prostgles-server 4.2.369 → 4.2.371

package/lib/Auth/endpoints/setMagicLinkOrOTPRequestHandler.ts

@@ -1,18 +1,12 @@
 import type e from "express";
 import { type Response } from "express";
+import type { AuthResponse } from "prostgles-types";
 import type { DBOFullyTyped } from "../../DBSchemaBuilder/DBSchemaBuilder";
-import type {
-  AuthHandler} from "../AuthHandler";
-import {
-  AUTH_ROUTES_AND_PARAMS,
-  getClientRequestIPsInfo,
-  HTTP_FAIL_CODES,
-  HTTP_SUCCESS_CODES,
-} from "../AuthHandler";
+import type { AuthHandler } from "../AuthHandler";
+import { getClientRequestIPsInfo, HTTP_FAIL_CODES, HTTP_SUCCESS_CODES } from "../AuthHandler";
 import type { ExpressReq, LoginSignupConfig, MagicLinkOrOTPData, SessionUser } from "../AuthTypes";
 import { throttledAuthCall } from "../utils/throttledReject";
 import type { LoginResponse } from "./setLoginRequestHandler";
-import type { AuthResponse } from "prostgles-types";
 
 type MagicLinkResponseHandler = Response<
   | LoginResponse
@@ -56,24 +50,24 @@ export function setMagicLinkOrOTPRequestHandler(
     }
   };
 
-  app.get(AUTH_ROUTES_AND_PARAMS.magicLinkWithId, (req, res: MagicLinkResponseHandler) => {
+  app.get(this.authRoutes.magicLinkWithId, (req, res: MagicLinkResponseHandler) => {
     const { id } = req.params;
 
     if (typeof id !== "string" || !id) {
-      res
+      return res
         .status(HTTP_FAIL_CODES.BAD_REQUEST)
         .json({ success: false, code: "invalid-magic-link", message: "Invalid magic link" });
     }
     return handler(req, res, { type: "magic-link", id, returnToken: false });
   });
 
-  app.get(AUTH_ROUTES_AND_PARAMS.magicLinks, (req, res: MagicLinkResponseHandler) => {
+  app.get(this.authRoutes.magicLinks, (req, res: MagicLinkResponseHandler) => {
     const data = parseMagicLinkOrOTPData(res, req.query);
     if (!data) return;
     return handler(req, res, data);
   });
 
-  app.post(AUTH_ROUTES_AND_PARAMS.magicLinks, (req, res: MagicLinkResponseHandler) => {
+  app.post(this.authRoutes.magicLinks, (req, res: MagicLinkResponseHandler) => {
     const data = parseMagicLinkOrOTPData(res, req.body);
     if (!data) return;
     return handler(req, res, data);

package/lib/Auth/endpoints/setOAuthRequestHandlers.ts

@@ -8,7 +8,7 @@ import { getObjectEntries, isEmpty } from "prostgles-types";
 import { getErrorAsObject } from "../../DboBuilder/dboBuilderUtils";
 import type { DBOFullyTyped } from "../../DBSchemaBuilder/DBSchemaBuilder";
 import type { AuthHandler } from "../AuthHandler";
-import { AUTH_ROUTES_AND_PARAMS, HTTP_FAIL_CODES } from "../AuthHandler";
+import { HTTP_FAIL_CODES } from "../AuthHandler";
 import type { AuthProviderUserData, LoginWithOAuthConfig } from "../AuthTypes";
 import { getClientRequestIPsInfo } from "../utils/getClientRequestIPsInfo";
 import { upsertNamedExpressMiddleware } from "../utils/upsertNamedExpressMiddleware";
@@ -40,7 +40,7 @@ export function setOAuthRequestHandlers(
       : providerName === "facebook" ? FacebookStrategy
       : providerName === "customOAuth" ? OAuth2Strategy
       : MicrosoftStrategy;
-    const callbackPath = `${AUTH_ROUTES_AND_PARAMS.loginWithProvider}/${providerName}/callback`;
+    const callbackPath = `${this.authRoutes.loginWithProvider}/${providerName}/callback`;
     passport.use(
       new (strategy as typeof GoogleStrategy)(
         {
@@ -54,7 +54,7 @@ export function setOAuthRequestHandlers(
       )
     );
 
