wirejs-resources 0.1.7-alpha → 0.1.8-alpha

package/lib/adapters/context.js

@@ -1,98 +0,0 @@
-import { CookieJar } from "./cookie-jar.js";
-
-const __requiresContext = new Symbol('__requiresContext');
-
-/**
- * @typedef {(...args: any) => any} ApiMethod
- */
-
-/**
- * @typedef {{
- * 	[K in string]: ApiMethod | ApiNamespace
- * }} ApiNamespace
- */
-
-/**
- * @template T
- * @typedef {T extends ((...args: infer ARGS) => infer RT)
- * 	? ((
- * 		context: Context | boolean,
- * 		...args: ARGS
- * 	) => RT extends Promise<any> ? RT : Promise<RT>) : never
- * } ContextfulApiMethod
- */
-
-/**
- * @template T
- * @typedef {{
- * 	[K in keyof T]: T[K] extends ApiMethod
- * 	? ContextfulApiMethod<T[K]>
- * 	: ContextfulApiNamespace<T[K]>
- * }} ContextfulApiNamespace
- */
-
-/**
- * @template {ApiNamespace | ApiMethod} T
- * @typedef {T extends ApiMethod
- * 	? ContextfulApiMethod<T>
- * 	: ContextfulApiNamespace<T>
- * } ContextWrapped
- */
-
-/**
- * @template {ApiMethod | ApiNamespace} T
- * @param {(context: Context) => T} contextWrapper
- * @param {string[]} [path]
- * @returns {ContextWrapped<T>}
- */
-export function withContext(contextWrapper, path = []) {
-	// first param needs to be a function, which enables `Proxy` to implement `apply()`.
-	const fnOrNs = new Proxy(function() {}, {
-		apply(_target, _thisArg, args) {
-			const [context, ...remainingArgs] = args;
-			let functionOrNamespaceObject = contextWrapper(context);
-			console.log({context, args, functionOrNamespaceObject, path});
-			for (const k of path) {
-				functionOrNamespaceObject = functionOrNamespaceObject[k];
-			}
-			return functionOrNamespaceObject(...remainingArgs);
-		},
-		get(_target, prop) {
-			return withContext(contextWrapper, [...path, prop])
-		}
-	});
-	fnOrNs[__requiresContext] = true;
-	return fnOrNs;
-}
-
-/**
- * 
- * @param {Object} fnOrNS
- * @returns {fnOrNS is (context: Context) => T}
- */
-export function requiresContext(fnOrNS) {
-	return fnOrNS[__requiresContext] === true;
-}
-
-export class Context {
-	/**
-	 * @type {CookieJar} cookies
-	 */
-	cookies;
-
-	/**
-	 * @type {URL} location
-	 */
-	location;
-
-	/**
-	 * @param {{
-	 * 	cookies: CookieJar;
-	 * 	location: URL;
-	 * }}
-	 */
-	constructor({ cookies, location }) {
-		this.cookies = cookies;
-		this.location = location;
-	}
-}

package/lib/adapters/cookie-jar.js

@@ -1,94 +0,0 @@
-/**
- * @typedef {Object} Cookie
- * @property {string} name
- * @property {string} value
- * @property {number} [maxAge] - The maximum age (TTL) in seconds
- * @property {boolean} [httpOnly] - Whether the cookie is only accessible to the client (not JS)
- * @property {boolean} [secure] - Whether the cookie should only be sent over HTTPS (or localhost)
- */
-
-export class CookieJar {
-	/**
-	 * @type {Record<string, Cookie>}
-	 */
-	#cookies = {};
-
-	/**
-	 * The list of cookies that have been set with `set()` which need to be
-	 * sent to the client.
-	 * 
-	 * @type {Set<string>}
-	 */
-	#setCookies = new Set();
-
-	/**
-	 * Initialize
-	 * 
-	 * @param {string | undefined} cookie
-	 */
-	constructor(cookie) {
-		this.#cookies = Object.fromEntries(
-			(cookie || '')
-				.split(/;/g)
-				.map(c => {
-					const [k, v] = c.split('=').map(p => decodeURIComponent(p.trim()));
-					return [k, {
-						name: k,
-						value: v
-					}];
-				})
-		);
-	}
-
-	/**
-	 * @param {Cookie} cookie 
-	 */
-	set(cookie) {
-		this.#cookies[cookie.name] = {...cookie};
-		this.#setCookies.add(cookie.name);
-	}
-	
-	/**
-	 * 
-	 * @param {string} name 
-	 * @returns {Cookie | undefined}
-	 */
-	get(name) {
-		return this.#cookies[name] ? { ...this.#cookies[name] } : undefined;
-	}
-
-	/**
-	 * 
-	 * @param {string} name 
-	 */
-	delete(name) {
-		if (this.#cookies[name]) {
-			this.#cookies[name].value = '-- deleted --';
-			this.#cookies[name].maxAge = 0;
-			this.#setCookies.add(name);
-		}
-	}
-
-	/**
-	 * Gets a copy of all cookies.
-	 * 
-	 * Changes made to this copy are not reflected
-	 * 
-	 * @returns {Record<string, string>}
-	 */
-	getAll() {
-		const all = {};
-		for (const cookie of Object.values(this.#cookies)) {
-			all[cookie.name] = cookie.value;
-		}
-		return all;
-	}
-
-	getSetCookies() {
-		const all = [];
-		for (const name of this.#setCookies) {
-			all.push({...this.#cookies[name]});
-		}
-		return all;
-	}
-}

