sequelize, storage for userdata

.gitignore

@@ -6,5 +6,5 @@ android/
 ios/
 releases/
 .vscode/
-.env
+.env.local
 /server-node/jobs

server-node/.env

@@ -0,0 +1,2 @@
+JOBS_DIR="./jobs"
+SESSION_SECRET="default-secret"

server-node/package.json

@@ -41,6 +41,8 @@
         "pdf-lib": "^1.17.1",
         "rollup-plugin-copy": "^3.5.0",
         "rollup-plugin-dynamic-import-variables": "^1.1.0",
+        "sequelize": "^6.37.3",
+        "sqlite3": "^5.1.7",
         "toml": "^3.0.0",
         "tsconfig-paths": "^4.2.0",
         "vite-plugin-compile-time": "^0.2.1",

server-node/src/auth/passport-config.ts

@@ -6,14 +6,14 @@ import { HeaderAPIKeyStrategy as HeaderAPIKeyStrategy } from "passport-headerapi
 export function initialize(passport: typeof import("passport")) {
     passport.use("local", new LocalStrategy(
         function(username, password, done) {
-            User.findOne({ username: username }, function (err, user) {
+            User.findOne({ username: username }, async function (err, user) {
                 if (err) { 
-                    return done(err); 
+                    return done(err, false); 
                 }
                 if (!user) { 
                     return done(null, false); 
                 }
-                if (!User.verifyPassword(user, password)) { 
+                if (!await User.verifyPassword(user, password)) {
                     return done(null, false); 
                 }
                 return done(null, user);

server-node/src/auth/user/user-controller.ts

@@ -1,16 +1,55 @@
-import { User } from "./user-model";
+import { Error as SequelizeError, Op } from "sequelize";
+import { Password, User } from "./user-model";
 
-export function findOne(params: {id?: number, username?: string, apikey?: string}, cb: (err: Error | null, user: User) => void): undefined {
-    //TODO: replace with db connection.
-    cb(null, {
-        id: 1,
-        username: "test",
-        mail: "test@test.com",
-        accessControlList: []
-    });
+type PickOne<T, F extends keyof T> = Pick<T, F> & { [K in keyof Omit<T, F>]?: never };
+
+export function findOne(params: {id?: number, username?: string, apikey?: string}, cb: (err: Error | null, user: User | null) => void): undefined {
+    const query: any = params;
+
+    for (let key in query) {
+        if (query[key] === undefined) {
+            delete query[key];
+        }
+    }
+
+    if(Object.keys(query).length == 0) {
+        cb(new Error("You need to provide at least one argument."), null)
+    }
+
+    User.findOne({
+        where: query
+    }).then(user => {
+        if(user)
+            cb(null, user);
+        else
+            cb(new Error("The requested user was not found."), null);
+    }).catch(e => 
+        cb(e, null)
+    );
 }
 
-export function verifyPassword(user: User, password: string) {
-    //TODO: replace with db connection.
-    return password == "test";
+export async function verifyPassword(user: User, password: string): Promise<boolean> {
+    const passwordRecord = await user.getPassword();
+    if(!passwordRecord) {
+        throw new Error("This user does not have a password set!");
+    }
+    return passwordRecord.password == password;
+}
+
+export function createUser(params: { username: string, password: string }, cb: (err: SequelizeError | null, user: User | null) => void ) {
+    User.create({ username: params.username, authenticationMethod: "password" }).then(async user => {
+        user.setPassword(await Password.create({
+            password: params.password,
+        })).then(password => {
+            cb(null, user as any as User)
+        }).catch(e => 
+            cb(e, null)
+        );
+    }).catch(e => 
+        cb(e, null)
+    );
+}
+
+export function createAPIKey(user: User, apikey?: string) {
+
 }

