@digitaldefiance/node-express-suite 1.0.23 → 1.0.24

package/src/middlewares/authenticate-token.ts

@@ -1,152 +0,0 @@
-import { GlobalActiveContext, Timezone } from '@digitaldefiance/i18n-lib';
-import {
-  AccountStatus,
-  getSuiteCoreTranslation,
-  ITokenRole,
-  ITokenUser,
-  SuiteCoreStringKey,
-} from '@digitaldefiance/suite-core-lib';
-import { NextFunction, Request, Response } from 'express';
-import { IncomingHttpHeaders } from 'http';
-import { ClientSession, Types } from 'mongoose';
-import { IUserDocument } from '../documents/user';
-import { BaseModelName } from '../enumerations/base-model-name';
-import { TokenExpiredError } from '../errors/token-expired';
-import { IApplication } from '../interfaces/application';
-import { JwtService } from '../services/jwt';
-import { RequestUserService } from '../services/request-user';
-import { RoleService } from '../services/role';
-import { withTransaction } from '../utils';
-import { IBaseDocument } from '../documents';
-import { Environment } from '../environment';
-import { IConstants } from '../interfaces';
-
-/**
- * Find the auth token in the headers
- * @param headers The headers
- * @returns The auth token
- */
-export function findAuthToken(headers: IncomingHttpHeaders): string | null {
-  const authHeader = headers['Authorization'] || headers['authorization'];
-  if (authHeader && typeof authHeader === 'string') {
-    const parts = authHeader.split(' ');
-    if (parts.length === 2 && parts[0].toLowerCase() === 'bearer') {
-      return parts[1];
-    }
-  }
-  return null;
-}
-
-/**
- * Middleware to authenticate a token
- * @param application The application
- * @param req The request
- * @param res The response
- * @param next The next function
- * @returns The response
- */
-export async function authenticateToken<
-  I = Types.ObjectId,
-  D extends Date = Date,
-  TTokenRole extends ITokenRole<I, D> = ITokenRole<I, D>,
-  TTokenUser extends ITokenUser = ITokenUser,
-  TApplication extends IApplication<any, Types.ObjectId, IBaseDocument<any, Types.ObjectId>, Environment, IConstants> = IApplication<any, Types.ObjectId, IBaseDocument<any, Types.ObjectId>, Environment, IConstants>,
->(
-  application: TApplication,
-  req: Request,
-  res: Response,
-  next: NextFunction,
-): Promise<Response> {
-  const UserModel = application.getModel<IUserDocument>(BaseModelName.User);
-  const token = findAuthToken(req.headers);
-  if (token == null) {
-    return res
-      .status(401)
-      .send(
-        getSuiteCoreTranslation(SuiteCoreStringKey.Validation_InvalidToken),
-      );
-  }
-
-  try {
-    return await withTransaction<Response>(
-      application.db.connection,
-      application.environment.mongo.useTransactions,
-      undefined,
-      async (sess: ClientSession | undefined) => {
-        const jwtService = new JwtService<
-          I,
-          D,
-          TTokenRole,
-          TTokenUser,
-          TApplication
-        >(application);
-        const user: TTokenUser | null = await jwtService.verifyToken(token);
-        if (user === null) {
-          return (
-            res
-              .status(403)
-              .send(
-                // amazonq-ignore-next-line false positive, hardcoded string
-                getSuiteCoreTranslation(
-                  SuiteCoreStringKey.Validation_UserNotFound,
-                ),
-              )
-          );
-        }
-        const userDoc = await UserModel.findById(user.userId, {
-          password: 0,
-        })
-          .session(sess ?? null)
-          .exec();
-        if (!userDoc || userDoc.accountStatus !== AccountStatus.Active) {
-          return (
-            res
-              .status(403)
-              .send(
-                // amazonq-ignore-next-line false positive, hardcoded string
-                getSuiteCoreTranslation(
-                  SuiteCoreStringKey.Validation_UserNotFound,
-                ),
-              )
-          );
-        }
-        const roleService: RoleService = new RoleService(application);
-        const roles = await roleService.getUserRoles(userDoc._id, sess);
-        const tokenRoles = roleService.rolesToTokenRoles(roles);
-        req.user = RequestUserService.makeRequestUserDTO(userDoc, tokenRoles);
-        const context = GlobalActiveContext.getInstance();
-        context.userLanguage = userDoc.siteLanguage ?? context.userLanguage;
-        context.setLanguageContextSpace('user');
-        context.userTimezone = new Timezone(userDoc.timezone);
-        next();
-        return res;
-      },
-      {
-        timeoutMs: application.environment.mongo.transactionTimeout,
-      },
-    );
-  } catch (err) {
-    if (err instanceof TokenExpiredError) {
-      return res.status(401).send({
-        message: getSuiteCoreTranslation(
-          SuiteCoreStringKey.Validation_TokenExpired,
-        ),
-        error: err,
-      });
-    } else if (err instanceof Error && err.name === 'JsonWebTokenError') {
-      return res.status(400).send({
-        message: getSuiteCoreTranslation(
-          SuiteCoreStringKey.Validation_InvalidToken,
-        ),
-        error: err,
-      });
-    } else {
-      return res.status(500).send({
-        message: getSuiteCoreTranslation(
-          SuiteCoreStringKey.Common_UnexpectedError,
-        ),
-        error: err,
-      });
-    }
-  }
-}

