merge dev to main (#208)

Co-authored-by: Nicolai Ort <info@nicolai-ort.com>
Reviewed-on: #208
Co-authored-by: Philipp Dormann <philipp@philippdormann.de>
Co-committed-by: Philipp Dormann <philipp@philippdormann.de>

.drone.yml

@@ -0,0 +1,174 @@
+---
+kind: secret
+name: docker_username
+get:
+  path: odit-registry-builder
+  name: username
+
+---
+kind: secret
+name: docker_password
+get:
+  path: odit-registry-builder
+  name: password
+
+---
+kind: secret
+name: git_ssh
+get:
+  path: odit-git-bot
+  name: sshkey
+
+---
+kind: secret
+name: ci_token
+get:
+  path: odit-ci-bot
+  name: apikey
+
+---
+kind: secret
+name: npm_url
+get:
+  path: odit-npm-cache
+  name: url
+
+---
+kind: pipeline
+type: kubernetes
+name: tests:node
+clone:
+  disable: true
+steps:
+  - name: checkout pr
+    image: alpine/git
+    commands:
+      - git clone $DRONE_REMOTE_URL .
+      - git checkout $DRONE_SOURCE_BRANCH
+  - name: run tests
+    image: registry.odit.services/hub/library/node:19.5.0-alpine3.16
+    commands:
+      - npm config set registry $NPM_REGISTRY_URL && npm i -g pnpm@8
+      - pnpm i
+      - pnpm test:ci
+    environment:
+      NPM_REGISTRY_URL:
+        from_secret: npm_url
+trigger:
+  event:
+    - pull_request
+
+---
+kind: pipeline
+type: kubernetes
+name: build:dev
+clone:
+  disable: true
+
+steps:
+  - name: clone
+    image: alpine/git
+    commands:
+      - git clone $DRONE_REMOTE_URL .
+      - git checkout dev
+  - name: build dev
+    depends_on: ["clone"]
+    image: registry.odit.services/library/drone-kaniko
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      build_args:
+        - NPM_REGISTRY_URL:
+          from_secret: npm_url
+      repo: lfk/backend
+      tags:
+        - dev
+      cache: true
+      registry: registry.odit.services
+
+trigger:
+  branch:
+    - dev
+  event:
+    - push
+
+---
+kind: pipeline
+type: kubernetes
+name: build:latest
+clone:
+  disable: true
+
+steps:
+  - name: clone
+    image: alpine/git
+    commands:
+      - git clone $DRONE_REMOTE_URL .
+      - git checkout dev
+      - git merge main
+      - git checkout main
+  - name: build latest
+    depends_on: ["clone"]
+    image: registry.odit.services/library/drone-kaniko
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      build_args:
+        - NPM_REGISTRY_URL:
+          from_secret: npm_url
+      repo: lfk/backend
+      tags:
+        - latest
+      cache: true
+      registry: registry.odit.services
+  - name: push merge to repo
+    depends_on: ["clone"]
+    image: appleboy/drone-git-push
+    settings:
+      branch: dev
+      commit: false
+      remote: git@git.odit.services:lfk/backend.git
+      ssh_key:
+        from_secret: git_ssh
+
+trigger:
+  branch:
+    - main
+  event:
+    - push
+
+---
+kind: pipeline
+type: kubernetes
+name: build:tags
+
+steps:
+  - name: build $DRONE_TAG
+    depends_on: ["clone"]
+    image: registry.odit.services/library/drone-kaniko
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      build_args:
+        - NPM_REGISTRY_URL:
+          from_secret: npm_url
+      repo: lfk/backend
+      tags:
+        - "${DRONE_TAG}"
+      cache: true
+      registry: registry.odit.services
+  - name: trigger js lib build
+    image: idcooldi/drone-webhook
+    settings:
+      urls: https://ci.odit.services/api/repos/lfk/lfk-client-js/builds?SOURCE_TAG=${DRONE_TAG}
+      bearer:
+        from_secret: ci_token
+trigger:
+  event:
+    - tag

.env.example

@@ -7,5 +7,4 @@ DB_PASSWORD=bla
 DB_NAME=./test.sqlite
 NODE_ENV=production
 POSTALCODE_COUNTRYCODE=DE
-SEED_TEST_DATA=false
+SEED_TEST_DATA=false
-SELFSERVICE_URL=bla

