vona-module-a-user 5.0.49 → 5.1.2

package/src/lib/passport.ts

@@ -0,0 +1,41 @@
+import { Aspect } from 'vona-module-a-aspect';
+
+import type { IGuardOptionsRoleName } from '../bean/guard.roleName.ts';
+import type { IGuardOptionsUserName } from '../bean/guard.userName.ts';
+
+function Public(_public: boolean = true): ClassDecorator & MethodDecorator {
+  return Aspect.guardGlobal('a-user:passport', { public: _public });
+}
+
+// true/false/undefined
+function Activated(activated?: boolean): ClassDecorator & MethodDecorator {
+  return Aspect.guardGlobal('a-user:passport', { activated });
+}
+
+function UserName(options?: Partial<IGuardOptionsUserName>): ClassDecorator & MethodDecorator {
+  return Aspect.guard('a-user:userName', options);
+}
+
+function RoleName(options?: Partial<IGuardOptionsRoleName>): ClassDecorator & MethodDecorator {
+  return Aspect.guard('a-user:roleName', options);
+}
+
+function Admin(options?: Partial<Omit<IGuardOptionsRoleName, 'name'>>): ClassDecorator & MethodDecorator {
+  return Aspect.guard('a-user:roleName', Object.assign({}, options, { name: 'admin' as const }));
+}
+
+export interface IDecoratorGroupPassport {
+  public: typeof Public;
+  activated: typeof Activated;
+  userName: typeof UserName;
+  roleName: typeof RoleName;
+  admin: typeof Admin;
+}
+
+export const Passport: IDecoratorGroupPassport = {
+  public: Public,
+  activated: Activated,
+  userName: UserName,
+  roleName: RoleName,
+  admin: Admin,
+} as unknown as IDecoratorGroupPassport;

package/src/lib/user.ts

@@ -0,0 +1,7 @@
+import type { TableIdentity } from 'table-identity';
+
+import type { IUserIdRecord } from '../types/user.ts';
+
+export function $getUserIdSystem<K extends keyof IUserIdRecord>(_userName: IUserIdRecord[K], userId: K): TableIdentity {
+  return userId;
+}

package/src/main.ts

@@ -0,0 +1,25 @@
+import type { IModuleMain, VonaContext } from 'vona';
+
+import { BeanSimple } from 'vona';
+
+export class Main extends BeanSimple implements IModuleMain {
+  async moduleLoading() {}
+  async moduleLoaded() {
+    // user
+    Object.defineProperty(this.app.context, 'user', {
+      enumerable: false,
+      get(this: VonaContext) {
+        return this.app.bean.passport.currentUser;
+      },
+    });
+    // passport
+    Object.defineProperty(this.app.context, 'passport', {
+      enumerable: false,
+      get(this: VonaContext) {
+        return this.app.bean.passport.current;
+      },
+    });
+  }
+
+  async configLoaded(_config: any) {}
+}

package/src/service/authTokenAdapter.ts

@@ -0,0 +1,42 @@
+import type { IPayloadData } from 'vona-module-a-jwt';
+
+import { BeanBase, createHash, uuidv4 } from 'vona';
+import { Service } from 'vona-module-a-bean';
+
+import type { IAuthTokenAdapter } from '../types/authToken.ts';
+import type { IUser } from '../types/user.ts';
+
+@Service()
+export class ServiceAuthTokenAdapter extends BeanBase implements IAuthTokenAdapter {
+  async create(payloadData: IPayloadData): Promise<IPayloadData> {
+    const authIdStr = this._getAuthId(payloadData)?.toString();
+    const token = authIdStr === '-1' ? createHash(authIdStr) : uuidv4();
+    const payloadDataNew = Object.assign({}, payloadData, { [this.scope.config.payloadData.fields.token]: token });
+    await this.scope.service.redisToken.create(payloadDataNew);
+    return payloadDataNew;
+  }
+
+  async retrieve(payloadData: IPayloadData): Promise<IPayloadData | undefined> {
+    return await this.scope.service.redisToken.retrieve(payloadData);
+  }
+
+  async verify(payloadData: IPayloadData): Promise<boolean> {
+    return await this.scope.service.redisToken.verify(payloadData);
+  }
+
+  async refresh(payloadData: IPayloadData): Promise<void> {
+    await this.scope.service.redisToken.refresh(payloadData);
+  }
+
+  async remove(payloadData: IPayloadData): Promise<void> {
+    await this.scope.service.redisToken.remove(payloadData);
+  }
+
+  async removeAll(user: IUser): Promise<void> {
+    await this.scope.service.redisToken.removeAll(user);
+  }
+
+  private _getAuthId(payloadData: IPayloadData) {
+    return payloadData[this.scope.config.payloadData.fields.authId];
+  }
+}

