npm - stackkit - Versions diffs - 0.3.5 → 0.3.6 - Mend

stackkit 0.3.5 → 0.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (192) hide show

package/modules/auth/better-auth/files/{shared → express}/config/env.ts RENAMED Viewed

@@ -1,22 +1,25 @@
-{{#if framework == "express" }}
 import dotenv from "dotenv";
 import status from "http-status";
 import path from "path";
 import { AppError } from "../shared/errors/app-error";
 dotenv.config({ path: path.join(process.cwd(), ".env") });
-{{/if}}
 interface EnvConfig {
+  NODE_ENV: string;
+  PORT: string;
   APP_NAME?: string;
   APP_URL: string;
-  {{#if framework == "nextjs"}}
-  API_URL: string;
-  {{/if}}
   DATABASE_URL: string;
   FRONTEND_URL: string;
   BETTER_AUTH_URL: string;
   BETTER_AUTH_SECRET: string;
+  BETTER_AUTH_SESSION_TOKEN_EXPIRES_IN: string;
+  BETTER_AUTH_SESSION_TOKEN_UPDATE_AGE: string;
+  ACCESS_TOKEN_SECRET: string;
+  ACCESS_TOKEN_EXPIRES_IN: string;
+  REFRESH_TOKEN_SECRET: string;
+  REFRESH_TOKEN_EXPIRES_IN: string;
   GOOGLE_CLIENT_ID: string;
   GOOGLE_CLIENT_SECRET: string;
   GOOGLE_CALLBACK_URL: string;
@@ -27,28 +30,32 @@ interface EnvConfig {
     SMTP_PORT: string;
     SMTP_FROM: string;
   };
-  {{#if framework == "express" }}
-  NODE_ENV: string;
-  PORT: string;
-  BETTER_AUTH_SESSION_TOKEN_EXPIRES_IN: string;
-  BETTER_AUTH_SESSION_TOKEN_UPDATE_AGE: string;
-  ACCESS_TOKEN_SECRET: string;
-  ACCESS_TOKEN_EXPIRES_IN: string;
-  REFRESH_TOKEN_SECRET: string;
-  REFRESH_TOKEN_EXPIRES_IN: string;
+  {{#if storageProvider == "cloudinary"}}
+  CLOUDINARY: {
+    CLOUDINARY_CLOUD_NAME: string;
+    CLOUDINARY_API_KEY: string;
+    CLOUDINARY_API_SECRET: string;
+    CLOUDINARY_UPLOAD_PRESET: string;
+  };
   {{/if}}
 }
 const loadEnvVars = (): EnvConfig => {
   const requiredEnvVars = [
+    "NODE_ENV",
+    "PORT",
+    "APP_NAME",
     "APP_URL",
-    {{#if framework == "nextjs"}}
-    "API_URL",
-    {{/if}}
     "DATABASE_URL",
     "FRONTEND_URL",
     "BETTER_AUTH_URL",
     "BETTER_AUTH_SECRET",
+    "BETTER_AUTH_SESSION_TOKEN_EXPIRES_IN",
+    "BETTER_AUTH_SESSION_TOKEN_UPDATE_AGE",
+    "ACCESS_TOKEN_SECRET",
+    "ACCESS_TOKEN_EXPIRES_IN",
+    "REFRESH_TOKEN_SECRET",
+    "REFRESH_TOKEN_EXPIRES_IN",
     "GOOGLE_CLIENT_ID",
     "GOOGLE_CLIENT_SECRET",
     "GOOGLE_CALLBACK_URL",
@@ -57,43 +64,40 @@ const loadEnvVars = (): EnvConfig => {
     "EMAIL_SENDER_SMTP_HOST",
     "EMAIL_SENDER_SMTP_PORT",
     "EMAIL_SENDER_SMTP_FROM",
-    {{#if framework == "express" }}
-    "NODE_ENV",
-    "PORT",
-    "BETTER_AUTH_SESSION_TOKEN_EXPIRES_IN",
-    "BETTER_AUTH_SESSION_TOKEN_UPDATE_AGE",
-    "ACCESS_TOKEN_SECRET",
-    "ACCESS_TOKEN_EXPIRES_IN",
-    "REFRESH_TOKEN_SECRET",
-    "REFRESH_TOKEN_EXPIRES_IN",
+    {{#if storageProvider == "cloudinary"}}
+    "CLOUDINARY_CLOUD_NAME",
+    "CLOUDINARY_API_KEY",
+    "CLOUDINARY_API_SECRET",
+    "CLOUDINARY_UPLOAD_PRESET",
     {{/if}}
   ];
   requiredEnvVars.forEach((varName) => {
     if (!process.env[varName]) {
-      {{#if framework == "express" }}
       throw new AppError(
