@blackcode_sa/metaestetics-api 1.13.21 → 1.14.0

package/dist/index.mjs

@@ -11738,6 +11738,240 @@ var PractitionerService = class extends BaseService {
       return null;
     }
   }
+  /**
+   * Finds all draft practitioner profiles by email address
+   * Used when a doctor signs in with Google to show all clinic invitations
+   * 
+   * @param email - Email address to search for
+   * @returns Array of draft practitioner profiles with clinic information
+   * 
+   * @remarks
+   * Requires Firestore composite index on:
+   * - Collection: practitioners
+   * - Fields: basicInfo.email (Ascending), status (Ascending), userRef (Ascending)
+   */
+  async getDraftProfilesByEmail(email) {
+    try {
+      const normalizedEmail = email.toLowerCase().trim();
+      console.log("[PRACTITIONER] Searching for all draft practitioners by email", {
+        email: normalizedEmail
+      });
+      const q = query13(
+        collection13(this.db, PRACTITIONERS_COLLECTION),
+        where13("basicInfo.email", "==", normalizedEmail),
+        where13("status", "==", "draft" /* DRAFT */),
+        where13("userRef", "==", "")
+      );
+      const querySnapshot = await getDocs13(q);
+      if (querySnapshot.empty) {
+        console.log("[PRACTITIONER] No draft practitioners found for email", {
+          email: normalizedEmail
+        });
+        return [];
+      }
+      const draftPractitioners = querySnapshot.docs.map(
+        (doc47) => doc47.data()
+      );
+      console.log("[PRACTITIONER] Found draft practitioners", {
+        email: normalizedEmail,
+        count: draftPractitioners.length,
+        practitionerIds: draftPractitioners.map((p) => p.id)
+      });
+      return draftPractitioners;
+    } catch (error) {
+      console.error(
+        "[PRACTITIONER] Error finding draft practitioners by email:",
+        error
+      );
+      return [];
+    }
+  }
+  /**
+   * Claims a draft practitioner profile and links it to a user account
+   * Used when a doctor selects which clinic(s) to join after Google Sign-In
+   * 
+   * @param practitionerId - ID of the draft practitioner profile to claim
+   * @param userId - ID of the user account to link the profile to
+   * @returns The claimed practitioner profile
+   */
+  async claimDraftProfileWithGoogle(practitionerId, userId) {
+    try {
+      console.log("[PRACTITIONER] Claiming draft profile with Google", {
+        practitionerId,
+        userId
+      });
+      const practitioner = await this.getPractitioner(practitionerId);
+      if (!practitioner) {
+        throw new Error(`Practitioner ${practitionerId} not found`);
+      }
+      if (practitioner.status !== "draft" /* DRAFT */) {
+        throw new Error("This practitioner profile has already been claimed");
+      }
+      const existingPractitioner = await this.getPractitionerByUserRef(userId);
+      if (existingPractitioner) {
+        console.log("[PRACTITIONER] User already has profile, merging clinics");
+        const mergedClinics = Array.from(/* @__PURE__ */ new Set([
+          ...existingPractitioner.clinics,
+          ...practitioner.clinics
+        ]));
+        const mergedWorkingHours = [...existingPractitioner.clinicWorkingHours];
+        for (const workingHours of practitioner.clinicWorkingHours) {
+          if (!mergedWorkingHours.find((wh) => wh.clinicId === workingHours.clinicId)) {
+            mergedWorkingHours.push(workingHours);
+          }
+        }
+        const mergedClinicsInfo = [...existingPractitioner.clinicsInfo];
+        for (const clinicInfo of practitioner.clinicsInfo) {
+          if (!mergedClinicsInfo.find((ci) => ci.id === clinicInfo.id)) {
+            mergedClinicsInfo.push(clinicInfo);
+          }
+        }
+        const updatedPractitioner2 = await this.updatePractitioner(existingPractitioner.id, {
+          clinics: mergedClinics,
+          clinicWorkingHours: mergedWorkingHours,
