npm - wabe - Versions diffs - 0.6.9 → 0.6.10 - Mend

wabe 0.6.9 → 0.6.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (158) hide show

package/README.md +138 -32
package/bucket/b.txt +1 -0
package/dev/index.ts +215 -0
package/dist/authentication/Session.d.ts +4 -1
package/dist/authentication/interface.d.ts +16 -0
package/dist/email/interface.d.ts +1 -1
package/dist/graphql/resolvers.d.ts +4 -2
package/dist/hooks/index.d.ts +1 -0
package/dist/index.d.ts +0 -1
package/dist/index.js +8713 -8867
package/dist/server/index.d.ts +4 -2
package/dist/utils/crypto.d.ts +7 -0
package/dist/utils/helper.d.ts +4 -1
package/generated/schema.graphql +16 -14
package/generated/wabe.ts +4 -4
package/package.json +15 -15
package/src/authentication/OTP.test.ts +69 -0
package/src/authentication/OTP.ts +66 -0
package/src/authentication/Session.test.ts +665 -0
package/src/authentication/Session.ts +529 -0
package/src/authentication/defaultAuthentication.ts +214 -0
package/src/authentication/index.ts +3 -0
package/src/authentication/interface.ts +157 -0
package/src/authentication/oauth/GitHub.test.ts +105 -0
package/src/authentication/oauth/GitHub.ts +133 -0
package/src/authentication/oauth/Google.test.ts +105 -0
package/src/authentication/oauth/Google.ts +110 -0
package/src/authentication/oauth/Oauth2Client.test.ts +225 -0
package/src/authentication/oauth/Oauth2Client.ts +140 -0
package/src/authentication/oauth/index.ts +2 -0
package/src/authentication/oauth/utils.test.ts +35 -0
package/src/authentication/oauth/utils.ts +28 -0
package/src/authentication/providers/EmailOTP.test.ts +138 -0
package/src/authentication/providers/EmailOTP.ts +93 -0
package/src/authentication/providers/EmailPassword.test.ts +187 -0
package/src/authentication/providers/EmailPassword.ts +130 -0
package/src/authentication/providers/EmailPasswordSRP.test.ts +206 -0
package/src/authentication/providers/EmailPasswordSRP.ts +184 -0
package/src/authentication/providers/GitHub.ts +30 -0
package/src/authentication/providers/Google.ts +30 -0
package/src/authentication/providers/OAuth.test.ts +185 -0
package/src/authentication/providers/OAuth.ts +112 -0
package/src/authentication/providers/PhonePassword.test.ts +187 -0
package/src/authentication/providers/PhonePassword.ts +129 -0
package/src/authentication/providers/QRCodeOTP.test.ts +79 -0
package/src/authentication/providers/QRCodeOTP.ts +65 -0
package/src/authentication/providers/index.ts +6 -0
package/src/authentication/resolvers/refreshResolver.test.ts +37 -0
package/src/authentication/resolvers/refreshResolver.ts +20 -0
package/src/authentication/resolvers/signInWithResolver.inte.test.ts +59 -0
package/src/authentication/resolvers/signInWithResolver.test.ts +307 -0
package/src/authentication/resolvers/signInWithResolver.ts +102 -0
package/src/authentication/resolvers/signOutResolver.test.ts +41 -0
package/src/authentication/resolvers/signOutResolver.ts +22 -0
package/src/authentication/resolvers/signUpWithResolver.test.ts +186 -0
package/src/authentication/resolvers/signUpWithResolver.ts +69 -0
package/src/authentication/resolvers/verifyChallenge.test.ts +136 -0
package/src/authentication/resolvers/verifyChallenge.ts +69 -0
package/src/authentication/roles.test.ts +59 -0
package/src/authentication/roles.ts +40 -0
package/src/authentication/utils.test.ts +99 -0
package/src/authentication/utils.ts +43 -0
package/src/cache/InMemoryCache.test.ts +62 -0
package/src/cache/InMemoryCache.ts +45 -0
package/src/cron/index.test.ts +17 -0
package/src/cron/index.ts +46 -0
package/src/database/DatabaseController.test.ts +625 -0
package/src/database/DatabaseController.ts +983 -0
package/src/database/index.test.ts +1230 -0
package/src/database/index.ts +9 -0
package/src/database/interface.ts +312 -0
