rparodi/ft_transcendence
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(openapi): Started working on Openapi generation

Browse source 
- Updated to Typebox 1.0.0 to better support Openapi type generation
- Changed dockerfile to fetch depedencies only once
- Fixed Routes to properly handle openapi
- Fixed Routes to respond with multiples status code (no more only 200)
- Fixed Schemas so the auth-gated endpoint properly reflect that
- Added Makefile rule to generate openapi client (none working due to
  missing files)
This commit is contained in:
Maieul BOYER 2025-11-09 02:44:18 +01:00 committed by Maix0
parent 1bd2b4594b
commit b7c2a3dff9
36 changed files with 5472 additions and 833 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -10,3 +10,4 @@ node_modules/
*.db-shm *.db-shm
*.db-wal *.db-wal
/db/ /db/
package-lock.json

13
Makefile
View file

@ -6,7 +6,7 @@
# By: rparodi <rparodi@student.42.fr> +#+ +:+ +#+ # # By: rparodi <rparodi@student.42.fr> +#+ +:+ +#+ #
# +#+#+#+#+#+ +#+ # # +#+#+#+#+#+ +#+ #
# Created: 2023/11/12 11:05:05 by rparodi #+# #+# # # Created: 2023/11/12 11:05:05 by rparodi #+# #+# #
# Updated: 2025/10/29 19:37:40 by maiboyer ### ########.fr # # Updated: 2025/11/09 01:22:55 by maiboyer ### ########.fr #
# # # #
# **************************************************************************** # # **************************************************************************** #
@ -123,6 +123,12 @@ npm@build:
npm@update: npm@update:
(cd ./src/ && rm -rf ./src/node_modules/ && npx pnpm update -r --workspace) (cd ./src/ && rm -rf ./src/node_modules/ && npx pnpm update -r --workspace)
npm@openapi:
@(cd ./src/ && npx pnpm run --if-present -r build:openapi)
@rm -f ./src/openapi.json
@(cd ./src/ && npx pnpm exec redocly join --without-x-tag-groups)
@(cd ./src/ && npx pnpm exec openapi-generator-cli generate -t ../openapi-template -g typescript-fetch -i openapi.json -o ../frontend/src/api/generated);
# this convert the .dbml file to an actual sql file that SQLite can handle :) # this convert the .dbml file to an actual sql file that SQLite can handle :)
sql: sql:
@echo "if the command isn't found, contact maieul :)" @echo "if the command isn't found, contact maieul :)"
@ -138,5 +144,10 @@ tmux:
@tmux select-window -t $(PROJECT):0 @tmux select-window -t $(PROJECT):0
@tmux attach-session -t $(PROJECT) @tmux attach-session -t $(PROJECT)
fnginx:
fnginx &
-(cd ./frontend && pnpm exec vite --clearScreen false)
wait
# phony # phony
.PHONY: all clean fclean re header footer npm@install npm@clean npm@fclean npm@build sql tmux .PHONY: all clean fclean re header footer npm@install npm@clean npm@fclean npm@build sql tmux

32
package-lock.json generated
View file

@ -1,32 +0,0 @@
{
"name": "trans",
"version": "0.0.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "trans",
"version": "0.0.0",
"license": "ISC",
"devDependencies": {
"husky": "^9.1.7"
}
},
"node_modules/husky": {
"version": "9.1.7",
"resolved": "https://registry.npmjs.org/husky/-/husky-9.1.7.tgz",
"integrity": "sha512-5gs5ytaNjBrh5Ow3zrvdUUY+0VxIuWVL4i9irt6friV+BqdCfmV11CQTWMiBYWHbXhco+J1kHfTOUkePhCDvMA==",
"dev": true,
"license": "MIT",
"bin": {
"husky": "bin.js"
},
"engines": {
"node": ">=18"
},
"funding": {
"url": "https://github.com/sponsors/typicode"
}
}
}
}

6
src/@shared/package.json
View file

@ -11,7 +11,8 @@
"dependencies": { "dependencies": {
"@fastify/cookie": "^11.0.2", "@fastify/cookie": "^11.0.2",
"@fastify/jwt": "^9.1.0", "@fastify/jwt": "^9.1.0",
"@sinclair/typebox": "^0.34.41", "@fastify/swagger": "^9.6.0",
"@fastify/swagger-ui": "^5.2.3",
"@types/bcrypt": "^6.0.0", "@types/bcrypt": "^6.0.0",
"bcrypt": "^6.0.0", "bcrypt": "^6.0.0",
"better-sqlite3": "^11.10.0", "better-sqlite3": "^11.10.0",
@ -19,10 +20,11 @@
"fastify-plugin": "^5.1.0", "fastify-plugin": "^5.1.0",
"joi": "^18.0.1", "joi": "^18.0.1",
"otp": "^1.1.2", "otp": "^1.1.2",
"typebox": "^1.0.51",
"uuidv7": "^1.0.2" "uuidv7": "^1.0.2"
}, },
"devDependencies": { "devDependencies": {
"@types/better-sqlite3": "^7.6.13", "@types/better-sqlite3": "^7.6.13",
"@types/node": "^22.18.13" "@types/node": "^22.19.0"
} }
} }

117
src/@shared/src/auth/index.ts
View file

@ -3,10 +3,11 @@ import cookie from '@fastify/cookie';
import fastifyJwt from '@fastify/jwt'; import fastifyJwt from '@fastify/jwt';
import fp from 'fastify-plugin'; import fp from 'fastify-plugin';
import { FastifyPluginAsync, preValidationAsyncHookHandler } from 'fastify'; import { FastifyPluginAsync, preValidationAsyncHookHandler } from 'fastify';
import { Static, Type } from '@sinclair/typebox'; import { Static, TSchema, Type } from 'typebox';
import * as Typebox from 'typebox';
import { UserId } from '@shared/database/mixin/user'; import { UserId } from '@shared/database/mixin/user';
import { useDatabase } from '@shared/database'; import { useDatabase } from '@shared/database';
import { isNullish, makeResponse } from '@shared/utils'; import { isNullish, typeResponse } from '@shared/utils';
const kRouteAuthDone = Symbol('shared-route-auth-done'); const kRouteAuthDone = Symbol('shared-route-auth-done');
@ -53,11 +54,8 @@ export const jwtPlugin = fp<FastifyPluginAsync>(async (fastify, _opts) => {
export const JwtType = Type.Object({ export const JwtType = Type.Object({
kind: Type.Union([ kind: Type.Union([
Type.Const('otp', { Type.Enum(['otp', 'auth'], {
description: 'the token is only valid for otp call', description: 'otp: token represent an inflight login request\nauth: represent a logged in user',
}),
Type.Const('auth', {
description: 'the token is valid for authentication',
}), }),
]), ]),
who: Type.String({ description: 'the login of the user' }), who: Type.String({ description: 'the login of the user' }),
@ -68,62 +66,75 @@ export const JwtType = Type.Object({
export type JwtType = Static<typeof JwtType>; export type JwtType = Static<typeof JwtType>;
let authAdded = false; export const authSchema = typeResponse('notLoggedIn', ['auth.noCookie', 'auth.invalidKind', 'auth.noUser', 'auth.invalid']);
export const authPlugin = fp<FastifyPluginAsync>(async (fastify, _opts) => {
void _opts;
if (authAdded) return void console.log('skipping'); let authAdded = false;
export const authPlugin = fp<{ onlySchema?: boolean }>(async (fastify, { onlySchema }) => {
if (authAdded) return;
const bOnlySchema = onlySchema ?? false;
authAdded = true; authAdded = true;
await fastify.register(useDatabase as FastifyPluginAsync, {}); if (!bOnlySchema) {
await fastify.register(jwtPlugin as FastifyPluginAsync, {}); await fastify.register(useDatabase as FastifyPluginAsync, {});
await fastify.register(cookie); await fastify.register(jwtPlugin as FastifyPluginAsync, {});
if (!fastify.hasRequestDecorator('authUser')) { fastify.decorateRequest('authUser', undefined); } await fastify.register(cookie);
if (!fastify.hasRequestDecorator('authUser')) { fastify.decorateRequest('authUser', undefined); }
}
fastify.addHook('onRoute', (routeOpts) => { fastify.addHook('onRoute', (routeOpts) => {
if ( if (
routeOpts.config?.requireAuth && routeOpts.config?.requireAuth &&
!routeOpts[kRouteAuthDone] !routeOpts[kRouteAuthDone]
) { ) {
const f: preValidationAsyncHookHandler = async function(req, res) { routeOpts.schema = routeOpts.schema ?? {};
try { routeOpts.schema.response = routeOpts.schema.response ?? {};
if (isNullish(req.cookies.token)) { let schema: TSchema = authSchema;
return res if ('401' in (routeOpts.schema.response as { [k: string]: TSchema })) {
.clearCookie('token') const schema_orig = (routeOpts.schema.response as { [k: string]: TSchema })['401'];
.send( if (schema_orig[Typebox.Kind] === 'Union') {
JSON.stringify(makeResponse('notLoggedIn', 'auth.noCookie')), schema = Typebox.Union([...((schema_orig as Typebox.TUnion).anyOf), authSchema]);
);
}
const tok = this.jwt.verify<JwtType>(req.cookies.token);
if (tok.kind != 'auth') {
return res
.clearCookie('token')
.send(
JSON.stringify(makeResponse('notLoggedIn', 'auth.invalidKind')),
);
}
const user = this.db.getUser(tok.who);
if (isNullish(user)) {
return res
.clearCookie('token')
.send(
JSON.stringify(makeResponse('notLoggedIn', 'auth.noUser')),
);
}
req.authUser = { id: user.id, name: tok.who };
} }
catch { else if (schema_orig[Typebox.Kind] === 'Object') {
return res schema = Typebox.Union([schema_orig, authSchema]);
.clearCookie('token')
.send(JSON.stringify(makeResponse('notLoggedIn', 'auth.invalid')));
} }
};
if (!routeOpts.preValidation) {
routeOpts.preValidation = [f];
} }
else if (Array.isArray(routeOpts.preValidation)) { (routeOpts.schema.response as { [k: string]: TSchema })['401'] = schema;
routeOpts.preValidation.push(f); if (!bOnlySchema) {
} const f: preValidationAsyncHookHandler = async function(req, res) {
else { try {
routeOpts.preValidation = [routeOpts.preValidation, f]; if (isNullish(req.cookies.token)) {
return res
.clearCookie('token')
.makeResponse(401, 'notLoggedIn', 'auth.noCookie');
}
const tok = this.jwt.verify<JwtType>(req.cookies.token);
if (tok.kind != 'auth') {
return res
.clearCookie('token')
.makeResponse(401, 'notLoggedIn', 'auth.invalidKind');
}
const user = this.db.getUser(tok.who);
if (isNullish(user)) {
return res
.clearCookie('token')
.makeResponse(401, 'notLoggedIn', 'auth.noUser');
}
req.authUser = { id: user.id, name: tok.who };
}
catch {
return res
.clearCookie('token')
.makeResponse(401, 'notLoggedIn', 'auth.invalid');
}
};
if (!routeOpts.preValidation) {
routeOpts.preValidation = [f];
}
else if (Array.isArray(routeOpts.preValidation)) {
routeOpts.preValidation.push(f);
}
else {
routeOpts.preValidation = [routeOpts.preValidation, f];
}
} }
routeOpts[kRouteAuthDone] = true; routeOpts[kRouteAuthDone] = true;

