npm - @digitaldefiance/node-express-suite - Versions diffs - 3.6.7 → 3.6.9 - Mend

@digitaldefiance/node-express-suite 3.6.7 → 3.6.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (859) hide show

package/LICENSE +21 -0
package/package.json +14 -10
package/src/__tests__/fixtures/index.ts +1 -0
package/src/__tests__/fixtures/model-mocks.mock.ts +122 -0
package/src/__tests__/helpers/application.mock.ts +90 -0
package/src/__tests__/helpers/{index.d.ts → index.ts} +1 -2
package/src/__tests__/helpers/setup-test-env.ts +163 -0
package/src/__tests__/index.ts +2 -0
package/src/application-base.ts +520 -0
package/src/application-concrete.ts +32 -0
package/src/application.ts +321 -0
package/src/backup-code.ts +348 -0
package/src/builders/application-builder.ts +94 -0
package/src/builders/{index.d.ts → index.ts} +0 -1
package/src/constants.ts +83 -0
package/src/container/{index.d.ts → index.ts} +0 -1
package/src/container/service-container.ts +39 -0
package/src/container/service-definitions.ts +11 -0
package/src/controllers/base.ts +496 -0
package/src/controllers/{index.d.ts → index.ts} +0 -1
package/src/controllers/user.ts +1687 -0
package/src/database/{database-initializer.d.ts → database-initializer.ts} +3 -3
package/src/database/{index.d.ts → index.ts} +0 -1
package/src/decorators/base-controller.ts +77 -0
package/src/decorators/controller.ts +140 -0
package/src/decorators/{index.d.ts → index.ts} +0 -1
package/src/decorators/zod-validation.ts +57 -0
package/src/defaults.ts +249 -0
package/src/documents/base.ts +10 -0
package/src/documents/{email-token.d.ts → email-token.ts} +9 -3
package/src/documents/{index.d.ts → index.ts} +0 -1
package/src/documents/{mnemonic.d.ts → mnemonic.ts} +5 -2
package/src/documents/{role.d.ts → role.ts} +5 -2
package/src/documents/{used-direct-login-token.d.ts → used-direct-login-token.ts} +5 -2
package/src/documents/{user-role.d.ts → user-role.ts} +5 -2
package/src/documents/{user.d.ts → user.ts} +5 -2
package/src/enumerations/base-model-name.ts +41 -0
package/src/enumerations/{index.d.ts → index.ts} +0 -1
package/src/enumerations/length-encoding-type.ts +6 -0
package/src/enumerations/schema-collection.ts +33 -0
package/src/enumerations/symmetric-error-type.ts +4 -0
package/src/environment.ts +836 -0
package/src/errors/express-validation.ts +21 -0
package/src/errors/{index.d.ts → index.ts} +0 -1
package/src/errors/invalid-backup-code-version.ts +15 -0
package/src/errors/invalid-jwt-token.ts +11 -0
package/src/errors/invalid-model.ts +11 -0
package/src/errors/invalid-new-password.ts +18 -0
package/src/errors/invalid-password.ts +13 -0
package/src/errors/missing-validated-data.ts +36 -0
package/src/errors/mnemonic-or-password-required.ts +13 -0
package/src/errors/model-not-registered.ts +11 -0
package/src/errors/mongoose-validation.ts +36 -0
package/src/errors/symmetric.ts +38 -0
package/src/errors/token-expired.ts +11 -0
package/src/get-language.ts +53 -0
package/src/get-timezone.ts +61 -0
package/src/{index.d.ts → index.ts} +3 -2
package/src/interfaces/{api-error-response.d.ts → api-error-response.ts} +2 -2
package/src/interfaces/api-express-validation-error-response.ts +8 -0
package/src/interfaces/api-message-response.ts +3 -0
package/src/interfaces/{api-mongo-validation-error-response.d.ts → api-mongo-validation-error-response.ts} +2 -2
package/src/interfaces/api-responses/{backup-codes-response.d.ts → backup-codes-response.ts} +2 -2
package/src/interfaces/api-responses/{challenge-response.d.ts → challenge-response.ts} +3 -3
package/src/interfaces/api-responses/{code-count-response.d.ts → code-count-response.ts} +2 -2
package/src/interfaces/api-responses/{index.d.ts → index.ts} +1 -2
package/src/interfaces/api-responses/{login-response.d.ts → login-response.ts} +4 -4
package/src/interfaces/api-responses/{mnemonic-response.d.ts → mnemonic-response.ts} +2 -2
package/src/interfaces/api-responses/{registration-response.d.ts → registration-response.ts} +3 -3
package/src/interfaces/api-responses/{request-user-response.d.ts → request-user-response.ts} +2 -2
package/src/interfaces/api-responses/user-settings-response.ts +12 -0
package/src/interfaces/application.ts +16 -0
package/src/interfaces/backend-objects/email-token.ts +11 -0
package/src/interfaces/backend-objects/{index.d.ts → index.ts} +0 -1
package/src/interfaces/backend-objects/request-user.ts +8 -0
package/src/interfaces/backend-objects/{role.d.ts → role.ts} +1 -1
package/src/interfaces/backend-objects/user.ts +7 -0
package/src/interfaces/checksum-config.ts +4 -0
package/src/interfaces/checksum-consts.ts +13 -0
package/src/interfaces/constants.ts +103 -0
package/src/interfaces/controller-config.ts +27 -0
package/src/interfaces/create-user-basics.ts +17 -0
package/src/interfaces/csp-config.ts +16 -0
package/src/interfaces/csp-definition.ts +53 -0
package/src/interfaces/{db-init-result.d.ts → db-init-result.ts} +3 -3
package/src/interfaces/deep-partial.ts +3 -0
package/src/interfaces/{discriminator-collections.d.ts → discriminator-collections.ts} +3 -3
package/src/interfaces/email-service.ts +8 -0
package/src/interfaces/environment-mongo.ts +76 -0
package/src/interfaces/environment.ts +185 -0
package/src/interfaces/failable-result.ts +6 -0
package/src/interfaces/fec-consts.ts +4 -0
package/src/interfaces/flexible-csp.ts +18 -0
package/src/interfaces/handleable-error-options.ts +6 -0
package/src/interfaces/{index.d.ts → index.ts} +0 -1
package/src/interfaces/jwt-consts.ts +23 -0
package/src/interfaces/jwt-sign-response.ts +19 -0
package/src/interfaces/models/{email-token.d.ts → email-token.ts} +1 -1
package/src/interfaces/models/{index.d.ts → index.ts} +0 -1
package/src/interfaces/models/{mnemonic.d.ts → mnemonic.ts} +1 -1
package/src/interfaces/models/{role.d.ts → role.ts} +1 -1
package/src/interfaces/models/{token-role.d.ts → token-role.ts} +1 -1
package/src/interfaces/models/{used-direct-login-token.d.ts → used-direct-login-token.ts} +3 -2
package/src/interfaces/models/{user-role.d.ts → user-role.ts} +1 -1
package/src/interfaces/models/{user.d.ts → user.ts} +11 -3
package/src/interfaces/mongo-errors.ts +5 -0
package/src/interfaces/request-user.ts +66 -0
package/src/interfaces/required-string-keys.ts +26 -0
package/src/interfaces/schema.ts +31 -0
package/src/interfaces/server-init-result.ts +38 -0
package/src/interfaces/status-code-response.ts +7 -0
package/src/interfaces/symmetric-encryption-results.d.ts +3 -3
package/src/interfaces/symmetric-encryption-results.d.ts.map +1 -1
package/src/interfaces/symmetric-encryption-results.js.map +1 -1
package/src/interfaces/symmetric-encryption-results.ts +4 -0
package/src/interfaces/{test-environment.d.ts → test-environment.ts} +6 -6
package/src/interfaces/{token-response.d.ts → token-response.ts} +2 -2
package/src/middlewares/authenticate-crypto.ts +216 -0
package/src/middlewares/authenticate-token.ts +150 -0
package/src/middlewares/cleanup-crypto.ts +37 -0
package/src/middlewares/{index.d.ts → index.ts} +0 -1
package/src/middlewares/set-global-context-language.ts +24 -0
package/src/middlewares.ts +105 -0
package/src/model-registry.ts +75 -0
package/src/models/email-token.d.ts +11 -35
package/src/models/email-token.ts +16 -0
package/src/models/{index.d.ts → index.ts} +0 -1
