npm - @digitaldefiance/node-express-suite - Versions diffs - 1.0.23 → 1.0.25 - Mend

@digitaldefiance/node-express-suite 1.0.23 → 1.0.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (632) hide show

package/README.md +8 -0
package/package.json +8 -7
package/src/application-base.d.ts +112 -0
package/src/application-base.d.ts.map +1 -0
package/src/application-base.js +335 -0
package/src/application-base.js.map +1 -0
package/src/application.d.ts +20 -0
package/src/application.d.ts.map +1 -0
package/src/application.js +124 -0
package/src/application.js.map +1 -0
package/src/backup-code.d.ts +67 -0
package/src/backup-code.d.ts.map +1 -0
package/src/backup-code.js +238 -0
package/src/backup-code.js.map +1 -0
package/src/constants.d.ts +16 -0
package/src/constants.d.ts.map +1 -0
package/src/constants.js +54 -0
package/src/constants.js.map +1 -0
package/src/controllers/base.d.ts +63 -0
package/src/controllers/base.d.ts.map +1 -0
package/src/controllers/base.js +272 -0
package/src/controllers/base.js.map +1 -0
package/src/controllers/{index.ts → index.d.ts} +1 -0
package/src/controllers/index.d.ts.map +1 -0
package/src/controllers/index.js +6 -0
package/src/controllers/index.js.map +1 -0
package/src/controllers/user.d.ts +45 -0
package/src/controllers/user.d.ts.map +1 -0
package/src/controllers/user.js +748 -0
package/src/controllers/user.js.map +1 -0
package/src/decorators/base-controller.d.ts +14 -0
package/src/decorators/base-controller.d.ts.map +1 -0
package/src/decorators/base-controller.js +49 -0
package/src/decorators/base-controller.js.map +1 -0
package/src/decorators/controller.d.ts +32 -0
package/src/decorators/controller.d.ts.map +1 -0
package/src/decorators/controller.js +67 -0
package/src/decorators/controller.js.map +1 -0
package/src/decorators/{index.ts → index.d.ts} +1 -0
package/src/decorators/index.d.ts.map +1 -0
package/src/decorators/index.js +7 -0
package/src/decorators/index.js.map +1 -0
package/src/decorators/zod-validation.d.ts +5 -0
package/src/decorators/zod-validation.d.ts.map +1 -0
package/src/decorators/zod-validation.js +47 -0
package/src/decorators/zod-validation.js.map +1 -0
package/src/defaults.d.ts +7 -0
package/src/defaults.d.ts.map +1 -0
package/src/defaults.js +83 -0
package/src/defaults.js.map +1 -0
package/src/documents/base.d.ts +3 -0
package/src/documents/base.d.ts.map +1 -0
package/src/documents/base.js +3 -0
package/src/documents/base.js.map +1 -0
package/src/documents/email-token.d.ts +8 -0
package/src/documents/email-token.d.ts.map +1 -0
package/src/documents/email-token.js +3 -0
package/src/documents/email-token.js.map +1 -0
package/src/documents/{index.ts → index.d.ts} +1 -0
package/src/documents/index.d.ts.map +1 -0
package/src/documents/index.js +3 -0
package/src/documents/index.js.map +1 -0
package/src/documents/{mnemonic.ts → mnemonic.d.ts} +2 -5
package/src/documents/mnemonic.d.ts.map +1 -0
package/src/documents/mnemonic.js +3 -0
package/src/documents/mnemonic.js.map +1 -0
package/src/documents/{role.ts → role.d.ts} +2 -5
package/src/documents/role.d.ts.map +1 -0
package/src/documents/role.js +3 -0
package/src/documents/role.js.map +1 -0
package/src/documents/used-direct-login-token.d.ts +5 -0
package/src/documents/used-direct-login-token.d.ts.map +1 -0
package/src/documents/used-direct-login-token.js +3 -0
package/src/documents/used-direct-login-token.js.map +1 -0
package/src/documents/{user-role.ts → user-role.d.ts} +2 -5
package/src/documents/user-role.d.ts.map +1 -0
package/src/documents/user-role.js +3 -0
package/src/documents/user-role.js.map +1 -0
package/src/documents/{user.ts → user.d.ts} +2 -4
package/src/documents/user.d.ts.map +1 -0
package/src/documents/user.js +3 -0
package/src/documents/user.js.map +1 -0
package/src/enumerations/base-model-name.d.ts +38 -0
package/src/enumerations/base-model-name.d.ts.map +1 -0
package/src/enumerations/base-model-name.js +34 -0
package/src/enumerations/base-model-name.js.map +1 -0
package/src/enumerations/{index.ts → index.d.ts} +1 -0
package/src/enumerations/index.d.ts.map +1 -0
package/src/enumerations/index.js +8 -0
package/src/enumerations/index.js.map +1 -0
package/src/enumerations/length-encoding-type.d.ts +7 -0
package/src/enumerations/length-encoding-type.d.ts.map +1 -0
package/src/enumerations/length-encoding-type.js +11 -0
package/src/enumerations/length-encoding-type.js.map +1 -0
package/src/enumerations/schema-collection.d.ts +34 -0
package/src/enumerations/schema-collection.d.ts.map +1 -0
package/src/enumerations/schema-collection.js +38 -0
package/src/enumerations/schema-collection.js.map +1 -0
package/src/enumerations/symmetric-error-type.d.ts +5 -0
package/src/enumerations/symmetric-error-type.d.ts.map +1 -0
package/src/enumerations/symmetric-error-type.js +9 -0
package/src/enumerations/symmetric-error-type.js.map +1 -0
package/src/environment.d.ts +189 -0
package/src/environment.d.ts.map +1 -0
package/src/environment.js +620 -0
package/src/environment.js.map +1 -0
package/src/errors/express-validation.d.ts +9 -0
package/src/errors/express-validation.d.ts.map +1 -0
package/src/errors/express-validation.js +18 -0
package/src/errors/express-validation.js.map +1 -0
package/src/errors/{index.ts → index.d.ts} +1 -0
package/src/errors/index.d.ts.map +1 -0
package/src/errors/index.js +16 -0
package/src/errors/index.js.map +1 -0
package/src/errors/invalid-backup-code-version.d.ts +6 -0
package/src/errors/invalid-backup-code-version.d.ts.map +1 -0
package/src/errors/invalid-backup-code-version.js +15 -0
package/src/errors/invalid-backup-code-version.js.map +1 -0
package/src/errors/invalid-jwt-token.d.ts +5 -0
package/src/errors/invalid-jwt-token.d.ts.map +1 -0
package/src/errors/invalid-jwt-token.js +11 -0
package/src/errors/invalid-jwt-token.js.map +1 -0
package/src/errors/invalid-model.d.ts +6 -0
package/src/errors/invalid-model.d.ts.map +1 -0
package/src/errors/invalid-model.js +14 -0
package/src/errors/invalid-model.js.map +1 -0
package/src/errors/invalid-new-password.d.ts +5 -0
package/src/errors/invalid-new-password.d.ts.map +1 -0
package/src/errors/invalid-new-password.js +14 -0
package/src/errors/invalid-new-password.js.map +1 -0
package/src/errors/invalid-password.d.ts +5 -0
package/src/errors/invalid-password.d.ts.map +1 -0
package/src/errors/invalid-password.js +14 -0
