npm - stackkit - Versions diffs - 0.3.5 → 0.3.6 - Mend

stackkit 0.3.5 → 0.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (192) hide show

package/modules/auth/better-auth/files/{shared/mongoose/auth/helper.ts → express/mongo-modules/auth.helper.ts} RENAMED Viewed

@@ -1,4 +1,5 @@
 import status from "http-status";
+import { Types } from "mongoose";
 import { getMongoDb, mongoose } from "../../database/mongoose";
 import { AppError } from "../../shared/errors/app-error";
@@ -27,6 +28,14 @@ export type AuthSessionDocument = {
   expiresAt?: Date;
 };
+export type AuthVerificationDocument = {
+  identifier: string;
+  value: string;
+  expiresAt?: Date;
+  createdAt?: Date;
+  updatedAt?: Date;
+};
 export const getAuthCollections = async () => {
   await mongoose();
@@ -36,6 +45,7 @@ export const getAuthCollections = async () => {
     return {
       users: db.collection<AuthUserDocument>("user"),
       sessions: db.collection<AuthSessionDocument>("session"),
+      verifications: db.collection<AuthVerificationDocument>("verification"),
     };
   } catch {
     throw new AppError(
@@ -47,5 +57,5 @@ export const getAuthCollections = async () => {
 export const deleteAuthUserById = async (id: string) => {
   const { users } = await getAuthCollections();
-  await users.deleteOne({ id });
+  await users.deleteOne({ _id: new Types.ObjectId(id) });
 };

package/modules/auth/better-auth/files/express/types/express.d.ts CHANGED Viewed

@@ -1,4 +1,10 @@
+{{#if database == "prisma"}}
 import { Role } from "@prisma/client";
+{{/if}}
+{{#if database == "mongoose"}}
+import { Role } from "../modules/auth/auth.constants";
+type AuthRole = (typeof Role)[keyof typeof Role];
+{{/if}}
 declare global {
     namespace Express {
@@ -7,7 +13,12 @@ declare global {
             id: string;
             name: string;
             email: string;
+            {{#if database == "prisma"}}
             role: Role;
+            {{/if}}
+            {{#if database == "mongoose"}}
+            role: AuthRole | string;
+            {{/if}}
           };
         }
     }

package/modules/auth/better-auth/files/nextjs/api-route.ts ADDED Viewed

@@ -0,0 +1,74 @@
+import { NextRequest, NextResponse } from "next/server";
+const SUPPORTED_PROVIDERS = [
+  "google",
+  "github",
+  "facebook",
+  "twitter",
+  "discord",
+];
+export async function GET(
+  request: NextRequest,
+  { params }: { params: Promise<{ provider: string }> },
+) {
+  const { provider } = await params;
+  if (!SUPPORTED_PROVIDERS.includes(provider)) {
+    return NextResponse.redirect(
+      new URL("/login?error=unsupported_provider", request.url),
+    );
+  }
+  const { searchParams } = request.nextUrl;
+  const accessToken = searchParams.get("accessToken");
+  const refreshToken = searchParams.get("refreshToken");
+  const sessionToken = searchParams.get("token");
+  const redirectPath = searchParams.get("redirect") || "/dashboard";
+  // Prevent open-redirect attacks
+  const isValidRedirectPath =
+    redirectPath.startsWith("/") && !redirectPath.startsWith("//");
+  const finalRedirect = isValidRedirectPath ? redirectPath : "/dashboard";
+  if (!accessToken || !refreshToken) {
+    return NextResponse.redirect(
+      new URL("/login?error=oauth_failed", request.url),
+    );
+  }
+  const isProduction = process.env.NODE_ENV === "production";
+  const ONE_DAY_SECONDS = 60 * 60 * 24;
+  const SEVEN_DAYS_SECONDS = ONE_DAY_SECONDS * 7;
+  const response = NextResponse.redirect(new URL(finalRedirect, request.url));
+  response.cookies.set("accessToken", accessToken, {
+    httpOnly: true,
+    secure: isProduction,
+    sameSite: "lax",
+    path: "/",
+    maxAge: ONE_DAY_SECONDS,
+  });
+  response.cookies.set("refreshToken", refreshToken, {
+    httpOnly: true,
+    secure: isProduction,
+    sameSite: "lax",
+    path: "/",
+    maxAge: SEVEN_DAYS_SECONDS,
+  });
+  if (sessionToken) {
+    response.cookies.set("better-auth.session_token", sessionToken, {
+      httpOnly: true,
+      secure: isProduction,
+      sameSite: "lax",
+      path: "/",
+      maxAge: ONE_DAY_SECONDS,
+    });
+  }
+  return response;
+}

package/modules/auth/better-auth/files/nextjs/dashboard/pages/(user)/page.tsx ADDED Viewed