package/src/models/mnemonic.d.ts +11 -35
package/src/models/mnemonic.ts +16 -0
package/src/models/role.d.ts +11 -35
package/src/models/role.ts +16 -0
package/src/models/used-direct-login-token.d.ts +11 -35
package/src/models/used-direct-login-token.ts +16 -0
package/src/models/user-role.d.ts +10 -3
package/src/models/user-role.ts +14 -0
package/src/models/user.d.ts +16 -3
package/src/models/user.ts +16 -0
package/src/pipeline/{index.d.ts → index.ts} +0 -1
package/src/pipeline/pipeline-builder.ts +18 -0
package/src/plugins/{index.d.ts → index.ts} +0 -1
package/src/plugins/plugin-interface.ts +8 -0
package/src/plugins/plugin-manager.ts +40 -0
package/src/registry/email-service-registry.ts +53 -0
package/src/registry/{index.d.ts → index.ts} +0 -1
package/src/responses/{index.d.ts → index.ts} +0 -1
package/src/responses/response-builder.ts +86 -0
package/src/routers/api.ts +168 -0
package/src/routers/app.ts +340 -0
package/src/routers/base.ts +17 -0
package/src/routers/{index.d.ts → index.ts} +0 -1
package/src/routers/router-config.ts +16 -0
package/src/routing/index.ts +1 -0
package/src/routing/route-builder.ts +126 -0
package/src/schemas/email-token.d.ts +13 -47
package/src/schemas/email-token.ts +97 -0
package/src/schemas/{index.d.ts → index.ts} +0 -1
package/src/schemas/mnemonic.d.ts +10 -26
package/src/schemas/mnemonic.ts +39 -0
package/src/schemas/role.d.ts +13 -40
package/src/schemas/role.ts +132 -0
package/src/schemas/schema.ts +150 -0
package/src/schemas/used-direct-login-token.d.ts +12 -35
package/src/schemas/used-direct-login-token.ts +44 -0
package/src/schemas/user-role.d.ts +12 -37
package/src/schemas/user-role.ts +81 -0
package/src/schemas/user.d.ts +18 -23
package/src/schemas/user.ts +224 -0
package/src/services/backup-code.ts +321 -0
package/src/services/base.ts +35 -0
package/src/services/checksum.ts +167 -0
package/src/services/crc.ts +213 -0
package/src/services/database-initialization.ts +1564 -0
package/src/services/{db-init-cache.d.ts → db-init-cache.ts} +11 -5
package/src/services/direct-login-token.ts +62 -0
package/src/services/dummy-email-service.ts +20 -0
package/src/services/fec-usage-example.ts +102 -0
package/src/services/fec.ts +355 -0
package/src/services/{index.d.ts → index.ts} +0 -1
package/src/services/jwt.ts +133 -0
package/src/services/key-wrapping.ts +449 -0
package/src/services/mnemonic.ts +166 -0
package/src/services/request-user.ts +99 -0
package/src/services/role.ts +410 -0
package/src/services/symmetric.ts +139 -0
package/src/services/system-user.ts +79 -0
package/src/services/user.ts +2279 -0
package/src/services/xor.ts +34 -0
package/src/testing.ts +3 -0
package/src/transactions/{index.d.ts → index.ts} +0 -1
package/src/transactions/transaction-manager.ts +37 -0
package/src/types/{app-config.d.ts → app-config.ts} +10 -9
package/src/types/{controller-config.d.ts → controller-config.ts} +8 -7
package/src/types/{environment-variables.d.ts → environment-variables.ts} +26 -5
package/src/types/id-converters.ts +53 -0
package/src/types/{index.d.ts → index.ts} +0 -1
package/src/types/{mongoose-helpers.d.ts → mongoose-helpers.ts} +2 -2
package/src/types/mongoose-override.d.ts +1 -0
package/src/types/mongoose.d.ts +1 -0
package/src/types.d.ts +40 -68
package/src/types.ts +130 -0
package/src/utils.ts +1081 -0
package/src/validation/{index.d.ts → index.ts} +0 -1
package/src/validation/validation-builder.ts +94 -0
package/src/__tests__/fixtures/index.d.ts +0 -2
package/src/__tests__/fixtures/index.d.ts.map +0 -1
package/src/__tests__/fixtures/index.js +0 -5
package/src/__tests__/fixtures/index.js.map +0 -1
package/src/__tests__/fixtures/model-mocks.mock.d.ts +0 -6
package/src/__tests__/fixtures/model-mocks.mock.d.ts.map +0 -1
package/src/__tests__/fixtures/model-mocks.mock.js +0 -94
package/src/__tests__/fixtures/model-mocks.mock.js.map +0 -1
package/src/__tests__/helpers/application.mock.d.ts +0 -8
package/src/__tests__/helpers/application.mock.d.ts.map +0 -1
package/src/__tests__/helpers/application.mock.js +0 -77
package/src/__tests__/helpers/application.mock.js.map +0 -1
package/src/__tests__/helpers/index.d.ts.map +0 -1
package/src/__tests__/helpers/index.js +0 -7
package/src/__tests__/helpers/index.js.map +0 -1
package/src/__tests__/helpers/setup-test-env.d.ts +0 -12
package/src/__tests__/helpers/setup-test-env.d.ts.map +0 -1
package/src/__tests__/helpers/setup-test-env.js +0 -119
package/src/__tests__/helpers/setup-test-env.js.map +0 -1
package/src/__tests__/index.d.ts +0 -3
package/src/__tests__/index.d.ts.map +0 -1
package/src/__tests__/index.js +0 -6
package/src/__tests__/index.js.map +0 -1
package/src/application-base.d.ts +0 -122
package/src/application-base.d.ts.map +0 -1
package/src/application-base.js +0 -355
package/src/application-base.js.map +0 -1
package/src/application-concrete.d.ts +0 -12
package/src/application-concrete.d.ts.map +0 -1
package/src/application-concrete.js +0 -21
package/src/application-concrete.js.map +0 -1
package/src/application.d.ts +0 -28
package/src/application.d.ts.map +0 -1
package/src/application.js +0 -167
package/src/application.js.map +0 -1
package/src/backup-code.d.ts +0 -68
package/src/backup-code.d.ts.map +0 -1
package/src/backup-code.js +0 -238
package/src/backup-code.js.map +0 -1
package/src/builders/application-builder.d.ts +0 -34
package/src/builders/application-builder.d.ts.map +0 -1
package/src/builders/application-builder.js +0 -64
package/src/builders/application-builder.js.map +0 -1
package/src/builders/index.d.ts.map +0 -1
package/src/builders/index.js +0 -5
package/src/builders/index.js.map +0 -1
package/src/constants.d.ts +0 -16
package/src/constants.d.ts.map +0 -1
package/src/constants.js +0 -58
package/src/constants.js.map +0 -1
package/src/container/index.d.ts.map +0 -1
package/src/container/index.js +0 -6
package/src/container/index.js.map +0 -1
package/src/container/service-container.d.ts +0 -11
package/src/container/service-container.d.ts.map +0 -1
package/src/container/service-container.js +0 -38
package/src/container/service-container.js.map +0 -1
package/src/container/service-definitions.d.ts +0 -11
package/src/container/service-definitions.d.ts.map +0 -1
package/src/container/service-definitions.js +0 -13
package/src/container/service-definitions.js.map +0 -1
package/src/controllers/base.d.ts +0 -66
package/src/controllers/base.d.ts.map +0 -1
package/src/controllers/base.js +0 -305
package/src/controllers/base.js.map +0 -1
package/src/controllers/index.d.ts.map +0 -1
package/src/controllers/index.js +0 -6
package/src/controllers/index.js.map +0 -1
package/src/controllers/user.d.ts +0 -46
package/src/controllers/user.d.ts.map +0 -1
package/src/controllers/user.js +0 -918
package/src/controllers/user.js.map +0 -1
package/src/database/database-initializer.d.ts.map +0 -1
package/src/database/database-initializer.js +0 -3
package/src/database/database-initializer.js.map +0 -1
package/src/database/index.d.ts.map +0 -1
package/src/database/index.js +0 -5
package/src/database/index.js.map +0 -1
package/src/decorators/base-controller.d.ts +0 -10
package/src/decorators/base-controller.d.ts.map +0 -1
package/src/decorators/base-controller.js +0 -60
package/src/decorators/base-controller.js.map +0 -1
