npm - stackkit - Versions diffs - 0.2.8 → 0.2.9 - Mend

stackkit 0.2.8 → 0.2.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (61) hide show

package/modules/auth/better-auth/files/shared/lib/auth.ts CHANGED Viewed

@@ -1,46 +1,42 @@
+import { Role, UserStatus } from "@prisma/client";
 import { betterAuth } from "better-auth";
+import { bearer, emailOTP } from "better-auth/plugins";
 {{#if combo == "prisma:express"}}
-import { sendEmail } from "../../shared/email/email-service";
-import {
-  getPasswordResetEmailTemplate,
-  getVerificationEmailTemplate,
-} from "../../shared/email/email-templates";
-import { prisma } from "../../database/prisma";
+import { envVars } from "../config/env";
+import { sendEmail } from "../shared/utils/email";
+import { prisma } from "../database/prisma";
 import { prismaAdapter } from "better-auth/adapters/prisma";
 {{/if}}
 {{#if combo == "prisma:nextjs"}}
-import { getPasswordResetEmailTemplate, getVerificationEmailTemplate } from "../service/email/email-templates";
 import { sendEmail } from "../service/email/email-service";
 import { prisma } from "../database/prisma";
+import { envVars } from "@/lib/env";
 import { prismaAdapter } from "better-auth/adapters/prisma";
 {{/if}}
 {{#if combo == "mongoose:express"}}
+import { envVars } from "../config/env";
 import { sendEmail } from "../../shared/email/email-service";
-import {
-  getPasswordResetEmailTemplate,
-  getVerificationEmailTemplate,
-} from "../../shared/email/email-templates";
 import { mongoose } from "../../database/mongoose";
 import { mongodbAdapter } from "better-auth/adapters/mongodb";
 {{/if}}
 {{#if combo == "mongoose:nextjs"}}
-import { getPasswordResetEmailTemplate, getVerificationEmailTemplate } from "../service/email/email-templates";
 import { sendEmail } from "../service/email/email-service";
 import { mongoose } from "../database/mongoose";
+import { envVars } from "@/lib/env";
 import { mongodbAdapter } from "better-auth/adapters/mongodb";
 {{/if}}
-export async function initAuth() {
 {{#if database == "mongoose"}}
+export async function initAuth() {
 const mongooseInstance = await mongoose();
 const client = mongooseInstance.connection.getClient();
 const db = client.db();
 {{/if}}
-return betterAuth({
+{{#if database == "mongoose"}}return{{else}}export const auth = {{/if}} betterAuth({
 {{#if database == "prisma"}}
   database: prismaAdapter(prisma, {
     provider: "{{prismaProvider}}",
@@ -49,76 +45,169 @@ return betterAuth({
 {{#if database == "mongoose"}}
   database: mongodbAdapter(db, { client }),
 {{/if}}
-  baseURL: process.env.BETTER_AUTH_URL,
-  secret: process.env.BETTER_AUTH_SECRET,
-  trustedOrigins: [process.env.APP_URL!],
-  user: {
-    additionalFields: {
-      role: {
-        type: "string",
-        defaultValue: "USER",
-        required: true,
-      },
-    },
-  },
+  baseURL: envVars.BETTER_AUTH_URL,
+  secret: envVars.BETTER_AUTH_SECRET,
+  trustedOrigins: [
+    envVars.FRONTEND_URL || envVars.BETTER_AUTH_URL || "http://localhost:3000",
+  ],
   emailAndPassword: {
     enabled: true,
     requireEmailVerification: true,
-    sendResetPassword: async ({ user, url }) => {
-    const { html, text } = getPasswordResetEmailTemplate(user, url);
-      await sendEmail({
-        to: user.email,
-        subject: "Reset Your Password",
-        text,
-        html,
-      });
-    },
   },
   socialProviders: {
     google: {
-      accessType: "offline",
+      clientId: envVars.GOOGLE_CLIENT_ID as string,
+      clientSecret: envVars.GOOGLE_CLIENT_SECRET as string,
+      accessType: "offline",
       prompt: "select_account consent",
-      clientId: process.env.GOOGLE_CLIENT_ID as string,
-      clientSecret: process.env.GOOGLE_CLIENT_SECRET as string,
+      mapProfileToUser: () => {
+        return {
+          role: Role.USER,
+          status: UserStatus.ACTIVE,
+          needPasswordChange: false,
+          emailVerified: true,
+          isDeleted: false,
+          deletedAt: null,
+        };
+      },
     },
   },