@@ -0,0 +1,6 @@
+export default function Page() {
+  return (
+    <div>This is user dashboard page.</div>
+  )
+}

package/modules/auth/better-auth/files/nextjs/dashboard/pages/admin/page.tsx ADDED Viewed

@@ -0,0 +1,6 @@
+export default function Page() {
+  return (
+    <div>This is the admin dashboard page</div>
+  )
+}

package/modules/auth/better-auth/files/nextjs/dashboard/pages/layout.tsx ADDED Viewed

@@ -0,0 +1,48 @@
+export const dynamic = "force-dynamic";
+import DashboardHeader from "@/components/dashboard/dashboard-header";
+import DashboardSidebar from "@/components/dashboard/dashboard-sidebar";
+import { SidebarProvider } from "@/components/ui/sidebar";
+import {
+  getSession,
+} from "@/features/auth/services/auth.service";
+import { sidebar } from "@/lib/constant/dashboard";
+import { redirect } from "next/navigation";
+type Role = keyof typeof sidebar;
+export default async function layout({
+  children,
+}: {
+  children: React.ReactNode;
+}) {
+  const user = await getSession();
+  if (!user) {
+    redirect("/login");
+  }
+  const role = user?.role as Role | undefined;
+  return (
+    <SidebarProvider>
+      <div className="flex min-h-screen w-full">
+        {/* Sidebar */}
+        {role && <DashboardSidebar menu={sidebar[role]} user={user} />}
+        {/* Main area */}
+        <div className="flex flex-col flex-1">
+          {/* Header/Navbar */}
+          <DashboardHeader role={role} />
+          {/* Main content */}
+          <main className="flex-1">
+            <div className="@container/main min-h-screen w-full px-4 py-4 lg:px-6">
+              {children}
+            </div>
+          </main>
+        </div>
+      </div>
+    </SidebarProvider>
+  );
+}

package/modules/auth/better-auth/files/nextjs/dashboard/pages/my-profile/page.tsx ADDED Viewed

@@ -0,0 +1,5 @@
+import MyProfile from "@/features/auth/components/my-profile";
+export default function page() {
+  return <MyProfile />;
+}

package/modules/auth/better-auth/files/nextjs/features/services/auth.service.ts ADDED Viewed

@@ -0,0 +1,102 @@
+"use server";
+import { envVars } from "@/lib/env";
+import { setTokenInCookies } from "@/lib/utils/token";
+import { cookies } from "next/headers";
+export async function getNewTokensWithRefreshToken(
+  refreshToken: string,
+): Promise<boolean> {
+  try {
+    const res = await fetch(`${envVars.API_URL}/auth/refresh-token`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Cookie: `refreshToken=${refreshToken}`,
+      },
+    });
+    if (!res.ok) {
+      return false;
+    }
+    const { data } = await res.json();
+    const { accessToken, refreshToken: newRefreshToken, token } = data;
+    if (accessToken) {
+      await setTokenInCookies("accessToken", accessToken);
+    }
+    if (newRefreshToken) {
+      await setTokenInCookies("refreshToken", newRefreshToken);
+    }
+    if (token) {
+      await setTokenInCookies("better-auth.session_token", token, 24 * 60 * 60); // 1 day in seconds
+    }
+    return true;
+  } catch (error) {
+    console.error("Error refreshing token:", error);
+    return false;
+  }
+}
+export async function setTokens(tokens: {
+  accessToken?: string;
+  refreshToken?: string;
+  token?: string;
+}) {
+  if (!tokens) return false;
+  if (tokens.accessToken) {
+    await setTokenInCookies("accessToken", tokens.accessToken);
+  }
+  if (tokens.refreshToken) {
+    await setTokenInCookies("refreshToken", tokens.refreshToken);
+  }
+  if (tokens.token) {
+    await setTokenInCookies(
+      "better-auth.session_token",
+      tokens.token,
+      24 * 60 * 60,
+    );
+  }
+  return true;
+}
+export async function getSession() {
+  try {
+    const cookieStore = await cookies();
+    const accessToken = cookieStore.get("accessToken")?.value;
+    const sessionToken = cookieStore.get("better-auth.session_token")?.value;
+    if (!accessToken) {
+      return null;
+    }
+    const res = await fetch(`${envVars.API_URL}/v1/auth/me`, {
+      method: "GET",
+      headers: {
+        "Content-Type": "application/json",
+        Cookie: `accessToken=${accessToken}; better-auth.session_token=${sessionToken}`,
+      },
+    });
+    if (!res.ok) {
+      console.error("Failed to fetch user info:", res.status, res.statusText);
+      return null;
+    }
+    const { data } = await res.json();
+    return data;
+  } catch (error) {
+    console.error("Error fetching user info:", error);
+    return null;
+  }
+}

