rlz-engine 0.0.1

package/dist/back/auth/controllers.d.ts

@@ -0,0 +1,7 @@
+import { FastifyInstance, RawServerBase } from 'fastify';
+import { AuthStorage } from './storage';
+interface AuthEndpointsOpts {
+    storage: AuthStorage;
+}
+export declare const AUTH_API: <T extends RawServerBase>(app: FastifyInstance<T>, { storage }: AuthEndpointsOpts) => Promise<void>;
+export {};

package/dist/back/auth/controllers.js

@@ -0,0 +1,39 @@
+import { httpErrors } from '@fastify/sensible';
+import fastifyPlugin from 'fastify-plugin';
+import zodToJsonSchema from 'zod-to-json-schema';
+import { API_AUTH_RESPONSE_SCHEMA_V0, API_SIGNIN_REQUEST_SCHEMA_V0, API_SIGNUP_REQUEST_SCHEMA_V0 } from '../../shared/api/auth';
+import { logout, signin, signup } from './utils';
+export const AUTH_API = fastifyPlugin(async function authApi(app, { storage }) {
+    app.post('/api/v0/signup', {
+        schema: {
+            body: zodToJsonSchema(API_SIGNUP_REQUEST_SCHEMA_V0),
+            response: { 200: zodToJsonSchema(API_AUTH_RESPONSE_SCHEMA_V0) }
+        }
+    }, async (req, _resp) => {
+        const body = API_SIGNUP_REQUEST_SCHEMA_V0.parse(req.body);
+        return await signup(storage, body.name, body.email, body.password);
+    });
+    app.post('/api/v0/signin', {
+        schema: {
+            body: zodToJsonSchema(API_SIGNIN_REQUEST_SCHEMA_V0),
+            response: { 200: zodToJsonSchema(API_AUTH_RESPONSE_SCHEMA_V0) }
+        }
+    }, async (req, _resp) => {
+        const body = API_SIGNIN_REQUEST_SCHEMA_V0.parse(req.body);
+        const r = await signin(storage, body.name, body.password);
+        if (r === null) {
+            return httpErrors.unauthorized();
+        }
+        return r;
+    });
+    app.post('/api/v0/logout', {}, async (req, resp) => {
+        await storage.auth(req.headers);
+        const authHeader = req.headers.authorization;
+        if (authHeader === undefined) {
+            throw httpErrors.forbidden();
+        }
+        const [userId, tempPassword] = authHeader.split(':');
+        await logout(storage, userId, tempPassword);
+        return resp.code(204).send();
+    });
+});

package/dist/back/auth/model.d.ts

@@ -0,0 +1,14 @@
+import { Binary } from 'mongodb';
+export interface StorageUser {
+    _id: string;
+    name: string;
+    email: string;
+    passwordSalt: Binary;
+    passwordHash: Binary;
+    lastActivityDate: Date;
+}
+export interface StorageTempPassword {
+    userId: string;
+    passwordHash: Binary;
+    validUntil: Date;
+}

package/dist/back/auth/model.js

@@ -0,0 +1 @@
+export {};

package/dist/back/auth/storage.d.ts

@@ -0,0 +1,21 @@
+import { FastifyRequest } from 'fastify';
+import { Binary, Collection } from 'mongodb';
+import { MongoStorage } from '../storage/db';
+import { StorageTempPassword, StorageUser } from './model';
+export declare class AuthStorage {
+    private readonly logger;
+    private readonly mongo;
+    constructor(mongo: MongoStorage);
+    init(): Promise<void>;
+    createUser(id: string, name: string, email: string, passwordSalt: Binary, passwordHash: Binary): Promise<void>;
+    getUser(name: string): Promise<StorageUser | null>;
+    markUserActive(userId: string): Promise<void>;
+    pushTempPassword(userId: string, passwordHash: Binary, validUntil: Date): Promise<void>;
+    deleteTempPassword(userId: string, passwordHash: Binary): Promise<void>;
+    getUserByTempPassword(userId: string, passwordHash: Binary): Promise<StorageUser | null>;
+    private createCollections;
+    private createIndexes;
+    get users(): Collection<StorageUser>;
+    get tempPasswords(): Collection<StorageTempPassword>;
+    get auth(): (headers: FastifyRequest["headers"]) => Promise<string>;
+}

package/dist/back/auth/storage.js

@@ -0,0 +1,91 @@
+import { DateTime } from 'luxon';
+import { logger } from '../logger';
+import { auth } from './utils';
+export class AuthStorage {
+    logger = logger('AuthStorage');
+    mongo;
+    constructor(mongo) {
+        this.mongo = mongo;
+    }
+    async init() {
+        await Promise.all([
+            'users', 'temp-passwords'
+        ].map(i => this.mongo.createCollection(i)));
+        await this.createIndexes();
+    }
+    async createUser(id, name, email, passwordSalt, passwordHash) {
+        await this.users.insertOne({
+            _id: id,
+            name,
+            email,
+            passwordSalt,
+            passwordHash,
+            lastActivityDate: DateTime.utc().toJSDate()
+        });
+    }
+    async getUser(name) {
+        return await this.users.findOne({ name });
+    }
+    async markUserActive(userId) {
+        await this.users.updateOne({ _id: userId }, { $set: { lastActivityDate: DateTime.utc().toJSDate() } });
+    }
+    async pushTempPassword(userId, passwordHash, validUntil) {
+        await this.tempPasswords.insertOne({
+            userId,
+            passwordHash,
+            validUntil
+        });
+    }
+    async deleteTempPassword(userId, passwordHash) {
+        await this.tempPasswords.deleteOne({ userId, passwordHash });
+    }
+    async getUserByTempPassword(userId, passwordHash) {
+        const t = await this.tempPasswords.findOne({ userId, passwordHash });
+        if (t === null) {
+            return null;
+        }
+        if (DateTime.utc() > DateTime.fromJSDate(t.validUntil)) {
+            await this.tempPasswords.deleteOne({ _id: t._id });
+            return null;
+        }
+        return await this.users.findOne({ _id: t.userId });
+    }
+    async createCollections() {
+    }
+    async createIndexes() {
+        await this.mongo.createIndexes(this.users, [
+            {
+                name: 'name_v0',
+                key: {
+                    name: 1
+                },
+                unique: true
+            }
+        ]);
+        await this.mongo.createIndexes(this.tempPasswords, [
+            {
+                name: 'userId_v0',
+                key: {
+                    userId: 1
+                }
+            },
+            {
+                name: 'ttl_v0',
+                key: {
+                    passwordHash: 1
+                },
+                // Temp passwords also have expirity dates, make sure they are syncronized with this expirity index
+                expireAfterSeconds: 60 * 60 * 24 * 7 // 7 days
+            }
+        ]);
+    }
+    get users() {
+        return this.mongo.db.collection('users');
+    }
+    get tempPasswords() {
+        return this.mongo.db.collection('temp-passwords');
+    }
+    get auth() {
+        return (headers) => auth(headers, this);
+    }
+}

