Only email auth (#13)

waisy-app · Dec 22, 2023 · 26294a1 · 26294a1
1 parent 4b18ed2
commit 26294a1
Show file tree

Hide file tree

Showing 136 changed files with 5,835 additions and 2,359 deletions.
diff --git a/.env b/.env
@@ -36,11 +36,11 @@ LOGGER_LEVEL=warn
 # Default: json
 LOGGER_FORMAT=json
 
-# Description: JWT secret token
+# Description: JWT access secret token
 # Type: string
 # Required: true
 # Min length: 128
-JWT_SECRET_TOKEN=
+JWT_ACCESS_SECRET_TOKEN=
 
 # Description: JWT access token expiration time
 # Type: string
@@ -105,3 +105,23 @@ POSTGRES_SYNCHRONIZE=false
 # Type: boolean
 # Default: false
 POSTGRES_MIGRATIONS_RUN=false
+
+# Description: Email verification code lifetime in minutes
+# Type: number
+# Default: 10
+EMAIL_VERIFICATION_CODE_LIFETIME_MINUTES=10
+
+# Description: Email verification code max attempts
+# Type: number
+# Default: 3
+EMAIL_VERIFICATION_CODE_MAX_SENDING_ATTEMPTS=3
+
+# Description: Email verification code max input attempts
+# Type: number
+# Default: 3
+EMAIL_VERIFICATION_CODE_MAX_INPUT_ATTEMPTS=3
+
+# Description: Unisender API key
+# Type: string
+# Required: true
+UNISENDER_API_SECRET_KEY=
diff --git a/.env.test b/.env.test
@@ -1,5 +1,5 @@
 NODE_ENV=test
-JWT_SECRET_TOKEN=VrdWi58a8taiugDqLyefgSC7UkTx32sV9B8JRsv7mf7xtqDGYvyGJQv9Msr6yt9J6CEhCoY4zi8kiSF5xwZybnxUR4NRAHwg6yb3u5vPpSupVPCX4YXBzxBhYf8VFDWL
+JWT_ACCESS_SECRET_TOKEN=VrdWi58a8taiugDqLyefgSC7UkTx32sV9B8JRsv7mf7xtqDGYvyGJQv9Msr6yt9J6CEhCoY4zi8kiSF5xwZybnxUR4NRAHwg6yb3u5vPpSupVPCX4YXBzxBhYf8VFDWL
 JWT_ACCESS_TOKEN_EXPIRES_IN=10s
 JWT_REFRESH_SECRET_TOKEN=fzeDYxqAwapb3GPWPn2hsPBKrDHDyQsKuGcLdikFhznnY6efbxpYSyWD6BxqTkSVpQTDH5XgD4q4qahUxDNaiFZsV4j2Vyy9HmPFNMBDJURxv5rvTTaw2zcTvQWtenz4
 JWT_REFRESH_TOKEN_EXPIRES_IN=20s
@@ -9,6 +9,10 @@ POSTGRES_USERNAME=waisy
 POSTGRES_PASSWORD=1234
 POSTGRES_DATABASE=waisy
 POSTGRES_HOST=localhost
-POSTGRES_PORT=5432
+POSTGRES_PORT=5431
 POSTGRES_SYNCHRONIZE=true
 POSTGRES_MIGRATIONS_RUN=false
+EMAIL_VERIFICATION_CODE_LIFETIME_MINUTES=10
+EMAIL_VERIFICATION_CODE_MAX_SENDING_ATTEMPTS=3
+EMAIL_VERIFICATION_CODE_MAX_INPUT_ATTEMPTS=3
+UNISENDER_API_SECRET_KEY=1234
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -22,9 +22,23 @@ module.exports = {
         allowConciseArrowFunctionExpressionsStartingWithVoid: true,
       },
     ],
+    '@typescript-eslint/explicit-member-accessibility': [
+      'warn',
+      {
+        accessibility: 'explicit',
+        overrides: {
+          constructors: 'no-public',
+          properties: 'off',
+          parameterProperties: 'explicit',
+          methods: 'explicit',
+          accessors: 'explicit',
+        },
+      },
+    ],
     '@typescript-eslint/explicit-module-boundary-types': 'off',
     '@typescript-eslint/no-explicit-any': 'off',
     '@typescript-eslint/no-unused-vars': ['warn'],
+    'no-console': ['warn'],
     'prettier/prettier': ['warn'],
   },
 }
diff --git a/.github/workflows/node.yml b/.github/workflows/node.yml
@@ -18,7 +18,7 @@ jobs:
       postgres:
         image: postgres:${{ matrix.postgres-version }}
         ports:
-          - 5432:5432
+          - 5431:5432
         env:
           POSTGRES_PASSWORD: 1234
           POSTGRES_USER: waisy
@@ -29,9 +29,10 @@ jobs:
           --health-retries 5
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout code
+        uses: actions/checkout@v4
 
-      - name: Install Node.js ${{ matrix.node-version }}
+      - name: Set up Node.js
         uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node-version }}
@@ -40,17 +41,15 @@ jobs:
       - name: Install dependencies
         run: npm ci
 
-      - name: Check for formatting
-        run: npm run format:check
+      - name: Code Quality Checks
+        run: |
+          npm run format:check
+          npm run lint:check
 