package/src/errors/invalid-password.js.map +1 -0
package/src/errors/missing-validated-data.d.ts +7 -0
package/src/errors/missing-validated-data.d.ts.map +1 -0
package/src/errors/missing-validated-data.js +36 -0
package/src/errors/missing-validated-data.js.map +1 -0
package/src/errors/mnemonic-or-password-required.d.ts +5 -0
package/src/errors/mnemonic-or-password-required.d.ts.map +1 -0
package/src/errors/mnemonic-or-password-required.js +13 -0
package/src/errors/mnemonic-or-password-required.js.map +1 -0
package/src/errors/model-not-registered.d.ts +5 -0
package/src/errors/model-not-registered.d.ts.map +1 -0
package/src/errors/model-not-registered.js +12 -0
package/src/errors/model-not-registered.js.map +1 -0
package/src/errors/mongoose-validation.d.ts +11 -0
package/src/errors/mongoose-validation.d.ts.map +1 -0
package/src/errors/mongoose-validation.js +17 -0
package/src/errors/mongoose-validation.js.map +1 -0
package/src/errors/symmetric.d.ts +8 -0
package/src/errors/symmetric.d.ts.map +1 -0
package/src/errors/symmetric.js +23 -0
package/src/errors/symmetric.js.map +1 -0
package/src/errors/token-expired.d.ts +5 -0
package/src/errors/token-expired.d.ts.map +1 -0
package/src/errors/token-expired.js +11 -0
package/src/errors/token-expired.js.map +1 -0
package/src/get-language.d.ts +2 -0
package/src/get-language.d.ts.map +1 -0
package/src/get-language.js +30 -0
package/src/get-language.js.map +1 -0
package/src/get-timezone.d.ts +3 -0
package/src/get-timezone.d.ts.map +1 -0
package/src/get-timezone.js +31 -0
package/src/get-timezone.js.map +1 -0
package/src/{index.ts → index.d.ts} +1 -1
package/src/index.d.ts.map +1 -0
package/src/index.js +28 -0
package/src/index.js.map +1 -0
package/src/interfaces/{api-error-response.ts → api-error-response.d.ts} +2 -2
package/src/interfaces/api-error-response.d.ts.map +1 -0
package/src/interfaces/api-error-response.js +3 -0
package/src/interfaces/api-error-response.js.map +1 -0
package/src/interfaces/api-express-validation-error-response.d.ts +7 -0
package/src/interfaces/api-express-validation-error-response.d.ts.map +1 -0
package/src/interfaces/api-express-validation-error-response.js +3 -0
package/src/interfaces/api-express-validation-error-response.js.map +1 -0
package/src/interfaces/api-message-response.d.ts +4 -0
package/src/interfaces/api-message-response.d.ts.map +1 -0
package/src/interfaces/api-message-response.js +3 -0
package/src/interfaces/api-message-response.js.map +1 -0
package/src/interfaces/{api-mongo-validation-error-response.ts → api-mongo-validation-error-response.d.ts} +2 -2
package/src/interfaces/api-mongo-validation-error-response.d.ts.map +1 -0
package/src/interfaces/api-mongo-validation-error-response.js +3 -0
package/src/interfaces/api-mongo-validation-error-response.js.map +1 -0
package/src/interfaces/api-responses/{backup-codes-response.ts → backup-codes-response.d.ts} +2 -2
package/src/interfaces/api-responses/backup-codes-response.d.ts.map +1 -0
package/src/interfaces/api-responses/backup-codes-response.js +3 -0
package/src/interfaces/api-responses/backup-codes-response.js.map +1 -0
package/src/interfaces/api-responses/{challenge-response.ts → challenge-response.d.ts} +3 -3
package/src/interfaces/api-responses/challenge-response.d.ts.map +1 -0
package/src/interfaces/api-responses/challenge-response.js +3 -0
package/src/interfaces/api-responses/challenge-response.js.map +1 -0
package/src/interfaces/api-responses/{code-count-response.ts → code-count-response.d.ts} +2 -2
package/src/interfaces/api-responses/code-count-response.d.ts.map +1 -0
package/src/interfaces/api-responses/code-count-response.js +3 -0
package/src/interfaces/api-responses/code-count-response.js.map +1 -0
package/src/interfaces/api-responses/{index.ts → index.d.ts} +1 -0
package/src/interfaces/api-responses/index.d.ts.map +1 -0
package/src/interfaces/api-responses/index.js +11 -0
package/src/interfaces/api-responses/index.js.map +1 -0
package/src/interfaces/api-responses/{login-response.ts → login-response.d.ts} +4 -4
package/src/interfaces/api-responses/login-response.d.ts.map +1 -0
package/src/interfaces/api-responses/login-response.js +3 -0
package/src/interfaces/api-responses/login-response.js.map +1 -0
package/src/interfaces/api-responses/{mnemonic-response.ts → mnemonic-response.d.ts} +2 -2
package/src/interfaces/api-responses/mnemonic-response.d.ts.map +1 -0
package/src/interfaces/api-responses/mnemonic-response.js +3 -0
package/src/interfaces/api-responses/mnemonic-response.js.map +1 -0
package/src/interfaces/api-responses/{registration-response.ts → registration-response.d.ts} +3 -3
package/src/interfaces/api-responses/registration-response.d.ts.map +1 -0
package/src/interfaces/api-responses/registration-response.js +3 -0
package/src/interfaces/api-responses/registration-response.js.map +1 -0
package/src/interfaces/api-responses/{request-user-response.ts → request-user-response.d.ts} +2 -2
package/src/interfaces/api-responses/request-user-response.d.ts.map +1 -0
package/src/interfaces/api-responses/request-user-response.js +3 -0
package/src/interfaces/api-responses/request-user-response.js.map +1 -0
package/src/interfaces/{application.ts → application.d.ts} +7 -7
package/src/interfaces/application.d.ts.map +1 -0
package/src/interfaces/application.js +3 -0
package/src/interfaces/application.js.map +1 -0
package/src/interfaces/backend-objects/email-token.d.ts +4 -0
package/src/interfaces/backend-objects/email-token.d.ts.map +1 -0
package/src/interfaces/backend-objects/email-token.js +3 -0
package/src/interfaces/backend-objects/email-token.js.map +1 -0
package/src/interfaces/backend-objects/{index.ts → index.d.ts} +1 -0
package/src/interfaces/backend-objects/index.d.ts.map +1 -0
package/src/interfaces/backend-objects/index.js +8 -0
package/src/interfaces/backend-objects/index.js.map +1 -0
package/src/interfaces/backend-objects/{request-user.ts → request-user.d.ts} +2 -7
package/src/interfaces/backend-objects/request-user.d.ts.map +1 -0
package/src/interfaces/backend-objects/request-user.js +3 -0
package/src/interfaces/backend-objects/request-user.js.map +1 -0
package/src/interfaces/backend-objects/{role.ts → role.d.ts} +1 -1
package/src/interfaces/backend-objects/role.d.ts.map +1 -0
