Update dependencies

package.json

@@ -9,12 +9,11 @@
   "main": "dist/server.js",
   "type": "module",
   "scripts": {
-    "build": "ttsc",
+    "build": "tspc",
     "clean": "tsc -b --clean",
     "dev": "nodemon --inspect src/server.ts",
     "start": "node .",
     "test": "ts-node-esm src/test/index.ts",
-    "cannon": "npx autocannon -c 500 -d 30 --renderStatusCodes --latency localhost:3000/bin",
     "generateKeys": "node ./bin/generateKeys.js"
   },
   "keywords": [
@@ -33,22 +32,22 @@
   },
   "homepage": "modscleo4.dev.br/chess",
   "dependencies": {
-    "@prisma/client": "^4.9.0",
+    "@prisma/client": "^4.12.0",
     "dotenv": "^16.0.3",
     "midori": "github:modscleo4/midori",
-    "prisma": "^4.9.0",
+    "prisma": "^4.12.0",
     "stockfish-nnue.wasm": "^1.0.0-1946a675.smolnet",
     "stockfish.wasm": "^0.10.0",
+    "ts-patch": "^3.1.1",
     "ws": "^8.12.0"
   },
   "devDependencies": {
-    "@types/node": "^18.11.18",
+    "@types/node": "^18.15.11",
     "@types/ws": "^8.5.4",
-    "nodemon": "^2.0.20",
+    "nodemon": "^2.0.22",
     "ts-node": "^10.9.1",
-    "tsconfig-paths": "^4.1.2",
-    "ttypescript": "^1.5.15",
-    "typescript": "^4.9.4",
+    "tsconfig-paths": "^4.2.0",
+    "typescript": "^5.0.3",
     "typescript-transform-paths": "^3.4.6"
   },
   "engines": {

src/app/handler/AuthHandler.ts

@@ -15,13 +15,15 @@
  */
 
 import { Application } from "midori/app";
-import { HTTPError } from "midori/errors";
-import { Hash } from "midori/hash";
-import { EStatusCode, Handler, Request, Response } from "midori/http";
+import { Auth } from "midori/auth";
+import { Handler, Request, Response } from "midori/http";
+import { JWT } from "midori/jwt";
+import { AuthServiceProvider, JWTServiceProvider } from "midori/providers";
+import { Payload } from "midori/util/jwt.js";
 import { generateUUID } from "midori/util/uuid.js";
 
 import UserDAO from "@core/dao/UserDAO.js";
-import { Auth } from "midori/auth";
+
 import { OpenIDServiceProvider } from "@app/providers/OpenIDServiceProvider.js";
 import OpenIDService from "@app/services/OpenIDService.js";
 
@@ -44,11 +46,13 @@ export class Login extends Handler {
 
 export class Callback extends Handler {
     #openID: OpenIDService;
+    #jwt: JWT;
 
     constructor(app: Application) {
         super(app);
 
         this.#openID = app.services.get(OpenIDServiceProvider);
+        this.#jwt = app.services.get(JWTServiceProvider);
     }
 
     async handle(req: Request): Promise<Response> {
@@ -89,8 +93,42 @@ export class Callback extends Handler {
             return Response.redirect('/');
         }
 
-        const user = await identity_response.json();
+        const OauthUser = await identity_response.json();
+
+        const user = await UserDAO.create({
+            id: generateUUID(),
+            username: OauthUser.preferred_username,
+            password: null,
+            email: OauthUser.email,
+        });
+
+        const issuedAt = Date.now();
+        const expires = 1000 * 60 * 60 * 1; // 1 hour
+
+        const token = this.#jwt.sign(<Payload & { username: string; }> {
+            iss: "http://localhost:3000",
+            sub: user.id,
+            //exp: Math.ceil((issuedAt + expires) / 1000),
+            iat: Math.floor(issuedAt / 1000),
+            jti: generateUUID(),
 
