Skip to content

Moving logic from templates to libs #2989

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 99 commits into
base: main
Choose a base branch
from
Open

Moving logic from templates to libs #2989

Show file tree
Hide file tree
Changes from 14 commits
Commits
Show all changes
99 commits
Select commit Hold shift + click to select a range
b4e1769
WIP initial implementation
infomiho Jul 22, 2025
8b708bb
Apply the SDK location hack to the libs
infomiho Jul 22, 2025
49d979c
Include libs in the built CLI
infomiho Jul 22, 2025
a352e57
Merge branch 'main' into templates-to-libs
infomiho Jul 28, 2025
97a6838
Add build config. Copy libs in the Dockerfile.
infomiho Jul 28, 2025
121901f
Update todoApp package-lock.json
infomiho Jul 28, 2025
4e248ae
Merge branch 'main' into templates-to-libs
infomiho Jul 29, 2025
ac9d038
Fixes libs deps install in Dockerfile
infomiho Jul 29, 2025
3840e58
Move to using npm pack
infomiho Jul 30, 2025
db8aaeb
Formatting
infomiho Jul 30, 2025
ac55723
Client entry point experiment
infomiho Jul 30, 2025
6dfc790
Fix copy command
infomiho Jul 30, 2025
7a84ae8
Formatting
infomiho Jul 30, 2025
e8c955a
Refactor code
infomiho Jul 31, 2025
f0cfe95
Cleanup
infomiho Jul 31, 2025
2f77c1c
Merge branch 'main' into templates-to-libs
infomiho Aug 11, 2025
36b720c
Install script update
infomiho Aug 11, 2025
083fecb
Append hash to tarball path
infomiho Aug 11, 2025
9a70244
Exclude auth lib from Vite optimizations
infomiho Aug 11, 2025
b450ef2
Test auth client code, test using peerDependencies.
infomiho Aug 11, 2025
00e6fbf
Migrate to tsdown
infomiho Aug 11, 2025
90eab52
Refactor unit tests
infomiho Aug 11, 2025
6b6b2f7
Move typeVersions comment
infomiho Aug 11, 2025
3c818cd
d.ts sourcemap. cleanup.
infomiho Aug 11, 2025
7e76f65
PR comments
infomiho Aug 11, 2025
43aaac5
Refactor
infomiho Aug 11, 2025
1073098
Update shell scripts
infomiho Aug 12, 2025
828b096
Use newtype
infomiho Aug 12, 2025
aa05550
Fix unit tests
infomiho Aug 12, 2025
c4099d5
Update exports to be explict about sdk and server exports
infomiho Aug 12, 2025
82f258c
Refactor WaspLib to have the checksum from creation
infomiho Aug 12, 2025
c3454d7
Copy libs to both out and build dir
infomiho Aug 12, 2025
22958f5
Update the README
infomiho Aug 13, 2025
9f3a53a
Update README and WaspLib to clarify library versioning and improve S…
infomiho Aug 13, 2025
a06e101
Remove redundant copying of libs to the build directory
infomiho Aug 13, 2025
1e1d36c
Merge branch 'main' into templates-to-libs
infomiho Aug 14, 2025
190e789
PR comments
infomiho Aug 14, 2025
fb548b0
Fix Dockerfile consistency
infomiho Aug 14, 2025
48dfe49
Comment dots, scripts cleanup.
infomiho Aug 14, 2025
58fe09a
Formatting
infomiho Aug 14, 2025
bd54fb4
Merge branch 'main' into templates-to-libs
infomiho Aug 14, 2025
ef0182b
Improve Tarball module
infomiho Aug 14, 2025
8851649
WaspLibs comment
infomiho Aug 14, 2025
9fc9e17
Add WaspLib comment
infomiho Aug 14, 2025
8a4ce86
Define SDK package name
infomiho Aug 14, 2025
a88c972
Unit tests helper
infomiho Aug 14, 2025
5bd2680
PR comments
infomiho Aug 14, 2025
4f0a8e7
Naming
infomiho Aug 14, 2025
211a04b
Update unit tests
infomiho Aug 14, 2025
03066ee
Move getting WaspLibs out of AppSpec
infomiho Aug 14, 2025
ae1255b
Ignore `tgz` files in e2e tests (#3078)
infomiho Sep 9, 2025
b9ace98
Merge branch 'main' into templates-to-libs
infomiho Sep 9, 2025
f50e54b
