♻️ (builder) Change to features-centric folder structure

2022-11-15 09:35:48 +01:00
parent 3686465a85
commit 643571fe7d
683 changed files with 3907 additions and 3643 deletions
--- a/apps/builder/src/pages/api/auth/[...nextauth].ts
+++ b/apps/builder/src/pages/api/auth/[...nextauth].ts
@@ -0,0 +1,197 @@
+import NextAuth, { Account } from 'next-auth'
+import EmailProvider from 'next-auth/providers/email'
+import GitHubProvider from 'next-auth/providers/github'
+import GitlabProvider from 'next-auth/providers/gitlab'
+import GoogleProvider from 'next-auth/providers/google'
+import FacebookProvider from 'next-auth/providers/facebook'
+import AzureADProvider from 'next-auth/providers/azure-ad'
+import prisma from '@/lib/prisma'
+import { Provider } from 'next-auth/providers'
+import { NextApiRequest, NextApiResponse } from 'next'
+import { withSentry } from '@sentry/nextjs'
+import { CustomAdapter } from './adapter'
+import { User } from 'db'
+import { env, isNotEmpty } from 'utils'
+import { mockedUser } from '@/features/auth'
+
+const providers: Provider[] = []
+
+if (
+  isNotEmpty(process.env.GITHUB_CLIENT_ID) &&
+  isNotEmpty(process.env.GITHUB_CLIENT_SECRET)
+)
+  providers.push(
+    GitHubProvider({
+      clientId: process.env.GITHUB_CLIENT_ID,
+      clientSecret: process.env.GITHUB_CLIENT_SECRET,
+    })
+  )
+
+if (isNotEmpty(env('SMTP_FROM')) && process.env.SMTP_AUTH_DISABLED !== 'true')
+  providers.push(
+    EmailProvider({
+      server: {
+        host: process.env.SMTP_HOST,
+        port: process.env.SMTP_PORT ? Number(process.env.SMTP_PORT) : 25,
+        secure: process.env.SMTP_SECURE
+          ? process.env.SMTP_SECURE === 'true'
+          : false,
+        auth: {
+          user: process.env.SMTP_USERNAME,
+          pass: process.env.SMTP_PASSWORD,
+        },
+      },
+      from: env('SMTP_FROM'),
+    })
+  )
+
+if (
+  isNotEmpty(process.env.GOOGLE_CLIENT_ID) &&
+  isNotEmpty(process.env.GOOGLE_CLIENT_SECRET)
+)
+  providers.push(
+    GoogleProvider({
+      clientId: process.env.GOOGLE_CLIENT_ID,
+      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
+    })
+  )
+
+if (
+  isNotEmpty(process.env.FACEBOOK_CLIENT_ID) &&
+  isNotEmpty(process.env.FACEBOOK_CLIENT_SECRET)
+)
+  providers.push(
+    FacebookProvider({
+      clientId: process.env.FACEBOOK_CLIENT_ID,
+      clientSecret: process.env.FACEBOOK_CLIENT_SECRET,
+    })
+  )
+
+if (
+  isNotEmpty(process.env.GITLAB_CLIENT_ID) &&
+  isNotEmpty(process.env.GITLAB_CLIENT_SECRET)
+) {
+  const BASE_URL = process.env.GITLAB_BASE_URL || 'https://gitlab.com'
+  providers.push(
+    GitlabProvider({
+      clientId: process.env.GITLAB_CLIENT_ID,
+      clientSecret: process.env.GITLAB_CLIENT_SECRET,
+      authorization: `${BASE_URL}/oauth/authorize?scope=read_api`,
+      token: `${BASE_URL}/oauth/token`,
+      userinfo: `${BASE_URL}/api/v4/user`,
+      name: process.env.GITLAB_NAME || 'GitLab',
+    })
+  )
+}
+
+if (
+  isNotEmpty(process.env.AZURE_AD_CLIENT_ID) &&
+  isNotEmpty(process.env.AZURE_AD_CLIENT_SECRET) &&
+  isNotEmpty(process.env.AZURE_AD_TENANT_ID)
+) {
+  providers.push(
+    AzureADProvider({
+      clientId: process.env.AZURE_AD_CLIENT_ID,
+      clientSecret: process.env.AZURE_AD_CLIENT_SECRET,
+      tenantId: process.env.AZURE_AD_TENANT_ID,
+    })
+  )
+}
+
+const handler = (req: NextApiRequest, res: NextApiResponse) => {
+  if (
+    req.method === 'GET' &&
+    req.url === '/api/auth/session' &&
+    env('E2E_TEST') === 'true'
+  ) {
+    res.send({ user: mockedUser })
+    return
+  }
+  if (req.method === 'HEAD') {
+    res.status(200)
+    return
+  }
+  NextAuth(req, res, {
+    adapter: CustomAdapter(prisma),
+    secret: process.env.ENCRYPTION_SECRET,
+    providers,
+    session: {
+      strategy: 'database',
+    },
+    callbacks: {
+      session: async ({ session, user }) => {
+        const userFromDb = user as User
+        await updateLastActivityDate(userFromDb)
+        return {
+          ...session,
+          user: userFromDb,
+        }
+      },
+      signIn: async ({ account, user }) => {
+        const userExists = user?.graphNavigation !== undefined
+        if (!account || (process.env.DISABLE_SIGNUP === 'true' && !userExists))
+          return false
+        const requiredGroups = getRequiredGroups(account.provider)
