@digitaldefiance/node-express-suite 3.15.0 → 3.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (48) hide show
  1. package/package.json +1 -1
  2. package/src/__tests__/helpers/application.mock.d.ts.map +1 -1
  3. package/src/__tests__/helpers/application.mock.js +5 -1
  4. package/src/__tests__/helpers/application.mock.js.map +1 -1
  5. package/src/application-base.d.ts +10 -0
  6. package/src/application-base.d.ts.map +1 -1
  7. package/src/application-base.js +13 -0
  8. package/src/application-base.js.map +1 -1
  9. package/src/controllers/base.d.ts +14 -4
  10. package/src/controllers/base.d.ts.map +1 -1
  11. package/src/controllers/base.js +61 -9
  12. package/src/controllers/base.js.map +1 -1
  13. package/src/controllers/openapi.d.ts +1 -1
  14. package/src/controllers/openapi.d.ts.map +1 -1
  15. package/src/controllers/openapi.js.map +1 -1
  16. package/src/controllers/user.d.ts +2 -2
  17. package/src/controllers/user.d.ts.map +1 -1
  18. package/src/controllers/user.js.map +1 -1
  19. package/src/decorators/base-controller.d.ts +4 -3
  20. package/src/decorators/base-controller.d.ts.map +1 -1
  21. package/src/decorators/base-controller.js +1 -0
  22. package/src/decorators/base-controller.js.map +1 -1
  23. package/src/interfaces/application.d.ts +8 -0
  24. package/src/interfaces/application.d.ts.map +1 -1
  25. package/src/interfaces/authentication-provider.d.ts +76 -0
  26. package/src/interfaces/authentication-provider.d.ts.map +1 -0
  27. package/src/interfaces/authentication-provider.js +10 -0
  28. package/src/interfaces/authentication-provider.js.map +1 -0
  29. package/src/interfaces/index.d.ts +1 -0
  30. package/src/interfaces/index.d.ts.map +1 -1
  31. package/src/interfaces/index.js +1 -0
  32. package/src/interfaces/index.js.map +1 -1
  33. package/src/middlewares/authenticate-crypto.d.ts +9 -3
  34. package/src/middlewares/authenticate-crypto.d.ts.map +1 -1
  35. package/src/middlewares/authenticate-crypto.js +62 -50
  36. package/src/middlewares/authenticate-crypto.js.map +1 -1
  37. package/src/middlewares/authenticate-token.d.ts +9 -8
  38. package/src/middlewares/authenticate-token.d.ts.map +1 -1
  39. package/src/middlewares/authenticate-token.js +42 -41
  40. package/src/middlewares/authenticate-token.js.map +1 -1
  41. package/src/services/index.d.ts +1 -0
  42. package/src/services/index.d.ts.map +1 -1
  43. package/src/services/index.js +1 -0
  44. package/src/services/index.js.map +1 -1
  45. package/src/services/mongo-authentication-provider.d.ts +27 -0
  46. package/src/services/mongo-authentication-provider.d.ts.map +1 -0
  47. package/src/services/mongo-authentication-provider.js +84 -0
  48. package/src/services/mongo-authentication-provider.js.map +1 -0
package/src/middlewares/authenticate-token.js CHANGED
@@ -2,6 +2,8 @@
2
2
  /**
3
3
  * @fileoverview JWT token authentication middleware.
4
4
  * Validates bearer tokens, loads user data, and sets up request context.
5
+ * Storage-agnostic — delegates user lookup and role resolution to
6
+ * IAuthenticationProvider on the application.
5
7
  * @module middlewares/authenticate-token
6
8
  */
7
9
  Object.defineProperty(exports, "__esModule", { value: true });
@@ -9,12 +11,7 @@ exports.findAuthToken = findAuthToken;
9
11
  exports.authenticateToken = authenticateToken;
10
12
  const i18n_lib_1 = require("@digitaldefiance/i18n-lib");
11
13
  const suite_core_lib_1 = require("@digitaldefiance/suite-core-lib");
12
- const base_model_name_1 = require("../enumerations/base-model-name");
13
14
  const token_expired_1 = require("../errors/token-expired");
14
- const jwt_1 = require("../services/jwt");
15
- const request_user_1 = require("../services/request-user");
16
- const role_1 = require("../services/role");
17
- const utils_1 = require("../utils");
18
15
  // Helper to create Timezone from the same module instance as GlobalActiveContext
19
16
  function createTimezone(tz) {
20
17
  const context = i18n_lib_1.GlobalActiveContext.getInstance();
@@ -41,12 +38,12 @@ function findAuthToken(headers) {
41
38
  * Express middleware for JWT token authentication.
