npm - @digitaldefiance/node-express-suite - Versions diffs - 1.0.23 → 1.0.24 - Mend

@digitaldefiance/node-express-suite 1.0.23 → 1.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (629) hide show

package/README.md +4 -0
package/package.json +8 -7
package/src/application-base.d.ts +112 -0
package/src/application-base.d.ts.map +1 -0
package/src/application-base.js +335 -0
package/src/application-base.js.map +1 -0
package/src/application.d.ts +20 -0
package/src/application.d.ts.map +1 -0
package/src/application.js +124 -0
package/src/application.js.map +1 -0
package/src/backup-code.d.ts +67 -0
package/src/backup-code.d.ts.map +1 -0
package/src/backup-code.js +238 -0
package/src/backup-code.js.map +1 -0
package/src/constants.d.ts +16 -0
package/src/constants.d.ts.map +1 -0
package/src/constants.js +54 -0
package/src/constants.js.map +1 -0
package/src/controllers/base.d.ts +63 -0
package/src/controllers/base.d.ts.map +1 -0
package/src/controllers/base.js +272 -0
package/src/controllers/base.js.map +1 -0
package/src/controllers/{index.ts → index.d.ts} +1 -0
package/src/controllers/index.d.ts.map +1 -0
package/src/controllers/index.js +6 -0
package/src/controllers/index.js.map +1 -0
package/src/controllers/user.d.ts +45 -0
package/src/controllers/user.d.ts.map +1 -0
package/src/controllers/user.js +748 -0
package/src/controllers/user.js.map +1 -0
package/src/decorators/base-controller.d.ts +14 -0
package/src/decorators/base-controller.d.ts.map +1 -0
package/src/decorators/base-controller.js +49 -0
package/src/decorators/base-controller.js.map +1 -0
package/src/decorators/controller.d.ts +32 -0
package/src/decorators/controller.d.ts.map +1 -0
package/src/decorators/controller.js +67 -0
package/src/decorators/controller.js.map +1 -0
package/src/decorators/{index.ts → index.d.ts} +1 -0
package/src/decorators/index.d.ts.map +1 -0
package/src/decorators/index.js +7 -0
package/src/decorators/index.js.map +1 -0
package/src/decorators/zod-validation.d.ts +5 -0
package/src/decorators/zod-validation.d.ts.map +1 -0
package/src/decorators/zod-validation.js +47 -0
package/src/decorators/zod-validation.js.map +1 -0
package/src/defaults.d.ts +7 -0
package/src/defaults.d.ts.map +1 -0
package/src/defaults.js +83 -0
package/src/defaults.js.map +1 -0
package/src/documents/base.d.ts +3 -0
package/src/documents/base.d.ts.map +1 -0
package/src/documents/base.js +3 -0
package/src/documents/base.js.map +1 -0
package/src/documents/email-token.d.ts +8 -0
package/src/documents/email-token.d.ts.map +1 -0
package/src/documents/email-token.js +3 -0
package/src/documents/email-token.js.map +1 -0
package/src/documents/{index.ts → index.d.ts} +1 -0
package/src/documents/index.d.ts.map +1 -0
package/src/documents/index.js +3 -0
package/src/documents/index.js.map +1 -0
package/src/documents/{mnemonic.ts → mnemonic.d.ts} +2 -5
package/src/documents/mnemonic.d.ts.map +1 -0
package/src/documents/mnemonic.js +3 -0
package/src/documents/mnemonic.js.map +1 -0
package/src/documents/{role.ts → role.d.ts} +2 -5
package/src/documents/role.d.ts.map +1 -0
package/src/documents/role.js +3 -0
package/src/documents/role.js.map +1 -0
package/src/documents/used-direct-login-token.d.ts +5 -0
package/src/documents/used-direct-login-token.d.ts.map +1 -0
package/src/documents/used-direct-login-token.js +3 -0
package/src/documents/used-direct-login-token.js.map +1 -0
package/src/documents/{user-role.ts → user-role.d.ts} +2 -5
package/src/documents/user-role.d.ts.map +1 -0
package/src/documents/user-role.js +3 -0
package/src/documents/user-role.js.map +1 -0
package/src/documents/{user.ts → user.d.ts} +2 -4
package/src/documents/user.d.ts.map +1 -0
package/src/documents/user.js +3 -0
package/src/documents/user.js.map +1 -0
package/src/enumerations/base-model-name.d.ts +38 -0
package/src/enumerations/base-model-name.d.ts.map +1 -0
package/src/enumerations/base-model-name.js +34 -0
package/src/enumerations/base-model-name.js.map +1 -0
package/src/enumerations/{index.ts → index.d.ts} +1 -0
package/src/enumerations/index.d.ts.map +1 -0
package/src/enumerations/index.js +8 -0
package/src/enumerations/index.js.map +1 -0
package/src/enumerations/length-encoding-type.d.ts +7 -0
package/src/enumerations/length-encoding-type.d.ts.map +1 -0
package/src/enumerations/length-encoding-type.js +11 -0
package/src/enumerations/length-encoding-type.js.map +1 -0
package/src/enumerations/schema-collection.d.ts +34 -0
package/src/enumerations/schema-collection.d.ts.map +1 -0
package/src/enumerations/schema-collection.js +38 -0
package/src/enumerations/schema-collection.js.map +1 -0
package/src/enumerations/symmetric-error-type.d.ts +5 -0
package/src/enumerations/symmetric-error-type.d.ts.map +1 -0
package/src/enumerations/symmetric-error-type.js +9 -0
package/src/enumerations/symmetric-error-type.js.map +1 -0
package/src/environment.d.ts +189 -0
package/src/environment.d.ts.map +1 -0
package/src/environment.js +620 -0
package/src/environment.js.map +1 -0
package/src/errors/express-validation.d.ts +9 -0
package/src/errors/express-validation.d.ts.map +1 -0
package/src/errors/express-validation.js +18 -0
package/src/errors/express-validation.js.map +1 -0
package/src/errors/{index.ts → index.d.ts} +1 -0
package/src/errors/index.d.ts.map +1 -0
package/src/errors/index.js +16 -0
package/src/errors/index.js.map +1 -0
package/src/errors/invalid-backup-code-version.d.ts +6 -0
package/src/errors/invalid-backup-code-version.d.ts.map +1 -0
package/src/errors/invalid-backup-code-version.js +15 -0
package/src/errors/invalid-backup-code-version.js.map +1 -0
package/src/errors/invalid-jwt-token.d.ts +5 -0
package/src/errors/invalid-jwt-token.d.ts.map +1 -0
package/src/errors/invalid-jwt-token.js +11 -0
package/src/errors/invalid-jwt-token.js.map +1 -0
package/src/errors/invalid-model.d.ts +6 -0
package/src/errors/invalid-model.d.ts.map +1 -0
package/src/errors/invalid-model.js +14 -0
package/src/errors/invalid-model.js.map +1 -0
package/src/errors/invalid-new-password.d.ts +5 -0
package/src/errors/invalid-new-password.d.ts.map +1 -0
package/src/errors/invalid-new-password.js +14 -0
package/src/errors/invalid-new-password.js.map +1 -0
package/src/errors/invalid-password.d.ts +5 -0
package/src/errors/invalid-password.d.ts.map +1 -0
package/src/errors/invalid-password.js +14 -0
package/src/errors/invalid-password.js.map +1 -0
package/src/errors/missing-validated-data.d.ts +7 -0
package/src/errors/missing-validated-data.d.ts.map +1 -0
package/src/errors/missing-validated-data.js +36 -0
package/src/errors/missing-validated-data.js.map +1 -0
