Merge branch 'main' of github.com:redwoodjs/redwood into feature/rw-s…

…erve-web

* 'main' of github.com:redwoodjs/redwood: (40 commits)
  Support generating typescript cells and pages | Autodetect ts project (redwoodjs#2279)
  create-redwood-app messages: moved app start commands to end (redwoodjs#2278)
  Add import type to configuration files (redwoodjs#2214)
  Bump @reach/skip-nav from 0.13.2 to 0.15.0 (redwoodjs#2237)
  Adding Setup Deploy Render Command (redwoodjs#2099)
  Disable role linting in Routes (redwoodjs#2318)
  v0.30.1 (redwoodjs#2322)
  teardown should attempt to delete dbName table (redwoodjs#2083)
  Restore @storybook/addon-a11y (redwoodjs#2309)
  fix(auth): Implement automatic token refresh on supported providers (redwoodjs#2277)
  fix(cli): move api-server dep from api to cli (redwoodjs#2307)
  Static typing for cells (redwoodjs#2208)
  Recommended Babel package upgrades (dependabot) (redwoodjs#2255)
  v0.30.0 (redwoodjs#2301)
  upgrade Prisma v2.21.0 (redwoodjs#2273)
  Further improvements to CONTRIBUTING.md (redwoodjs#2261)
  Adds better messages for rwt link | Watcher does not exist on build failure | Only remove node_modules after a succesful framework build (redwoodjs#2269)
  Update named param types in router readme (redwoodjs#2262)
  Bump core-js from 3.6.5 to 3.10.1 (redwoodjs#2243)
  Fix: webpack optimizations for JS (redwoodjs#2235)
  ...

babel.config.js

@@ -6,11 +6,12 @@ const TARGETS_BROWSERS = ['defaults', 'not IE 11', 'not IE_Mob 11']
 // instead of corejs: '3', since with '3' it will not be injected modules
 // which were added in minor core-js releases.
 // https://github.com/zloirock/core-js/blob/master/README.md#babelpreset-env
-const CORE_JS_VERSION = '3.6'
+const CORE_JS_VERSION = '3.10'
 
 // We use the recommended babel configuration for monorepos, which is a base directory
 // `babel.config.js` file, but then use a per-project `.babelrc.js` file.
 // Learn more: https://babeljs.io/docs/en/config-files#monorepos
+/** @type {import('@babel/core').TransformOptions} */
 module.exports = {
   presets: [
     [

lerna.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.28.4",
+  "version": "0.30.1",
   "npmClient": "yarn",
   "useWorkspaces": true,
   "command": {

package.json

@@ -17,25 +17,25 @@
     "packages/*"
   ],
   "devDependencies": {
-    "@babel/cli": "^7.11.6",
-    "@babel/core": "^7.11.6",
-    "@babel/node": "^7.10.5",
-    "@babel/plugin-proposal-class-properties": "^7.10.4",
-    "@babel/plugin-proposal-decorators": "^7.10.5",
-    "@babel/plugin-transform-runtime": "^7.11.5",
-    "@babel/preset-env": "^7.11.5",
-    "@babel/preset-react": "^7.10.4",
-    "@babel/preset-typescript": "^7.10.4",
-    "@babel/runtime-corejs3": "^7.11.2",
-    "@testing-library/jest-dom": "5.11.6",
+    "@babel/cli": "7.13.14",
+    "@babel/core": "7.13.15",
+    "@babel/node": "7.13.13",
+    "@babel/plugin-proposal-class-properties": "7.13.0",
+    "@babel/plugin-proposal-decorators": "7.13.15",
+    "@babel/plugin-transform-runtime": "7.13.15",
+    "@babel/preset-env": "7.13.15",
+    "@babel/preset-react": "7.13.13",
+    "@babel/preset-typescript": "7.13.0",
+    "@babel/runtime-corejs3": "7.13.10",
+    "@testing-library/jest-dom": "5.11.10",
     "@testing-library/react": "11.2.2",
-    "@testing-library/user-event": "12.5.0",
+    "@testing-library/user-event": "13.1.2",
     "@types/jest": "^26.0.14",
     "babel-jest": "^26.5.2",
-    "babel-plugin-auto-import": "^1.1.0",
-    "babel-plugin-module-resolver": "^4.0.0",
-    "babel-plugin-remove-code": "^0.0.6",
-    "core-js": "3.6.5",
+    "babel-plugin-auto-import": "1.1.0",
+    "babel-plugin-module-resolver": "4.1.0",
+    "babel-plugin-remove-code": "0.0.6",
+    "core-js": "3.10.1",
     "cp-cli": "^2.0.0",
     "cross-env": "^7.0.2",
     "jest": "^26.5.3",