-        return Response.send(Buffer.from(`<script>localStorage.setItem('logged', 'true'); localStorage.setItem('oauth_user', '${JSON.stringify(user)}'); location.href = '/';</script>`));
+            username: user.username,
+        });
+
+        return Response.send(Buffer.from(`<script>localStorage.setItem('token', '${token}'); location.href = '/';</script>`));
+    }
+}
+
+export class User extends Handler {
+    #auth: Auth;
+
+    constructor(app: Application) {
+        super(app);
+
+        this.#auth = app.services.get(AuthServiceProvider);
+    }
+
+    async handle(req: Request): Promise<Response> {
+        return Response.json(this.#auth.user(req));
     }
 }

src/app/handler/GamesHandler.ts

@@ -13,9 +13,8 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { Application, Server } from "midori/app";
-import { HTTPError } from "midori/errors";
-import { EStatusCode, Handler, Request, Response } from "midori/http";
+import { Application } from "midori/app";
+import { Handler, Request, Response } from "midori/http";
 
 import GamesServiceProvider from "@app/providers/GamesServiceProvider.js";
 import GamesService from "@app/services/GamesService.js";
@@ -40,8 +39,10 @@ export class Played extends Handler {
         const gamesFormatted = [];
         for (const [gameId, game] of this.#games) {
             if (
-                !(game.player1Name === username && game.player1Secret === secret
-                || game.player2Name === username && game.player2Secret === secret)
+                game.player1Name !== username
+                || game.player1Secret !== secret
+                || game.player2Name !== username
+                || game.player2Secret !== secret
             ) {
                 continue;
             }

src/app/middleware/OauthScopeMiddleware.ts

@@ -21,8 +21,8 @@ import { Constructor } from "midori/util/types.js";
 export default function OauthScopeMiddlewareFactory(options: { scopes: string[]; }): Constructor<Middleware> {
     return class extends Middleware {
         async process(req: Request, next: (req: Request) => Promise<Response>): Promise<Response> {
-            if (req.container.get('jwt')) {
-                const userScopes = (req.container.get('jwt').scope ?? '').split(' ');
+            if (req.container.get('::jwt')) {
+                const userScopes = (req.container.get('::jwt').scope ?? '').split(' ');
                 for (const scope of options.scopes) {
                     if (!userScopes.includes(scope)) {
                         throw new HTTPError(`Insufficient permissions: ${scope}`, EStatusCode.FORBIDDEN);

src/app/providers/GamesServiceProvider.ts

@@ -14,13 +14,14 @@
  * limitations under the License.
  */
 
-import { ServiceProvider, Server } from 'midori/app';
+import { ServiceProvider, Application } from 'midori/app';
+
 import GamesService from '@app/services/GamesService.js';
 
 export default class GamesServiceProvider extends ServiceProvider<GamesService> {
     static service: string = 'ChessGames';
 
-    register(server: Server): GamesService {
+    register(app: Application): GamesService {
         return new GamesService();
     }
 }

src/app/providers/OpenIDServiceProvider.ts

@@ -14,17 +14,18 @@
  * limitations under the License.
  */
 
-import OpenIDService from "@app/services/OpenIDService.js";
-import { Server, ServiceProvider } from "midori/app";
+import { Application, ServiceProvider } from "midori/app";
 import { Constructor } from "midori/util/types.js";
 
+import OpenIDService from "@app/services/OpenIDService.js";
+
 export abstract class OpenIDServiceProvider extends ServiceProvider<OpenIDService> {
     static service: string = 'OpenID';
 }
 
 export default function (openIDService: OpenIDService): Constructor<OpenIDServiceProvider> & { [K in keyof typeof OpenIDServiceProvider]: typeof OpenIDServiceProvider[K] } {
     return class extends OpenIDServiceProvider {
-        register(server: Server): OpenIDService {
+        register(app: Application): OpenIDService {
             return openIDService;
         }
     };

src/app/routes/index.ts

@@ -28,14 +28,17 @@ const Router = new RouterWrapper();
  * Use the Router.get(), Router.post(), Router.put(), Router.patch(), Router.delete() methods to define your routes
  * Use the Router.group() method to group routes under a common prefix
  * Use the Router.route() method to define a route using a custom HTTP method
+ *
+ * Beware of trailing slashes! The Dispatcher Middleware will NOT remove nor add trailing slashes to the request path
+ * `GET /foo` and `GET /foo/` are different routes and will be dispatched to different handlers
  */
 
