@digitaldefiance/node-express-suite 1.0.22 → 1.0.24

package/dist/controllers/user.js

@@ -1,750 +0,0 @@
-"use strict";
-/// <reference path="../types.d.ts" />
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.UserController = void 0;
-const ecies_lib_1 = require("@digitaldefiance/ecies-lib");
-const i18n_lib_1 = require("@digitaldefiance/i18n-lib");
-const node_ecies_lib_1 = require("@digitaldefiance/node-ecies-lib");
-const suite_core_lib_1 = require("@digitaldefiance/suite-core-lib");
-const express_validator_1 = require("express-validator");
-const mongoose_1 = require("mongoose");
-const zod_1 = require("zod");
-const backup_code_1 = require("../backup-code");
-const base_controller_1 = require("../decorators/base-controller");
-const controller_1 = require("../decorators/controller");
-const base_model_name_1 = require("../enumerations/base-model-name");
-const mnemonic_or_password_required_1 = require("../errors/mnemonic-or-password-required");
-const authenticate_token_1 = require("../middlewares/authenticate-token");
-const backup_code_2 = require("../services/backup-code");
-const jwt_1 = require("../services/jwt");
-const request_user_1 = require("../services/request-user");
-const role_1 = require("../services/role");
-const system_user_1 = require("../services/system-user");
-const user_1 = require("../services/user");
-const utils_1 = require("../utils");
-const isString = (v) => typeof v === 'string';
-const RegisterSchema = zod_1.z.object({
-    username: zod_1.z.string(),
-    email: zod_1.z.string(),
-    timezone: zod_1.z.string(),
-    password: zod_1.z.string().min(8).optional(),
-});
-const EmailLoginChallengeSchema = zod_1.z.object({
-    token: zod_1.z.string(),
-    signature: zod_1.z.string(),
-    email: zod_1.z.string().optional(),
-    username: zod_1.z.string().optional(),
-});
-const DirectLoginChallengeSchema = zod_1.z.object({
-    challenge: zod_1.z.string(),
-    signature: zod_1.z.string(),
-    email: zod_1.z.string().optional(),
-    username: zod_1.z.string().optional(),
-});
-let UserController = class UserController extends base_controller_1.DecoratorBaseController {
-    constructor(application, jwtService, userService, backupCodeService, roleService, eciesService) {
-        super(application);
-        this.jwtService = jwtService;
-        this.userService = userService;
-        this.backupCodeService = backupCodeService;
-        this.roleService = roleService;
-        this.eciesService = eciesService;
-        this.systemUser = system_user_1.SystemUserService.getSystemUser(application.environment);
-    }
-    async tokenVerifiedResponse(req, res, next) {
-        if (!req.user) {
-            throw new i18n_lib_1.HandleableError(new Error((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Common_NoUserOnRequest)), {
-                statusCode: 401,
-            });
-        }
-        return {
-            statusCode: 200,
-            response: {
-                message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_TokenValid),
-                user: req.user,
-            },
-        };
-    }
-    async refreshToken(req, res, next) {
-        const token = (0, authenticate_token_1.findAuthToken)(req.headers);
-        if (!token) {
-            throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_TokenMissing));
-        }
-        const tokenUser = await this.jwtService.verifyToken(token);
-        if (!tokenUser) {
-            throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_TokenInvalid));
-        }
-        const UserModel = this.application.getModel(base_model_name_1.BaseModelName.User);
-        const userDoc = await UserModel.findById(tokenUser.userId, {
-            password: 0,
-        });
-        if (!userDoc || userDoc.accountStatus !== suite_core_lib_1.AccountStatus.Active) {
-            throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UserNotFound));
-        }
-        const { token: newToken, roles } = await this.jwtService.signToken(userDoc, this.application.environment.jwtSecret, req.user?.siteLanguage ?? i18n_lib_1.LanguageCodes.EN_US);
-        return {
-            statusCode: 200,
-            response: {
-                message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.TokenRefreshed),
-                user: request_user_1.RequestUserService.makeRequestUserDTO(userDoc, roles),
-                token: newToken,
-                serverPublicKey: this.application.environment.systemPublicKeyHex ?? '',
-            },
-            headers: {
-                Authorization: `Bearer ${newToken}`,
-            },
-        };
-    }
-    async register(req, res, next) {
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            return await (0, utils_1.requireValidatedFieldsAsync)(req, RegisterSchema, async ({ username, email, timezone, password }) => {
-                if (!isString(username) ||
-                    !isString(email) ||
-                    !isString(timezone)) {
-                    throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MissingValidatedData));
-                }
-                const { user, mnemonic, backupCodes } = await this.userService.newUser(this.systemUser, {
-                    username: username.trim(),
-                    email: email.trim(),
-                    timezone: timezone,
-                }, undefined, undefined, sess, this.application.environment.debug, password);
-                await this.userService.createAndSendEmailToken(user, suite_core_lib_1.EmailTokenType.AccountVerification, sess, this.application.environment.debug);
-                return {
-                    statusCode: 201,
-                    response: {
