feat: modular domain driven boilerplate

modules/identity/routes/login/code/handle.ts

@@ -0,0 +1,85 @@
+import { logger } from "@platform/logger";
+import cookie from "cookie";
+
+import { Code } from "../../../aggregates/code.ts";
+import { Identity } from "../../../aggregates/identity.ts";
+import { auth } from "../../../auth.ts";
+import { config } from "../../../config.ts";
+import { eventStore } from "../../../event-store.ts";
+import route from "./spec.ts";
+
+export default route.access("public").handle(async ({ params: { identityId, codeId, value }, query: { next } }) => {
+  const code = await eventStore.aggregate.getByStream(Code, codeId);
+
+  if (code === undefined) {
+    return logger.info({
+      type: "code:claimed",
+      session: false,
+      message: "Invalid Code ID",
+      received: codeId,
+    });
+  }
+
+  if (code.claimedAt !== undefined) {
+    return logger.info({
+      type: "code:claimed",
+      session: false,
+      message: "Code Already Claimed",
+      received: codeId,
+    });
+  }
+
+  await code.claim().save();
+
+  if (code.value !== value) {
+    return logger.info({
+      type: "code:claimed",
+      session: false,
+      message: "Invalid Value",
+      expected: code.value,
+      received: value,
+    });
+  }
+
+  if (code.identity.id !== identityId) {
+    return logger.info({
+      type: "code:claimed",
+      session: false,
+      message: "Invalid Identity ID",
+      expected: code.identity.id,
+      received: identityId,
+    });
+  }
+
+  const account = await eventStore.aggregate.getByStream(Identity, identityId);
+  if (account === undefined) {
+    return logger.info({
+      type: "code:claimed",
+      session: false,
+      message: "Account Not Found",
+      expected: code.identity.id,
+      received: undefined,
+    });
+  }
+
+  logger.info({ type: "code:claimed", session: true });
+
+  const options = config.cookie(1000 * 60 * 60 * 24 * 7);
+
+  if (next !== undefined) {
+    return new Response(null, {
+      status: 302,
+      headers: {
+        location: next,
+        "set-cookie": cookie.serialize("token", await auth.generate({ id: account.id }, "1 week"), options),
+      },
+    });
+  }
+
+  return new Response(null, {
+    status: 200,
+    headers: {
+      "set-cookie": cookie.serialize("token", await auth.generate({ id: account.id }, "1 week"), options),
+    },
+  });
+});

modules/identity/routes/login/code/spec.ts

@@ -0,0 +1,13 @@
+import { route } from "@platform/relay";
+import z from "zod";
+
+export default route
+  .get("/api/v1/identities/login/code/:identityId/code/:codeId/:value")
+  .params({
+    identityId: z.string(),
+    codeId: z.string(),
+    value: z.string(),
+  })
+  .query({
+    next: z.string().optional(),
+  });

modules/identity/routes/login/email/handle.ts

@@ -0,0 +1,27 @@
+import { logger } from "@platform/logger";
+
+import { Code } from "../../../aggregates/code.ts";
+import { getIdentityEmailRelation, Identity } from "../../../aggregates/identity.ts";
+import { eventStore } from "../../../event-store.ts";
+import route from "./spec.ts";
+
+export default route.access("public").handle(async ({ body: { base, email } }) => {
+  const identity = await eventStore.aggregate.getByRelation(Identity, getIdentityEmailRelation(email));
+  if (identity === undefined) {
+    return logger.info({
+      type: "auth:email",
+      code: false,
+      message: "Identity Not Found",
+      received: email,
+    });
+  }
+  const code = await eventStore.aggregate.from(Code).create({ id: identity.id }).save();
+  logger.info({
+    type: "auth:email",
+    data: {
+      code: code.id,
+      identityId: identity.id,
+    },
+    link: `${base}/api/v1/admin/auth/${identity.id}/code/${code.id}/${code.value}?next=${base}/admin`,
+  });
+});

modules/identity/routes/login/email/spec.ts

@@ -0,0 +1,9 @@
+import { route } from "@platform/relay";
+import z from "zod";
+
+export default route.post("/api/v1/identities/login/email").body(
+  z.object({
+    base: z.url(),
+    email: z.email(),
+  }),
+);

modules/identity/routes/login/password/handle.ts

@@ -0,0 +1,36 @@
+import { logger } from "@platform/logger";
+import { BadRequestError } from "@platform/relay";
+import cookie from "cookie";
+
+import { auth } from "../../../auth.ts";
+import { config } from "../../../config.ts";
+import { password } from "../../../crypto/password.ts";
+import { getPasswordStrategyByAlias } from "../../../database.ts";
+import route from "./spec.ts";
+
+export default route.access("public").handle(async ({ body: { alias, password: userPassword } }) => {
+  const strategy = await getPasswordStrategyByAlias(alias);
+  if (strategy === undefined) {
+    return logger.info({
+      type: "auth:password",
+      message: "Failed to get account with 'password' strategy.",
+      alias,
+    });
+  }
+
+  const isValidPassword = await password.verify(userPassword, strategy.password);
+  if (isValidPassword === false) {
+    return new BadRequestError("Invalid email/password provided.");
+  }
+
+  return new Response(null, {
+    status: 204,
+    headers: {
+      "set-cookie": cookie.serialize(
+        "token",
+        await auth.generate({ id: strategy.accountId }, "1 week"),
+        config.cookie(1000 * 60 * 60 * 24 * 7),
+      ),
+    },
+  });
+});

modules/identity/routes/login/password/spec.ts

@@ -0,0 +1,9 @@
+import { route } from "@platform/relay";
+import z from "zod";
+
+export default route.post("/api/v1/identities/login/password").body(
+  z.object({
+    alias: z.string(),
+    password: z.string(),
+  }),
+);