un · BlankParticle · May 21, 2024 · May 20, 2024
diff --git a/apps/platform/app.ts b/apps/platform/app.ts
@@ -1,4 +1,4 @@
-import type { Ctx } from './ctx';
+import type { Ctx, TrpcContext } from './ctx';
 import { env } from './env';
 import { Hono } from 'hono';
 import { serve } from '@hono/node-server';
@@ -42,12 +42,13 @@ app.use(
   '/trpc/*',
   trpcServer({
     router: trpcPlatformRouter,
-    createContext: (_, c) => ({
-      db,
-      account: c.get('account'),
-      org: null,
-      event: c
-    })
+    createContext: (_, c) =>
+      ({
+        db,
+        account: c.get('account'),
+        org: null,
+        event: c
+      }) satisfies TrpcContext
   })
 );
 

diff --git a/apps/platform/ctx.ts b/apps/platform/ctx.ts
@@ -1,13 +1,12 @@
 import type { HttpBindings } from '@hono/node-server';
+import type { DBType } from '@u22n/database';
+import type { Context } from 'hono';
 import type { DatabaseSession } from 'lucia';
 
 export type Ctx = {
   Bindings: HttpBindings;
   Variables: {
-    account: {
-      id: number;
-      session: any;
-    } | null;
+    account: AccountContext;
   };
 };
 
@@ -29,3 +28,10 @@ export type AccountContext = {
   id: number;
   session: DatabaseSession;
 } | null;
+
+export type TrpcContext = {
+  db: DBType;
+  account: AccountContext;
+  org: OrgContext;
+  event: Context<Ctx>;
+};
diff --git a/apps/platform/middlewares.ts b/apps/platform/middlewares.ts
@@ -15,8 +15,7 @@ export const authMiddleware = createMiddleware<Ctx>(async (c, next) => {
       await next();
     } else {
       c.set('account', {
-        // @ts-expect-error, not typed properly yet
-        id: Number(sessionObject.attributes.account.id),
+        id: sessionObject.attributes.account.id,
         session: sessionObject
       });
       await next();

diff --git a/apps/platform/package.json b/apps/platform/package.json
@@ -5,8 +5,14 @@
   "scripts": {
     "dev": "tsx watch --clear-screen=false app.ts",
     "start": "node --import=tsx app.ts",
+    "build": "echo 'No build step configured'",
     "check": "tsc --noEmit"
   },
+  "exports": {
+    "./trpc": {
+      "types": "./trpc/index.ts"
+    }
+  },
   "dependencies": {
     "@hono/node-server": "^1.11.1",
     "@hono/trpc-server": "^0.3.1",

diff --git a/apps/platform/routes/auth.ts b/apps/platform/routes/auth.ts
@@ -1,21 +1,21 @@
 import { Hono } from 'hono';
-import type { Ctx } from '../ctx';
-import { lucia } from '../utils/auth';
+import type { Ctx } from '~platform/ctx';
+import { lucia } from '~platform/utils/auth';
 import { setCookie } from 'hono/cookie';
 
 export const authApi = new Hono<Ctx>();
 
 authApi.get('/status', async (c) => {
   const account = c.get('account');
-  if (!account || !account.id) {
+  if (!account) {
     return c.json({ authStatus: 'unauthenticated' });
   }
   return c.json({ authStatus: 'authenticated' });
 });
 
 authApi.post('/logout', async (c) => {
   const account = c.get('account');
-  if (!account || !account.id || !account.session || !account.session.id) {
+  if (!account) {
     return c.json({ ok: true });
   }
   const sessionId = account.session.id;

diff --git a/apps/platform/routes/realtime.ts b/apps/platform/routes/realtime.ts
@@ -1,12 +1,12 @@
 import { Hono } from 'hono';
-import type { Ctx } from '../ctx';
+import type { Ctx } from '~platform/ctx';
 import { zValidator } from '@hono/zod-validator';
 import { z } from 'zod';
-import { validateOrgShortCode } from '../utils/orgShortCode';
+import { validateOrgShortCode } from '~platform/utils/orgShortCode';
 import { db } from '@u22n/database';
 import { and, eq } from '@u22n/database/orm';
 import { orgMembers } from '@u22n/database/schema';
-import { realtime } from '../utils/realtime';
+import { realtime } from '~platform/utils/realtime';
 
 export const realtimeApi = new Hono<Ctx>();
 

diff --git a/apps/platform/storage.ts b/apps/platform/storage.ts
@@ -1,10 +1,15 @@
 import { env } from './env';
 import { ms } from 'itty-time';
 import redisDriver from 'unstorage/drivers/redis';
-import { createStorage } from 'unstorage';
+import { createStorage, type StorageValue } from 'unstorage';
+import type { DatabaseSession } from 'lucia';
+import type { OrgContext } from './ctx';
 
