Next breaking change (#336)

* email delivery skeleton added for emailpasword, emailverification and passwordless recipes

* changes name of type var and adds comment during normalising of email verification input in emailpassword

* pr review changes

* more simplification

* fixes a bug

* removes unnecessary type

* fixes a bug with override

* code review changes

* typo fix for EmailDeliveryIngredient

* email delivery ingredient changes for thirdparty and thirdpartyemailpassword and adding deprecated tag for createAndSendCustomEmail functions

* creating backward compatibility service class

* added deprecation description for createAndSendEmail functions

* code review changes

* import {STMPService} from "supertokens-node/recipe/emailpassword/emaildelivery" changed to import {STMPService} from "supertokens-node/recipe/emailpassword/emaildelivery/services"

* refactor: email sending service code review changes (#280)

* code review changes regarding pr #274

* refactors some code and adds builder param to override

* adds derived impl of emailverification inside emailpassword emaildelivery

* code refactoring: updated variables and file names

Co-authored-by: Rishabh <[email protected]>

* adding smtp class for thirdparty, thirdpartyemailpassword and passwordless recipes (#281)

* refactor: email sending service, Email Delivery and SMTP class changes for thirdpartypasswordless (#282)

* email delivery changes for thirdpartypasswordless recipe

* code review changes

* refactor: emaildelivery config and export (#284)

* email delivery config and export refactored

* code review changes

* moving emailDelivery config in passwordless to be at root level (#287)

* sms delivery skeleton added (#288)

* sms delivery skeleton added

* code review changes

* TypeInputWithService changes for emailDelivery ingredient

* feat: Twilio service (email and sms sending service) (#289)

* twilio smsdelivery service added

* email template update and default sms sending function changes

* code review changes

* changelog updated

* code review changes (changelog update)

* changelog updated

* refactor: code review changes and ts playground updated (#302)

* refactor: code review changes and ts playground updated

* review changes: added TP, TPEP, EP emailDeliery example

* code review changes

* feat: supertokens sms delivery service (#301)

* feat: supertokens sms delivery service

* making apiKey compulsory for supertokens sms service

* code review changes

* fixes typo

* test: email delivery ingredient tests added (#303)

* test: added tests for sms delivery ingredient (#304)

* test: added tests for sms delivery ingredient

* fix in test

* refactor: code review changes (#305)

* refactor: BackwardCompatibilityService changes for TPEP (#312)

* fix: additional logging for email and sms service (#317)

* refactor: adding logs when email sending fails

* fix: fixing log for general error

* refactor: using debug log instead of console.log

* refactor: adding logs when sms sending fails

* fix: adding success logs

* fix: adding logs when intentionally not sending email or sms

* fix: adding missed throws

* fix: PR comments

* fix: PR comments

* fix: Humanise time (#318)

* refactor: adding logs when email sending fails

* fix: fixing log for general error

* refactor: using debug log instead of console.log

* refactor: adding logs when sms sending fails

* fix: adding success logs

* fix: adding logs when intentionally not sending email or sms

* fix: adding missed throws

* feat: adding humaniseMilliseconds function

* fix: using humaniseMilliseconds for codeLifetime

* fix: fixing log messages

* fix: PR comments

* fix: PR comments

* refactor: code review changes (#319)

* refactor: code review changes for PR 274

* refactor: code review changes

* code review changes

* code review changes

* refactor: code review changes (#321)

* refactor: code review changes

* code review changes

* removes unneeded comment

* feat!: General error from apis (#323)

* sends general error on email verification email sending failure

* changes to emailpassword recipe

* changes to jwt and open id recipe

* passwordless recipe change

* changes all other recipes as well

* removes sending general error from our APIs due to email failure and thirdparty profile info failure

* adds frontend integration test for general API

* changes supertokens sms service to take API key directly

* bumps version

* fixes a few tests

* fixes a few tests

* fixes more tests

Co-authored-by: Bhumil Sarvaiya <[email protected]>
Co-authored-by: Rishabh <[email protected]>
Co-authored-by: Sattvik Chakravarthy <[email protected]>

