected");
@@ -66,6 +72,9 @@ export function setupAuthRoutes(this: AuthHandler) {
         next,
         getUser: async () => {
           const userOrErr = await this.getUserOrError({ httpReq: req, res });
+          if (userOrErr === "new-session-redirect") {
+            throw "new-session-redirect";
+          }
           if (userOrErr.error) {
             res.status(HTTP_FAIL_CODES.BAD_REQUEST).json(userOrErr.error);
             throw userOrErr.error;

package/lib/Auth/utils/getSidAndUserFromRequest.ts

@@ -1,22 +1,25 @@
+import { isObject } from "prostgles-types";
 import { DBOFullyTyped } from "../../DBSchemaBuilder";
 import { AuthHandler, getClientRequestIPsInfo } from "../AuthHandler";
 import { AuthClientRequest, AuthResultWithSID } from "../AuthTypes";
 import { throttledAuthCall } from "./throttledReject";
+import type { GetUserOrRedirected } from "./handleGetUser";
 
 /**
  * For a given sid return the user data if available using the auth handler's getUser method.
  * Use socket session cache if configured in Auth
+ * Used in Publish Parser and AuthHandler
  */
 export async function getSidAndUserFromRequest(
   this: AuthHandler,
   clientReq: AuthClientRequest
-): Promise<AuthResultWithSID> {
+): Promise<GetUserOrRedirected> {
   /**
    * Get cached session if available
    */
   const getSessionForCaching = this.opts.cacheSession?.getSession;
   if (clientReq.socket && getSessionForCaching && clientReq.socket.__prglCache) {
-    const { session, ...userData } = clientReq.socket.__prglCache;
+    const { session, userData } = clientReq.socket.__prglCache;
     const isValid = this.isNonExpiredSocketSession(clientReq.socket, session);
     if (isValid) {
       return {
@@ -33,45 +36,51 @@ export async function getSidAndUserFromRequest(
    * Get sid from request and fetch user data
    */
   const authStart = Date.now();
-  const result = await throttledAuthCall(async () => {
-    const { getUser } = this.opts;
+  // const result = await throttledAuthCall(async () => {
+  //   const clientInfoOrErr = await this.opts.getUser(
+  //     this.getValidatedSid(clientReq),
+  //     this.dbo as DBOFullyTyped,
+  //     this.db,
+  //     getClientRequestIPsInfo(clientReq),
+  //     clientReq
+  //   );
+  //   if (clientInfoOrErr && (typeof clientInfoOrErr === "string" || "success" in clientInfoOrErr))
+  //     throw clientInfoOrErr;
+  //   const clientInfo = clientInfoOrErr;
 
-    const sid = this.getSID(clientReq);
-    const clientInfoOrErr =
-      !sid ? undefined : (
-        await getUser(
-          sid,
-          this.dbo as DBOFullyTyped,
-          this.db,
-          getClientRequestIPsInfo(clientReq),
-          clientReq
-        )
-      );
-    if (clientInfoOrErr && (typeof clientInfoOrErr === "string" || "success" in clientInfoOrErr))
-      throw clientInfoOrErr;
-    const clientInfo = clientInfoOrErr;
-    if (getSessionForCaching && clientReq.socket && sid) {
-      const session = await getSessionForCaching(sid, this.dbo as DBOFullyTyped, this.db);
-      if (session && session.expires && clientInfo?.user) {
-        clientReq.socket.__prglCache = {
-          ...clientInfo,
-          session,
-        };
-      }
-    }
+  //   if (clientInfo && "type" in clientInfo) {
+  //     if (!("httpReq" in clientReq) || !clientReq.httpReq) throw "httpReq missing";
+  //     const { httpReq, res } = clientReq;
+  //     this.setCookieAndGoToReturnURLIFSet(clientInfo.session, { req: httpReq, res });
+  //     return;
+  //   }
 
-    if (clientInfo?.user && sid) {
-      return { sid, ...clientInfo };
-    }
+  //   const sid = this.getValidatedSid(clientReq);
+  //   if (getSessionForCaching && clientReq.socket && sid) {
+  //     const session = await getSessionForCaching(sid, this.dbo as DBOFullyTyped, this.db);
+  //     if (session && session.expires && clientInfo?.user) {
+  //       clientReq.socket.__prglCache = {
+  //         userData: clientInfo,
+  //         session,
+  //       };
+  //     }
+  //   }
 
