Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-16 16:30:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

feat: bun api support 🥟 (#1021)

Browse source 
* chore: update bun lockfile

* feat: backend api bun support, jose used in bun runtime

* fix: add missing await for signPayload call
This commit is contained in:
Danny Avila 2023-10-07 11:16:06 -04:00 committed by GitHub
parent c0e2c58c03
commit e7ca40b5ab
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 128 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

14
api/models/Session.js
View file

@ -1,6 +1,6 @@
const mongoose = require('mongoose'); const mongoose = require('mongoose');
const crypto = require('crypto'); const crypto = require('crypto');
const jwt = require('jsonwebtoken'); const signPayload = require('../server/services/signPayload');
const { REFRESH_TOKEN_EXPIRY } = process.env ?? {}; const { REFRESH_TOKEN_EXPIRY } = process.env ?? {};
const expires = eval(REFRESH_TOKEN_EXPIRY) ?? 1000 * 60 * 60 * 24 * 7; const expires = eval(REFRESH_TOKEN_EXPIRY) ?? 1000 * 60 * 60 * 24 * 7;
@ -31,13 +31,11 @@ sessionSchema.methods.generateRefreshToken = async function () {
this.expiration = new Date(expiresIn); this.expiration = new Date(expiresIn);
} }
const refreshToken = jwt.sign( const refreshToken = await signPayload({
{ payload: { id: this.user },
id: this.user, secret: process.env.JWT_REFRESH_SECRET,
}, expirationTime: Math.floor((expiresIn - Date.now()) / 1000),
process.env.JWT_REFRESH_SECRET, });
{ expiresIn: Math.floor((expiresIn - Date.now()) / 1000) },
);
const hash = crypto.createHash('sha256'); const hash = crypto.createHash('sha256');
this.refreshTokenHash = hash.update(refreshToken).digest('hex'); this.refreshTokenHash = hash.update(refreshToken).digest('hex');

15
api/models/User.js
View file

@ -1,6 +1,6 @@
const mongoose = require('mongoose'); const mongoose = require('mongoose');
const bcrypt = require('bcryptjs'); const bcrypt = require('bcryptjs');
const jwt = require('jsonwebtoken'); const signPayload = require('../server/services/signPayload');
const userSchema = require('./schema/userSchema.js'); const userSchema = require('./schema/userSchema.js');
const { SESSION_EXPIRY } = process.env ?? {}; const { SESSION_EXPIRY } = process.env ?? {};
const expires = eval(SESSION_EXPIRY) ?? 1000 * 60 * 15; const expires = eval(SESSION_EXPIRY) ?? 1000 * 60 * 15;
@ -21,18 +21,17 @@ userSchema.methods.toJSON = function () {
}; };
}; };
userSchema.methods.generateToken = function () { userSchema.methods.generateToken = async function () {
const token = jwt.sign( return await signPayload({
{ payload: {
id: this._id, id: this._id,
username: this.username, username: this.username,
provider: this.provider, provider: this.provider,
email: this.email, email: this.email,
}, },
process.env.JWT_SECRET, secret: process.env.JWT_SECRET,
{ expiresIn: expires / 1000 }, expirationTime: expires / 1000,
); });
return token;
}; };
userSchema.methods.comparePassword = function (candidatePassword, callback) { userSchema.methods.comparePassword = function (candidatePassword, callback) {