42
39
  * Validates token, loads user from database, checks account status,
43
40
  * and populates req.user with authenticated user data.
41
+ *
42
+ * Delegates to `application.authProvider` for storage-agnostic user lookup
43
+ * and role resolution. The application must have an authProvider configured.
44
+ *
44
45
  * @template TID - Platform ID type (defaults to Buffer)
45
- * @template D - Date type (defaults to Date)
46
- * @template TTokenRole - Token role interface type
47
- * @template TTokenUser - Token user interface type
48
- * @template TApplication - Application interface type
49
- * @param {TApplication} application - Application instance
46
+ * @param {IApplication<TID>} application - Application instance with authProvider
50
47
  * @param {Request} req - Express request object
51
48
  * @param {Response} res - Express response object
52
49
  * @param {NextFunction} next - Express next function
@@ -54,7 +51,10 @@ function findAuthToken(headers) {
54
51
  * @throws {TokenExpiredError} When token has expired
55
52
  */
56
53
  async function authenticateToken(application, req, res, next) {
57
- const UserModel = application.getModel(base_model_name_1.BaseModelName.User);
54
+ const authProvider = application.authProvider;
55
+ if (!authProvider) {
56
+ return res.status(500).send('Authentication provider not configured');
57
+ }
58
58
  const token = findAuthToken(req.headers);
59
59
  if (token == null) {
60
60
  return res
@@ -62,36 +62,37 @@ async function authenticateToken(application, req, res, next) {
62
62
  .send((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidToken));
63
63
  }
64
64
  try {
65
- return await (0, utils_1.withTransaction)(application.db.connection, application.environment.mongo.useTransactions, undefined, async (sess) => {
66
- const jwtService = new jwt_1.JwtService(application);
67
- const user = await jwtService.verifyToken(token);
68
- if (user === null) {
69
- return res.status(403).send(
70
- // amazonq-ignore-next-line false positive, hardcoded string
71
- (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UserNotFound));
72
- }
73
- const userDoc = await UserModel.findById(user.userId)
74
- .select('-password')
75
- .session(sess ?? null)
76
- .exec();
77
- if (!userDoc || userDoc.accountStatus !== suite_core_lib_1.AccountStatus.Active) {
78
- return res.status(403).send(
79
- // amazonq-ignore-next-line false positive, hardcoded string
80
- (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UserNotFound));
81
- }
82
- const roleService = new role_1.RoleService(application);
83
- const roles = await roleService.getUserRoles(userDoc._id, sess);
84
- const tokenRoles = roleService.rolesToTokenRoles(roles);
85
- req.user = request_user_1.RequestUserService.makeRequestUserDTO(userDoc, tokenRoles);
86
- const context = i18n_lib_1.GlobalActiveContext.getInstance();
87
- context.userLanguage = userDoc.siteLanguage ?? context.userLanguage;
88
- context.setLanguageContextSpace('user');
89
- context.userTimezone = createTimezone(userDoc.timezone);
90
- next();
91
- return res;
92
- }, {
93
- timeoutMs: application.environment.mongo.transactionTimeout,
94
- });
65
+ const user = await authProvider.verifyToken(token);
66
+ if (user === null) {
67
+ return res.status(403).send(
68
+ // amazonq-ignore-next-line false positive, hardcoded string
69
+ (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UserNotFound));
70
+ }
71
+ // Look up the user and check account status
