Server re-build with latest AdonisJS framework & Typescript (#47)

* chore: setup first basis structure

* chore: ensure styling is loaded correctly

* chore: comply to new routing syntax by replace . with / in routes/resource locations

* chore: add login controller

* chore: correctly use views with slash instead of dot

* chore: working login + tests

* chore: clean up tests

* chore: add password-forgot endpoint and matching test

* chore: add delete page test

* chore: add logout test

* chore: add reset-password route and tests

* chore: remove obsolete comment

* chore: add account-page and tests

* chore: add data page & first step of the test

* chore: add transfer/import data feature and tests

* chore: add export and basic test

* chore: add all static api routes with tests

* Regenerate 'pnpm-lock.json' and fix bad merge conflict

WIP:
- Tests have been commented out since they dont work
- Server doesn't start

* easier dev and test runs

* - remove --require-pragma from reformat-files so formatting works properly
- run pnpm reformat-files over codebase
- remove .json files from .eslintignore
- add invalid.json file to .eslintignore
- configure prettier properly in eslint config
- add type jsdoc to prettier config
- run adonis generate:manifest command to regenerate ace-manifest.json
- specify volta in package.json
- introduce typecheck npm script
- remove unused .mjs extension from npm scripts
- install missing type definition dependencies
- add pnpm.allowedDeprecatedVersions to package.json
- fix invalid extends in tsconfig.json causing TS issues throughout codebase
- remove @ts-ignore throughout codebase which is not relevant anymore
- enable some of the tsconfig options
- remove outdated eslint-disable from codebase
- change deprecated faker.company.companyName() to faker.company.name()
- fix TS issues inside transfer.spec.ts

* - update to latest node and pnpm versions
- upgrade all non-major dependencies to latest
- install missing @types/luxon dependency
- add cuid to pnpm.allowedDeprecatedVersions
- add esModuleInterop config option to tsconfig
- migrate more deprecated faker methods to new ones
- add more temporary ts-ignore to code

* - update eslint config
- remove trailingComma: all since default in prettier v3
- add typecheck command to prepare-code npm script
- upgrade various dependencies to latest major version
- update tsconfig to include only useful config options
- disable some lint issues and fix others

* - add test command to prepare-code
- disable strictPropertyInitialization flag in tsconfig which creates issues with adonis models
- update precommit hook to excute pnpm prepare-code
- remove ts-ignore statements from all models

* fix node and pnpm dependency update

* add cross env (so that we can develop on windows)

* add signup endpoint (TODO: JWT auth)

* Add login endpoint

* Add me and updateMe endpoints

* Add service endpoint

* refactor: change endpoints to use jwt

* add recipes endpoint

* add workspaces endpoint

* fix web controllors for login and post import

* Update node deps

* Change auth middleware (for web) and exempt api from CSRF

* Add import endpoint (franz import)

* Fix export/import logic

* Fix service and workspace data in user/data

* Fix partial lint

* chore: workaround lint issues

* fix: migration naming had two .

* Sync back node with recipes repo

* Temporarily ignore typescript

* Fix adonisrc to handle public folder static assets

* Fix issue with production database

* add Legacy Password Provider

* Fix lint errors

* Fix issue on login errors frontend

* add Legacy Password Provider

* Fix issue with customIcons

* Fix issue with auth tokens

* Update 'node' to '18.18.0'

* make docker work

* improve docker entrypoint (test api performance)

* Add migration database script

* NODE_ENV on recipes

* prefer @ts-expect-error over @ts-ignore

* small fixes

* Update 'pnpm' to '8.7.6'

* fix error catch

* Automatically generate JWT Public and Private keys

* Use custom Adonis5-jwt

* Update code to use secret (old way, no breaking changes)

* Normalize appKey

* Trick to make JWT tokens on client work with new version

* Fix error with new JWT logic

* Change migration and how we store JWT

* Fix 500 response code (needs to be 401)

* Improve logic and fix bugs

* Fix build and entrypoint logic

* Catch error if appKey changes

* Add newToken logic

* Fix lint (ignore any errors)

* Add build for PRs

* pnpm reformat-files result

* Fix some tests

* Fix reset password not working (test failing)

* Restore csrfTokens (disabled by accident)