package/modules/auth/better-auth/files/nextjs/layout/layout.tsx ADDED Viewed

@@ -0,0 +1,13 @@
+import Footer from "@/components/footer";
+import Navbar from "@/components/navbar";
+import React from "react";
+export default function Layout({ children }: { children: React.ReactNode }) {
+  return (
+    <div className="min-h-screen flex flex-col">
+      <Navbar />
+      <main className="max-w-7xl mx-auto">{children}</main>
+      <Footer />
+    </div>
+  );
+}

package/modules/auth/better-auth/files/nextjs/lib/axios/http.ts ADDED Viewed

@@ -0,0 +1,158 @@
+import { getNewTokensWithRefreshToken } from "@/features/auth/services/auth.service";
+import { ApiResponse } from "@/types/api.types";
+import axios from "axios";
+import { cookies, headers } from "next/headers";
+import { envVars } from "../env";
+import { isTokenExpiringSoon } from "../utils/token";
+if (!envVars.API_URL) {
+  throw new Error("API_BASE_URL is not defined in environment variables");
+}
+async function tryRefreshToken(
+  accessToken: string,
+  refreshToken: string,
+): Promise<void> {
+  if (!(await isTokenExpiringSoon(accessToken))) {
+    return;
+  }
+  const requestHeader = await headers();
+  if (requestHeader.get("x-token-refreshed") === "1") {
+    return;
+  }
+  try {
+    await getNewTokensWithRefreshToken(refreshToken);
+  } catch (error: unknown) {
+    console.error("Error refreshing token in http client:", error);
+  }
+}
+const axiosInstance = async () => {
+  const cookieStore = await cookies();
+  const accessToken = cookieStore.get("accessToken")?.value;
+  const refreshToken = cookieStore.get("refreshToken")?.value;
+  if (accessToken && refreshToken) {
+    await tryRefreshToken(accessToken, refreshToken);
+  }
+  const cookieHeader = cookieStore
+    .getAll()
+    .map((cookie) => `${cookie.name}=${cookie.value}`)
+    .join("; ");
+  const instance = axios.create({
+    baseURL: envVars.API_URL,
+    timeout: 30000,
+    headers: {
+      "Content-Type": "application/json",
+      Cookie: cookieHeader,
+    },
+  });
+  return instance;
+};
+export interface ApiRequestOptions {
+  params?: Record<string, unknown>;
+  headers?: Record<string, string>;
+}
+const httpGet = async <TData>(
+  endpoint: string,
+  options?: ApiRequestOptions,
+): Promise<ApiResponse<TData>> => {
+  try {
+    const instance = await axiosInstance();
+    const response = await instance.get<ApiResponse<TData>>(endpoint, {
+      params: options?.params,
+      headers: options?.headers,
+    });
+    return response.data;
+  } catch (error) {
+    console.error(`GET request to ${endpoint} failed:`, error);
+    throw error;
+  }
+};
+const httpPost = async <TData>(
+  endpoint: string,
+  data: unknown,
+  options?: ApiRequestOptions,
+): Promise<ApiResponse<TData>> => {
+  try {
+    const instance = await axiosInstance();
+    const response = await instance.post<ApiResponse<TData>>(endpoint, data, {
+      params: options?.params,
+      headers: options?.headers,
+    });
+    return response.data;
+  } catch (error) {
+    console.error(`POST request to ${endpoint} failed:`, error);
+    throw error;
+  }
+};
+const httpPut = async <TData>(
+  endpoint: string,
+  data: unknown,
+  options?: ApiRequestOptions,
+): Promise<ApiResponse<TData>> => {
+  try {
+    const instance = await axiosInstance();
+    const response = await instance.put<ApiResponse<TData>>(endpoint, data, {
+      params: options?.params,
+      headers: options?.headers,
+    });
+    return response.data;
+  } catch (error) {
+    console.error(`PUT request to ${endpoint} failed:`, error);
+    throw error;
+  }
+};
+const httpPatch = async <TData>(
+  endpoint: string,
+  data: unknown,
+  options?: ApiRequestOptions,
+): Promise<ApiResponse<TData>> => {
+  try {
+    const instance = await axiosInstance();
+    const response = await instance.patch<ApiResponse<TData>>(endpoint, data, {
+      params: options?.params,
+      headers: options?.headers,
+    });
+    return response.data;
+  } catch (error) {
+    console.error(`PATCH request to ${endpoint} failed:`, error);
+    throw error;
+  }
+};
+const httpDelete = async <TData>(
+  endpoint: string,
+  options?: ApiRequestOptions,
+): Promise<ApiResponse<TData>> => {
+  try {
+    const instance = await axiosInstance();
+    const response = await instance.delete<ApiResponse<TData>>(endpoint, {
+      params: options?.params,
+      headers: options?.headers,
+    });
+    return response.data;
+  } catch (error) {
+    console.error(`DELETE request to ${endpoint} failed:`, error);
+    throw error;
+  }
+};
+export const api = {
+  get: httpGet,
+  post: httpPost,
+  put: httpPut,
+  patch: httpPatch,
+  delete: httpDelete,
+};