Fix unit tests
infomiho Sep 9, 2025
2478372
Merge branch 'main' into templates-to-libs
infomiho Sep 10, 2025
cd5347c
Remove typesVersions since it's redundant now
infomiho Sep 10, 2025
438314a
Rename from @wasp.sh/{libs-auth => lib-auth}
infomiho Sep 10, 2025
10803d4
Improve password tests
infomiho Sep 10, 2025
52fe7f2
Add Reader monad to Generator to use WaspLibs more easily
infomiho Sep 11, 2025
f2df493
Replace explicit copying of libs with generating copy file drafts
infomiho Sep 11, 2025
b234395
PR comments
infomiho Sep 11, 2025
669faca
Merge branch 'main' into templates-to-libs
infomiho Sep 24, 2025
4e6ddbb
Merge branch 'main' into templates-to-libs
infomiho Sep 26, 2025
5f3078e
PR comments
infomiho Sep 26, 2025
b0417a3
Named empty waspLibs list
infomiho Sep 27, 2025
a695db1
Update package copying scripts safety
infomiho Sep 27, 2025
cd6940b
Rename npm dep making fn
infomiho Sep 27, 2025
5771e1f
Update libs README
infomiho Sep 27, 2025
4b5a1c7
Simplify makeWaspLib
infomiho Sep 27, 2025
133e837
Return CI note for the packages README
infomiho Sep 27, 2025
bcab437
Update tsconfig to be more general
infomiho Sep 30, 2025
f1a21e0
Use ESM only profile for arethetypeswrong
infomiho Sep 30, 2025
563c00c
Fix formatting
infomiho Oct 2, 2025
7c08e2d
Merge branch 'main' into templates-to-libs
infomiho Oct 3, 2025
e2d5eda
Update unit tests
infomiho Oct 3, 2025
12b925a
Include `files` note in the README
infomiho Oct 3, 2025
0fae11c
Drop `types` to allow `@types/` packages to be used
infomiho Oct 3, 2025
ac02cca
Update package.json to replace 'import' with 'default' in exports
infomiho Oct 3, 2025
6ecacc3
Use `attw` as dev dep instead of through npx
infomiho Oct 3, 2025
075cc77
Add build:libs command to `run` script
infomiho Oct 3, 2025
1587964
Add note about adding new libs to AvailableLibs module
infomiho Oct 3, 2025
279d1b4
Cleanup Auth.tsx
infomiho Oct 3, 2025
38fdbe0
Update cookies import and formatting
infomiho Oct 3, 2025
0bec41e
Update comment in makeWaspLib to clarify why we append the checksum
infomiho Oct 3, 2025
68a4035
Update README paths
infomiho Oct 3, 2025
500f574
Remove libs/ dir from Git
infomiho Oct 3, 2025
2dc8399
Rename sanitizePackageNameAsNpmPackTarball to packageNameToTarballPrefix
infomiho Oct 3, 2025
97f1a49
Fix typos and improve clarity in WaspLib documentation
infomiho Oct 3, 2025
d07b368
Improve packages install script
infomiho Oct 3, 2025
e4eb6dc
Update libs versioning info in the README
infomiho Oct 6, 2025
e27c122
Make cleanup safer in package copying scripts
infomiho Oct 6, 2025
4a92a58
Update waspc README to mention the libs
infomiho Oct 6, 2025
f976fd3
Merge branch 'main' into templates-to-libs
infomiho Oct 9, 2025
2b20ffe
Merge branch 'main' into templates-to-libs
infomiho Nov 4, 2025
8221ba4
Merge branch 'main' into templates-to-libs
infomiho Nov 4, 2025
5624759
Encode assumption about where the libs are located
infomiho Nov 4, 2025
07b4e7b
Merge branch 'main' into templates-to-libs
infomiho Nov 6, 2025
9b49e2b
Merge branch 'main' into templates-to-libs
infomiho Nov 8, 2025
b2668fe
Updates CI
infomiho Nov 8, 2025
aef32fd
Merge branch 'main' into templates-to-libs
infomiho Nov 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/workflows/waspc-ci.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,10 @@ jobs:
if: matrix.os == 'ubuntu-22.04' || matrix.os == 'macos-13'
run: ./tools/install_packages_to_data_dir.sh

