feat(lobbies); add captcha config

modules/auth_email/scripts/verify_add_email_pass.ts

@@ -30,7 +30,7 @@ export async function run(
 	}
 
 	// Ensure that the email is not associated with ANY accounts in ANY way.
-	const providedUser = await ctx.modules.users.authenticateToken({
+	const providedUser = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 	await ensureNotAssociatedAll(ctx, email, new Set([providedUser.userId]));

modules/auth_email/scripts/verify_add_no_pass.ts

@@ -21,7 +21,7 @@ export async function run(
 	const { email } = await verifyCode(ctx, req.verificationToken, req.code);
 
 	// Ensure that the email is not already associated with another account
-	const providedUser = await ctx.modules.users.authenticateToken({
+	const providedUser = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 	await ensureNotAssociatedAll(ctx, email, new Set([providedUser.userId]));

modules/auth_email/scripts/verify_link_email.ts

@@ -21,7 +21,7 @@ export async function run(
 	const { email } = await verifyCode(ctx, req.verificationToken, req.code);
 
 	// Ensure that the email is not already associated with another account
-	const providedUser = await ctx.modules.users.authenticateToken({
+	const providedUser = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 	await ensureNotAssociatedAll(ctx, email, new Set([providedUser.userId]));

modules/auth_email/tests/already_used.ts

@@ -129,7 +129,7 @@ test("email_link_then_add_pass", async (ctx: TestContext) => {
 	const password = faker.internet.password();
 
 	const { userToken } = await signUpEmailLink(ctx, email);
-	const { user } = await ctx.modules.users.authenticateToken({
+	const { user } = await ctx.modules.users.authenticateTokenInternal({
 		userToken,
 		fetchUser: true,
 	});
@@ -161,7 +161,7 @@ test("email_link_then_add_no_pass", async (ctx: TestContext) => {
 	const email = faker.internet.email();
 
 	const { userToken } = await signUpEmailLink(ctx, email);
-	const { user } = await ctx.modules.users.authenticateToken({
+	const { user } = await ctx.modules.users.authenticateTokenInternal({
 		userToken,
 		fetchUser: true,
 	});

modules/auth_email/tests/common.ts

@@ -45,7 +45,7 @@ export async function checkLogin(
 	newToken: string,
 ) {
 	const { userId: signedInUserId, user: signedInUser } = await ctx.modules.users
-		.authenticateToken({
+		.authenticateTokenInternal({
 			userToken: newToken,
 			fetchUser: true,
 		});

modules/auth_email/tests/create.ts

@@ -22,7 +22,7 @@ test("create_with_email_and_login_passwordless", async (ctx: TestContext) => {
 		userToken = signUpRes.userToken;
 	}
 
-	const { user } = await ctx.modules.users.authenticateToken({
+	const { user } = await ctx.modules.users.authenticateTokenInternal({
 		userToken,
 		fetchUser: true,
 	});
@@ -65,7 +65,7 @@ test("create_with_email_and_login_password", async (ctx: TestContext) => {
 		userToken = signUpRes.userToken;
 	}
 
-	const { user } = await ctx.modules.users.authenticateToken({
+	const { user } = await ctx.modules.users.authenticateTokenInternal({
 		userToken,
 		fetchUser: true,
 	});

modules/auth_email/utils/link_assertions.ts

@@ -41,7 +41,7 @@ export async function ensureNotAssociated(
 		}
 	}
 	// Email matches an existing identity using this provider
-	const existingUser = await ctx.modules.users.authenticateToken(
+	const existingUser = await ctx.modules.users.authenticateTokenInternal(
 		existingIdentity,
 	);
 

modules/auth_username_password/tests/e2e.ts

@@ -13,7 +13,7 @@ test("test_sign_up", async (ctx: TestContext) => {
 		password,
 	});
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: token.token,
 	});
 
@@ -51,7 +51,7 @@ test("test_sign_in", async (ctx: TestContext) => {
 		password,
 	});
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: token.token,
 	});
 

modules/currency/scripts/fetch_balance_by_token.ts

@@ -15,7 +15,7 @@ export async function run(
 ): Promise<Response> {
 	await ctx.modules.rateLimit.throttlePublic({ requests: 25 });
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 	const { balance } = await ctx.modules.currency.fetchBalance({ userId });

modules/friends/scripts/accept_request.ts

@@ -13,7 +13,7 @@ export async function run(
 ): Promise<Response> {
 	await ctx.modules.rateLimit.throttlePublic({ requests: 50 });
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 

modules/friends/scripts/decline_request.ts

@@ -13,7 +13,7 @@ export async function run(
 ): Promise<Response> {
 	await ctx.modules.rateLimit.throttlePublic({ requests: 50 });
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 

modules/friends/scripts/list_friends.ts

@@ -15,7 +15,7 @@ export async function run(
 ): Promise<Response> {
 	await ctx.modules.rateLimit.throttlePublic({ requests: 50 });
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 

modules/friends/scripts/list_incoming_friend_requests.ts

@@ -15,7 +15,7 @@ export async function run(
 ): Promise<Response> {
 	await ctx.modules.rateLimit.throttlePublic({ requests: 50 });
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 

modules/friends/scripts/list_outgoing_friend_requests.ts

@@ -15,7 +15,7 @@ export async function run(
 ): Promise<Response> {
 	await ctx.modules.rateLimit.throttlePublic({});
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 

modules/friends/scripts/remove_friend.ts

@@ -13,7 +13,7 @@ export async function run(
 ): Promise<Response> {
 	await ctx.modules.rateLimit.throttlePublic({ requests: 50 });
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 

modules/friends/scripts/send_request.ts

@@ -16,7 +16,7 @@ export async function run(
 ): Promise<Response> {
 	await ctx.modules.rateLimit.throttlePublic({});
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: req.userToken,
 	});
 

modules/identities/scripts/fetch.ts

@@ -18,7 +18,7 @@ export async function run(
 	req: Request,
 ): Promise<Response> {
     // Ensure the user token is valid and get the user ID
-    const { userId } = await ctx.modules.users.authenticateToken({ userToken: req.userToken });
+    const { userId } = await ctx.modules.users.authenticateTokenInternal({ userToken: req.userToken });
 