package/lib/resource.js

@@ -1,32 +0,0 @@
-export class Resource {
-	/**
-	 * @type {Resource | string}
-	 */
-	scope;
-
-	/**
-	 * @type {string}
-	 */
-	id;
-
-	/**
-	 * 
-	 * @param {Resource | string} scope
-	 * @param {string} id 
-	 */
-	constructor(scope, id) {
-		this.scope = scope;
-		this.id = id;
-	}
-
-	get absoluteId() {
-		const sanitizedId = encodeURIComponent(this.id);
-		if (typeof this.scope === 'string') {
-			return `${encodeURIComponent(this.scope)}/${sanitizedId}`;
-		} else if (typeof this.scope?.id === 'string') {
-			return `${this.scope.absoluteId}/${sanitizedId}`;
-		} else {
-			throw new Error("Resources must defined within a scope. Provide either a namespace string or parent resource.");
-		}
-	}
-}

package/lib/resources/secret.js

@@ -1,54 +0,0 @@
-import crypto from 'crypto';
-import { Resource } from '../resource.js';
-import { FileService } from '../services/file.js';
-import { overrides } from '../overrides.js';
-
-const FILENAME = 'secret';
-
-export class Secret extends Resource {
-	/**
-	 * @type {FileService}
-	 */
-	#fileService;
-
-	/**
-	 * @type {Promise<any>}
-	 */
-	#initPromise;
-
-	/**
-	 * @param {Resource | string}
-	 * @param {string} id 
-	 */
-	constructor(scope, id) {
-		super(scope, id);
-		this.#fileService = new (overrides.FileService || FileService)(this, 'files');
-	}
-
-	#initialize() {
-		this.#initPromise = this.#initPromise || this.#fileService.write(
-			FILENAME,
-			JSON.stringify(crypto.randomBytes(64).toString('base64url')),
-			{ onlyIfNotExists: true }
-		).catch(error => {
-			if (!this.#fileService.isAlreadyExistsError(error)) throw error;
-		});
-		return this.#initPromise;
-	}
-
-	/**
-	 * @returns {any}
-	 */
-	async read() {
-		await this.#initialize();
-		return JSON.parse(await this.#fileService.read(FILENAME));
-	}
-
-	/**
-	 * @param {any} data 
-	 */
-	async write(data) {
-		await this.#initialize();
-		await this.#fileService.write(FILENAME, JSON.stringify(data));
-	}
-}