.woodpecker/build.yml

@@ -1,33 +0,0 @@
-steps:
-  - name: build latest
-    image: woodpeckerci/plugin-docker-buildx
-    settings:
-      repo: registry.odit.services/lfk/backend
-      tags:
-        - latest
-      registry: registry.odit.services
-      platforms: linux/amd64,linux/arm64
-      cache_from: registry.odit.services/lfk/backend:dev
-      username:
-        from_secret: odit-registry-builder-username
-      password:
-        from_secret: odit-registry-builder-password
-    when:
-      branch: main
-  - name: build dev
-    image: woodpeckerci/plugin-docker-buildx
-    settings:
-      repo: registry.odit.services/lfk/backend
-      tags:
-        - dev
-      registry: registry.odit.services
-      platforms: linux/amd64,linux/arm64
-      cache_from: registry.odit.services/lfk/backend:dev
-      username:
-        from_secret: odit-registry-builder-username
-      password:
-        from_secret: odit-registry-builder-password
-    when:
-      branch: dev
-when:
-  event: push

.woodpecker/release.yml

@@ -1,17 +0,0 @@
-steps:
-  - name: build tag
-    image: woodpeckerci/plugin-docker-buildx
-    settings:
-      repo: registry.odit.services/lfk/backend
-      tags:
-        - "${CI_COMMIT_TAG}"
-      registry: registry.odit.services
-      platforms: linux/amd64,linux/arm64
-      cache_from: registry.odit.services/lfk/backend:dev
-      username:
-        from_secret: odit-registry-builder-username
-      password:
-        from_secret: odit-registry-builder-password
-when:
-  event:
-    - tag

CHANGELOG.md

@@ -2,21 +2,8 @@
 
 All notable changes to this project will be documented in this file. Dates are displayed in UTC.
 
-#### [v1.1.4](https://git.odit.services/lfk/backend/compare/v1.1.3...v1.1.4)
-
-- build: package lock [`50dd703`](https://git.odit.services/lfk/backend/commit/50dd703a1bd276a607cc10a087c7e90fd880847a)
-- fix(deps): Bump sqlite3 [`cd3cd81`](https://git.odit.services/lfk/backend/commit/cd3cd81360777e8bc4d78e861354e58c8da79cc7)
-- feat(ci)!: Switch to woodpecker [`3192365`](https://git.odit.services/lfk/backend/commit/3192365793fae59f2b89e3231db298654f0a28e9)
-- fix(deps): Bumped argon2 to latest version for arm support [`cf48c00`](https://git.odit.services/lfk/backend/commit/cf48c00ddb2ac33263549876928db50ae152c12d)
-- fix: updated README for pnpm, typos [`5082b1b`](https://git.odit.services/lfk/backend/commit/5082b1b8b1c0ae9e8ffa9c71c4d7923fd9223c87)
-- ci: drop lfk-client-node [`075d484`](https://git.odit.services/lfk/backend/commit/075d484f1169bfc5c5b68cb9712116b0e270b471)
-- fix(dependencies): Switch back to previous class-validator version to produce a working build [`74d334f`](https://git.odit.services/lfk/backend/commit/74d334f9b747a77115bd9b97729ef1120822e128)
-
 #### [v1.1.3](https://git.odit.services/lfk/backend/compare/v1.1.2...v1.1.3)
 
-> 10 May 2023
-
-- 🚀Bumped version to v1.1.3 [`057a8ee`](https://git.odit.services/lfk/backend/commit/057a8ee699d08c0e4a80cb50a8820f819569c9ac)
 - feat(orgs): Also resolve child-teams' distances and add them to org total [`8d94186`](https://git.odit.services/lfk/backend/commit/8d9418635d3e381c0f55a2521a3334ba497c169a)
 - fix(orgs): Removed unused log [`f2832a2`](https://git.odit.services/lfk/backend/commit/f2832a2daecc7bc7bbee4d4fceeab8db194730cf)
 

