import { join } from "path";
import ms from "ms";
import { generateKeyPair } from "crypto";
import * as sinkStatic from "@adonisjs/sink";
import { string } from "@poppinss/utils/build/helpers";
import { ApplicationContract } from "@ioc:Adonis/Core/Application";
import {
IndentationText,
NewLineKind,
Project,
PropertyAssignment,
SyntaxKind,
Writers,
} from "ts-morph";
import { parse as parseEditorConfig } from "editorconfig";
type InstructionsState = {
persistJwt: boolean;
jwtDefaultExpire: string;
refreshTokenDefaultExpire: string;
usersTableName?: string;
usersModelName?: string;
usersModelNamespace?: string;
tokensTableName: string;
tokensSchemaName: string;
provider: "lucid" | "database";
providerConfiguredName?: string;
providerConfiguredModel?: string;
tokensProvider: "database" | "redis";
};
type DefinedProviders = {
[name: string]: {
type: "lucid" | "database";
model?: string;
};
};
/**
* Prompt choices for the tokens provider selection
*/
const TOKENS_PROVIDER_PROMPT_CHOICES = [
{
name: "database" as const,
message: "Database",
hint: " (Uses SQL table for storing JWT tokens)",
},
{
name: "redis" as const,
message: "Redis",
hint: " (Uses Redis for storing JWT tokens)",
},
];
/**
* Returns absolute path to the stub relative from the templates
* directory. This path is correct when files are in /build folder
*/
function getStub(...relativePaths: string[]) {
return join(__dirname, "templates", ...relativePaths);
}
/**
*
* @returns
*/
async function getIntendationConfigForTsMorph(projectRoot: string) {
const indentConfig = await parseEditorConfig(projectRoot + "/.editorconfig");
let indentationText:IndentationText;
if (indentConfig.indent_style === "space" && indentConfig.indent_size === 2) {
indentationText = IndentationText.TwoSpaces;
} else if (indentConfig.indent_style === "space" && indentConfig.indent_size === 4) {
indentationText = IndentationText.FourSpaces;
} else if (indentConfig.indent_style === "tab") {
indentationText = IndentationText.Tab;
} else {
indentationText = IndentationText.FourSpaces;
}
let newLineKind:NewLineKind;
if (indentConfig.end_of_line === "lf") {
newLineKind = NewLineKind.LineFeed;
} else if (indentConfig.end_of_line === "crlf") {
newLineKind = NewLineKind.CarriageReturnLineFeed;
} else {
newLineKind = NewLineKind.LineFeed;
}
return { indentationText, newLineKind };
}
async function getTsMorphProject(projectRoot: string) {
const { indentationText, newLineKind } = await getIntendationConfigForTsMorph(projectRoot);
return new Project({
tsConfigFilePath: projectRoot + "/tsconfig.json",
manipulationSettings: {
indentationText: indentationText,
newLineKind: newLineKind,
useTrailingCommas: true,
},
});
}
/**
* Create the migration file
*/
function makeTokensMigration(
projectRoot: string,
app: ApplicationContract,
sink: typeof sinkStatic,
state: InstructionsState
) {
const migrationsDirectory = app.directoriesMap.get("migrations") || "database";
const migrationPath = join(migrationsDirectory, `${Date.now()}_${state.tokensTableName}.ts`);
let templateFile = "migrations/jwt_tokens.txt";
if (!state.persistJwt) {
templateFile = "migrations/jwt_refresh_tokens.txt";
}
const template = new sink.files.MustacheFile(projectRoot, migrationPath, getStub(templateFile));
if (template.exists()) {
sink.logger.action("create").skipped(`${migrationPath} file already exists`);
return;
}
template.apply(state).commit();
sink.logger.action("create").succeeded(migrationPath);
}
/**
*
* @param projectRoot
* @param app
* @returns
*/
async function getDefinedProviders(projectRoot: string, app: ApplicationContract) {
const contractsDirectory = app.directoriesMap.get("contracts") || "contracts";
const contractPath = join(contractsDirectory, "auth.ts");
//Instantiate ts-morph
const project = await getTsMorphProject(projectRoot);
const authContractFile = project.getSourceFileOrThrow(contractPath);
//Doesn't work without single quotes wrapping the module name
const authModule = authContractFile?.getModuleOrThrow("'@ioc:Adonis/Addons/Auth'");
const definedProviders: DefinedProviders = {};
const providersInterface = authModule.getInterfaceOrThrow("ProvidersList");
const userProviders = providersInterface.getProperties();
for (const provider of userProviders) {
let providerType: "lucid" | "database" | undefined;
let providerLucidModel = "";
const providerTypeJs = provider.getTypeNodeOrThrow().getFullText();
if (providerTypeJs?.indexOf("LucidProviderContract") !== -1) {
providerType = "lucid";
const matches = /typeof ([^>]+)/g.exec(providerTypeJs);
if (matches && matches.length) {
providerLucidModel = matches[1];
} else {
sinkStatic.logger.warning(`Unable to find model name for provider ${provider}. Skipping it`);
continue;
}
} else if (providerTypeJs?.indexOf("DatabaseProviderContract") !== -1) {
providerType = "database";
} else {
continue;
}
definedProviders[provider.getName()] = {
type: providerType,
};
if (providerLucidModel) {
definedProviders[provider.getName()].model = providerLucidModel;
}
}
if (!Object.keys(definedProviders).length) {
throw new Error(
"No provider implementation found in ProvidersList. Maybe you didn't configure @adonisjs/auth first?"
