Merge pull request 'Release 1.0.6' (#4) from develop into main

Reviewed-on: #4

.drone.yml

@@ -0,0 +1,136 @@
+kind: pipeline
+type: docker
+name: Test Pipeline
+
+workspace:
+  path: /drone/auth
+
+steps:
+- name: yarn install
+  image: node:20-bullseye-slim
+  environment:
+    YARN_VERSION: 3.5.0
+  commands:
+  - yarn set version stable
+  - yarn install
+  volumes:
+  - name: yarnrc
+    path: /drone/auth/.yarnrc.yml
+- name: Code Style Checks
+  image: node:latest
+  commands:
+  - yarn prettier
+- name: Lint
+  image: node:latest
+  commands:
+  - yarn lint
+- name: Unit Tests
+  image: node:latest
+  commands:
+  - yarn test
+- name: Send Test Status Notification
+  image: plugins/webhook
+  settings:
+    urls: https://lab.mifi.dev/hooks/9p65zpagctgkmndo8nwwm4199r
+    content_type: application/json
+    template: |
+      {
+        "icon_url":"https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/198/freezing-face_1f976.png",
+        "text": "[{{ repo.name }} - Build # {{ build.number }}] Code Quality Checks {{ build.status }} {{#success build.status}}:tada:{{else}}:poop:{{/success}}",
+        "username":"DroneBot"
+      }
+  when:
+    status:
+      - success
+      - failure
+- name: Build
+  image: node:latest
+  commands:
+  - yarn build:production
+- name: Send Build Status Notifications
+  image: plugins/webhook
+  settings:
+    urls: https://lab.mifi.dev/hooks/9p65zpagctgkmndo8nwwm4199r
+    content_type: application/json
+    template: |
+      {
+        "icon_url":"https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/198/freezing-face_1f976.png",
+        "text": "[{{ repo.name }} - Build # {{ build.number }}] Build package {{ build.status }} {{#success build.status}}:tada:{{else}}:poop:{{/success}}",
+        "username":"DroneBot"
+      }
+  when:
+    status:
+      - success
+      - failure
+
+volumes:
+- name: yarnrc
+  host:
+    path: /volume1/docker/.yarnrc.yml
+
+trigger:
+  branch:
+  - main
+  - develop
+  event:
+  - pull_request
+
+---
+kind: pipeline
+type: docker
+name: Publish Pipeline
+
+workspace:
+  path: /drone/auth
+
+steps:
+- name: Build
+  image: node:20-bullseye-slim
+  environment:
+    YARN_VERSION: 3.5.0
+  commands:
+  - yarn set version stable
+  - yarn install
+  - yarn build:production
+  volumes:
+  - name: yarnrc
+    path: /drone/auth/.yarnrc.yml
+- name: Publish NPM
+  image: node:20-bullseye-slim
+  commands:
+    - yarn npm publish
+  volumes:
+  - name: npmrc
+    path: /drone/auth/.npmrc
+  - name: yarnrc
+    path: /drone/auth/.yarnrc.yml
+- name: Report NPM Publish Status
+  image: plugins/webhook
+  settings:
+    urls: https://lab.mifi.dev/hooks/ccw34hdf7tgbjmzp96nptn938r
+    content_type: application/json
+    template: |
+      {
+        "icon_url":"https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/198/freezing-face_1f976.png",
+        "text": "[{{ repo.name }} - New npm package release {{tag}} from # {{ build.number }}] Deploy {{ build.status }} {{#success build.status}}:tada:{{else}}:poop:{{/success}}",
+        "username":"DroneBot"
+      }
+  when:
+    status:
+      - success
+      - failure
+
+volumes:
+- name: npmrc
+  host:
+    path: /volume1/docker/beethoven/labs-auth/.npmrc
+- name: yarnrc
+  host:
+    path: /volume1/docker/.yarnrc.yml
+
+depends_on:
+  - Test Pipeline
+
+trigger:
+  event:
+  - tag