+          clinicsInfo: mergedClinicsInfo
+        });
+        await deleteDoc4(doc20(this.db, PRACTITIONERS_COLLECTION, practitionerId));
+        const activeTokens2 = await this.getPractitionerActiveTokens(practitionerId);
+        for (const token of activeTokens2) {
+          await this.markTokenAsUsed(token.id, practitionerId, userId);
+        }
+        return updatedPractitioner2;
+      }
+      const updatedPractitioner = await this.updatePractitioner(practitioner.id, {
+        userRef: userId,
+        status: "active" /* ACTIVE */
+      });
+      const activeTokens = await this.getPractitionerActiveTokens(practitionerId);
+      for (const token of activeTokens) {
+        await this.markTokenAsUsed(token.id, practitionerId, userId);
+      }
+      console.log("[PRACTITIONER] Draft profile claimed successfully", {
+        practitionerId: updatedPractitioner.id,
+        userId
+      });
+      return updatedPractitioner;
+    } catch (error) {
+      console.error(
+        "[PRACTITIONER] Error claiming draft profile with Google:",
+        error
+      );
+      throw error;
+    }
+  }
+  /**
+   * Claims multiple draft practitioner profiles and merges them into one profile
+   * Used when a doctor selects multiple clinics to join after Google Sign-In
+   * 
+   * @param practitionerIds - Array of draft practitioner profile IDs to claim
+   * @param userId - ID of the user account to link the profiles to
+   * @returns The claimed practitioner profile (first one becomes main, others merged)
+   */
+  async claimMultipleDraftProfilesWithGoogle(practitionerIds, userId) {
+    try {
+      if (practitionerIds.length === 0) {
+        throw new Error("No practitioner IDs provided");
+      }
+      console.log("[PRACTITIONER] Claiming multiple draft profiles with Google", {
+        practitionerIds,
+        userId,
+        count: practitionerIds.length
+      });
+      const draftProfiles = await Promise.all(
+        practitionerIds.map((id) => this.getPractitioner(id))
+      );
+      const validDrafts = draftProfiles.filter((p) => {
+        if (!p) return false;
+        if (p.status !== "draft" /* DRAFT */) {
+          throw new Error(`Practitioner ${p.id} has already been claimed`);
+        }
+        return true;
+      });
+      if (validDrafts.length === 0) {
+        throw new Error("No valid draft profiles found");
+      }
+      const existingPractitioner = await this.getPractitionerByUserRef(userId);
+      if (existingPractitioner) {
+        let mergedClinics2 = new Set(existingPractitioner.clinics);
+        let mergedWorkingHours2 = [...existingPractitioner.clinicWorkingHours];
+        let mergedClinicsInfo2 = [...existingPractitioner.clinicsInfo];
+        for (const draft of validDrafts) {
+          draft.clinics.forEach((clinicId) => mergedClinics2.add(clinicId));
+          for (const workingHours of draft.clinicWorkingHours) {
+            if (!mergedWorkingHours2.find((wh) => wh.clinicId === workingHours.clinicId)) {
+              mergedWorkingHours2.push(workingHours);
+            }
+          }
+          for (const clinicInfo of draft.clinicsInfo) {
+            if (!mergedClinicsInfo2.find((ci) => ci.id === clinicInfo.id)) {
+              mergedClinicsInfo2.push(clinicInfo);
+            }
+          }
+        }
+        const updatedPractitioner2 = await this.updatePractitioner(existingPractitioner.id, {
+          clinics: Array.from(mergedClinics2),
+          clinicWorkingHours: mergedWorkingHours2,
+          clinicsInfo: mergedClinicsInfo2
+        });
+        for (const draft of validDrafts) {
+          await deleteDoc4(doc20(this.db, PRACTITIONERS_COLLECTION, draft.id));
+          const activeTokens = await this.getPractitionerActiveTokens(draft.id);
+          for (const token of activeTokens) {
+            await this.markTokenAsUsed(token.id, draft.id, userId);
+          }