);
}
return definedProviders;
}
/**
* Creates the contract file
*/
async function editContract(
projectRoot: string,
app: ApplicationContract,
sink: typeof sinkStatic,
state: InstructionsState
) {
const contractsDirectory = app.directoriesMap.get("contracts") || "contracts";
const contractPath = join(contractsDirectory, "auth.ts");
//Instantiate ts-morph
const project = await getTsMorphProject(projectRoot);
const authContractFile = project.getSourceFileOrThrow(contractPath);
//Remove JWT import, if already present
authContractFile.getImportDeclaration("@ioc:Adonis/Addons/Jwt")?.remove();
//Add JWT import
authContractFile.addImportDeclaration({
namedImports: ["JWTGuardConfig", "JWTGuardContract"],
moduleSpecifier: "@ioc:Adonis/Addons/Jwt",
});
//Doesn't work without single quotes wrapping the module name
const authModule = authContractFile?.getModuleOrThrow("'@ioc:Adonis/Addons/Auth'");
let providerName = "";
const providersInterface = authModule.getInterfaceOrThrow("ProvidersList");
if (state.providerConfiguredName && providersInterface.getProperty(state.providerConfiguredName)) {
providerName = state.providerConfiguredName;
} else {
providerName = `user_using_${state.provider}`;
let implementation = "";
let config = "";
if (state.provider === "lucid") {
implementation = `LucidProviderContract<typeof ${state.usersModelName}>`;
config = `LucidProviderConfig<typeof ${state.usersModelName}>`;
} else {
implementation = `DatabaseProviderContract<DatabaseProviderRow>`;
config = `DatabaseProviderConfig`;
}
//Insert provider in last position
providersInterface.addProperty({
name: providerName,
type: `{
implementation: ${implementation},
config: ${config},
}`,
});
}
const guardsInterface = authModule.getInterfaceOrThrow("GuardsList");
//Remove JWT guard, if already present
guardsInterface.getProperty("jwt")?.remove();
//Insert JWT guard in second position (first parameter)
guardsInterface.addProperty({
name: "jwt",
type: `{
implementation: JWTGuardContract<'${providerName}', 'api'>,
config: JWTGuardConfig<'${providerName}'>,
}`,
});
authContractFile.formatText();
await authContractFile?.save();
sink.logger.action("update").succeeded(contractPath);
}
/**
* Makes the auth config file
*/
async function editConfig(
projectRoot: string,
app: ApplicationContract,
sink: typeof sinkStatic,
state: InstructionsState
) {
const configDirectory = app.directoriesMap.get("config") || "config";
const configPath = join(configDirectory, "auth.ts");
let tokenProvider;
if (state.tokensProvider === "redis") {
tokenProvider = Writers.object({
type: "'jwt'",
driver: "'redis'",
redisConnection: "'local'",
foreignKey: "'user_id'",
});
} else {
tokenProvider = Writers.object({
type: "'api'",
driver: "'database'",
table: "'jwt_tokens'",
foreignKey: "'user_id'",
});
}
let provider;
if (state.provider === "database") {
provider = Writers.object({
driver: "'database'",
identifierKey: "'id'",
uids: "['email']",
usersTable: `'${state.usersTableName}'`,
});
} else if (state.provider === "lucid") {
provider = Writers.object({
driver: '"lucid"',
identifierKey: '"id"',
uids: "[]",
model: `() => import('${state.usersModelNamespace}')`,
});
} else {
throw new Error(`Invalid state.provider: ${state.provider}`);
}
//Instantiate ts-morph
const project = await getTsMorphProject(projectRoot);
const authConfigFile = project.getSourceFileOrThrow(configPath);
//Remove Env import, if already present
authConfigFile.getImportDeclaration("@ioc:Adonis/Core/Env")?.remove();
//Add Env import
authConfigFile.addImportDeclaration({
defaultImport: "Env",
moduleSpecifier: "@ioc:Adonis/Core/Env",
});
const variable = authConfigFile
