cairo/lib/modules/auth/auth.controller.ts

import { Request, Response, Express } from "express";
import { VixpressController } from "@dunemask/vix";
import Cairo from "@lib/Cairo";
import type PostgresService from "@lib/database/PostgresService";
import { CAuthContract, AuthContract } from "@lib/contracts/auth.contracts";
import { ContractRouteContext } from "@dunemask/vix/express";
import { AuthErrors, ProjectErrors } from "@lib/vix/ClientErrors";
import { getUserToken, hashCompare } from "./auth.service";
import { CDatabaseContract } from "@lib/contracts/database.contracts";
import { ProjectContract } from "@lib/contracts/project.contracts";
import { UserRequest } from "@lib/types/ApiRequests";
import { ResourcePolicy } from "@dunemask/vix/util";

type LoginCRC = ContractRouteContext<{
  RequestBodyContract: typeof AuthContract.Login;
  RequestParamsContract: typeof ProjectContract.ProjectParams;
}>;

export default class AuthController extends VixpressController {
  declare pg: PostgresService;
  constructor(app: Express) {
    super(app);
    this.pg = this.app.get(Cairo.PostgresService);
  }

  verify = (_req: Request, res: Response) => res.sendStatus(200);

  async login(crc: LoginCRC): Promise<CAuthContract["LoginCredentials"]> {
    const { identity, password } = crc.reqBody;
    const { project } = crc.reqParams;
    const user = await this.pg.users.byIdentity(project, identity);
    if (!user?.rolePolicy?.policies) throw AuthErrors.UnauthorizedRequest;
    const authorized = await hashCompare(password, user.hash);
    if (!authorized) throw AuthErrors.UnauthorizedRequest;
    const projectKeyPairs = user.project.keyPairs;
    if (projectKeyPairs.length !== 1) throw ProjectErrors.BadRequestProjectIncomplete;
    const token = await getUserToken(user.id, user.project.keyPairs[0].encryptedPrivateKey);
    const policies = user.rolePolicy.policies;
    const usr: CDatabaseContract["User"] = { id: user.id, username: user.username, rolePolicyId: user.rolePolicyId };
    return { token, user: usr, policies };
  }

  async credentials(crc: ContractRouteContext): Promise<CAuthContract["Credentials"]> {
    const { user, policies } = crc.req as UserRequest;
    const usr: CDatabaseContract["User"] = { id: user.id, username: user.username, rolePolicyId: user.rolePolicyId };
    return { user: usr, policies: ResourcePolicy.asStrings(policies) };
  }
}
[INIT] Initial Project Structure 2024-08-24 12:41:04 -06:00			`import { Request, Response, Express } from "express";`
			`import { VixpressController } from "@dunemask/vix";`
			`import Cairo from "@lib/Cairo";`
			`import type PostgresService from "@lib/database/PostgresService";`
			`import { CAuthContract, AuthContract } from "@lib/contracts/auth.contracts";`
			`import { ContractRouteContext } from "@dunemask/vix/express";`
			`import { AuthErrors, ProjectErrors } from "@lib/vix/ClientErrors";`
			`import { getUserToken, hashCompare } from "./auth.service";`
			`import { CDatabaseContract } from "@lib/contracts/database.contracts";`
			`import { ProjectContract } from "@lib/contracts/project.contracts";`
			`import { UserRequest } from "@lib/types/ApiRequests";`
			`import { ResourcePolicy } from "@dunemask/vix/util";`

			`type LoginCRC = ContractRouteContext<{`
			`RequestBodyContract: typeof AuthContract.Login;`
			`RequestParamsContract: typeof ProjectContract.ProjectParams;`
			`}>;`

			`export default class AuthController extends VixpressController {`
			`declare pg: PostgresService;`
			`constructor(app: Express) {`
			`super(app);`
			`this.pg = this.app.get(Cairo.PostgresService);`
			`}`

			`verify = (_req: Request, res: Response) => res.sendStatus(200);`

			`async login(crc: LoginCRC): Promise<CAuthContract["LoginCredentials"]> {`
			`const { identity, password } = crc.reqBody;`
			`const { project } = crc.reqParams;`
			`const user = await this.pg.users.byIdentity(project, identity);`
			`if (!user?.rolePolicy?.policies) throw AuthErrors.UnauthorizedRequest;`
			`const authorized = await hashCompare(password, user.hash);`
			`if (!authorized) throw AuthErrors.UnauthorizedRequest;`
			`const projectKeyPairs = user.project.keyPairs;`
			`if (projectKeyPairs.length !== 1) throw ProjectErrors.BadRequestProjectIncomplete;`
			`const token = await getUserToken(user.id, user.project.keyPairs[0].encryptedPrivateKey);`
			`const policies = user.rolePolicy.policies;`
[CHORE] Implement RedirectURIs 2024-08-24 16:51:30 -06:00			`const usr: CDatabaseContract["User"] = { id: user.id, username: user.username, rolePolicyId: user.rolePolicyId };`
			`return { token, user: usr, policies };`
[INIT] Initial Project Structure 2024-08-24 12:41:04 -06:00			`}`

			`async credentials(crc: ContractRouteContext): Promise<CAuthContract["Credentials"]> {`
			`const { user, policies } = crc.req as UserRequest;`
[CHORE] Implement RedirectURIs 2024-08-24 16:51:30 -06:00			`const usr: CDatabaseContract["User"] = { id: user.id, username: user.username, rolePolicyId: user.rolePolicyId };`
			`return { user: usr, policies: ResourcePolicy.asStrings(policies) };`
[INIT] Initial Project Structure 2024-08-24 12:41:04 -06:00			`}`
			`}`