26
src/@shared/src/swagger/index.ts Normal file
View file

@ -0,0 +1,26 @@
import fastifySwagger from '@fastify/swagger';
import fastifySwaggerUi from '@fastify/swagger-ui';
import fp from 'fastify-plugin';
export const useSwagger = fp(async (fastify, opts: { service: string }) => {
await fastify.register(fastifySwagger, {
openapi: {
openapi: '3.1.0',
servers: [
{
url: 'https://local.maix.me:8888',
description: 'direct from docker',
},
{
url: 'https://local.maix.me:8000',
description: 'using fnginx',
},
],
},
});
await fastify.register(fastifySwaggerUi, {
routePrefix: `/api/${opts.service}/documentation`,
});
});
export default useSwagger;

143
src/@shared/src/utils/index.ts
View file

@ -1,37 +1,60 @@
import { TObject, TProperties, Type } from '@sinclair/typebox'; import {
Parameters,
Static,
TEnum,
TSchema,
Type,
TProperties,
TObject,
} from 'typebox';
import { FastifyReply } from 'fastify';
import fp from 'fastify-plugin';
/** const kMakeResponseSym = Symbol('make-response-sym');
* @description Represent a message key declare module 'fastify' {
* Used for translation of text, taken from a prebuilt dictionary export interface RouteOptions {
* Format: `category.sub.desc` [kMakeResponseSym]: boolean;
* }
* @example `login.failure.invalid` }
* @example `login.failure.missingPassword` export const useMakeResponse = fp(async (fastify, opts) => {
* @example `login.failure.missingUser` void opts;
* @example `signin.success`
* @example `pong.you.lost` fastify.decorateReply('makeResponse', makeResponse);
*/ });
export type MessageKey = string;
export type ResponseBase<T = object> = { export type MakeStaticResponse<T extends { [k: string]: TSchema }> = {
[k in keyof T]: Static<T[k]>;
};
declare module 'fastify' {
interface FastifyReply {
/**
* @description Builds a response from a `kind`, `key` and an arbitrary payload
*
* * USE THIS FUNCTION TO ALLOW GREPING :) *
*
* @example makeResponse("failure", "login.failure.invalid")
* @example makeResponse("success", "login.success", { token: "supersecrettoken" })
*/
makeResponse<T extends object>(
status: Parameters<FastifyReply['code']>[0],
kind: string,
key: string,
payload?: T,
): ReturnType<FastifyReply['send']>;
}
}
function makeResponse<T extends object>(
this: FastifyReply,
status: Parameters<FastifyReply['code']>[0],
kind: string, kind: string,
msg: MessageKey, key: string,
payload?: T, payload?: T,
): ReturnType<FastifyReply['send']> {
return this.code(status).send({ kind, msg: key, payload });
} }
/**
* @description Builds a response from a `kind`, `key` and an arbitrary payload
*
* * USE THIS FUNCTION TO ALLOW GREPING :) *
*
* @example makeResponse("failure", "login.failure.invalid")
* @example makeResponse("success", "login.success", { token: "supersecrettoken" })
*/
export function makeResponse<T = object>(kind: string, key: MessageKey, payload?: T): ResponseBase<T> {
console.log(`making response {kind: ${JSON.stringify(kind)}; key: ${JSON.stringify(key)}}`);
return { kind, msg: key, payload };
}
/** /**
* @description Create a typebox Type for a response. * @description Create a typebox Type for a response.
* *
@ -39,20 +62,60 @@ export function makeResponse<T = object>(kind: string, key: MessageKey, payload?
* @example typeResponse("otpRequired", "login.otpRequired", { token: Type.String() }) * @example typeResponse("otpRequired", "login.otpRequired", { token: Type.String() })
* @example typeResponse("success", "login.success", { token: Type.String() }) * @example typeResponse("success", "login.success", { token: Type.String() })
*/ */
export function typeResponse(kind: string, key: MessageKey | MessageKey[], payload?: TProperties): TObject<TProperties> { export function typeResponse<K extends string, M extends string>(
let tKey; kind: K,
if (key instanceof Array) { key: M,
tKey = Type.Union(key.map(l => Type.Const(l))); ): TObject<{
} kind: TEnum<[K]>;
else { msg: TEnum<M[]>;
tKey = Type.Const(key); }>;
} export function typeResponse<K extends string, M extends string[]>(
kind: K,
key: [...M],
): TObject<{
kind: TEnum<K[]>;
msg: TEnum<M>;
}>;
export function typeResponse<
K extends string,
M extends string,
T extends TProperties,
>(
kind: K,
key: M,
payload: T,
): TObject<{
kind: TEnum<[K]>;
msg: TEnum<M[]>;
payload: TObject<T>;
}>;
export function typeResponse<
K extends string,
M extends string[],
T extends TProperties,
>(
kind: K,
key: [...M],
payload: T,
): TObject<{
kind: TEnum<[K]>;
msg: TEnum<M>;
payload: TObject<T>;
}>;
export function typeResponse<K extends string, T extends TProperties>(
kind: K,
key: unknown,
payload?: T,
): unknown {
const tKey = Type.Enum(Array.isArray(key) ? key : [key]);
const Ty = { const Ty = {
kind: Type.Const(kind), kind: Type.Enum([kind]),
msg: tKey, msg: tKey,
}; };
if (payload !== undefined) {Object.assign(Ty, { payload: Type.Object(payload) });} if (payload !== undefined) {
Object.assign(Ty, { payload: Type.Object(payload) });
}
return Type.Object(Ty); return Type.Object(Ty);
} }
@ -68,6 +131,6 @@ export function typeResponse(kind: string, key: MessageKey | MessageKey[], paylo
* @example assert_equal(isNullish({}), false); * @example assert_equal(isNullish({}), false);
* @example assert_equal(isNullish(false), false); * @example assert_equal(isNullish(false), false);
*/ */
export function isNullish<T>(v: T | undefined | null): v is (null | undefined) { export function isNullish<T>(v: T | undefined | null): v is null | undefined {
return v === null || v === undefined; return v === null || v === undefined;
} }

