feat: impl basic auth (#62)

Author: NathanFlurry

.github/workflows/test-all.yml

@@ -8,6 +8,7 @@ env:
 jobs:
   build:
     runs-on: ubuntu-20.04
+    timeout-minutes: 5
     steps:
       # Checkout registry repo
       - name: Checkout registry Repo

deno.json

@@ -0,0 +1,5 @@
+{
+  "fmt": {
+    "useTabs": true
+  }
+}

modules/auth/config.ts

@@ -0,0 +1,8 @@
+export interface Config {
+	email?: EmailConfig;
+}
+
+export interface EmailConfig {
+	fromEmail: string;
+	fromName?: string;
+}

modules/auth/db/migrations/20240310214734_init/migration.sql

@@ -0,0 +1,48 @@
+-- CreateTable
+CREATE TABLE "Identity" (
+    "userId" UUID NOT NULL,
+    "createdAt" TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "deletedAt" TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "Identity_pkey" PRIMARY KEY ("userId")
+);
+
+-- CreateTable
+CREATE TABLE "EmailPasswordless" (
+    "id" UUID NOT NULL,
+    "identityId" UUID NOT NULL,
+    "email" TEXT NOT NULL,
+    "createdAt" TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "EmailPasswordless_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "EmailPasswordlessVerification" (
+    "id" UUID NOT NULL,
+    "identityId" UUID,
+    "email" TEXT NOT NULL,
+    "code" TEXT NOT NULL,
+    "attemptCount" INTEGER NOT NULL DEFAULT 0,
+    "maxAttemptCount" INTEGER NOT NULL,
+    "createdAt" TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "expireAt" TIMESTAMP NOT NULL,
+    "completedAt" TIMESTAMP,
+
+    CONSTRAINT "EmailPasswordlessVerification_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "EmailPasswordless_email_key" ON "EmailPasswordless"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "EmailPasswordlessVerification_code_key" ON "EmailPasswordlessVerification"("code");
+
+-- AddForeignKey
+ALTER TABLE "EmailPasswordless" ADD CONSTRAINT "EmailPasswordless_identityId_fkey" FOREIGN KEY ("identityId") REFERENCES "Identity"("userId") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "EmailPasswordlessVerification" ADD CONSTRAINT "EmailPasswordlessVerification_email_fkey" FOREIGN KEY ("email") REFERENCES "EmailPasswordless"("email") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "EmailPasswordlessVerification" ADD CONSTRAINT "EmailPasswordlessVerification_identityId_fkey" FOREIGN KEY ("identityId") REFERENCES "Identity"("userId") ON DELETE SET NULL ON UPDATE CASCADE;

modules/auth/db/migrations/20240312024843_init/migration.sql

@@ -0,0 +1,12 @@
+/*
+  Warnings:
+
+  - You are about to drop the column `identityId` on the `EmailPasswordlessVerification` table. All the data in the column will be lost.
+
+*/
+-- DropForeignKey
+ALTER TABLE "EmailPasswordlessVerification" DROP CONSTRAINT "EmailPasswordlessVerification_identityId_fkey";
+
+-- AlterTable
+ALTER TABLE "EmailPasswordlessVerification" DROP COLUMN "identityId",
+ADD COLUMN     "userId" UUID;

modules/auth/db/migrations/20240312033322_/migration.sql

@@ -0,0 +1,2 @@
+-- DropForeignKey
+ALTER TABLE "EmailPasswordlessVerification" DROP CONSTRAINT "EmailPasswordlessVerification_email_fkey";

modules/auth/db/migrations/20240312035811_/migration.sql

@@ -0,0 +1,21 @@
+/*
+  Warnings:
+
+  - You are about to drop the column `identityId` on the `EmailPasswordless` table. All the data in the column will be lost.
+  - You are about to drop the `Identity` table. If the table is not empty, all the data it contains will be lost.
+  - A unique constraint covering the columns `[userId]` on the table `EmailPasswordless` will be added. If there are existing duplicate values, this will fail.
+  - Added the required column `userId` to the `EmailPasswordless` table without a default value. This is not possible if the table is not empty.
+
+*/
+-- DropForeignKey
+ALTER TABLE "EmailPasswordless" DROP CONSTRAINT "EmailPasswordless_identityId_fkey";
+
+-- AlterTable
+ALTER TABLE "EmailPasswordless" DROP COLUMN "identityId",
+ADD COLUMN     "userId" UUID NOT NULL;
+
+-- DropTable
+DROP TABLE "Identity";
+
+-- CreateIndex
+CREATE UNIQUE INDEX "EmailPasswordless_userId_key" ON "EmailPasswordless"("userId");

modules/auth/db/migrations/migration_lock.toml

@@ -0,0 +1,3 @@
+# Please do not edit this file manually
+# It should be added in your version-control system (i.e. Git)
+provider = "postgresql"

modules/auth/db/schema.prisma

@@ -0,0 +1,30 @@
+datasource db {
+    provider = "postgresql"
+    url      = env("DATABASE_URL")
+}
+
+model EmailPasswordless {
+    id        String   @id @default(uuid()) @db.Uuid
+    userId    String   @db.Uuid @unique
+    email     String   @unique
+    createdAt DateTime @default(now()) @db.Timestamp
+}
+
+model EmailPasswordlessVerification {
+    id String @id @default(uuid()) @db.Uuid
+
+    // If exists, link to existing identity. If null, create new identity.
+    userId String? @db.Uuid
+
+    email String
+
+    // Code the user has to input to verify the email
+    code String @unique
+
+    attemptCount    Int @default(0)
+    maxAttemptCount Int
+
+    createdAt   DateTime  @default(now()) @db.Timestamp
+    expireAt    DateTime  @db.Timestamp
+    completedAt DateTime? @db.Timestamp
+}

modules/auth/module.yaml

@@ -0,0 +1,16 @@
+dependencies:
+  email: {}
+  users: {}
+  rate_limit: {}
+scripts:
+  auth_email_passwordless:
+    public: true
+  verify_email_passwordless:
+    public: true
+errors:
+  PROVIDER_DISABLED: {}
+  VERIFICATION_CODE_INVALID: {}
+  VERIFICATION_CODE_ATTEMPT_LIMIT: {}
+  VERIFICATION_CODE_EXPIRED: {}
+  VERIFICATION_CODE_ALREADY_USED: {}
+  EMAIL_ALREADY_USED: {}