diff --git a/backend/auth/google.js b/backend/auth/google.js new file mode 100644 index 00000000..101a8418 --- /dev/null +++ b/backend/auth/google.js @@ -0,0 +1,177 @@ +const passport = require("passport"); +const { Strategy: GoogleStrategy } = require("passport-google-oauth20"); + + +function getFrontendOrigin(req) { + const proto = req.headers["x-forwarded-proto"] || req.protocol; + const host = req.headers["x-forwarded-host"] || req.get("host"); + return `${proto}://${host}`; +} + +console.log('google.ts') +function setUpGoogleAuth(app) { + console.log("[auth] Google routes registered"); + + async function fetchUserinfo(accessToken) { + if (!accessToken) return {}; + try { + const resp = await fetch("https://openidconnect.googleapis.com/v1/userinfo", { + headers: { Authorization: `Bearer ${accessToken}` }, + }); + return resp.ok ? await resp.json() : {}; + } catch (err) { + console.log(`Error in fetchUserinfo: ${err}`); + return {}; + } + } + + passport.use(new GoogleStrategy( + { + clientID: process.env.GOOGLE_CLIENT_ID, + clientSecret: process.env.GOOGLE_CLIENT_SECRET, + callbackURL: "/auth/google/callback", + passReqToCallback: true //Enabled to receive id_token + }, + async (req, access_token, refresh_token, params, profile, done) => { + // const id_token = params?.id_token; // <-- OIDC JWT + // return done(null, { provider: "Google" }, { accessToken, refreshToken, id_token, profile }); + try { + let email = profile.emails && profile.emails.length ? profile.emails[0].value : null; + let fullName = profile.displayName || null; + let accessToken = access_token ?? null; + if (!email || !fullName) { + const user = await fetchUserinfo(accessToken); + email = email || user.email || null; + fullName = fullName || user?.name || + [user?.given_name, user?.family_name].filter(Boolean).join(" ") || null; + } + + const expires_in = params?.expires_in ?? null; + const expires_at = (expires_in != null) ? new Date(Date.now() + expires_in * 1000) : null; + console.log(`expires_in: ${expires_in}, expires_at: ${expires_at}`) + let data = { + provider: "Google", + provider_user_id: profile.id, + access_token: accessToken, + refresh_token: refresh_token ?? null, + id_token: params?.id_token ?? null, + token_response: { params, profile } + } + console.log(JSON.parse(JSON.stringify(data))) + + let user = { + email, + fullName: fullName, + idToken: params?.id_token ?? null, + accessToken, + }; + console.log("[GoogleStrategy] success user:", user); + return done(null, user); + } catch (err) { + return done(err); + } + } + + )); + + app.get("/auth/google", + passport.authenticate("google", { + scope: ["profile", "email", "openid"], //'openid' ensures OIDC id_token + accessType: "offline", // request refresh_token + prompt: "consent", // Ensures refresh_token is returned + session: false, // Passport session not needed + state: true // CSRF protection (Passport can manage state) + }) + ); + + app.get("/auth/google/callback", + passport.authenticate("google", { + session: false, + failureRedirect: "/login" + }), + async (req, res) => { + try { + console.log("[Callback handler] SUCCESS, req.user:", req.user); + + const query = ` + mutation($userEmail: String!) { + authenticateGoogle(input: { userEmail: $userEmail }) { + jwtToken { + role + personId + } + } + } + `; + + console.log("email", req.user?.email); + + const endpoint = process.env.GRAPHQL_ENDPOINT || "http://localhost:4000/graphql"; + const payload = { query, variables: { userEmail: req.user?.email } }; + + console.log("GraphQL endpoint:", endpoint); + console.log("Request body:", JSON.stringify(payload)); + console.log("Request cookies:", req.headers.cookie || ""); + const pgResp = await fetch(endpoint, { + method: "POST", + headers: { + "Content-Type": "application/json", + cookie: req.headers.cookie || "", // Pass cookies so LoginPlugin can attach new one + }, + body: JSON.stringify(payload), + }); + + console.log("pgResp status:", pgResp.status, pgResp.statusText); + + const text = await pgResp.text(); + console.log("pgResp raw:", text); + + let data; + try { + data = JSON.parse(text); + } catch (err) { + console.error("JSON parse error", err); + throw err; + } + + // const data = await pgResp.json(); + const jwtToken = data.data?.authenticateGoogle?.jwtToken; + console.log("pgResp jwtToken:", jwtToken); + if (!jwtToken) { + return res.redirect("/login?error=notfound"); + } + + console.log("[Google callback] JWT claims:", jwtToken); + + //#region to be removed later + // if (!email) return res.redirect("/login"); + // const email = req.user?.email; + // res.cookie("google_email", email, { + // httpOnly: true, + // secure: true, + // sameSite: "lax", + // maxAge: 5 * 60 * 1000, // 5 minutes + // }); + // req.session.person_id = /* your person id */; + // req.session.role = /* your role */; + // console.log('frontend-origin', process.env.FRONTEND_ORIGIN) + // const FRONTEND = process.env.FRONTEND_ORIGIN || "http://localhost:3333"; + // res.redirect(`${FRONTEND}/#/mealplans`); + //#endregion + + const origin = getFrontendOrigin(req); + console.log('origin', origin) + const path = "/#/mealplans"; + console.log(`${origin}${path}`); + res.redirect(`${origin}${path}`); + + } catch (err) { + console.error("Error in Google callback:", err.stack); + return res.redirect("/login?error=server"); + } + } + ); + +} + +module.exports = { setUpGoogleAuth }; \ No newline at end of file diff --git a/backend/db_migrations/000021_social-login.down.sql b/backend/db_migrations/000021_social-login.down.sql new file mode 100644 index 00000000..434f840e --- /dev/null +++ b/backend/db_migrations/000021_social-login.down.sql @@ -0,0 +1,3 @@ +BEGIN; + DROP TABLE IF EXISTS app.social_login CASCADE; +COMMIT; \ No newline at end of file diff --git a/backend/db_migrations/000021_social-login.up.sql b/backend/db_migrations/000021_social-login.up.sql new file mode 100644 index 00000000..fc0257b6 --- /dev/null +++ b/backend/db_migrations/000021_social-login.up.sql @@ -0,0 +1,35 @@ +BEGIN; + +CREATE TABLE IF NOT EXISTS app.social_login ( + id BIGSERIAL PRIMARY KEY, + provider TEXT NOT NULL CHECK (provider IN ('Google', 'Facebook')), + provider_user_id TEXT NOT NULL, + access_token TEXT NOT NULL, + refresh_token TEXT NOT NULL, + id_token TEXT NOT NULL, + token_response JSONB NOT NULL DEFAULT '{}', + is_active BOOLEAN NOT NULL DEFAULT true, --social login deactivate + created_at TIMESTAMP DEFAULT now() NOT NULL, + updated_at TIMESTAMP DEFAULT now() NOT NULL, + person_id BIGINT NOT NULL REFERENCES app.person (id) ON DELETE CASCADE, + + -- Enforce uniqueness: One provider per person + CONSTRAINT unique_provider_per_person UNIQUE (person_id, provider), + + -- Prevent duplicate provider_user_id across provider + CONSTRAINT unique_provider_user_id UNIQUE (provider, provider_user_id) +); + +CREATE TRIGGER tg_social_login_set_updated_at BEFORE UPDATE +ON app.social_login +FOR EACH ROW EXECUTE FUNCTION app.set_updated_at(); + +CREATE TRIGGER tg_social_login_set_created_at BEFORE INSERT +ON app.social_login +FOR EACH ROW EXECUTE FUNCTION app.set_created_at(); + +GRANT SELECT, INSERT, UPDATE, DELETE on table app.social_login to app_user, app_meal_designer, app_admin; + +GRANT