.eslintrc.js

@@ -0,0 +1,19 @@
+/* eslint-env node */
+module.exports = {
+    extends: [
+        'eslint:recommended',
+        'plugin:@typescript-eslint/recommended',
+        'plugin:import/errors',
+        'plugin:prettier/recommended',
+        'prettier',
+    ],
+    parser: '@typescript-eslint/parser',
+    plugins: ['@typescript-eslint'],
+    settings: {
+        'import/parsers': {
+            '@typescript-eslint/parser': ['.ts', '.tsx'],
+        },
+        'import/resolver': 'typescript',
+    },
+    root: true,
+};

.gitignore

@@ -130,3 +130,6 @@ dist
 .yarn/install-state.gz
 .pnp.*
 
+# Project
+lib/
+

.npmignore

@@ -0,0 +1,11 @@
+.build.yarnrc.yml
+.drone.yml
+.eslintrc*
+.npmrc
+.prettierrc*
+.yarnrc.yml
+babel.config.*
+jest.config.*
+src
+tsconfig*.json
+tslint.json

.prettierrc.js

@@ -0,0 +1,7 @@
+module.exports = {
+    parser: 'typescript',
+    printWidth: 120,
+    trailingComma: 'all',
+    tabWidth: 4,
+    singleQuote: true,
+};

.yarnrc.yml

@@ -0,0 +1,3 @@
+nodeLinker: node-modules
+
+yarnPath: .yarn/releases/yarn-3.5.1.cjs

lib/dao/create.ts

@@ -1,37 +0,0 @@
-import { DatabaseError } from '@mifi/services-common/domain/errors/DatabaseError';
-
-import { Auth, Log, Strategy, Token } from '..';
-import { Auth as AuthProps } from '../schema/auth';
-import { STRATEGIES } from '../constants/strategies';
-import { REQUIRE_VERIFICATION } from '../constants/env';
-import { TokenType } from '../constants/tokens';
-import { Status } from '../constants/auth';
-import { Action } from '../constants/action';
-
-export const create = async ({ record, username, password }: AuthProps & { password: string }) => {
-    const status = REQUIRE_VERIFICATION ? Status.UNVERIFIED : Status.ACTIVE;
-    const doc = await Auth.create({
-        record,
-        status,
-        username,
-    }).catch((err) => {
-        throw new DatabaseError('failed to create user', { err });
-    });
-    if (doc) {
-        const strategy = await Strategy.create({ method: STRATEGIES.LOCAL, key: password, parent: doc._id }).catch(
-            (err) => {
-                throw new DatabaseError('failed to create strategy', { err });
-            },
-        );
-        if (strategy) {
-            doc.strategies.push(strategy._id);
-            await doc.save();
-            Log.add(doc._id, Action.CREATE);
-            return { doc, token: REQUIRE_VERIFICATION && (await Token.getToken(TokenType.VERIFICATION, doc._id)) };
-        }
-        await doc.deleteOne((err) => {
-            throw new DatabaseError('failed to remove invalid auth record', { err, doc });
-        });
-    }
-    return null;
-};