* Fix pnpm start command with .env

* Disable failing tests on the transfer endpoint (TODO)

* Add tests to PR build

* Fix build

* Remove unnecessary assertStatus

* Add typecheck

* hash password on UserFactory (fix build)

* Add JWT_USE_PEM true by default (increase security)

* fix name of github action

---------

Co-authored-by: Vijay A <vraravam@users.noreply.github.com>
Co-authored-by: Balaji Vijayakumar <kuttibalaji.v6@gmail.com>
Co-authored-by: MCMXC <16797721+mcmxcdev@users.noreply.github.com>
Co-authored-by: André Oliveira <oliveira.andrerodrigues95@gmail.com>

1 files changed, 410 insertions, 0 deletions

diff --git a/app/Controllers/Http/UserController.ts b/app/Controllers/Http/UserController.ts
new file mode 100644
index 0000000..ef7cfdd
--- /dev/null
+++ b/app/Controllers/Http/UserController.ts
@@ -0,0 +1,410 @@
+import type { HttpContextContract } from '@ioc:Adonis/Core/HttpContext';
+import { schema, rules } from '@ioc:Adonis/Core/Validator';
+import User from 'App/Models/User';
+import { connectWithFranz, isRegistrationEnabled } from '../../../config/app';
+import crypto from 'node:crypto';
+import { v4 as uuid } from 'uuid';
+import Workspace from 'App/Models/Workspace';
+import Service from 'App/Models/Service';
+import fetch from 'node-fetch';
+
+// TODO: This file needs to be refactored and cleaned up to include types
+import { handleVerifyAndReHash } from '../../../helpers/PasswordHash';
+
+const newPostSchema = schema.create({
+  firstname: schema.string(),
+  lastname: schema.string(),
+  email: schema.string([
+    rules.email(),
+    rules.unique({ table: 'users', column: 'email' }),
+  ]),
+  password: schema.string([rules.minLength(8)]),
+});
+
+const franzImportSchema = schema.create({
+  email: schema.string([
+    rules.email(),
+    rules.unique({ table: 'users', column: 'email' }),
+  ]),
+  password: schema.string([rules.minLength(8)]),
+});
+
+// // TODO: This whole controller needs to be changed such that it can support importing from both Franz and Ferdi
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+const franzRequest = (route: any, method: any, auth: any) =>
+  new Promise((resolve, reject) => {
+    const base = 'https://api.franzinfra.com/v1/';
+    const user =
+      'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Franz/5.3.0-beta.1 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36';
+
+    try {
+      fetch(base + route, {
+        method,
+        headers: {
+          Authorization: `Bearer ${auth}`,
+          'User-Agent': user,
+        },
+      })
+        .then(data => data.json())
+        .then(json => resolve(json));
+    } catch {
+      reject();
+    }
+  });
+
+export default class UsersController {
+  // Register a new user
+  public async signup({ request, response, auth }: HttpContextContract) {
+    if (isRegistrationEnabled === 'false') {
+      return response.status(401).send({
+        message: 'Registration is disabled on this server',
+        status: 401,
+      });
+    }
+
+    // Validate user input
+    let data;
+    try {
+      data = await request.validate({ schema: newPostSchema });
+    } catch (error) {
+      return response.status(401).send({
+        message: 'Invalid POST arguments',
+        messages: error.messages,
+        status: 401,
+      });
+    }
+
+    // Create user in DB
+    let user;
+    try {
+      user = await User.create({
+        email: data.email,
+        password: data.password,
+        username: data.firstname,
+        lastname: data.lastname,
+      });
+    } catch {
+      return response.status(401).send({
+        message: 'E-Mail address already in use',
+        status: 401,
+      });
+    }
+
+    // Generate new auth token
+    const token = await auth.use('jwt').login(user, { payload: {} });
+
+    return response.send({
+      message: 'Successfully created account',
+      token: token.accessToken,
+    });
+  }
+
+  // Login using an existing user
+  public async login({ request, response, auth }: HttpContextContract) {
+    if (!request.header('Authorization')) {
+      return response.status(401).send({
+        message: 'Please provide authorization',
+        status: 401,
+      });
+    }
+
+    // Get auth data from auth token
+    const authHeader = atob(
+      request.header('Authorization')!.replace('Basic ', ''),
+    ).split(':');
+
+    // Check if user with email exists