   emailVerification: {
-    sendVerificationEmail: async ({ user, url }) => {
-      const { html, text } = getVerificationEmailTemplate(user, url);
-      await sendEmail({
-        to: user.email,
-        subject: "Verify Your Email Address",
-        text,
-        html,
-      });
-    },
+    sendOnSignUp: true,
     sendOnSignIn: true,
+    autoSignInAfterVerification: true,
   },
-  rateLimit: {
-    window: 10,
-    max: 100,
-  },
-  account: {
-    accountLinking: {
-      enabled: true,
-      trustedProviders: ["google"],
+  user: {
+    additionalFields: {
+      role: {
+        type: "string",
+        required: true,
+        defaultValue: Role.USER,
+      },
+      status: {
+        type: "string",
+        required: true,
+        defaultValue: UserStatus.ACTIVE,
+      },
+      needPasswordChange: {
+        type: "boolean",
+        required: true,
+        defaultValue: false,
+      },
+      isDeleted: {
+        type: "boolean",
+        required: true,
+        defaultValue: false,
+      },
+      deletedAt: {
+        type: "date",
+        required: false,
+        defaultValue: null,
+      },
     },
   },
+  plugins: [
+    bearer(),
+    emailOTP({
+      overrideDefaultEmailVerification: true,
+      async sendVerificationOTP({ email, otp, type }) {
+        if (type === "email-verification") {
+          const user = await prisma.user.findUnique({
+            where: {
+              email,
+            },
+          });
+          if (!user) {
+            console.error(
+              `User with email ${email} not found. Cannot send verification OTP.`,
+            );
+            return;
+          }
+          if (user && user.role === Role.SUPER_ADMIN) {
+            console.log(
+              `User with email ${email} is a super admin. Skipping sending verification OTP.`,
+            );
+            return;
+          }
+          if (user && !user.emailVerified) {
+            sendEmail({
+              to: email,
+              subject: "Verify your email",
+              templateName: "otp",
+              templateData: {
+                name: user.name,
+                otp,
+              },
+            });
+          }
+        } else if (type === "forget-password") {
+          const user = await prisma.user.findUnique({
+            where: {
+              email,
+            },
+          });
+          if (user) {
+            sendEmail({
+              to: email,
+              subject: "Password Reset OTP",
+              templateName: "otp",
+              templateData: {
+                name: user.name,
+                otp,
+              },
+            });
+          }
+        }
+      },
+      expiresIn: 2 * 60, // 2 minutes in seconds
+      otpLength: 6,
+    }),
+  ],
   session: {
+    expiresIn: 60 * 60 * 60 * 24, // 1 day in seconds
+    updateAge: 60 * 60 * 60 * 24, // 1 day in seconds
     cookieCache: {
       enabled: true,
-      maxAge: 60 * 60 * 24 * 7,
+      maxAge: 60 * 60 * 60 * 24, // 1 day in seconds
+    },
+  },
+  redirectURLs: {
+    signIn: `${envVars.BETTER_AUTH_URL}/api/v1/auth/google/success`,
+  },
+  advanced: {
+    // disableCSRFCheck: true,
+    useSecureCookies: false,
+    cookies: {
+      state: {
+        attributes: {
+          sameSite: "none",
+          secure: true,
+          httpOnly: true,
+          path: "/",
+        },
+      },
+      sessionToken: {
+        attributes: {
+          sameSite: "none",
+          secure: true,
+          httpOnly: true,
+          path: "/",
+        },
+      },
     },
-    expiresIn: 60 * 60 * 24 * 7,
-    updateAge: 60 * 60 * 24,
-    cookieName: "better-auth.session_token",
-  }
+  },
  })
+{{#if database == "mongoose"}}
 };
-export let auth: any = undefined;
+export let auth: ReturnType<typeof betterAuth> | undefined = undefined;
 export async function setupAuth() {
   auth = await initAuth();
   return auth;
-}
+}
+{{/if}}

package/modules/auth/better-auth/files/shared/prisma/schema.prisma CHANGED Viewed