package.json

@@ -1,23 +1,24 @@
 {
   "name": "@mifi/auth-db",
-  "version": "0.0.39",
+  "version": "1.0.6",
   "author": "mifi (Mike Fitzpatrick)",
   "license": "MIT",
   "scripts": {
     "build": "tsc",
-    "build:production": "tsc -p .",
+    "build:production": "tsc -p ./tsconfig.production.json",
     "format": "prettier:fix && lint:fix",
-    "lint": "eslint --ext .ts,.tsx lib/",
-    "lint:fix": "eslint --fix --ext .ts,.tsx lib/",
-    "prettier": "prettier --check 'lib/**/*.ts'",
-    "prettier:fix": "prettier --write 'lib/**/*.ts'",
+    "lint": "eslint --ext .ts,.tsx src/",
+    "lint:fix": "eslint --fix --ext .ts,.tsx src/",
+    "prettier": "prettier --check 'src/**/*.ts'",
+    "prettier:fix": "prettier --write 'src/**/*.ts'",
     "test": "jest --passWithNoTests"
   },
   "devDependencies": {
     "@babel/core": "^7.21.8",
     "@babel/preset-env": "^7.21.5",
     "@babel/preset-typescript": "^7.21.5",
-    "@tsconfig/node16": "^1.0.3",
+    "@tsconfig/node16": "^1.0.4",
+    "@types/jsonwebtoken": "^9.0.2",
     "@types/node": "^18.14.0",
     "@typescript-eslint/eslint-plugin": "^5.59.2",
     "@typescript-eslint/parser": "^5.59.2",
@@ -34,10 +35,11 @@
     "prettier-eslint": "^15.0.1",
     "prettier-eslint-cli": "^7.1.0",
     "reflect-metadata": "^0.1.13",
+    "ts-node": "^10.9.1",
     "typescript": "^4.9.5"
   },
   "dependencies": {
-    "@mifi/services-common": "1.0.0",
+    "@mifi/services-common": "1.x.x",
     "dotenv": "^16.0.3",
     "jsonwebtoken": "^9.0.0",
     "mongoose": "^6.9.2"
@@ -46,5 +48,6 @@
   "repository": {
     "type": "git",
     "url": "https://git.mifi.dev/mifi/auth-db.git"
-  }
+  },
+  "packageManager": "yarn@3.5.1"
 }

src/api/authenticate.ts

@@ -1,5 +1,5 @@
 import { Auth, Log } from '..';
-import { Action } from '../../constants/action';
+import { Action } from '../constants/action';
 import { getLoginToken } from '../utils/getLoginToken';
 
 export const authenticate = async (username: string, password: string) => {

src/api/resetPasswordGet.ts

@@ -1,7 +1,7 @@
 import { readOneByUsername } from '../dao/readOneByUsername';
 import { Log, Token } from '..';
-import { TokenType } from '../../constants/tokens';
-import { Action } from '../../constants/action';
+import { TokenType } from '../constants/tokens';
+import { Action } from '../constants/action';
 
 export const resetPasswordGet = async (username: string) => {
     const doc = await readOneByUsername(username);

src/api/resetPasswordPost.ts

@@ -1,18 +1,21 @@
 import { Types } from 'mongoose';
 
 import { Log, Strategy, Token } from '..';
-import { STRATEGIES } from '../../constants/strategies';
+import { STRATEGIES } from '../constants/strategies';
 import { AuthDocument } from '../schema/auth';
 import { getLoginToken } from '../utils/getLoginToken';
 import { StrategyDocument } from '../schema/strategy';
-import { Action } from '../../constants/action';
+import { Action } from '../constants/action';
 
 export const resetPasswordPost = async (token: string, password: string) => {
     const parentId = await Token.validateResetToken(token);
 
     if (parentId) {
         let parent: AuthDocument;
-        let strategy: StrategyDocument | null = await Strategy.findOne({ parent: parentId, method: STRATEGIES.LOCAL });
+        let strategy: StrategyDocument | null = await Strategy.findOne({
+            parent: parentId,
+            method: STRATEGIES.LOCAL,
+        });
 
         if (strategy) {
             parent = await strategy.getAuthRecord();

