@dalmore/api-contracts 1.0.7 → 1.0.8

package/src/common/types/asset.types.ts

@@ -0,0 +1,338 @@
+import { extendZodWithOpenApi } from '@anatine/zod-openapi';
+import { TypeID } from 'typeid-js';
+import { z } from 'zod';
+import { accountIdSchema } from './account.types';
+import {
+  AccountZod,
+  AssetType,
+  DurationType,
+  IPaginationMeta,
+  SortBy,
+  SortOrder,
+} from './common.types';
+import { IBaseEntity } from './entity.types';
+import { IOffering, offeringIdSchema } from './offering.types';
+import { issuerIdSchema } from './issuer.types';
+
+extendZodWithOpenApi(z);
+
+export const assetIdSchema = z.string().refine(
+  (value) => {
+    try {
+      const tid = TypeID.fromString(value);
+      return tid.getType() === 'asset';
+    } catch {
+      return false;
+    }
+  },
+  {
+    message: `Invalid asset ID format. Must be a valid TypeID with "asset" prefix. Example: asset_01j5y5ghx5fg68d663j1fvy2x7`,
+  },
+);
+export enum TemplateType {
+  STANDARD = 'STANDARD',
+  TIERED = 'TIERED',
+}
+
+export const IAsset = IBaseEntity.extend({
+  id: assetIdSchema,
+  name: z.string(),
+  type: z.nativeEnum(AssetType).nullable(),
+  pricePerUnit: z.number().nullable(),
+  totalUnits: z.number().nullable(),
+  totalAmount: z.number().nullable(),
+  yield: z.number().nullable(),
+  duration: z.number().nullable(),
+  durationType: z.nativeEnum(DurationType).nullable(),
+  accountId: z.string(),
+  account: AccountZod.optional().nullable(),
+  offeringId: z.string(),
+  offering: z
+    .lazy(() => IOffering)
+    .optional()
+    .nullable(), // Use z.lazy here
+  template: z.nativeEnum(TemplateType),
+  tiers: z.array(z.number().positive()).nullable(),
+  enableBonus: z.boolean(),
+});
+
+export type IAsset = z.infer<typeof IAsset>;
+
+export const IPaginatedAsset = z.object({
+  items: z.array(IAsset),
+  meta: IPaginationMeta,
+});
+export type IPaginatedAsset = z.infer<typeof IPaginatedAsset>;
+
+const PostAssetBase = z.object({
+  offeringId: z
+    .lazy(() => offeringIdSchema)
+    .openapi({ example: 'offering_01jayn2qkpeebav9gjpqx7xm8j' }),
+  name: z.string().min(2).max(50).openapi({ example: 'Asset name' }),
+  type: z.nativeEnum(AssetType).openapi({ example: AssetType.STOCK }),
+  pricePerUnit: z
+    .number()
+    .min(0.01)
+    .max(10000000000)
+    .nullable()
+    .openapi({ example: 2000 }),
+  totalUnits: z
+    .number()
+    .min(1)
+    .max(10000000000)
+    .nullable()
+    .openapi({ example: 5200 }),
+  yield: z
+    .number()
+    .min(0.01)
+    .max(10000000000)
+    .nullable()
+    .optional()
+    .openapi({ example: 1200 }),
+  duration: z
+    .number()
+    .min(1)
+    .max(1000)
+    .nullable()
+    .optional()
+    .openapi({ example: 1 }),
+  durationType: z
+    .nativeEnum(DurationType)
+    .nullable()
+    .optional()
+    .openapi({ example: DurationType.DAY }),
+  template: z
+    .nativeEnum(TemplateType)
+    .default(TemplateType.STANDARD)
+    .openapi({ example: TemplateType.STANDARD }),
+  tiers: z.array(z.number().positive()).nullable().optional(),
+  enableBonus: z.boolean().default(false).openapi({ example: false }),
+});
+
+const postAssetRefinement = (data: any, ctx: any) => {
+  // If type is bond, yield and duration must be provided (cannot be null or undefined)
+  if (data.type === AssetType.BOND) {
+    if (data.yield === null || data.yield === undefined) {
+      ctx.addIssue({
+        path: ['yield'],
+        message:
+          'Yield is required for bond type and cannot be null or undefined',
