refactor: update user and authentication schema with two-factor support

2025-06-26 18:27:59 +00:00 · 2025-02-16 15:32:57 -06:00
parent 90156da570
commit e1632cbdb3
33 changed files with 657 additions and 180 deletions
--- a/packages/server/src/services/admin.ts
+++ b/packages/server/src/services/admin.ts
@@ -12,41 +12,40 @@ import * as bcrypt from "bcrypt";
 import { eq } from "drizzle-orm";
 import { IS_CLOUD } from "../constants";

-export type Admin = typeof users_temp.$inferSelect;
+export type User = typeof users_temp.$inferSelect;
 export const createInvitation = async (
 	input: typeof apiCreateUserInvitation._type,
 	adminId: string,
 ) => {
-	await db.transaction(async (tx) => {
-		const result = await tx
-			.insert(auth)
-			.values({
-				email: input.email.toLowerCase(),
-				rol: "user",
-				password: bcrypt.hashSync("01231203012312", 10),
-			})
-			.returning()
-			.then((res) => res[0]);
-
-		if (!result) {
-			throw new TRPCError({
-				code: "BAD_REQUEST",
-				message: "Error creating the user",
-			});
-		}
-		const expiresIn24Hours = new Date();
-		expiresIn24Hours.setDate(expiresIn24Hours.getDate() + 1);
-		const token = randomBytes(32).toString("hex");
-		// await tx
-		// 	.insert(users)
-		// 	.values({
-		// 		adminId: adminId,
-		// 		authId: result.id,
-		// 		token,
-		// 		expirationDate: expiresIn24Hours.toISOString(),
-		// 	})
-		// 	.returning();
-	});
+	// await db.transaction(async (tx) => {
+	// 	const result = await tx
+	// 		.insert(auth)
+	// 		.values({
+	// 			email: input.email.toLowerCase(),
+	// 			rol: "user",
+	// 			password: bcrypt.hashSync("01231203012312", 10),
+	// 		})
+	// 		.returning()
+	// 		.then((res) => res[0]);
+	// 	if (!result) {
+	// 		throw new TRPCError({
+	// 			code: "BAD_REQUEST",
+	// 			message: "Error creating the user",
+	// 		});
+	// 	}
+	// 	const expiresIn24Hours = new Date();
+	// 	expiresIn24Hours.setDate(expiresIn24Hours.getDate() + 1);
+	// const token = randomBytes(32).toString("hex");
+	// await tx
+	// 	.insert(users)
+	// 	.values({
+	// 		adminId: adminId,
+	// 		authId: result.id,
+	// 		token,
+	// 		expirationDate: expiresIn24Hours.toISOString(),
+	// 	})
+	// 	.returning();
+	// });
 };

 export const findUserById = async (userId: string) => {
@@ -65,7 +64,7 @@ export const findUserById = async (userId: string) => {
 	return user;
 };

-export const updateUser = async (userId: string, userData: Partial<Admin>) => {
+export const updateUser = async (userId: string, userData: Partial<User>) => {
 	const user = await db
 		.update(users_temp)
 		.set({
@@ -80,7 +79,7 @@ export const updateUser = async (userId: string, userData: Partial<Admin>) => {

 export const updateAdminById = async (
 	adminId: string,
-	adminData: Partial<Admin>,
+	adminData: Partial<User>,
 ) => {
 	// const admin = await db
 	// 	.update(admins)
@@ -93,13 +92,6 @@ export const updateAdminById = async (
 	// return admin;
 };

-export const findAdminById = async (userId: string) => {
-	const admin = await db.query.admins.findFirst({
-		// where: eq(admins.userId, userId),
-	});
-	return admin;
-};
-
 export const isAdminPresent = async () => {
 	const admin = await db.query.member.findFirst({
 		where: eq(member.role, "owner"),
@@ -113,33 +105,6 @@ export const isAdminPresent = async () => {
 	return true;
 };

-export const findAdminByAuthId = async (authId: string) => {
-	const admin = await db.query.admins.findFirst({
-		where: eq(admins.authId, authId),
-		with: {
-			users: true,
-		},
-	});
-	if (!admin) {
-		throw new TRPCError({
-			code: "NOT_FOUND",
-			message: "Admin not found",
-		});
-	}
-	return admin;
-};
-
-export const findAdmin = async () => {
-	const admin = await db.query.admins.findFirst({});
-	if (!admin) {
-		throw new TRPCError({
-			code: "NOT_FOUND",
-			message: "Admin not found",
-		});
-	}
-	return admin;
-};
-
 export const getUserByToken = async (token: string) => {
 	// const user = await db.query.users.findFirst({
 	// 	where: eq(users.token, token),
@@ -171,24 +136,6 @@ export const removeUserById = async (userId: string) => {
 		.then((res) => res[0]);
 };

-export const removeAdminByAuthId = async (authId: string) => {
-	const admin = await findAdminByAuthId(authId);
-	if (!admin) return null;
-
-	// First delete all associated users
-	const users = admin.users;
-
-	// for (const user of users) {
-	// 	await removeUserById(user.id);
-	// }
-	// Then delete the auth record which will cascade delete the admin
-	return await db
-		.delete(auth)
-		.where(eq(auth.id, authId))
-		.returning()
-		.then((res) => res[0]);
-};
-
 export const getDokployUrl = async () => {
 	if (IS_CLOUD) {
 		return "https://app.dokploy.com";
--- a/packages/server/src/services/auth.ts
+++ b/packages/server/src/services/auth.ts
@@ -10,6 +10,7 @@ import { TOTP } from "otpauth";
 import QRCode from "qrcode";
 import { IS_CLOUD } from "../constants";
 import { findUserById } from "./admin";
+import type { User } from "./user";

 export const findAuthById = async (authId: string) => {
 	const result = await db.query.users_temp.findFirst({
@@ -51,11 +52,7 @@ export const generate2FASecret = async (userId: string) => {
 	};
 };

-export const verify2FA = async (
-	auth: Omit<Auth, "password">,
-	secret: string,
-	pin: string,
-) => {
+export const verify2FA = async (auth: User, secret: string, pin: string) => {
 	const totp = new TOTP({
 		issuer: "Dokploy",
 		label: `${auth?.email}`,