feat: auth

Author: smyllet

.env.example

@@ -3,10 +3,18 @@ PORT=3333
 HOST=0.0.0.0
 LOG_LEVEL=info
 APP_KEY=
+BASE_URL=http://localhost:3333
 NODE_ENV=development
 SESSION_DRIVER=cookie
 DB_HOST=127.0.0.1
 DB_PORT=3306
 DB_USER=root
 DB_PASSWORD=root
-DB_DATABASE=app
+DB_DATABASE=app
+SMTP_HOST=localhost
+SMTP_PORT=1025
+SMTP_USERNAME=username
+SMTP_PASSWORD=password
+SMTP_SECURE=false
+SMTP_FROM_EMAIL=dev@example.fr
+SMTP_FROM_NAME="Dev Aquatracking"

.vscode/extensions.json

@@ -1,7 +1,6 @@
 {
   "recommendations": [
     "jripouteau.adonis-extension-pack",
-    "vue.volar",
     "bradlc.vscode-tailwindcss",
     "csstools.postcss",
     "lokalise.i18n-ally"

.vscode/settings.json

@@ -2,5 +2,6 @@
   "editor.formatOnSave": true,
   "editor.defaultFormatter": "esbenp.prettier-vscode",
   "i18n-ally.enabledFrameworks": ["vue"],
-  "i18n-ally.localesPaths": ["resources/lang"]
+  "i18n-ally.localesPaths": ["resources/lang"],
+  "i18n-ally.keystyle": "nested"
 }

adonisrc.ts

@@ -10,7 +10,11 @@ export default defineConfig({
   | will be scanned automatically from the "./commands" directory.
   |
   */
-  commands: [() => import('@adonisjs/core/commands'), () => import('@adonisjs/lucid/commands')],
+  commands: [
+    () => import('@adonisjs/core/commands'),
+    () => import('@adonisjs/lucid/commands'),
+    () => import('@adonisjs/mail/commands'),
+  ],
 
   /*
   |--------------------------------------------------------------------------
@@ -39,6 +43,7 @@ export default defineConfig({
     () => import('@adonisjs/auth/auth_provider'),
     () => import('@adonisjs/inertia/inertia_provider'),
     () => import('@adonisjs/i18n/i18n_provider'),
+    () => import('@adonisjs/mail/mail_provider'),
   ],
 
   /*

app/controllers/auth/email_verification_controller.ts

@@ -0,0 +1,42 @@
+import UserToken from '#models/user_token'
+import type { HttpContext } from '@adonisjs/core/http'
+import vine from '@vinejs/vine'
+
+export default class EmailVerificationController {
+  async verify({ request, session, response, i18n }: HttpContext) {
+    const { token } = request.qs()
+
+    const validatedToken = await vine
+      .compile(vine.string())
+      .validate(token)
+      .catch(() => null)
+
+    if (!validatedToken) {
+      session.flashErrors({
+        E_MISSING_EMAIL_VERIFICATION_TOKEN: i18n.t('errors.E_MISSING_EMAIL_VERIFICATION_TOKEN'),
+      })
+      return response.redirect().toPath('/auth/login')
+    }
+
+    const user = await UserToken.getEmailVerificationUser(validatedToken)
+
+    if (user) {
+      user.verified = true
+      await user.save()
+
+      await UserToken.deleteUserEmailVerificationTokens(user)
+
+      session.flash('notification', {
+        type: 'success',
+        message: i18n.t('notifications.emailVerified'),
+      })
+    } else {
+      session.flashErrors({
+        E_INVALID_EMAIL_VERIFICATION_TOKEN_TRY_AGAIN: i18n.t(
+          'errors.E_INVALID_EMAIL_VERIFICATION_TOKEN_TRY_AGAIN'
+        ),
+      })
+    }
+    return response.redirect().toPath('/auth/login')
+  }
+}