-      - name: Check for linting
-        run: npm run lint:check
-
-      - name: GraphQL generate schema
+      - name: Generate GraphQL schema
         run: npm run graphql:generate-schema
 
-      - name: Run tests
-        run: npm test
-
-      - name: Runt e2e tests
-        run: npm run test:e2e
+      - name: Execute Tests
+        run: |
+          npm test
+          npm run test:e2e
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -38,7 +38,7 @@
     "@nestjs/passport": "^10.0.2",
     "@nestjs/platform-express": "^10.0.0",
     "@nestjs/typeorm": "^10.0.0",
-    "bcrypt": "^5.1.1",
+    "argon2": "^0.31.2",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.0",
     "graphql": "^16.8.1",
@@ -51,6 +51,7 @@
     "passport-local": "^1.0.0",
     "pg": "^8.11.3",
     "reflect-metadata": "^0.1.13",
+    "request-ip": "^3.3.0",
     "rxjs": "^7.8.1",
     "typeorm": "^0.3.17",
     "winston": "^3.11.0"
@@ -59,12 +60,12 @@
     "@nestjs/cli": "^10.0.0",
     "@nestjs/schematics": "^10.0.0",
     "@nestjs/testing": "^10.0.0",
-    "@types/bcrypt": "^5.0.1",
     "@types/express": "^4.17.17",
     "@types/jest": "^29.5.2",
     "@types/node": "^20.3.1",
     "@types/passport-jwt": "^3.0.11",
     "@types/passport-local": "^1.0.37",
+    "@types/request-ip": "^0.0.41",
     "@types/supertest": "^2.0.12",
     "@typescript-eslint/eslint-plugin": "^6.0.0",
     "@typescript-eslint/parser": "^6.0.0",

diff --git a/src/apollo-plugins/complexity.plugin.ts b/src/apollo-plugins/complexity.plugin.ts
@@ -1,10 +1,15 @@
-import {GraphQLSchemaHost} from '@nestjs/graphql'
 import {Plugin} from '@nestjs/apollo'
+import {GraphQLSchemaHost} from '@nestjs/graphql'
 import {fieldExtensionsEstimator, getComplexity, simpleEstimator} from 'graphql-query-complexity'
-import {ApolloServerPlugin, GraphQLRequestListener} from '@apollo/server'
+import {
+  ApolloServerPlugin,
+  BaseContext,
+  GraphQLRequestContextDidResolveOperation,
+  GraphQLRequestListener,
+} from '@apollo/server'
 import {Logger} from '@nestjs/common'
 import {GraphqlConfigService} from '../config/graphql/graphql.config.service'
-import {GraphqlComplexityLimitException} from '../exceptions/graphql-complexity-limit.exception'
+import {GraphqlComplexityLimitException} from '../exceptions/graphql-complexity-limit/graphql-complexity-limit.exception'
 
 @Plugin()
 export class ComplexityPlugin implements ApolloServerPlugin {
@@ -15,26 +20,38 @@ export class ComplexityPlugin implements ApolloServerPlugin {
     private readonly graphqlConfigService: GraphqlConfigService,
   ) {}
 
-  async requestDidStart(): Promise<GraphQLRequestListener<any>> {
-    const logger = this.logger
-    const maxComplexity = this.graphqlConfigService.complexityLimit
+  public async requestDidStart(): Promise<GraphQLRequestListener<BaseContext>> {
+    return {didResolveOperation: this.resolveOperation.bind(this)}
+  }
+
+  private async resolveOperation(
+    context: GraphQLRequestContextDidResolveOperation<BaseContext>,
+  ): Promise<void> {
+    const complexity = this.calculateComplexity(context)
+    this.enforceComplexityLimit(complexity)
+    this.logger.debug(`Query complexity: ${complexity}`)
+  }
+
+  private calculateComplexity({
+    request,
+    document,
+  }: GraphQLRequestContextDidResolveOperation<BaseContext>): number {
     const defaultComplexity = 1
     const {schema} = this.gqlSchemaHost
-    return {
-      async didResolveOperation({request, document}) {
-        const complexity = getComplexity({
-          schema,
-          operationName: request.operationName,
-          query: document,
-          variables: request.variables,
-          estimators: [fieldExtensionsEstimator(), simpleEstimator({defaultComplexity})],
-        })
-        if (complexity > maxComplexity) {
-          const errorText = `Query is too complex: ${complexity}. Maximum allowed complexity: ${maxComplexity}`
-          throw new GraphqlComplexityLimitException(errorText)
-        }
-        logger.debug(`Query complexity: ${complexity}`)
-      },
+    return getComplexity({
+      schema,
+      operationName: request.operationName,
+      query: document,
+      variables: request.variables,
+      estimators: [fieldExtensionsEstimator(), simpleEstimator({defaultComplexity})],
+    })
+  }
+
+  private enforceComplexityLimit(complexity: number): void {
+    const maxComplexity = this.graphqlConfigService.complexityLimit
+    if (complexity > maxComplexity) {
+      const errorText = `Query is too complex: ${complexity}. Maximum allowed complexity: ${maxComplexity}`
+      throw new GraphqlComplexityLimitException(errorText)
     }
   }
 }