package/src/middlewares/cleanup-crypto.ts

@@ -1,40 +0,0 @@
-import { NextFunction, Request, Response } from 'express';
-
-/**
- * Middleware to clean up crypto resources after request completion
- * Should be used after crypto operations to ensure private keys are disposed
- */
-export function cleanupCrypto(
-  req: Request,
-  res: Response,
-  next: NextFunction,
-): void {
-  // Store original end function
-  const originalEnd = res.end;
-
-  // Override end function to cleanup before response
-  const wrappedEnd = function (this: Response, ...args: unknown[]) {
-    // Cleanup eciesUser if it exists
-    if (req.eciesUser) {
-      try {
-        // Dispose of sensitive cryptographic material
-        req.eciesUser.dispose();
-        req.eciesUser = undefined;
-      } catch (error) {
-        console.error('Error cleaning up crypto resources:', error);
-      }
-    }
-    // Do not dispose system user here; it may be a process-wide singleton
-
-    // Call original end function
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    return (originalEnd as unknown as (...a: any[]) => Response).apply(
-      this,
-      args,
-    );
-  } as unknown as typeof res.end;
-
-  res.end = wrappedEnd;
-
-  next();
-}

package/src/middlewares/set-global-context-language.ts

@@ -1,24 +0,0 @@
-// src/middlewares/injectMongooseContext.ts
-
-import {
-  GlobalActiveContext,
-  LanguageRegistry,
-} from '@digitaldefiance/i18n-lib';
-import { NextFunction, Request, Response } from 'express';
-
-export function setGlobalContextLanguageFromRequest(
-  req: Request,
-  res: Response,
-  next: NextFunction,
-) {
-  // Use fallback chain: accept-language -> user preference -> site default
-  const language = LanguageRegistry.getMatchingLanguageCode(
-    req.headers['accept-language'] as string,
-    req.user?.siteLanguage as string,
-  );
-
-  const context = GlobalActiveContext.getInstance();
-  context.setUserLanguage(language);
-  context.setLanguageContextSpace('user');
-  next();
-}