package/src/interfaces/backend-objects/role.js +3 -0
package/src/interfaces/backend-objects/role.js.map +1 -0
package/src/interfaces/backend-objects/user.d.ts +4 -0
package/src/interfaces/backend-objects/user.d.ts.map +1 -0
package/src/interfaces/backend-objects/user.js +3 -0
package/src/interfaces/backend-objects/user.js.map +1 -0
package/src/interfaces/checksum-config.d.ts +5 -0
package/src/interfaces/checksum-config.d.ts.map +1 -0
package/src/interfaces/checksum-config.js +3 -0
package/src/interfaces/checksum-config.js.map +1 -0
package/src/interfaces/checksum-consts.d.ts +11 -0
package/src/interfaces/checksum-consts.d.ts.map +1 -0
package/src/interfaces/checksum-consts.js +3 -0
package/src/interfaces/checksum-consts.js.map +1 -0
package/src/interfaces/{constants.ts → constants.d.ts} +5 -5
package/src/interfaces/constants.d.ts.map +1 -0
package/src/interfaces/constants.js +3 -0
package/src/interfaces/constants.js.map +1 -0
package/src/interfaces/create-user-basics.d.ts +18 -0
package/src/interfaces/create-user-basics.d.ts.map +1 -0
package/src/interfaces/create-user-basics.js +3 -0
package/src/interfaces/create-user-basics.js.map +1 -0
package/src/interfaces/csp-config.d.ts +14 -0
package/src/interfaces/csp-config.d.ts.map +1 -0
package/src/interfaces/csp-config.js +3 -0
package/src/interfaces/csp-config.js.map +1 -0
package/src/interfaces/deep-partial.d.ts +4 -0
package/src/interfaces/deep-partial.d.ts.map +1 -0
package/src/interfaces/deep-partial.js +3 -0
package/src/interfaces/deep-partial.js.map +1 -0
package/src/interfaces/{discriminator-collections.ts → discriminator-collections.d.ts} +3 -3
package/src/interfaces/discriminator-collections.d.ts.map +1 -0
package/src/interfaces/discriminator-collections.js +3 -0
package/src/interfaces/discriminator-collections.js.map +1 -0
package/src/interfaces/email-service.d.ts +4 -0
package/src/interfaces/email-service.d.ts.map +1 -0
package/src/interfaces/email-service.js +3 -0
package/src/interfaces/email-service.js.map +1 -0
package/src/interfaces/environment-mongo.d.ts +76 -0
package/src/interfaces/environment-mongo.d.ts.map +1 -0
package/src/interfaces/environment-mongo.js +3 -0
package/src/interfaces/environment-mongo.js.map +1 -0
package/src/interfaces/environment.d.ts +181 -0
package/src/interfaces/environment.d.ts.map +1 -0
package/src/interfaces/environment.js +3 -0
package/src/interfaces/environment.js.map +1 -0
package/src/interfaces/failable-result.d.ts +7 -0
package/src/interfaces/failable-result.d.ts.map +1 -0
package/src/interfaces/failable-result.js +3 -0
package/src/interfaces/failable-result.js.map +1 -0
package/src/interfaces/fec-consts.d.ts +5 -0
package/src/interfaces/fec-consts.d.ts.map +1 -0
package/src/interfaces/fec-consts.js +3 -0
package/src/interfaces/fec-consts.js.map +1 -0
package/src/interfaces/handleable-error-options.d.ts +7 -0
package/src/interfaces/handleable-error-options.d.ts.map +1 -0
package/src/interfaces/handleable-error-options.js +3 -0
package/src/interfaces/handleable-error-options.js.map +1 -0
package/src/interfaces/{index.ts → index.d.ts} +1 -0
package/src/interfaces/index.d.ts.map +1 -0
package/src/interfaces/index.js +33 -0
package/src/interfaces/index.js.map +1 -0
package/src/interfaces/jwt-consts.d.ts +11 -0
package/src/interfaces/jwt-consts.d.ts.map +1 -0
package/src/interfaces/jwt-consts.js +3 -0
package/src/interfaces/jwt-consts.js.map +1 -0
package/src/interfaces/jwt-sign-response.d.ts +11 -0
package/src/interfaces/jwt-sign-response.d.ts.map +1 -0
package/src/interfaces/jwt-sign-response.js +3 -0
package/src/interfaces/jwt-sign-response.js.map +1 -0
package/src/interfaces/mongo-errors.d.ts +5 -0
package/src/interfaces/mongo-errors.d.ts.map +1 -0
package/src/interfaces/mongo-errors.js +3 -0
package/src/interfaces/mongo-errors.js.map +1 -0
package/src/interfaces/request-user.d.ts +42 -0
package/src/interfaces/request-user.d.ts.map +1 -0
package/src/interfaces/request-user.js +3 -0
package/src/interfaces/request-user.js.map +1 -0
package/src/interfaces/required-string-keys.d.ts +22 -0
package/src/interfaces/required-string-keys.d.ts.map +1 -0
package/src/interfaces/required-string-keys.js +3 -0
package/src/interfaces/required-string-keys.js.map +1 -0
package/src/interfaces/schema.d.ts +29 -0
package/src/interfaces/schema.d.ts.map +1 -0
package/src/interfaces/schema.js +3 -0
package/src/interfaces/schema.js.map +1 -0
package/src/interfaces/server-init-result.d.ts +35 -0
package/src/interfaces/server-init-result.d.ts.map +1 -0
package/src/interfaces/server-init-result.js +3 -0
package/src/interfaces/server-init-result.js.map +1 -0
package/src/interfaces/status-code-response.d.ts +7 -0
package/src/interfaces/status-code-response.d.ts.map +1 -0
package/src/interfaces/status-code-response.js +3 -0
package/src/interfaces/status-code-response.js.map +1 -0
package/src/interfaces/symmetric-encryption-results.d.ts +3 -3
package/src/interfaces/symmetric-encryption-results.d.ts.map +1 -1
package/src/interfaces/symmetric-encryption-results.js.map +1 -1
package/src/interfaces/{token-response.ts → token-response.d.ts} +2 -2
package/src/interfaces/token-response.d.ts.map +1 -0
package/src/interfaces/token-response.js +3 -0
package/src/interfaces/token-response.js.map +1 -0
package/src/middlewares/authenticate-crypto.d.ts +13 -0
package/src/middlewares/authenticate-crypto.d.ts.map +1 -0
package/src/middlewares/authenticate-crypto.js +146 -0
package/src/middlewares/authenticate-crypto.js.map +1 -0
package/src/middlewares/authenticate-token.d.ts +24 -0
package/src/middlewares/authenticate-token.d.ts.map +1 -0
package/src/middlewares/authenticate-token.js +102 -0
package/src/middlewares/authenticate-token.js.map +1 -0
package/src/middlewares/cleanup-crypto.d.ts +7 -0
package/src/middlewares/cleanup-crypto.d.ts.map +1 -0
package/src/middlewares/cleanup-crypto.js +32 -0
package/src/middlewares/cleanup-crypto.js.map +1 -0
package/src/middlewares/{index.ts → index.d.ts} +1 -0
package/src/middlewares/index.d.ts.map +1 -0
package/src/middlewares/index.js +8 -0
package/src/middlewares/index.js.map +1 -0
package/src/middlewares/set-global-context-language.d.ts +3 -0
package/src/middlewares/set-global-context-language.d.ts.map +1 -0
package/src/middlewares/set-global-context-language.js +14 -0