package/src/decorators/controller.d.ts +0 -38
package/src/decorators/controller.d.ts.map +0 -1
package/src/decorators/controller.js +0 -67
package/src/decorators/controller.js.map +0 -1
package/src/decorators/index.d.ts.map +0 -1
package/src/decorators/index.js +0 -7
package/src/decorators/index.js.map +0 -1
package/src/decorators/zod-validation.d.ts +0 -5
package/src/decorators/zod-validation.d.ts.map +0 -1
package/src/decorators/zod-validation.js +0 -47
package/src/decorators/zod-validation.js.map +0 -1
package/src/defaults.d.ts +0 -7
package/src/defaults.d.ts.map +0 -1
package/src/defaults.js +0 -202
package/src/defaults.js.map +0 -1
package/src/documents/base.d.ts +0 -4
package/src/documents/base.d.ts.map +0 -1
package/src/documents/base.js +0 -3
package/src/documents/base.js.map +0 -1
package/src/documents/email-token.d.ts.map +0 -1
package/src/documents/email-token.js +0 -3
package/src/documents/email-token.js.map +0 -1
package/src/documents/index.d.ts.map +0 -1
package/src/documents/index.js +0 -3
package/src/documents/index.js.map +0 -1
package/src/documents/mnemonic.d.ts.map +0 -1
package/src/documents/mnemonic.js +0 -3
package/src/documents/mnemonic.js.map +0 -1
package/src/documents/role.d.ts.map +0 -1
package/src/documents/role.js +0 -3
package/src/documents/role.js.map +0 -1
package/src/documents/used-direct-login-token.d.ts.map +0 -1
package/src/documents/used-direct-login-token.js +0 -3
package/src/documents/used-direct-login-token.js.map +0 -1
package/src/documents/user-role.d.ts.map +0 -1
package/src/documents/user-role.js +0 -3
package/src/documents/user-role.js.map +0 -1
package/src/documents/user.d.ts.map +0 -1
package/src/documents/user.js +0 -3
package/src/documents/user.js.map +0 -1
package/src/enumerations/base-model-name.d.ts +0 -38
package/src/enumerations/base-model-name.d.ts.map +0 -1
package/src/enumerations/base-model-name.js +0 -34
package/src/enumerations/base-model-name.js.map +0 -1
package/src/enumerations/index.d.ts.map +0 -1
package/src/enumerations/index.js +0 -8
package/src/enumerations/index.js.map +0 -1
package/src/enumerations/length-encoding-type.d.ts +0 -7
package/src/enumerations/length-encoding-type.d.ts.map +0 -1
package/src/enumerations/length-encoding-type.js +0 -11
package/src/enumerations/length-encoding-type.js.map +0 -1
package/src/enumerations/schema-collection.d.ts +0 -34
package/src/enumerations/schema-collection.d.ts.map +0 -1
package/src/enumerations/schema-collection.js +0 -38
package/src/enumerations/schema-collection.js.map +0 -1
package/src/enumerations/symmetric-error-type.d.ts +0 -5
package/src/enumerations/symmetric-error-type.d.ts.map +0 -1
package/src/enumerations/symmetric-error-type.js +0 -9
package/src/enumerations/symmetric-error-type.js.map +0 -1
package/src/environment.d.ts +0 -190
package/src/environment.d.ts.map +0 -1
package/src/environment.js +0 -646
package/src/environment.js.map +0 -1
package/src/errors/express-validation.d.ts +0 -9
package/src/errors/express-validation.d.ts.map +0 -1
package/src/errors/express-validation.js +0 -18
package/src/errors/express-validation.js.map +0 -1
package/src/errors/index.d.ts.map +0 -1
package/src/errors/index.js +0 -16
package/src/errors/index.js.map +0 -1
package/src/errors/invalid-backup-code-version.d.ts +0 -6
package/src/errors/invalid-backup-code-version.d.ts.map +0 -1
package/src/errors/invalid-backup-code-version.js +0 -16
package/src/errors/invalid-backup-code-version.js.map +0 -1
package/src/errors/invalid-jwt-token.d.ts +0 -5
package/src/errors/invalid-jwt-token.d.ts.map +0 -1
package/src/errors/invalid-jwt-token.js +0 -12
package/src/errors/invalid-jwt-token.js.map +0 -1
package/src/errors/invalid-model.d.ts +0 -6
package/src/errors/invalid-model.d.ts.map +0 -1
package/src/errors/invalid-model.js +0 -14
package/src/errors/invalid-model.js.map +0 -1
package/src/errors/invalid-new-password.d.ts +0 -5
package/src/errors/invalid-new-password.d.ts.map +0 -1
package/src/errors/invalid-new-password.js +0 -14
package/src/errors/invalid-new-password.js.map +0 -1
package/src/errors/invalid-password.d.ts +0 -5
package/src/errors/invalid-password.d.ts.map +0 -1
package/src/errors/invalid-password.js +0 -14
package/src/errors/invalid-password.js.map +0 -1
package/src/errors/missing-validated-data.d.ts +0 -7
package/src/errors/missing-validated-data.d.ts.map +0 -1
package/src/errors/missing-validated-data.js +0 -36
package/src/errors/missing-validated-data.js.map +0 -1
package/src/errors/mnemonic-or-password-required.d.ts +0 -5
package/src/errors/mnemonic-or-password-required.d.ts.map +0 -1
package/src/errors/mnemonic-or-password-required.js +0 -14
package/src/errors/mnemonic-or-password-required.js.map +0 -1
package/src/errors/model-not-registered.d.ts +0 -6
package/src/errors/model-not-registered.d.ts.map +0 -1
package/src/errors/model-not-registered.js +0 -14
package/src/errors/model-not-registered.js.map +0 -1
package/src/errors/mongoose-validation.d.ts +0 -12
package/src/errors/mongoose-validation.d.ts.map +0 -1
package/src/errors/mongoose-validation.js +0 -17
package/src/errors/mongoose-validation.js.map +0 -1
package/src/errors/symmetric.d.ts +0 -8
package/src/errors/symmetric.d.ts.map +0 -1
package/src/errors/symmetric.js +0 -22
package/src/errors/symmetric.js.map +0 -1
package/src/errors/token-expired.d.ts +0 -5
package/src/errors/token-expired.d.ts.map +0 -1
package/src/errors/token-expired.js +0 -12
package/src/errors/token-expired.js.map +0 -1
package/src/get-language.d.ts +0 -2
package/src/get-language.d.ts.map +0 -1
package/src/get-language.js +0 -30
package/src/get-language.js.map +0 -1
package/src/get-timezone.d.ts +0 -2
package/src/get-timezone.d.ts.map +0 -1
package/src/get-timezone.js +0 -39
package/src/get-timezone.js.map +0 -1
package/src/index.d.ts.map +0 -1
package/src/index.js +0 -43
package/src/index.js.map +0 -1
package/src/interfaces/api-error-response.d.ts.map +0 -1
package/src/interfaces/api-error-response.js +0 -3
package/src/interfaces/api-error-response.js.map +0 -1
package/src/interfaces/api-express-validation-error-response.d.ts +0 -7
package/src/interfaces/api-express-validation-error-response.d.ts.map +0 -1
package/src/interfaces/api-express-validation-error-response.js +0 -3
package/src/interfaces/api-express-validation-error-response.js.map +0 -1
package/src/interfaces/api-message-response.d.ts +0 -4
package/src/interfaces/api-message-response.d.ts.map +0 -1
package/src/interfaces/api-message-response.js +0 -3
package/src/interfaces/api-message-response.js.map +0 -1
package/src/interfaces/api-mongo-validation-error-response.d.ts.map +0 -1
package/src/interfaces/api-mongo-validation-error-response.js +0 -3
package/src/interfaces/api-mongo-validation-error-response.js.map +0 -1
package/src/interfaces/api-responses/backup-codes-response.d.ts.map +0 -1
package/src/interfaces/api-responses/backup-codes-response.js +0 -3
package/src/interfaces/api-responses/backup-codes-response.js.map +0 -1
package/src/interfaces/api-responses/challenge-response.d.ts.map +0 -1
package/src/interfaces/api-responses/challenge-response.js +0 -3
package/src/interfaces/api-responses/challenge-response.js.map +0 -1
package/src/interfaces/api-responses/code-count-response.d.ts.map +0 -1