package/dist/back/auth/utils.d.ts

@@ -0,0 +1,8 @@
+import { FastifyRequest } from 'fastify';
+import { ApiAuthResponseV0 } from '../../shared/api/auth';
+import { AuthStorage } from './storage';
+export declare function signup(storage: AuthStorage, name: string, email: string, password: string): Promise<ApiAuthResponseV0>;
+export declare function signin(storage: AuthStorage, name: string, password: string): Promise<ApiAuthResponseV0 | null>;
+export declare function logout(storage: AuthStorage, userId: string, tempPassword: string): Promise<void>;
+export declare function verifyTempPassword(storage: AuthStorage, userId: string, tempPassword: string): Promise<string>;
+export declare function auth(headers: FastifyRequest['headers'], storage: AuthStorage): Promise<string>;

package/dist/back/auth/utils.js

@@ -0,0 +1,80 @@
+import { httpErrors } from '@fastify/sensible';
+import { randomBytes, scryptSync } from 'crypto';
+import { DateTime } from 'luxon';
+import { Binary, MongoServerError } from 'mongodb';
+import { uuidv7 } from 'uuidv7';
+const TEMP_PASSWORD_SALT = Buffer.from('cashmony-temp-password-salt', 'utf8');
+export async function signup(storage, name, email, password) {
+    const salt = randomBytes(64);
+    const hash = calcHash(password, salt);
+    const id = uuidv7();
+    try {
+        await storage.createUser(id, name, email, new Binary(salt), new Binary(hash));
+    }
+    catch (e) {
+        if (e instanceof MongoServerError && e.code === 11000) {
+            // duplicate key error
+            throw httpErrors.conflict();
+        }
+        throw e;
+    }
+    const tempPassword = await makeTempPassword(storage, id);
+    return {
+        id,
+        name,
+        email,
+        tempPassword
+    };
+}
+export async function signin(storage, name, password) {
+    const u = await storage.getUser(name);
+    if (u === null) {
+        return null;
+    }
+    const hash = calcHash(password, u.passwordSalt.value());
+    if (!hash.equals(u.passwordHash.value())) {
+        return null;
+    }
+    const tempPassword = await makeTempPassword(storage, u._id);
+    await storage.markUserActive(u._id);
+    return {
+        id: u._id,
+        name: u.name,
+        email: u.email,
+        tempPassword
+    };
+}
+export async function logout(storage, userId, tempPassword) {
+    const hash = calcHash(tempPassword, TEMP_PASSWORD_SALT);
+    await storage.deleteTempPassword(userId, new Binary(hash));
+}
+export async function verifyTempPassword(storage, userId, tempPassword) {
+    const hash = calcTempPasswordHash(Buffer.from(tempPassword, 'base64'));
+    const u = await storage.getUserByTempPassword(userId, new Binary(hash));
+    if (u === null) {
+        throw httpErrors.forbidden();
+    }
+    await storage.markUserActive(u._id);
+    return u._id;
+}
+async function makeTempPassword(storage, userId) {
+    const password = randomBytes(128);
+    const passwordHash = calcTempPasswordHash(password);
+    // Temp passwords also are removed from Mongo by TTL index, make sure expirity dates are syncronised
+    await storage.pushTempPassword(userId, new Binary(passwordHash), DateTime.utc().plus({ days: 7 }).toJSDate());
+    return password.toString('base64');
+}
+export async function auth(headers, storage) {
+    const authHeader = headers.authorization;
+    if (authHeader === undefined) {
+        throw httpErrors.forbidden();
+    }
+    const [userId, tempPassword] = authHeader.split(':');
+    return await verifyTempPassword(storage, userId, tempPassword);
+}
+function calcHash(password, salt) {
+    return scryptSync(password, salt, 512, { N: 1024 });
+}
+function calcTempPasswordHash(tempPassword) {
+    return scryptSync(tempPassword, TEMP_PASSWORD_SALT, 512, { N: 1024 });
+}

package/dist/back/config.d.ts

@@ -0,0 +1 @@
+export declare const PRODUCTION: boolean;

package/dist/back/config.js

@@ -0,0 +1 @@
+export const PRODUCTION = process.env.NODE_ENV === 'production';

package/dist/back/logger.d.ts

@@ -0,0 +1,3 @@
+import { Logger, LoggerOptions } from 'pino';
+export declare function logger(name: string): Logger;
+export declare function loggerOptions(name: string): LoggerOptions;