-                        message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Registration_Success, { MNEMONIC: mnemonic }),
-                        mnemonic,
-                        backupCodes,
-                    },
-                };
-            });
-        }, {
-            timeoutMs: this.application.environment.mongo.transactionTimeout * 30,
-        });
-    }
-    async completeAccountVerification(req, res, next) {
-        const { token } = this.validatedBody;
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            await this.userService.verifyAccountTokenAndComplete(token, sess);
-            return {
-                statusCode: 200,
-                response: {
-                    message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.EmailVerification_Success),
-                },
-            };
-        });
-    }
-    async setLanguage(req, res, next) {
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            const { language } = this.validatedBody;
-            if (!req.user) {
-                throw new i18n_lib_1.HandleableError(new Error((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Common_NoUserOnRequest)), { statusCode: 401 });
-            }
-            const user = await this.userService.updateSiteLanguage(req.user.id, language, sess);
-            return {
-                statusCode: 200,
-                response: {
-                    message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.LanguageUpdate_Success),
-                    user,
-                },
-            };
-        });
-    }
-    async getBackupCodeCount(req, res, next) {
-        if (!req.user) {
-            throw new i18n_lib_1.HandleableError(new Error((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Common_NoUserOnRequest)), { statusCode: 401 });
-        }
-        const UserModel = this.application.getModel(base_model_name_1.BaseModelName.User);
-        const user = await UserModel.findById(req.user.id);
-        return {
-            statusCode: 200,
-            response: {
-                message: 'Backup codes retrieved',
-                codeCount: user?.backupCodes?.length || 0,
-            },
-        };
-    }
-    async resetBackupCodes(req, res, next) {
-        if (!req.user || !req.eciesUser || !req.eciesUser.hasPrivateKey) {
-            throw new i18n_lib_1.HandleableError(new Error((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Common_NoUserOnRequest)), { statusCode: 401 });
-        }
-        const newBackupCodes = await this.userService.resetUserBackupCodes(req.eciesUser, this.systemUser);
-        const codes = newBackupCodes.map((c) => c.notNullValue);
-        newBackupCodes.forEach((c) => c.dispose());
-        return {
-            statusCode: 200,
-            response: {
-                message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.BackupCodeRecovery_YourNewCodes),
-                backupCodes: codes,
-            },
-        };
-    }
-    async recoverMnemonic(req, res, next) {
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            if (!req.user) {
-                throw new i18n_lib_1.HandleableError(new Error((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidCredentials)), { statusCode: 401 });
-            }
-            else if (!req.eciesUser) {
-                throw new i18n_lib_1.HandleableError(new Error((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MnemonicOrPasswordRequired)), { statusCode: 401 });
-            }
-            const { password } = this.validatedBody;
-            if (!isString(password)) {
-                throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MissingValidatedData));
-            }
-            const userDoc = await this.userService.findUserById(new mongoose_1.Types.ObjectId(req.user.id), true, sess);
-            const mnemonic = await this.userService.recoverMnemonic(req.eciesUser, userDoc.mnemonicRecovery);
-            return {
-                statusCode: 200,
-                response: {
-                    message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.MnemonicRecovery_Success),
-                    mnemonic: mnemonic.notNullValue,
-                },
-            };
-        });
-    }
-    async changePassword(req, res, next) {
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            const { currentPassword, newPassword } = this.validatedBody;
-            if (!req.user) {
-                throw new i18n_lib_1.HandleableError(new Error((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Common_NoUserOnRequest)), { statusCode: 401 });
-            }
-            if (!isString(currentPassword) || !isString(newPassword)) {
-                throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MissingValidatedData));
-            }
-            await this.userService.changePassword(req.user.id, currentPassword, newPassword, sess);
-            return {
-                statusCode: 200,
-                response: {
-                    message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.PasswordChange_Success),
-                },
-            };
-        });
-    }
-    async requestDirectLogin(req, res, next) {
-        const challenge = this.userService.generateDirectLoginChallenge();
-        return {
-            statusCode: 200,
-            response: {
-                challenge: challenge,
-                message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Login_ChallengeGenerated),
-                serverPublicKey: this.application.environment.systemPublicKeyHex ?? '',
-            },
-        };
-    }
-    async directLoginChallenge(req, res, next) {
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            const { username, email, challenge, signature } = this.validatedBody;
