Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy synced 2025-06-26 18:27:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor: update

Browse Source
This commit is contained in:
Mauricio Siu
2025-02-16 13:28:29 -06:00
parent 27736c7c97
commit a8d1471b16
14 changed files with 133 additions and 294 deletions
Download Patch File Download Diff File Expand all files Collapse all files

137
apps/dokploy/server/api/routers/auth.ts
View File

@@ -20,8 +20,6 @@ import {
findUserById,
generate2FASecret,
getUserByToken,
lucia,
luciaToken,
removeAdminByAuthId,
sendDiscordNotification,
sendEmailNotification,
@@ -68,11 +66,11 @@ export const authRouter = createTRPCRouter({
type: "cloud",
};
}
const session = await lucia.createSession(newAdmin.id || "", {});
ctx.res.appendHeader(
"Set-Cookie",
lucia.createSessionCookie(session.id).serialize(),
);
// const session = await lucia.createSession(newAdmin.id || "", {});
// ctx.res.appendHeader(
// "Set-Cookie",
// lucia.createSessionCookie(session.id).serialize(),
// );
return {
status: "success",
type: "selfhosted",
@@ -91,24 +89,24 @@ export const authRouter = createTRPCRouter({
.mutation(async ({ ctx, input }) => {
try {
const token = await getUserByToken(input.token);
if (token.isExpired) {
throw new TRPCError({
code: "BAD_REQUEST",
message: "Invalid token",
});
}
// if (token.isExpired) {
// throw new TRPCError({
// code: "BAD_REQUEST",
// message: "Invalid token",
// });
// }
const newUser = await createUser(input);
// const newUser = await createUser(input);
if (IS_CLOUD) {
await sendVerificationEmail(token.authId);
return true;
}
const session = await lucia.createSession(newUser?.authId || "", {});
ctx.res.appendHeader(
"Set-Cookie",
lucia.createSessionCookie(session.id).serialize(),
);
// if (IS_CLOUD) {
// await sendVerificationEmail(token.authId);
// return true;
// }
// const session = await lucia.createSession(newUser?.authId || "", {});
// ctx.res.appendHeader(
// "Set-Cookie",
// lucia.createSessionCookie(session.id).serialize(),
// );
return true;
} catch (error) {
throw new TRPCError({
@@ -151,12 +149,12 @@ export const authRouter = createTRPCRouter({
};
}
const session = await lucia.createSession(auth?.id || "", {});
// const session = await lucia.createSession(auth?.id || "", {});
ctx.res.appendHeader(
"Set-Cookie",
lucia.createSessionCookie(session.id).serialize(),
);
// ctx.res.appendHeader(
// "Set-Cookie",
// lucia.createSessionCookie(session.id).serialize(),
// );
return {
is2FAEnabled: false,
authId: auth?.id,
@@ -186,11 +184,11 @@ export const authRouter = createTRPCRouter({
logout: protectedProcedure.mutation(async ({ ctx }) => {
const { req, res } = ctx;
const { session } = await validateRequest(req, res);
const { session } = await validateRequest(req);
if (!session) return false;
await lucia.invalidateSession(session.id);
res.setHeader("Set-Cookie", lucia.createBlankSessionCookie().serialize());
// await lucia.invalidateSession(session.id);
// res.setHeader("Set-Cookie", lucia.createBlankSessionCookie().serialize());
return true;
}),
@@ -211,13 +209,13 @@ export const authRouter = createTRPCRouter({
});
}
}
const auth = await updateAuthById(ctx.user.authId, {