-    const authPath = `${AUTH_ROUTES_AND_PARAMS.loginWithProvider}/${providerName}`;
+    const authPath = `${this.authRoutes.loginWithProvider}/${providerName}`;
     app.get(authPath, passport.authenticate(providerName, authOpts ?? {}));
 
     app.get(callbackPath, async (req, res: LoginResponseHandler) => {

package/lib/Auth/endpoints/setRegisterRequestHandler.ts

@@ -1,7 +1,7 @@
-import type { Request, Response } from "express";
 import type e from "express";
+import type { Request, Response } from "express";
 import type { AuthResponse } from "prostgles-types";
-import { AUTH_ROUTES_AND_PARAMS, HTTP_FAIL_CODES } from "../AuthHandler";
+import { HTTP_FAIL_CODES, type AuthHandler } from "../AuthHandler";
 import { getMagicLinkUrl, type SignupWithEmail } from "../AuthTypes";
 import { getClientRequestIPsInfo } from "../utils/getClientRequestIPsInfo";
 import { parseLoginData } from "./setLoginRequestHandler";
@@ -14,10 +14,11 @@ type ReturnType =
 
 type RegisterResponseHandler = Response<ReturnType>;
 
-export const setRegisterRequestHandler = (
+export function setRegisterRequestHandler(
+  this: AuthHandler,
   { onRegister, minPasswordLength = 8, requirePassword }: SignupWithEmail,
   app: e.Express
-) => {
+) {
   const registerRequestHandler = async (req: Request, res: RegisterResponseHandler) => {
     const [error, data] = parseLoginData(req.body);
     if (error || !data) {
@@ -51,7 +52,11 @@ export const setRegisterRequestHandler = (
         email: username,
         password,
         getConfirmationUrl: ({ code, websiteUrl }) =>
-          getMagicLinkUrl(websiteUrl, { type: "otp", code, email: username, returnToken: false }),
+          getMagicLinkUrl({
+            loginSignupConfig: this.opts.loginSignupConfig,
+            websiteUrl,
+            data: { type: "otp", code, email: username, returnToken: false },
+          }),
         clientInfo,
         req,
       });
@@ -66,5 +71,5 @@ export const setRegisterRequestHandler = (
     }
   };
 
-  app.post(AUTH_ROUTES_AND_PARAMS.emailRegistration, registerRequestHandler);
-};
+  app.post(this.authRoutes.emailRegistration, registerRequestHandler);
+}

package/lib/Auth/getClientAuth.ts

@@ -1,22 +1,12 @@
 import type {
   AuthGuardLocation,
   AuthGuardLocationResponse,
-  AuthSocketSchema} from "prostgles-types";
-import {
-  CHANNELS,
-  getObjectEntries,
-  isEmpty,
-  isObject,
+  AuthSocketSchema,
 } from "prostgles-types";
-import type {
-  AuthClientRequest,
-  LoginWithOAuthConfig,
-  AuthResultWithSID} from "./AuthTypes";
-import {
-  type AuthResult,
-} from "./AuthTypes";
+import { CHANNELS, getObjectEntries, isEmpty, isObject } from "prostgles-types";
 import type { AuthHandler } from "./AuthHandler";
-import { AUTH_ROUTES_AND_PARAMS } from "./AuthHandler";
+import type { AuthClientRequest, AuthConfig, AuthResultWithSID } from "./AuthTypes";
+import { type AuthResult } from "./AuthTypes";
 
 export async function getClientAuth(
   this: AuthHandler,
@@ -89,11 +79,10 @@ export async function getClientAuth(
     return userData;
   }
   const auth: AuthSocketSchema = {
-    //@ts-ignore
-    providers: getOAuthProviders(loginWithOAuth),
+    providers: getOAuthProviders(this, loginWithOAuth),
     signupWithEmailAndPassword: signupWithEmail && {
       minPasswordLength: signupWithEmail.minPasswordLength ?? 8,
-      url: AUTH_ROUTES_AND_PARAMS.emailRegistration,
+      url: this.authRoutes.emailRegistration,
     },
     preferredLogin: userData.preferredLogin,
     user: userData.clientUser,
@@ -104,7 +93,8 @@ export async function getClientAuth(
 }
 
 const getOAuthProviders = (
-  loginWithOAuth: LoginWithOAuthConfig<any> | undefined
+  authHandler: AuthHandler,
+  loginWithOAuth: NonNullable<AuthConfig["loginSignupConfig"]>["loginWithOAuth"]
 ): AuthSocketSchema["providers"] | undefined => {
   if (!loginWithOAuth) return undefined;
   const { OAuthProviders } = loginWithOAuth;
@@ -114,7 +104,7 @@ const getOAuthProviders = (
   getObjectEntries(OAuthProviders).forEach(([providerName, config]) => {
     if (config?.clientID) {
       result[providerName] = {
-        url: `${AUTH_ROUTES_AND_PARAMS.loginWithProvider}/${providerName}`,
+        url: `${authHandler.authRoutes.loginWithProvider}/${providerName}`,
         ...(providerName === "customOAuth" && {
           displayName: OAuthProviders.customOAuth?.displayName,
           displayIconPath: OAuthProviders.customOAuth?.displayIconPath,