src/dao/auth/create.ts

@@ -0,0 +1,62 @@
+import { DatabaseError } from '@mifi/services-common/lib/domain/errors/DatabaseError';
+
+import { Auth, Log, Strategy, Token } from '../..';
+import { Auth as AuthProps } from '../../schema/auth';
+import { STRATEGIES } from '../../constants/strategies';
+import { REQUIRE_VERIFICATION } from '../../constants/env';
+import { TokenType } from '../../constants/tokens';
+import { Status } from '../../constants/auth';
+import { Action } from '../../constants/action';
+
+type CreateProps = Pick<AuthProps, 'record' | 'username'> & {
+    externalId?: string;
+    password?: string;
+    publicKey?: string;
+};
+
+export const create = async ({ record, username, externalId, password, publicKey }: CreateProps) => {
+    const status = REQUIRE_VERIFICATION ? Status.UNVERIFIED : Status.ACTIVE;
+    const doc = await Auth.create({
+        record,
+        status,
+        username,
+    }).catch((err) => {
+        throw new DatabaseError('failed to create user', { err });
+    });
+    if (doc) {
+        const method = externalId && publicKey ? STRATEGIES.FIDO2 : STRATEGIES.LOCAL;
+        const strategy = await Strategy.create({
+            externalId,
+            key: password || publicKey,
+            method,
+            parent: doc._id,
+        }).catch((err) => {
+            throw new DatabaseError(`failed to create strategy ${STRATEGIES[method]}`, { err });
+        });
+        if (strategy) {
+            doc.strategies.push(strategy._id);
+            await doc.save();
+            Log.add(doc._id, Action.CREATE);
+            return {
+                doc,
+                token:
+                    method === STRATEGIES.LOCAL &&
+                    REQUIRE_VERIFICATION &&
+                    (await Token.getToken(TokenType.VERIFICATION, doc._id)),
+            };
+        }
+        await doc.deleteOne((err) => {
+            throw new DatabaseError('failed to remove invalid auth record', {
+                err,
+                doc,
+            });
+        });
+    }
+    return null;
+};
+
+export type Fido2UserProps = Pick<AuthProps, 'record' | 'username'> & { externalId: string; publicKey: string };
+export const createFido2User = (props: Fido2UserProps) => create(props);
+
+export type LocalUserProps = Pick<AuthProps, 'record' | 'username'> & { password: string };
+export const createLocalUser = (props: LocalUserProps) => create(props);

src/dao/auth/deleteById.ts

@@ -1,11 +1,16 @@
 import { StringSchemaDefinition } from 'mongoose';
 
-import { Auth, Log, Strategy, Token } from '..';
-import { Status } from '../constants/auth';
-import { Action } from '../constants/action';
+import { Auth, Log, Strategy, Token } from '../..';
+import { Status } from '../../constants/auth';
+import { Action } from '../../constants/action';
 
 export const deleteById = async (id: StringSchemaDefinition) => {
-    if (await Auth.findByIdAndUpdate(id, { status: Status.DELETED, strategies: [] }).catch()) {
+    if (
+        await Auth.findByIdAndUpdate(id, {
+            status: Status.DELETED,
+            strategies: [],
+        }).catch()
+    ) {
         await Strategy.deleteMany({ parent: id });
         await Token.deleteMany({ auth: id });
         Log.add(id, Action.DELETE);

src/dao/auth/readAll.ts

@@ -1,8 +1,8 @@
 import { FilterQuery } from 'mongoose';
 
-import { Auth } from '..';
-import { Status } from '../constants/auth';
-import { AuthDocument } from '../schema/auth';
+import { Auth } from '../../model/auth';
+import { Status } from '../../constants/auth';
+import { AuthDocument } from '../../schema/auth';
 
 export const readAll = async (query: FilterQuery<AuthDocument> = {}) => Auth.find(query);
 

src/dao/auth/readOneById.ts

@@ -1,5 +1,5 @@
 import { Types } from 'mongoose';
 
-import { Auth } from '..';
+import { Auth } from '../../model/auth';
 
 export const readOneById = async (id: Types.ObjectId) => Auth.findById(id);

src/dao/auth/readOneByRecord.ts

@@ -1,5 +1,5 @@
 import { Types } from 'mongoose';
 
