From a8d1471b16377be400c5e6406a2127307aed0bca Mon Sep 17 00:00:00 2001 From: Mauricio Siu <47042324+Siumauricio@users.noreply.github.com> Date: Sun, 16 Feb 2025 13:28:29 -0600 Subject: [PATCH] refactor: update --- apps/dokploy/server/api/routers/auth.ts | 137 +++++++++--------- apps/dokploy/server/api/routers/user.ts | 26 ++-- apps/dokploy/server/api/trpc.ts | 4 +- packages/server/src/auth/auth.ts | 41 ------ packages/server/src/auth/token.ts | 99 ------------- packages/server/src/index.ts | 2 - packages/server/src/services/admin.ts | 47 +++--- packages/server/src/services/user.ts | 14 -- .../server/src/utils/access-log/handler.ts | 35 +++-- packages/server/src/utils/backups/mariadb.ts | 4 +- packages/server/src/utils/backups/mongo.ts | 4 +- packages/server/src/utils/backups/mysql.ts | 4 +- packages/server/src/utils/backups/postgres.ts | 4 +- .../utils/notifications/database-backup.ts | 6 +- 14 files changed, 133 insertions(+), 294 deletions(-) delete mode 100644 packages/server/src/auth/auth.ts delete mode 100644 packages/server/src/auth/token.ts diff --git a/apps/dokploy/server/api/routers/auth.ts b/apps/dokploy/server/api/routers/auth.ts index cc149b3c..9fc66cf2 100644 --- a/apps/dokploy/server/api/routers/auth.ts +++ b/apps/dokploy/server/api/routers/auth.ts @@ -20,8 +20,6 @@ import { findUserById, generate2FASecret, getUserByToken, - lucia, - luciaToken, removeAdminByAuthId, sendDiscordNotification, sendEmailNotification, @@ -68,11 +66,11 @@ export const authRouter = createTRPCRouter({ type: "cloud", }; } - const session = await lucia.createSession(newAdmin.id || "", {}); - ctx.res.appendHeader( - "Set-Cookie", - lucia.createSessionCookie(session.id).serialize(), - ); + // const session = await lucia.createSession(newAdmin.id || "", {}); + // ctx.res.appendHeader( + // "Set-Cookie", + // lucia.createSessionCookie(session.id).serialize(), + // ); return { status: "success", type: "selfhosted", @@ -91,24 +89,24 @@ export const authRouter = createTRPCRouter({ .mutation(async ({ ctx, input }) => { try { const token = await getUserByToken(input.token); - if (token.isExpired) { - throw new TRPCError({ - code: "BAD_REQUEST", - message: "Invalid token", - }); - } + // if (token.isExpired) { + // throw new TRPCError({ + // code: "BAD_REQUEST", + // message: "Invalid token", + // }); + // } - const newUser = await createUser(input); + // const newUser = await createUser(input); - if (IS_CLOUD) { - await sendVerificationEmail(token.authId); - return true; - } - const session = await lucia.createSession(newUser?.authId || "", {}); - ctx.res.appendHeader( - "Set-Cookie", - lucia.createSessionCookie(session.id).serialize(), - ); + // if (IS_CLOUD) { + // await sendVerificationEmail(token.authId); + // return true; + // } + // const session = await lucia.createSession(newUser?.authId || "", {}); + // ctx.res.appendHeader( + // "Set-Cookie", + // lucia.createSessionCookie(session.id).serialize(), + // ); return true; } catch (error) { throw new TRPCError({ @@ -151,12 +149,12 @@ export const authRouter = createTRPCRouter({ }; } - const session = await lucia.createSession(auth?.id || "", {}); + // const session = await lucia.createSession(auth?.id || "", {}); - ctx.res.appendHeader( - "Set-Cookie", - lucia.createSessionCookie(session.id).serialize(), - ); + // ctx.res.appendHeader( + // "Set-Cookie", + // lucia.createSessionCookie(session.id).serialize(), + // ); return { is2FAEnabled: false, authId: auth?.id, @@ -186,11 +184,11 @@ export const authRouter = createTRPCRouter({ logout: protectedProcedure.mutation(async ({ ctx }) => { const { req, res } = ctx; - const { session } = await validateRequest(req, res); + const { session } = await validateRequest(req); if (!session) return false; - await lucia.invalidateSession(session.id); - res.setHeader("Set-Cookie", lucia.createBlankSessionCookie().serialize()); + // await lucia.invalidateSession(session.id); + // res.setHeader("Set-Cookie", lucia.createBlankSessionCookie().serialize()); return true; }), @@ -211,13 +209,13 @@ export const authRouter = createTRPCRouter({ }); } } - const auth = await updateAuthById(ctx.user.authId, { - ...(input.email && { email: input.email.toLowerCase() }), - ...(input.password && { - password: bcrypt.hashSync(input.password, 10), - }), - ...