-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit b5852ec
Showing
54 changed files
with
13,491 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| node_modules/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| { | ||
| "packages": [ | ||
| "packages/*" | ||
| ], | ||
| "version": "0.0.0" | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| { | ||
| "name": "root", | ||
| "private": true, | ||
| "devDependencies": { | ||
| "lerna": "^4.0.0" | ||
| }, | ||
| "scripts": { | ||
| "server": "yarn --cwd packages/backend dev", | ||
| "web": "yarn --cwd packages/web dev" | ||
| }, | ||
| "dependencies": { | ||
| "nodemon": "^2.0.15" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| node_modules | ||
| # Keep environment variables out of version control | ||
| .env |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,217 @@ | ||
| /// <reference types="node" /> | ||
| import { inferAsyncReturnType } from "@trpc/server"; | ||
| import * as trpc from "@trpc/server"; | ||
| import { NodeHTTPCreateContextFnOptions } from "@trpc/server/dist/declarations/src/adapters/node-http"; | ||
| import { IncomingMessage, ServerResponse } from "http"; | ||
| import { User } from ".prisma/client"; | ||
| export declare const isAdmin: (userRole: User["role"] | undefined) => boolean | undefined; | ||
| declare const createContext: ({ req, res, }: NodeHTTPCreateContextFnOptions<IncomingMessage, ServerResponse>) => Promise<{ | ||
| headers: import("http").IncomingHttpHeaders; | ||
| user: User | null; | ||
| isAdmin: boolean | undefined; | ||
| req: { | ||
| id: string; | ||
| aborted: boolean; | ||
| httpVersion: string; | ||
| httpVersionMajor: number; | ||
| httpVersionMinor: number; | ||
| complete: boolean; | ||
| connection: import("net").Socket; | ||
| socket: import("net").Socket; | ||
| headers: import("http").IncomingHttpHeaders; | ||
| rawHeaders: string[]; | ||
| trailers: NodeJS.Dict<string>; | ||
| rawTrailers: string[]; | ||
| method?: string | undefined; | ||
| url?: string | undefined; | ||
| statusCode?: number | undefined; | ||
| statusMessage?: string | undefined; | ||
| readableAborted: boolean; | ||
| readable: boolean; | ||
| readableDidRead: boolean; | ||
| readableEncoding: BufferEncoding | null; | ||
| readableEnded: boolean; | ||
| readableFlowing: boolean | null; | ||
| readableHighWaterMark: number; | ||
| readableLength: number; | ||
| readableObjectMode: boolean; | ||
| destroyed: boolean; | ||
| off(eventName: string | symbol, listener: (...args: any[]) => void): IncomingMessage; | ||
| removeAllListeners(event?: string | symbol | undefined): IncomingMessage; | ||
| setMaxListeners(n: number): IncomingMessage; | ||
| getMaxListeners(): number; | ||
| listeners(eventName: string | symbol): Function[]; | ||
| rawListeners(eventName: string | symbol): Function[]; | ||
| listenerCount(eventName: string | symbol): number; | ||
| eventNames(): (string | symbol)[]; | ||
| }; | ||
| res: ServerResponse; | ||
| }>; | ||
| export declare const protectedRoute: import("@trpc/server/dist/declarations/src/router").Router<{ | ||
| headers: import("http").IncomingHttpHeaders; | ||
| user: User | null; | ||
| isAdmin: boolean | undefined; | ||
| req: { | ||
| id: string; | ||
| aborted: boolean; | ||
| httpVersion: string; | ||
| httpVersionMajor: number; | ||
| httpVersionMinor: number; | ||
| complete: boolean; | ||
| connection: import("net").Socket; | ||
| socket: import("net").Socket; | ||
| headers: import("http").IncomingHttpHeaders; | ||
| rawHeaders: string[]; | ||
| trailers: NodeJS.Dict<string>; | ||
| rawTrailers: string[]; | ||
| method?: string | undefined; | ||
| url?: string | undefined; | ||
| statusCode?: number | undefined; | ||
| statusMessage?: string | undefined; | ||
| readableAborted: boolean; | ||
| readable: boolean; | ||
| readableDidRead: boolean; | ||