-const createCachedStorage = (base: string, ttl: number) =>
-  createStorage({
+const createCachedStorage = <T extends StorageValue = StorageValue>(
+  base: string,
+  ttl: number
+) =>
+  createStorage<T>({
     driver: redisDriver({
       url: env.DB_REDIS_CONNECTION_STRING,
       ttl,
@@ -14,8 +19,8 @@ const createCachedStorage = (base: string, ttl: number) =>
 
 export const storage = {
   auth: createCachedStorage('auth', ms('5 minutes')),
-  orgContext: createCachedStorage('org-context', ms('12 hours')),
-  session: createCachedStorage(
+  orgContext: createCachedStorage<OrgContext>('org-context', ms('12 hours')),
+  session: createCachedStorage<DatabaseSession>(
     'sessions',
     env.NODE_ENV === 'development' ? ms('12 hours') : ms('30 days')
   )

diff --git a/apps/platform/trpc/routers/authRouter/passkeyRouter.ts b/apps/platform/trpc/routers/authRouter/passkeyRouter.ts
@@ -1,5 +1,5 @@
 import { z } from 'zod';
-import { router, publicRateLimitedProcedure } from '../../trpc';
+import { router, publicRateLimitedProcedure } from '~platform/trpc/trpc';
 import { eq } from '@u22n/database/orm';
 import { accounts } from '@u22n/database/schema';
 import { TRPCError } from '@trpc/server';
@@ -13,13 +13,16 @@ import {
   typeIdValidator,
   zodSchemas
 } from '@u22n/utils';
-import { UAParser } from 'ua-parser-js';
-import { usePasskeys } from '../../../utils/auth/passkeys';
-import { usePasskeysDb } from '../../../utils/auth/passkeyDbAdaptor';
-import { lucia } from '../../../utils/auth';
+import {
+  verifyRegistrationResponse,
+  generateRegistrationOptions,
+  generateAuthenticationOptions,
+  verifyAuthenticationResponse
+} from '~platform/utils/auth/passkeys';
+import { createAuthenticator } from '~platform/utils/auth/passkeyUtils';
 import { validateUsername } from './signupRouter';
-import { createLuciaSessionCookie } from '../../../utils/session';
-import { env } from '../../../env';
+import { createLuciaSessionCookie } from '~platform/utils/session';
+import { env } from '~platform/env';
 import { ms } from 'itty-time';
 import { getCookie, setCookie } from 'hono/cookie';
 
@@ -42,7 +45,7 @@ export const passkeyRouter = router({
       }
 
       const publicId = typeIdGenerator('account');
-      const passkeyOptions = await usePasskeys.generateRegistrationOptions({
+      const passkeyOptions = await generateRegistrationOptions({
         userDisplayName: username,
         username: username,
         accountPublicId: publicId
@@ -63,7 +66,7 @@ export const passkeyRouter = router({
       const registrationResponse =
         input.registrationResponseRaw as RegistrationResponseJSON;
 
-      const passkeyVerification = await usePasskeys.verifyRegistrationResponse({
+      const passkeyVerification = await verifyRegistrationResponse({
         registrationResponse: registrationResponse,
         publicId: input.publicId
       });
@@ -104,7 +107,7 @@ export const passkeyRouter = router({
             });
           }
 
-          const insertPasskey = await usePasskeysDb.createAuthenticator(
+          const insertPasskey = await createAuthenticator(
             {
               accountId: Number(newAccount.insertId),
               credentialID: passkeyVerification.registrationInfo.credentialID,
@@ -137,12 +140,12 @@ export const passkeyRouter = router({
         }
       });
 
-      const cookie = await createLuciaSessionCookie(ctx.event, {
+      await createLuciaSessionCookie(ctx.event, {
         accountId,
         username: input.username,
         publicId: input.publicId
       });
-      setCookie(ctx.event, cookie.name, cookie.value, cookie.attributes);
+
       return { success: true };
     }),
 
@@ -160,7 +163,7 @@ export const passkeyRouter = router({
         maxAge: ms('5 minutes'),
         domain: env.PRIMARY_DOMAIN
       });
-      const passkeyOptions = await usePasskeys.generateAuthenticationOptions({
+      const passkeyOptions = await generateAuthenticationOptions({
         authChallengeId: authChallengeId
       });
 
@@ -187,11 +190,10 @@ export const passkeyRouter = router({
         });
       }
 
-      const passkeyVerification =
-        await usePasskeys.verifyAuthenticationResponse({
-          authenticationResponse: verificationResponse,
-          authChallengeId: challengeCookie
-        });
+      const passkeyVerification = await verifyAuthenticationResponse({
+        authenticationResponse: verificationResponse,
+        authChallengeId: challengeCookie
+      });
 
       if (
         !passkeyVerification.result.verified ||
@@ -231,26 +233,11 @@ export const passkeyRouter = router({
         });
       }
 
