@vfarcic/dot-ai
Version:
AI-powered development productivity platform that enhances software development workflows through intelligent automation and AI-driven assistance
157 lines (156 loc) • 5.89 kB
JavaScript
;
/**
* Dex static user management for PRD #380 Task 2.5.
*
* CRUD operations on Dex static passwords via the Dex gRPC API.
* Changes take effect immediately in Dex's storage — no Secret
* editing or pod restarts needed.
*
* RBAC enforcement is deferred to Milestone 3 — any authenticated
* user can currently manage users.
*/
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
})();
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports._resetDexClient = _resetDexClient;
exports.createUser = createUser;
exports.listUsers = listUsers;
exports.deleteUser = deleteUser;
const node_path_1 = require("node:path");
const node_crypto_1 = require("node:crypto");
const grpc = __importStar(require("@grpc/grpc-js"));
const protoLoader = __importStar(require("@grpc/proto-loader"));
const bcryptjs_1 = __importDefault(require("bcryptjs"));
// ---------------------------------------------------------------------------
// gRPC client (lazy-initialized singleton)
// ---------------------------------------------------------------------------
// eslint-disable-next-line @typescript-eslint/no-explicit-any
let dexClient;
function getDexClient() {
if (!dexClient) {
const protoPath = (0, node_path_1.resolve)(__dirname, 'dex-api.proto');
const packageDef = protoLoader.loadSync(protoPath, {
keepCase: true,
longs: String,
enums: String,
defaults: true,
oneofs: true,
});
const proto = grpc.loadPackageDefinition(packageDef);
// eslint-disable-next-line @typescript-eslint/no-explicit-any
const DexService = proto.api.Dex;
const endpoint = getDexGrpcEndpoint();
dexClient = new DexService(endpoint, grpc.credentials.createInsecure());
}
return dexClient;
}
/** Reset the cached gRPC client — for testing only. */
function _resetDexClient() {
dexClient = undefined;
}
// ---------------------------------------------------------------------------
// Config helpers
// ---------------------------------------------------------------------------
function getDexGrpcEndpoint() {
return process.env.DEX_GRPC_ENDPOINT || 'localhost:5557';
}
const BCRYPT_ROUNDS = 10;
/** gRPC deadline for Dex calls (10 seconds). */
const GRPC_DEADLINE_MS = 10_000;
// ---------------------------------------------------------------------------
// Internal: promisified gRPC calls
// ---------------------------------------------------------------------------
function grpcCall(method, request) {
// eslint-disable-next-line @typescript-eslint/no-explicit-any
const client = getDexClient();
const deadline = new Date(Date.now() + GRPC_DEADLINE_MS);
return new Promise((resolve, reject) => {
client[method](request, { deadline }, (err, response) => {
if (err) {
reject(err);
}
else {
resolve(response);
}
});
});
}
// ---------------------------------------------------------------------------
// Public API
// ---------------------------------------------------------------------------
/**
* Create a new Dex static user.
* Rejects with a descriptive error if the email already exists.
*/
async function createUser(email, password) {
const hash = await bcryptjs_1.default.hash(password, BCRYPT_ROUNDS);
const username = email.split('@')[0];
const resp = await grpcCall('CreatePassword', {
password: {
email,
hash: Buffer.from(hash, 'utf8'),
username,
user_id: (0, node_crypto_1.randomUUID)(),
},
});
if (resp.already_exists) {
const err = new Error(`User "${email}" already exists`);
err.statusCode = 409;
throw err;
}
return { email, message: 'User created' };
}
/**
* List all Dex static users (emails only — no password hashes).
*/
async function listUsers() {
const resp = await grpcCall('ListPasswords', {});
return (resp.passwords ?? []).map((p) => ({ email: p.email }));
}
/**
* Delete a Dex static user by email.
* Rejects if the email is not found.
*/
async function deleteUser(email) {
const resp = await grpcCall('DeletePassword', { email });
if (resp.not_found) {
const err = new Error(`User "${email}" not found`);
err.statusCode = 404;
throw err;
}
return { email, message: 'User deleted' };
}