README.md

@@ -35,6 +35,13 @@ pnpm test:watch
 pnpm test:ci
 ```
 
+### Use your own mail templates
+> You use your own mail templates by replacing the default ones we provided (either in-code or by mounting them into the /app/static/mail_templates folder).
+
+The mail templates always come in a .html and a .txt variant to provide compatability with legacy mail clients.
+Currently the following templates exist:
+* pw-reset.(html/txt)
+
 ### Generate Docs
 ```bash
 pnpm docs
@@ -59,7 +66,6 @@ pnpm docs
 | SEED_TEST_DATA         | Boolean            | False                | If you want the app to seed some example data set this to true                                                 |
 | MAILER_URL             | String(Url)        | N/A                  | The mailer's base url (no trailing slash)                                                                      |
 | MAILER_KEY             | String             | N/A                  | The mailer's api key.                                                                                          |
-| SELFSERVICE_URL        | String(Url)        | N/A                  | The link to selfservice (no trailing slash)                                                                    |
 | IMPRINT_URL            | String(Url)        | /imprint             | The link to a imprint page for the system (Defaults to the frontend's imprint)                                 |
 | PRIVACY_URL            | String(Url)        | /privacy             | The link to a privacy page for the system (Defaults to the frontend's privacy page)                            |
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@odit/lfk-backend",
-  "version": "1.2.1",
+  "version": "1.1.3",
   "main": "src/app.ts",
   "repository": "https://git.odit.services/lfk/backend",
   "engines": {
@@ -26,12 +26,12 @@
   "license": "CC-BY-NC-SA-4.0",
   "dependencies": {
     "@odit/class-validator-jsonschema": "2.1.1",
-    "argon2": "0.31.2",
+    "argon2": "0.27.1",
     "axios": "0.21.1",
     "body-parser": "1.19.0",
     "check-password-strength": "2.0.2",
     "class-transformer": "0.3.1",
-    "class-validator": "0.13.0",
+    "class-validator": "0.13.1",
     "consola": "2.15.0",
     "cookie": "0.4.1",
     "cookie-parser": "1.4.5",
@@ -46,7 +46,7 @@
     "reflect-metadata": "0.1.13",
     "routing-controllers": "0.9.0-alpha.6",
     "routing-controllers-openapi": "2.2.0",
-    "sqlite3": "5.1.6",
+    "sqlite3": "5.0.0",
     "typeorm": "0.2.30",
     "typeorm-routing-controllers-extensions": "0.2.0",
     "typeorm-seeding": "1.6.1",

src/controllers/RunnerSelfServiceController.ts

@@ -127,11 +127,11 @@ export class RunnerSelfServiceController {
 		const runner = await this.runnerRepository.findOne({ email: mail });
 		if (!runner) { throw new RunnerNotFoundError(); }
 
-		if (runner.resetRequestedTimestamp > (Math.floor(Date.now() / 1000) - 30)) { throw new RunnerSelfserviceTimeoutError(); }
+		if (runner.resetRequestedTimestamp > (Math.floor(Date.now() / 1000) - 60 * 15)) { throw new RunnerSelfserviceTimeoutError(); }
 		const token = JwtCreator.createSelfService(runner);
 
 		try {
-			await Mailer.sendSelfserviceForgottenMail(runner.email, runner.id, runner.firstname, runner.middlename, runner.lastname, token, locale)
+			await Mailer.sendSelfserviceForgottenMail(runner.email, token, locale)
 		} catch (error) {
 			throw new MailSendingError();
 		}
@@ -157,7 +157,7 @@ export class RunnerSelfServiceController {
 		response.token = JwtCreator.createSelfService(runner);
 
 		try {
-			await Mailer.sendSelfserviceWelcomeMail(runner.email, runner.id, runner.firstname, runner.middlename, runner.lastname, response.token, locale)
+			await Mailer.sendSelfserviceWelcomeMail(runner.email, response.token, locale)
 		} catch (error) {
 			throw new MailSendingError();
 		}
@@ -182,7 +182,7 @@ export class RunnerSelfServiceController {
 		response.token = JwtCreator.createSelfService(runner);
 
 		try {
-			await Mailer.sendSelfserviceWelcomeMail(runner.email, runner.id, runner.firstname, runner.middlename, runner.lastname, response.token, locale)
+			await Mailer.sendSelfserviceWelcomeMail(runner.email, response.token, locale)
 		} catch (error) {
 			throw new MailSendingError();
 		}

src/errors/RunnerErrors.ts

@@ -47,14 +47,14 @@ export class RunnerEmailNeededError extends NotAcceptableError {
 }
 