packages/api-server/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@redwoodjs/api-server",
   "description": "Redwood's HTTP server for Serverless Functions",
-  "version": "0.28.4",
+  "version": "0.30.1",
   "bin": {
     "api-server": "./dist/index.js",
     "rw-api-server": "./dist/index.js",

packages/api/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@redwoodjs/api",
-  "version": "0.28.4",
+  "version": "0.30.1",
   "files": [
     "dist",
     "logger"
@@ -10,11 +10,11 @@
   "license": "MIT",
   "dependencies": {
     "@graphql-tools/merge": "6.2.10",
-    "@prisma/client": "2.20.1",
-    "@redwoodjs/internal": "^0.28.4",
+    "@prisma/client": "2.21.2",
+    "@redwoodjs/internal": "^0.30.1",
     "@types/pino": "^6.3.6",
     "apollo-server-lambda": "2.22.2",
-    "core-js": "3.6.5",
+    "core-js": "3.10.1",
     "graphql": "15.5.0",
     "graphql-scalars": "1.9.0",
     "jsonwebtoken": "^8.5.1",
@@ -25,8 +25,8 @@
     "pino-pretty": "^4.7.0"
   },
   "devDependencies": {
-    "@redwoodjs/auth": "^0.28.4",
-    "@redwoodjs/dev-server": "^0.28.4",
+    "@redwoodjs/auth": "^0.30.1",
+    "@redwoodjs/dev-server": "^0.30.1",
     "@types/jsonwebtoken": "^8.3.9",
     "@types/lodash.merge": "^4.6.6",
     "@types/lodash.omitby": "^4.6.6",

packages/api/src/auth/decoders/auth0.ts

@@ -33,44 +33,33 @@ export const verifyAuth0Token = (
       )
     }
 
-    if (
-      process.env.NODE_ENV === 'development' ||
-      process.env.NODE_ENV === 'test'
-    ) {
-      const decoded = jwt.decode(bearerToken)
-      resolve(
-        typeof decoded === 'undefined'
-          ? null
-          : (decoded as Record<string, unknown>)
-      )
-    } else {
-      const client = jwksClient({
-        jwksUri: `https://${AUTH0_DOMAIN}/.well-known/jwks.json`,
-      })
-      jwt.verify(
-        bearerToken,
-        (header, callback) => {
-          client.getSigningKey(header.kid as string, (error, key) => {
-            callback(error, key.getPublicKey())
-          })
-        },
-        {
-          audience: AUTH0_AUDIENCE,
-          issuer: `https://${AUTH0_DOMAIN}/`,
-          algorithms: ['RS256'],
-        },
-        (verifyError, decoded) => {
-          if (verifyError) {
-            return reject(verifyError)
-          }
-          resolve(
-            typeof decoded === 'undefined'
-              ? null
-              : (decoded as Record<string, unknown>)
-          )
+    const client = jwksClient({
+      jwksUri: `https://${AUTH0_DOMAIN}/.well-known/jwks.json`,
+    })
+
+    jwt.verify(
+      bearerToken,
+      (header, callback) => {
+        client.getSigningKey(header.kid as string, (error, key) => {
+          callback(error, key.getPublicKey())
+        })
+      },
+      {
+        audience: AUTH0_AUDIENCE,
+        issuer: `https://${AUTH0_DOMAIN}/`,
+        algorithms: ['RS256'],
+      },
+      (verifyError, decoded) => {
+        if (verifyError) {
+          return reject(verifyError)
         }
-      )
-    }
+        resolve(
+          typeof decoded === 'undefined'
+            ? null
+            : (decoded as Record<string, unknown>)
+        )
+      }
+    )
   })
 }
 

