npm - @digitaldefiance/node-express-suite - Versions diffs - 1.0.21 → 1.0.23 - Mend

@digitaldefiance/node-express-suite 1.0.21 → 1.0.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (633) hide show

package/README.md +9 -0
package/package.json +27 -32
package/src/application-base.ts +492 -0
package/src/application.ts +254 -0
package/src/backup-code.ts +336 -0
package/src/constants.ts +69 -0
package/src/controllers/base.ts +440 -0
package/{dist/controllers/index.d.ts → src/controllers/index.ts} +0 -1
package/src/controllers/user.ts +1451 -0
package/src/decorators/base-controller.ts +61 -0
package/src/decorators/controller.ts +109 -0
package/{dist/decorators/index.d.ts → src/decorators/index.ts} +0 -1
package/src/decorators/zod-validation.ts +57 -0
package/src/defaults.ts +94 -0
package/src/documents/base.ts +7 -0
package/src/documents/email-token.ts +14 -0
package/{dist/documents/index.d.ts → src/documents/index.ts} +0 -1
package/{dist/documents/mnemonic.d.ts → src/documents/mnemonic.ts} +5 -2
package/{dist/documents/role.d.ts → src/documents/role.ts} +5 -2
package/src/documents/used-direct-login-token.ts +7 -0
package/{dist/documents/user-role.d.ts → src/documents/user-role.ts} +5 -2
package/{dist/documents/user.d.ts → src/documents/user.ts} +4 -2
package/src/enumerations/base-model-name.ts +41 -0
package/{dist/enumerations/index.d.ts → src/enumerations/index.ts} +0 -1
package/src/enumerations/length-encoding-type.ts +6 -0
package/src/enumerations/schema-collection.ts +33 -0
package/src/enumerations/symmetric-error-type.ts +4 -0
package/src/environment.ts +770 -0
package/src/errors/express-validation.ts +21 -0
package/{dist/errors/index.d.ts → src/errors/index.ts} +0 -1
package/src/errors/invalid-backup-code-version.ts +14 -0
package/src/errors/invalid-jwt-token.ts +10 -0
package/src/errors/invalid-model.ts +11 -0
package/src/errors/invalid-new-password.ts +18 -0
package/src/errors/invalid-password.ts +13 -0
package/src/errors/missing-validated-data.ts +36 -0
package/src/errors/mnemonic-or-password-required.ts +12 -0
package/src/errors/model-not-registered.ts +11 -0
package/src/errors/mongoose-validation.ts +34 -0
package/src/errors/symmetric.ts +41 -0
package/src/errors/token-expired.ts +10 -0
package/src/get-language.ts +53 -0
package/src/get-timezone.ts +45 -0
package/{dist/index.d.ts → src/index.ts} +3 -2
package/{dist/interfaces/api-error-response.d.ts → src/interfaces/api-error-response.ts} +2 -2
package/src/interfaces/api-express-validation-error-response.ts +8 -0
package/src/interfaces/api-message-response.ts +3 -0
package/{dist/interfaces/api-mongo-validation-error-response.d.ts → src/interfaces/api-mongo-validation-error-response.ts} +2 -2
package/{dist/interfaces/api-responses/backup-codes-response.d.ts → src/interfaces/api-responses/backup-codes-response.ts} +2 -2
package/{dist/interfaces/api-responses/challenge-response.d.ts → src/interfaces/api-responses/challenge-response.ts} +3 -3
package/{dist/interfaces/api-responses/code-count-response.d.ts → src/interfaces/api-responses/code-count-response.ts} +2 -2
package/{dist/interfaces/api-responses/index.d.ts → src/interfaces/api-responses/index.ts} +0 -1
package/{dist/interfaces/api-responses/login-response.d.ts → src/interfaces/api-responses/login-response.ts} +4 -4
package/{dist/interfaces/api-responses/mnemonic-response.d.ts → src/interfaces/api-responses/mnemonic-response.ts} +2 -2
package/{dist/interfaces/api-responses/registration-response.d.ts → src/interfaces/api-responses/registration-response.ts} +3 -3
package/{dist/interfaces/api-responses/request-user-response.d.ts → src/interfaces/api-responses/request-user-response.ts} +2 -2
package/{dist/interfaces/application.d.ts → src/interfaces/application.ts} +7 -7
package/src/interfaces/backend-objects/email-token.ts +11 -0
package/{dist/interfaces/backend-objects/index.d.ts → src/interfaces/backend-objects/index.ts} +0 -1
package/{dist/interfaces/backend-objects/request-user.d.ts → src/interfaces/backend-objects/request-user.ts} +7 -2
package/{dist/interfaces/backend-objects/role.d.ts → src/interfaces/backend-objects/role.ts} +1 -1
package/src/interfaces/backend-objects/user.ts +9 -0
package/src/interfaces/checksum-config.ts +4 -0
package/src/interfaces/checksum-consts.ts +13 -0
package/{dist/interfaces/constants.d.ts → src/interfaces/constants.ts} +5 -5
package/src/interfaces/create-user-basics.ts +17 -0
package/src/interfaces/csp-config.ts +35 -0
package/src/interfaces/deep-partial.ts +3 -0
package/{dist/interfaces/discriminator-collections.d.ts → src/interfaces/discriminator-collections.ts} +3 -3
package/src/interfaces/email-service.ts +8 -0
package/src/interfaces/environment-mongo.ts +76 -0
package/src/interfaces/environment.ts +181 -0
package/src/interfaces/failable-result.ts +6 -0
package/src/interfaces/fec-consts.ts +4 -0
package/src/interfaces/handleable-error-options.ts +6 -0
package/{dist/interfaces/index.d.ts → src/interfaces/index.ts} +0 -1
package/src/interfaces/jwt-consts.ts +23 -0
package/src/interfaces/jwt-sign-response.ts +19 -0
package/src/interfaces/mongo-errors.ts +5 -0
package/src/interfaces/request-user.ts +50 -0
package/src/interfaces/required-string-keys.ts +26 -0
package/src/interfaces/schema.ts +31 -0
package/src/interfaces/server-init-result.ts +37 -0
package/src/interfaces/status-code-response.ts +7 -0
package/src/interfaces/symmetric-encryption-results.d.ts +5 -0
package/src/interfaces/symmetric-encryption-results.d.ts.map +1 -0
package/src/interfaces/symmetric-encryption-results.js.map +1 -0
package/src/interfaces/symmetric-encryption-results.ts +4 -0
package/{dist/interfaces/token-response.d.ts → src/interfaces/token-response.ts} +2 -2
package/src/middlewares/authenticate-crypto.ts +243 -0
package/src/middlewares/authenticate-token.ts +152 -0
package/src/middlewares/cleanup-crypto.ts +40 -0
package/{dist/middlewares/index.d.ts → src/middlewares/index.ts} +0 -1
package/src/middlewares/set-global-context-language.ts +24 -0
package/src/middlewares.ts +120 -0
package/src/model-registry.ts +75 -0
package/src/models/email-token.ts +19 -0
package/{dist/models/index.d.ts → src/models/index.ts} +0 -1
package/src/models/mnemonic.ts +19 -0
package/src/models/role.ts +19 -0
package/src/models/used-direct-login-token.ts +23 -0
package/src/models/user-role.ts +17 -0
package/src/models/user.ts +19 -0
package/src/registry/email-service-registry.ts +24 -0