 /**
- * Error to throw when a runner already requested a new selfservice link in the last 30s.
+ * Error to throw when a runner already requested a new selfservice link in the last 24hrs.
  */
 export class RunnerSelfserviceTimeoutError extends NotAcceptableError {
 	@IsString()
 	name = "RunnerSelfserviceTimeoutError"
 
 	@IsString()
-	message = "You can only reqest a new token every 30s."
+	message = "You can only reqest a new token every 24hrs."
 }
 
 /**

src/mailer.ts

@@ -18,19 +18,9 @@ export class Mailer {
      */
     public static async sendResetMail(to_address: string, token: string, locale: string = "en") {
         try {
-            await axios.request({
+            await axios.post(`${Mailer.base}/reset?locale=${locale}&key=${Mailer.key}`, {
-                method: 'POST',
+                address: to_address,
-                url: `${Mailer.base}/api/v1/email`,
+                resetKey: token
-                headers: {
-                    authorization: `Bearer ${Mailer.key}`,
-                    'content-type': 'application/json'
-                },
-                data: {
-                    to: to_address,
-                    templateName: 'password-reset',
-                    language: locale,
-                    data: { token: token }
-                }
             });
         } catch (error) {
             if (Mailer.testing) { return true; }
@@ -42,26 +32,12 @@ export class Mailer {
      * Function for sending a runner selfservice welcome mail.
      * @param to_address The address the mail will be sent to. Should always get pulled from a runner object.
      * @param token The requested selfservice token - will be combined with the app_url to generate a selfservice profile link.
-    */
+     */
-    public static async sendSelfserviceWelcomeMail(to_address: string, runner_id: number, firstname: string, middlename: string, lastname: string, token: string, locale: string = "en") {
+    public static async sendSelfserviceWelcomeMail(to_address: string, token: string, locale: string = "en") {
         try {
-            await axios.request({
+            await axios.post(`${Mailer.base}/registration?locale=${locale}&key=${Mailer.key}`, {
-                method: 'POST',
+                address: to_address,
-                url: `${Mailer.base}/api/v1/email`,
+                selfserviceToken: token
-                headers: {
-                    authorization: `Bearer ${Mailer.key}`,
-                    'content-type': 'application/json'
-                },
-                data: {
-                    to: to_address,
-                    templateName: 'welcome',
-                    language: locale,
-                    data: {
-                        name: `${firstname} ${middlename} ${lastname}`,
-                        barcode_content: `${runner_id}`,
-                        link: `${process.env.SELFSERVICE_URL}/profile/${token}`
-                    }
-                }
             });
         } catch (error) {
             if (Mailer.testing) { return true; }
@@ -73,26 +49,12 @@ export class Mailer {
      * Function for sending a runner selfservice link forgotten mail.
      * @param to_address The address the mail will be sent to. Should always get pulled from a runner object.
      * @param token The requested selfservice token - will be combined with the app_url to generate a selfservice profile link.
-    */
+     */
-    public static async sendSelfserviceForgottenMail(to_address: string, runner_id: number, firstname: string, middlename: string, lastname: string, token: string, locale: string = "en") {
+    public static async sendSelfserviceForgottenMail(to_address: string, token: string, locale: string = "en") {
         try {
-            await axios.request({
+            await axios.post(`${Mailer.base}/registration_forgot?locale=${locale}&key=${Mailer.key}`, {
-                method: 'POST',
+                address: to_address,
-                url: `${Mailer.base}/api/v1/email`,
+                selfserviceToken: token
-                headers: {
-                    authorization: `Bearer ${Mailer.key}`,
-                    'content-type': 'application/json'
-                },
-                data: {
-                    to: to_address,
-                    templateName: 'welcome',
-                    language: locale,
-                    data: {
-                        name: `${firstname} ${middlename} ${lastname}`,
-                        barcode_content: `${runner_id}`,
-                        link: `${process.env.SELFSERVICE_URL}/profile/${token}`
-                    }
-                }
             });
         } catch (error) {
             if (Mailer.testing) { return true; }