feat: cloud and ee (#805)

* stripe init git submodules for enterprise modules * * Cloud billing UI - WIP * Proxy websockets in dev mode * Separate workspace login and creation for cloud * Other fixes * feat: billing (cloud) * * add domain service * prepare links from workspace hostname * WIP * Add exchange token generation * Validate JWT token type during verification * domain service * add SkipTransform decorator * * updates (server) * add new packages * new sso migration file * WIP * Fix hostname generation * WIP * WIP * Reduce input error font-size * set max password length * jwt package * license page - WIP * * License management UI * Move license key store to db * add reflector * SSO enforcement * * Add default plan * Add usePlan hook * * Fix auth container margin in mobile * Redirect login and home to select page in cloud * update .gitignore * Default to yearly * * Trial messaging * Handle ended trials * Don't set to readonly on collab disconnect (Cloud) * Refine trial (UI) * Fix bug caused by using jotai optics atom in AppHeader component * configurable database maximum pool * Close SSO form on save * wip * sync * Only show sign-in in cloud * exclude base api part from workspaceId check * close db connection beforeApplicationShutdown * Add health/live endpoint * clear cookie on hostname change * reset currentUser atom * Change text * return 401 if workspace does not match * feat: show user workspace list in cloud login page * sync * Add home path * Prefetch to speed up queries * * Add robots.txt * Disallow login and forgot password routes * wildcard user-agent * Fix space query cache * fix * fix * use space uuid for recent pages * prefetch billing plans * enhance license page * sync
2025-11-16 12:31:11 +10:00 · 2025-03-06 13:38:37 +00:00
parent 91596be70e
commit b81c9ee10c
148 changed files with 8947 additions and 3458 deletions
--- a/apps/server/src/common/decorators/skip-transform.decorator.ts
+++ b/apps/server/src/common/decorators/skip-transform.decorator.ts
@ -0,0 +1,4 @@
+import { SetMetadata } from '@nestjs/common';
+
+export const SKIP_TRANSFORM_KEY = 'SKIP_TRANSFORM';
+export const SkipTransform = () => SetMetadata(SKIP_TRANSFORM_KEY, true);
--- a/apps/server/src/common/guards/jwt-auth.guard.ts
+++ b/apps/server/src/common/guards/jwt-auth.guard.ts
@ -6,10 +6,15 @@ import {
 import { AuthGuard } from '@nestjs/passport';
 import { IS_PUBLIC_KEY } from '../decorators/public.decorator';
 import { Reflector } from '@nestjs/core';
+import { EnvironmentService } from '../../integrations/environment/environment.service';
+import { addDays } from 'date-fns';

@Injectable()
 export class JwtAuthGuard extends AuthGuard('jwt') {
-  constructor(private reflector: Reflector) {
+  constructor(
+    private reflector: Reflector,
+    private environmentService: EnvironmentService,
+  ) {
    super();
  }

@ -26,10 +31,40 @@ export class JwtAuthGuard extends AuthGuard('jwt') {
    return super.canActivate(context);
  }

-  handleRequest(err: any, user: any, info: any) {
+  handleRequest(err: any, user: any, info: any, ctx: ExecutionContext) {
    if (err || !user) {
      throw err || new UnauthorizedException();
    }
+
+    this.setJoinedWorkspacesCookie(user, ctx);
    return user;
  }
+
+  setJoinedWorkspacesCookie(user: any, ctx: ExecutionContext) {
+    if (this.environmentService.isCloud()) {
+      const req = ctx.switchToHttp().getRequest();
+      const res = ctx.switchToHttp().getResponse();
+
+      const workspaceId = user?.workspace?.id;
+      let hosts = [];
+      try {
+        hosts = req.cookies.workspaces ? JSON.parse(req.cookies.hosts) : [];
+      } catch (err) {
+        /* empty */
+      }
+
+      if (!hosts.includes(workspaceId)) {
+        hosts.push(workspaceId);
+      }
+
+      // todo: revisit
+      res.setCookie('joinedWorkspaces', JSON.stringify(hosts), {
+        httpOnly: false,
+        domain: '.' + this.environmentService.getSubdomainHost(),
+        path: '/',
+        expires: addDays(new Date(), 365),
+        secure: this.environmentService.isHttps(),
+      });
+    }
+  }
 }
--- a/apps/server/src/common/interceptors/http-response.interceptor.ts
+++ b/apps/server/src/common/interceptors/http-response.interceptor.ts
@ -5,6 +5,8 @@ import {
  NestInterceptor,
 } from '@nestjs/common';
 import { map, Observable } from 'rxjs';
+import { Reflector } from '@nestjs/core';
+import { SKIP_TRANSFORM_KEY } from '../decorators/skip-transform.decorator';
 export interface Response<T> {
  data: T;
 }
@ -13,15 +15,18 @@ export interface Response<T> {
 export class TransformHttpResponseInterceptor<T>
  implements NestInterceptor<T, Response<T>>
 {
+  constructor(private reflector: Reflector) {}
+
  intercept(
    context: ExecutionContext,
    next: CallHandler<T>,
  ): Observable<Response<T> | any> {
-    const request = context.switchToHttp().getRequest();
-    const path = request.url;
+    const skipTransform = this.reflector.get(
+      SKIP_TRANSFORM_KEY,
+      context.getHandler(),
+    );

-    // Skip interceptor for the /api/health path
-    if (path === '/api/health') {
+    if (skipTransform) {
      return next.handle();
    }

--- a/apps/server/src/common/middlewares/domain.middleware.ts
+++ b/apps/server/src/common/middlewares/domain.middleware.ts
@ -32,7 +32,8 @@ export class DomainMiddleware implements NestMiddleware {
      const workspace = await this.workspaceRepo.findByHostname(subdomain);

      if (!workspace) {
-        throw new NotFoundException('Workspace not found');
+        (req as any).workspaceId = null;
+        return next();
      }

      (req as any).workspaceId = workspace.id;