eat: Create the auth_username_pasword module

Blckbrry-Pi · Blckbrry-Pi · commit 6c094f1060f9 · 2024-08-03T18:54:43.000-04:00
diff --git a/modules/auth_username_password/config.ts b/modules/auth_username_password/config.ts
@@ -0,0 +1,3 @@
+export interface Config {
+	enable: boolean;
+}
diff --git a/modules/auth_username_password/module.json b/modules/auth_username_password/module.json
@@ -0,0 +1,43 @@
+{
+    "name": "Auth Username Password",
+    "description": "Authenticate users with a username/password combination.",
+    "icon": "key",
+    "tags": [
+        "core",
+        "auth",
+        "user"
+    ],
+    "authors": [
+        "rivet-gg",
+        "Blckbrry-Pi"
+    ],
+    "status": "stable",
+    "dependencies": {
+        "users": {},
+        "rate_limit": {},
+        "user_passwords": {}
+    },
+    "scripts": {
+		"sign_up": {
+			"name": "Sign Up with Username and Password",
+			"description": "Sign up a new user with a username and password.",
+			"public": true
+		},
+		"sign_in": {
+			"name": "Sign In with Username and Password",
+			"description": "Sign in a user with a username and password.",
+			"public": true
+		}
+    },
+    "errors": {
+        "provider_disabled": {
+            "name": "Provider Disabled"
+        },
+        "username_or_password_invalid": {
+            "name": "Username or Password Invalid"
+        },
+        "user_already_exists": {
+            "name": "User Already Exists"
+        }
+    }
+}
diff --git a/modules/auth_username_password/scripts/sign_in.ts b/modules/auth_username_password/scripts/sign_in.ts
@@ -0,0 +1,44 @@
+import { TokenWithSecret } from "../../tokens/utils/types.ts";
+import { RuntimeError } from "../module.gen.ts";
+import { ScriptContext } from "../module.gen.ts";
+
+export interface Request {
+	username: string;
+	password: string;
+}
+
+export interface Response {
+	token: TokenWithSecret;
+}
+
+export async function run(
+	ctx: ScriptContext,
+	req: Request,
+): Promise<Response> {
+	await ctx.modules.rateLimit.throttlePublic({});
+
+	if (!ctx.config.enable) throw new RuntimeError("provider_disabled");
+
+	const { users: [user] } = await ctx.modules.users.fetchByUname({
+		usernames: [req.username],
+	});
+
+	if (!user) throw new RuntimeError("invalid_username_or_password");
+
+	const { id } = user;
+
+	try {
+		await ctx.modules.userPasswords.verify({
+			userId: id,
+			password: req.password,
+		});
+	} catch (e) {
+		if (e instanceof RuntimeError) {
+			throw new RuntimeError("invalid_username_or_password");
+		} else {
+			throw e;
+		}
+	}
+
+	return await ctx.modules.users.createToken({  userId: id });
+}
diff --git a/modules/auth_username_password/scripts/sign_up.ts b/modules/auth_username_password/scripts/sign_up.ts
@@ -0,0 +1,39 @@
+import { TokenWithSecret } from "../../tokens/utils/types.ts";
+import { RuntimeError } from "../module.gen.ts";
+import { ScriptContext } from "../module.gen.ts";
+
+export interface Request {
+	username: string;
+	password: string;
+}
+
+export interface Response {
+	token: TokenWithSecret;
+}
+
+export async function run(
+	ctx: ScriptContext,
+	req: Request,
+): Promise<Response> {
+	await ctx.modules.rateLimit.throttlePublic({});
+
+	if (!ctx.config.enable) throw new RuntimeError("provider_disabled");
+
+	const { users: [existing] } = await ctx.modules.users.fetchByUname({
+		usernames: [req.username],
+	});
+
+	if (existing) throw new RuntimeError("user_already_exists");
+
+	const { user } = await ctx.modules.users.create({
+		username: req.username,
+	});
+
+	await ctx.modules.userPasswords.add({
+		userId: user.id,
+		password: req.password,
+	});
+
+	// Sign in the user
+	return await ctx.modules.authUsernamePassword.signIn(req);
+}
diff --git a/modules/auth_username_password/tests/e2e.ts b/modules/auth_username_password/tests/e2e.ts
@@ -0,0 +1,75 @@
+import { test, TestContext } from "../module.gen.ts";
+import { assertExists, assertEquals, assertRejects } from "https://deno.land/std@0.217.0/assert/mod.ts";
