Merge pull request #1 from modscleo4/midori

Switch to Midori framework
modscleo4 · Mar 14, 2023 · 28c9667 · 28c9667
2 parents af7104f + 7659087
commit 28c9667
Show file tree

Hide file tree

Showing 77 changed files with 3,962 additions and 4,729 deletions.
diff --git a/.env.example b/.env.example
@@ -0,0 +1,21 @@
+OPENID_AUTH_URL=https://auth.example.com/realms/mail/protocol/openid-connect/auth
+OPENID_TOKEN_URL=https://auth.example.com/realms/mail/protocol/openid-connect/token
+OPENID_IDENTITY_URL=https://auth.example.com/realms/mail/protocol/openid-connect/userinfo
+OPENID_REDIRECT_URL=http://localhost:3000/auth/callback
+OPENID_CLIENT_ID=chess
+OPENID_CLIENT_SECRET=
+
+DATABASE_URL=postgresql://postgres:postgres@localhost:5432/apiframework
+
+JWS_ALGORITHM=RS256
+JWS_SECRET=secret
+JWS_PUBLIC_KEY=./keys/jws_public.pem
+JWS_PRIVATE_KEY=./keys/jws_private.pem
+
+JWE_ALGORITHM=RSA-OAEP
+JWE_ENCRYPTION=A256GCM
+JWE_SECRET=secret
+JWE_PUBLIC_KEY=./keys/jwe_public.pem
+JWE_PRIVATE_KEY=./keys/jwe_private.pem
+
+EXPOSE_ERRORS=true
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -0,0 +1,50 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# GitHub recommends pinning actions to a commit SHA.
+# To get a newer version, you will need to update the SHA.
+# You can also reference a tag or branch, but the action may change without warning.
+
+name: Create and publish a Docker image
+
+on:
+  push:
+    branches: ['main']
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@507c2f2dc502c992ad446e3d7a5dfbe311567a96
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,6 @@
+# Keys
+keys/
+
 # Logs
 logs
 *.log

diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -0,0 +1,45 @@
+{
+    // Use o IntelliSense para saber mais sobre os atributos possíveis.
+    // Focalizar para exibir as descrições dos atributos existentes.
+    // Para obter mais informações, acesse: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "type": "node",
+            "request": "launch",
+            "name": "NPM Start (Dev)",
+            "skipFiles": [
+                "<node_internals>/**"
+            ],
+            "runtimeExecutable": "npm",
+            "runtimeArgs": [
+                "run",
+                "dev"
+            ]
+        },
+        {
+            "type": "node",
+            "request": "launch",
+            "name": "NPM Start (Prod)",
+            "skipFiles": [
+                "<node_internals>/**"
+            ],
+            "preLaunchTask": {
+                "type": "npm",
+                "script": "build"
+            },
+            "runtimeExecutable": "npm",
+            "runtimeArgs": [
+                "run",
+                "start"
+            ]
+        },
+        {
+            "type": "node",
+            "request": "attach",
+            "name": "Node: Attach Nodemon",
+            "processId": "${command:PickProcess}",
+            "restart": true
+        }
+    ]
+}
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,16 @@
+FROM node:18-alpine
+
+WORKDIR /app
+
+COPY . .
+RUN rm -f .env
+
+RUN npm ci; \
+  npx prisma generate; \
+  npm run build; \
+  npm run generateKeys; \
+  npm prune --production
+
+EXPOSE 3000
+
+CMD ["npm", "run", "start"]
diff --git a/bin/generateKeys.js b/bin/generateKeys.js
@@ -0,0 +1,33 @@
+import crypto from "node:crypto";
+import { existsSync } from "node:fs";
+import { mkdir, writeFile } from "node:fs/promises";
+
+/**
+ *
+ * @param {'rsa'|'ec'} alg
+ */
+function generateKeypair(alg) {
+    return crypto.generateKeyPairSync(alg, {
+        publicKeyEncoding: {
+            format: 'pem',
+            type: 'spki'
+        },
+        privateKeyEncoding: {
+            format: 'pem',
+            type: 'pkcs8',
+        },
+        ...(alg === 'ec' ? { namedCurve: 'secp521r1' } : { modulusLength: 2048 })
+    });
+}
+
+if (!existsSync('./keys')) {
+    await mkdir('./keys');
+}
+
+const { publicKey: jwsPublicKey, privateKey: jwsPrivateKey } = generateKeypair('rsa');
+await writeFile('./keys/jws_public.pem', jwsPublicKey, { encoding: 'utf8' });
+await writeFile('./keys/jws_private.pem', jwsPrivateKey, { encoding: 'utf8' });
+
+const { publicKey: jwePublicKey, privateKey: jwePrivateKey } = generateKeypair('rsa');
+await writeFile('./keys/jwe_public.pem', jwePublicKey, { encoding: 'utf8' });
+await writeFile('./keys/jwe_private.pem', jwePrivateKey, { encoding: 'utf8' });
diff --git a/bin/loader.js b/bin/loader.js
@@ -0,0 +1,29 @@
+/**
+ * Thanks to @charles-allen
+ * @see https://github.com/TypeStrong/ts-node/discussions/1450#discussioncomment-1806115
+ */
+
+import { pathToFileURL } from "url";
+import { resolve as resolveTs, getFormat, transformSource, load } from "ts-node/esm";
+import * as tsConfigPaths from 'tsconfig-paths';
+
+export { getFormat, transformSource, load };
+
+const { absoluteBaseUrl, paths } = tsConfigPaths.loadConfig();
+const matchPath = tsConfigPaths.createMatchPath(absoluteBaseUrl, paths);
+
+export function resolve(specifier, context, defaultResolver) {
+    const lastIndexOfIndex = specifier.lastIndexOf('/index.js');
+    if (lastIndexOfIndex !== -1) {
+        // Handle index.js
+        const trimmed = specifier.substring(0, lastIndexOfIndex);
+        const match = matchPath(trimmed);
+        if (match) return resolveTs(pathToFileURL(`${match}/index.js`).href, context, defaultResolver);
+    } else if (specifier.endsWith('.js')) {
+        // Handle *.js
+        const trimmed = specifier.substring(0, specifier.length - 3);
+        const match = matchPath(trimmed);
+        if (match) return resolveTs(pathToFileURL(`${match}.js`).href, context, defaultResolver);
+    }
+    return resolveTs(specifier, context, defaultResolver);
+}
-Original file line number
+Diff line change
@@ -1,3 +1,6 @@
+    # Keys
+    keys/
     # Logs
     logs
     *.log
@@ Expand Down @@