package/{dist/registry/index.d.ts → src/registry/index.ts} +0 -1
package/src/routers/api.ts +151 -0
package/src/routers/app.ts +258 -0
package/src/routers/base.ts +17 -0
package/{dist/routers/index.d.ts → src/routers/index.ts} +0 -1
package/src/schemas/email-token.ts +91 -0
package/{dist/schemas/index.d.ts → src/schemas/index.ts} +1 -2
package/src/schemas/mnemonic.ts +37 -0
package/src/schemas/role.ts +127 -0
package/src/schemas/schema.ts +140 -0
package/src/schemas/used-direct-login-token.ts +38 -0
package/src/schemas/user-role.ts +75 -0
package/src/schemas/user.ts +202 -0
package/src/services/backup-code.ts +316 -0
package/src/services/base.ts +33 -0
package/src/services/checksum.ts +161 -0
package/src/services/crc.ts +213 -0
package/src/services/database-initialization.ts +1479 -0
package/src/services/db-init-cache.d.ts +16 -0
package/src/services/direct-login-token.ts +62 -0
package/src/services/fec-usage-example.ts +102 -0
package/src/services/fec.ts +296 -0
package/{dist/services/index.d.ts → src/services/index.ts} +0 -1
package/src/services/jwt.ts +134 -0
package/src/services/key-wrapping.ts +434 -0
package/src/services/mnemonic.ts +167 -0
package/src/services/request-user.ts +62 -0
package/src/services/role.ts +396 -0
package/src/services/symmetric.ts +139 -0
package/src/services/system-user.ts +82 -0
package/src/services/user.ts +2137 -0
package/src/services/xor.ts +34 -0
package/src/types.d.ts +44 -0
package/src/types.ts +128 -0
package/src/utils.ts +1022 -0
package/dist/application-base.d.ts +0 -112
package/dist/application-base.d.ts.map +0 -1
package/dist/application-base.js +0 -301
package/dist/application-base.js.map +0 -1
package/dist/application.d.ts +0 -23
package/dist/application.d.ts.map +0 -1
package/dist/application.js +0 -126
package/dist/application.js.map +0 -1
package/dist/backup-code.d.ts +0 -67
package/dist/backup-code.d.ts.map +0 -1
package/dist/backup-code.js +0 -270
package/dist/backup-code.js.map +0 -1
package/dist/constants.d.ts +0 -16
package/dist/constants.d.ts.map +0 -1
package/dist/constants.js +0 -54
package/dist/constants.js.map +0 -1
package/dist/controllers/base.d.ts +0 -63
package/dist/controllers/base.d.ts.map +0 -1
package/dist/controllers/base.js +0 -269
package/dist/controllers/base.js.map +0 -1
package/dist/controllers/index.d.ts.map +0 -1
package/dist/controllers/index.js +0 -19
package/dist/controllers/index.js.map +0 -1
package/dist/controllers/user.d.ts +0 -45
package/dist/controllers/user.d.ts.map +0 -1
package/dist/controllers/user.js +0 -750
package/dist/controllers/user.js.map +0 -1
package/dist/decorators/base-controller.d.ts +0 -14
package/dist/decorators/base-controller.d.ts.map +0 -1
package/dist/decorators/base-controller.js +0 -49
package/dist/decorators/base-controller.js.map +0 -1
package/dist/decorators/controller.d.ts +0 -32
package/dist/decorators/controller.d.ts.map +0 -1
package/dist/decorators/controller.js +0 -67
package/dist/decorators/controller.js.map +0 -1
package/dist/decorators/index.d.ts.map +0 -1
package/dist/decorators/index.js +0 -20
package/dist/decorators/index.js.map +0 -1
package/dist/decorators/zod-validation.d.ts +0 -5
package/dist/decorators/zod-validation.d.ts.map +0 -1
package/dist/decorators/zod-validation.js +0 -47
package/dist/decorators/zod-validation.js.map +0 -1
package/dist/defaults.d.ts +0 -7
package/dist/defaults.d.ts.map +0 -1
package/dist/defaults.js +0 -83
package/dist/defaults.js.map +0 -1
package/dist/documents/base.d.ts +0 -3
package/dist/documents/base.d.ts.map +0 -1
package/dist/documents/base.js +0 -3
package/dist/documents/base.js.map +0 -1
package/dist/documents/email-token.d.ts +0 -8
package/dist/documents/email-token.d.ts.map +0 -1
package/dist/documents/email-token.js +0 -3
package/dist/documents/email-token.js.map +0 -1
package/dist/documents/index.d.ts.map +0 -1
package/dist/documents/index.js +0 -3
package/dist/documents/index.js.map +0 -1
package/dist/documents/mnemonic.d.ts.map +0 -1
package/dist/documents/mnemonic.js +0 -3
package/dist/documents/mnemonic.js.map +0 -1
package/dist/documents/role.d.ts.map +0 -1
package/dist/documents/role.js +0 -3
package/dist/documents/role.js.map +0 -1
package/dist/documents/used-direct-login-token.d.ts +0 -5
package/dist/documents/used-direct-login-token.d.ts.map +0 -1
package/dist/documents/used-direct-login-token.js +0 -3
package/dist/documents/used-direct-login-token.js.map +0 -1
package/dist/documents/user-role.d.ts.map +0 -1
package/dist/documents/user-role.js +0 -3
package/dist/documents/user-role.js.map +0 -1
package/dist/documents/user.d.ts.map +0 -1
package/dist/documents/user.js +0 -3
package/dist/documents/user.js.map +0 -1
package/dist/enumerations/base-model-name.d.ts +0 -38
package/dist/enumerations/base-model-name.d.ts.map +0 -1
package/dist/enumerations/base-model-name.js +0 -34
package/dist/enumerations/base-model-name.js.map +0 -1
package/dist/enumerations/index.d.ts.map +0 -1
package/dist/enumerations/index.js +0 -21
package/dist/enumerations/index.js.map +0 -1
package/dist/enumerations/length-encoding-type.d.ts +0 -7
package/dist/enumerations/length-encoding-type.d.ts.map +0 -1
package/dist/enumerations/length-encoding-type.js +0 -11
package/dist/enumerations/length-encoding-type.js.map +0 -1
package/dist/enumerations/schema-collection.d.ts +0 -34
package/dist/enumerations/schema-collection.d.ts.map +0 -1
package/dist/enumerations/schema-collection.js +0 -38
package/dist/enumerations/schema-collection.js.map +0 -1
package/dist/enumerations/symmetric-error-type.d.ts +0 -5
package/dist/enumerations/symmetric-error-type.d.ts.map +0 -1
package/dist/enumerations/symmetric-error-type.js +0 -9
package/dist/enumerations/symmetric-error-type.js.map +0 -1
package/dist/environment.d.ts +0 -189
package/dist/environment.d.ts.map +0 -1
package/dist/environment.js +0 -618
package/dist/environment.js.map +0 -1
package/dist/errors/express-validation.d.ts +0 -9
package/dist/errors/express-validation.d.ts.map +0 -1
package/dist/errors/express-validation.js +0 -17
package/dist/errors/express-validation.js.map +0 -1
package/dist/errors/index.d.ts.map +0 -1
package/dist/errors/index.js +0 -29
package/dist/errors/index.js.map +0 -1
package/dist/errors/invalid-backup-code-version.d.ts +0 -6
package/dist/errors/invalid-backup-code-version.d.ts.map +0 -1
package/dist/errors/invalid-backup-code-version.js +0 -14
