@brightchain/node-express-suite 0.27.1 → 0.29.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/package.json +7 -6
- package/src/index.d.ts +8 -0
- package/src/index.d.ts.map +1 -1
- package/src/index.js +13 -1
- package/src/index.js.map +1 -1
- package/src/lib/controllers/user.d.ts +54 -0
- package/src/lib/controllers/user.d.ts.map +1 -0
- package/src/lib/controllers/user.js +703 -0
- package/src/lib/controllers/user.js.map +1 -0
- package/src/lib/enumerations/schema-collection.d.ts +12 -0
- package/src/lib/enumerations/schema-collection.d.ts.map +1 -0
- package/src/lib/enumerations/schema-collection.js +16 -0
- package/src/lib/enumerations/schema-collection.js.map +1 -0
- package/src/lib/interfaces/auth-credentials.d.ts +6 -0
- package/src/lib/interfaces/auth-credentials.d.ts.map +1 -0
- package/src/lib/interfaces/auth-credentials.js +3 -0
- package/src/lib/interfaces/auth-credentials.js.map +1 -0
- package/src/lib/interfaces/auth-token.d.ts +6 -0
- package/src/lib/interfaces/auth-token.d.ts.map +1 -0
- package/src/lib/interfaces/auth-token.js +3 -0
- package/src/lib/interfaces/auth-token.js.map +1 -0
- package/src/lib/interfaces/responses/index.d.ts +2 -0
- package/src/lib/interfaces/responses/index.d.ts.map +1 -0
- package/src/lib/interfaces/responses/index.js +3 -0
- package/src/lib/interfaces/responses/index.js.map +1 -0
- package/src/lib/interfaces/responses/user-api-responses.d.ts +37 -0
- package/src/lib/interfaces/responses/user-api-responses.d.ts.map +1 -0
- package/src/lib/interfaces/responses/user-api-responses.js +9 -0
- package/src/lib/interfaces/responses/user-api-responses.js.map +1 -0
- package/src/lib/interfaces/token-payload.d.ts +9 -0
- package/src/lib/interfaces/token-payload.d.ts.map +1 -0
- package/src/lib/interfaces/token-payload.js +3 -0
- package/src/lib/interfaces/token-payload.js.map +1 -0
- package/src/lib/routers/api.d.ts +34 -0
- package/src/lib/routers/api.d.ts.map +1 -0
- package/src/lib/routers/api.js +42 -0
- package/src/lib/routers/api.js.map +1 -0
- package/src/lib/services/auth.d.ts +49 -0
- package/src/lib/services/auth.d.ts.map +1 -0
- package/src/lib/services/auth.js +278 -0
- package/src/lib/services/auth.js.map +1 -0
- package/src/lib/services/bright-db-authentication-provider.d.ts +13 -1
- package/src/lib/services/bright-db-authentication-provider.d.ts.map +1 -1
- package/src/lib/services/bright-db-authentication-provider.js +15 -0
- package/src/lib/services/bright-db-authentication-provider.js.map +1 -1
- package/src/lib/upstream.d.ts +2 -2
- package/src/lib/upstream.d.ts.map +1 -1
- package/src/lib/upstream.js +3 -1
- package/src/lib/upstream.js.map +1 -1
- package/src/lib/validation/userValidation.d.ts.map +1 -1
- package/src/lib/validation/userValidation.js +21 -0
- package/src/lib/validation/userValidation.js.map +1 -1
|
@@ -0,0 +1,278 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* @fileoverview Base AuthService for BrightDB-backed applications.
|
|
4
|
+
*
|
|
5
|
+
* Handles core user authentication: register, login, JWT signing/verification,
|
|
6
|
+
* password change, and mnemonic recovery. Uses MemberStore + EnergyAccountStore
|
|
7
|
+
* from brightchain-lib, bcrypt for password hashing, and jsonwebtoken for JWTs.
|
|
8
|
+
*
|
|
9
|
+
* Domain-specific extensions (e.g. BrightHub profile creation, additional
|
|
10
|
+
* controllers) are added by subclasses in consuming libraries.
|
|
11
|
+
*
|
|
12
|
+
* @module services/auth
|
|
13
|
+
*/
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.BrightDbAuthService = void 0;
|
|
16
|
+
const tslib_1 = require("tslib");
|
|
17
|
+
const brightchain_lib_1 = require("@brightchain/brightchain-lib");
|
|
18
|
+
const ecies_lib_1 = require("@digitaldefiance/ecies-lib");
|
|
19
|
+
const node_ecies_lib_1 = require("@digitaldefiance/node-ecies-lib");
|
|
20
|
+
const node_express_suite_1 = require("@digitaldefiance/node-express-suite");
|
|
21
|
+
const suite_core_lib_1 = require("@digitaldefiance/suite-core-lib");
|
|
22
|
+
const bcrypt = tslib_1.__importStar(require("bcrypt"));
|
|
23
|
+
const crypto_1 = require("crypto");
|
|
24
|
+
const jwt = tslib_1.__importStar(require("jsonwebtoken"));
|
|
25
|
+
const BCRYPT_ROUNDS = 12;
|
|
26
|
+
/**
|
|
27
|
+
* Base authentication service for BrightDB-backed applications.
|
|
28
|
+
*
|
|
29
|
+
* Provides register, login, JWT sign/verify, password change, and
|
|
30
|
+
* mnemonic recovery. Subclasses can override methods to add domain-specific
|
|
31
|
+
* behavior (e.g. creating social profiles on registration).