server-node/src/auth/user/user-model.ts

@@ -1,6 +1,80 @@
-export interface User {
-    id: number,
-    username: string,
-    mail: string,
-    accessControlList: string[],
+import {
+    Association, DataTypes, Model, ModelDefined, Optional,
+    Sequelize, InferAttributes, InferCreationAttributes, CreationOptional, NonAttribute, ForeignKey,
+
+    HasManyAddAssociationMixin, HasManyCountAssociationsMixin,
+    HasManyCreateAssociationMixin, HasManyGetAssociationsMixin, HasManyHasAssociationMixin,
+    HasManySetAssociationsMixin, HasManyAddAssociationsMixin, HasManyHasAssociationsMixin,
+    HasManyRemoveAssociationMixin, HasManyRemoveAssociationsMixin, 
+
+    HasOneGetAssociationMixin, HasOneSetAssociationMixin, HasOneCreateAssociationMixin,
+} from 'sequelize';
+
+export class User extends Model<InferAttributes<User>, InferCreationAttributes<User>> {
+    declare id: CreationOptional<number>;
+    declare username: string;
+    declare mail?: string;
+    declare authenticationMethod: string;
+
+    declare getPassword: HasOneGetAssociationMixin<Password | undefined>; // Note the null assertions!
+    declare setPassword: HasOneSetAssociationMixin<Password | undefined, number>;
+    declare createPassword: HasOneCreateAssociationMixin<Password>;
+
+    declare getAccessRules: HasManyGetAssociationsMixin<AccessRule | undefined>; // Note the null assertions!
+    declare addAccessRule: HasManyAddAssociationMixin<AccessRule | undefined, number>;
+    declare addAccessRules: HasManyAddAssociationsMixin<AccessRule | undefined, number>;
+    declare setAccessRules: HasManySetAssociationsMixin<AccessRule | undefined, number>;
+    declare removeAccessRule: HasManyRemoveAssociationMixin<AccessRule | undefined, number>;
+    declare removeAccessRules: HasManyRemoveAssociationsMixin<AccessRule | undefined, number>;
+    declare hasAccessRule: HasManyHasAssociationMixin<AccessRule | undefined, number>;
+    declare hasAccessRules: HasManyHasAssociationsMixin<AccessRule | undefined, number>;
+    declare countAccessRules: HasManyCountAssociationsMixin;
+    declare createAccessRule: HasManyCreateAssociationMixin<AccessRule, 'userId'>;
+
+    declare getAPIKeys: HasManyGetAssociationsMixin<APIKey | undefined>; // Note the null assertions!
+    declare addAPIKey: HasManyAddAssociationMixin<APIKey | undefined, number>;
+    declare addAPIKeys: HasManyAddAssociationsMixin<APIKey | undefined, number>;
+    declare setAPIKeys: HasManySetAssociationsMixin<APIKey | undefined, number>;
+    declare removeAPIKey: HasManyRemoveAssociationMixin<APIKey | undefined, number>;
+    declare removeAPIKeys: HasManyRemoveAssociationsMixin<APIKey | undefined, number>;
+    declare hasAPIKey: HasManyHasAssociationMixin<APIKey | undefined, number>;
+    declare hasAPIKeys: HasManyHasAssociationsMixin<APIKey | undefined, number>;
+    declare countAPIKeys: HasManyCountAssociationsMixin;
+    declare createAPIKey: HasManyCreateAssociationMixin<APIKey, 'userId'>;
+
+    declare createdAt: CreationOptional<Date>;
+    declare updatedAt: CreationOptional<Date>;
+}
+
+export class Password extends Model<InferAttributes<Password>, InferCreationAttributes<Password>> {
+    declare id: CreationOptional<number>;
+    declare password: string;
+
+    declare ownerId: ForeignKey<User['id']>;
+    declare owner?: NonAttribute<User>;
+    
+    declare createdAt: CreationOptional<Date>;
+    declare updatedAt: CreationOptional<Date>;
+}
+
+export class AccessRule extends Model<InferAttributes<AccessRule>, InferCreationAttributes<AccessRule>> {
+    declare id: CreationOptional<number>;
+    declare grants: string;
+
+    declare userId: ForeignKey<User['id']>;
+    declare user?: NonAttribute<User>;
+    
+    declare createdAt: CreationOptional<Date>;
+    declare updatedAt: CreationOptional<Date>;
+}
+
+export class APIKey extends Model<InferAttributes<APIKey>, InferCreationAttributes<APIKey>> {
+    declare id: CreationOptional<number>;
+    declare apikey: string;
+
+    declare userId: ForeignKey<User['id']>;
+    declare user?: NonAttribute<User>;
+    
+    declare createdAt: CreationOptional<Date>;
+    declare updatedAt: CreationOptional<Date>;
 }