packages/api/src/auth/decoders/netlify.ts

@@ -1,10 +1,19 @@
 import type { Context as LambdaContext, ClientContext } from 'aws-lambda'
-import jwt from 'jsonwebtoken'
+import jwt, { TokenExpiredError } from 'jsonwebtoken'
+// import type { TokenExpiredError } from 'jsonwebtoken'
 
 type NetlifyContext = ClientContext & {
   user?: Record<string, unknown>
 }
 
+interface NetlifyTokenPayload extends Record<string, unknown> {
+  exp: number
+  sub: string
+  email: string
+  app_metadata: Record<string, unknown>
+  user_metadata: Record<string, unknown>
+}
+
 export const netlify = (token: string, req: { context: LambdaContext }) => {
   // Netlify verifies and decodes the JWT before the request is passed to our
   // Serverless function, so the decoded JWT is already available in production.
@@ -15,7 +24,19 @@ export const netlify = (token: string, req: { context: LambdaContext }) => {
     process.env.NODE_ENV === 'development' ||
     process.env.NODE_ENV === 'test'
   ) {
-    return jwt.decode(token)
+    // In dev, we don't have access to the JWT private key to verify
+    // So we simulate a verification
+    const decodedToken = jwt.decode(token) as NetlifyTokenPayload
+    const nowTimestamp = Math.floor(Date.now() / 1000)
+
+    if (nowTimestamp >= decodedToken.exp) {
+      throw new TokenExpiredError(
+        'jwt expired',
+        new Date(decodedToken.exp * 1000)
+      )
+    }
+
+    return decodedToken
   } else {
     const clientContext = req.context.clientContext as NetlifyContext
     return clientContext?.user || null

packages/api/src/globalContext.ts

@@ -14,9 +14,7 @@
 
 import { AsyncLocalStorage } from 'async_hooks'
 
-export interface GlobalContext {
-  [key: string]: unknown
-}
+export interface GlobalContext extends Record<string, unknown> {}
 
 let GLOBAL_CONTEXT: GlobalContext = {}
 let PER_REQUEST_CONTEXT:

packages/auth/package.json

@@ -1,22 +1,22 @@
 {
   "name": "@redwoodjs/auth",
-  "version": "0.28.4",
+  "version": "0.30.1",
   "files": [
     "dist"
   ],
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "license": "MIT",
   "devDependencies": {
-    "@auth0/auth0-spa-js": "^1.7.0",
-    "@supabase/supabase-js": "^1.7.7",
-    "@types/netlify-identity-widget": "^1.4.1",
+    "@auth0/auth0-spa-js": "^1.14.0",
+    "@supabase/supabase-js": "^1.11.2",
+    "@types/netlify-identity-widget": "^1.9.1",
     "@types/react": "17.0.3",
-    "firebase": "^7.14.5",
-    "firebase-admin": "^9.1.1",
+    "firebase": "^8.4.1",
+    "firebase-admin": "^9.6.0",
     "gotrue-js": "^0.9.29",
     "magic-sdk": "^2.5.0",
-    "msal": "^1.4.1",
+    "msal": "^1.4.9",
     "netlify-identity-widget": "1.9.1",
     "nhost-js-sdk": "^3.0.0-14",
     "react": "^17.0.1"

packages/auth/src/authClients/firebase.ts

@@ -1,6 +1,5 @@
-import type * as Firebase from 'firebase/app'
-
-export type Firebase = typeof Firebase
+import type FirebaseNamespace from 'firebase/app'
+export type Firebase = typeof FirebaseNamespace
 
 import { AuthClient } from './'
 

packages/auth/src/authClients/netlify.ts

@@ -41,6 +41,9 @@ export const netlify = (client: NetlifyIdentity): AuthClient => {
       })
     },
     getToken: async () => {
+      // The client refresh function only actually refreshes token
+      // when it's been expired. Don't panic
+      await client.refresh()
       const user = await client.currentUser()
       return user?.token?.access_token || null
     },

packages/auth/src/index.ts

@@ -1,4 +1,4 @@
 export { SupportedAuthTypes } from './authClients'
 