package/dist/errors/invalid-backup-code-version.js.map +0 -1
package/dist/errors/invalid-jwt-token.d.ts +0 -5
package/dist/errors/invalid-jwt-token.d.ts.map +0 -1
package/dist/errors/invalid-jwt-token.js +0 -11
package/dist/errors/invalid-jwt-token.js.map +0 -1
package/dist/errors/invalid-model.d.ts +0 -6
package/dist/errors/invalid-model.d.ts.map +0 -1
package/dist/errors/invalid-model.js +0 -13
package/dist/errors/invalid-model.js.map +0 -1
package/dist/errors/invalid-new-password.d.ts +0 -5
package/dist/errors/invalid-new-password.d.ts.map +0 -1
package/dist/errors/invalid-new-password.js +0 -14
package/dist/errors/invalid-new-password.js.map +0 -1
package/dist/errors/invalid-password.d.ts +0 -5
package/dist/errors/invalid-password.d.ts.map +0 -1
package/dist/errors/invalid-password.js +0 -14
package/dist/errors/invalid-password.js.map +0 -1
package/dist/errors/missing-validated-data.d.ts +0 -7
package/dist/errors/missing-validated-data.d.ts.map +0 -1
package/dist/errors/missing-validated-data.js +0 -34
package/dist/errors/missing-validated-data.js.map +0 -1
package/dist/errors/mnemonic-or-password-required.d.ts +0 -5
package/dist/errors/mnemonic-or-password-required.d.ts.map +0 -1
package/dist/errors/mnemonic-or-password-required.js +0 -13
package/dist/errors/mnemonic-or-password-required.js.map +0 -1
package/dist/errors/model-not-registered.d.ts +0 -5
package/dist/errors/model-not-registered.d.ts.map +0 -1
package/dist/errors/model-not-registered.js +0 -12
package/dist/errors/model-not-registered.js.map +0 -1
package/dist/errors/mongoose-validation.d.ts +0 -11
package/dist/errors/mongoose-validation.d.ts.map +0 -1
package/dist/errors/mongoose-validation.js +0 -16
package/dist/errors/mongoose-validation.js.map +0 -1
package/dist/errors/symmetric.d.ts +0 -8
package/dist/errors/symmetric.d.ts.map +0 -1
package/dist/errors/symmetric.js +0 -23
package/dist/errors/symmetric.js.map +0 -1
package/dist/errors/token-expired.d.ts +0 -5
package/dist/errors/token-expired.d.ts.map +0 -1
package/dist/errors/token-expired.js +0 -11
package/dist/errors/token-expired.js.map +0 -1
package/dist/get-language.d.ts +0 -2
package/dist/get-language.d.ts.map +0 -1
package/dist/get-language.js +0 -30
package/dist/get-language.js.map +0 -1
package/dist/get-timezone.d.ts +0 -3
package/dist/get-timezone.d.ts.map +0 -1
package/dist/get-timezone.js +0 -31
package/dist/get-timezone.js.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/index.js +0 -40
package/dist/index.js.map +0 -1
package/dist/interfaces/api-error-response.d.ts.map +0 -1
package/dist/interfaces/api-error-response.js +0 -3
package/dist/interfaces/api-error-response.js.map +0 -1
package/dist/interfaces/api-express-validation-error-response.d.ts +0 -7
package/dist/interfaces/api-express-validation-error-response.d.ts.map +0 -1
package/dist/interfaces/api-express-validation-error-response.js +0 -3
package/dist/interfaces/api-express-validation-error-response.js.map +0 -1
package/dist/interfaces/api-message-response.d.ts +0 -4
package/dist/interfaces/api-message-response.d.ts.map +0 -1
package/dist/interfaces/api-message-response.js +0 -3
package/dist/interfaces/api-message-response.js.map +0 -1
package/dist/interfaces/api-mongo-validation-error-response.d.ts.map +0 -1
package/dist/interfaces/api-mongo-validation-error-response.js +0 -3
package/dist/interfaces/api-mongo-validation-error-response.js.map +0 -1
package/dist/interfaces/api-responses/backup-codes-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/backup-codes-response.js +0 -3
package/dist/interfaces/api-responses/backup-codes-response.js.map +0 -1
package/dist/interfaces/api-responses/challenge-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/challenge-response.js +0 -3
package/dist/interfaces/api-responses/challenge-response.js.map +0 -1
package/dist/interfaces/api-responses/code-count-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/code-count-response.js +0 -3
package/dist/interfaces/api-responses/code-count-response.js.map +0 -1
package/dist/interfaces/api-responses/index.d.ts.map +0 -1
package/dist/interfaces/api-responses/index.js +0 -24
package/dist/interfaces/api-responses/index.js.map +0 -1
package/dist/interfaces/api-responses/login-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/login-response.js +0 -3
package/dist/interfaces/api-responses/login-response.js.map +0 -1
package/dist/interfaces/api-responses/mnemonic-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/mnemonic-response.js +0 -3
package/dist/interfaces/api-responses/mnemonic-response.js.map +0 -1
package/dist/interfaces/api-responses/registration-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/registration-response.js +0 -3
package/dist/interfaces/api-responses/registration-response.js.map +0 -1
package/dist/interfaces/api-responses/request-user-response.d.ts.map +0 -1
package/dist/interfaces/api-responses/request-user-response.js +0 -3
package/dist/interfaces/api-responses/request-user-response.js.map +0 -1
package/dist/interfaces/application.d.ts.map +0 -1
package/dist/interfaces/application.js +0 -3
package/dist/interfaces/application.js.map +0 -1
package/dist/interfaces/backend-objects/email-token.d.ts +0 -4
package/dist/interfaces/backend-objects/email-token.d.ts.map +0 -1
package/dist/interfaces/backend-objects/email-token.js +0 -3
package/dist/interfaces/backend-objects/email-token.js.map +0 -1
package/dist/interfaces/backend-objects/index.d.ts.map +0 -1
package/dist/interfaces/backend-objects/index.js +0 -21
package/dist/interfaces/backend-objects/index.js.map +0 -1
package/dist/interfaces/backend-objects/request-user.d.ts.map +0 -1
package/dist/interfaces/backend-objects/request-user.js +0 -3
package/dist/interfaces/backend-objects/request-user.js.map +0 -1
package/dist/interfaces/backend-objects/role.d.ts.map +0 -1
package/dist/interfaces/backend-objects/role.js +0 -3
package/dist/interfaces/backend-objects/role.js.map +0 -1
package/dist/interfaces/backend-objects/user.d.ts +0 -4
package/dist/interfaces/backend-objects/user.d.ts.map +0 -1
package/dist/interfaces/backend-objects/user.js +0 -3
package/dist/interfaces/backend-objects/user.js.map +0 -1
package/dist/interfaces/checksum-config.d.ts +0 -5
package/dist/interfaces/checksum-config.d.ts.map +0 -1
package/dist/interfaces/checksum-config.js +0 -3
package/dist/interfaces/checksum-config.js.map +0 -1