package/src/middlewares/set-global-context-language.js.map +1 -0
package/src/middlewares.d.ts +18 -0
package/src/middlewares.d.ts.map +1 -0
package/src/middlewares.js +74 -0
package/src/middlewares.js.map +1 -0
package/src/model-registry.d.ts +23 -0
package/src/model-registry.d.ts.map +1 -0
package/src/model-registry.js +47 -0
package/src/model-registry.js.map +1 -0
package/src/models/email-token.d.ts +11 -0
package/src/models/email-token.d.ts.map +1 -0
package/src/models/email-token.js +11 -0
package/src/models/email-token.js.map +1 -0
package/src/models/{index.ts → index.d.ts} +1 -0
package/src/models/index.d.ts.map +1 -0
package/src/models/index.js +10 -0
package/src/models/index.js.map +1 -0
package/src/models/mnemonic.d.ts +11 -0
package/src/models/mnemonic.d.ts.map +1 -0
package/src/models/mnemonic.js +11 -0
package/src/models/mnemonic.js.map +1 -0
package/src/models/role.d.ts +11 -0
package/src/models/role.d.ts.map +1 -0
package/src/models/role.js +11 -0
package/src/models/role.js.map +1 -0
package/src/models/used-direct-login-token.d.ts +11 -0
package/src/models/used-direct-login-token.d.ts.map +1 -0
package/src/models/used-direct-login-token.js +11 -0
package/src/models/used-direct-login-token.js.map +1 -0
package/src/models/user-role.d.ts +6 -0
package/src/models/user-role.d.ts.map +1 -0
package/src/models/user-role.js +10 -0
package/src/models/user-role.js.map +1 -0
package/src/models/user.d.ts +7 -0
package/src/models/user.d.ts.map +1 -0
package/src/models/user.js +11 -0
package/src/models/user.js.map +1 -0
package/src/registry/email-service-registry.d.ts +9 -0
package/src/registry/email-service-registry.d.ts.map +1 -0
package/src/registry/email-service-registry.js +18 -0
package/src/registry/email-service-registry.js.map +1 -0
package/src/registry/{index.ts → index.d.ts} +1 -0
package/src/registry/index.d.ts.map +1 -0
package/src/registry/index.js +6 -0
package/src/registry/index.js.map +1 -0
package/src/routers/api.d.ts +27 -0
package/src/routers/api.d.ts.map +1 -0
package/src/routers/api.js +52 -0
package/src/routers/api.js.map +1 -0
package/src/routers/app.d.ts +28 -0
package/src/routers/app.d.ts.map +1 -0
package/src/routers/app.js +186 -0
package/src/routers/app.js.map +1 -0
package/src/routers/base.d.ts +12 -0
package/src/routers/base.d.ts.map +1 -0
package/src/routers/base.js +14 -0
package/src/routers/base.js.map +1 -0
package/src/routers/{index.ts → index.d.ts} +1 -0
package/src/routers/index.d.ts.map +1 -0
package/src/routers/index.js +7 -0
package/src/routers/index.js.map +1 -0
package/src/schemas/email-token.d.ts +38 -0
package/src/schemas/email-token.d.ts.map +1 -0
package/src/schemas/email-token.js +54 -0
package/src/schemas/email-token.js.map +1 -0
package/src/schemas/{index.ts → index.d.ts} +2 -1
package/src/schemas/index.d.ts.map +1 -0
package/src/schemas/index.js +11 -0
package/src/schemas/index.js.map +1 -0
package/src/schemas/mnemonic.d.ts +20 -0
package/src/schemas/mnemonic.d.ts.map +1 -0
package/src/schemas/mnemonic.js +30 -0
package/src/schemas/mnemonic.js.map +1 -0
package/src/schemas/role.d.ts +32 -0
package/src/schemas/role.d.ts.map +1 -0
package/src/schemas/role.js +86 -0
package/src/schemas/role.js.map +1 -0
package/src/schemas/schema.d.ts +40 -0
package/src/schemas/schema.d.ts.map +1 -0
package/src/schemas/schema.js +62 -0
package/src/schemas/schema.js.map +1 -0
package/src/schemas/used-direct-login-token.d.ts +27 -0
package/src/schemas/used-direct-login-token.d.ts.map +1 -0
package/src/schemas/used-direct-login-token.js +23 -0
package/src/schemas/used-direct-login-token.js.map +1 -0
package/src/schemas/user-role.d.ts +29 -0
package/src/schemas/user-role.d.ts.map +1 -0
package/src/schemas/user-role.js +54 -0
package/src/schemas/user-role.js.map +1 -0
package/src/schemas/user.d.ts +21 -0
package/src/schemas/user.d.ts.map +1 -0
package/src/schemas/user.js +176 -0
package/src/schemas/user.js.map +1 -0
package/src/services/backup-code.d.ts +78 -0
package/src/services/backup-code.d.ts.map +1 -0
package/src/services/backup-code.js +184 -0
package/src/services/backup-code.js.map +1 -0
package/src/services/base.d.ts +13 -0
package/src/services/base.d.ts.map +1 -0
package/src/services/base.js +15 -0
package/src/services/base.js.map +1 -0
package/src/services/checksum.d.ts +67 -0
package/src/services/checksum.d.ts.map +1 -0
package/src/services/checksum.js +143 -0
package/src/services/checksum.js.map +1 -0
package/src/services/crc.d.ts +87 -0
package/src/services/crc.d.ts.map +1 -0
package/src/services/crc.js +198 -0
package/src/services/crc.js.map +1 -0
package/src/services/database-initialization.d.ts +105 -0
package/src/services/database-initialization.d.ts.map +1 -0
package/src/services/database-initialization.js +782 -0
package/src/services/database-initialization.js.map +1 -0
package/src/services/db-init-cache.d.ts +7 -13
package/src/services/db-init-cache.d.ts.map +1 -0
package/src/services/db-init-cache.js +3 -0
package/src/services/db-init-cache.js.map +1 -0
package/src/services/direct-login-token.d.ts +9 -0
package/src/services/direct-login-token.d.ts.map +1 -0
package/src/services/direct-login-token.js +41 -0
package/src/services/direct-login-token.js.map +1 -0
package/src/services/fec-usage-example.d.ts +38 -0
package/src/services/fec-usage-example.d.ts.map +1 -0
package/src/services/fec-usage-example.js +75 -0
package/src/services/fec-usage-example.js.map +1 -0
package/src/services/fec.d.ts +46 -0
package/src/services/fec.d.ts.map +1 -0
package/src/services/fec.js +192 -0
package/src/services/fec.js.map +1 -0
package/src/services/{index.ts → index.d.ts} +1 -0
package/src/services/index.d.ts.map +1 -0
package/src/services/index.js +22 -0
package/src/services/index.js.map +1 -0
package/src/services/jwt.d.ts +33 -0
package/src/services/jwt.d.ts.map +1 -0
package/src/services/jwt.js +91 -0
package/src/services/jwt.js.map +1 -0
package/src/services/key-wrapping.d.ts +60 -0
package/src/services/key-wrapping.d.ts.map +1 -0
package/src/services/key-wrapping.js +311 -0
package/src/services/key-wrapping.js.map +1 -0
package/src/services/mnemonic.d.ts +61 -0
package/src/services/mnemonic.d.ts.map +1 -0
package/src/services/mnemonic.js +115 -0
package/src/services/mnemonic.js.map +1 -0
package/src/services/request-user.d.ts +20 -0