package/modules/auth/better-auth/files/nextjs/lib/env.ts ADDED Viewed

@@ -0,0 +1,35 @@
+interface EnvVars {
+  APP_NAME: string;
+  APP_URL: string;
+  API_URL: string;
+  BETTER_AUTH_URL: string;
+  JWT_ACCESS_SECRET: string;
+}
+const loadEnvVars = (): EnvVars => {
+  const requiredVars: (keyof EnvVars)[] = [
+    "APP_NAME",
+    "APP_URL",
+    "API_URL",
+    "BETTER_AUTH_URL",
+    "JWT_ACCESS_SECRET",
+  ];
+  for (const varName of requiredVars) {
+    if (!process.env[`NEXT_PUBLIC_${varName}`]) {
+      console.warn(
+        `Environment variable NEXT_PUBLIC_${varName} is not set. Using default value.`,
+      );
+    }
+  }
+  return {
+    APP_NAME: process.env.NEXT_PUBLIC_APP_NAME || "App Name",
+    APP_URL: process.env.NEXT_PUBLIC_APP_URL || "http://localhost:3000",
+    API_URL: process.env.NEXT_PUBLIC_API_URL || "http://localhost:5000/api",
+    BETTER_AUTH_URL: process.env.NEXT_PUBLIC_BETTER_AUTH_URL || "http://localhost:5000",
+    JWT_ACCESS_SECRET: process.env.JWT_ACCESS_SECRET || "",
+  };
+};
+export const envVars = loadEnvVars();

