npm - @digitaldefiance/node-express-suite - Versions diffs - 3.7.4 → 3.7.5 - Mend

@digitaldefiance/node-express-suite 3.7.4 → 3.7.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (878) hide show

package/LICENSE +21 -0
package/package.json +4 -5
package/src/__tests__/fixtures/{index.d.ts → index.ts} +0 -1
package/src/__tests__/fixtures/model-mocks.mock.ts +164 -0
package/src/__tests__/helpers/application.mock.ts +89 -0
package/src/__tests__/helpers/{index.d.ts → index.ts} +0 -1
package/src/__tests__/helpers/setup-test-env.ts +202 -0
package/src/__tests__/{index.d.ts → index.ts} +0 -1
package/src/application-base.ts +548 -0
package/src/application-concrete.ts +62 -0
package/src/application.ts +330 -0
package/src/backup-code.ts +348 -0
package/src/builders/application-builder.ts +147 -0
package/src/builders/{index.d.ts → index.ts} +0 -1
package/src/constants.ts +89 -0
package/src/container/{index.d.ts → index.ts} +0 -1
package/src/container/service-container.ts +85 -0
package/src/container/service-definitions.ts +23 -0
package/src/controllers/base.ts +512 -0
package/src/controllers/{index.d.ts → index.ts} +0 -1
package/src/controllers/user.ts +1734 -0
package/src/database/database-initializer.ts +13 -0
package/src/database/{index.d.ts → index.ts} +0 -1
package/src/decorators/base-controller.ts +91 -0
package/src/decorators/controller.ts +152 -0
package/src/decorators/{index.d.ts → index.ts} +0 -1
package/src/decorators/zod-validation.ts +64 -0
package/src/defaults.ts +259 -0
package/src/documents/base.ts +17 -0
package/src/documents/email-token.ts +20 -0
package/src/documents/{index.d.ts → index.ts} +0 -1
package/src/documents/mnemonic.ts +20 -0
package/src/documents/role.ts +19 -0
package/src/documents/used-direct-login-token.ts +18 -0
package/src/documents/user-role.ts +20 -0
package/src/documents/user.ts +20 -0
package/src/enumerations/base-model-name.ts +47 -0
package/src/enumerations/{index.d.ts → index.ts} +0 -1
package/src/enumerations/length-encoding-type.ts +16 -0
package/src/enumerations/schema-collection.ts +39 -0
package/src/enumerations/symmetric-error-type.ts +13 -0
package/src/environment.ts +859 -0
package/src/errors/express-validation.ts +38 -0
package/src/errors/{index.d.ts → index.ts} +0 -1
package/src/errors/invalid-backup-code-version.ts +30 -0
package/src/errors/invalid-jwt-token.ts +24 -0
package/src/errors/invalid-model.ts +24 -0
package/src/errors/invalid-new-password.ts +33 -0
package/src/errors/invalid-password.ts +28 -0
package/src/errors/missing-validated-data.ts +55 -0
package/src/errors/mnemonic-or-password-required.ts +26 -0
package/src/errors/model-not-registered.ts +24 -0
package/src/errors/mongoose-validation.ts +56 -0
package/src/errors/symmetric.ts +53 -0
package/src/errors/token-expired.ts +24 -0
package/src/get-language.ts +64 -0
package/src/get-timezone.ts +76 -0
package/src/{index.d.ts → index.ts} +44 -2
package/src/interfaces/api-error-response.ts +15 -0
package/src/interfaces/api-express-validation-error-response.ts +17 -0
package/src/interfaces/api-message-response.ts +12 -0
package/src/interfaces/api-mongo-validation-error-response.ts +17 -0
package/src/interfaces/api-responses/backup-codes-response.ts +15 -0
package/src/interfaces/api-responses/challenge-response.ts +17 -0
package/src/interfaces/api-responses/code-count-response.ts +12 -0
package/src/interfaces/api-responses/{index.d.ts → index.ts} +0 -1
package/src/interfaces/api-responses/login-response.ts +18 -0
package/src/interfaces/api-responses/mnemonic-response.ts +15 -0
package/src/interfaces/api-responses/registration-response.ts +17 -0
package/src/interfaces/api-responses/request-user-response.ts +16 -0
package/src/interfaces/api-responses/user-settings-response.ts +19 -0
package/src/interfaces/application.ts +40 -0
package/src/interfaces/backend-objects/email-token.ts +18 -0
package/src/interfaces/backend-objects/{index.d.ts → index.ts} +0 -1
package/src/interfaces/backend-objects/request-user.ts +19 -0
package/src/interfaces/backend-objects/role.ts +18 -0
package/src/interfaces/backend-objects/user.ts +18 -0
package/src/interfaces/checksum-config.ts +15 -0
package/src/interfaces/checksum-consts.ts +23 -0
package/src/interfaces/constants.ts +114 -0
package/src/interfaces/controller-config.ts +54 -0
package/src/interfaces/create-user-basics.ts +24 -0
package/src/interfaces/csp-config.ts +32 -0
package/src/interfaces/csp-definition.ts +71 -0
package/src/interfaces/db-init-result.ts +17 -0
package/src/interfaces/deep-partial.ts +14 -0
package/src/interfaces/discriminator-collections.ts +21 -0
package/src/interfaces/email-service.ts +26 -0
package/src/interfaces/environment-mongo.ts +86 -0
package/src/interfaces/environment.ts +191 -0
package/src/interfaces/failable-result.ts +20 -0
package/src/interfaces/fec-consts.ts +14 -0
package/src/interfaces/flexible-csp.ts +35 -0
package/src/interfaces/handleable-error-options.ts +19 -0
package/src/interfaces/{index.d.ts → index.ts} +0 -1
package/src/interfaces/jwt-consts.ts +33 -0
package/src/interfaces/jwt-sign-response.ts +31 -0
package/src/interfaces/models/email-token.ts +13 -0
package/src/interfaces/models/{index.d.ts → index.ts} +0 -1
package/src/interfaces/models/mnemonic.ts +14 -0
package/src/interfaces/models/role.ts +13 -0
package/src/interfaces/models/token-role.ts +23 -0
package/src/interfaces/models/used-direct-login-token.ts +21 -0
package/src/interfaces/models/user-role.ts +23 -0
package/src/interfaces/models/user.ts +30 -0
package/src/interfaces/mongo-errors.ts +14 -0
package/src/interfaces/request-user.ts +80 -0
package/src/interfaces/required-string-keys.ts +33 -0
package/src/interfaces/schema.ts +43 -0
package/src/interfaces/server-init-result.ts +48 -0
package/src/interfaces/status-code-response.ts +20 -0
package/src/interfaces/symmetric-encryption-results.d.ts.map +1 -1
package/src/interfaces/symmetric-encryption-results.js.map +1 -1
package/src/interfaces/symmetric-encryption-results.ts +15 -0
package/src/interfaces/test-environment.ts +23 -0
package/src/interfaces/token-response.ts +16 -0
package/src/middleware-utils.ts +138 -0
package/src/middlewares/authenticate-crypto.ts +237 -0
package/src/middlewares/authenticate-token.ts +165 -0
package/src/middlewares/cleanup-crypto.ts +47 -0
package/src/middlewares/{index.d.ts → index.ts} +0 -1
package/src/middlewares/set-global-context-language.ts +38 -0
package/src/model-registry.ts +142 -0
package/src/models/email-token.ts +49 -0
package/src/models/{index.d.ts → index.ts} +0 -1
package/src/models/mnemonic.ts +42 -0
package/src/models/role.ts +38 -0
package/src/models/used-direct-login-token.ts +49 -0
package/src/models/user-role.ts +40 -0
package/src/models/user.ts +42 -0
package/src/pipeline/{index.d.ts → index.ts} +0 -1
package/src/pipeline/pipeline-builder.ts +27 -0
package/src/plugins/{index.d.ts → index.ts} +0 -1
package/src/plugins/plugin-interface.ts +19 -0
package/src/plugins/plugin-manager.ts +53 -0
package/src/registry/email-service-registry.ts +76 -0
package/src/registry/{index.d.ts → index.ts} +0 -1
package/src/responses/{index.d.ts → index.ts} +0 -1
package/src/responses/response-builder.ts +166 -0
package/src/routers/api.ts +233 -0
package/src/routers/app.ts +395 -0
package/src/routers/base.ts +34 -0
package/src/routers/{index.d.ts → index.ts} +0 -1
package/src/routers/router-config.ts +34 -0
package/src/routing/index.ts +1 -0
package/src/routing/route-builder.ts +214 -0
package/src/schemas/email-token.ts +112 -0
package/src/schemas/{index.d.ts → index.ts} +0 -1
package/src/schemas/mnemonic.ts +48 -0
package/src/schemas/role.ts +153 -0
package/src/schemas/schema.ts +185 -0
package/src/schemas/used-direct-login-token.ts +58 -0
package/src/schemas/user-role.ts +93 -0
package/src/schemas/user.ts +244 -0
package/src/services/backup-code.ts +327 -0
package/src/services/base.ts +46 -0
package/src/services/checksum.ts +189 -0
package/src/services/database-initialization.ts +1653 -0
package/src/services/db-init-cache.ts +28 -0
package/src/services/direct-login-token.ts +83 -0
package/src/services/dummy-email-service.ts +43 -0