         status.INTERNAL_SERVER_ERROR,
         `Environment variable ${varName} is required but not set in .env file.`,
       );
-      {{else}}
-      throw new Error(
-        `Environment variable ${varName} is required but not defined.`,
-      );
-      {{/if}}
     }
   });
   return {
-    {{#if framework == "nextjs"}}
-    APP_NAME: process.env.NEXT_PUBLIC_APP_NAME ?? "Your App",
-    APP_URL: process.env.NEXT_PUBLIC_APP_URL as string,
-    API_URL: process.env.NEXT_PUBLIC_API_URL as string,
-    {{/if}}
+    NODE_ENV: process.env.NODE_ENV as string,
+    PORT: process.env.PORT as string,
+    APP_NAME: process.env.APP_NAME ?? "Your App",
+    APP_URL: process.env.APP_URL as string,
     DATABASE_URL: process.env.DATABASE_URL as string,
     FRONTEND_URL: process.env.FRONTEND_URL as string,
     BETTER_AUTH_URL: process.env.BETTER_AUTH_URL as string,
     BETTER_AUTH_SECRET: process.env.BETTER_AUTH_SECRET as string,
+    BETTER_AUTH_SESSION_TOKEN_EXPIRES_IN: process.env
+      .BETTER_AUTH_SESSION_TOKEN_EXPIRES_IN as string,
+    BETTER_AUTH_SESSION_TOKEN_UPDATE_AGE: process.env
+      .BETTER_AUTH_SESSION_TOKEN_UPDATE_AGE as string,
+    ACCESS_TOKEN_SECRET: process.env.ACCESS_TOKEN_SECRET as string,
+    ACCESS_TOKEN_EXPIRES_IN: process.env.ACCESS_TOKEN_EXPIRES_IN as string,
+    REFRESH_TOKEN_SECRET: process.env.REFRESH_TOKEN_SECRET as string,
+    REFRESH_TOKEN_EXPIRES_IN: process.env.REFRESH_TOKEN_EXPIRES_IN as string,
     GOOGLE_CLIENT_ID: process.env.GOOGLE_CLIENT_ID as string,
     GOOGLE_CLIENT_SECRET: process.env.GOOGLE_CLIENT_SECRET as string,
     GOOGLE_CALLBACK_URL: process.env.GOOGLE_CALLBACK_URL as string,
@@ -104,19 +108,13 @@ const loadEnvVars = (): EnvConfig => {
       SMTP_PORT: process.env.EMAIL_SENDER_SMTP_PORT as string,
       SMTP_FROM: process.env.EMAIL_SENDER_SMTP_FROM as string,
     },
-    {{#if framework == "express" }}
-    APP_NAME: process.env.APP_NAME ?? "Your App",
-    APP_URL: process.env.APP_URL as string,
-    NODE_ENV: process.env.NODE_ENV as string,
-    PORT: process.env.PORT as string,
-    BETTER_AUTH_SESSION_TOKEN_EXPIRES_IN: process.env
-      .BETTER_AUTH_SESSION_TOKEN_EXPIRES_IN as string,
-    BETTER_AUTH_SESSION_TOKEN_UPDATE_AGE: process.env
-      .BETTER_AUTH_SESSION_TOKEN_UPDATE_AGE as string,
-    ACCESS_TOKEN_SECRET: process.env.ACCESS_TOKEN_SECRET as string,
-    ACCESS_TOKEN_EXPIRES_IN: process.env.ACCESS_TOKEN_EXPIRES_IN as string,
-    REFRESH_TOKEN_SECRET: process.env.REFRESH_TOKEN_SECRET as string,
-    REFRESH_TOKEN_EXPIRES_IN: process.env.REFRESH_TOKEN_EXPIRES_IN as string,
+    {{#if storageProvider == "cloudinary"}}
+    CLOUDINARY: {
+      CLOUDINARY_CLOUD_NAME: process.env.CLOUDINARY_CLOUD_NAME as string,
+      CLOUDINARY_API_KEY: process.env.CLOUDINARY_API_KEY as string,
+      CLOUDINARY_API_SECRET: process.env.CLOUDINARY_API_SECRET as string,
+      CLOUDINARY_UPLOAD_PRESET: process.env.CLOUDINARY_UPLOAD_PRESET as string,
+    },
     {{/if}}
   };
 };

package/modules/auth/better-auth/files/express/middlewares/authorize.ts CHANGED Viewed

