underpost 2.6.2

package/src/cron.js

@@ -0,0 +1,25 @@
+'use strict';
+
+// https://nodejs.org/api
+// https://expressjs.com/en/4x/api.html
+
+import dotenv from 'dotenv';
+import { loggerFactory } from './server/logger.js';
+import { Dns } from './server/dns.js';
+import { ProcessController } from './server/process.js';
+import { Config } from './server/conf.js';
+import { BackUpManagement } from './server/backup.js';
+
+dotenv.config();
+
+await Config.build();
+
+const logger = loggerFactory(import.meta);
+
+await logger.setUpInfo();
+
+await Dns.InitIpDaemon();
+
+await BackUpManagement.Init();
+
+ProcessController.init(logger);

package/src/db/DataBaseProvider.js

@@ -0,0 +1,34 @@
+import { MongooseDB } from './mongo/MongooseDB.js';
+import { loggerFactory } from '../server/logger.js';
+
+const logger = loggerFactory(import.meta);
+
+const DataBaseProvider = {
+  instance: {},
+  load: async function (options = { apis: [], host: '', path: '', db: {} }) {
+    try {
+      const { apis, host, path, db } = options;
+
+      if (!this.instance[`${host}${path}`]) this.instance[`${host}${path}`] = {};
+
+      if (!db || this.instance[`${host}${path}`][db.provider]) return;
+
+      // logger.info(`Load ${db.provider} provider`, `${host}${path}`);
+      switch (db.provider) {
+        case 'mongoose':
+          {
+            const conn = await MongooseDB.connect(db.host, db.name);
+            this.instance[`${host}${path}`][db.provider] = await MongooseDB.loadModels({ conn, apis });
+          }
+          break;
+        default:
+          break;
+      }
+      return this.instance[`${host}${path}`][db.provider];
+    } catch (error) {
+      logger.error(error, { error: error.stack, options });
+      return undefined;
+    }
+  },
+};
+export { DataBaseProvider };

package/src/db/mariadb/MariaDB.js

@@ -0,0 +1,33 @@
+import mariadb from 'mariadb';
+
+import { loggerFactory } from '../../server/logger.js';
+
+const logger = loggerFactory(import.meta);
+
+const MariaDB = {
+  query: async (options) => {
+    const { host, port, user, password, query } = options;
+    const pool = mariadb.createPool({
+      host: 'host' in options ? host : '127.0.0.1',
+      port: 'port' in options ? port : 3306,
+      user: 'user' in options ? user : 'root',
+      password: 'password' in options ? password : '',
+    });
+    let conn, result;
+    try {
+      conn = await pool.getConnection();
+      result = await conn.query(query, { supportBigNumbers: true, bigNumberStrings: true });
+      logger.info(query, result);
+    } catch (error) {
+      if (error.stack.startsWith('TypeError: Do not know how to serialize a BigInt')) return;
+      logger.error(error, error.stack);
+    } finally {
+      if (conn) conn.release(); //release to pool
+      await pool.end();
+    }
+
+    return result;
+  },
+};
+
+export { MariaDB };

package/src/db/mongo/MongooseDB.js

@@ -0,0 +1,46 @@
+import mongoose from 'mongoose';
+
+import { loggerFactory } from '../../server/logger.js';
+import { getCapVariableName } from '../../server/conf.js';
+
+const logger = loggerFactory(import.meta);
+
+const MongooseDB = {
+  connect: async (host, name) => {
+    const uri = `${host}/${name}`;
+    // logger.info('MongooseDB connect', { host, name, uri });
+    return await mongoose.createConnection(uri).asPromise();
+    return new Promise((resolve, reject) =>
+      mongoose
+        .connect(
+          uri,
+          // ,{
+          //   useNewUrlParser: true,
+          //   useUnifiedTopology: true,
+          // }
+        )
+        .then((db) => {
+          logger.info(`db connected`, uri);
+          return resolve(db);
+        })
+        .catch((err) => {
+          logger.error(err, { host, name, error: err.stack });
+          // return reject(err);
+          return resolve(undefined);
+        }),
+    );
+  },
+  loadModels: async function (options = { apis: ['test'], conn: new mongoose.Connection() }) {
+    const { conn, apis } = options;
+    const models = {};
+    for (const api of apis) {
+      const { ProviderSchema } = await import(`../../api/${api}/${api}.model.js`);
+      const keyModel = getCapVariableName(api);
+      models[keyModel] = conn.model(keyModel, ProviderSchema);
+    }
+
+    return models;
+  },
+};
+
+export { MongooseDB };