package/src/services/fec-usage-example.ts +123 -0
package/src/services/fec.ts +399 -0
package/src/services/{index.d.ts → index.ts} +0 -1
package/src/services/jwt.ts +146 -0
package/src/services/key-wrapping.ts +528 -0
package/src/services/mnemonic.ts +174 -0
package/src/services/request-user.ts +127 -0
package/src/services/role.ts +417 -0
package/src/services/symmetric.ts +164 -0
package/src/services/system-user.ts +87 -0
package/src/services/user.ts +2324 -0
package/src/services/xor.ts +39 -0
package/src/testing.ts +9 -0
package/src/transactions/{index.d.ts → index.ts} +0 -1
package/src/transactions/transaction-manager.ts +63 -0
package/src/types/app-config.ts +36 -0
package/src/types/controller-config.ts +28 -0
package/src/types/{environment-variables.d.ts → environment-variables.ts} +32 -5
package/src/types/{index.d.ts → index.ts} +0 -1
package/src/types/{mongoose-helpers.d.ts → mongoose-helpers.ts} +8 -2
package/src/types/mongoose-override.d.ts +1 -0
package/src/types/mongoose.d.ts +1 -0
package/src/types.ts +189 -0
package/src/utils.ts +1116 -0
package/src/validation/{index.d.ts → index.ts} +0 -1
package/src/validation/validation-builder.ts +155 -0
package/src/__tests__/fixtures/index.d.ts.map +0 -1
package/src/__tests__/fixtures/index.js +0 -5
package/src/__tests__/fixtures/index.js.map +0 -1
package/src/__tests__/fixtures/model-mocks.mock.d.ts +0 -12
package/src/__tests__/fixtures/model-mocks.mock.d.ts.map +0 -1
package/src/__tests__/fixtures/model-mocks.mock.js +0 -102
package/src/__tests__/fixtures/model-mocks.mock.js.map +0 -1
package/src/__tests__/helpers/application.mock.d.ts +0 -8
package/src/__tests__/helpers/application.mock.d.ts.map +0 -1
package/src/__tests__/helpers/application.mock.js +0 -77
package/src/__tests__/helpers/application.mock.js.map +0 -1
package/src/__tests__/helpers/index.d.ts.map +0 -1
package/src/__tests__/helpers/index.js +0 -7
package/src/__tests__/helpers/index.js.map +0 -1
package/src/__tests__/helpers/setup-test-env.d.ts +0 -12
package/src/__tests__/helpers/setup-test-env.d.ts.map +0 -1
package/src/__tests__/helpers/setup-test-env.js +0 -121
package/src/__tests__/helpers/setup-test-env.js.map +0 -1
package/src/__tests__/index.d.ts.map +0 -1
package/src/__tests__/index.js +0 -6
package/src/__tests__/index.js.map +0 -1
package/src/application-base.d.ts +0 -123
package/src/application-base.d.ts.map +0 -1
package/src/application-base.js +0 -359
package/src/application-base.js.map +0 -1
package/src/application-concrete.d.ts +0 -13
package/src/application-concrete.d.ts.map +0 -1
package/src/application-concrete.js +0 -21
package/src/application-concrete.js.map +0 -1
package/src/application.d.ts +0 -29
package/src/application.d.ts.map +0 -1
package/src/application.js +0 -167
package/src/application.js.map +0 -1
package/src/backup-code.d.ts +0 -67
package/src/backup-code.d.ts.map +0 -1
package/src/backup-code.js +0 -238
package/src/backup-code.js.map +0 -1
package/src/builders/application-builder.d.ts +0 -35
package/src/builders/application-builder.d.ts.map +0 -1
package/src/builders/application-builder.js +0 -64
package/src/builders/application-builder.js.map +0 -1
package/src/builders/index.d.ts.map +0 -1
package/src/builders/index.js +0 -5
package/src/builders/index.js.map +0 -1
package/src/constants.d.ts +0 -16
package/src/constants.d.ts.map +0 -1
package/src/constants.js +0 -58
package/src/constants.js.map +0 -1
package/src/container/index.d.ts.map +0 -1
package/src/container/index.js +0 -6
package/src/container/index.js.map +0 -1
package/src/container/service-container.d.ts +0 -11
package/src/container/service-container.d.ts.map +0 -1
package/src/container/service-container.js +0 -38
package/src/container/service-container.js.map +0 -1
package/src/container/service-definitions.d.ts +0 -11
package/src/container/service-definitions.d.ts.map +0 -1
package/src/container/service-definitions.js +0 -13
package/src/container/service-definitions.js.map +0 -1
package/src/controllers/base.d.ts +0 -67
package/src/controllers/base.d.ts.map +0 -1
package/src/controllers/base.js +0 -305
package/src/controllers/base.js.map +0 -1
package/src/controllers/index.d.ts.map +0 -1
package/src/controllers/index.js +0 -6
package/src/controllers/index.js.map +0 -1
package/src/controllers/user.d.ts +0 -49
package/src/controllers/user.d.ts.map +0 -1
package/src/controllers/user.js +0 -919
package/src/controllers/user.js.map +0 -1
package/src/database/database-initializer.d.ts +0 -7
package/src/database/database-initializer.d.ts.map +0 -1
package/src/database/database-initializer.js +0 -3
package/src/database/database-initializer.js.map +0 -1
package/src/database/index.d.ts.map +0 -1
package/src/database/index.js +0 -5
package/src/database/index.js.map +0 -1
package/src/decorators/base-controller.d.ts +0 -11
package/src/decorators/base-controller.d.ts.map +0 -1
package/src/decorators/base-controller.js +0 -60
package/src/decorators/base-controller.js.map +0 -1
package/src/decorators/controller.d.ts +0 -38
package/src/decorators/controller.d.ts.map +0 -1
package/src/decorators/controller.js +0 -68
package/src/decorators/controller.js.map +0 -1
package/src/decorators/index.d.ts.map +0 -1
package/src/decorators/index.js +0 -7
package/src/decorators/index.js.map +0 -1
package/src/decorators/zod-validation.d.ts +0 -5
package/src/decorators/zod-validation.d.ts.map +0 -1
package/src/decorators/zod-validation.js +0 -48
package/src/decorators/zod-validation.js.map +0 -1
package/src/defaults.d.ts +0 -7
package/src/defaults.d.ts.map +0 -1
package/src/defaults.js +0 -205
package/src/defaults.js.map +0 -1
package/src/documents/base.d.ts +0 -4
package/src/documents/base.d.ts.map +0 -1
package/src/documents/base.js +0 -3
package/src/documents/base.js.map +0 -1
package/src/documents/email-token.d.ts +0 -8
package/src/documents/email-token.d.ts.map +0 -1
package/src/documents/email-token.js +0 -3
package/src/documents/email-token.js.map +0 -1
package/src/documents/index.d.ts.map +0 -1
package/src/documents/index.js +0 -3
package/src/documents/index.js.map +0 -1
package/src/documents/mnemonic.d.ts +0 -8
package/src/documents/mnemonic.d.ts.map +0 -1
package/src/documents/mnemonic.js +0 -3
package/src/documents/mnemonic.js.map +0 -1
package/src/documents/role.d.ts +0 -8
package/src/documents/role.d.ts.map +0 -1
package/src/documents/role.js +0 -3
package/src/documents/role.js.map +0 -1
package/src/documents/used-direct-login-token.d.ts +0 -5
package/src/documents/used-direct-login-token.d.ts.map +0 -1
package/src/documents/used-direct-login-token.js +0 -3
package/src/documents/used-direct-login-token.js.map +0 -1
package/src/documents/user-role.d.ts +0 -8
package/src/documents/user-role.d.ts.map +0 -1
package/src/documents/user-role.js +0 -3
package/src/documents/user-role.js.map +0 -1
package/src/documents/user.d.ts +0 -8
package/src/documents/user.d.ts.map +0 -1
package/src/documents/user.js +0 -3
package/src/documents/user.js.map +0 -1
package/src/enumerations/base-model-name.d.ts +0 -38
package/src/enumerations/base-model-name.d.ts.map +0 -1
package/src/enumerations/base-model-name.js +0 -34
package/src/enumerations/base-model-name.js.map +0 -1
package/src/enumerations/index.d.ts.map +0 -1
package/src/enumerations/index.js +0 -8
package/src/enumerations/index.js.map +0 -1
package/src/enumerations/length-encoding-type.d.ts +0 -7
package/src/enumerations/length-encoding-type.d.ts.map +0 -1
package/src/enumerations/length-encoding-type.js +0 -11
package/src/enumerations/length-encoding-type.js.map +0 -1
package/src/enumerations/schema-collection.d.ts +0 -34
package/src/enumerations/schema-collection.d.ts.map +0 -1
package/src/enumerations/schema-collection.js +0 -38
package/src/enumerations/schema-collection.js.map +0 -1
package/src/enumerations/symmetric-error-type.d.ts +0 -5
package/src/enumerations/symmetric-error-type.d.ts.map +0 -1
package/src/enumerations/symmetric-error-type.js +0 -9
package/src/enumerations/symmetric-error-type.js.map +0 -1
package/src/environment.d.ts +0 -189
package/src/environment.d.ts.map +0 -1
