refactor custom domain queries, todo dynamic callback for login

Author: Soxasora

api/resolvers/domain.js

@@ -0,0 +1,57 @@
+import { validateSchema, customDomainSchema } from '@/lib/validate'
+import { GqlAuthenticationError, GqlInputError } from '@/lib/error'
+import { randomBytes } from 'node:crypto'
+
+export default {
+  Query: {
+    customDomain: async (parent, { subName }, { models }) => {
+      return models.customDomain.findUnique({ where: { subName } })
+    }
+  },
+  Mutation: {
+    setCustomDomain: async (parent, { subName, domain }, { me, models }) => {
+      if (!me) {
+        throw new GqlAuthenticationError()
+      }
+
+      const sub = await models.sub.findUnique({ where: { name: subName } })
+      if (!sub) {
+        throw new GqlInputError('sub not found')
+      }
+
+      if (sub.userId !== me.id) {
+        throw new GqlInputError('you do not own this sub')
+      }
+      domain = domain.trim() // protect against trailing spaces
+      if (domain && !validateSchema(customDomainSchema, { domain })) {
+        throw new GqlInputError('Invalid domain format')
+      }
+
+      if (domain) {
+        const existing = await models.customDomain.findUnique({ where: { subName } })
+        if (existing) {
+          if (domain === existing.domain) {
+            throw new GqlInputError('domain already set')
+          }
+          return await models.customDomain.update({
+            where: { subName },
+            data: { domain, dnsState: 'PENDING', sslState: 'PENDING' }
+          })
+        } else {
+          return await models.customDomain.create({
+            data: {
+              domain,
+              dnsState: 'PENDING',
+              verificationTxt: randomBytes(32).toString('base64'), // TODO: explore other options
+              sub: {
+                connect: { name: subName }
+              }
+            }
+          })
+        }
+      } else {
+        return await models.customDomain.delete({ where: { subName } })
+      }
+    }
+  }
+}

api/resolvers/index.js

@@ -20,6 +20,7 @@ import { GraphQLScalarType, Kind } from 'graphql'
 import { createIntScalar } from 'graphql-scalar'
 import paidAction from './paidAction'
 import vault from './vault'
+import domain from './domain'
 
 const date = new GraphQLScalarType({
   name: 'Date',
@@ -56,4 +57,4 @@ const limit = createIntScalar({
 
 export default [user, item, message, wallet, lnurl, notifications, invite, sub,
   upload, search, growth, rewards, referrals, price, admin, blockHeight, chainFee,
-  { JSONObject }, { Date: date }, { Limit: limit }, paidAction, vault]
+  domain, { JSONObject }, { Date: date }, { Limit: limit }, paidAction, vault]

api/typeDefs/domain.js

@@ -0,0 +1,25 @@
+import { gql } from 'graphql-tag'
+
+export default gql`
+  extend type Query {
+    customDomain(subName: String!): CustomDomain
+  }
+
+  extend type Mutation {
+    setCustomDomain(subName: String!, domain: String!): CustomDomain
+  }
+
+  type CustomDomain {
+    createdAt: Date!
+    updatedAt: Date!
+    domain: String!
+    subName: String!
+    dnsState: String
+    sslState: String
+    certificateArn: String
+    lastVerifiedAt: Date
+    verificationCname: String
+    verificationCnameValue: String
+    verificationTxt: String
+  }
+`

api/typeDefs/index.js

@@ -19,6 +19,7 @@ import blockHeight from './blockHeight'
 import chainFee from './chainFee'
 import paidAction from './paidAction'
 import vault from './vault'
+import domain from './domain'
 
 const common = gql`
   type Query {
@@ -39,4 +40,4 @@ const common = gql`
 `
 
 export default [common, user, item, itemForward, message, wallet, lnurl, notifications, invite,
-  sub, upload, growth, rewards, referrals, price, admin, blockHeight, chainFee, paidAction, vault]
+  sub, upload, growth, rewards, referrals, price, admin, blockHeight, chainFee, domain, paidAction, vault]

api/typeDefs/sub.js

@@ -7,21 +7,6 @@ export default gql`
     subs: [Sub!]!
     topSubs(cursor: String, when: String, from: String, to: String, by: String, limit: Limit): Subs
     userSubs(name: String!, cursor: String, when: String, from: String, to: String, by: String, limit: Limit): Subs
-    customDomain(subName: String!): CustomDomain
-  }
-
-  type CustomDomain {
-    createdAt: Date!
-    updatedAt: Date!
-    domain: String!
-    subName: String!
-    dnsState: String
-    sslState: String
-    certificateArn: String
-    lastVerifiedAt: Date
-    verificationCname: String
-    verificationCnameValue: String
-    verificationTxt: String
   }
 
   type Subs {
@@ -43,7 +28,6 @@ export default gql`
       replyCost: Int!, postTypes: [String!]!,
       billingType: String!, billingAutoRenew: Boolean!,
       moderated: Boolean!, nsfw: Boolean!): SubPaidAction!
-    setCustomDomain(subName: String!, domain: String!): CustomDomain
   }
 