package/src/errors/mnemonic-or-password-required.d.ts +5 -0
package/src/errors/mnemonic-or-password-required.d.ts.map +1 -0
package/src/errors/mnemonic-or-password-required.js +13 -0
package/src/errors/mnemonic-or-password-required.js.map +1 -0
package/src/errors/model-not-registered.d.ts +5 -0
package/src/errors/model-not-registered.d.ts.map +1 -0
package/src/errors/model-not-registered.js +12 -0
package/src/errors/model-not-registered.js.map +1 -0
package/src/errors/mongoose-validation.d.ts +11 -0
package/src/errors/mongoose-validation.d.ts.map +1 -0
package/src/errors/mongoose-validation.js +17 -0
package/src/errors/mongoose-validation.js.map +1 -0
package/src/errors/symmetric.d.ts +8 -0
package/src/errors/symmetric.d.ts.map +1 -0
package/src/errors/symmetric.js +23 -0
package/src/errors/symmetric.js.map +1 -0
package/src/errors/token-expired.d.ts +5 -0
package/src/errors/token-expired.d.ts.map +1 -0
package/src/errors/token-expired.js +11 -0
package/src/errors/token-expired.js.map +1 -0
package/src/get-language.d.ts +2 -0
package/src/get-language.d.ts.map +1 -0
package/src/get-language.js +30 -0
package/src/get-language.js.map +1 -0
package/src/get-timezone.d.ts +3 -0
package/src/get-timezone.d.ts.map +1 -0
package/src/get-timezone.js +31 -0
package/src/get-timezone.js.map +1 -0
package/src/{index.ts → index.d.ts} +1 -1
package/src/index.d.ts.map +1 -0
package/src/index.js +28 -0
package/src/index.js.map +1 -0
package/src/interfaces/{api-error-response.ts → api-error-response.d.ts} +2 -2
package/src/interfaces/api-error-response.d.ts.map +1 -0
package/src/interfaces/api-error-response.js +3 -0
package/src/interfaces/api-error-response.js.map +1 -0
package/src/interfaces/api-express-validation-error-response.d.ts +7 -0
package/src/interfaces/api-express-validation-error-response.d.ts.map +1 -0
package/src/interfaces/api-express-validation-error-response.js +3 -0
package/src/interfaces/api-express-validation-error-response.js.map +1 -0
package/src/interfaces/api-message-response.d.ts +4 -0
package/src/interfaces/api-message-response.d.ts.map +1 -0
package/src/interfaces/api-message-response.js +3 -0
package/src/interfaces/api-message-response.js.map +1 -0
package/src/interfaces/{api-mongo-validation-error-response.ts → api-mongo-validation-error-response.d.ts} +2 -2
package/src/interfaces/api-mongo-validation-error-response.d.ts.map +1 -0
package/src/interfaces/api-mongo-validation-error-response.js +3 -0
package/src/interfaces/api-mongo-validation-error-response.js.map +1 -0
package/src/interfaces/api-responses/{backup-codes-response.ts → backup-codes-response.d.ts} +2 -2
package/src/interfaces/api-responses/backup-codes-response.d.ts.map +1 -0
package/src/interfaces/api-responses/backup-codes-response.js +3 -0
package/src/interfaces/api-responses/backup-codes-response.js.map +1 -0
package/src/interfaces/api-responses/{challenge-response.ts → challenge-response.d.ts} +3 -3
package/src/interfaces/api-responses/challenge-response.d.ts.map +1 -0
package/src/interfaces/api-responses/challenge-response.js +3 -0
package/src/interfaces/api-responses/challenge-response.js.map +1 -0
package/src/interfaces/api-responses/{code-count-response.ts → code-count-response.d.ts} +2 -2
package/src/interfaces/api-responses/code-count-response.d.ts.map +1 -0
package/src/interfaces/api-responses/code-count-response.js +3 -0
package/src/interfaces/api-responses/code-count-response.js.map +1 -0
package/src/interfaces/api-responses/{index.ts → index.d.ts} +1 -0
package/src/interfaces/api-responses/index.d.ts.map +1 -0
package/src/interfaces/api-responses/index.js +11 -0
package/src/interfaces/api-responses/index.js.map +1 -0
package/src/interfaces/api-responses/{login-response.ts → login-response.d.ts} +4 -4
package/src/interfaces/api-responses/login-response.d.ts.map +1 -0
package/src/interfaces/api-responses/login-response.js +3 -0
package/src/interfaces/api-responses/login-response.js.map +1 -0
package/src/interfaces/api-responses/{mnemonic-response.ts → mnemonic-response.d.ts} +2 -2
package/src/interfaces/api-responses/mnemonic-response.d.ts.map +1 -0
package/src/interfaces/api-responses/mnemonic-response.js +3 -0
package/src/interfaces/api-responses/mnemonic-response.js.map +1 -0
package/src/interfaces/api-responses/{registration-response.ts → registration-response.d.ts} +3 -3
package/src/interfaces/api-responses/registration-response.d.ts.map +1 -0
package/src/interfaces/api-responses/registration-response.js +3 -0
package/src/interfaces/api-responses/registration-response.js.map +1 -0
package/src/interfaces/api-responses/{request-user-response.ts → request-user-response.d.ts} +2 -2
package/src/interfaces/api-responses/request-user-response.d.ts.map +1 -0
package/src/interfaces/api-responses/request-user-response.js +3 -0
package/src/interfaces/api-responses/request-user-response.js.map +1 -0
package/src/interfaces/{application.ts → application.d.ts} +7 -7
package/src/interfaces/application.d.ts.map +1 -0
package/src/interfaces/application.js +3 -0
package/src/interfaces/application.js.map +1 -0
package/src/interfaces/backend-objects/email-token.d.ts +4 -0
package/src/interfaces/backend-objects/email-token.d.ts.map +1 -0
package/src/interfaces/backend-objects/email-token.js +3 -0
package/src/interfaces/backend-objects/email-token.js.map +1 -0
package/src/interfaces/backend-objects/{index.ts → index.d.ts} +1 -0
package/src/interfaces/backend-objects/index.d.ts.map +1 -0
package/src/interfaces/backend-objects/index.js +8 -0
package/src/interfaces/backend-objects/index.js.map +1 -0
package/src/interfaces/backend-objects/{request-user.ts → request-user.d.ts} +2 -7
package/src/interfaces/backend-objects/request-user.d.ts.map +1 -0
package/src/interfaces/backend-objects/request-user.js +3 -0
package/src/interfaces/backend-objects/request-user.js.map +1 -0
package/src/interfaces/backend-objects/{role.ts → role.d.ts} +1 -1
package/src/interfaces/backend-objects/role.d.ts.map +1 -0
package/src/interfaces/backend-objects/role.js +3 -0
package/src/interfaces/backend-objects/role.js.map +1 -0
package/src/interfaces/backend-objects/user.d.ts +4 -0
package/src/interfaces/backend-objects/user.d.ts.map +1 -0
package/src/interfaces/backend-objects/user.js +3 -0
package/src/interfaces/backend-objects/user.js.map +1 -0
package/src/interfaces/checksum-config.d.ts +5 -0
package/src/interfaces/checksum-config.d.ts.map +1 -0
package/src/interfaces/checksum-config.js +3 -0
package/src/interfaces/checksum-config.js.map +1 -0
package/src/interfaces/checksum-consts.d.ts +11 -0