+    const user = await User.query().where('email', authHeader[0]).first();
+    if (!user?.email) {
+      return response.status(401).send({
+        message: 'User credentials not valid',
+        code: 'invalid-credentials',
+        status: 401,
+      });
+    }
+
+    // Verify password
+    let isMatchedPassword = false;
+    try {
+      isMatchedPassword = await handleVerifyAndReHash(user, authHeader[1]);
+    } catch (error) {
+      return response.internalServerError({ message: error.message });
+    }
+
+    if (!isMatchedPassword) {
+      return response.status(401).send({
+        message: 'User credentials not valid',
+        code: 'invalid-credentials',
+        status: 401,
+      });
+    }
+
+    // Generate token
+    const token = await auth.use('jwt').login(user, { payload: {} });
+
+    return response.send({
+      message: 'Successfully logged in',
+      token: token.accessToken,
+    });
+  }
+
+  // Return information about the current user
+  public async me({ request, response, auth }: HttpContextContract) {
+    // @ts-expect-error Property 'user' does not exist on type 'HttpContextContract'.
+    const user = auth.user ?? request.user;
+
+    if (!user) {
+      return response.send('Missing or invalid api token');
+    }
+
+    const settings =
+      typeof user.settings === 'string'
+        ? JSON.parse(user.settings)
+        : user.settings;
+
+    return response.send({
+      accountType: 'individual',
+      beta: false,
+      donor: {},
+      email: user.email,
+      emailValidated: true,
+      features: {},
+      firstname: user.username,
+      id: '82c1cf9d-ab58-4da2-b55e-aaa41d2142d8',
+      isPremium: true,
+      isSubscriptionOwner: true,
+      lastname: user.lastname,
+      locale: 'en-US',
+      ...settings,
+    });
+  }
+
+  public async updateMe({ request, response, auth }: HttpContextContract) {
+    // @ts-expect-error Property 'user' does not exist on type 'HttpContextContract'.
+    const user = auth.user ?? request.user;
+
+    if (!user) {
+      return response.send('Missing or invalid api token');
+    }
+
+    let settings = user.settings || {};
+    if (typeof settings === 'string') {
+      settings = JSON.parse(settings);
+    }
+
+    const newSettings = {
+      ...settings,
+      ...request.all(),
+    };
+
+    user.settings = JSON.stringify(newSettings);
+    await user.save();
+
+    return response.send({
+      data: {
+        accountType: 'individual',
+        beta: false,
+        donor: {},
+        email: user.email,
+        emailValidated: true,
+        features: {},
+        firstname: user.username,
+        id: '82c1cf9d-ab58-4da2-b55e-aaa41d2142d8',
+        isPremium: true,
+        isSubscriptionOwner: true,
+        lastname: user.lastname,
+        locale: 'en-US',
+        ...newSettings,
+      },
+      status: ['data-updated'],
+    });
+  }
+
+  public async newToken({ request, response, auth }: HttpContextContract) {
+    // @ts-expect-error Property 'user' does not exist on type 'HttpContextContract'.
+    const user = auth.user ?? request.user;
+
+    if (!user) {
+      return response.send('Missing or invalid api token');
+    }
+
+    const token = await auth.use('jwt').generate(user, { payload: {} });
+
+    return response.send({
+      token: token.accessToken,
+    });
+  }
+
+  public async import({ request, response, view }: HttpContextContract) {
+    if (isRegistrationEnabled === 'false') {
+      return response.status(401).send({
+        message: 'Registration is disabled on this server',
+        status: 401,
+      });
+    }
+
+    if (connectWithFranz === 'false') {
+      return response.send(
+        'We could not import your Franz account data.\n\nIf you are the server owner, please set CONNECT_WITH_FRANZ to true to enable account imports.',
+      );
+    }
+
+    // Validate user input
+    let data;
+    try {
+      data = await request.validate({ schema: franzImportSchema });
+    } catch (error) {
+      return view.render('others.message', {
+        heading: 'Error while importing',
+        text: error.messages,
+      });
+    }
+
+    const { email, password } = data;
+
+    const hashedPassword = crypto
+      .createHash('sha256')
+      .update(password)
+      .digest('base64');
+
+    const base = 'https://api.franzinfra.com/v1/';
+    const userAgent =
+      'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Franz/5.3.0-beta.1 Chrome/69.0.3497.128 Electron/4.2.4 Safari/537.36';
