Skip to content

Commit

Permalink
Auth Overhaul (#369)
Browse files Browse the repository at this point in the history
* old system has been removed, Just need to update the routes now to use the new system.

* Refactor authentication routes and session handling

* update schema

* add logic for new login page

* Update background parameter in three.ts

* Refactor three.ts: Remove tweakpane initialization and related code

* index page and oauth buttons done.

* More progress

* Refactor environment variables in astroenv and shared.ts

* Refactor OauthProviders.astro and remove unused code

* Refactor Astro(vite) config and user permission verification

* Cleanup

* cleanup

* more cleanup

* Refactor other integrations to use the new auth lib

* start of firstTimeSetup re-implementation

* Refactor firstTimeSetup to use crypto.randomUUID() for generating UUIDs

* Refactor package.json to use "@fontsource-variable/onest" instead of "@fontsource/onest"

* cleanup

* fix css

* Refactor OAuthButtonStack to use currentColor for SVG fill

* Refactor authlayout.css to use "Onest Variable" font-family for all elements

* update deps

* cleanup

* add changeset

* update docs

* update docs

* Exclude @node-rs/argon2 from vite optimizeDeps

* Add ViteNodeAddonPlugin to integration.ts

* Exclude @node-rs/argon2 from vite optimizeDeps

* test

* Exclude @node-rs/argon2 from vite optimizeDeps

* test

* test

* test

* update deps

* Refactor login and signup routes to handle different scenarios

* Refactor OAuthButtonStack and AuthLayout components

* Refactor firstTimeSetup API route and add error handling

* Refactor signup form button in signup.astro

* Refactor oAuth callback URLs in environment variables and update getting started

* remove now un-used nodeAddons plugin

* Refactor integration.ts to add rate-limiting functionality

* add docs

* Refactor typedoc.config.ts to remove unused scripts and utils

* update build command to remove astro check by default

* Update astro.config.mts

* Add fallback image for login page

- Adds a fallback image that displays when the Three.js context fails to render.

---------

Co-authored-by: Louis Escher <louisescher@proton.me>
  • Loading branch information
Adammatthiesen and louisescher authored Nov 13, 2024
1 parent 79032e9 commit d0e965c
Show file tree
Hide file tree
Showing 136 changed files with 5,596 additions and 3,367 deletions.
119 changes: 119 additions & 0 deletions .changeset/chatty-kangaroos-rule.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
---
"@studiocms/dashboard": patch
"@studiocms/auth": patch
"@studiocms/core": patch
"@studiocms/ui": patch
"studiocms": patch
---

Auth system overhaul:

## **`studiocms`**

- Updated all Dependencies

## **`@studiocms/auth`**

- Update `astro:env` schema:
- `CMS_ENCRYPTION_KEY`: NEW - Required variable used for auth encryption, can be generated using `openssl rand --base64 16`.
- `CMS_GITHUB_REDIRECT_URI`: NEW - Optional variable for GitHub Redirect URI if using multiple redirect URIs with Github oAuth.
- Removed `Luicia` based auth system and `Lucia-astrodb-adapter`
- Removed old `authHelper`
- Add new OAuthButton components
- `<OAuthButton />`
- `<OAuthButtonStack />`
- `oAuthButtonProviders.ts`
- Add new `<AuthLayout />` component and CSS
- Add new authentication library:
- Auth library is built using the lucia-next resources and will now be maintained under `@studiocms/auth` as its own full module
- Created Virtual module exports available during runtime
- Add new login/signup backgrounds
- Remove Middleware
- Add `studiocms-logo.glb` for usage with New ThreeJS login/signup page
- Update all Auth Routes
- Update schema
- Add new Scripts for ThreeJS
- Update Stubs files and Utils
- Refactor Integration to use new system.

## **`@studiocms/core`**

- Disable interactivity for `<Avatar />` component. (Will always show a empty profile icon until we setup the new system for the front-end)
- Update table schema:
- `StudioCMSUsers`: Removed oAuth ID's from main user table

```diff
export const StudioCMSUsers = defineTable({
columns: {
id: column.text({ primaryKey: true }),
url: column.text({ optional: true }),
name: column.text(),
email: column.text({ unique: true, optional: true }),
avatar: column.text({ optional: true }),
- githubId: column.number({ unique: true, optional: true }),
- githubURL: column.text({ optional: true }),
- discordId: column.text({ unique: true, optional: true }),
- googleId: column.text({ unique: true, optional: true }),
- auth0Id: column.text({ unique: true, optional: true }),
username: column.text(),
password: column.text({ optional: true }),
updatedAt: column.date({ default: NOW, optional: true }),
createdAt: column.date({ default: NOW, optional: true }),
},
});
```