package/src/interfaces/checksum-consts.d.ts.map +1 -0
package/src/interfaces/checksum-consts.js +3 -0
package/src/interfaces/checksum-consts.js.map +1 -0
package/src/interfaces/{constants.ts → constants.d.ts} +5 -5
package/src/interfaces/constants.d.ts.map +1 -0
package/src/interfaces/constants.js +3 -0
package/src/interfaces/constants.js.map +1 -0
package/src/interfaces/create-user-basics.d.ts +18 -0
package/src/interfaces/create-user-basics.d.ts.map +1 -0
package/src/interfaces/create-user-basics.js +3 -0
package/src/interfaces/create-user-basics.js.map +1 -0
package/src/interfaces/csp-config.d.ts +14 -0
package/src/interfaces/csp-config.d.ts.map +1 -0
package/src/interfaces/csp-config.js +3 -0
package/src/interfaces/csp-config.js.map +1 -0
package/src/interfaces/deep-partial.d.ts +4 -0
package/src/interfaces/deep-partial.d.ts.map +1 -0
package/src/interfaces/deep-partial.js +3 -0
package/src/interfaces/deep-partial.js.map +1 -0
package/src/interfaces/{discriminator-collections.ts → discriminator-collections.d.ts} +3 -3
package/src/interfaces/discriminator-collections.d.ts.map +1 -0
package/src/interfaces/discriminator-collections.js +3 -0
package/src/interfaces/discriminator-collections.js.map +1 -0
package/src/interfaces/email-service.d.ts +4 -0
package/src/interfaces/email-service.d.ts.map +1 -0
package/src/interfaces/email-service.js +3 -0
package/src/interfaces/email-service.js.map +1 -0
package/src/interfaces/environment-mongo.d.ts +76 -0
package/src/interfaces/environment-mongo.d.ts.map +1 -0
package/src/interfaces/environment-mongo.js +3 -0
package/src/interfaces/environment-mongo.js.map +1 -0
package/src/interfaces/environment.d.ts +181 -0
package/src/interfaces/environment.d.ts.map +1 -0
package/src/interfaces/environment.js +3 -0
package/src/interfaces/environment.js.map +1 -0
package/src/interfaces/failable-result.d.ts +7 -0
package/src/interfaces/failable-result.d.ts.map +1 -0
package/src/interfaces/failable-result.js +3 -0
package/src/interfaces/failable-result.js.map +1 -0
package/src/interfaces/fec-consts.d.ts +5 -0
package/src/interfaces/fec-consts.d.ts.map +1 -0
package/src/interfaces/fec-consts.js +3 -0
package/src/interfaces/fec-consts.js.map +1 -0
package/src/interfaces/handleable-error-options.d.ts +7 -0
package/src/interfaces/handleable-error-options.d.ts.map +1 -0
package/src/interfaces/handleable-error-options.js +3 -0
package/src/interfaces/handleable-error-options.js.map +1 -0
package/src/interfaces/{index.ts → index.d.ts} +1 -0
package/src/interfaces/index.d.ts.map +1 -0
package/src/interfaces/index.js +33 -0
package/src/interfaces/index.js.map +1 -0
package/src/interfaces/jwt-consts.d.ts +11 -0
package/src/interfaces/jwt-consts.d.ts.map +1 -0
package/src/interfaces/jwt-consts.js +3 -0
package/src/interfaces/jwt-consts.js.map +1 -0
package/src/interfaces/jwt-sign-response.d.ts +11 -0
package/src/interfaces/jwt-sign-response.d.ts.map +1 -0
package/src/interfaces/jwt-sign-response.js +3 -0
package/src/interfaces/jwt-sign-response.js.map +1 -0
package/src/interfaces/mongo-errors.d.ts +5 -0
package/src/interfaces/mongo-errors.d.ts.map +1 -0
package/src/interfaces/mongo-errors.js +3 -0
package/src/interfaces/mongo-errors.js.map +1 -0
package/src/interfaces/request-user.d.ts +42 -0
package/src/interfaces/request-user.d.ts.map +1 -0
package/src/interfaces/request-user.js +3 -0
package/src/interfaces/request-user.js.map +1 -0
package/src/interfaces/required-string-keys.d.ts +22 -0
package/src/interfaces/required-string-keys.d.ts.map +1 -0
package/src/interfaces/required-string-keys.js +3 -0
package/src/interfaces/required-string-keys.js.map +1 -0
package/src/interfaces/schema.d.ts +29 -0
package/src/interfaces/schema.d.ts.map +1 -0
package/src/interfaces/schema.js +3 -0
package/src/interfaces/schema.js.map +1 -0
package/src/interfaces/server-init-result.d.ts +35 -0
package/src/interfaces/server-init-result.d.ts.map +1 -0
package/src/interfaces/server-init-result.js +3 -0
package/src/interfaces/server-init-result.js.map +1 -0
package/src/interfaces/status-code-response.d.ts +7 -0
package/src/interfaces/status-code-response.d.ts.map +1 -0
package/src/interfaces/status-code-response.js +3 -0
package/src/interfaces/status-code-response.js.map +1 -0
package/src/interfaces/symmetric-encryption-results.d.ts +3 -3
package/src/interfaces/symmetric-encryption-results.d.ts.map +1 -1
package/src/interfaces/symmetric-encryption-results.js.map +1 -1
package/src/interfaces/{token-response.ts → token-response.d.ts} +2 -2
package/src/interfaces/token-response.d.ts.map +1 -0
package/src/interfaces/token-response.js +3 -0
package/src/interfaces/token-response.js.map +1 -0
package/src/middlewares/authenticate-crypto.d.ts +13 -0
package/src/middlewares/authenticate-crypto.d.ts.map +1 -0
package/src/middlewares/authenticate-crypto.js +146 -0
package/src/middlewares/authenticate-crypto.js.map +1 -0
package/src/middlewares/authenticate-token.d.ts +24 -0
package/src/middlewares/authenticate-token.d.ts.map +1 -0
package/src/middlewares/authenticate-token.js +102 -0
package/src/middlewares/authenticate-token.js.map +1 -0
package/src/middlewares/cleanup-crypto.d.ts +7 -0
package/src/middlewares/cleanup-crypto.d.ts.map +1 -0
package/src/middlewares/cleanup-crypto.js +32 -0
package/src/middlewares/cleanup-crypto.js.map +1 -0
package/src/middlewares/{index.ts → index.d.ts} +1 -0
package/src/middlewares/index.d.ts.map +1 -0
package/src/middlewares/index.js +8 -0
package/src/middlewares/index.js.map +1 -0
package/src/middlewares/set-global-context-language.d.ts +3 -0
package/src/middlewares/set-global-context-language.d.ts.map +1 -0
package/src/middlewares/set-global-context-language.js +14 -0
package/src/middlewares/set-global-context-language.js.map +1 -0
package/src/middlewares.d.ts +18 -0
package/src/middlewares.d.ts.map +1 -0
package/src/middlewares.js +74 -0
package/src/middlewares.js.map +1 -0
package/src/model-registry.d.ts +23 -0
package/src/model-registry.d.ts.map +1 -0
package/src/model-registry.js +47 -0
package/src/model-registry.js.map +1 -0
package/src/models/email-token.d.ts +11 -0
package/src/models/email-token.d.ts.map +1 -0
package/src/models/email-token.js +11 -0
package/src/models/email-token.js.map +1 -0
package/src/models/{index.ts → index.d.ts} +1 -0
package/src/models/index.d.ts.map +1 -0
package/src/models/index.js +10 -0
package/src/models/index.js.map +1 -0
package/src/models/mnemonic.d.ts +11 -0
package/src/models/mnemonic.d.ts.map +1 -0
package/src/models/mnemonic.js +11 -0
package/src/models/mnemonic.js.map +1 -0
