@digitaldefiance/node-express-suite 3.7.5 → 3.7.6

package/src/middlewares/authenticate-token.js

@@ -0,0 +1,117 @@
+"use strict";
+/**
+ * @fileoverview JWT token authentication middleware.
+ * Validates bearer tokens, loads user data, and sets up request context.
+ * @module middlewares/authenticate-token
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.findAuthToken = findAuthToken;
+exports.authenticateToken = authenticateToken;
+const i18n_lib_1 = require("@digitaldefiance/i18n-lib");
+const suite_core_lib_1 = require("@digitaldefiance/suite-core-lib");
+const base_model_name_1 = require("../enumerations/base-model-name");
+const token_expired_1 = require("../errors/token-expired");
+const jwt_1 = require("../services/jwt");
+const request_user_1 = require("../services/request-user");
+const role_1 = require("../services/role");
+const utils_1 = require("../utils");
+// Helper to create Timezone from the same module instance as GlobalActiveContext
+function createTimezone(tz) {
+    const context = i18n_lib_1.GlobalActiveContext.getInstance();
+    const TimezoneConstructor = context.adminTimezone
+        .constructor;
+    return new TimezoneConstructor(tz);
+}
+/**
+ * Extracts bearer token from HTTP request headers.
+ * @param {IncomingHttpHeaders} headers - HTTP request headers
+ * @returns {string | null} Bearer token if found, null otherwise
+ */
+function findAuthToken(headers) {
+    const authHeader = headers['Authorization'] || headers['authorization'];
+    if (authHeader && typeof authHeader === 'string') {
+        const parts = authHeader.split(' ');
+        if (parts.length === 2 && parts[0].toLowerCase() === 'bearer') {
+            return parts[1];
+        }
+    }
+    return null;
+}
+/**
+ * Express middleware for JWT token authentication.
+ * Validates token, loads user from database, checks account status,
+ * and populates req.user with authenticated user data.
+ * @template TID - Platform ID type (defaults to Buffer)
+ * @template D - Date type (defaults to Date)
+ * @template TTokenRole - Token role interface type
+ * @template TTokenUser - Token user interface type
+ * @template TApplication - Application interface type
+ * @param {TApplication} application - Application instance
+ * @param {Request} req - Express request object
+ * @param {Response} res - Express response object
+ * @param {NextFunction} next - Express next function
+ * @returns {Promise<Response>} Response object
+ * @throws {TokenExpiredError} When token has expired
+ */
+async function authenticateToken(application, req, res, next) {
+    const UserModel = application.getModel(base_model_name_1.BaseModelName.User);
+    const token = findAuthToken(req.headers);
+    if (token == null) {
+        return res
+            .status(401)
+            .send((0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidToken));
+    }
+    try {
+        return await (0, utils_1.withTransaction)(application.db.connection, application.environment.mongo.useTransactions, undefined, async (sess) => {
+            const jwtService = new jwt_1.JwtService(application);
+            const user = await jwtService.verifyToken(token);
+            if (user === null) {
+                return res.status(403).send(
+                // amazonq-ignore-next-line false positive, hardcoded string
+                (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UserNotFound));
+            }
+            const userDoc = await UserModel.findById(user.userId)
+                .select('-password')
+                .session(sess ?? null)
+                .exec();
+            if (!userDoc || userDoc.accountStatus !== suite_core_lib_1.AccountStatus.Active) {
+                return res.status(403).send(
+                // amazonq-ignore-next-line false positive, hardcoded string
+                (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_UserNotFound));
+            }
+            const roleService = new role_1.RoleService(application);
+            const roles = await roleService.getUserRoles(userDoc._id, sess);
+            const tokenRoles = roleService.rolesToTokenRoles(roles);
+            req.user = request_user_1.RequestUserService.makeRequestUserDTO(userDoc, tokenRoles);
+            const context = i18n_lib_1.GlobalActiveContext.getInstance();
+            context.userLanguage = userDoc.siteLanguage ?? context.userLanguage;
+            context.setLanguageContextSpace('user');
+            context.userTimezone = createTimezone(userDoc.timezone);
+            next();
+            return res;
+        }, {
+            timeoutMs: application.environment.mongo.transactionTimeout,
+        });
+    }
+    catch (err) {
+        if (err instanceof token_expired_1.TokenExpiredError) {
+            return res.status(401).send({
+                message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_TokenExpired),
+                error: err,
+            });
+        }
+        else if (err instanceof Error && err.name === 'JsonWebTokenError') {
+            return res.status(400).send({
+                message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Validation_InvalidToken),
+                error: err,
+            });
+        }
+        else {
+            return res.status(500).send({
+                message: (0, suite_core_lib_1.getSuiteCoreTranslation)(suite_core_lib_1.SuiteCoreStringKey.Common_UnexpectedError),
+                error: err,
+            });
+        }
+    }
+}
+//# sourceMappingURL=authenticate-token.js.map