USAGE, SELECT ON SEQUENCE app.social_login_id_seq TO app_user, app_meal_designer, app_admin; + +COMMIT; diff --git a/backend/db_migrations/000022_session.down.sql b/backend/db_migrations/000022_session.down.sql new file mode 100644 index 00000000..aea42c1c --- /dev/null +++ b/backend/db_migrations/000022_session.down.sql @@ -0,0 +1,3 @@ +BEGIN; + DROP TABLE IF EXISTS app.session CASCADE; +COMMIT; \ No newline at end of file diff --git a/backend/db_migrations/000022_session.up.sql b/backend/db_migrations/000022_session.up.sql new file mode 100644 index 00000000..2b41e456 --- /dev/null +++ b/backend/db_migrations/000022_session.up.sql @@ -0,0 +1,26 @@ +BEGIN; + +CREATE TABLE IF NOT EXISTS app.session ( + id BIGSERIAL PRIMARY KEY, + auth_channel TEXT NOT NULL CHECK (auth_channel IN ('Password', 'Google', 'Facebook')), + timestamp TIMESTAMP NOT NULL DEFAULT now(), + person_id BIGINT NOT NULL REFERENCES app.person(id) ON DELETE CASCADE, + social_login_id BIGINT REFERENCES app.social_login(id) ON DELETE CASCADE +); + +-- index to speed up lookups by person +CREATE INDEX IF NOT EXISTS idx_session_person_id ON app.session(person_id); + +CREATE TRIGGER tg_session_set_updated_at BEFORE UPDATE +ON app.session +FOR EACH ROW EXECUTE FUNCTION app.set_updated_at(); + +CREATE TRIGGER tg_session_set_created_at BEFORE INSERT +ON app.session +FOR EACH ROW EXECUTE FUNCTION app.set_created_at(); + +GRANT SELECT, INSERT, UPDATE, DELETE on table app.session to app_user, app_meal_designer, app_admin; + +GRANT USAGE, SELECT ON SEQUENCE app.session_id_seq TO app_user, app_meal_designer, app_admin; + +COMMIT; \ No newline at end of file diff --git a/backend/db_migrations/000023_add-status-to-person.down.sql b/backend/db_migrations/000023_add-status-to-person.down.sql new file mode 100644 index 00000000..aa58b417 --- /dev/null +++ b/backend/db_migrations/000023_add-status-to-person.down.sql @@ -0,0 +1,6 @@ +BEGIN; +ALTER TABLE app.person DROP COLUMN IF EXISTS status; +ALTER TYPE app.current_user DROP ATTRIBUTE IF EXISTS status; +DROP TYPE IF EXISTS app.status_type; +DROP FUNCTION IF EXISTS app.current_person(); +COMMIT; \ No newline at end of file diff --git a/backend/db_migrations/000023_add-status-to-person.up.sql b/backend/db_migrations/000023_add-status-to-person.up.sql new file mode 100644 index 00000000..50a2d4c9 --- /dev/null +++ b/backend/db_migrations/000023_add-status-to-person.up.sql @@ -0,0 +1,25 @@ +-- Create the enum type: app.status_type +DO $$ BEGIN + CREATE TYPE app.status_type AS ENUM ('app_pending', 'app_active', 'app_inactive'); +EXCEPTION + WHEN duplicate_object THEN NULL; +END $$; + +-- Add the new column using the enum +ALTER TABLE app.person ADD COLUMN status app.status_type NOT NULL DEFAULT 'app_pending'; + +ALTER TYPE app.current_user ADD ATTRIBUTE status TEXT; + +-- Add status to the function: app.current_person() +CREATE OR REPLACE FUNCTION app.current_person() RETURNS app.current_user AS $$ + SELECT + app.person.id, + app.person.role::text, + app.person.email, + app.person.full_name, + app.person.slug, + app.person.terms_and_conditions, + app.person.status::text + FROM app.person + WHERE id = nullif(current_setting('jwt.claims.person_id', true), '')::bigint +$$ LANGUAGE sql STABLE SECURITY DEFINER; \ No newline at end of file diff --git a/backend/db_migrations/000024_add-authenticate-google.down.sql b/backend/db_migrations/000024_add-authenticate-google.down.sql new file mode 100644 index 00000000..6a56f1e7 --- /dev/null +++ b/backend/db_migrations/000024_add-authenticate-google.down.sql @@ -0,0 +1,5 @@ +begin; + +DROP FUNCTION IF EXISTS app.authenticate_google (text); + +commit; \ No newline at end of file diff --git a/backend/db_migrations/000024_add-authenticate-google.up.sql b/backend/db_migrations/000024_add-authenticate-google.up.sql new file mode 100644 index 00000000..00c3de60 --- /dev/null +++ b/backend/db_migrations/000024_add-authenticate-google.up.sql @@ -0,0 +1,29 @@ + +-- Authenticate Google login by email. +-- If the email exists in the person table, issue a JWT with role and person_id; +-- otherwise return null. + +create or replace function app.authenticate_google(user_email text) +returns app.jwt_token as $$ +declare + person app.person; +begin + -- look up person by email + select * into person + from app.person p + where p.email = user_email; + + if person is null then + return null; -- email not found in DB + end if; + + -- issue jwt_token: (role, person_id, exp) + return ( + person.role::text, + person.id, + extract(epoch from (now() + interval '7 days')) + )::app.jwt_token; +end; +$$ language plpgsql security definer; +comment on function app.authenticate_google(text) is 'Authenticate Google login by email. If email exists in the person table, issue a JWT with claims for Person and role; otherwise return null.'; +grant execute on function app.authenticate_google(text) to app_anonymous, app_user; diff --git a/backend/hooks/login_plugin.js b/backend/hooks/login_plugin.js index daac9eb8..948ba1e7 100644 --- a/backend/hooks/login_plugin.js +++ b/backend/hooks/login_plugin.js @@ -9,24 +9,26 @@ const useAuthCredentials = (build) => { if(!isRootMutation) { return null; } - if(!pgFieldIntrospection || pgFieldIntrospection.name !== 'authenticate') { - return null; - } + const authMutations = ["authenticate", "authenticateGoogle"]; + if (!pgFieldIntrospection || !authMutations.includes(pgFieldIntrospection.name)) { + return null; + } // explaining the double negative. If pgFieldIntrospection is not null and has // the name 'authenticate' only then we need to run the following. - console.log('ready to setup hook...'); + console.log(`ready to setup hook for ${pgFieldIntrospection.name}`); return { before: [], after: [{ priority: 100, callback: (result, args, context, resolvInfo) => { - console.log('hook triggered', result); - if(result.data == null) { + console.log(`hook triggered for ${pgFieldIntrospection.name} ${result}`); + if(result.data == null || result.data['@jwtToken'] == null) { resolvInfo.graphileMeta.messages.push({ level: "error", message: "invalid credentials" }); } else { + console.log("LoginPlugin setting cookie for:", result.data['@jwtToken']); context.setAuthCookie( result.data['@jwtToken'].personId, result.data['@jwtToken'].role); diff --git a/backend/package-lock.json b/backend/package-lock.json index 32903622..595e3c00 100644 --- a/backend/package-lock.json +++ b/backend/package-lock.json @@ -12,9 +12,11 @@ "@graphile-contrib/pg-simplify-inflector": "^6.0", "@graphile/operation-hooks": "^1.0.0", "cookie-session": "^2.0.0", - "express": "^4.19.2", + "express": "^4.21.2", "express-session": "^1.17.2", "md5": "^2.2.1", + "passport": "^0.7.0", + "passport-google-oauth20": "^2.0.0", "postgraphile": "^4.13", "postgraphile-plugin-connection-filter": "^2.3.0" }, @@ -155,6 +157,14 @@ "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", "dev": true }, + "node_modules/base64url": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/base64url/-/base64url-3.0.1.tgz", + "integrity": "sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A==", + "engines": { + "node": ">=6.0.0" + } + }, "node_modules/bcrypt-pbkdf": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", @@ -171,9 +181,9 @@ "dev": true }, "node_modules/body-parser": { - "version": "1.20.2", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz", - "integrity": "sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==", + "version": "1.20.3", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz", + "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==", "dependencies": { "bytes": "3.1.2", "content-type": "~1.0.5", @@ -183,7 +193,7 @@ "http-errors": "2.0.0", "iconv-lite": "0.4.24", "on-finished": "2.4.1", - "qs": "6.11.0", + "qs": "6.13.0", "raw-body": "2.5.2", "type-is": "~1.6.18", "unpipe": "1.0.0" @@ -245,16 +255,25 @@ "node": ">= 0.8" } }, - "node_modules/call-bind": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", - "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==", + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", "dependencies": { - "es-define-property": "^1.0.0", "es-errors": "^1.3.0", - "function-bind": "^1.1.2", - "get-intrinsic": "^1.2.4", - "set-function-length": "^1.2.1" + "function-bind": "^1.1.2" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/call-bound": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz", + "integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==", + "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "get-intrinsic": "^1.3.0" }, "engines": { "node": ">= 0.4" @@ -351,9 +370,9 @@ } }, "node_modules/cookie": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", - "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==", + "version": "0.7.1", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz", + "integrity": "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==", "engines": { "node": ">= 0.6" } @@ -527,22 +546,6 @@ "node": ">=4.0.0" } }, - "node_modules/define-data-property": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", - "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==", - "dependencies": { - "es-define-property": "^1.0.0", - "es-errors": "^1.3.0", - "gopd": "^1.0.1" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, "node_modules/depd": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", @@ -569,6 +572,19 @@ "node": ">=4.6.0" } }, + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "dependencies": { + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/ecdsa-sig-formatter": { "version": "1.0.11", "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", @@ -589,20 +605,17 @@ "dev": true }, "node_modules/encodeurl": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", - "integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-2.0.0.tgz", + "integrity": "sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg==", "engines": { "node": ">= 0.8" } }, "node_modules/es-define-property": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", - "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==", - "dependencies": { - "get-intrinsic": "^1.2.4" - }, + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", "engines": { "node": ">= 0.4" } @@ -615,6 +628,17 @@ "node": ">= 0.4" } }, + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "dependencies": { + "es-errors": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/escape-html": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", @@ -642,36 +666,36 @@ "integrity": "sha512-tvtQIeLVHjDkJYnzf2dgVMxfuSGJeM/7UCG17TT4EumTfNtF+0nebF/4zWOIkCreAbtNqhGEboB6BWrwqNaw4Q==" }, "node_modules/express": { - "version": "4.19.2", - "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", - "integrity": "sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==", + "version": "4.21.2", + "resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz", + "integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==", "dependencies": { "accepts": "~1.3.8", "array-flatten": "1.1.1", - "body-parser": "1.20.2", + "body-parser": "1.20.3", "content-disposition": "0.5.4", "content-type": "~1.0.4", - "cookie": "0.6.0", + "cookie": "0.7.1", "cookie-signature": "1.0.6", "debug": "2.6.9", "depd": "2.0.0", - "encodeurl": "~1.0.2", + "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "etag": "~1.8.1", - "finalhandler": "1.2.0", + "finalhandler": "1.3.1", "fresh": "0.5.2", "http-errors": "2.0.0", - "merge-descriptors": "1.0.1", + "merge-descriptors": "1.0.3", "methods": "~1.1.2", "on-finished": "2.4.1", "parseurl": "~1.3.3", - "path-to-regexp": "0.1.7", + "path-to-regexp": "0.1.12", "proxy-addr": "~2.0.7", - "qs": "6.11.0", + "qs": "6.13.0", "range-parser": "~1.2.1", "safe-buffer": "5.2.1", - "send": "0.18.0", - "serve-static": "1.15.0", + "send": "0.19.0", + "serve-static": "1.16.2", "setprototypeof": "1.2.0", "statuses": "2.0.1", "type-is": "~1.6.18", @@ -680,6 +704,10 @@ }, "engines": { "node": ">= 0.10.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/express" } }, "node_modules/express-session": { @@ -767,12 +795,12 @@ } }, "node_modules/finalhandler": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.2.0.tgz", - "integrity": "sha512-5uXcUVftlQMFnWC9qu/svkWv3GTd2PfUhK/3PLkYNAe7FbqJMt3515HaxE6eRL74GdsriiwujiawdaB1BpEISg==", + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.3.1.tgz", + "integrity": "sha512-6BN9trH7bp3qvnrRyzsBz+g3lZxTNZTbVO2EV1CS0WIcDbawYVdYvGflME/9QP0h0pYlCDBCTjYa9nZzMDpyxQ==", "dependencies": { "debug": "2.6.9", - "encodeurl": "~1.0.2", + "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "on-finished": "2.4.1", "parseurl": "~1.3.3", @@ -838,15 +866,20 @@ } }, "node_modules/get-intrinsic": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", - "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", "function-bind": "^1.1.2", - "has-proto": "^1.0.1", - "has-symbols": "^1.0.3", - "hasown": "^2.0.0" + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" }, "engines": { "node": ">= 0.4" @@ -855,12 +888,24 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/gopd": { + "node_modules/get-proto": { "version": "1.0.1", - "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", - "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", "dependencies": { - "get-intrinsic": "^1.1.3" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -1086,32 +1131,10 @@ "node": ">=4" } }, - "node_modules/has-property-descriptors": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", - "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==", - "dependencies": { - "es-define-property": "^1.0.0" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/has-proto": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", - "integrity": "sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==", - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, "node_modules/has-symbols": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", - "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", "engines": { "node": ">= 0.4" }, @@ -1343,6 +1366,14 @@ "yallist": "^3.0.2" } }, + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "engines": { + "node": ">= 0.4" + } + }, "node_modules/md5": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/md5/-/md5-2.3.0.tgz", @@ -1362,9 +1393,12 @@ } }, "node_modules/merge-descriptors": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", - "integrity": "sha1-sAqqVW3YtEVoFQ7J0blT8/kMu2E=" + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.3.tgz", + "integrity": "sha512-gaNvAS7TZ897/rVaZ0nMtAyxNyi/pdbjbAwUpFQpN70GqnVfOiXpeUUMKRBmzXaSQ8DdTX4/0ms62r2K+hE6mQ==", + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } }, "node_modules/methods": { "version": "1.1.2", @@ -1474,10 +1508,18 @@ "node": ">=0.1.97" } }, + "node_modules/oauth": { + "version": "0.10.2", + "resolved": "https://registry.npmjs.org/oauth/-/oauth-0.10.2.tgz", + "integrity": "sha512-JtFnB+8nxDEXgNyniwz573xxbKSOu3R8D40xQKqcjwJ2CDkYqUDI53o6IuzDJBx60Z8VKCm271+t8iFjakrl8Q==" + }, "node_modules/object-inspect": { - "version": "1.13.1", - "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz", - "integrity": "sha512-5qoj1RUiKOMsCCNLV1CBiPYE10sziTsnmNxkAI/rZhiD63CF7IqdFGC/XzjWjpSgLf0LxXX3bDFIh0E18f6UhQ==", + "version": "1.13.4", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz", + "integrity": "sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew==", + "engines": { + "node": ">= 0.4" + }, "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -1562,6 +1604,61 @@ "node": ">= 0.8" } }, + "node_modules/passport": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/passport/-/passport-0.7.0.tgz", + "integrity": "sha512-cPLl+qZpSc+ireUvt+IzqbED1cHHkDoVYMo30jbJIdOOjQ1MQYZBPiNvmi8UM6lJuOpTPXJGZQk0DtC4y61MYQ==", + "dependencies": { + "passport-strategy": "1.x.x", + "pause": "0.0.1", + "utils-merge": "^1.0.1" + }, + "engines": { + "node": ">= 0.4.0" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/jaredhanson" + } + }, + "node_modules/passport-google-oauth20": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/passport-google-oauth20/-/passport-google-oauth20-2.0.0.tgz", + "integrity": "sha512-KSk6IJ15RoxuGq7D1UKK/8qKhNfzbLeLrG3gkLZ7p4A6DBCcv7xpyQwuXtWdpyR0+E0mwkpjY1VfPOhxQrKzdQ==", + "dependencies": { + "passport-oauth2": "1.x.x" + }, + "engines": { + "node": ">= 0.4.0" + } + }, + "node_modules/passport-oauth2": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/passport-oauth2/-/passport-oauth2-1.8.0.tgz", + "integrity": "sha512-cjsQbOrXIDE4P8nNb3FQRCCmJJ/utnFKEz2NX209f7KOHPoX18gF7gBzBbLLsj2/je4KrgiwLLGjf0lm9rtTBA==", + "dependencies": { + "base64url": "3.x.x", + "oauth": "0.10.x", + "passport-strategy": "1.x.x", + "uid2": "0.0.x", + "utils-merge": "1.x.x" + }, + "engines": { + "node": ">= 0.4.0" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/jaredhanson" + } + }, + "node_modules/passport-strategy": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz", + "integrity": "sha512-CB97UUvDKJde2V0KDWWB3lyf6PC3FaZP7YxZ2G8OAtn9p4HI9j9JLP9qjOGZFvyl8uwNT8qM+hGnz/n16NI7oA==", + "engines": { + "node": ">= 0.4.0" + } + }, "node_modules/path-exists": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", @@ -1578,9 +1675,14 @@ "dev": true }, "node_modules/path-to-regexp": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", - "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=" + "version": "0.1.12", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz", + "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==" + }, + "node_modules/pause": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz", + "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg==" }, "node_modules/pg": { "version": "8.7.3", @@ -1857,11 +1959,11 @@ "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM=" }, "node_modules/qs": { - "version": "6.11.0", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz", - "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==", + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz", + "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==", "dependencies": { - "side-channel": "^1.0.4" + "side-channel": "^1.0.6" }, "engines": { "node": ">=0.6" @@ -2033,9 +2135,9 @@ } }, "node_modules/send": { - "version": "0.18.0", - "resolved": "https://registry.npmjs.org/send/-/send-0.18.0.tgz", - "integrity": "sha512-qqWzuOjSFOuqPjFe4NOsMLafToQQwBSOEpS+FwEt3A2V3vKubTquT3vmLTQpFgMXp8AlFWFuP1qKaJZOtPpVXg==", + "version": "0.19.0", + "resolved": "https://registry.npmjs.org/send/-/send-0.19.0.tgz", + "integrity": "sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw==", "dependencies": { "debug": "2.6.9", "depd": "2.0.0", @@ -2063,6 +2165,14 @@ "node": ">= 0.8" } }, + "node_modules/send/node_modules/encodeurl": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", + "integrity": "sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==", + "engines": { + "node": ">= 0.8" + } + }, "node_modules/send/node_modules/http-errors": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", @@ -2092,14 +2202,14 @@ } }, "node_modules/serve-static": { - "version": "1.15.0", - "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.15.0.tgz", - "integrity": "sha512-XGuRDNjXUijsUL0vl6nSD7cwURuzEgglbOaFuZM9g3kwDXOWVTck0jLzjPzGD+TazWbboZYu52/9/XPdUgne9g==", + "version": "1.16.2", + "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.16.2.tgz", + "integrity": "sha512-VqpjJZKadQB/PEbEwvFdO43Ax5dFBZ2UECszz8bQ7pi7wt//PWe1P6MN7eCnjsatYtBT6EuiClbjSWP2WrIoTw==", "dependencies": { - "encodeurl": "~1.0.2", + "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "parseurl": "~1.3.3", - "send": "0.18.0" + "send": "0.19.0" }, "engines": { "node": ">= 0.8.0" @@ -2111,36 +2221,71 @@ "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=", "dev": true }, - "node_modules/set-function-length": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", - "integrity": "sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==", + "node_modules/setprototypeof": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", + "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==" + }, + "node_modules/side-channel": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.1.0.tgz", + "integrity": "sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==", "dependencies": { - "define-data-property": "^1.1.4", "es-errors": "^1.3.0", - "function-bind": "^1.1.2", - "get-intrinsic": "^1.2.4", - "gopd": "^1.0.1", - "has-property-descriptors": "^1.0.2" + "object-inspect": "^1.13.3", + "side-channel-list": "^1.0.0", + "side-channel-map": "^1.0.1", + "side-channel-weakmap": "^1.0.2" }, "engines": { "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/setprototypeof": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", - "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==" + "node_modules/side-channel-list": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/side-channel-list/-/side-channel-list-1.0.0.tgz", + "integrity": "sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA==", + "dependencies": { + "es-errors": "^1.3.0", + "object-inspect": "^1.13.3" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } }, - "node_modules/side-channel": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", - "integrity": "sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==", + "node_modules/side-channel-map": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/side-channel-map/-/side-channel-map-1.0.1.tgz", + "integrity": "sha512-VCjCNfgMsby3tTdo02nbjtM/ewra6jPHmpThenkTYh8pG9ucZ/1P8So4u4FGBek/BjpOVsDCMoLA/iuBKIFXRA==", + "dependencies": { + "call-bound": "^1.0.2", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.5", + "object-inspect": "^1.13.3" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/side-channel-weakmap": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/side-channel-weakmap/-/side-channel-weakmap-1.0.2.tgz", + "integrity": "sha512-WPS/HvHQTYnHisLo9McqBHOJk2FkHO/tlpvldyrnem4aeQp4hai3gythswg6p01oSoTl58rcpiFAjF2br2Ak2A==", "dependencies": { - "call-bind": "^1.0.7", + "call-bound": "^1.0.2", "es-errors": "^1.3.0", - "get-intrinsic": "^1.2.4", - "object-inspect": "^1.13.1" + "get-intrinsic": "^1.2.5", + "object-inspect": "^1.13.3", + "side-channel-map": "^1.0.1" }, "engines": { "node": ">= 