+        if (requiredGroups.length > 0) {
+          const userGroups = await getUserGroups(account)
+          return checkHasGroups(userGroups, requiredGroups)
+        }
+        return true
+      },
+    },
+  })
+}
+
+const updateLastActivityDate = async (user: User) => {
+  const datesAreOnSameDay = (first: Date, second: Date) =>
+    first.getFullYear() === second.getFullYear() &&
+    first.getMonth() === second.getMonth() &&
+    first.getDate() === second.getDate()
+
+  if (!datesAreOnSameDay(user.lastActivityAt, new Date()))
+    await prisma.user.update({
+      where: { id: user.id },
+      data: { lastActivityAt: new Date() },
+    })
+}
+
+const getUserGroups = async (account: Account): Promise<string[]> => {
+  switch (account.provider) {
+    case 'gitlab': {
+      const getGitlabGroups = async (
+        accessToken: string,
+        page = 1
+      ): Promise<{ full_path: string }[]> => {
+        const res = await fetch(
+          `${
+            process.env.GITLAB_BASE_URL || 'https://gitlab.com'
+          }/api/v4/groups?per_page=100&page=${page}`,
+          { headers: { Authorization: `Bearer ${accessToken}` } }
+        )
+        const groups: { full_path: string }[] = await res.json()
+        const nextPage = parseInt(res.headers.get('X-Next-Page') || '')
+        if (nextPage)
+          groups.push(...(await getGitlabGroups(accessToken, nextPage)))
+        return groups
+      }
+      const groups = await getGitlabGroups(account.access_token as string)
+      return groups.map((group) => group.full_path)
+    }
+    default:
+      return []
+  }
+}
+
+const getRequiredGroups = (provider: string): string[] => {
+  switch (provider) {
+    case 'gitlab':
+      return process.env.GITLAB_REQUIRED_GROUPS?.split(',') || []
+    default:
+      return []
+  }
+}
+
+const checkHasGroups = (userGroups: string[], requiredGroups: string[]) =>
+  userGroups?.some((userGroup) => requiredGroups?.includes(userGroup))
+
+export default withSentry(handler)
--- a/apps/builder/src/pages/api/auth/adapter.ts
+++ b/apps/builder/src/pages/api/auth/adapter.ts
@@ -0,0 +1,202 @@
+// Forked from https://github.com/nextauthjs/adapters/blob/main/packages/prisma/src/index.ts
+import {
+  PrismaClient,
+  Prisma,
+  Invitation,
+  Plan,
+  WorkspaceRole,
+  WorkspaceInvitation,
+} from 'db'
+import type { Adapter, AdapterUser } from 'next-auth/adapters'
+import cuid from 'cuid'
+import { got } from 'got'
+import { generateId } from 'utils'
+
+type InvitationWithWorkspaceId = Invitation & {
+  typebot: {
+    workspaceId: string | null
+  }
+}
+
+export function CustomAdapter(p: PrismaClient): Adapter {
+  return {
+    createUser: async (data: Omit<AdapterUser, 'id'>) => {
+      const user = { id: cuid(), email: data.email as string }
+      const invitations = await p.invitation.findMany({
+        where: { email: user.email },
+        include: { typebot: { select: { workspaceId: true } } },
+      })
+      const workspaceInvitations = await p.workspaceInvitation.findMany({
+        where: { email: user.email },
+      })
+      if (
+        process.env.DISABLE_SIGNUP === 'true' &&
+        process.env.ADMIN_EMAIL !== data.email
+      )
+        throw Error('New users are forbidden')
+      const createdUser = await p.user.create({
+        data: {
+          ...data,
+          id: user.id,
+          apiTokens: {
+            create: { name: 'Default', token: generateId(24) },
+          },
+          workspaces:
+            workspaceInvitations.length > 0
+              ? undefined
+              : {
+                  create: {
+                    role: WorkspaceRole.ADMIN,
+                    workspace: {
+                      create: {
+                        name: data.name
+                          ? `${data.name}'s workspace`
+                          : `My workspace`,
+                        ...(process.env.ADMIN_EMAIL === data.email
+                          ? { plan: Plan.LIFETIME }
+                          : {
+                              plan: Plan.FREE,
+                            }),
+                      },
+                    },
+                  },
+                },
+        },
+      })
+      if (process.env.USER_CREATED_WEBHOOK_URL)
+        await got.post(process.env.USER_CREATED_WEBHOOK_URL, {
+          json: {
+            email: data.email,