-export { AuthProvider, AuthContextInterface } from './AuthProvider'
+export { AuthProvider, AuthContextInterface, CurrentUser } from './AuthProvider'
 export { useAuth } from './useAuth'

packages/cli/jsconfig.json

@@ -13,5 +13,6 @@
     { "path": "../internal" },
     { "path": "../structure" },
     { "path": "../prerender" },
+    { "path": "../api-server" },
   ]
 }

packages/cli/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@redwoodjs/cli",
   "description": "The Redwood Command Line",
-  "version": "0.28.4",
+  "version": "0.30.1",
   "license": "MIT",
   "bin": {
     "redwood": "./dist/index.js",
@@ -13,15 +13,16 @@
     "dist"
   ],
   "dependencies": {
-    "@prisma/sdk": "2.20.1",
-    "@redwoodjs/internal": "^0.28.4",
-    "@redwoodjs/prerender": "^0.28.4",
-    "@redwoodjs/structure": "^0.28.4",
+    "@prisma/sdk": "2.21.2",
+    "@redwoodjs/internal": "^0.30.1",
+    "@redwoodjs/prerender": "^0.30.1",
+    "@redwoodjs/structure": "^0.30.1",
+    "@redwoodjs/api-server": "^0.30.1",
     "boxen": "^4.2.0",
     "camelcase": "^6.0.0",
     "chalk": "^4.1.0",
     "concurrently": "^5.1.0",
-    "core-js": "3.6.5",
+    "core-js": "3.10.1",
     "cross-env": "^7.0.2",
     "decamelize": "^4.0.0",
     "dotenv-defaults": "^2.0.1",
@@ -36,7 +37,7 @@
     "pascalcase": "^1.0.0",
     "pluralize": "^8.0.0",
     "prettier": "^2.1.1",
-    "prompts": "^2.4.0",
+    "prompts": "^2.4.1",
     "rimraf": "^3.0.2",
     "terminal-link": "^2.1.1",
     "yargs": "^16.0.3"

packages/cli/src/commands/deploy/render.js

@@ -0,0 +1,66 @@
+import execa from 'execa'
+import terminalLink from 'terminal-link'
+
+import { getPaths } from 'src/lib'
+
+export const command = 'render <side> [...commands]'
+export const description = 'Build command for Render deploy'
+export const builder = (yargs) => {
+  yargs
+    .positional('side', {
+      choices: ['api', 'web'],
+      description: 'select side to build',
+      type: 'string',
+    })
+    .option('build', {
+      description: 'Build for production',
+      type: 'boolean',
+      default: 'true',
+    })
+    .option('prisma', {
+      description: 'Apply database migrations',
+      type: 'boolean',
+      default: 'true',
+    })
+    .option('data-migrate', {
+      description: 'Migrate the data in your database',
+      type: 'boolean',
+      default: 'true',
+      alias: 'dm',
+    })
+    .epilogue(
+      `For more commands, options, and examples, see ${terminalLink(
+        'Redwood CLI Reference',
+        'https://redwoodjs.com/docs/cli-commands#deploy'
+      )}`
+    )
+}
+
+export const handler = async ({ side, build, prisma, dm: dataMigrate }) => {
+  const paths = getPaths()
+  let commandSet = []
+  if (side == 'api') {
+    if (build) {
+      commandSet.push('yarn rw build api')
+    }
+    if (prisma) {
+      commandSet.push('yarn rw prisma migrate deploy')
+    }
+    if (dataMigrate) {
+      commandSet.push('yarn rw dataMigrate up')
+    }
+  } else if (side == 'web') {
+    if (build) {
+      commandSet.push('yarn')
+      commandSet.push('yarn rw build web')
+    }
+  }
+
+  execa(commandSet.join(' && '), {
+    shell: true,
+    stdio: 'inherit',
+    cwd: paths.base,
+    extendEnv: true,
+    cleanup: true,
+  })
+}