package/lib/Auth/login.ts

@@ -1,8 +1,8 @@
 import type { DBOFullyTyped } from "../DBSchemaBuilder/DBSchemaBuilder";
-import type { AuthHandler} from "./AuthHandler";
+import type { AuthHandler } from "./AuthHandler";
 import { getClientRequestIPsInfo, HTTP_FAIL_CODES } from "./AuthHandler";
-import type { ExpressReq, LoginParams} from "./AuthTypes";
-import { type BasicSession } from "./AuthTypes";
+import type { ExpressReq, LoginParams } from "./AuthTypes";
+import { getMagicLinkUrl, type BasicSession } from "./AuthTypes";
 import type { LoginResponseHandler } from "./endpoints/setLoginRequestHandler";
 import { throttledAuthCall } from "./utils/throttledReject";
 
@@ -25,7 +25,13 @@ export async function login(
       loginParams,
       this.dbo as DBOFullyTyped,
       this.db,
-      getClientRequestIPsInfo({ httpReq: req })
+      getClientRequestIPsInfo({ httpReq: req }),
+      (data, websiteUrl) =>
+        getMagicLinkUrl({
+          loginSignupConfig: this.opts.loginSignupConfig,
+          websiteUrl,
+          data,
+        })
     );
 
     if (typeof result === "string" || !result.session) {

package/lib/Auth/setupAuthRoutes.ts

@@ -1,5 +1,5 @@
 import type { RequestHandler } from "express";
-import type { AuthHandler} from "./AuthHandler";
+import type { AuthHandler } from "./AuthHandler";
 import { getClientRequestIPsInfo } from "./AuthHandler";
 import { setCatchAllRequestHandler } from "./endpoints/setCatchAllRequestHandler";
 import { setLoginRequestHandler } from "./endpoints/setLoginRequestHandler";
@@ -31,7 +31,7 @@ export function setupAuthRoutes(this: AuthHandler) {
   }
 
   if (signupWithEmail) {
-    setRegisterRequestHandler(signupWithEmail, app);
+    setRegisterRequestHandler.bind(this)(signupWithEmail, app);
   }
 
   if (loginWithOAuth) {

package/lib/Auth/utils/getReturnUrl.ts

@@ -1,13 +1,12 @@
-import { AUTH_ROUTES_AND_PARAMS } from "../AuthHandler";
+import { AUTH_RETURN_URL_PARAM_NAME } from "../AuthHandler";
 import type { ExpressReq } from "../AuthTypes";
 import { getSafeReturnURL } from "./getSafeReturnURL";
 
 export const getReturnUrl = (req: ExpressReq) => {
-  const { returnUrlParamName } = AUTH_ROUTES_AND_PARAMS;
-  if (req.query[returnUrlParamName]) {
-    const returnURL = decodeURIComponent(req.query[returnUrlParamName] as string);
+  if (req.query[AUTH_RETURN_URL_PARAM_NAME]) {
+    const returnURL = decodeURIComponent(req.query[AUTH_RETURN_URL_PARAM_NAME] as string);
 
-    return getSafeReturnURL(returnURL, returnUrlParamName);
+    return getSafeReturnURL(returnURL, AUTH_RETURN_URL_PARAM_NAME);
   }
   return null;
 };

package/lib/Auth/utils/setCookieAndGoToReturnURLIFSet.ts

@@ -1,4 +1,4 @@
-import { AUTH_ROUTES_AND_PARAMS, HTTP_FAIL_CODES, type AuthHandler } from "../AuthHandler";
+import { AUTH_RETURN_URL_PARAM_NAME, HTTP_FAIL_CODES, type AuthHandler } from "../AuthHandler";
 import type { ExpressReq } from "../AuthTypes";
 import type { LoginResponseHandler } from "../endpoints/setLoginRequestHandler";
 import { getBasicSessionErrorCode } from "../login";
@@ -63,16 +63,8 @@ export function setCookieAndGoToReturnURLIFSet(
   if (safeReturnUrl) {
     return res.redirect(safeReturnUrl);
   }
-  const safeOriginalUrl = getSafeReturnURL(
-    req.originalUrl,
-    AUTH_ROUTES_AND_PARAMS.returnUrlParamName
-  );
-  if (
-    safeOriginalUrl &&
-    ![AUTH_ROUTES_AND_PARAMS.magicLinks].some((authRoute) =>
-      matchesRoute(authRoute, safeOriginalUrl)
-    )
-  ) {
+  const safeOriginalUrl = getSafeReturnURL(req.originalUrl, AUTH_RETURN_URL_PARAM_NAME);
+  if (safeOriginalUrl && !matchesRoute(this.authRoutes.magicLinks, safeOriginalUrl)) {
     return res.redirect(safeOriginalUrl);
   }
   return res.redirect("/");