4
api/package.json
View file

@ -39,6 +39,7 @@
"googleapis": "^118.0.0", "googleapis": "^118.0.0",
"handlebars": "^4.7.7", "handlebars": "^4.7.7",
"html": "^1.0.0", "html": "^1.0.0",
"jose": "^4.15.2",
"js-yaml": "^4.1.0", "js-yaml": "^4.1.0",
"jsonwebtoken": "^9.0.0", "jsonwebtoken": "^9.0.0",
"keyv": "^4.5.3", "keyv": "^4.5.3",
@ -52,6 +53,7 @@
"openai-chat-tokens": "^0.2.8", "openai-chat-tokens": "^0.2.8",
"openid-client": "^5.4.2", "openid-client": "^5.4.2",
"passport": "^0.6.0", "passport": "^0.6.0",
"passport-custom": "^1.1.1",
"passport-discord": "^0.1.4", "passport-discord": "^0.1.4",
"passport-facebook": "^3.0.0", "passport-facebook": "^3.0.0",
"passport-github2": "^0.1.12", "passport-github2": "^0.1.12",
@ -59,7 +61,7 @@
"passport-jwt": "^4.0.1", "passport-jwt": "^4.0.1",
"passport-local": "^1.0.0", "passport-local": "^1.0.0",
"pino": "^8.12.1", "pino": "^8.12.1",
"sharp": "^0.32.5", "sharp": "^0.32.6",
"tiktoken": "^1.0.10", "tiktoken": "^1.0.10",
"ua-parser-js": "^1.0.36", "ua-parser-js": "^1.0.36",
"winston": "^3.10.0", "winston": "^3.10.0",

11
api/server/controllers/AuthController.js
View file

@ -4,6 +4,7 @@ const {
resetPassword, resetPassword,
setAuthTokens, setAuthTokens,
} = require('../services/AuthService'); } = require('../services/AuthService');
const jose = require('jose');
const jwt = require('jsonwebtoken'); const jwt = require('jsonwebtoken');
const Session = require('../../models/Session'); const Session = require('../../models/Session');
const User = require('../../models/User'); const User = require('../../models/User');
@ -76,7 +77,13 @@ const refreshController = async (req, res) => {
} }
try { try {
const payload = jwt.verify(refreshToken, process.env.JWT_REFRESH_SECRET); let payload;
if (typeof Bun !== 'undefined') {
const secret = new TextEncoder().encode(process.env.JWT_REFRESH_SECRET);
({ payload } = await jose.jwtVerify(refreshToken, secret));
} else {
payload = jwt.verify(refreshToken, process.env.JWT_REFRESH_SECRET);
}
const userId = payload.id; const userId = payload.id;
const user = await User.findOne({ _id: userId }); const user = await User.findOne({ _id: userId });
if (!user) { if (!user) {
@ -99,7 +106,7 @@ const refreshController = async (req, res) => {
const token = await setAuthTokens(userId, res, session._id); const token = await setAuthTokens(userId, res, session._id);
const userObj = user.toJSON(); const userObj = user.toJSON();
res.status(200).send({ token, user: userObj }); res.status(200).send({ token, user: userObj });
} else if (payload.exp > Date.now() / 1000) { } else if (payload.exp < Date.now() / 1000) {
res.status(403).redirect('/login'); res.status(403).redirect('/login');
} else { } else {
res.status(401).send('Refresh token expired or not found for this user'); res.status(401).send('Refresh token expired or not found for this user');

8
api/server/index.js
View file

@ -12,7 +12,7 @@ const { PORT, HOST, ALLOW_SOCIAL_LOGIN } = process.env ?? {};
const port = Number(PORT) || 3080; const port = Number(PORT) || 3080;
const host = HOST || 'localhost'; const host = HOST || 'localhost';
const projectPath = path.join(__dirname, '..', '..', 'client'); const projectPath = path.join(__dirname, '..', '..', 'client');
const { jwtLogin, passportLogin } = require('../strategies'); const { jwtLogin, joseLogin, passportLogin } = require('../strategies');
const startServer = async () => { const startServer = async () => {
await connectDb(); await connectDb();
@ -39,7 +39,11 @@ const startServer = async () => {
// OAUTH // OAUTH
app.use(passport.initialize()); app.use(passport.initialize());
passport.use(await jwtLogin()); if (typeof Bun !== 'undefined') {
passport.use('jwt', await joseLogin());
} else {
passport.use(await jwtLogin());
}
passport.use(passportLogin()); passport.use(passportLogin());
if (ALLOW_SOCIAL_LOGIN?.toLowerCase() === 'true') { if (ALLOW_SOCIAL_LOGIN?.toLowerCase() === 'true') {