- name: Compile Wasp libs and move it into the Cabal data dir
if: matrix.os == 'ubuntu-22.04' || matrix.os == 'macos-13'
run: ./tools/install_libs_to_data_dir.sh

- name: Build external dependencies
run: cabal build --enable-tests --enable-benchmarks --only-dependencies

Expand Down
6 changes: 6 additions & 0 deletions waspc/cli/src/Wasp/Cli/Command/Build.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ import Wasp.CompileOptions (CompileOptions (..))
import Wasp.Generator.Common (ProjectRootDir)
import Wasp.Generator.Monad (GeneratorWarning (GeneratorNeedsMigrationWarning))
import Wasp.Generator.SdkGenerator.Common (sdkRootDirInGeneratedCodeDir, sdkRootDirInProjectRootDir)
import Wasp.Generator.WaspLibs.Common (libsRootDirInGeneratedCodeDir)
import qualified Wasp.Message as Msg
import Wasp.Project.Common
( CompileError,
Expand Down Expand Up @@ -108,6 +109,11 @@ build = do
(waspProjectDir </> dotWaspDirInWaspProjectDir </> generatedCodeDirInDotWaspDir </> sdkRootDirInGeneratedCodeDir)
(buildDir </> sdkRootDirInGeneratedCodeDir)

liftIO $
copyDirectory
(waspProjectDir </> dotWaspDirInWaspProjectDir </> generatedCodeDirInDotWaspDir </> libsRootDirInGeneratedCodeDir)
(buildDir </> libsRootDirInGeneratedCodeDir)

let packageJsonInBuildDir = buildDir </> castRel packageJsonInWaspProjectDir
let packageLockJsonInBuildDir = buildDir </> castRel packageLockJsonInWaspProjectDir
let tsconfigJsonInBuildDir = buildDir </> castRel srcTsConfigPath
Expand Down
1 change: 1 addition & 0 deletions waspc/data/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
packages
Generator/libs/*.tgz
Copy link
Contributor

@sodic sodic Sep 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mentioned this in a different thread, but why don't we ignore the entire libs directory and have the exact same setup as we do with packages?

Empty file added waspc/data/Generator/libs/.gitkeep
View file
Open in desktop
Copy link
Contributor

@sodic sodic Sep 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How come we're using a different system than the one we use for packages?

Specifically, why are we adding this folder to version control instead of creating during install_libs_to_data_dir as we do for install_packages_to_data_dir?

Empty file.
1 change: 1 addition & 0 deletions waspc/data/Generator/templates/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ COPY package-lock.json .
COPY tsconfig*.json .
COPY server .wasp/build/server
COPY sdk .wasp/out/sdk
COPY libs .wasp/out/libs
# Install npm packages, resulting in node_modules/.
RUN npm install && cd .wasp/build/server && npm install
{=# usingPrisma =}
Expand Down
23 changes: 8 additions & 15 deletions waspc/data/Generator/templates/sdk/wasp/auth/jwt.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,22 +1,15 @@
import * as jwt from 'oslo/jwt'
import { config } from 'wasp/server'
import { createCreateJWT, createValidateJWT } from "@wasp.sh/libs-auth";

const JWT_SECRET = new TextEncoder().encode(config.auth.jwtSecret)
const JWT_ALGORITHM = 'HS256'
import { config } from "wasp/server";

const JWT_SECRET = new TextEncoder().encode(config.auth.jwtSecret);
const JWT_ALGORITHM = "HS256";

// PRIVATE API
export function createJWT(
data: Parameters<typeof jwt.createJWT>[2],
options: Parameters<typeof jwt.createJWT>[3],
): Promise<string> {
return jwt.createJWT(JWT_ALGORITHM, JWT_SECRET, data, options)
}
export const createJWT = createCreateJWT(JWT_SECRET, JWT_ALGORITHM);