-    return { sid, preferredLogin: !clientInfo?.user ? clientInfo?.preferredLogin : undefined };
-  }, 100);
+  //   if (clientInfo?.user && sid) {
+  //     return { sid, ...clientInfo };
+  //   }
 
+  //   return { sid, preferredLogin: !clientInfo?.user ? clientInfo?.preferredLogin : undefined };
+  // }, 100);
+  const result = await this.handleGetUser(clientReq);
+  if (isObject(result) && result.error) {
+    throw result.error;
+  }
   await this.prostgles.opts.onLog?.({
     type: "auth",
     command: "getClientInfo",
     duration: Date.now() - authStart,
-    sid: result.sid,
+    sid: isObject(result) ? result.sid : undefined,
     socketId: clientReq.socket?.id,
   });
   return result;

package/lib/Auth/utils/getUserOrError.ts

@@ -0,0 +1,56 @@
+import { AuthResponse } from "prostgles-types";
+import { DBOFullyTyped } from "../../DBSchemaBuilder";
+import type { AuthHandler } from "../AuthHandler";
+import { AuthClientRequest, AuthResultWithSID } from "../AuthTypes";
+import { getClientRequestIPsInfo } from "../utils/getClientRequestIPsInfo";
+import { isAuthError, type GetUserOrRedirected } from "./handleGetUser";
+import { throttledAuthCall } from "./throttledReject";
+
+/**
+ * Used by:
+ *  - setCatchAllRequestHandler
+ *  - loginSignupConfig.use
+ */
+export async function getUserOrError(
+  this: AuthHandler,
+  clientReq: AuthClientRequest
+): Promise<GetUserOrRedirected> {
+  // const sid = this.getValidatedSid(clientReq);
+  // if (!sid) return { sid };
+
+  try {
+    // const userOrErrorCode = await throttledAuthCall(async () => {
+    //   return this.opts.getUser(
+    //     this.validateSid(sid),
+    //     this.dbo as DBOFullyTyped,
+    //     this.db,
+    //     getClientRequestIPsInfo(clientReq),
+    //     clientReq
+    //   );
+    // }, 50);
+
+    // if (isAuthError(userOrErrorCode)) {
+    //   const error: AuthResponse.AuthFailure | undefined =
+    //     typeof userOrErrorCode === "string" ?
+    //       { success: false, code: userOrErrorCode }
+    //     : userOrErrorCode;
+
+    //   return {
+    //     sid,
+    //     error,
+    //   };
+    // }
+    // if (sid && userOrErrorCode?.user) {
+    //   return { sid, ...userOrErrorCode };
+    // }
+    // return {
+    //   sid,
+    // };
+    return this.handleGetUser(clientReq);
+  } catch (_err) {
+    return {
+      sid: this.getValidatedSid(clientReq),
+      error: { success: false, code: "server-error" },
+    };
+  }
+}

package/lib/Auth/utils/handleGetUser.ts

@@ -0,0 +1,63 @@
+import { AuthResponse, isObject } from "prostgles-types";
+import type { DBOFullyTyped } from "../../DBSchemaBuilder";
+import { getClientRequestIPsInfo, type AuthHandler } from "../AuthHandler";
+import type { AuthClientRequest, AuthResultOrError, AuthResultWithSID } from "../AuthTypes";
+import { throttledAuthCall } from "./throttledReject";
+
+export type GetUserOrRedirected = AuthResultWithSID | "new-session-redirect";
+
+export async function handleGetUserThrottled(
+  this: AuthHandler,
+  clientReq: AuthClientRequest
+): Promise<GetUserOrRedirected> {
+  const getSessionForCaching = this.opts.cacheSession?.getSession;
+  const result = await throttledAuthCall(async () => {
+    const clientInfoOrErr = await this.opts.getUser(
+      this.getValidatedSid(clientReq),
+      this.dbo as DBOFullyTyped,
+      this.db,
+      getClientRequestIPsInfo(clientReq),
+      clientReq
+    );
+    if (isAuthError(clientInfoOrErr)) {
+      return {
+        error:
+          isObject(clientInfoOrErr) ? clientInfoOrErr : { success: false, code: clientInfoOrErr },
+        sid: this.getValidatedSid(clientReq),
+      } satisfies AuthResultWithSID;
+    }
+    const clientInfo = clientInfoOrErr;
+
+    if (clientInfo && "type" in clientInfo) {
+      if (!("httpReq" in clientReq) || !clientReq.httpReq)
+        throw "httpReq missing. new-session not implemented for sockets.";
+      const { httpReq, res } = clientReq;
+      this.validateSessionAndSetCookie(clientInfo.session, { req: httpReq, res });
+      return "new-session-redirect" as const;
+    }
+
+    const sid = this.getValidatedSid(clientReq);
+    if (getSessionForCaching && clientReq.socket && sid) {
+      const session = await getSessionForCaching(sid, this.dbo as DBOFullyTyped, this.db);
+      if (session && session.expires && clientInfo?.user) {
+        clientReq.socket.__prglCache = {
+          userData: clientInfo,
+          session,
+        };
+      }
+    }
+
+    if (clientInfo?.user && sid) {
+      return { sid, ...clientInfo };
+    }
+
+    return { sid, preferredLogin: !clientInfo?.user ? clientInfo?.preferredLogin : undefined };
+  }, 100);
+  return result;
+}
+
+export const isAuthError = (
+  dataOrError: AuthResultOrError
+): dataOrError is AuthResponse.AuthFailure["code"] | AuthResponse.AuthFailure => {
+  return Boolean(typeof dataOrError === "string" || (dataOrError && "success" in dataOrError));
+};