package/src/dns.js

@@ -0,0 +1,22 @@
+'use strict';
+
+// https://nodejs.org/api
+// https://expressjs.com/en/4x/api.html
+
+import dotenv from 'dotenv';
+import { loggerFactory } from './server/logger.js';
+import { Dns } from './server/dns.js';
+import { ProcessController } from './server/process.js';
+import { Config } from './server/conf.js';
+
+dotenv.config();
+
+await Config.build();
+
+const logger = loggerFactory(import.meta);
+
+await logger.setUpInfo();
+
+await Dns.InitIpDaemon();
+
+ProcessController.init(logger);

package/src/mailer/EmailRender.js

@@ -0,0 +1,69 @@
+import { srcFormatted } from '../server/client-formatted.js';
+import fs from 'fs-extra';
+
+const EmailRender = {
+  style: {
+    body: {
+      'font-family': 'Arial, sans-serif',
+      'background-color': '#f4f4f4',
+      margin: 0,
+      padding: '20px',
+      'min-height': '300px',
+      width: '100%',
+      'max-width': '700px',
+      display: 'block',
+    },
+    '.container': {
+      'max-width': '600px',
+      margin: '0 auto',
+      'background-color': '#ffffff',
+      padding: '20px',
+      'border-radius': '5px',
+      // 'box-shadow': '0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19)',
+    },
+    h1: {
+      'font-size': '24px',
+      'margin-bottom': '20px',
+      color: '#333333',
+    },
+    p: {
+      'font-size': '16px',
+      'line-height': 1.5,
+      'margin-bottom': '20px',
+      color: '#666666',
+    },
+    button: {
+      display: 'inline-block',
+      padding: '10px 20px',
+      'background-color': '#007bff',
+      color: '#ffffff',
+      'text-decoration': 'none',
+      'border-radius': '5px',
+      'font-size': '16px',
+    },
+    '.footer': {
+      'text-align': 'center',
+      padding: '20px',
+      'font-size': '14px',
+      color: '#999999',
+    },
+  },
+  renderStyle: function (classObj) {
+    return Object.keys(this.style[classObj])
+      .map((classKey) => ` ${classKey}: ${this.style[classObj][classKey]};`)
+      .join(``);
+  },
+
+  getTemplates: async function (options = { templates: {} }) {
+    const templates = {};
+    for (const templateKey of Object.keys(options.templates)) {
+      const ssrEmailComponent = options.templates[templateKey];
+      let SrrComponent;
+      eval(await srcFormatted(fs.readFileSync(`./src/client/ssr/email-components/${ssrEmailComponent}.js`, 'utf8')));
+      templates[templateKey] = SrrComponent(this, options);
+    }
+    return templates;
+  },
+};
+
+export { EmailRender };