| readableEncoding: BufferEncoding | null; | ||
| readableEnded: boolean; | ||
| readableFlowing: boolean | null; | ||
| readableHighWaterMark: number; | ||
| readableLength: number; | ||
| readableObjectMode: boolean; | ||
| destroyed: boolean; | ||
| off(eventName: string | symbol, listener: (...args: any[]) => void): IncomingMessage; | ||
| removeAllListeners(event?: string | symbol | undefined): IncomingMessage; | ||
| setMaxListeners(n: number): IncomingMessage; | ||
| getMaxListeners(): number; | ||
| listeners(eventName: string | symbol): Function[]; | ||
| rawListeners(eventName: string | symbol): Function[]; | ||
| listenerCount(eventName: string | symbol): number; | ||
| eventNames(): (string | symbol)[]; | ||
| }; | ||
| res: ServerResponse; | ||
| }, { | ||
| headers: import("http").IncomingHttpHeaders; | ||
| user: User | null; | ||
| isAdmin: boolean | undefined; | ||
| req: { | ||
| id: string; | ||
| aborted: boolean; | ||
| httpVersion: string; | ||
| httpVersionMajor: number; | ||
| httpVersionMinor: number; | ||
| complete: boolean; | ||
| connection: import("net").Socket; | ||
| socket: import("net").Socket; | ||
| headers: import("http").IncomingHttpHeaders; | ||
| rawHeaders: string[]; | ||
| trailers: NodeJS.Dict<string>; | ||
| rawTrailers: string[]; | ||
| method?: string | undefined; | ||
| url?: string | undefined; | ||
| statusCode?: number | undefined; | ||
| statusMessage?: string | undefined; | ||
| readableAborted: boolean; | ||
| readable: boolean; | ||
| readableDidRead: boolean; | ||
| readableEncoding: BufferEncoding | null; | ||
| readableEnded: boolean; | ||
| readableFlowing: boolean | null; | ||
| readableHighWaterMark: number; | ||
| readableLength: number; | ||
| readableObjectMode: boolean; | ||
| destroyed: boolean; | ||
| off(eventName: string | symbol, listener: (...args: any[]) => void): IncomingMessage; | ||
| removeAllListeners(event?: string | symbol | undefined): IncomingMessage; | ||
| setMaxListeners(n: number): IncomingMessage; | ||
| getMaxListeners(): number; | ||
| listeners(eventName: string | symbol): Function[]; | ||
| rawListeners(eventName: string | symbol): Function[]; | ||
| listenerCount(eventName: string | symbol): number; | ||
| eventNames(): (string | symbol)[]; | ||
| }; | ||
| res: ServerResponse; | ||
| }, {}, {}, {}, trpc.DefaultErrorShape>; | ||
| export declare const adminRoute: import("@trpc/server/dist/declarations/src/router").Router<{ | ||
| headers: import("http").IncomingHttpHeaders; | ||
| user: User | null; | ||
| isAdmin: boolean | undefined; | ||
| req: { | ||
| id: string; | ||
| aborted: boolean; | ||
| httpVersion: string; | ||
| httpVersionMajor: number; | ||
| httpVersionMinor: number; | ||
| complete: boolean; | ||
| connection: import("net").Socket; | ||
| socket: import("net").Socket; | ||
| headers: import("http").IncomingHttpHeaders; | ||
| rawHeaders: string[]; | ||
| trailers: NodeJS.Dict<string>; | ||
| rawTrailers: string[]; | ||
| method?: string | undefined; | ||
| url?: string | undefined; | ||
| statusCode?: number | undefined; | ||
| statusMessage?: string | undefined; | ||
| readableAborted: boolean; | ||
| readable: boolean; | ||
| readableDidRead: boolean; | ||
| readableEncoding: BufferEncoding | null; | ||
| readableEnded: boolean; | ||
| readableFlowing: boolean | null; | ||
| readableHighWaterMark: number; | ||
| readableLength: number; | ||
| readableObjectMode: boolean; | ||
| destroyed: boolean; | ||
| off(eventName: string | symbol, listener: (...args: any[]) => void): IncomingMessage; | ||
| removeAllListeners(event?: string | symbol | undefined): IncomingMessage; | ||
| setMaxListeners(n: number): IncomingMessage; | ||
| getMaxListeners(): number; | ||
| listeners(eventName: string | symbol): Function[]; | ||
| rawListeners(eventName: string | symbol): Function[]; | ||