+        }
+        return updatedPractitioner2;
+      }
+      const mainDraft = validDrafts[0];
+      const otherDrafts = validDrafts.slice(1);
+      let mergedClinics = new Set(mainDraft.clinics);
+      let mergedWorkingHours = [...mainDraft.clinicWorkingHours];
+      let mergedClinicsInfo = [...mainDraft.clinicsInfo];
+      for (const draft of otherDrafts) {
+        draft.clinics.forEach((clinicId) => mergedClinics.add(clinicId));
+        for (const workingHours of draft.clinicWorkingHours) {
+          if (!mergedWorkingHours.find((wh) => wh.clinicId === workingHours.clinicId)) {
+            mergedWorkingHours.push(workingHours);
+          }
+        }
+        for (const clinicInfo of draft.clinicsInfo) {
+          if (!mergedClinicsInfo.find((ci) => ci.id === clinicInfo.id)) {
+            mergedClinicsInfo.push(clinicInfo);
+          }
+        }
+      }
+      const updatedPractitioner = await this.updatePractitioner(mainDraft.id, {
+        userRef: userId,
+        status: "active" /* ACTIVE */,
+        clinics: Array.from(mergedClinics),
+        clinicWorkingHours: mergedWorkingHours,
+        clinicsInfo: mergedClinicsInfo
+      });
+      const mainActiveTokens = await this.getPractitionerActiveTokens(mainDraft.id);
+      for (const token of mainActiveTokens) {
+        await this.markTokenAsUsed(token.id, mainDraft.id, userId);
+      }
+      for (const draft of otherDrafts) {
+        await deleteDoc4(doc20(this.db, PRACTITIONERS_COLLECTION, draft.id));
+        const activeTokens = await this.getPractitionerActiveTokens(draft.id);
+        for (const token of activeTokens) {
+          await this.markTokenAsUsed(token.id, draft.id, userId);
+        }
+      }
+      console.log("[PRACTITIONER] Multiple draft profiles claimed successfully", {
+        practitionerId: updatedPractitioner.id,
+        userId,
+        mergedCount: validDrafts.length
+      });
+      return updatedPractitioner;
+    } catch (error) {
+      console.error(
+        "[PRACTITIONER] Error claiming multiple draft profiles with Google:",
+        error
+      );
+      throw error;
+    }
+  }
   /**
    * Dohvata sve zdravstvene radnike za određenu kliniku sa statusom ACTIVE
    */
@@ -15874,6 +16108,135 @@ var AuthService = class extends BaseService {
       throw handleFirebaseError(error);
     }
   }
+  /**
+   * Signs up or signs in a practitioner with Google authentication.
+   * Checks for existing practitioner account or draft profiles.
+   * 
+   * @param idToken - The Google ID token obtained from the mobile app
+   * @returns Object containing user, practitioner (if exists), and draft profiles (if any)
+   */
+  async signUpPractitionerWithGoogle(idToken) {
+    try {
+      console.log("[AUTH] Starting practitioner Google Sign-In/Sign-Up");
+      let email;
+      try {
+        const payloadBase64 = idToken.split(".")[1];
+        const payloadJson = globalThis.atob ? globalThis.atob(payloadBase64) : Buffer.from(payloadBase64, "base64").toString("utf8");
+        const payload = JSON.parse(payloadJson);
+        email = payload.email;
+      } catch (decodeError) {
+        console.error("[AUTH] Failed to decode email from Google ID token:", decodeError);
+        throw new AuthError(
+          "Unable to read email from Google token. Please try again.",
+          "AUTH/INVALID_GOOGLE_TOKEN",
+          400
+        );
+      }
+      if (!email) {
+        throw new AuthError(
+          "Unable to read email from Google token. Please try again.",
+          "AUTH/INVALID_GOOGLE_TOKEN",
+          400
+        );
+      }
+      const normalizedEmail = email.toLowerCase().trim();
+      console.log("[AUTH] Extracted email from Google token:", normalizedEmail);
+      const methods = await fetchSignInMethodsForEmail2(this.auth, normalizedEmail);
+      const hasGoogleMethod = methods.includes(GoogleAuthProvider.GOOGLE_SIGN_IN_METHOD);