0.4" @@ -2335,6 +2480,11 @@ "node": ">= 0.8" } }, + "node_modules/uid2": { + "version": "0.0.4", + "resolved": "https://registry.npmjs.org/uid2/-/uid2-0.0.4.tgz", + "integrity": "sha512-IevTus0SbGwQzYh3+fRsAMTVVPOoIVufzacXcHPmdlle1jUpq7BRL+mw3dgeLanvGZdwwbWhRV6XrcFNdBmjWA==" + }, "node_modules/unpipe": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", @@ -2634,6 +2784,11 @@ "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", "dev": true }, + "base64url": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/base64url/-/base64url-3.0.1.tgz", + "integrity": "sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A==" + }, "bcrypt-pbkdf": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", @@ -2650,9 +2805,9 @@ "dev": true }, "body-parser": { - "version": "1.20.2", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz", - "integrity": "sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==", + "version": "1.20.3", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz", + "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==", "requires": { "bytes": "3.1.2", "content-type": "~1.0.5", @@ -2662,7 +2817,7 @@ "http-errors": "2.0.0", "iconv-lite": "0.4.24", "on-finished": "2.4.1", - "qs": "6.11.0", + "qs": "6.13.0", "raw-body": "2.5.2", "type-is": "~1.6.18", "unpipe": "1.0.0" @@ -2707,16 +2862,22 @@ "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", "integrity": "sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==" }, - "call-bind": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", - "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==", + "call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", "requires": { - "es-define-property": "^1.0.0", "es-errors": "^1.3.0", - "function-bind": "^1.1.2", - "get-intrinsic": "^1.2.4", - "set-function-length": "^1.2.1" + "function-bind": "^1.1.2" + } + }, + "call-bound": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz", + "integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==", + "requires": { + "call-bind-apply-helpers": "^1.0.2", + "get-intrinsic": "^1.3.0" } }, "camelcase": { @@ -2789,9 +2950,9 @@ "integrity": "sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==" }, "cookie": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz", - "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==" + "version": "0.7.1", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz", + "integrity": "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==" }, "cookie-session": { "version": "2.0.0", @@ -2931,16 +3092,6 @@ "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==", "dev": true }, - "define-data-property": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", - "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==", - "requires": { - "es-define-property": "^1.0.0", - "es-errors": "^1.3.0", - "gopd": "^1.0.1" - } - }, "depd": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", @@ -2957,6 +3108,16 @@ "integrity": "sha512-4As8uPrjfwb7VXC+WnLCbXK7y+Ueb2B3zgNCePYfhxS1PYeaO1YTeplffTEcbfLhvFNGLAz90VvJs9yomG7bow==", "dev": true }, + "dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "requires": { + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + } + }, "ecdsa-sig-formatter": { "version": "1.0.11", "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", @@ -2977,23 +3138,28 @@ "dev": true }, "encodeurl": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", - "integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=" + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-2.0.0.tgz", + "integrity": "sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg==" }, "es-define-property": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", - "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==", - "requires": { - "get-intrinsic": "^1.2.4" - } + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==" }, "es-errors": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==" }, + "es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "requires": { + "es-errors": "^1.3.0" + } + }, "escape-html": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", @@ -3015,36 +3181,36 @@ "integrity": "sha512-tvtQIeLVHjDkJYnzf2dgVMxfuSGJeM/7UCG17TT4EumTfNtF+0nebF/4zWOIkCreAbtNqhGEboB6BWrwqNaw4Q==" }, "express": { - "version": "4.19.2", - "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", - "integrity": "sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==", + "version": "4.21.2", + "resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz", + "integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==", "requires": { "accepts": "~1.3.8", "array-flatten": "1.1.1", - "body-parser": "1.20.2", + "body-parser": "1.20.3", "content-disposition": "0.5.4", "content-type": "~1.0.4", - "cookie": "0.6.0", + "cookie": "0.7.1", "cookie-signature": "1.0.6", "debug": "2.6.9", "depd": "2.0.0", - "encodeurl": "~1.0.2", + "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "etag": "~1.8.1", - "finalhandler": "1.2.0", + "finalhandler": "1.3.1", "fresh": "0.5.2", "http-errors": "2.0.0", - "merge-descriptors": "1.0.1", + "merge-descriptors": "1.0.3", "methods": "~1.1.2", "on-finished": "2.4.1", "parseurl": "~1.3.3", - "path-to-regexp": "0.1.7", + "path-to-regexp": "0.1.12", "proxy-addr": "~2.0.7", - "qs": "6.11.0", + "qs": "6.13.0", "range-parser": "~1.2.1", "safe-buffer": "5.2.1", - "send": "0.18.0", - "serve-static": "1.15.0", + "send": "0.19.0", + "serve-static": "1.16.2", "setprototypeof": "1.2.0", "statuses": "2.0.1", "type-is": "~1.6.18", @@ -3120,12 +3286,12 @@ } }, "finalhandler": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.2.0.tgz", - "integrity": "sha512-5uXcUVftlQMFnWC9qu/svkWv3GTd2PfUhK/3PLkYNAe7FbqJMt3515HaxE6eRL74GdsriiwujiawdaB1BpEISg==", + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.3.1.tgz", + "integrity": "sha512-6BN9trH7bp3qvnrRyzsBz+g3lZxTNZTbVO2EV1CS0WIcDbawYVdYvGflME/9QP0h0pYlCDBCTjYa9nZzMDpyxQ==", "requires": { "debug": "2.6.9", - "encodeurl": "~1.0.2", + "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "on-finished": "2.4.1", "parseurl": "~1.3.3", @@ -3172,25 +3338,36 @@ "dev": true }, "get-intrinsic": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", - "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", "requires": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", "function-bind": "^1.1.2", - "has-proto": "^1.0.1", - "has-symbols": "^1.0.3", - "hasown": "^2.0.0" + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" } }, - "gopd": { + "get-proto": { "version": "1.0.1", - "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", - "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", "requires": { - "get-intrinsic": "^1.1.3" + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" } }, + "gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==" + }, "graphile-build": { "version": "4.13.0", "resolved": "https://registry.npmjs.org/graphile-build/-/graphile-build-4.13.0.tgz", @@ -3345,23 +3522,10 @@ "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=" }, - "has-property-descriptors": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", - "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==", - "requires": { - "es-define-property": "^1.0.0" - } - }, - "has-proto": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", - "integrity": "sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==" - }, "has-symbols": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", - "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==" + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==" }, "hasown": { "version": "2.0.2", @@ -3543,6 +3707,11 @@ "yallist": "^3.0.2" } }, + "math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==" + }, "md5": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/md5/-/md5-2.3.0.tgz", @@ -3559,9 +3728,9 @@ "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=" }, "merge-descriptors": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz", - "integrity": "sha1-sAqqVW3YtEVoFQ7J0blT8/kMu2E=" + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.3.tgz", + "integrity": "sha512-gaNvAS7TZ897/rVaZ0nMtAyxNyi/pdbjbAwUpFQpN70GqnVfOiXpeUUMKRBmzXaSQ8DdTX4/0ms62r2K+hE6mQ==" }, "methods": { "version": "1.1.2", @@ -3636,10 +3805,15 @@ "integrity": "sha1-MjI8zLRsn78PwRgS1FAhzDHTJbs=", "dev": true }, + "oauth": { + "version": "0.10.2", + "resolved": "https://registry.npmjs.org/oauth/-/oauth-0.10.2.tgz", + "integrity": "sha512-JtFnB+8nxDEXgNyniwz573xxbKSOu3R8D40xQKqcjwJ2CDkYqUDI53o6IuzDJBx60Z8VKCm271+t8iFjakrl8Q==" + }, "object-inspect": { - "version": "1.13.1", - "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz", - "integrity": "sha512-5qoj1RUiKOMsCCNLV1CBiPYE10sziTsnmNxkAI/rZhiD63CF7IqdFGC/XzjWjpSgLf0LxXX3bDFIh0E18f6UhQ==" + "version": "1.13.4", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz", + "integrity": "sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew==" }, "on-finished": { "version": "2.4.1", @@ -3697,6 +3871,41 @@ "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==" }, + "passport": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/passport/-/passport-0.7.0.tgz", + "integrity": "sha512-cPLl+qZpSc+ireUvt+IzqbED1cHHkDoVYMo30jbJIdOOjQ1MQYZBPiNvmi8UM6lJuOpTPXJGZQk0DtC4y61MYQ==", + "requires": { + "passport-strategy": "1.x.x", + "pause": "0.0.1", + "utils-merge": "^1.0.1" + } + }, + "passport-google-oauth20": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/passport-google-oauth20/-/passport-google-oauth20-2.0.0.tgz", + "integrity": "sha512-KSk6IJ15RoxuGq7D1UKK/8qKhNfzbLeLrG3gkLZ7p4A6DBCcv7xpyQwuXtWdpyR0+E0mwkpjY1VfPOhxQrKzdQ==", + "requires": { + "passport-oauth2": "1.x.x" + } + }, + "passport-oauth2": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/passport-oauth2/-/passport-oauth2-1.8.0.tgz", + "integrity": "sha512-cjsQbOrXIDE4P8nNb3FQRCCmJJ/utnFKEz2NX209f7KOHPoX18gF7gBzBbLLsj2/je4KrgiwLLGjf0lm9rtTBA==", + "requires": { + "base64url": "3.x.x", + "oauth": "0.10.x", + "passport-strategy": "1.x.x", + "uid2": "0.0.x", + "utils-merge": "1.x.x" + } + }, + "passport-strategy": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz", + "integrity": "sha512-CB97UUvDKJde2V0KDWWB3lyf6PC3FaZP7YxZ2G8OAtn9p4HI9j9JLP9qjOGZFvyl8uwNT8qM+hGnz/n16NI7oA==" + }, "path-exists": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", @@ -3710,9 +3919,14 @@ "dev": true }, "path-to-regexp": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", - "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=" + "version": "0.1.12", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz", + "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==" + }, + "pause": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz", + "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg==" }, "pg": { "version": "8.7.3", @@ -3918,11 +4132,11 @@ "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM=" }, "qs": { - "version": "6.11.0", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz", - "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==", + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz", + "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==", "requires": { - "side-channel": "^1.0.4" + "side-channel": "^1.0.6" } }, "random-bytes": { @@ -4037,9 +4251,9 @@ "dev": true }, "send": { - "version": "0.18.0", - "resolved": "https://registry.npmjs.org/send/-/send-0.18.0.tgz", - "integrity": "sha512-qqWzuOjSFOuqPjFe4NOsMLafToQQwBSOEpS+FwEt3A2V3vKubTquT3vmLTQpFgMXp8AlFWFuP1qKaJZOtPpVXg==", + "version": "0.19.0", + "resolved": "https://registry.npmjs.org/send/-/send-0.19.0.tgz", + "integrity": "sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw==", "requires": { "debug": "2.6.9", "depd": "2.0.0", @@ -4061,6 +4275,11 @@ "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==" }, + "encodeurl": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", + "integrity": "sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==" + }, "http-errors": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", @@ -4086,14 +4305,14 @@ } }, "serve-static": { - "version": "1.15.0", - "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.15.0.tgz", - "integrity": "sha512-XGuRDNjXUijsUL0vl6nSD7cwURuzEgglbOaFuZM9g3kwDXOWVTck0jLzjPzGD+TazWbboZYu52/9/XPdUgne9g==", + "version": "1.16.2", + "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.16.2.tgz", + "integrity": "sha512-VqpjJZKadQB/PEbEwvFdO43Ax5dFBZ2UECszz8bQ7pi7wt//PWe1P6MN7eCnjsatYtBT6EuiClbjSWP2WrIoTw==", "requires": { - "encodeurl": "~1.0.2", + "encodeurl": "~2.0.0", "escape-html": "~1.0.3", "parseurl": "~1.3.3", - "send": "0.18.0" + "send": "0.19.0" } }, "set-blocking": { @@ -4102,33 +4321,53 @@ "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=", "dev": true }, - "set-function-length": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", - "integrity": "sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==", - "requires": { - "define-data-property": "^1.1.4", - "es-errors": "^1.3.0", - "function-bind": "^1.1.2", - "get-intrinsic": "^1.2.4", - "gopd": "^1.0.1", - "has-property-descriptors": "^1.0.2" - } - }, "setprototypeof": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==" }, "side-channel": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", - "integrity": "sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.1.0.tgz", + "integrity": "sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==", "requires": { - "call-bind": "^1.0.7", "es-errors": "^1.3.0", - "get-intrinsic": "^1.2.4", - "object-inspect": "^1.13.1" + "object-inspect": "^1.13.3", + "side-channel-list": "^1.0.0", + "side-channel-map": "^1.0.1", + "side-channel-weakmap": "^1.0.2" + } + }, + "side-channel-list": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/side-channel-list/-/side-channel-list-1.0.0.tgz", + "integrity": "sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA==", + "requires": { + "es-errors": "^1.3.0", + "object-inspect": "^1.13.3" + } + }, + "side-channel-map": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/side-channel-map/-/side-channel-map-1.0.1.tgz", + "integrity": "sha512-VCjCNfgMsby3tTdo02nbjtM/ewra6jPHmpThenkTYh8pG9ucZ/1P8So4u4FGBek/BjpOVsDCMoLA/iuBKIFXRA==", + "requires": { + "call-bound": "^1.0.2", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.5", + "object-inspect": "^1.13.3" + } + }, + "side-channel-weakmap": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/side-channel-weakmap/-/side-channel-weakmap-1.0.2.tgz", + "integrity": "sha512-WPS/HvHQTYnHisLo9McqBHOJk2FkHO/tlpvldyrnem4aeQp4hai3gythswg6p01oSoTl58rcpiFAjF2br2Ak2A==", + "requires": { + "call-bound": "^1.0.2", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.5", + "object-inspect": "^1.13.3", + "side-channel-map": "^1.0.1" } }, "split2": { @@ -4265,6 +4504,11 @@ "random-bytes": "~1.0.0" } }, + "uid2": { + "version": "0.0.4", + "resolved": "https://registry.npmjs.org/uid2/-/uid2-0.0.4.tgz", + "integrity": "sha512-IevTus0SbGwQzYh3+fRsAMTVVPOoIVufzacXcHPmdlle1jUpq7BRL+mw3dgeLanvGZdwwbWhRV6XrcFNdBmjWA==" + }, "unpipe": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", diff --git a/backend/package.json b/backend/package.json index d53fbf6f..593fa3d0 100644 --- a/backend/package.json +++ b/backend/package.json @@ -15,9 +15,11 @@ "@graphile-contrib/pg-simplify-inflector": "^6.0", "@graphile/operation-hooks": "^1.0.0", "cookie-session": "^2.0.0", - "express": "^4.19.2", + "express": "^4.21.2", "express-session": "^1.17.2", "md5": "^2.2.1", + "passport": "^0.7.0", + "passport-google-oauth20": "^2.0.0", "postgraphile": "^4.13", "postgraphile-plugin-connection-filter": "^2.3.0" } diff --git a/backend/server.js b/backend/server.js index 7cc13fb2..904e1b8a 100644 --- a/backend/server.js +++ b/backend/server.js @@ -1,5 +1,7 @@ // @ts-check const express = require("express"); +require("dotenv").config({ path: "../.env" }); +const passport = require("passport"); const { postgraphile, makePluginHook } = require("postgraphile"); const { GravatarPlugin } = require("./extensions/current_user"); const ConnectionFilterPlugin = require("postgraphile-plugin-connection-filter"); @@ -9,18 +11,25 @@ const OperationMessagesPlugin = require("@graphile/operation-hooks/lib/Operation const LoginPlugin = require("./hooks/login_plugin"); const session = require("cookie-session"); const { LogoutPlugin } = require("./extensions/logout"); +const { setUpGoogleAuth } = require("./auth/google"); const app = express(); app.set('trust proxy', 1); app.use( session({ - secret: process.env.JWT_SECRET, + secret: process.env.JWT_SECRET, secure: process.env.NODE_ENV === "production", httpOnly: true, }) ); +app.use(passport.initialize()); // <-- Required +app.use(passport.session()); + +console.log("[auth] registering Google routes"); +setUpGoogleAuth(app); + const pluginHook = makePluginHook([opHook]); /** @type{import("postgraphile").PostGraphileOptions} */ diff --git a/mealplanner-ui/nginx.conf b/mealplanner-ui/nginx.conf index 55f44426..49b33c18 100644 --- a/mealplanner-ui/nginx.conf +++ b/mealplanner-ui/nginx.conf @@ -12,4 +12,13 @@ server { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } + + location /auth/ { + proxy_pass http://graphql:4000; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $http_host; + } } \ No newline at end of file diff --git a/mealplanner-ui/src/pages/Login.tsx b/mealplanner-ui/src/pages/Login.tsx index 5f525653..fb1b2136 100644 --- a/mealplanner-ui/src/pages/Login.tsx +++ b/mealplanner-ui/src/pages/Login.tsx @@ -1,10 +1,12 @@ import { Visibility, VisibilityOff } from "@mui/icons-material"; import { - Button, - IconButton, - InputAdornment, - TextField, - Typography, + Modal, + Box, + Button, + IconButton, + InputAdornment, + TextField, + Typography, } from "@mui/material"; import { graphql } from "babel-plugin-relay/macro"; import { useState } from "react"; @@ -27,118 +29,166 @@ const query = graphql` } `; + +// const API_BASE = process.env.REACT_APP_API_BASE_URL ?? "http://localhost:4000"; // "" => same-origin in prod +// const AUTH_URL = `${API_BASE || window.location.origin}/auth/google`; +// console.log('auth_url', AUTH_URL) + +export const authStartUrl = () => + `${window.location.origin}/auth/google`; + export const Login = () => { - let [username, setUsername] = useState(""); - let [password, setPassword] = useState(""); - const [showPassword, setShowPassword] = useState(false); - const [result, setResult] = useState(""); - - const handleVisibility = () => { - setShowPassword(!showPassword); - }; - - const handleLogin = async () => { - try { - await login(username, password); - } catch (err: any) { - console.log("login error", err); - setResult(err); - } - }; - - let data = useLazyLoadQuery( - query, - {}, - { - fetchPolicy: "network-only", - fetchKey: getCurrentPerson().personID, - networkCacheConfig: { - force: true, - }, - } - ); - if (data.gqLocalState.currentUser?.personID) { - return ; - } + let [username, setUsername] = useState(""); + let [password, setPassword] = useState(""); + const [showPassword, setShowPassword] = useState(false); + const [result, setResult] = useState(""); + + const handleVisibility = () => { + setShowPassword(!showPassword); + }; + + const handleLogin = async () => { + try { + console.log(username, password) + await login(username, password); + console.log("login successful"); + } catch (err: any) { + console.log("login error", err); + setResult(err); + } + }; + + let data = useLazyLoadQuery( + query, + {}, + { + fetchPolicy: "network-only", + fetchKey: getCurrentPerson().personID, + networkCacheConfig: { + force: true, + }, + } + ); + if (data.gqLocalState.currentUser?.personID) { + return ; + } + + return ( +
+ + { + if (ev.key === "Enter") { + handleLogin(); + ev.preventDefault(); + } + }} + sx={{ + width: 400, + margin: "auto", + mt: "8rem", + p: 4, + borderRadius: 2, + display: "flex", + flexDirection: "column", + gap: "1rem", + textAlign: "center", + boxShadow: 6, + bgcolor: "rgba(255, 255, 255, 0.85)", + // bgcolor: "white" + // backdropFilter: "blur(6px)", // optional for glassmorphism + }} + > + + Looking for a healthier meal? + + + + + OR + + + {/* username field */} + setUsername(e.target.value)} + value={username} + > + + {/* password field */} + setPassword(e.target.value)} + value={password} + InputProps={{ + endAdornment: ( + + + {showPassword ? ( + + ) : ( + + )} + + + ), + }} + > + + {result ? ( + + {result} + + ) : ( + <> + )} + + + + + Don't have an account?
+ Contact{" "} + {" "} + to get started + + + + + - return ( -
-
{ - if (ev.key === "Enter") { - handleLogin(); - ev.preventDefault(); - } - }} - style={{ - width: "30%", - height: "400px", - backgroundColor: "white", - padding: "2rem", - margin: "2rem", - textAlign: "center", - display: "flex", - flexDirection: "column", - gap: "1rem", - }} - > - Looking for a healthier meal? - - setUsername(e.target.value)} - > - - setPassword(e.target.value)} - InputProps={{ - endAdornment: ( - - - {showPassword ? ( - - ) : ( - - )} - - - ), - }} - > - {result ? ( - - {result} - - ) : ( - <> - )} - - - Don't have an account?
