proteum 1.0.2 → 2.0.0-1

package/server/services/auth/index.ts

@@ -8,12 +8,9 @@ import type express from 'express';
 import type http from 'http';
 
 // Core
-import { Application } from '@server/app';
+import type { Application } from '@server/app/index';
 import Service from '@server/app/service';
-import type { TAnyRouter } from '@server/services/router';
-import { 
-    default as Router, Request as ServerRequest,
-} from '@server/services/router';
+import { type TAnyRouter, Request as ServerRequest } from '@server/services/router';
 import { InputError, AuthRequired, Forbidden } from '@common/errors';
 
 /*----------------------------------
@@ -44,18 +41,12 @@ declare global {
      * - If the app does not define a feature catalog, this defaults to `string`.
      * - Otherwise it becomes the string keys of `ProteumAuthFeatureCatalog`.
      */
-    type FeatureKeys = (
-        keyof ProteumAuthFeatureCatalog extends never
-            ? string
-            : Extract<keyof ProteumAuthFeatureCatalog, string>
-    );
+    type FeatureKeys = keyof ProteumAuthFeatureCatalog extends never
+        ? string
+        : Extract<keyof ProteumAuthFeatureCatalog, string>;
 }
 
-export type TUserRole = (
-    typeof UserRoles[number]
-    |
-    Extract<keyof ProteumAuthRoleCatalog, string>
-);
+export type TUserRole = (typeof UserRoles)[number] | Extract<keyof ProteumAuthRoleCatalog, string>;
 
 export type THttpRequest = express.Request | http.IncomingMessage;
 
@@ -65,40 +56,37 @@ export type TFeatureKey = FeatureKeys;
 - CONFIG
 ----------------------------------*/
 
-const LogPrefix = '[auth]'
+const LogPrefix = '[auth]';
 
-export const UserRoles = ['USER', 'ADMIN', 'TEST', 'DEV'] as const
+export const UserRoles = ['USER', 'ADMIN', 'TEST', 'DEV'] as const;
 
 /*----------------------------------
 - SERVICE CONVIG
 ----------------------------------*/
 
 export type TConfig = {
-    debug: boolean,
-    logoutUrl: string,
+    debug: boolean;
+    logoutUrl: string;
     jwt: {
         // 2048 bits
-        key: string,
-        expiration: number,
-    },
-}
+        key: string;
+        expiration: number;
+    };
+};
 
-export type THooks = {
-    
-}
+export type THooks = {};
 
 export type TBasicUser = {
-    type: string,
-    name: string | null,
-    email: string,
-    roles: string[]
-}
+    type: string;
+    name: string | null;
+    email: string;
+    roles: string[];
+    locale?: string | null;
+};
+
+export type TBasicJwtSession = { apiKey: string } | { email: string };
 
-export type TBasicJwtSession = (
-    { apiKey: string }
-    |
-    { email: string }
-)
+type TApiKeySession = { apiKey: string; accountType?: string };
 
 /*----------------------------------
 - SERVICE
@@ -109,27 +97,24 @@ export default abstract class AuthService<
     TJwtSession extends TBasicJwtSession = TBasicJwtSession,
     TRequest extends ServerRequest<TAnyRouter> = ServerRequest<TAnyRouter>,
 > extends Service<TConfig, THooks, TApplication, TApplication> {
-
-    //public abstract login( ...args: any[] ): Promise<{ user: TUser, token: string }>;
-    public abstract decodeSession( jwt: TJwtSession, req: THttpRequest ): Promise<TUser | null>;
+    public login?(request: TRequest, email: string): Promise<unknown>;
+    public abstract decodeSession(jwt: TJwtSession, req: THttpRequest): Promise<TUser | null>;
 