package/src/middlewares/authenticate-token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authenticate-token.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/middlewares/authenticate-token.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAwCH,sCASC;AAkBD,8CA6FC;AA7JD,wDAAgE;AAEhE,oEAMyC;AAIzC,qEAAgE;AAChE,2DAA4D;AAE5D,yCAA6C;AAC7C,2DAA8D;AAC9D,2CAA+C;AAC/C,oCAA2C;AAM3C,iFAAiF;AACjF,SAAS,cAAc,CAAC,EAAU;IAChC,MAAM,OAAO,GAAG,8BAAmB,CAAC,WAAW,EAAE,CAAC;IAClD,MAAM,mBAAmB,GAAG,OAAO,CAAC,aAAa;SAC9C,WAAkC,CAAC;IACtC,OAAO,IAAI,mBAAmB,CAAC,EAAE,CAAC,CAAC;AACrC,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAC,OAA4B;IACxD,MAAM,UAAU,GAAG,OAAO,CAAC,eAAe,CAAC,IAAI,OAAO,CAAC,eAAe,CAAC,CAAC;IACxE,IAAI,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC9D,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACI,KAAK,UAAU,iBAAiB,CAOrC,WAAyB,EACzB,GAAY,EACZ,GAAa,EACb,IAAkB;IAElB,MAAM,SAAS,GAAG,WAAW,CAAC,QAAQ,CACpC,+BAAa,CAAC,IAAI,CACnB,CAAC;IACF,MAAM,KAAK,GAAG,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACzC,IAAI,KAAK,IAAI,IAAI,EAAE,CAAC;QAClB,OAAO,GAAG;aACP,MAAM,CAAC,GAAG,CAAC;aACX,IAAI,CACH,IAAA,wCAAuB,EAAC,mCAAkB,CAAC,uBAAuB,CAAC,CACpE,CAAC;IACN,CAAC;IAED,IAAI,CAAC;QACH,OAAO,MAAM,IAAA,uBAAe,EAC1B,WAAW,CAAC,EAAE,CAAC,UAAU,EACzB,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,eAAe,EAC7C,SAAS,EACT,KAAK,EAAE,IAA+B,EAAE,EAAE;YACxC,MAAM,UAAU,GAAG,IAAI,gBAAU,CAM/B,WAAW,CAAC,CAAC;YACf,MAAM,IAAI,GAAsB,MAAM,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACpE,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBAClB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI;gBACzB,4DAA4D;gBAC5D,IAAA,wCAAuB,EAAC,mCAAkB,CAAC,uBAAuB,CAAC,CACpE,CAAC;YACJ,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC;iBAClD,MAAM,CAAC,WAAW,CAAC;iBACnB,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC;iBACrB,IAAI,EAAE,CAAC;YACV,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,aAAa,KAAK,8BAAa,CAAC,MAAM,EAAE,CAAC;gBAC/D,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI;gBACzB,4DAA4D;gBAC5D,IAAA,wCAAuB,EAAC,mCAAkB,CAAC,uBAAuB,CAAC,CACpE,CAAC;YACJ,CAAC;YACD,MAAM,WAAW,GAAG,IAAI,kBAAW,CAAqB,WAAW,CAAC,CAAC;YACrE,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,GAAU,EAAE,IAAI,CAAC,CAAC;YACvE,MAAM,UAAU,GAAG,WAAW,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YACxD,GAAG,CAAC,IAAI,GAAG,iCAAkB,CAAC,kBAAkB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;YACtE,MAAM,OAAO,GAAG,8BAAmB,CAAC,WAAW,EAAE,CAAC;YAClD,OAAO,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,OAAO,CAAC,YAAY,CAAC;YACpE,OAAO,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAC;YACxC,OAAO,CAAC,YAAY,GAAG,cAAc,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACxD,IAAI,EAAE,CAAC;YACP,OAAO,GAAG,CAAC;QACb,CAAC,EACD;YACE,SAAS,EAAE,WAAW,CAAC,WAAW,CAAC,KAAK,CAAC,kBAAkB;SAC5D,CACF,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,iCAAiB,EAAE,CAAC;YACrC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,IAAA,wCAAuB,EAC9B,mCAAkB,CAAC,uBAAuB,CAC3C;gBACD,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;YACpE,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,IAAA,wCAAuB,EAC9B,mCAAkB,CAAC,uBAAuB,CAC3C;gBACD,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC1B,OAAO,EAAE,IAAA,wCAAuB,EAC9B,mCAAkB,CAAC,sBAAsB,CAC1C;gBACD,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC"}