package/src/mailer/MailerProvider.js

@@ -0,0 +1,96 @@
+import nodemailer from 'nodemailer';
+import { loggerFactory } from '../server/logger.js';
+import { EmailRender } from './EmailRender.js';
+
+const logger = loggerFactory(import.meta);
+
+const MailerProvider = {
+  instance: {},
+  load: async function (
+    options = {
+      id: '',
+      meta: 'mailer',
+      sender: {
+        email: '',
+        name: '',
+      },
+      transport: {
+        host: '', // smtp host
+        port: 587,
+        secure: false, // true for 465, false for other ports
+        auth: {
+          user: '', // generated ethereal user
+          pass: '', // generated ethereal password
+        },
+      },
+      host: '',
+      path: '',
+      templates: ['SsrTemplate'],
+    },
+  ) {
+    try {
+      const { id } = options;
+      // Generate test SMTP service account from ethereal.email
+      // Only needed if you don't have a real mail account for testing
+      // let testAccount = await nodemailer.createTestAccount();
+
+      // create reusable transporter object using the default SMTP transport
+      const transporter = nodemailer.createTransport(options.transport);
+
+      // console.log('load logger', { url: options.meta });
+      this.instance[id] = {
+        ...options,
+        transporter,
+        templates: await EmailRender.getTemplates(options),
+      };
+
+      return this.instance[id];
+    } catch (error) {
+      logger.error(error, error.stack);
+      return undefined;
+    }
+  },
+  send: async function (
+    options = {
+      id: '',
+      sendOptions: {
+        from: '"Fred Foo 👻" <foo@example.com>', // sender address
+        to: 'bar@example.com, baz@example.com', // list of receivers
+        subject: 'Hello ✔', // Subject line
+        text: 'Hello world?', // plain text body
+        html: '<b>Hello world?</b>', // html body
+        attachments: [
+          {
+            filename: 'logo.png',
+            path: `./logo.png`,
+            cid: 'logo', // <img src='cid:logo'>
+          },
+        ],
+      },
+    },
+  ) {
+    try {
+      const { id, sendOptions } = options;
+      if (!sendOptions.from) sendOptions.from = `${this.instance[id].sender.name} <${this.instance[id].sender.email}>`;
+
+      // send mail with defined transport object
+      const info = await this.instance[id].transporter.sendMail(sendOptions);
+
+      // console.log('Message sent: %s', info.messageId);
+      // logger.info('Message sent', info);
+
+      // Message sent: <b658f8ca-6296-ccf4-8306-87d57a0b4321@example.com>
+
+      // Preview only available when sending through an Ethereal account
+      // console.log("Preview URL: %s", nodemailer.getTestMessageUrl(info));
+      // Preview URL: https://ethereal.email/message/WaQKMgKddxQDoou...
+
+      return info;
+    } catch (error) {
+      logger.error(error, error.stack);
+      return undefined;
+    }
+  },
+};
+
+export { MailerProvider };

package/src/proxy.js

@@ -0,0 +1,22 @@
+'use strict';
+
+// https://nodejs.org/api
+// https://expressjs.com/en/4x/api.html
+
+import dotenv from 'dotenv';
+import { loggerFactory } from './server/logger.js';
+import { buildProxy } from './server/proxy.js';
+import { ProcessController } from './server/process.js';
+import { Config } from './server/conf.js';
+
+dotenv.config();
+
+await Config.build();
+
+const logger = loggerFactory(import.meta);
+
+await logger.setUpInfo();
+
+await buildProxy();
+
+ProcessController.init(logger);