19
src/Dockerfile
View file

@ -2,18 +2,28 @@ FROM node:22-alpine AS pnpm_base
RUN npm install --global pnpm@10 --no-fund -q; RUN npm install --global pnpm@10 --no-fund -q;
RUN apk add make python3 gcc clang build-base musl-dev; RUN apk add make python3 gcc clang build-base musl-dev;
FROM pnpm_base AS deps
WORKDIR /build
ARG SERVICE
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml /build/
COPY @shared/package.json /build/@shared/
COPY ${SERVICE}/package.json /build/${SERVICE}/
RUN pnpm install --frozen-lockfile;
FROM pnpm_base AS builder FROM pnpm_base AS builder
ARG SERVICE ARG SERVICE
WORKDIR /build WORKDIR /build
COPY package.json /build/ COPY package.json /build/
COPY @shared/package.json /build/@shared/ COPY @shared/package.json /build/@shared/
COPY ${SERVICE}/ /build/${SERVICE} COPY ${SERVICE}/ /build/${SERVICE}
COPY tsconfig.base.json pnpm-workspace.yaml pnpm-lock.yaml /build/ COPY tsconfig.base.json pnpm-workspace.yaml pnpm-lock.yaml /build/
COPY ${SERVICE}/entrypoint.sh /build/ COPY ${SERVICE}/entrypoint.sh /build/
RUN pnpm install --frozen-lockfile; COPY --from=deps /build/node_modules /build/node_modules
COPY @shared/ /build/@shared/ COPY @shared/ /build/@shared/
COPY ${SERVICE}/ /build/${SERVICE}/ COPY ${SERVICE}/ /build/${SERVICE}/
@ -34,8 +44,9 @@ FROM pnpm_base
WORKDIR /src WORKDIR /src
ARG EXTRA_FILES=empty ARG EXTRA_FILES=empty
COPY --from=builder /dist /src COPY --from=builder /dist /src
RUN pnpm install --prod --frozen-lockfile; COPY --from=deps /build/node_modules /src/node_modules
COPY ${EXTRA_FILES} /extra COPY ${EXTRA_FILES} /extra
ENTRYPOINT [ "/src/entrypoint.sh" ] ENTRYPOINT [ "/src/entrypoint.sh" ]

849
src/auth/openapi.json Normal file
View file

@ -0,0 +1,849 @@
{
"openapi": "3.1.0",
"info": {
"version": "9.6.0",
"title": "@fastify/swagger"
},
"components": {
"schemas": {}
},
"paths": {
"/api/auth/disableOtp": {
"put": {
"operationId": "disableOtp",
"responses": {
"200": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"success"
]
},
"msg": {
"enum": [
"disableOtp.success"
]
}
}
}
}
}
},
"401": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"notLoggedIn"
]
},
"msg": {
"enum": [
"auth.noCookie",
"auth.invalidKind",
"auth.noUser",
"auth.invalid"
]
}
}
}
}
}
},
"500": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failure"
]
},
"msg": {
"enum": [
"disableOtp.failure.generic"
]
}
}
}
}
}
}
}
}
},
"/api/auth/enableOtp": {
"put": {
"operationId": "enableOtp",
"responses": {
"200": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg",
"payload"
],
"properties": {
"kind": {
"enum": [
"success"
]
},
"msg": {
"enum": [
"enableOtp.success"
]
},
"payload": {
"type": "object",
"required": [
"url"
],
"properties": {
"url": {
"type": "string",
"description": "The otp url to feed into a 2fa app"
}
}
}
}
}
}
}
},
"401": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"notLoggedIn"
]
},
"msg": {
"enum": [
"auth.noCookie",
"auth.invalidKind",
"auth.noUser",
"auth.invalid"
]
}
}
}
}
}
}
}
}
},
"/api/auth/guest": {
"post": {
"operationId": "guestLogin",
"responses": {
"200": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg",
"payload"
],
"properties": {
"kind": {
"enum": [
"success"
]
},
"msg": {
"enum": [
"guestLogin.success"
]
},
"payload": {
"type": "object",
"required": [
"token"
],
"properties": {
"token": {
"type": "string",
"description": "JWT that represent a logged in user"
}
}
}
}
}
}
}
},
"500": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failed"
]
},
"msg": {
"enum": [
"guestLogin.failed.generic.unknown",
"guestLogin.failed.generic.error"
]
}
}
}
}
}
}
}
}
},
"/api/auth/login": {
"post": {
"operationId": "login",
"requestBody": {
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"name",
"password"
],
"properties": {
"name": {
"type": "string"
},
"password": {
"type": "string"
}
}
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg",
"payload"
],
"properties": {
"kind": {
"enum": [
"success"
]
},
"msg": {
"enum": [
"login.success"
]
},
"payload": {
"type": "object",
"required": [
"token"
],
"properties": {
"token": {
"type": "string",
"description": "JWT that represent a logged in user"
}
}
}
}
}
}
}
},
"202": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg",
"payload"
],
"properties": {
"kind": {
"enum": [
"otpRequired"
]
},
"msg": {
"enum": [
"login.otpRequired"
]
},
"payload": {
"type": "object",
"required": [
"token"
],
"properties": {
"token": {
"type": "string",
"description": "JWT to send with the OTP to finish login"
}
}
}
}
}
}
}
},
"400": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failed"
]
},
"msg": {
"enum": [
"login.failed.generic",
"login.failed.invalid"
]
}
}
}
}
}
}
}
}
},
"/api/auth/logout": {
"post": {
"operationId": "logout",
"responses": {
"200": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"success"
]
},
"msg": {
"enum": [
"logout.success"
]
}
}
}
}
}
}
}
}
},
"/api/auth/otp": {
"post": {
"operationId": "loginOtp",
"requestBody": {
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"token",
"code"
],
"properties": {
"token": {
"type": "string",
"description": "The token given at the login phase"
},
"code": {
"type": "string",
"description": "The OTP given by the user"
}
}
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg",
"payload"
],
"properties": {
"kind": {
"enum": [
"success"
]
},
"msg": {
"enum": [
"otp.success"
]
},
"payload": {
"type": "object",
"required": [
"token"
],
"properties": {
"token": {
"type": "string",
"description": "the JWT Token"
}
}
}
}
}
}
}
},
"400": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failed"
]
},
"msg": {
"enum": [
"otp.failed.invalid"
]
}
}
}
}
}
},
"401": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failed"
]
},
"msg": {
"enum": [
"otp.failed.noSecret"
]
}
}
}
}
}
},
"408": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failed"
]
},
"msg": {
"enum": [
"otp.failed.timeout"
]
}
}
}
}
}
},
"500": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failed"
]
},
"msg": {
"enum": [
"otp.failed.generic"
]
}
}
}
}
}
}
}
}
},
"/api/auth/signin": {
"post": {
"operationId": "signin",
"requestBody": {
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"name",
"password"
],
"properties": {
"name": {
"type": "string"
},
"password": {
"type": "string"
}
}
}
}
},
"required": true
},
"responses": {
"200": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg",
"payload"
],
"properties": {
"kind": {
"enum": [
"success"
]
},
"msg": {
"enum": [
"signin.success"
]
},
"payload": {
"type": "object",
"required": [
"token"
],
"properties": {
"token": {
"type": "string",
"description": "the JWT token"
}
}
}
}
}
}
}
},
"400": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failed"
]
},
"msg": {
"enum": [
"signin.failed.username.existing",
"signin.failed.username.toolong",
"signin.failed.username.tooshort",
"signin.failed.username.invalid",
"signin.failed.password.toolong",
"signin.failed.password.tooshort",
"signin.failed.password.invalid"
]
}
}
}
}
}
},
"500": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failed"
]
},
"msg": {
"enum": [
"signin.failed.generic"
]
}
}
}
}
}
}
}
}
},
"/api/auth/statusOtp": {
"get": {
"operationId": "statusOtp",
"responses": {
"200": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"anyOf": [
{
"type": "object",
"required": [
"kind",
"msg",
"payload"
],
"properties": {
"kind": {
"enum": [
"success"
]
},
"msg": {
"enum": [
"statusOtp.success.enabled"
]
},
"payload": {
"type": "object",
"required": [
"url"
],
"properties": {
"url": {
"type": "string",
"description": "The otp url to feed into a 2fa app"
}
}
}
}
},
{
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"success"
]
},
"msg": {
"enum": [
"statusOtp.success.disabled"
]
}
}
}
]
}
}
}
},
"401": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"notLoggedIn"
]
},
"msg": {
"enum": [
"auth.noCookie",
"auth.invalidKind",
"auth.noUser",
"auth.invalid"
]
}
}
}
}
}
},
"500": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failure"
]
},
"msg": {
"enum": [
"statusOtp.failure.generic"
]
}
}
}
}
}
}
}
}
}
},
"servers": [
{
"url": "https://local.maix.me:8888",
"description": "direct from docker"
},
{
"url": "https://local.maix.me:8000",
"description": "using fnginx"
}
]
}