package/src/middlewares/cleanup-crypto.d.ts

@@ -0,0 +1,16 @@
+/**
+ * @fileoverview Cleanup middleware for disposing cryptographic resources.
+ * Ensures private keys and sensitive material are properly disposed after request completion.
+ * @module middlewares/cleanup-crypto
+ */
+import { NextFunction, Request, Response } from 'express';
+/**
+ * Express middleware to cleanup cryptographic resources after request completion.
+ * Wraps response.end() to dispose of req.eciesUser before sending response.
+ * Should be registered early in middleware chain to ensure cleanup on all responses.
+ * @param {Request} req - Express request object
+ * @param {Response} res - Express response object
+ * @param {NextFunction} next - Express next function
+ */
+export declare function cleanupCrypto(req: Request, res: Response, next: NextFunction): void;
+//# sourceMappingURL=cleanup-crypto.d.ts.map

package/src/middlewares/cleanup-crypto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cleanup-crypto.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/middlewares/cleanup-crypto.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAE1D;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAC3B,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,GACjB,IAAI,CA0BN"}

package/src/middlewares/cleanup-crypto.js

@@ -0,0 +1,41 @@
+"use strict";
+/**
+ * @fileoverview Cleanup middleware for disposing cryptographic resources.
+ * Ensures private keys and sensitive material are properly disposed after request completion.
+ * @module middlewares/cleanup-crypto
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cleanupCrypto = cleanupCrypto;
+/**
+ * Express middleware to cleanup cryptographic resources after request completion.
+ * Wraps response.end() to dispose of req.eciesUser before sending response.
+ * Should be registered early in middleware chain to ensure cleanup on all responses.
+ * @param {Request} req - Express request object
+ * @param {Response} res - Express response object
+ * @param {NextFunction} next - Express next function
+ */
+function cleanupCrypto(req, res, next) {
+    // Store original end function
+    const originalEnd = res.end;
+    // Override end function to cleanup before response
+    const wrappedEnd = function (...args) {
+        // Cleanup eciesUser if it exists
+        if (req.eciesUser) {
+            try {
+                // Dispose of sensitive cryptographic material
+                req.eciesUser.dispose();
+                req.eciesUser = undefined;
+            }
+            catch (error) {
+                console.error('Error cleaning up crypto resources:', error);
+            }
+        }
+        // Do not dispose system user here; it may be a process-wide singleton
+        // Call original end function
+        // Type assertion needed because we're wrapping the end function
+        return originalEnd.apply(this, args);
+    };
+    res.end = wrappedEnd;
+    next();
+}
+//# sourceMappingURL=cleanup-crypto.js.map

package/src/middlewares/cleanup-crypto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cleanup-crypto.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/middlewares/cleanup-crypto.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAYH,sCA8BC;AAtCD;;;;;;;GAOG;AACH,SAAgB,aAAa,CAC3B,GAAY,EACZ,GAAa,EACb,IAAkB;IAElB,8BAA8B;IAC9B,MAAM,WAAW,GAAG,GAAG,CAAC,GAAG,CAAC;IAE5B,mDAAmD;IACnD,MAAM,UAAU,GAAG,UAA0B,GAAG,IAAe;QAC7D,iCAAiC;QACjC,IAAI,GAAG,CAAC,SAAS,EAAE,CAAC;YAClB,IAAI,CAAC;gBACH,8CAA8C;gBAC9C,GAAG,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;gBACxB,GAAG,CAAC,SAAS,GAAG,SAAS,CAAC;YAC5B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,KAAK,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC;QACD,sEAAsE;QAEtE,6BAA6B;QAC7B,gEAAgE;QAChE,OAAO,WAAW,CAAC,KAAK,CAAC,IAAI,EAAE,IAAsC,CAAC,CAAC;IACzE,CAAmB,CAAC;IAEpB,GAAG,CAAC,GAAG,GAAG,UAAU,CAAC;IAErB,IAAI,EAAE,CAAC;AACT,CAAC"}

package/src/middlewares/{index.ts → index.d.ts}

@@ -2,3 +2,4 @@ export * from './authenticate-crypto';
 export * from './authenticate-token';
 export * from './cleanup-crypto';
 export * from './set-global-context-language';
+//# sourceMappingURL=index.d.ts.map