package/src/middlewares.ts

@@ -1,120 +0,0 @@
-import cors from 'cors';
-import { randomBytes } from 'crypto';
-import {
-  Application,
-  json,
-  NextFunction,
-  Request,
-  Response,
-  urlencoded,
-} from 'express';
-import helmet from 'helmet';
-import { IncomingMessage, ServerResponse } from 'http';
-
-const corsOptionsDelegate = (corsWhitelist: string[]) => {
-  return (
-    req: cors.CorsRequest,
-    callback: (
-      error: Error | null,
-      options: cors.CorsOptions | undefined,
-    ) => void,
-  ) => {
-    let corsOptions: cors.CorsOptions;
-    const origin = req.headers.origin;
-    if (
-      origin &&
-      corsWhitelist.find((w: string | RegExp) => {
-        if (w instanceof RegExp) {
-          return w.test(origin);
-        } else {
-          return w === origin;
-        }
-      })
-    ) {
-      corsOptions = { origin: true };
-    } else {
-      corsOptions = { origin: false };
-    }
-    callback(null, corsOptions);
-  };
-};
-
-export class Middlewares {
-  /**
-   * Initialize the middleware
-   * @param app - Express application
-   */
-  public static init(
-    app: Application,
-    corsWhitelist: string[],
-    csp: {
-      defaultSrc: (
-        | string
-        | ((req: IncomingMessage, res: ServerResponse) => string)
-      )[];
-      imgSrc: (
-        | string
-        | ((req: IncomingMessage, res: ServerResponse) => string)
-      )[];
-      connectSrc: (
-        | string
-        | ((req: IncomingMessage, res: ServerResponse) => string)
-      )[];
-      scriptSrc: (
-        | string
-        | ((req: IncomingMessage, res: ServerResponse) => string)
-      )[];
-      styleSrc: (
-        | string
-        | ((req: IncomingMessage, res: ServerResponse) => string)
-      )[];
-      fontSrc: (
-        | string
-        | ((req: IncomingMessage, res: ServerResponse) => string)
-      )[];
-      frameSrc: (
-        | string
-        | ((req: IncomingMessage, res: ServerResponse) => string)
-      )[];
-    },
-  ): void {
-    // Helmet helps you secure your Express apps by setting various HTTP headers
-    // CSP nonce
-    app.use((req: Request, res: Response, next: NextFunction) => {
-      res.locals['cspNonce'] = randomBytes(32).toString('hex');
-      next();
-    });
-    app.use(
-      helmet({
-        contentSecurityPolicy: {
-          directives: {
-            defaultSrc: ["'self'", ...csp.defaultSrc],
-            imgSrc: ["'self'", 'data:', 'blob:', ...csp.imgSrc],
-            connectSrc: ["'self'", ...csp.connectSrc],
-            scriptSrc: [
-              "'self'",
-              //"'unsafe-inline'",
-              "'strict-dynamic'",
-              (req: IncomingMessage, res: ServerResponse) =>
-                `'nonce-${(res as Response).locals['cspNonce']}'`,
-              ...csp.scriptSrc,
-            ],
-            styleSrc: [
-              "'self'",
-              // "'unsafe-inline'",
-              ...csp.styleSrc,
-            ],
-            fontSrc: ["'self'", ...csp.fontSrc],
-            frameSrc: ["'self'", ...csp.frameSrc],
-          },
-        },
-      }),
-    );
-    // Enable CORS
-    app.use(cors(corsOptionsDelegate(corsWhitelist)));
-    // Parse incoming requests with JSON payloads
-    app.use(json());
-    // Parse incoming requests with urlencoded payloads
-    app.use(urlencoded({ extended: true }));
-  }
-}