-            const { userDoc } = await this.userService.verifyDirectLoginChallenge(String(challenge), String(signature), username ? String(username) : undefined, email ? String(email) : undefined, sess);
-            const { token: jwtToken, roles } = await this.jwtService.signToken(userDoc, this.application.environment.jwtSecret, req.user?.siteLanguage ?? i18n_lib_1.LanguageCodes.EN_US);
-            return {
-                statusCode: 200,
-                response: {
-                    user: userDoc,
-                    token: jwtToken,
-                    serverPublicKey: this.application.environment.systemPublicKeyHex ?? '',
-                    message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.LoggedIn_Success),
-                },
-            };
-        });
-    }
-    async requestEmailLogin(req, res, next) {
-        const { username, email } = this.validatedBody;
-        try {
-            await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-                const userDoc = await this.userService.findUser(email, username, sess);
-                await this.userService.createAndSendEmailToken(userDoc, suite_core_lib_1.EmailTokenType.LoginRequest, sess, this.application.environment.debug);
-            });
-        }
-        catch (error) {
-            // Suppress user-related errors for security
-        }
-        return {
-            statusCode: 200,
-            response: {
-                message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Email_TokenSent),
-            },
-        };
-    }
-    async emailLoginChallenge(req, res, next) {
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            const { token, signature } = this.validatedBody;
-            const userDoc = await this.userService.validateEmailLoginTokenChallenge(String(token), String(signature), sess);
-            const { token: jwtToken, roles } = await this.jwtService.signToken(userDoc, this.application.environment.jwtSecret, req.user?.siteLanguage ?? i18n_lib_1.LanguageCodes.EN_US);
-            return {
-                statusCode: 200,
-                response: {
-                    user: userDoc,
-                    token: jwtToken,
-                    serverPublicKey: this.application.environment.systemPublicKeyHex ?? '',
-                    message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.LoggedIn_Success),
-                },
-            };
-        });
-    }
-    async resendVerification(req, res, next) {
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            const { username, email } = this.validatedBody;
-            const UserModel = this.application.getModel(base_model_name_1.BaseModelName.User);
-            let query = {};
-            if (isString(username))
-                query.username = username;
-            else if (isString(email))
-                query.email = email;
-            else {
-                throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MissingValidatedData));
-            }
-            const user = await UserModel.findOne(query).session(sess ?? null);
-            if (!user) {
-                throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UserNotFound), { statusCode: 404 });
-            }
-            await this.userService.resendEmailToken(user._id.toString(), suite_core_lib_1.EmailTokenType.AccountVerification, sess, this.application.environment.debug);
-            return {
-                statusCode: 200,
-                response: {
-                    message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.EmailVerification_Resent),
-                },
-            };
-        });
-    }
-    async useBackupCodeLogin(req, res, next) {
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            const { code, newPassword, email, username } = this.validatedBody;
-            if (!code) {
-                throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MissingValidatedData));
-            }
-            const recoverMnemonic = this.validatedBody?.['recoverMnemonic'] === 'true' ||
-                this.validatedBody?.['recoverMnemonic'] === true;
-            const userDoc = await this.userService.findUser(email, username, sess);
-            const { user, userDoc: updatedUserDoc, codeCount, } = await this.backupCodeService.recoverKeyWithBackupCode(userDoc, code, newPassword ? new ecies_lib_1.SecureString(newPassword) : undefined, sess);
-            let mnemonic;
-            if (recoverMnemonic) {
-                const memberType = await this.roleService.getMemberType(updatedUserDoc, sess);
-                const freshUser = new node_ecies_lib_1.Member(this.eciesService, memberType, updatedUserDoc.username, new ecies_lib_1.EmailString(updatedUserDoc.email), Buffer.from(updatedUserDoc.publicKey, 'hex'), user.privateKey, undefined, updatedUserDoc._id, new Date(updatedUserDoc.createdAt), new Date(updatedUserDoc.updatedAt));
-                mnemonic = await this.userService.recoverMnemonic(freshUser, updatedUserDoc.mnemonicRecovery);
-            }
-            const { token, roles } = await this.jwtService.signToken(userDoc, this.application.environment.jwtSecret, i18n_lib_1.LanguageCodes.EN_US);
-            this.userService.updateLastLogin(updatedUserDoc._id).catch(() => { });
-            return {
-                statusCode: 200,
-                response: {
-                    user: request_user_1.RequestUserService.makeRequestUserDTO(userDoc, roles),
-                    token: token,
-                    message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.BackupCodeRecovery_Success),
-                    codeCount,