package/src/middlewares/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/middlewares/index.ts"],"names":[],"mappings":"AAAA,cAAc,uBAAuB,CAAC;AACtC,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,+BAA+B,CAAC"}

package/src/middlewares/index.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+tslib_1.__exportStar(require("./authenticate-crypto"), exports);
+tslib_1.__exportStar(require("./authenticate-token"), exports);
+tslib_1.__exportStar(require("./cleanup-crypto"), exports);
+tslib_1.__exportStar(require("./set-global-context-language"), exports);
+//# sourceMappingURL=index.js.map

package/src/middlewares/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/middlewares/index.ts"],"names":[],"mappings":";;;AAAA,gEAAsC;AACtC,+DAAqC;AACrC,2DAAiC;AACjC,wEAA8C"}

package/src/middlewares/{set-global-context-language.ts → set-global-context-language.d.ts}

@@ -3,15 +3,7 @@
  * Determines user language from Accept-Language header and user preferences.
  * @module middlewares/set-global-context-language
  */
-
-// src/middlewares/injectMongooseContext.ts
-
-import {
-  GlobalActiveContext,
-  LanguageRegistry,
-} from '@digitaldefiance/i18n-lib';
 import { NextFunction, Request, Response } from 'express';
-
 /**
  * Express middleware to set global language context for the request.
  * Uses fallback chain: Accept-Language header → user preference → site default.
@@ -20,19 +12,5 @@ import { NextFunction, Request, Response } from 'express';
  * @param {Response} res - Express response object
  * @param {NextFunction} next - Express next function
  */
-export function setGlobalContextLanguageFromRequest(
-  req: Request,
-  res: Response,
-  next: NextFunction,
-) {
-  // Use fallback chain: accept-language -> user preference -> site default
-  const language = LanguageRegistry.getMatchingLanguageCode(
-    req.headers['accept-language'] as string,
-    req.user?.siteLanguage as string,
-  );
-
-  const context = GlobalActiveContext.getInstance();
-  context.setUserLanguage(language);
-  context.setLanguageContextSpace('user');
-  next();
-}
+export declare function setGlobalContextLanguageFromRequest(req: Request, res: Response, next: NextFunction): void;
+//# sourceMappingURL=set-global-context-language.d.ts.map

package/src/middlewares/set-global-context-language.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"set-global-context-language.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/middlewares/set-global-context-language.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAQH,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAE1D;;;;;;;GAOG;AACH,wBAAgB,mCAAmC,CACjD,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,IAAI,EAAE,YAAY,QAYnB"}

package/src/middlewares/set-global-context-language.js

@@ -0,0 +1,27 @@
+"use strict";
+/**
+ * @fileoverview Middleware to set global language context from request.
+ * Determines user language from Accept-Language header and user preferences.
+ * @module middlewares/set-global-context-language
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.setGlobalContextLanguageFromRequest = setGlobalContextLanguageFromRequest;
+// src/middlewares/injectMongooseContext.ts
+const i18n_lib_1 = require("@digitaldefiance/i18n-lib");
+/**
+ * Express middleware to set global language context for the request.
+ * Uses fallback chain: Accept-Language header → user preference → site default.
+ * Sets both user language and language context space in GlobalActiveContext.
+ * @param {Request} req - Express request object
+ * @param {Response} res - Express response object
+ * @param {NextFunction} next - Express next function
+ */
+function setGlobalContextLanguageFromRequest(req, res, next) {
+    // Use fallback chain: accept-language -> user preference -> site default
+    const language = i18n_lib_1.LanguageRegistry.getMatchingLanguageCode(req.headers['accept-language'], req.user?.siteLanguage);
+    const context = i18n_lib_1.GlobalActiveContext.getInstance();
+    context.setUserLanguage(language);
+    context.setLanguageContextSpace('user');
+    next();
+}
+//# sourceMappingURL=set-global-context-language.js.map

package/src/middlewares/set-global-context-language.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"set-global-context-language.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/middlewares/set-global-context-language.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAkBH,kFAeC;AA/BD,2CAA2C;AAE3C,wDAGmC;AAGnC;;;;;;;GAOG;AACH,SAAgB,mCAAmC,CACjD,GAAY,EACZ,GAAa,EACb,IAAkB;IAElB,yEAAyE;IACzE,MAAM,QAAQ,GAAG,2BAAgB,CAAC,uBAAuB,CACvD,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAW,EACxC,GAAG,CAAC,IAAI,EAAE,YAAsB,CACjC,CAAC;IAEF,MAAM,OAAO,GAAG,8BAAmB,CAAC,WAAW,EAAE,CAAC;IAClD,OAAO,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;IAClC,OAAO,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAC;IACxC,IAAI,EAAE,CAAC;AACT,CAAC"}