...(input.email && { email: input.email.toLowerCase() }),
...(input.password && {
password: bcrypt.hashSync(input.password, 10),
}),
...(input.image && { image: input.image }),
});
// const auth = await updateAuthById(ctx.user.authId, {
// ...(input.email && { email: input.email.toLowerCase() }),
// ...(input.password && {
// password: bcrypt.hashSync(input.password, 10),
// }),
// ...(input.image && { image: input.image }),
// });
return auth;
}),
@@ -248,17 +246,17 @@ export const authRouter = createTRPCRouter({
});
}
const { req, res } = ctx;
const { session } = await validateRequest(req, res);
const { session } = await validateRequest(req);
if (!session) return false;
await lucia.invalidateSession(session.id);
res.setHeader("Set-Cookie", lucia.createBlankSessionCookie().serialize());
// await lucia.invalidateSession(session.id);
// res.setHeader("Set-Cookie", lucia.createBlankSessionCookie().serialize());
if (ctx.user.rol === "owner") {
await removeAdminByAuthId(ctx.user.authId);
} else {
await removeUserByAuthId(ctx.user.authId);
}
// if (ctx.user.rol === "owner") {
// await removeAdminByAuthId(ctx.user.authId);
// } else {
// await removeUserByAuthId(ctx.user.authId);
// }
return true;
}),
@@ -267,9 +265,9 @@ export const authRouter = createTRPCRouter({
const auth = await findUserById(ctx.user.id);
console.log(auth);
if (auth.token) {
await luciaToken.invalidateSession(auth.token);
}
// if (auth.token) {
// await luciaToken.invalidateSession(auth.token);
// }
// const session = await luciaToken.createSession(auth?.id || "", {
// expiresIn: 60 * 60 * 24 * 30,
// });
@@ -292,39 +290,38 @@ export const authRouter = createTRPCRouter({
verify2FASetup: protectedProcedure
.input(apiVerify2FA)
.mutation(async ({ ctx, input }) => {
const auth = await findAuthById(ctx.user.authId);
await verify2FA(auth, input.secret, input.pin);
await updateAuthById(auth.id, {
is2FAEnabled: true,
secret: input.secret,
});
return auth;
// const auth = await findAuthById(ctx.user.authId);
// await verify2FA(auth, input.secret, input.pin);
// await updateAuthById(auth.id, {
// is2FAEnabled: true,
// secret: input.secret,
// });
// return auth;
}),
verifyLogin2FA: publicProcedure
.input(apiVerifyLogin2FA)
.mutation(async ({ ctx, input }) => {
const auth = await findAuthById(input.id);
// const auth = await findAuthById(input.id);
await verify2FA(auth, auth.secret || "", input.pin);
// await verify2FA(auth, auth.secret || "", input.pin);
const session = await lucia.createSession(auth.id, {});
// const session = await lucia.createSession(auth.id, {});
ctx.res.appendHeader(
"Set-Cookie",
lucia.createSessionCookie(session.id).serialize(),
);
// ctx.res.appendHeader(
// "Set-Cookie",
// lucia.createSessionCookie(session.id).serialize(),
// );
return true;
}),
disable2FA: protectedProcedure.mutation(async ({ ctx }) => {
const auth = await findAuthById(ctx.user.authId);
await updateAuthById(auth.id, {
is2FAEnabled: false,
secret: null,
});
return auth;
// const auth = await findAuthById(ctx.user.authId);
// await updateAuthById(auth.id, {
// is2FAEnabled: false,
// secret: null,
// });
// return auth;
}),
sendResetPasswordEmail: publicProcedure
.input(