36
api/server/services/signPayload.js Normal file
View file

@ -0,0 +1,36 @@
const jose = require('jose');
const jwt = require('jsonwebtoken');
/**
* Signs a given payload using either the `jose` library (for Bun runtime) or `jsonwebtoken`.
*
* @async
* @function
* @param {Object} options - The options for signing the payload.
* @param {Object} options.payload - The payload to be signed.
* @param {string} options.secret - The secret key used for signing.
* @param {number} options.expirationTime - The expiration time in seconds.
* @returns {Promise<string>} Returns a promise that resolves to the signed JWT.
* @throws {Error} Throws an error if there's an issue during signing.
*
* @example
* const signedPayload = await signPayload({
* payload: { userId: 123 },
* secret: 'my-secret-key',
* expirationTime: 3600
* });
*/
async function signPayload({ payload, secret, expirationTime }) {
if (typeof Bun !== 'undefined') {
// this code will only run when the file is run with Bun
const encodedSecret = new TextEncoder().encode(secret);
return await new jose.SignJWT(payload)
.setProtectedHeader({ alg: 'HS256' })
.setExpirationTime(expirationTime + 's')
.sign(encodedSecret);
}
return jwt.sign(payload, secret, { expiresIn: expirationTime });
}
module.exports = signPayload;

2
api/server/utils/removePorts.js
View file

@ -1 +1 @@
module.exports = (req) => req.ip.replace(/:\d+[^:]*$/, ''); module.exports = (req) => req?.ip?.replace(/:\d+[^:]*$/, '');

2
api/strategies/index.js
View file

@ -2,6 +2,7 @@ const passportLogin = require('./localStrategy');
const googleLogin = require('./googleStrategy'); const googleLogin = require('./googleStrategy');
const githubLogin = require('./githubStrategy'); const githubLogin = require('./githubStrategy');
const discordLogin = require('./discordStrategy'); const discordLogin = require('./discordStrategy');
const joseLogin = require('./joseStrategy');
const jwtLogin = require('./jwtStrategy'); const jwtLogin = require('./jwtStrategy');
const facebookLogin = require('./facebookStrategy'); const facebookLogin = require('./facebookStrategy');
const setupOpenId = require('./openidStrategy'); const setupOpenId = require('./openidStrategy');
@ -11,6 +12,7 @@ module.exports = {
googleLogin, googleLogin,
githubLogin, githubLogin,
discordLogin, discordLogin,
joseLogin,
jwtLogin, jwtLogin,
facebookLogin, facebookLogin,
setupOpenId, setupOpenId,

38
api/strategies/joseStrategy.js Normal file
View file

@ -0,0 +1,38 @@
const jose = require('jose');
const passportCustom = require('passport-custom');
const CustomStrategy = passportCustom.Strategy;
const User = require('../models/User');
const joseLogin = async () =>
new CustomStrategy(async (req, done) => {
const authHeader = req.headers.authorization;
if (!authHeader || !authHeader.startsWith('Bearer ')) {
return done(null, false, { message: 'No auth token' });
}
const token = authHeader.split(' ')[1];
try {
const secret = new TextEncoder().encode(process.env.JWT_SECRET);
const { payload } = await jose.jwtVerify(token, secret);
const user = await User.findById(payload.id);
if (user) {
done(null, user);
} else {
console.log('JoseJwtStrategy => no user found');
done(null, false, { message: 'No user found' });
}
} catch (err) {
if (err?.code === 'ERR_JWT_EXPIRED') {
console.error('JoseJwtStrategy => token expired');
} else {
console.error('JoseJwtStrategy => error');
console.error(err);
}
done(null, false, { message: 'Invalid token' });
}
});
module.exports = joseLogin;

BIN
bun.lockb
View file

Binary file not shown.