package/src/model-registry.d.ts

@@ -0,0 +1,79 @@
+/**
+ * @fileoverview Model registry for dynamic Mongoose model management.
+ * Singleton registry for registering and retrieving Mongoose models.
+ * @module model-registry
+ */
+import { Model, Document as MongooseDocument, Schema } from '@digitaldefiance/mongoose-types';
+import { IBaseDocument } from './documents/base';
+import { PlatformID } from '@digitaldefiance/node-ecies-lib';
+/**
+ * Model registration information.
+ * @template T - Document Data type
+ * @template U - Document type extending IBaseDocument
+ */
+export type ModelRegistration<TID extends PlatformID, T, U extends IBaseDocument<T, TID>> = {
+    modelName: string;
+    schema: Schema;
+    model: Model<U>;
+    collection: string;
+    discriminators?: unknown;
+};
+/**
+ * Singleton registry for Mongoose models.
+ * Manages model registration and retrieval across the application.
+ */
+declare class ModelRegistry<TID extends PlatformID> {
+    protected static _instance: ModelRegistry<PlatformID>;
+    protected _models: Map<string, ModelRegistration<TID, any, IBaseDocument<any, TID>>>;
+    private constructor();
+    /**
+     * Gets the singleton instance of ModelRegistry.
+     * @returns {ModelRegistry} The singleton instance
+     */
+    static get instance(): ModelRegistry<PlatformID>;
+    /**
+     * Registers a model with the registry.
+     * @template T - Document ID type
+     * @template U - Document type extending IBaseDocument
+     * @param {ModelRegistration<T, U>} registration - Model registration information
+     */
+    register<T, U extends IBaseDocument<T, TID>>(registration: ModelRegistration<TID, T, U>): void;
+    /**
+     * Retrieves a model registration by name.
+     * @template T - Document ID type
+     * @template U - Document type extending IBaseDocument
+     * @param {string} modelName - Name of the model
+     * @returns {ModelRegistration<T, U>} Model registration
+     * @throws {InvalidModelError} If model is not registered
+     */
+    get<T, U extends IBaseDocument<T, TID>>(modelName: string): ModelRegistration<TID, T, U>;
+    /**
+     * Retrieves a typed Mongoose model by name.
+     * @template TDoc - Mongoose document type
+     * @param {string} modelName - Name of the model
+     * @returns {Model<TDoc>} Mongoose model
+     * @throws {InvalidModelError} If model is not registered
+     */
+    getTypedModel<TDoc extends MongooseDocument>(modelName: string): Model<TDoc>;
+    /**
+     * Retrieves a typed Mongoose schema by name.
+     * @template TDoc - Mongoose document type
+     * @param {string} modelName - Name of the model
+     * @returns {Schema<TDoc>} Mongoose schema
+     * @throws {InvalidModelError} If model is not registered
+     */
+    getTypedSchema<TDoc extends MongooseDocument>(modelName: string): Schema<TDoc>;
+    /**
+     * Checks if a model is registered.
+     * @param {string} modelName - Name of the model
+     * @returns {boolean} True if model exists
+     */
+    has(modelName: string): boolean;
+    /**
+     * Lists all registered model names.
+     * @returns {string[]} Array of model names
+     */
+    list(): string[];
+}
+export { ModelRegistry };
+//# sourceMappingURL=model-registry.d.ts.map