package/src/interfaces/api-responses/code-count-response.js +0 -3
package/src/interfaces/api-responses/code-count-response.js.map +0 -1
package/src/interfaces/api-responses/index.d.ts.map +0 -1
package/src/interfaces/api-responses/index.js +0 -12
package/src/interfaces/api-responses/index.js.map +0 -1
package/src/interfaces/api-responses/login-response.d.ts.map +0 -1
package/src/interfaces/api-responses/login-response.js +0 -3
package/src/interfaces/api-responses/login-response.js.map +0 -1
package/src/interfaces/api-responses/mnemonic-response.d.ts.map +0 -1
package/src/interfaces/api-responses/mnemonic-response.js +0 -3
package/src/interfaces/api-responses/mnemonic-response.js.map +0 -1
package/src/interfaces/api-responses/registration-response.d.ts.map +0 -1
package/src/interfaces/api-responses/registration-response.js +0 -3
package/src/interfaces/api-responses/registration-response.js.map +0 -1
package/src/interfaces/api-responses/request-user-response.d.ts.map +0 -1
package/src/interfaces/api-responses/request-user-response.js +0 -3
package/src/interfaces/api-responses/request-user-response.js.map +0 -1
package/src/interfaces/api-responses/user-settings-response.d.ts +0 -12
package/src/interfaces/api-responses/user-settings-response.d.ts.map +0 -1
package/src/interfaces/api-responses/user-settings-response.js +0 -3
package/src/interfaces/api-responses/user-settings-response.js.map +0 -1
package/src/interfaces/application.d.ts +0 -16
package/src/interfaces/application.d.ts.map +0 -1
package/src/interfaces/application.js +0 -3
package/src/interfaces/application.js.map +0 -1
package/src/interfaces/backend-objects/email-token.d.ts +0 -4
package/src/interfaces/backend-objects/email-token.d.ts.map +0 -1
package/src/interfaces/backend-objects/email-token.js +0 -3
package/src/interfaces/backend-objects/email-token.js.map +0 -1
package/src/interfaces/backend-objects/index.d.ts.map +0 -1
package/src/interfaces/backend-objects/index.js +0 -8
package/src/interfaces/backend-objects/index.js.map +0 -1
package/src/interfaces/backend-objects/request-user.d.ts +0 -5
package/src/interfaces/backend-objects/request-user.d.ts.map +0 -1
package/src/interfaces/backend-objects/request-user.js +0 -3
package/src/interfaces/backend-objects/request-user.js.map +0 -1
package/src/interfaces/backend-objects/role.d.ts.map +0 -1
package/src/interfaces/backend-objects/role.js +0 -3
package/src/interfaces/backend-objects/role.js.map +0 -1
package/src/interfaces/backend-objects/user.d.ts +0 -4
package/src/interfaces/backend-objects/user.d.ts.map +0 -1
package/src/interfaces/backend-objects/user.js +0 -3
package/src/interfaces/backend-objects/user.js.map +0 -1
package/src/interfaces/checksum-config.d.ts +0 -5
package/src/interfaces/checksum-config.d.ts.map +0 -1
package/src/interfaces/checksum-config.js +0 -3
package/src/interfaces/checksum-config.js.map +0 -1
package/src/interfaces/checksum-consts.d.ts +0 -11
package/src/interfaces/checksum-consts.d.ts.map +0 -1
package/src/interfaces/checksum-consts.js +0 -3
package/src/interfaces/checksum-consts.js.map +0 -1
package/src/interfaces/constants.d.ts +0 -98
package/src/interfaces/constants.d.ts.map +0 -1
package/src/interfaces/constants.js +0 -3
package/src/interfaces/constants.js.map +0 -1
package/src/interfaces/controller-config.d.ts +0 -21
package/src/interfaces/controller-config.d.ts.map +0 -1
package/src/interfaces/controller-config.js +0 -3
package/src/interfaces/controller-config.js.map +0 -1
package/src/interfaces/create-user-basics.d.ts +0 -18
package/src/interfaces/create-user-basics.d.ts.map +0 -1
package/src/interfaces/create-user-basics.js +0 -3
package/src/interfaces/create-user-basics.js.map +0 -1
package/src/interfaces/csp-config.d.ts +0 -7
package/src/interfaces/csp-config.d.ts.map +0 -1
package/src/interfaces/csp-config.js +0 -13
package/src/interfaces/csp-config.js.map +0 -1
package/src/interfaces/csp-definition.d.ts +0 -13
package/src/interfaces/csp-definition.d.ts.map +0 -1
package/src/interfaces/csp-definition.js +0 -23
package/src/interfaces/csp-definition.js.map +0 -1
package/src/interfaces/db-init-result.d.ts.map +0 -1
package/src/interfaces/db-init-result.js +0 -3
package/src/interfaces/db-init-result.js.map +0 -1
package/src/interfaces/deep-partial.d.ts +0 -4
package/src/interfaces/deep-partial.d.ts.map +0 -1
package/src/interfaces/deep-partial.js +0 -3
package/src/interfaces/deep-partial.js.map +0 -1
package/src/interfaces/discriminator-collections.d.ts.map +0 -1
package/src/interfaces/discriminator-collections.js +0 -3
package/src/interfaces/discriminator-collections.js.map +0 -1
package/src/interfaces/email-service.d.ts +0 -4
package/src/interfaces/email-service.d.ts.map +0 -1
package/src/interfaces/email-service.js +0 -3
package/src/interfaces/email-service.js.map +0 -1
package/src/interfaces/environment-mongo.d.ts +0 -76
package/src/interfaces/environment-mongo.d.ts.map +0 -1
package/src/interfaces/environment-mongo.js +0 -3
package/src/interfaces/environment-mongo.js.map +0 -1
package/src/interfaces/environment.d.ts +0 -184
package/src/interfaces/environment.d.ts.map +0 -1
package/src/interfaces/environment.js +0 -3
package/src/interfaces/environment.js.map +0 -1
package/src/interfaces/failable-result.d.ts +0 -7
package/src/interfaces/failable-result.d.ts.map +0 -1
package/src/interfaces/failable-result.js +0 -3
package/src/interfaces/failable-result.js.map +0 -1
package/src/interfaces/fec-consts.d.ts +0 -5
package/src/interfaces/fec-consts.d.ts.map +0 -1
package/src/interfaces/fec-consts.js +0 -3
package/src/interfaces/fec-consts.js.map +0 -1
package/src/interfaces/flexible-csp.d.ts +0 -8
package/src/interfaces/flexible-csp.d.ts.map +0 -1
package/src/interfaces/flexible-csp.js +0 -14
package/src/interfaces/flexible-csp.js.map +0 -1
package/src/interfaces/handleable-error-options.d.ts +0 -7
package/src/interfaces/handleable-error-options.d.ts.map +0 -1
package/src/interfaces/handleable-error-options.js +0 -3
package/src/interfaces/handleable-error-options.js.map +0 -1
package/src/interfaces/index.d.ts.map +0 -1
package/src/interfaces/index.js +0 -38
package/src/interfaces/index.js.map +0 -1
package/src/interfaces/jwt-consts.d.ts +0 -11
package/src/interfaces/jwt-consts.d.ts.map +0 -1
package/src/interfaces/jwt-consts.js +0 -3
package/src/interfaces/jwt-consts.js.map +0 -1
package/src/interfaces/jwt-sign-response.d.ts +0 -11
package/src/interfaces/jwt-sign-response.d.ts.map +0 -1
package/src/interfaces/jwt-sign-response.js +0 -3
package/src/interfaces/jwt-sign-response.js.map +0 -1
package/src/interfaces/models/email-token.d.ts.map +0 -1
package/src/interfaces/models/email-token.js +0 -3
package/src/interfaces/models/email-token.js.map +0 -1
package/src/interfaces/models/index.d.ts.map +0 -1
package/src/interfaces/models/index.js +0 -11
package/src/interfaces/models/index.js.map +0 -1
package/src/interfaces/models/mnemonic.d.ts.map +0 -1
package/src/interfaces/models/mnemonic.js +0 -3
package/src/interfaces/models/mnemonic.js.map +0 -1
package/src/interfaces/models/role.d.ts.map +0 -1
package/src/interfaces/models/role.js +0 -3
package/src/interfaces/models/role.js.map +0 -1
package/src/interfaces/models/token-role.d.ts.map +0 -1