package/src/environment.js +0 -641
package/src/environment.js.map +0 -1
package/src/errors/express-validation.d.ts +0 -9
package/src/errors/express-validation.d.ts.map +0 -1
package/src/errors/express-validation.js +0 -18
package/src/errors/express-validation.js.map +0 -1
package/src/errors/index.d.ts.map +0 -1
package/src/errors/index.js +0 -16
package/src/errors/index.js.map +0 -1
package/src/errors/invalid-backup-code-version.d.ts +0 -6
package/src/errors/invalid-backup-code-version.d.ts.map +0 -1
package/src/errors/invalid-backup-code-version.js +0 -16
package/src/errors/invalid-backup-code-version.js.map +0 -1
package/src/errors/invalid-jwt-token.d.ts +0 -5
package/src/errors/invalid-jwt-token.d.ts.map +0 -1
package/src/errors/invalid-jwt-token.js +0 -12
package/src/errors/invalid-jwt-token.js.map +0 -1
package/src/errors/invalid-model.d.ts +0 -6
package/src/errors/invalid-model.d.ts.map +0 -1
package/src/errors/invalid-model.js +0 -14
package/src/errors/invalid-model.js.map +0 -1
package/src/errors/invalid-new-password.d.ts +0 -5
package/src/errors/invalid-new-password.d.ts.map +0 -1
package/src/errors/invalid-new-password.js +0 -14
package/src/errors/invalid-new-password.js.map +0 -1
package/src/errors/invalid-password.d.ts +0 -5
package/src/errors/invalid-password.d.ts.map +0 -1
package/src/errors/invalid-password.js +0 -14
package/src/errors/invalid-password.js.map +0 -1
package/src/errors/missing-validated-data.d.ts +0 -7
package/src/errors/missing-validated-data.d.ts.map +0 -1
package/src/errors/missing-validated-data.js +0 -36
package/src/errors/missing-validated-data.js.map +0 -1
package/src/errors/mnemonic-or-password-required.d.ts +0 -5
package/src/errors/mnemonic-or-password-required.d.ts.map +0 -1
package/src/errors/mnemonic-or-password-required.js +0 -14
package/src/errors/mnemonic-or-password-required.js.map +0 -1
package/src/errors/model-not-registered.d.ts +0 -6
package/src/errors/model-not-registered.d.ts.map +0 -1
package/src/errors/model-not-registered.js +0 -14
package/src/errors/model-not-registered.js.map +0 -1
package/src/errors/mongoose-validation.d.ts +0 -12
package/src/errors/mongoose-validation.d.ts.map +0 -1
package/src/errors/mongoose-validation.js +0 -17
package/src/errors/mongoose-validation.js.map +0 -1
package/src/errors/symmetric.d.ts +0 -8
package/src/errors/symmetric.d.ts.map +0 -1
package/src/errors/symmetric.js +0 -22
package/src/errors/symmetric.js.map +0 -1
package/src/errors/token-expired.d.ts +0 -5
package/src/errors/token-expired.d.ts.map +0 -1
package/src/errors/token-expired.js +0 -12
package/src/errors/token-expired.js.map +0 -1
package/src/get-language.d.ts +0 -2
package/src/get-language.d.ts.map +0 -1
package/src/get-language.js +0 -30
package/src/get-language.js.map +0 -1
package/src/get-timezone.d.ts +0 -2
package/src/get-timezone.d.ts.map +0 -1
package/src/get-timezone.js +0 -39
package/src/get-timezone.js.map +0 -1
package/src/index.d.ts.map +0 -1
package/src/index.js +0 -80
package/src/index.js.map +0 -1
package/src/interfaces/api-error-response.d.ts +0 -5
package/src/interfaces/api-error-response.d.ts.map +0 -1
package/src/interfaces/api-error-response.js +0 -3
package/src/interfaces/api-error-response.js.map +0 -1
package/src/interfaces/api-express-validation-error-response.d.ts +0 -7
package/src/interfaces/api-express-validation-error-response.d.ts.map +0 -1
package/src/interfaces/api-express-validation-error-response.js +0 -3
package/src/interfaces/api-express-validation-error-response.js.map +0 -1
package/src/interfaces/api-message-response.d.ts +0 -4
package/src/interfaces/api-message-response.d.ts.map +0 -1
package/src/interfaces/api-message-response.js +0 -3
package/src/interfaces/api-message-response.js.map +0 -1
package/src/interfaces/api-mongo-validation-error-response.d.ts +0 -6
package/src/interfaces/api-mongo-validation-error-response.d.ts.map +0 -1
package/src/interfaces/api-mongo-validation-error-response.js +0 -3
package/src/interfaces/api-mongo-validation-error-response.js.map +0 -1
package/src/interfaces/api-responses/backup-codes-response.d.ts +0 -5
package/src/interfaces/api-responses/backup-codes-response.d.ts.map +0 -1
package/src/interfaces/api-responses/backup-codes-response.js +0 -3
package/src/interfaces/api-responses/backup-codes-response.js.map +0 -1
package/src/interfaces/api-responses/challenge-response.d.ts +0 -6
package/src/interfaces/api-responses/challenge-response.d.ts.map +0 -1
package/src/interfaces/api-responses/challenge-response.js +0 -3
package/src/interfaces/api-responses/challenge-response.js.map +0 -1
package/src/interfaces/api-responses/code-count-response.d.ts +0 -5
package/src/interfaces/api-responses/code-count-response.d.ts.map +0 -1
package/src/interfaces/api-responses/code-count-response.js +0 -3
package/src/interfaces/api-responses/code-count-response.js.map +0 -1
package/src/interfaces/api-responses/index.d.ts.map +0 -1
package/src/interfaces/api-responses/index.js +0 -12
package/src/interfaces/api-responses/index.js.map +0 -1
package/src/interfaces/api-responses/login-response.d.ts +0 -8
package/src/interfaces/api-responses/login-response.d.ts.map +0 -1
package/src/interfaces/api-responses/login-response.js +0 -3
package/src/interfaces/api-responses/login-response.js.map +0 -1
package/src/interfaces/api-responses/mnemonic-response.d.ts +0 -5
package/src/interfaces/api-responses/mnemonic-response.d.ts.map +0 -1
package/src/interfaces/api-responses/mnemonic-response.js +0 -3
package/src/interfaces/api-responses/mnemonic-response.js.map +0 -1
package/src/interfaces/api-responses/registration-response.d.ts +0 -6
package/src/interfaces/api-responses/registration-response.d.ts.map +0 -1
package/src/interfaces/api-responses/registration-response.js +0 -3
package/src/interfaces/api-responses/registration-response.js.map +0 -1
package/src/interfaces/api-responses/request-user-response.d.ts +0 -6
package/src/interfaces/api-responses/request-user-response.d.ts.map +0 -1
package/src/interfaces/api-responses/request-user-response.js +0 -3
package/src/interfaces/api-responses/request-user-response.js.map +0 -1
package/src/interfaces/api-responses/user-settings-response.d.ts +0 -12
package/src/interfaces/api-responses/user-settings-response.d.ts.map +0 -1
package/src/interfaces/api-responses/user-settings-response.js +0 -3
package/src/interfaces/api-responses/user-settings-response.js.map +0 -1
package/src/interfaces/application.d.ts +0 -17
package/src/interfaces/application.d.ts.map +0 -1
package/src/interfaces/application.js +0 -3
package/src/interfaces/application.js.map +0 -1
package/src/interfaces/backend-objects/email-token.d.ts +0 -4
package/src/interfaces/backend-objects/email-token.d.ts.map +0 -1
package/src/interfaces/backend-objects/email-token.js +0 -3
package/src/interfaces/backend-objects/email-token.js.map +0 -1
package/src/interfaces/backend-objects/index.d.ts.map +0 -1
package/src/interfaces/backend-objects/index.js +0 -8
package/src/interfaces/backend-objects/index.js.map +0 -1
package/src/interfaces/backend-objects/request-user.d.ts +0 -5
package/src/interfaces/backend-objects/request-user.d.ts.map +0 -1
package/src/interfaces/backend-objects/request-user.js +0 -3
package/src/interfaces/backend-objects/request-user.js.map +0 -1
package/src/interfaces/backend-objects/role.d.ts +0 -4
package/src/interfaces/backend-objects/role.d.ts.map +0 -1
package/src/interfaces/backend-objects/role.js +0 -3
package/src/interfaces/backend-objects/role.js.map +0 -1
package/src/interfaces/backend-objects/user.d.ts +0 -4
package/src/interfaces/backend-objects/user.d.ts.map +0 -1
package/src/interfaces/backend-objects/user.js +0 -3
package/src/interfaces/backend-objects/user.js.map +0 -1
package/src/interfaces/checksum-config.d.ts +0 -5
package/src/interfaces/checksum-config.d.ts.map +0 -1
package/src/interfaces/checksum-config.js +0 -3
package/src/interfaces/checksum-config.js.map +0 -1
package/src/interfaces/checksum-consts.d.ts +0 -11
package/src/interfaces/checksum-consts.d.ts.map +0 -1
package/src/interfaces/checksum-consts.js +0 -3