     // https://beeceptor.com/docs/concepts/authorization-header/#examples
-    public async decode( req: THttpRequest, withData: true ): Promise<TUser | null>;
-    public async decode( req: THttpRequest, withData?: false ): Promise<TJwtSession | null>;
-    public async decode( req: THttpRequest, withData: boolean = false ): Promise<TJwtSession | TUser | null> {
+    public async decode(req: THttpRequest, withData: true): Promise<TUser | null>;
+    public async decode(req: THttpRequest, withData?: false): Promise<TJwtSession | null>;
+    public async decode(req: THttpRequest, withData: boolean = false): Promise<TJwtSession | TUser | null> {
+        const requestCookies = 'cookies' in req ? req.cookies : undefined;
+        this.config.debug && console.log(LogPrefix, 'Decode:', { cookie: requestCookies?.['authorization'] });
 
-        this.config.debug && console.log(LogPrefix, 'Decode:', { cookie: req.cookies['authorization'] });
-        
         // Get auth token
         const authMethod = this.getAuthMethod(req);
-        if (authMethod === null)
-            return null;
+        if (authMethod === null) return null;
         const { tokenType, token } = authMethod;
 
         // Get auth session
         const session = this.getAuthSession(tokenType, token);
-        if (session === null)
-            return null;
+        if (session === null) return null;
 
         // Return email only
         if (!withData) {
@@ -140,87 +125,70 @@ export default abstract class AuthService<
         // Deserialize full user data
         this.config.debug && console.log(LogPrefix, `Deserialize user`, session);
         const user = await this.decodeSession(session, req);
-        if (user === null)
-            return null;
+        if (user === null) return null;
 
         this.config.debug && console.log(LogPrefix, `Deserialized user:`, user.name);
 
-        return {
-            ...user,
-            _token: token
-        };    
+        return { ...user, _token: token };
     }
 
-    private getAuthMethod( req: THttpRequest ): null | { token: string, tokenType?: string } {
-
+    private getAuthMethod(req: THttpRequest): null | { token: string; tokenType?: string } {
         let token: string | undefined;
         let tokenType: string | undefined;
         if (typeof req.headers['authorization'] === 'string') {
-
-            ([ tokenType, token ] = req.headers['authorization'].split(' '));
-
-        } else if (('cookies' in req) && typeof req.cookies['authorization'] === 'string') {
-
+            [tokenType, token] = req.headers['authorization'].split(' ');
+        } else if ('cookies' in req && typeof req.cookies['authorization'] === 'string') {
             token = req.cookies['authorization'];
             tokenType = 'Bearer';
+        } else return null;
 
-        } else 
-            return null;
-
-        if (token === undefined)
-            return null;
+        if (token === undefined) return null;
 
         return { tokenType, token };
     }
 
-    private getAuthSession( tokenType: string | undefined, token: string ): TJwtSession | null {
-
+    private getAuthSession(tokenType: string | undefined, token: string): TJwtSession | null {
         let session: TJwtSession;
 
         // API Key
         if (tokenType === 'Apikey') {
-
             const [accountType] = token.split('-');
+            const apiKeySession = { accountType, apiKey: token } satisfies TApiKeySession;
 
             this.config.debug && console.log(LogPrefix, `Auth via API Key`, token);
-            session = { accountType, apiKey: token } as TJwtSession;
+            session = apiKeySession as TJwtSession & TApiKeySession;
 
-        // JWT
+            // JWT
         } else if (tokenType === 'Bearer') {
             this.config.debug && console.log(LogPrefix, `Auth via JWT token`, token);
             try {
-                session = jwt.verify(token, this.config.jwt.key, { 
-                    maxAge: this.config.jwt.expiration 
-                });
+                session = jwt.verify(token, this.config.jwt.key, {
+                    maxAge: this.config.jwt.expiration,
+                }) as TJwtSession;
             } catch (error) {
-                console.warn(LogPrefix, "Failed to decode jwt token:", token);
+                console.warn(LogPrefix, 'Failed to decode jwt token:', token);
                 return null;
                 //throw new Forbidden(`The JWT token provided in the Authorization header is invalid`);
             }
-        } else 
-            return null;
-            //throw new InputError(`The authorization scheme provided in the Authorization header is unsupported.`);
+        } else return null;
+        //throw new InputError(`The authorization scheme provided in the Authorization header is unsupported.`);
 
         return session;
     }
 
-    public createSession( session: TJwtSession, request2: TRequest ): string {
-
+    public createSession(session: TJwtSession, request2: TRequest): string {
         this.config.debug && console.info(LogPrefix, `Creating new session:`, session);
 
         const token = jwt.sign(session, this.config.jwt.key);
 
         this.config.debug && console.info(LogPrefix, `Generated JWT token for session:` + token);
 