| listenerCount(eventName: string | symbol): number; | ||
| eventNames(): (string | symbol)[]; | ||
| }; | ||
| res: ServerResponse; | ||
| }, { | ||
| headers: import("http").IncomingHttpHeaders; | ||
| user: User | null; | ||
| isAdmin: boolean | undefined; | ||
| req: { | ||
| id: string; | ||
| aborted: boolean; | ||
| httpVersion: string; | ||
| httpVersionMajor: number; | ||
| httpVersionMinor: number; | ||
| complete: boolean; | ||
| connection: import("net").Socket; | ||
| socket: import("net").Socket; | ||
| headers: import("http").IncomingHttpHeaders; | ||
| rawHeaders: string[]; | ||
| trailers: NodeJS.Dict<string>; | ||
| rawTrailers: string[]; | ||
| method?: string | undefined; | ||
| url?: string | undefined; | ||
| statusCode?: number | undefined; | ||
| statusMessage?: string | undefined; | ||
| readableAborted: boolean; | ||
| readable: boolean; | ||
| readableDidRead: boolean; | ||
| readableEncoding: BufferEncoding | null; | ||
| readableEnded: boolean; | ||
| readableFlowing: boolean | null; | ||
| readableHighWaterMark: number; | ||
| readableLength: number; | ||
| readableObjectMode: boolean; | ||
| destroyed: boolean; | ||
| off(eventName: string | symbol, listener: (...args: any[]) => void): IncomingMessage; | ||
| removeAllListeners(event?: string | symbol | undefined): IncomingMessage; | ||
| setMaxListeners(n: number): IncomingMessage; | ||
| getMaxListeners(): number; | ||
| listeners(eventName: string | symbol): Function[]; | ||
| rawListeners(eventName: string | symbol): Function[]; | ||
| listenerCount(eventName: string | symbol): number; | ||
| eventNames(): (string | symbol)[]; | ||
| }; | ||
| res: ServerResponse; | ||
| }, {}, {}, {}, trpc.DefaultErrorShape>; | ||
| export default createContext; | ||
| export declare type Context = inferAsyncReturnType<typeof createContext>; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,149 @@ | ||
| "use strict"; | ||
| var __assign = (this && this.__assign) || function () { | ||
| __assign = Object.assign || function(t) { | ||
| for (var s, i = 1, n = arguments.length; i < n; i++) { | ||
| s = arguments[i]; | ||
| for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) | ||
| t[p] = s[p]; | ||
| } | ||
| return t; | ||
| }; | ||
| return __assign.apply(this, arguments); | ||
| }; | ||
| var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); | ||
| }) : (function(o, m, k, k2) { | ||
| if (k2 === undefined) k2 = k; | ||
| o[k2] = m[k]; | ||
| })); | ||
| var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { | ||
| Object.defineProperty(o, "default", { enumerable: true, value: v }); | ||
| }) : function(o, v) { | ||
| o["default"] = v; | ||
| }); | ||
| var __importStar = (this && this.__importStar) || function (mod) { | ||
| if (mod && mod.__esModule) return mod; | ||
| var result = {}; | ||
| if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); | ||
| __setModuleDefault(result, mod); | ||
| return result; | ||
| }; | ||
| var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { | ||
| function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } | ||
| return new (P || (P = Promise))(function (resolve, reject) { | ||
| function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } | ||
| function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } | ||
| function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } | ||
| step((generator = generator.apply(thisArg, _arguments || [])).next()); | ||
| }); | ||
| }; | ||
| var __generator = (this && this.__generator) || function (thisArg, body) { | ||
| var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g; | ||
| return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g; | ||
| function verb(n) { return function (v) { return step([n, v]); }; } | ||
| function step(op) { | ||
| if (f) throw new TypeError("Generator is already executing."); | ||
| while (_) try { | ||