package/src/services/request-user.d.ts.map +1 -0
package/src/services/request-user.js +50 -0
package/src/services/request-user.js.map +1 -0
package/src/services/role.d.ts +88 -0
package/src/services/role.d.ts.map +1 -0
package/src/services/role.js +263 -0
package/src/services/role.js.map +1 -0
package/src/services/symmetric.d.ts +42 -0
package/src/services/symmetric.d.ts.map +1 -0
package/src/services/symmetric.js +101 -0
package/src/services/symmetric.js.map +1 -0
package/src/services/system-user.d.ts +17 -0
package/src/services/system-user.d.ts.map +1 -0
package/src/services/system-user.js +46 -0
package/src/services/system-user.js.map +1 -0
package/src/services/user.d.ts +320 -0
package/src/services/user.d.ts.map +1 -0
package/src/services/user.js +1378 -0
package/src/services/user.js.map +1 -0
package/src/services/xor.d.ts +24 -0
package/src/services/xor.d.ts.map +1 -0
package/src/services/xor.js +37 -0
package/src/services/xor.js.map +1 -0
package/src/types.d.ts +66 -40
package/src/types.d.ts.map +1 -0
package/src/types.js +14 -0
package/src/types.js.map +1 -0
package/src/utils.d.ts +202 -0
package/src/utils.d.ts.map +1 -0
package/src/utils.js +784 -0
package/src/utils.js.map +1 -0
package/LICENSE +0 -21
package/src/application-base.ts +0 -492
package/src/application.ts +0 -254
package/src/backup-code.ts +0 -336
package/src/constants.ts +0 -69
package/src/controllers/base.ts +0 -440
package/src/controllers/user.ts +0 -1451
package/src/decorators/base-controller.ts +0 -61
package/src/decorators/controller.ts +0 -109
package/src/decorators/zod-validation.ts +0 -57
package/src/defaults.ts +0 -94
package/src/documents/base.ts +0 -7
package/src/documents/email-token.ts +0 -14
package/src/documents/used-direct-login-token.ts +0 -7
package/src/enumerations/base-model-name.ts +0 -41
package/src/enumerations/length-encoding-type.ts +0 -6
package/src/enumerations/schema-collection.ts +0 -33
package/src/enumerations/symmetric-error-type.ts +0 -4
package/src/environment.ts +0 -770
package/src/errors/express-validation.ts +0 -21
package/src/errors/invalid-backup-code-version.ts +0 -14
package/src/errors/invalid-jwt-token.ts +0 -10
package/src/errors/invalid-model.ts +0 -11
package/src/errors/invalid-new-password.ts +0 -18
package/src/errors/invalid-password.ts +0 -13
package/src/errors/missing-validated-data.ts +0 -36
package/src/errors/mnemonic-or-password-required.ts +0 -12
package/src/errors/model-not-registered.ts +0 -11
package/src/errors/mongoose-validation.ts +0 -34
package/src/errors/symmetric.ts +0 -41
package/src/errors/token-expired.ts +0 -10
package/src/get-language.ts +0 -53
package/src/get-timezone.ts +0 -45
package/src/interfaces/api-express-validation-error-response.ts +0 -8
package/src/interfaces/api-message-response.ts +0 -3
package/src/interfaces/backend-objects/email-token.ts +0 -11
package/src/interfaces/backend-objects/user.ts +0 -9
package/src/interfaces/checksum-config.ts +0 -4
package/src/interfaces/checksum-consts.ts +0 -13
package/src/interfaces/create-user-basics.ts +0 -17
package/src/interfaces/csp-config.ts +0 -35
package/src/interfaces/deep-partial.ts +0 -3
package/src/interfaces/email-service.ts +0 -8
package/src/interfaces/environment-mongo.ts +0 -76
package/src/interfaces/environment.ts +0 -181
package/src/interfaces/failable-result.ts +0 -6
package/src/interfaces/fec-consts.ts +0 -4
package/src/interfaces/handleable-error-options.ts +0 -6
package/src/interfaces/jwt-consts.ts +0 -23
package/src/interfaces/jwt-sign-response.ts +0 -19
package/src/interfaces/mongo-errors.ts +0 -5
package/src/interfaces/request-user.ts +0 -50
package/src/interfaces/required-string-keys.ts +0 -26
package/src/interfaces/schema.ts +0 -31
package/src/interfaces/server-init-result.ts +0 -37
package/src/interfaces/status-code-response.ts +0 -7
package/src/interfaces/symmetric-encryption-results.ts +0 -4
package/src/middlewares/authenticate-crypto.ts +0 -243
package/src/middlewares/authenticate-token.ts +0 -152
package/src/middlewares/cleanup-crypto.ts +0 -40
package/src/middlewares/set-global-context-language.ts +0 -24
package/src/middlewares.ts +0 -120
package/src/model-registry.ts +0 -75
package/src/models/email-token.ts +0 -19
package/src/models/mnemonic.ts +0 -19
package/src/models/role.ts +0 -19
package/src/models/used-direct-login-token.ts +0 -23
package/src/models/user-role.ts +0 -17
package/src/models/user.ts +0 -19
package/src/registry/email-service-registry.ts +0 -24
package/src/routers/api.ts +0 -151
package/src/routers/app.ts +0 -258
package/src/routers/base.ts +0 -17
package/src/schemas/email-token.ts +0 -91
package/src/schemas/mnemonic.ts +0 -37
package/src/schemas/role.ts +0 -127
package/src/schemas/schema.ts +0 -140
package/src/schemas/used-direct-login-token.ts +0 -38
package/src/schemas/user-role.ts +0 -75
package/src/schemas/user.ts +0 -202
package/src/services/backup-code.ts +0 -316
package/src/services/base.ts +0 -33
package/src/services/checksum.ts +0 -161
package/src/services/crc.ts +0 -213
package/src/services/database-initialization.ts +0 -1479
package/src/services/direct-login-token.ts +0 -62
package/src/services/fec-usage-example.ts +0 -102
package/src/services/fec.ts +0 -296
package/src/services/jwt.ts +0 -134
package/src/services/key-wrapping.ts +0 -434
package/src/services/mnemonic.ts +0 -167
package/src/services/request-user.ts +0 -62
package/src/services/role.ts +0 -396
package/src/services/symmetric.ts +0 -139
package/src/services/system-user.ts +0 -82
package/src/services/user.ts +0 -2137
package/src/services/xor.ts +0 -34
package/src/types.ts +0 -128
package/src/utils.ts +0 -1022

package/src/services/key-wrapping.ts DELETED Viewed

@@ -1,434 +0,0 @@
-import { SecureBuffer, SecureString } from '@digitaldefiance/ecies-lib';
-import {
-  Constants as ApiConstants,
-  Pbkdf2Service,
-} from '@digitaldefiance/node-ecies-lib';
-import {
-  createCipheriv,
-  createDecipheriv,
-  createHash,
-  randomBytes,
-} from 'crypto';
-import { Constants as AppConstants } from '../constants';
-import { InvalidNewPasswordError, InvalidPasswordError } from '../errors';
-function createPbkdf2Service(): Pbkdf2Service {
-  return Pbkdf2Service.fromConstants(ApiConstants);
-}
-export interface WrappedKey {
-  salt: string;
-  iv: string;
-  authTag: string;
