npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

id-service

v8.2.0

Published

Allows users to sign up, login and manage Hedia accounts or apps

Downloads

8

Readme

ID Service

Allows users to sign up, login and manage Hedia accounts or apps.

flowchart TB
	DATA_SERVICE(Data Service)
	DEVELOPER_SERVICE(Developer Service)
	EVENT_SERVICE(Event Service)
	EXPORT_SERVICE(Export Service)
	HEDIA_SERVER(Hedia Server)
	ID_SERVICE(ID Service)
	MAIL_SERVICE(Mail Service)
	OAUTH2_SERVICE(OAuth2 Service)
	WEBHOOK_SERVICE(Webhook Service)

	DATA_SERVICE-->ID_SERVICE
	DEVELOPER_SERVICE-->ID_SERVICE
	EVENT_SERVICE-->ID_SERVICE
	EXPORT_SERVICE-. TBD .->ID_SERVICE
	WEBHOOK_SERVICE-->ID_SERVICE
	ID_SERVICE-->HEDIA_SERVER
	ID_SERVICE<-->OAUTH2_SERVICE
	ID_SERVICE-->MAIL_SERVICE

Features

The Id Service comes with an app, an API and an admin app.

The app (/) allows users to sign up, login, reset their password and update their account settings.

The API (/api/v1) can check the validity of a session and share some user profile with other services. It also provides endpoints to manage an app and its collaborators, installations, keys, links or permissions.

The admin app (/admin) offers a way to lookup a user and upgrade or revoke their access to the platform. It is also the place where app permissions are managed at a system level.

Permissions

App Flow

---
title: Can the current app perform an action on behalf of a given user for a given scope?
---
stateDiagram
	System: Was the current app granted a system permission to do so?
	User: Was the current app granted permission by the given user to do so?
	Action: Which action should be performed?
	Source: Which app wrote the data?
	App: Was the current app granted permission by the other app to do so?

	state ifSystem <<choice>>
	state ifUser <<choice>>
	state ifAction <<choice>>
	state ifSource <<choice>>
	state ifApp <<choice>>

	classDef Error fill:red,stroke:red
	classDef Success fill:green,stroke:green
	class Forbidden Error
	class Allowed Success

	[*] --> System
	System --> ifSystem
	ifSystem --> Forbidden: No
	ifSystem --> User: Yes
	User --> ifUser
	ifUser --> Forbidden: No
	ifUser --> Action: Yes
	Action --> ifAction
	ifAction --> Source: Read
	ifAction --> Allowed: Write
	Source --> ifSource
	ifSource --> App: Another App
	ifSource --> Allowed: Current App
	App --> ifApp
	ifApp --> Forbidden: No
	ifApp --> Allowed: Yes

User Flow

---
title: Can the current user perform an action on behalf of a given user for a given scope?
---
stateDiagram
	Actor: Are the current user and the given user the same user?
	Redirect: Follow the app flow replacing "current app" by "current user"
	note right of Redirect: The system prevents you from doing so at the moment

	state ifActor <<choice>>

	classDef Pending stroke:yellow
	classDef Success fill:green,stroke:green
	class Redirect Pending
	class Allowed Success

	[*] --> Actor
	Actor --> ifActor
	ifActor --> Redirect: No
	ifActor --> Allowed: Yes

Data Model

erDiagram
	App ||--o{ Collaborator : has
	App ||--o{ Installation : has
	App ||--o{ Link : creates
	App ||--|| Owner : has
	App ||--|| Owner : is
	Email ||--o{ EmailVerification : has
	EmailVerification ||--o{ EmailVerificationAttempt : has
	Login ||--|| Email : uses
	Login ||--|| Password : uses
	Login ||--|| Phone : uses
	Owner ||--o{ Key : has
	Owner ||--o{ Permission : grants
	Owner ||--o{ Permission : requests
	PasswordReset ||--o{ PasswordResetAttempt : has
	Phone ||--o{ PhoneVerification : has
	PhoneVerification ||--o{ PhoneVerificationAttempt : has
	Session ||--o{ CSRF : allows
	User ||--o{ Collaborator : is
	User ||--o{ Email : has
	User ||--o{ Installation : uses
	User ||--o{ Link : uses
	User ||--o{ Login : uses
	User ||--|| Owner : is
	User ||--o{ PasswordReset : uses
	User ||--|| Password : has
	User ||--o{ Phone : has
	User ||--o{ Session : has
	User ||--|| Signup : uses

	App {
		UUID id PK
		string name
		string title
		string description
		string url
		UUID ownerId FK
		boolean firstParty
		Date createdAt
		UUID createdBy
		Date updatedAt
		UUID updatedBy
		Date deletedAt
		UUID deletedBy
	}

	Collaborator {
		UUID id PK
		UUID appId FK
		UUID userId FK
		Date createdAt
		UUID createdBy
		Date deletedAt
		UUID deletedBy
	}

	CSRF {
		UUID id PK
		UUID sessionId FK
		Date expiresAt
	}

	Email {
		UUID id PK
		UUID userId FK
		string value
		boolean verified
		Date createdAt
		UUID createdBy
		Date updatedAt
		UUID updatedBy
		Date deletedAt
		UUID deletedBy
	}

	EmailVerification {
		UUID id PK
		UUID emailId FK
		string status
		string code
		Date expiresAt
		Date createdAt
		UUID createdBy
		Date updatedAt
		UUID updatedBy
	}

