diff options
Diffstat (limited to 'packages')
36 files changed, 200 insertions, 140 deletions
diff --git a/packages/trpc/auth.ts b/packages/trpc/auth.ts new file mode 100644 index 00000000..6854303b --- /dev/null +++ b/packages/trpc/auth.ts @@ -0,0 +1,99 @@ +import { randomBytes } from "crypto"; +import { apiKeys } from "@hoarder/db/schema"; +import * as bcrypt from "bcrypt"; +import { db } from "@hoarder/db"; + +// API Keys + +const BCRYPT_SALT_ROUNDS = 10; +const API_KEY_PREFIX = "ak1"; + +export async function generateApiKey(name: string, userId: string) { + const id = randomBytes(10).toString("hex"); + const secret = randomBytes(10).toString("hex"); + const secretHash = await bcrypt.hash(secret, BCRYPT_SALT_ROUNDS); + + const plain = `${API_KEY_PREFIX}_${id}_${secret}`; + + const key = ( + await db + .insert(apiKeys) + .values({ + name: name, + userId: userId, + keyId: id, + keyHash: secretHash, + }) + .returning() + )[0]; + + return { + id: key.id, + name: key.name, + createdAt: key.createdAt, + key: plain, + }; +} +function parseApiKey(plain: string) { + const parts = plain.split("_"); + if (parts.length != 3) { + throw new Error( + `Malformd API key. API keys should have 3 segments, found ${parts.length} instead.`, + ); + } + if (parts[0] !== API_KEY_PREFIX) { + throw new Error(`Malformd API key. Got unexpected key prefix.`); + } + return { + keyId: parts[1], + keySecret: parts[2], + }; +} + +export async function authenticateApiKey(key: string) { + const { keyId, keySecret } = parseApiKey(key); + const apiKey = await db.query.apiKeys.findFirst({ + where: (k, { eq }) => eq(k.keyId, keyId), + with: { + user: true, + }, + }); + + if (!apiKey) { + throw new Error("API key not found"); + } + + const hash = apiKey.keyHash; + + const validation = await bcrypt.compare(keySecret, hash); + if (!validation) { + throw new Error("Invalid API Key"); + } + + return apiKey.user; +} + +export async function hashPassword(password: string) { + return bcrypt.hash(password, BCRYPT_SALT_ROUNDS); +} + +export async function validatePassword(email: string, password: string) { + const user = await db.query.users.findFirst({ + where: (u, { eq }) => eq(u.email, email), + }); + + if (!user) { + throw new Error("User not found"); + } + + if (!user.password) { + throw new Error("This user doesn't have a password defined"); + } + + const validation = await bcrypt.compare(password, user.password); + if (!validation) { + throw new Error("Wrong password"); + } + + return user; +} diff --git a/packages/web/server/api/trpc.ts b/packages/trpc/index.ts index 0ba09e94..a32eb871 100644 --- a/packages/web/server/api/trpc.ts +++ b/packages/trpc/index.ts @@ -1,9 +1,13 @@ import { db } from "@hoarder/db"; import serverConfig from "@hoarder/shared/config"; import { TRPCError, initTRPC } from "@trpc/server"; -import { User } from "next-auth"; import superjson from "superjson"; +type User = { + id: string; + role: "admin" | "user" | null; +}; + export type Context = { user: User | null; db: typeof db; diff --git a/packages/trpc/package.json b/packages/trpc/package.json new file mode 100644 index 00000000..1e33eff0 --- /dev/null +++ b/packages/trpc/package.json @@ -0,0 +1,28 @@ +{ + "$schema": "https://json.schemastore.org/package.json", + "name": "@hoarder/trpc", + "version": "0.1.0", + "private": true, + "scripts": { + "typecheck": "tsc --noEmit", + "test": "vitest" + }, + "dependencies": { + "@hoarder/db": "workspace:*", + "@hoarder/shared": "workspace:*", + "@trpc/server": "11.0.0-next-beta.304", + "bcrypt": "^5.1.1", + "drizzle-orm": "^0.29.4", + "superjson": "^2.2.1", + "zod": "^3.22.4" + }, + "devDependencies": { + "@tsconfig/node21": "^21.0.1", + "@types/bcrypt": "^5.0.2", + "aws-sdk": "^2.1570.0", + "mock-aws-s3": "^4.0.2", + "nock": "^13.5.4", + "vite-tsconfig-paths": "^4.3.1", + "vitest": "^1.3.1" + } +} diff --git a/packages/web/server/api/routers/_app.ts b/packages/trpc/routers/_app.ts index 43ab6f5d..6e5dd91d 100644 --- a/packages/web/server/api/routers/_app.ts +++ b/packages/trpc/routers/_app.ts @@ -1,4 +1,4 @@ -import { router } from "../trpc"; +import { router } from "../index"; import { adminAppRouter } from "./admin"; import { apiKeysAppRouter } from "./apiKeys"; import { bookmarksAppRouter } from "./bookmarks"; diff --git a/packages/web/server/api/routers/admin.ts b/packages/trpc/routers/admin.ts index c3f6235a..8a7b592d 100644 --- a/packages/web/server/api/routers/admin.ts +++ b/packages/trpc/routers/admin.ts @@ -1,4 +1,4 @@ -import { adminProcedure, router } from "../trpc"; +import { adminProcedure, router } from "../index"; import { z } from "zod"; import { count } from "drizzle-orm"; import { bookmarks, users } from "@hoarder/db/schema"; diff --git a/packages/web/server/api/routers/apiKeys.ts b/packages/trpc/routers/apiKeys.ts index 9eb36974..d13f87fb 100644 --- a/packages/web/server/api/routers/apiKeys.ts +++ b/packages/trpc/routers/apiKeys.ts @@ -1,5 +1,5 @@ -import { generateApiKey } from "@/server/auth"; -import { authedProcedure, router } from "../trpc"; +import { generateApiKey } from "../auth"; +import { authedProcedure, router } from "../index"; import { z } from "zod"; import { apiKeys } from "@hoarder/db/schema"; import { eq, and } from "drizzle-orm"; diff --git a/packages/web/server/api/routers/bookmarks.test.ts b/packages/trpc/routers/bookmarks.test.ts index 626a7250..724a9998 100644 --- a/packages/web/server/api/routers/bookmarks.test.ts +++ b/packages/trpc/routers/bookmarks.test.ts @@ -1,4 +1,4 @@ -import { CustomTestContext, defaultBeforeEach } from "@/lib/testUtils"; +import { CustomTestContext, defaultBeforeEach } from "../testUtils"; import { expect, describe, test, beforeEach, assert } from "vitest"; beforeEach<CustomTestContext>(defaultBeforeEach(true)); diff --git a/packages/web/server/api/routers/bookmarks.ts b/packages/trpc/routers/bookmarks.ts index 73818508..ea7ffef8 100644 --- a/packages/web/server/api/routers/bookmarks.ts +++ b/packages/trpc/routers/bookmarks.ts @@ -1,5 +1,5 @@ import { z } from "zod"; -import { Context, authedProcedure, router } from "../trpc"; +import { Context, authedProcedure, router } from "../index"; import { getSearchIdxClient } from "@hoarder/shared/search"; import { ZBookmark, @@ -10,7 +10,7 @@ import { zGetBookmarksResponseSchema, zNewBookmarkRequestSchema, zUpdateBookmarksRequestSchema, -} from "@/lib/types/api/bookmarks"; +} from "../types/bookmarks"; import { bookmarkLinks, bookmarkTags, @@ -25,7 +25,7 @@ import { } from "@hoarder/shared/queues"; import { TRPCError, experimental_trpcMiddleware } from "@trpc/server"; import { and, desc, eq, inArray } from "drizzle-orm"; -import { ZBookmarkTags } from "@/lib/types/api/tags"; +import { ZBookmarkTags } from "../types/tags"; import { db as DONT_USE_db } from "@hoarder/db"; diff --git a/packages/web/server/api/routers/lists.ts b/packages/trpc/routers/lists.ts index 7bf5eed5..fa97929d 100644 --- a/packages/web/server/api/routers/lists.ts +++ b/packages/trpc/routers/lists.ts @@ -1,10 +1,10 @@ -import { Context, authedProcedure, router } from "../trpc"; +import { Context, authedProcedure, router } from "../index"; import { SqliteError } from "@hoarder/db"; import { z } from "zod"; import { TRPCError, experimental_trpcMiddleware } from "@trpc/server"; import { bookmarkLists, bookmarksInLists } from "@hoarder/db/schema"; import { and, eq } from "drizzle-orm"; -import { zBookmarkListSchema } from "@/lib/types/api/lists"; +import { zBookmarkListSchema } from "../types/lists"; const ensureListOwnership = experimental_trpcMiddleware<{ ctx: Context; diff --git a/packages/web/server/api/routers/users.test.ts b/packages/trpc/routers/users.test.ts index 1ee04f99..87814407 100644 --- a/packages/web/server/api/routers/users.test.ts +++ b/packages/trpc/routers/users.test.ts @@ -2,7 +2,7 @@ import { CustomTestContext, defaultBeforeEach, getApiCaller, -} from "@/lib/testUtils"; +} from "../testUtils"; import { expect, describe, test, beforeEach, assert } from "vitest"; beforeEach<CustomTestContext>(defaultBeforeEach(false)); diff --git a/packages/web/server/api/routers/users.ts b/packages/trpc/routers/users.ts index 32d10860..b5334f99 100644 --- a/packages/web/server/api/routers/users.ts +++ b/packages/trpc/routers/users.ts @@ -1,8 +1,8 @@ -import { zSignUpSchema } from "@/lib/types/api/users"; -import { adminProcedure, publicProcedure, router } from "../trpc"; +import { zSignUpSchema } from "../types/users"; +import { adminProcedure, publicProcedure, router } from "../index"; import { SqliteError } from "@hoarder/db"; import { z } from "zod"; -import { hashPassword } from "@/server/auth"; +import { hashPassword } from "../auth"; import { TRPCError } from "@trpc/server"; import { users } from "@hoarder/db/schema"; import { count, eq } from "drizzle-orm"; diff --git a/packages/web/lib/testUtils.ts b/packages/trpc/testUtils.ts index bad78463..d5f24def 100644 --- a/packages/web/lib/testUtils.ts +++ b/packages/trpc/testUtils.ts @@ -1,7 +1,7 @@ import { users } from "@hoarder/db/schema"; import { getInMemoryDB } from "@hoarder/db/drizzle"; -import { appRouter } from "@/server/api/routers/_app"; -import { createCallerFactory } from "@/server/api/trpc"; +import { appRouter } from "./routers/_app"; +import { createCallerFactory } from "./index"; export function getTestDB() { return getInMemoryDB(true); diff --git a/packages/trpc/tsconfig.json b/packages/trpc/tsconfig.json new file mode 100644 index 00000000..bf020b01 --- /dev/null +++ b/packages/trpc/tsconfig.json @@ -0,0 +1,13 @@ +{ + "$schema": "https://json.schemastore.org/tsconfig", + "extends": "@tsconfig/node21/tsconfig.json", + "include": ["**/*.ts"], + "exclude": ["node_modules"], + "compilerOptions": { + "module": "ESNext", + "moduleResolution": "node", + "baseUrl": "./", + "esModuleInterop": true + } +} + diff --git a/packages/web/lib/types/api/bookmarks.ts b/packages/trpc/types/bookmarks.ts index 5fabc7ca..b61ab0e0 100644 --- a/packages/web/lib/types/api/bookmarks.ts +++ b/packages/trpc/types/bookmarks.ts @@ -1,5 +1,5 @@ import { z } from "zod"; -import { zBookmarkTagSchema } from "@/lib/types/api/tags"; +import { zBookmarkTagSchema } from "./tags"; export const zBookmarkedLinkSchema = z.object({ type: z.literal("link"), diff --git a/packages/web/lib/types/api/lists.ts b/packages/trpc/types/lists.ts index 4b0ccaca..4b0ccaca 100644 --- a/packages/web/lib/types/api/lists.ts +++ b/packages/trpc/types/lists.ts diff --git a/packages/web/lib/types/api/tags.ts b/packages/trpc/types/tags.ts index 7a99dad4..7a99dad4 100644 --- a/packages/web/lib/types/api/tags.ts +++ b/packages/trpc/types/tags.ts diff --git a/packages/web/lib/types/api/users.ts b/packages/trpc/types/users.ts index c2fe182a..c2fe182a 100644 --- a/packages/web/lib/types/api/users.ts +++ b/packages/trpc/types/users.ts diff --git a/packages/trpc/vitest.config.ts b/packages/trpc/vitest.config.ts new file mode 100644 index 00000000..c3d02f71 --- /dev/null +++ b/packages/trpc/vitest.config.ts @@ -0,0 +1,14 @@ +/// <reference types="vitest" /> + +import { defineConfig } from "vitest/config"; +import