Merge pull request #45 from meili-NG/staging

meiliNG v0.9.0

.github/workflows/deploy-s4ait-production.yml

@@ -56,3 +56,4 @@ jobs:
         DEPLOY_PRODUCTION_KEY_PATH: ~/.ssh/id_rsa
         DEPLOY_PRODUCTION_BYPASS_KEY_CHECK: true
         DEPLOY_PRODUCTION_SUPPRESS_SSH_LOG: true
+        DEPLOY_PRODUCTION_REF: ${{ github.ref }}

.gitignore

@@ -127,3 +127,6 @@ config.js
 
 # use prisma db push
 prisma/migrations
+
+# Emacs Temp files
+*~

README.md

@@ -78,6 +78,6 @@ These are the documentations for helping you try meiliNG on your hands!
 
 ## License
 Distributed under [MIT License](LICENSE).  
-If the [MIT License](LICENSE) does not cover you, You can use [Hakurei Reimu Public License](https://github.com/Alex4386/HRPL) instead. [(LICENSE_HRPL)](LICENSE_HRPL) An Open-Source License considering all-beings (such as AI, like GitHub Copilot)  
+If the [MIT License](LICENSE) does not cover you, You can use [Hakurei Reimu Public License](https://github.com/Alex4386/HRPL) instead. [(EXT_LICENSE)](EXT_LICENSE) An Open-Source License considering all-beings (such as AI, like GitHub Copilot)  
 
 You can activate License Extension by following this file: [APPLY_EXTENSION.md](APPLY_EXTENSION.md)

config.env.js

@@ -103,6 +103,7 @@ module.exports = {
     },
   },
   notificationApi: {
+    enable: !/^false/gi.test(process.env.NOTIFICATION_API_ENABLE),
     version: Number(process.env.NOTIFICATION_API_VERSION) || 1,
     host: process.env.NOTIFICATION_API_HOST || 'https://notification.meili.ng',
     key: process.env.NOTIFICATION_API_KEY || 'YOUR NOTIFICATION API KEY',
@@ -111,6 +112,10 @@ module.exports = {
         /^true$/gi.test(process.env.NOTIFICATION_API_SETTINGS_USE_ALIMTALK_FOR_SOUTH_KOREA) || false,
     },
   },
+  sentry: {
+    serverName: process.env.SENTRY_SERVERNAME || undefined,
+    dsn: process.env.SENTRY_DSN || undefined,
+  },
   baridegiApi: {
     version: Number(process.env.BARIDEGI_API_VERSION) || 1,
     host: process.env.BARIDEGI_API_HOST || 'https://baridegi.stella-api.dev',

config.example.js

@@ -67,6 +67,11 @@ module.exports = {
       email: false,
       phone: false,
     },
+    /** Signup configuration - meiliNG Internal */
+    signup: {
+      /** Enable meiliNG Internal Signup? set it to false to disable (e.g. only use custom signup process) */
+      enabled: /^true$/gi.test(process.env.MEILING_SIGNUP_ENABLED) || true,
+    },
   },
   session: {
     /** Configures Version 1 of the meiliNG Session */
@@ -114,7 +119,13 @@ module.exports = {
       },
     },
   },
+  sentry: {
+    serverName: undefined,
+    dsn: 'https://this-is-example-dsn.ingest.sentry.io/sample-baby',
+  },
   notificationApi: {
+    /** Use notification api? (Stella IT Proprietary, Set it to false if you don't use one.) */
+    enable: true,
     version: 1,
     host: 'https://notification.stella-api.dev',
     key: 'YOUR NOTIFICATION API KEY',

ecosystem.config.js

@@ -32,7 +32,7 @@ module.exports = {
     production: {
       user: process.env.DEPLOY_PRODUCTION_USER,
       host: process.env.DEPLOY_PRODUCTION_HOST,
-      ref: 'origin/main',
+      ref: process.env.DEPLOY_PRODUCTION_REF || 'origin/main',
       repo: 'https://github.com/meili-ng/meiliNG',
       path: process.env.DEPLOY_PRODUCTION_PATH,
       'pre-deploy-local': `node deploy-env.production.js`,