27
package-lock.json generated
View file

@ -60,6 +60,7 @@
"googleapis": "^118.0.0", "googleapis": "^118.0.0",
"handlebars": "^4.7.7", "handlebars": "^4.7.7",
"html": "^1.0.0", "html": "^1.0.0",
"jose": "^4.15.2",
"js-yaml": "^4.1.0", "js-yaml": "^4.1.0",
"jsonwebtoken": "^9.0.0", "jsonwebtoken": "^9.0.0",
"keyv": "^4.5.3", "keyv": "^4.5.3",
@ -73,6 +74,7 @@
"openai-chat-tokens": "^0.2.8", "openai-chat-tokens": "^0.2.8",
"openid-client": "^5.4.2", "openid-client": "^5.4.2",
"passport": "^0.6.0", "passport": "^0.6.0",
"passport-custom": "^1.1.1",
"passport-discord": "^0.1.4", "passport-discord": "^0.1.4",
"passport-facebook": "^3.0.0", "passport-facebook": "^3.0.0",
"passport-github2": "^0.1.12", "passport-github2": "^0.1.12",
@ -80,7 +82,7 @@
"passport-jwt": "^4.0.1", "passport-jwt": "^4.0.1",
"passport-local": "^1.0.0", "passport-local": "^1.0.0",
"pino": "^8.12.1", "pino": "^8.12.1",
"sharp": "^0.32.5", "sharp": "^0.32.6",
"tiktoken": "^1.0.10", "tiktoken": "^1.0.10",
"ua-parser-js": "^1.0.36", "ua-parser-js": "^1.0.36",
"winston": "^3.10.0", "winston": "^3.10.0",
@ -14963,9 +14965,9 @@
} }
}, },
"node_modules/jose": { "node_modules/jose": {
"version": "4.14.6", "version": "4.15.2",
"resolved": "https://registry.npmjs.org/jose/-/jose-4.14.6.tgz", "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.2.tgz",
"integrity": "sha512-EqJPEUlZD0/CSUMubKtMaYUOtWe91tZXTWMJZoKSbLk+KtdhNdcvppH8lA9XwVu2V4Ailvsj0GBZJ2ZwDjfesQ==", "integrity": "sha512-IY73F228OXRl9ar3jJagh7Vnuhj/GzBunPiZP13K0lOl7Am9SoWW3kEzq3MCllJMTtZqHTiDXQvoRd4U95aU6A==",
"funding": { "funding": {
"url": "https://github.com/sponsors/panva" "url": "https://github.com/sponsors/panva"
} }
@ -18071,6 +18073,17 @@
"url": "https://github.com/sponsors/jaredhanson" "url": "https://github.com/sponsors/jaredhanson"
} }
}, },
"node_modules/passport-custom": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/passport-custom/-/passport-custom-1.1.1.tgz",
"integrity": "sha512-/2m7jUGxmCYvoqenLB9UrmkCgPt64h8ZtV+UtuQklZ/Tn1NpKBeOorCYkB/8lMRoiZ5hUrCoMmDtxCS/d38mlg==",
"dependencies": {
"passport-strategy": "1.x.x"
},
"engines": {
"node": ">= 0.10.0"
}
},
"node_modules/passport-discord": { "node_modules/passport-discord": {
"version": "0.1.4", "version": "0.1.4",
"resolved": "https://registry.npmjs.org/passport-discord/-/passport-discord-0.1.4.tgz", "resolved": "https://registry.npmjs.org/passport-discord/-/passport-discord-0.1.4.tgz",
@ -21093,9 +21106,9 @@
"integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==" "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw=="
}, },
"node_modules/sharp": { "node_modules/sharp": {
"version": "0.32.5", "version": "0.32.6",
"resolved": "https://registry.npmjs.org/sharp/-/sharp-0.32.5.tgz", "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.32.6.tgz",
"integrity": "sha512-0dap3iysgDkNaPOaOL4X/0akdu0ma62GcdC2NBQ+93eqpePdDdr2/LM0sFdDSMmN7yS+odyZtPsb7tx/cYBKnQ==", "integrity": "sha512-KyLTWwgcR9Oe4d9HwCwNM2l7+J0dUQwn/yf7S0EnTtb0eVS4RxO0eUSvxPtzT4F3SY+C4K6fqdv/DO27sJ/v/w==",
"hasInstallScript": true, "hasInstallScript": true,
"dependencies": { "dependencies": {
"color": "^4.2.3", "color": "^4.2.3",