package/src/email/DevAdapter.ts +8 -0
package/src/email/EmailController.test.ts +29 -0
package/src/email/EmailController.ts +13 -0
package/src/email/index.ts +2 -0
package/src/email/interface.ts +36 -0
package/src/email/templates/sendOtpCode.ts +120 -0
package/src/file/FileController.ts +28 -0
package/src/file/FileDevAdapter.ts +54 -0
package/src/file/hookDeleteFile.ts +27 -0
package/src/file/hookReadFile.ts +70 -0
package/src/file/hookUploadFile.ts +53 -0
package/src/file/index.test.ts +979 -0
package/src/file/index.ts +2 -0
package/src/file/interface.ts +42 -0
package/src/graphql/GraphQLSchema.test.ts +4399 -0
package/src/graphql/GraphQLSchema.ts +928 -0
package/src/graphql/index.ts +2 -0
package/src/graphql/parseGraphqlSchema.ts +94 -0
package/src/graphql/parser.test.ts +217 -0
package/src/graphql/parser.ts +566 -0
package/src/graphql/pointerAndRelationFunction.ts +200 -0
package/src/graphql/resolvers.ts +467 -0
package/src/graphql/tests/aggregation.test.ts +1123 -0
package/src/graphql/tests/e2e.test.ts +596 -0
package/src/graphql/tests/scalars.test.ts +250 -0
package/src/graphql/types.ts +219 -0
package/src/hooks/HookObject.test.ts +122 -0
package/src/hooks/HookObject.ts +168 -0
package/src/hooks/authentication.ts +76 -0
package/src/hooks/createUser.test.ts +77 -0
package/src/hooks/createUser.ts +10 -0
package/src/hooks/defaultFields.test.ts +187 -0
package/src/hooks/defaultFields.ts +40 -0
package/src/hooks/deleteSession.test.ts +181 -0
package/src/hooks/deleteSession.ts +20 -0
package/src/hooks/hashFieldHook.test.ts +163 -0
package/src/hooks/hashFieldHook.ts +97 -0
package/src/hooks/index.test.ts +207 -0
package/src/hooks/index.ts +430 -0
package/src/hooks/permissions.test.ts +424 -0
package/src/hooks/permissions.ts +113 -0
package/src/hooks/protected.test.ts +551 -0
package/src/hooks/protected.ts +72 -0
package/src/hooks/searchableFields.test.ts +166 -0
package/src/hooks/searchableFields.ts +98 -0
package/src/hooks/session.test.ts +138 -0
package/src/hooks/session.ts +78 -0
package/src/hooks/setEmail.test.ts +216 -0
package/src/hooks/setEmail.ts +35 -0
package/src/hooks/setupAcl.test.ts +589 -0
package/src/hooks/setupAcl.ts +29 -0
package/src/index.ts +9 -0
package/src/schema/Schema.test.ts +484 -0
package/src/schema/Schema.ts +795 -0
package/src/schema/defaultResolvers.ts +94 -0
package/src/schema/index.ts +1 -0
package/src/schema/resolvers/meResolver.test.ts +62 -0
package/src/schema/resolvers/meResolver.ts +14 -0
package/src/schema/resolvers/newFile.ts +0 -0
package/src/schema/resolvers/resetPassword.test.ts +345 -0
package/src/schema/resolvers/resetPassword.ts +64 -0
package/src/schema/resolvers/sendEmail.test.ts +118 -0
package/src/schema/resolvers/sendEmail.ts +21 -0
package/src/schema/resolvers/sendOtpCode.test.ts +153 -0
package/src/schema/resolvers/sendOtpCode.ts +52 -0
package/src/security.test.ts +3461 -0
package/src/server/defaultSessionHandler.test.ts +66 -0
package/src/server/defaultSessionHandler.ts +115 -0
package/src/server/generateCodegen.ts +476 -0
package/src/server/index.test.ts +552 -0
package/src/server/index.ts +354 -0
package/src/server/interface.ts +11 -0
package/src/server/routes/authHandler.ts +187 -0
package/src/server/routes/index.ts +40 -0
package/src/utils/crypto.test.ts +41 -0
package/src/utils/crypto.ts +121 -0
package/src/utils/export.ts +13 -0
package/src/utils/helper.ts +195 -0
package/src/utils/index.test.ts +11 -0
package/src/utils/index.ts +201 -0
package/src/utils/preload.ts +8 -0
package/src/utils/testHelper.ts +117 -0
package/tsconfig.json +32 -0
package/bunfig.toml +0 -4
package/dist/ai/index.d.ts +0 -1
package/dist/ai/interface.d.ts +0 -9
/package/dist/server/{defaultHandlers.d.ts → defaultSessionHandler.d.ts} +0 -0