+      const hasEmailMethod = methods.includes(EmailAuthProvider.EMAIL_PASSWORD_SIGN_IN_METHOD);
+      const practitionerService = new PractitionerService(this.db, this.auth, this.app);
+      if (hasGoogleMethod) {
+        console.log("[AUTH] User exists with Google provider, signing in");
+        const credential2 = GoogleAuthProvider.credential(idToken);
+        const { user: firebaseUser2 } = await signInWithCredential(this.auth, credential2);
+        const existingUser2 = await this.userService.getUserById(firebaseUser2.uid);
+        if (!existingUser2) {
+          await firebaseSignOut(this.auth);
+          throw new AuthError(
+            "No account found. Please contact support.",
+            "AUTH/USER_NOT_FOUND",
+            404
+          );
+        }
+        let practitioner2 = null;
+        if (existingUser2.practitionerProfile) {
+          practitioner2 = await practitionerService.getPractitioner(existingUser2.practitionerProfile);
+        }
+        const draftProfiles2 = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+        return {
+          user: existingUser2,
+          practitioner: practitioner2,
+          draftProfiles: draftProfiles2
+        };
+      }
+      if (hasEmailMethod && !hasGoogleMethod) {
+        console.log("[AUTH] User exists with email/password only");
+        throw new AuthError(
+          "An account with this email already exists. Please sign in with your email and password, then link your Google account in settings.",
+          "AUTH/EMAIL_ALREADY_EXISTS",
+          409
+        );
+      }
+      console.log("[AUTH] Signing in with Google credential");
+      const credential = GoogleAuthProvider.credential(idToken);
+      let firebaseUser;
+      try {
+        const result = await signInWithCredential(this.auth, credential);
+        firebaseUser = result.user;
+      } catch (error) {
+        if (error.code === "auth/account-exists-with-different-credential") {
+          throw new AuthError(
+            "An account with this email already exists. Please sign in with your email and password, then link your Google account in settings.",
+            "AUTH/EMAIL_ALREADY_EXISTS",
+            409
+          );
+        }
+        throw error;
+      }
+      let existingUser = null;
+      try {
+        const existingUserDoc = await this.userService.getUserById(firebaseUser.uid);
+        if (existingUserDoc) {
+          existingUser = existingUserDoc;
+          console.log("[AUTH] Found existing User document");
+        }
+      } catch (error) {
+        console.error("[AUTH] Error checking for existing user:", error);
+      }
+      console.log("[AUTH] Checking for draft profiles");
+      const draftProfiles = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+      let user;
+      if (existingUser) {
+        user = existingUser;
+        console.log("[AUTH] Using existing user account");
+      } else {
+        user = await this.userService.createUser(firebaseUser, ["practitioner" /* PRACTITIONER */], {
+          skipProfileCreation: true
+        });
+        console.log("[AUTH] Created new user account");
+      }
+      let practitioner = null;
+      if (user.practitionerProfile) {
+        practitioner = await practitionerService.getPractitioner(user.practitionerProfile);
+      }
+      console.log("[AUTH] Google Sign-In complete", {
+        userId: user.uid,
+        hasPractitioner: !!practitioner,
+        draftProfilesCount: draftProfiles.length
+      });
+      return {
+        user,
+        practitioner,
+        draftProfiles
+      };
+    } catch (error) {
+      console.error("[AUTH] Error in signUpPractitionerWithGoogle:", error);
+      if (error instanceof AuthError) {
+        throw error;
+      }
+      throw handleFirebaseError(error);
+    }
+  }
   /**
    * Links a Google account to the currently signed-in user using an ID token.