package/dist/back/logger.js

@@ -0,0 +1,36 @@
+import { pino } from 'pino';
+import { PRODUCTION } from './config';
+export function logger(name) {
+    return pino(loggerOptions(name));
+}
+export function loggerOptions(name) {
+    if (PRODUCTION) {
+        return {
+            name,
+            transport: {
+                targets: [
+                    {
+                        level: 'info',
+                        target: 'pino/file',
+                        options: { destination: 1 }
+                    }
+                    // {
+                    //     level: 'info',
+                    //     target: 'pino-'
+                    // }
+                ]
+            }
+        };
+    }
+    return {
+        name,
+        transport: {
+            targets: [
+                {
+                    level: 'trace',
+                    target: 'pino-pretty'
+                }
+            ]
+        }
+    };
+}

package/dist/back/server.d.ts

@@ -0,0 +1,11 @@
+import { FastifyInstance, RawReplyDefaultExpression, RawRequestDefaultExpression, RawServerBase } from 'fastify';
+import { Logger } from 'pino';
+export type InitServerFuncType = <S extends RawServerBase>(server: FastifyInstance<S, RawRequestDefaultExpression<S>, RawReplyDefaultExpression<S>, Logger>) => Promise<void>;
+export interface RunServerParams {
+    production: boolean;
+    domain: string;
+    certDir: string;
+    staticDir: string;
+    init: InitServerFuncType;
+}
+export declare function runServer({ production, domain, certDir, staticDir, init }: RunServerParams): Promise<void>;

package/dist/back/server.js

@@ -0,0 +1,75 @@
+import fastifyCompress from '@fastify/compress';
+import fastifyCors from '@fastify/cors';
+import fastifyResponseValidation from '@fastify/response-validation';
+import fastifySensible, { httpErrors } from '@fastify/sensible';
+import fastifyStatic from '@fastify/static';
+import formatsPlugin from 'ajv-formats';
+import fastify from 'fastify';
+import { fastifyAcmeSecurePlugin, fastifyAcmeUnsecurePlugin, getCertAndKey } from 'fastify-acme';
+import { createReadStream } from 'fs';
+import { installIntoGlobal } from 'iterator-helpers-polyfill';
+import path from 'path';
+import { logger } from './logger';
+installIntoGlobal();
+export async function runServer({ production, domain, certDir, staticDir, init }) {
+    const httpServer = fastify({
+        loggerInstance: logger('http'),
+        ajv: { plugins: [formatsPlugin] }
+    });
+    if (!production) {
+        await httpServer.register(fastifyCors, {
+            methods: ['get', 'post']
+        });
+        await httpServer.register(fastifyCompress);
+        await httpServer.register(fastifySensible);
+        await httpServer.register(fastifyResponseValidation, {
+            ajv: { plugins: [formatsPlugin] }
+        });
+        await init(httpServer);
+        httpServer.all('/api/*', async () => {
+            return httpErrors.notFound();
+        });
+        addStaticEndpoints(httpServer, staticDir);
+        await httpServer.listen({ host: 'localhost', port: 8080 });
+        return;
+    }
+    httpServer.register(fastifyAcmeUnsecurePlugin, { redirectDomain: domain });
+    await httpServer.listen({ port: 80 });
+    const certAndKey = await getCertAndKey(certDir, domain);
+    const httpsServer = fastify({
+        http2: true,
+        https: {
+            allowHTTP1: true,
+            cert: certAndKey.cert,
+            key: certAndKey.pkey
+        },
+        loggerInstance: logger('https'),
+        ajv: { plugins: [formatsPlugin] }
+    });
+    await httpsServer.register(fastifyAcmeSecurePlugin, {
+        certDir,
+        domain
+    });
+    await httpsServer.register(fastifyCors, {
+        methods: ['get', 'post']
+    });
+    await httpsServer.register(fastifyCompress);
+    await httpsServer.register(fastifySensible);
+    await httpsServer.register(fastifyResponseValidation, { ajv: { plugins: [formatsPlugin] } });
+    await init(httpsServer);
+    httpsServer.all('/api/*', async () => {
+        return httpErrors.notFound();
+    });
+    addStaticEndpoints(httpsServer, staticDir);
+}
+function addStaticEndpoints(server, staticPath) {
+    const absStaticPath = path.resolve(staticPath);
+    const absIndexPath = path.join(absStaticPath, 'index.html');
+    server.register((s) => {
+        s.register(fastifyStatic, { root: absStaticPath });
+        s.setNotFoundHandler(async (_req, resp) => {
+            await resp.type('text/html')
+                .send(createReadStream(absIndexPath));
+        });
+    });
+}

package/dist/back/storage/db.d.ts

@@ -0,0 +1,14 @@
+import { Collection, Db, Document, IndexDescription } from 'mongodb';
+type StorageIndexDescription = IndexDescription & {
+    name: string;
+};
+export declare class MongoStorage {
+    private readonly logger;
+    private readonly client;
+    constructor();
+    get db(): Db;
+    createCollection(name: string): Promise<void>;
+    createIndexes<T extends Document>(collection: Collection<T>, indexes: StorageIndexDescription[]): Promise<void>;
+    private listIndexes;
+}
+export {};