13
src/auth/package.json
View file

@ -11,7 +11,8 @@
"scripts": { "scripts": {
"start": "npm run build && node dist/run.js", "start": "npm run build && node dist/run.js",
"build": "vite build", "build": "vite build",
"build:prod": "vite build --outDir=/dist --minify=true --sourcemap=false" "build:prod": "vite build --outDir=/dist --minify=true --sourcemap=false",
"build:openapi": "VITE_ENTRYPOINT=src/openapi.ts vite build && node dist/openapi.cjs >openapi.json"
}, },
"keywords": [], "keywords": [],
"author": "", "author": "",
@ -22,16 +23,16 @@
"@fastify/multipart": "^9.3.0", "@fastify/multipart": "^9.3.0",
"@fastify/sensible": "^6.0.3", "@fastify/sensible": "^6.0.3",
"@fastify/static": "^8.3.0", "@fastify/static": "^8.3.0",
"@sinclair/typebox": "^0.34.41", "typebox": "^1.0.51",
"confbox": "^0.2.2", "confbox": "^0.2.2",
"fastify": "^5.6.1", "fastify": "^5.6.1",
"fastify-cli": "^7.4.0", "fastify-cli": "^7.4.1",
"fastify-plugin": "^5.1.0" "fastify-plugin": "^5.1.0"
}, },
"devDependencies": { "devDependencies": {
"@types/node": "^22.18.13", "@types/node": "^22.19.0",
"rollup-plugin-node-externals": "^8.1.1", "rollup-plugin-node-externals": "^8.1.2",
"vite": "^7.1.12", "vite": "^7.2.2",
"vite-tsconfig-paths": "^5.1.4" "vite-tsconfig-paths": "^5.1.4"
} }
} }

6
src/auth/src/app.ts
View file

@ -3,6 +3,10 @@ import fastifyFormBody from '@fastify/formbody';
import fastifyMultipart from '@fastify/multipart'; import fastifyMultipart from '@fastify/multipart';
import * as db from '@shared/database'; import * as db from '@shared/database';
import * as auth from '@shared/auth'; import * as auth from '@shared/auth';
import * as swagger from '@shared/swagger';
import * as utils from '@shared/utils';
declare const __SERVICE_NAME: string;
// @ts-expect-error: import.meta.glob is a vite thing. Typescript doesn't know this... // @ts-expect-error: import.meta.glob is a vite thing. Typescript doesn't know this...
const plugins = import.meta.glob('./plugins/**/*.ts', { eager: true }); const plugins = import.meta.glob('./plugins/**/*.ts', { eager: true });
@ -18,6 +22,8 @@ declare module 'fastify' {
const app: FastifyPluginAsync = async (fastify, opts): Promise<void> => { const app: FastifyPluginAsync = async (fastify, opts): Promise<void> => {
void opts; void opts;
await fastify.register(utils.useMakeResponse);
await fastify.register(swagger.useSwagger, { service: __SERVICE_NAME });
await fastify.register(db.useDatabase as FastifyPluginAsync, {}); await fastify.register(db.useDatabase as FastifyPluginAsync, {});
await fastify.register(auth.jwtPlugin as FastifyPluginAsync, {}); await fastify.register(auth.jwtPlugin as FastifyPluginAsync, {});
await fastify.register(auth.authPlugin as FastifyPluginAsync, {}); await fastify.register(auth.authPlugin as FastifyPluginAsync, {});

4
src/auth/src/oauth2.ts
View file

@ -1,7 +1,7 @@
import { isNullish } from '@shared/utils'; import { isNullish } from '@shared/utils';
import type { Provider, ProviderSecret, ProviderUserInfo } from './plugins/providers'; import type { Provider, ProviderSecret, ProviderUserInfo } from './plugins/providers';
import Type, { Static } from '@sinclair/typebox'; import Type, { Static } from 'typebox';
import Value from '@sinclair/typebox/value'; import Value from 'typebox/value';
import { createHash, randomBytes } from 'node:crypto'; import { createHash, randomBytes } from 'node:crypto';
// An openid manifest is a standard json object, which all required data to use the service. // An openid manifest is a standard json object, which all required data to use the service.

21
src/auth/src/openapi.ts Normal file
View file

@ -0,0 +1,21 @@
import f, { FastifyPluginAsync } from 'fastify';
import * as swagger from '@shared/swagger';
import * as auth from '@shared/auth';
declare const __SERVICE_NAME: string;
// @ts-expect-error: import.meta.glob is a vite thing. Typescript doesn't know this...
const routes = import.meta.glob('./routes/**/*.ts', { eager: true });
async function start() {
const fastify = f({ logger: false });
await fastify.register(auth.authPlugin, { onlySchema: true });
await fastify.register(swagger.useSwagger, { service: __SERVICE_NAME });
for (const route of Object.values(routes)) {
await fastify.register(route as FastifyPluginAsync, {});
}
await fastify.ready();
console.log(JSON.stringify(fastify.swagger(), undefined, 4));
}
start();

4
src/auth/src/plugins/providers.ts
View file

@ -1,8 +1,8 @@
import { isNullish } from '@shared/utils'; import { isNullish } from '@shared/utils';
import fp from 'fastify-plugin'; import fp from 'fastify-plugin';
import { readFile } from 'node:fs/promises'; import { readFile } from 'node:fs/promises';
import * as T from '@sinclair/typebox'; import * as T from 'typebox';
import * as V from '@sinclair/typebox/value'; import * as V from 'typebox/value';
import { Oauth2 } from '../oauth2'; import { Oauth2 } from '../oauth2';
import { parseTOML } from 'confbox'; import { parseTOML } from 'confbox';

23
src/auth/src/routes/disableOtp.ts
View file

@ -1,26 +1,25 @@
import { FastifyPluginAsync } from 'fastify'; import { FastifyPluginAsync } from 'fastify';
import { Static, Type } from '@sinclair/typebox'; // import { Static, Type } from 'typebox';
import { makeResponse, typeResponse, isNullish } from '@shared/utils'; import { typeResponse, isNullish } from '@shared/utils';
export const WhoAmIRes = Type.Union([ export const DisableOtpRes = {
typeResponse('success', 'disableOtp.success'), '200': typeResponse('success', 'disableOtp.success'),
typeResponse('failure', 'disableOtp.failure.generic'), '500': typeResponse('failure', 'disableOtp.failure.generic'),
]); };
export type WhoAmIRes = Static<typeof WhoAmIRes>;
const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => { const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.put( fastify.put(
'/api/auth/disableOtp', '/api/auth/disableOtp',
{ schema: { response: { '2xx': WhoAmIRes } }, config: { requireAuth: true } }, { schema: { response: DisableOtpRes, operationId: 'disableOtp' }, config: { requireAuth: true } },
async function(req, _res) { async function(req, res) {
void _res; void res;
if (isNullish(req.authUser)) {return makeResponse('failure', 'disableOtp.failure.generic');} if (isNullish(req.authUser)) { return res.makeResponse(500, 'failure', 'disableOtp.failure.generic'); }
this.db.deleteUserOtpSecret(req.authUser.id); this.db.deleteUserOtpSecret(req.authUser.id);
return makeResponse('success', 'disableOtp.success'); return res.makeResponse(200, 'success', 'disableOtp.success');
}, },
); );
}; };

32
src/auth/src/routes/enableOtp.ts
View file

@ -1,29 +1,33 @@
import { FastifyPluginAsync } from 'fastify'; import { FastifyPluginAsync } from 'fastify';
import { Static, Type } from '@sinclair/typebox'; import { Type } from 'typebox';
import { isNullish, makeResponse, typeResponse } from '@shared/utils'; import { isNullish, MakeStaticResponse, typeResponse } from '@shared/utils';
import { Otp } from '@shared/auth'; import { Otp } from '@shared/auth';
export const WhoAmIRes = Type.Union([ export const EnableOtpRes = {
typeResponse('success', 'enableOtp.success', { url: Type.String({ description: 'The otp url to feed into a 2fa app' }) }), '200': typeResponse('success', 'enableOtp.success', {
typeResponse('failure', ['enableOtp.failure.noUser', 'enableOtp.failure.noSecret']), url: Type.String({ description: 'The otp url to feed into a 2fa app' }),
]); }),
'401': typeResponse('failure', ['enableOtp.failure.noUser', 'enableOtp.failure.noSecret']),
};
export type WhoAmIRes = Static<typeof WhoAmIRes>; export type EnableOtpRes = MakeStaticResponse<typeof EnableOtpRes>;
const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => { const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.put( fastify.put<{ Reply: EnableOtpRes }>(
'/api/auth/enableOtp', '/api/auth/enableOtp',
{ schema: { response: { '2xx': WhoAmIRes } }, config: { requireAuth: true } }, { schema: { response: EnableOtpRes, operationId: 'enableOtp' }, config: { requireAuth: true } },
async function(req, _res) { async function(req, res) {
void _res; if (isNullish(req.authUser)) { return res.makeResponse(403, 'failure', 'enableOtp.failure.noUser'); }
if (isNullish(req.authUser)) {return makeResponse('failure', 'enableOtp.failure.noUser');}
const otpSecret = this.db.ensureUserOtpSecret(req.authUser!.id); const otpSecret = this.db.ensureUserOtpSecret(req.authUser!.id);
if (isNullish(otpSecret)) {return makeResponse('failure', 'enableOtp.failure.noSecret');} if (isNullish(otpSecret)) { return res.makeResponse(403, 'failure', 'enableOtp.failure.noSecret'); }
const otp = new Otp({ secret: otpSecret }); const otp = new Otp({ secret: otpSecret });
return makeResponse('success', 'enableOtp.success', { url: otp.totpURL });
return res.makeResponse(200, 'success', 'enableOtp.success', { url: otp.totpURL });
}, },
); );
}; };