package/src/runtime/lampp/Lampp.js

@@ -0,0 +1,44 @@
+import fs from 'fs-extra';
+import { network } from '../../server/network.js';
+import { shellExec } from '../../server/process.js';
+import { timer } from '../../client/components/core/CommonJs.js';
+
+const Lampp = {
+  ports: [],
+  initService: async function (options = { daemon: false }) {
+    let cmd;
+    // linux
+    fs.writeFileSync(`/opt/lampp/apache2/conf/httpd.conf`, this.router || '', 'utf8');
+    cmd = `sudo /opt/lampp/lampp stop`;
+    shellExec(cmd);
+    await network.port.portClean(3306);
+    for (const port of this.ports) await network.port.portClean(port);
+    cmd = `sudo /opt/lampp/lampp start`;
+    if (this.router) fs.writeFileSync(`./tmp/lampp-router.conf`, this.router, 'utf-8');
+    shellExec(cmd, { async: true });
+    if (options && options.daemon) this.daemon();
+  },
+  daemon: async function () {
+    await timer(1000 * 60 * 2); // 2 minutes
+    for (const port of this.ports) {
+      const [portStatus] = await network.port.status([port]);
+      if (!portStatus.open) return await this.initService();
+    }
+    this.daemon();
+  },
+  enabled: () => fs.existsSync(`/opt/lampp/apache2/conf/httpd.conf`),
+  appendRouter: function (render) {
+    if (!this.router) {
+      if (fs.existsSync(`./tmp/lampp-router.conf`))
+        return (this.router = fs.readFileSync(`./tmp/lampp-router.conf`, 'utf-8')) + render;
+      return (this.router = render);
+    }
+    return (this.router += render);
+  },
+  removeRouter: function () {
+    this.router = undefined;
+    if (fs.existsSync(`./tmp/lampp-router.conf`)) fs.rmSync(`./tmp/lampp-router.conf`);
+  },
+};
+
+export { Lampp };

package/src/runtime/nginx/Nginx.js

@@ -0,0 +1,3 @@
+const Nginx = {};
+
+export { Nginx };

package/src/runtime/xampp/Xampp.js

@@ -0,0 +1,49 @@
+import fs from 'fs-extra';
+import { network } from '../../server/network.js';
+import { shellExec } from '../../server/process.js';
+import { timer } from '../../client/components/core/CommonJs.js';
+
+const Xampp = {
+  ports: [],
+  initService: async function (options = { daemon: false }) {
+    let cmd;
+    // windows
+    fs.writeFileSync(
+      `C:/xampp/apache/conf/httpd.conf`,
+      fs.readFileSync(`C:/xampp/apache/conf/httpd.template.conf`, 'utf8').replace(`Listen 80`, ``),
+      'utf8',
+    );
+    fs.writeFileSync(`C:/xampp/apache/conf/extra/httpd-ssl.conf`, this.router || '', 'utf8');
+    cmd = `C:/xampp/xampp_stop.exe`;
+    shellExec(cmd);
+    await network.port.portClean(3306);
+    for (const port of this.ports) await network.port.portClean(port);
+    cmd = `C:/xampp/xampp_start.exe`;
+    if (this.router) fs.writeFileSync(`./tmp/xampp-router.conf`, this.router, 'utf-8');
+    shellExec(cmd);
+    if (options && options.daemon) this.daemon();
+  },
+  daemon: async function () {
+    await timer(1000 * 60 * 2); // 2 minutes
+    for (const port of this.ports) {
+      const [portStatus] = await network.port.status([port]);
+      if (!portStatus.open) return await this.initService();
+    }
+    this.daemon();
+  },
+  enabled: () => fs.existsSync(`C:/xampp/apache/conf/httpd.conf`),
+  appendRouter: function (render) {
+    if (!this.router) {
+      if (fs.existsSync(`./tmp/xampp-router.conf`))
+        return (this.router = fs.readFileSync(`./tmp/xampp-router.conf`, 'utf-8')) + render;
+      return (this.router = render);
+    }
+    return (this.router += render);
+  },
+  removeRouter: function () {
+    this.router = undefined;
+    if (fs.existsSync(`./tmp/xampp-router.conf`)) fs.rmSync(`./tmp/xampp-router.conf`);
+  },
+};
+
+export { Xampp };