72
+ const authenticatedUser = await authProvider.findUserById(user.userId);
73
+ if (!authenticatedUser ||
74
+ authenticatedUser.accountStatus !== suite_core_lib_1.AccountStatus.Active) {
75
+ return res.status(403).send(
76
+ // amazonq-ignore-next-line false positive, hardcoded string
77
+ (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UserNotFound));
78
+ }
79
+ // Build the full request user DTO with roles
80
+ const requestUserDTO = await authProvider.buildRequestUserDTO(user.userId);
81
+ if (!requestUserDTO) {
82
+ return res.status(403).send(
83
+ // amazonq-ignore-next-line false positive, hardcoded string
84
+ (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UserNotFound));
85
+ }
86
+ req.user = requestUserDTO;
87
+ // Update global context with user's language and timezone
88
+ const context = i18n_lib_1.GlobalActiveContext.getInstance();
89
+ if (authenticatedUser.siteLanguage) {
90
+ context.userLanguage = authenticatedUser.siteLanguage;
91
+ }
92
+ context.setLanguageContextSpace('user');
93
+ context.userTimezone = createTimezone(authenticatedUser.timezone);
94
+ next();
95
+ return res;
95
96
  }
96
97
  catch (err) {
97
98
  if (err instanceof token_expired_1.TokenExpiredError) {
package/src/middlewares/authenticate-token.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authenticate-token.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/middlewares/authenticate-token.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAwCH,sCASC;AAkBD,8CA6FC;AA7JD,wDAAgE;AAEhE,oEAMyC;AAIzC,qEAAgE;AAChE,2DAA4D;AAE5D,yCAA6C;AAC7C,2DAA8D;AAC9D,2CAA+C;AAC/C,oCAA2C;AAM3C,iFAAiF;AACjF,SAAS,cAAc,CAAC,EAAU;IAChC,MAAM,OAAO,GAAG,8BAAmB,CAAC,WAAW,EAAE,CAAC;IAClD,MAAM,mBAAmB,GAAG,OAAO,CAAC,aAAa;SAC9C,WAAkC,CAAC;IACtC,OAAO,IAAI,mBAAmB,CAAC,EAAE,CAAC,CAAC;AACrC,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAC,OAA4B;IACxD,MAAM,UAAU,GAAG,OAAO,CAAC,eAAe,CAAC,IAAI,OAAO,CAAC,eAAe,CAAC,CAAC;IACxE,IAAI,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC9D,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACI,KAAK,UAAU,iBAAiB,CAOrC,WAAyB,EACzB,GAAY,EACZ,GAAa,EACb,IAAkB;IAElB,MAAM,SAAS,GAAG,WAAW,CAAC,QAAQ,CACpC,+BAAa,CAAC,IAAI,CACnB,CAAC;IACF,MAAM,KAAK,GAAG,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACzC,IAAI,KAAK,IAAI,IAAI,EAAE,CAAC;QAClB,OAAO,GAAG;aACP,MAAM,CAAC,GAAG,CAAC;aACX,IAAI,CACH,IAAA,wCAAuB,EAAC,mCAAkB,CAAC,uBAAuB,CAAC,CACpE,CAAC;IACN,CAAC;IAED,IAAI,CAAC;QACH,OAAO,MAAM,IAAA,uBAAe,EAC1B,WAAW,CAAC,EAAE,CAAC,UAAU,EACzB,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,eAAe,EAC7C,SAAS,EACT,KAAK,EAAE,IAA+B,EAAE,EAAE;YACxC,MAAM,UAAU,GAAG,IAAI,gBAAU,CAM/B,WAAW,CAAC,CAAC;YACf,MAAM,IAAI,GAAsB,MAAM,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACpE,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBAClB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI;gBACzB,4DAA4D;gBAC5D,IAAA,wCAAuB,EAAC,mCAAkB,CAAC,uBAAuB,CAAC,CACpE,CAAC;YACJ,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC;iBAClD,MAAM,CAAC,WAAW,CAAC;iBACnB,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC;iBACrB,IAAI,EAAE,CAAC;YACV,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,aAAa,KAAK,8BAAa,CAAC,MAAM,EAAE,CAAC;gBAC/D,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI;gBACzB,4DAA4D;gBAC5D,IAAA,wCAAuB,EAAC,mCAAkB,CAAC,uBAAuB,CAAC,CACpE,CAAC;YACJ,CAAC;YACD,MAAM,WAAW,GAAG,IAAI,kBAAW,CAAqB,WAAW,CAAC,CAAC;YACrE,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