24
src/auth/src/routes/guestLogin.ts
View file

@ -1,18 +1,18 @@
import { FastifyPluginAsync } from 'fastify'; import { FastifyPluginAsync } from 'fastify';
import { Static, Type } from '@sinclair/typebox'; import { Type } from 'typebox';
import { typeResponse, makeResponse, isNullish } from '@shared/utils'; import { typeResponse, isNullish, MakeStaticResponse } from '@shared/utils';
export const GuestLoginRes = Type.Union([ export const GuestLoginRes = {
typeResponse('failed', ['guestLogin.failed.generic.unknown', 'guestLogin.failed.generic.error']), '500': typeResponse('failed', ['guestLogin.failed.generic.unknown', 'guestLogin.failed.generic.error']),
typeResponse('success', 'guestLogin.success', { '200': typeResponse('success', 'guestLogin.success', {
token: Type.String({ token: Type.String({
description: 'JWT that represent a logged in user', description: 'JWT that represent a logged in user',
}), }),
}), }),
]); };
export type GuestLoginRes = Static<typeof GuestLoginRes>; export type GuestLoginRes = MakeStaticResponse<typeof GuestLoginRes>;
const getRandomFromList = (list: string[]): string => { const getRandomFromList = (list: string[]): string => {
return list[Math.floor(Math.random() * list.length)]; return list[Math.floor(Math.random() * list.length)];
@ -20,9 +20,9 @@ const getRandomFromList = (list: string[]): string => {
const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => { const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.post( fastify.post<{ Body: null, Reply: GuestLoginRes }>(
'/api/auth/guest', '/api/auth/guest',
{ schema: { response: { '2xx': GuestLoginRes } } }, { schema: { response: GuestLoginRes, operationId: 'guestLogin' } },
async function(req, res) { async function(req, res) {
void req; void req;
void res; void res;
@ -40,15 +40,15 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
true, true,
); );
if (isNullish(user)) { if (isNullish(user)) {
return makeResponse('failed', 'guestLogin.failed.generic.unknown'); return res.makeResponse(500, 'failed', 'guestLogin.failed.generic.unknown');
} }
return makeResponse('success', 'guestLogin.success', { return res.makeResponse(200, 'success', 'guestLogin.success', {
token: this.signJwt('auth', user.id.toString()), token: this.signJwt('auth', user.id.toString()),
}); });
} }
catch (e: unknown) { catch (e: unknown) {
fastify.log.error(e); fastify.log.error(e);
return makeResponse('failed', 'guestLogin.failed.generic.error'); return res.makeResponse(500, 'failed', 'guestLogin.failed.generic.error');
} }
}, },
); );

34
src/auth/src/routes/login.ts
View file

@ -1,7 +1,7 @@
import { FastifyPluginAsync } from 'fastify'; import { FastifyPluginAsync } from 'fastify';
import { Static, Type } from '@sinclair/typebox'; import { Static, Type } from 'typebox';
import { typeResponse, makeResponse, isNullish } from '@shared/utils'; import { typeResponse, isNullish, MakeStaticResponse } from '@shared/utils';
import { verifyUserPassword } from '@shared/database/mixin/user'; import { verifyUserPassword } from '@shared/database/mixin/user';
export const LoginReq = Type.Object({ export const LoginReq = Type.Object({
@ -11,45 +11,45 @@ export const LoginReq = Type.Object({
export type LoginReq = Static<typeof LoginReq>; export type LoginReq = Static<typeof LoginReq>;
export const LoginRes = Type.Union([ export const LoginRes = {
typeResponse('failed', ['login.failed.generic', 'login.failed.invalid']), '400': typeResponse('failed', ['login.failed.generic', 'login.failed.invalid']),
typeResponse('otpRequired', 'login.otpRequired', { token: Type.String({ description: 'JWT to send with the OTP to finish login' }) }), '200': typeResponse('success', 'login.success', { token: Type.String({ description: 'JWT that represent a logged in user' }) }),
typeResponse('success', 'login.success', { token: Type.String({ description: 'JWT that represent a logged in user' }) }), '202': typeResponse('otpRequired', 'login.otpRequired', {
]); token: Type.String({ description: 'JWT to send with the OTP to finish login' }),
}),
};
export type LoginRes = MakeStaticResponse<typeof LoginRes>;
export type LoginRes = Static<typeof LoginRes>;
const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => { const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.post<{ Body: LoginReq; Response: LoginRes }>( fastify.post<{ Body: LoginReq; Response: LoginRes }>(
'/api/auth/login', '/api/auth/login',
{ schema: { body: LoginReq, response: { '2xx': LoginRes } } }, { schema: { body: LoginReq, response: LoginRes, operationId: 'login' } },
async function(req, _res) { async function(req, res) {
void _res;
try { try {
const { name, password } = req.body; const { name, password } = req.body;
const user = this.db.getUserFromLoginName(name); const user = this.db.getUserFromLoginName(name);
// does the user exist // does the user exist
// does it have a password setup ? // does it have a password setup ?
if (isNullish(user?.password)) {return makeResponse('failed', 'login.failed.invalid');} if (isNullish(user?.password)) { return res.makeResponse(403, 'failed', 'login.failed.invalid'); }
// does the password he provided match the one we have // does the password he provided match the one we have
if (!(await verifyUserPassword(user, password))) {return makeResponse('failed', 'login.failed.invalid');} if (!(await verifyUserPassword(user, password))) { return res.makeResponse(403, 'failed', 'login.failed.invalid'); }
// does the user has 2FA up ? // does the user has 2FA up ?
if (!isNullish(user.otp)) { if (!isNullish(user.otp)) {
// yes -> we ask them to fill it, // yes -> we ask them to fill it,
// send them somehting to verify that they indeed passed throught the user+password phase // send them somehting to verify that they indeed passed throught the user+password phase
return makeResponse('otpRequired', 'login.otpRequired', { token: this.signJwt('otp', user.id) }); return res.makeResponse(200, 'otpRequired', 'login.otpRequired', { token: this.signJwt('otp', user.id) });
} }
// every check has been passed, they are now logged in, using this token to say who they are... // every check has been passed, they are now logged in, using this token to say who they are...
return makeResponse('success', 'login.success', { token: this.signJwt('auth', user.id) }); return res.makeResponse(200, 'success', 'login.success', { token: this.signJwt('auth', user.id) });
} }
catch { catch {
return makeResponse('failed', 'login.failed.generic'); return res.makeResponse(500, 'failed', 'login.failed.generic');
} }
}, },
); );

2
src/auth/src/routes/logout.ts
View file

@ -1,9 +1,11 @@
import { typeResponse } from '@shared/utils';
import { FastifyPluginAsync } from 'fastify'; import { FastifyPluginAsync } from 'fastify';
const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => { const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.post( fastify.post(
'/api/auth/logout', '/api/auth/logout',
{ schema: { response: { '200': typeResponse('success', 'logout.success') }, operationId: 'logout' } },
async function(_req, res) { async function(_req, res) {
void _req; void _req;
return res.clearCookie('token').send('{}'); return res.clearCookie('token').send('{}');

3
src/auth/src/routes/oauth2/callback.ts
View file

@ -1,6 +1,6 @@
import { FastifyPluginAsync } from 'fastify'; import { FastifyPluginAsync } from 'fastify';
import { Static, Type } from '@sinclair/typebox'; import { Static, Type } from 'typebox';
import { typeResponse, isNullish } from '@shared/utils'; import { typeResponse, isNullish } from '@shared/utils';
import * as oauth2 from '../../oauth2'; import * as oauth2 from '../../oauth2';
@ -16,6 +16,7 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.get<{ Params: { provider?: string } }>( fastify.get<{ Params: { provider?: string } }>(
'/api/auth/oauth2/:provider/callback', '/api/auth/oauth2/:provider/callback',
{ schema: { hide: true } },
async function(req, res) { async function(req, res) {
const qs = (req.query as { [k: string]: string }); const qs = (req.query as { [k: string]: string });
if (isNullish(req.params.provider) || !(req.params.provider in this.oauth2)) { return `provider '${req.params.provider ?? 'none'}' doesn't exist`; } if (isNullish(req.params.provider) || !(req.params.provider in this.oauth2)) { return `provider '${req.params.provider ?? 'none'}' doesn't exist`; }

1
src/auth/src/routes/oauth2/login.ts
View file

@ -7,6 +7,7 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.get<{ Params: { provider?: string } }>( fastify.get<{ Params: { provider?: string } }>(
'/api/auth/oauth2/:provider/login', '/api/auth/oauth2/:provider/login',
{ schema: { hide: true } },
async function(req, res) { async function(req, res) {
if (isNullish(req.params.provider) || !(req.params.provider in this.oauth2)) { return `provider '${req.params.provider ?? 'none'}' doesn't exist`; } if (isNullish(req.params.provider) || !(req.params.provider in this.oauth2)) { return `provider '${req.params.provider ?? 'none'}' doesn't exist`; }
const provider = this.oauth2[req.params.provider]; const provider = this.oauth2[req.params.provider];