    * This is used to upgrade an anonymous user or to allow an existing user

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@blackcode_sa/metaestetics-api",
   "private": false,
-  "version": "1.13.21",
+  "version": "1.14.0",
   "description": "Firebase authentication service with anonymous upgrade support",
   "main": "dist/index.js",
   "module": "dist/index.mjs",

package/src/admin/mailing/practitionerInvite/templates/invitation.template.ts

@@ -78,10 +78,21 @@ export const practitionerInvitationTemplate = `
       
       <p>This token will expire on <strong>{{expirationDate}}</strong>.</p>
       
-      <p>To create your account:</p>
+      <p><strong>You have two options to create your account:</strong></p>
+      
+      <p><strong>Option 1: Sign in with Google (Recommended)</strong></p>
+      <ol>
+        <li>Open the MetaEsthetics Doctor App</li>
+        <li>Click "Sign in with Google" on the login screen</li>
+        <li>Select your Google account (use the email address: {{practitionerEmail}})</li>
+        <li>You'll see an invitation to join {{clinicName}} - simply select it and join!</li>
+      </ol>
+      
+      <p><strong>Option 2: Use Email/Password with Token</strong></p>
       <ol>
         <li>Visit {{registrationUrl}}</li>
-        <li>Enter your email and create a password</li>
+        <li>Click "Claim Existing Profile with Token"</li>
+        <li>Enter your email ({{practitionerEmail}}) and create a password</li>
         <li>When prompted, enter the token above</li>
       </ol>
       

package/src/services/auth/auth.service.ts

@@ -1002,6 +1002,179 @@ export class AuthService extends BaseService {
     }
   }
 
+  /**
+   * Signs up or signs in a practitioner with Google authentication.
+   * Checks for existing practitioner account or draft profiles.
+   * 
+   * @param idToken - The Google ID token obtained from the mobile app
+   * @returns Object containing user, practitioner (if exists), and draft profiles (if any)
+   */
+  async signUpPractitionerWithGoogle(
+    idToken: string
+  ): Promise<{
+    user: User;
+    practitioner: Practitioner | null;
+    draftProfiles: Practitioner[];
+  }> {
+    try {
+      console.log('[AUTH] Starting practitioner Google Sign-In/Sign-Up');
+
+      // Extract email from Google ID token
+      let email: string | undefined;
+      try {
+        const payloadBase64 = idToken.split('.')[1];
+        const payloadJson = globalThis.atob
+          ? globalThis.atob(payloadBase64)
+          : Buffer.from(payloadBase64, 'base64').toString('utf8');
+        const payload = JSON.parse(payloadJson);
+        email = payload.email as string | undefined;
+      } catch (decodeError) {
+        console.error('[AUTH] Failed to decode email from Google ID token:', decodeError);
+        throw new AuthError(
+          'Unable to read email from Google token. Please try again.',
+          'AUTH/INVALID_GOOGLE_TOKEN',
+          400,
+        );
+      }
+
+      if (!email) {
+        throw new AuthError(
+          'Unable to read email from Google token. Please try again.',
+          'AUTH/INVALID_GOOGLE_TOKEN',
+          400,
+        );
+      }
+
+      const normalizedEmail = email.toLowerCase().trim();
+      console.log('[AUTH] Extracted email from Google token:', normalizedEmail);
+
+      // Check if user already exists in Firebase Auth
+      const methods = await fetchSignInMethodsForEmail(this.auth, normalizedEmail);
+      const hasGoogleMethod = methods.includes(GoogleAuthProvider.GOOGLE_SIGN_IN_METHOD);
+      const hasEmailMethod = methods.includes(EmailAuthProvider.EMAIL_PASSWORD_SIGN_IN_METHOD);
+
+      const practitionerService = new PractitionerService(this.db, this.auth, this.app);
+
+      // Case 1: User exists with Google provider - sign in and check for practitioner profile
+      if (hasGoogleMethod) {
+        console.log('[AUTH] User exists with Google provider, signing in');
+        const credential = GoogleAuthProvider.credential(idToken);
+        const { user: firebaseUser } = await signInWithCredential(this.auth, credential);
+        
+        const existingUser = await this.userService.getUserById(firebaseUser.uid);
+        if (!existingUser) {
+          await firebaseSignOut(this.auth);