,GAAU,EAAE,IAAI,CAAC,CAAC;YACvE,MAAM,UAAU,GAAG,WAAW,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YACxD,GAAG,CAAC,IAAI,GAAG,iCAAkB,CAAC,kBAAkB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;YACtE,MAAM,OAAO,GAAG,8BAAmB,CAAC,WAAW,EAAE,CAAC;YAClD,OAAO,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,OAAO,CAAC,YAAY,CAAC;YACpE,OAAO,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAC;YACxC,OAAO,CAAC,YAAY,GAAG,cAAc,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACxD,IAAI,EAAE,CAAC;YACP,OAAO,GAAG,CAAC;QACb,CAAC,EACD;YACE,SAAS,EAAE,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,kBAAkB;SAC5D,CACF,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,iCAAiB,EAAE,CAAC;YACrC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,IAAA,wCAAuB,EAC9B,mCAAkB,CAAC,uBAAuB,CAC3C;gBACD,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;YACpE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,IAAA,wCAAuB,EAC9B,mCAAkB,CAAC,uBAAuB,CAC3C;gBACD,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,IAAA,wCAAuB,EAC9B,mCAAkB,CAAC,sBAAsB,CAC1C;gBACD,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC"}
1
+ {"version":3,"file":"authenticate-token.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/middlewares/authenticate-token.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AA+BH,sCASC;AAkBD,8CAsFC;AA7ID,wDAAgE;AAChE,oEAIyC;AAGzC,2DAA4D;AAO5D,iFAAiF;AACjF,SAAS,cAAc,CAAC,EAAU;IAChC,MAAM,OAAO,GAAG,8BAAmB,CAAC,WAAW,EAAE,CAAC;IAClD,MAAM,mBAAmB,GAAG,OAAO,CAAC,aAAa;SAC9C,WAAkC,CAAC;IACtC,OAAO,IAAI,mBAAmB,CAAC,EAAE,CAAC,CAAC;AACrC,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAC,OAA4B;IACxD,MAAM,UAAU,GAAG,OAAO,CAAC,eAAe,CAAC,IAAI,OAAO,CAAC,eAAe,CAAC,CAAC;IACxE,IAAI,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC9D,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACI,KAAK,UAAU,iBAAiB,CACrC,WAA8B,EAC9B,GAAY,EACZ,GAAa,EACb,IAAkB;IAElB,MAAM,YAAY,GAAG,WAAW,CAAC,YAAY,CAAC;IAC9C,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,KAAK,GAAG,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACzC,IAAI,KAAK,IAAI,IAAI,EAAE,CAAC;QAClB,OAAO,GAAG;aACP,MAAM,CAAC,GAAG,CAAC;aACX,IAAI,CACH,IAAA,wCAAuB,EAAC,mCAAkB,CAAC,uBAAuB,CAAC,CACpE,CAAC;IACN,CAAC;IAED,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACnD,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YAClB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI;YACzB,4DAA4D;YAC5D,IAAA,wCAAuB,EAAC,mCAAkB,CAAC,uBAAuB,CAAC,CACpE,CAAC;QACJ,CAAC;QAED,4CAA4C;QAC5C,MAAM,iBAAiB,GAAG,MAAM,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvE,IACE,CAAC,iBAAiB;YAClB,iBAAiB,CAAC,aAAa,KAAK,8BAAa,CAAC,MAAM,EACxD,CAAC;YACD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI;YACzB,4DAA4D;YAC5D,IAAA,wCAAuB,EAAC,mCAAkB,CAAC,uBAAuB,CAAC,CACpE,CAAC;QACJ,CAAC;QAED,6CAA6C;QAC7C,MAAM,cAAc,GAAG,MAAM,YAAY,CAAC,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC3E,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI;YACzB,4DAA4D;YAC5D,IAAA,wCAAuB,EAAC,mCAAkB,CAAC,uBAAuB,CAAC,CACpE,CAAC;QACJ,CAAC;QAED,GAAG,CAAC,IAAI,GAAG,cAAc,CAAC;QAE1B,0DAA0D;QAC1D,MAAM,OAAO,GAAG,8BAAmB,CAAC,WAAW,EAAE,CAAC;QAClD,IAAI,iBAAiB,CAAC,YAAY,EAAE,CAAC;YACnC,OAAO,CAAC,YAAY,GAAG,iBAAiB,CAAC,YAAY,CAAC;QACxD,CAAC;QACD,OAAO,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAC;QACxC,OAAO,CAAC,YAAY,GAAG,cAAc,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAElE,IAAI,EAAE,CAAC;QACP,OAAO,GAAG,CAAC;IACb,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,iCAAiB,EAAE,CAAC;YACrC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,IAAA,wCAAuB,EAC9B,mCAAkB,CAAC,uBAAuB,CAC3C;gBACD,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;YACpE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,IAAA,wCAAuB,EAC9B,mCAAkB,CAAC,uBAAuB,CAC3C;gBACD,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,IAAA,wCAAuB,EAC9B,mCAAkB,CAAC,sBAAsB,CAC1C;gBACD,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC"}