- `StudioCMSOAuthAccounts`: New table to handle all oAuth accounts and linking to Users

```ts
export const StudioCMSOAuthAccounts = defineTable({
columns: {
provider: column.text(), // github, google, discord, auth0
providerUserId: column.text({ primaryKey: true }),
userId: column.text({ references: () => StudioCMSUsers.columns.id }),
},
});
```

- `StudioCMSPermissions`: Updated to use direct reference to users table

```ts
export const StudioCMSPermissions = defineTable({
columns: {
user: column.text({ references: () => StudioCMSUsers.columns.id }),
rank: column.text(),
},
});
```

- `StudioCMSSiteConfig`: Added new options for login page

```ts
export const StudioCMSSiteConfig = defineTable({
columns: {
id: column.number({ primaryKey: true }),
title: column.text(),
description: column.text(),
defaultOgImage: column.text({ optional: true }),
siteIcon: column.text({ optional: true }),
loginPageBackground: column.text({ default: 'studiocms-curves' }),
loginPageCustomImage: column.text({ optional: true }),
},
});
```

- Updated Routemap:
- All Auth api routes are now located at `yourhost.tld/studiocms_api/auth/*`

- Updated Strings:
- Add new Encryption messages for the new `CMS_ENCRYPTION_KEY` variable

- Removed now unused auth types.

## **`@studiocms/dashboard`**

- Refactor to utilize new `@studiocms/auth` lib for user verification

## **`@studiocms/ui`**

- Update `<Input />` component's available types
3 changes: 2 additions & 1 deletion .vscode/settings.json
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,6 @@
"editor.defaultFormatter": "biomejs.biome",
"[mdx]": {
"editor.defaultFormatter": "esbenp.prettier-vscode"
}
},
"editor.gotoLocation.multipleDefinitions": "goto"
}
2 changes: 1 addition & 1 deletion biome.json
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"files": {
"ignoreUnknown": true,
"ignore": ["**/.astro/**", "**/package.json", "**/dist/**", "**/ogBackgrounds/**"]
"ignore": ["**/.astro/**", "**/package.json", "**/dist/**"]
},
"formatter": {
"lineWidth": 100,
Expand Down
56 changes: 36 additions & 20 deletions packages/studiocms/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -43,14 +43,6 @@
},
"type": "module",
"dependencies": {
"@cloudinary/url-gen": "catalog:studiocms-imagehandler",
"@inox-tools/runtime-logger": "catalog:studiocms-shared",
"@markdoc/markdoc": "catalog:studiocms-shared",
"@matthiesenxyz/astrolace": "catalog:studiocms-shared",
"@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
"@matthiesenxyz/unocss-preset-daisyui": "catalog:studiocms-shared",
"@noble/hashes": "catalog:studiocms-shared",
"@shikijs/transformers": "catalog:studiocms-renderer",
"@studiocms/assets": "workspace:*",
"@studiocms/auth": "workspace:*",
"@studiocms/betaresources": "workspace:*",
Expand All @@ -60,23 +52,48 @@
"@studiocms/imagehandler": "workspace:*",
"@studiocms/renderers": "workspace:*",
"@studiocms/robotstxt": "workspace:*",
"@unocss/astro": "catalog:studiocms-shared",
"@unocss/reset": "catalog:studiocms-shared",

"astro-integration-kit": "catalog:",
"arctic": "catalog:studiocms-shared",
"daisyui": "catalog:studiocms-shared",
"lucia": "catalog:studiocms-shared",
"marked": "catalog:studiocms-shared",

"package-json": "catalog:studiocms",
"semver": "catalog:studiocms",

"mrmime": "catalog:studiocms-core",
"remark-rehype": "catalog:studiocms-core",
"mdast-util-to-hast": "catalog:studiocms-core",

"@oslojs/crypto": "catalog:studiocms-auth",
"@oslojs/encoding": "catalog:studiocms-auth",
"@oslojs/binary": "catalog:studiocms-auth",
"@types/bcryptjs": "catalog:studiocms-auth",
"bcryptjs": "catalog:studiocms-auth",
"@types/three": "catalog:studiocms-auth",
"arctic": "catalog:studiocms-auth",
"three": "catalog:studiocms-auth",

"@fontsource-variable/onest": "catalog:studiocms-shared",
"@inox-tools/runtime-logger": "catalog:studiocms-shared",
"@matthiesenxyz/astrodtsbuilder": "catalog:studiocms-shared",
"@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
"rollup-plugin-copy": "catalog:studiocms-shared",

"marked": "catalog:studiocms-renderer",
"marked-alert": "catalog:studiocms-renderer",
"marked-emoji": "catalog:studiocms-renderer",
"marked-footnote": "catalog:studiocms-renderer",
"marked-shiki": "catalog:studiocms-renderer",
"marked-smartypants": "catalog:studiocms-renderer",
"micromatch": "catalog:studiocms-shared",
"mrmime": "catalog:studiocms-shared",
"package-json": "catalog:studiocms",
"semver": "catalog:studiocms",
"shiki": "catalog:studiocms-shared",
"@markdoc/markdoc": "catalog:studiocms-renderer",
"shiki": "catalog:studiocms-renderer",
"@shikijs/transformers": "catalog:studiocms-renderer",

