@devlider001/washlab-backend 1.0.8 → 1.1.0

package/convex/lib/auth.d.ts

@@ -57,16 +57,37 @@ export declare function getCurrentCustomer(ctx: QueryCtx | MutationCtx): Promise
 export declare function getCurrentAttendant(ctx: QueryCtx | MutationCtx): Promise<{
     _id: import("convex/values").GenericId<"attendants">;
     _creationTime: number;
+    clerkUserId?: string | undefined;
     lastLoginAt?: number | undefined;
-    passcode?: string | undefined;
+    passcodeHash?: string | undefined;
+    authenticationMethods?: ("biometric_face" | "biometric_hand" | "pin" | "password")[] | undefined;
+    enrollmentTokenHash?: string | undefined;
+    enrollmentTokenExpiresAt?: number | undefined;
+    enrolledAt?: number | undefined;
+    enrolledBy?: import("convex/values").GenericId<"admins"> | undefined;
+    biometricTemplateHash?: string | undefined;
+    biometricDataEncrypted?: string | undefined;
+    biometricCaptureMetadata?: {
+        deviceInfo?: string | undefined;
+        captureType: "face" | "hand";
+        anglesCaptured: string[];
+        captureQuality: number;
+        livenessPassed: boolean;
+        captureTimestamp: number;
+    } | undefined;
+    lastVerificationAt?: number | undefined;
+    lastVerificationSuccess?: boolean | undefined;
+    verificationTimeoutAt?: number | undefined;
     phoneNumber: string;
     email: string;
     name: string;
-    clerkUserId: string;
     createdAt: number;
     isDeleted: boolean;
     branchId: import("convex/values").GenericId<"branches">;
     isActive: boolean;
+    enrollmentStatus: "active" | "suspended" | "invited" | "enrolling" | "locked";
+    consecutiveFailures: number;
+    createdBy: import("convex/values").GenericId<"admins">;
 }>;
 /**
  * Get current admin from Clerk identity
@@ -105,15 +126,36 @@ export declare function getSuperAdmin(ctx: QueryCtx | MutationCtx): Promise<{
 export declare function verifyAttendantBranch(ctx: QueryCtx | MutationCtx, attendantId: Id<"attendants">, branchId: Id<"branches">): Promise<{
     _id: import("convex/values").GenericId<"attendants">;
     _creationTime: number;
+    clerkUserId?: string | undefined;
     lastLoginAt?: number | undefined;
-    passcode?: string | undefined;
+    passcodeHash?: string | undefined;
+    authenticationMethods?: ("biometric_face" | "biometric_hand" | "pin" | "password")[] | undefined;
+    enrollmentTokenHash?: string | undefined;
+    enrollmentTokenExpiresAt?: number | undefined;
+    enrolledAt?: number | undefined;
+    enrolledBy?: import("convex/values").GenericId<"admins"> | undefined;
+    biometricTemplateHash?: string | undefined;
+    biometricDataEncrypted?: string | undefined;
+    biometricCaptureMetadata?: {
+        deviceInfo?: string | undefined;
+        captureType: "face" | "hand";
+        anglesCaptured: string[];
+        captureQuality: number;
+        livenessPassed: boolean;
+        captureTimestamp: number;
+    } | undefined;
+    lastVerificationAt?: number | undefined;
+    lastVerificationSuccess?: boolean | undefined;
+    verificationTimeoutAt?: number | undefined;
     phoneNumber: string;
     email: string;
     name: string;
-    clerkUserId: string;
     createdAt: number;
     isDeleted: boolean;
     branchId: import("convex/values").GenericId<"branches">;
     isActive: boolean;
+    enrollmentStatus: "active" | "suspended" | "invited" | "enrolling" | "locked";
+    consecutiveFailures: number;
+    createdBy: import("convex/values").GenericId<"admins">;
 }>;
 //# sourceMappingURL=auth.d.ts.map

package/convex/lib/biometricComparison.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Biometric Comparison Utilities
+ *
+ * Provides functions to compare live biometric data with stored templates.
+ */
+export interface BiometricData {
+    landmarks: number[][];
+    angles: {
+        headLeft?: number;
+        headRight?: number;
+        headUp?: number;
+        headDown?: number;
+        handLeft?: number;
+        handRight?: number;
+        handUp?: number;
+        handDown?: number;
+    };
+    features: number[];
+}
+/**
+ * Compare two biometric templates and return confidence score (0-1)
+ */
+export declare function compareBiometricData(live: BiometricData, stored: BiometricData): number;
+/**
+ * Compare biometric templates (wrapper for stored vs live comparison)
+ */
+export declare function compareBiometricTemplates(storedTemplate: BiometricData, liveData: {
+    features: number[];
+    measurements: any;
+    angles: string[];
+}, options: {
+    captureQuality: number;
+    type: "face" | "hand";
+}): Promise<{
+    confidence: number;
+    match: boolean;
+}>;
+//# sourceMappingURL=biometricComparison.d.ts.map