package/lib/services/authentication.js

@@ -1,439 +0,0 @@
-import { scrypt, randomBytes } from 'crypto';
-
-import * as jose from 'jose';
-
-import { Resource } from '../resource.js';
-import { FileService } from './file.js';
-import { Secret } from '../resources/secret.js';
-import { withContext } from '../adapters/context.js';
-import { overrides } from '../overrides.js';
-
-
-/**
- * @param {string} password 
- * @param {string} [salt]
- */
-function hash(password, salt) {
-	return new Promise((resolve, reject) => {
-		const finalSalt = salt || randomBytes(16).toString('hex');
-		scrypt(password, finalSalt, 64, (err, key) => {
-			if (err) {
-				reject(err);
-			} else {
-				resolve(`${finalSalt}$${key.toString('hex')}`);
-			}
-		})
-	});
-}
-
-/**
- * @param {string} password 
- * @param {string} passwordHash 
- */
-async function verifyHash(password, passwordHash) {
-	const [saltPart, _hashPart] = passwordHash.split('$');
-	const rehashed = await hash(password, saltPart);
-	return rehashed === passwordHash;
-}
-
-// #region types
-
-/**
- * @typedef {{
- * 	id: string;
- * 	password: string;
- * }} User
- */
-
-/**
- * @typedef {{
- * 	label: string;
- * 	type: 'string' | 'password' | 'number' | 'boolean';
- * 	isRequired?: boolean;
- * }} AuthenticationInput
- */
-
-/**
- * @typedef {{
- * 	name: string;
- * 	title?: string;
- * 	description?: string;
- * 	message?: string;
- * 	inputs?: Record<string, AuthenticationInput>;
- * 	buttons?: string[];
- * }} Action
- */
-
-/**
- * @typedef {{
- * 	state: 'authenticated' | 'unauthenticated';
- * 	user: string | undefined;
- * }} AuthenticationBaseState
- */
-
-/**
- * @typedef {{
- * 	state: AuthenticationBaseState;
- * 	message?: string;
- * 	actions: Record<string, Action>;
- * }} AuthenticationState
- */
-
-/**
- * @typedef {{
- * 	key: string;
- * 	inputs: Record<string, string | number | boolean>;
- * 	verb: string;
- * }} PerformActionParameter
- */
-
-/**
- * @typedef {{
- * 	message: string;
- * 	field?: string;
- * }} AuthenticationError
- */
-
-/**
- * @typedef {Object} AuthenticationServiceOptions
- * @property {number} [duration] - The number of seconds the authentication session stays alive.
- * @property {boolean} [keepalive] - Whether to automatically extend (keep alive) an authentication session when used.
- * @property {string} [cookie] - The name of the cookie to use to store the authentication state JWT.
- */
-
-// #endregion
-
-const ONE_WEEK = 7 * 24 * 60 * 60; // days * hours/day * minutes/hour * seconds/minute
-
-export class AuthenticationService extends Resource {
-	#duration;
-	#keepalive;
-	#cookieName;
-
-	/**
-	 * @type {Secret}
-	 */
-	#rawSigningSecret;
-
-	/**
-	 * @type {Promise<Uint8Array<ArrayBufferLike>> | undefined}
-	 */
-	#signingSecret;
-
-	#users;
-
-	/**
-	 * 
-	 * @param {Resource | string} scope
-	 * @param {string} id 
-	 * @param {AuthenticationServiceOptions} [options]
-	 */
-	constructor(scope, id, { duration, keepalive, cookie } = {}) {
-		super(scope, id);
-
-		this.#duration = duration || ONE_WEEK;
-		this.#keepalive = !!keepalive;
-		this.#cookieName = cookie ?? 'identity';
-
-		this.#rawSigningSecret = new (overrides.Secret || Secret)(this, 'jwt-signing-secret');
-		const fileService = new (overrides.FileService || FileService)(this, 'files');
-
-		this.#users = {
-			id,
-			
-			/**
-			 * 
-			 * @param {string} username
-			 */
-			async get(username) {
-				try {
-					const data = await fileService.read(this.filenameFor(username));
-					return JSON.parse(data);
-				} catch {
-					return undefined;
-				}
-			},
-
-			/**
-			 * @param {string} username
-			 * @param {User} user
-			 */
-			async set(username, details) {
-				await fileService.write(this.filenameFor(username), JSON.stringify(details));
-			},
-
-			/**
-			 * @param {string} username
-			 */
-			async has(username) {
-				const user = await this.get(username);
-				return !!user;
-			},
-
-			/**
-			 * @param {string} username 
-			 * @returns 
-			 */
-			filenameFor(username) {
-				return `${username}.json`;
-			}
-		}
-	}
-
-	async getSigningSecret() {
-		const secretAsString = await this.#rawSigningSecret.read();
-		return new TextEncoder().encode(secretAsString);
-	}
-
-	/**
-	 * @type {Promise<Uint8Array<ArrayBufferLike>>}
-	 */
-	get signingSecret() {
-		if (!this.#signingSecret) {
-			this.#signingSecret = this.getSigningSecret();
-		}
-		return this.#signingSecret;
-	}
-
-	/**
-	 * @param {CookieJar} cookies
-	 * @returns {Promise<AuthenticationBaseState>}
-	 */
-	async getBaseState(cookies) {
-		let idCookie, idPayload, user;
-
-		try {
-			idCookie = cookies.get(this.#cookieName)?.value;
-			idPayload = idCookie ? (
-				await jose.jwtVerify(idCookie, await this.signingSecret)
-			) : undefined;
-			user = idPayload ? idPayload.payload.sub : undefined;
-		} catch (err) {
-			// jose doesn't like our cookie.
-			console.error(err);
-		}
-
-		if (user) {
-			return {
-				state: 'authenticated',
-				user
-			}
-		} else {
-			return {
-				state: 'unauthenticated',