     // Get identity data
     const identity = await ctx.db.query.userIdentities.findFirst({

modules/identities/scripts/link.ts

@@ -18,7 +18,7 @@ export async function run(
 ): Promise<Response> {
 
     // Ensure the user token is valid and get the user ID
-    const { userId } = await ctx.modules.users.authenticateToken({ userToken: req.userToken } );
+    const { userId } = await ctx.modules.users.authenticateTokenInternal({ userToken: req.userToken } );
 
     return await ctx.db.transaction(async (tx) => {
         // Error if this identity provider is ALREADY associated with the user

modules/identities/scripts/list.ts

@@ -16,7 +16,7 @@ export async function run(
 	await ctx.modules.rateLimit.throttlePublic({});
 
     // Ensure the user token is valid and get the user ID
-    const { userId } = await ctx.modules.users.authenticateToken({ userToken: req.userToken } );
+    const { userId } = await ctx.modules.users.authenticateTokenInternal({ userToken: req.userToken } );
 
     const identityProviders = await ctx.db.query.userIdentities.findMany({
         where: Query.eq(Database.userIdentities.userId, userId),

modules/identities/scripts/set.ts

@@ -15,7 +15,7 @@ export async function run(
 	req: Request,
 ): Promise<Response> {
     // Ensure the user token is valid and get the user ID
-    const { userId } = await ctx.modules.users.authenticateToken({ userToken: req.userToken } );
+    const { userId } = await ctx.modules.users.authenticateTokenInternal({ userToken: req.userToken } );
 
     await ctx.db.transaction(async (tx) => {
         // Ensure the identity provider is associated with the user

modules/identities/tests/sign_up.ts

@@ -14,7 +14,7 @@ export async function signUpWithTest(ctx: TestContext, username: string, uniqueD
         additionalData,
     });
 
-    const { userId, user } = await ctx.modules.users.authenticateToken({
+    const { userId, user } = await ctx.modules.users.authenticateTokenInternal({
         userToken,
         fetchUser: true,
     });
@@ -34,7 +34,7 @@ export async function signInWithTest(ctx: TestContext, uniqueData: any) {
         uniqueData,
     });
 
-    const { userId, user } = await ctx.modules.users.authenticateToken({
+    const { userId, user } = await ctx.modules.users.authenticateTokenInternal({
         userToken,
         fetchUser: true,
     });

modules/users/module.json

@@ -16,6 +16,9 @@
     "tokens": {}
   },
   "scripts": {
+    "fetch_internal": {
+      "name": "Fetch User"
+    },
     "fetch": {
       "name": "Fetch User",
       "public": true
@@ -26,6 +29,10 @@
     "create": {
       "name": "Create User"
     },
+    "authenticate_token_internal": {
+      "name": "Authenticate User Token (Internal)",
+      "description": "Validate a user token. Throws an error if the token is invalid."
+    },
     "authenticate_token": {
       "name": "Authenticate User Token",
       "description": "Validate a user token. Throws an error if the token is invalid.",

modules/users/scripts/authenticate_token_internal.ts

@@ -0,0 +1,34 @@
+import { RuntimeError, ScriptContext, Database, Query } from "../module.gen.ts";
+import { } from "../module.gen.ts";
+import { User } from "../utils/types.ts";
+
+export interface Request {
+	userToken: string;
+	fetchUser?: boolean;
+}
+
+export interface Response {
+	userId: string;
+	user?: User;
+}
+
+export async function run(
+	ctx: ScriptContext,
+	req: Request,
+): Promise<Response> {
+
+	const { token } = await ctx.modules.tokens.validate({
+		token: req.userToken,
+	});
+	if (token.type !== "user") throw new RuntimeError("token_not_user_token");
+	const userId = token.meta.userId;
+
+	let user: typeof Database.users.$inferSelect | undefined = undefined;
+	if (req.fetchUser) {
+    user = await ctx.db.query.users.findFirst({
+      where: Query.eq(Database.users.id, userId)
+    });
+	}
+
+	return { userId, user };
+}

modules/users/scripts/fetch_internal.ts

@@ -0,0 +1,23 @@
+import { ScriptContext, Query, Database } from "../module.gen.ts";
+import { User } from "../utils/types.ts";
+
+export interface Request {
+	userIds: string[];
+}
+
+export interface Response {
+	users: User[];
+}
+
+export async function run(
+	ctx: ScriptContext,
+	req: Request,
+): Promise<Response> {
+
+  const users = await ctx.db.query.users.findMany({
+    where: Query.inArray(Database.users.id, req.userIds),
+    orderBy: Query.desc(Database.users.username),
+  });
+
+	return { users };
+}

modules/users/tests/e2e.ts

@@ -17,7 +17,7 @@ test("e2e", async (ctx: TestContext) => {
 		userId: user.id,
 	});
 
-	const { userId } = await ctx.modules.users.authenticateToken({
+	const { userId } = await ctx.modules.users.authenticateTokenInternal({
 		userToken: token.token,
 	});
 	assertEquals(user.id, userId);