-  encryptedMasterKey: string;
-  iterations: number;
-}
-// Generic password-wrapped secret payload shape
-export interface PasswordWrappedSecret {
-  salt: string;
-  iv: string;
-  authTag: string;
-  ciphertext: string;
-  iterations: number;
-}
-export class KeyWrappingService {
-  // In-flight de-duplication map to share PBKDF2 work across concurrent identical requests
-  // Store a promise of the raw master key bytes, so each caller can get an independent SecureBuffer
-  private static inFlightUnwraps: Map<string, Promise<string>> = new Map();
-  /**
-   * Generates a new master key and wraps it with the user's password
-   */
-  public wrapNewMasterKey(password: SecureString): {
-    masterKey: SecureBuffer;
-    wrappedKey: WrappedKey;
-  } {
-    const masterKey = new SecureBuffer(
-      randomBytes(ApiConstants.WRAPPED_KEY.MASTER_KEY_SIZE),
-    );
-    const wrappedKey = this.wrapMasterKey(masterKey, password);
-    return { masterKey, wrappedKey };
-  }
-  /**
-   * Wraps an existing master key with a password-derived key
-   */
-  public wrapMasterKey(
-    masterKey: SecureBuffer,
-    password: SecureString,
-  ): WrappedKey {
-    if (AppConstants.PasswordRegex.test(password.value ?? '') === false) {
-      throw new InvalidNewPasswordError();
-    }
-    const salt = randomBytes(ApiConstants.WRAPPED_KEY.SALT_SIZE);
-    const iterations = ApiConstants.WRAPPED_KEY.MIN_ITERATIONS;
-    const pbkdf2Service = createPbkdf2Service();
-    // Derive key from password using centralized PBKDF2 service
-    const derivedKey = pbkdf2Service.deriveKeyFromPassword(
-      Buffer.from(password.valueAsUint8Array),
-      salt,
-      iterations,
-      ApiConstants.WRAPPED_KEY.SALT_SIZE,
-      32, // AES-256 key size
-      'sha256', // Keep existing algorithm for compatibility
-    );
-    const passwordKeySecure = new SecureBuffer(derivedKey.hash);
-    // Encrypt master key
-    const iv = randomBytes(ApiConstants.WRAPPED_KEY.IV_SIZE);
-    const cipher = createCipheriv('aes-256-gcm', passwordKeySecure.value, iv);
-    const encrypted = Buffer.concat([
-      cipher.update(masterKey.value),
-      cipher.final(),
-    ]);
-    const authTag = cipher.getAuthTag();
-    passwordKeySecure.dispose();
-    return {
-      salt: salt.toString('hex'),
-      iv: iv.toString('hex'),
-      authTag: authTag.toString('hex'),
-      encryptedMasterKey: encrypted.toString('hex'),
-      iterations,
-    };
-  }
-  /**
-   * Unwraps a master key using the user's password
-   */
-  public unwrapMasterKey(
-    wrappedKey: WrappedKey,
-    password: SecureString,
-  ): SecureBuffer {
-    const salt = Buffer.from(wrappedKey.salt, 'hex');
-    const iv = Buffer.from(wrappedKey.iv, 'hex');
-    const authTag = Buffer.from(wrappedKey.authTag, 'hex');
-    const encrypted = Buffer.from(wrappedKey.encryptedMasterKey, 'hex');
-    const pbkdf2Service = createPbkdf2Service();
-    // Derive the same key from password using centralized PBKDF2 service
-    const derivedKey = pbkdf2Service.deriveKeyFromPassword(
-      Buffer.from(password.valueAsUint8Array),
-      salt,
-      wrappedKey.iterations,
-      salt.length, // Use actual salt size
-      32, // AES-256 key size
-      'sha256', // Keep existing algorithm for compatibility
-    );
-    const passwordKeySecure = new SecureBuffer(derivedKey.hash);
-    try {
-      const decipher = createDecipheriv(
-        'aes-256-gcm',
-        passwordKeySecure.value,
-        iv,
-      );
-      decipher.setAuthTag(authTag);
-      const decrypted = Buffer.concat([
-        decipher.update(encrypted),
-        decipher.final(),
-      ]);
-      return new SecureBuffer(decrypted);
-    } catch {
-      throw new InvalidPasswordError();
-    } finally {
-      passwordKeySecure.dispose();
-    }
-  }
-  /**
-   * Async version of unwrapMasterKey that uses libuv threadpool via crypto.pbkdf2
-   * to avoid blocking the event loop during password verification.
-   */
-  public async unwrapMasterKeyAsync(
-    wrappedKey: WrappedKey,
-    password: SecureString | string,
-  ): Promise<SecureBuffer> {
-    const __perfEnabled = process.env['PERF_LOGS'] === '1';
-    const _t0 = __perfEnabled ? Date.now() : 0;
-    const salt = Buffer.from(wrappedKey.salt, 'hex');
-    const iv = Buffer.from(wrappedKey.iv, 'hex');
-    const authTag = Buffer.from(wrappedKey.authTag, 'hex');
-    const encrypted = Buffer.from(wrappedKey.encryptedMasterKey, 'hex');
-    // Accept either a SecureString (preferred) or a raw password string to avoid
-    // expensive SecureString construction in the hot login path.
-    const pwdBuffer =
-      // amazonq-ignore-next-line false positive
-      typeof password === 'string'
-        ? Buffer.from(password, 'utf8')
-        : Buffer.from(password.valueAsUint8Array);
-    const pbkdf2Service = createPbkdf2Service();
-    // Use centralized PBKDF2 service for async key derivation
-    const derivedKey = await pbkdf2Service.deriveKeyFromPasswordAsync(
-      pwdBuffer,
-      salt,
-      wrappedKey.iterations,
-      salt.length, // Use actual salt size
-      32, // AES-256 key size
-      'sha256', // Keep existing algorithm for compatibility
-    );
-    const passwordKeySecure = new SecureBuffer(derivedKey.hash);
-    try {
-      const decipher = createDecipheriv(
-        'aes-256-gcm',
-        passwordKeySecure.value,
-        iv,
-      );
-      decipher.setAuthTag(authTag);
-      const decrypted = Buffer.concat([
-        decipher.update(encrypted),
-        decipher.final(),
-      ]);
-      if (__perfEnabled)
-        console.warn(
-          '[perf] unwrapMasterKeyAsync pbkdf2',
-          'iters=' + String(wrappedKey.iterations).replace(/[\r\n]/g, ''),
-          'dt=' + (Date.now() - _t0) + 'ms',
-        );
-      return new SecureBuffer(decrypted);
-    } catch {
-      throw new InvalidPasswordError();
-    } finally {
-      // Best-effort zero the temporary password buffer
-      try {
-        pwdBuffer.fill(0);
-      } catch {
-        // ignore
-      }
-      passwordKeySecure.dispose();
-    }
-  }
-  /**
-   * Deduplicated async unwrap that coalesces concurrent identical PBKDF2 operations.
-   * Keyed by salt + iterations + a short hash of the password. Entry is removed after resolve/reject.