package/src/interfaces/models/token-role.js +0 -3
package/src/interfaces/models/token-role.js.map +0 -1
package/src/interfaces/models/used-direct-login-token.d.ts.map +0 -1
package/src/interfaces/models/used-direct-login-token.js +0 -3
package/src/interfaces/models/used-direct-login-token.js.map +0 -1
package/src/interfaces/models/user-role.d.ts.map +0 -1
package/src/interfaces/models/user-role.js +0 -3
package/src/interfaces/models/user-role.js.map +0 -1
package/src/interfaces/models/user.d.ts.map +0 -1
package/src/interfaces/models/user.js +0 -3
package/src/interfaces/models/user.js.map +0 -1
package/src/interfaces/mongo-errors.d.ts +0 -5
package/src/interfaces/mongo-errors.d.ts.map +0 -1
package/src/interfaces/mongo-errors.js +0 -3
package/src/interfaces/mongo-errors.js.map +0 -1
package/src/interfaces/request-user.d.ts +0 -58
package/src/interfaces/request-user.d.ts.map +0 -1
package/src/interfaces/request-user.js +0 -3
package/src/interfaces/request-user.js.map +0 -1
package/src/interfaces/required-string-keys.d.ts +0 -22
package/src/interfaces/required-string-keys.d.ts.map +0 -1
package/src/interfaces/required-string-keys.js +0 -3
package/src/interfaces/required-string-keys.js.map +0 -1
package/src/interfaces/schema.d.ts +0 -29
package/src/interfaces/schema.d.ts.map +0 -1
package/src/interfaces/schema.js +0 -3
package/src/interfaces/schema.js.map +0 -1
package/src/interfaces/server-init-result.d.ts +0 -36
package/src/interfaces/server-init-result.d.ts.map +0 -1
package/src/interfaces/server-init-result.js +0 -3
package/src/interfaces/server-init-result.js.map +0 -1
package/src/interfaces/status-code-response.d.ts +0 -7
package/src/interfaces/status-code-response.d.ts.map +0 -1
package/src/interfaces/status-code-response.js +0 -3
package/src/interfaces/status-code-response.js.map +0 -1
package/src/interfaces/test-environment.d.ts.map +0 -1
package/src/interfaces/test-environment.js +0 -3
package/src/interfaces/test-environment.js.map +0 -1
package/src/interfaces/token-response.d.ts.map +0 -1
package/src/interfaces/token-response.js +0 -3
package/src/interfaces/token-response.js.map +0 -1
package/src/middlewares/authenticate-crypto.d.ts +0 -10
package/src/middlewares/authenticate-crypto.d.ts.map +0 -1
package/src/middlewares/authenticate-crypto.js +0 -126
package/src/middlewares/authenticate-crypto.js.map +0 -1
package/src/middlewares/authenticate-token.d.ts +0 -21
package/src/middlewares/authenticate-token.d.ts.map +0 -1
package/src/middlewares/authenticate-token.js +0 -104
package/src/middlewares/authenticate-token.js.map +0 -1
package/src/middlewares/cleanup-crypto.d.ts +0 -7
package/src/middlewares/cleanup-crypto.d.ts.map +0 -1
package/src/middlewares/cleanup-crypto.js +0 -32
package/src/middlewares/cleanup-crypto.js.map +0 -1
package/src/middlewares/index.d.ts.map +0 -1
package/src/middlewares/index.js +0 -8
package/src/middlewares/index.js.map +0 -1
package/src/middlewares/set-global-context-language.d.ts +0 -3
package/src/middlewares/set-global-context-language.d.ts.map +0 -1
package/src/middlewares/set-global-context-language.js +0 -14
package/src/middlewares/set-global-context-language.js.map +0 -1
package/src/middlewares.d.ts +0 -8
package/src/middlewares.d.ts.map +0 -1
package/src/middlewares.js +0 -89
package/src/middlewares.js.map +0 -1
package/src/model-registry.d.ts +0 -23
package/src/model-registry.d.ts.map +0 -1
package/src/model-registry.js +0 -47
package/src/model-registry.js.map +0 -1
package/src/models/email-token.d.ts.map +0 -1
package/src/models/email-token.js +0 -11
package/src/models/email-token.js.map +0 -1
package/src/models/index.d.ts.map +0 -1
package/src/models/index.js +0 -10
package/src/models/index.js.map +0 -1
package/src/models/mnemonic.d.ts.map +0 -1
package/src/models/mnemonic.js +0 -11
package/src/models/mnemonic.js.map +0 -1
package/src/models/role.d.ts.map +0 -1
package/src/models/role.js +0 -11
package/src/models/role.js.map +0 -1
package/src/models/used-direct-login-token.d.ts.map +0 -1
package/src/models/used-direct-login-token.js +0 -11
package/src/models/used-direct-login-token.js.map +0 -1
package/src/models/user-role.d.ts.map +0 -1
package/src/models/user-role.js +0 -10
package/src/models/user-role.js.map +0 -1
package/src/models/user.d.ts.map +0 -1
package/src/models/user.js +0 -11
package/src/models/user.js.map +0 -1
package/src/pipeline/index.d.ts.map +0 -1
package/src/pipeline/index.js +0 -5
package/src/pipeline/index.js.map +0 -1
package/src/pipeline/pipeline-builder.d.ts +0 -8
package/src/pipeline/pipeline-builder.d.ts.map +0 -1
package/src/pipeline/pipeline-builder.js +0 -18
package/src/pipeline/pipeline-builder.js.map +0 -1
package/src/plugins/index.d.ts.map +0 -1
package/src/plugins/index.js +0 -6
package/src/plugins/index.js.map +0 -1
package/src/plugins/plugin-interface.d.ts +0 -8
package/src/plugins/plugin-interface.d.ts.map +0 -1
package/src/plugins/plugin-interface.js +0 -3
package/src/plugins/plugin-interface.js.map +0 -1
package/src/plugins/plugin-manager.d.ts +0 -12
package/src/plugins/plugin-manager.d.ts.map +0 -1
package/src/plugins/plugin-manager.js +0 -37
package/src/plugins/plugin-manager.js.map +0 -1
package/src/registry/email-service-registry.d.ts +0 -27
package/src/registry/email-service-registry.d.ts.map +0 -1
package/src/registry/email-service-registry.js +0 -42
package/src/registry/email-service-registry.js.map +0 -1
package/src/registry/index.d.ts.map +0 -1
package/src/registry/index.js +0 -6
package/src/registry/index.js.map +0 -1
package/src/responses/index.d.ts.map +0 -1
package/src/responses/index.js +0 -5
package/src/responses/index.js.map +0 -1
package/src/responses/response-builder.d.ts +0 -24
package/src/responses/response-builder.d.ts.map +0 -1
package/src/responses/response-builder.js +0 -63
package/src/responses/response-builder.js.map +0 -1
package/src/routers/api.d.ts +0 -28
package/src/routers/api.d.ts.map +0 -1
package/src/routers/api.js +0 -80
package/src/routers/api.js.map +0 -1
package/src/routers/app.d.ts +0 -32
package/src/routers/app.d.ts.map +0 -1
package/src/routers/app.js +0 -228
package/src/routers/app.js.map +0 -1
package/src/routers/base.d.ts +0 -8
package/src/routers/base.d.ts.map +0 -1
package/src/routers/base.js +0 -14
package/src/routers/base.js.map +0 -1
package/src/routers/index.d.ts.map +0 -1
package/src/routers/index.js +0 -7
package/src/routers/index.js.map +0 -1
package/src/routers/router-config.d.ts +0 -18
package/src/routers/router-config.d.ts.map +0 -1
package/src/routers/router-config.js +0 -8
package/src/routers/router-config.js.map +0 -1
package/src/routing/index.d.ts +0 -2
package/src/routing/index.d.ts.map +0 -1
package/src/routing/index.js +0 -5
package/src/routing/index.js.map +0 -1
package/src/routing/route-builder.d.ts +0 -36
package/src/routing/route-builder.d.ts.map +0 -1
package/src/routing/route-builder.js +0 -86
package/src/routing/route-builder.js.map +0 -1
package/src/schemas/email-token.d.ts.map +0 -1
package/src/schemas/email-token.js +0 -55
package/src/schemas/email-token.js.map +0 -1
package/src/schemas/index.d.ts.map +0 -1
package/src/schemas/index.js +0 -11
package/src/schemas/index.js.map +0 -1
package/src/schemas/mnemonic.d.ts.map +0 -1
package/src/schemas/mnemonic.js +0 -31