package/src/models/role.d.ts +11 -0
package/src/models/role.d.ts.map +1 -0
package/src/models/role.js +11 -0
package/src/models/role.js.map +1 -0
package/src/models/used-direct-login-token.d.ts +11 -0
package/src/models/used-direct-login-token.d.ts.map +1 -0
package/src/models/used-direct-login-token.js +11 -0
package/src/models/used-direct-login-token.js.map +1 -0
package/src/models/user-role.d.ts +6 -0
package/src/models/user-role.d.ts.map +1 -0
package/src/models/user-role.js +10 -0
package/src/models/user-role.js.map +1 -0
package/src/models/user.d.ts +7 -0
package/src/models/user.d.ts.map +1 -0
package/src/models/user.js +11 -0
package/src/models/user.js.map +1 -0
package/src/registry/email-service-registry.d.ts +9 -0
package/src/registry/email-service-registry.d.ts.map +1 -0
package/src/registry/email-service-registry.js +18 -0
package/src/registry/email-service-registry.js.map +1 -0
package/src/registry/{index.ts → index.d.ts} +1 -0
package/src/registry/index.d.ts.map +1 -0
package/src/registry/index.js +6 -0
package/src/registry/index.js.map +1 -0
package/src/routers/api.d.ts +27 -0
package/src/routers/api.d.ts.map +1 -0
package/src/routers/api.js +52 -0
package/src/routers/api.js.map +1 -0
package/src/routers/app.d.ts +28 -0
package/src/routers/app.d.ts.map +1 -0
package/src/routers/app.js +186 -0
package/src/routers/app.js.map +1 -0
package/src/routers/base.d.ts +12 -0
package/src/routers/base.d.ts.map +1 -0
package/src/routers/base.js +14 -0
package/src/routers/base.js.map +1 -0
package/src/routers/{index.ts → index.d.ts} +1 -0
package/src/routers/index.d.ts.map +1 -0
package/src/routers/index.js +7 -0
package/src/routers/index.js.map +1 -0
package/src/schemas/email-token.d.ts +38 -0
package/src/schemas/email-token.d.ts.map +1 -0
package/src/schemas/email-token.js +54 -0
package/src/schemas/email-token.js.map +1 -0
package/src/schemas/{index.ts → index.d.ts} +2 -1
package/src/schemas/index.d.ts.map +1 -0
package/src/schemas/index.js +11 -0
package/src/schemas/index.js.map +1 -0
package/src/schemas/mnemonic.d.ts +20 -0
package/src/schemas/mnemonic.d.ts.map +1 -0
package/src/schemas/mnemonic.js +30 -0
package/src/schemas/mnemonic.js.map +1 -0
package/src/schemas/role.d.ts +32 -0
package/src/schemas/role.d.ts.map +1 -0
package/src/schemas/role.js +86 -0
package/src/schemas/role.js.map +1 -0
package/src/schemas/schema.d.ts +40 -0
package/src/schemas/schema.d.ts.map +1 -0
package/src/schemas/schema.js +62 -0
package/src/schemas/schema.js.map +1 -0
package/src/schemas/used-direct-login-token.d.ts +27 -0
package/src/schemas/used-direct-login-token.d.ts.map +1 -0
package/src/schemas/used-direct-login-token.js +23 -0
package/src/schemas/used-direct-login-token.js.map +1 -0
package/src/schemas/user-role.d.ts +29 -0
package/src/schemas/user-role.d.ts.map +1 -0
package/src/schemas/user-role.js +54 -0
package/src/schemas/user-role.js.map +1 -0
package/src/schemas/user.d.ts +21 -0
package/src/schemas/user.d.ts.map +1 -0
package/src/schemas/user.js +176 -0
package/src/schemas/user.js.map +1 -0
package/src/services/backup-code.d.ts +78 -0
package/src/services/backup-code.d.ts.map +1 -0
package/src/services/backup-code.js +184 -0
package/src/services/backup-code.js.map +1 -0
package/src/services/base.d.ts +13 -0
package/src/services/base.d.ts.map +1 -0
package/src/services/base.js +15 -0
package/src/services/base.js.map +1 -0
package/src/services/checksum.d.ts +67 -0
package/src/services/checksum.d.ts.map +1 -0
package/src/services/checksum.js +143 -0
package/src/services/checksum.js.map +1 -0
package/src/services/crc.d.ts +87 -0
package/src/services/crc.d.ts.map +1 -0
package/src/services/crc.js +198 -0
package/src/services/crc.js.map +1 -0
package/src/services/database-initialization.d.ts +105 -0
package/src/services/database-initialization.d.ts.map +1 -0
package/src/services/database-initialization.js +782 -0
package/src/services/database-initialization.js.map +1 -0
package/src/services/direct-login-token.d.ts +9 -0
package/src/services/direct-login-token.d.ts.map +1 -0
package/src/services/direct-login-token.js +41 -0
package/src/services/direct-login-token.js.map +1 -0
package/src/services/fec-usage-example.d.ts +38 -0
package/src/services/fec-usage-example.d.ts.map +1 -0
package/src/services/fec-usage-example.js +75 -0
package/src/services/fec-usage-example.js.map +1 -0
package/src/services/fec.d.ts +46 -0
package/src/services/fec.d.ts.map +1 -0
package/src/services/fec.js +192 -0
package/src/services/fec.js.map +1 -0
package/src/services/{index.ts → index.d.ts} +1 -0
package/src/services/index.d.ts.map +1 -0
package/src/services/index.js +22 -0
package/src/services/index.js.map +1 -0
package/src/services/jwt.d.ts +33 -0
package/src/services/jwt.d.ts.map +1 -0
package/src/services/jwt.js +91 -0
package/src/services/jwt.js.map +1 -0
package/src/services/key-wrapping.d.ts +60 -0
package/src/services/key-wrapping.d.ts.map +1 -0
package/src/services/key-wrapping.js +311 -0
package/src/services/key-wrapping.js.map +1 -0
package/src/services/mnemonic.d.ts +61 -0
package/src/services/mnemonic.d.ts.map +1 -0
package/src/services/mnemonic.js +115 -0
package/src/services/mnemonic.js.map +1 -0
package/src/services/request-user.d.ts +20 -0
package/src/services/request-user.d.ts.map +1 -0
package/src/services/request-user.js +50 -0
package/src/services/request-user.js.map +1 -0
package/src/services/role.d.ts +88 -0
package/src/services/role.d.ts.map +1 -0
package/src/services/role.js +263 -0
package/src/services/role.js.map +1 -0
package/src/services/symmetric.d.ts +42 -0
package/src/services/symmetric.d.ts.map +1 -0
package/src/services/symmetric.js +101 -0
package/src/services/symmetric.js.map +1 -0
package/src/services/system-user.d.ts +17 -0
package/src/services/system-user.d.ts.map +1 -0
package/src/services/system-user.js +46 -0
package/src/services/system-user.js.map +1 -0
package/src/services/user.d.ts +320 -0
package/src/services/user.d.ts.map +1 -0
package/src/services/user.js +1378 -0
package/src/services/user.js.map +1 -0
package/src/services/xor.d.ts +24 -0
package/src/services/xor.d.ts.map +1 -0
package/src/services/xor.js +37 -0
package/src/services/xor.js.map +1 -0
package/src/types.d.ts +66 -40
package/src/types.d.ts.map +1 -0
package/src/types.js +14 -0
package/src/types.js.map +1 -0
package/src/utils.d.ts +202 -0
package/src/utils.d.ts.map +1 -0
package/src/utils.js +784 -0
package/src/utils.js.map +1 -0
package/LICENSE +0 -21
package/src/application-base.ts +0 -492
package/src/application.ts +0 -254
package/src/backup-code.ts +0 -336
package/src/constants.ts +0 -69