package/dist/back/storage/db.js

@@ -0,0 +1,43 @@
+import { MongoClient } from 'mongodb';
+import { logger } from '../logger';
+export class MongoStorage {
+    logger;
+    client;
+    constructor() {
+        this.logger = logger('MongoStorage');
+        this.client = new MongoClient('mongodb://localhost');
+    }
+    get db() {
+        return this.client.db('app-data');
+    }
+    async createCollection(name) {
+        await this.db.createCollection(name);
+    }
+    async createIndexes(collection, indexes) {
+        this.logger.info({ indexes: indexes?.map(i => i.name) ?? null, collection: collection.collectionName }, 'Configured indexes');
+        const knownIndexes = await this.listIndexes(collection);
+        this.logger.info({ indexes: Array.from(knownIndexes), collection: collection.collectionName }, 'Known indexes');
+        knownIndexes.delete('_id_');
+        for (const index of indexes) {
+            if (knownIndexes.has(index.name)) {
+                knownIndexes.delete(index.name);
+                continue;
+            }
+            this.logger.info({ index, collection: collection.collectionName }, 'Create index');
+            await collection.createIndexes([index]);
+        }
+        for (const name of knownIndexes) {
+            this.logger.info({ index: name, collection: collection.collectionName }, 'Drop index');
+            await collection.dropIndex(name);
+        }
+    }
+    async listIndexes(collection) {
+        const indexes = await collection.listIndexes().toArray();
+        return new Set(indexes.map((i) => {
+            if (i.name === undefined) {
+                throw Error('Index with undefined name detected!');
+            }
+            return i.name;
+        }));
+    }
+}

package/dist/back/storage/model.d.ts

@@ -0,0 +1,33 @@
+import { z } from 'zod';
+export interface MongoObject<T> {
+    _id: string;
+    ownerId: string;
+    syncDate: Date;
+    data: T;
+}
+export declare const SYNC_OBJECT_SCHEMA: z.ZodObject<{
+    _id: z.ZodString;
+    data: z.ZodObject<{
+        lastModified: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        lastModified: string;
+    }, {
+        lastModified: string;
+    }>;
+}, "strip", z.ZodTypeAny, {
+    _id: string;
+    data: {
+        lastModified: string;
+    };
+}, {
+    _id: string;
+    data: {
+        lastModified: string;
+    };
+}>;
+export interface SyncObject<T> {
+    _id: string;
+    ownerId: string;
+    syncDate: Date;
+    data: T;
+}

package/dist/back/storage/model.js

@@ -0,0 +1,7 @@
+import { z } from 'zod';
+export const SYNC_OBJECT_SCHEMA = z.object({
+    _id: z.string().uuid(),
+    data: z.object({
+        lastModified: z.string().datetime()
+    })
+});

package/dist/back/storage/sync.d.ts

@@ -0,0 +1,5 @@
+import { DateTime } from 'luxon';
+import { Collection } from 'mongodb';
+import { ApiComparisonObjectV0 } from '../../shared/api/sync';
+import { SyncObject } from './model';
+export declare function getAll<T>(c: Collection<SyncObject<T>>, ownerId: string, syncAfter?: DateTime<true>): Promise<ApiComparisonObjectV0[]>;

package/dist/back/storage/sync.js

@@ -0,0 +1,16 @@
+import { SYNC_OBJECT_SCHEMA } from './model';
+export async function getAll(c, ownerId, syncAfter) {
+    const items = [];
+    const query = syncAfter === undefined
+        ? { ownerId }
+        : { ownerId, syncDate: { $gt: syncAfter.toJSDate() } };
+    const cursor = c.find(query).project({ 'data.lastModified': 1 });
+    for await (const op of cursor) {
+        const parsed = SYNC_OBJECT_SCHEMA.parse(op);
+        items.push({
+            id: parsed._id,
+            lastModified: parsed.data.lastModified
+        });
+    }
+    return items;
+}

package/dist/client/api/api.d.ts

@@ -0,0 +1,9 @@
+import z, { ZodType } from 'zod';
+export declare class Forbidden extends Error {
+    constructor(url: string);
+}
+export interface AuthParam {
+    userId: string;
+    tempPassword: string;
+}
+export declare function apiCall<T extends ZodType>(method: string, path: string, auth: AuthParam | null, queryString: Record<string, string> | null, request: object | null, validator: T): Promise<z.infer<T>>;

package/dist/client/api/api.js

@@ -0,0 +1,57 @@
+import { PRODUCTION } from '../../back/config';
+const API_DOMAIN = PRODUCTION ? '/' : 'http://localhost:8080/';
+export class Forbidden extends Error {
+    constructor(url) {
+        super(`Forbidden: ${url}`);
+    }
+}
+function url(path, queryString) {
+    const base = `${API_DOMAIN}api/v0/${path}`;
+    if (queryString === null) {
+        return base;
+    }
+    const query = Object.entries(queryString)
+        .map(([key, value]) => `${encodeURIComponent(key)}=${encodeURIComponent(value)}`)
+        .join('&');
+    return `${base}?${query}`;
+}
+const GZIP_THRESHOLD = 16 * 1024;
+async function prepareBody(request) {
+    const textBody = JSON.stringify(request);
+    if (textBody.length <= GZIP_THRESHOLD) {
+        return textBody;
+    }
+    const bodyStream = new Blob([textBody]).stream();
+    const bodyStreamCompressed = bodyStream.pipeThrough(new CompressionStream('gzip'));
+    return new Response(bodyStreamCompressed).blob();
+}
+export async function apiCall(method, path, auth, queryString, request, validator) {
+    const headers = {};
+    const body = request === null ? undefined : await prepareBody(request);
+    if (body !== undefined) {
+        headers['content-type'] = 'application/json';
+        if (typeof body !== 'string') {
+            headers['content-encoding'] = 'gzip';
+        }
+    }
+    if (auth !== null) {
+        headers['authorization'] = `${auth.userId}:${auth.tempPassword}`;
+    }
+    const u = url(path, queryString);
+    const resp = await fetch(u, {
+        method,
+        headers,
+        body
+    });
+    if (!resp.ok) {
+        if (resp.status === 403) {
+            throw new Forbidden(u);
+        }
+        throw Error(`Not ok resp (${resp.status} ${resp.statusText}): ${method} ${u}`);
+    }
+    if (resp.status === 204) {
+        return validator.parse(undefined);
+    }
+    const json = await resp.json();
+    return validator.parse(json);
+}