package/src/services/index.d.ts CHANGED
@@ -1,6 +1,7 @@
1
1
  export * from './backup-code';
2
2
  export * from './base';
3
3
  export * from './mongo-base';
4
+ export * from './mongo-authentication-provider';
4
5
  export * from './checksum';
5
6
  export * from './database-initialization';
6
7
  export * from './db-init-cache';
package/src/services/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,QAAQ,CAAC;AACvB,cAAc,cAAc,CAAC;AAC7B,cAAc,YAAY,CAAC;AAC3B,cAAc,2BAA2B,CAAC;AAC1C,cAAc,iBAAiB,CAAC;AAChC,cAAc,sBAAsB,CAAC;AACrC,cAAc,uBAAuB,CAAC;AACtC,cAAc,OAAO,CAAC;AACtB,cAAc,qBAAqB,CAAC;AACpC,cAAc,OAAO,CAAC;AACtB,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC;AAC3B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,QAAQ,CAAC;AACvB,cAAc,aAAa,CAAC;AAC5B,cAAc,eAAe,CAAC;AAC9B,cAAc,QAAQ,CAAC;AACvB,cAAc,OAAO,CAAC;AACtB,cAAc,QAAQ,CAAC;AACvB,cAAc,eAAe,CAAC;AAC9B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,2BAA2B,CAAC;AAC1C,cAAc,4BAA4B,CAAC;AAC3C,cAAc,uBAAuB,CAAC;AACtC,cAAc,qBAAqB,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,QAAQ,CAAC;AACvB,cAAc,cAAc,CAAC;AAC7B,cAAc,iCAAiC,CAAC;AAChD,cAAc,YAAY,CAAC;AAC3B,cAAc,2BAA2B,CAAC;AAC1C,cAAc,iBAAiB,CAAC;AAChC,cAAc,sBAAsB,CAAC;AACrC,cAAc,uBAAuB,CAAC;AACtC,cAAc,OAAO,CAAC;AACtB,cAAc,qBAAqB,CAAC;AACpC,cAAc,OAAO,CAAC;AACtB,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC;AAC3B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,QAAQ,CAAC;AACvB,cAAc,aAAa,CAAC;AAC5B,cAAc,eAAe,CAAC;AAC9B,cAAc,QAAQ,CAAC;AACvB,cAAc,OAAO,CAAC;AACtB,cAAc,QAAQ,CAAC;AACvB,cAAc,eAAe,CAAC;AAC9B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,2BAA2B,CAAC;AAC1C,cAAc,4BAA4B,CAAC;AAC3C,cAAc,uBAAuB,CAAC;AACtC,cAAc,qBAAqB,CAAC"}
package/src/services/index.js CHANGED
@@ -4,6 +4,7 @@ const tslib_1 = require("tslib");
4
4
  tslib_1.__exportStar(require("./backup-code"), exports);
5
5
  tslib_1.__exportStar(require("./base"), exports);
6
6
  tslib_1.__exportStar(require("./mongo-base"), exports);
7
+ tslib_1.__exportStar(require("./mongo-authentication-provider"), exports);
7
8
  tslib_1.__exportStar(require("./checksum"), exports);
8
9
  tslib_1.__exportStar(require("./database-initialization"), exports);
9
10
  tslib_1.__exportStar(require("./db-init-cache"), exports);
package/src/services/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/index.ts"],"names":[],"mappings":";;;AAAA,wDAA8B;AAC9B,iDAAuB;AACvB,uDAA6B;AAC7B,qDAA2B;AAC3B,oEAA0C;AAC1C,0DAAgC;AAChC,+DAAqC;AACrC,gEAAsC;AACtC,gDAAsB;AACtB,8DAAoC;AACpC,gDAAsB;AACtB,yDAA+B;AAC/B,qDAA2B;AAC3B,yDAA+B;AAC/B,iDAAuB;AACvB,sDAA4B;AAC5B,wDAA8B;AAC9B,iDAAuB;AACvB,gDAAsB;AACtB,iDAAuB;AACvB,wDAA8B;AAC9B,yDAA+B;AAC/B,oEAA0C;AAC1C,qEAA2C;AAC3C,gEAAsC;AACtC,8DAAoC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/index.ts"],"names":[],"mappings":";;;AAAA,wDAA8B;AAC9B,iDAAuB;AACvB,uDAA6B;AAC7B,0EAAgD;AAChD,qDAA2B;AAC3B,oEAA0C;AAC1C,0DAAgC;AAChC,+DAAqC;AACrC,gEAAsC;AACtC,gDAAsB;AACtB,8DAAoC;AACpC,gDAAsB;AACtB,yDAA+B;AAC/B,qDAA2B;AAC3B,yDAA+B;AAC/B,iDAAuB;AACvB,sDAA4B;AAC5B,wDAA8B;AAC9B,iDAAuB;AACvB,gDAAsB;AACtB,iDAAuB;AACvB,wDAA8B;AAC9B,yDAA+B;AAC/B,oEAA0C;AAC1C,qEAA2C;AAC3C,gEAAsC;AACtC,8DAAoC"}