package/src/controllers/base.ts +0 -440
package/src/controllers/user.ts +0 -1451
package/src/decorators/base-controller.ts +0 -61
package/src/decorators/controller.ts +0 -109
package/src/decorators/zod-validation.ts +0 -57
package/src/defaults.ts +0 -94
package/src/documents/base.ts +0 -7
package/src/documents/email-token.ts +0 -14
package/src/documents/used-direct-login-token.ts +0 -7
package/src/enumerations/base-model-name.ts +0 -41
package/src/enumerations/length-encoding-type.ts +0 -6
package/src/enumerations/schema-collection.ts +0 -33
package/src/enumerations/symmetric-error-type.ts +0 -4
package/src/environment.ts +0 -770
package/src/errors/express-validation.ts +0 -21
package/src/errors/invalid-backup-code-version.ts +0 -14
package/src/errors/invalid-jwt-token.ts +0 -10
package/src/errors/invalid-model.ts +0 -11
package/src/errors/invalid-new-password.ts +0 -18
package/src/errors/invalid-password.ts +0 -13
package/src/errors/missing-validated-data.ts +0 -36
package/src/errors/mnemonic-or-password-required.ts +0 -12
package/src/errors/model-not-registered.ts +0 -11
package/src/errors/mongoose-validation.ts +0 -34
package/src/errors/symmetric.ts +0 -41
package/src/errors/token-expired.ts +0 -10
package/src/get-language.ts +0 -53
package/src/get-timezone.ts +0 -45
package/src/interfaces/api-express-validation-error-response.ts +0 -8
package/src/interfaces/api-message-response.ts +0 -3
package/src/interfaces/backend-objects/email-token.ts +0 -11
package/src/interfaces/backend-objects/user.ts +0 -9
package/src/interfaces/checksum-config.ts +0 -4
package/src/interfaces/checksum-consts.ts +0 -13
package/src/interfaces/create-user-basics.ts +0 -17
package/src/interfaces/csp-config.ts +0 -35
package/src/interfaces/deep-partial.ts +0 -3
package/src/interfaces/email-service.ts +0 -8
package/src/interfaces/environment-mongo.ts +0 -76
package/src/interfaces/environment.ts +0 -181
package/src/interfaces/failable-result.ts +0 -6
package/src/interfaces/fec-consts.ts +0 -4
package/src/interfaces/handleable-error-options.ts +0 -6
package/src/interfaces/jwt-consts.ts +0 -23
package/src/interfaces/jwt-sign-response.ts +0 -19
package/src/interfaces/mongo-errors.ts +0 -5
package/src/interfaces/request-user.ts +0 -50
package/src/interfaces/required-string-keys.ts +0 -26
package/src/interfaces/schema.ts +0 -31
package/src/interfaces/server-init-result.ts +0 -37
package/src/interfaces/status-code-response.ts +0 -7
package/src/interfaces/symmetric-encryption-results.ts +0 -4
package/src/middlewares/authenticate-crypto.ts +0 -243
package/src/middlewares/authenticate-token.ts +0 -152
package/src/middlewares/cleanup-crypto.ts +0 -40
package/src/middlewares/set-global-context-language.ts +0 -24
package/src/middlewares.ts +0 -120
package/src/model-registry.ts +0 -75
package/src/models/email-token.ts +0 -19
package/src/models/mnemonic.ts +0 -19
package/src/models/role.ts +0 -19
package/src/models/used-direct-login-token.ts +0 -23
package/src/models/user-role.ts +0 -17
package/src/models/user.ts +0 -19
package/src/registry/email-service-registry.ts +0 -24
package/src/routers/api.ts +0 -151
package/src/routers/app.ts +0 -258
package/src/routers/base.ts +0 -17
package/src/schemas/email-token.ts +0 -91
package/src/schemas/mnemonic.ts +0 -37
package/src/schemas/role.ts +0 -127
package/src/schemas/schema.ts +0 -140
package/src/schemas/used-direct-login-token.ts +0 -38
package/src/schemas/user-role.ts +0 -75
package/src/schemas/user.ts +0 -202
package/src/services/backup-code.ts +0 -316
package/src/services/base.ts +0 -33
package/src/services/checksum.ts +0 -161
package/src/services/crc.ts +0 -213
package/src/services/database-initialization.ts +0 -1479
package/src/services/db-init-cache.d.ts +0 -16
package/src/services/direct-login-token.ts +0 -62
package/src/services/fec-usage-example.ts +0 -102
package/src/services/fec.ts +0 -296
package/src/services/jwt.ts +0 -134
package/src/services/key-wrapping.ts +0 -434
package/src/services/mnemonic.ts +0 -167
package/src/services/request-user.ts +0 -62
package/src/services/role.ts +0 -396
package/src/services/symmetric.ts +0 -139
package/src/services/system-user.ts +0 -82
package/src/services/user.ts +0 -2137
package/src/services/xor.ts +0 -34
package/src/types.ts +0 -128
package/src/utils.ts +0 -1022

package/src/application.ts DELETED Viewed

@@ -1,254 +0,0 @@
-import { HandleableError } from '@digitaldefiance/i18n-lib';
-import {
-  Constants,
-  getSuiteCoreI18nEngine,
-  SuiteCoreComponentId,
-  SuiteCoreStringKey,
-  TranslatableSuiteError,
-} from '@digitaldefiance/suite-core-lib';
-import express, {
-  Application as ExpressApplication,
-  NextFunction,
-  Request,
-  Response,
-} from 'express';
-import { readFileSync } from 'fs';
-import { Server } from 'http';
-import { createServer } from 'https';
-import mongoose, { Types } from 'mongoose';
-import { isAbsolute, normalize, resolve } from 'path';
-import { BaseApplication } from './application-base';
-import { IBaseDocument } from './documents/base';
-import { Environment } from './environment';
-import { IApplication, ICSPConfig, IFailableResult } from './interfaces';
-import { IConstants } from './interfaces/constants';
-import { Middlewares } from './middlewares';
-import { AppRouter } from './routers/app';
-import { BaseRouter } from './routers/base';
-import { SchemaMap } from './types';
-import { debugLog, handleError, sendApiMessageResponse } from './utils';
-/**
- * Application class
- */
-type ServerWithOptionalClose = Server & { closeAllConnections?: () => void };
-export class Application<
-    T,
-    I extends Types.ObjectId | string,
-    TInitResults,
-    TModelDocs extends Record<string, IBaseDocument<any>>,
-    TBaseDocument extends IBaseDocument<T, I> = IBaseDocument<T, I>,
-    TEnvironment extends Environment = Environment,
-    TConstants extends IConstants = IConstants,
-  >
-  extends BaseApplication<TModelDocs, TInitResults, TConstants>
-  implements IApplication<T, I, TBaseDocument, TEnvironment, TConstants>
-{
-  public readonly expressApp: ExpressApplication;
-  private server: ServerWithOptionalClose | null = null;
-  private readonly _cspConfig: ICSPConfig;
-  private readonly _apiRouter: BaseRouter;
-  public override get environment(): TEnvironment {
-    return super.environment as TEnvironment;
-  }
-  constructor(
-    environment: TEnvironment,
-    apiRouter: BaseRouter,
-    schemaMapFactory: (
-      connection: mongoose.Connection,
-    ) => SchemaMap<TModelDocs>,
-    databaseInitFunction: (