+        code: z.ZodIssueCode.custom,
+      });
+    }
+    if (data.duration === null || data.duration === undefined) {
+      ctx.addIssue({
+        path: ['duration'],
+        message:
+          'Duration is required for bond type and cannot be null or undefined',
+        code: z.ZodIssueCode.custom,
+      });
+    }
+    if (data.durationType === null || data.durationType === undefined) {
+      ctx.addIssue({
+        path: ['durationType'],
+        message:
+          'Duration type is required for bond type and cannot be null or undefined',
+        code: z.ZodIssueCode.custom,
+      });
+    }
+  }
+
+  // If type is stock, yield and duration must be either null or undefined
+  if (data.type === AssetType.STOCK) {
+    if (data.yield !== null && data.yield !== undefined) {
+      ctx.addIssue({
+        path: ['yield'],
+        message: 'Yield must not be provided for stock type',
+        code: z.ZodIssueCode.custom,
+      });
+    }
+    if (data.duration !== null && data.duration !== undefined) {
+      ctx.addIssue({
+        path: ['duration'],
+        message: 'Duration must not be provided for stock type',
+        code: z.ZodIssueCode.custom,
+      });
+    }
+    if (data.durationType !== null && data.durationType !== undefined) {
+      ctx.addIssue({
+        path: ['durationType'],
+        message: 'Duration type must not be provided for stock type',
+        code: z.ZodIssueCode.custom,
+      });
+    }
+  }
+  if (data.template === TemplateType.TIERED) {
+    if (data.tiers === null || data.tiers === undefined) {
+      ctx.addIssue({
+        path: ['tiers'],
+        message: 'Tiers must be provided for TIERED template',
+        code: z.ZodIssueCode.custom,
+      });
+    }
+  }
+  // If template is STANDARD, tiers must be null or undefined
+  if (data.template === TemplateType.STANDARD) {
+    if (data.tiers !== null && data.tiers !== undefined) {
+      ctx.addIssue({
+        path: ['tiers'],
+        message: 'Tiers must not be provided for STANDARD template',
+        code: z.ZodIssueCode.custom,
+      });
+    }
+  }
+};
+
+export const PostAsset = PostAssetBase.superRefine(postAssetRefinement);
+
+export type PostAsset = z.infer<typeof PostAsset>;
+
+export const CompliancePostAsset = PostAssetBase.extend({
+  accountId: accountIdSchema,
+}).superRefine(postAssetRefinement);
+
+export type CompliancePostAsset = z.infer<typeof CompliancePostAsset>;
+
+export const PutAsset = z.object({
+  name: z.string().min(2).max(50).optional().openapi({ example: 'Z' }),
+  type: z
+    .nativeEnum(AssetType)
+    .optional()
+    .openapi({ example: AssetType.STOCK }),
+  pricePerUnit: z
+    .number()
+    .min(0.01)
+    .max(10000000000)
+    .nullable()
+    .optional()
+    .openapi({ example: 2000 }),
+  totalUnits: z
+    .number()
+    .min(1)
+    .max(10000000000)
+    .nullable()
+    .optional()
+    .openapi({ example: 5200 }),
+  yield: z
+    .number()
+    .min(0.01)
+    .max(10000000000)
+    .nullable()
+    .optional()
+    .openapi({ example: 1200 }),
+  duration: z
+    .number()
+    .min(1)
+    .max(1000)
+    .nullable()
+    .optional()
+    .openapi({ example: 1 }),
+  durationType: z
+    .nativeEnum(DurationType)
+    .nullable()
+    .optional()
+    .openapi({ example: DurationType.DAY }),
+  template: z
+    .nativeEnum(TemplateType)
+    .default(TemplateType.STANDARD)
+    .openapi({ example: TemplateType.STANDARD })
+    .nullable()