package/src/schema/resolvers/sendEmail.ts ADDED Viewed

@@ -0,0 +1,21 @@
+import type { MutationSendEmailArgs } from '../../../generated/wabe'
+import type { WabeContext } from '../../server/interface'
+import type { DevWabeTypes } from '../../utils/helper'
+export const sendEmailResolver = (
+	_: any,
+	{ input }: MutationSendEmailArgs,
+	context: WabeContext<DevWabeTypes>,
+) => {
+	if (!context.user && !context.isRoot) throw new Error('Permission denied')
+	const emailController = context.wabe.controllers.email
+	if (!emailController) throw new Error('Email adapter not defined')
+	return emailController.send({
+		...input,
+		text: input.text ?? undefined,
+		html: input.html ?? undefined,
+	})
+}

package/src/schema/resolvers/sendOtpCode.test.ts ADDED Viewed

@@ -0,0 +1,153 @@
+import {
+	describe,
+	afterAll,
+	beforeAll,
+	it,
+	spyOn,
+	expect,
+	beforeEach,
+} from 'bun:test'
+import { gql, type GraphQLClient } from 'graphql-request'
+import type { Wabe } from '../../server'
+import {
+	type DevWabeTypes,
+	getGraphqlClient,
+	getAnonymousClient,
+} from '../../utils/helper'
+import { setupTests, closeTests } from '../../utils/testHelper'
+import { EmailDevAdapter } from '../../email/DevAdapter'
+describe('sendOtpCodeResolver', () => {
+	let wabe: Wabe<DevWabeTypes>
+	let port: number
+	let client: GraphQLClient
+	const spySend = spyOn(EmailDevAdapter.prototype, 'send')
+	beforeAll(async () => {
+		const setup = await setupTests()
+		wabe = setup.wabe
+		port = setup.port
+		client = getGraphqlClient(port)
+	})
+	afterAll(async () => {
+		await closeTests(wabe)
+	})
+	beforeEach(() => {
+		spySend.mockClear()
+	})
+	it('should use the provided email template if provided', async () => {
+		const previous = wabe.config.email
+		// @ts-expect-error
+		wabe.config.email = {
+			...wabe.config.email,
+			htmlTemplates: {
+				sendOTPCode: {
+					fn: () => 'toto',
+					subject: 'Confirmation code',
+				},
+			},
+		}
+		await client.request<any>(graphql.createUser, {
+			input: {
+				fields: {
+					authentication: {
+						emailPassword: {
+							email: 'tata@toto.fr',
+							password: 'totototo',
+						},
+					},
+				},
+			},
+		})
+		await client.request<any>(graphql.sendOtpCode, {
+			input: {
+				email: 'tata@toto.fr',
+			},
+		})
+		expect(spySend).toHaveBeenCalledTimes(1)
+		expect(spySend).toHaveBeenCalledWith({
+			from: 'main.email@wabe.com',
+			to: ['tata@toto.fr'],
+			subject: 'Confirmation code',
+			html: 'toto',
+		})
+		wabe.config.email = previous
+	})
+	it("should send an OTP code to the user's email as anonymous client", async () => {
+		const anonymousClient = getAnonymousClient(port)
+		await anonymousClient.request<any>(graphql.createUserWithAnonymous, {
+			input: {
+				fields: {
+					authentication: {
+						emailPassword: {
+							email: 'toto@toto.fr',