-      application: BaseApplication<TModelDocs, TInitResults>,
-    ) => Promise<IFailableResult<TInitResults>>,
-    initResultHashFunction: (initResults: TInitResults) => string,
-    cspConfig: ICSPConfig = {
-      corsWhitelist: [],
-      csp: {
-        defaultSrc: [],
-        imgSrc: [],
-        connectSrc: [],
-        scriptSrc: [],
-        styleSrc: [],
-        fontSrc: [],
-        frameSrc: [],
-      },
-    },
-    constants: TConstants = Constants as TConstants,
-  ) {
-    super(
-      environment,
-      schemaMapFactory,
-      databaseInitFunction,
-      initResultHashFunction,
-      constants,
-    );
-    this._apiRouter = apiRouter;
-    this.expressApp = express();
-    this.server = null;
-    this._cspConfig = cspConfig;
-  }
-  public override async start(mongoUri?: string): Promise<void> {
-    const engine = getSuiteCoreI18nEngine();
-    await super.start(mongoUri, true);
-    try {
-      Middlewares.init(
-        this.expressApp,
-        this._cspConfig.corsWhitelist,
-        this._cspConfig.csp,
-      );
-      const appRouter = new AppRouter(this._apiRouter);
-      appRouter.init(this.expressApp);
-      this.expressApp.use(
-        (
-          err: HandleableError | Error,
-          req: Request,
-          res: Response,
-          next: NextFunction,
-        ) => {
-          const handleableError =
-            err instanceof HandleableError
-              ? err
-              : new HandleableError(
-                  new Error(
-                    err.message ||
-                      engine.translate(
-                        SuiteCoreComponentId,
-                        SuiteCoreStringKey.Common_UnexpectedError,
-                      ),
-                  ),
-                  { cause: err },
-                );
-          handleError(handleableError, res, sendApiMessageResponse, next);
-        },
-      );
-      const serversReady: Promise<void>[] = [];
-      serversReady.push(
-        new Promise<void>((resolve) => {
-          this.server = this.expressApp.listen(
-            this.environment.port,
-            this.environment.host,
-            () => {
-              debugLog(
-                this.environment.debug,
-                'log',
-                `[ ${engine.translate(
-                  SuiteCoreComponentId,
-                  SuiteCoreStringKey.Common_Ready,
-                )} ] http://${this.environment.host}:${this.environment.port}`,
-              );
-              resolve();
-            },
-          ) as ServerWithOptionalClose;
-        }),
-      );
-      if (this.environment.httpsDevCertRoot) {
-        try {
-          const certRoot = normalize(this.environment.httpsDevCertRoot);
-          if (!isAbsolute(certRoot) || certRoot.includes('..')) {
-            throw new TranslatableSuiteError(
-              SuiteCoreStringKey.Error_InvalidCertificatePathMustBeAbsolute,
-            );
-          }
-          const certPath = normalize(resolve(certRoot + '.pem'));
-          const keyPath = normalize(resolve(certRoot + '-key.pem'));
-          if (certPath.includes('..') || keyPath.includes('..')) {
-            throw new TranslatableSuiteError(
-              SuiteCoreStringKey.Error_InvalidCertificatePathAfterResolution,
-            );
-          }
-          const options = {
-            // amazonq-ignore-next-line fixed above
-            key: readFileSync(keyPath),
-            // amazonq-ignore-next-line fixed above
-            cert: readFileSync(certPath),
-          };
-          serversReady.push(
-            new Promise<void>((resolve) => {
-              createServer(options, this.expressApp).listen(
-                this.environment.httpsDevPort,
-                () => {
-                  console.log(
-                    `[ ${engine.translate(
-                      SuiteCoreComponentId,
-                      SuiteCoreStringKey.Common_Ready,
-                    )} ] https://${this.environment.host}:${
-                      this.environment.httpsDevPort
-                    }`,
-                  );
-                  resolve();
-                },
-              );
-            }),
-          );
-        } catch (err) {
-          console.error('Failed to start HTTPS server:', err);
-        }
-      }
-      await Promise.all(serversReady);
-      this._ready = true;
-    } catch (err) {
-      console.error(
-        engine.translate(
-          SuiteCoreComponentId,
-          SuiteCoreStringKey.Error_FailedToStartApplication,
-        ),
-        err,
-      );
-      if (process.env['NODE_ENV'] === 'test') {
-        throw err;
-      }
-      process.exit(1);
-    }
-  }
-  public override async stop(): Promise<void> {
-    const engine = getSuiteCoreI18nEngine();
-    if (this.server) {
-      debugLog(
-        this.environment.debug,
-        'log',
-        `[ ${engine.translate(
-          SuiteCoreComponentId,
-          SuiteCoreStringKey.Common_Stopping,
-        )} ] ${engine.translate(
-          SuiteCoreComponentId,
-          SuiteCoreStringKey.Common_ApplicationAndDatabase,
-        )}`,
-      );
-      await new Promise<void>((resolve, reject) => {
-        this.server!.closeAllConnections?.();
-        this.server!.close((err) => {
-          if (err) {
-            reject(err);
-          } else {
-            resolve();
-          }
-        });
-      });
-      this.server = null;
-    }
-    await super.stop();
-    this._ready = false;
-    debugLog(
-      this.environment.debug,
-      'log',
-      `[ ${engine.translate(
-        SuiteCoreComponentId,
-        SuiteCoreStringKey.Common_Stopped,
-      )} ] ${engine.translate(
-        SuiteCoreComponentId,
-        SuiteCoreStringKey.Common_ApplicationAndDatabase,
-      )}`,
-    );
-  }
-}

package/src/backup-code.ts DELETED Viewed

@@ -1,336 +0,0 @@
-import { MemberType } from '@digitaldefiance/ecies-lib';
-import {
-  Constants as ApiConstants,
-  Member as BackendMember,
-} from '@digitaldefiance/node-ecies-lib';
-import {
-  BackupCodeString,
-  IBackupCode,
-  InvalidBackupCodeError,
-  PrivateKeyRequiredError,
-} from '@digitaldefiance/suite-core-lib';
-import * as argon2 from 'argon2';
-import { createHmac, randomBytes, timingSafeEqual } from 'crypto';
-import { Constants } from './constants';
-import { InvalidBackupCodeVersionError } from './errors/invalid-backup-code-version';
-import { IConstants } from './interfaces';
-import { SymmetricService } from './services/symmetric';
-/**
- * Class representing a backup code string with associated operations.