+    .optional(),
+  tiers: z.array(z.number().positive()).nullable().optional(),
+  enableBonus: z.boolean().optional().openapi({ example: false }),
+});
+
+export type PutAsset = z.infer<typeof PutAsset>;
+
+export const CompliancePutAsset = PutAsset.merge(
+  z.object({ accountId: accountIdSchema }),
+);
+export type CompliancePutAsset = z.infer<typeof CompliancePutAsset>;
+
+const assetsInclude = z.enum(['account', 'offering', 'bonusTiers']);
+
+export const AssetsIncludeQuery = z.object({
+  include: z
+    .string()
+    .optional()
+    .transform((str) => (str ? str.split(',') : []))
+    .refine(
+      (includes) =>
+        includes.every((include) =>
+          assetsInclude.options.includes(include as any),
+        ),
+      {
+        message: `Invalid include option provided. Valid options are: ${assetsInclude.options.join(', ')}`,
+      },
+    )
+    .openapi({
+      example: `${assetsInclude.options.join(', ')}`,
+    }),
+});
+export interface AssetsIncludeQuery
+  extends z.infer<typeof AssetsIncludeQuery> {}
+
+export const AssetFiltersZod = z.object({
+  name: z.string().optional(),
+  accountId: accountIdSchema.optional(),
+  offeringId: z
+    .lazy(() => offeringIdSchema)
+    .openapi({ example: 'offering_01jayn2qkpeebav9gjpqx7xm8j' })
+    .optional(),
+  issuerId: z.lazy(() => issuerIdSchema).optional(),
+  type: z.nativeEnum(AssetType).optional(),
+});
+export type AssetFiltersZod = z.infer<typeof AssetFiltersZod>;
+
+export const AssetSortZod = z.object({
+  sort: z.enum([SortBy.NAME, SortBy.CREATED_AT, SortBy.UPDATED_AT]).optional(),
+  dir: z.nativeEnum(SortOrder).optional(),
+});
+export type AssetSortZod = z.infer<typeof AssetSortZod>;
+
+const BaseAssetSummarySchema = z.object({
+  id: z.string(),
+  name: z.string(),
+  accountId: accountIdSchema,
+  offeringId: offeringIdSchema,
+  issuerId: z.lazy(() => issuerIdSchema).nullable(),
+  pricePerUnit: z.number().nullable(),
+  totalUnits: z.number().nullable(),
+});
+
+export const StockAssetSchema = BaseAssetSummarySchema.extend({
+  type: z.literal(AssetType.STOCK),
+});
+export type StockAssetSchema = z.infer<typeof StockAssetSchema>;
+
+const BondAssetSchema = BaseAssetSummarySchema.extend({
+  type: z.literal(AssetType.BOND).nullable(),
+  yield: z.number().nullable(),
+  duration: z.number().nullable(),
+  durationType: z.nativeEnum(DurationType).nullable(),
+});
+
+export const AssetSummarySchema = z.discriminatedUnion('type', [
+  StockAssetSchema,
+  BondAssetSchema,
+]);
+export type AssetSummarySchema = z.infer<typeof AssetSummarySchema>;
+
+export const IPaginatedAssetSummary = z.object({
+  items: z.array(AssetSummarySchema),
+  meta: IPaginationMeta,
+});
+
+export type IPaginatedAssetSummary = z.infer<typeof IPaginatedAssetSummary>;
+
+export const AssetSummaryFiltersZod = z.object({
+  accountId: accountIdSchema.optional(),
+  issuerId: z.lazy(() => issuerIdSchema).optional(),
+  offeringId: z
+    .lazy(() => offeringIdSchema)
+    .openapi({ example: 'offering_01jayn2qkpeebav9gjpqx7xm8j' })
+    .optional(),
+  type: z.nativeEnum(AssetType),
+  name: z.string().optional(),
+});
+export type AssetSummaryFiltersZod = z.infer<typeof AssetSummaryFiltersZod>;

package/src/common/types/auth.types.ts

@@ -0,0 +1,370 @@
+import { z } from 'zod';
+import { extendZodWithOpenApi } from '@anatine/zod-openapi';
+import { accountIdSchema } from './account.types';
+import { PasswordSchema } from './password.type';
+import { inviteIdSchema } from './invite.types';
