wabe 0.6.9 → 0.6.10

package/src/authentication/resolvers/signUpWithResolver.ts

@@ -0,0 +1,69 @@
+import type { SignUpWithInput } from '../../../generated/wabe'
+import type { WabeContext } from '../../server/interface'
+import { Session } from '../Session'
+
+// 0 - Get the authentication method
+// 1 - We check if the signUp is possible (call onSign)
+// 2 - We create the user
+// 3 - We create session
+export const signUpWithResolver = async (
+	_: any,
+	{
+		input,
+	}: {
+		input: SignUpWithInput
+	},
+	context: WabeContext<any>,
+) => {
+	if (context.wabe.config.authentication?.disableSignUp)
+		throw new Error('SignUp is disabled')
+
+	// Create object call the provider signUp
+	const res = await context.wabe.controllers.database.createObject({
+		className: 'User',
+		data: {
+			authentication: input.authentication,
+		},
+		context,
+		select: { id: true },
+	})
+
+	const createdUserId = res?.id
+
+	const session = new Session()
+
+	if (!createdUserId) throw new Error('User not created')
+
+	const { accessToken, refreshToken, csrfToken } = await session.create(
+		createdUserId,
+		context,
+	)
+
+	if (context.wabe.config.authentication?.session?.cookieSession) {
+		context.response?.setCookie('refreshToken', refreshToken, {
+			httpOnly: true,
+			path: '/',
+			sameSite: 'Strict',
+			secure: true,
+			expires: session.getRefreshTokenExpireAt(context.wabe.config),
+		})
+
+		context.response?.setCookie('accessToken', accessToken, {
+			httpOnly: true,
+			path: '/',
+			sameSite: 'Strict',
+			secure: true,
+			expires: session.getAccessTokenExpireAt(context.wabe.config),
+		})
+
+		context.response?.setCookie('csrfToken', csrfToken, {
+			httpOnly: true,
+			path: '/',
+			sameSite: 'Strict',
+			secure: true,
+			expires: session.getAccessTokenExpireAt(context.wabe.config),
+		})
+	}
+
+	return { accessToken, refreshToken, csrfToken, id: createdUserId }
+}

package/src/authentication/resolvers/verifyChallenge.test.ts

@@ -0,0 +1,136 @@
+import { describe, expect, it, beforeEach, mock, spyOn } from 'bun:test'
+import { verifyChallengeResolver } from './verifyChallenge'
+import type { WabeContext } from '../../server/interface'
+import { Session } from '../Session'
+
+describe('verifyChallenge', () => {
+	const mockOnVerifyChallenge = mock(() => Promise.resolve(true))
+
+	const context: WabeContext<any> = {
+		sessionId: 'sessionId',
+		user: {
+			id: 'userId',
+		} as any,
+		wabe: {
+			config: {
+				authentication: {
+					customAuthenticationMethods: [
+						{
+							name: 'fakeOtp',
+							input: {
+								code: {
+									type: 'String',
+									required: true,
+								},
+							},
+							provider: {
+								onVerifyChallenge: mockOnVerifyChallenge,
+								onSendChallenge: () => Promise.resolve(),
+							},
+						},
+					],
+				},
+			},
+		},
+	} as any
+
+	beforeEach(() => {
+		mockOnVerifyChallenge.mockClear()
+	})
+
+	it('should throw an error if no one factor is provided', () => {
+		expect(
+			verifyChallengeResolver(
+				undefined,
+				{
+					input: {},
+				},
+				context,
+			),
+		).rejects.toThrow('One factor is required')
+	})
+
+	it('should throw an error if more than one factor is provided', () => {
+		expect(
+			verifyChallengeResolver(
+				undefined,
+				{
+					input: {
+						secondFA: {
+							// @ts-expect-error
+							factor1: {},
+							factor2: {},
+						},
+					},
+				},
+				context,
+			),
+		).rejects.toThrow('Only one factor is allowed')
+	})
+
+	it('should throw an error if the onVerifyChallenge failed', () => {
+		mockOnVerifyChallenge.mockResolvedValue(false as never)
+
+		expect(
+			verifyChallengeResolver(
+				undefined,
+				{
+					input: {
+						secondFA: {
+							// @ts-expect-error
+							fakeOtp: {
+								code: '123456',
+							},
+						},
+					},
+				},
+				context,
+			),
+		).rejects.toThrow('Invalid challenge')
+	})
+
+	it('should return userId if the verifyChallenge is correct', async () => {
+		const spyCreateSession = spyOn(
+			Session.prototype,
+			'create',
+		).mockResolvedValue({
+			accessToken: 'accessToken',
+			refreshToken: 'refreshToken',
+			sessionId: 'sessionId',
+			csrfToken: 'csrfToken',
+		})
+
+		mockOnVerifyChallenge.mockResolvedValue({ userId: 'userId' } as never)
+
+		expect(
+			await verifyChallengeResolver(
+				undefined,
+				{
+					input: {
+						secondFA: {
+							// @ts-expect-error
+							fakeOtp: {
+								code: '123456',
+							},
+						},
+					},
+				},
+				context,
+			),
+		).toEqual({
+			accessToken: 'accessToken',
+			srp: undefined,
+		})
+
+		expect(mockOnVerifyChallenge).toHaveBeenCalledTimes(1)
+		expect(mockOnVerifyChallenge).toHaveBeenCalledWith({
+			input: { code: '123456' },
+			context: expect.any(Object),
+		})
+
+		expect(spyCreateSession).toHaveBeenCalledTimes(1)
+		expect(spyCreateSession).toHaveBeenCalledWith('userId', context)
+
+		spyCreateSession.mockRestore()
+	})
+})