package/src/model-registry.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"model-registry.d.ts","sourceRoot":"","sources":["../../../../packages/digitaldefiance-node-express-suite/src/model-registry.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACL,KAAK,EACL,QAAQ,IAAI,gBAAgB,EAC5B,MAAM,EACP,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAE7D;;;;GAIG;AACH,MAAM,MAAM,iBAAiB,CAC3B,GAAG,SAAS,UAAU,EACtB,CAAC,EACD,CAAC,SAAS,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC,IAC7B;IACF,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B,CAAC;AAEF;;;GAGG;AACH,cAAM,aAAa,CAAC,GAAG,SAAS,UAAU;IACxC,SAAS,CAAC,MAAM,CAAC,SAAS,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC;IACtD,SAAS,CAAC,OAAO,EAAE,GAAG,CACpB,MAAM,EACN,iBAAiB,CAAC,GAAG,EAAE,GAAG,EAAE,aAAa,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CACrD,CAAa;IAEd,OAAO;IAEP;;;OAGG;IACH,WAAkB,QAAQ,IAAI,aAAa,CAAC,UAAU,CAAC,CAKtD;IAED;;;;;OAKG;IACI,QAAQ,CAAC,CAAC,EAAE,CAAC,SAAS,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC,EAChD,YAAY,EAAE,iBAAiB,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,GACzC,IAAI;IAOP;;;;;;;OAOG;IACI,GAAG,CAAC,CAAC,EAAE,CAAC,SAAS,aAAa,CAAC,CAAC,EAAE,GAAG,CAAC,EAC3C,SAAS,EAAE,MAAM,GAChB,iBAAiB,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;IAQ/B;;;;;;OAMG;IACI,aAAa,CAAC,IAAI,SAAS,gBAAgB,EAChD,SAAS,EAAE,MAAM,GAChB,KAAK,CAAC,IAAI,CAAC;IAQd;;;;;;OAMG;IACI,cAAc,CAAC,IAAI,SAAS,gBAAgB,EACjD,SAAS,EAAE,MAAM,GAChB,MAAM,CAAC,IAAI,CAAC;IAQf;;;;OAIG;IACI,GAAG,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO;IAItC;;;OAGG;IACI,IAAI,IAAI,MAAM,EAAE;CAGxB;AAED,OAAO,EAAE,aAAa,EAAE,CAAC"}

package/src/model-registry.js

@@ -0,0 +1,97 @@
+"use strict";
+/**
+ * @fileoverview Model registry for dynamic Mongoose model management.
+ * Singleton registry for registering and retrieving Mongoose models.
+ * @module model-registry
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ModelRegistry = void 0;
+const errors_1 = require("./errors");
+/**
+ * Singleton registry for Mongoose models.
+ * Manages model registration and retrieval across the application.
+ */
+class ModelRegistry {
+    static _instance;
+    _models = new Map();
+    constructor() { }
+    /**
+     * Gets the singleton instance of ModelRegistry.
+     * @returns {ModelRegistry} The singleton instance
+     */
+    static get instance() {
+        if (!ModelRegistry._instance) {
+            ModelRegistry._instance = new ModelRegistry();
+        }
+        return ModelRegistry._instance;
+    }
+    /**
+     * Registers a model with the registry.
+     * @template T - Document ID type
+     * @template U - Document type extending IBaseDocument
+     * @param {ModelRegistration<T, U>} registration - Model registration information
+     */
+    register(registration) {
+        this._models.set(registration.modelName, registration);
+    }
+    /**
+     * Retrieves a model registration by name.
+     * @template T - Document ID type
+     * @template U - Document type extending IBaseDocument
+     * @param {string} modelName - Name of the model
+     * @returns {ModelRegistration<T, U>} Model registration
+     * @throws {InvalidModelError} If model is not registered
+     */
+    get(modelName) {
+        const result = this._models.get(modelName);
+        if (result === undefined) {
+            throw new errors_1.InvalidModelError(modelName);
+        }
+        return result;
+    }
+    /**
+     * Retrieves a typed Mongoose model by name.
+     * @template TDoc - Mongoose document type
+     * @param {string} modelName - Name of the model
+     * @returns {Model<TDoc>} Mongoose model
+     * @throws {InvalidModelError} If model is not registered
+     */
+    getTypedModel(modelName) {
+        const result = this._models.get(modelName);
+        if (result === undefined) {
+            throw new errors_1.InvalidModelError(modelName);
+        }
+        return result.model;
+    }
+    /**
+     * Retrieves a typed Mongoose schema by name.
+     * @template TDoc - Mongoose document type
+     * @param {string} modelName - Name of the model
+     * @returns {Schema<TDoc>} Mongoose schema
+     * @throws {InvalidModelError} If model is not registered
+     */
+    getTypedSchema(modelName) {
+        const result = this._models.get(modelName);
+        if (result === undefined) {
+            throw new errors_1.InvalidModelError(modelName);
+        }
+        return result.schema;
+    }
+    /**
+     * Checks if a model is registered.
+     * @param {string} modelName - Name of the model
+     * @returns {boolean} True if model exists
+     */
+    has(modelName) {
+        return this._models.has(modelName);
+    }
+    /**
+     * Lists all registered model names.
+     * @returns {string[]} Array of model names
+     */
+    list() {
+        return Array.from(this._models.keys());
+    }
+}
+exports.ModelRegistry = ModelRegistry;
+//# sourceMappingURL=model-registry.js.map