// PRIVATE API
export async function validateJWT<Payload>(token: string): Promise<Payload> {
const { payload } = await jwt.validateJWT(JWT_ALGORITHM, JWT_SECRET, token)
return payload as Payload
}
export const validateJWT = createValidateJWT(JWT_SECRET, JWT_ALGORITHM);

// PRIVATE API
export { TimeSpan } from 'oslo'
export { TimeSpan } from "@wasp.sh/libs-auth";
37 changes: 1 addition & 36 deletions waspc/data/Generator/templates/sdk/wasp/auth/password.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,36 +1 @@
import { hash, verify, Version, type Options } from "@node-rs/argon2";

// The options are the same as the ones used in the oslo/password library
const hashingOptions: Options = {
memoryCost: 19456,
timeCost: 2,
outputLen: 32,
parallelism: 1,
version: Version.V0x13,
};

// PRIVATE API
export async function hashPassword(password: string): Promise<string> {
return hash(normalizePassword(password), hashingOptions);
}

// PRIVATE API
export async function verifyPassword(
hashedPassword: string,
password: string
): Promise<void> {
const validPassword = await verify(
hashedPassword,
normalizePassword(password),
hashingOptions
);
if (!validPassword) {
throw new Error("Invalid password");
}
}

// We are normalising the password to ensure that the password is always hashed in the same way
// We have the same normalising process as oslo/password did in the past
function normalizePassword(password: string): string {
return password.normalize("NFKC");
}
export { hashPassword, verifyPassword } from "@wasp.sh/libs-auth";
10 changes: 5 additions & 5 deletions waspc/data/Generator/templates/server/src/auth/providers/oauth/cookies.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
import { parseCookies } from "@wasp.sh/libs-auth";
Copy link
Contributor Author

@infomiho infomiho Jul 31, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made this refactor by mistake not realizing that I'm touching the server and not the SDK. It works because the @wasp.sh/libs-auth is installed in the root node_modules... but it breaks our philosophy that we introduced with 0.12.0: user imports from the SDK -> framework imports user code.

If the server imports the auth lib directly, I consider that importing the SDK since the auth lib is just an implementation detail of the SDK.

So, how do we tackle this? The server doesn't have oslo listed as one of its deps (meaning this worked just because SDK had oslo as a dep).

Do we add oslo as the dep of the server to be precise?

Can we avoid the server using oslo directly? That would mean that the server uses the SDK?

Do we consider server using the auth lib directly a violation of our 0.12.0 philosophy?

cc: @sodic

Copy link
Member

@cprecioso cprecioso Aug 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think a straightforward solution would be to have libs-auth-server and libs-auth-sdk etc
Or the same library with multiple exports should be fine, no?

Copy link
Contributor Author

@infomiho infomiho Aug 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've encoded this worry in this issue as we'll need to figure out the naming: #3069

Copy link
Contributor Author

@infomiho infomiho Sep 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Latest status: I've implemented the proposal from the linked issue in this PR #3069

Copy link
Contributor

@sodic sodic Sep 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like the idea of not "dragging" the server's import chain through the SDK if it isn't necessary. Since SDK will become heavily templated, we want to decouple it from the rest of our codebase as best we can, which means minimizing SDK exports into the framework code.

the SDK since the auth lib is just an implementation detail of the SDK.

This makes sense too because framework code importing stuff from multiple locations seems messy, and I'm 90% sure it will have to import templated stuff at some point.

I'll have to think about this some more, we can discuss it on a call.

import {
Request as ExpressRequest,
Response as ExpressResponse,
} from 'express';
import { parseCookies } from 'oslo/cookie';
} from "express";

import type { ProviderConfig } from 'wasp/auth/providers/types';
import { config } from 'wasp/server';
import type { ProviderConfig } from "wasp/auth/providers/types";
Copy link
Contributor

@sodic sodic Sep 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Double quotes? Is this a formatting mistake?

Copy link
Contributor Author

@infomiho infomiho Oct 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if we are consistent with formatting in the templates, I'll revert the change to keep the diff cleaner 👍

import { config } from "wasp/server";

import type { OAuthStateFieldName } from './state';
import type { OAuthStateFieldName } from "./state";

export function setOAuthCookieValue(
provider: ProviderConfig,
Expand Down
Loading
Loading