package/src/authentication/resolvers/verifyChallenge.ts

@@ -0,0 +1,69 @@
+import type { VerifyChallengeInput } from '../../../generated/wabe'
+import type { WabeContext } from '../../server/interface'
+import type { DevWabeTypes } from '../../utils/helper'
+import { Session } from '../Session'
+import type { SecondaryProviderInterface } from '../interface'
+import { getAuthenticationMethod } from '../utils'
+
+export const verifyChallengeResolver = async (
+	_: any,
+	{
+		input,
+	}: {
+		input: VerifyChallengeInput
+	},
+	context: WabeContext<DevWabeTypes>,
+) => {
+	if (!input.secondFA) throw new Error('One factor is required')
+
+	const listOfFactor = Object.keys(input.secondFA)
+
+	if (listOfFactor.length > 1) throw new Error('Only one factor is allowed')
+
+	const { provider, name } = getAuthenticationMethod<
+		any,
+		SecondaryProviderInterface<DevWabeTypes>
+	>(listOfFactor, context)
+
+	const result = await provider.onVerifyChallenge({
+		context,
+		// @ts-expect-error
+		input: input.secondFA[name],
+	})
+
+	if (!result?.userId) throw new Error('Invalid challenge')
+
+	const session = new Session()
+
+	const { accessToken, refreshToken } = await session.create(
+		result.userId,
+		context,
+	)
+
+	if (context.wabe.config.authentication?.session?.cookieSession) {
+		const accessTokenExpiresAt = session.getAccessTokenExpireAt(
+			context.wabe.config,
+		)
+		const refreshTokenExpiresAt = session.getRefreshTokenExpireAt(
+			context.wabe.config,
+		)
+
+		context.response?.setCookie('refreshToken', refreshToken, {
+			httpOnly: true,
+			path: '/',
+			sameSite: 'None',
+			secure: true,
+			expires: refreshTokenExpiresAt,
+		})
+
+		context.response?.setCookie('accessToken', accessToken, {
+			httpOnly: true,
+			path: '/',
+			sameSite: 'None',
+			secure: true,
+			expires: accessTokenExpiresAt,
+		})
+	}
+
+	return { accessToken, srp: result.srp }
+}