?.getVariableDeclarationOrThrow("authConfig")
.getInitializerIfKindOrThrow(SyntaxKind.ObjectLiteralExpression);
let guardsProperty = variable?.getPropertyOrThrow("guards") as PropertyAssignment;
let guardsObject = guardsProperty.getInitializerIfKindOrThrow(SyntaxKind.ObjectLiteralExpression);
//Remove JWT config, if already present
guardsObject.getProperty("jwt")?.remove();
//Add JWT config
guardsObject?.addPropertyAssignment({
name: "jwt",
initializer: Writers.object({
driver: '"jwt"',
publicKey: `Env.get('JWT_PUBLIC_KEY', '').replace(/\\\\n/g, '\\n')`,
privateKey: `Env.get('JWT_PRIVATE_KEY', '').replace(/\\\\n/g, '\\n')`,
persistJwt: `${state.persistJwt ? "true" : "false"}`,
jwtDefaultExpire: `'${state.jwtDefaultExpire}'`,
refreshTokenDefaultExpire: `'${state.refreshTokenDefaultExpire}'`,
tokenProvider: tokenProvider,
provider: provider,
}),
});
authConfigFile.formatText();
await authConfigFile?.save();
sink.logger.action("update").succeeded(configPath);
}
async function makeKeys(
projectRoot: string,
_app: ApplicationContract,
sink: typeof sinkStatic,
_state: InstructionsState
) {
await new Promise((resolve, reject) => {
generateKeyPair(
"rsa",
{
modulusLength: 4096,
publicKeyEncoding: {
type: "spki",
format: "pem",
},
privateKeyEncoding: {
type: "pkcs8",
format: "pem",
},
},
(err, publicKey, privateKey) => {
if (err) {
return reject(err);
}
resolve({ publicKey, privateKey });
}
);
}).then(({ privateKey, publicKey }) => {
const env = new sink.files.EnvFile(projectRoot);
env.set("JWT_PRIVATE_KEY", privateKey.replace(/\n/g, "\\n"));
env.set("JWT_PUBLIC_KEY", publicKey.replace(/\n/g, "\\n"));
env.commit();
sink.logger.action("update").succeeded(".env,.env.example");
});
}
/**
* Prompts user to select the provider
*/
async function getProvider(
sink: typeof sinkStatic,
definedProviders: DefinedProviders
): Promise<"lucid" | "database" | string> {
let choices = {
lucid: {
name: "lucid",
message: "Lucid",
hint: " (Uses Data Models)",
},
database: {
name: "database",
message: "Database",
hint: " (Uses Database QueryBuilder, will be created in this configuration)",
},
};
for (const providerName in definedProviders) {
const { type: definedProviderType } = definedProviders[providerName];
if (choices[definedProviderType]) {
choices[definedProviderType].name = providerName;
choices[definedProviderType].message = `Already configured ${string.capitalCase(
definedProviderType
)} provider (${providerName})`;
}
}
const chosenProvider = await sink.getPrompt().choice("Select provider for finding users", Object.values(choices), {
validate(choice) {
return choice && choice.length ? true : "Select the provider for finding users";
},
});
return chosenProvider;
}
/**
* Prompts user to select the tokens provider
*/
async function getTokensProvider(sink: typeof sinkStatic) {
return sink.getPrompt().choice("Select the provider for storing JWT tokens", TOKENS_PROVIDER_PROMPT_CHOICES, {
validate(choice) {
return choice && choice.length ? true : "Select the provider for storing JWT tokens";
},
});
}
/**
* Prompts user for the model name
*/
async function getModelName(sink: typeof sinkStatic): Promise<string> {
return sink.getPrompt().ask("Enter model name to be used for authentication", {
validate(value) {
return !!value.trim().length;
},
});
}
/**
* Prompts user for the table name
*/
async function getTableName(sink: typeof sinkStatic): Promise<string> {
return sink.getPrompt().ask("Enter the database table name to look up users", {
validate(value) {
return !!value.trim().length;
},
});
}
/**
* Prompts user for the table name
*/
async function getMigrationConsent(sink: typeof sinkStatic, tableName: string): Promise<boolean> {