tsconfigPaths from "vite-tsconfig-paths"; + +// https://vitejs.dev/config/ +export default defineConfig({ + plugins: [tsconfigPaths()], + test: { + alias: { + "@/*": "./*", + }, + }, +}); diff --git a/packages/web/app/api/trpc/[trpc]/route.ts b/packages/web/app/api/trpc/[trpc]/route.ts index 7d56cadc..b6753101 100644 --- a/packages/web/app/api/trpc/[trpc]/route.ts +++ b/packages/web/app/api/trpc/[trpc]/route.ts @@ -1,7 +1,7 @@ import { fetchRequestHandler } from "@trpc/server/adapters/fetch"; -import { appRouter } from "@/server/api/routers/_app"; +import { appRouter } from "@hoarder/trpc/routers/_app"; import { createContext } from "@/server/api/client"; -import { authenticateApiKey } from "@/server/auth"; +import { authenticateApiKey } from "@hoarder/trpc/auth"; import { db } from "@hoarder/db"; const handler = (req: Request) => diff --git a/packages/web/app/dashboard/bookmarks/components/BookmarkOptions.tsx b/packages/web/app/dashboard/bookmarks/components/BookmarkOptions.tsx index 584e8708..4f08ebee 100644 --- a/packages/web/app/dashboard/bookmarks/components/BookmarkOptions.tsx +++ b/packages/web/app/dashboard/bookmarks/components/BookmarkOptions.tsx @@ -2,7 +2,7 @@ import { useToast } from "@/components/ui/use-toast"; import { api } from "@/lib/trpc"; -import { ZBookmark, ZBookmarkedLink } from "@/lib/types/api/bookmarks"; +import { ZBookmark, ZBookmarkedLink } from "@hoarder/trpc/types/bookmarks"; import { Button } from "@/components/ui/button"; import { DropdownMenu, diff --git a/packages/web/app/dashboard/bookmarks/components/BookmarkedTextEditor.tsx b/packages/web/app/dashboard/bookmarks/components/BookmarkedTextEditor.tsx index c449fae3..a5b58f1a 100644 --- a/packages/web/app/dashboard/bookmarks/components/BookmarkedTextEditor.tsx +++ b/packages/web/app/dashboard/bookmarks/components/BookmarkedTextEditor.tsx @@ -1,4 +1,4 @@ -import { ZBookmark } from "@/lib/types/api/bookmarks"; +import { ZBookmark } from "@hoarder/trpc/types/bookmarks"; import { Dialog, DialogClose, diff --git a/packages/web/app/dashboard/bookmarks/components/Bookmarks.tsx b/packages/web/app/dashboard/bookmarks/components/Bookmarks.tsx index 62b93dc8..1ad3670c 100644 --- a/packages/web/app/dashboard/bookmarks/components/Bookmarks.tsx +++ b/packages/web/app/dashboard/bookmarks/components/Bookmarks.tsx @@ -1,6 +1,6 @@ import { redirect } from "next/navigation"; import BookmarksGrid from "./BookmarksGrid"; -import { ZGetBookmarksRequest } from "@/lib/types/api/bookmarks"; +import { ZGetBookmarksRequest } from "@hoarder/trpc/types/bookmarks"; import { api } from "@/server/api/client"; import { getServerAuthSession } from "@/server/auth"; diff --git a/packages/web/app/dashboard/bookmarks/components/BookmarksGrid.tsx b/packages/web/app/dashboard/bookmarks/components/BookmarksGrid.tsx index 554d20a0..4d5b6b0a 100644 --- a/packages/web/app/dashboard/bookmarks/components/BookmarksGrid.tsx +++ b/packages/web/app/dashboard/bookmarks/components/BookmarksGrid.tsx @@ -1,7 +1,7 @@ "use client"; import LinkCard from "./LinkCard"; -import { ZBookmark, ZGetBookmarksRequest } from "@/lib/types/api/bookmarks"; +import { ZBookmark, ZGetBookmarksRequest } from "@hoarder/trpc/types/bookmarks"; import { api } from "@/lib/trpc"; import TextCard from "./TextCard"; import { Slot } from "@radix-ui/react-slot"; diff --git a/packages/web/app/dashboard/bookmarks/components/LinkCard.tsx b/packages/web/app/dashboard/bookmarks/components/LinkCard.tsx index 5af11aa3..76d3f1b8 100644 --- a/packages/web/app/dashboard/bookmarks/components/LinkCard.tsx +++ b/packages/web/app/dashboard/bookmarks/components/LinkCard.tsx @@ -8,7 +8,7 @@ import { ImageCardFooter, ImageCardTitle, } from "@/components/ui/imageCard"; -import { ZBookmark } from "@/lib/types/api/bookmarks"; +import { ZBookmark } from "@hoarder/trpc/types/bookmarks"; import Link from "next/link"; import BookmarkOptions from "./BookmarkOptions"; import { api } from "@/lib/trpc"; diff --git a/packages/web/app/dashboard/bookmarks/components/TagList.tsx b/packages/web/app/dashboard/bookmarks/components/TagList.tsx index 82d9f376..6c9d2d22 100644 --- a/packages/web/app/dashboard/bookmarks/components/TagList.tsx +++ b/packages/web/app/dashboard/bookmarks/components/TagList.tsx @@ -1,7 +1,7 @@ import { badgeVariants } from "@/components/ui/badge"; import Link from "next/link"; import { Skeleton } from "@/components/ui/skeleton"; -import { ZBookmark } from "@/lib/types/api/bookmarks"; +import { ZBookmark } from "@hoarder/trpc/types/bookmarks"; import { cn } from "@/lib/utils"; export default function TagList({ diff --git a/packages/web/app/dashboard/bookmarks/components/TagModal.tsx b/packages/web/app/dashboard/bookmarks/components/TagModal.tsx index 703c4221..8c09d00e 100644 --- a/packages/web/app/dashboard/bookmarks/components/TagModal.tsx +++ b/packages/web/app/dashboard/bookmarks/components/TagModal.tsx @@ -11,8 +11,8 @@ import { import { Input } from "@/components/ui/input"; import { toast } from "@/components/ui/use-toast"; import { api } from "@/lib/trpc"; -import { ZBookmark } from "@/lib/types/api/bookmarks"; -import { ZAttachedByEnum } from "@/lib/types/api/tags"; +import { ZBookmark } from "@hoarder/trpc/types/bookmarks"; +import { ZAttachedByEnum } from "@hoarder/trpc/types/tags"; import { cn } from "@/lib/utils"; import { Sparkles, X } from "lucide-react"; import { useState, KeyboardEvent, useEffect } from "react"; diff --git a/packages/web/app/dashboard/bookmarks/components/TextCard.tsx b/packages/web/app/dashboard/bookmarks/components/TextCard.tsx index 029800ac..5e0ba3f9 100644 --- a/packages/web/app/dashboard/bookmarks/components/TextCard.tsx +++ b/packages/web/app/dashboard/bookmarks/components/TextCard.tsx @@ -1,6 +1,6 @@ "use client"; -import { ZBookmark } from "@/lib/types/api/bookmarks"; +import { ZBookmark } from "@hoarder/trpc/types/bookmarks"; import BookmarkOptions from "./BookmarkOptions"; import { api } from "@/lib/trpc"; import { Maximize2, Star } from "lucide-react"; diff --git a/packages/web/app/dashboard/components/AllLists.tsx b/packages/web/app/dashboard/components/AllLists.tsx index 8903c82a..a77252d0 100644 --- a/packages/web/app/dashboard/components/AllLists.tsx +++ b/packages/web/app/dashboard/components/AllLists.tsx @@ -5,7 +5,7 @@ import SidebarItem from "./SidebarItem"; import NewListModal, { useNewListModal } from "./NewListModal"; import { Plus } from "lucide-react"; import Link from "next/link"; -import { ZBookmarkList } from "@/lib/types/api/lists"; +import { ZBookmarkList } from "@hoarder/trpc/types/lists"; export default function AllLists({ initialData, diff --git a/packages/web/app/dashboard/lists/[listId]/components/DeleteListButton.tsx b/packages/web/app/dashboard/lists/[listId]/components/DeleteListButton.tsx index 32a7facf..5303b217 100644 --- a/packages/web/app/dashboard/lists/[listId]/components/DeleteListButton.tsx +++ b/packages/web/app/dashboard/lists/[listId]/components/DeleteListButton.tsx @@ -16,7 +16,7 @@ import { toast } from "@/components/ui/use-toast"; import { api } from "@/lib/trpc"; import { ActionButton } from "@/components/ui/action-button"; import { useState } from "react"; -import { ZBookmarkList } from "@/lib/types/api/lists"; +import { ZBookmarkList } from "@hoarder/trpc/types/lists"; export default function DeleteListButton({ list }: { list: ZBookmarkList }) { const [isDialogOpen, setDialogOpen] = useState(false); diff --git a/packages/web/app/dashboard/lists/[listId]/components/ListView.tsx b/packages/web/app/dashboard/lists/[listId]/components/ListView.tsx index 6489e9f0..979b522f 100644 --- a/packages/web/app/dashboard/lists/[listId]/components/ListView.tsx +++ b/packages/web/app/dashboard/lists/[listId]/components/ListView.tsx @@ -1,8 +1,8 @@ "use client"; import BookmarksGrid from "@/app/dashboard/bookmarks/components/BookmarksGrid"; -import { ZBookmark } from "@/lib/types/api/bookmarks"; -import { ZBookmarkListWithBookmarks } from "@/lib/types/api/lists"; +import { ZBookmark } from "@hoarder/trpc/types/bookmarks"; +import { ZBookmarkListWithBookmarks } from "@hoarder/trpc/types/lists"; import { api } from "@/lib/trpc"; export default function ListView({ diff --git a/packages/web/app/dashboard/lists/components/AllListsView.tsx b/packages/web/app/dashboard/lists/components/AllListsView.tsx index d81f5fca..0e2f898b 100644 --- a/packages/web/app/dashboard/lists/components/AllListsView.tsx +++ b/packages/web/app/dashboard/lists/components/AllListsView.tsx @@ -2,7 +2,7 @@ import { Button } from "@/components/ui/button"; import { api } from "@/lib/trpc"; -import { ZBookmarkList } from "@/lib/types/api/lists"; +import { ZBookmarkList } from "@hoarder/trpc/types/lists"; import { keepPreviousData } from "@tanstack/react-query"; import { Plus } from "lucide-react"; import Link from "next/link"; diff --git a/packages/web/app/signin/components/CredentialsForm.tsx b/packages/web/app/signin/components/CredentialsForm.tsx index f47708f6..5296e163 100644 --- a/packages/web/app/signin/components/CredentialsForm.tsx +++ b/packages/web/app/signin/components/CredentialsForm.tsx @@ -13,7 +13,7 @@ import { } from "@/components/ui/form"; import { Input } from "@/components/ui/input"; import { ActionButton } from "@/components/ui/action-button"; -import { zSignUpSchema } from "@/lib/types/api/users"; +import { zSignUpSchema } from "@hoarder/trpc/types/users"; import { signIn } from "next-auth/react"; import { useState } from "react"; import { api } from "@/lib/trpc"; diff --git a/packages/web/lib/trpc.tsx b/packages/web/lib/trpc.tsx index aa246047..79a2a9fe 100644 --- a/packages/web/lib/trpc.tsx +++ b/packages/web/lib/trpc.tsx @@ -1,5 +1,5 @@ "use client"; -import type { AppRouter } from "@/server/api/routers/_app"; +import type { AppRouter } from "@hoarder/trpc/routers/_app"; import { createTRPCReact } from "@trpc/react-query"; export const api = createTRPCReact<AppRouter>(); diff --git a/packages/web/package.json b/packages/web/package.json index 5367d189..e0c9d407 100644 --- a/packages/web/package.json +++ b/packages/web/package.json @@ -8,7 +8,8 @@ "build": "next build", "start": "next start", "lint": "next lint", - "test": "vitest" + "test": "vitest", + "typecheck": "tsc --noEmit" }, "dependencies": { "@auth/drizzle-adapter": "^0.8.0", @@ -16,6 +17,7 @@ "@emoji-mart/react": "^1.1.1", "@hoarder/db": "0.1.0", "@hoarder/shared": "0.1.0", + "@hoarder/trpc": "0.1.0", "@hookform/resolvers": "^3.3.4", "@next/eslint-plugin-next": "^14.1.1", "@radix-ui/react-dialog": "^1.0.5", @@ -34,7 +36,6 @@ "@trpc/next": "11.0.0-next-beta.304", "@trpc/react-query": "^11.0.0-next-beta.304", "@trpc/server": "11.0.0-next-beta.304", - "bcrypt": "^5.1.1", "better-sqlite3": "^9.4.3", "class-variance-authority": "^0.7.0", "clsx": "^2.1.0", @@ -60,7 +61,6 @@ }, "devDependencies": { "@tailwindcss/typography": "^0.5.10", - "@types/bcrypt": "^5.0.2", "@types/emoji-mart": "^3.0.14", "@types/react": "^18", "@types/react-dom": "^18", diff --git a/packages/web/server/api/client.ts b/packages/web/server/api/client.ts index 130f4f87..88ea7a0e 