WIP

Author: MarceloRGonc

compose.yaml

@@ -2,7 +2,7 @@ name: openopsdev
 services:
   tables:
     container_name: tables
-    image: public.ecr.aws/openops/openops-tables:0.2.10
+    image: 535002847982.dkr.ecr.us-east-2.amazonaws.com/openops/openops-tables:mg-OPS-3123-2
     environment:
       BASEROW_PUBLIC_URL: ${OPS_OPENOPS_TABLES_PUBLIC_URL}
       BASEROW_PRIVATE_URL: http://localhost:3001

packages/openops/src/index.ts

@@ -43,6 +43,7 @@ export * from './lib/openops-tables/fields';
 export * from './lib/openops-tables/filters';
 export * from './lib/openops-tables/openops-tables-common-properties';
 export * from './lib/openops-tables/requests-helpers';
+export * from './lib/openops-tables/reset-user-password';
 export * from './lib/openops-tables/rows';
 export * from './lib/openops-tables/tables';
 export * from './lib/openops-tables/types';

packages/openops/src/lib/openops-tables/auth-user.ts

@@ -1,14 +1,6 @@
-import { AppSystemProp, cacheWrapper, system } from '@openops/server-shared';
 import { AxiosHeaders } from 'axios';
 import { IAxiosRetryConfig } from 'axios-retry';
 import { makeOpenOpsTablesPost } from './requests-helpers';
-const tokenLifetimeMinutes = system.getNumber(
-  AppSystemProp.TABLES_TOKEN_LIFETIME_MINUTES,
-);
-
-const tokenLifetimeSeconds = tokenLifetimeMinutes
-  ? (tokenLifetimeMinutes - 10) * 60 // Subtract 10 minutes to ensure the cache expired before the token
-  : undefined;
 
 export interface AuthTokens {
   token: string;
@@ -36,29 +28,3 @@ export async function authenticateUserInOpenOpsTables(
     axiosRetryConfig,
   );
 }
-
-export async function authenticateDefaultUserInOpenOpsTables(
-  axiosRetryConfig?: IAxiosRetryConfig,
-): Promise<AuthTokens> {
-  const cacheKey = 'openops-tables-token';
-
-  let tokens = await cacheWrapper.getSerializedObject<AuthTokens>(cacheKey);
-
-  if (!tokens) {
-    const email = system.getOrThrow(AppSystemProp.OPENOPS_ADMIN_EMAIL);
-    const password = system.getOrThrow(AppSystemProp.OPENOPS_ADMIN_PASSWORD);
-
-    tokens = await authenticateUserInOpenOpsTables(
-      email,
-      password,
-      axiosRetryConfig,
-    );
-    await cacheWrapper.setSerializedObject(
-      cacheKey,
-      tokens,
-      tokenLifetimeSeconds,
-    );
-  }
-
-  return tokens;
-}

packages/openops/src/lib/openops-tables/context-helpers.ts

@@ -1,6 +1,5 @@
 import { ServerContext } from '@openops/blocks-framework';
 import { AppSystemProp, encryptUtils, system } from '@openops/server-shared';
-import { authenticateDefaultUserInOpenOpsTables } from './auth-user';
 
 export function shouldUseDatabaseToken(): boolean {
   return system.getBoolean(AppSystemProp.ENABLE_TABLES_DATABASE_TOKEN) ?? false;
@@ -15,15 +14,15 @@ export type TablesServerContext = Pick<
 export async function resolveTokenProvider(
   serverContext: TablesServerContext,
 ): Promise<TokenOrResolver> {
-  if (shouldUseDatabaseToken()) {
-    return {
-      getToken: () => {
+  // if (shouldUseDatabaseToken()) {
+  return {
+    getToken: () => {
         const { tablesDatabaseToken } = serverContext;
-        return encryptUtils.decryptString(tablesDatabaseToken);
-      },
-    };
-  }
+      return encryptUtils.decryptString(tablesDatabaseToken);
+    },
+  };
+  // }
 