+import {
+  PortalType,
+  ManagedByType,
+  UserRole,
+  createUrlSchema,
+} from './common.types';
+import { TypeID } from 'typeid-js';
+import { TwoFactorMethod } from './sms.types';
+import { PhoneZodSchema } from './phone.type';
+
+extendZodWithOpenApi(z);
+
+export const userLoginIdSchema = z.string().refine(
+  (value) => {
+    try {
+      const tid = TypeID.fromString(value);
+      return tid.getType() === 'user_login';
+    } catch {
+      return false;
+    }
+  },
+  {
+    message:
+      'Invalid user ID format. Must be a valid TypeID with "user_login" prefix.',
+  },
+);
+
+export enum AuthProvider {
+  EMAIL = 'email',
+}
+
+const isBase64 = (v: string) => {
+  if (v.length % 4 !== 0) {
+    return false;
+  }
+  try {
+    return btoa(atob(v)) === v;
+  } catch (err) {
+    return false;
+  }
+};
+
+const BaseAuthBody = z.object({
+  firstName: z
+    .string()
+    .min(2, 'firstName is less than 2 characters')
+    .max(20, 'firstName is more than 20 characters')
+    .openapi({
+      example: 'Neil',
+    }),
+  lastName: z
+    .string()
+    .min(2, 'lastName is less than 2 characters')
+    .max(20, 'lastName is more than 20 characters')
+    .openapi({
+      example: 'Armstrong',
+    }),
+  email: z
+    .string()
+    .email()
+    .transform((val) => val.toLowerCase())
+    .openapi({
+      example: 'neil@dalmoregroup.com',
+    }),
+  password: PasswordSchema,
+});
+
+export const IRegisterBodyZod = BaseAuthBody.extend({
+  code: z
+    .string()
+    .refine(isBase64, {
+      message: 'Must be a valid base64 encoded string',
+    })
+    .openapi({
+      example: 'eyJpdiI6InhhTFIyVG9ETnhnUzQ1QzUyNzRJenc9PSIsI',
+    }),
+});
+
+export const IChangePasswordBodyZod = z
+  .object({
+    currentPassword: z.string().min(6).openapi({
+      example: 'Secretpassword6#',
+    }),
+    newPassword: PasswordSchema,
+    newPasswordConfirm: PasswordSchema,
+  })
+  .refine((data) => data.currentPassword !== data.newPassword, {
+    message: 'New password must be different from current password',
+    path: ['newPassword'],
+  })
+  .refine((data) => data.newPassword === data.newPasswordConfirm, {
+    message: 'Password confirmation does not match new password',
+    path: ['newPasswordConfirm'],
+  });
+
+export const LoginBody = z.object({
+  email: z
+    .string()
+    .email()
+    .transform((val) => val.toLowerCase())
+    .openapi({
+      example: 'neil@dalmoregroup.com',
+    }),
+  password: z.string().openapi({
+    example: 'Secretpassword6#',
+  }),
+  rememberMe: z.boolean().optional().default(false).openapi({
+    example: true,
+  }),
+  twoFactorMethod: z.nativeEnum(TwoFactorMethod).optional().openapi({
+    example: 'SMS',
+  }),
+});
+export type LoginBody = z.infer<typeof LoginBody>;
+
+export const LoginBody2FA = z.object({
+  token: z.string().min(6).max(14).openapi({
+    example: 'neil@dalmoregroup.com',
+  }),
+  temporaryToken: z.string().min(1).openapi({
+    example: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9',
+  }),
+  rememberMe: z.boolean().optional().default(false).openapi({
+    example: true,
+  }),
+});
+export type LoginBody2FA = z.infer<typeof LoginBody>;
+
+export const LoginBodyInvestors = LoginBody.extend({
+  site: z.string().openapi({ site: 'example.com' }),
+});
+export type LoginBodyInvestors = z.infer<typeof LoginBodyInvestors>;
+
+export const LoginBodyIssuers = LoginBody.extend({
+  accountId: accountIdSchema.openapi({
+    accountId: 'account_00041061050r3gg28a1c60t3gf',