-                    ...(recoverMnemonic && mnemonic
-                        ? { mnemonic: mnemonic.value }
-                        : {}),
-                    serverPublicKey: this.application.environment.systemPublicKeyHex ?? '',
-                },
-            };
-        });
-    }
-    async forgotPassword(req, res, next) {
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            const { email } = this.validatedBody;
-            const UserModel = this.application.getModel(base_model_name_1.BaseModelName.User);
-            if (!isString(email)) {
-                throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MissingValidatedData));
-            }
-            const user = await UserModel.findOne({
-                email: email.toLowerCase(),
-            }).session(sess ?? null);
-            if (!user || !user.passwordWrappedPrivateKey) {
-                return {
-                    statusCode: 200,
-                    response: {
-                        message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.PasswordReset_Success),
-                    },
-                };
-            }
-            await this.userService.createAndSendEmailToken(user, suite_core_lib_1.EmailTokenType.PasswordReset, sess, this.application.environment.debug);
-            return {
-                statusCode: 200,
-                response: {
-                    message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.PasswordReset_Success),
-                },
-            };
-        });
-    }
-    async verifyResetToken(req, res, next) {
-        const token = req.query['token'];
-        if (!token) {
-            throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_TokenMissing));
-        }
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            await this.userService.verifyEmailToken(token, suite_core_lib_1.EmailTokenType.PasswordReset, sess);
-            return {
-                statusCode: 200,
-                response: {
-                    message: 'Token is valid',
-                },
-            };
-        });
-    }
-    async resetPassword(req, res, next) {
-        return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
-            const { token, newPassword, password, currentPassword, mnemonic } = this.validatedBody;
-            const selectedNewPassword = (newPassword ?? password);
-            if (!isString(token) || !isString(selectedNewPassword)) {
-                throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MissingValidatedData));
-            }
-            const credential = mnemonic ??
-                currentPassword;
-            if (!isString(credential)) {
-                throw new suite_core_lib_1.GenericValidationError((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MissingValidatedData));
-            }
-            await this.userService.resetPasswordWithToken(token, selectedNewPassword, credential, sess);
-            return {
-                statusCode: 200,
-                response: {
-                    message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.PasswordChange_Success),
-                },
-            };
-        });
-    }
-};
-exports.UserController = UserController;
-__decorate([
-    (0, controller_1.Get)('/verify', { auth: true }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "tokenVerifiedResponse", null);
-__decorate([
-    (0, controller_1.Get)('/refresh-token', { auth: true }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "refreshToken", null);
-__decorate([
-    (0, controller_1.Post)('/register', {
-        schema: RegisterSchema,
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)('username')
-                .matches(suite_core_lib_1.Constants.UsernameRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UsernameRegexErrorTemplate, undefined, validationLanguage)),
-            (0, express_validator_1.body)('email')
-                .isEmail()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidEmail, undefined, validationLanguage)),
-            (0, express_validator_1.body)('timezone')
-                .isString()
-                .custom((value) => (0, i18n_lib_1.isValidTimezone)(value))
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_TimezoneInvalid, undefined, validationLanguage)),
-            (0, express_validator_1.body)('password')
-                .optional()
-                .matches(suite_core_lib_1.Constants.PasswordRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_PasswordRegexErrorTemplate)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "register", null);
-__decorate([
-    (0, controller_1.Post)('/account-verification', {
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)('token')
-                .not()
-                .isEmpty()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_TokenRequired, undefined, validationLanguage))
-                .matches(new RegExp(`^[a-f0-9]{${suite_core_lib_1.Constants.EmailTokenLength * 2}}$`))
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidToken, undefined, validationLanguage)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "completeAccountVerification", null);
-__decorate([
-    (0, controller_1.Post)('/language', {
-        auth: true,
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)('language')
-                .isString()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidLanguage, undefined, validationLanguage))
-                .isIn(Object.values(i18n_lib_1.LanguageCodes))
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidLanguage, undefined, validationLanguage)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "setLanguage", null);
-__decorate([