-        request2.res.cookie('authorization', token, {
-            maxAge: this.config.jwt.expiration,
-        });
+        request2.res.cookie('authorization', token, { maxAge: this.config.jwt.expiration });
 
         return token;
     }
 
-    public logout( request: TRequest ) {
-
+    public logout(request: TRequest) {
         const user = request.user;
         if (!user) return;
 
@@ -228,58 +196,50 @@ export default abstract class AuthService<
         request.res.clearCookie('authorization');
     }
 
-    public check(
-        request: TRequest,
-        role?: TUserRole | false,
-    ): TUser | null;
+    public check(request: TRequest, role?: TUserRole | boolean): TUser | null;
 
-    public check(
-        request: TRequest,
-        role: TUserRole | false,
-        feature: FeatureKeys,
-        action?: string,
-    ): TUser | null;
+    public check(request: TRequest, role: TUserRole | boolean, feature: FeatureKeys, action?: string): TUser | null;
 
     public check(
         request: TRequest,
-        role: TUserRole | false = 'USER',
+        role: TUserRole | boolean = 'USER',
         feature?: FeatureKeys,
         action?: string,
     ): TUser | null {
-
+        const normalizedRole = role === true ? 'USER' : role;
         const user = request.user;
 
-        this.config.debug && console.warn(LogPrefix, `Check auth, role = ${role}. Current user =`, user?.name, feature);
+        this.config.debug &&
+            console.warn(LogPrefix, `Check auth, role = ${normalizedRole}. Current user =`, user?.name, feature);
 
         if (user === undefined) {
-
             throw new Error(`request.user has not been decoded.`);
 
-        // Shoudln't be logged
-        } else if (role === false) {
-
+            // Shoudln't be logged
+        } else if (normalizedRole === false) {
             return user as TUser;
 
-        // Not connected
+            // Not connected
         } else if (user === null) {
-
-            console.warn(LogPrefix, "Refusé pour anonyme (" + request.ip + ")");
+            console.warn(LogPrefix, 'Refusé pour anonyme (' + request.ip + ')');
             throw new AuthRequired('Please login to continue', feature as any, action as any);
-            
-        // Insufficient permissions
-        } else if (!user.roles.includes(role)) {
-
-            console.warn(LogPrefix, "Refusé: " + role + " pour " + user.name + " (" + (user.roles || 'role inconnu') + ")");
 
-            throw new Forbidden("You do not have sufficient permissions to access this resource.");
+            // Insufficient permissions
+        } else if (!user.roles.includes(normalizedRole)) {
+            console.warn(
+                LogPrefix,
+                'Refusé: ' + normalizedRole + ' pour ' + user.name + ' (' + (user.roles || 'role inconnu') + ')',
+            );
 
+            throw new Forbidden('You do not have sufficient permissions to access this resource.');
         } else {
-
-            this.config.debug && console.warn(LogPrefix, "Autorisé " + role + " pour " + user.name + " (" + user.roles + ")");
-
+            this.config.debug &&
+                console.warn(
+                    LogPrefix,
+                    'Autorisé ' + normalizedRole + ' pour ' + user.name + ' (' + user.roles + ')',
+                );
         }
 
         return user as TUser;
     }
-
 }

package/server/services/auth/router/index.ts

@@ -5,12 +5,15 @@
 // Npm
 
 // Core
-import { 
-    default as Router, Request as ServerRequest, Response as ServerResponse, TAnyRoute,
-    RouterService, TAnyRouter
+import {
+    Request as ServerRequest,
+    Response as ServerResponse,
+    TAnyRoute,
+    RouterService,
+    TAnyRouter,
 } from '@server/services/router';
 