+  }),
+});
+export type LoginBodyIssuers = z.infer<typeof LoginBodyIssuers>;
+
+export const SelectAccountIssuers = LoginBody;
+export type SelectAccountIssuers = z.infer<typeof SelectAccountIssuers>;
+
+export const SelectAccountIssuersResponse = z.object({
+  invites: z.array(
+    z.object({
+      id: inviteIdSchema.openapi({
+        example: 'invite_00041061050r3gg28a1c60t3gf',
+      }),
+      name: z.string().openapi({ example: 'Example Account' }),
+      accountId: accountIdSchema.nullable().openapi({
+        example: 'account_00041061050r3gg28a1c60t3gf',
+      }),
+      role: z
+        .nativeEnum(UserRole)
+        .nullable()
+        .openapi({ example: UserRole.MARKETER }),
+    }),
+  ),
+  accounts: z.array(
+    z.object({
+      id: accountIdSchema.openapi({
+        example: 'account_00041061050r3gg28a1c60t3gf',
+      }),
+      name: z.string().openapi({ example: 'Example Account' }),
+      firstName: z.string().openapi({ example: 'John' }),
+      lastName: z.string().openapi({ example: 'Doe' }),
+    }),
+  ),
+});
+export type SelectAccountIssuersResponse = z.infer<
+  typeof SelectAccountIssuersResponse
+>;
+
+export const SwitchAccountIssuersBody = z.object({
+  accountId: accountIdSchema,
+});
+export type SwitchAccountIssuersBody = z.infer<typeof SwitchAccountIssuersBody>;
+
+export const AccessTokenResponse = z.object({
+  accessToken: z.string().optional().openapi({
+    example: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9',
+  }),
+  requiresTwoFactor: z.boolean().optional().openapi({
+    example: true,
+  }),
+  temporaryToken: z.string().optional().openapi({
+    example: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9',
+  }),
+  requiresTwoFactorSetup: z.boolean().optional().openapi({
+    example: true,
+  }),
+  twoFactorMethod: z.nativeEnum(TwoFactorMethod).optional().openapi({
+    example: 'SMS',
+  }),
+});
+export type AccessTokenResponse = z.infer<typeof AccessTokenResponse>;
+
+// Base schema for issuer registration (shared fields without refinements)
+const BaseRegisterIssuerFields = BaseAuthBody.extend({
+  confirmPassword: PasswordSchema,
+  accountName: z
+    .string()
+    .min(1)
+    .max(150)
+    .openapi({
+      example: 'Example Account',
+    })
+    .nullable()
+    .optional(),
+  accountType: z
+    .nativeEnum(ManagedByType)
+    .optional()
+    .default(ManagedByType.DALMORE)
+    .openapi({
+      example: ManagedByType.DALMORE,
+    }),
+});
+
+// Full issuer registration schema with code (for invite-based registration)
+export const IRegisterIssuerBodyZod = BaseRegisterIssuerFields.extend({
+  code: z
+    .string()
+    .refine(isBase64, {
+      message: 'Must be a valid base64 encoded string',
+    })
+    .optional()
+    .openapi({
+      example: 'eyJpdiI6InhhTFIyVG9ETnhnUzQ1QzUyNzRJenc9PSIsI',
+    }),
+})
+  .refine((data) => data.password === data.confirmPassword, {
+    message: 'Passwords do not match',
+    path: ['confirmPassword'],
+  })
+  .refine(
+    (data) => {
+      // If code is not provided, accountName must be present and not empty/null
+      if (!data.code || data.code.length === 0) {
+        return (
+          data.accountName !== null &&
+          data.accountName !== undefined &&
+          data.accountName !== ''
+        );
+      }
+      // If code is provided, accountName is not required
+      return true;
+    },
+    {
+      message: 'Account name is required if code is not provided',