-   */
-  public async unwrapMasterKeyAsyncDedup(
-    wrappedKey: WrappedKey,
-    password: string,
-  ): Promise<SecureBuffer> {
-    // Derive a short cache key; avoid storing raw password by hashing
-    const pwdKey = createHash('sha256')
-      .update(password, 'utf8')
-      .digest('hex')
-      .slice(0, 24);
-    const cacheKey = `${wrappedKey.salt}:${wrappedKey.iterations}:${pwdKey}`;
-    let p = KeyWrappingService.inFlightUnwraps.get(cacheKey);
-    if (!p) {
-      // Compute once, extract raw bytes, dispose the shared SecureBuffer, and cache the bytes
-      p = (async () => {
-        const mk = await this.unwrapMasterKeyAsync(wrappedKey, password);
-        try {
-          const copy = Buffer.from(mk.value);
-          const b64 = copy.toString('base64');
-          // zeroize copy
-          copy.fill(0);
-          return b64;
-        } finally {
-          mk.dispose();
-        }
-      })().finally(() => {
-        // Best-effort cleanup
-        KeyWrappingService.inFlightUnwraps.delete(cacheKey);
-      }) as Promise<string>;
-      KeyWrappingService.inFlightUnwraps.set(cacheKey, p);
-    }
-    const b64 = await p;
-    // Return a fresh SecureBuffer per caller to avoid cross-disposal races
-    const buf = Buffer.from(b64, 'base64');
-    const secure = new SecureBuffer(Buffer.from(buf));
-    buf.fill(0);
-    return secure;
-  }
-  /**
-   * Changes password by re-wrapping the master key
-   */
-  public changePassword(
-    wrappedKey: WrappedKey,
-    oldPassword: SecureString,
-    newPassword: SecureString,
-  ): WrappedKey {
-    // Unwrap with old password
-    const masterKey = this.unwrapMasterKey(wrappedKey, oldPassword);
-    try {
-      // Re-wrap with new password
-      return this.wrapMasterKey(masterKey, newPassword);
-    } catch (error: unknown) {
-      throw error;
-    } finally {
-      masterKey.dispose();
-    }
-  }
-  /**
-   * Wraps arbitrary secret bytes with a password-derived key (AES-256-GCM)
-   */
-  public wrapSecret(
-    secret: SecureBuffer,
-    password: SecureString,
-  ): PasswordWrappedSecret {
-    if (AppConstants.PasswordRegex.test(password.value ?? '') === false) {
-      throw new InvalidNewPasswordError();
-    }
-    const salt = randomBytes(ApiConstants.WRAPPED_KEY.SALT_SIZE);
-    const iterations = ApiConstants.WRAPPED_KEY.MIN_ITERATIONS;
-    const pbkdf2Service = createPbkdf2Service();
-    // Derive key from password using centralized PBKDF2 service
-    const derivedKey = pbkdf2Service.deriveKeyFromPassword(
-      Buffer.from(password.valueAsUint8Array),
-      salt,
-      iterations,
-      ApiConstants.WRAPPED_KEY.SALT_SIZE,
-      32, // AES-256 key size
-      'sha256', // Keep existing algorithm for compatibility
-    );
-    const passwordKeySecure = new SecureBuffer(derivedKey.hash);
-    try {
-      const iv = randomBytes(ApiConstants.WRAPPED_KEY.IV_SIZE);
-      const cipher = createCipheriv('aes-256-gcm', passwordKeySecure.value, iv);
-      const encrypted = Buffer.concat([
-        cipher.update(secret.value),
-        cipher.final(),
-      ]);
-      const authTag = cipher.getAuthTag();
-      return {
-        salt: salt.toString('hex'),
-        iv: iv.toString('hex'),
-        authTag: authTag.toString('hex'),
-        ciphertext: encrypted.toString('hex'),
-        iterations,
-      };
-    } finally {
-      passwordKeySecure.dispose();
-    }
-  }
-  /**
-   * Unwraps a password-wrapped secret (sync)
-   */
-  public unwrapSecret(
-    wrapped: PasswordWrappedSecret,
-    password: SecureString,
-  ): SecureBuffer {
-    const salt = Buffer.from(wrapped.salt, 'hex');
-    const iv = Buffer.from(wrapped.iv, 'hex');
-    const authTag = Buffer.from(wrapped.authTag, 'hex');
-    const encrypted = Buffer.from(wrapped.ciphertext, 'hex');
-    const pbkdf2Service = createPbkdf2Service();
-    // Derive key from password using centralized PBKDF2 service
-    const derivedKey = pbkdf2Service.deriveKeyFromPassword(
-      Buffer.from(password.valueAsUint8Array),
-      salt,
-      wrapped.iterations,
-      salt.length, // Use actual salt size
-      32, // AES-256 key size
-      'sha256', // Keep existing algorithm for compatibility
-    );
-    const passwordKeySecure = new SecureBuffer(derivedKey.hash);
-    try {
-      const decipher = createDecipheriv(
-        'aes-256-gcm',
-        passwordKeySecure.value,
-        iv,
-      );
-      decipher.setAuthTag(authTag);
-      const decrypted = Buffer.concat([
-        decipher.update(encrypted),
-        decipher.final(),
-      ]);
-      return new SecureBuffer(decrypted);
-    } catch {
-      throw new InvalidPasswordError();
-    } finally {
-      passwordKeySecure.dispose();
-    }
-  }
-  /**
-   * Unwraps a password-wrapped secret (async PBKDF2)
-   */
-  public async unwrapSecretAsync(
-    wrapped: PasswordWrappedSecret,
-    password: SecureString | string,
-  ): Promise<SecureBuffer> {
-    const salt = Buffer.from(wrapped.salt, 'hex');
-    const iv = Buffer.from(wrapped.iv, 'hex');
-    const authTag = Buffer.from(wrapped.authTag, 'hex');
-    const encrypted = Buffer.from(wrapped.ciphertext, 'hex');
-    // Validate password parameter before using it
-    // amazonq-ignore-next-line false positive
-    if (typeof password === 'string') {
-      if (password === undefined || password === null) {
-        throw new Error('Password cannot be undefined or null');
-      }
-    } else if (!(password instanceof SecureString)) {
-      throw new Error('Password must be provided as string or SecureString');
-    }
-    const pwdBuffer =
-      // amazonq-ignore-next-line false positive
-      typeof password === 'string'
-        ? Buffer.from(password, 'utf8')
-        : await (async () => password.valueAsUint8Array)();
-    // Additional safety check
-    if (!pwdBuffer) {
-      throw new Error(
-        'Failed to create password buffer - password may be invalid',
-      );
-    }
-    const pbkdf2Service = createPbkdf2Service();
-    // Use centralized PBKDF2 service for async key derivation
-    const derivedKey = await pbkdf2Service.deriveKeyFromPasswordAsync(
-      Buffer.from(pwdBuffer),
-      salt,
-      wrapped.iterations,
-      salt.length, // Use actual salt size
-      32, // AES-256 key size
-      'sha256', // Keep existing algorithm for compatibility
-    );
-    const passwordKeySecure = new SecureBuffer(derivedKey.hash);
-    try {
-      const decipher = createDecipheriv(
-        'aes-256-gcm',
-        passwordKeySecure.value,
-        iv,
-      );
-      decipher.setAuthTag(authTag);
-      const decrypted = Buffer.concat([
-        decipher.update(encrypted),
-        decipher.final(),
-      ]);
-      return new SecureBuffer(decrypted);
-    } catch {
-      throw new InvalidPasswordError();
-    } finally {
-      try {
-        pwdBuffer.fill(0);
-      } catch {
-        // ignore
-      }
-      passwordKeySecure.dispose();
-    }
-  }
-}

package/src/services/mnemonic.ts DELETED Viewed

@@ -1,167 +0,0 @@
-import { SecureBuffer, SecureString } from '@digitaldefiance/ecies-lib';
-import {
-  SuiteCoreStringKey,
-  TranslatableSuiteError,
-} from '@digitaldefiance/suite-core-lib';
-import { createHmac } from 'crypto';
-import { ClientSession, Model } from 'mongoose';
-import { Constants as AppConstants } from '../constants';
-import { IMnemonicDocument } from '../documents/mnemonic';
-import { KeyWrappingService } from './key-wrapping';
-/**
- * Encrypts and stores mnemonics securely, using an HMAC to check for
- * uniqueness without exposing the mnemonic itself.