100644 --- a/packages/web/server/api/client.ts +++ b/packages/web/server/api/client.ts @@ -1,6 +1,6 @@ -import { appRouter } from "./routers/_app"; +import { appRouter } from "@hoarder/trpc/routers/_app"; import { getServerAuthSession } from "@/server/auth"; -import { Context, createCallerFactory } from "./trpc"; +import { Context, createCallerFactory } from "@hoarder/trpc"; import { db } from "@hoarder/db"; export const createContext = async (database?: typeof db): Promise<Context> => { diff --git a/packages/web/server/auth.ts b/packages/web/server/auth.ts index 1810c87d..950443b9 100644 --- a/packages/web/server/auth.ts +++ b/packages/web/server/auth.ts @@ -2,15 +2,13 @@ import NextAuth, { NextAuthOptions, getServerSession } from "next-auth"; import type { Adapter } from "next-auth/adapters"; import AuthentikProvider from "next-auth/providers/authentik"; import serverConfig from "@hoarder/shared/config"; +import { validatePassword } from "@hoarder/trpc/auth"; import { db } from "@hoarder/db"; import { DefaultSession } from "next-auth"; -import * as bcrypt from "bcrypt"; import CredentialsProvider from "next-auth/providers/credentials"; import { DrizzleAdapter } from "@auth/drizzle-adapter"; -import { randomBytes } from "crypto"; import { Provider } from "next-auth/providers/index"; -import { apiKeys } from "@hoarder/db/schema"; declare module "next-auth/jwt" { export interface JWT { @@ -96,99 +94,3 @@ export const authOptions: NextAuthOptions = { export const authHandler = NextAuth(authOptions); export const getServerAuthSession = () => getServerSession(authOptions); - -// API Keys - -const BCRYPT_SALT_ROUNDS = 10; -const API_KEY_PREFIX = "ak1"; - -export async function generateApiKey(name: string, userId: string) { - const id = randomBytes(10).toString("hex"); - const secret = randomBytes(10).toString("hex"); - const secretHash = await bcrypt.hash(secret, BCRYPT_SALT_ROUNDS); - - const plain = `${API_KEY_PREFIX}_${id}_${secret}`; - - const key = ( - await db - .insert(apiKeys) - .values({ - name: name, - userId: userId, - keyId: id, - keyHash: secretHash, - }) - .returning() - )[0]; - - return { - id: key.id, - name: key.name, - createdAt: key.createdAt, - key: plain, - }; -} - -function parseApiKey(plain: string) { - const parts = plain.split("_"); - if (parts.length != 3) { - throw new Error( - `Malformd API key. API keys should have 3 segments, found ${parts.length} instead.`, - ); - } - if (parts[0] !== API_KEY_PREFIX) { - throw new Error(`Malformd API key. Got unexpected key prefix.`); - } - return { - keyId: parts[1], - keySecret: parts[2], - }; -} - -export async function authenticateApiKey(key: string) { - const { keyId, keySecret } = parseApiKey(key); - const apiKey = await db.query.apiKeys.findFirst({ - where: (k, { eq }) => eq(k.keyId, keyId), - with: { - user: true, - }, - }); - - if (!apiKey) { - throw new Error("API key not found"); - } - - const hash = apiKey.keyHash; - - const validation = await bcrypt.compare(keySecret, hash); - if (!validation) { - throw new Error("Invalid API Key"); - } - - return apiKey.user; -} - -export async function hashPassword(password: string) { - return bcrypt.hash(password, BCRYPT_SALT_ROUNDS); -} - -export async function validatePassword(email: string, password: string) { - const user = await db.query.users.findFirst({ - where: (u, { eq }) => eq(u.email, email), - }); - - if (!user) { - throw new Error("User not found"); - } - - if (!user.password) { - throw new Error("This user doesn't have a password defined"); - } - - const validation = await bcrypt.compare(password, user.password); - if (!validation) { - throw new Error("Wrong password"); - } - - return user; -} |