46
src/auth/src/routes/otp.ts
View file

@ -1,8 +1,20 @@
// ************************************************************************** //
// //
// ::: :::::::: //
// otp.ts :+: :+: :+: //
// +:+ +:+ +:+ //
// By: maiboyer <maiboyer@student.42.fr> +#+ +:+ +#+ //
// +#+#+#+#+#+ +#+ //
// Created: 2025/11/07 16:25:58 by maiboyer #+# #+# //
// Updated: 2025/11/09 00:44:33 by maiboyer ### ########.fr //
// //
// ************************************************************************** //
import { FastifyPluginAsync } from 'fastify'; import { FastifyPluginAsync } from 'fastify';
import { Static, Type } from '@sinclair/typebox'; import { Static, Type } from 'typebox';
import { JwtType, Otp } from '@shared/auth'; import { JwtType, Otp } from '@shared/auth';
import { typeResponse, makeResponse, isNullish } from '@shared/utils'; import { typeResponse, MakeStaticResponse, isNullish } from '@shared/utils';
const OtpReq = Type.Object({ const OtpReq = Type.Object({
token: Type.String({ description: 'The token given at the login phase' }), token: Type.String({ description: 'The token given at the login phase' }),
@ -11,12 +23,15 @@ const OtpReq = Type.Object({
type OtpReq = Static<typeof OtpReq>; type OtpReq = Static<typeof OtpReq>;
const OtpRes = Type.Union([ const OtpRes = {
typeResponse('failed', ['otp.failed.generic', 'otp.failed.invalid', 'otp.failed.timeout', 'otp.failed.noSecret']), '500': typeResponse('failed', 'otp.failed.generic'),
typeResponse('success', 'otp.success', { token: Type.String({ description: 'the JWT Token' }) }), '400': typeResponse('failed', 'otp.failed.invalid'),
]); '401': typeResponse('failed', 'otp.failed.noSecret'),
'408': typeResponse('failed', 'otp.failed.timeout'),
'200': typeResponse('success', 'otp.success', { token: Type.String({ description: 'the JWT Token' }) }),
};
type OtpRes = Static<typeof OtpRes>; type OtpRes = MakeStaticResponse<typeof OtpRes>;
const OTP_TOKEN_TIMEOUT_SEC = 120; const OTP_TOKEN_TIMEOUT_SEC = 120;
@ -24,9 +39,8 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.post<{ Body: OtpReq }>( fastify.post<{ Body: OtpReq }>(
'/api/auth/otp', '/api/auth/otp',
{ schema: { body: OtpReq, response: { '2xx': OtpRes } } }, { schema: { body: OtpReq, response: OtpRes, operationId: 'loginOtp' } },
async function(req, _res) { async function(req, res) {
void _res;
try { try {
const { token, code } = req.body; const { token, code } = req.body;
// lets try to decode+verify the jwt // lets try to decode+verify the jwt
@ -35,12 +49,12 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
// is the jwt a valid `otp` jwt ? // is the jwt a valid `otp` jwt ?
if (dJwt.kind != 'otp') { if (dJwt.kind != 'otp') {
// no ? fuck off then // no ? fuck off then
return makeResponse('failed', 'otp.failed.invalid'); return res.makeResponse(400, 'failed', 'otp.failed.invalid');
} }
// is it too old ? // is it too old ?
if (dJwt.createdAt + OTP_TOKEN_TIMEOUT_SEC * 1000 < Date.now()) { if (dJwt.createdAt + OTP_TOKEN_TIMEOUT_SEC * 1000 < Date.now()) {
// yes ? fuck off then, redo the password // yes ? fuck off then, redo the password
return makeResponse('failed', 'otp.failed.timeout'); return res.makeResponse(408, 'failed', 'otp.failed.timeout');
} }
// get the Otp sercret from the db // get the Otp sercret from the db
@ -48,7 +62,7 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
if (isNullish(user?.otp)) { if (isNullish(user?.otp)) {
// oops, either no user, or user without otpSecret // oops, either no user, or user without otpSecret
// fuck off // fuck off
return makeResponse('failed', 'otp.failed.noSecret'); return res.makeResponse(401, 'failed', 'otp.failed.noSecret');
} }
// good lets now verify the token you gave us is the correct one... // good lets now verify the token you gave us is the correct one...
@ -66,13 +80,13 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
if (tokens.some((c) => c === code)) { if (tokens.some((c) => c === code)) {
// they do ! // they do !
// gg you are now logged in ! // gg you are now logged in !
return makeResponse('success', 'otp.success', { token: this.signJwt('auth', dJwt.who) }); return res.makeResponse(200, 'success', 'otp.success', { token: this.signJwt('auth', dJwt.who) });
} }
} }
catch { catch {
return makeResponse('failed', 'otp.failed.generic'); return res.makeResponse(500, 'failed', 'otp.failed.generic');
} }
return makeResponse('failed', 'otp.failed.generic'); return res.makeResponse(500, 'failed', 'otp.failed.generic');
}, },
); );
}; };

38
src/auth/src/routes/signin.ts
View file

@ -1,7 +1,7 @@
import { FastifyPluginAsync } from 'fastify'; import { FastifyPluginAsync } from 'fastify';
import { Static, Type } from '@sinclair/typebox'; import { Static, Type } from 'typebox';
import { typeResponse, makeResponse, isNullish } from '@shared/utils'; import { typeResponse, isNullish, MakeStaticResponse } from '@shared/utils';
const USERNAME_CHECK: RegExp = /^[a-zA-Z_0-9]+$/; const USERNAME_CHECK: RegExp = /^[a-zA-Z_0-9]+$/;
@ -12,9 +12,10 @@ const SignInReq = Type.Object({
type SignInReq = Static<typeof SignInReq>; type SignInReq = Static<typeof SignInReq>;
const SignInRes = Type.Union([ const SignInRes = {
typeResponse('failed', [ '500': typeResponse('failed',
'signin.failed.generic', 'signin.failed.generic'),
'400': typeResponse('failed', [
'signin.failed.username.existing', 'signin.failed.username.existing',
'signin.failed.username.toolong', 'signin.failed.username.toolong',
'signin.failed.username.tooshort', 'signin.failed.username.tooshort',
@ -23,36 +24,35 @@ const SignInRes = Type.Union([
'signin.failed.password.tooshort', 'signin.failed.password.tooshort',
'signin.failed.password.invalid', 'signin.failed.password.invalid',
]), ]),
typeResponse('success', 'signin.success', { token: Type.String({ description: 'the JWT token' }) }), '200': typeResponse('success', 'signin.success', { token: Type.String({ description: 'the JWT token' }) }),
]); };
type SignInRes = Static<typeof SignInRes>; type SignInRes = MakeStaticResponse<typeof SignInRes>;
const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => { const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.post<{ Body: SignInReq }>( fastify.post<{ Body: SignInReq }>(
'/api/auth/signin', '/api/auth/signin',
{ schema: { body: SignInReq, response: { '200': SignInRes, '5xx': Type.Object({}) } } }, { schema: { body: SignInReq, response: SignInRes, operationId: 'signin' } },
async function(req, _res) { async function(req, res) {
void _res;
const { name, password } = req.body; const { name, password } = req.body;
if (name.length < 4) {return makeResponse('failed', 'signin.failed.username.tooshort');} if (name.length < 4) { return res.makeResponse(400, 'failed', 'signin.failed.username.tooshort'); }
if (name.length > 32) {return makeResponse('failed', 'signin.failed.username.toolong');} if (name.length > 32) { return res.makeResponse(400, 'failed', 'signin.failed.username.toolong'); }
if (!USERNAME_CHECK.test(name)) {return makeResponse('failed', 'signin.failed.username.invalid');} if (!USERNAME_CHECK.test(name)) { return res.makeResponse(400, 'failed', 'signin.failed.username.invalid'); }
// username if good now :) // username if good now :)
if (password.length < 8) {return makeResponse('failed', 'signin.failed.password.tooshort');} if (password.length < 8) { return res.makeResponse(400, 'failed', 'signin.failed.password.tooshort'); }
if (password.length > 64) {return makeResponse('failed', 'signin.failed.password.toolong');} if (password.length > 64) { return res.makeResponse(400, 'failed', 'signin.failed.password.toolong'); }
// password is good too ! // password is good too !
if (this.db.getUserFromLoginName(name) !== undefined) {return makeResponse('failed', 'signin.failed.username.existing');} if (this.db.getUserFromLoginName(name) !== undefined) { return res.makeResponse(400, 'failed', 'signin.failed.username.existing'); }
const u = await this.db.createUser(name, name, password, false); const u = await this.db.createUser(name, name, password, false);
if (isNullish(u)) {return makeResponse('failed', 'signin.failed.generic');} if (isNullish(u)) { return res.makeResponse(500, 'failed', 'signin.failed.generic'); }
// every check has been passed, they are now logged in, using this token to say who they are... // every check has been passed, they are now logged in, using this token to say who they are...
const userToken = this.signJwt('auth', u.id); const userToken = this.signJwt('auth', u.id);
return makeResponse('success', 'signin.success', { token: userToken }); return res.makeResponse(200, 'success', 'signin.success', { token: userToken });
}, },
); );
}; };