@@ -4,16 +4,20 @@
 {{#var defaultId = @default(cuid())}}
 {{/if}}
 model User {
-    id            String    @id {{defaultId}}
-    name          String
-    email         String
-    emailVerified Boolean   @default(false)
-    image         String?
-    createdAt     DateTime  @default(now())
-    updatedAt     DateTime  @updatedAt
-    sessions      Session[]
-    accounts      Account[]
-    role          Role    @default(USER)
+    id                 String     @id {{defaultId}}
+    name               String
+    email              String
+    emailVerified      Boolean    @default(false)
+    role               Role       @default(USER)
+    status             UserStatus @default(ACTIVE)
+    needPasswordChange Boolean    @default(false)
+    isDeleted          Boolean    @default(false)
+    deletedAt          DateTime?
+    image              String?
+    createdAt          DateTime   @default(now())
+    updatedAt          DateTime   @updatedAt
+    sessions           Session[]
+    accounts           Account[]
     @@unique([email])
     @@map("user")
@@ -67,6 +71,13 @@ model Verification {
 }
 enum Role {
-    USER
+    SUPER_ADMIN
     ADMIN
+    USER
+}
+enum UserStatus {
+    ACTIVE
+    BLOCKED
+    DELETED
 }

package/modules/auth/better-auth/files/shared/utils/email.ts ADDED Viewed

@@ -0,0 +1,71 @@
+import nodemailer from "nodemailer";
+{{#if framework == "express"}}
+import ejs from "ejs";
+import status from "http-status";
+import path from "path";
+import { envVars } from "../../config/env";
+import { AppError } from "../errors/app-error";
+{{/if}}
+{{#if framework == "nextjs"}}
+import nodemailer from "nodemailer";
+import { renderEmailTemplate } from "../email/otp-template";
+import { envVars } from "../env";
+{{/if}}
+const transporter = nodemailer.createTransport({
+  host: envVars.EMAIL_SENDER.SMTP_HOST,
+  secure: true,
+  auth: {
+    user: envVars.EMAIL_SENDER.SMTP_USER,
+    pass: envVars.EMAIL_SENDER.SMTP_PASS,
+  },
+  port: Number(envVars.EMAIL_SENDER.SMTP_PORT),
+});
+interface SendEmailOptions {
+  to: string;
+  subject: string;
+  templateName: string;
+  templateData: Record<string, string | number | boolean | object>;
+  attachments?: {
+    filename: string;
+    content: Buffer | string;
+    contentType: string;
+  }[];
+}
+export const sendEmail = async ({
+  subject,
+  templateData,
+  templateName,
+  to,
+  attachments,
+}: SendEmailOptions) => {
+  try {
+    {{#if framework == "express"}}
+        const templatePath = path.resolve(
+      process.cwd(),
+      `src/templates/${templateName}.ejs`,
+    );
+    const html = await ejs.renderFile(templatePath, templateData);
+    {{/if}}
+    {{#if framework == "nextjs"}}
+    const html = renderEmailTemplate(templateName, templateData);
+    {{/if}}
+    await transporter.sendMail({
+      from: envVars.EMAIL_SENDER.SMTP_FROM,
+      to: to,
+      subject: subject,
+      html: html,
+      attachments: attachments?.map((attachment) => ({
+        filename: attachment.filename,
+        content: attachment.content,
+        contentType: attachment.contentType,
+      })),
+    });
+  } catch {
+    throw new AppError(status.INTERNAL_SERVER_ERROR, "Failed to send email");
+  }
+};