Author: 4 people

CHANGELOG.md

@@ -7,6 +7,19 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [10.0.0] - 2022-06-2
+
+### Breaking change
+
+-   https://github.com/supertokens/supertokens-node/issues/220
+    -   Adds `{status: "GENERAL_ERROR", message: string}` as a possible output to all the APIs.
+    -   Changes `FIELD_ERROR` output status in third party recipe API to be `GENERAL_ERROR`.
+    -   Replaced `FIELD_ERROR` status type in third party signinup API with `GENERAL_ERROR`.
+    -   Removed `FIELD_ERROR` status type from third party signinup recipe function.
+-   If sms or email sending failed in passwordless recipe APIs, we now throw a regular JS error from the API as opposed to returning a `GENERAL_ERROR` to the client.
+-   If there is an error whilst getting the profile info about a user from a third party provider (in /signinup POST API), then we throw a regular JS error instead of returning a `GENERAL_ERROR` to the client.
+-   Changes SuperTokensSMS service to take an API key directly as opposed to take an object that takes an API key
+
 ### Changes
 
 -   Fixes Cookie sameSite config validation.

lib/build/ingredients/smsdelivery/services/supertokens.d.ts

@@ -1,5 +1,2 @@
 // @ts-nocheck
-export declare type SupertokensServiceConfig = {
-    apiKey: string;
-};
 export declare const SUPERTOKENS_SMS_SERVICE_URL = "https://api.supertokens.com/0/services/sms";

lib/build/recipe/emailpassword/api/signup.js

@@ -65,6 +65,8 @@ function signUpAPI(apiImplementation, options) {
                 status: "OK",
                 user: result.user,
             });
+        } else if (result.status === "GENERAL_ERROR") {
+            utils_1.send200Response(options.res, result);
         } else {
             throw new error_1.default({
                 type: error_1.default.FIELD_ERROR,

lib/build/recipe/emailpassword/types.d.ts

@@ -13,6 +13,7 @@ import {
 } from "../../ingredients/emaildelivery/types";
 import { TypeEmailVerificationEmailDeliveryInput } from "../emailverification/types";
 import EmailDeliveryIngredient from "../../ingredients/emaildelivery";
+import { GeneralErrorResponse } from "../../types";
 export declare type TypeNormalisedInput = {
     signUpFeature: TypeNormalisedInputSignUp;
     signInFeature: TypeNormalisedInputSignIn;
@@ -194,10 +195,13 @@ export declare type APIInterface = {
               email: string;
               options: APIOptions;
               userContext: any;
-          }) => Promise<{
-              status: "OK";
-              exists: boolean;
-          }>);
+          }) => Promise<
+              | {
+                    status: "OK";
+                    exists: boolean;
+                }
+              | GeneralErrorResponse
+          >);
     generatePasswordResetTokenPOST:
         | undefined
         | ((input: {
@@ -207,9 +211,12 @@ export declare type APIInterface = {
               }[];
               options: APIOptions;
               userContext: any;
-          }) => Promise<{
-              status: "OK";
-          }>);
+          }) => Promise<
+              | {
+                    status: "OK";
+                }
+              | GeneralErrorResponse
+          >);
     passwordResetPOST:
         | undefined
         | ((input: {
@@ -228,6 +235,7 @@ export declare type APIInterface = {
               | {
                     status: "RESET_PASSWORD_INVALID_TOKEN_ERROR";
                 }
+              | GeneralErrorResponse
           >);
     signInPOST:
         | undefined
@@ -247,6 +255,7 @@ export declare type APIInterface = {
               | {
                     status: "WRONG_CREDENTIALS_ERROR";
                 }
+              | GeneralErrorResponse
           >);
     signUpPOST:
         | undefined
@@ -266,6 +275,7 @@ export declare type APIInterface = {
               | {
                     status: "EMAIL_ALREADY_EXISTS_ERROR";
                 }
+              | GeneralErrorResponse
           >);
 };
 export declare type TypeEmailPasswordPasswordResetEmailDeliveryInput = {