| if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; | ||
| if (y = 0, t) op = [op[0] & 2, t.value]; | ||
| switch (op[0]) { | ||
| case 0: case 1: t = op; break; | ||
| case 4: _.label++; return { value: op[1], done: false }; | ||
| case 5: _.label++; y = op[1]; op = [0]; continue; | ||
| case 7: op = _.ops.pop(); _.trys.pop(); continue; | ||
| default: | ||
| if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; } | ||
| if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; } | ||
| if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; } | ||
| if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; } | ||
| if (t[2]) _.ops.pop(); | ||
| _.trys.pop(); continue; | ||
| } | ||
| op = body.call(thisArg, _); | ||
| } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; } | ||
| if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true }; | ||
| } | ||
| }; | ||
| var __importDefault = (this && this.__importDefault) || function (mod) { | ||
| return (mod && mod.__esModule) ? mod : { "default": mod }; | ||
| }; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.adminRoute = exports.protectedRoute = exports.isAdmin = void 0; | ||
| var trpc = __importStar(require("@trpc/server")); | ||
| var crypto_1 = __importDefault(require("crypto")); | ||
| var auth_1 = require("./auth"); | ||
| var ADMIN_ROLES = ["ADMIN", "SUPERADMIN"]; | ||
| var isAdmin = function (userRole) { | ||
| return userRole && ADMIN_ROLES.includes(userRole); | ||
| }; | ||
| exports.isAdmin = isAdmin; | ||
| var createContext = function (_a) { | ||
| var req = _a.req, res = _a.res; | ||
| return __awaiter(void 0, void 0, void 0, function () { | ||
| var user, requestId; | ||
| return __generator(this, function (_b) { | ||
| switch (_b.label) { | ||
| case 0: return [4 /*yield*/, auth_1.getUserFromHeader(req.headers)]; | ||
| case 1: | ||
| user = _b.sent(); | ||
| requestId = crypto_1.default.randomBytes(10).toString("hex"); | ||
| return [2 /*return*/, { | ||
| headers: req.headers, | ||
| user: user, | ||
| isAdmin: exports.isAdmin(user === null || user === void 0 ? void 0 : user.role), | ||
| req: __assign(__assign({}, req), { id: requestId }), | ||
| res: res, | ||
| }]; | ||
| } | ||
| }); | ||
| }); | ||
| }; | ||
| exports.protectedRoute = trpc | ||
| .router() | ||
| .middleware(function (_a) { | ||
| var ctx = _a.ctx, next = _a.next; | ||
| return __awaiter(void 0, void 0, void 0, function () { | ||
| var user; | ||
| return __generator(this, function (_b) { | ||
| switch (_b.label) { | ||
| case 0: return [4 /*yield*/, auth_1.getUserFromHeader(ctx.headers)]; | ||
| case 1: | ||
| user = _b.sent(); | ||
| if (!user) { | ||
| console.log("Unauthenticated while accesing " + ctx.req.url, ctx.headers); | ||
| throw new Error("Unauthenticated when trying to access " + ctx.req.url); | ||
| } | ||
| ctx.user = user; | ||
| ctx.isAdmin = exports.isAdmin(user.role); | ||
| return [2 /*return*/, next()]; | ||
| } | ||
| }); | ||
| }); | ||
| }); | ||
| exports.adminRoute = trpc | ||
| .router() | ||
| .middleware(function (_a) { | ||
| var ctx = _a.ctx, next = _a.next; | ||
| return __awaiter(void 0, void 0, void 0, function () { | ||
| var user; | ||
| return __generator(this, function (_b) { | ||
| switch (_b.label) { | ||
| case 0: return [4 /*yield*/, auth_1.getUserFromHeader(ctx.headers)]; | ||
| case 1: | ||
| user = _b.sent(); | ||
| if (!user) { | ||
| console.log("Unauthenticated while accesing " + ctx.req.url, ctx.headers); | ||
| throw new Error("Unauthenticated when trying to access " + ctx.req.url); | ||
| } | ||
| if (!exports.isAdmin(user.role)) { | ||
| throw new Error("Unauthorized"); | ||
| } | ||
| ctx.user = user; | ||
| ctx.isAdmin = true; | ||
| return [2 /*return*/, next()]; | ||
| } | ||
| }); | ||
| }); | ||
| }); | ||
| exports.default = createContext; |
Oops, something went wrong.