package/dist/interfaces/checksum-consts.d.ts +0 -11
package/dist/interfaces/checksum-consts.d.ts.map +0 -1
package/dist/interfaces/checksum-consts.js +0 -3
package/dist/interfaces/checksum-consts.js.map +0 -1
package/dist/interfaces/constants.d.ts.map +0 -1
package/dist/interfaces/constants.js +0 -3
package/dist/interfaces/constants.js.map +0 -1
package/dist/interfaces/create-user-basics.d.ts +0 -18
package/dist/interfaces/create-user-basics.d.ts.map +0 -1
package/dist/interfaces/create-user-basics.js +0 -3
package/dist/interfaces/create-user-basics.js.map +0 -1
package/dist/interfaces/csp-config.d.ts +0 -14
package/dist/interfaces/csp-config.d.ts.map +0 -1
package/dist/interfaces/csp-config.js +0 -3
package/dist/interfaces/csp-config.js.map +0 -1
package/dist/interfaces/deep-partial.d.ts +0 -4
package/dist/interfaces/deep-partial.d.ts.map +0 -1
package/dist/interfaces/deep-partial.js +0 -3
package/dist/interfaces/deep-partial.js.map +0 -1
package/dist/interfaces/discriminator-collections.d.ts.map +0 -1
package/dist/interfaces/discriminator-collections.js +0 -3
package/dist/interfaces/discriminator-collections.js.map +0 -1
package/dist/interfaces/email-service.d.ts +0 -4
package/dist/interfaces/email-service.d.ts.map +0 -1
package/dist/interfaces/email-service.js +0 -3
package/dist/interfaces/email-service.js.map +0 -1
package/dist/interfaces/environment-mongo.d.ts +0 -76
package/dist/interfaces/environment-mongo.d.ts.map +0 -1
package/dist/interfaces/environment-mongo.js +0 -3
package/dist/interfaces/environment-mongo.js.map +0 -1
package/dist/interfaces/environment.d.ts +0 -181
package/dist/interfaces/environment.d.ts.map +0 -1
package/dist/interfaces/environment.js +0 -3
package/dist/interfaces/environment.js.map +0 -1
package/dist/interfaces/failable-result.d.ts +0 -7
package/dist/interfaces/failable-result.d.ts.map +0 -1
package/dist/interfaces/failable-result.js +0 -3
package/dist/interfaces/failable-result.js.map +0 -1
package/dist/interfaces/fec-consts.d.ts +0 -5
package/dist/interfaces/fec-consts.d.ts.map +0 -1
package/dist/interfaces/fec-consts.js +0 -3
package/dist/interfaces/fec-consts.js.map +0 -1
package/dist/interfaces/handleable-error-options.d.ts +0 -7
package/dist/interfaces/handleable-error-options.d.ts.map +0 -1
package/dist/interfaces/handleable-error-options.js +0 -3
package/dist/interfaces/handleable-error-options.js.map +0 -1
package/dist/interfaces/index.d.ts.map +0 -1
package/dist/interfaces/index.js +0 -46
package/dist/interfaces/index.js.map +0 -1
package/dist/interfaces/jwt-consts.d.ts +0 -11
package/dist/interfaces/jwt-consts.d.ts.map +0 -1
package/dist/interfaces/jwt-consts.js +0 -3
package/dist/interfaces/jwt-consts.js.map +0 -1
package/dist/interfaces/jwt-sign-response.d.ts +0 -11
package/dist/interfaces/jwt-sign-response.d.ts.map +0 -1
package/dist/interfaces/jwt-sign-response.js +0 -3
package/dist/interfaces/jwt-sign-response.js.map +0 -1
package/dist/interfaces/mongo-errors.d.ts +0 -5
package/dist/interfaces/mongo-errors.d.ts.map +0 -1
package/dist/interfaces/mongo-errors.js +0 -3
package/dist/interfaces/mongo-errors.js.map +0 -1
package/dist/interfaces/request-user.d.ts +0 -42
package/dist/interfaces/request-user.d.ts.map +0 -1
package/dist/interfaces/request-user.js +0 -3
package/dist/interfaces/request-user.js.map +0 -1
package/dist/interfaces/required-string-keys.d.ts +0 -22
package/dist/interfaces/required-string-keys.d.ts.map +0 -1
package/dist/interfaces/required-string-keys.js +0 -3
package/dist/interfaces/required-string-keys.js.map +0 -1
package/dist/interfaces/schema.d.ts +0 -29
package/dist/interfaces/schema.d.ts.map +0 -1
package/dist/interfaces/schema.js +0 -3
package/dist/interfaces/schema.js.map +0 -1
package/dist/interfaces/server-init-result.d.ts +0 -35
package/dist/interfaces/server-init-result.d.ts.map +0 -1
package/dist/interfaces/server-init-result.js +0 -3
package/dist/interfaces/server-init-result.js.map +0 -1
package/dist/interfaces/status-code-response.d.ts +0 -7
package/dist/interfaces/status-code-response.d.ts.map +0 -1
package/dist/interfaces/status-code-response.js +0 -3
package/dist/interfaces/status-code-response.js.map +0 -1
package/dist/interfaces/symmetric-encryption-results.d.ts +0 -5
package/dist/interfaces/symmetric-encryption-results.d.ts.map +0 -1
package/dist/interfaces/symmetric-encryption-results.js.map +0 -1
package/dist/interfaces/token-response.d.ts.map +0 -1
package/dist/interfaces/token-response.js +0 -3
package/dist/interfaces/token-response.js.map +0 -1
package/dist/middlewares/authenticate-crypto.d.ts +0 -13
package/dist/middlewares/authenticate-crypto.d.ts.map +0 -1
package/dist/middlewares/authenticate-crypto.js +0 -146
package/dist/middlewares/authenticate-crypto.js.map +0 -1
package/dist/middlewares/authenticate-token.d.ts +0 -24
package/dist/middlewares/authenticate-token.d.ts.map +0 -1
package/dist/middlewares/authenticate-token.js +0 -102
package/dist/middlewares/authenticate-token.js.map +0 -1
package/dist/middlewares/cleanup-crypto.d.ts +0 -7
package/dist/middlewares/cleanup-crypto.d.ts.map +0 -1
package/dist/middlewares/cleanup-crypto.js +0 -32
package/dist/middlewares/cleanup-crypto.js.map +0 -1
package/dist/middlewares/index.d.ts.map +0 -1
package/dist/middlewares/index.js +0 -21
package/dist/middlewares/index.js.map +0 -1
package/dist/middlewares/set-global-context-language.d.ts +0 -3
package/dist/middlewares/set-global-context-language.d.ts.map +0 -1
package/dist/middlewares/set-global-context-language.js +0 -14
package/dist/middlewares/set-global-context-language.js.map +0 -1
package/dist/middlewares.d.ts +0 -18
package/dist/middlewares.d.ts.map +0 -1
package/dist/middlewares.js +0 -76
package/dist/middlewares.js.map +0 -1
package/dist/model-registry.d.ts +0 -23
package/dist/model-registry.d.ts.map +0 -1
package/dist/model-registry.js +0 -47
package/dist/model-registry.js.map +0 -1
package/dist/models/email-token.d.ts +0 -11
package/dist/models/email-token.d.ts.map +0 -1
package/dist/models/email-token.js +0 -11
package/dist/models/email-token.js.map +0 -1
package/dist/models/index.d.ts.map +0 -1
package/dist/models/index.js +0 -23
package/dist/models/index.js.map +0 -1
package/dist/models/mnemonic.d.ts +0 -11
package/dist/models/mnemonic.d.ts.map +0 -1
package/dist/models/mnemonic.js +0 -11
package/dist/models/mnemonic.js.map +0 -1
package/dist/models/role.d.ts +0 -11