package/dist/client/api/auth.d.ts

@@ -0,0 +1,5 @@
+import { ApiAuthResponseV0 } from '../../shared/api/auth';
+import { AuthParam } from './api';
+export declare function apiSignup(name: string, email: string, password: string): Promise<ApiAuthResponseV0>;
+export declare function apiSignin(name: string, password: string): Promise<ApiAuthResponseV0>;
+export declare function apiLogout(auth: AuthParam): Promise<void>;

package/dist/client/api/auth.js

@@ -0,0 +1,21 @@
+import { z } from 'zod';
+import { API_AUTH_RESPONSE_SCHEMA_V0 } from '../../shared/api/auth';
+import { apiCall } from './api';
+export async function apiSignup(name, email, password) {
+    const req = {
+        name,
+        email,
+        password
+    };
+    return apiCall('post', 'signup', null, null, req, API_AUTH_RESPONSE_SCHEMA_V0);
+}
+export async function apiSignin(name, password) {
+    const req = {
+        name,
+        password
+    };
+    return apiCall('post', 'signin', null, null, req, API_AUTH_RESPONSE_SCHEMA_V0);
+}
+export async function apiLogout(auth) {
+    await apiCall('post', 'logout', auth, null, null, z.undefined());
+}

package/dist/client/screens/404.d.ts

@@ -0,0 +1,2 @@
+import { JSX } from 'react';
+export declare function NotFound(): JSX.Element;

package/dist/client/screens/404.js

@@ -0,0 +1,10 @@
+import { Box, Stack, Typography } from '@mui/material';
+import React from 'react';
+import { Link } from 'react-router-dom';
+export function NotFound() {
+    return (React.createElement(Stack, { width: '100vw', height: '100vh', display: 'flex', justifyContent: 'center', alignItems: 'center' },
+        React.createElement(Box, { fontSize: 120 }, '404'),
+        React.createElement(Box, null,
+            React.createElement(Link, { to: '/' },
+                React.createElement(Typography, { color: 'warning.main', sx: { textDecoration: 'underline' } }, 'To main page')))));
+}

package/dist/client/screens/SignupSigninScreen.d.ts

@@ -0,0 +1,6 @@
+import React from 'react';
+interface SignupSigninScreenProps {
+    appName: string;
+}
+export declare const SignupSigninScreen: React.FunctionComponent<SignupSigninScreenProps>;
+export {};

package/dist/client/screens/SignupSigninScreen.js

@@ -0,0 +1,129 @@
+import { Box, Button, CircularProgress, Stack, Tab, Tabs, TextField, Typography } from '@mui/material';
+import { observer } from 'mobx-react-lite';
+import React from 'react';
+import { useCallback, useState } from 'react';
+import { useLocation, useNavigate } from 'react-router-dom';
+import { z } from 'zod';
+import { apiSignin, apiSignup } from '../api/auth';
+import { useAuthState } from '../state/auth';
+// eslint-disable-next-line @typescript-eslint/naming-convention
+export const SignupSigninScreen = observer(function SignupSigninScreen({ appName }) {
+    const location = useLocation();
+    const navigate = useNavigate();
+    const tab = location.pathname.substring(1);
+    return (React.createElement(Stack, { p: 1, gap: 1, maxWidth: '500px', mx: 'auto', mt: 10 },
+        React.createElement(Typography, { variant: 'h3', textAlign: 'center' }, appName),
+        React.createElement(Tabs, { value: tab, variant: 'fullWidth', onChange: (_, tab) => {
+                void navigate(`/${tab}`);
+            } },
+            React.createElement(Tab, { value: 'signin', label: 'Signin' }),
+            React.createElement(Tab, { value: 'signup', label: 'Signup' })),
+        tab === 'signup'
+            && React.createElement(SignupForm, null),
+        tab === 'signin'
+            && React.createElement(SigninForm, null)));
+});
+function SignupForm() {
+    const authState = useAuthState();
+    const navigate = useNavigate();
+    const [syncInProgress, setSyncInProgress] = useState(false);
+    const [name, setName] = useState('');
+    const [nameActivated, setNameActivated] = useState(false);
+    const [email, setEmail] = useState('');
+    const [emailActivated, setEmailActivated] = useState(false);
+    const [password, setPassword] = useState('');
+    const [passwordActivated, setPasswordActivated] = useState(false);
+    const [password2, setPassword2] = useState('');
+    const [password2Activated, setPassword2Activated] = useState(false);
+    const doSignUp = useCallback(() => {
+        setSyncInProgress(true);
+        setTimeout(async () => {
+            try {
+                await signup(name, email, password, password2, authState);
+                void navigate('/');
+            }
+            finally {
+                setSyncInProgress(false);
+            }
+        }, 0);
+    }, [name, email, password, password2]);
+    return (React.createElement(Stack, { gap: 2, mt: 2 },
+        React.createElement(TextField, { label: 'Name', value: name, error: nameActivated && name === '', helperText: nameActivated ? (name === '' ? 'Name sholud not be empty' : 'ok') : 'required', onChange: (e) => {
+                setNameActivated(true);
+                setName(e.target.value);
+            }, autoFocus: true }),
+        React.createElement(TextField, { label: 'E-mail', type: 'email', value: email, error: emailActivated && !isValidEmail(email), helperText: emailActivated ? (isValidEmail(email) ? 'ok' : 'Invalid e-mail address') : 'required', onChange: e => setEmail(e.target.value), onFocus: () => setEmailActivated(true) }),
+        React.createElement(TextField, { label: 'Password', type: 'password', value: password, error: passwordActivated && password === '', helperText: passwordActivated ? (password === '' ? 'Empty password' : 'ok') : 'required', onChange: e => setPassword(e.target.value), onFocus: () => setPasswordActivated(true) }),
+        React.createElement(TextField, { label: 'Confirm password', type: 'password', value: password2, error: password2Activated && password2 !== password, helperText: password2Activated ? (password2 !== password ? 'Do not match' : 'ok') : 'required', onChange: e => setPassword2(e.target.value), onFocus: () => setPassword2Activated(true), onKeyDown: (e) => {
+                if (e.key === 'Enter') {
+                    doSignUp();
+                }
+            } }),
+        React.createElement(Box, { sx: { m: 1, position: 'relative' } },
+            React.createElement(Button, { variant: 'contained', fullWidth: true, disabled: name === ''
+                    || !isValidEmail(email)
+                    || password === ''
+                    || password2 !== password
+                    || syncInProgress, onClick: doSignUp }, 'Signup'),
+            syncInProgress && (React.createElement(CircularProgress, { size: 24, sx: {
+                    position: 'absolute',
+                    top: '50%',
+                    left: '50%',
+                    marginTop: '-12px',
+                    marginLeft: '-12px'
+                } })))));
+}
+async function signup(name, email, password, password2, authState) {
+    if (name === ''
+        || !isValidEmail(email)
+        || password === ''
+        || password2 !== password) {
+        return;
+    }
+    const resp = await apiSignup(name, email, password);
+    authState.login(resp.id, resp.name, resp.email, resp.tempPassword);
+}
+function SigninForm() {
+    const authState = useAuthState();
+    const [syncInProgress, setSyncInProgress] = useState(false);
+    const navigate = useNavigate();
+    const [name, setName] = useState('');
+    const [password, setPassword] = useState('');
+    const doSignIn = useCallback(() => {
+        setSyncInProgress(true);
+        setTimeout(async () => {
+            try {
+                await signin(name, password, authState);
+                void navigate('/');
+            }
+            finally {
+                setSyncInProgress(false);
+            }
+        }, 0);
+    }, [name, password]);
+    return (React.createElement(Stack, { gap: 2, mt: 2 },
+        React.createElement(TextField, { label: 'Name', value: name, onChange: e => setName(e.target.value), autoFocus: true }),
+        React.createElement(TextField, { label: 'Password', type: 'password', value: password, onChange: e => setPassword(e.target.value), onKeyDown: (e) => {
+                if (e.key === 'Enter') {
+                    doSignIn();
+                }
+            } }),
+        React.createElement(Box, { sx: { m: 1, position: 'relative' } },
+            React.createElement(Button, { variant: 'contained', fullWidth: true, disabled: name === ''
+                    || password === ''
+                    || syncInProgress, onClick: doSignIn }, 'Signin'),
+            syncInProgress && (React.createElement(CircularProgress, { size: 24, sx: {
+                    position: 'absolute',
+                    top: '50%',
+                    left: '50%',
+                    marginTop: '-12px',
+                    marginLeft: '-12px'
+                } })))));
+}
+async function signin(name, password, authState) {
+    const resp = await apiSignin(name, password);
+    authState.login(resp.id, resp.name, resp.email, resp.tempPassword);
+}
+function isValidEmail(s) {
+    return z.string().email().safeParse(s).success;
+}