   type Sub {

components/territory-domains.js

@@ -1,34 +1,11 @@
 import { Badge } from 'react-bootstrap'
 import { Form, Input, SubmitButton } from './form'
-import { gql, useMutation, useQuery } from '@apollo/client'
+import { useMutation, useQuery } from '@apollo/client'
 import { customDomainSchema } from '@/lib/validate'
 import ActionTooltip from './action-tooltip'
 import { useToast } from '@/components/toast'
 import { NORMAL_POLL_INTERVAL, SSR } from '@/lib/constants'
-
-const SET_CUSTOM_DOMAIN = gql`
-  mutation SetCustomDomain($subName: String!, $domain: String!) {
-    setCustomDomain(subName: $subName, domain: $domain) {
-      domain
-      dnsState
-      sslState
-    }
-  }
-`
-
-const GET_CUSTOM_DOMAIN = gql`
-  query CustomDomain($subName: String!) {
-    customDomain(subName: $subName) {
-      domain
-      dnsState
-      sslState
-      verificationCname
-      verificationCnameValue
-      verificationTxt
-      lastVerifiedAt
-    }
-  }
-`
+import { GET_CUSTOM_DOMAIN, SET_CUSTOM_DOMAIN } from '@/fragments/domains'
 
 // TODO: clean this up
 export default function CustomDomainForm ({ sub }) {

fragments/domains.js

@@ -0,0 +1,33 @@
+import { gql } from 'graphql-tag'
+
+export const GET_CUSTOM_DOMAIN = gql`
+  query CustomDomain($subName: String!) {
+    customDomain(subName: $subName) {
+      domain
+      dnsState
+      sslState
+      verificationCname
+      verificationCnameValue
+      verificationTxt
+      lastVerifiedAt
+    }
+  }
+`
+
+export const GET_CUSTOM_DOMAIN_FULL = gql`
+  ${GET_CUSTOM_DOMAIN}
+  fragment CustomDomainFull on CustomDomain {
+    ...CustomDomainFields
+    certificateArn
+  }
+`
+
+export const SET_CUSTOM_DOMAIN = gql`
+  mutation SetCustomDomain($subName: String!, $domain: String!) {
+    setCustomDomain(subName: $subName, domain: $domain) {
+      domain
+      dnsState
+      sslState
+    }
+  }
+`

lib/domains.js

@@ -46,6 +46,7 @@ export async function certDetails (certificateArn) {
   }
 }
 
+// TODO: Test with real values, localstack don't have this info until the certificate is issued
 export async function getValidationValues (certificateArn) {
   const certificate = await certDetails(certificateArn)
   console.log(certificate.DomainValidationOptions)

middleware.js

@@ -1,5 +1,6 @@
 import { NextResponse, URLPattern } from 'next/server'
 import { cachedFetcher } from '@/lib/fetch'
+
 const referrerPattern = new URLPattern({ pathname: ':pathname(*)/r/:referrer([\\w_]+)' })
 const itemPattern = new URLPattern({ pathname: '/items/:id(\\d+){/:other(\\w+)}?' })
 const profilePattern = new URLPattern({ pathname: '/:name([\\w_]+){/:type(\\w+)}?' })
@@ -13,10 +14,11 @@ const SN_REFERRER_NONCE = 'sn_referrer_nonce'
 const SN_REFEREE_LANDING = 'sn_referee_landing'
 
 const TERRITORY_PATHS = ['/~', '/recent', '/random', '/top', '/post', '/edit']
-const NO_REWRITE_PATHS = ['/api', '/_next', '/_error', '/404', '/500', '/offline', '/static']
+const NO_REWRITE_PATHS = ['/api', '/_next', '/_error', '/404', '/500', '/offline', '/static', '/signup', '/login', '/logout']
 
+// TODO: move this to a separate file
 // fetch custom domain mappings from our API, caching it for 5 minutes
-const getDomainMappingsCache = cachedFetcher(async function fetchDomainMappings () {
+export const getDomainMappingsCache = cachedFetcher(async function fetchDomainMappings () {
   const url = `${process.env.NEXT_PUBLIC_URL}/api/domains`
   try {
     const response = await fetch(url)
@@ -37,6 +39,12 @@ const getDomainMappingsCache = cachedFetcher(async function fetchDomainMappings
   keyGenerator: () => 'domain_mappings'
 })
 
+// get a domain mapping from the cache
+export async function getDomainMapping (domain) {
+  const domainMappings = await getDomainMappingsCache()
+  return domainMappings?.[domain]
+}
+
 export async function customDomainMiddleware (request, referrerResp) {
   const host = request.headers.get('host')
   const referer = request.headers.get('referer')
@@ -48,14 +56,13 @@ export async function customDomainMiddleware (request, referrerResp) {
 
   console.log('referer', referer)
 
-  const domainMapping = await getDomainMappingsCache()
-  console.log('domainMapping', domainMapping)
-  const domainInfo = domainMapping?.[host.toLowerCase()]
+  const domainInfo = await getDomainMapping(host?.toLowerCase())
   if (!domainInfo) {
     console.log('Redirecting to main domain')
     return NextResponse.redirect(new URL(pathname, mainDomain))
   }
 
+  // todo: obviously this is not the best way to do this
   if (NO_REWRITE_PATHS.some(p => pathname.startsWith(p)) || pathname.includes('.')) {
     return NextResponse.next()
   }

pages/login.js

@@ -25,6 +25,7 @@ export async function getServerSideProps ({ req, res, query: { callbackUrl, mult
     console.error('error decoding callback:', callbackUrl, err)
   }
 
+  // TODO: custom domain mapping
   if (external) {
     callbackUrl = '/'
   }