+import { faker } from "https://deno.land/x/deno_faker@v1.0.3/mod.ts";
+import { RuntimeError } from "../module.gen.ts";
+
+test("test_sign_up", async (ctx: TestContext) => {
+	const username = faker.internet.userName();
+	const password = faker.internet.password();
+
+	// MARK: Should be able to sign up and things should match
+	const { token } = await ctx.modules.authUsernamePassword.signUp({
+		username,
+		password,
+	});
+
+	const { userId } = await ctx.modules.users.authenticateToken({
+		userToken: token.token,
+	});
+
+
+	const { users: [user] } = await ctx.modules.users.fetchByUname({
+		usernames: [username],
+	});
+
+	assertExists(user);
+	assertEquals(user.id, userId);
+
+	// MARK: Should not be able to sign up with the same username
+	const error = await assertRejects(async () => {
+		await ctx.modules.authUsernamePassword.signUp({
+			username,
+			password,
+		});
+	}, RuntimeError);
+	assertEquals(error.code, "user_already_exists");
+});
+
+test("test_sign_in", async (ctx: TestContext) => {
+	const username = faker.internet.userName();
+	const password = faker.internet.password();
+
+	// MARK: Sign up
+	await ctx.modules.authUsernamePassword.signUp({
+		username,
+		password,
+	});
+
+	// MARK: Can sign in with correct credentials
+	const { token } = await ctx.modules.authUsernamePassword.signIn({
+		username,
+		password,
+	});
+
+	const { userId } = await ctx.modules.users.authenticateToken({
+		userToken: token.token,
+	});
+
+	const { users: [user] } = await ctx.modules.users.fetchByUname({
+		usernames: [username],
+	});
+
+	assertExists(user);
+	assertEquals(user.id, userId);
+	assertEquals(user.username, username);
+
+	// MARK: Can't sign in with wrong password
+	const error = await assertRejects(async () => {
+		await ctx.modules.authUsernamePassword.signIn({
+			username,
+			password: faker.internet.password(),
+		});
+	}, RuntimeError);
+	assertEquals(error.code, "invalid_username_or_password");
+});
+
diff --git a/modules/auth_username_password/utils/types.ts b/modules/auth_username_password/utils/types.ts
@@ -0,0 +1,8 @@
+export interface Verification {
+	id: string;
+}
+
+export interface Session {
+	token: string;
+	expireAt: string;
+}
diff --git a/modules/users/module.json b/modules/users/module.json
@@ -20,6 +20,9 @@
             "name": "Fetch User",
             "public": true
         },
+        "fetch_by_uname": {
+            "name": "Fetch User by Username"
+        },
         "create": {
             "name": "Create User"
         },
diff --git a/modules/users/scripts/fetch_by_uname.ts b/modules/users/scripts/fetch_by_uname.ts
@@ -0,0 +1,24 @@
+import { ScriptContext } from "../module.gen.ts";
+import { User } from "../utils/types.ts";
+
+export interface Request {
+	usernames: string[];
+}
+
+export interface Response {
+	users: User[];
+}
+
+export async function run(
+	ctx: ScriptContext,
+	req: Request,
+): Promise<Response> {
+	await ctx.modules.rateLimit.throttlePublic({});
+
+	const users = await ctx.db.user.findMany({
+		where: { username: { in: req.usernames } },
+		orderBy: { username: "desc" },
+	});
+
+	return { users };
+}
diff --git a/tests/basic/backend.json b/tests/basic/backend.json
@@ -38,6 +38,12 @@
                 }
             }
         },
+        "auth_username_password": {
+            "registry": "local",
+            "config": {
+                "enable": true
+            }
+        },
         "identities": {
             "registry": "local"
         },

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+export interface Config {`
	`2`	`+ enable: boolean;`
	`3`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -38,6 +38,12 @@`
`38`	`38`	`}`
`39`	`39`	`}`
`40`	`40`	`},`
	`41`	`+ "auth_username_password": {`
	`42`	`+ "registry": "local",`
	`43`	`+ "config": {`
	`44`	`+ "enable": true`
	`45`	`+ }`
	`46`	`+ },`
`41`	`47`	`"identities": {`
`42`	`48`	`"registry": "local"`
`43`	`49`	`},`