app/controllers/auth/login_controller.ts

@@ -0,0 +1,43 @@
+import User from '#models/user'
+import UserToken from '#models/user_token'
+import MailService from '#services/mail_service'
+import { loginValidator } from '#validators/login_validator'
+import { inject } from '@adonisjs/core'
+import type { HttpContext } from '@adonisjs/core/http'
+
+@inject()
+export default class LoginController {
+  constructor(protected mailService: MailService) {}
+
+  /**
+   * Display the login form
+   */
+  async index({ inertia }: HttpContext) {
+    return inertia.render('auth/login')
+  }
+
+  /**
+   * Handle form submission for the login action
+   */
+  async store({ request, auth, response, session, i18n }: HttpContext) {
+    const { email, password, rememberMe } = await request.validateUsing(loginValidator)
+
+    const user = await User.verifyCredentials(email, password)
+
+    if (!user.verified) {
+      const token = await UserToken.generateEmailVerificationToken(user)
+      await this.mailService.sendEmailVerification(user, token, i18n.locale)
+
+      session.flash('notification', {
+        type: 'warn',
+        message: i18n.t('notifications.emailNotVerified'),
+      })
+
+      return response.redirect().back()
+    }
+
+    await auth.use('web').login(user, rememberMe)
+
+    return response.redirect('/')
+  }
+}

app/controllers/auth/logout_controller.ts

@@ -0,0 +1,12 @@
+import type { HttpContext } from '@adonisjs/core/http'
+
+export default class LogoutController {
+  /**
+   * Handle form submission for the logout action
+   */
+  async store({ auth, response }: HttpContext) {
+    await auth.use('web').logout()
+
+    return response.redirect('/auth/login')
+  }
+}

app/controllers/auth/password_reset_controller.ts

@@ -0,0 +1,69 @@
+import User from '#models/user'
+import UserToken from '#models/user_token'
+import MailService from '#services/mail_service'
+import { passwordForgotValidator } from '#validators/password_forgot_validator'
+import { passwordResetValidator } from '#validators/password_reset_validator'
+import { inject } from '@adonisjs/core'
+import { type HttpContext } from '@adonisjs/core/http'
+
+@inject()
+export default class PasswordResetController {
+  constructor(protected mailService: MailService) {}
+
+  async forgot({ inertia }: HttpContext) {
+    return inertia.render('auth/password/forgot')
+  }
+
+  async send({ request, response, session, i18n }: HttpContext) {
+    const { email } = await request.validateUsing(passwordForgotValidator)
+
+    const user = await User.findBy('email', email)
+
+    if (user) {
+      const token = await UserToken.generatePasswordResetToken(user)
+
+      await this.mailService.sendPasswordReset(user, token, i18n.locale)
+    }
+
+    session.flash('notification', {
+      type: 'success',
+      message: i18n.t('notifications.resetLinkSent'),
+    })
+
+    return response.redirect().back()
+  }
+
+  async reset({ inertia, request }: HttpContext) {
+    return inertia.render('auth/password/reset', {
+      token: request.qs().token,
+    })
+  }
+
+  async store({ request, response, session, i18n }: HttpContext) {
+    const { token, password } = await request.validateUsing(passwordResetValidator)
+
+    const user = await UserToken.getPasswordResetUser(token)
+
+    if (!user) {
+      session.flash('errors', {
+        token: [i18n.t('validation.invalidToken')],
+      })
+      session.flashAll()
+      return response.redirect().back()
+    }
+
+    user.password = password
+    await user.save()
+
+    await UserToken.deleteUserPasswordResetTokens(user)
+
+    await this.mailService.sendPasswordResetConfirmation(user, i18n.locale)
+
+    session.flash('notification', {
+      type: 'success',
+      message: i18n.t('notifications.passwordReset'),
+    })
+
+    return response.redirect().toPath('/auth/login')
+  }
+}