package/modules/auth/better-auth/files/nextjs/lib/utils/auth.ts ADDED Viewed

@@ -0,0 +1,75 @@
+export type UserRole = "ADMIN" | "USER";
+export const authRoutes = [
+  "/login",
+  "/register",
+  "/forgot-password",
+  "/reset-password",
+  "/verify-email",
+];
+export const isAuthRoute = (pathname: string) => {
+  return authRoutes.some((router: string) => router === pathname);
+};
+export type RouteConfig = {
+  exact: string[];
+  pattern: RegExp[];
+};
+export const commonProtectedRoutes: RouteConfig = {
+  exact: ["/dashboard/my-profile"],
+  pattern: [/^\/dashboard(?!\/admin)(\/.*)?$/],
+};
+export const adminProtectedRoutes: RouteConfig = {
+  pattern: [/^\/dashboard\/admin/],
+  exact: [],
+};
+export const isRouteMatches = (pathname: string, routes: RouteConfig) => {
+  if (routes.exact.includes(pathname)) {
+    return true;
+  }
+  return routes.pattern.some((pattern: RegExp) => pattern.test(pathname));
+};
+export const getRouteOwner = (pathname: string): "ADMIN" | "COMMON" | null => {
+  if (isRouteMatches(pathname, adminProtectedRoutes)) {
+    return "ADMIN";
+  }
+  if (isRouteMatches(pathname, commonProtectedRoutes)) {
+    return "COMMON";
+  }
+  return null;
+};
+export const getDefaultDashboardRoute = (role: UserRole) => {
+  if (role === "ADMIN") {
+    return "/dashboard/admin";
+  }
+  if (role === "USER") {
+    return "/dashboard";
+  }
+  return "/";
+};
+export const isValidRedirectForRole = (
+  redirectPath: string,
+  role: UserRole,
+) => {
+  const routeOwner = getRouteOwner(redirectPath);
+  if (routeOwner === null || routeOwner === "COMMON") {
+    return true;
+  }
+  if (routeOwner === role) {
+    return true;
+  }
+  return false;
+};

package/modules/auth/better-auth/files/nextjs/lib/utils/cookie.ts ADDED Viewed

@@ -0,0 +1,29 @@
+"use server";
+import { cookies } from "next/headers";
+export const setCookie = async (
+  name: string,
+  value: string,
+  maxAgeInSeconds: number,
+) => {
+  const cookieStore = await cookies();
+  cookieStore.set(name, value, {
+    httpOnly: true,
+    secure: true,
+    sameSite: "strict",
+    path: "/",
+    maxAge: maxAgeInSeconds,
+  });
+};
+export const getCookie = async (name: string) => {
+  const cookieStore = await cookies();
+  return cookieStore.get(name)?.value;
+};
+export const deleteCookie = async (name: string) => {
+  const cookieStore = await cookies();
+  cookieStore.delete(name);
+};

package/modules/auth/better-auth/files/nextjs/lib/utils/jwt.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import jwt, { JwtPayload } from "jsonwebtoken";
+const verifyToken = (token: string, secret: string) => {
+  try {
+    const decoded = jwt.verify(token, secret) as JwtPayload;
+    return {
+      success: true,
+      data: decoded,
+    };
+  } catch (error: unknown) {
+    return {
+      success: false,
+      message:
+        error instanceof Error ? error.message : "Token verification failed",
+      error,
+    };
+  }
+};
+const decodedToken = (token: string) => {
+  const decoded = jwt.decode(token) as JwtPayload;
+  return decoded;
+};
+export const jwtUtils = {
+  verifyToken,
+  decodedToken,
+};

package/modules/auth/better-auth/files/nextjs/lib/utils/token.ts ADDED Viewed

@@ -0,0 +1,49 @@
+"use server";
+import jwt, { JwtPayload } from "jsonwebtoken";
+import { setCookie } from "./cookie";
+const getTokenSecondsRemaining = (token: string): number => {
+  if (!token) return 0;
+  try {
+    const tokenPayload = jwt.decode(token) as JwtPayload;
+    if (tokenPayload && !tokenPayload.exp) {
+      return 0;
+    }
+    const remainingSeconds =
+      (tokenPayload.exp as number) - Math.floor(Date.now() / 1000);
+    return remainingSeconds > 0 ? remainingSeconds : 0;
+  } catch {
+    return 0;
+  }
+};
+export const setTokenInCookies = async (
+  name: string,
+  token: string,
+  fallbackMaxAgeInSeconds = 60 * 60 * 24, // 1 days
+) => {
+  let maxAgeInSeconds;
+  if (name !== "better-auth.session_token") {
+    maxAgeInSeconds = getTokenSecondsRemaining(token);
+  }
+  await setCookie(name, token, maxAgeInSeconds || fallbackMaxAgeInSeconds);
+};
+export async function isTokenExpiringSoon(
+  token: string,
+  thresholdInSeconds = 300,
+): Promise<boolean> {
+  const remainingSeconds = getTokenSecondsRemaining(token);
+  return remainingSeconds > 0 && remainingSeconds <= thresholdInSeconds;
+}
+export async function isTokenExpired(token: string): Promise<boolean> {
+  const remainingSeconds = getTokenSecondsRemaining(token);
+  return remainingSeconds === 0;
+}