-import type { Application } from '@server/app';
+import type { Application } from '@server/app/index';
 
 import type { TRouterServiceArgs } from '@server/services/router/service';
 
@@ -22,7 +25,6 @@ import UsersRequestService from './request';
 - TYPES
 ----------------------------------*/
 
-
 /*----------------------------------
 - CONFIG
 ----------------------------------*/
@@ -34,62 +36,59 @@ const LogPrefix = '[router][auth]';
 ----------------------------------*/
 export default class AuthenticationRouterService<
     TApplication extends Application = Application,
-    TUser extends TBasicUser = TApplication["app"]["userType"],
+    TUser extends TBasicUser = TApplication['app']['userType'],
     TRouter extends TAnyRouter = TAnyRouter,
     TRequest extends ServerRequest<TRouter> = ServerRequest<TRouter>,
-> extends RouterService<{}, TRouter> {
-
+> extends RouterService<
+    { users: UsersService<TUser, TApplication> },
+    TRouter,
+    UsersRequestService<TRouter, TUser, TRequest>
+> {
     /*----------------------------------
     - LIFECYCLE
     ----------------------------------*/
 
-    public users: UsersService<TUser, Application>;
+    public users: UsersService<TUser, TApplication>;
 
-    public constructor( getConfig: TRouterServiceArgs[0], app: TApplication ) {
-        super( getConfig, app );
+    public constructor(
+        getConfig: TRouterServiceArgs<{ users: UsersService<TUser, TApplication> }, TRouter>[0],
+        app: TApplication,
+    ) {
+        super(getConfig, app);
 
         this.users = this.config.users;
     }
 
-    protected async ready() {
-
+    public async ready() {
         // Decode current user
         this.parent.on('request', async (request: TRequest) => {
-
             // TODO: Typings. (context.user ?)
-            const decoded = await this.users.decode( request.req, true);
+            const decoded = await this.users.decode(request.req, true);
 
             request.user = decoded || null;
-        })
+        });
 
         // Check route permissions
-        this.parent.on('resolved', async (
-            route: TAnyRoute, 
-            request: TRequest, 
-            response: ServerResponse<TRouter>
-        ) => {
-
+        this.parent.on('resolved', async (route: TAnyRoute, request: TRequest, response: ServerResponse<TRouter>) => {
             if (route.options.auth !== undefined) {
-
                 // Basic auth check
-                this.users.check(request, route.options.auth);
+                const requiredRole = route.options.auth === true ? 'USER' : route.options.auth;
+                this.users.check(request, requiredRole as TUserRole | false);
 
                 // Redirect to logged page
                 if (route.options.auth === false && request.user && route.options.redirectLogged)
                     response.redirect(route.options.redirectLogged);
             }
-        })
+        });
     }
 
-    protected async shutdown() {
-
-    }
+    public async shutdown() {}
 
     /*----------------------------------
     - ROUTER SERVICE LIFECYCLE
     ----------------------------------*/
 
-    public requestService( request: TRequest ): UsersRequestService<TRouter, TUser> {
-        return new UsersRequestService( request, this );
-    }   
-}
+    public requestService(request: TRequest): UsersRequestService<TRouter, TUser, TRequest> {
+        return new UsersRequestService(request, this);
+    }
+}

package/server/services/auth/router/request.ts

@@ -6,7 +6,7 @@
 import jwt from 'jsonwebtoken';
 
 // Core
-import type { default as Router, Request as ServerRequest, TAnyRouter } from '@server/services/router';
+import type { Request as ServerRequest, TAnyRouter } from '@server/services/router';
 import RequestService from '@server/services/router/request/service';
 