|
|
32
|
+
*/
|
|
33
|
+
class BrightDbAuthService {
|
|
34
|
+
memberStore;
|
|
35
|
+
energyStore;
|
|
36
|
+
jwtSecret;
|
|
37
|
+
authProvider;
|
|
38
|
+
application;
|
|
39
|
+
constructor(application, memberStore, energyStore, jwtSecret, authProvider) {
|
|
40
|
+
this.application = application;
|
|
41
|
+
this.memberStore = memberStore;
|
|
42
|
+
this.energyStore = energyStore;
|
|
43
|
+
this.jwtSecret = jwtSecret;
|
|
44
|
+
this.authProvider = authProvider;
|
|
45
|
+
}
|
|
46
|
+
async register(username, email, password, mnemonic) {
|
|
47
|
+
// Check for duplicate email
|
|
48
|
+
const existing = await this.memberStore.queryIndex({ email });
|
|
49
|
+
if (existing.length > 0) {
|
|
50
|
+
throw new Error('Email already registered');
|
|
51
|
+
}
|
|
52
|
+
// Hash password before member creation
|
|
53
|
+
const passwordValue = password.value;
|
|
54
|
+
if (!passwordValue) {
|
|
55
|
+
throw new Error('Password value is empty');
|
|
56
|
+
}
|
|
57
|
+
const passwordHash = await bcrypt.hash(passwordValue, BCRYPT_ROUNDS);
|
|
58
|
+
const sp = brightchain_lib_1.ServiceProvider.getInstance();
|
|
59
|
+
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
60
|
+
let liveMember;
|
|
61
|
+
let resultMnemonic;
|
|
62
|
+
let memberId;
|
|
63
|
+
let memberChecksum;
|
|
64
|
+
if (mnemonic?.value) {
|
|
65
|
+
// ── User-provided mnemonic path ──────────────────────────────────
|
|
66
|
+
const trimmed = mnemonic.value.trim();
|
|
67
|
+
// Defense-in-depth: validate format even though controller already checked
|
|
68
|
+
if (!ecies_lib_1.Constants.MnemonicRegex.test(trimmed)) {
|
|
69
|
+
throw new Error('Invalid mnemonic format');
|
|
70
|
+
}
|
|
71
|
+
// HMAC uniqueness check
|
|
72
|
+
const hmacSecretHex = this.application.environment.get('MNEMONIC_HMAC_SECRET');
|
|
73
|
+
if (!hmacSecretHex) {
|
|
74
|
+
throw new Error('MNEMONIC_HMAC_SECRET is not configured');
|
|
75
|
+
}
|
|
76
|
+
const hmac = (0, crypto_1.createHmac)('sha256', Buffer.from(hmacSecretHex, 'hex'))
|
|
77
|
+
.update(Buffer.from(trimmed, 'utf-8'))
|
|
78
|
+
.digest('hex');
|
|
79
|
+
// Check if the HMAC already exists in the mnemonic collection
|
|
80
|
+
const mnemonicsCollection = this.application.db.collection('mnemonics');
|
|
81
|
+
const existingHmac = await mnemonicsCollection.findOne({
|
|
82
|
+
hmac,
|
|
83
|
+
});
|
|
84
|
+
if (existingHmac) {
|
|
85
|
+
throw new suite_core_lib_1.TranslatableSuiteError('validation_mnemonicInUse');
|
|
86
|
+
}
|
|
87
|
+
// Create member with user-provided mnemonic via memberStore so it gets
|
|
88
|
+
// properly indexed (same flow as the server-generated path).
|
|
89
|
+
const { reference: mnemonicRef, mnemonic: returnedMnemonic } = await this.memberStore.createMember({
|
|
90
|
+
type: ecies_lib_1.MemberType.User,
|
|
91
|
+
name: username,
|
|
92
|
+
contactEmail: new brightchain_lib_1.EmailString(email),
|
|
93
|
+
forceMnemonic: new ecies_lib_1.SecureString(trimmed),
|
|
94
|
+
});
|
|
95
|
+
resultMnemonic = returnedMnemonic;
|
|
96
|
+
const idRawBytes = sp.idProvider.toBytes(mnemonicRef.id);
|
|
97
|
+
memberId = sp.idProvider.idToString(mnemonicRef.id);
|
|
98
|
+
memberChecksum = sp.checksumService.calculateChecksum(idRawBytes);
|
|
99
|
+
// Reconstruct the live member from the mnemonic so we have the private key
|
|
100
|
+
// for key wrapping. createMember() only returns a reference.
|
|
101
|
+
const eciesService = sp.eciesService;
|
|
102
|
+
const { member: reconstructed } = node_ecies_lib_1.Member.newMember(eciesService, ecies_lib_1.MemberType.User, username, new brightchain_lib_1.EmailString(email), new ecies_lib_1.SecureString(trimmed));
|
|
103
|
+
liveMember = reconstructed;
|
|
104
|
+
// Store the HMAC in the mnemonic collection for uniqueness tracking
|
|
105
|
+
await mnemonicsCollection.create({
|
|
106
|
+
_id: (0, crypto_1.randomUUID)(),
|
|
107
|
+
hmac,
|
|
108
|
+
});
|
|
109
|
+
}
|
|
110
|
+
else {
|
|
111
|
+
// ── Server-generated mnemonic path (existing flow) ───────────────
|
|
112
|
+
const { reference, mnemonic: generatedMnemonic } = await this.memberStore.createMember({
|
|
113
|
+
type: ecies_lib_1.MemberType.User,
|
|
114
|
+
name: username,
|
|
115
|
+
contactEmail: new brightchain_lib_1.EmailString(email),
|
|
116
|
+
});
|
|
117
|
+
const idRawBytes = sp.idProvider.toBytes(reference.id);
|
|
118
|
+
memberId = sp.idProvider.idToString(reference.id);
|
|
119
|
+
memberChecksum = sp.checksumService.calculateChecksum(idRawBytes);
|
|
120
|
+
// Reconstruct the member from the mnemonic so we have the private key.
|
|
121
|
+
// createMember() generates the keypair internally but only returns a
|
|
122
|
+
// reference — we need the live Member with private key to wrap it.
|
|
123
|
+
const eciesService = sp.eciesService;
|
|
124
|
+
const { member: reconstructed } = node_ecies_lib_1.Member.newMember(eciesService, ecies_lib_1.MemberType.User, username, new brightchain_lib_1.EmailString(email), generatedMnemonic);
|
|
125
|
+
liveMember = reconstructed;
|
|
126
|
+
resultMnemonic = generatedMnemonic;
|
|
127
|
+
}
|
|
128
|
+
// ── Shared code: wrap key, encrypt mnemonic, store user, sign JWT ──
|
|
129
|
+
// Password-wrap the private key (AES-256-GCM + PBKDF2)
|
|
130
|
+
let passwordWrappedPrivateKey;
|
|
131
|
+
if (liveMember.privateKey) {
|
|
132
|
+
const keyWrappingService = new node_express_suite_1.KeyWrappingService();
|
|
133
|
+
const wrapped = keyWrappingService.wrapSecret(liveMember.privateKey, password, this.application.constants);
|
|
134
|
+
passwordWrappedPrivateKey = {
|
|
135
|
+
salt: wrapped.salt,
|
|
136
|
+
iv: wrapped.iv,
|
|
137
|
+
authTag: wrapped.authTag,
|
|
138
|
+
ciphertext: wrapped.ciphertext,
|
|
139
|
+
iterations: wrapped.iterations,
|
|
140
|
+
};
|
|
141
|
+
}
|
|
142
|
+
// Encrypt the mnemonic with the system user's ECIES public key for
|
|
143
|
+
// server-side recovery (backup code generation, key rotation, etc.)