package/src/server/auth.js

@@ -0,0 +1,204 @@
+/**
+ * Module for managing identity and authorization
+ * @module src/server/auth.js
+ * @namespace Auth
+ */
+
+import dotenv from 'dotenv';
+import jwt from 'jsonwebtoken';
+import { loggerFactory } from './logger.js';
+import crypto from 'crypto';
+import { userRoleEnum } from '../api/user/user.model.js';
+import { validatePassword } from '../client/components/core/CommonJs.js';
+
+dotenv.config();
+
+const logger = loggerFactory(import.meta);
+
+/* The `const config` object is defining parameters related to the hashing process used for password
+security. Here's a breakdown of each property in the `config` object: */
+const config = {
+  hashBytes: 32,
+  saltBytes: 16,
+  iterations: 872791,
+  digest: 'sha512',
+};
+
+/**
+ * @param {String} password - given password to hash
+ * @returns {String} the hash corresponding to the password
+ * @memberof Auth
+ */
+function hashPassword(password) {
+  const { iterations, hashBytes, digest, saltBytes } = config;
+  const salt = crypto.randomBytes(saltBytes).toString('hex');
+  const hash = crypto.pbkdf2Sync(password, salt, iterations, hashBytes, digest).toString('hex');
+  return [salt, hash].join('$');
+}
+
+/**
+ * @param {String} password - password to verify
+ * @param {String} combined - a combined salt + hash returned by hashPassword function
+ * @returns {Boolean} true if password correspond to the hash. False otherwise
+ * @memberof Auth
+ */
+function verifyPassword(password, combined) {
+  const { iterations, hashBytes, digest } = config;
+  const [salt, originalHash] = combined.split('$');
+  const hash = crypto.pbkdf2Sync(password, salt, iterations, hashBytes, digest).toString('hex');
+  return hash === originalHash;
+}
+
+// jwt middleware
+
+/**
+ * The hashJWT function generates a JSON Web Token (JWT) with a specified payload and expiration time.
+ * @param payload - The `payload` parameter in the `hashJWT` function is the data that you want to
+ * encode into the JSON Web Token (JWT). It typically contains information about the user or any other
+ * relevant data that you want to securely transmit.
+ * @param expire - The `expire` parameter in the `hashJWT` function is used to specify the expiration
+ * time for the JSON Web Token (JWT) being generated. If a value is provided for `expire`, it will be
+ * used as the expiration time. If `expire` is not provided (i.e., it
+ * @memberof Auth
+ */
+const hashJWT = (payload, expire) =>
+  jwt.sign(payload, process.env.JWT_SECRET, { expiresIn: expire !== undefined ? expire : `${process.env.EXPIRE}h` });
+
+/**
+ * The function `verifyJWT` is used to verify a JSON Web Token (JWT) using a secret key stored in the
+ * environment variables.
+ * @param [token] - The `token` parameter is a JSON Web Token (JWT) that is passed to the `verifyJWT`
+ * function for verification.
+ * @memberof Auth
+ */
+const verifyJWT = (token = '') => jwt.verify(token, process.env.JWT_SECRET);
+
+/**
+ * The authMiddleware function checks and verifies the authorization token in the request headers
+ * before allowing access to protected routes.
+ * @param req - The `req` parameter in the `authMiddleware` function stands for the request object. It
+ * contains information about the HTTP request made to the server, including headers, body, parameters,
+ * and more. In this context, the function is extracting the authorization token from the request
+ * headers to authenticate the user.
+ * @param res - The `res` parameter in the `authMiddleware` function is the response object that
+ * represents the HTTP response that an Express.js server sends when it receives an HTTP request. It is
+ * used to send a response back to the client with status codes, headers, and data.
+ * @param next - The `next` parameter in the `authMiddleware` function is a callback function that is
+ * used to pass control to the next middleware function in the stack. When called, it invokes the next
+ * middleware function in the chain. This is a common pattern in Express.js middleware functions to
+ * move to the next middleware
+ * @returns {Object} The `req.auth` included JWT payload in request authorization
+ * @memberof Auth
+ */
+const authMiddleware = (req, res, next) => {
+  try {
+    const authHeader = String(req.headers['authorization'] || req.headers['Authorization'] || '');
+    if (authHeader.startsWith('Bearer ')) {
+      const token = authHeader.substring(7, authHeader.length);