package/src/schemas/mnemonic.js.map +0 -1
package/src/schemas/role.d.ts.map +0 -1
package/src/schemas/role.js +0 -88
package/src/schemas/role.js.map +0 -1
package/src/schemas/schema.d.ts +0 -42
package/src/schemas/schema.d.ts.map +0 -1
package/src/schemas/schema.js +0 -70
package/src/schemas/schema.js.map +0 -1
package/src/schemas/used-direct-login-token.d.ts.map +0 -1
package/src/schemas/used-direct-login-token.js +0 -24
package/src/schemas/used-direct-login-token.js.map +0 -1
package/src/schemas/user-role.d.ts.map +0 -1
package/src/schemas/user-role.js +0 -55
package/src/schemas/user-role.js.map +0 -1
package/src/schemas/user.d.ts.map +0 -1
package/src/schemas/user.js +0 -194
package/src/schemas/user.js.map +0 -1
package/src/services/backup-code.d.ts +0 -76
package/src/services/backup-code.d.ts.map +0 -1
package/src/services/backup-code.js +0 -185
package/src/services/backup-code.js.map +0 -1
package/src/services/base.d.ts +0 -10
package/src/services/base.d.ts.map +0 -1
package/src/services/base.js +0 -15
package/src/services/base.js.map +0 -1
package/src/services/checksum.d.ts +0 -69
package/src/services/checksum.d.ts.map +0 -1
package/src/services/checksum.js +0 -145
package/src/services/checksum.js.map +0 -1
package/src/services/crc.d.ts +0 -87
package/src/services/crc.d.ts.map +0 -1
package/src/services/crc.js +0 -198
package/src/services/crc.js.map +0 -1
package/src/services/database-initialization.d.ts +0 -103
package/src/services/database-initialization.d.ts.map +0 -1
package/src/services/database-initialization.js +0 -817
package/src/services/database-initialization.js.map +0 -1
package/src/services/db-init-cache.d.ts.map +0 -1
package/src/services/db-init-cache.js +0 -3
package/src/services/db-init-cache.js.map +0 -1
package/src/services/direct-login-token.d.ts +0 -6
package/src/services/direct-login-token.d.ts.map +0 -1
package/src/services/direct-login-token.js +0 -41
package/src/services/direct-login-token.js.map +0 -1
package/src/services/dummy-email-service.d.ts +0 -10
package/src/services/dummy-email-service.d.ts.map +0 -1
package/src/services/dummy-email-service.js +0 -16
package/src/services/dummy-email-service.js.map +0 -1
package/src/services/fec-usage-example.d.ts +0 -38
package/src/services/fec-usage-example.d.ts.map +0 -1
package/src/services/fec-usage-example.js +0 -75
package/src/services/fec-usage-example.js.map +0 -1
package/src/services/fec.d.ts +0 -46
package/src/services/fec.d.ts.map +0 -1
package/src/services/fec.js +0 -214
package/src/services/fec.js.map +0 -1
package/src/services/index.d.ts.map +0 -1
package/src/services/index.js +0 -23
package/src/services/index.js.map +0 -1
package/src/services/jwt.d.ts +0 -30
package/src/services/jwt.d.ts.map +0 -1
package/src/services/jwt.js +0 -90
package/src/services/jwt.js.map +0 -1
package/src/services/key-wrapping.d.ts +0 -61
package/src/services/key-wrapping.d.ts.map +0 -1
package/src/services/key-wrapping.js +0 -310
package/src/services/key-wrapping.js.map +0 -1
package/src/services/mnemonic.d.ts +0 -61
package/src/services/mnemonic.d.ts.map +0 -1
package/src/services/mnemonic.js +0 -114
package/src/services/mnemonic.js.map +0 -1
package/src/services/request-user.d.ts +0 -23
package/src/services/request-user.d.ts.map +0 -1
package/src/services/request-user.js +0 -66
package/src/services/request-user.js.map +0 -1
package/src/services/role.d.ts +0 -86
package/src/services/role.d.ts.map +0 -1
package/src/services/role.js +0 -285
package/src/services/role.js.map +0 -1
package/src/services/symmetric.d.ts +0 -42
package/src/services/symmetric.d.ts.map +0 -1
package/src/services/symmetric.js +0 -101
package/src/services/symmetric.js.map +0 -1
package/src/services/system-user.d.ts +0 -17
package/src/services/system-user.d.ts.map +0 -1
package/src/services/system-user.js +0 -46
package/src/services/system-user.js.map +0 -1
package/src/services/user.d.ts +0 -349
package/src/services/user.d.ts.map +0 -1
package/src/services/user.js +0 -1452
package/src/services/user.js.map +0 -1
package/src/services/xor.d.ts +0 -24
package/src/services/xor.d.ts.map +0 -1
package/src/services/xor.js +0 -37
package/src/services/xor.js.map +0 -1
package/src/testing.d.ts +0 -3
package/src/testing.d.ts.map +0 -1
package/src/testing.js +0 -7
package/src/testing.js.map +0 -1
package/src/transactions/index.d.ts.map +0 -1
package/src/transactions/index.js +0 -5
package/src/transactions/index.js.map +0 -1
package/src/transactions/transaction-manager.d.ts +0 -12
package/src/transactions/transaction-manager.d.ts.map +0 -1
package/src/transactions/transaction-manager.js +0 -30
package/src/transactions/transaction-manager.js.map +0 -1
package/src/types/app-config.d.ts.map +0 -1
package/src/types/app-config.js +0 -3
package/src/types/app-config.js.map +0 -1
package/src/types/controller-config.d.ts.map +0 -1
package/src/types/controller-config.js +0 -3
package/src/types/controller-config.js.map +0 -1
package/src/types/environment-variables.d.ts.map +0 -1
package/src/types/environment-variables.js +0 -39
package/src/types/environment-variables.js.map +0 -1
package/src/types/id-converters.d.ts +0 -28
package/src/types/id-converters.d.ts.map +0 -1
package/src/types/id-converters.js +0 -45
package/src/types/id-converters.js.map +0 -1
package/src/types/index.d.ts.map +0 -1
package/src/types/index.js +0 -6
package/src/types/index.js.map +0 -1
package/src/types/mongoose-helpers.d.ts.map +0 -1
package/src/types/mongoose-helpers.js +0 -6
package/src/types/mongoose-helpers.js.map +0 -1
package/src/types.d.ts.map +0 -1
package/src/types.js +0 -14
package/src/types.js.map +0 -1
package/src/utils.d.ts +0 -210
package/src/utils.d.ts.map +0 -1
package/src/utils.js +0 -819
package/src/utils.js.map +0 -1
package/src/validation/index.d.ts.map +0 -1
package/src/validation/index.js +0 -5
package/src/validation/index.js.map +0 -1
package/src/validation/validation-builder.d.ts +0 -32
package/src/validation/validation-builder.d.ts.map +0 -1
package/src/validation/validation-builder.js +0 -81
package/src/validation/validation-builder.js.map +0 -1

package/src/services/backup-code.ts ADDED Viewed

@@ -0,0 +1,321 @@
+import {
+  EmailString,
+  MemberType,
+  SecureBuffer,
+  SecureString,
+} from '@digitaldefiance/ecies-lib';
+import {
+  Member as BackendMember,
+  ECIESService,
+} from '@digitaldefiance/node-ecies-lib';
+import {
+  IBackupCode,
+  InvalidBackupCodeError,
+  ITokenRole,
+} from '@digitaldefiance/suite-core-lib';
+import { timingSafeEqual } from 'crypto';
+import { ClientSession, Types } from '@digitaldefiance/mongoose-types';
+import { BackupCode } from '../backup-code';
+import { LocalhostConstants as AppConstants } from '../constants';
+import { IUserDocument } from '../documents';
+import { InvalidBackupCodeVersionError } from '../errors/invalid-backup-code-version';
+import { IApplication } from '../interfaces/application';
+import { BaseService } from './base';
+import { KeyWrappingService } from './index';
+import { RoleService } from './role';
+import { SymmetricService } from './symmetric';
+import { SystemUserService } from './system-user';
+/**
+ * Service handling generation, storage, validation, consumption, and recovery using backup codes.