@@ -9,6 +9,7 @@ import { Role, UserStatus } from "@prisma/client";
 import { prisma } from "../../database/prisma";
 {{/if}}
 {{#if database == "mongoose"}}
+import { Types } from "mongoose";
 import { Role, UserStatus } from "../../modules/auth/auth.constants";
 import { getAuthCollections } from "../../modules/auth/auth.helper";
 {{/if}}
@@ -56,7 +57,7 @@ export const authorize = (...authRoles: AuthRole[]) =>
         const user = sessionExists
           ? await users.findOne({
-              id: sessionExists.userId,
+              _id: new Types.ObjectId(sessionExists.userId),
             })
           : null;
         {{/if}}
@@ -185,6 +186,24 @@ export const authorize = (...authRoles: AuthRole[]) =>
         );
       }
+      if (!req.user) {
+        const tokenData = verifiedToken.data!;
+        req.user = {
+          id: String(tokenData.userId || tokenData.id || ""),
+          name: String(tokenData.name || ""),
+          email: String(tokenData.email || ""),
+          role: (tokenData.role as Role) || Role.USER,
+        };
+      }
+      if (!req.user?.id) {
+        throw new AppError(
+          status.UNAUTHORIZED,
+          "Unauthorized access! User information is missing in the token.",
+        );
+      }
       next();
     } catch (error: unknown) {
       next(error);

package/modules/auth/better-auth/files/express/modules/auth.controller.ts ADDED Viewed