- *
- * v1 scheme:
- * - Code: 32 lowercase alphanumerics (a–z0–9), displayed as 8 groups of 4: xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx
- * - Checksum/tag: HKDF-SHA256(codeUtf8, salt, "backup-checksum") → 32 bytes (stored as hex)
- * - KDF for encryption key: Argon2id(codeUtf8, salt) → 32 bytes
- * - Encryption: SymmetricService AEAD (encryptedData must embed IV + authTag + ciphertext)
- * - Wrapping: AEAD blob wrapped with system user's asymmetric key (ECIES)
- */
-export class BackupCode extends BackupCodeString {
-  /** Current backup code scheme version implemented by this service. */
-  public static readonly BackupCodeVersion = '1.0.0';
-  // Centralized Argon2id parameters (tunable)
-  private static readonly Argon2Params = {
-    type: argon2.argon2id,
-    hashLength: 32, // derive AES-256 key
-    timeCost: 3,
-    memoryCost: 65536, // 64 MiB
-    parallelism: 1,
-    raw: true as const,
-  } as const;
-  constructor(code: string) {
-    super(code);
-  }
-  /**
-   * Generate the configured number of backup codes.
-   * Note: If generation alphabet/length is controlled elsewhere, prefer that path.
-   */
-  public static override generateBackupCodes(
-    constants: IConstants = Constants,
-  ): Array<BackupCode> {
-    const codes: Array<BackupCode> = [];
-    for (let i = 0; i < constants.BACKUP_CODES.Count; i++) {
-      codes.push(new BackupCode(BackupCode.generateBackupCode()));
-    }
-    return codes;
-  }
-  /**
-   * HKDF-Extract-and-Expand using HMAC-SHA-256.
-   *
-   * PRK = HMAC(salt, ikm)
-   * T(0) = empty
-   * T(i) = HMAC(PRK, T(i-1) || info || i)
-   * OKM = first 'length' bytes of T(1) || T(2) || ...
-   */
-  public static hkdfSha256(
-    ikm: Buffer,
-    salt: Buffer,
-    info: Buffer,
-    length: number,
-  ): Buffer {
-    if (length === 0) {
-      return Buffer.alloc(0);
-    }
-    // HKDF-Extract: PRK = HMAC-Hash(salt, IKM)
-    // If salt is empty, use a string of HashLen zeros
-    const actualSalt = salt.length === 0 ? Buffer.alloc(32, 0) : salt;
-    const prk = createHmac('sha256', actualSalt).update(ikm).digest();
-    // HKDF-Expand
-    const blocks: Buffer[] = [];
-    let prev = Buffer.alloc(0);
-    const n = Math.ceil(length / 32);
-    for (let i = 1; i <= n; i++) {
-      const hmac = createHmac('sha256', prk);
-      hmac.update(prev);
-      hmac.update(info);
-      hmac.update(Buffer.from([i]));
-      prev = Buffer.from(hmac.digest());
-      blocks.push(prev);
-    }
-    return Buffer.concat(blocks).subarray(0, length);
-  }
-  /**
-   * v1: Derive a 32-byte encryption key from a normalized backup code using Argon2id and the per-code salt.
-   * Uses UTF-8 bytes of the normalized code (not hex).
-   */
-  public static async getBackupKeyV1(
-    checksumSaltHex: string,
-    normalizedCode: string,
-    constants: IConstants = Constants,
-  ): Promise<Buffer> {
-    if (!constants.BACKUP_CODES.NormalizedHexRegex.test(normalizedCode)) {
-      throw new InvalidBackupCodeError();
-    }
-    const codeBytes = Buffer.from(normalizedCode, 'utf8');
-    const checksumSalt = Buffer.from(checksumSaltHex, 'hex');
-    try {
-      const key = (await argon2.hash(codeBytes, {
-        ...BackupCode.Argon2Params,
-        salt: checksumSalt,
-      })) as unknown as Buffer;
-      return key; // 32-byte Buffer
-    } finally {
-      codeBytes.fill(0);
-    }
-  }
-  /**
-   * v1: Compute a 32-byte checksum/tag for a normalized code using HKDF-SHA256(codeUtf8, salt, "backup-checksum").
-   */
-  private static computeChecksumV1(
-    normalizedCode: string,
-    checksumSalt: Buffer,
-  ): Buffer {
-    const codeBytes = Buffer.from(normalizedCode, 'utf8');
-    try {
-      return BackupCode.hkdfSha256(
-        codeBytes,
-        checksumSalt,
-        Buffer.from('backup-checksum'),
-        32,
-      );
-    } finally {
-      codeBytes.fill(0);
-    }
-  }
-  public async encrypt(
-    backupUser: BackendMember,
-    systemUser: BackendMember,
-    constants: IConstants = Constants,
-  ): Promise<IBackupCode> {
-    if (!backupUser.hasPrivateKey) {
-      throw new PrivateKeyRequiredError();
-    }
-    if (systemUser.type !== MemberType.System) {
-      throw new Error('System user must be of MemberType.System');
-    }
-    const raw = this.value ?? '';
-    const normalized = BackupCode.normalizeCode(raw);
-    if (
-      !(
-        constants.BACKUP_CODES.DisplayRegex.test(raw) ||
-        constants.BACKUP_CODES.NormalizedHexRegex.test(normalized)
-      )
-    ) {
-      throw new InvalidBackupCodeError();
-    }
-    const checksumSalt = randomBytes(ApiConstants.PBKDF2.SALT_BYTES);
-    const checksumBuf = BackupCode.computeChecksumV1(normalized, checksumSalt);
-    const encryptionKey = await BackupCode.getBackupKeyV1(
-      checksumSalt.toString('hex'),
-      normalized,
-    );
-    try {
-      const sealed = SymmetricService.encryptBuffer(
-        Buffer.from(backupUser.privateKey!.value),
-        encryptionKey,
-      );
-      const wrappedEncryptedPrivateKey = systemUser
-        .encryptData(sealed.encryptedData)
-        .toString('hex');
-      return {
-        version: BackupCode.BackupCodeVersion,
-        checksumSalt: checksumSalt.toString('hex'),
-        checksum: checksumBuf.toString('hex'),
-        encrypted: wrappedEncryptedPrivateKey,
-      } as IBackupCode;
-    } finally {
-      encryptionKey.fill(0);
-      checksumBuf.fill(0);
-    }
-  }
-  /**
-   * v1: Encrypt and wrap backup codes for a user.