package/src/model-registry.ts

@@ -1,75 +0,0 @@
-import { Model, Document as MongooseDocument, Schema } from 'mongoose';
-import { IBaseDocument } from './documents/base';
-import { InvalidModelError } from './errors';
-
-export type ModelRegistration<T, U extends IBaseDocument<T>> = {
-  modelName: string;
-  schema: Schema;
-  model: Model<U>;
-  collection: string;
-  discriminators?: unknown;
-};
-
-class ModelRegistry {
-  protected static _instance: ModelRegistry;
-  protected _models: Map<string, ModelRegistration<any, IBaseDocument<any>>> =
-    new Map();
-
-  private constructor() {}
-
-  public static get instance(): ModelRegistry {
-    if (!ModelRegistry._instance) {
-      ModelRegistry._instance = new ModelRegistry();
-    }
-    return ModelRegistry._instance;
-  }
-
-  public register<T, U extends IBaseDocument<T>>(
-    registration: ModelRegistration<T, U>,
-  ): void {
-    this._models.set(
-      registration.modelName,
-      registration as ModelRegistration<T, U>,
-    );
-  }
-
-  public get<T, U extends IBaseDocument<T>>(
-    modelName: string,
-  ): ModelRegistration<T, U> {
-    const result = this._models.get(modelName) as ModelRegistration<T, U>;
-    if (result === undefined) {
-      throw new InvalidModelError(modelName);
-    }
-    return result;
-  }
-
-  public getTypedModel<TDoc extends MongooseDocument>(
-    modelName: string,
-  ): Model<TDoc> {
-    const result = this._models.get(modelName);
-    if (result === undefined) {
-      throw new InvalidModelError(modelName);
-    }
-    return result.model as Model<TDoc>;
-  }
-
-  public getTypedSchema<TDoc extends MongooseDocument>(
-    modelName: string,
-  ): Schema<TDoc> {
-    const result = this._models.get(modelName);
-    if (result === undefined) {
-      throw new InvalidModelError(modelName);
-    }
-    return result.schema as Schema<TDoc>;
-  }
-
-  public has(modelName: string): boolean {
-    return this._models.has(modelName);
-  }
-
-  public list(): string[] {
-    return Array.from(this._models.keys());
-  }
-}
-
-export { ModelRegistry };

package/src/models/email-token.ts

@@ -1,19 +0,0 @@
-import { Connection, Schema } from 'mongoose';
-import { IEmailTokenDocument } from '../documents/email-token';
-import { BaseModelName } from '../enumerations';
-import { SchemaCollection } from '../enumerations/schema-collection';
-import { EmailTokenSchema } from '../schemas/email-token';
-
-export function EmailTokenModel<
-  TModelName extends string = BaseModelName,
-  TCollection extends string = SchemaCollection,
->(
-  connection: Connection,
-  modelName: TModelName = BaseModelName.EmailToken as TModelName,
-  collection: TCollection = SchemaCollection.EmailToken as TCollection,
-  schema: Schema<IEmailTokenDocument> = EmailTokenSchema,
-) {
-  return connection.model<IEmailTokenDocument>(modelName, schema, collection);
-}
-
-export default EmailTokenModel;

package/src/models/mnemonic.ts

@@ -1,19 +0,0 @@
-import { Connection, Schema } from 'mongoose';
-import { IMnemonicDocument } from '../documents/mnemonic';
-import { BaseModelName } from '../enumerations';
-import { SchemaCollection } from '../enumerations/schema-collection';
-import { MnemonicSchema } from '../schemas/mnemonic';
-
-export function MnemonicModel<
-  TModelName extends string = BaseModelName,
-  TCollection extends string = SchemaCollection,
->(
-  connection: Connection,
-  modelName: TModelName = BaseModelName.Mnemonic as TModelName,
-  collection: TCollection = SchemaCollection.Mnemonic as TCollection,
-  schema: Schema<IMnemonicDocument> = MnemonicSchema,
-) {
-  return connection.model<IMnemonicDocument>(modelName, schema, collection);
-}
-
-export default MnemonicModel;

package/src/models/role.ts

@@ -1,19 +0,0 @@
-import { Connection, Schema } from 'mongoose';
-import { IRoleDocument } from '../documents/role';
-import { BaseModelName } from '../enumerations';
-import { SchemaCollection } from '../enumerations/schema-collection';
-import { RoleSchema } from '../schemas/role';
-
-export function RoleModel<
-  TModelName extends string = BaseModelName,
-  TCollection extends string = SchemaCollection,
->(
-  connection: Connection,
-  modelName: TModelName = BaseModelName.Role as TModelName,
-  collection: TCollection = SchemaCollection.Role as TCollection,
-  schema: Schema<IRoleDocument> = RoleSchema,
-) {
-  return connection.model<IRoleDocument>(modelName, schema, collection);
-}
-
-export default RoleModel;

