From bdde9dd314c96c6460030aaba43a3452aa3b616d Mon Sep 17 00:00:00 2001 From: Ken Tandrian <60643640+KenTandrian@users.noreply.github.com> Date: Sun, 9 Mar 2025 03:33:47 +0700 Subject: [PATCH 1/4] Task/upgrade to simplewebauthn version 13.1 (#4407) * Upgrade to simplewebauthn version 13.1 * Update changelog --- CHANGELOG.md | 4 ++ apps/api/src/app/auth/web-auth.service.ts | 33 ++++++++------ .../src/app/services/web-authn.service.ts | 6 +-- package-lock.json | 43 +++++-------------- package.json | 5 +-- 5 files changed, 39 insertions(+), 52 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5c9bda6973..c7006932fd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## 2.144.0 - 2025-03-06 +### Changed + +- Upgraded `@simplewebauthn/browser` and `@simplewebauthn/server` from version `9.0` to `13.1` + ### Fixed - Fixed the missing import functionality on the non-empty activities page diff --git a/apps/api/src/app/auth/web-auth.service.ts b/apps/api/src/app/auth/web-auth.service.ts index 2f8dd10188..5678ef7fec 100644 --- a/apps/api/src/app/auth/web-auth.service.ts +++ b/apps/api/src/app/auth/web-auth.service.ts @@ -24,6 +24,7 @@ import { verifyRegistrationResponse, VerifyRegistrationResponseOpts } from '@simplewebauthn/server'; +import { isoBase64URL, isoUint8Array } from '@simplewebauthn/server/helpers'; import { AssertionCredentialJSON, @@ -54,10 +55,9 @@ export class WebAuthService { const opts: GenerateRegistrationOptionsOpts = { rpName: 'Ghostfolio', rpID: this.rpID, - userID: user.id, + userID: isoUint8Array.fromUTF8String(user.id), userName: '', timeout: 60000, - attestationType: 'indirect', authenticatorSelection: { authenticatorAttachment: 'platform', requireResidentKey: false, @@ -111,11 +111,17 @@ export class WebAuthService { where: { userId: user.id } }); if (registrationInfo && verified) { - const { counter, credentialID, credentialPublicKey } = registrationInfo; + const { + credential: { + counter, + id: credentialId, + publicKey: credentialPublicKey + } + } = registrationInfo; - let existingDevice = devices.find( - (device) => device.credentialId === credentialID - ); + let existingDevice = devices.find((device) => { + return isoBase64URL.fromBuffer(device.credentialId) === credentialId; + }); if (!existingDevice) { /** @@ -123,7 +129,7 @@ export class WebAuthService { */ existingDevice = await this.deviceService.createAuthDevice({ counter, - credentialId: Buffer.from(credentialID), + credentialId: Buffer.from(credentialId), credentialPublicKey: Buffer.from(credentialPublicKey), User: { connect: { id: user.id } } }); @@ -148,9 +154,8 @@ export class WebAuthService { const opts: GenerateAuthenticationOptionsOpts = { allowCredentials: [ { - id: device.credentialId, - transports: ['internal'], - type: 'public-key' + id: isoBase64URL.fromBuffer(device.credentialId), + transports: ['internal'] } ], rpID: this.rpID, @@ -187,10 +192,10 @@ export class WebAuthService { let verification: VerifiedAuthenticationResponse; try { const opts: VerifyAuthenticationResponseOpts = { - authenticator: { - credentialID: device.credentialId, - credentialPublicKey: device.credentialPublicKey, - counter: device.counter + credential: { + counter: device.counter, + id: isoBase64URL.fromBuffer(device.credentialId), + publicKey: device.credentialPublicKey }, expectedChallenge: `${user.authChallenge}`, expectedOrigin: this.expectedOrigin, diff --git a/apps/client/src/app/services/web-authn.service.ts b/apps/client/src/app/services/web-authn.service.ts index c5e1863626..76352cb7b4 100644 --- a/apps/client/src/app/services/web-authn.service.ts +++ b/apps/client/src/app/services/web-authn.service.ts @@ -45,7 +45,7 @@ export class WebAuthnService { return of(null); }), switchMap((attOps) => { - return startRegistration(attOps); + return startRegistration({ optionsJSON: attOps }); }), switchMap((credential) => { return this.http.post( @@ -89,8 +89,8 @@ export class WebAuthnService { { deviceId } ) .pipe( - switchMap((requestOptionsJSON) => { - return startAuthentication(requestOptionsJSON); + switchMap((optionsJSON) => { + return startAuthentication({ optionsJSON }); }), switchMap((credential) => { return this.http.post<{ authToken: string }>( diff --git a/package-lock.json b/package-lock.json index cfda8ce420..b03084f508 100644 --- a/package-lock.json +++ b/package-lock.json @@ -41,8 +41,8 @@ "@nestjs/schedule": "4.1.2", "@nestjs/serve-static": "4.0.2", "@prisma/client": "6.4.1", - "@simplewebauthn/browser": "9.0.1", - "@simplewebauthn/server": "9.0.3", + "@simplewebauthn/browser": "13.1.0", + "@simplewebauthn/server": "13.1.1", "@stripe/stripe-js": "5.4.0", "alphavantage": "2.2.0", "big.js": "6.2.2", @@ -120,7 +120,6 @@ "@nx/web": "20.3.2", "@nx/workspace": "20.3.2", "@schematics/angular": "19.0.6", - "@simplewebauthn/types": "9.0.1", "@storybook/addon-essentials": "8.4.7", "@storybook/addon-interactions": "8.4.7", "@storybook/angular": "8.4.7", @@ -9225,18 +9224,15 @@ } }, "node_modules/@simplewebauthn/browser": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/@simplewebauthn/browser/-/browser-9.0.1.tgz", - "integrity": "sha512-wD2WpbkaEP4170s13/HUxPcAV5y4ZXaKo1TfNklS5zDefPinIgXOpgz1kpEvobAsaLPa2KeH7AKKX/od1mrBJw==", - "license": "MIT", - "dependencies": { - "@simplewebauthn/types": "^9.0.1" - } + "version": "13.1.0", + "resolved": "https://registry.npmjs.org/@simplewebauthn/browser/-/browser-13.1.0.tgz", + "integrity": "sha512-WuHZ/PYvyPJ9nxSzgHtOEjogBhwJfC8xzYkPC+rR/+8chl/ft4ngjiK8kSU5HtRJfczupyOh33b25TjYbvwAcg==", + "license": "MIT" }, "node_modules/@simplewebauthn/server": { - "version": "9.0.3", - "resolved": "https://registry.npmjs.org/@simplewebauthn/server/-/server-9.0.3.tgz", - "integrity": "sha512-FMZieoBosrVLFxCnxPFD9Enhd1U7D8nidVDT4MsHc6l4fdVcjoeHjDueeXCloO1k5O/fZg1fsSXXPKbY2XTzDA==", + "version": "13.1.1", + "resolved": "https://registry.npmjs.org/@simplewebauthn/server/-/server-13.1.1.tgz", + "integrity": "sha512-1hsLpRHfSuMB9ee2aAdh0Htza/X3f4djhYISrggqGe3xopNjOcePiSDkDDoPzDYaaMCrbqGP1H2TYU7bgL9PmA==", "license": "MIT", "dependencies": { "@hexagon/base64": "^1.1.27", @@ -9245,29 +9241,12 @@ "@peculiar/asn1-ecc": "^2.3.8", "@peculiar/asn1-rsa": "^2.3.8", "@peculiar/asn1-schema": "^2.3.8", - "@peculiar/asn1-x509": "^2.3.8", - "@simplewebauthn/types": "^9.0.1", - "cross-fetch": "^4.0.0" + "@peculiar/asn1-x509": "^2.3.8" }, "engines": { - "node": ">=16.0.0" - } - }, - "node_modules/@simplewebauthn/server/node_modules/cross-fetch": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-4.1.0.tgz", - "integrity": "sha512-uKm5PU+MHTootlWEY+mZ4vvXoCn4fLQxT9dSc1sXVMSFkINTJVN8cAQROpwcKm8bJ/c7rgZVIBWzH5T78sNZZw==", - "license": "MIT", - "dependencies": { - "node-fetch": "^2.7.0" + "node": ">=20.0.0" } }, - "node_modules/@simplewebauthn/types": { - "version": "9.0.1", - "resolved": "https://registry.npmjs.org/@simplewebauthn/types/-/types-9.0.1.tgz", - "integrity": "sha512-tGSRP1QvsAvsJmnOlRQyw/mvK9gnPtjEc5fg2+m8n+QUa+D7rvrKkOYyfpy42GTs90X3RDOnqJgfHt+qO67/+w==", - "license": "MIT" - }, "node_modules/@sinclair/typebox": { "version": "0.27.8", "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.27.8.tgz", diff --git a/package.json b/package.json index 4ca6284700..ce4ce4f2af 100644 --- a/package.json +++ b/package.json @@ -87,8 +87,8 @@ "@nestjs/schedule": "4.1.2", "@nestjs/serve-static": "4.0.2", "@prisma/client": "6.4.1", - "@simplewebauthn/browser": "9.0.1", - "@simplewebauthn/server": "9.0.3", + "@simplewebauthn/browser": "13.1.0", + "@simplewebauthn/server": "13.1.1", "@stripe/stripe-js": "5.4.0", "alphavantage": "2.2.0", "big.js": "6.2.2", @@ -166,7 +166,6 @@ "@nx/web": "20.3.2", "@nx/workspace": "20.3.2", "@schematics/angular": "19.0.6", - "@simplewebauthn/types": "9.0.1", "@storybook/addon-essentials": "8.4.7", "@storybook/addon-interactions": "8.4.7", "@storybook/angular": "8.4.7", From d346f6b9fabd7cf1e2cbbf106f6517067520ef49 Mon Sep 17 00:00:00 2001 From: Thomas Kaul <4159106+dtslvr@users.noreply.github.com> Date: Sat, 8 Mar 2025 21:36:13 +0100 Subject: [PATCH 2/4] Bugfix/fix changelog (#4412) * Update changelog --- CHANGELOG.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c7006932fd..6b5c01483b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,13 +15,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Improved the style of the summary on the _X-ray_ page - Improved the language localization for German (`de`) +- Upgraded `@simplewebauthn/browser` and `@simplewebauthn/server` from version `9.0` to `13.1` ## 2.144.0 - 2025-03-06 -### Changed - -- Upgraded `@simplewebauthn/browser` and `@simplewebauthn/server` from version `9.0` to `13.1` - ### Fixed - Fixed the missing import functionality on the non-empty activities page From 25d0c1c8a04df9275a7e341a2a00b58b287271c5 Mon Sep 17 00:00:00 2001 From: Thomas Kaul <4159106+dtslvr@users.noreply.github.com> Date: Sun, 9 Mar 2025 10:22:32 +0100 Subject: [PATCH 3/4] Bugfix/fix symbols in API page (#4408) * Fix symbols --- apps/client/src/app/pages/api/api-page.component.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/client/src/app/pages/api/api-page.component.ts b/apps/client/src/app/pages/api/api-page.component.ts index 039bf8691d..3506500602 100644 --- a/apps/client/src/app/pages/api/api-page.component.ts +++ b/apps/client/src/app/pages/api/api-page.component.ts @@ -40,8 +40,8 @@ export class GfApiPageComponent implements OnInit { this.apiKey = prompt($localize`Please enter your Ghostfolio API key:`); this.dividends$ = this.fetchDividends({ symbol: 'KO' }); - this.historicalData$ = this.fetchHistoricalData({ symbol: 'AAPL.US' }); - this.quotes$ = this.fetchQuotes({ symbols: ['AAPL.US', 'VOO.US'] }); + this.historicalData$ = this.fetchHistoricalData({ symbol: 'AAPL' }); + this.quotes$ = this.fetchQuotes({ symbols: ['AAPL', 'VOO.US'] }); this.status$ = this.fetchStatus(); this.symbols$ = this.fetchSymbols({ query: 'apple' }); } From cb1f488eb46728d3462726e7f43ca0c18ac3c7f8 Mon Sep 17 00:00:00 2001 From: csehatt741 <77381875+csehatt741@users.noreply.github.com> Date: Sun, 9 Mar 2025 10:56:39 +0100 Subject: [PATCH 4/4] Feature/extend export by account balances (#4390) * Extend export by account balances * Update changelog --- CHANGELOG.md | 1 + apps/api/src/app/account/account.service.ts | 20 ++++++++++++++++--- apps/api/src/app/export/export.service.ts | 5 +++++ .../src/lib/interfaces/export.interface.ts | 4 +++- 4 files changed, 26 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6b5c01483b..05daaabf20 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added +- Extended the export functionality by the account balances - Added a _Copy portfolio data to clipboard for AI prompt_ action to the analysis page (experimental) ### Changed diff --git a/apps/api/src/app/account/account.service.ts b/apps/api/src/app/account/account.service.ts index df369859ba..aab4c07660 100644 --- a/apps/api/src/app/account/account.service.ts +++ b/apps/api/src/app/account/account.service.ts @@ -7,7 +7,13 @@ import { Filter } from '@ghostfolio/common/interfaces'; import { Injectable } from '@nestjs/common'; import { EventEmitter2 } from '@nestjs/event-emitter'; -import { Account, Order, Platform, Prisma } from '@prisma/client'; +import { + Account, + AccountBalance, + Order, + Platform, + Prisma +} from '@prisma/client'; import { Big } from 'big.js'; import { format } from 'date-fns'; import { groupBy } from 'lodash'; @@ -56,13 +62,19 @@ export class AccountService { orderBy?: Prisma.AccountOrderByWithRelationInput; }): Promise< (Account & { + balances?: AccountBalance[]; Order?: Order[]; Platform?: Platform; })[] > { const { include = {}, skip, take, cursor, where, orderBy } = params; - include.balances = { orderBy: { date: 'desc' }, take: 1 }; + const isBalancesIncluded = !!include.balances; + + include.balances = { + orderBy: { date: 'desc' }, + ...(isBalancesIncluded ? {} : { take: 1 }) + }; const accounts = await this.prismaService.account.findMany({ cursor, @@ -76,7 +88,9 @@ export class AccountService { return accounts.map((account) => { account = { ...account, balance: account.balances[0]?.value ?? 0 }; - delete account.balances; + if (!isBalancesIncluded) { + delete account.balances; + } return account; }); diff --git a/apps/api/src/app/export/export.service.ts b/apps/api/src/app/export/export.service.ts index c6c24d6af5..8b9d2c56c0 100644 --- a/apps/api/src/app/export/export.service.ts +++ b/apps/api/src/app/export/export.service.ts @@ -31,6 +31,7 @@ export class ExportService { const accounts = ( await this.accountService.accounts({ include: { + balances: true, Platform: true }, orderBy: { @@ -41,6 +42,7 @@ export class ExportService { ).map( ({ balance, + balances, comment, currency, id, @@ -55,6 +57,9 @@ export class ExportService { return { balance, + balances: balances.map(({ date, value }) => { + return { date: date.toISOString(), value }; + }), comment, currency, id, diff --git a/libs/common/src/lib/interfaces/export.interface.ts b/libs/common/src/lib/interfaces/export.interface.ts index 14a017428b..0772159e6a 100644 --- a/libs/common/src/lib/interfaces/export.interface.ts +++ b/libs/common/src/lib/interfaces/export.interface.ts @@ -1,7 +1,9 @@ import { Account, Order, Platform, Tag } from '@prisma/client'; export interface Export { - accounts: Omit[]; + accounts: (Omit & { + balances: { date: string; value: number }[]; + })[]; activities: (Omit< Order, | 'accountUserId'