(input.image && { image: input.image }), - }); + // const auth = await updateAuthById(ctx.user.authId, { + // ...(input.email && { email: input.email.toLowerCase() }), + // ...(input.password && { + // password: bcrypt.hashSync(input.password, 10), + // }), + // ...(input.image && { image: input.image }), + // }); return auth; }), @@ -248,17 +246,17 @@ export const authRouter = createTRPCRouter({ }); } const { req, res } = ctx; - const { session } = await validateRequest(req, res); + const { session } = await validateRequest(req); if (!session) return false; - await lucia.invalidateSession(session.id); - res.setHeader("Set-Cookie", lucia.createBlankSessionCookie().serialize()); + // await lucia.invalidateSession(session.id); + // res.setHeader("Set-Cookie", lucia.createBlankSessionCookie().serialize()); - if (ctx.user.rol === "owner") { - await removeAdminByAuthId(ctx.user.authId); - } else { - await removeUserByAuthId(ctx.user.authId); - } + // if (ctx.user.rol === "owner") { + // await removeAdminByAuthId(ctx.user.authId); + // } else { + // await removeUserByAuthId(ctx.user.authId); + // } return true; }), @@ -267,9 +265,9 @@ export const authRouter = createTRPCRouter({ const auth = await findUserById(ctx.user.id); console.log(auth); - if (auth.token) { - await luciaToken.invalidateSession(auth.token); - } + // if (auth.token) { + // await luciaToken.invalidateSession(auth.token); + // } // const session = await luciaToken.createSession(auth?.id || "", { // expiresIn: 60 * 60 * 24 * 30, // }); @@ -292,39 +290,38 @@ export const authRouter = createTRPCRouter({ verify2FASetup: protectedProcedure .input(apiVerify2FA) .mutation(async ({ ctx, input }) => { - const auth = await findAuthById(ctx.user.authId); - - await verify2FA(auth, input.secret, input.pin); - await updateAuthById(auth.id, { - is2FAEnabled: true, - secret: input.secret, - }); - return auth; + // const auth = await findAuthById(ctx.user.authId); + // await verify2FA(auth, input.secret, input.pin); + // await updateAuthById(auth.id, { + // is2FAEnabled: true, + // secret: input.secret, + // }); + // return auth; }), verifyLogin2FA: publicProcedure .input(apiVerifyLogin2FA) .mutation(async ({ ctx, input }) => { - const auth = await findAuthById(input.id); + // const auth = await findAuthById(input.id); - await verify2FA(auth, auth.secret || "", input.pin); + // await verify2FA(auth, auth.secret || "", input.pin); - const session = await lucia.createSession(auth.id, {}); + // const session = await lucia.createSession(auth.id, {}); - ctx.res.appendHeader( - "Set-Cookie", - lucia.createSessionCookie(session.id).serialize(), - ); + // ctx.res.appendHeader( + // "Set-Cookie", + // lucia.createSessionCookie(session.id).serialize(), + // ); return true; }), disable2FA: protectedProcedure.mutation(async ({ ctx }) => { - const auth = await findAuthById(ctx.user.authId); - await updateAuthById(auth.id, { - is2FAEnabled: false, - secret: null, - }); - return auth; + // const auth = await findAuthById(ctx.user.authId); + // await updateAuthById(auth.id, { + // is2FAEnabled: false, + // secret: null, + // }); + // return auth; }), sendResetPasswordEmail: publicProcedure .input( diff --git a/apps/dokploy/server/api/routers/user.ts b/apps/dokploy/server/api/routers/user.ts index 00c2bb82..f4de4d9f 100644 --- a/apps/dokploy/server/api/routers/user.ts +++ b/apps/dokploy/server/api/routers/user.ts @@ -1,5 +1,5 @@ import { apiFindOneUser, apiFindOneUserByAuth } from "@/server/db/schema"; -import { findUserByAuthId, findUserById, findUsers } from "@dokploy/server"; +import { findUserByAuthId, findUserById } from "@dokploy/server"; import { db } from "@dokploy/server/db"; import { member } from "@dokploy/server/db/schema"; import { TRPCError } from "@trpc/server"; @@ -31,16 +31,16 @@ export const userRouter = createTRPCRouter({ // } return user; }), - byUserId: protectedProcedure - .input(apiFindOneUser) - .query(async ({ input, ctx }) => { - const user = await findUserById(input.userId); - if (user.adminId !== ctx.user.adminId) { - throw new TRPCError({ - code: "UNAUTHORIZED", - message: "You are not allowed to access this user", - }); - } - return user; - }), + // byUserId: protectedProcedure + // .input(apiFindOneUser) + // .query(async ({ input, ctx }) => { + // const user = await findUserById(input.userId); + // if (user.adminId !