|
|
144
|
+
const systemUser = node_express_suite_1.SystemUserService.getSystemUser(
|
|
145
|
+
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
146
|
+
this.application.environment, this.application.constants);
|
|
147
|
+
const mnemonicRecovery = (await systemUser.encryptData(Buffer.from(resultMnemonic.value ?? '', 'utf-8'))).toString('hex');
|
|
148
|
+
// Store password hash, wrapped private key, and encrypted mnemonic.
|
|
149
|
+
// Use the ID that was registered in the memberStore index.
|
|
150
|
+
// In the server-generated mnemonic path, createMember() stores the member
|
|
151
|
+
// under reference.id, but the reconstructed liveMember has a different
|
|
152
|
+
// random ID. In the user-provided mnemonic path, liveMember.id is the
|
|
153
|
+
// canonical ID (though that path needs createMember support — see below).
|
|
154
|
+
// We captured the correct memberId string above for each branch, so derive
|
|
155
|
+
// the store-lookup ID from that.
|
|
156
|
+
const storeId = sp.idProvider.idFromString(memberId);
|
|
157
|
+
await this.memberStore.updateMember(storeId, {
|
|
158
|
+
id: storeId,
|
|
159
|
+
privateChanges: {
|
|
160
|
+
passwordHash,
|
|
161
|
+
passwordWrappedPrivateKey,
|
|
162
|
+
mnemonicRecovery,
|
|
163
|
+
},
|
|
164
|
+
});
|
|
165
|
+
const energyAccount = brightchain_lib_1.EnergyAccount.createWithTrialCredits(memberChecksum);
|
|
166
|
+
await this.energyStore.set(memberChecksum, energyAccount);
|
|
167
|
+
await this.sendWelcomeEmail(email, username);
|
|
168
|
+
const token = this.signToken(memberId, username, ecies_lib_1.MemberType.User);
|
|
169
|
+
// Dispose the live member to zero out private key material
|
|
170
|
+
liveMember.dispose();
|
|
171
|
+
return {
|
|
172
|
+
token,
|
|
173
|
+
memberId,
|
|
174
|
+
energyBalance: energyAccount.balance,
|
|
175
|
+
};
|
|
176
|
+
}
|
|
177
|
+
async login(credentials) {
|
|
178
|
+
const results = await this.memberStore.queryIndex({
|
|
179
|
+
name: credentials.username,
|
|
180
|
+
limit: 1,
|
|
181
|
+
});
|
|
182
|
+
if (results.length === 0) {
|
|
183
|
+
throw new Error('Invalid credentials');
|
|
184
|
+
}
|
|
185
|
+
const reference = results[0];
|
|
186
|
+
const storedHash = await this.getPasswordHash(reference.id);
|
|
187
|
+
const passwordValue = credentials.password.value;
|
|
188
|
+
if (!passwordValue) {
|
|
189
|
+
throw new Error('Password value is empty');
|
|
190
|
+
}
|
|
191
|
+
const isValid = await bcrypt.compare(passwordValue, storedHash);
|
|
192
|
+
if (!isValid) {
|
|
193
|
+
throw new Error('Invalid credentials');
|
|
194
|
+
}
|
|
195
|
+
const sp = brightchain_lib_1.ServiceProvider.getInstance();
|
|
196
|
+
const memberId = sp.idProvider.idToString(reference.id);
|
|
197
|
+
const idRawBytes = sp.idProvider.toBytes(reference.id);
|
|
198
|
+
const memberChecksum = sp.checksumService.calculateChecksum(idRawBytes);
|
|
199
|
+
const energyAccount = await this.energyStore.getOrCreate(memberChecksum);
|
|
200
|
+
const token = this.signToken(memberId, credentials.username, reference.type);
|
|
201
|
+
return {
|
|
202
|
+
token,
|
|
203
|
+
memberId,
|
|
204
|
+
energyBalance: energyAccount.balance,
|
|
205
|
+
};
|
|
206
|
+
}
|
|
207
|
+
signToken(memberId, username, type) {
|
|
208
|
+
const payload = {
|
|
209
|
+
memberId,
|
|
210
|
+
username,
|
|
211
|
+
type,
|
|
212
|
+
};
|
|
213
|
+
return jwt.sign(payload, this.jwtSecret, {
|
|
214
|
+
expiresIn: '7d',
|
|
215
|
+
});
|
|
216
|
+
}
|
|
217
|
+
async verifyToken(token) {
|
|
218
|
+
try {
|
|
219
|
+
const decoded = jwt.verify(token, this.jwtSecret);
|
|
220
|
+
return decoded;
|
|
221
|
+
}
|
|
222
|
+
catch {
|
|
223
|
+
throw new Error('Invalid token');
|
|
224
|
+
}
|
|
225
|
+
}
|
|
226
|
+
async storePasswordHash(memberId, hash) {
|
|
227
|
+
await this.memberStore.updateMember(memberId, {
|
|
228
|
+
id: memberId,
|
|
229
|
+
privateChanges: {
|
|
230
|
+
passwordHash: hash,
|
|
231
|
+
},
|
|
232
|
+
});
|
|
233
|
+
}
|
|
234
|
+
async getPasswordHash(memberId) {
|
|
235
|
+
const profile = await this.memberStore.getMemberProfile(memberId);
|
|
236
|
+
const passwordHash = profile.privateProfile?.passwordHash;
|
|
237
|
+
if (!passwordHash) {
|
|
238
|
+
throw new Error('No password hash found for member');
|
|
239
|
+
}
|
|
240
|
+
return passwordHash;
|
|
241
|
+
}
|
|
242
|
+
async changePassword(memberId, currentPassword, newPassword) {
|
|
243
|
+
const storedHash = await this.getPasswordHash(memberId);
|
|
244
|
+
const isValid = await bcrypt.compare(currentPassword, storedHash);
|
|
245
|
+
if (!isValid) {
|
|
246
|
+
throw new Error('Invalid credentials');
|
|
247
|
+
}
|
|
248
|
+
const newHash = await bcrypt.hash(newPassword, BCRYPT_ROUNDS);
|
|
249
|
+
await this.storePasswordHash(memberId, newHash);
|
|
250
|
+
}
|
|
251
|
+
async recoverWithMnemonic(email, mnemonic, newPassword) {
|
|
252
|
+
if (!this.authProvider) {
|
|
253
|
+
throw new Error('Authentication provider not configured');
|
|
254
|
+
}
|
|
255
|
+
const result = await this.authProvider.authenticateWithMnemonic(email, mnemonic);
|
|
256
|
+
const memberId = result.userId;
|
|
257
|
+
const member = result.userMember;
|
|
258
|
+
const token = this.signToken(memberId, member.name, member.type);
|
|
259
|
+
if (newPassword) {
|
|
260
|
+
const newHash = await bcrypt.hash(newPassword, BCRYPT_ROUNDS);
|
|
261
|
+
await this.storePasswordHash(member.id, newHash);
|
|
262
|
+
}
|
|
263
|
+
return {
|
|
264
|
+
token,
|
|
265
|
+
memberId,
|
|
266
|
+
passwordReset: !!newPassword,
|
|
267
|
+
};
|
|
268
|
+
}
|
|
269
|
+
/**
|
|
270
|
+
* Override in subclasses to send a welcome email via your preferred service.