package/src/interfaces/checksum-consts.js.map +0 -1
package/src/interfaces/constants.d.ts +0 -102
package/src/interfaces/constants.d.ts.map +0 -1
package/src/interfaces/constants.js +0 -3
package/src/interfaces/constants.js.map +0 -1
package/src/interfaces/controller-config.d.ts +0 -21
package/src/interfaces/controller-config.d.ts.map +0 -1
package/src/interfaces/controller-config.js +0 -3
package/src/interfaces/controller-config.js.map +0 -1
package/src/interfaces/create-user-basics.d.ts +0 -18
package/src/interfaces/create-user-basics.d.ts.map +0 -1
package/src/interfaces/create-user-basics.js +0 -3
package/src/interfaces/create-user-basics.js.map +0 -1
package/src/interfaces/csp-config.d.ts +0 -7
package/src/interfaces/csp-config.d.ts.map +0 -1
package/src/interfaces/csp-config.js +0 -13
package/src/interfaces/csp-config.js.map +0 -1
package/src/interfaces/csp-definition.d.ts +0 -13
package/src/interfaces/csp-definition.d.ts.map +0 -1
package/src/interfaces/csp-definition.js +0 -22
package/src/interfaces/csp-definition.js.map +0 -1
package/src/interfaces/db-init-result.d.ts +0 -5
package/src/interfaces/db-init-result.d.ts.map +0 -1
package/src/interfaces/db-init-result.js +0 -3
package/src/interfaces/db-init-result.js.map +0 -1
package/src/interfaces/deep-partial.d.ts +0 -4
package/src/interfaces/deep-partial.d.ts.map +0 -1
package/src/interfaces/deep-partial.js +0 -3
package/src/interfaces/deep-partial.js.map +0 -1
package/src/interfaces/discriminator-collections.d.ts +0 -7
package/src/interfaces/discriminator-collections.d.ts.map +0 -1
package/src/interfaces/discriminator-collections.js +0 -3
package/src/interfaces/discriminator-collections.js.map +0 -1
package/src/interfaces/email-service.d.ts +0 -4
package/src/interfaces/email-service.d.ts.map +0 -1
package/src/interfaces/email-service.js +0 -3
package/src/interfaces/email-service.js.map +0 -1
package/src/interfaces/environment-mongo.d.ts +0 -76
package/src/interfaces/environment-mongo.d.ts.map +0 -1
package/src/interfaces/environment-mongo.js +0 -3
package/src/interfaces/environment-mongo.js.map +0 -1
package/src/interfaces/environment.d.ts +0 -180
package/src/interfaces/environment.d.ts.map +0 -1
package/src/interfaces/environment.js +0 -3
package/src/interfaces/environment.js.map +0 -1
package/src/interfaces/failable-result.d.ts +0 -7
package/src/interfaces/failable-result.d.ts.map +0 -1
package/src/interfaces/failable-result.js +0 -3
package/src/interfaces/failable-result.js.map +0 -1
package/src/interfaces/fec-consts.d.ts +0 -5
package/src/interfaces/fec-consts.d.ts.map +0 -1
package/src/interfaces/fec-consts.js +0 -3
package/src/interfaces/fec-consts.js.map +0 -1
package/src/interfaces/flexible-csp.d.ts +0 -8
package/src/interfaces/flexible-csp.d.ts.map +0 -1
package/src/interfaces/flexible-csp.js +0 -14
package/src/interfaces/flexible-csp.js.map +0 -1
package/src/interfaces/handleable-error-options.d.ts +0 -7
package/src/interfaces/handleable-error-options.d.ts.map +0 -1
package/src/interfaces/handleable-error-options.js +0 -3
package/src/interfaces/handleable-error-options.js.map +0 -1
package/src/interfaces/index.d.ts.map +0 -1
package/src/interfaces/index.js +0 -38
package/src/interfaces/index.js.map +0 -1
package/src/interfaces/jwt-consts.d.ts +0 -11
package/src/interfaces/jwt-consts.d.ts.map +0 -1
package/src/interfaces/jwt-consts.js +0 -3
package/src/interfaces/jwt-consts.js.map +0 -1
package/src/interfaces/jwt-sign-response.d.ts +0 -11
package/src/interfaces/jwt-sign-response.d.ts.map +0 -1
package/src/interfaces/jwt-sign-response.js +0 -3
package/src/interfaces/jwt-sign-response.js.map +0 -1
package/src/interfaces/models/email-token.d.ts +0 -6
package/src/interfaces/models/email-token.d.ts.map +0 -1
package/src/interfaces/models/email-token.js +0 -3
package/src/interfaces/models/email-token.js.map +0 -1
package/src/interfaces/models/index.d.ts.map +0 -1
package/src/interfaces/models/index.js +0 -11
package/src/interfaces/models/index.js.map +0 -1
package/src/interfaces/models/mnemonic.d.ts +0 -6
package/src/interfaces/models/mnemonic.d.ts.map +0 -1
package/src/interfaces/models/mnemonic.js +0 -3
package/src/interfaces/models/mnemonic.js.map +0 -1
package/src/interfaces/models/role.d.ts +0 -6
package/src/interfaces/models/role.d.ts.map +0 -1
package/src/interfaces/models/role.js +0 -3
package/src/interfaces/models/role.js.map +0 -1
package/src/interfaces/models/token-role.d.ts +0 -11
package/src/interfaces/models/token-role.d.ts.map +0 -1
package/src/interfaces/models/token-role.js +0 -3
package/src/interfaces/models/token-role.js.map +0 -1
package/src/interfaces/models/used-direct-login-token.d.ts +0 -11
package/src/interfaces/models/used-direct-login-token.d.ts.map +0 -1
package/src/interfaces/models/used-direct-login-token.js +0 -3
package/src/interfaces/models/used-direct-login-token.js.map +0 -1
package/src/interfaces/models/user-role.d.ts +0 -11
package/src/interfaces/models/user-role.d.ts.map +0 -1
package/src/interfaces/models/user-role.js +0 -3
package/src/interfaces/models/user-role.js.map +0 -1
package/src/interfaces/models/user.d.ts +0 -11
package/src/interfaces/models/user.d.ts.map +0 -1
package/src/interfaces/models/user.js +0 -3
package/src/interfaces/models/user.js.map +0 -1
package/src/interfaces/mongo-errors.d.ts +0 -5
package/src/interfaces/mongo-errors.d.ts.map +0 -1
package/src/interfaces/mongo-errors.js +0 -3
package/src/interfaces/mongo-errors.js.map +0 -1
package/src/interfaces/request-user.d.ts +0 -58
package/src/interfaces/request-user.d.ts.map +0 -1
package/src/interfaces/request-user.js +0 -3
package/src/interfaces/request-user.js.map +0 -1
package/src/interfaces/required-string-keys.d.ts +0 -22
package/src/interfaces/required-string-keys.d.ts.map +0 -1
package/src/interfaces/required-string-keys.js +0 -3
package/src/interfaces/required-string-keys.js.map +0 -1
package/src/interfaces/schema.d.ts +0 -29
package/src/interfaces/schema.d.ts.map +0 -1
package/src/interfaces/schema.js +0 -3
package/src/interfaces/schema.js.map +0 -1
package/src/interfaces/server-init-result.d.ts +0 -35
package/src/interfaces/server-init-result.d.ts.map +0 -1
package/src/interfaces/server-init-result.js +0 -3
package/src/interfaces/server-init-result.js.map +0 -1
package/src/interfaces/status-code-response.d.ts +0 -7
package/src/interfaces/status-code-response.d.ts.map +0 -1
package/src/interfaces/status-code-response.js +0 -3
package/src/interfaces/status-code-response.js.map +0 -1
package/src/interfaces/symmetric-encryption-results.d.ts +0 -5
package/src/interfaces/test-environment.d.ts +0 -12
package/src/interfaces/test-environment.d.ts.map +0 -1
package/src/interfaces/test-environment.js +0 -3
package/src/interfaces/test-environment.js.map +0 -1
package/src/interfaces/token-response.d.ts +0 -5
package/src/interfaces/token-response.d.ts.map +0 -1
package/src/interfaces/token-response.js +0 -3
package/src/interfaces/token-response.js.map +0 -1
package/src/middleware-utils.d.ts +0 -8
package/src/middleware-utils.d.ts.map +0 -1
package/src/middleware-utils.js +0 -94
package/src/middleware-utils.js.map +0 -1
package/src/middlewares/authenticate-crypto.d.ts +0 -10
package/src/middlewares/authenticate-crypto.d.ts.map +0 -1
package/src/middlewares/authenticate-crypto.js +0 -126
package/src/middlewares/authenticate-crypto.js.map +0 -1
package/src/middlewares/authenticate-token.d.ts +0 -21
package/src/middlewares/authenticate-token.d.ts.map +0 -1
package/src/middlewares/authenticate-token.js +0 -104
package/src/middlewares/authenticate-token.js.map +0 -1
package/src/middlewares/cleanup-crypto.d.ts +0 -7
package/src/middlewares/cleanup-crypto.d.ts.map +0 -1
package/src/middlewares/cleanup-crypto.js +0 -32
package/src/middlewares/cleanup-crypto.js.map +0 -1
package/src/middlewares/index.d.ts.map +0 -1
package/src/middlewares/index.js +0 -8
package/src/middlewares/index.js.map +0 -1
package/src/middlewares/set-global-context-language.d.ts +0 -3
package/src/middlewares/set-global-context-language.d.ts.map +0 -1
package/src/middlewares/set-global-context-language.js +0 -14