+ *
+ * v1 scheme:
+ * - Code: 32 lowercase alphanumerics (a–z0–9), displayed as 8 groups of 4: xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx-xxxx
+ * - Checksum/tag: HKDF-SHA256(codeUtf8, salt, "backup-checksum") → 32 bytes (stored as hex)
+ * - KDF for encryption key: Argon2id(codeUtf8, salt) → 32 bytes
+ * - Encryption: SymmetricService AEAD (encryptedData must embed IV + authTag + ciphertext)
+ * - Wrapping: AEAD blob wrapped with system user's asymmetric key (ECIES)
+ */
+export class BackupCodeService<
+  I extends string | Types.ObjectId = Types.ObjectId,
+  D extends Date = Date,
+  TTokenRole extends ITokenRole<I, D> = ITokenRole<I, D>,
+  TApplication extends IApplication = IApplication,
+> extends BaseService {
+  private readonly eciesService: ECIESService;
+  private systemUser?: BackendMember<I>;
+  private readonly keyWrappingService: KeyWrappingService;
+  private readonly roleService: RoleService<I, D, TTokenRole>;
+  /**
+   * Construct a BackupCodeService.
+   */
+  constructor(
+    application: TApplication,
+    eciesService: ECIESService,
+    keyWrappingService: KeyWrappingService,
+    roleService: RoleService<I, D, TTokenRole>,
+  ) {
+    super(application);
+    this.eciesService = eciesService;
+    this.keyWrappingService = keyWrappingService;
+    this.roleService = roleService;
+  }
+  /**
+   * Get the lazily-initialized system user for key wrapping/unwrapping.
+   */
+  private getSystemUser(): BackendMember<I> {
+    if (!this.systemUser) {
+      // System user is always created with Buffer IDs, but we need to cast to the generic type I
+      // This is safe because the system user's ID type is compatible with all ID types
+      this.systemUser = SystemUserService.getSystemUser(
+        this.application.environment,
+        this.application.constants,
+      ) as unknown as BackendMember<I>;
+    }
+    return this.systemUser;
+  }
+  /**
+   * Forcibly set the system user (for database initialization)
+   * @param user
+   */
+  public setSystemUser(user: BackendMember<I>): void {
+    this.systemUser = user;
+  }
+  /**
+   * v1: Consume (validate and remove) a backup code via constant-time checksum match.
+   */
+  public useBackupCodeV1(
+    encryptedBackupCodes: Array<IBackupCode>,
+    backupCode: string,
+  ): { newCodesArray: Array<IBackupCode>; code: IBackupCode } {
+    const normalizedCode = BackupCode.normalizeCode(backupCode);
+    if (!AppConstants.BACKUP_CODES.NormalizedHexRegex.test(normalizedCode)) {
+      throw new InvalidBackupCodeError();
+    }
+    const codeBytes = Buffer.from(normalizedCode, 'utf8');
+    try {
+      for (const code of encryptedBackupCodes) {
+        if (code.version !== BackupCode.BackupCodeVersion) continue;
+        const checksumSalt = Buffer.from(code.checksumSalt, 'hex');
+        const expected = BackupCode.hkdfSha256(
+          codeBytes,
+          checksumSalt,
+          Buffer.from('backup-checksum'),
+          32,
+        );
+        if (
+          code.checksum.length === expected.length * 2 &&
+          timingSafeEqual(Buffer.from(code.checksum, 'hex'), expected)
+        ) {
+          const checksumHex = expected.toString('hex');
+          return {
+            newCodesArray: encryptedBackupCodes.filter(
+              (c) => c.checksum !== checksumHex,
+            ),
+            code,
+          };
+        }
+      }
+      throw new InvalidBackupCodeError();
+    } finally {
+      codeBytes.fill(0);
+    }
+  }
+  /**
+   * Consume a backup code by first detecting the version and then dispatching to the appropriate handler.
+   */
+  public useBackupCode(
+    encryptedBackupCodes: Array<IBackupCode>,
+    backupCode: string,
+  ): { newCodesArray: Array<IBackupCode>; code: IBackupCode } {
+    const version = BackupCode.detectBackupCodeVersion(
+      encryptedBackupCodes,
+      backupCode,
+    );
+    switch (version) {
+      case BackupCode.BackupCodeVersion:
+        return this.useBackupCodeV1(
+          encryptedBackupCodes.filter(
+            (c) => c.version === BackupCode.BackupCodeVersion,
+          ),
+          backupCode,
+        );
+      default:
+        throw new InvalidBackupCodeVersionError(version);
+    }
+  }
+  /**
+   * v1: Recover a user's private key using a backup code.
+   */
+  public async recoverKeyWithBackupCodeV1(
+    userDoc: IUserDocument<string, I>,
+    backupCode: string,
+    newPassword?: SecureString,
+    session?: ClientSession,
+  ): Promise<{
+    userDoc: IUserDocument<string, I>;
+    user: BackendMember<any>;
+    codeCount: number;
+  }> {
+    const normalizedCode = BackupCode.normalizeCode(backupCode);
+    return await this.withTransaction<{
+      userDoc: IUserDocument<string, I>;
+      user: BackendMember<any>;
+      codeCount: number;
+    }>(
+      async (sess: ClientSession | undefined) => {
+        const { code, newCodesArray } = this.useBackupCodeV1(
+          userDoc.backupCodes,
+          normalizedCode,
+        );
+        userDoc.backupCodes = newCodesArray;
+        let decryptionKey: Buffer | undefined;
+        try {
+          const adminMember = this.getSystemUser();
+          decryptionKey = await BackupCode.getBackupKeyV1(
+            code.checksumSalt,
+            normalizedCode,
+            this.application.constants,
+          );
+          const privateKeyUnwrapped = adminMember.decryptData(
+            Buffer.from(code.encrypted, 'hex'),
+          );
+          const decryptedPrivateKey = new SecureBuffer(
+            SymmetricService.decryptBuffer(privateKeyUnwrapped, decryptionKey),
+          );
+          const memberType: MemberType = await this.roleService.getMemberType(
+            userDoc,
+            session,
+          );
+          const user = new BackendMember(
+            this.eciesService,
+            memberType,
+            userDoc.username,
+            new EmailString(userDoc.email),
+            Buffer.from(userDoc.publicKey, 'hex'),
+            decryptedPrivateKey,
+            undefined,
+            userDoc._id,
+            new Date(userDoc.createdAt),
+            new Date(userDoc.updatedAt),
+          );
+          if (!newPassword) {
+            await userDoc.save({ session: sess });
+            return {
+              userDoc,
+              user,
+              codeCount: newCodesArray.length,
+            };
+          }
+          const wrapped = this.keyWrappingService.wrapSecret(
+            decryptedPrivateKey,
+            newPassword,
+            this.application.constants,
+          );
+          userDoc.passwordWrappedPrivateKey = wrapped;
+          await userDoc.save({ session: sess });
+          return { userDoc, user, codeCount: newCodesArray.length };
+        } finally {
+          if (decryptionKey) decryptionKey.fill(0);
+        }
+      },
+      session,
+      {
+        timeoutMs: this.application.environment.mongo.transactionTimeout * 5,
+      },
+    );
+  }
+  /**
+   * Recover a user's private key using a backup code (version-dispatched).
+   */
+  public async recoverKeyWithBackupCode(
+    userDoc: IUserDocument<string, I>,
+    backupCode: string,
+    newPassword?: SecureString,
+    session?: ClientSession,
+  ): Promise<{
+    userDoc: IUserDocument<string, I>;
+    user: BackendMember<any>;
+    codeCount: number;
+  }> {
+    const version = BackupCode.detectBackupCodeVersion(
+      userDoc.backupCodes,
+      backupCode,
+    );
+    switch (version) {
+      case BackupCode.BackupCodeVersion:
+        return this.recoverKeyWithBackupCodeV1(
+          userDoc,
+          backupCode,
+          newPassword,
+          session,
+        );
+      default:
+        throw new InvalidBackupCodeVersionError(version);
+    }
+  }
+  /**
+   * Rewrap system-wrapped AEAD blobs from old system key to new one without touching inner AEAD.