== ctx.user.adminId) { + // throw new TRPCError({ + // code: "UNAUTHORIZED", + // message: "You are not allowed to access this user", + // }); + // } + // return user; + // }), }); diff --git a/apps/dokploy/server/api/trpc.ts b/apps/dokploy/server/api/trpc.ts index 7f8f0f75..c63839c5 100644 --- a/apps/dokploy/server/api/trpc.ts +++ b/apps/dokploy/server/api/trpc.ts @@ -75,8 +75,8 @@ export const createTRPCContext = async (opts: CreateNextContextOptions) => { // user = cookieResult.user; // } - console.log("session", session); - console.log("user", user); + // console.log("session", session); + // console.log("user", user); return createInnerTRPCContext({ req, diff --git a/packages/server/src/auth/auth.ts b/packages/server/src/auth/auth.ts deleted file mode 100644 index 28052f5f..00000000 --- a/packages/server/src/auth/auth.ts +++ /dev/null @@ -1,41 +0,0 @@ -import { DrizzlePostgreSQLAdapter } from "@lucia-auth/adapter-drizzle"; -import { TimeSpan } from "lucia"; -import { Lucia } from "lucia/dist/core.js"; -import type { Session, User } from "lucia/dist/core.js"; -import { db } from "../db"; -import { type DatabaseUser, auth, session } from "../db/schema"; - -export const adapter = new DrizzlePostgreSQLAdapter(db, session, auth); - -export const lucia = new Lucia(adapter, { - sessionCookie: { - attributes: { - secure: false, - }, - }, - - sessionExpiresIn: new TimeSpan(1, "d"), - getUserAttributes: (attributes) => { - return { - email: attributes.email, - rol: attributes.rol, - secret: attributes.secret !== null, - adminId: attributes.adminId, - }; - }, -}); - -declare module "lucia" { - interface Register { - Lucia: typeof lucia; - DatabaseUserAttributes: Omit & { - authId: string; - adminId: string; - }; - } -} - -export type ReturnValidateToken = Promise<{ - user: (User & { authId: string; adminId: string }) | null; - session: Session | null; -}>; diff --git a/packages/server/src/auth/token.ts b/packages/server/src/auth/token.ts deleted file mode 100644 index e3f404b0..00000000 --- a/packages/server/src/auth/token.ts +++ /dev/null @@ -1,99 +0,0 @@ -import type { IncomingMessage } from "node:http"; -import { TimeSpan } from "lucia"; -import { Lucia } from "lucia/dist/core.js"; -import { findAdminByAuthId } from "../services/admin"; -import { findUserByAuthId } from "../services/user"; -import { type ReturnValidateToken, adapter } from "./auth"; - -export const luciaToken = new Lucia(adapter, { - sessionCookie: { - attributes: { - secure: false, - }, - }, - sessionExpiresIn: new TimeSpan(365, "d"), - getUserAttributes: (attributes) => { - return { - email: attributes.email, - rol: attributes.rol, - secret: attributes.secret !== null, - }; - }, -}); - -// export const validateBearerToken = async ( -// req: IncomingMessage, -// ): ReturnValidateToken => { -// const authorizationHeader = req.headers.authorization; -// const sessionId = luciaToken.readBearerToken(authorizationHeader ?? ""); -// if (!sessionId) { -// return { -// user: null, -// session: null, -// }; -// } -// const result = await luciaToken.validateSession(sessionId); - -// if (result.user) { -// if (result.user?.rol === "owner") { -// const admin = await findAdminByAuthId(result.user.id); -// result.user.adminId = admin.adminId; -// } else if (result.user?.rol === "member") { -// const userResult = await findUserByAuthId(result.user.id); -// result.user.adminId = userResult.adminId; -// } -// } -// return { -// session: result.session, -// ...((result.user && { -// user: { -// adminId: result.user.adminId, -// authId: result.user.id, -// email: result.user.email, -// rol: result.user.rol, -// id: result.user.id, -// secret: result.user.secret, -// }, -// }) || { -// user: null, -// }), -// }; -// }; - -// export const validateBearerTokenAPI = async ( -// authorizationHeader: string, -// ): ReturnValidateToken => { -// const sessionId = luciaToken.readBearerToken(authorizationHeader ?? ""); -// if (!sessionId) { -// return { -// user: null, -// session: null, -// }; -// } -// const result = await luciaToken.validateSession(sessionId); - -// if (result.user) { -// if (result.user?.rol === "owner") { -// const admin = await findAdminByAuthId(result.user.id); -// result.user.adminId = admin.adminId; -// } else if (result.user?.rol === "member") { -// const userResult = await findUserByAuthId(result.user.id); -// result.user.adminId = userResult.adminId; -// } -// } -// return { -// session: result.session, -// ...