+							password: 'totototo',
+						},
+					},
+				},
+			},
+		})
+		await anonymousClient.request<any>(graphql.sendOtpCode, {
+			input: {
+				email: 'toto@toto.fr',
+			},
+		})
+		expect(spySend).toHaveBeenCalledTimes(1)
+		expect(spySend).toHaveBeenCalledWith({
+			from: 'main.email@wabe.com',
+			to: ['toto@toto.fr'],
+			subject: 'Your OTP code',
+			html: expect.any(String),
+		})
+	})
+	it("should return true if the user doesn't exist (hide sensitive data)", async () => {
+		const spySend = spyOn(EmailDevAdapter.prototype, 'send')
+		const res = await client.request<any>(graphql.sendOtpCode, {
+			input: {
+				email: 'invalidUser@toto.fr',
+			},
+		})
+		expect(res.sendOtpCode).toEqual(true)
+		expect(spySend).toHaveBeenCalledTimes(0)
+	})
+})
+const graphql = {
+	createUser: gql`
+      mutation createUser($input: CreateUserInput!) {
+        createUser(input: $input) {
+          user {
+            id
+          }
+        }
+      }
+    `,
+	createUserWithAnonymous: gql`
+      mutation createUser($input: CreateUserInput!) {
+        createUser(input: $input) {
+          ok
+        }
+      }
+    `,
+	sendOtpCode: gql`
+      mutation sendOtpCode($input: SendOtpCodeInput!) {
+        sendOtpCode(input: $input)
+      }
+  `,
+}

package/src/schema/resolvers/sendOtpCode.ts ADDED Viewed

@@ -0,0 +1,52 @@
+import type { MutationSendOtpCodeArgs } from '../../../generated/wabe'
+import type { WabeContext } from '../../server/interface'
+import type { DevWabeTypes } from '../../utils/helper'
+import { sendOtpCodeTemplate } from '../../email/templates/sendOtpCode'
+import { OTP } from '../../authentication/OTP'
+import { contextWithRoot } from '../../utils/export'
+export const sendOtpCodeResolver = async (
+	_: any,
+	{ input }: MutationSendOtpCodeArgs,
+	context: WabeContext<DevWabeTypes>,
+) => {
+	const emailController = context.wabe.controllers.email
+	if (!emailController) throw new Error('Email adapter not defined')
+	const user = await context.wabe.controllers.database.getObjects({
+		className: 'User',
+		where: {
+			email: {
+				equalTo: input.email,
+			},
+		},
+		select: { id: true },
+		first: 1,
+		context: contextWithRoot(context),
+	})
+	// We return true if the user doesn't exist to avoid leaking that the user exists or not
+	if (user.length === 0) return true
+	const userId = user[0]?.id
+	if (!userId) return false
+	const otpClass = new OTP(context.wabe.config.rootKey)
+	const otp = otpClass.generate(userId)
+	const mainEmail = context.wabe.config.email?.mainEmail || 'noreply@wabe.com'
+	const template = context.wabe.config.email?.htmlTemplates?.sendOTPCode
+	await emailController.send({
+		from: mainEmail,
+		to: [input.email],
+		subject: template?.subject || 'Your OTP code',
+		html: template?.fn ? await template.fn({ otp }) : sendOtpCodeTemplate(otp),
+	})
+	return true
+}