29
src/auth/src/routes/statusOtp.ts
View file

@ -1,30 +1,31 @@
import { FastifyPluginAsync } from 'fastify'; import { FastifyPluginAsync } from 'fastify';
import { Static, Type } from '@sinclair/typebox'; import { Type } from 'typebox';
import { isNullish, makeResponse, typeResponse } from '@shared/utils'; import { isNullish, MakeStaticResponse, typeResponse } from '@shared/utils';
import { Otp } from '@shared/auth'; import { Otp } from '@shared/auth';
export const StatusOtpRes = Type.Union([ export const StatusOtpRes = {
typeResponse('success', 'statusOtp.success.enabled', { url: Type.String({ description: 'The otp url to feed into a 2fa app' }) }), 200: Type.Union([
typeResponse('success', 'statusOtp.success.disabled'), typeResponse('success', 'statusOtp.success.enabled', { url: Type.String({ description: 'The otp url to feed into a 2fa app' }) }),
typeResponse('failure', 'statusOtp.failure.generic'), typeResponse('success', 'statusOtp.success.disabled'),
]); ]),
500: typeResponse('failure', 'statusOtp.failure.generic'),
};
export type StatusOtpRes = Static<typeof StatusOtpRes>; export type StatusOtpRes = MakeStaticResponse<typeof StatusOtpRes>;
const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => { const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.get( fastify.get(
'/api/auth/statusOtp', '/api/auth/statusOtp',
{ schema: { response: { '2xx': StatusOtpRes } }, config: { requireAuth: true } }, { schema: { response: StatusOtpRes, operationId: 'statusOtp' }, config: { requireAuth: true } },
async function(req, _res) { async function(req, res) {
void _res; if (isNullish(req.authUser)) { return res.makeResponse(500, 'failure', 'statusOtp.failure.generic'); }
if (isNullish(req.authUser)) {return makeResponse('failure', 'statusOtp.failure.generic');}
const otpSecret = this.db.getUserOtpSecret(req.authUser.id); const otpSecret = this.db.getUserOtpSecret(req.authUser.id);
if (isNullish(otpSecret)) {return makeResponse('success', 'statusOtp.success.disabled');} if (isNullish(otpSecret)) { return res.makeResponse(200, 'success', 'statusOtp.success.disabled'); }
const otp = new Otp({ secret: otpSecret }); const otp = new Otp({ secret: otpSecret });
return makeResponse('success', 'statusOtp.success.enabled', { url: otp.totpURL }); return res.makeResponse(200, 'success', 'statusOtp.success.enabled', { url: otp.totpURL });
}, },
); );
}; };

5
src/auth/vite.config.js
View file

@ -26,6 +26,9 @@ const externals = collectDeps(
export default defineConfig({ export default defineConfig({
root: __dirname, root: __dirname,
define: {
__SERVICE_NAME: '"auth"',
},
// service root // service root
plugins: [tsconfigPaths(), nodeExternals()], plugins: [tsconfigPaths(), nodeExternals()],
build: { build: {
@ -33,7 +36,7 @@ export default defineConfig({
outDir: 'dist', outDir: 'dist',
emptyOutDir: true, emptyOutDir: true,
lib: { lib: {
entry: path.resolve(__dirname, 'src/run.ts'), entry: path.resolve(__dirname, process.env.VITE_ENTRYPOINT ?? 'src/run.ts'),
// adjust main entry // adjust main entry
formats: ['cjs'], formats: ['cjs'],
// CommonJS for Node.js // CommonJS for Node.js

10
src/icons/package.json
View file

@ -23,15 +23,15 @@
"@fastify/sensible": "^6.0.3", "@fastify/sensible": "^6.0.3",
"@fastify/static": "^8.3.0", "@fastify/static": "^8.3.0",
"fastify": "^5.6.1", "fastify": "^5.6.1",
"fastify-cli": "^7.4.0", "fastify-cli": "^7.4.1",
"fastify-plugin": "^5.1.0", "fastify-plugin": "^5.1.0",
"raw-body": "^3.0.1", "raw-body": "^3.0.1",
"sharp": "^0.34.4" "sharp": "^0.34.5"
}, },
"devDependencies": { "devDependencies": {
"@types/node": "^22.18.13", "@types/node": "^22.19.0",
"rollup-plugin-node-externals": "^8.1.1", "rollup-plugin-node-externals": "^8.1.2",
"vite": "^7.1.12", "vite": "^7.2.2",
"vite-tsconfig-paths": "^5.1.4" "vite-tsconfig-paths": "^5.1.4"
} }
} }

1038
src/openapi.json Normal file
View file

File diff suppressed because it is too large Load diff

14
src/package.json
View file

@ -24,16 +24,20 @@
"dev:prepare": "husky" "dev:prepare": "husky"
}, },
"devDependencies": { "devDependencies": {
"@eslint/js": "^9.38.0", "@eslint/js": "^9.39.1",
"@typescript-eslint/eslint-plugin": "^8.46.2", "@openapitools/openapi-generator-cli": "^2.25.0",
"@typescript-eslint/parser": "^8.46.2", "@typescript-eslint/eslint-plugin": "^8.46.3",
"eslint": "^9.38.0", "@typescript-eslint/parser": "^8.46.3",
"eslint": "^9.39.1",
"husky": "^9.1.7", "husky": "^9.1.7",
"lint-staged": "^16.2.6", "lint-staged": "^16.2.6",
"openapi-typescript": "^7.10.1",
"rimraf": "^5.0.10", "rimraf": "^5.0.10",
"typescript-eslint": "^8.46.2" "typescript": "^5.9.3",
"typescript-eslint": "^8.46.3"
}, },
"dependencies": { "dependencies": {
"@redocly/cli": "^2.11.0",
"bindings": "^1.5.0" "bindings": "^1.5.0"
} }
} }

3438
src/pnpm-lock.yaml generated
View file

File diff suppressed because it is too large Load diff

43
src/redocly.yaml Normal file
View file

@ -0,0 +1,43 @@
apis:
auth:
root: ./auth/openapi.json
user:
root: ./user/openapi.json
rules:
info-license: warn
info-license-strict: warn
no-ambiguous-paths: warn
no-duplicated-tag-names: warn
no-empty-servers: error
no-enum-type-mismatch: error
no-example-value-and-externalValue: error
no-identical-paths: error
no-invalid-media-type-examples: warn
no-invalid-parameter-examples: warn
no-invalid-schema-examples: warn
no-path-trailing-slash: error
no-required-schema-properties-undefined: warn
no-schema-type-mismatch: error
no-server-example.com: warn
no-server-trailing-slash: error
no-server-variables-empty-enum: error
no-unresolved-refs: error
no-unused-components: warn
no-undefined-server-variable: error
operation-2xx-response: warn
operation-4xx-response: warn
operation-operationId: warn
operation-operationId-unique: error
operation-operationId-url-safe: error
operation-parameters-unique: error
operation-summary: error
path-declaration-must-exist: error
path-not-include-query: error
path-parameters-defined: error
path-params-defined: error
security-defined: error
spec-components-invalid-map-name: error
struct: error
tag-description: warn

178
src/user/openapi.json Normal file
View file

@ -0,0 +1,178 @@
{
"openapi": "3.1.0",
"info": {
"version": "9.6.0",
"title": "@fastify/swagger"
},
"components": {
"schemas": {}
},
"paths": {
"/api/user/info/{user}": {
"get": {
"operationId": "getUser",
"parameters": [
{
"schema": {
"anyOf": [
{
"enum": [
"me"
],
"description": "the current logged in user"
},
{
"type": "string",
"format": "uuid",
"description": "A user uuid"
}
]
},
"in": "path",
"name": "user",
"required": true
}
],
"responses": {
"200": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg",
"payload"
],
"properties": {
"kind": {
"enum": [
"success"
]
},
"msg": {
"enum": [
"userinfo.success"
]
},
"payload": {
"type": "object",
"required": [
"name",
"id",
"guest"
],
"properties": {
"name": {
"type": "string"
},
"id": {
"type": "string"
},
"guest": {
"type": "boolean"
}
}
}
}
}
}
}
},
"401": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"notLoggedIn"
]
},
"msg": {
"enum": [
"auth.noCookie",
"auth.invalidKind",
"auth.noUser",
"auth.invalid"
]
}
}
}
}
}
},
"403": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failure"
]
},
"msg": {
"enum": [
"userinfo.failure.notLoggedIn"
]
}
}
}
}
}
},
"404": {
"description": "Default Response",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"kind",
"msg"
],
"properties": {
"kind": {
"enum": [
"failure"
]
},
"msg": {
"enum": [
"userinfo.failure.unknownUser"
]
}
}
}
}
}
}
}
}
}
},
"servers": [
{
"url": "https://local.maix.me:8888",
"description": "direct from docker"
},
{
"url": "https://local.maix.me:8000",
"description": "using fnginx"
}
]
}