((result.user && { -// user: { -// adminId: result.user.adminId, -// authId: result.user.id, -// email: result.user.email, -// rol: result.user.rol, -// id: result.user.id, -// secret: result.user.secret, -// }, -// }) || { -// user: null, -// }), -// }; -// }; diff --git a/packages/server/src/index.ts b/packages/server/src/index.ts index 345849ed..554b4c12 100644 --- a/packages/server/src/index.ts +++ b/packages/server/src/index.ts @@ -1,5 +1,3 @@ -export * from "./auth/auth"; -export * from "./auth/token"; export * from "./auth/random-password"; // export * from "./db"; export * from "./services/admin"; diff --git a/packages/server/src/services/admin.ts b/packages/server/src/services/admin.ts index 78a0375a..41b92587 100644 --- a/packages/server/src/services/admin.ts +++ b/packages/server/src/services/admin.ts @@ -143,27 +143,26 @@ export const findAdmin = async () => { }; export const getUserByToken = async (token: string) => { - const user = await db.query.users.findFirst({ - where: eq(users.token, token), - with: { - auth: { - columns: { - password: false, - }, - }, - }, - }); - - if (!user) { - throw new TRPCError({ - code: "NOT_FOUND", - message: "Invitation not found", - }); - } - return { - ...user, - isExpired: user.isRegistered, - }; + // const user = await db.query.users.findFirst({ + // where: eq(users.token, token), + // with: { + // auth: { + // columns: { + // password: false, + // }, + // }, + // }, + // }); + // if (!user) { + // throw new TRPCError({ + // code: "NOT_FOUND", + // message: "Invitation not found", + // }); + // } + // return { + // ...user, + // isExpired: user.isRegistered, + // }; }; export const removeUserById = async (userId: string) => { @@ -181,9 +180,9 @@ export const removeAdminByAuthId = async (authId: string) => { // First delete all associated users const users = admin.users; - for (const user of users) { - await removeUserById(user.id); - } + // for (const user of users) { + // await removeUserById(user.id); + // } // Then delete the auth record which will cascade delete the admin return await db .delete(auth) diff --git a/packages/server/src/services/user.ts b/packages/server/src/services/user.ts index fbd81cf1..170af908 100644 --- a/packages/server/src/services/user.ts +++ b/packages/server/src/services/user.ts @@ -33,20 +33,6 @@ export const findUserByAuthId = async (authId: string) => { // return userR; }; -export const findUsers = async (adminId: string) => { - const currentUsers = await db.query.user.findMany({ - where: eq(user.adminId, adminId), - with: { - auth: { - columns: { - secret: false, - }, - }, - }, - }); - return currentUsers; -}; - export const addNewProject = async (userId: string, projectId: string) => { const userR = await findUserById(userId); diff --git a/packages/server/src/utils/access-log/handler.ts b/packages/server/src/utils/access-log/handler.ts index 66885514..57471732 100644 --- a/packages/server/src/utils/access-log/handler.ts +++ b/packages/server/src/utils/access-log/handler.ts @@ -1,5 +1,4 @@ import { IS_CLOUD, paths } from "@dokploy/server/constants"; -import { updateAdmin } from "@dokploy/server/services/admin"; import { type RotatingFileStream, createStream } from "rotating-file-stream"; import { db } from "../../db"; import { execAsync } from "../process/execAsync"; @@ -23,27 +22,27 @@ class LogRotationManager { } private async initialize(): Promise { - // const isActive = await this.getStateFromDB(); - // if (isActive) { - // await this.activateStream(); - // } + const isActive = await this.getStateFromDB(); + if (isActive) { + await this.activateStream(); + } } - // private async getStateFromDB(): Promise { - // const setting = await db.query.admins.findFirst({}); - // return setting?.enableLogRotation ?? false; - // } + private async getStateFromDB(): Promise { + const setting = await db.query.admins.findFirst({}); + return setting?.enableLogRotation ?? false; + } - // private async setStateInDB(active: boolean): Promise { - // const admin = await db.query.admins.findFirst({}); + private async setStateInDB(active: boolean): Promise { + const admin = await db.query.admins.findFirst({}); - // if (!admin) { - // return; - // } - // await updateAdmin(admin?.authId, { - // enableLogRotation: active, - // }); - // } + if (!admin) { + return; + } + // await updateAdmin(admin?.authId, { + // enableLogRotation: active, + // }); + } private async activateStream(): Promise { const { DYNAMIC_TRAEFIK_PATH } = paths(); diff --git a/packages/server/src/utils/backups/mariadb.ts b/packages/server/src/utils/backups/mariadb.ts index 7ffa16e1..56c2919c 100644 --- a/packages/server/src/utils/backups/mariadb.ts +++ b/packages/server/src/utils/backups/mariadb.ts @@ -49,7 +49,7 @@ export const runMariadbBackup = async ( projectName: project.name, databaseType: "mariadb", type: "success", - userId: project.userId, + organizationId: project.organizationId, }); } catch (error) { console.log(error); @@ -60,7 +60,7 @@ export const runMariadbBackup = async ( type: "error", // @ts-ignore errorMessage: error?.message || "Error message not provided", - userId: project.userId, + organizationId: project.organizationId, }); throw error; } diff --git a/packages/server/src/utils/backups/mongo.ts b/packages/server/src/utils/backups/mongo.ts index d6860a01..a40ec4f4 100644 --- a/packages/server/src/utils/backups/mongo.ts +++ b/packages/server/src/utils/backups/mongo.ts @@ -46,7 +46,7 @@ export const runMongoBackup = async (mongo: Mongo, backup: BackupSchedule) => { projectName: project.name, databaseType: "mongodb", type: "success", - userId: project.userId, + organizationId: project.organizationId, }); } catch (error) { console.log(error); @@ -57,7 +57,7 @@ export const runMongoBackup = async (mongo: Mongo, backup: BackupSchedule) => { type: "error", // @ts-ignore errorMessage: error?.message || "Error message not provided", - userId: project.userId, + organizationId: project.organizationId, }); throw error; } diff --git a/packages/server/src/utils/backups/mysql.ts b/packages/server/src/utils/backups/mysql.ts index a7317941..009a02cf 100644 --- a/packages/server/src/utils/backups/mysql.ts +++ b/packages/server/src/utils/backups/mysql.ts @@ -46,7 +46,7 @@ export const runMySqlBackup = async (mysql: MySql, backup: BackupSchedule) => { projectName: project.name, databaseType: "mysql", type: "success", - userId: project.userId, + organizationId: project.organizationId, }); } catch (error) { console.log(error); @@ -57,7 +57,7 @@ export const runMySqlBackup = async (mysql: MySql, backup: BackupSchedule) => { type: "error", // @ts-ignore errorMessage: error?.message || "Error message not provided", - userId: project.userId, + organizationId: project.organizationId, }); throw error; } diff --git a/packages/server/src/utils/backups/postgres.ts b/packages/server/src/utils/backups/postgres.ts index 33c37b86..5ada2aa9 100644 --- a/packages/server/src/utils/backups/postgres.ts +++ b/packages/server/src/utils/backups/postgres.ts @@ -49,7 +49,7 @@ export const runPostgresBackup = async ( projectName: project.name, databaseType: "postgres", type: "success", - userId: project.userId, + organizationId: project.organizationId, }); } catch (error) { await sendDatabaseBackupNotifications({ @@ -59,7 +59,7 @@ export const runPostgresBackup = async ( type: "error", // @ts-ignore errorMessage: error?.message || "Error message not provided", - userId: project.userId, + organizationId: project.organizationId, }); throw error; diff --git a/packages/server/src/utils/notifications/database-backup.ts b/packages/server/src/utils/notifications/database-backup.ts index 3ce36aa9..08cff4b5 100644 --- a/packages/server/src/utils/notifications/database-backup.ts +++ b/packages/server/src/utils/notifications/database-backup.ts @@ -19,13 +19,13 @@ export const sendDatabaseBackupNotifications = async ({ databaseType, type, errorMessage, - userId, + organizationId, }: { projectName: string; applicationName: string; databaseType: "postgres" | "mysql" | "mongodb" | "mariadb"; type: "error" | "success"; - userId: string; + organizationId: string; errorMessage?: string; }) => { const date = new Date(); @@ -33,7 +33,7 @@ export const sendDatabaseBackupNotifications = async ({ const notificationList = await db.query.notifications.findMany({ where: and( eq(notifications.databaseBackup, true), - eq(notifications.userId, userId), + eq(notifications.organizationId, organizationId), ), with: { email: true,