package/dist/models/role.d.ts.map +0 -1
package/dist/models/role.js +0 -11
package/dist/models/role.js.map +0 -1
package/dist/models/used-direct-login-token.d.ts +0 -11
package/dist/models/used-direct-login-token.d.ts.map +0 -1
package/dist/models/used-direct-login-token.js +0 -11
package/dist/models/used-direct-login-token.js.map +0 -1
package/dist/models/user-role.d.ts +0 -6
package/dist/models/user-role.d.ts.map +0 -1
package/dist/models/user-role.js +0 -10
package/dist/models/user-role.js.map +0 -1
package/dist/models/user.d.ts +0 -7
package/dist/models/user.d.ts.map +0 -1
package/dist/models/user.js +0 -11
package/dist/models/user.js.map +0 -1
package/dist/registry/email-service-registry.d.ts +0 -9
package/dist/registry/email-service-registry.d.ts.map +0 -1
package/dist/registry/email-service-registry.js +0 -17
package/dist/registry/email-service-registry.js.map +0 -1
package/dist/registry/index.d.ts.map +0 -1
package/dist/registry/index.js +0 -6
package/dist/registry/index.js.map +0 -1
package/dist/routers/api.d.ts +0 -27
package/dist/routers/api.d.ts.map +0 -1
package/dist/routers/api.js +0 -44
package/dist/routers/api.js.map +0 -1
package/dist/routers/app.d.ts +0 -28
package/dist/routers/app.d.ts.map +0 -1
package/dist/routers/app.js +0 -182
package/dist/routers/app.js.map +0 -1
package/dist/routers/base.d.ts +0 -12
package/dist/routers/base.d.ts.map +0 -1
package/dist/routers/base.js +0 -12
package/dist/routers/base.js.map +0 -1
package/dist/routers/index.d.ts.map +0 -1
package/dist/routers/index.js +0 -20
package/dist/routers/index.js.map +0 -1
package/dist/schemas/email-token.d.ts +0 -38
package/dist/schemas/email-token.d.ts.map +0 -1
package/dist/schemas/email-token.js +0 -56
package/dist/schemas/email-token.js.map +0 -1
package/dist/schemas/index.d.ts.map +0 -1
package/dist/schemas/index.js +0 -24
package/dist/schemas/index.js.map +0 -1
package/dist/schemas/mnemonic.d.ts +0 -20
package/dist/schemas/mnemonic.d.ts.map +0 -1
package/dist/schemas/mnemonic.js +0 -30
package/dist/schemas/mnemonic.js.map +0 -1
package/dist/schemas/role.d.ts +0 -32
package/dist/schemas/role.d.ts.map +0 -1
package/dist/schemas/role.js +0 -86
package/dist/schemas/role.js.map +0 -1
package/dist/schemas/schema.d.ts +0 -40
package/dist/schemas/schema.d.ts.map +0 -1
package/dist/schemas/schema.js +0 -64
package/dist/schemas/schema.js.map +0 -1
package/dist/schemas/used-direct-login-token.d.ts +0 -27
package/dist/schemas/used-direct-login-token.d.ts.map +0 -1
package/dist/schemas/used-direct-login-token.js +0 -23
package/dist/schemas/used-direct-login-token.js.map +0 -1
package/dist/schemas/user-role.d.ts +0 -29
package/dist/schemas/user-role.d.ts.map +0 -1
package/dist/schemas/user-role.js +0 -54
package/dist/schemas/user-role.js.map +0 -1
package/dist/schemas/user.d.ts +0 -21
package/dist/schemas/user.d.ts.map +0 -1
package/dist/schemas/user.js +0 -178
package/dist/schemas/user.js.map +0 -1
package/dist/services/backup-code.d.ts +0 -78
package/dist/services/backup-code.d.ts.map +0 -1
package/dist/services/backup-code.js +0 -180
package/dist/services/backup-code.js.map +0 -1
package/dist/services/base.d.ts +0 -13
package/dist/services/base.d.ts.map +0 -1
package/dist/services/base.js +0 -14
package/dist/services/base.js.map +0 -1
package/dist/services/checksum.d.ts +0 -67
package/dist/services/checksum.d.ts.map +0 -1
package/dist/services/checksum.js +0 -175
package/dist/services/checksum.js.map +0 -1
package/dist/services/crc.d.ts +0 -87
package/dist/services/crc.d.ts.map +0 -1
package/dist/services/crc.js +0 -198
package/dist/services/crc.js.map +0 -1
package/dist/services/database-initialization.d.ts +0 -105
package/dist/services/database-initialization.d.ts.map +0 -1
package/dist/services/database-initialization.js +0 -779
package/dist/services/database-initialization.js.map +0 -1
package/dist/services/direct-login-token.d.ts +0 -9
package/dist/services/direct-login-token.d.ts.map +0 -1
package/dist/services/direct-login-token.js +0 -41
package/dist/services/direct-login-token.js.map +0 -1
package/dist/services/fec-usage-example.d.ts +0 -38
package/dist/services/fec-usage-example.d.ts.map +0 -1
package/dist/services/fec-usage-example.js +0 -77
package/dist/services/fec-usage-example.js.map +0 -1
package/dist/services/fec.d.ts +0 -46
package/dist/services/fec.d.ts.map +0 -1
package/dist/services/fec.js +0 -192
package/dist/services/fec.js.map +0 -1
package/dist/services/index.d.ts.map +0 -1
package/dist/services/index.js +0 -35
package/dist/services/index.js.map +0 -1
package/dist/services/jwt.d.ts +0 -33
package/dist/services/jwt.d.ts.map +0 -1
package/dist/services/jwt.js +0 -90
package/dist/services/jwt.js.map +0 -1
package/dist/services/key-wrapping.d.ts +0 -60
package/dist/services/key-wrapping.d.ts.map +0 -1
package/dist/services/key-wrapping.js +0 -311
package/dist/services/key-wrapping.js.map +0 -1
package/dist/services/mnemonic.d.ts +0 -61
package/dist/services/mnemonic.d.ts.map +0 -1
package/dist/services/mnemonic.js +0 -112
package/dist/services/mnemonic.js.map +0 -1
package/dist/services/request-user.d.ts +0 -20
package/dist/services/request-user.d.ts.map +0 -1
package/dist/services/request-user.js +0 -50
package/dist/services/request-user.js.map +0 -1
package/dist/services/role.d.ts +0 -88
package/dist/services/role.d.ts.map +0 -1
package/dist/services/role.js +0 -263
package/dist/services/role.js.map +0 -1
package/dist/services/symmetric.d.ts +0 -42
package/dist/services/symmetric.d.ts.map +0 -1
package/dist/services/symmetric.js +0 -101
package/dist/services/symmetric.js.map +0 -1
package/dist/services/system-user.d.ts +0 -17
package/dist/services/system-user.d.ts.map +0 -1
package/dist/services/system-user.js +0 -46
package/dist/services/system-user.js.map +0 -1
package/dist/services/user.d.ts +0 -320
package/dist/services/user.d.ts.map +0 -1
package/dist/services/user.js +0 -1374
package/dist/services/user.js.map +0 -1
package/dist/services/xor.d.ts +0 -24
package/dist/services/xor.d.ts.map +0 -1
package/dist/services/xor.js +0 -37
package/dist/services/xor.js.map +0 -1
package/dist/types.d.ts +0 -70
package/dist/types.d.ts.map +0 -1
package/dist/types.js +0 -14
package/dist/types.js.map +0 -1
package/dist/utils.d.ts +0 -202
package/dist/utils.d.ts.map +0 -1
package/dist/utils.js +0 -786
package/dist/utils.js.map +0 -1
/package/{dist → src}/interfaces/symmetric-encryption-results.js +0 -0