-import { Auth } from '..';
+import { Auth } from '../../model/auth';
 
 export const readOneByRecord = async (record: Types.ObjectId) => Auth.findOne({ record });

src/dao/auth/readOneByUsername.ts

@@ -1,3 +1,3 @@
-import { Auth } from '..';
+import { Auth } from '../../model/auth';
 
 export const readOneByUsername = async (username: string) => Auth.findOne({ username });

src/dao/create.ts

@@ -0,0 +1,3 @@
+import { create } from './auth/create';
+
+export { create };

src/dao/deleteById.ts

@@ -0,0 +1,3 @@
+import { deleteById } from './auth/deleteById';
+
+export { deleteById };

src/dao/readAll.ts

@@ -0,0 +1,3 @@
+import { readAll } from './auth/readAll';
+
+export { readAll };

src/dao/readOneById.ts

@@ -0,0 +1,3 @@
+import { readOneById } from './auth/readOneById';
+
+export { readOneById };

src/dao/readOneByRecord.ts

@@ -0,0 +1,3 @@
+import { readOneByRecord } from './auth/readOneByRecord';
+
+export { readOneByRecord };

src/dao/readOneByUsername.ts

@@ -0,0 +1,3 @@
+import { readOneByUsername } from './auth/readOneByUsername';
+
+export { readOneByUsername };

src/dao/strategy/create.ts

@@ -0,0 +1,24 @@
+import { DatabaseError } from '@mifi/services-common/lib/domain/errors/DatabaseError';
+
+import { Strategy } from '../../model/strategy';
+import { Strategy as StrategyProps } from '../../schema/strategy';
+
+const create = async ({ externalId, key, method, parent, profile }: StrategyProps) =>
+    Strategy.create({
+        externalId,
+        key,
+        method,
+        parent,
+        profile,
+    }).catch((err) => {
+        throw new DatabaseError(err, {
+            externalId: externalId || null,
+            key,
+            method,
+            parent,
+            profile: profile || null,
+        });
+    });
+
+export const createFido2Strategy = (props: Omit<StrategyProps, 'profile'>) => create(props);
+export const createLocalStrategy = (props: Omit<StrategyProps, 'externalId' | 'profile'>) => create(props);

src/dao/strategy/deleteById.ts

@@ -0,0 +1,8 @@
+import { StringSchemaDefinition } from 'mongoose';
+
+import { Strategy } from '../../model/strategy';
+
+export const deleteById = async (id: StringSchemaDefinition) => {
+    const result = await Strategy.findByIdAndDelete(id).catch();
+    return !!result;
+};

src/dao/strategy/readAll.ts

@@ -0,0 +1,6 @@
+import { FilterQuery } from 'mongoose';
+
+import { Strategy } from '../../model/strategy';
+import { StrategyDocument } from '../../schema/strategy';
+
+export const readAll = async (query: FilterQuery<StrategyDocument> = {}) => Strategy.find(query);

src/dao/strategy/readOneByExternalId.ts

@@ -0,0 +1,3 @@
+import { Strategy } from '../../model/strategy';
+
+export const readOneByExternalId = async (externalId: string) => Strategy.findOne({ externalId });

src/dao/strategy/readOneById.ts

@@ -0,0 +1,5 @@
+import { Types } from 'mongoose';
+
+import { Strategy } from '../../model/strategy';
+
+export const readOneById = async (id: Types.ObjectId) => Strategy.findById(id);

src/dao/strategy/readOneByParentAndMethod.ts

@@ -0,0 +1,7 @@
+import { Types } from 'mongoose';
+
+import { STRATEGIES } from '../../constants/strategies';
+import { Strategy } from '../../model/strategy';
+
+export const readOneByParentAndMethod = async (parent: Types.ObjectId, method: STRATEGIES) =>
+    Strategy.findOne({ method, parent });

src/index.ts

@@ -1,6 +1,6 @@
 import mongoose from 'mongoose';
 