package/lib/DboBuilder/DboBuilderTypes.ts

@@ -168,7 +168,8 @@ export type PRGLIOSocket = {
   };
 
   /** Used for session caching */
-  __prglCache?: SessionUser & {
+  __prglCache?: {
+    userData: Omit<SessionUser, "session">;
     session: BasicSession;
   };
 

package/lib/Prostgles.ts

@@ -32,6 +32,7 @@ import {
   CHANNELS,
   ClientSchema,
   SQLRequest,
+  includes,
   isObject,
   omitKeys,
   tryCatchV2,
@@ -366,6 +367,9 @@ export class Prostgles {
         : { type: "http" as const, ...clientReq };
 
       const userData = await this.authHandler?.getSidAndUserFromRequest(clientInfo);
+      if (userData === "new-session-redirect") {
+        throw "new-session-redirect";
+      }
       const { publishParser } = this;
       let fullSchema: Awaited<ReturnType<PublishParser["getSchemaFromPublish"]>> | undefined;
       let publishValidationError;
@@ -426,6 +430,9 @@ export class Prostgles {
             });
 
       const authInfo = await this.authHandler?.getClientAuth(clientReq);
+      if (authInfo === "new-session-redirect") {
+        throw "new-session-redirect";
+      }
 
       const clientSchema: ClientSchema = {
         schema,

package/lib/PublishParser/PublishParser.ts

@@ -10,12 +10,11 @@ import { getTableRulesWithoutFileTable } from "./getTableRulesWithoutFileTable";
 import {
   DboTable,
   DboTableCommand,
-  ParsedPublishTable,
+  ParsedTableRule,
   PublishMethods,
   type PublishObject,
   PublishParams,
   RULE_TO_METHODS,
-  ParsedTableRule,
   parsePublishTableRule,
 } from "./publishTypesAndUtils";
 
@@ -43,9 +42,14 @@ export class PublishParser {
     clientReq: AuthClientRequest,
     clientInfo: AuthResultWithSID | undefined
   ): Promise<PublishParams> {
+    const _clientInfo =
+      clientInfo ?? (await this.prostgles.authHandler?.getSidAndUserFromRequest(clientReq));
+    if (_clientInfo === "new-session-redirect") {
+      throw "new-session-redirect";
+    }
     return {
       sid: undefined,
-      ...(clientInfo ?? (await this.prostgles.authHandler?.getSidAndUserFromRequest(clientReq))),
+      ..._clientInfo,
       dbo: this.dbo as DBOFullyTyped,
       db: this.db,
       clientReq,
@@ -109,6 +113,9 @@ export class PublishParser {
   }: DboTableCommand): Promise<ParsedTableRule> {
     const clientInfo =
       clientReq && (await this.prostgles.authHandler?.getSidAndUserFromRequest(clientReq));
+    if (clientInfo === "new-session-redirect") {
+      throw "new-session-redirect";
+    }
     const rules = await this.getValidatedRequestRule({ tableName, command, clientReq }, clientInfo);
     return rules;
   }
@@ -159,13 +166,14 @@ export class PublishParser {
       }
     }
 
-    if (tableRule[rtm.rule]) {
-      return tableRule;
-    } else
+    if (!tableRule[rtm.rule]) {
       throw {
         stack: ["getValidatedRequestRule()"],
         message: `Invalid or disallowed command: ${tableName}.${command}`,
       };
+    }
+
+    return tableRule;
   }
 
   async getTableRules(