server-node/src/data/sequelize-relations.ts

@@ -0,0 +1,87 @@
+import { Sequelize, DataTypes } from "sequelize";
+
+//TODO: Make this configurable
+const sequelize = new Sequelize("sqlite::memory:");
+
+import { User, AccessRule, APIKey, Password } from "../auth/user/user-model";
+
+User.init(
+    {
+        id: {
+            type: DataTypes.INTEGER.UNSIGNED,
+            autoIncrement: true,
+            primaryKey: true,
+        },
+        username: {
+            type: DataTypes.STRING,
+            allowNull: false,
+            unique: true,
+        },
+        mail: {
+            type: DataTypes.STRING,
+            unique: true,
+        },
+        authenticationMethod: {
+            type: DataTypes.STRING,
+            allowNull: false,
+        },
+        createdAt: DataTypes.DATE,
+        updatedAt: DataTypes.DATE,
+    },
+    { sequelize },
+);
+
+Password.init(
+    {
+        id: {
+            type: DataTypes.INTEGER.UNSIGNED,
+            autoIncrement: true,
+            primaryKey: true
+        },
+        password: DataTypes.STRING,
+        createdAt: DataTypes.DATE,
+        updatedAt: DataTypes.DATE,
+    },
+    { sequelize },
+);
+Password.hasOne(User);
+User.hasOne(Password);
+
+AccessRule.init(
+    {
+        id: {
+            type: DataTypes.INTEGER.UNSIGNED,
+            autoIncrement: true,
+            primaryKey: true
+        },
+        grants: DataTypes.STRING,
+        createdAt: DataTypes.DATE,
+        updatedAt: DataTypes.DATE,
+    },
+    { sequelize },
+);
+AccessRule.hasOne(User);
+User.hasMany(AccessRule);
+
+APIKey.init(
+    {
+        id: {
+            type: DataTypes.INTEGER.UNSIGNED,
+            autoIncrement: true,
+            primaryKey: true
+        },
+        apikey: DataTypes.STRING,
+        createdAt: DataTypes.DATE,
+        updatedAt: DataTypes.DATE,
+    },
+    { sequelize },
+);
+APIKey.hasOne(User);
+User.hasMany(APIKey);
+
+export default sequelize;
+
+(async () => {
+    await sequelize.sync({ force: true });
+    console.log("Database synced!")
+})();

server-node/src/index.ts

@@ -27,6 +27,12 @@ console.log("Available Modules: ", listOperatorNames());
 
 import "./jobs/jobs-controller";
 
+/**
+ * database
+ */
+
+import "./data/sequelize-relations";
+
 /*
  * EXPRESS
 */

server-node/src/routes/auth/register-controller.ts

@@ -1,8 +1,35 @@
+import { error } from "pdf-lib";
+import * as User from "../../auth/user/user-controller";
 import express, { Request, Response } from "express";
 const router = express.Router();
 
 router.post('/register', async function(req: Request, res: Response) {
     //TODO: Register new user
+    
+});
+
+router.post('/register/password', async function(req: Request, res: Response) {
+    if(req.query) {
+        if(!req.query.username) {
+            res.status(400).json({error: "no username was provided"});
+            return;
+        }
+        if(!req.query.password) {
+            res.status(400).json({error: "no password was provided"});
+            return;
+        }
+
+        User.createUser({username: req.query.username as string, password: req.query.password as string}, async (err, user) => {
+            if(err) {
+                res.status(500).json(err);
+                return;
+            }
+            res.json(user);
+        });
+    }
+    else {
+        res.status(400).json({error: "no params were provided"})
+    }
 });
 
 export default router;

server-node/vite.config.ts

@@ -10,6 +10,11 @@ export default defineConfig({
         // vite server configs, for details see [vite doc](https://vitejs.dev/config/#server-host)
         port: 8000
     },
+    optimizeDeps: {
+        exclude: [
+            "pg-hstore" // sequelize
+        ]
+    },
     plugins: [
         ...VitePluginNode({
             // Nodejs native Request adapter