package/src/middlewares/set-global-context-language.js.map +0 -1
package/src/model-registry.d.ts +0 -23
package/src/model-registry.d.ts.map +0 -1
package/src/model-registry.js +0 -47
package/src/model-registry.js.map +0 -1
package/src/models/email-token.d.ts +0 -8
package/src/models/email-token.d.ts.map +0 -1
package/src/models/email-token.js +0 -11
package/src/models/email-token.js.map +0 -1
package/src/models/index.d.ts.map +0 -1
package/src/models/index.js +0 -10
package/src/models/index.js.map +0 -1
package/src/models/mnemonic.d.ts +0 -8
package/src/models/mnemonic.d.ts.map +0 -1
package/src/models/mnemonic.js +0 -11
package/src/models/mnemonic.js.map +0 -1
package/src/models/role.d.ts +0 -8
package/src/models/role.d.ts.map +0 -1
package/src/models/role.js +0 -11
package/src/models/role.js.map +0 -1
package/src/models/used-direct-login-token.d.ts +0 -8
package/src/models/used-direct-login-token.d.ts.map +0 -1
package/src/models/used-direct-login-token.js +0 -11
package/src/models/used-direct-login-token.js.map +0 -1
package/src/models/user-role.d.ts +0 -7
package/src/models/user-role.d.ts.map +0 -1
package/src/models/user-role.js +0 -10
package/src/models/user-role.js.map +0 -1
package/src/models/user.d.ts +0 -8
package/src/models/user.d.ts.map +0 -1
package/src/models/user.js +0 -11
package/src/models/user.js.map +0 -1
package/src/pipeline/index.d.ts.map +0 -1
package/src/pipeline/index.js +0 -5
package/src/pipeline/index.js.map +0 -1
package/src/pipeline/pipeline-builder.d.ts +0 -8
package/src/pipeline/pipeline-builder.d.ts.map +0 -1
package/src/pipeline/pipeline-builder.js +0 -18
package/src/pipeline/pipeline-builder.js.map +0 -1
package/src/plugins/index.d.ts.map +0 -1
package/src/plugins/index.js +0 -6
package/src/plugins/index.js.map +0 -1
package/src/plugins/plugin-interface.d.ts +0 -9
package/src/plugins/plugin-interface.d.ts.map +0 -1
package/src/plugins/plugin-interface.js +0 -3
package/src/plugins/plugin-interface.js.map +0 -1
package/src/plugins/plugin-manager.d.ts +0 -13
package/src/plugins/plugin-manager.d.ts.map +0 -1
package/src/plugins/plugin-manager.js +0 -37
package/src/plugins/plugin-manager.js.map +0 -1
package/src/registry/email-service-registry.d.ts +0 -27
package/src/registry/email-service-registry.d.ts.map +0 -1
package/src/registry/email-service-registry.js +0 -42
package/src/registry/email-service-registry.js.map +0 -1
package/src/registry/index.d.ts.map +0 -1
package/src/registry/index.js +0 -6
package/src/registry/index.js.map +0 -1
package/src/responses/index.d.ts.map +0 -1
package/src/responses/index.js +0 -5
package/src/responses/index.js.map +0 -1
package/src/responses/response-builder.d.ts +0 -24
package/src/responses/response-builder.d.ts.map +0 -1
package/src/responses/response-builder.js +0 -63
package/src/responses/response-builder.js.map +0 -1
package/src/routers/api.d.ts +0 -28
package/src/routers/api.d.ts.map +0 -1
package/src/routers/api.js +0 -80
package/src/routers/api.js.map +0 -1
package/src/routers/app.d.ts +0 -33
package/src/routers/app.d.ts.map +0 -1
package/src/routers/app.js +0 -228
package/src/routers/app.js.map +0 -1
package/src/routers/base.d.ts +0 -9
package/src/routers/base.d.ts.map +0 -1
package/src/routers/base.js +0 -14
package/src/routers/base.js.map +0 -1
package/src/routers/index.d.ts.map +0 -1
package/src/routers/index.js +0 -7
package/src/routers/index.js.map +0 -1
package/src/routers/router-config.d.ts +0 -18
package/src/routers/router-config.d.ts.map +0 -1
package/src/routers/router-config.js +0 -8
package/src/routers/router-config.js.map +0 -1
package/src/routing/index.d.ts +0 -2
package/src/routing/index.d.ts.map +0 -1
package/src/routing/index.js +0 -5
package/src/routing/index.js.map +0 -1
package/src/routing/route-builder.d.ts +0 -36
package/src/routing/route-builder.d.ts.map +0 -1
package/src/routing/route-builder.js +0 -86
package/src/routing/route-builder.js.map +0 -1
package/src/schemas/email-token.d.ts +0 -49
package/src/schemas/email-token.d.ts.map +0 -1
package/src/schemas/email-token.js +0 -55
package/src/schemas/email-token.js.map +0 -1
package/src/schemas/index.d.ts.map +0 -1
package/src/schemas/index.js +0 -11
package/src/schemas/index.js.map +0 -1
package/src/schemas/mnemonic.d.ts +0 -27
package/src/schemas/mnemonic.d.ts.map +0 -1
package/src/schemas/mnemonic.js +0 -31
package/src/schemas/mnemonic.js.map +0 -1
package/src/schemas/role.d.ts +0 -42
package/src/schemas/role.d.ts.map +0 -1
package/src/schemas/role.js +0 -89
package/src/schemas/role.js.map +0 -1
package/src/schemas/schema.d.ts +0 -42
package/src/schemas/schema.d.ts.map +0 -1
package/src/schemas/schema.js +0 -70
package/src/schemas/schema.js.map +0 -1
package/src/schemas/used-direct-login-token.d.ts +0 -37
package/src/schemas/used-direct-login-token.d.ts.map +0 -1
package/src/schemas/used-direct-login-token.js +0 -24
package/src/schemas/used-direct-login-token.js.map +0 -1
package/src/schemas/user-role.d.ts +0 -39
package/src/schemas/user-role.d.ts.map +0 -1
package/src/schemas/user-role.js +0 -55
package/src/schemas/user-role.js.map +0 -1
package/src/schemas/user.d.ts +0 -24
package/src/schemas/user.d.ts.map +0 -1
package/src/schemas/user.js +0 -195
package/src/schemas/user.js.map +0 -1
package/src/services/backup-code.d.ts +0 -76
package/src/services/backup-code.d.ts.map +0 -1
package/src/services/backup-code.js +0 -185
package/src/services/backup-code.js.map +0 -1
package/src/services/base.d.ts +0 -11
package/src/services/base.d.ts.map +0 -1
package/src/services/base.js +0 -15
package/src/services/base.js.map +0 -1
package/src/services/checksum.d.ts +0 -69
package/src/services/checksum.d.ts.map +0 -1
package/src/services/checksum.js +0 -145
package/src/services/checksum.js.map +0 -1
package/src/services/database-initialization.d.ts +0 -111
package/src/services/database-initialization.d.ts.map +0 -1
package/src/services/database-initialization.js +0 -878
package/src/services/database-initialization.js.map +0 -1
package/src/services/db-init-cache.d.ts +0 -10
package/src/services/db-init-cache.d.ts.map +0 -1
package/src/services/db-init-cache.js +0 -3
package/src/services/db-init-cache.js.map +0 -1
package/src/services/direct-login-token.d.ts +0 -7
package/src/services/direct-login-token.d.ts.map +0 -1
package/src/services/direct-login-token.js +0 -41
package/src/services/direct-login-token.js.map +0 -1
package/src/services/dummy-email-service.d.ts +0 -11
package/src/services/dummy-email-service.d.ts.map +0 -1
package/src/services/dummy-email-service.js +0 -16
package/src/services/dummy-email-service.js.map +0 -1
package/src/services/fec-usage-example.d.ts +0 -38
package/src/services/fec-usage-example.d.ts.map +0 -1
package/src/services/fec-usage-example.js +0 -75
package/src/services/fec-usage-example.js.map +0 -1
package/src/services/fec.d.ts +0 -46
package/src/services/fec.d.ts.map +0 -1
package/src/services/fec.js +0 -214
package/src/services/fec.js.map +0 -1
package/src/services/index.d.ts.map +0 -1
package/src/services/index.js +0 -22
package/src/services/index.js.map +0 -1
package/src/services/jwt.d.ts +0 -30
package/src/services/jwt.d.ts.map +0 -1
package/src/services/jwt.js +0 -90
package/src/services/jwt.js.map +0 -1
package/src/services/key-wrapping.d.ts +0 -61
package/src/services/key-wrapping.d.ts.map +0 -1
package/src/services/key-wrapping.js +0 -307
package/src/services/key-wrapping.js.map +0 -1
package/src/services/mnemonic.d.ts +0 -62
package/src/services/mnemonic.d.ts.map +0 -1
package/src/services/mnemonic.js +0 -114
package/src/services/mnemonic.js.map +0 -1
package/src/services/request-user.d.ts +0 -23
package/src/services/request-user.d.ts.map +0 -1
package/src/services/request-user.js +0 -68
package/src/services/request-user.js.map +0 -1
package/src/services/role.d.ts +0 -87
package/src/services/role.d.ts.map +0 -1
package/src/services/role.js +0 -279
package/src/services/role.js.map +0 -1
package/src/services/symmetric.d.ts +0 -42
package/src/services/symmetric.d.ts.map +0 -1
package/src/services/symmetric.js +0 -101
package/src/services/symmetric.js.map +0 -1