|
|
271
|
+
* Default implementation logs to console.
|
|
272
|
+
*/
|
|
273
|
+
async sendWelcomeEmail(email, username) {
|
|
274
|
+
console.log(`[BrightDbAuthService] Would send welcome email to ${email} for ${username}`);
|
|
275
|
+
}
|
|
276
|
+
}
|
|
277
|
+
exports.BrightDbAuthService = BrightDbAuthService;
|
|
278
|
+
//# sourceMappingURL=auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../../../brightchain-node-express-suite/src/lib/services/auth.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;;AAEH,kEASsC;AACtC,0DAIoC;AACpC,oEAIyC;AACzC,4EAG6C;AAC7C,oEAEyC;AAEzC,uDAAiC;AACjC,mCAAgD;AAChD,0DAAoC;AAOpC,MAAM,aAAa,GAAG,EAAE,CAAC;AAEzB;;;;;;GAMG;AACH,MAAa,mBAAmB;IACpB,WAAW,CAAc;IACzB,WAAW,CAAqB;IAChC,SAAS,CAAS;IAClB,YAAY,CAAuC;IAC1C,WAAW,CAA4B;IAE1D,YACE,WAAsC,EACtC,WAAwB,EACxB,WAA+B,EAC/B,SAAiB,EACjB,YAAkD;QAElD,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IACnC,CAAC;IAED,KAAK,CAAC,QAAQ,CACZ,QAAgB,EAChB,KAAa,EACb,QAAsB,EACtB,QAAuB;QAEvB,4BAA4B;QAC5B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;QAC9D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAC9C,CAAC;QAED,uCAAuC;QACvC,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC;QACrC,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QACD,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;QAErE,MAAM,EAAE,GAAG,iCAAe,CAAC,WAAW,EAAE,CAAC;QAEzC,8DAA8D;QAC9D,IAAI,UAAuB,CAAC;QAC5B,IAAI,cAA4B,CAAC;QACjC,IAAI,QAAgB,CAAC;QACrB,IAAI,cAAwB,CAAC;QAE7B,IAAI,QAAQ,EAAE,KAAK,EAAE,CAAC;YACpB,oEAAoE;YACpE,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;YAEtC,2EAA2E;YAC3E,IAAI,CAAC,qBAAa,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC/C,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YAC7C,CAAC;YAED,wBAAwB;YACxB,MAAM,aAAa,GACjB,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;YAC3D,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;YAC5D,CAAC;YACD,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;iBACjE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;iBACrC,MAAM,CAAC,KAAK,CAAC,CAAC;YAEjB,8DAA8D;YAC9D,MAAM,mBAAmB,GAAG,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,UAAU,CAExD,WAAW,CAAC,CAAC;YACf,MAAM,YAAY,GAAG,MAAM,mBAAmB,CAAC,OAAO,CAAC;gBACrD,IAAI;aACI,CAAC,CAAC;YACZ,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,IAAI,uCAAsB,CAC9B,0BAAqD,CACtD,CAAC;YACJ,CAAC;YAED,uEAAuE;YACvE,6DAA6D;YAC7D,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,gBAAgB,EAAE,GAC1D,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC;gBAClC,IAAI,EAAE,sBAAU,CAAC,IAAI;gBACrB,IAAI,EAAE,QAAQ;gBACd,YAAY,EAAE,IAAI,6BAAW,CAAC,KAAK,CAAC;gBACpC,aAAa,EAAE,IAAI,wBAAY,CAAC,OAAO,CAAC;aACzC,CAAC,CAAC;YACL,cAAc,GAAG,gBAAgB,CAAC;YAElC,MAAM,UAAU,GAAG,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;YACzD,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;YACpD,cAAc,GAAG,EAAE,CAAC,eAAe,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAElE,2EAA2E;YAC3E,6DAA6D;YAC7D,MAAM,YAAY,GAAG,EAAE,CAAC,YAA4C,CAAC;YACrE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,uBAAM,CAAC,SAAS,CAChD,YAAY,EACZ,sBAAU,CAAC,IAAI,EACf,QAAQ,EACR,IAAI,6BAAW,CAAC,KAAK,CAAC,EACtB,IAAI,wBAAY,CAAC,OAAO,CAAC,CAC1B,CAAC;YACF,UAAU,GAAG,aAAa,CAAC;YAE3B,oEAAoE;YACpE,MAAM,mBAAmB,CAAC,MAAM,CAAC;gBAC/B,GAAG,EAAE,IAAA,mBAAU,GAAE;gBACjB,IAAI;aACI,CAAC,CAAC;QACd,CAAC;aAAM,CAAC;YACN,oEAAoE;YACpE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,EAAE,GAC9C,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC;gBAClC,IAAI,EAAE,sBAAU,CAAC,IAAI;gBACrB,IAAI,EAAE,QAAQ;gBACd,YAAY,EAAE,IAAI,6BAAW,CAAC,KAAK,CAAC;aACrC,CAAC,CAAC;YAEL,MAAM,UAAU,GAAG,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;YACvD,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;YAClD,cAAc,GAAG,EAAE,CAAC,eAAe,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAElE,uEAAuE;YACvE,qEAAqE;YACrE,mEAAmE;YACnE,MAAM,YAAY,GAChB,EAAE,CAAC,YAA4D,CAAC;YAClE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,uBAAM,CAAC,SAAS,CAChD,YAAY,EACZ,sBAAU,CAAC,IAAI,EACf,QAAQ,EACR,IAAI,6BAAW,CAAC,KAAK,CAAC,EACtB,iBAAiB,CAClB,CAAC;YACF,UAAU,GAAG,aAAa,CAAC;YAC3B,cAAc,GAAG,iBAAiB,CAAC;QACrC,CAAC;QAED,sEAAsE;QAEtE,uDAAuD;QACvD,IAAI,yBAAiE,CAAC;QACtE,IAAI,UAAU,CAAC,UAAU,EAAE,CAAC;YAC1B,MAAM,kBAAkB,GAAG,IAAI,uCAAkB,EAAE,CAAC;YACpD,MAAM,OAAO,GAAG,kBAAkB,CAAC,UAAU,CAC3C,UAAU,CAAC,UAAU,EACrB,QAAQ,EACR,IAAI,CAAC,WAAW,CAAC,SAAS,CAC3B,CAAC;YACF,yBAAyB,GAAG;gBAC1B,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,CAAC;QACJ,CAAC;QAED,mEAAmE;QACnE,oEAAoE;QACpE,MAAM,UAAU,GAAG,sCAAiB,CAAC,aAAa;QAChD,8DAA8D;QAC9D,IAAI,CAAC,WAAW,CAAC,WAAkB,EACnC,IAAI,CAAC,WAAW,CAAC,SAAS,CAC3B,CAAC;QACF,MAAM,gBAAgB,GAAG,CACvB,MAAM,UAAU,CAAC,WAAW,CAC1B,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,IAAI,EAAE,EAAE,OAAO,CAAC,CACjD,CACF,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAElB,oEAAoE;QACpE,2DAA2D;QAC3D,0EAA0E;QAC1E,uEAAuE;QACvE,sEAAsE;QACtE,0EAA0E;QAC1E,2EAA2E;QAC3E,iCAAiC;QACjC,MAAM,OAAO,GAAG,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QACrD,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,OAAO,EAAE;YAC3C,EAAE,EAAE,OAAO;YACX,cAAc,EAAE;gBACd,YAAY;gBACZ,yBAAyB;gBACzB,gBAAgB;aACjB;SACF,CAAC,CAAC;QAEH,MAAM,aAAa,GAAG,+BAAa,CAAC,sBAAsB,CAAC,cAAc,CAAC,CAAC;QAC3E,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;QAE1D,MAAM,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QAE7C,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,QAAQ,EAAE,sBAAU,CAAC,IAAI,CAAC,CAAC;QAElE,2DAA2D;QAC3D,UAAU,CAAC,OAAO,EAAE,CAAC;QAErB,OAAO;YACL,KAAK;YACL,QAAQ;YACR,aAAa,EAAE,aAAa,CAAC,OAAO;SACrC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,WAA6B;QACvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC;YAChD,IAAI,EAAE,WAAW,CAAC,QAAQ;YAC1B,KAAK,EAAE,CAAC;SACT,CAAC,CAAC;QAEH,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE7B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,EAAoB,CAAC,CAAC;QAC9E,MAAM,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC;QACjD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;QAChE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,EAAE,GAAG,iCAAe,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACxD,MAAM,UAAU,GAAG,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACvD,MAAM,cAAc,GAAG,EAAE,CAAC,eAAe,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;QAExE,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAEzE,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAC1B,QAAQ,EACR,WAAW,CAAC,QAAQ,EACpB,SAAS,CAAC,IAAI,CACf,CAAC;QAEF,OAAO;YACL,KAAK;YACL,QAAQ;YACR,aAAa,EAAE,aAAa,CAAC,OAAO;SACrC,CAAC;IACJ,CAAC;IAED,SAAS,CAAC,QAAgB,EAAE,QAAgB,EAAE,IAAgB;QAC5D,MAAM,OAAO,GAAuC;YAClD,QAAQ;YACR,QAAQ;YACR,IAAI;SACL,CAAC;QAEF,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,EAAE;YACvC,SAAS,EAAE,IAAI;SAChB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAa;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAkB,CAAC;YACnE,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,QAAa,EAAE,IAAY;QACjD,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,QAAiC,EAAE;YACrE,EAAE,EAAE,QAAiC;YACrC,cAAc,EAAE;gBACd,YAAY,EAAE,IAAI;aACnB;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,QAAa;QACjC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,gBAAgB,CAAC,QAAiC,CAAC,CAAC;QAC3F,MAAM,YAAY,GAAG,OAAO,CAAC,cAAc,EAAE,YAAY,CAAC;QAC1D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACvD,CAAC;QACD,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,QAAa,EACb,eAAuB,EACvB,WAAmB;QAEnB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACxD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAClE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QAC9D,MAAM,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,mBAAmB,CACvB,KAAa,EACb,QAAsB,EACtB,WAAoB;QAEpB,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAC7D,KAAK,EACL,QAAQ,CACT,CAAC;QAEF,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC;QAC/B,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC;QAEjC,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;QAEjE,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;YAC9D,MAAM,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QACnD,CAAC;QAED,OAAO;YACL,KAAK;YACL,QAAQ;YACR,aAAa,EAAE,CAAC,CAAC,WAAW;SAC7B,CAAC;IACJ,CAAC;IAED;;;OAGG;IACO,KAAK,CAAC,gBAAgB,CAC9B,KAAa,EACb,QAAgB;QAEhB,OAAO,CAAC,GAAG,CACT,qDAAqD,KAAK,QAAQ,QAAQ,EAAE,CAC7E,CAAC;IACJ,CAAC;CACF;AA3VD,kDA2VC"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import type { BrightDb } from '@brightchain/db';
|
|
2
|
+
import type { SecureString } from '@digitaldefiance/ecies-lib';
|
|
2
3
|
import type { PlatformID } from '@digitaldefiance/node-ecies-lib';
|
|
3
|
-
import type { IAuthenticatedUser, IAuthenticationProvider } from '@digitaldefiance/node-express-suite';
|
|
4
|
+
import type { IAuthenticatedUser, IAuthenticationProvider, ICryptoAuthResult } from '@digitaldefiance/node-express-suite';
|
|
4
5
|
import type { IRequestUserDTO, ITokenUser } from '@digitaldefiance/suite-core-lib';
|
|
5
6
|
/**
|
|
6
7
|
* Generic BrightDB-backed authentication provider.