package/src/service/redisToken.ts

@@ -0,0 +1,68 @@
+import type { IPayloadData } from 'vona-module-a-jwt';
+import type { IUser } from 'vona-module-a-user';
+
+import { BeanBase } from 'vona';
+import { Service } from 'vona-module-a-bean';
+
+@Service()
+export class ServiceRedisToken extends BeanBase {
+  async verify(payloadData: IPayloadData) {
+    const payloadData2 = await this.retrieve(payloadData);
+    if (!payloadData2) return false;
+    if (this._getToken(payloadData2) !== this._getToken(payloadData)) return false;
+    return true;
+  }
+
+  async retrieve(payloadData: IPayloadData): Promise<IPayloadData | undefined> {
+    const key = this._getAuthRedisKey(payloadData);
+    if (!key) return;
+    const token = await this.scope.cacheRedis.authToken.get(key);
+    if (!token) return;
+    return { ...payloadData, [this.scope.config.payloadData.fields.token]: token };
+  }
+
+  async create(payloadData: IPayloadData) {
+    const key = this._getAuthRedisKey(payloadData);
+    if (!key || !this._getToken(payloadData)) return this.app.throw(401);
+    await this.scope.cacheRedis.authToken.set(this._getToken(payloadData), key);
+  }
+
+  async refresh(payloadData: IPayloadData) {
+    const key = this._getAuthRedisKey(payloadData);
+    if (!key) return this.app.throw(401);
+    await this.scope.cacheRedis.authToken.expire(key);
+  }
+
+  async remove(payloadData: IPayloadData) {
+    const key = this._getAuthRedisKey(payloadData);
+    if (!key) return;
+    await this.scope.cacheRedis.authToken.del(key);
+  }
+
+  async removeAll(user: IUser) {
+    const keyPrefix = this._getAuthRedisKeyPrefix(user);
+    const keys = await this.scope.cacheRedis.authToken.lookupKeys(keyPrefix, true);
+    await this.scope.cacheRedis.authToken.mdel(keys);
+  }
+
+  private _getAuthRedisKey(payloadData: IPayloadData) {
+    if (!this.ctx.instance) return;
+    return `${this._getUserId(payloadData)}:${this._getAuthId(payloadData)}`;
+  }
+
+  private _getAuthRedisKeyPrefix(user: IUser) {
+    return `${user.id}`;
+  }
+
+  private _getToken(payloadData: IPayloadData) {
+    return payloadData[this.scope.config.payloadData.fields.token];
+  }
+
+  private _getAuthId(payloadData: IPayloadData) {
+    return payloadData[this.scope.config.payloadData.fields.authId];
+  }
+
+  private _getUserId(payloadData: IPayloadData) {
+    return payloadData[this.scope.config.payloadData.fields.userId];
+  }
+}

package/src/types/auth.ts

@@ -0,0 +1,26 @@
+import type { TableIdentity } from 'table-identity';
+import type { IAuthProviderRecord } from 'vona-module-a-auth';
+
+export interface IAuthIdRecord {
+  '-1': 'dev';
+  '-10000': 'mock';
+}
+
+export interface IAuthProvider {
+  id: TableIdentity;
+  providerName: keyof IAuthProviderRecord;
+  clientName: string;
+}
+
+export interface IAuth {
+  id: TableIdentity;
+  profileId?: string;
+  authProvider?: IAuthProvider;
+}
+
+export type TypeAuthToken = 'recreate' | 'refresh' | 'nochange';
+
+export interface ISigninOptions {
+  /** default: refresh */
+  authToken?: TypeAuthToken;
+}