26
apps/dokploy/server/api/routers/user.ts
View File

@@ -1,5 +1,5 @@
import { apiFindOneUser, apiFindOneUserByAuth } from "@/server/db/schema";
import { findUserByAuthId, findUserById, findUsers } from "@dokploy/server";
import { findUserByAuthId, findUserById } from "@dokploy/server";
import { db } from "@dokploy/server/db";
import { member } from "@dokploy/server/db/schema";
import { TRPCError } from "@trpc/server";
@@ -31,16 +31,16 @@ export const userRouter = createTRPCRouter({
// }
return user;
}),
byUserId: protectedProcedure
.input(apiFindOneUser)
.query(async ({ input, ctx }) => {
const user = await findUserById(input.userId);
if (user.adminId !== ctx.user.adminId) {
throw new TRPCError({
code: "UNAUTHORIZED",
message: "You are not allowed to access this user",
});
}
return user;
}),
// byUserId: protectedProcedure
// .input(apiFindOneUser)
// .query(async ({ input, ctx }) => {
// const user = await findUserById(input.userId);
// if (user.adminId !== ctx.user.adminId) {
// throw new TRPCError({
// code: "UNAUTHORIZED",
// message: "You are not allowed to access this user",
// });
// }
// return user;
// }),
});

4
apps/dokploy/server/api/trpc.ts
View File

@@ -75,8 +75,8 @@ export const createTRPCContext = async (opts: CreateNextContextOptions) => {
// user = cookieResult.user;
// }
console.log("session", session);
console.log("user", user);
// console.log("session", session);
// console.log("user", user);
return createInnerTRPCContext({
req,

41
packages/server/src/auth/auth.ts
View File

@@ -1,41 +0,0 @@
import { DrizzlePostgreSQLAdapter } from "@lucia-auth/adapter-drizzle";
import { TimeSpan } from "lucia";
import { Lucia } from "lucia/dist/core.js";
import type { Session, User } from "lucia/dist/core.js";
import { db } from "../db";
import { type DatabaseUser, auth, session } from "../db/schema";
export const adapter = new DrizzlePostgreSQLAdapter(db, session, auth);
export const lucia = new Lucia(adapter, {
sessionCookie: {
attributes: {
secure: false,
},
},
sessionExpiresIn: new TimeSpan(1, "d"),
getUserAttributes: (attributes) => {
return {
email: attributes.email,
rol: attributes.rol,
secret: attributes.secret !== null,
adminId: attributes.adminId,
};
},
});
declare module "lucia" {
interface Register {
Lucia: typeof lucia;
DatabaseUserAttributes: Omit<DatabaseUser, "id"> & {
authId: string;
adminId: string;
};
}
}
export type ReturnValidateToken = Promise<{
user: (User & { authId: string; adminId: string }) | null;
session: Session | null;
}>;

99
packages/server/src/auth/token.ts
View File

@@ -1,99 +0,0 @@
import type { IncomingMessage } from "node:http";
import { TimeSpan } from "lucia";
import { Lucia } from "lucia/dist/core.js";
import { findAdminByAuthId } from "../services/admin";
import { findUserByAuthId } from "../services/user";
import { type ReturnValidateToken, adapter } from "./auth";
export const luciaToken = new Lucia(adapter, {
sessionCookie: {
attributes: {
secure: false,
},
},
sessionExpiresIn: new TimeSpan(365, "d"),
getUserAttributes: (attributes) => {
return {
email: attributes.email,
rol: attributes.rol,
secret: attributes.secret !== null,
};
},
});
// export const validateBearerToken = async (
// req: IncomingMessage,
// ): ReturnValidateToken => {
// const authorizationHeader = req.headers.authorization;
// const sessionId = luciaToken.readBearerToken(authorizationHeader ?? "");
// if (!sessionId) {
// return {
// user: null,
// session: null,
// };
// }
// const result = await luciaToken.validateSession(sessionId);
// if (result.user) {
// if (result.user?.rol === "owner") {
// const admin = await findAdminByAuthId(result.user.id);
// result.user.adminId = admin.adminId;
// } else if (result.user?.rol === "member") {
// const userResult = await findUserByAuthId(result.user.id);
// result.user.adminId = userResult.adminId;
// }
// }
// return {
// session: result.session,
// ...((result.user && {
// user: {
// adminId: result.user.adminId,
// authId: result.user.id,
// email: result.user.email,
// rol: result.user.rol,
// id: result.user.id,
// secret: result.user.secret,
// },
// }) || {
// user: null,
// }),
// };
// };
// export const validateBearerTokenAPI = async (
// authorizationHeader: string,
// ): ReturnValidateToken => {
// const sessionId = luciaToken.readBearerToken(authorizationHeader ?? "");
// if (!sessionId) {
// return {
// user: null,
// session: null,
// };
// }
// const result = await luciaToken.validateSession(sessionId);
// if (result.user) {
// if (result.user?.rol === "owner") {
// const admin = await findAdminByAuthId(result.user.id);
// result.user.adminId = admin.adminId;
// } else if (result.user?.rol === "member") {
// const userResult = await findUserByAuthId(result.user.id);
// result.user.adminId = userResult.adminId;
// }
// }
// return {
// session: result.session,
// ...((result.user && {
// user: {
// adminId: result.user.adminId,
// authId: result.user.id,
// email: result.user.email,
// rol: result.user.rol,
// id: result.user.id,
// secret: result.user.secret,
// },
// }) || {
// user: null,
// }),
// };
// };