|
|
@@ -27,5 +28,16 @@ export declare class BrightDbAuthenticationProvider<TID extends PlatformID = Buf
|
|
|
27
28
|
* Verify a JWT token and return the decoded user.
|
|
28
29
|
*/
|
|
29
30
|
verifyToken<TTokenUser extends ITokenUser = ITokenUser>(token: string): Promise<TTokenUser | null>;
|
|
31
|
+
/**
|
|
32
|
+
* Authenticate with a mnemonic and return the crypto result.
|
|
33
|
+
* Base implementation throws — subclasses (e.g. BrightChainAuthenticationProvider)
|
|
34
|
+
* override with MemberStore-backed mnemonic verification.
|
|
35
|
+
*/
|
|
36
|
+
authenticateWithMnemonic(_email: string, _mnemonic: SecureString): Promise<ICryptoAuthResult<TID>>;
|
|
37
|
+
/**
|
|
38
|
+
* Authenticate with a password and return the crypto result.
|
|
39
|
+
* Base implementation throws — subclasses override with real password verification.
|
|
40
|
+
*/
|
|
41
|
+
authenticateWithPassword(_email: string, _password: string): Promise<ICryptoAuthResult<TID>>;
|
|
30
42
|
}
|
|
31
43
|
//# sourceMappingURL=bright-db-authentication-provider.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bright-db-authentication-provider.d.ts","sourceRoot":"","sources":["../../../../../brightchain-node-express-suite/src/lib/services/bright-db-authentication-provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,KAAK,EACV,kBAAkB,EAClB,uBAAuB,
|
|
1
|
+
{"version":3,"file":"bright-db-authentication-provider.d.ts","sourceRoot":"","sources":["../../../../../brightchain-node-express-suite/src/lib/services/bright-db-authentication-provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC/D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,KAAK,EACV,kBAAkB,EAClB,uBAAuB,EACvB,iBAAiB,EAClB,MAAM,qCAAqC,CAAC;AAC7C,OAAO,KAAK,EACV,eAAe,EACf,UAAU,EACX,MAAM,iCAAiC,CAAC;AAGzC;;;;;;GAMG;AACH,qBAAa,8BAA8B,CACzC,GAAG,SAAS,UAAU,GAAG,MAAM,EAC/B,SAAS,SAAS,MAAM,GAAG,MAAM,CACjC,YAAW,uBAAuB,CAAC,GAAG,EAAE,SAAS,CAAC;IAGhD,SAAS,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ;IAC/B,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,MAAM;gBADjB,EAAE,EAAE,QAAQ,EACZ,SAAS,EAAE,MAAM;IAGtC;;;OAGG;IACG,YAAY,CAChB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,kBAAkB,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;IA2BhD;;;OAGG;IACG,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC;IA0C1E;;OAEG;IACG,WAAW,CAAC,UAAU,SAAS,UAAU,GAAG,UAAU,EAC1D,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAY7B;;;;OAIG;IACG,wBAAwB,CAC5B,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,YAAY,GACtB,OAAO,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAIlC;;;OAGG;IACG,wBAAwB,CAC5B,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;CAGnC"}
|
|
@@ -86,6 +86,21 @@ class BrightDbAuthenticationProvider {
|
|
|
86
86
|
return null;
|
|
87
87
|
}
|
|
88
88
|
}
|
|
89
|
+
/**
|
|
90
|
+
* Authenticate with a mnemonic and return the crypto result.
|
|
91
|
+
* Base implementation throws — subclasses (e.g. BrightChainAuthenticationProvider)
|
|
92
|
+
* override with MemberStore-backed mnemonic verification.
|
|
93
|
+
*/
|
|
94
|
+
async authenticateWithMnemonic(_email, _mnemonic) {
|
|
95
|
+
throw new Error('Mnemonic authentication not implemented in base provider');
|
|
96
|
+
}
|
|
97
|
+
/**
|
|
98
|
+
* Authenticate with a password and return the crypto result.
|
|
99
|
+
* Base implementation throws — subclasses override with real password verification.