return sink.getPrompt().confirm(`Create migration for the ${sink.logger.colors.underline(tableName)} table?`);
}
function getModelNamespace(app: ApplicationContract, usersModelName) {
return `${app.namespacesMap.get("models") || "App/Models"}/${string.capitalCase(usersModelName)}`;
}
async function getPersistJwt(sink: typeof sinkStatic): Promise<boolean> {
return sink.getPrompt().confirm(`Do you want to persist JWT in database/redis (please read README.md beforehand)?`);
}
async function getJwtDefaultExpire(sink: typeof sinkStatic, state: InstructionsState): Promise<string> {
return sink.getPrompt().ask("Enter the default expire time for the JWT (10h = 10 hours, 5d = 5 days, etc)", {
default: state.jwtDefaultExpire,
validate(value) {
if (!value.match(/^[0-9]+[a-z]+$/)) {
return false;
}
return !!ms(value);
},
});
}
async function getRefreshTokenDefaultExpire(sink: typeof sinkStatic, state: InstructionsState): Promise<string> {
return sink
.getPrompt()
.ask("Enter the default expire time for the refresh token (10h = 10 hours, 5d = 5 days, etc)", {
default: state.refreshTokenDefaultExpire,
validate(value) {
if (!value.match(/^[0-9]+[a-z]+$/)) {
return false;
}
return !!ms(value);
},
});
}
/**
* Instructions to be executed when setting up the package.
*/
export default async function instructions(projectRoot: string, app: ApplicationContract, sink: typeof sinkStatic) {
const state: InstructionsState = {
persistJwt: false,
jwtDefaultExpire: "10m",
refreshTokenDefaultExpire: "10d",
tokensTableName: "jwt_tokens",
tokensSchemaName: "JwtTokens",
provider: "lucid",
tokensProvider: "database",
};
const definedProviders = await getDefinedProviders(projectRoot, app);
const chosenProvider = await getProvider(sink, definedProviders);
if (definedProviders[chosenProvider]) {
state.providerConfiguredName = chosenProvider;
state.provider = definedProviders[chosenProvider].type;
if (definedProviders[chosenProvider].model) {
state.usersModelName = definedProviders[chosenProvider].model;
state.usersModelNamespace = getModelNamespace(app, definedProviders[chosenProvider].model);
}
/**
* Prompt for the database table name. If it's using a Lucid provider, we already have
* the name of the model in the ProvidersList
*/
if (state.provider === "database") {
state.usersTableName = await getTableName(sink);
}
} else {
//Force type
state.provider = chosenProvider as "lucid" | "database";
/**
* Get model name when provider is lucid otherwise prompt for the database
* table name
*/
if (state.provider === "lucid") {
const usersModelName = await getModelName(sink);
state.usersModelName = usersModelName.replace(/(\.ts|\.js)$/, "");
state.usersTableName = string.pluralize(string.snakeCase(usersModelName));
state.usersModelNamespace = getModelNamespace(app, usersModelName);
} else if (state.provider === "database") {
state.usersTableName = await getTableName(sink);
}
}
state.persistJwt = await getPersistJwt(sink);
let tokensMigrationConsent = false;
state.tokensProvider = await getTokensProvider(sink);
if (state.tokensProvider === "database") {
tokensMigrationConsent = await getMigrationConsent(sink, state.tokensTableName);
}
state.jwtDefaultExpire = await getJwtDefaultExpire(sink, state);
state.refreshTokenDefaultExpire = await getRefreshTokenDefaultExpire(sink, state);
await makeKeys(projectRoot, app, sink, state);
/**
* Make tokens migration file
*/
if (tokensMigrationConsent) {
makeTokensMigration(projectRoot, app, sink, state);
}
/**
* Make contract file
*/
await editContract(projectRoot, app, sink, state);
/**
* Make config file
*/
await editConfig(projectRoot, app, sink, state);
}