2
packages/server/src/index.ts
View File

@@ -1,5 +1,3 @@
export * from "./auth/auth";
export * from "./auth/token";
export * from "./auth/random-password";
// export * from "./db";
export * from "./services/admin";

47
packages/server/src/services/admin.ts
View File

@@ -143,27 +143,26 @@ export const findAdmin = async () => {
};
export const getUserByToken = async (token: string) => {
const user = await db.query.users.findFirst({
where: eq(users.token, token),
with: {
auth: {
columns: {
password: false,
},
},
},
});
if (!user) {
throw new TRPCError({
code: "NOT_FOUND",
message: "Invitation not found",
});
}
return {
...user,
isExpired: user.isRegistered,
};
// const user = await db.query.users.findFirst({
// where: eq(users.token, token),
// with: {
// auth: {
// columns: {
// password: false,
// },
// },
// },
// });
// if (!user) {
// throw new TRPCError({
// code: "NOT_FOUND",
// message: "Invitation not found",
// });
// }
// return {
// ...user,
// isExpired: user.isRegistered,
// };
};
export const removeUserById = async (userId: string) => {
@@ -181,9 +180,9 @@ export const removeAdminByAuthId = async (authId: string) => {
// First delete all associated users
const users = admin.users;
for (const user of users) {
await removeUserById(user.id);
}
// for (const user of users) {
// await removeUserById(user.id);
// }
// Then delete the auth record which will cascade delete the admin
return await db
.delete(auth)

14
packages/server/src/services/user.ts
View File

@@ -33,20 +33,6 @@ export const findUserByAuthId = async (authId: string) => {
// return userR;
};
export const findUsers = async (adminId: string) => {
const currentUsers = await db.query.user.findMany({
where: eq(user.adminId, adminId),
with: {
auth: {
columns: {
secret: false,
},
},
},
});
return currentUsers;
};
export const addNewProject = async (userId: string, projectId: string) => {
const userR = await findUserById(userId);

35
packages/server/src/utils/access-log/handler.ts
View File

@@ -1,5 +1,4 @@
import { IS_CLOUD, paths } from "@dokploy/server/constants";
import { updateAdmin } from "@dokploy/server/services/admin";
import { type RotatingFileStream, createStream } from "rotating-file-stream";
import { db } from "../../db";
import { execAsync } from "../process/execAsync";
@@ -23,27 +22,27 @@ class LogRotationManager {
}
private async initialize(): Promise<void> {
// const isActive = await this.getStateFromDB();
// if (isActive) {
// await this.activateStream();
// }
const isActive = await this.getStateFromDB();
if (isActive) {
await this.activateStream();
}
}
// private async getStateFromDB(): Promise<boolean> {
// const setting = await db.query.admins.findFirst({});
// return setting?.enableLogRotation ?? false;
// }
private async getStateFromDB(): Promise<boolean> {
const setting = await db.query.admins.findFirst({});
return setting?.enableLogRotation ?? false;
}
// private async setStateInDB(active: boolean): Promise<void> {
// const admin = await db.query.admins.findFirst({});
private async setStateInDB(active: boolean): Promise<void> {
const admin = await db.query.admins.findFirst({});
// if (!admin) {
// return;
// }
// await updateAdmin(admin?.authId, {
// enableLogRotation: active,
// });
// }
if (!admin) {
return;
}
// await updateAdmin(admin?.authId, {
// enableLogRotation: active,
// });
}
private async activateStream(): Promise<void> {
const { DYNAMIC_TRAEFIK_PATH } = paths();