package.json

@@ -1,13 +1,16 @@
 {
   "name": "meiling",
-  "version": "0.8.4",
+  "version": "0.9.0",
   "description": "An Opensource Next Generation \"Gatekeeper\" with oAuth2 Authentication Provider and OpenID Connect Server",
   "main": "dist/",
-  "repository": "https://github.com/meili-ng/meiliNG",
+  "repository": "https://github.com/meili-NG/meiliNG",
   "author": "Alex4386 <[email protected]>",
   "license": "MIT",
   "dependencies": {
-    "@prisma/client": "^3.9.2",
+    "@prisma/client": "4",
+    "@sentry/node": "^7.9.0",
+    "@sentry/tracing": "^7.9.0",
+    "@simplewebauthn/server": "^5.4.0",
     "@xmldom/xmldom": "^0.8.0",
     "ansi-regex": "^6.0.1",
     "axios": "^0.21.2",
@@ -18,6 +21,7 @@
     "fastify-cors": "^5.1.0",
     "fastify-formbody": "^5.0.0",
     "fastify-secure-session": "^2.3.0",
+    "fastify-swagger": "^4.15.0",
     "figlet": "^1.5.0",
     "jsonwebtoken": "^8.5.1",
     "libphonenumber-js": "^1.9.49",
@@ -29,9 +33,10 @@
     "pino-pretty": "^4.3.0",
     "prompts": "^2.4.1",
     "speakeasy": "^2.0.0",
-    "typescript": "^4.5.5"
+    "typescript": "^4.7.4"
   },
   "devDependencies": {
+    "@simplewebauthn/typescript-types": "^5.4.0",
     "@swc/cli": "^0.1.51",
     "@swc/core": "^1.2.138",
     "@types/bcryptjs": "^2.4.2",
@@ -40,24 +45,25 @@
     "@types/node": "^14.14.7",
     "@types/openpgp": "^4.4.14",
     "@types/speakeasy": "^2.0.5",
-    "@typescript-eslint/eslint-plugin": "^4.7.0",
-    "@typescript-eslint/parser": "^4.7.0",
-    "@typescript-eslint/typescript-estree": "^5.11.0",
-    "eslint": "^7.13.0",
+    "@typescript-eslint/eslint-plugin": "^5.0.0",
+    "@typescript-eslint/parser": "^5.0.0",
+    "@typescript-eslint/typescript-estree": "^5.0.0",
+    "eslint": "^8.0.0",
     "eslint-config-prettier": "^6.15.0",
     "eslint-plugin-prettier": "^3.1.4",
     "husky": "^4.3.0",
     "lint-staged": "^10.5.1",
     "prettier": "^2.1.2",
-    "prisma": "^3.9.2",
+    "prisma": "4",
     "ts-node": "^9.0.0"
   },
   "scripts": {
     "debug": "ts-node ./src/",
     "build": "swc src --out-dir dist/ --sync",
     "build:types": "tsc",
     "build:docker": "docker build .",
-    "start:dev": "nodemon",
+    "dev": "nodemon",
+    "start:dev": "swc src --out-dir dist/ --sync && node ./dist/",
     "start:prod": "swc src --out-dir dist/ --sync && NODE_ENV=production node ./dist/",
     "start": "NODE_ENV=production node ./dist/",
     "lint": "eslint '*/**/*.{js,ts,tsx}' --quiet --fix",
@@ -68,7 +74,8 @@
     "migrate:redeploy": "prisma migrate reset --preview-feature; rm -rf ./prisma/migrations/; prisma migrate dev --preview-feature",
     "generate": "prisma generate",
     "keygen": "node ./keygen.js",
-    "cleanup": "node ./dist/cleanup.js"
+    "cleanup": "node ./dist/cleanup.js",
+    "env:setup": "NODE_OPTIONS=\"--es-module-specifier-resolution=node\""
   },
   "husky": {
     "hooks": {

prisma/schema.prisma

@@ -44,12 +44,12 @@ model User {
   lockedProps  Json?
 