+   */
+  public async rewrapAllUsersBackupCodes(
+    fetchBatch: (
+      afterId?: string,
+      limit?: number,
+    ) => Promise<IUserDocument<string, I>[]>,
+    saveUser: (user: IUserDocument<string, I>) => Promise<void>,
+    oldSystem: BackendMember,
+    newSystem: BackendMember,
+    options?: { batchSize?: number; onProgress?: (count: number) => void },
+  ): Promise<number> {
+    const batchSize = options?.batchSize ?? 500;
+    let processed = 0;
+    let afterId: string | undefined;
+    for (;;) {
+      const users = await fetchBatch(afterId, batchSize);
+      if (!users.length) break;
+      for (const user of users) {
+        let modified = false;
+        for (const bc of user.backupCodes ?? []) {
+          try {
+            const sealed = oldSystem.decryptData(
+              Buffer.from(bc.encrypted, 'hex'),
+            );
+            const rewrapped = newSystem.encryptData(sealed).toString('hex');
+            if (rewrapped !== bc.encrypted) {
+              bc.encrypted = rewrapped;
+              modified = true;
+            }
+          } catch (e) {
+            throw new Error(
+              `Failed to rewrap backup code for user ${user._id}: ${
+                (e as Error).message
+              }`,
+            );
+          }
+        }
+        if (modified) {
+          await saveUser(user);
+          processed++;
+          options?.onProgress?.(processed);
+        }
+      }
+      afterId = users[users.length - 1]?._id?.toString() ?? undefined;
+    }
+    return processed;
+  }
+}

package/src/services/base.ts ADDED Viewed

@@ -0,0 +1,35 @@
+import { ClientSession, Types } from '@digitaldefiance/mongoose-types';
+import { IBaseDocument } from '../documents';
+import { Environment } from '../environment';
+import { IConstants } from '../interfaces';
+import { IApplication } from '../interfaces/application';
+import { TransactionCallback } from '../types';
+import {
+  TransactionOptions,
+  withTransaction as utilsWithTransaction,
+} from '../utils';
+export class BaseService<
+  TApplication extends IApplication = IApplication,
+> {
+  protected readonly application: TApplication;
+  constructor(application: TApplication) {
+    this.application = application;
+  }
+  public async withTransaction<T>(
+    callback: TransactionCallback<T>,
+    session?: ClientSession,
+    options?: TransactionOptions,
+    ...args: any
+  ) {
+    return await utilsWithTransaction<T>(
+      this.application.db.connection,
+      this.application.environment.mongo.useTransactions,
+      session,
+      callback,
+      options ?? {},
+      ...args,
+    );
+  }
+}

package/src/services/checksum.ts ADDED Viewed

@@ -0,0 +1,167 @@
+import { IChecksumConsts } from '../interfaces/checksum-consts';
+import {
+  ChecksumBuffer,
+  ChecksumString,
+} from '@digitaldefiance/node-ecies-lib';
+import { createHash } from 'crypto';
+import { promises as fs } from 'fs';
+import { CHECKSUM } from '../constants';
+import { IChecksumConfig } from '../interfaces/checksum-config';
+export class ChecksumService {
+  private readonly config: IChecksumConfig;
+  protected readonly constants: IChecksumConsts;
+  constructor(
+    config?: Partial<IChecksumConfig>,
+    constants: IChecksumConsts = CHECKSUM,
+  ) {
+    this.config = {
+      algorithm: constants.ALGORITHM,
+      encoding: constants.ENCODING,
+      ...config,
+    };
+    this.constants = constants;
+  }
+  /**
+   * Calculate a checksum for a buffer
+   * @param data - The data to calculate the checksum for
+   * @returns The checksum as a Buffer
+   */
+  public calculateChecksum(data: Buffer): ChecksumBuffer {
+    const hash = createHash(this.config.algorithm);
+    hash.update(new Uint8Array(data));
+    const digest = hash.digest();
+    return Buffer.from(digest) as ChecksumBuffer;
+  }
+  /**
+   * Calculate a checksum for multiple buffers
+   * @param buffers - The buffers to calculate the checksum for
+   * @returns The checksum as a Buffer
+   */
+  public calculateChecksumForBuffers(buffers: Buffer[]): ChecksumBuffer {
+    const hash = createHash(this.config.algorithm);
+    for (const buffer of buffers) {
+      hash.update(new Uint8Array(buffer));
+    }
+    const digest = hash.digest();
+    return Buffer.from(digest) as ChecksumBuffer;
+  }
+  /**
+   * Calculate a checksum for a string
+   * @param str - The string to calculate the checksum for
+   * @returns The checksum as a Buffer
+   */
+  public calculateChecksumForString(str: string): ChecksumBuffer {
+    return this.calculateChecksum(Buffer.from(str, 'utf8'));
+  }
+  /**
+   * Compare two checksums for equality
+   * @param checksum1 - The first checksum
+   * @param checksum2 - The second checksum
+   * @returns True if the checksums are equal, false otherwise
+   */
+  public compareChecksums(
+    checksum1: ChecksumBuffer,
+    checksum2: ChecksumBuffer,
+  ): boolean {
+    if (
+      checksum1.length !== this.constants.SHA3_BUFFER_LENGTH ||
+      checksum2.length !== this.constants.SHA3_BUFFER_LENGTH
+    ) {
+      return false;
+    }
+    return checksum1.equals(new Uint8Array(checksum2));
+  }
+  /**
+   * Convert a checksum to a hex string
+   * @param checksum - The checksum to convert
+   * @returns The checksum as a hex string
+   */
+  public checksumToHexString(checksum: ChecksumBuffer): ChecksumString {
+    return checksum.toString(this.constants.ENCODING) as ChecksumString;
+  }
+  /**
+   * Convert a hex string to a checksum
+   * @param hexString - The hex string to convert
+   * @returns The checksum as a Buffer
+   */
+  public hexStringToChecksum(hexString: string): ChecksumBuffer {
+    if (hexString.length !== this.constants.SHA3_BUFFER_LENGTH * 2) {
+      throw new Error('Invalid checksum hex string length');
+    }
+    return Buffer.from(hexString, this.constants.ENCODING) as ChecksumBuffer;
+  }
+  /**
+   * Validate a checksum buffer
+   * @param checksum - The checksum to validate
+   * @returns True if the checksum is valid, false otherwise
+   */
+  public validateChecksum(checksum: ChecksumBuffer): boolean {
+    return checksum.length === this.constants.SHA3_BUFFER_LENGTH;
+  }
+  /**
+   * Calculate a checksum for a file
+   * @param filePath - The path to the file
+   * @returns The checksum as a Buffer
+   */
+  public async calculateChecksumForFile(
+    filePath: string,
+  ): Promise<ChecksumBuffer> {
+    // Removed dynamic import by using the data service to read file data
+    // This is a temporary solution that can be replaced with a proper file service
+    // The implementation now delegates file reading to the caller
+    const buffer = Buffer.from(await this.readFile(filePath));
+    return this.calculateChecksum(buffer);
+  }
+  /**
+   * Internal file reading method
+   * @private
+   */
+  private async readFile(filePath: string): Promise<Buffer> {
+    // Import fs using a static import that's available at module load time
+    // This solves the dynamic import/require issues
+    try {
+      return await fs.readFile(filePath);
+    } catch {
+      throw new Error(`Failed to read file at path: ${filePath}`);
+    }
+  }
+  /**
+   * Calculate a checksum for a stream
+   * @param stream - The readable stream
+   * @returns The checksum as a Buffer
+   */
+  public calculateChecksumForStream(
+    stream: NodeJS.ReadableStream,
+  ): Promise<ChecksumBuffer> {
+    return new Promise((resolve, reject) => {
+      const hash = createHash(this.config.algorithm);
+      stream.on('data', (chunk) => {
+        // Ensure chunk is a Buffer before updating hash
+        if (Buffer.isBuffer(chunk)) {
+          hash.update(new Uint8Array(chunk));
+        } else if (typeof chunk === 'number') {
+          hash.update(new Uint8Array(Buffer.from([chunk])));
+        } else {
+          hash.update(new Uint8Array(Buffer.from(chunk)));
+        }
+      });
+      stream.on('end', () => {
+        const digest = hash.digest();
+        resolve(Buffer.from(digest) as ChecksumBuffer);
+      });
+      stream.on('error', reject);
+    });
+  }
+}