package/src/model-registry.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"model-registry.js","sourceRoot":"","sources":["../../../../packages/digitaldefiance-node-express-suite/src/model-registry.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAQH,qCAA6C;AAoB7C;;;GAGG;AACH,MAAM,aAAa;IACP,MAAM,CAAC,SAAS,CAA4B;IAC5C,OAAO,GAGb,IAAI,GAAG,EAAE,CAAC;IAEd,gBAAuB,CAAC;IAExB;;;OAGG;IACI,MAAM,KAAK,QAAQ;QACxB,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,CAAC;YAC7B,aAAa,CAAC,SAAS,GAAG,IAAI,aAAa,EAAE,CAAC;QAChD,CAAC;QACD,OAAO,aAAa,CAAC,SAAS,CAAC;IACjC,CAAC;IAED;;;;;OAKG;IACI,QAAQ,CACb,YAA0C;QAE1C,IAAI,CAAC,OAAO,CAAC,GAAG,CACd,YAAY,CAAC,SAAS,EACtB,YAA4C,CAC7C,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACI,GAAG,CACR,SAAiB;QAEjB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAiC,CAAC;QAC3E,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,IAAI,0BAAiB,CAAC,SAAS,CAAC,CAAC;QACzC,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;;;OAMG;IACI,aAAa,CAClB,SAAiB;QAEjB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,IAAI,0BAAiB,CAAC,SAAS,CAAC,CAAC;QACzC,CAAC;QACD,OAAO,MAAM,CAAC,KAAoB,CAAC;IACrC,CAAC;IAED;;;;;;OAMG;IACI,cAAc,CACnB,SAAiB;QAEjB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,MAAM,IAAI,0BAAiB,CAAC,SAAS,CAAC,CAAC;QACzC,CAAC;QACD,OAAO,MAAM,CAAC,MAAsB,CAAC;IACvC,CAAC;IAED;;;;OAIG;IACI,GAAG,CAAC,SAAiB;QAC1B,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC;IAED;;;OAGG;IACI,IAAI;QACT,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC;CACF;AAEQ,sCAAa"}

package/src/models/{email-token.ts → email-token.d.ts}

@@ -3,14 +3,11 @@
  * Creates Mongoose model for email verification and password reset tokens.
  * @module models/email-token
  */
-
 import { Connection, Model, Schema } from '@digitaldefiance/mongoose-types';
 import { IEmailTokenDocument } from '../documents/email-token';
 import { BaseModelName } from '../enumerations';
 import { SchemaCollection } from '../enumerations/schema-collection';
-import { EmailTokenSchema } from '../schemas/email-token';
 import type { PlatformID } from '@digitaldefiance/node-ecies-lib';
-
 /**
  * Creates a Mongoose model for email token documents.
  * @template TModelName - Model name type (defaults to BaseModelName)
@@ -22,28 +19,6 @@ import type { PlatformID } from '@digitaldefiance/node-ecies-lib';
  * @param {Schema} [schema] - Mongoose schema (defaults to EmailTokenSchema)
  * @returns {Model<IEmailTokenDocument<TID>>} Configured Mongoose model
  */
-export function EmailTokenModel<
-  TModelName extends string = BaseModelName,
-  TCollection extends string = SchemaCollection,
-  TID extends PlatformID = Buffer,
->(
-  connection: Connection,
-  modelName?: TModelName,
-  collection?: TCollection,
-  schema?: Schema,
-): Model<IEmailTokenDocument<TID>>;
-
-export function EmailTokenModel<TID extends PlatformID = Buffer>(
-  connection: Connection,
-  modelName: string = BaseModelName.EmailToken,
-  collection: string = SchemaCollection.EmailToken,
-  schema: Schema = EmailTokenSchema,
-) {
-  return connection.model<IEmailTokenDocument<TID>>(
-    modelName,
-    schema,
-    collection,
-  );
-}
-
+export declare function EmailTokenModel<TModelName extends string = BaseModelName, TCollection extends string = SchemaCollection, TID extends PlatformID = Buffer>(connection: Connection, modelName?: TModelName, collection?: TCollection, schema?: Schema): Model<IEmailTokenDocument<TID>>;
 export default EmailTokenModel;
+//# sourceMappingURL=email-token.d.ts.map

package/src/models/email-token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"email-token.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/models/email-token.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,iCAAiC,CAAC;AAC5E,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AAErE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAElE;;;;;;;;;;GAUG;AACH,wBAAgB,eAAe,CAC7B,UAAU,SAAS,MAAM,GAAG,aAAa,EACzC,WAAW,SAAS,MAAM,GAAG,gBAAgB,EAC7C,GAAG,SAAS,UAAU,GAAG,MAAM,EAE/B,UAAU,EAAE,UAAU,EACtB,SAAS,CAAC,EAAE,UAAU,EACtB,UAAU,CAAC,EAAE,WAAW,EACxB,MAAM,CAAC,EAAE,MAAM,GACd,KAAK,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC;AAenC,eAAe,eAAe,CAAC"}