+          throw new AuthError(
+            'No account found. Please contact support.',
+            'AUTH/USER_NOT_FOUND',
+            404,
+          );
+        }
+
+        // Check if user has practitioner profile
+        let practitioner: Practitioner | null = null;
+        if (existingUser.practitionerProfile) {
+          practitioner = await practitionerService.getPractitioner(existingUser.practitionerProfile);
+        }
+
+        // Check for any new draft profiles
+        const draftProfiles = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+
+        return {
+          user: existingUser,
+          practitioner,
+          draftProfiles,
+        };
+      }
+
+      // Case 2: User exists with email/password - need to link Google provider
+      // Firebase doesn't allow linking without being signed in first
+      // So we need to ask user to sign in with email/password first, then link
+      if (hasEmailMethod && !hasGoogleMethod) {
+        console.log('[AUTH] User exists with email/password only');
+        throw new AuthError(
+          'An account with this email already exists. Please sign in with your email and password, then link your Google account in settings.',
+          'AUTH/EMAIL_ALREADY_EXISTS',
+          409,
+        );
+      }
+
+      // Case 3: New user - sign in with Google and check for draft profiles
+      console.log('[AUTH] Signing in with Google credential');
+      const credential = GoogleAuthProvider.credential(idToken);
+      
+      let firebaseUser: FirebaseUser;
+      try {
+        const result = await signInWithCredential(this.auth, credential);
+        firebaseUser = result.user;
+      } catch (error: any) {
+        // If sign-in fails because email already exists with different provider
+        if (error.code === 'auth/account-exists-with-different-credential') {
+          throw new AuthError(
+            'An account with this email already exists. Please sign in with your email and password, then link your Google account in settings.',
+            'AUTH/EMAIL_ALREADY_EXISTS',
+            409,
+          );
+        }
+        throw error;
+      }
+
+      // Check for existing User document (in case user had email/password account that was just linked)
+      let existingUser: User | null = null;
+      try {
+        const existingUserDoc = await this.userService.getUserById(firebaseUser.uid);
+        if (existingUserDoc) {
+          existingUser = existingUserDoc;
+          console.log('[AUTH] Found existing User document');
+        }
+      } catch (error) {
+        console.error('[AUTH] Error checking for existing user:', error);
+        // Continue with new user creation
+      }
+
+      // Check for draft profiles
+      console.log('[AUTH] Checking for draft profiles');
+      const draftProfiles = await practitionerService.getDraftProfilesByEmail(normalizedEmail);
+
+      let user: User;
+      if (existingUser) {
+        // User exists - use existing account
+        user = existingUser;
+        console.log('[AUTH] Using existing user account');
+      } else {
+        // Create new user document
+        user = await this.userService.createUser(firebaseUser, [UserRole.PRACTITIONER], {
+          skipProfileCreation: true,
+        });
+        console.log('[AUTH] Created new user account');
+      }
+
+      // Check if user already has practitioner profile
+      let practitioner: Practitioner | null = null;
+      if (user.practitionerProfile) {
+        practitioner = await practitionerService.getPractitioner(user.practitionerProfile);
+      }
+
+      console.log('[AUTH] Google Sign-In complete', {
+        userId: user.uid,
+        hasPractitioner: !!practitioner,
+        draftProfilesCount: draftProfiles.length,
+      });
+
+      return {
+        user,
+        practitioner,
+        draftProfiles,
+      };
+    } catch (error) {
+      console.error('[AUTH] Error in signUpPractitionerWithGoogle:', error);
+      if (error instanceof AuthError) {
+        throw error;
+      }
+      throw handleFirebaseError(error);
+    }
+  }
+
   /**
    * Links a Google account to the currently signed-in user using an ID token.
    * This is used to upgrade an anonymous user or to allow an existing user