+
+    // Try to get an authentication token
+    let token;
+    try {
+      const basicToken = btoa(`${email}:${hashedPassword}`);
+      const loginBody = {
+        isZendeskLogin: false,
+      };
+
+      const rawResponse = await fetch(`${base}auth/login`, {
+        method: 'POST',
+        body: JSON.stringify(loginBody),
+        headers: {
+          Authorization: `Basic ${basicToken}`,
+          'User-Agent': userAgent,
+          'Content-Type': 'application/json',
+          accept: '*/*',
+          'x-franz-source': 'Web',
+        },
+      });
+      const content = await rawResponse.json();
+
+      if (!content.message || content.message !== 'Successfully logged in') {
+        const errorMessage =
+          'Could not login into Franz with your supplied credentials. Please check and try again';
+        return response.status(401).send(errorMessage);
+      }
+
+      token = content.token;
+    } catch (error) {
+      return response.status(401).send({
+        message: 'Cannot login to Franz',
+        error: error,
+      });
+    }
+
+    // Get user information
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    let userInf: any = false;
+    try {
+      userInf = await franzRequest('me', 'GET', token);
+    } catch (error) {
+      const errorMessage = `Could not get your user info from Franz. Please check your credentials or try again later.\nError: ${error}`;
+      return response.status(401).send(errorMessage);
+    }
+    if (!userInf) {
+      const errorMessage =
+        'Could not get your user info from Franz. Please check your credentials or try again later';
+      return response.status(401).send(errorMessage);
+    }
+
+    // Create user in DB
+    let user;
+    try {
+      user = await User.create({
+        email: userInf.email,
+        password: hashedPassword,
+        username: userInf.firstname,
+        lastname: userInf.lastname,
+      });
+    } catch (error) {
+      const errorMessage = `Could not create your user in our system.\nError: ${error}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    const serviceIdTranslation = {};
+
+    // Import services
+    try {
+      const services = await franzRequest('me/services', 'GET', token);
+
+      // @ts-expect-error
+      for (const service of services) {
+        // Get new, unused uuid
+        let serviceId;
+        do {
+          serviceId = uuid();
+        } while (
+          // eslint-disable-next-line no-await-in-loop, unicorn/no-await-expression-member
+          (await Service.query().where('serviceId', serviceId)).length > 0
+        );
+
+        // eslint-disable-next-line no-await-in-loop
+        await Service.create({
+          userId: user.id,
+          serviceId,
+          name: service.name,
+          recipeId: service.recipeId,
+          settings: JSON.stringify(service),
+        });
+
+        // @ts-expect-error
+        serviceIdTranslation[service.id] = serviceId;
+      }
+    } catch (error) {
+      const errorMessage = `Could not import your services into our system.\nError: ${error}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    // Import workspaces
+    try {
+      const workspaces = await franzRequest('workspace', 'GET', token);
+
+      // @ts-expect-error
+      for (const workspace of workspaces) {
+        let workspaceId;
+        do {
+          workspaceId = uuid();
+        } while (
+          // eslint-disable-next-line unicorn/no-await-expression-member, no-await-in-loop
+          (await Workspace.query().where('workspaceId', workspaceId)).length > 0
+        );
+
+        const services = workspace.services.map(
+          // @ts-expect-error
+          service => serviceIdTranslation[service],
+        );
+
+        // eslint-disable-next-line no-await-in-loop
+        await Workspace.create({
+          userId: user.id,
+          workspaceId,
+          name: workspace.name,
+          order: workspace.order,
+          services: JSON.stringify(services),
+          data: JSON.stringify({}),
+        });
+      }
+    } catch (error) {
+      const errorMessage = `Could not import your workspaces into our system.\nError: ${error}`;
+      return response.status(401).send(errorMessage);
+    }
+
+    return response.send(
+      'Your account has been imported. You can now use your Franz/Ferdi account in Ferdium.',
+    );
+  }
+}