package/src/services/mongo-authentication-provider.d.ts ADDED
@@ -0,0 +1,27 @@
1
+ /**
2
+ * @fileoverview Mongoose-backed implementation of IAuthenticationProvider.
3
+ * Delegates user lookup, role resolution, and credential verification
4
+ * to the existing Mongoose models and services.
5
+ * @module services/mongo-authentication-provider
6
+ */
7
+ import type { SecureString } from '@digitaldefiance/ecies-lib';
8
+ import type { PlatformID } from '@digitaldefiance/node-ecies-lib';
9
+ import { ITokenUser } from '@digitaldefiance/suite-core-lib';
10
+ import type { IAuthenticatedUser, IAuthenticationProvider, ICryptoAuthResult } from '../interfaces/authentication-provider';
11
+ import type { IMongoApplication } from '../interfaces/mongo-application';
12
+ import type { IRequestUserDTO } from '@digitaldefiance/suite-core-lib';
13
+ /**
14
+ * Mongoose-backed authentication provider.
15
+ * Uses ModelRegistry, JwtService, RoleService, and UserService
16
+ * to implement the storage-agnostic IAuthenticationProvider interface.
17
+ */
18
+ export declare class MongoAuthenticationProvider<TID extends PlatformID = Buffer, TLanguage extends string = string> implements IAuthenticationProvider<TID, TLanguage> {
19
+ private readonly application;
20
+ constructor(application: IMongoApplication<TID>);
21
+ findUserById(userId: string): Promise<IAuthenticatedUser<TLanguage> | null>;
22
+ buildRequestUserDTO(userId: string): Promise<IRequestUserDTO | null>;
23
+ verifyToken<TTokenUser extends ITokenUser = ITokenUser>(token: string): Promise<TTokenUser | null>;
24
+ authenticateWithMnemonic(email: string, mnemonic: SecureString): Promise<ICryptoAuthResult<TID>>;
25
+ authenticateWithPassword(email: string, password: string): Promise<ICryptoAuthResult<TID>>;
26
+ }
27
+ //# sourceMappingURL=mongo-authentication-provider.d.ts.map
package/src/services/mongo-authentication-provider.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"mongo-authentication-provider.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/mongo-authentication-provider.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAE/D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAiB,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAG5E,OAAO,KAAK,EACV,kBAAkB,EAClB,uBAAuB,EACvB,iBAAiB,EAClB,MAAM,uCAAuC,CAAC;AAC/C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AAMzE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAGvE;;;;GAIG;AACH,qBAAa,2BAA2B,CACtC,GAAG,SAAS,UAAU,GAAG,MAAM,EAC/B,SAAS,SAAS,MAAM,GAAG,MAAM,CACjC,YAAW,uBAAuB,CAAC,GAAG,EAAE,SAAS,CAAC;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW;gBAAX,WAAW,EAAE,iBAAiB,CAAC,GAAG,CAAC;IAE1D,YAAY,CAChB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,kBAAkB,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;IAmB1C,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC;IA4BpE,WAAW,CAAC,UAAU,SAAS,UAAU,GAAG,UAAU,EAC1D,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAKvB,wBAAwB,CAC5B,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,YAAY,GACrB,OAAO,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;IA4B5B,wBAAwB,CAC5B,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;CA2BnC"}
package/src/services/mongo-authentication-provider.js ADDED
@@ -0,0 +1,84 @@
1
+ "use strict";
2
+ /**
3
+ * @fileoverview Mongoose-backed implementation of IAuthenticationProvider.