 // Specific
@@ -25,23 +25,24 @@ import type { TBasicUser } from '@server/services/auth';
 ----------------------------------*/
 export default class UsersRequestService<
     TRouter extends TAnyRouter,
-    TUser extends TBasicUser
-> extends RequestService {
-
-    public constructor( 
-        request: ServerRequest<TRouter>,
-        public auth: AuthenticationRouterService,
+    TUser extends TBasicUser,
+    TRequest extends ServerRequest<TRouter> = ServerRequest<TRouter>,
+> extends RequestService<TRequest> {
+    public constructor(
+        request: TRequest,
+        public auth: AuthenticationRouterService<TRouter['app'], TUser, TRouter, TRequest>,
         public users = auth.users,
     ) {
         super(request);
     }
 
-    public login( email: string ) {
-        return this.users.login( this.request, email );
+    public login(email: string) {
+        if (!this.users.login) throw new Error('The current auth service does not implement login().');
+        return this.users.login(this.request, email);
     }
 
     public logout() {
-        return this.users.logout( this.request );
+        return this.users.logout(this.request);
     }
 
     public check(): TUser;
@@ -55,11 +56,8 @@ export default class UsersRequestService<
 
     public check(role: false, feature: FeatureKeys, action?: string): null;
 
-    public check(
-        role: TUserRole | false = 'USER',
-        feature?: FeatureKeys | null,
-        action?: string
-    ) {
-        return this.users.check( this.request, role, feature, action ) as any;
+    public check(role: TUserRole | false = 'USER', feature?: FeatureKeys | null, action?: string) {
+        if (feature === null || feature === undefined) return this.users.check(this.request, role);
+        return this.users.check(this.request, role, feature, action);
     }
 }

package/server/services/cron/CronTask.ts

@@ -12,14 +12,13 @@ import cronParser, { CronExpression } from 'cron-parser';
 import type CronManager from '.';
 
 export type TFrequence = string | Date;
-export type TRunner = () => Promise<any>
+export type TRunner = () => Promise<any>;
 
 /*----------------------------------
 - CLASS
 ----------------------------------*/
 export default class CronTask {
-
-    public cron?: CronExpression
+    public cron?: CronExpression;
     public nextInvocation?: Date;
 
     public constructor(
@@ -27,60 +26,48 @@ export default class CronTask {
         public nom: string,
         next: TFrequence,
         public runner: TRunner,
-        public autoexec?: boolean
+        public autoexec?: boolean,
     ) {
-
         this.manager.config.debug && console.info(`[cron][${this.nom}] Enregistrement de la tâche`);
 
         this.schedule(next);
-
     }
 
     public schedule(next: TFrequence) {
-
         this.cron = undefined;
 
         // Cron expression
         if (typeof next === 'string') {
-
             this.cron = cronParser.parseExpression(next);
             this.nextInvocation = this.cron.next().toDate();
 
-            this.manager.config.debug && 
+            this.manager.config.debug &&
                 console.info(`[cron][${this.nom}] Planifié pour ${this.nextInvocation.toISOString()} via cron ${next}`);
 
             // Date
         } else {
-
             this.nextInvocation = next;
-            this.manager.config.debug && 
+            this.manager.config.debug &&
                 console.info(`[cron][${this.nom}] Planifié pour ${this.nextInvocation.toISOString()} via date`);
-
         }
     }
 
     public scheduleNext() {
-
         // Prochaine invocation
-        if (this.cron !== undefined)
-            this.nextInvocation = this.cron.next().toDate();
-        else
-            this.nextInvocation = undefined;
+        if (this.cron !== undefined) this.nextInvocation = this.cron.next().toDate();
+        else this.nextInvocation = undefined;
     }
 
     public run(now: boolean = false) {
-
         // Update invocation date
-        const maintenant = new Date
-        const runnable = this.nextInvocation !== undefined && this.nextInvocation.valueOf() <= maintenant.valueOf()
-        if (runnable)
-            this.scheduleNext();
-        else if (now === false)
-            return;
+        const maintenant = new Date();
+        const runnable = this.nextInvocation !== undefined && this.nextInvocation.valueOf() <= maintenant.valueOf();
+        if (runnable) this.scheduleNext();
+        else if (now === false) return;
 
         // Execution
         this.runner().then(() => {
             this.manager.config.debug && console.info(`Task runned.`);
-        })
+        });
     }
-}
+}