@@ -0,0 +1,349 @@
+import { Request, Response } from "express";
+import status from "http-status";
+import { envVars } from "../../config/env";
+import { auth } from "../../lib/auth";
+import { AppError } from "../../shared/errors/app-error";
+import { catchAsync } from "../../shared/utils/catch-async";
+import { cookieUtils } from "../../shared/utils/cookie";
+import { sendResponse } from "../../shared/utils/send-response";
+import { tokenUtils } from "../../shared/utils/token";
+import { authService } from "./auth.service";
+import type { NeedsVerification, SocialProvider } from "./auth.type";
+const getSocialAuthPayload = (
+  provider: SocialProvider,
+  redirectPath: string,
+) => {
+  const authBaseUrl = envVars.APP_URL || envVars.BETTER_AUTH_URL;
+  const encodedRedirectPath = encodeURIComponent(redirectPath);
+  const callbackURL = `${authBaseUrl}/api/v1/auth/${provider}/success?redirect=${encodedRedirectPath}`;
+  const signInEndpoint = `/api/auth/sign-in/social`;
+  return {
+    provider,
+    callbackURL,
+    signInEndpoint,
+  };
+};
+const registerUser = catchAsync(async (req: Request, res: Response) => {
+  const payload = req.body;
+  const result = await authService.registerUser(payload);
+  const { accessToken, refreshToken, token, ...rest } = result;
+  tokenUtils.setAccessTokenCookie(res, accessToken);
+  tokenUtils.setRefreshTokenCookie(res, refreshToken);
+  tokenUtils.setBetterAuthSessionCookie(res, token as string);
+  sendResponse(res, {
+    status: status.CREATED,
+    success: true,
+    message: "User registered successfully",
+    data: {
+      token,
+      accessToken,
+      refreshToken,
+      ...rest,
+    },
+  });
+});
+const loginUser = catchAsync(async (req: Request, res: Response) => {
+  const payload = req.body;
+  const result = await authService.loginUser(payload);
+  if ((result as NeedsVerification)?.needsVerification) {
+    const n = result as NeedsVerification;
+    return sendResponse(res, {
+      status: status.FORBIDDEN,
+      success: false,
+      message: "Email not verified",
+      data: { email: n.email },
+    });
+  }
+  const { accessToken, refreshToken, token, ...rest } =
+    result as unknown as Record<string, unknown>;
+  if (typeof token !== "string") {
+    throw new AppError(
+      status.INTERNAL_SERVER_ERROR,
+      "Session token is missing",
+    );
+  }
+  if (typeof accessToken !== "string" || typeof refreshToken !== "string") {
+    throw new AppError(status.INTERNAL_SERVER_ERROR, "Auth tokens are missing");
+  }
+  tokenUtils.setAccessTokenCookie(res, accessToken);
+  tokenUtils.setRefreshTokenCookie(res, refreshToken);
+  tokenUtils.setBetterAuthSessionCookie(res, token);
+  sendResponse(res, {
+    status: status.OK,
+    success: true,
+    message: "User logged in successfully",
+    data: {
+      token,
+      accessToken,
+      refreshToken,
+      ...rest,
+    },
+  });
+});
+const getMe = catchAsync(
+    async (req: Request, res: Response) => {
+        const user = req.user;
+        const result = await authService.getMe(user);
+        sendResponse(res, {
+          status: status.OK,
+          success: true,
+          message: "User profile fetched successfully",
+          data: result,
+        });
+    }
+)
+const updateProfile = catchAsync(async (req: Request, res: Response) => {
+  const { name, image } = req.body as { name?: string; image?: string };
+  const user = req.user;
+  const result = await authService.updateProfile(user, { name, image });
+  sendResponse(res, {
+    status: status.OK,
+    success: true,
+    message: "Profile updated successfully",
+    data: result,
+  });
+});
+const getNewToken = catchAsync(
+    async (req: Request, res: Response) => {
+        const refreshToken = req.cookies.refreshToken;
+        const betterAuthSessionToken = req.cookies["better-auth.session_token"];
+        if (!refreshToken) {
+            throw new AppError(status.UNAUTHORIZED, "Refresh token is missing");
+        }
+        const result = await authService.getNewToken(refreshToken, betterAuthSessionToken);
+        const { accessToken, refreshToken: newRefreshToken, sessionToken } = result;
+        tokenUtils.setAccessTokenCookie(res, accessToken);
+        tokenUtils.setRefreshTokenCookie(res, newRefreshToken);
+        tokenUtils.setBetterAuthSessionCookie(res, sessionToken);
+        sendResponse(res, {
+          status: status.OK,
+          success: true,
+          message: "New tokens generated successfully",
+          data: {
+            accessToken,
+            refreshToken: newRefreshToken,
+            sessionToken,
+          },
+        });
+    }
+)
+const changePassword = catchAsync(
+    async (req: Request, res: Response) => {
+        const payload = req.body;
+        const betterAuthSessionToken = req.cookies["better-auth.session_token"];
+        const result = await authService.changePassword(payload, betterAuthSessionToken);
+        const { accessToken, refreshToken, token } = result;
+        tokenUtils.setAccessTokenCookie(res, accessToken);
+        tokenUtils.setRefreshTokenCookie(res, refreshToken);
+        tokenUtils.setBetterAuthSessionCookie(res, token as string);
+        sendResponse(res, {
+          status: status.OK,
+          success: true,
+          message: "Password changed successfully",
+          data: result,
+        });
+    }
+)
+const logoutUser = catchAsync(
+    async (req: Request, res: Response) => {
+        const betterAuthSessionToken = req.cookies["better-auth.session_token"];
+        const result = await authService.logoutUser(betterAuthSessionToken);
+        cookieUtils.clearCookie(res, 'accessToken', {
+            httpOnly: true,
+            secure: true,
+            sameSite: "none",
+        });
