chore: wip

Author: chrisbbreuer

storage/framework/core/api/package.json

@@ -45,6 +45,6 @@
   "devDependencies": {
     "@stacksjs/development": "workspace:*",
     "@stacksjs/utils": "workspace:*",
-    "ts-open-api": "workspace:*"
+    "ts-open-api": "link:ts-open-api"
   }
 }

storage/framework/core/auth/package.json

@@ -34,12 +34,12 @@
     "typecheck": "bun tsc --noEmit",
     "prepublishOnly": "bun run build"
   },
+  "dependencies": {
+    "ts-auth": "link:ts-auth"
+  },
   "devDependencies": {
-    "@simplewebauthn/browser": "^13.1.2",
-    "@simplewebauthn/server": "^13.1.2",
     "@stacksjs/development": "workspace:*",
     "@stacksjs/error-handling": "workspace:*",
-    "@stacksjs/router": "workspace:*",
-    "otplib": "^12.0.1"
+    "@stacksjs/router": "workspace:*"
   }
 }

storage/framework/core/auth/src/authenticator.ts

@@ -1,35 +1,49 @@
 import { handleError } from '@stacksjs/error-handling'
-import { authenticator } from 'otplib'
-import qrcode from 'qrcode'
+import { generate, generateQRCodeDataURL, generateSecret, keyuri, QRErrorCorrection, verify } from 'ts-auth'
 
 export function generateTwoFactorSecret(): string {
-  const secret = authenticator.generateSecret()
-
-  return secret
+  return generateSecret()
 }
 
 export type Token = string
 export type Secret = string
-export function generateTwoFactorToken(): Token {
-  return authenticator.generate(generateTwoFactorSecret())
+
+export function generateTwoFactorToken(secret: Secret): Token {
+  return generate({ secret })
 }
 
 export function verifyTwoFactorCode(token: Token, secret: Secret): boolean {
-  const isValid = authenticator.verify({ token, secret })
-
-  return isValid
+  return verify(token, { secret })
 }
 
-export function generateQrCode(): void {
-  const user = 'johndoe@example.com'
-  const service = 'StacksJS 2fa'
-  const secret = generateTwoFactorSecret()
-  const otpauth = authenticator.keyuri(user, service, secret)
+/**
+ * Generate a QR code for two-factor authentication
+ *
+ * @param user - User identifier (email or username)
+ * @param service - Service name (e.g., 'StacksJS 2FA')
+ * @param secret - Optional secret (will be generated if not provided)
+ * @returns Promise resolving to the data URL of the QR code
+ */
+export async function generateQrCode(
+  user?: string,
+  service?: string,
+  secret?: Secret
+): Promise<string> {
+  const userIdentifier = user || 'johndoe@example.com'
+  const serviceName = service || 'StacksJS 2fa'
+  const otpSecret = secret || generateTwoFactorSecret()
+  const otpauth = keyuri(userIdentifier, serviceName, otpSecret)
 
-  qrcode.toDataURL(otpauth, (err: any) => {
-    // qrcode.toDataURL(otpauth, (err: any, imageUrl: any) => {
-    if (err) {
-      handleError('Error with QR', err)
-    }
-  })
+  try {
+    return await generateQRCodeDataURL({
+      text: otpauth,
+      width: 256,
+      height: 256,
+      correctLevel: QRErrorCorrection.H,
+    })
+  }
+  catch (error) {
+    handleError('Error generating QR code', error)
+    throw error
+  }
 }

storage/framework/core/security/package.json

@@ -34,13 +34,14 @@
     "typecheck": "bun tsc --noEmit",
     "prepublishOnly": "bun run build"
   },
+  "dependencies": {
+    "ts-security-crypto": "link:ts-security-crypto"
+  },
   "devDependencies": {
     "@stacksjs/config": "workspace:*",
     "@stacksjs/development": "workspace:*",
     "@stacksjs/env": "workspace:*",
     "@stacksjs/types": "workspace:*",
-    "@stacksjs/validation": "workspace:*",
-    "crypto-js": "^4.2.0",
-    "js-base64": "^3.7.8"
+    "@stacksjs/validation": "workspace:*"
   }
 }

storage/framework/core/security/src/crypt.ts

@@ -1,23 +1,23 @@
 import { config } from '@stacksjs/config'
-import aes from 'crypto-js/aes'
-import utf8 from 'crypto-js/enc-utf8'
+import { decrypt as cryptoDecrypt, encrypt as cryptoEncrypt } from 'ts-security-crypto'
 
-function encrypt(message: string, customPassphrase?: string): string {
+async function encrypt(message: string, customPassphrase?: string): Promise<string> {
   const passphrase = customPassphrase || config.app.key
 
   if (!passphrase)
     throw new Error('APP_KEY is not defined')
 
-  return aes.encrypt(message, passphrase).toString()
+  const result = await cryptoEncrypt(message, passphrase)
+  return result.encrypted
 }
 
-function decrypt(encrypted: string, customPassphrase?: string): string {
+async function decrypt(encrypted: string, customPassphrase?: string): Promise<string> {
   const passphrase = customPassphrase || config.app.key
 
   if (!passphrase)
     throw new Error('APP_KEY is not defined')
 