package/convex/lib/biometricEncryption.d.ts

@@ -0,0 +1,49 @@
+/**
+ * Biometric Data Encryption Utilities
+ *
+ * Provides encryption and decryption for biometric templates.
+ * Uses base64 encoding for now (placeholder for proper encryption).
+ *
+ * NOTE: In Convex, we use base64 encoding for now.
+ * For production, implement proper encryption using environment variables
+ * or an external encryption service.
+ */
+export interface BiometricData {
+    landmarks: number[][];
+    angles: {
+        headLeft?: number;
+        headRight?: number;
+        headUp?: number;
+        headDown?: number;
+        handLeft?: number;
+        handRight?: number;
+        handUp?: number;
+        handDown?: number;
+    };
+    features: number[];
+}
+/**
+ * Encrypt biometric data
+ * Returns encrypted data, IV, and auth tag as base64 strings
+ *
+ * IMPORTANT: In production, use proper encryption library or service
+ * This is a placeholder that should be replaced with actual encryption
+ */
+export declare function encryptBiometricData(data: BiometricData): {
+    encryptedData: string;
+    iv: string;
+    authTag: string;
+};
+/**
+ * Decrypt biometric data
+ *
+ * IMPORTANT: In production, use proper decryption library or service
+ * This is a placeholder that should be replaced with actual decryption
+ */
+export declare function decryptBiometricData(encryptedData: string, iv: string, authTag: string): BiometricData;
+/**
+ * Hash biometric template for quick comparison
+ * Uses Web Crypto API (available in Convex V8 runtime)
+ */
+export declare function hashBiometricTemplate(data: BiometricData): Promise<string>;
+//# sourceMappingURL=biometricEncryption.d.ts.map

package/convex/lib/passwordHashing.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Password/PIN Hashing Utilities
+ *
+ * Provides secure password/PIN hashing using Web Crypto API.
+ * Uses PBKDF2 for password hashing (more secure than SHA-256 for passwords).
+ */
+/**
+ * Hash a password or PIN using PBKDF2
+ * This is more secure than SHA-256 for passwords as it's designed for this purpose
+ */
+export declare function hashPassword(password: string, salt?: string): Promise<{
+    hash: string;
+    salt: string;
+}>;
+/**
+ * Verify a password or PIN against its hash
+ */
+export declare function verifyPassword(password: string, hash: string, salt: string): Promise<boolean>;
+/**
+ * Simple PIN hashing (4-6 digits) - uses SHA-256 with salt for simplicity
+ * PINs are less secure, so we use a simpler approach but still with salt
+ */
+export declare function hashPIN(pin: string, salt?: string): Promise<{
+    hash: string;
+    salt: string;
+}>;
+/**
+ * Verify a PIN against its hash
+ */
+export declare function verifyPIN(pin: string, hash: string, salt: string): Promise<boolean>;
+//# sourceMappingURL=passwordHashing.d.ts.map

package/convex/lib/tokenHashing.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Token Hashing Utilities
+ *
+ * Provides secure token hashing and verification.
+ * Used for enrollment tokens, session tokens, and OTP codes.
+ *
+ * Uses Web Crypto API (available in Convex V8 runtime)
+ */
+/**
+ * Hash a token using SHA-256 (for enrollment tokens and challenges)
+ * Uses Web Crypto API which is available in Convex V8 runtime
+ */
+export declare function hashToken(token: string): Promise<string>;
+/**
+ * Verify a token against its hash
+ */
+export declare function verifyToken(token: string, hash: string): Promise<boolean>;
+/**
+ * Generate a secure random token
+ */
+export declare function generateSecureToken(length?: number): string;
+/**
+ * Generate a challenge string for biometric verification
+ */
+export declare function generateChallenge(): string;
+//# sourceMappingURL=tokenHashing.d.ts.map

package/convex/notifications.d.ts

@@ -76,6 +76,8 @@ export declare const getAllNotifications: import("convex/server").RegisteredQuer
     };
 }, Promise<{
     page: {
+        isRead: boolean;
+        readAt: number | undefined;
         _id: import("convex/values").GenericId<"notifications">;
         _creationTime: number;
         branchId?: import("convex/values").GenericId<"branches"> | undefined;
@@ -83,7 +85,6 @@ export declare const getAllNotifications: import("convex/server").RegisteredQuer
         entityId?: string | undefined;
         actionUrl?: string | undefined;
         actionLabel?: string | undefined;
-        readAt?: number | undefined;
         senderId?: string | undefined;
         senderType?: "admin" | "attendant" | "system" | undefined;
         expiresAt?: number | undefined;
@@ -97,7 +98,6 @@ export declare const getAllNotifications: import("convex/server").RegisteredQuer
         title: string;
         message: string;
         priority: "low" | "normal" | "high" | "urgent";
-        isRead: boolean;
     }[];
     isDone: boolean;
     continueCursor: string;