lib/build/recipe/emailverification/types.d.ts

@@ -6,6 +6,7 @@ import {
     TypeInputWithService as EmailDeliveryTypeInputWithService,
 } from "../../ingredients/emaildelivery/types";
 import EmailDeliveryIngredient from "../../ingredients/emaildelivery";
+import { GeneralErrorResponse } from "../../types";
 export declare type TypeInput = {
     emailDelivery?: EmailDeliveryTypeInput<TypeEmailVerificationEmailDeliveryInput>;
     getEmailForUserId: (userId: string, userContext: any) => Promise<string>;
@@ -106,24 +107,31 @@ export declare type APIInterface = {
               | {
                     status: "EMAIL_VERIFICATION_INVALID_TOKEN_ERROR";
                 }
+              | GeneralErrorResponse
           >);
     isEmailVerifiedGET:
         | undefined
         | ((input: {
               options: APIOptions;
               userContext: any;
-          }) => Promise<{
-              status: "OK";
-              isVerified: boolean;
-          }>);
+          }) => Promise<
+              | {
+                    status: "OK";
+                    isVerified: boolean;
+                }
+              | GeneralErrorResponse
+          >);
     generateEmailVerifyTokenPOST:
         | undefined
         | ((input: {
               options: APIOptions;
               userContext: any;
-          }) => Promise<{
-              status: "EMAIL_ALREADY_VERIFIED_ERROR" | "OK";
-          }>);
+          }) => Promise<
+              | {
+                    status: "EMAIL_ALREADY_VERIFIED_ERROR" | "OK";
+                }
+              | GeneralErrorResponse
+          >);
 };
 export declare type TypeEmailVerificationEmailDeliveryInput = {
     type: "EMAIL_VERIFICATION";

lib/build/recipe/jwt/api/getJWKS.js

@@ -51,9 +51,13 @@ function getJWKS(apiImplementation, options) {
         if (apiImplementation.getJWKSGET === undefined) {
             return false;
         }
-        options.res.setHeader("Access-Control-Allow-Origin", "*", false);
         let result = yield apiImplementation.getJWKSGET({ options, userContext: {} });
-        utils_1.send200Response(options.res, { keys: result.keys });
+        if (result.status === "OK") {
+            options.res.setHeader("Access-Control-Allow-Origin", "*", false);
+            utils_1.send200Response(options.res, { keys: result.keys });
+        } else {
+            utils_1.send200Response(options.res, result);
+        }
         return true;
     });
 }

lib/build/recipe/jwt/types.d.ts

@@ -1,6 +1,7 @@
 // @ts-nocheck
 import { BaseRequest, BaseResponse } from "../../framework";
 import OverrideableBuilder from "supertokens-js-override";
+import { GeneralErrorResponse } from "../../types";
 export declare type JsonWebKey = {
     kty: string;
     kid: string;
@@ -64,8 +65,11 @@ export declare type APIInterface = {
         | ((input: {
               options: APIOptions;
               userContext: any;
-          }) => Promise<{
-              status: "OK";
-              keys: JsonWebKey[];
-          }>);
+          }) => Promise<
+              | {
+                    status: "OK";
+                    keys: JsonWebKey[];
+                }
+              | GeneralErrorResponse
+          >);
 };

lib/build/recipe/openid/api/getOpenIdDiscoveryConfiguration.js

@@ -51,12 +51,16 @@ function getOpenIdDiscoveryConfiguration(apiImplementation, options) {
         if (apiImplementation.getOpenIdDiscoveryConfigurationGET === undefined) {
             return false;
         }
-        options.res.setHeader("Access-Control-Allow-Origin", "*", false);
         let result = yield apiImplementation.getOpenIdDiscoveryConfigurationGET({ options, userContext: {} });
-        utils_1.send200Response(options.res, {
-            issuer: result.issuer,
-            jwks_uri: result.jwks_uri,
-        });
+        if (result.status === "OK") {
+            options.res.setHeader("Access-Control-Allow-Origin", "*", false);
+            utils_1.send200Response(options.res, {
+                issuer: result.issuer,
+                jwks_uri: result.jwks_uri,
+            });
+        } else {
+            utils_1.send200Response(options.res, result);
+        }
         return true;
     });
 }