- Contact{" "} - {" "} - to get started - -
-
- ); -}; +
+ ); +}; \ No newline at end of file diff --git a/mealplanner-ui/src/setUpProxy.js b/mealplanner-ui/src/setUpProxy.js new file mode 100644 index 00000000..4b91b434 --- /dev/null +++ b/mealplanner-ui/src/setUpProxy.js @@ -0,0 +1,12 @@ +const { createProxyMiddleware } = require('http-proxy-middleware'); + +module.exports = function (app) { + app.use( + '/auth', + createProxyMiddleware({ + target: 'http://127.0.0.1:4000', + changeOrigin: false, // keep Host: localhost:3333 + xfwd: true, // add X-Forwarded-* headers + }) + ); +}; diff --git a/mealplanner-ui/src/state/__generated__/state_googleLoginMutation.graphql.ts b/mealplanner-ui/src/state/__generated__/state_googleLoginMutation.graphql.ts new file mode 100644 index 00000000..1c50a6fe --- /dev/null +++ b/mealplanner-ui/src/state/__generated__/state_googleLoginMutation.graphql.ts @@ -0,0 +1,116 @@ +/** + * @generated SignedSource<<234efc602706abe08b48d2b506518728>> + * @lightSyntaxTransform + * @nogrep + */ + +/* tslint:disable */ +/* eslint-disable */ +// @ts-nocheck + +import { ConcreteRequest, Mutation } from 'relay-runtime'; +export type state_googleLoginMutation$variables = { + userEmail: string; +}; +export type state_googleLoginMutation$data = { + readonly authenticateGoogle: { + readonly jwtToken: { + readonly role: string | null; + readonly personId: any | null; + } | null; + } | null; +}; +export type state_googleLoginMutation = { + variables: state_googleLoginMutation$variables; + response: state_googleLoginMutation$data; +}; + +const node: ConcreteRequest = (function(){ +var v0 = [ + { + "defaultValue": null, + "kind": "LocalArgument", + "name": "userEmail" + } +], +v1 = [ + { + "alias": null, + "args": [ + { + "fields": [ + { + "kind": "Variable", + "name": "userEmail", + "variableName": "userEmail" + } + ], + "kind": "ObjectValue", + "name": "input" + } + ], + "concreteType": "AuthenticateGooglePayload", + "kind": "LinkedField", + "name": "authenticateGoogle", + "plural": false, + "selections": [ + { + "alias": null, + "args": null, + "concreteType": "JwtToken", + "kind": "LinkedField", + "name": "jwtToken", + "plural": false, + "selections": [ + { + "alias": null, + "args": null, + "kind": "ScalarField", + "name": "role", + "storageKey": null + }, + { + "alias": null, + "args": null, + "kind": "ScalarField", + "name": "personId", + "storageKey": null + } + ], + "storageKey": null + } + ], + "storageKey": null + } +]; +return { + "fragment": { + "argumentDefinitions": (v0/*: any*/), + "kind": "Fragment", + "metadata": null, + "name": "state_googleLoginMutation", + "selections": (v1/*: any*/), + "type": "Mutation", + "abstractKey": null + }, + "kind": "Request", + "operation": { + "argumentDefinitions": (v0/*: any*/), + "kind": "Operation", + "name": "state_googleLoginMutation", + "selections": (v1/*: any*/) + }, + "params": { + "cacheID": "4d4c52ccf878fd1c6e51775a0598a98d", + "id": null, + "metadata": {}, + "name": "state_googleLoginMutation", + "operationKind": "mutation", + "text": "mutation state_googleLoginMutation(\n $userEmail: String!\n) {\n authenticateGoogle(input: {userEmail: $userEmail}) {\n jwtToken {\n role\n personId\n }\n }\n}\n" + } +}; +})(); + +(node as any).hash = "4a8068d6d694b1cd42e1172b03ac08aa"; + +export default node; diff --git a/mealplanner-ui/src/state/state.ts b/mealplanner-ui/src/state/state.ts index d2122013..6e402c63 100644 --- a/mealplanner-ui/src/state/state.ts +++ b/mealplanner-ui/src/state/state.ts @@ -19,6 +19,10 @@ import { state_loginMutation, state_loginMutation$data, } from "./__generated__/state_loginMutation.graphql"; +import { + state_googleLoginMutation, + state_googleLoginMutation$data +} from "./__generated__/state_googleLoginMutation.graphql"; import { state_logoutMutation, state_logoutMutation$data, @@ -205,6 +209,7 @@ export const fetchCurrentPerson = async () => { currentUserQuery, { fetchPolicy: 'state-or-network' } ).toPromise(); + console.log('fetchCurrentPerson', data); setCurrentUser(data); return data; }; @@ -213,13 +218,14 @@ function setCurrentUser(data: state_CurrentUserQuery$data | undefined) { if (data?.currentPerson) { commitLocalUpdate(environment, (store) => { let localState = store.get(STATE_ID); + console.log('setCurrentUser', data,localState); // store.delete("client:currentUser"); let record = store.get("client:currentUser"); if(!record) { record = store.create("client:currentUser", "CurrentLoggedInUser"); } - + console.log('setCurrentUser', record); record.setValue(data?.currentPerson?.rowId, "personID"); record.setValue(data?.currentPerson?.fullName, "personName"); record.setValue(data?.currentPerson?.role, "personRole"); @@ -230,6 +236,39 @@ function setCurrentUser(data: state_CurrentUserQuery$data | undefined) { } } +// New mutation for Google login +const googleLoginMutation = graphql` + mutation state_googleLoginMutation($userEmail: String!) { + authenticateGoogle(input: { userEmail: $userEmail }) { + jwtToken { + role + personId + } + } + } +`; + +export const loginWithGoogle = async (userEmail: string) => { + return new Promise((res, rej) => { + commitMutation(environment, { + mutation: googleLoginMutation, + variables: { + userEmail, // same shape as authenticateGoogle input + }, + onCompleted: (resp) => { + if (resp.authenticateGoogle != null && resp.authenticateGoogle.jwtToken != null) { + console.log("google auth", resp.authenticateGoogle); + fetchCurrentPerson(); + res(resp); + } else { + console.log("resp:", resp); + rej("Please contact GV to get access"); + } + }, + }); + }); +}; + const loginMutation = graphql` mutation state_loginMutation($userEmail: String!, $password: String!) { authenticate(input: { userEmail: $userEmail, password: $password }) { @@ -243,6 +282,7 @@ const loginMutation = graphql` export const login = async (username: string, password: string) => { return new Promise((res, rej) => { + console.log("LOGIN TRY", username, password); commitMutation(environment, { mutation: loginMutation, variables: { @@ -251,6 +291,7 @@ export const login = async (username: string, password: string) => { }, onCompleted: (resp) => { if (resp.authenticate != null && resp.authenticate.jwtToken != null) { + console.log('login auth', resp.authenticate) fetchCurrentPerson(); res(resp); } else { @@ -271,12 +312,15 @@ const logoutMutation = graphql` `; export const logout = async () => { + console.log('logout called') return new Promise((res, rej) => { commitMutation(environment, { mutation: logoutMutation, variables: {}, onCompleted: (resp) => { + console.log('logout response', resp) if (resp.logout != null && resp.logout.status != null) { + console.log('logout success', resp.logout.status) commitLocalUpdate(environment, (store) => { store.delete("client:currentUser"); res(resp);