@base44-preview/cli 0.0.50-pr.475.145bd51 → 0.0.50-pr.475.2394181

package/dist/cli/index.js

@@ -253321,7 +253321,9 @@ class Validator {
 }
 
 // src/cli/dev/dev-server/db/database.ts
+var PRIVATE_COLLECTION_PREFIX = "$";
 var USER_COLLECTION = "user";
+var PRIVATE_USER_COLLECTION = PRIVATE_COLLECTION_PREFIX + USER_COLLECTION;
 
 class Database {
   collections = new Map;
@@ -253343,6 +253345,7 @@ class Database {
     this.schemas.set(USER_COLLECTION, this.buildUserSchema(userEntity));
     const collection = new import_nedb.default;
     this.collections.set(USER_COLLECTION, collection);
+    this.collections.set(PRIVATE_USER_COLLECTION, new import_nedb.default);
     const userInfo = await readAuth();
     const now = getNowISOTimestamp();
     await collection.insertAsync({
@@ -253384,7 +253387,9 @@ class Database {
     return this.collections.get(this.normalizeName(name2));
   }
   getCollectionNames() {
-    return Array.from(this.collections.keys());
+    return Array.from(this.collections.keys()).filter((name2) => {
+      return !name2.startsWith(PRIVATE_COLLECTION_PREFIX);
+    });
   }
   dropAll() {
     for (const collection of this.collections.values()) {
@@ -253461,32 +253466,37 @@ var createJwtToken = (email3) => {
     expiresIn: "360d"
   });
 };
-var UserRegiterSchema = object({
-  id: string2(),
-  email: email2(),
-  otpCode: string2().length(6),
-  password: string2().min(8),
-  createdAt: number2().min(1)
-});
+var LoginBody = object({ email: email2(), password: string2() });
+var VerifyOtpBody = object({ email: email2(), otp_code: string2() });
 function createAuthRouter(db2, logger2) {
   const router = import_express2.Router({ mergeParams: true });
-  const userRegitrPendingMap = new Map;
   const parseBody = import_express2.json();
   router.post("/login", parseBody, async (req, res) => {
-    const { email: email3, password: _password } = req.body;
+    const { email: email3, password } = LoginBody.parse(req.body);
     const result = await db2.getCollection(USER_COLLECTION)?.findOneAsync({ email: email3 });
     if (result) {
-      res.json({
-        access_token: createJwtToken(email3),
-        success: true,
-        user: {}
-      });
+      const privateUserData = await db2.getCollection(PRIVATE_USER_COLLECTION)?.findOneAsync({ email: email3 });
+      if (result.role === "admin" || privateUserData?.password === password) {
+        res.json({
+          access_token: createJwtToken(email3),
+          success: true,
+          user: {}
+        });
+      } else {
+        res.status(400).json({
+          detail: "Invalid email or password",
+          error_type: "HTTPException",
+          message: "Invalid email or password",
+          request_id: null,
+          traceback: ""
+        });
+      }
       return;
     }
     res.status(401).json({ error: "Unauthorized" });
   });
   router.post("/register", parseBody, async (req, res) => {
-    const { email: email3, password } = req.body;
+    const { email: email3, password } = LoginBody.parse(req.body);
     if ((password || "").length < 8) {
       res.status(400).json({
         detail: "Password must be at least 8 characters long",
@@ -253508,15 +253518,21 @@ function createAuthRouter(db2, logger2) {
       });
       return;
     }
-    const otpCode = generateCode();
-    const id2 = nanoid3();
-    userRegitrPendingMap.set(email3, {
-      id: id2,
-      email: email3,
-      otpCode,
-      password,
-      createdAt: +Date.now()
+    const privateUserCollection = db2.getCollection(PRIVATE_USER_COLLECTION);
+    const privateUserData = await privateUserCollection?.findOneAsync({
+      email: email3
     });
+    const otpCode = privateUserData ? privateUserData.otpCode : generateCode();
+    const id2 = privateUserData ? privateUserData.id : nanoid3();
+    if (!privateUserData) {
+      await privateUserCollection?.insertAsync({
+        id: id2,
+        email: email3,
+        otpCode,
+        password,
+        createdAt: Date.now()
+      });
+    }
     logger2.log(theme.styles.info(`
 In order to complete registration use this verification code: ${otpCode}
 `));
@@ -253527,16 +253543,24 @@ In order to complete registration use this verification code: ${otpCode}
     });
   });
   router.post("/verify-otp", parseBody, async (req, res) => {
-    const { email: email3, otp_code } = req.body;
-    const userData = userRegitrPendingMap.get(email3);
-    if (userData && userData.otpCode === otp_code) {
-      if (+Date.now() - userData.createdAt < 10 * 60 * 1000) {
+    const { email: email3, otp_code } = VerifyOtpBody.parse(req.body);
+    const privateUserCollection = db2.getCollection(PRIVATE_USER_COLLECTION);
+    const privateUserData = await privateUserCollection?.findOneAsync({
+      email: email3
+    });
+    if (privateUserData && privateUserData.otpCode === otp_code) {
+      if (+Date.now() - privateUserData.createdAt < 10 * 60 * 1000) {
+        await privateUserCollection?.updateAsync({
+          email: email3
+        }, {
+          $unset: { otpCode: true }
+        });
         const collection = db2.getCollection(USER_COLLECTION);
         const now = getNowISOTimestamp();
         const nameFromEmailMatch = /^([^@]+)/.exec(email3);
         const fullName = nameFromEmailMatch ? nameFromEmailMatch[1] : email3;
         await collection?.insertAsync({
-          id: userData.id,
+          id: privateUserData.id,
           email: email3,
           full_name: fullName,
           is_service: false,
@@ -253548,7 +253572,7 @@ In order to complete registration use this verification code: ${otpCode}
           updated_date: now
         });
         res.json({
-          id: userData.id,
+          id: privateUserData.id,
           access_token: createJwtToken(email3),
           message: "Email verified successfully. You are now logged in.",
           success: true
@@ -260360,4 +260384,4 @@ export {
   CLIExitError
 };
 
-//# debugId=7F65D5426750E8BD64756E2164756E21
+//# debugId=033335773979C1A464756E2164756E21