+      path: ['accountName'],
+    },
+  );
+
+// Client issuer registration schema without code (for API key registration)
+export const IRegisterClientIssuerBodyZod = BaseRegisterIssuerFields.refine(
+  (data) => data.password === data.confirmPassword,
+  {
+    message: 'Passwords do not match',
+    path: ['confirmPassword'],
+  },
+).refine(
+  (data) => {
+    // For client registration, accountName is always required
+    return (
+      data.accountName !== null &&
+      data.accountName !== undefined &&
+      data.accountName !== ''
+    );
+  },
+  {
+    message: 'Account name is required',
+    path: ['accountName'],
+  },
+);
+
+// Investors are a special case in which they require phone number at the time of registration
+// The phone number provided here is NOT validated and will still need to go thru the regular 2FA setup process
+export const RegisterBodyInvestors = BaseAuthBody.extend({
+  confirmPassword: PasswordSchema,
+  phoneNumber: PhoneZodSchema.openapi({ example: '+12124567890' }).optional(),
+  site: z
+    .string()
+    .min(2, 'site is less than 2 characters')
+    .max(253, 'site is more than 253 characters')
+    .openapi({
+      example: 'func.co',
+    }),
+}).refine((data) => data.password === data.confirmPassword, {
+  message: 'Passwords do not match',
+  path: ['confirmPassword'],
+});
+
+export const ResetPasswordVerifyBody = z.object({
+  email: z.string().email(),
+  code: z.string().length(6, 'code is not 6 characters').openapi({
+    example: '123456',
+  }),
+});
+
+export type ResetPasswordVerifyBodyType = z.infer<
+  typeof ResetPasswordVerifyBody
+>;
+export const ResetPasswordVerifyResponse = z.object({
+  valid: z.boolean(),
+});
+
+export type ResetPasswordVerifyResponseType = z.infer<
+  typeof ResetPasswordVerifyResponse
+>;
+
+export const ResetPasswordBody = z.object({
+  email: z.string().email(),
+  code: z.string().length(6, 'code is not 6 characters').openapi({
+    example: '123456',
+  }),
+  password: PasswordSchema,
+});
+export type ResetPasswordBodyType = z.infer<typeof ResetPasswordBody>;
+
+export const AuthSuccessResponse = z.object({
+  success: z.boolean(),
+});
+export type AuthSuccessResponseType = z.infer<typeof AuthSuccessResponse>;
+
+export const ClientAuthSuccessResponse = z.object({
+  userId: z.string().openapi({ example: 'user_01je6ht4b8fbmttkzh2hs82xqp' }),
+});
+
+export type ClientAuthSuccessResponse = z.infer<
+  typeof ClientAuthSuccessResponse
+>;
+
+export const AdminForgotPasswordRequestZod = z.object({
+  email: z.string().email(),
+  portal: z.nativeEnum(PortalType),
+});
+export type AdminForgotPasswordRequestZod = z.infer<
+  typeof AdminForgotPasswordRequestZod
+>;
+
+export const InvestorForgotPasswordRequestZod = z.object({
+  email: z.string().email(),
+  url: createUrlSchema({ strict: true }),
+});
+export type InvestorForgotPasswordRequestZod = z.infer<
+  typeof InvestorForgotPasswordRequestZod
+>;
+
+// Define paths that should be accessible EVEN with twoFactorPending
+export const twoFactorPendingAllowedPaths = [
+  '/auth/login',
+  '/auth/register',
+  '/user-settings/valid-phone-number',
+  '/user-settings/setup-phone-number',
+  '/user-settings/verify-phone-number',
+  '/user-settings/send-verification-code',
+  '/user-settings/setup-authenticator',
+  '/user-settings/verify-authenticator',
+];
+
+export const lockedUserAllowedPathsAndMethods = [
+  { path: '/users/me', method: 'GET' },
+  { path: '/auth/login', method: 'POST' },
+];