-import { DB_HOST, DB_NAME, DB_PASSWORD, DB_PORT, DB_USERNAME } from '../constants/db';
+import { DB_HOST, DB_NAME, DB_PASSWORD, DB_PORT, DB_USERNAME } from './constants/db';
 import { Auth } from './model/auth';
 import { Log } from './model/log';
 import { Strategy } from './model/strategy';

src/schema/auth.ts

@@ -37,7 +37,12 @@ export const AuthSchema = new Schema<AuthDocument, AuthModel>(
     {
         is2FA: { type: Boolean, default: false },
         record: { type: Types.ObjectId, unique: true },
-        status: { type: Number, enum: Status, default: Status.UNVERIFIED, index: true },
+        status: {
+            type: Number,
+            enum: Status,
+            default: Status.UNVERIFIED,
+            index: true,
+        },
         strategies: [{ type: Types.ObjectId, ref: COLL_STRATEGY, default: [] }],
         username: { type: String, required: true, unique: true },
     },

src/schema/log.ts

@@ -1,6 +1,6 @@
 import { InferSchemaType, Model, Schema, StringSchemaDefinition, Types } from 'mongoose';
 
-import { Payload } from '@mifi/services-common/types/Payload';
+import { Payload } from '@mifi/services-common/lib/types/Payload';
 
 import { Action } from '../constants/action';
 

src/schema/strategy.ts

@@ -53,11 +53,11 @@ export const StrategySchema = new Schema<StrategyDocument, StrategyModel>(
     },
 );
 
-StrategySchema.methods.getPopulatedStrategy = async function (this: StrategyModel) {
+StrategySchema.methods.getPopulatedStrategy = async function (this: StrategyDocument) {
     return this.populate<StrategyPopulatedDocument>('parent');
 };
 
-StrategySchema.methods.getAuthRecord = async function (this: StrategyModel) {
+StrategySchema.methods.getAuthRecord = async function (this: StrategyDocument) {
     return (await this.getPopulatedStrategy()).parent;
 };
 

src/schema/token.ts

@@ -30,7 +30,9 @@ export const TokenSchema = new Schema<Token, TokenModel>(
 
 TokenSchema.statics = {
     async cleanupExpiredTokens() {
-        const { acknowledged, deletedCount } = await this.deleteMany({ expires: { $lte: Date.now() } });
+        const { acknowledged, deletedCount } = await this.deleteMany({
+            expires: { $lte: Date.now() },
+        });
         return { success: acknowledged, deletedCount };
     },
 
@@ -40,7 +42,11 @@ TokenSchema.statics = {
             await existing.deleteOne();
         }
 
-        const doc = await this.create({ type, auth, expires: expires || getDefaultExpiresFor(type) });
+        const doc = await this.create({
+            type,
+            auth,
+            expires: expires || getDefaultExpiresFor(type),
+        });
         return sign({
             sub: `${doc._id}`,
             exp: doc.expires,

tsconfig.json

@@ -2,11 +2,16 @@
     "extends": "@tsconfig/node16/tsconfig.json",
     "compilerOptions": {
         "allowSyntheticDefaultImports": true,
+        "declaration": true,
         "experimentalDecorators": true,
         "emitDecoratorMetadata": true,
         "noImplicitAny": true,
-        "outDir": "./dist/",
-        "rootDirs": ["lib"],
-        "sourceMap": true
-    }
+        "outDir": "lib/",
+        "rootDirs": ["./", "src/"],
+        "strict": true,
+        "esModuleInterop": true,
+        "sourceMap": true,
+        "removeComments": false
+    },
+    "include": ["src"]
 }

tsconfig.production.json

@@ -0,0 +1,17 @@
+{
+    "extends": "@tsconfig/node16/tsconfig.json",
+    "compilerOptions": {
+        "allowSyntheticDefaultImports": true,
+        "declaration": true,
+        "experimentalDecorators": true,
+        "emitDecoratorMetadata": true,
+        "noImplicitAny": true,
+        "outDir": "lib/",
+        "rootDirs": ["./", "src/"],
+        "strict": true,
+        "esModuleInterop": true,
+        "sourceMap": false,
+        "removeComments": true
+    },
+    "include": ["src"]
+}