package/src/services/system-user.d.ts +0 -16
package/src/services/system-user.d.ts.map +0 -1
package/src/services/system-user.js +0 -46
package/src/services/system-user.js.map +0 -1
package/src/services/user.d.ts +0 -345
package/src/services/user.d.ts.map +0 -1
package/src/services/user.js +0 -1447
package/src/services/user.js.map +0 -1
package/src/services/xor.d.ts +0 -24
package/src/services/xor.d.ts.map +0 -1
package/src/services/xor.js +0 -37
package/src/services/xor.js.map +0 -1
package/src/testing.d.ts +0 -3
package/src/testing.d.ts.map +0 -1
package/src/testing.js +0 -7
package/src/testing.js.map +0 -1
package/src/transactions/index.d.ts.map +0 -1
package/src/transactions/index.js +0 -5
package/src/transactions/index.js.map +0 -1
package/src/transactions/transaction-manager.d.ts +0 -12
package/src/transactions/transaction-manager.d.ts.map +0 -1
package/src/transactions/transaction-manager.js +0 -30
package/src/transactions/transaction-manager.js.map +0 -1
package/src/types/app-config.d.ts +0 -16
package/src/types/app-config.d.ts.map +0 -1
package/src/types/app-config.js +0 -3
package/src/types/app-config.js.map +0 -1
package/src/types/controller-config.d.ts +0 -14
package/src/types/controller-config.d.ts.map +0 -1
package/src/types/controller-config.js +0 -3
package/src/types/controller-config.js.map +0 -1
package/src/types/environment-variables.d.ts.map +0 -1
package/src/types/environment-variables.js +0 -39
package/src/types/environment-variables.js.map +0 -1
package/src/types/index.d.ts.map +0 -1
package/src/types/index.js +0 -6
package/src/types/index.js.map +0 -1
package/src/types/mongoose-helpers.d.ts.map +0 -1
package/src/types/mongoose-helpers.js +0 -6
package/src/types/mongoose-helpers.js.map +0 -1
package/src/types.d.ts +0 -104
package/src/types.d.ts.map +0 -1
package/src/types.js +0 -14
package/src/types.js.map +0 -1
package/src/utils.d.ts +0 -211
package/src/utils.d.ts.map +0 -1
package/src/utils.js +0 -818
package/src/utils.js.map +0 -1
package/src/validation/index.d.ts.map +0 -1
package/src/validation/index.js +0 -5
package/src/validation/index.js.map +0 -1
package/src/validation/validation-builder.d.ts +0 -32
package/src/validation/validation-builder.d.ts.map +0 -1
package/src/validation/validation-builder.js +0 -81
package/src/validation/validation-builder.js.map +0 -1

package/src/services/mnemonic.ts ADDED Viewed

@@ -0,0 +1,174 @@
+/**
+ * @fileoverview Mnemonic phrase management service.
+ * Securely stores mnemonic HMACs for uniqueness checking without exposing phrases.
+ * @module services/mnemonic
+ */
+import { SecureBuffer, SecureString } from '@digitaldefiance/ecies-lib';
+import { ClientSession, Model } from '@digitaldefiance/mongoose-types';
+import {
+  SuiteCoreStringKey,
+  TranslatableSuiteError,
+} from '@digitaldefiance/suite-core-lib';
+import { createHmac } from 'crypto';
+import { IMnemonicDocument } from '../documents/mnemonic';
+import { IConstants } from '../interfaces';
+import type { PlatformID } from '@digitaldefiance/node-ecies-lib';
+/**
+ * Service for secure mnemonic phrase storage and validation.
+ * Uses HMAC for uniqueness checking without storing actual mnemonics.
+ * @template TID - Platform ID type (defaults to Buffer)
+ */
+export class MnemonicService<TID extends PlatformID = Buffer> {
+  private readonly hmacSecret: SecureBuffer;
+  private readonly MnemonicModel: Model<IMnemonicDocument<TID>>;
+  private readonly constants: IConstants;
+  constructor(
+    mnemonicModel: Model<IMnemonicDocument<TID>>,
+    hmacSecret: SecureBuffer,
+    constants: IConstants,
+  ) {
+    this.MnemonicModel = mnemonicModel;
+    // Immediately wrap secrets in secure containers
+    this.hmacSecret = hmacSecret;
+    this.constants = constants;
+  }
+  /**
+   * Disposes of the secure secrets held by this service.
+   */
+  public dispose(): void {
+    this.hmacSecret.dispose();
+  }
+  /**
+   * Creates a non-reversible HMAC of the mnemonic for fast, indexed lookups.
+   * @param mnemonic The mnemonic to hash, wrapped in a SecureString.
+   */
+  public getMnemonicHmac(mnemonic: SecureString): string {
+    // Use the raw secret buffer for the HMAC
+    return createHmac('sha256', this.hmacSecret.value)
+      .update(mnemonic.valueAsUint8Array) // Use the raw buffer for consistency
+      .digest('hex');
+  }
+  /**
+   * Checks if a mnemonic already exists in the database using its HMAC.
+   * @param mnemonic The mnemonic to check, wrapped in a SecureString.
+   * @param session Optional Mongoose session for transaction support.
+   */
+  public async mnemonicExists(
+    mnemonic: SecureString,
+    session?: ClientSession,
+  ): Promise<boolean> {
+    const hmac = this.getMnemonicHmac(mnemonic);
+    const count = await this.MnemonicModel.countDocuments({ hmac }).session(
+      session ?? null,
+    );
+    return count > 0;
+  }
+  /**
+   * Adds a new, unique mnemonic to the database with password-based key wrapping.
+   * @param mnemonic The mnemonic to add, wrapped in a SecureString.
+   * @param password User's password for key wrapping.
+   * @param session Optional Mongoose session for transaction support.
+   */
+  public async addMnemonicWithPassword(
+    mnemonic: SecureString,
+    _password: SecureString,
+    session?: ClientSession,
+  ): Promise<{
+    document: IMnemonicDocument<TID> | null;
+  }> {
+    if (!mnemonic.value || !this.constants.MnemonicRegex.test(mnemonic.value)) {
+      throw new TranslatableSuiteError(
+        SuiteCoreStringKey.Validation_MnemonicRegex,
+      );
+    }
+    if (await this.mnemonicExists(mnemonic, session)) {
+      return { document: null };
+    }
+    try {
+      const hmac = this.getMnemonicHmac(mnemonic);
+      const [newDoc] = await this.MnemonicModel.create(
+        [
+          {
+            hmac: hmac,
+          },
+        ],
+        { session },
+      );
+      return { document: newDoc };
+    } finally {
+      // nothing to dispose
+    }
+  }
+  /**
+   * Adds a new, unique mnemonic to the database.
+   * @param mnemonic The mnemonic to add, wrapped in a SecureString.
+   * @param session Optional Mongoose session for transaction support.
+   */
+  public async addMnemonic(
+    mnemonic: SecureString,
+    session?: ClientSession,
+  ): Promise<IMnemonicDocument<TID> | null> {
+    if (!mnemonic.value || !this.constants.MnemonicRegex.test(mnemonic.value)) {
+      throw new TranslatableSuiteError(
+        SuiteCoreStringKey.Validation_MnemonicRegex,
+      );
+    }
+    if (await this.mnemonicExists(mnemonic, session)) {
+      return null;
+    }
+    const hmac = this.getMnemonicHmac(mnemonic);
+    const [newDoc] = await this.MnemonicModel.create(
+      [
+        {
+          hmac: hmac,
+        },
+      ],
+      { session },
+    );
+    return newDoc;
+  }
+  /**
+   * Retrieves a mnemonic document by ID.
+   * @param mnemonicId The ID of the mnemonic document.
+   * @param session Optional Mongoose session for transaction support.
+   */
+  public async getMnemonicDocument(
+    mnemonicId: TID,
+    session?: ClientSession,
+  ): Promise<IMnemonicDocument<TID> | null> {
+    return await this.MnemonicModel.findById(mnemonicId).session(
+      session ?? null,
+    );
+  }
+  /**
+   * Decrypts a mnemonic from a document using the service's master encryption key.
+   * @param doc The mnemonic document.
+   */
+  /**
+   * Deletes a mnemonic document by ID.
+   * @param mnemonicId The ID of the mnemonic document.
+   * @param session Optional Mongoose session for transaction support.
+   */
+  public async deleteMnemonicDocument(
+    mnemonicId: TID,
+    session?: ClientSession,
+  ): Promise<void> {
+    await this.MnemonicModel.findByIdAndDelete(mnemonicId).session(
+      session ?? null,
+    );
+  }
+}

package/src/services/request-user.ts ADDED Viewed

@@ -0,0 +1,127 @@
+/**
+ * @fileoverview Service for transforming user documents into request user DTOs and backend objects.
+ * Handles serialization and deserialization of user data for API requests and JWT tokens.