lib/build/recipe/openid/types.d.ts

@@ -4,6 +4,7 @@ import { BaseRequest, BaseResponse } from "../../framework";
 import NormalisedURLDomain from "../../normalisedURLDomain";
 import NormalisedURLPath from "../../normalisedURLPath";
 import { RecipeInterface as JWTRecipeInterface, APIInterface as JWTAPIInterface, JsonWebKey } from "../jwt/types";
+import { GeneralErrorResponse } from "../../types";
 export declare type TypeInput = {
     issuer?: string;
     jwtValiditySeconds?: number;
@@ -60,11 +61,14 @@ export declare type APIInterface = {
         | ((input: {
               options: APIOptions;
               userContext: any;
-          }) => Promise<{
-              status: "OK";
-              issuer: string;
-              jwks_uri: string;
-          }>);
+          }) => Promise<
+              | {
+                    status: "OK";
+                    issuer: string;
+                    jwks_uri: string;
+                }
+              | GeneralErrorResponse
+          >);
 };
 export declare type RecipeInterface = {
     getOpenIdDiscoveryConfiguration(input: {

lib/build/recipe/passwordless/api/implementation.js

@@ -117,41 +117,34 @@ function getAPIImplementation() {
                 if (flowType === "USER_INPUT_CODE" || flowType === "USER_INPUT_CODE_AND_MAGIC_LINK") {
                     userInputCode = response.userInputCode;
                 }
-                try {
-                    // we don't do something special for serverless env here
-                    // cause we want to wait for service's reply since it can show
-                    // a UI error message for if sending an SMS / email failed or not.
-                    if (
-                        input.options.config.contactMethod === "PHONE" ||
-                        (input.options.config.contactMethod === "EMAIL_OR_PHONE" && "phoneNumber" in input)
-                    ) {
-                        logger_1.logDebugMessage(`Sending passwordless login SMS to ${input.phoneNumber}`);
-                        yield input.options.smsDelivery.ingredientInterfaceImpl.sendSms({
-                            type: "PASSWORDLESS_LOGIN",
-                            codeLifetime: response.codeLifetime,
-                            phoneNumber: input.phoneNumber,
-                            preAuthSessionId: response.preAuthSessionId,
-                            urlWithLinkCode: magicLink,
-                            userInputCode,
-                            userContext: input.userContext,
-                        });
-                    } else {
-                        logger_1.logDebugMessage(`Sending passwordless login email to ${input.email}`);
-                        yield input.options.emailDelivery.ingredientInterfaceImpl.sendEmail({
-                            type: "PASSWORDLESS_LOGIN",
-                            email: input.email,
-                            codeLifetime: response.codeLifetime,
-                            preAuthSessionId: response.preAuthSessionId,
-                            urlWithLinkCode: magicLink,
-                            userInputCode,
-                            userContext: input.userContext,
-                        });
-                    }
-                } catch (err) {
-                    return {
-                        status: "GENERAL_ERROR",
-                        message: err.message,
-                    };
+                // we don't do something special for serverless env here
+                // cause we want to wait for service's reply since it can show
+                // a UI error message for if sending an SMS / email failed or not.
+                if (
+                    input.options.config.contactMethod === "PHONE" ||
+                    (input.options.config.contactMethod === "EMAIL_OR_PHONE" && "phoneNumber" in input)
+                ) {
+                    logger_1.logDebugMessage(`Sending passwordless login SMS to ${input.phoneNumber}`);
+                    yield input.options.smsDelivery.ingredientInterfaceImpl.sendSms({
+                        type: "PASSWORDLESS_LOGIN",
+                        codeLifetime: response.codeLifetime,
+                        phoneNumber: input.phoneNumber,
+                        preAuthSessionId: response.preAuthSessionId,
+                        urlWithLinkCode: magicLink,
+                        userInputCode,
+                        userContext: input.userContext,
+                    });
+                } else {
+                    logger_1.logDebugMessage(`Sending passwordless login email to ${input.email}`);
+                    yield input.options.emailDelivery.ingredientInterfaceImpl.sendEmail({
+                        type: "PASSWORDLESS_LOGIN",
+                        email: input.email,
+                        codeLifetime: response.codeLifetime,
+                        preAuthSessionId: response.preAuthSessionId,