-    (0, controller_1.Get)('/backup-codes', { auth: true }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "getBackupCodeCount", null);
-__decorate([
-    (0, controller_1.Post)('/backup-codes', {
-        auth: true,
-        cryptoAuth: true,
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)().custom((value, { req }) => {
-                if (!req.body?.password && !req.body?.mnemonic) {
-                    throw new mnemonic_or_password_required_1.MnemonicOrPasswordRequiredError();
-                }
-                return true;
-            }),
-            (0, express_validator_1.body)('password')
-                .optional()
-                .notEmpty()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_CurrentPasswordRequired, undefined, validationLanguage)),
-            (0, express_validator_1.body)('mnemonic')
-                .optional()
-                .notEmpty()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MnemonicRequired, undefined, validationLanguage))
-                .matches(suite_core_lib_1.Constants.MnemonicRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_MnemonicRegex, undefined, validationLanguage)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "resetBackupCodes", null);
-__decorate([
-    (0, controller_1.Post)('/recover-mnemonic', {
-        auth: true,
-        cryptoAuth: true,
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)('password')
-                .isString()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_CurrentPasswordRequired, undefined, validationLanguage)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "recoverMnemonic", null);
-__decorate([
-    (0, controller_1.Post)('/change-password', {
-        auth: true,
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)('currentPassword')
-                .notEmpty()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_Required, undefined, validationLanguage)),
-            (0, express_validator_1.body)('newPassword')
-                .matches(suite_core_lib_1.Constants.PasswordRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_PasswordRegexErrorTemplate))
-                .notEmpty()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_Required, undefined, validationLanguage)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "changePassword", null);
-__decorate([
-    (0, controller_1.Post)('/request-direct-login'),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "requestDirectLogin", null);
-__decorate([
-    (0, controller_1.Post)('/direct-challenge', {
-        schema: DirectLoginChallengeSchema,
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)('challenge')
-                .not()
-                .isEmpty()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidChallenge, undefined, validationLanguage))
-                .matches(new RegExp(`^[a-f0-9]{${(ecies_lib_1.UINT64_SIZE + 32 + ecies_lib_1.ECIES.SIGNATURE_SIZE) * 2}}$`))
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidChallenge, undefined, validationLanguage)),
-            (0, express_validator_1.body)('signature')
-                .not()
-                .isEmpty()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidSignature))
-                .matches(new RegExp(`^[a-f0-9]{${ecies_lib_1.ECIES.SIGNATURE_SIZE * 2}}$`))
-                .withMessage(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidSignature),
-            (0, express_validator_1.body)().custom((value, { req }) => {
-                if (!req.body.username && !req.body.email) {
-                    throw new suite_core_lib_1.UsernameOrEmailRequiredError();
-                }
-                return true;
-            }),
-            (0, express_validator_1.body)('username')
-                .optional()
-                .matches(suite_core_lib_1.Constants.UsernameRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UsernameRegexErrorTemplate, undefined, validationLanguage)),
-            (0, express_validator_1.body)('email')
-                .optional()
-                .isEmail()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidEmail, undefined, validationLanguage)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "directLoginChallenge", null);
-__decorate([
-    (0, controller_1.Post)('/request-email-login', {
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)().custom((value, { req }) => {
-                if (!req.body.username && !req.body.email) {
-                    throw new suite_core_lib_1.UsernameOrEmailRequiredError();
-                }
-                return true;
-            }),
-            (0, express_validator_1.body)('username')
-                .optional()
-                .matches(suite_core_lib_1.Constants.UsernameRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UsernameRegexErrorTemplate, undefined, validationLanguage)),
-            (0, express_validator_1.body)('email')
-                .optional()
-                .isEmail()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidEmail, undefined, validationLanguage)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "requestEmailLogin", null);
-__decorate([
-    (0, controller_1.Post)('/email-challenge', {
-        schema: EmailLoginChallengeSchema,
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)('token')
-                .not()
-                .isEmpty()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_TokenRequired, undefined, validationLanguage))
-                .matches(new RegExp(`^[a-f0-9]{${suite_core_lib_1.Constants.EmailTokenLength * 2}}$`))
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidToken, undefined, validationLanguage)),
-            (0, express_validator_1.body)('signature')
-                .not()
-                .isEmpty()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidSignature))