+            name: data.name ? (data.name as string).split(' ')[0] : undefined,
+          },
+        })
+      if (invitations.length > 0)
+        await convertInvitationsToCollaborations(p, user, invitations)
+      if (workspaceInvitations.length > 0)
+        await joinWorkspaces(p, user, workspaceInvitations)
+      return createdUser
+    },
+    getUser: (id) => p.user.findUnique({ where: { id } }),
+    getUserByEmail: (email) => p.user.findUnique({ where: { email } }),
+    async getUserByAccount(provider_providerAccountId) {
+      const account = await p.account.findUnique({
+        where: { provider_providerAccountId },
+        select: { user: true },
+      })
+      return account?.user ?? null
+    },
+    updateUser: (data) => p.user.update({ where: { id: data.id }, data }),
+    deleteUser: (id) => p.user.delete({ where: { id } }),
+    linkAccount: async (data) => {
+      await p.account.create({
+        data: {
+          userId: data.userId,
+          type: data.type,
+          provider: data.provider,
+          providerAccountId: data.providerAccountId,
+          refresh_token: data.refresh_token,
+          access_token: data.access_token,
+          expires_at: data.expires_at,
+          token_type: data.token_type,
+          scope: data.scope,
+          id_token: data.id_token,
+          session_state: data.session_state,
+          oauth_token_secret: data.oauth_token_secret as string,
+          oauth_token: data.oauth_token as string,
+          refresh_token_expires_in: data.refresh_token_expires_in as number,
+        },
+      })
+    },
+    unlinkAccount: async (provider_providerAccountId) => {
+      await p.account.delete({ where: { provider_providerAccountId } })
+    },
+    async getSessionAndUser(sessionToken) {
+      const userAndSession = await p.session.findUnique({
+        where: { sessionToken },
+        include: { user: true },
+      })
+      if (!userAndSession) return null
+      const { user, ...session } = userAndSession
+      return { user, session }
+    },
+    createSession: (data) => p.session.create({ data }),
+    updateSession: (data) =>
+      p.session.update({ data, where: { sessionToken: data.sessionToken } }),
+    deleteSession: (sessionToken) =>
+      p.session.delete({ where: { sessionToken } }),
+    createVerificationToken: (data) => p.verificationToken.create({ data }),
+    async useVerificationToken(identifier_token) {
+      try {
+        return await p.verificationToken.delete({ where: { identifier_token } })
+      } catch (error) {
+        if ((error as Prisma.PrismaClientKnownRequestError).code === 'P2025')
+          return null
+        throw error
+      }
+    },
+  }
+}
+
+const convertInvitationsToCollaborations = async (
+  p: PrismaClient,
+  { id, email }: { id: string; email: string },
+  invitations: InvitationWithWorkspaceId[]
+) => {
+  await p.collaboratorsOnTypebots.createMany({
+    data: invitations.map((invitation) => ({
+      typebotId: invitation.typebotId,
+      type: invitation.type,
+      userId: id,
+    })),
+  })
+  const workspaceInvitations = invitations.reduce<InvitationWithWorkspaceId[]>(
+    (acc, invitation) =>
+      acc.some(
+        (inv) => inv.typebot.workspaceId === invitation.typebot.workspaceId
+      )
+        ? acc
+        : [...acc, invitation],
+    []
+  )
+  for (const invitation of workspaceInvitations) {
+    if (!invitation.typebot.workspaceId) continue
+    await p.memberInWorkspace.upsert({
+      where: {
+        userId_workspaceId: {
+          userId: id,
+          workspaceId: invitation.typebot.workspaceId,
+        },
+      },
+      create: {
+        userId: id,
+        workspaceId: invitation.typebot.workspaceId,
+        role: WorkspaceRole.GUEST,
+      },
+      update: {},
+    })
+  }
+  return p.invitation.deleteMany({
+    where: {
+      email,
+    },
+  })
+}
+
+const joinWorkspaces = async (
+  p: PrismaClient,
+  { id, email }: { id: string; email: string },
+  invitations: WorkspaceInvitation[]
+) => {
+  await p.memberInWorkspace.createMany({
+    data: invitations.map((invitation) => ({
+      workspaceId: invitation.workspaceId,
+      role: invitation.type,
+      userId: id,
+    })),
+  })
+  return p.workspaceInvitation.deleteMany({
+    where: {
+      email,
+    },
+  })
+}