4
+ * Delegates user lookup, role resolution, and credential verification
5
+ * to the existing Mongoose models and services.
6
+ * @module services/mongo-authentication-provider
7
+ */
8
+ Object.defineProperty(exports, "__esModule", { value: true });
9
+ exports.MongoAuthenticationProvider = void 0;
10
+ const suite_core_lib_1 = require("@digitaldefiance/suite-core-lib");
11
+ const base_model_name_1 = require("../enumerations/base-model-name");
12
+ const model_registry_1 = require("../model-registry");
13
+ const jwt_1 = require("./jwt");
14
+ const request_user_1 = require("./request-user");
15
+ const role_1 = require("./role");
16
+ const utils_1 = require("../utils");
17
+ const container_1 = require("../container");
18
+ /**
19
+ * Mongoose-backed authentication provider.
20
+ * Uses ModelRegistry, JwtService, RoleService, and UserService
21
+ * to implement the storage-agnostic IAuthenticationProvider interface.
22
+ */
23
+ class MongoAuthenticationProvider {
24
+ application;
25
+ constructor(application) {
26
+ this.application = application;
27
+ }
28
+ async findUserById(userId) {
29
+ const UserModel = model_registry_1.ModelRegistry.instance.getTypedModel(base_model_name_1.BaseModelName.User);
30
+ const userDoc = await UserModel.findById(userId).select('-password').exec();
31
+ if (!userDoc)
32
+ return null;
33
+ return {
34
+ id: String(userDoc._id),
35
+ accountStatus: userDoc.accountStatus,
36
+ email: userDoc.email,
37
+ siteLanguage: userDoc.siteLanguage,
38
+ timezone: userDoc.timezone,
39
+ lastLogin: userDoc.lastLogin?.toString(),
40
+ };
41
+ }
42
+ async buildRequestUserDTO(userId) {
43
+ const UserModel = model_registry_1.ModelRegistry.instance.getTypedModel(base_model_name_1.BaseModelName.User);
44
+ return await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
45
+ const userDoc = await UserModel.findById(userId)
46
+ .select('-password')
47
+ .session(sess ?? null)
48
+ .exec();
49
+ if (!userDoc || userDoc.accountStatus !== suite_core_lib_1.AccountStatus.Active) {
50
+ return null;
51
+ }
52
+ const roleService = new role_1.RoleService(this.application);
53
+ const roles = await roleService.getUserRoles(userDoc._id, sess);
54
+ const tokenRoles = roleService.rolesToTokenRoles(roles);
55
+ return request_user_1.RequestUserService.makeRequestUserDTO(userDoc, tokenRoles);
56
+ }, { timeoutMs: this.application.environment.mongo.transactionTimeout });
57
+ }
58
+ async verifyToken(token) {
59
+ const jwtService = new jwt_1.JwtService(this.application);
60
+ return (await jwtService.verifyToken(token));
61
+ }
62
+ async authenticateWithMnemonic(email, mnemonic) {
63
+ const userService = this.application.services.get(container_1.ServiceKeys.USER);
64
+ const result = await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
65
+ return await userService.loginWithMnemonic(email, mnemonic, sess);
66
+ }, { timeoutMs: this.application.environment.mongo.transactionTimeout });
67
+ return {
68
+ userId: String(result.userDoc._id),
69
+ userMember: result.userMember,
70
+ };
71
+ }
72
+ async authenticateWithPassword(email, password) {
73
+ const userService = this.application.services.get(container_1.ServiceKeys.USER);
74
+ const result = await (0, utils_1.withTransaction)(this.application.db.connection, this.application.environment.mongo.useTransactions, undefined, async (sess) => {
75
+ return await userService.loginWithPassword(email, password, sess);
76
+ }, { timeoutMs: this.application.environment.mongo.transactionTimeout });
77
+ return {
78
+ userId: String(result.userDoc._id),
79
+ userMember: result.userMember,
80
+ };
81