	EmailVerificationAttempt {
		UUID id PK
		UUID emailVerificationId FK
		string status
		string code
		Date createdAt
		UUID createdBy
	}

	Installation {
		UUID id PK
		UUID appId FK
		UUID userId FK
		Date createdAt
		UUID createdBy
		Date deletedAt
		UUID deletedBy
	}

	Key {
		UUID id PK
		string key
		UUID ownerId FK
		Date createdAt
		UUID createdBy
		Date deletedAt
		UUID deletedBy
	}

	Link {
		UUID id PK
		UUID sourceId FK
		UUID targetId FK
		UUID userId FK
		URL callbackUrl
		string codeChallenge
		Date expiresAt
		Date createdAt
		UUID createdBy
		Date deletedAt
		UUID deletedBy
	}

	Login {
		UUID id PK
		UUID userId FK
		UUID emailId FK
		UUID phoneId FK
		UUID passwordId FK
		string status
		Date createdAt
	}

	Owner {
		UUID id PK
	}

	PasswordReset {
		UUID id PK
		UUID userId FK
		string emailOrPhone
		string status
		string code
		Date expiresAt
		Date createdAt
		UUID createdBy
		Date updatedAt
		UUID updatedBy
	}

	PasswordResetAttempt {
		UUID id PK
		UUID passwordResetId FK
		string status
		string code
		Date createdAt
		UUID createdBy
	}

	Password {
		UUID id PK
		UUID userId FK
		number algVersion
		string hash
		string salt
		Date createdAt
		Date deletedAt
		UUID deletedBy
	}

	Permission {
		UUID id PK
		string action
		string scope
		UUID sourceId FK
		string sourceType
		UUID targetId FK
		string targetType
		boolean approved
		Date createdAt
		UUID createdBy
		Date updatedAt
		UUID updatedBy
		Date deletedAt
		UUID deletedBy
	}

	Phone {
		UUID id PK
		UUID userId FK
		string value
		boolean verified
		Date createdAt
		UUID createdBy
		Date updatedAt
		UUID updatedBy
		Date deletedAt
		UUID deletedBy
	}

	PhoneVerification {
		UUID id PK
		UUID phoneId FK
		string status
		string code
		Date expiresAt
		Date createdAt
		UUID createdBy
		Date updatedAt
		UUID updatedBy
	}

	PhoneVerificationAttempt {
		UUID id PK
		UUID phoneVerificationId FK
		string status
		string code
		Date createdAt
		UUID createdBy
	}

	Session {
		UUID id PK
		UUID userId FK
		Date expiresAt
		Date createdAt
		UUID createdBy
		Date deletedAt
		UUID deletedBy
	}

	Signup {
		UUID id PK
		UUID userId FK
		Date createdAt
	}

	User {
		UUID id PK
		string name
		boolean blocked
		string role
		string country
		string language
		Date createdAt
		UUID createdBy
		Date updatedAt
		UUID updatedBy
		Date deletedAt
		UUID deletedBy
	}

Configuration

Install dependencies:

npm install

Build the source code:

npm run build

Set environment variables:

| Name | Description | | ----------------------------------- | --------------------------------------------------------------------------------------------- | | BASE_URL or ID_SERVICE_BASE_URL | The base url of this service. | | COOKIE_NAME | The name of the cookie to be used: ID-Sessionor __Secure-ID-Session. | | COOKIE_SECRET | The secret used to encrypt/decrypt cookies randomBytes(16).toString("hex"). | | CSRF_SECRET | The secret used to encrypt CSRF tokens. | | DATA_SERVICE_BASE_URL | The base url of the data service. | | DEVELOPER_SERVICE_BASE_URL | The base url of the developer service. | | ELEVATED_SESSION_TIMEOUT_MINUTES | The duration (in minutes) for which an elevated session is valid after secure authentication. | | EMAIL_PATTERNS | The list of emails ([email protected]) or domains (*@hedia.com) allowed to sign up. | | EVENT_SERVICE_BASE_URL | The base url of the event service. | | EXPORT_SERVICE_BASE_URL | The base url of the export service. | | HEDIA_SERVER_BASE_URL | The base url of the hedia server. | | LOCAL_PG_URL | The local postgres connection string. | | LOG_FORMAT | The log format that should be used by the logger. | | LOG_LEVEL | The minimum log level that should be logged. | | MAIL_SERVICE_BASE_URL | The base url of the mail service. | | MAIL_SERVICE_EMAIL_SENDER | The sender email that should be used by the mail service. | | OAUTH2_SERVICE_BASE_URL | The base url of the oauth2 service. | | PRIVATE_KEY | The private key of this service in JSON Web Key format. | | PUBLIC_KEY | The public key of this service in JSON Web Key format. | | RATE_LIMIT | The maximum number of attempts to perform an action in a given time frame. | | RATE_LIMIT_TIME_FRAME | The time frame in seconds during which a user can attempt to perform an action. | | REMOTE_PG_URL | The remote postgres connection string shared with other services. | | SERVER_PORT | The port of the HTTP Server. | | STATE_SECRET | The secret used to encrypt url state. | | WEBHOOK_SERVICE_BASE_URL | The base url of the webhook service. |

Tip: Run the following script to set them up automatically (fetches the local env config from 1Password):

npm run env

Setup the database with a default admin user:

npm run setup [email]

Run

Option #1: Run in development mode (project rebuilt and restarted when source files change)

npm run dev

Option #2: Run in production mode

npm run start