   createdAt          DateTime             @default(now())
+  deletedAt          DateTime?
+  
   lastSignIn         DateTime             @default(now())
   lastAuthenticated  DateTime             @default(now())
   ownedClientSecrets OAuthClientSecrets[]
 
-  isDeleted          Boolean              @default(false)
-
   metadata Json?
 }
 
@@ -80,7 +80,7 @@ enum AuthenticationMethod {
   SSH_KEY
   SMS
   EMAIL
-  SECURITY_KEY
+  WEBAUTHN
 }
 
 model Authentication {

src/common/fastify/index.ts

@@ -0,0 +1,71 @@
+import { FastifyInstance } from 'fastify';
+import fastifySwagger from 'fastify-swagger';
+import { nameStylized } from '..';
+import { info as packageJson } from '../../resources/package';
+import config from '../../resources/config';
+
+export function setupSwaggerUI(app: FastifyInstance) {
+  app.register(fastifySwagger, {
+    routePrefix: '/docs',
+    openapi: {
+      info: {
+        title: nameStylized,
+        description: packageJson.description,
+        version: packageJson.version,
+      },
+      externalDocs: {
+        url: 'https://meili.ng',
+        description: 'GitHub Repository',
+      },
+      servers: [
+        {
+          url: config.meiling.hostname,
+        },
+      ],
+      components: {
+        securitySchemes: {
+          sessionV1: {
+            type: 'http',
+            description: 'Session Token for Meiling V1 Endpoints',
+            scheme: 'bearer',
+          },
+        },
+      },
+    },
+    hideUntagged: true,
+    exposeRoute: true,
+  });
+
+  app.addSchema({
+    $id: 'Any',
+    anyOf: [
+      {
+        type: 'string',
+        nullable: true,
+      },
+      {
+        type: 'number',
+        nullable: true,
+      },
+      {
+        type: 'boolean',
+        nullable: true,
+      },
+      {
+        type: 'integer',
+        nullable: true,
+      },
+      {
+        type: 'array',
+        items: {
+          $ref: 'Any#',
+        },
+        nullable: true,
+      },
+      {
+        type: 'object',
+        nullable: true,
+      },
+    ],
+  });
+}

src/common/index.ts

@@ -1,3 +1,5 @@
+export const nameStylized = 'meiliNG';
+
 export * as Meiling from './meiling';
 export * as Event from './event';
 export * as Terminal from './terminal';

src/common/meiling/authentication/token.ts

@@ -4,6 +4,7 @@ import {
   OAuthToken,
   OAuthTokenType,
   Permission,
+  Prisma,
   User as UserModel,
 } from '@prisma/client';
 import { FastifyRequest } from 'fastify';
@@ -136,6 +137,7 @@ export async function getAuthorizedPermissions(
 }
 
 export async function getData(token: string, type?: OAuthTokenType): Promise<OAuthToken | undefined> {
+  if (typeof token !== 'string') return undefined;
   const tokenData = await getPrismaClient().oAuthToken.findUnique({
     where: {
       token,
@@ -204,16 +206,17 @@ export async function getMetadata(token: string, type?: OAuthTokenType): Promise
   }
 }
 
-export async function setMetadata(token: string, metadata: Token.TokenMetadata): Promise<void> {
+export async function setMetadata(token: string, metadata?: Token.TokenMetadata): Promise<void> {
   await getPrismaClient().oAuthToken.update({
     where: {
       token,
     },
     data: {
-      metadata: metadata as any,
+      metadata: !metadata ? Prisma.DbNull : (metadata as any),
     },
   });
 }
+
 export function getValidTimeByType(type: OAuthTokenType): number {
   return config?.token?.invalidate?.oauth[type] === undefined
     ? Number.MAX_SAFE_INTEGER