package/src/middlewares/authenticate-crypto.ts ADDED Viewed

@@ -0,0 +1,243 @@
+import { IECIESConfig, SecureString } from '@digitaldefiance/ecies-lib';
+import {
+  Member as BackendMember,
+  ECIESService,
+} from '@digitaldefiance/node-ecies-lib';
+import {
+  AccountStatus,
+  getSuiteCoreTranslation,
+  InvalidCredentialsError,
+  SuiteCoreStringKey,
+} from '@digitaldefiance/suite-core-lib';
+import { NextFunction, Request, Response } from 'express';
+import { ClientSession, Types } from 'mongoose';
+import { IUserDocument } from '../documents/user';
+import { BaseModelName } from '../enumerations';
+import { InvalidPasswordError } from '../errors';
+import { IApplication } from '../interfaces/application';
+import { emailServiceRegistry } from '../registry';
+import { BackupCodeService } from '../services/backup-code';
+import { KeyWrappingService } from '../services/key-wrapping';
+import { RoleService } from '../services/role';
+import { UserService } from '../services/user';
+import { withTransaction } from '../utils';
+import { IBaseDocument } from '../documents';
+import { Environment } from '../environment';
+import { IConstants } from '../interfaces';
+/**
+ * Middleware to authenticate crypto operations requiring private key access
+ * Expects mnemonic or password in request body for fresh authentication
+ */
+export async function authenticateCrypto<
+  TAccountStatus extends string = AccountStatus,
+>(
+  application: IApplication<any, Types.ObjectId, IBaseDocument<any, Types.ObjectId>, Environment, IConstants>,
+  req: Request,
+  res: Response,
+  next: NextFunction,
+  activeStatusValue: TAccountStatus = AccountStatus.Active as TAccountStatus,
+): Promise<Response | void> {
+  if (!req.user) {
+    return res
+      .status(401)
+      .send(
+        // amazonq-ignore-next-line false positive, hardcoded string
+        getSuiteCoreTranslation(SuiteCoreStringKey.Validation_InvalidToken),
+      );
+  }
+  // Try validatedBody first (if validation has run), then fall back to raw body
+  // Note: This middleware runs BEFORE validation, so validatedBody may not exist yet
+  const validatedBody = (req as Request & { validatedBody?: unknown })
+    .validatedBody as Record<string, unknown> | undefined;
+  const rawBody = req.body as Record<string, unknown> | undefined;
+  const sourceBody = validatedBody ?? rawBody;
+  if (!sourceBody) {
+    return res.status(400).send({
+      // amazonq-ignore-next-line false positive, hardcoded string
+      message: getSuiteCoreTranslation(
+        SuiteCoreStringKey.Validation_MnemonicOrPasswordRequired,
+      ),
+    });
+  }
+  const mnemonic =
+    typeof sourceBody['mnemonic'] === 'string'
+      ? (sourceBody['mnemonic'] as string)
+      : undefined;
+  const password =
+    // amazonq-ignore-next-line false positive
+    typeof sourceBody['password'] === 'string'
+      ? (sourceBody['password'] as string)
+      : undefined;
+  if (!mnemonic && !password) {
+    return res.status(400).send({
+      // amazonq-ignore-next-line false positive, hardcoded string
+      message: getSuiteCoreTranslation(
+        SuiteCoreStringKey.Validation_MnemonicOrPasswordRequired,
+      ),
+    });
+  }
+  const UserModel = application.getModel<IUserDocument<string>>(
+    BaseModelName.User,
+  );
+  const config: IECIESConfig = {
+    curveName: application.constants.ECIES.CURVE_NAME,
+    primaryKeyDerivationPath:
+      application.constants.ECIES.PRIMARY_KEY_DERIVATION_PATH,
+    mnemonicStrength: application.constants.ECIES.MNEMONIC_STRENGTH,
+    symmetricAlgorithm:
+      application.constants.ECIES.SYMMETRIC_ALGORITHM_CONFIGURATION,
+    symmetricKeyBits: application.constants.ECIES.SYMMETRIC.KEY_BITS,
+    symmetricKeyMode: application.constants.ECIES.SYMMETRIC.MODE,
+  };
+  const keyWrappingService = new KeyWrappingService();
+  const roleService = new RoleService(application);
+  const userService = new UserService(
+    application,
+    roleService,
+    emailServiceRegistry.getService(),
+    keyWrappingService,
+    new BackupCodeService(
+      application,
+      new ECIESService(config),
+      keyWrappingService,
+      roleService,
+    ),
+  );
+  try {
+    return await withTransaction<Response | void>(
+      application.db.connection,
+      application.environment.mongo.useTransactions,
+      undefined,
+      async (sess: ClientSession | undefined) => {
+        const userDoc = await UserModel.findById(req.user!.id)
+          .session(sess ?? null)
+          .exec();
+        if (!userDoc || userDoc.accountStatus !== activeStatusValue) {
+          return (
+            res
+              .status(403)
+              .send(
+                // amazonq-ignore-next-line false positive, hardcoded string
+                getSuiteCoreTranslation(
+                  SuiteCoreStringKey.Validation_UserNotFound,
+                ),
+              )
+          );
+        }
+        // Ensure we're only authenticating the currently logged-in user
+        if (userDoc._id.toString() !== req.user!.id) {
+          return (
+            res
+              .status(403)
+              .send(
+                // amazonq-ignore-next-line false positive, hardcoded string
+                getSuiteCoreTranslation(
+                  SuiteCoreStringKey.Validation_InvalidCredentials,
+                ),
+              )
+          );
+        }
+        let loginResult: {
+          userDoc: IUserDocument;
+          userMember: BackendMember;
+          adminMember: BackendMember;
+        };
+        if (mnemonic) {
+          // Authenticate with mnemonic
+          const userMnemonic = new SecureString(mnemonic);
+          try {
+            loginResult = await userService.loginWithMnemonic(
+              userDoc.email,
+              userMnemonic,
+              sess,
+            );
+          } finally {
+            userMnemonic.dispose();
+          }
+        } else if (password) {
+          // Authenticate with password
+          loginResult = await userService.loginWithPassword(
+            userDoc.email,
+            password,
+            sess,
+          );
+        } else {
+          // Should not happen due to earlier guard; keeps TypeScript happy
+          return res.status(400).send({
+            // amazonq-ignore-next-line false positive, hardcoded string
+            message: getSuiteCoreTranslation(
+              SuiteCoreStringKey.Validation_MnemonicOrPasswordRequired,
+            ),
+          });
+        }
+        // Double-check authenticated user matches logged-in user
+        if (loginResult.userDoc._id.toString() !== req.user!.id) {
+          return (
+            res
+              .status(403)
+              .send(
+                // amazonq-ignore-next-line false positive, hardcoded string
+                getSuiteCoreTranslation(
+                  SuiteCoreStringKey.Validation_InvalidCredentials,
+                ),
+              )
+          );
+        }
+        // Attach the fully authenticated member (with private key) to the request
+        req.eciesUser = loginResult.userMember;
+        // Do not attach the admin user to the request; it's a process-wide singleton
+        // and must not be disposed as part of request cleanup.
+        next();
+        return;
+      },
+      {
+        timeoutMs: application.environment.mongo.transactionTimeout,
+      },
+    );
+  } catch (err) {
+    if (
+      err instanceof InvalidCredentialsError ||
+      err instanceof InvalidPasswordError
+    ) {
+      // amazonq-ignore-next-line false positive
+      console.error(
+        'Crypto authentication failed:',
+        `userId=${String(req.user?.id || 'unknown').replace(
+          /[\r\n]/g,
+          '',
+        )} hasPassword=${!!password} hasMnemonic=${!!mnemonic}`,
+      );
+      return res.status(401).send({
+        // amazonq-ignore-next-line false positive, hardcoded string
+        message: getSuiteCoreTranslation(
+          SuiteCoreStringKey.Validation_InvalidCredentials,
+        ),
+      });
+    }
+    const sanitizedErr =
+      err instanceof Error
+        ? err.message.replace(/[\r\n]/g, ' ')
+        : String(err).replace(/[\r\n]/g, ' ');
+    console.error('Unexpected error in authenticateCrypto:', sanitizedErr);
+    return res.status(500).send({
+      // amazonq-ignore-next-line false positive, hardcoded string
+      message: getSuiteCoreTranslation(
+        SuiteCoreStringKey.Common_UnexpectedError,
+      ),
+      error: err,
+    });
+  }
+}