+      const payload = verifyJWT(token);
+      req.auth = payload;
+      return next();
+    }
+    return res.status(401).json({
+      status: 'error',
+      message: 'unauthorized: invalid token',
+    });
+  } catch (error) {
+    logger.error(error, error.stack);
+    return res.status(400).json({
+      status: 'error',
+      message: error.message,
+    });
+  }
+};
+
+/**
+ * The `adminGuard` function checks if the user has admin role permission and returns an error message
+ * if not.
+ * @param req - The `req` parameter typically represents the HTTP request object in Node.js. It
+ * contains information about the incoming request such as the request headers, parameters, body, and
+ * more. In the context of your `adminGuard` function, `req` is the request object that is being passed
+ * to the middleware
+ * @param res - The `res` parameter in the `adminGuard` function is the response object in Express.js.
+ * It is used to send a response back to the client making the HTTP request.
+ * @param next - The `next` parameter in the `adminGuard` function is a callback function that is used
+ * to pass control to the next middleware function in the stack. When called, it executes the next
+ * middleware function. If there are no more middleware functions in the stack, it will proceed to the
+ * route handler.
+ * @returns The `adminGuard` function is returning either a 403 status with an error message if the
+ * user role is not 'admin', or it is calling the `next()` function to proceed to the next middleware
+ * if the user role is 'admin'. If an error occurs during the process, it will log the error and return
+ * a 400 status with the error message.
+ * @memberof Auth
+ */
+const adminGuard = (req, res, next) => {
+  try {
+    if (!(userRoleEnum.indexOf(req.auth.user.role) === userRoleEnum.indexOf('admin')))
+      return res.status(403).json({ status: 'error', message: 'Insufficient permission' });
+    return next();
+  } catch (error) {
+    logger.error(error, error.stack);
+    return res.status(400).json({
+      status: 'error',
+      message: error.message,
+    });
+  }
+};
+
+/**
+ * The function `moderatorGuard` checks if the user's role is at least a moderator and handles errors
+ * accordingly.
+ * @param req - The `req` parameter in the `moderatorGuard` function typically represents the HTTP
+ * request object, which contains information about the incoming request such as headers, parameters,
+ * body, etc. It is commonly used to access data sent from the client to the server.
+ * @param res - The `res` parameter in the `moderatorGuard` function is the response object in
+ * Express.js. It is used to send a response back to the client making the HTTP request.
+ * @param next - The `next` parameter in the `moderatorGuard` function is a callback function that is
+ * used to pass control to the next middleware function in the stack. When called, it will execute the
+ * next middleware function. In the context of Express.js middleware, `next` is typically called to
+ * move to
+ * @returns In the `moderatorGuard` function, if the user's role is not a moderator or higher, a 403
+ * status with an error message "Insufficient permission" is returned. If there is an error during the
+ * process, a 400 status with the error message is returned. If everything is successful, the `next()`
+ * function is called to proceed to the next middleware in the chain.
+ * @memberof Auth
+ */
+const moderatorGuard = (req, res, next) => {
+  try {
+    if (!(userRoleEnum.indexOf(req.auth.user.role) <= userRoleEnum.indexOf('moderator')))
+      return res.status(403).json({ status: 'error', message: 'Insufficient permission' });
+    return next();
+  } catch (error) {
+    logger.error(error, error.stack);
+    return res.status(400).json({
+      status: 'error',
+      message: error.message,
+    });
+  }
+};
+
+const validatePasswordMiddleware = (req, password) => {
+  let errors = [];
+  if (req.body && 'password' in req.body) errors = validatePassword(req.body.password);
+  if (errors.length > 0)
+    return {
+      status: 'error',
+      message:
+        'Password, ' + errors.map((e, i) => (i > 0 ? ', ' : '') + (e[req.lang] ? e[req.lang] : e['en'])).join(''),
+    };
+  else
+    return {
+      status: 'success',
+    };
+};
+
+export {
+  authMiddleware,
+  hashPassword,
+  verifyPassword,
+  hashJWT,
+  adminGuard,
+  moderatorGuard,
+  verifyJWT,
+  validatePasswordMiddleware,
+};