-                .matches(new RegExp(`^[a-f0-9]{${ecies_lib_1.ECIES.SIGNATURE_SIZE * 2}}$`))
-                .withMessage(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidSignature),
-            (0, express_validator_1.body)().custom((value, { req }) => {
-                if (!req.body.username && !req.body.email) {
-                    throw new suite_core_lib_1.UsernameOrEmailRequiredError();
-                }
-                return true;
-            }),
-            (0, express_validator_1.body)('username')
-                .optional()
-                .matches(suite_core_lib_1.Constants.UsernameRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UsernameRegexErrorTemplate, undefined, validationLanguage)),
-            (0, express_validator_1.body)('email')
-                .optional()
-                .isEmail()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidEmail, undefined, validationLanguage)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "emailLoginChallenge", null);
-__decorate([
-    (0, controller_1.Post)('/resend-verification', {
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)().custom((value, { req }) => {
-                if (!req.body.username && !req.body.email) {
-                    throw new suite_core_lib_1.UsernameOrEmailRequiredError();
-                }
-                return true;
-            }),
-            (0, express_validator_1.body)('username')
-                .optional()
-                .isString()
-                .matches(suite_core_lib_1.Constants.UsernameRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UsernameRegexErrorTemplate, undefined, validationLanguage)),
-            (0, express_validator_1.body)('email').optional().isEmail(),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "resendVerification", null);
-__decorate([
-    (0, controller_1.Post)('/backup-code', {
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)('email').optional().isEmail(),
-            (0, express_validator_1.body)('username')
-                .optional()
-                .matches(suite_core_lib_1.Constants.UsernameRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UsernameRegexErrorTemplate, undefined, validationLanguage)),
-            (0, express_validator_1.body)('code')
-                .custom((value) => {
-                const normalized = backup_code_1.BackupCode.normalizeCode(value);
-                return (suite_core_lib_1.Constants.BACKUP_CODES.DisplayRegex.test(value) ||
-                    suite_core_lib_1.Constants.BACKUP_CODES.NormalizedHexRegex.test(normalized));
-            })
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidBackupCode, undefined, validationLanguage)),
-            (0, express_validator_1.body)('recoverMnemonic').isBoolean().optional(),
-            (0, express_validator_1.body)('newPassword')
-                .optional()
-                .matches(suite_core_lib_1.Constants.PasswordRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_PasswordRegexErrorTemplate, undefined, validationLanguage)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "useBackupCodeLogin", null);
-__decorate([
-    (0, controller_1.Post)('/forgot-password', {
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)('email')
-                .isEmail()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidEmail, undefined, validationLanguage)),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "forgotPassword", null);
-__decorate([
-    (0, controller_1.Get)('/verify-reset-token'),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "verifyResetToken", null);
-__decorate([
-    (0, controller_1.Post)('/reset-password', {
-        validation: (validationLanguage) => [
-            (0, express_validator_1.body)('token')
-                .not()
-                .isEmpty()
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_TokenRequired, undefined, validationLanguage))
-                .matches(new RegExp(`^[a-f0-9]{${suite_core_lib_1.Constants.EmailTokenLength * 2}}$`))
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidToken, undefined, validationLanguage)),
-            (0, express_validator_1.body)('newPassword')
-                .optional()
-                .isLength({ min: 8 })
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_PasswordMinLengthTemplate, undefined, validationLanguage))
-                .matches(suite_core_lib_1.Constants.PasswordRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_PasswordRegexErrorTemplate, undefined, validationLanguage)),
-            (0, express_validator_1.body)('password')
-                .optional()
-                .isLength({ min: 8 })
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_PasswordMinLengthTemplate, undefined, validationLanguage))
-                .matches(suite_core_lib_1.Constants.PasswordRegex)
-                .withMessage((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_PasswordRegexErrorTemplate, undefined, validationLanguage)),
-            (0, express_validator_1.body)('currentPassword').optional().isString(),
-            (0, express_validator_1.body)('mnemonic').optional().isString(),
-        ],
-    }),
-    __metadata("design:type", Function),
-    __metadata("design:paramtypes", [Object, Object, Function]),
-    __metadata("design:returntype", Promise)
-], UserController.prototype, "resetPassword", null);
-exports.UserController = UserController = __decorate([
-    (0, controller_1.Controller)(),
-    __metadata("design:paramtypes", [Object, jwt_1.JwtService,
-        user_1.UserService,
-        backup_code_2.BackupCodeService,
-        role_1.RoleService,
-        node_ecies_lib_1.ECIESService])
-], UserController);
-//# sourceMappingURL=user.js.map