- */
-export class MnemonicService {
-  private readonly keyWrappingService: KeyWrappingService;
-  private readonly hmacSecret: SecureBuffer;
-  private readonly MnemonicModel: Model<IMnemonicDocument>;
-  constructor(
-    mnemonicModel: Model<IMnemonicDocument>,
-    hmacSecret: SecureBuffer,
-    keyWrappingService: KeyWrappingService,
-  ) {
-    this.MnemonicModel = mnemonicModel;
-    // Immediately wrap secrets in secure containers
-    this.hmacSecret = hmacSecret;
-    this.keyWrappingService = keyWrappingService;
-  }
-  /**
-   * Disposes of the secure secrets held by this service.
-   */
-  public dispose(): void {
-    this.hmacSecret.dispose();
-  }
-  /**
-   * Creates a non-reversible HMAC of the mnemonic for fast, indexed lookups.
-   * @param mnemonic The mnemonic to hash, wrapped in a SecureString.
-   */
-  public getMnemonicHmac(mnemonic: SecureString): string {
-    // Use the raw secret buffer for the HMAC
-    return createHmac('sha256', this.hmacSecret.value)
-      .update(mnemonic.valueAsUint8Array) // Use the raw buffer for consistency
-      .digest('hex');
-  }
-  /**
-   * Checks if a mnemonic already exists in the database using its HMAC.
-   * @param mnemonic The mnemonic to check, wrapped in a SecureString.
-   * @param session Optional Mongoose session for transaction support.
-   */
-  public async mnemonicExists(
-    mnemonic: SecureString,
-    session?: ClientSession,
-  ): Promise<boolean> {
-    const hmac = this.getMnemonicHmac(mnemonic);
-    const count = await this.MnemonicModel.countDocuments({ hmac }).session(
-      session ?? null,
-    );
-    return count > 0;
-  }
-  /**
-   * Adds a new, unique mnemonic to the database with password-based key wrapping.
-   * @param mnemonic The mnemonic to add, wrapped in a SecureString.
-   * @param password User's password for key wrapping.
-   * @param session Optional Mongoose session for transaction support.
-   */
-  public async addMnemonicWithPassword(
-    mnemonic: SecureString,
-    _password: SecureString,
-    session?: ClientSession,
-  ): Promise<{
-    document: IMnemonicDocument | null;
-  }> {
-    if (!mnemonic.value || !AppConstants.MnemonicRegex.test(mnemonic.value)) {
-      throw new TranslatableSuiteError(
-        SuiteCoreStringKey.Validation_MnemonicRegex,
-      );
-    }
-    if (await this.mnemonicExists(mnemonic, session)) {
-      return { document: null };
-    }
-    try {
-      const hmac = this.getMnemonicHmac(mnemonic);
-      const [newDoc] = await this.MnemonicModel.create(
-        [
-          {
-            hmac: hmac,
-          },
-        ],
-        { session },
-      );
-      return { document: newDoc };
-    } finally {
-      // nothing to dispose
-    }
-  }
-  /**
-   * Adds a new, unique mnemonic to the database.
-   * @param mnemonic The mnemonic to add, wrapped in a SecureString.
-   * @param session Optional Mongoose session for transaction support.
-   */
-  public async addMnemonic(
-    mnemonic: SecureString,
-    session?: ClientSession,
-  ): Promise<IMnemonicDocument | null> {
-    if (!mnemonic.value || !AppConstants.MnemonicRegex.test(mnemonic.value)) {
-      throw new TranslatableSuiteError(
-        SuiteCoreStringKey.Validation_MnemonicRegex,
-      );
-    }
-    if (await this.mnemonicExists(mnemonic, session)) {
-      return null;
-    }
-    const hmac = this.getMnemonicHmac(mnemonic);
-    const [newDoc] = await this.MnemonicModel.create(
-      [
-        {
-          hmac: hmac,
-        },
-      ],
-      { session },
-    );
-    return newDoc;
-  }
-  /**
-   * Retrieves a mnemonic document by ID.
-   * @param mnemonicId The ID of the mnemonic document.
-   * @param session Optional Mongoose session for transaction support.
-   */
-  public async getMnemonicDocument(
-    mnemonicId: string,
-    session?: ClientSession,
-  ): Promise<IMnemonicDocument | null> {
-    return await this.MnemonicModel.findById(mnemonicId).session(
-      session ?? null,
-    );
-  }
-  /**
-   * Decrypts a mnemonic from a document using the service's master encryption key.
-   * @param doc The mnemonic document.
-   */
-  /**
-   * Deletes a mnemonic document by ID.
-   * @param mnemonicId The ID of the mnemonic document.
-   * @param session Optional Mongoose session for transaction support.
-   */
-  public async deleteMnemonicDocument(
-    mnemonicId: string,
-    session?: ClientSession,
-  ): Promise<void> {
-    await this.MnemonicModel.findByIdAndDelete(mnemonicId).session(
-      session ?? null,
-    );
-  }
-}

package/src/services/request-user.ts DELETED Viewed

@@ -1,62 +0,0 @@
-import { IRequestUserDTO, ITokenRole } from '@digitaldefiance/suite-core-lib';
-import { Types } from 'mongoose';
-import { IUserDocument } from '../documents';
-import { IRequestUserBackendObject } from '../interfaces/backend-objects/request-user';
-import { RoleService } from './role';
-export class RequestUserService<I, TTokenRole extends ITokenRole<I>> {
-  /**
-   * Given a user document and an array of role documents, create the IRequestUser
-   * @param userDoc
-   * @returns
-   */
-  public static makeRequestUserDTO<
-    I,
-    TTokenRole extends ITokenRole<I>,
-    TRequestUserDTO extends IRequestUserDTO,
-  >(userDoc: IUserDocument, roles: TTokenRole[]): TRequestUserDTO {
-    if (!userDoc._id) {
-      throw new Error('User document is missing _id');
-    }
-    return {
-      id: userDoc._id.toString(),
-      email: userDoc.email,
-      roles: roles.map((r) => RoleService.roleToRoleDTO(r)),
-      username: userDoc.username,
-      timezone: userDoc.timezone,
-      ...(userDoc.lastLogin && { lastLogin: userDoc.lastLogin.toString() }),
-      emailVerified: userDoc.emailVerified,
-      siteLanguage: userDoc.siteLanguage as string,
-    } as TRequestUserDTO;
-  }
-  /**
-   * Given a request user, reconstitute dates, objectids, and enums
-   * @param requestUser a RequestUser DTO
-   * @returns An IRequestUserBackendObject
-   */
-  public static hydrateRequestUser<
-    S extends string,
-    TRequestUserDTO extends IRequestUserDTO & { siteLanguage: S },
-  >(requestUser: TRequestUserDTO): IRequestUserBackendObject<S> {
-    const hydratedRoles = requestUser.roles.map((role) =>
-      RoleService.hydrateRoleDTOToBackend(role),
-    );
-    const hydratedUser: IRequestUserBackendObject<S> = {
-      id: new Types.ObjectId(requestUser.id),
-      email: requestUser.email,
-      roles: hydratedRoles,
-      username: requestUser.username,
-      timezone: requestUser.timezone,
-      emailVerified: requestUser.emailVerified,
-      siteLanguage: requestUser.siteLanguage,
-    };
-    if (requestUser.lastLogin) {
-      hydratedUser.lastLogin = new Date(requestUser.lastLogin);
-    }
-    return hydratedUser;
-  }
-}