package/src/authentication/roles.test.ts

@@ -0,0 +1,59 @@
+import { afterAll, beforeAll, describe, it, expect } from 'bun:test'
+import type { Wabe } from '../server'
+import type { DevWabeTypes } from '../utils/helper'
+import { initializeRoles } from './roles'
+import { setupTests, closeTests } from '../utils/testHelper'
+
+describe('roles', () => {
+	let wabe: Wabe<DevWabeTypes>
+
+	beforeAll(async () => {
+		const setup = await setupTests()
+		wabe = setup.wabe
+	})
+
+	afterAll(async () => {
+		await closeTests(wabe)
+	})
+
+	it('should create all roles', async () => {
+		await wabe.controllers.database.clearDatabase()
+
+		await initializeRoles(wabe)
+
+		const res = await wabe.controllers.database.getObjects({
+			className: 'Role',
+			context: { isRoot: true, wabe: wabe },
+			select: { name: true },
+		})
+
+		expect(res.length).toEqual(4)
+		expect(res.map((role) => role?.name)).toEqual([
+			'Client',
+			'Client2',
+			'Client3',
+			'Admin',
+		])
+	})
+
+	it('should not create all roles if there already exist', async () => {
+		await wabe.controllers.database.clearDatabase()
+
+		await initializeRoles(wabe)
+		await initializeRoles(wabe)
+
+		const res = await wabe.controllers.database.getObjects({
+			className: 'Role',
+			context: { isRoot: true, wabe: wabe },
+			select: { name: true },
+		})
+
+		expect(res.length).toEqual(4)
+		expect(res.map((role) => role?.name)).toEqual([
+			'Client',
+			'Client2',
+			'Client3',
+			'Admin',
+		])
+	})
+})

package/src/authentication/roles.ts

@@ -0,0 +1,40 @@
+import { notEmpty, type Wabe } from '..'
+import type { DevWabeTypes } from '../utils/helper'
+
+export const initializeRoles = async (wabe: Wabe<DevWabeTypes>) => {
+	const roles = wabe.config?.authentication?.roles || []
+
+	if (roles.length === 0) return
+
+	const res = await wabe.controllers.database.getObjects({
+		className: 'Role',
+		context: {
+			isRoot: true,
+			wabe,
+		},
+		select: { name: true },
+		where: {
+			name: {
+				in: roles,
+			},
+		},
+	})
+
+	const alreadyCreatedRoles = res.map((role) => role?.name).filter(notEmpty)
+
+	const objectsToCreate = roles
+		.filter((role) => !alreadyCreatedRoles.includes(role))
+		.map((role) => ({ name: role }))
+
+	if (objectsToCreate.length === 0) return
+
+	await wabe.controllers.database.createObjects({
+		className: 'Role',
+		context: {
+			isRoot: true,
+			wabe,
+		},
+		data: objectsToCreate,
+		select: {},
+	})
+}

package/src/authentication/utils.test.ts

@@ -0,0 +1,99 @@
+import { describe, expect, it, mock } from 'bun:test'
+import { getAuthenticationMethod } from './utils'
+
+describe('Authentication utils', () => {
+	const mockOnSignIn = mock(() => Promise.resolve({}))
+	const mockOnSignUp = mock(() => Promise.resolve({}))
+
+	const mockOnSendChallenge = mock(() => Promise.resolve())
+	const mockOnVerifyChallenge = mock(() => Promise.resolve(true))
+
+	const config = {
+		authentication: {
+			customAuthenticationMethods: [
+				{
+					name: 'otp',
+					input: {
+						code: {
+							type: 'String',
+							required: true,
+						},
+					},
+					provider: {
+						name: 'otp',
+						onSendChallenge: mockOnSendChallenge as any,
+						onVerifyChallenge: mockOnVerifyChallenge as any,
+					},
+					isSecondaryFactor: true,
+					dataToStore: {},
+				},
+				{
+					name: 'emailPassword',
+					input: {
+						email: {
+							type: 'Email',
+							required: true,
+						},
+						password: {
+							type: 'String',
+							required: true,
+						},
+					},
+					provider: {
+						name: 'emailPassword',
+						onSignUp: mockOnSignIn as any,
+						onSignIn: mockOnSignUp as any,
+					},
+					dataToStore: {},
+				},
+			],
+		},
+	} as any
+
+	it('should throw an error if we provided two authentication methods', () => {
+		expect(() =>
+			getAuthenticationMethod(['emailPassword', 'otherAuthenticationMethod'], {
+				wabe: { config },
+			} as any),
+		).toThrow('One authentication method is required at the time')
+	})
+
+	it('should throw an error if no authentication methods is provided', () => {
+		expect(() =>
+			getAuthenticationMethod([], { wabe: { config } } as any),
+		).toThrow('One authentication method is required at the time')
+	})
+
+	it('should throw an error if no one authentication method is found', () => {
+		expect(() =>
+			getAuthenticationMethod(['otherAuthenticationMethod'], {
+				wabe: { config },
+			} as any),
+		).toThrow('No available custom authentication methods found')
+	})
+
+	it('should find a secondary factor method', () => {
+		expect(
+			getAuthenticationMethod(['otp'], { wabe: { config } } as any),
+		).toEqual({
+			name: 'otp',
+			input: expect.any(Object),
+			provider: expect.any(Object),
+			isSecondaryFactor: true,
+			dataToStore: {},
+		})
+	})
+
+	it('should return the valid authentication method', () => {
+		expect(
+			getAuthenticationMethod(['emailPassword'], {
+				wabe: { config },
+			} as any),
+		).toEqual({
+			name: 'emailPassword',
+			input: expect.any(Object),
+			provider: expect.any(Object),
+			dataToStore: {},
+		})
+	})
+})