package/dist/client/state/auth.d.ts

@@ -0,0 +1,12 @@
+import { AuthParam } from '../api/api';
+export declare class AuthState {
+    id: string | null;
+    name: string | null;
+    email: string | null;
+    tempPassword: string | null;
+    constructor();
+    logout(): void;
+    login(id: string, name: string, email: string, tempPassword: string): void;
+    get authParam(): AuthParam | null;
+}
+export declare function useAuthState(): AuthState;

package/dist/client/state/auth.js

@@ -0,0 +1,74 @@
+import { autorun, makeAutoObservable } from 'mobx';
+const AUTH_ID_KEY = 'AUTH_ID';
+const AUTH_NAME_KEY = 'AUTH_NAME';
+const AUTH_EMAIL_KEY = 'AUTH_EMAIL';
+const AUTH_TEMP_PASSWORD_KEY = 'AUTH_TEMP_PASSWORD';
+export class AuthState {
+    id = localStorage.getItem(AUTH_ID_KEY);
+    name = localStorage.getItem(AUTH_NAME_KEY);
+    email = localStorage.getItem(AUTH_EMAIL_KEY);
+    tempPassword = localStorage.getItem(AUTH_TEMP_PASSWORD_KEY);
+    constructor() {
+        makeAutoObservable(this);
+        autorun(() => {
+            if (this.id !== null) {
+                localStorage.setItem(AUTH_ID_KEY, this.id);
+            }
+            else {
+                localStorage.removeItem(AUTH_ID_KEY);
+            }
+        });
+        autorun(() => {
+            if (this.name !== null) {
+                localStorage.setItem(AUTH_NAME_KEY, this.name);
+            }
+            else {
+                localStorage.removeItem(AUTH_NAME_KEY);
+            }
+        });
+        autorun(() => {
+            if (this.email !== null) {
+                localStorage.setItem(AUTH_EMAIL_KEY, this.email);
+            }
+            else {
+                localStorage.removeItem(AUTH_EMAIL_KEY);
+            }
+        });
+        autorun(() => {
+            if (this.tempPassword !== null) {
+                localStorage.setItem(AUTH_TEMP_PASSWORD_KEY, this.tempPassword);
+            }
+            else {
+                localStorage.removeItem(AUTH_TEMP_PASSWORD_KEY);
+            }
+        });
+    }
+    logout() {
+        this.id = null;
+        this.name = null;
+        this.email = null;
+        this.tempPassword = null;
+    }
+    login(id, name, email, tempPassword) {
+        this.id = id;
+        this.name = name;
+        this.email = email;
+        this.tempPassword = tempPassword;
+    }
+    get authParam() {
+        if (this.id === null || this.tempPassword === null) {
+            return null;
+        }
+        return {
+            userId: this.id,
+            tempPassword: this.tempPassword
+        };
+    }
+}
+let state = null;
+export function useAuthState() {
+    if (state === null) {
+        state = new AuthState();
+    }
+    return state;
+}