-   * - Validates code format (display or normalized)
-   * - Computes HKDF checksum/tag
-   * - Derives Argon2id encryption key (32 bytes) from UTF-8 code
-   * - Encrypts the private key with AEAD and wraps with system user
-   */
-  public static async encryptBackupCodesV1(
-    backupUser: BackendMember,
-    systemUser: BackendMember,
-    codes: Array<BackupCode>,
-  ): Promise<Array<IBackupCode>> {
-    const encryptedCodes: Array<IBackupCode> = [];
-    for (const code of codes) {
-      encryptedCodes.push(await code.encrypt(backupUser, systemUser));
-    }
-    return encryptedCodes;
-  }
-  /** Delegate to current version. */
-  public static encryptBackupCodes(
-    backupUser: BackendMember,
-    systemUser: BackendMember,
-    codes: Array<BackupCode>,
-  ): Promise<Array<IBackupCode>> {
-    return BackupCode.encryptBackupCodesV1(backupUser, systemUser, codes);
-  }
-  /**
-   * v1: Validate whether a backup code exists (unused) in the provided collection.
-   * Uses constant-time comparison of binary checksums (codeUtf8 + salt).
-   */
-  public static validateBackupCodeV1(
-    encryptedBackupCodes: Array<IBackupCode>,
-    backupCode: string,
-    constants: IConstants = Constants,
-  ): boolean {
-    const normalizedCode = BackupCodeString.normalizeCode(backupCode);
-    if (!constants.BACKUP_CODES.NormalizedHexRegex.test(normalizedCode)) {
-      return false;
-    }
-    const codeBytes = Buffer.from(normalizedCode, 'utf8');
-    try {
-      for (const code of encryptedBackupCodes) {
-        if (code.version !== BackupCode.BackupCodeVersion) continue;
-        const checksumSalt = Buffer.from(code.checksumSalt, 'hex');
-        const expected = BackupCode.hkdfSha256(
-          codeBytes,
-          checksumSalt,
-          Buffer.from('backup-checksum'),
-          32,
-        );
-        if (
-          code.checksum.length === expected.length * 2 &&
-          timingSafeEqual(Buffer.from(code.checksum, 'hex'), expected)
-        ) {
-          return true;
-        }
-      }
-      return false;
-    } finally {
-      codeBytes.fill(0);
-    }
-  }
-  /**
-   * Validate a backup code against any supported version present in the collection.
-   */
-  public static validateBackupCode(
-    encryptedBackupCodes: Array<IBackupCode>,
-    backupCode: string,
-    constants: IConstants = Constants,
-  ): boolean {
-    const normalizedCode = BackupCodeString.normalizeCode(backupCode);
-    if (!constants.BACKUP_CODES.NormalizedHexRegex.test(normalizedCode)) {
-      return false;
-    }
-    if (
-      encryptedBackupCodes.some(
-        (c) => c.version === BackupCode.BackupCodeVersion,
-      )
-    ) {
-      return this.validateBackupCodeV1(
-        encryptedBackupCodes.filter(
-          (c) => c.version === BackupCode.BackupCodeVersion,
-        ),
-        normalizedCode,
-      );
-    }
-    return false;
-  }
-  /**
-   * Detect the version by matching checksum against stored codes; returns the matched version.
-   */
-  public static detectBackupCodeVersion(
-    encryptedBackupCodes: Array<IBackupCode>,
-    backupCode: string,
-    constants: IConstants = Constants,
-  ): string {
-    const normalizedCode = BackupCodeString.normalizeCode(backupCode);
-    if (!constants.BACKUP_CODES.NormalizedHexRegex.test(normalizedCode)) {
-      throw new InvalidBackupCodeError();
-    }
-    const v1Set = encryptedBackupCodes.filter(
-      (c) => c.version === BackupCode.BackupCodeVersion,
-    );
-    if (v1Set.length) {
-      const codeBytes = Buffer.from(normalizedCode, 'utf8');
-      try {
-        for (const c of v1Set) {
-          const checksumSalt = Buffer.from(c.checksumSalt, 'hex');
-          const expected = BackupCode.hkdfSha256(
-            codeBytes,
-            checksumSalt,
-            Buffer.from('backup-checksum'),
-            32,
-          );
-          if (
-            c.checksum.length === expected.length * 2 &&
-            timingSafeEqual(Buffer.from(c.checksum, 'hex'), expected)
-          ) {
-            return c.version;
-          }
-        }
-      } finally {
-        // zeroize
-        codeBytes.fill(0);
-      }
-    }
-    const versionsInSet = new Set(encryptedBackupCodes.map((c) => c.version));
-    if (
-      versionsInSet.size > 0 &&
-      !versionsInSet.has(BackupCode.BackupCodeVersion)
-    ) {
-      throw new InvalidBackupCodeVersionError([...versionsInSet][0]);
-    }
-    throw new InvalidBackupCodeError();
-  }
-}

package/src/constants.ts DELETED Viewed

@@ -1,69 +0,0 @@
-import { ECIES as ECIESDefaults } from '@digitaldefiance/ecies-lib';
-import { createConstants } from '@digitaldefiance/suite-core-lib';
-import { IFECConsts } from './interfaces';
-import { IChecksumConsts } from './interfaces/checksum-consts';
-import { IConstants } from './interfaces/constants';
-import { IJwtConsts } from './interfaces/jwt-consts';
-/**
- * Constants for checksum operations
- * These values are critical for data integrity and MUST NOT be changed
- * in an already established system as it will break all existing checksums.
- */
-export const CHECKSUM: IChecksumConsts = Object.freeze({
-  /** Default hash bits for SHA3 */
-  SHA3_DEFAULT_HASH_BITS: 512 as const,
-  /** Length of a SHA3 checksum buffer in bytes */
-  SHA3_BUFFER_LENGTH: 64 as const,
-  /** algorithm to use for checksum */
-  ALGORITHM: 'sha3-512' as const,
-  /** encoding to use for checksum */
-  ENCODING: 'hex' as const,
-} as const);
-export const JWT: IJwtConsts = {
-  /**
-   * Algorithm to use for JWT
-   */
-  ALGORITHM: 'HS256' as const,
-  /**
-   * The expiration time for a JWT token in seconds
-   */
-  EXPIRATION_SEC: 86400 as const,
-} as const;
-export const FEC: IFECConsts = {
-  /**
-   * Maximum size of a single shard
-   */
-  MAX_SHARD_SIZE: 1048576 as const,
-} as const;
-// use defaults from ecies-lib
-export const ECIES = Object.freeze(ECIESDefaults);
-export const createExpressConstants = (
-  siteDomain: string,
-  overrides?: Partial<IConstants>,
-): IConstants => {
-  return Object.freeze({
-    ...createConstants(siteDomain, overrides),
-    CHECKSUM: CHECKSUM,
-    JWT: JWT,
-    FEC: FEC,
-    ECIES: ECIES,
-  } as const);
-};
-export const Constants: IConstants = createExpressConstants('localhost');
-if (
-  CHECKSUM.SHA3_BUFFER_LENGTH !== CHECKSUM.SHA3_DEFAULT_HASH_BITS / 8 ||
-  CHECKSUM.SHA3_BUFFER_LENGTH !== CHECKSUM.SHA3_DEFAULT_HASH_BITS / 8
-) {
-  throw new Error('Invalid checksum constants');
-}