|
|
100
|
+
*/
|
|
101
|
+
async authenticateWithPassword(_email, _password) {
|
|
102
|
+
throw new Error('Password authentication not implemented in base provider');
|
|
103
|
+
}
|
|
89
104
|
}
|
|
90
105
|
exports.BrightDbAuthenticationProvider = BrightDbAuthenticationProvider;
|
|
91
106
|
//# sourceMappingURL=bright-db-authentication-provider.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bright-db-authentication-provider.js","sourceRoot":"","sources":["../../../../../brightchain-node-express-suite/src/lib/services/bright-db-authentication-provider.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"bright-db-authentication-provider.js","sourceRoot":"","sources":["../../../../../brightchain-node-express-suite/src/lib/services/bright-db-authentication-provider.ts"],"names":[],"mappings":";;;AAYA,+CAAsC;AAEtC;;;;;;GAMG;AACH,MAAa,8BAA8B;IAMpB;IACA;IAFrB,YACqB,EAAY,EACZ,SAAiB;QADjB,OAAE,GAAF,EAAE,CAAU;QACZ,cAAS,GAAT,SAAS,CAAQ;IACnC,CAAC;IAEJ;;;OAGG;IACH,KAAK,CAAC,YAAY,CAChB,MAAc;QAEd,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,EAAE,CAAC,UAAU,CAOhC,OAAO,CAAC,CAAC;YAEZ,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,MAAM,EAAW,CAAC,CAAC;YACjE,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC;YAE1B,OAAO;gBACL,EAAE,EAAE,MAAM;gBACV,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,QAAQ;gBAChD,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,EAAE;gBAC1B,YAAY,EAAE,OAAO,CAAC,YAAqC;gBAC3D,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,KAAK;gBACnC,SAAS,EAAE,OAAO,CAAC,SAAS;aAC7B,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,mBAAmB,CAAC,MAAc;QACtC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,EAAE,CAAC,UAAU,CAYhC,OAAO,CAAC,CAAC;YAEZ,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,MAAM,EAAW,CAAC,CAAC;YACjE,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC;YAE1B,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,aAAa,KAAK,QAAQ,EAAE,CAAC;gBAChE,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO;gBACL,EAAE,EAAE,MAAM;gBACV,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,EAAE;gBAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,EAAE;gBAChC,KAAK,EAAE,EAAE;gBACT,cAAc,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE;gBAC3E,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,IAAI;gBAC5C,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,KAAK;gBACnC,YAAY,EAAE,OAAO,CAAC,YAAY,IAAI,IAAI;gBAC1C,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,KAAK;gBACnC,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,KAAK;gBACnC,eAAe,EAAE,OAAO,CAAC,eAAe,IAAI,KAAK;gBACjD,SAAS,EAAE,OAAO,CAAC,SAAS;aAC7B,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CACf,KAAa;QAEb,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAA,qBAAM,EAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAA4B,CAAC;YACzE,OAAO;gBACL,MAAM,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,CAAW;gBAC9E,KAAK,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,CAAwB;aAC3B,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,wBAAwB,CAC5B,MAAc,EACd,SAAuB;QAEvB,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;IAC9E,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,wBAAwB,CAC5B,MAAc,EACd,SAAiB;QAEjB,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;IAC9E,CAAC;CACF;AAhID,wEAgIC"}
|
package/src/lib/upstream.d.ts
CHANGED
|
@@ -3,6 +3,6 @@
|
|
|
3
3
|
* Consumers can import these through @brightchain/node-express-suite
|
|
4
4
|
* instead of depending on the upstream package directly.
|
|
5
5
|
*/
|
|
6
|
-
export { Application, createExpressConstants, AppRouter, } from '@digitaldefiance/node-express-suite';
|
|
7
|
-
export type { IApplication, IConstants, IAuthenticationProvider, IDatabasePlugin, IEnvironment, } from '@digitaldefiance/node-express-suite';
|
|
6
|
+
export { Application, createExpressConstants, AppRouter, AbstractJwtService, AbstractRoleService, } from '@digitaldefiance/node-express-suite';
|
|
7
|
+
export type { IApplication, IConstants, IAuthenticationProvider, IDatabasePlugin, IEnvironment, IJwtService, IRoleService, } from '@digitaldefiance/node-express-suite';
|
|
8
8
|
//# sourceMappingURL=upstream.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"upstream.d.ts","sourceRoot":"","sources":["../../../../brightchain-node-express-suite/src/lib/upstream.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EACL,WAAW,EACX,sBAAsB,EACtB,SAAS,
|
|
1
|
+
{"version":3,"file":"upstream.d.ts","sourceRoot":"","sources":["../../../../brightchain-node-express-suite/src/lib/upstream.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EACL,WAAW,EACX,sBAAsB,EACtB,SAAS,EACT,kBAAkB,EAClB,mBAAmB,GACpB,MAAM,qCAAqC,CAAC;AAE7C,YAAY,EACV,YAAY,EACZ,UAAU,EACV,uBAAuB,EACvB,eAAe,EACf,YAAY,EACZ,WAAW,EACX,YAAY,GACb,MAAM,qCAAqC,CAAC"}
|
package/src/lib/upstream.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.AppRouter = exports.createExpressConstants = exports.Application = void 0;
|
|
3
|
+
exports.AbstractRoleService = exports.AbstractJwtService = exports.AppRouter = exports.createExpressConstants = exports.Application = void 0;
|
|
4
4
|
/**
|
|
5
5
|
* Re-exports from @digitaldefiance/node-express-suite (upstream).
|
|
6
6
|
* Consumers can import these through @brightchain/node-express-suite
|
|
@@ -10,4 +10,6 @@ var node_express_suite_1 = require("@digitaldefiance/node-express-suite");
|
|
|
10
10
|
Object.defineProperty(exports, "Application", { enumerable: true, get: function () { return node_express_suite_1.Application; } });
|
|
11
11
|
Object.defineProperty(exports, "createExpressConstants", { enumerable: true, get: function () { return node_express_suite_1.createExpressConstants; } });
|
|
12
12
|
Object.defineProperty(exports, "AppRouter", { enumerable: true, get: function () { return node_express_suite_1.AppRouter; } });
|
|
13
|
+
Object.defineProperty(exports, "AbstractJwtService", { enumerable: true, get: function () { return node_express_suite_1.AbstractJwtService; } });
|
|
14
|
+
Object.defineProperty(exports, "AbstractRoleService", { enumerable: true, get: function () { return node_express_suite_1.AbstractRoleService; } });
|
|
13
15
|
//# sourceMappingURL=upstream.js.map
|
package/src/lib/upstream.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"upstream.js","sourceRoot":"","sources":["../../../../brightchain-node-express-suite/src/lib/upstream.ts"],"names":[],"mappings":";;;AAAA;;;;GAIG;AACH,
|
|
1
|
+
{"version":3,"file":"upstream.js","sourceRoot":"","sources":["../../../../brightchain-node-express-suite/src/lib/upstream.ts"],"names":[],"mappings":";;;AAAA;;;;GAIG;AACH,0EAM6C;AAL3C,iHAAA,WAAW,OAAA;AACX,4HAAA,sBAAsB,OAAA;AACtB,+GAAA,SAAS,OAAA;AACT,wHAAA,kBAAkB,OAAA;AAClB,yHAAA,mBAAmB,OAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"userValidation.d.ts","sourceRoot":"","sources":["../../../../../brightchain-node-express-suite/src/lib/validation/userValidation.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"userValidation.d.ts","sourceRoot":"","sources":["../../../../../brightchain-node-express-suite/src/lib/validation/userValidation.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,gBAAgB,EAAE,CAAC;CAC5B;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,OAAO,GAAG,iBAAiB,CA2DrE;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,OAAO,GAAG,iBAAiB,CAoB9D;AAED;;;;;;GAMG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,OAAO,GAAG,iBAAiB,CA+BvE;AAED;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,OAAO,GAAG,iBAAiB,CAqCjE"}
|
|
@@ -9,6 +9,7 @@ exports.validateRegistration = validateRegistration;
|
|
|
9
9
|
exports.validateLogin = validateLogin;
|
|
10
10
|
exports.validatePasswordChange = validatePasswordChange;
|
|
11
11
|
exports.validateRecovery = validateRecovery;
|
|
12
|
+
const ecies_lib_1 = require("@digitaldefiance/ecies-lib");
|
|
12
13
|
/**
|
|
13
14
|
* Validates a registration request body.