-				user: undefined,
-			}
-		}
-	}
-
-	/**
-	 * @param {CookieJar} cookies
-	 * @returns {Promise<AuthenticationState>}
-	 */
-	async getState(cookies) {
-		const state = await this.getBaseState(cookies);
-		if (state.state === 'authenticated') {
-			if (this.#keepalive) this.setBaseState(state);
-			return {
-				state,
-				actions: {
-					changepassword: {
-						name: "Change Password",
-						inputs: {
-							existingPassword: {
-								label: 'Old Password',
-								type: 'password',
-							},
-							newPassword: {
-								label: 'New Password',
-								type: 'password',
-							}
-						},
-						buttons: ['Change Password']
-					},
-					signout: {
-						name: "Sign out"
-					},
-				}
-			}
-		} else {
-			return {
-				state,
-				actions: {
-					signin: {
-						name: "Sign In",
-						inputs: {
-							username: {
-								label: 'Username',
-								type: 'text',
-							},
-							password: {
-								label: 'Password',
-								type: 'password',
-							},
-						},
-						buttons: ['Sign In']
-					},
-					signup: {
-						name: "Sign Up",
-						inputs: {
-							username: {
-								label: 'Username',
-								type: 'text',
-							},
-							password: {
-								label: 'Password',
-								type: 'password',
-							},
-						},
-						buttons: ['Sign Up']
-					},
-				}
-			}
-		}
-	}
-
-	/**
-	 * 
-	 * @param {CookieJar} cookies 
-	 * @param {string | undefined} [user]
-	 */
-	async setBaseState(cookies, user) {
-		if (!user) {
-			cookies.delete(this.#cookieName);
-		} else {
-			const jwt = await new jose.SignJWT({})
-				.setProtectedHeader({ alg: 'HS256' })
-				.setIssuedAt()
-				.setSubject(user)
-				.setExpirationTime(`${this.#duration}s`)
-				.sign(await this.signingSecret);
-
-			cookies.set({
-				name: this.#cookieName,
-				value: jwt,
-				httpOnly: true,
-				secure: true,
-				maxAge: this.#duration
-			});
-		}	
-	}
-
-	/**
-	 * 
-	 * @param {Record<string, string>} input 
-	 * @param {string[]} fields 
-	 * @returns {AuthenticationError[] | undefined}
-	 */
-	missingFieldErrors(input, fields) {
-		/**
-		 * @type {AuthenticationError[]}
-		 */
-		const errors = [];
-		for (const field of fields) {
-			if (!input[field]) errors.push({
-				field,
-				message: "Field is required."
-			});
-		}
-		return errors.length > 0 ? errors : undefined;
-	}
-
-	/**
-	 * @param {CookieJar} cookies
-	 * @param {PerformActionParameter} params
-	 * @returns {Promise<AuthenticationState | { errors: AuthenticationError[] }>}
-	 */
-	async setState(cookies, { key, inputs, verb: _verb }) {
-		if (key === 'signout') {
-			await this.setBaseState(cookies, undefined);
-			return this.getState(cookies);
-		} else if (key === 'signup') {
-			const errors = this.missingFieldErrors(inputs, ['username', 'password']);
-			if (errors) {
-				return { errors };
-			} else if (await this.#users.has(inputs.username)) {
-				return { errors: 
-						[{
-						field: 'username',
-						message: 'User already exists.'
-					}]
-				};
-			} else {
-				await this.#users.set(inputs.username, {
-					id: inputs.username,
-					password: await hash(inputs.password)
-				});
-				await this.setBaseState(cookies, inputs.username);
-				return this.getState(cookies);
-			}
-		} else if (key === 'signin') {
-			const user = await this.#users.get(inputs.username);
-			if (!user) {
-				return { errors:
-					[{
-						field: 'username',
-						message: `User doesn't exist.`
-					}]
-				};
-			} else if (await verifyHash(inputs.password, user.password)) {
-				// a real authentication service will use password hashing.
-				// this is an in-memory just-for-testing user pool.
-				await this.setBaseState(cookies, inputs.username);
-				return this.getState(cookies);
-			} else {
-				return { errors:
-					[{
-						field: 'password',
-						message: "Incorrect password."
-					}]
-				};
-			}
-		} else if (key === 'changepassword') {
-			const state = await this.getBaseState(cookies);
-			const user = await this.#users.get(state.user);
-			if (!user) {
-				return { errors:
-					[{
-						field: 'username',
-						message: `You're not signed in as a recognized user.`
-					}]
-				};
-			} else if (await verifyHash(inputs.existingPassword, user.password)) {
-				await this.#users.set(user.id, {
-					...user,
-					password: await hash(inputs.newPassword)
-				});
-				return {
-					message: "Password updated.",
-					...await this.getState(cookies)
-				};
-			} else {
-				return { errors: [{
-						field: 'existingPassword',
-						message: "The provided existing password is incorrect."
-					}]
-				};
-			}
-		} else {
-			return { errors: 
-				[{
-					message: 'Unrecognized authentication action.'
-				}]
-			};
-		}
-	}
-
-	buildApi() {
-		return withContext(context => ({
-			getState: () => this.getState(context.cookies),
-
-			/**
-			 * 
-			 * @param {Parameters<typeof this['setState']>[1]} options 
-			 * @returns 
-			 */
-			setState: (options) => this.setState(context.cookies, options),
-		}));
-	}
-}