+ * @module services/request-user
+ */
+import {
+  IRequestUserDTO,
+  IRoleDTO,
+  ITokenRole,
+} from '@digitaldefiance/suite-core-lib';
+import { IUserDocument } from '../documents';
+import { IRequestUserBackendObject } from '../interfaces/backend-objects/request-user';
+import { RoleService } from './role';
+import {
+  getEnhancedNodeIdProvider,
+  PlatformID,
+} from '@digitaldefiance/node-ecies-lib';
+/**
+ * Service for converting between user documents, DTOs, and backend objects.
+ * Provides transformation methods for user data in different contexts (API, JWT, database).
+ * @template TID Platform-specific ID type (Buffer, ObjectId, etc.)
+ * @template _TTokenRole Token role type implementing ITokenRole
+ */
+export class RequestUserService<
+  TID extends PlatformID,
+  _TTokenRole extends ITokenRole<TID>,
+> {
+  /**
+   * Converts a user document and roles into a request user DTO for API responses.
+   * Calculates combined role privileges and serializes IDs to strings.
+   * @template TID Platform-specific ID type
+   * @template TLanguage Site language string literal type
+   * @template TTokenRole Token role type
+   * @template TRequestUserDTO Request user DTO type
+   * @param userDoc User document from database
+   * @param roles Array of token roles for the user
+   * @returns Request user DTO suitable for API responses
+   * @throws {Error} If user document is missing _id
+   */
+  public static makeRequestUserDTO<
+    TID extends PlatformID,
+    TLanguage extends string,
+    TTokenRole extends ITokenRole<TID>,
+    TRequestUserDTO extends IRequestUserDTO,
+  >(
+    userDoc:
+      | IUserDocument<TLanguage, TID>
+      | (Pick<
+          IUserDocument<TLanguage, TID>,
+          keyof IUserDocument<TLanguage, TID>
+        > & {
+          _id: PlatformID;
+        }),
+    roles: TTokenRole[],
+  ): TRequestUserDTO {
+    if (!userDoc._id) {
+      throw new Error('User document is missing _id');
+    }
+    // Calculate combined role privileges across all roles
+    const rolePrivileges = {
+      admin: roles.some((r) => r.admin),
+      member: roles.some((r) => r.member),
+      child: roles.some((r) => r.child),
+      system: roles.some((r) => r.system),
+    };
+    const provider = getEnhancedNodeIdProvider<TID>();
+    return {
+      id: provider.idToString(userDoc._id),
+      email: userDoc.email,
+      roles: roles.map((r) => RoleService.roleToRoleDTO(r)),
+      rolePrivileges,
+      username: userDoc.username,
+      timezone: userDoc.timezone,
+      currency: userDoc.currency,
+      directChallenge: userDoc.directChallenge,
+      emailVerified: userDoc.emailVerified,
+      darkMode: userDoc.darkMode,
+      siteLanguage: userDoc.siteLanguage as string,
+      ...(userDoc.lastLogin && { lastLogin: userDoc.lastLogin.toString() }),
+    } as TRequestUserDTO;
+  }
+  /**
+   * Hydrates a request user DTO back into a backend object with typed IDs and dates.
+   * Converts string IDs to platform-specific types and reconstitutes Date objects.
+   * @template TID Platform-specific ID type
+   * @template TLanguage Site language string literal type
+   * @template TRequestUserDTO Request user DTO type with site language
+   * @param requestUser Request user DTO from API or JWT
+   * @returns Backend object with typed IDs and dates
+   */
+  public static hydrateRequestUser<
+    TID extends PlatformID,
+    TLanguage extends string,
+    TRequestUserDTO extends IRequestUserDTO & { siteLanguage: TLanguage },
+  >(requestUser: TRequestUserDTO): IRequestUserBackendObject<TLanguage, TID> {
+    const provider = getEnhancedNodeIdProvider<TID>();
+    const convert = (id: string) => provider.idFromString(id);
+    const hydratedRoles = requestUser.roles.map((role: IRoleDTO) =>
+      RoleService.hydrateRoleDTOToBackend<TID>(role),
+    );
+    const hydratedUser: IRequestUserBackendObject<TLanguage, TID> = {
+      id: convert(requestUser.id),
+      email: requestUser.email,
+      roles: hydratedRoles,
+      rolePrivileges: requestUser.rolePrivileges,
+      username: requestUser.username,
+      timezone: requestUser.timezone,
+      currency: requestUser.currency,
+      directChallenge: requestUser.directChallenge,
+      emailVerified: requestUser.emailVerified,
+      darkMode: requestUser.darkMode,
+      siteLanguage: requestUser.siteLanguage,
+    };
+    if (requestUser.lastLogin) {
+      hydratedUser.lastLogin = new Date(requestUser.lastLogin);
+    }
+    return hydratedUser;
+  }
+}

package/src/services/role.ts ADDED Viewed

@@ -0,0 +1,417 @@
+/**
+ * @fileoverview Role-based access control (RBAC) service.
+ * Manages roles, user-role relationships, and permission checks.
+ * @module services/role
+ */
+import { MemberType } from '@digitaldefiance/ecies-lib';
+import {
+  GlobalActiveContext,
+  I18nEngine,
+  IActiveContext,
+} from '@digitaldefiance/i18n-lib';
+import { ClientSession, Document } from '@digitaldefiance/mongoose-types';
+import {
+  IRoleBase,
+  IRoleDTO,
+  ITokenRole,
+  ITokenRoleDTO,
+  LastAdminError,
+  Role,
+} from '@digitaldefiance/suite-core-lib';
+import { IUserDocument } from '../documents';
+import { IRoleDocument } from '../documents/role';
+import { IUserRoleDocument } from '../documents/user-role';
+import { BaseModelName } from '../enumerations/base-model-name';
+import { IApplication } from '../interfaces/application';
+import { IRoleBackendObject } from '../interfaces/backend-objects/role';
+import { ModelRegistry } from '../model-registry';
+import { omit } from '../utils';
+import { BaseService } from './base';
+import {
+  getEnhancedNodeIdProvider,
+  type PlatformID,
+} from '@digitaldefiance/node-ecies-lib';
+/**
+ * Service for managing roles and role-based access control.
+ * Handles role creation, user-role assignments, and permission queries.
+ * @template TID - Platform ID type (defaults to Buffer)
+ * @template TDate - Date type (defaults to Date)
+ * @template TTokenRole - Token role interface type
+ * @extends {BaseService<TID>}
+ */
+export class RoleService<
+  TID extends PlatformID = Buffer,
+  TDate extends Date = Date,
+  TTokenRole extends ITokenRole<TID, TDate> = ITokenRole<TID, TDate>,
+> extends BaseService<TID> {
+  /**
+   * Constructor for the role service
+   * @param application The application object
+   */
+  constructor(application: IApplication<TID>) {
+    super(application);
+  }
+  public static roleToRoleDTO<
+    TID extends PlatformID = Buffer,
+    TDate extends Date = Date,
+  >(
+    role: ITokenRole<TID, TDate> | IRoleDocument<TID> | Partial<IRoleBase<TID>>,
+  ): ITokenRoleDTO {
+    const provider = getEnhancedNodeIdProvider<TID>();
+    const roleObj = role instanceof Document ? role.toObject() : role;
+    return {
+      _id: provider.idToString(roleObj._id),
+      name: roleObj.name as string,
+      admin: roleObj.admin ?? false,
+      member: roleObj.member ?? false,
+      child: roleObj.child ?? false,
+      system: roleObj.system ?? false,
+      translatedName:
+        'translatedName' in role ? role.translatedName : role.name,
+      createdAt: (roleObj.createdAt instanceof Date
+        ? roleObj.createdAt.toISOString()
+        : roleObj.createdAt) as string,
+      createdBy: provider.idToString(roleObj.createdBy),
+      updatedAt: (roleObj.updatedAt instanceof Date
+        ? roleObj.updatedAt.toISOString()
+        : roleObj.updatedAt) as string,
+      updatedBy: provider.idToString(roleObj.updatedBy),
+      ...(roleObj.deletedAt
+        ? {
+            deletedAt: (roleObj.deletedAt instanceof Date
+              ? roleObj.deletedAt.toISOString()
+              : roleObj.deletedAt) as string,
+          }
+        : {}),
+      ...(role.deletedBy
+        ? {
+            deletedBy: provider.idToString(roleObj.deletedBy),
+          }
+        : {}),
+    } as ITokenRoleDTO;
+  }
+  /**
+   * Given a Role DTO, reconstitute ids and dates
+   * @param role The Role DTO
+   * @returns An IRoleBackendObject
+   */
+  public static hydrateRoleDTOToBackend<TID extends PlatformID = Buffer>(
+    role: ITokenRoleDTO,
+  ): IRoleBackendObject<TID> {
+    const idProvider = getEnhancedNodeIdProvider<TID>();
+    const convert = (id: string) => idProvider.idFromString(id);
+    return {
+      ...(omit<ITokenRoleDTO, 'translatedName'>(role, [
+        'translatedName',
+      ]) as IRoleDTO),
+      _id: convert(role._id),
+      name: role.name as Role,
+      createdAt: new Date(role.createdAt),
+      createdBy: convert(role.createdBy),
+      updatedAt: new Date(role.updatedAt),
+      updatedBy: convert(role.updatedBy),
+      ...(role.deletedAt ? { deletedAt: new Date(role.deletedAt) } : {}),
+      ...(role.deletedBy
+        ? {