+        cookieUtils.clearCookie(res, 'refreshToken', {
+            httpOnly: true,
+            secure: true,
+            sameSite: "none",
+        });
+        cookieUtils.clearCookie(res, 'better-auth.session_token', {
+            httpOnly: true,
+            secure: true,
+            sameSite: "none",
+        });
+        sendResponse(res, {
+          status: status.OK,
+          success: true,
+          message: "User logged out successfully",
+          data: result,
+        });
+    }
+)
+const verifyEmail = catchAsync(
+    async (req: Request, res: Response) => {
+        const { email, otp } = req.body;
+        await authService.verifyEmail(email, otp);
+        sendResponse(res, {
+          status: status.OK,
+          success: true,
+          message: "Email verified successfully",
+        });
+    }
+)
+const resendOTP = catchAsync(async (req: Request, res: Response) => {
+  const { email } = req.body;
+  await authService.resendOTP(email);
+  sendResponse(res, {
+    status: status.OK,
+    success: true,
+    message: "Verification OTP resent successfully",
+  });
+});
+const forgetPassword = catchAsync(
+    async (req: Request, res: Response) => {
+        const { email } = req.body;
+        await authService.forgetPassword(email);
+        sendResponse(res, {
+          status: status.OK,
+          success: true,
+          message: "Password reset OTP sent to email successfully",
+        });
+    }
+)
+const resetPassword = catchAsync(async (req: Request, res: Response) => {
+  const { email, otp, newPassword } = req.body;
+  await authService.resetPassword(email, otp, newPassword);
+  sendResponse(res, {
+    status: status.OK,
+    success: true,
+    message: "Password reset successfully",
+  });
+});
+const SUPPORTED_PROVIDERS: SocialProvider[] = [
+  "google",
+  "github",
+  "facebook",
+  "twitter",
+  "discord",
+];
+const socialLogin = catchAsync((req: Request, res: Response) => {
+  const provider = req.params.provider as SocialProvider;
+  const redirectPath = (req.query.redirect as string) || "/dashboard";
+  if (!SUPPORTED_PROVIDERS.includes(provider)) {
+    throw new AppError(
+      status.BAD_REQUEST,
+      `Unsupported social provider: ${provider}`,
+    );
+  }
+  const payload = getSocialAuthPayload(provider, redirectPath);
+  return sendResponse(res, {
+    status: status.OK,
+    success: true,
+    message: `${provider} login payload generated successfully`,
+    data: payload,
+  });
+});
+const socialLoginSuccess = catchAsync(async (req: Request, res: Response) => {
+  const provider = req.params.provider || "google";
+  const redirectPath = (req.query.redirect as string) || "/dashboard";
+  const isValidRedirectPath =
+    redirectPath.startsWith("/") && !redirectPath.startsWith("//");
+  const finalRedirectPath = isValidRedirectPath ? redirectPath : "/dashboard";
+  const sessionToken = req.cookies["better-auth.session_token"];
+  if (!sessionToken) {
+    return res.redirect(`${envVars.FRONTEND_URL}/login?error=oauth_failed`);
+  }
+  const session = await auth.api.getSession({
+    headers: {
+      Cookie: `better-auth.session_token=${sessionToken}`,
+    },
+  });
+  if (!session?.user) {
+    return res.redirect(`${envVars.FRONTEND_URL}/login?error=oauth_failed`);
+  }
+  let accessToken: string;
+  let refreshToken: string;
+  try {
+    const result = await authService.socialLoginSuccess(session);
+    accessToken = result.accessToken;
+    refreshToken = result.refreshToken;
+  } catch (error) {
+    const message =
+      error instanceof AppError
+        ? encodeURIComponent(error?.message)
+        : "oauth_failed";
+    return res.redirect(`${envVars.FRONTEND_URL}/login?error=${message}`);
+  }
+  const callbackUrl = new URL(
+    `${envVars.FRONTEND_URL}/api/auth/callback/${provider}`,
+  );
+  callbackUrl.searchParams.set("accessToken", accessToken);
+  callbackUrl.searchParams.set("refreshToken", refreshToken);
+  callbackUrl.searchParams.set("token", sessionToken);
+  callbackUrl.searchParams.set("redirect", finalRedirectPath);
+  res.redirect(callbackUrl.toString());
+});
+const handleOAuthError = catchAsync((req: Request, res: Response) => {
+    const error = req.query.error as string || "oauth_failed";
+    res.redirect(`${envVars.FRONTEND_URL}/login?error=${error}`);
+})
+export const authController = {
+  registerUser,
+  loginUser,
+  getMe,
+  updateProfile,
+  getNewToken,
+  changePassword,
+  logoutUser,
+  verifyEmail,
+  resendOTP,
+  forgetPassword,
+  resetPassword,
+  socialLogin,
+  socialLoginSuccess,
+  handleOAuthError,
+};

package/modules/auth/better-auth/files/express/modules/{auth/auth.route.ts → auth.route.ts} RENAMED Viewed

@@ -2,7 +2,7 @@
 import { Role } from "@prisma/client";
 {{/if}}
 {{#if database == "mongoose"}}
-import { Role } from './auth.constants';
+import { Role } from "./auth.constants";
 {{/if}}
 import { Router } from "express";
 import { authorize } from "../../shared/middlewares/authorize.middleware";
@@ -19,9 +19,14 @@ router.post("/logout", authorize(Role.ADMIN, Role.USER), authController.logoutUs
 router.post("/verify-email", authController.verifyEmail)
 router.post("/forget-password", authController.forgetPassword)
 router.post("/reset-password", authController.resetPassword)
-router.get("/login/google", authController.googleLogin);
-router.get("/google/success", authController.googleLoginSuccess);
+router.post("/resend-otp", authController.resendOTP);
+router.get("/login/:provider", authController.socialLogin);
+router.get("/:provider/success", authController.socialLoginSuccess);
 router.get("/oauth/error", authController.handleOAuthError);
+router.patch(
+  "/profile",
+  authorize(Role.ADMIN, Role.USER),
+  authController.updateProfile,
+);
 export const authRoutes = router;