package/src/authentication/utils.ts

@@ -0,0 +1,43 @@
+import type { WabeTypes } from '../server'
+import type { WabeContext } from '../server/interface'
+import type {
+	CustomAuthenticationMethods,
+	ProviderInterface,
+	SecondaryProviderInterface,
+} from './interface'
+
+export const getAuthenticationMethod = <
+	T extends WabeTypes,
+	U = ProviderInterface<T> | SecondaryProviderInterface<T>,
+>(
+	listOfMethods: string[],
+	context: WabeContext<any>,
+): CustomAuthenticationMethods<T, U> => {
+	const customAuthenticationConfig =
+		context.wabe.config?.authentication?.customAuthenticationMethods
+
+	if (!customAuthenticationConfig)
+		throw new Error('No custom authentication methods found')
+
+	// We remove the secondary factor to only get all authentication methods
+	const authenticationMethods = listOfMethods.filter(
+		(method) => method !== 'secondaryFactor',
+	)
+
+	// We check if the client don't use multiple authentication methods at the same time
+	if (authenticationMethods.length > 1 || authenticationMethods.length === 0)
+		throw new Error('One authentication method is required at the time')
+
+	const authenticationMethod = authenticationMethods[0]
+
+	// We check if the authentication method is valid
+	const validAuthenticationMethod = customAuthenticationConfig.find(
+		(method) =>
+			method.name.toLowerCase() === authenticationMethod?.toLowerCase(),
+	)
+
+	if (!validAuthenticationMethod)
+		throw new Error('No available custom authentication methods found')
+
+	return validAuthenticationMethod as CustomAuthenticationMethods<T, U>
+}

package/src/cache/InMemoryCache.test.ts

@@ -0,0 +1,62 @@
+import { describe, expect, it, beforeEach, spyOn } from 'bun:test'
+import { InMemoryCache } from './InMemoryCache'
+
+describe('InMemoryCache', () => {
+	const inMemoryCache = new InMemoryCache({
+		interval: 100,
+	})
+
+	beforeEach(() => {
+		inMemoryCache.clear()
+	})
+
+	it('should init a InMemoryCache', () => {
+		const spySetInterval = spyOn(global, 'setInterval')
+		const spyClearInterval = spyOn(global, 'clearInterval')
+
+		const store = new InMemoryCache({ interval: 100 })
+
+		store.stop()
+
+		expect(spySetInterval).toHaveBeenCalledTimes(1)
+		expect(spySetInterval).toHaveBeenCalledWith(expect.any(Function), 100)
+		expect(spyClearInterval).toHaveBeenCalledTimes(1)
+		expect(spyClearInterval).toHaveBeenCalledWith(store.intervalId)
+	})
+
+	it('should store a value', () => {
+		inMemoryCache.set('key', 'value')
+
+		expect(inMemoryCache.get('key')).toBe('value')
+	})
+
+	it('should clear an in memory cache', () => {
+		inMemoryCache.set('key', 'value')
+
+		expect(inMemoryCache.get('key')).toBe('value')
+
+		inMemoryCache.clear()
+
+		expect(inMemoryCache.get('key')).toBeUndefined()
+	})
+
+	it('should return undefined if the key does not exist', () => {
+		expect(inMemoryCache.get('key2')).toBeUndefined()
+	})
+
+	it('should clear a cache after timeLimit', () => {
+		const localInMemoryCache = new InMemoryCache({
+			interval: 100,
+		})
+
+		localInMemoryCache.set('key', 'value')
+
+		setTimeout(() => {
+			expect(localInMemoryCache.get('key')).not.toBeUndefined()
+		}, 50)
+
+		setTimeout(() => {
+			expect(localInMemoryCache.get('key')).toBeUndefined()
+		}, 100)
+	})
+})