package/src/middlewares/authenticate-token.ts ADDED Viewed

@@ -0,0 +1,152 @@
+import { GlobalActiveContext, Timezone } from '@digitaldefiance/i18n-lib';
+import {
+  AccountStatus,
+  getSuiteCoreTranslation,
+  ITokenRole,
+  ITokenUser,
+  SuiteCoreStringKey,
+} from '@digitaldefiance/suite-core-lib';
+import { NextFunction, Request, Response } from 'express';
+import { IncomingHttpHeaders } from 'http';
+import { ClientSession, Types } from 'mongoose';
+import { IUserDocument } from '../documents/user';
+import { BaseModelName } from '../enumerations/base-model-name';
+import { TokenExpiredError } from '../errors/token-expired';
+import { IApplication } from '../interfaces/application';
+import { JwtService } from '../services/jwt';
+import { RequestUserService } from '../services/request-user';
+import { RoleService } from '../services/role';
+import { withTransaction } from '../utils';
+import { IBaseDocument } from '../documents';
+import { Environment } from '../environment';
+import { IConstants } from '../interfaces';
+/**
+ * Find the auth token in the headers
+ * @param headers The headers
+ * @returns The auth token
+ */
+export function findAuthToken(headers: IncomingHttpHeaders): string | null {
+  const authHeader = headers['Authorization'] || headers['authorization'];
+  if (authHeader && typeof authHeader === 'string') {
+    const parts = authHeader.split(' ');
+    if (parts.length === 2 && parts[0].toLowerCase() === 'bearer') {
+      return parts[1];
+    }
+  }
+  return null;
+}
+/**
+ * Middleware to authenticate a token
+ * @param application The application
+ * @param req The request
+ * @param res The response
+ * @param next The next function
+ * @returns The response
+ */
+export async function authenticateToken<
+  I = Types.ObjectId,
+  D extends Date = Date,
+  TTokenRole extends ITokenRole<I, D> = ITokenRole<I, D>,
+  TTokenUser extends ITokenUser = ITokenUser,
+  TApplication extends IApplication<any, Types.ObjectId, IBaseDocument<any, Types.ObjectId>, Environment, IConstants> = IApplication<any, Types.ObjectId, IBaseDocument<any, Types.ObjectId>, Environment, IConstants>,
+>(
+  application: TApplication,
+  req: Request,
+  res: Response,
+  next: NextFunction,
+): Promise<Response> {
+  const UserModel = application.getModel<IUserDocument>(BaseModelName.User);
+  const token = findAuthToken(req.headers);
+  if (token == null) {
+    return res
+      .status(401)
+      .send(
+        getSuiteCoreTranslation(SuiteCoreStringKey.Validation_InvalidToken),
+      );
+  }
+  try {
+    return await withTransaction<Response>(
+      application.db.connection,
+      application.environment.mongo.useTransactions,
+      undefined,
+      async (sess: ClientSession | undefined) => {
+        const jwtService = new JwtService<
+          I,
+          D,
+          TTokenRole,
+          TTokenUser,
+          TApplication
+        >(application);
+        const user: TTokenUser | null = await jwtService.verifyToken(token);
+        if (user === null) {
+          return (
+            res
+              .status(403)
+              .send(
+                // amazonq-ignore-next-line false positive, hardcoded string
+                getSuiteCoreTranslation(
+                  SuiteCoreStringKey.Validation_UserNotFound,
+                ),
+              )
+          );
+        }
+        const userDoc = await UserModel.findById(user.userId, {
+          password: 0,
+        })
+          .session(sess ?? null)
+          .exec();
+        if (!userDoc || userDoc.accountStatus !== AccountStatus.Active) {
+          return (
+            res
+              .status(403)
+              .send(
+                // amazonq-ignore-next-line false positive, hardcoded string
+                getSuiteCoreTranslation(
+                  SuiteCoreStringKey.Validation_UserNotFound,
+                ),
+              )
+          );
+        }
+        const roleService: RoleService = new RoleService(application);
+        const roles = await roleService.getUserRoles(userDoc._id, sess);
+        const tokenRoles = roleService.rolesToTokenRoles(roles);
+        req.user = RequestUserService.makeRequestUserDTO(userDoc, tokenRoles);
+        const context = GlobalActiveContext.getInstance();
+        context.userLanguage = userDoc.siteLanguage ?? context.userLanguage;
+        context.setLanguageContextSpace('user');
+        context.userTimezone = new Timezone(userDoc.timezone);
+        next();
+        return res;
+      },
+      {
+        timeoutMs: application.environment.mongo.transactionTimeout,
+      },
+    );
+  } catch (err) {
+    if (err instanceof TokenExpiredError) {
+      return res.status(401).send({
+        message: getSuiteCoreTranslation(
+          SuiteCoreStringKey.Validation_TokenExpired,
+        ),
+        error: err,
+      });
+    } else if (err instanceof Error && err.name === 'JsonWebTokenError') {
+      return res.status(400).send({
+        message: getSuiteCoreTranslation(
+          SuiteCoreStringKey.Validation_InvalidToken,
+        ),
+        error: err,
+      });
+    } else {
+      return res.status(500).send({
+        message: getSuiteCoreTranslation(
+          SuiteCoreStringKey.Common_UnexpectedError,
+        ),
+        error: err,
+      });
+    }
+  }
+}

package/src/middlewares/cleanup-crypto.ts ADDED Viewed

@@ -0,0 +1,40 @@
+import { NextFunction, Request, Response } from 'express';
+/**
+ * Middleware to clean up crypto resources after request completion
+ * Should be used after crypto operations to ensure private keys are disposed
+ */
+export function cleanupCrypto(
+  req: Request,
+  res: Response,
+  next: NextFunction,
+): void {
+  // Store original end function
+  const originalEnd = res.end;
+  // Override end function to cleanup before response
+  const wrappedEnd = function (this: Response, ...args: unknown[]) {
+    // Cleanup eciesUser if it exists
+    if (req.eciesUser) {
+      try {
+        // Dispose of sensitive cryptographic material
+        req.eciesUser.dispose();
+        req.eciesUser = undefined;
+      } catch (error) {
+        console.error('Error cleaning up crypto resources:', error);
+      }
+    }
+    // Do not dispose system user here; it may be a process-wide singleton
+    // Call original end function
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    return (originalEnd as unknown as (...a: any[]) => Response).apply(
+      this,
+      args,
+    );
+  } as unknown as typeof res.end;
+  res.end = wrappedEnd;
+  next();
+}

package/{dist/middlewares/index.d.ts → src/middlewares/index.ts} RENAMED Viewed

@@ -2,4 +2,3 @@ export * from './authenticate-crypto';
 export * from './authenticate-token';
 export * from './cleanup-crypto';
 export * from './set-global-context-language';
-//# sourceMappingURL=index.d.ts.map