package/src/types/authProfile.ts

@@ -0,0 +1,23 @@
+import type { ILocaleRecord } from 'vona';
+
+export interface IAuthUserProfilePropSlice {
+  value: string;
+}
+
+export interface IAuthUserProfileName {
+  familyName?: string;
+  givenName?: string;
+  middleName?: string;
+}
+export interface IAuthUserProfile {
+  id: string;
+  username?: string;
+  displayName?: string;
+  name?: IAuthUserProfileName;
+  gender?: string; // male/female
+  profileUrl?: string;
+  emails?: IAuthUserProfilePropSlice[];
+  photos?: IAuthUserProfilePropSlice[];
+  locale?: keyof ILocaleRecord;
+  confirmed?: boolean;
+}

package/src/types/authToken.ts

@@ -0,0 +1,12 @@
+import type { IPayloadData } from 'vona-module-a-jwt';
+
+import type { IUser } from './user.ts';
+
+export interface IAuthTokenAdapter {
+  create(payloadData: IPayloadData): Promise<IPayloadData>;
+  retrieve(payloadData: IPayloadData): Promise<IPayloadData | undefined>;
+  verify(payloadData: IPayloadData): Promise<boolean>;
+  refresh(payloadData: IPayloadData): Promise<void>;
+  remove(payloadData: IPayloadData): Promise<void>;
+  removeAll(user: IUser): Promise<void>;
+}

package/src/types/index.ts

@@ -0,0 +1,6 @@
+export * from './auth.ts';
+export * from './authProfile.ts';
+export * from './authToken.ts';
+export * from './passport.ts';
+export * from './role.ts';
+export * from './user.ts';

package/src/types/passport.ts

@@ -0,0 +1,29 @@
+import type { IPayloadData } from 'vona-module-a-jwt';
+
+import type { IAuth } from './auth.ts';
+import type { IRole } from './role.ts';
+import type { IUser } from './user.ts';
+
+export interface IPassport {
+  user?: IUser;
+  auth?: IAuth;
+  roles?: IRole[];
+}
+
+export interface IPassportAdapter {
+  isAdmin(passport: IPassport | undefined): Promise<boolean>;
+  setCurrent(passport: IPassport | undefined): Promise<IPassport | undefined>;
+  serialize(passport: IPassport): Promise<IPayloadData>;
+  deserialize(payloadData: IPayloadData): Promise<IPassport | undefined>;
+}
+
+declare module 'vona' {
+  export interface ContextState {
+    passport?: IPassport;
+  }
+
+  export interface VonaContext {
+    get user(): IUser;
+    get passport(): IPassport;
+  }
+}

package/src/types/role.ts

@@ -0,0 +1,19 @@
+import type { TableIdentity } from 'table-identity';
+
+export interface IRoleNameRecord {
+  admin: never;
+}
+
+export interface IRoleIdRecord {}
+
+export interface IRole {
+  id: TableIdentity;
+  name: string;
+}
+
+export interface IRoleAdapter {
+  findOneByName(name: string): Promise<IRole | undefined>;
+  findOne(role: Partial<IRole>): Promise<IRole | undefined>;
+  findAllByUserId(userId: TableIdentity): Promise<IRole[] | undefined>;
+  addUserId(id: TableIdentity, userId: TableIdentity): Promise<TableIdentity>;
+}

package/src/types/user.ts

@@ -0,0 +1,35 @@
+import type { TableIdentity } from 'table-identity';
+import type { ILocaleRecord } from 'vona';
+
+import type { IAuthUserProfile } from './authProfile.ts';
+
+export interface IUserNameRecord {
+  admin: never;
+}
+
+export interface IUserIdRecord {
+  '-1': 'anonymous';
+}
+
+export interface IUser {
+  id: TableIdentity;
+  name: string;
+  avatar?: string;
+  email?: string;
+  mobile?: string;
+  activated?: boolean;
+  locale?: keyof ILocaleRecord;
+  tz?: string;
+  anonymous?: boolean;
+}
+
+export interface IUserAdapter {
+  create(user: Partial<IUser>): Promise<IUser>;
+  userOfProfile(profile: IAuthUserProfile): Promise<Partial<IUser>>;
+  createAnonymous(): Promise<Partial<IUser>>;
+  findOneByName(name: string): Promise<IUser | undefined>;
+  findOne(user: Partial<IUser>): Promise<IUser | undefined>;
+  update(user: Partial<IUser>): Promise<void>;
+  remove(user: Partial<IUser>): Promise<void>;
+  setActivated(id: TableIdentity, activated: boolean): Promise<void>;
+}