4
packages/server/src/utils/backups/mariadb.ts
View File

@@ -49,7 +49,7 @@ export const runMariadbBackup = async (
projectName: project.name,
databaseType: "mariadb",
type: "success",
userId: project.userId,
organizationId: project.organizationId,
});
} catch (error) {
console.log(error);
@@ -60,7 +60,7 @@ export const runMariadbBackup = async (
type: "error",
// @ts-ignore
errorMessage: error?.message || "Error message not provided",
userId: project.userId,
organizationId: project.organizationId,
});
throw error;
}

4
packages/server/src/utils/backups/mongo.ts
View File

@@ -46,7 +46,7 @@ export const runMongoBackup = async (mongo: Mongo, backup: BackupSchedule) => {
projectName: project.name,
databaseType: "mongodb",
type: "success",
userId: project.userId,
organizationId: project.organizationId,
});
} catch (error) {
console.log(error);
@@ -57,7 +57,7 @@ export const runMongoBackup = async (mongo: Mongo, backup: BackupSchedule) => {
type: "error",
// @ts-ignore
errorMessage: error?.message || "Error message not provided",
userId: project.userId,
organizationId: project.organizationId,
});
throw error;
}

4
packages/server/src/utils/backups/mysql.ts
View File

@@ -46,7 +46,7 @@ export const runMySqlBackup = async (mysql: MySql, backup: BackupSchedule) => {
projectName: project.name,
databaseType: "mysql",
type: "success",
userId: project.userId,
organizationId: project.organizationId,
});
} catch (error) {
console.log(error);
@@ -57,7 +57,7 @@ export const runMySqlBackup = async (mysql: MySql, backup: BackupSchedule) => {
type: "error",
// @ts-ignore
errorMessage: error?.message || "Error message not provided",
userId: project.userId,
organizationId: project.organizationId,
});
throw error;
}

4
packages/server/src/utils/backups/postgres.ts
View File

@@ -49,7 +49,7 @@ export const runPostgresBackup = async (
projectName: project.name,
databaseType: "postgres",
type: "success",
userId: project.userId,
organizationId: project.organizationId,
});
} catch (error) {
await sendDatabaseBackupNotifications({
@@ -59,7 +59,7 @@ export const runPostgresBackup = async (
type: "error",
// @ts-ignore
errorMessage: error?.message || "Error message not provided",
userId: project.userId,
organizationId: project.organizationId,
});
throw error;

6
packages/server/src/utils/notifications/database-backup.ts
View File

@@ -19,13 +19,13 @@ export const sendDatabaseBackupNotifications = async ({
databaseType,
type,
errorMessage,
userId,
organizationId,
}: {
projectName: string;
applicationName: string;
databaseType: "postgres" | "mysql" | "mongodb" | "mariadb";
type: "error" | "success";
userId: string;
organizationId: string;
errorMessage?: string;
}) => {
const date = new Date();
@@ -33,7 +33,7 @@ export const sendDatabaseBackupNotifications = async ({
const notificationList = await db.query.notifications.findMany({
where: and(
eq(notifications.databaseBackup, true),
eq(notifications.userId, userId),
eq(notifications.organizationId, organizationId),
),
with: {
email: true,