-      const { device, os } = UAParser(event.req.header('User-Agent'));
-      const userDevice =
-        device.type === 'mobile' ? device.toString() : device.vendor;
-
-      const accountSession = await lucia.createSession(account.id, {
-        account: {
-          id: account.id,
-          username: account.username,
-          publicId: account.publicId
-        },
-        device: userDevice || 'Unknown',
-        os: os.name || 'Unknown'
+      await createLuciaSessionCookie(ctx.event, {
+        accountId: account.id,
+        username: account.username,
+        publicId: account.publicId
       });
-      const cookie = lucia.createSessionCookie(accountSession.id);
-      setCookie(event, cookie.name, cookie.value, cookie.attributes);
-
-      await db
-        .update(accounts)
-        .set({ lastLoginAt: new Date() })
-        .where(eq(accounts.id, account.id));
 
       const defaultOrg = account.orgMemberships.sort((a, b) => a.id - b.id)[0]
         ?.org.shortcode;

diff --git a/apps/platform/trpc/routers/authRouter/passwordRouter.ts b/apps/platform/trpc/routers/authRouter/passwordRouter.ts
@@ -4,7 +4,7 @@ import {
   router,
   accountProcedure,
   publicRateLimitedProcedure
-} from '../../trpc';
+} from '~platform/trpc/trpc';
 import { eq } from '@u22n/database/orm';
 import { accounts } from '@u22n/database/schema';
 import {
@@ -14,14 +14,14 @@ import {
   strongPasswordSchema
 } from '@u22n/utils';
 import { TRPCError } from '@trpc/server';
-import { lucia } from '../../../utils/auth';
+import { lucia } from '~platform/utils/auth';
 import { validateUsername } from './signupRouter';
-import { createLuciaSessionCookie } from '../../../utils/session';
+import { createLuciaSessionCookie } from '~platform/utils/session';
 import { decodeHex } from 'oslo/encoding';
 import { TOTPController } from 'oslo/otp';
 import { setCookie, getCookie, deleteCookie } from 'hono/cookie';
-import { env } from '../../../env';
-import { storage } from '../../../storage';
+import { env } from '~platform/env';
+import { storage } from '~platform/storage';
 
 export const passwordRouter = router({
   /**
@@ -36,7 +36,7 @@ export const passwordRouter = router({
     )
     .mutation(async ({ ctx, input }) => {
       const { username, password } = input;
-      const { db, event } = ctx;
+      const { db } = ctx;
 
       const { accountId, publicId } = await db.transaction(async (tx) => {
         try {
@@ -66,18 +66,12 @@ export const passwordRouter = router({
         }
       });
 
-      const cookie = await createLuciaSessionCookie(ctx.event, {
+      await createLuciaSessionCookie(ctx.event, {
         accountId,
         username,
         publicId
       });
 
-      setCookie(event, cookie.name, cookie.value, cookie.attributes);
-      await db
-        .update(accounts)
-        .set({ lastLoginAt: new Date() })
-        .where(eq(accounts.id, accountId));
-
       return { success: true };
     }),
 
@@ -164,20 +158,14 @@ export const passwordRouter = router({
         }
       );
 
-      const cookie = await createLuciaSessionCookie(event, {
+      await createLuciaSessionCookie(event, {
         accountId,
         username,
         publicId
       });
 
-      setCookie(event, cookie.name, cookie.value, cookie.attributes);
       deleteCookie(event, 'un-2fa-challenge');
 
-      await db
-        .update(accounts)
-        .set({ lastLoginAt: new Date() })
-        .where(eq(accounts.id, accountId));
-
       return { success: true, error: null, recoveryCode };
     }),
 
@@ -296,17 +284,11 @@ export const passwordRouter = router({
       if (validPassword && otpValid) {
         const { id: accountId, username, publicId } = userResponse;
 
-        const cookie = await createLuciaSessionCookie(event, {
+        await createLuciaSessionCookie(event, {
           accountId,
           username,
           publicId
         });
-        setCookie(event, cookie.name, cookie.value, cookie.attributes);
-
-        await db
-          .update(accounts)
-          .set({ lastLoginAt: new Date() })
-          .where(eq(accounts.id, userResponse.id));
 
         const defaultOrg = userResponse.orgMemberships.sort(
           (a, b) => a.id - b.id
@@ -400,13 +382,12 @@ export const passwordRouter = router({
         await lucia.invalidateUserSessions(accountId);
       }
 
-      const cookie = await createLuciaSessionCookie(event, {
+      await createLuciaSessionCookie(event, {
         accountId,
         username: accountData.username,
         publicId: accountData.publicId
       });
 
-      setCookie(event, cookie.name, cookie.value, cookie.attributes);
       return { success: true };
     })
 });