package/lib/PublishParser/publishTypesAndUtils.ts

@@ -1,9 +1,11 @@
-import {
-  RULE_METHODS,
-  type MethodFullDef,
-} from "prostgles-types";
+import { RULE_METHODS, type MethodFullDef } from "prostgles-types";
 import type { DBOFullyTyped, PublishFullyTyped } from "../DBSchemaBuilder/DBSchemaBuilder";
-import type { CommonTableRules, Filter, LocalParams, TableOrViewInfo } from "../DboBuilder/DboBuilder";
+import type {
+  CommonTableRules,
+  Filter,
+  LocalParams,
+  TableOrViewInfo,
+} from "../DboBuilder/DboBuilder";
 import type { DB, DBHandlerServer } from "../Prostgles";
 
 export type PublishMethods<S = void, SUser extends SessionUser = SessionUser> = (
@@ -143,12 +145,15 @@ export const RULE_TO_METHODS = [
   },
 ] as const;
 
-import type { FieldFilter, SelectParams ,
+import type {
+  FieldFilter,
+  SelectParams,
   AnyObject,
   DBSchema,
   FullFilter,
   Method,
-  TableInfo} from "prostgles-types";
+  TableInfo,
+} from "prostgles-types";
 import type { AuthClientRequest, SessionUser } from "../Auth/AuthTypes";
 import type { TableSchemaColumn } from "../DboBuilder/DboBuilderTypes";
 import type { ClientHandlers } from "../WebsocketAPI/getClientHandlers";

package/lib/WebsocketAPI/getClientHandlers.ts

@@ -14,14 +14,15 @@ import { runClientMethod, runClientRequest, runClientSqlRequest } from "../runCl
 import { getClientSchema } from "./getClientSchema";
 import type { PermissionScope } from "../PublishParser/publishTypesAndUtils";
 
+export type ClientHandlers<S = void> = {
+  clientDb: DBOFullyTyped<S, false>;
+  clientMethods: Record<string, Method>;
+};
 export const getClientHandlers = async <S = void>(
   prostgles: Prostgles,
   clientReq: AuthClientRequest,
   scope: PermissionScope | undefined
-): Promise<{
-  clientDb: DBOFullyTyped<S, false>;
-  clientMethods: Record<string, Method>;
-}> => {
+): Promise<ClientHandlers> => {
   const clientSchema =
     clientReq.socket?.prostgles ?? (await getClientSchema.bind(prostgles)(clientReq, scope));
   const sql: SQLHandler | undefined = ((query: string, params?: unknown, options?: SQLOptions) =>
@@ -82,7 +83,6 @@ export const getClientHandlers = async <S = void>(
 
   return { clientDb, clientMethods };
 };
-export type ClientHandlers<S = void> = Awaited<ReturnType<typeof getClientHandlers<S>>>;
 
 const viewMethods = getKeys({
   count: 1,

package/lib/runClientRequest.ts

@@ -11,7 +11,11 @@ import type { TableHandler as TableHandlerServer } from "./DboBuilder/TableHandl
 import { parseFieldFilter } from "./DboBuilder/ViewHandler/parseFieldFilter";
 import { canRunSQL } from "./DboBuilder/runSQL";
 import type { Prostgles } from "./Prostgles";
-import type { ParsedTableRule } from "./PublishParser/publishTypesAndUtils";
+import type {
+  Awaitable,
+  ParsedTableRule,
+  PublishParams,
+} from "./PublishParser/publishTypesAndUtils";
 import { type PermissionScope } from "./PublishParser/publishTypesAndUtils";
 
 const TABLE_METHODS = {
@@ -162,7 +166,11 @@ export const clientCanRunSqlRequest = async function (
       throw "authHandler missing";
     }
     const publishParams = await this.publishParser?.getPublishParams(clientReq, undefined);
-    const allowedToRunSQL = publishParams && (await this.opts.publishRawSQL?.(publishParams));
+    const allowedToRunSQL =
+      publishParams &&
+      (await (
+        this.opts.publishRawSQL as undefined | ((params: PublishParams) => Awaitable<boolean | "*">)
+      )?.(publishParams));
     return allowedToRunSQL === true || allowedToRunSQL === "*";
   };
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prostgles-server",
-  "version": "4.2.369",
+  "version": "4.2.371",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",