package/src/models/used-direct-login-token.ts

@@ -1,23 +0,0 @@
-import { Connection, Schema } from 'mongoose';
-import { IUsedDirectLoginTokenDocument } from '../documents/used-direct-login-token';
-import { BaseModelName } from '../enumerations';
-import { SchemaCollection } from '../enumerations/schema-collection';
-import { UsedDirectLoginTokenSchema } from '../schemas/used-direct-login-token';
-
-export function UsedDirectLoginTokenModel<
-  TModelName extends string = BaseModelName,
-  TCollection extends string = SchemaCollection,
->(
-  connection: Connection,
-  modelName: TModelName = BaseModelName.UsedDirectLoginToken as TModelName,
-  collection: TCollection = SchemaCollection.UsedDirectLoginToken as TCollection,
-  schema: Schema<IUsedDirectLoginTokenDocument> = UsedDirectLoginTokenSchema,
-) {
-  return connection.model<IUsedDirectLoginTokenDocument>(
-    modelName,
-    schema,
-    collection,
-  );
-}
-
-export default UsedDirectLoginTokenModel;

package/src/models/user-role.ts

@@ -1,17 +0,0 @@
-import { Connection, Model, Schema } from 'mongoose';
-import { IUserRoleDocument } from '../documents/user-role';
-import { BaseModelName } from '../enumerations';
-import { SchemaCollection } from '../enumerations/schema-collection';
-import { UserRoleSchema } from '../schemas/user-role';
-
-export default function UserRoleModel<
-  TModelName extends string = BaseModelName,
-  TCollection extends string = SchemaCollection,
->(
-  connection: Connection,
-  modelName: TModelName = BaseModelName.UserRole as TModelName,
-  collection: TCollection = SchemaCollection.UserRole as TCollection,
-  schema: Schema<IUserRoleDocument> = UserRoleSchema,
-): Model<IUserRoleDocument> {
-  return connection.model<IUserRoleDocument>(modelName, schema, collection);
-}

package/src/models/user.ts

@@ -1,19 +0,0 @@
-import { Connection, Model, Schema } from 'mongoose';
-import { IUserDocument } from '../documents/user';
-import { BaseModelName } from '../enumerations';
-import { SchemaCollection } from '../enumerations/schema-collection';
-import { UserSchema } from '../schemas/user';
-
-export function UserModel<
-  TModelName extends string = BaseModelName,
-  TCollection extends string = SchemaCollection,
->(
-  connection: Connection,
-  modelName: TModelName = BaseModelName.User as TModelName,
-  collection: TCollection = SchemaCollection.User as TCollection,
-  schema: Schema<IUserDocument> = UserSchema,
-): Model<IUserDocument> {
-  return connection.model<IUserDocument>(modelName, schema, collection);
-}
-
-export default UserModel;

package/src/registry/email-service-registry.ts

@@ -1,24 +0,0 @@
-import {
-  SuiteCoreStringKey,
-  TranslatableSuiteError,
-} from '@digitaldefiance/suite-core-lib';
-import { IEmailService } from '../interfaces/email-service';
-
-class EmailServiceRegistry {
-  private service?: IEmailService;
-
-  setService(service: IEmailService): void {
-    this.service = service;
-  }
-
-  getService(): IEmailService {
-    if (!this.service) {
-      throw new TranslatableSuiteError(
-        SuiteCoreStringKey.Error_EmailService_NotConfigured,
-      );
-    }
-    return this.service;
-  }
-}
-
-export const emailServiceRegistry = new EmailServiceRegistry();