+ }
82
+ }
83
+ exports.MongoAuthenticationProvider = MongoAuthenticationProvider;
84
+ //# sourceMappingURL=mongo-authentication-provider.js.map
package/src/services/mongo-authentication-provider.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"mongo-authentication-provider.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/services/mongo-authentication-provider.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAKH,oEAA4E;AAE5E,qEAAgE;AAOhE,sDAAkD;AAClD,+BAAmC;AACnC,iDAAoD;AACpD,iCAAqC;AACrC,oCAA2C;AAE3C,4CAA2C;AAE3C;;;;GAIG;AACH,MAAa,2BAA2B;IAIT;IAA7B,YAA6B,WAAmC;QAAnC,gBAAW,GAAX,WAAW,CAAwB;IAAG,CAAC;IAEpE,KAAK,CAAC,YAAY,CAChB,MAAc;QAEd,MAAM,SAAS,GAAG,8BAAa,CAAC,QAAQ,CAAC,aAAa,CAEpD,+BAAa,CAAC,IAAI,CAAC,CAAC;QAEtB,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,EAAE,CAAC;QAE5E,IAAI,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC;QAE1B,OAAO;YACL,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;YACvB,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,QAAQ,EAAE;SACzC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,MAAc;QACtC,MAAM,SAAS,GAAG,8BAAa,CAAC,QAAQ,CAAC,aAAa,CAEpD,+BAAa,CAAC,IAAI,CAAC,CAAC;QAEtB,OAAO,MAAM,IAAA,uBAAe,EAC1B,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,UAAU,EAC9B,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,eAAe,EAClD,SAAS,EACT,KAAK,EAAE,IAA+B,EAAE,EAAE;YACxC,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;iBAC7C,MAAM,CAAC,WAAW,CAAC;iBACnB,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC;iBACrB,IAAI,EAAE,CAAC;YAEV,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,aAAa,KAAK,8BAAa,CAAC,MAAM,EAAE,CAAC;gBAC/D,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,WAAW,GAAG,IAAI,kBAAW,CAAM,IAAI,CAAC,WAAW,CAAC,CAAC;YAC3D,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,GAAU,EAAE,IAAI,CAAC,CAAC;YACvE,MAAM,UAAU,GAAG,WAAW,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YACxD,OAAO,iCAAkB,CAAC,kBAAkB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QACpE,CAAC,EACD,EAAE,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,kBAAkB,EAAE,CACrE,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,WAAW,CACf,KAAa;QAEb,MAAM,UAAU,GAAG,IAAI,gBAAU,CAAM,IAAI,CAAC,WAAW,CAAC,CAAC;QACzD,OAAO,CAAC,MAAM,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAsB,CAAC;IACpE,CAAC;IAED,KAAK,CAAC,wBAAwB,CAC5B,KAAa,EACb,QAAsB;QAEtB,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,uBAAW,CAAC,IAAI,CASjE,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAA,uBAAe,EAClC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,UAAU,EAC9B,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,eAAe,EAClD,SAAS,EACT,KAAK,EAAE,IAA+B,EAAE,EAAE;YACxC,OAAO,MAAM,WAAW,CAAC,iBAAiB,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QACpE,CAAC,EACD,EAAE,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,kBAAkB,EAAE,CACrE,CAAC;QAEF,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;YAClC,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,wBAAwB,CAC5B,KAAa,EACb,QAAgB;QAEhB,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,uBAAW,CAAC,IAAI,CASjE,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAA,uBAAe,EAClC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,UAAU,EAC9B,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,eAAe,EAClD,SAAS,EACT,KAAK,EAAE,IAA+B,EAAE,EAAE;YACxC,OAAO,MAAM,WAAW,CAAC,iBAAiB,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QACpE,CAAC,EACD,EAAE,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,kBAAkB,EAAE,CACrE,CAAC;QAEF,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;YAClC,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC;IACJ,CAAC;CACF;AA3HD,kEA2HC"}