app/controllers/auth/register_controller.ts

@@ -0,0 +1,37 @@
+import User from '#models/user'
+import UserToken from '#models/user_token'
+import MailService from '#services/mail_service'
+import { createRegisterValidator } from '#validators/register_validator'
+import { inject } from '@adonisjs/core'
+import type { HttpContext } from '@adonisjs/core/http'
+
+@inject()
+export default class RegisterController {
+  constructor(protected mailService: MailService) {}
+
+  /**
+   * Display the registration form
+   */
+  async index({ inertia }: HttpContext) {
+    return inertia.render('auth/register')
+  }
+
+  /**
+   * Handle form submission for the create action
+   */
+  async store({ request, response, session, i18n }: HttpContext) {
+    const { fullName, email, password } = await request.validateUsing(createRegisterValidator)
+
+    const user = await User.create({ fullName, email, password })
+
+    const token = await UserToken.generateEmailVerificationToken(user)
+    await this.mailService.sendEmailVerification(user, token, i18n.locale)
+
+    session.flash('notification', {
+      type: 'success',
+      message: i18n.t('notifications.accountCreatedCheckEmail'),
+    })
+
+    return response.redirect().toPath('/auth/login')
+  }
+}

app/controllers/home_controller.ts

@@ -0,0 +1,7 @@
+import { HttpContext } from '@adonisjs/core/http'
+
+export default class HomeController {
+  async index({ inertia }: HttpContext) {
+    return inertia.render('home')
+  }
+}

app/dto/user_dto.ts

@@ -0,0 +1,15 @@
+import vine from '@vinejs/vine'
+import { Infer } from '@vinejs/vine/types'
+
+const userDtoSchema = vine.object({
+  id: vine.string(),
+  fullName: vine.string(),
+  email: vine.string(),
+  verified: vine.boolean(),
+  createdAt: vine.date(),
+  updatedAt: vine.date(),
+})
+
+export const userDtoValidator = vine.compile(userDtoSchema)
+
+export type UserDto = Infer<typeof userDtoSchema>

app/middleware/auth_middleware.ts

@@ -10,7 +10,7 @@ export default class AuthMiddleware {
   /**
    * The URL to redirect to, when authentication fails
    */
-  redirectTo = '/login'
+  redirectTo = '/auth/login'
 
   async handle(
     ctx: HttpContext,

app/models/user.ts

@@ -1,17 +1,23 @@
-import { DateTime } from 'luxon'
-import hash from '@adonisjs/core/services/hash'
-import { compose } from '@adonisjs/core/helpers'
-import { BaseModel, column } from '@adonisjs/lucid/orm'
 import { withAuthFinder } from '@adonisjs/auth/mixins/lucid'
+import { DbRememberMeTokensProvider } from '@adonisjs/auth/session'
+import { compose } from '@adonisjs/core/helpers'
+import hash from '@adonisjs/core/services/hash'
+import { BaseModel, beforeCreate, column, hasMany } from '@adonisjs/lucid/orm'
+import type { HasMany } from '@adonisjs/lucid/types/relations'
+import { DateTime } from 'luxon'
+import { randomUUID } from 'node:crypto'
+import UserToken from './user_token.js'
 
 const AuthFinder = withAuthFinder(() => hash.use('scrypt'), {
   uids: ['email'],
   passwordColumnName: 'password',
 })
 
 export default class User extends compose(BaseModel, AuthFinder) {
+  static selfAssignPrimaryKey = true
+
   @column({ isPrimary: true })
-  declare id: number
+  declare id: string
 
   @column()
   declare fullName: string | null
@@ -22,9 +28,32 @@ export default class User extends compose(BaseModel, AuthFinder) {
   @column({ serializeAs: null })
   declare password: string
 
+  @column()
+  declare verified: boolean
+
   @column.dateTime({ autoCreate: true })
   declare createdAt: DateTime
 
   @column.dateTime({ autoCreate: true, autoUpdate: true })
   declare updatedAt: DateTime | null
+
+  @hasMany(() => UserToken)
+  declare tokens: HasMany<typeof UserToken>
+
+  @hasMany(() => UserToken, {
+    onQuery: (query) => query.where('type', 'PASSWORD_RESET'),
+  })
+  declare passwordResetToken: HasMany<typeof UserToken>
+
+  @hasMany(() => UserToken, {
+    onQuery: (query) => query.where('type', 'EMAIL_VERIFICATION'),
+  })
+  declare emailVerificationToken: HasMany<typeof UserToken>
+
+  static readonly rememberMeTokens = DbRememberMeTokensProvider.forModel(User)
+
+  @beforeCreate()
+  static assignUuid(user: User) {
+    user.id = randomUUID()
+  }
 }