package/src/middlewares/set-global-context-language.ts ADDED Viewed

@@ -0,0 +1,24 @@
+// src/middlewares/injectMongooseContext.ts
+import {
+  GlobalActiveContext,
+  LanguageRegistry,
+} from '@digitaldefiance/i18n-lib';
+import { NextFunction, Request, Response } from 'express';
+export function setGlobalContextLanguageFromRequest(
+  req: Request,
+  res: Response,
+  next: NextFunction,
+) {
+  // Use fallback chain: accept-language -> user preference -> site default
+  const language = LanguageRegistry.getMatchingLanguageCode(
+    req.headers['accept-language'] as string,
+    req.user?.siteLanguage as string,
+  );
+  const context = GlobalActiveContext.getInstance();
+  context.setUserLanguage(language);
+  context.setLanguageContextSpace('user');
+  next();
+}

package/src/middlewares.ts ADDED Viewed

@@ -0,0 +1,120 @@
+import cors from 'cors';
+import { randomBytes } from 'crypto';
+import {
+  Application,
+  json,
+  NextFunction,
+  Request,
+  Response,
+  urlencoded,
+} from 'express';
+import helmet from 'helmet';
+import { IncomingMessage, ServerResponse } from 'http';
+const corsOptionsDelegate = (corsWhitelist: string[]) => {
+  return (
+    req: cors.CorsRequest,
+    callback: (
+      error: Error | null,
+      options: cors.CorsOptions | undefined,
+    ) => void,
+  ) => {
+    let corsOptions: cors.CorsOptions;
+    const origin = req.headers.origin;
+    if (
+      origin &&
+      corsWhitelist.find((w: string | RegExp) => {
+        if (w instanceof RegExp) {
+          return w.test(origin);
+        } else {
+          return w === origin;
+        }
+      })
+    ) {
+      corsOptions = { origin: true };
+    } else {
+      corsOptions = { origin: false };
+    }
+    callback(null, corsOptions);
+  };
+};
+export class Middlewares {
+  /**
+   * Initialize the middleware
+   * @param app - Express application
+   */
+  public static init(
+    app: Application,
+    corsWhitelist: string[],
+    csp: {
+      defaultSrc: (
+        | string
+        | ((req: IncomingMessage, res: ServerResponse) => string)
+      )[];
+      imgSrc: (
+        | string
+        | ((req: IncomingMessage, res: ServerResponse) => string)
+      )[];
+      connectSrc: (
+        | string
+        | ((req: IncomingMessage, res: ServerResponse) => string)
+      )[];
+      scriptSrc: (
+        | string
+        | ((req: IncomingMessage, res: ServerResponse) => string)
+      )[];
+      styleSrc: (
+        | string
+        | ((req: IncomingMessage, res: ServerResponse) => string)
+      )[];
+      fontSrc: (
+        | string
+        | ((req: IncomingMessage, res: ServerResponse) => string)
+      )[];
+      frameSrc: (
+        | string
+        | ((req: IncomingMessage, res: ServerResponse) => string)
+      )[];
+    },
+  ): void {
+    // Helmet helps you secure your Express apps by setting various HTTP headers
+    // CSP nonce
+    app.use((req: Request, res: Response, next: NextFunction) => {
+      res.locals['cspNonce'] = randomBytes(32).toString('hex');
+      next();
+    });
+    app.use(
+      helmet({
+        contentSecurityPolicy: {
+          directives: {
+            defaultSrc: ["'self'", ...csp.defaultSrc],
+            imgSrc: ["'self'", 'data:', 'blob:', ...csp.imgSrc],
+            connectSrc: ["'self'", ...csp.connectSrc],
+            scriptSrc: [
+              "'self'",
+              //"'unsafe-inline'",
+              "'strict-dynamic'",
+              (req: IncomingMessage, res: ServerResponse) =>
+                `'nonce-${(res as Response).locals['cspNonce']}'`,
+              ...csp.scriptSrc,
+            ],
+            styleSrc: [
+              "'self'",
+              // "'unsafe-inline'",
+              ...csp.styleSrc,
+            ],
+            fontSrc: ["'self'", ...csp.fontSrc],
+            frameSrc: ["'self'", ...csp.frameSrc],
+          },
+        },
+      }),
+    );
+    // Enable CORS
+    app.use(cors(corsOptionsDelegate(corsWhitelist)));
+    // Parse incoming requests with JSON payloads
+    app.use(json());
+    // Parse incoming requests with urlencoded payloads
+    app.use(urlencoded({ extended: true }));
+  }
+}

package/src/model-registry.ts ADDED Viewed

@@ -0,0 +1,75 @@
+import { Model, Document as MongooseDocument, Schema } from 'mongoose';
+import { IBaseDocument } from './documents/base';
+import { InvalidModelError } from './errors';
+export type ModelRegistration<T, U extends IBaseDocument<T>> = {
+  modelName: string;
+  schema: Schema;
+  model: Model<U>;
+  collection: string;
+  discriminators?: unknown;
+};
+class ModelRegistry {
+  protected static _instance: ModelRegistry;
+  protected _models: Map<string, ModelRegistration<any, IBaseDocument<any>>> =
+    new Map();
+  private constructor() {}
+  public static get instance(): ModelRegistry {
+    if (!ModelRegistry._instance) {
+      ModelRegistry._instance = new ModelRegistry();
+    }
+    return ModelRegistry._instance;
+  }
+  public register<T, U extends IBaseDocument<T>>(
+    registration: ModelRegistration<T, U>,
+  ): void {
+    this._models.set(
+      registration.modelName,
+      registration as ModelRegistration<T, U>,
+    );
+  }
+  public get<T, U extends IBaseDocument<T>>(
+    modelName: string,
+  ): ModelRegistration<T, U> {
+    const result = this._models.get(modelName) as ModelRegistration<T, U>;
+    if (result === undefined) {
+      throw new InvalidModelError(modelName);
+    }
+    return result;
+  }
+  public getTypedModel<TDoc extends MongooseDocument>(
+    modelName: string,
+  ): Model<TDoc> {
+    const result = this._models.get(modelName);
+    if (result === undefined) {
+      throw new InvalidModelError(modelName);
+    }
+    return result.model as Model<TDoc>;
+  }
+  public getTypedSchema<TDoc extends MongooseDocument>(
+    modelName: string,
+  ): Schema<TDoc> {
+    const result = this._models.get(modelName);
+    if (result === undefined) {
+      throw new InvalidModelError(modelName);
+    }
+    return result.schema as Schema<TDoc>;
+  }
+  public has(modelName: string): boolean {
+    return this._models.has(modelName);
+  }
+  public list(): string[] {
+    return Array.from(this._models.keys());
+  }
+}
+export { ModelRegistry };

package/src/models/email-token.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import { Connection, Schema } from 'mongoose';
+import { IEmailTokenDocument } from '../documents/email-token';
+import { BaseModelName } from '../enumerations';
+import { SchemaCollection } from '../enumerations/schema-collection';
+import { EmailTokenSchema } from '../schemas/email-token';
+export function EmailTokenModel<
+  TModelName extends string = BaseModelName,
+  TCollection extends string = SchemaCollection,
+>(
+  connection: Connection,
+  modelName: TModelName = BaseModelName.EmailToken as TModelName,
+  collection: TCollection = SchemaCollection.EmailToken as TCollection,
+  schema: Schema<IEmailTokenDocument> = EmailTokenSchema,
+) {
+  return connection.model<IEmailTokenDocument>(modelName, schema, collection);
+}
+export default EmailTokenModel;

package/{dist/models/index.d.ts → src/models/index.ts} RENAMED Viewed

@@ -4,4 +4,3 @@ export * from './role';
 export * from './used-direct-login-token';
 export * from './user';
 export * from './user-role';
-//# sourceMappingURL=index.d.ts.map