+                        urlWithLinkCode: magicLink,
+                        userInputCode,
+                        userContext: input.userContext,
+                    });
                 }
                 return {
                     status: "OK",
@@ -251,42 +244,35 @@ function getAPIImplementation() {
                         if (flowType === "USER_INPUT_CODE" || flowType === "USER_INPUT_CODE_AND_MAGIC_LINK") {
                             userInputCode = response.userInputCode;
                         }
-                        try {
-                            // we don't do something special for serverless env here
-                            // cause we want to wait for service's reply since it can show
-                            // a UI error message for if sending an SMS / email failed or not.
-                            if (
-                                input.options.config.contactMethod === "PHONE" ||
-                                (input.options.config.contactMethod === "EMAIL_OR_PHONE" &&
-                                    deviceInfo.phoneNumber !== undefined)
-                            ) {
-                                logger_1.logDebugMessage(`Sending passwordless login SMS to ${input.phoneNumber}`);
-                                yield input.options.smsDelivery.ingredientInterfaceImpl.sendSms({
-                                    type: "PASSWORDLESS_LOGIN",
-                                    codeLifetime: response.codeLifetime,
-                                    phoneNumber: deviceInfo.phoneNumber,
-                                    preAuthSessionId: response.preAuthSessionId,
-                                    urlWithLinkCode: magicLink,
-                                    userInputCode,
-                                    userContext: input.userContext,
-                                });
-                            } else {
-                                logger_1.logDebugMessage(`Sending passwordless login email to ${input.email}`);
-                                yield input.options.emailDelivery.ingredientInterfaceImpl.sendEmail({
-                                    type: "PASSWORDLESS_LOGIN",
-                                    email: input.email,
-                                    codeLifetime: response.codeLifetime,
-                                    preAuthSessionId: response.preAuthSessionId,
-                                    urlWithLinkCode: magicLink,
-                                    userInputCode,
-                                    userContext: input.userContext,
-                                });
-                            }
-                        } catch (err) {
-                            return {
-                                status: "GENERAL_ERROR",
-                                message: err.message,
-                            };
+                        // we don't do something special for serverless env here
+                        // cause we want to wait for service's reply since it can show
+                        // a UI error message for if sending an SMS / email failed or not.
+                        if (
+                            input.options.config.contactMethod === "PHONE" ||
+                            (input.options.config.contactMethod === "EMAIL_OR_PHONE" &&
+                                deviceInfo.phoneNumber !== undefined)
+                        ) {
+                            logger_1.logDebugMessage(`Sending passwordless login SMS to ${input.phoneNumber}`);
+                            yield input.options.smsDelivery.ingredientInterfaceImpl.sendSms({
+                                type: "PASSWORDLESS_LOGIN",
+                                codeLifetime: response.codeLifetime,
+                                phoneNumber: deviceInfo.phoneNumber,
+                                preAuthSessionId: response.preAuthSessionId,
+                                urlWithLinkCode: magicLink,
+                                userInputCode,
+                                userContext: input.userContext,
+                            });
+                        } else {
+                            logger_1.logDebugMessage(`Sending passwordless login email to ${input.email}`);
+                            yield input.options.emailDelivery.ingredientInterfaceImpl.sendEmail({
+                                type: "PASSWORDLESS_LOGIN",
+                                email: input.email,
+                                codeLifetime: response.codeLifetime,
+                                preAuthSessionId: response.preAuthSessionId,
+                                urlWithLinkCode: magicLink,
+                                userInputCode,
+                                userContext: input.userContext,
+                            });
                         }
                     }
                     return {