-  const { token } = await authenticateDefaultUserInOpenOpsTables();
-  return token;
+  // const { token } = await authenticateDefaultUserInOpenOpsTables();
+  // return token;
 }

packages/openops/src/lib/openops-tables/reset-user-password.ts

@@ -0,0 +1,16 @@
+import { createAxiosHeaders, makeOpenOpsTablesPatch } from './requests-helpers';
+
+export async function resetUserPassword(
+  email: string,
+  password: string,
+  token: string,
+): Promise<void> {
+  const payload = {
+    username: email,
+    password,
+  };
+
+  const headers = createAxiosHeaders(token);
+
+  await makeOpenOpsTablesPatch<void>('api/admin/users/', payload, headers);
+}

packages/server/api/src/app/ai/mcp/tables-tools.ts

@@ -1,14 +1,12 @@
-import {
-  authenticateDefaultUserInOpenOpsTables,
-  createAxiosHeaders,
-} from '@openops/common';
+import { createAxiosHeaders } from '@openops/common';
 import { AppSystemProp, system } from '@openops/server-shared';
 import { experimental_createMCPClient as createMCPClient, ToolSet } from 'ai';
+import { authenticateAdminUserInOpenOpsTables } from '../../database/seeds/auth-tables';
 import { openopsTables } from '../../openops-tables';
 import { MCPTool } from './types';
 
 export async function getTablesTools(): Promise<MCPTool> {
-  const { token } = await authenticateDefaultUserInOpenOpsTables();
+  const { token } = await authenticateAdminUserInOpenOpsTables();
   const mcpEndpoint = await openopsTables.getMcpEndpointList(token);
   if (!mcpEndpoint) {
     return {

packages/server/api/src/app/authentication/basic/authentication-service.ts

@@ -38,7 +38,7 @@ export const authenticationService = {
 
     const { refresh_token } = await authenticateUserInOpenOpsTables(
       request.email,
-      request.password,
+      user.password,
     );
 
     return this.authResponse(user, refresh_token);

packages/server/api/src/app/authentication/new-user/create-user.ts

@@ -122,7 +122,7 @@ export async function createUser(
     const tablesRefreshToken = await createTablesUser(
       name,
       params.email,
-      params.password,
+      user.password,
     );
 
     return {

packages/server/api/src/app/authentication/new-user/organization-assignment.ts

@@ -1,6 +1,6 @@
-import { authenticateDefaultUserInOpenOpsTables } from '@openops/common';
 import { AppSystemProp, system } from '@openops/server-shared';
 import { ApplicationError, ErrorCode, isNil, User } from '@openops/shared';
+import { authenticateAdminUserInOpenOpsTables } from '../../database/seeds/auth-tables';
 import { openopsTables } from '../../openops-tables';
 import { organizationService } from '../../organization/organization.service';
 import { projectService } from '../../project/project-service';
@@ -53,8 +53,7 @@ async function addUserToDefaultWorkspace(values: {
   email: string;
   workspaceId: number;
 }): Promise<void> {
-  const { token: defaultToken } =
-    await authenticateDefaultUserInOpenOpsTables();
+  const { token: defaultToken } = await authenticateAdminUserInOpenOpsTables();
 
   await openopsTables.addUserToWorkspace(defaultToken, {
     ...values,

packages/server/api/src/app/database/migrations/1763394159990-AddTablesTokenToProject.ts

@@ -1,5 +1,5 @@
-import { authenticateDefaultUserInOpenOpsTables } from '@openops/common';
-import { encryptUtils } from '@openops/server-shared';
+import { authenticateUserInOpenOpsTables } from '@openops/common';
+import { AppSystemProp, encryptUtils, system } from '@openops/server-shared';
 import { MigrationInterface, QueryRunner } from 'typeorm';
 import { openopsTables } from '../../openops-tables';
 
@@ -43,7 +43,9 @@ async function createTokensForExistingProjects(
     return;
   }
 
-  const { token } = await authenticateDefaultUserInOpenOpsTables();
+  const adminEmail = system.getOrThrow(AppSystemProp.OPENOPS_ADMIN_EMAIL);
+  const password = system.getOrThrow(AppSystemProp.OPENOPS_ADMIN_PASSWORD);
+  const { token } = await authenticateUserInOpenOpsTables(adminEmail, password);
   for (const record of projects) {
     const newToken = await openopsTables.createDatabaseToken(
       record.tablesWorkspaceId,