package/dist/client/sync.d.ts

@@ -0,0 +1,13 @@
+import { DateTime } from 'luxon';
+import { API_COMPARISON_OBJECT_SCHEMA_V0, ApiItemsResponseV0 } from '../shared/api/sync';
+export declare function syncItems<T extends {
+    id: string;
+    lastModified: DateTime<true>;
+}>({ getRemoteLastModified, localItems, pushRemote, getRemote, pushLocal, lastSyncDate }: {
+    getRemoteLastModified: () => Promise<ApiItemsResponseV0<typeof API_COMPARISON_OBJECT_SCHEMA_V0>>;
+    localItems: readonly T[];
+    pushRemote: (items: readonly T[]) => Promise<void>;
+    getRemote: (ids: readonly string[]) => Promise<T[]>;
+    pushLocal: (items: readonly T[]) => void;
+    lastSyncDate: DateTime<true> | null;
+}): Promise<void>;

package/dist/client/sync.js

@@ -0,0 +1,37 @@
+import { DateTime } from 'luxon';
+import { toValid } from '../shared/utils/datetime';
+export async function syncItems({ getRemoteLastModified, localItems, pushRemote, getRemote, pushLocal, lastSyncDate }) {
+    const remoteItems = (await getRemoteLastModified()).items;
+    const remoteItemsMap = Object.fromEntries(remoteItems.map(i => [i.id, toValid(DateTime.fromISO(i.lastModified, { zone: 'utc' }))]));
+    const itemsToGet = [];
+    const itemsToPush = [];
+    for (const i of localItems) {
+        const ri = remoteItemsMap[i.id];
+        if (ri === undefined) {
+            if (lastSyncDate === null || i.lastModified > lastSyncDate) {
+                itemsToPush.push(i);
+            }
+            continue;
+        }
+        if (ri.equals(i.lastModified)) {
+            continue;
+        }
+        if (ri < i.lastModified) {
+            itemsToPush.push(i);
+            continue;
+        }
+        itemsToGet.push(i.id);
+    }
+    const knownItems = new Set(localItems.map(i => i.id));
+    for (const { id } of remoteItems) {
+        if (!knownItems.has(id)) {
+            itemsToGet.push(id);
+        }
+    }
+    if (itemsToPush.length > 0) {
+        await pushRemote(itemsToPush);
+    }
+    if (itemsToGet.length > 0) {
+        pushLocal((await getRemote(itemsToGet)));
+    }
+}

package/dist/shared/api/auth.d.ts

@@ -0,0 +1,43 @@
+import { z } from 'zod';
+export declare const API_AUTH_RESPONSE_SCHEMA_V0: z.ZodObject<{
+    id: z.ZodString;
+    name: z.ZodString;
+    email: z.ZodString;
+    tempPassword: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    id: string;
+    name: string;
+    email: string;
+    tempPassword: string;
+}, {
+    id: string;
+    name: string;
+    email: string;
+    tempPassword: string;
+}>;
+export type ApiAuthResponseV0 = z.infer<typeof API_AUTH_RESPONSE_SCHEMA_V0>;
+export declare const API_SIGNUP_REQUEST_SCHEMA_V0: z.ZodObject<{
+    name: z.ZodString;
+    email: z.ZodString;
+    password: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    name: string;
+    email: string;
+    password: string;
+}, {
+    name: string;
+    email: string;
+    password: string;
+}>;
+export type ApiSignupRequestV0 = z.infer<typeof API_SIGNUP_REQUEST_SCHEMA_V0>;
+export declare const API_SIGNIN_REQUEST_SCHEMA_V0: z.ZodObject<{
+    name: z.ZodString;
+    password: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    name: string;
+    password: string;
+}, {
+    name: string;
+    password: string;
+}>;
+export type ApiSigninRequestV0 = z.infer<typeof API_SIGNIN_REQUEST_SCHEMA_V0>;

package/dist/shared/api/auth.js

@@ -0,0 +1,16 @@
+import { z } from 'zod';
+export const API_AUTH_RESPONSE_SCHEMA_V0 = z.object({
+    id: z.string().uuid(),
+    name: z.string(),
+    email: z.string().email(),
+    tempPassword: z.string()
+});
+export const API_SIGNUP_REQUEST_SCHEMA_V0 = z.object({
+    name: z.string(),
+    email: z.string().email(),
+    password: z.string()
+});
+export const API_SIGNIN_REQUEST_SCHEMA_V0 = z.object({
+    name: z.string(),
+    password: z.string()
+});