+            deletedBy: convert(role.deletedBy),
+          }
+        : {}),
+    } as IRoleBackendObject<TID>;
+  }
+  /**
+   * Gets the role ID by name
+   * @param roleName The name of the role
+   * @returns The role ID or null if not found
+   */
+  public async getRoleIdByName(
+    roleName: Role,
+    session?: ClientSession,
+  ): Promise<TID | null> {
+    const RoleModel = ModelRegistry.instance.get<any, any>(
+      BaseModelName.Role,
+    ).model;
+    const role = await RoleModel.findOne({ name: roleName }, undefined, {
+      session,
+    }).select('_id');
+    if (!role) {
+      return null;
+    }
+    return role._id as TID;
+  }
+  /**
+   * Creates a new role
+   * @param roleData The role data
+   * @param session Optional mongoose session
+   * @returns The created role document
+   */
+  public async createRole(
+    roleData: IRoleBase<TID, TDate, Role>,
+    session?: ClientSession | null,
+  ): Promise<IRoleDocument<TID>> {
+    const RoleModel = ModelRegistry.instance.get<any, any>(
+      BaseModelName.Role,
+    ).model;
+    const role = new RoleModel(roleData);
+    const savedRole = await role.save(session ? { session } : {});
+    return savedRole as IRoleDocument<TID>;
+  }
+  /**
+   * Adds a user to a role
+   * @param roleId - The role id
+   * @param userId - The user id
+   * @param createdBy - The user creating the relationship
+   * @param session Optional mongoose session
+   */
+  public async addUserToRole(
+    roleId: TID,
+    userId: TID,
+    createdBy: TID,
+    session?: ClientSession,
+    overrideId?: TID,
+  ): Promise<IUserRoleDocument<TID>> {
+    const UserRoleModel = ModelRegistry.instance.get<any, any>(
+      BaseModelName.UserRole,
+    ).model;
+    // Check if the user-role relationship already exists (and is not deleted)
+    const existingUserRole = await UserRoleModel.findOne({
+      userId,
+      roleId,
+      deletedAt: { $exists: false },
+    }).session(session ?? null);
+    if (existingUserRole) {
+      // Relationship already exists, no need to create it again
+      return existingUserRole;
+    }
+    const userRole = new UserRoleModel({
+      ...(overrideId ? { _id: overrideId } : {}),
+      userId,
+      roleId,
+      createdBy,
+      updatedBy: createdBy,
+    });
+    const result = await userRole.save({ session });
+    return result;
+  }
+  /**
+   * Removes a user from a role
+   * @param roleId - The role id
+   * @param userId - The user id
+   * @param deletedBy - The user removing the relationship
+   * @param session Optional mongoose session
+   * @throws LastAdminError if attempting to remove the last admin
+   */
+  public async removeUserFromRole(
+    roleId: TID,
+    userId: TID,
+    deletedBy: TID,
+    session?: ClientSession,
+  ): Promise<void> {
+    const RoleModel = ModelRegistry.instance.get<any, any>(
+      BaseModelName.Role,
+    ).model;
+    const UserRoleModel = ModelRegistry.instance.get<any, any>(
+      BaseModelName.UserRole,
+    ).model;
+    const role = await RoleModel.findById(roleId).session(session ?? null);
+    if (role?.admin) {
+      const adminCount = await UserRoleModel.countDocuments({
+        roleId,
+        deletedAt: { $exists: false },
+      }).session(session ?? null);
+      if (adminCount <= 1) {
+        throw new LastAdminError();
+      }
+    }
+    await UserRoleModel.findOneAndUpdate(
+      { userId, roleId, deletedAt: { $exists: false } },
+      { deletedAt: new Date(), deletedBy },
+      { session },
+    );
+  }
+  /**
+   * Deletes a role by ID
+   * @param roleId The role ID
+   * @param deleter The ID of the user deleting the role
+   * @param hardDelete Whether to hard delete the role
+   * @param session Optional mongoose session
+   */
+  public async deleteRole(
+    roleId: TID,
+    deleter: TID,
+    hardDelete: boolean,
+    session?: ClientSession,
+  ): Promise<void> {
+    const RoleModel = ModelRegistry.instance.get<any, any>(
+      BaseModelName.Role,
+    ).model;
+    if (hardDelete) {
+      await RoleModel.findByIdAndDelete(roleId).session(session ?? null);
+    } else {
+      await RoleModel.findByIdAndUpdate(roleId, {
+        deletedAt: new Date(),
+        deletedBy: deleter,
+      }).session(session ?? null);
+    }
+  }
+  /**
+   * Gets all roles for a user
+   * @param userId The user ID
+   * @param session Optional mongoose session
+   * @returns The roles the user is a member of
+   */
+  public async getUserRoles(
+    userId: TID,
+    session?: ClientSession,
+  ): Promise<IRoleDocument<TID>[]> {
+    const UserRoleModel = ModelRegistry.instance.get<any, any>(
+      BaseModelName.UserRole,
+    ).model;
+    const RoleModel = ModelRegistry.instance.get<any, any>(
+      BaseModelName.Role,
+    ).model;
+    if (!UserRoleModel || !RoleModel) throw new Error('Model not registered');
+    // Return full documents
+    const userRoles = await UserRoleModel.find({
+      userId,
+      deletedAt: { $exists: false },
+    })
+      .select('roleId')
+      .session(session ?? null);
+    const roleIds = userRoles.map((ur) => ur.roleId);
+    return (await RoleModel.find({
+      _id: { $in: roleIds },
+      deletedAt: { $exists: false },
+    }).session(session ?? null)) as IRoleDocument<TID>[];
+  }
+  /**
+   * Gets all users for a role
+   * @param roleId The role ID
+   * @param session Optional mongoose session
+   * @returns The user IDs that are members of the role
+   */
+  public async getRoleUsers(
+    roleId: TID,
+    session?: ClientSession,
+  ): Promise<TID[]> {
+    const UserRoleModel = ModelRegistry.instance.get<any, any>(
+      BaseModelName.UserRole,
+    ).model;
+    // Return full documents
+    const userRoles = await UserRoleModel.find({
+      roleId,
+      deletedAt: { $exists: false },
+    })
+      .select('userId')
+      .session(session ?? null);
+    return userRoles.map((ur) => ur.userId);
+  }
+  /** Convert roles to translated TokenRoles */
+  public rolesToTokenRoles(
+    roles: Array<IRoleBackendObject<TID>>,
+    overrideLanguage?: string,
+  ): Array<TTokenRole> {
+    return roles.map((role) => {
+      const engine = I18nEngine.getInstance('default');
+      const userLang = GlobalActiveContext.getInstance<
+        string,
+        IActiveContext<string>
+      >().userLanguage;
+      const lang = (overrideLanguage || userLang || 'en-US') as string;
+      const roleTranslation = engine.translateEnum(Role, role.name, lang);
+      // Convert Mongoose document to plain object if needed
+      const roleObj = role instanceof Document ? role.toObject() : role;
+      return {
+        ...roleObj,
+        translatedName: roleTranslation,
+      } as TTokenRole;
+    });
+  }
+  public async isUserAdmin(
+    userDoc: IUserDocument<string, TID>,
+    session?: ClientSession,
+    providedRoles?: Array<IRoleDocument<TID>>,
+  ): Promise<boolean> {
+    const roles =
+      providedRoles ?? (await this.getUserRoles(userDoc._id, session));
+    if (roles.filter((r) => r.admin).length > 0) {
+      return true;
+    }
+    return false;
+  }
+  public async isUserMember(
+    userDoc: IUserDocument<string, TID>,
+    session?: ClientSession,
+    providedRoles?: Array<IRoleDocument<TID>>,
+  ): Promise<boolean> {
+    const roles =
+      providedRoles ?? (await this.getUserRoles(userDoc._id, session));
+    if (roles.filter((r) => r.member).length > 0) {
+      return true;
+    }
+    return false;
+  }
+  public async isUserChild(
+    userDoc: IUserDocument<string, TID>,
+    session?: ClientSession,
+    providedRoles?: Array<IRoleDocument<TID>>,
+  ): Promise<boolean> {
+    const roles =
+      providedRoles ?? (await this.getUserRoles(userDoc._id, session));
+    if (roles.filter((r) => r.child).length > 0) {
+      return true;
+    }
+    return false;
+  }
+  public async isSystemUser(
+    userDoc: IUserDocument<string, TID>,
+    session?: ClientSession,
+    providedRoles?: Array<IRoleDocument<TID>>,
+  ): Promise<boolean> {
+    const roles =
+      providedRoles ?? (await this.getUserRoles(userDoc._id, session));
+    return roles.some((r) => r.system);
+  }
+  public async getMemberType(
+    userDoc: IUserDocument<string, TID>,
+    session?: ClientSession,
+    providedRoles?: Array<IRoleDocument<TID>>,
+  ): Promise<MemberType> {
+    const roles =
+      providedRoles ?? (await this.getUserRoles(userDoc._id, session));
+    if (await this.isSystemUser(userDoc, session, roles)) {
+      return MemberType.System;
+    } else if (await this.isUserAdmin(userDoc, session, roles)) {
+      return MemberType.Admin;
+    } else if (await this.isUserMember(userDoc, session, roles)) {
+      return MemberType.User;
+    } else {
+      return MemberType.Anonymous;
+    }
+  }
+}