 Router.get('/login', AuthHandler.Login).withName('auth.login');
 Router.get('/auth/callback', AuthHandler.Callback).withName('auth.callback');
 
 Router.group('/api', () => {
     Router.group('/games', () => {
-        Router.get('/', GamesHandler.List).withName('api.games.list');
+        Router.get('', GamesHandler.List).withName('api.games.list');
         Router.get('/played', GamesHandler.Played).withName('api.games.played');
     });
 });

src/config.ts

@@ -0,0 +1,76 @@
+/**
+ * Copyright 2023 Dhiego Cassiano Fogaça Barbosa
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { Server } from "midori/app";
+import {
+    CORSConfigProviderFactory,
+    ErrorConfigProviderFactory,
+    JWTConfigProviderFactory,
+    RequestConfigProviderFactory,
+    ResponseConfigProviderFactory
+} from "midori/providers";
+
+/**
+ * Configuration Providers
+ *
+ * Define your configuration providers here.
+ * Use the server.configure() method to add configuration providers to the application.
+ * Use the app.config.get() method to recover the configuration in your handlers and/or middleware constructors.
+ */
+
+export default function config(server: Server): void {
+    // Add configs here using `server.configure(ConfigProviderFactory(config))`
+    // Recover the config with app.config.get(ConfigProvider) in your handlers and middleware constructors
+
+    server.configure(CORSConfigProviderFactory({
+        origin: process.env.CORS_ORIGIN || '*',
+        methods: '*',
+        headers: '*',
+        maxAge: 86400,
+        openerPolicy: 'same-origin',
+        embedderPolicy: 'unsafe-none'
+    }));
+
+    server.configure(ErrorConfigProviderFactory({
+        exposeErrors: process.env.EXPOSE_ERRORS?.toUpperCase() === 'TRUE',
+    }));
+
+    server.configure(JWTConfigProviderFactory({
+        sign: {
+            alg: process.env.JWS_ALGORITHM || 'HS256',
+            secret: process.env.JWS_SECRET,
+            privateKeyFile: process.env.JWS_PRIVATE_KEY
+        },
+        encrypt: {
+            alg: process.env.JWE_ALGORITHM || 'RSA-OAEP-256',
+            enc: process.env.JWE_ENCRYPTION || 'A256GCM',
+            secret: process.env.JWE_SECRET,
+            privateKeyFile: process.env.JWE_PRIVATE_KEY,
+            ephemeralPrivateKeyFile: process.env.JWE_EPHEMERAL_KEY,
+        },
+    }));
+
+    server.configure(RequestConfigProviderFactory({
+        maxBodySize: 1024 * 1024,
+    }));
+
+    server.configure(ResponseConfigProviderFactory({
+        compression: {
+            enabled: false,
+            contentTypes: ['*/*'],
+        },
+    }));
+}

src/core/dao/UserDAO.ts

@@ -32,14 +32,12 @@ export default class UserDAO {
         return await prisma.user.findFirst(args);
     }
 
-    static async save(id: string, { username }: { username: string; }): Promise<User> {
+    static async save(id: string, data: PrismaDTO.UserUpdateInput): Promise<User> {
         return await prisma.user.update({
             where: {
                 id
             },
-            data: {
-                username,
-            }
+            data
         });
     }
 

src/core/lib/chess.ts

@@ -1,4 +1,4 @@
-import { replaceAt } from "./util.js";
+import { randomBetween, replaceAt } from "./util.js";
 
 export type Piece = {
     char: PieceChar;
@@ -299,7 +299,7 @@ export function insufficientMaterial(board: Board): boolean {
     return false;
 }
 
-export function threefoldRepetition(fen: string): boolean {
+export function threefoldRepetition(fen: string[]): boolean {
     if (fen.length >= 6) {
         const currMov = fen[fen.length - 1];
         let dup = 1;

src/cron.ts

@@ -0,0 +1,28 @@
+/**
+ * Copyright 2023 Dhiego Cassiano Fogaça Barbosa
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import { Server } from "midori/app";
+
+/**
+ * Cron Jobs
+ *
+ * Define your cron jobs here.
+ * Use the server.schedule() method to add cron jobs to the application.
+ */
+
+export default function cron(server: Server): void {
+
+}