package/dist/shared/api/sync.d.ts

@@ -0,0 +1,43 @@
+import z, { ZodType } from 'zod';
+export declare const API_GET_OBJECTS_QUERY_STRING_SCHEMA_V0: z.ZodObject<{
+    syncAfter: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    syncAfter?: string | undefined;
+}, {
+    syncAfter?: string | undefined;
+}>;
+export declare function API_ITEMS_RESPONSE_SCHEMA_V0<T extends ZodType>(itemsSchema: T): z.ZodReadonly<z.ZodObject<{
+    items: z.ZodReadonly<z.ZodArray<T, "many">>;
+}, "strip", z.ZodTypeAny, {
+    items: readonly T["_output"][];
+}, {
+    items: readonly T["_input"][];
+}>>;
+export type ApiItemsResponseV0<T extends ZodType> = z.infer<ReturnType<typeof API_ITEMS_RESPONSE_SCHEMA_V0<T>>>;
+export declare const API_GET_OBJECTS_REQUEST_SCHEMA_V0: z.ZodReadonly<z.ZodObject<{
+    ids: z.ZodReadonly<z.ZodArray<z.ZodString, "many">>;
+}, "strip", z.ZodTypeAny, {
+    ids: readonly string[];
+}, {
+    ids: readonly string[];
+}>>;
+export type ApiGetObjectsRequestV0 = z.infer<typeof API_GET_OBJECTS_REQUEST_SCHEMA_V0>;
+export declare const API_COMPARISON_OBJECT_SCHEMA_V0: z.ZodObject<{
+    id: z.ZodString;
+    lastModified: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    lastModified: string;
+    id: string;
+}, {
+    lastModified: string;
+    id: string;
+}>;
+export type ApiComparisonObjectV0 = z.infer<typeof API_COMPARISON_OBJECT_SCHEMA_V0>;
+export declare function API_ITEMS_REQUEST_SCHEMA_V0<T extends ZodType>(itemsSchema: T): z.ZodReadonly<z.ZodObject<{
+    items: z.ZodReadonly<z.ZodArray<T, "many">>;
+}, "strip", z.ZodTypeAny, {
+    items: readonly T["_output"][];
+}, {
+    items: readonly T["_input"][];
+}>>;
+export type ApiItemsRequestV0<T extends ZodType> = z.infer<ReturnType<typeof API_ITEMS_REQUEST_SCHEMA_V0<T>>>;

package/dist/shared/api/sync.js

@@ -0,0 +1,21 @@
+import z from 'zod';
+export const API_GET_OBJECTS_QUERY_STRING_SCHEMA_V0 = z.object({
+    syncAfter: z.string().datetime().optional()
+});
+export function API_ITEMS_RESPONSE_SCHEMA_V0(itemsSchema) {
+    return z.object({
+        items: z.array(itemsSchema).readonly()
+    }).readonly();
+}
+export const API_GET_OBJECTS_REQUEST_SCHEMA_V0 = z.object({
+    ids: z.array(z.string().uuid()).min(1).readonly()
+}).readonly();
+export const API_COMPARISON_OBJECT_SCHEMA_V0 = z.object({
+    id: z.string().uuid(),
+    lastModified: z.string().datetime()
+});
+export function API_ITEMS_REQUEST_SCHEMA_V0(itemsSchema) {
+    return z.object({
+        items: z.array(itemsSchema).min(1).readonly()
+    }).readonly();
+}

package/dist/shared/utils/datetime.d.ts

@@ -0,0 +1,3 @@
+import { DateTime } from 'luxon';
+export declare function toValid(datetime: DateTime): DateTime<true>;
+export declare function utcToday(): DateTime<true>;

package/dist/shared/utils/datetime.js

@@ -0,0 +1,15 @@
+import { DateTime } from 'luxon';
+export function toValid(datetime) {
+    if (!datetime.isValid) {
+        throw Error('Invalid DateTime');
+    }
+    return datetime;
+}
+export function utcToday() {
+    const local = DateTime.local();
+    const utc = DateTime.utc(local.year, local.month, local.day);
+    if (!utc.isValid) {
+        throw Error('Invalid DateTime');
+    }
+    return utc;
+}

package/package.json

@@ -0,0 +1,65 @@
+{
+    "name": "rlz-engine",
+    "version": "0.0.1",
+    "description": "Deps and tools for my style of development",
+    "scripts": {
+        "build": "tsc"
+    },
+    "author": "Dmitry Maslennikov <maslennikovdm@gmail.com>",
+    "license": "ISC",
+    "homepage": "https://github.com/rlz/rlz-engine",
+    "bugs": {
+        "url": "https://github.com/rlz/rlz-engine/issues"
+    },
+    "repository": {
+        "type": "git",
+        "url": "git+https://github.com/rlz/rlz-engine.git"
+    },
+    "type": "module",
+    "files": [
+        "dist"
+    ],
+    "devDependencies": {
+        "@stylistic/eslint-plugin": "^2.11.0",
+        "@types/luxon": "^3.4.2",
+        "@types/node": "^22.10.1",
+        "@typescript-eslint/parser": "^8.16.0",
+        "eslint": "^9.16.0",
+        "eslint-plugin-simple-import-sort": "^12.1.1",
+        "tsx": "^4.19.2",
+        "typescript": "^5.7.2",
+        "typescript-eslint": "^8.16.0"
+    },
+    "dependencies": {
+        "@emotion/react": "^11.14.0",
+        "@emotion/styled": "^11.14.0",
+        "@fastify/compress": "^8.0.1",
+        "@fastify/cors": "^10.0.1",
+        "@fastify/response-validation": "^3.0.2",
+        "@fastify/sensible": "^6.0.1",
+        "@fastify/static": "^8.0.3",
+        "@mui/icons-material": "^6.3.0",
+        "@mui/material": "^6.3.0",
+        "@types/react": "^19.0.2",
+        "@types/react-dom": "^19.0.2",
+        "@types/react-router-dom": "^5.3.3",
+        "acme-client": "^5.4.0",
+        "ajv-formats": "^3.0.1",
+        "fastify": "^5.1.0",
+        "fastify-acme": "^1.0.5",
+        "fastify-plugin": "^5.0.1",
+        "iterator-helpers-polyfill": "^3.0.1",
+        "luxon": "^3.5.0",
+        "mobx": "^6.13.5",
+        "mobx-react-lite": "^4.1.0",
+        "mongodb": "^6.12.0",
+        "pino": "^9.5.0",
+        "pino-pretty": "^13.0.0",
+        "react": "^19.0.0",
+        "react-dom": "^19.0.0",
+        "react-router-dom": "^7.1.1",
+        "uuidv7": "^1.0.2",
+        "zod": "^3.23.8",
+        "zod-to-json-schema": "^3.23.5"
+    }
+}