"@cloudinary/url-gen": "catalog:studiocms-imagehandler",

"@matthiesenxyz/astrolace": "catalog:studiocms-shared",
"@matthiesenxyz/unocss-preset-daisyui": "catalog:studiocms-shared",
"@unocss/astro": "catalog:studiocms-shared",
"@unocss/reset": "catalog:studiocms-shared",
"daisyui": "catalog:studiocms-shared",
"unocss": "catalog:studiocms-shared"
},
"peerDependencies": {
Expand All @@ -92,7 +109,6 @@
"devDependencies": {
"vite": "catalog:",
"typescript": "catalog:",
"@types/micromatch": "catalog:studiocms-shared",
"@types/semver": "catalog:studiocms"
}
}
33 changes: 0 additions & 33 deletions packages/studiocms_auth/env.d.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,36 +6,3 @@ interface ImportMetaEnv {
interface ImportMeta {
readonly env: ImportMetaEnv;
}

declare namespace App {
interface Locals {
isLoggedIn: boolean;
dbUser?: {
id: string;
url: string | null;
name: string;
email: string | null;
avatar: string | null;
githubId: number | null;
githubURL: string | null;
discordId: string | null;
googleId: string | null;
auth0Id: string | null;
username: string;
password: string | null;
updatedAt: Date | null;
createdAt: Date | null;
} | null;
user?: {
id: string;
username?: string;
githubId?: number;
} | null;
session?: {
id: string;
userId: string;
fresh: boolean;
expiresAt: Date;
} | null;
}
}
29 changes: 15 additions & 14 deletions packages/studiocms_auth/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -30,32 +30,33 @@
"src"
],
"exports": {
".": "./src/index.ts",
"./lucia": "./src/auth/index.ts"
".": "./src/index.ts"
},
"type": "module",
"dependencies": {
"@studiocms/core": "workspace:*",
"@studiocms/ui": "workspace:*",
"astro-integration-kit": "catalog:",
"@fontsource-variable/onest": "catalog:studiocms-shared",
"@inox-tools/runtime-logger": "catalog:studiocms-shared",
"@matthiesenxyz/astrolace": "catalog:studiocms-shared",
"@matthiesenxyz/astrodtsbuilder": "catalog:studiocms-shared",
"@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
"@noble/hashes": "catalog:studiocms-shared",
"@studiocms/assets": "workspace:*",
"@studiocms/core": "workspace:*",
"micromatch": "catalog:studiocms-shared",
"lucia": "catalog:studiocms-shared",
"arctic": "catalog:studiocms-shared",
"astro-integration-kit": "catalog:"
"rollup-plugin-copy": "catalog:studiocms-shared",
"@oslojs/binary": "catalog:studiocms-auth",
"@oslojs/crypto": "catalog:studiocms-auth",
"@oslojs/encoding": "catalog:studiocms-auth",
"@types/three": "catalog:studiocms-auth",
"arctic": "catalog:studiocms-auth",
"three": "catalog:studiocms-auth",
"@types/bcryptjs": "catalog:studiocms-auth",
"bcryptjs": "catalog:studiocms-auth"
},
"peerDependencies": {
"@studiocms/core": "workspace:*",
"@studiocms/dashboard": "workspace:*",
"@astrojs/db": "catalog:min",
"astro": "catalog:min"
},
"devDependencies": {
"vite": "catalog:",
"typescript": "catalog:",
"@types/micromatch": "catalog:studiocms-shared"
"typescript": "catalog:"
}
}
11 changes: 11 additions & 0 deletions packages/studiocms_auth/src/astroenv/env.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,12 @@ import { envField } from 'astro/config';
export const astroENV: AstroConfig['experimental']['env'] = {
validateSecrets: true,
schema: {
// Auth Encryption Key
CMS_ENCRYPTION_KEY: envField.string({
context: 'server',
access: 'secret',
optional: false,
}),
// GitHub Auth Provider Environment Variables
CMS_GITHUB_CLIENT_ID: envField.string({
context: 'server',
Expand All @@ -15,6 +21,11 @@ export const astroENV: AstroConfig['experimental']['env'] = {
access: 'secret',
optional: true,
}),
CMS_GITHUB_REDIRECT_URI: envField.string({
context: 'server',
access: 'secret',
optional: true,
}),
// Discord Auth Provider Environment Variables
CMS_DISCORD_CLIENT_ID: envField.string({
context: 'server',
Expand Down
33 changes: 0 additions & 33 deletions packages/studiocms_auth/src/auth/index.ts

This file was deleted.

Loading

0 comments on commit d0e965c

Please sign in to comment.