package/src/cache/InMemoryCache.ts

@@ -0,0 +1,45 @@
+export interface InMemoryCacheOptions {
+	/**
+	 * Interval in ms to clear the cache
+	 */
+	interval: number
+}
+
+/**
+ * InMemoryCache is a class that stores data for a certain amount of time
+ */
+export class InMemoryCache<T> {
+	private options: InMemoryCacheOptions
+	private store: Record<string, any>
+
+	public intervalId: Timer | undefined = undefined
+
+	constructor(options: InMemoryCacheOptions) {
+		this.options = options
+		this.store = {}
+
+		this._init()
+	}
+
+	_init() {
+		this.intervalId = setInterval(() => {
+			this.clear()
+		}, this.options.interval)
+	}
+
+	set(key: string, value: T) {
+		this.store[key] = value
+	}
+
+	get(key: string): T | undefined {
+		return this.store[key]
+	}
+
+	clear() {
+		this.store = {}
+	}
+
+	stop() {
+		clearInterval(this.intervalId)
+	}
+}

package/src/cron/index.test.ts

@@ -0,0 +1,17 @@
+import { describe, expect, it, mock } from 'bun:test'
+import { cron } from '.'
+
+describe('cron', () => {
+	it('should run the function', () => {
+		const run = mock()
+
+		const job = cron({
+			pattern: '* * * * * *',
+			run,
+		})({} as any)
+
+		job.trigger()
+
+		expect(run).toHaveBeenCalledTimes(1)
+	})
+})

package/src/cron/index.ts

@@ -0,0 +1,46 @@
+import { Cron } from 'croner'
+import type { Wabe, WabeTypes } from '../server'
+
+export type OutputCron<T extends WabeTypes> = (wabe: Wabe<T>) => Cron
+
+export const cron =
+	<T extends WabeTypes>({
+		pattern,
+		run,
+		maxRuns,
+		enabledProtectedRuns,
+	}: {
+		pattern: string
+		maxRuns?: number
+		enabledProtectedRuns?: boolean
+		run: (wabe: Wabe<T>) => any | Promise<any>
+	}): OutputCron<T> =>
+	(wabe: Wabe<T>) =>
+		new Cron(pattern, { maxRuns, protect: enabledProtectedRuns }, () =>
+			run(wabe),
+		)
+
+export enum CronExpressions {
+	EVERY_SECOND = '* * * * * *',
+	EVERY_MINUTE = '0 * * * * *',
+	EVERY_HOUR = '0 0 * * * *',
+	EVERY_DAY_AT_MIDNIGHT = '0 0 0 * * *',
+	EVERY_WEEK = '0 0 0 * * 0',
+	EVERY_MONTH = '0 0 0 1 * *',
+	EVERY_YEAR = '0 0 0 1 1 *',
+	WEEKDAYS_MORNING = '0 0 7 * * 1-5', // Every weekday at 7 AM
+	WEEKENDS_EVENING = '0 0 19 * * 6-7', // Every weekend at 7 PM
+	FIRST_DAY_OF_MONTH = '0 0 0 1 * *',
+	LAST_DAY_OF_MONTH = '0 0 0 L * *', // L stands for the last day of the month
+	EVERY_15_MINUTES = '0 */15 * * * *',
+	EVERY_30_MINUTES = '0 */30 * * * *',
+	EVERY_2_HOURS = '0 0 */2 * * *',
+	EVERY_6_HOURS = '0 0 */6 * * *',
+	EVERY_12_HOURS = '0 0 */12 * * *',
+}
+
+export type CronConfig<T extends WabeTypes> = Array<{
+	name: string
+	cron: OutputCron<T>
+	job?: Cron
+}>