-  return aes.decrypt(encrypted, passphrase).toString(utf8)
+  return await cryptoDecrypt(encrypted, passphrase)
 }
 
 export { decrypt, encrypt }

storage/framework/core/security/src/hash.ts

@@ -1,6 +1,5 @@
 import { hashing } from '@stacksjs/config'
-import md5 from 'crypto-js/md5'
-import { Base64 } from 'js-base64'
+import { base64Decode, base64Encode, hashPassword, md5, verifyPassword } from 'ts-security-crypto'
 
 interface MakeOptions {
   algorithm?: 'bcrypt' | 'base64' | 'argon2'
@@ -9,7 +8,7 @@ interface MakeOptions {
 
 async function make(password: string, options?: MakeOptions): Promise<string> {
   if (options?.algorithm === 'argon2')
-    return await argon2Encode(password, { type: 'argon2id' })
+    return await argon2Encode(password, { type: options.type || 'argon2id' })
   if (options?.algorithm === 'bcrypt')
     return await bcryptEncode(password)
   if (options?.algorithm === 'base64')
@@ -35,12 +34,10 @@ export async function bcryptEncode(password: string): Promise<string> {
   if (!hashing.bcrypt)
     throw new Error('Bcrypt hashing is not configured')
 
-  const bcryptHash = await Bun.password.hash(password, {
+  return await hashPassword(password, {
     algorithm: 'bcrypt',
     cost: hashing.bcrypt.cost,
   })
-
-  return bcryptHash
 }
 
 export async function argon2Encode(
@@ -50,33 +47,27 @@ export async function argon2Encode(
   if (!hashing.argon2)
     throw new Error('Argon2 hashing is not configured')
 
-  const argon2Hash = await Bun.password.hash(password, {
+  return await hashPassword(password, {
     algorithm: options?.type || 'argon2id',
     memoryCost: hashing.argon2.memory,
     timeCost: hashing.argon2.time,
   })
-
-  return argon2Hash
 }
 
 export async function argon2Verify(password: string, hash: string): Promise<boolean> {
-  return await Bun.password.verify(password, hash)
+  return await verifyPassword(password, hash)
 }
 
 export async function bcryptVerify(password: string, hash: string): Promise<boolean> {
-  return await Bun.password.verify(password, hash)
-}
-
-export function base64Encode(password: string): string {
-  return Base64.encode(password)
+  return await verifyPassword(password, hash)
 }
 
 export function base64Verify(password: string, hash: string): boolean {
-  return Base64.decode(hash) === password
+  return base64Decode(hash) === password
 }
 
-export function md5Encode(password: string): CryptoJS.lib.WordArray {
+export function md5Encode(password: string): string {
   return md5(password)
 }
 
-export { make as makeHash, verify as verifyHash }
+export { make as makeHash, verify as verifyHash, base64Encode }

storage/framework/core/security/src/key.ts

@@ -1,11 +1,5 @@
-import { getRandomValues } from 'node:crypto'
-import base64 from 'crypto-js/enc-base64'
-import utf8 from 'crypto-js/enc-utf8'
+import { generateKey } from 'ts-security-crypto'
 
 export function generateAppKey(): string {
-  const random = getRandomValues(new Uint8Array(32))
-  const encodedWord = utf8.parse(random.toString())
-  const key = base64.stringify(encodedWord)
-
-  return `base64:${key}`
+  return generateKey(32)
 }

storage/framework/core/server/package.json

@@ -48,7 +48,6 @@
     "@stacksjs/path": "workspace:*",
     "@stacksjs/router": "workspace:*",
     "@stacksjs/validation": "workspace:*",
-    "bun-plugin-auto-imports": "^0.3.1",
-    "vite": "npm:rolldown-vite@latest"
+    "bun-plugin-auto-imports": "^0.3.1"
   }
 }

storage/framework/core/socials/package.json

@@ -35,11 +35,8 @@
     "prepublishOnly": "bun run build"
   },
   "devDependencies": {
-    "@simplewebauthn/browser": "^13.1.2",
-    "@simplewebauthn/server": "^13.1.2",
     "@stacksjs/development": "workspace:*",
     "@stacksjs/error-handling": "workspace:*",
-    "@stacksjs/router": "workspace:*",
-    "otplib": "^12.0.1"
+    "@stacksjs/router": "workspace:*"
   }
 }

storage/framework/core/storage/package.json

@@ -47,13 +47,11 @@
     "typecheck": "bun tsc --noEmit",
     "prepublishOnly": "bun run build"
   },
-  "devDependencies": {
+  "dependencies": {
     "@aws-sdk/client-s3": "^3.876.0",
-    "@flystorage/aws-s3": "^1.2.0",
-    "@flystorage/chaos": "^1.1.0",
-    "@flystorage/file-storage": "^1.1.0",
-    "@flystorage/in-memory": "^1.1.0",
-    "@flystorage/local-fs": "^1.1.0",
+    "@aws-sdk/s3-request-presigner": "^3.876.0"
+  },
+  "devDependencies": {
     "@stacksjs/arrays": "workspace:*",
     "@stacksjs/development": "workspace:*",
     "@stacksjs/error-handling": "workspace:*",