13
src/user/package.json
View file

@ -11,7 +11,8 @@
"scripts": { "scripts": {
"start": "npm run build && node dist/run.js", "start": "npm run build && node dist/run.js",
"build": "vite build", "build": "vite build",
"build:prod": "vite build --outDir=/dist --minify=true --sourcemap=false" "build:prod": "vite build --outDir=/dist --minify=true --sourcemap=false",
"build:openapi": "VITE_ENTRYPOINT=src/openapi.ts vite build && node dist/openapi.cjs >openapi.json"
}, },
"keywords": [], "keywords": [],
"author": "", "author": "",
@ -22,15 +23,15 @@
"@fastify/multipart": "^9.3.0", "@fastify/multipart": "^9.3.0",
"@fastify/sensible": "^6.0.3", "@fastify/sensible": "^6.0.3",
"@fastify/static": "^8.3.0", "@fastify/static": "^8.3.0",
"@sinclair/typebox": "^0.34.41", "typebox": "^1.0.51",
"fastify": "^5.6.1", "fastify": "^5.6.1",
"fastify-cli": "^7.4.0", "fastify-cli": "^7.4.1",
"fastify-plugin": "^5.1.0" "fastify-plugin": "^5.1.0"
}, },
"devDependencies": { "devDependencies": {
"@types/node": "^22.18.13", "@types/node": "^22.19.0",
"rollup-plugin-node-externals": "^8.1.1", "rollup-plugin-node-externals": "^8.1.2",
"vite": "^7.1.12", "vite": "^7.2.2",
"vite-tsconfig-paths": "^5.1.4" "vite-tsconfig-paths": "^5.1.4"
} }
} }

13
src/user/src/app.ts
View file

@ -3,21 +3,20 @@ import fastifyFormBody from '@fastify/formbody';
import fastifyMultipart from '@fastify/multipart'; import fastifyMultipart from '@fastify/multipart';
import * as db from '@shared/database'; import * as db from '@shared/database';
import * as auth from '@shared/auth'; import * as auth from '@shared/auth';
import * as swagger from '@shared/swagger';
import * as utils from '@shared/utils';
declare const __SERVICE_NAME: string;
// @ts-expect-error: import.meta.glob is a vite thing. Typescript doesn't know this... // @ts-expect-error: import.meta.glob is a vite thing. Typescript doesn't know this...
const plugins = import.meta.glob('./plugins/**/*.ts', { eager: true }); const plugins = import.meta.glob('./plugins/**/*.ts', { eager: true });
// @ts-expect-error: import.meta.glob is a vite thing. Typescript doesn't know this... // @ts-expect-error: import.meta.glob is a vite thing. Typescript doesn't know this...
const routes = import.meta.glob('./routes/**/*.ts', { eager: true }); const routes = import.meta.glob('./routes/**/*.ts', { eager: true });
// When using .decorate you have to specify added properties for Typescript
declare module 'fastify' {
export interface FastifyInstance {
image_store: string;
}
}
const app: FastifyPluginAsync = async (fastify, opts): Promise<void> => { const app: FastifyPluginAsync = async (fastify, opts): Promise<void> => {
void opts; void opts;
await fastify.register(utils.useMakeResponse);
await fastify.register(swagger.useSwagger, { service: __SERVICE_NAME });
await fastify.register(db.useDatabase as FastifyPluginAsync, {}); await fastify.register(db.useDatabase as FastifyPluginAsync, {});
await fastify.register(auth.jwtPlugin as FastifyPluginAsync, {}); await fastify.register(auth.jwtPlugin as FastifyPluginAsync, {});
await fastify.register(auth.authPlugin as FastifyPluginAsync, {}); await fastify.register(auth.authPlugin as FastifyPluginAsync, {});

21
src/user/src/openapi.ts Normal file
View file

@ -0,0 +1,21 @@
import f, { FastifyPluginAsync } from 'fastify';
import * as swagger from '@shared/swagger';
import * as auth from '@shared/auth';
declare const __SERVICE_NAME: string;
// @ts-expect-error: import.meta.glob is a vite thing. Typescript doesn't know this...
const routes = import.meta.glob('./routes/**/*.ts', { eager: true });
async function start() {
const fastify = f({ logger: false });
await fastify.register(auth.authPlugin, { onlySchema: true });
await fastify.register(swagger.useSwagger, { service: __SERVICE_NAME });
for (const route of Object.values(routes)) {
await fastify.register(route as FastifyPluginAsync, {});
}
await fastify.ready();
console.log(JSON.stringify(fastify.swagger(), undefined, 4));
}
start();

41
src/user/src/routes/info.ts
View file

@ -1,26 +1,37 @@
import { FastifyPluginAsync } from 'fastify'; import { FastifyPluginAsync } from 'fastify';
import { Static, Type } from '@sinclair/typebox'; import { Static, Type } from 'typebox';
import { isNullish, makeResponse, typeResponse } from '@shared/utils'; import { isNullish, MakeStaticResponse, typeResponse } from '@shared/utils';
export const UserInfoRes = Type.Union([ export const UserInfoRes = {
typeResponse('success', 'userinfo.success', { name: Type.String(), id: Type.String(), guest: Type.Boolean() }), '200': typeResponse('success', 'userinfo.success', {
typeResponse('failure', ['userinfo.failure.generic', 'userinfo.failure.unknownUser', 'userinfo.failure.notLoggedIn']), name: Type.String(), id: Type.String(), guest: Type.Boolean(),
]); }),
'403': typeResponse('failure', 'userinfo.failure.notLoggedIn'),
'404': typeResponse('failure', 'userinfo.failure.unknownUser'),
};
export type UserInfoRes = Static<typeof UserInfoRes>; export type UserInfoRes = MakeStaticResponse<typeof UserInfoRes>;
export const UserInfoParams = Type.Object({
user: Type.Union([
Type.Enum(['me'], { description: 'the current logged in user' }),
Type.String({ format: 'uuid', description: 'A user uuid' }),
]),
});
export type UserInfoParams = Static<typeof UserInfoParams>;
const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => { const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
void _opts; void _opts;
fastify.get<{ Params: { user: string } }>( fastify.get<{ Params: UserInfoParams }>(
'/api/user/info/:user', '/api/user/info/:user',
{ schema: { response: { '2xx': UserInfoRes } }, config: { requireAuth: true } }, { schema: { params: UserInfoParams, response: UserInfoRes, operationId: 'getUser' }, config: { requireAuth: true } },
async function(req, _res) { async function(req, res) {
void _res; if (isNullish(req.authUser)) { return res.makeResponse(403, 'failure', 'userinfo.failure.notLoggedIn'); }
if (isNullish(req.authUser)) { return makeResponse('failure', 'userinfo.failure.notLoggedIn'); }
if (isNullish(req.params.user) || req.params.user.length === 0) { if (isNullish(req.params.user) || req.params.user.length === 0) {
return makeResponse('failure', 'userinfo.failure.unknownUser'); return res.makeResponse(404, 'failure', 'userinfo.failure.unknownUser');
} }
// if the param is the special value `me`, then just get the id from the currently auth'ed user // if the param is the special value `me`, then just get the id from the currently auth'ed user
@ -30,7 +41,7 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
const user = this.db.getUser(req.params.user); const user = this.db.getUser(req.params.user);
if (isNullish(user)) { if (isNullish(user)) {
return makeResponse('failure', 'userinfo.failure.unknownUser'); return res.makeResponse(404, 'failure', 'userinfo.failure.unknownUser');
} }
@ -48,7 +59,7 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise<void> => {
guest: !!user.guest, guest: !!user.guest,
}; };
return makeResponse('success', 'userinfo.success', payload); return res.makeResponse(200, 'success', 'userinfo.success', payload);
}, },
); );
}; };

5
src/user/vite.config.js
View file

@ -26,6 +26,9 @@ const externals = collectDeps(
export default defineConfig({ export default defineConfig({
root: __dirname, root: __dirname,
define: {
__SERVICE_NAME: '"user"',
},
// service root // service root
plugins: [tsconfigPaths(), nodeExternals()], plugins: [tsconfigPaths(), nodeExternals()],
build: { build: {
@ -33,7 +36,7 @@ export default defineConfig({
outDir: 'dist', outDir: 'dist',
emptyOutDir: true, emptyOutDir: true,
lib: { lib: {
entry: path.resolve(__dirname, 'src/run.ts'), entry: path.resolve(__dirname, process.env.VITE_ENTRYPOINT ?? 'src/run.ts'),
// adjust main entry // adjust main entry
formats: ['cjs'], formats: ['cjs'],
// CommonJS for Node.js // CommonJS for Node.js