|
|
14
15
|
* - username: non-empty, alphanumeric/hyphens/underscores only
|
|
@@ -47,6 +48,26 @@ function validateRegistration(body) {
|
|
|
47
48
|
message: 'Password must be at least 8 characters',
|
|
48
49
|
});
|
|
49
50
|
}
|
|
51
|
+
// Optional mnemonic validation (Requirements: 2.1, 2.2, 2.3, 2.4)
|
|
52
|
+
const mnemonic = data['mnemonic'];
|
|
53
|
+
if (mnemonic !== undefined && mnemonic !== null) {
|
|
54
|
+
if (typeof mnemonic !== 'string' || mnemonic.trim().length === 0) {
|
|
55
|
+
errors.push({
|
|
56
|
+
field: 'mnemonic',
|
|
57
|
+
message: 'Mnemonic must be a non-empty string',
|
|
58
|
+
});
|
|
59
|
+
}
|
|
60
|
+
else {
|
|
61
|
+
const trimmed = mnemonic.trim();
|
|
62
|
+
// MnemonicRegex validates 12/15/18/21/24 word BIP39 format
|
|
63
|
+
if (!ecies_lib_1.Constants.MnemonicRegex.test(trimmed)) {
|
|
64
|
+
errors.push({
|
|
65
|
+
field: 'mnemonic',
|
|
66
|
+
message: 'Invalid mnemonic format: must be 12, 15, 18, 21, or 24 words',
|
|
67
|
+
});
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
}
|
|
50
71
|
return { valid: errors.length === 0, errors };
|
|
51
72
|
}
|
|
52
73
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"userValidation.js","sourceRoot":"","sources":["../../../../../brightchain-node-express-suite/src/lib/validation/userValidation.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;
|
|
1
|
+
{"version":3,"file":"userValidation.js","sourceRoot":"","sources":["../../../../../brightchain-node-express-suite/src/lib/validation/userValidation.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAmBH,oDA2DC;AAOD,sCAoBC;AASD,wDA+BC;AAUD,4CAqCC;AA9LD,0DAAwE;AAWxE;;;;;GAKG;AACH,SAAgB,oBAAoB,CAAC,IAAa;IAChD,MAAM,MAAM,GAAuB,EAAE,CAAC;IACtC,MAAM,IAAI,GAAG,IAA+B,CAAC;IAE7C,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;IAClC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC;IAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;IAElC,IACE,CAAC,QAAQ;QACT,OAAO,QAAQ,KAAK,QAAQ;QAC5B,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAC5B,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC,CAAC;IACtE,CAAC;SAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9C,MAAM,CAAC,IAAI,CAAC;YACV,KAAK,EAAE,UAAU;YACjB,OAAO,EACL,8EAA8E;SACjF,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,mBAAmB,EAAE,CAAC,CAAC;IAChE,CAAC;SAAM,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACrD,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9C,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC,CAAC;IACtE,CAAC;SAAM,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,MAAM,CAAC,IAAI,CAAC;YACV,KAAK,EAAE,UAAU;YACjB,OAAO,EAAE,wCAAwC;SAClD,CAAC,CAAC;IACL,CAAC;IAED,kEAAkE;IAClE,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;IAClC,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QAChD,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjE,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,UAAU;gBACjB,OAAO,EAAE,qCAAqC;aAC/C,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;YAChC,2DAA2D;YAC3D,IAAI,CAAC,qBAAa,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC/C,MAAM,CAAC,IAAI,CAAC;oBACV,KAAK,EAAE,UAAU;oBACjB,OAAO,EACL,8DAA8D;iBACjE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAC,IAAa;IACzC,MAAM,MAAM,GAAuB,EAAE,CAAC;IACtC,MAAM,IAAI,GAAG,IAA+B,CAAC;IAE7C,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;IAElC,IACE,CAAC,QAAQ;QACT,OAAO,QAAQ,KAAK,QAAQ;QAC5B,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAC5B,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9C,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,sBAAsB,CAAC,IAAa;IAClD,MAAM,MAAM,GAAuB,EAAE,CAAC;IACtC,MAAM,IAAI,GAAG,IAA+B,CAAC;IAE7C,MAAM,eAAe,GAAG,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAChD,MAAM,WAAW,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;IAExC,IACE,CAAC,eAAe;QAChB,OAAO,eAAe,KAAK,QAAQ;QACnC,eAAe,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EACnC,CAAC;QACD,MAAM,CAAC,IAAI,CAAC;YACV,KAAK,EAAE,iBAAiB;YACxB,OAAO,EAAE,8BAA8B;SACxC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,WAAW,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;QACpD,MAAM,CAAC,IAAI,CAAC;YACV,KAAK,EAAE,aAAa;YACpB,OAAO,EAAE,0BAA0B;SACpC,CAAC,CAAC;IACL,CAAC;SAAM,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC;YACV,KAAK,EAAE,aAAa;YACpB,OAAO,EAAE,4CAA4C;SACtD,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,gBAAgB,CAAC,IAAa;IAC5C,MAAM,MAAM,GAAuB,EAAE,CAAC;IACtC,MAAM,IAAI,GAAG,IAA+B,CAAC;IAE7C,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC;IAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;IAClC,MAAM,WAAW,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;IAExC,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,mBAAmB,EAAE,CAAC,CAAC;IAChE,CAAC;SAAM,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACrD,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,IACE,CAAC,QAAQ;QACT,OAAO,QAAQ,KAAK,QAAQ;QAC5B,QAAQ,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAC5B,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;QACtD,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,aAAa;gBACpB,OAAO,EAAE,+BAA+B;aACzC,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClC,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,aAAa;gBACpB,OAAO,EAAE,4CAA4C;aACtD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC"}
|