package/src/models/email-token.js

@@ -0,0 +1,16 @@
+"use strict";
+/**
+ * @fileoverview Email token model factory for MongoDB.
+ * Creates Mongoose model for email verification and password reset tokens.
+ * @module models/email-token
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EmailTokenModel = EmailTokenModel;
+const enumerations_1 = require("../enumerations");
+const schema_collection_1 = require("../enumerations/schema-collection");
+const email_token_1 = require("../schemas/email-token");
+function EmailTokenModel(connection, modelName = enumerations_1.BaseModelName.EmailToken, collection = schema_collection_1.SchemaCollection.EmailToken, schema = email_token_1.EmailTokenSchema) {
+    return connection.model(modelName, schema, collection);
+}
+exports.default = EmailTokenModel;
+//# sourceMappingURL=email-token.js.map

package/src/models/email-token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"email-token.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/models/email-token.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AA+BH,0CAWC;AAtCD,kDAAgD;AAChD,yEAAqE;AACrE,wDAA0D;AAyB1D,SAAgB,eAAe,CAC7B,UAAsB,EACtB,YAAoB,4BAAa,CAAC,UAAU,EAC5C,aAAqB,oCAAgB,CAAC,UAAU,EAChD,SAAiB,8BAAgB;IAEjC,OAAO,UAAU,CAAC,KAAK,CACrB,SAAS,EACT,MAAM,EACN,UAAU,CACX,CAAC;AACJ,CAAC;AAED,kBAAe,eAAe,CAAC"}

package/src/models/{index.ts → index.d.ts}

@@ -4,3 +4,4 @@ export * from './role';
 export * from './used-direct-login-token';
 export * from './user';
 export * from './user-role';
+//# sourceMappingURL=index.d.ts.map

package/src/models/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/models/index.ts"],"names":[],"mappings":"AAAA,cAAc,eAAe,CAAC;AAC9B,cAAc,YAAY,CAAC;AAC3B,cAAc,QAAQ,CAAC;AACvB,cAAc,2BAA2B,CAAC;AAC1C,cAAc,QAAQ,CAAC;AACvB,cAAc,aAAa,CAAC"}

package/src/models/index.js

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+tslib_1.__exportStar(require("./email-token"), exports);
+tslib_1.__exportStar(require("./mnemonic"), exports);
+tslib_1.__exportStar(require("./role"), exports);
+tslib_1.__exportStar(require("./used-direct-login-token"), exports);
+tslib_1.__exportStar(require("./user"), exports);
+tslib_1.__exportStar(require("./user-role"), exports);
+//# sourceMappingURL=index.js.map

package/src/models/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/models/index.ts"],"names":[],"mappings":";;;AAAA,wDAA8B;AAC9B,qDAA2B;AAC3B,iDAAuB;AACvB,oEAA0C;AAC1C,iDAAuB;AACvB,sDAA4B"}

package/src/models/{mnemonic.ts → mnemonic.d.ts}

@@ -3,14 +3,11 @@
  * Creates Mongoose model for mnemonic hash storage.
  * @module models/mnemonic
  */
-
 import { Connection, Model, Schema } from '@digitaldefiance/mongoose-types';
 import { IMnemonicDocument } from '../documents/mnemonic';
 import { BaseModelName } from '../enumerations';
 import { SchemaCollection } from '../enumerations/schema-collection';
-import { MnemonicSchema } from '../schemas/mnemonic';
 import type { PlatformID } from '@digitaldefiance/node-ecies-lib';
-
 /**
  * Creates a Mongoose model for mnemonic documents.
  * @template TModelName - Model name type (defaults to BaseModelName)
@@ -22,21 +19,6 @@ import type { PlatformID } from '@digitaldefiance/node-ecies-lib';
  * @param {Schema} schema - Mongoose schema (defaults to MnemonicSchema)
  * @returns {Model<IMnemonicDocument<TID>>} Configured Mongoose model
  */
-export function MnemonicModel<
-  TModelName extends string = BaseModelName,
-  TCollection extends string = SchemaCollection,
-  TID extends PlatformID = Buffer,
->(
-  connection: Connection,
-  modelName: TModelName = BaseModelName.Mnemonic as TModelName,
-  collection: TCollection = SchemaCollection.Mnemonic as TCollection,
-  schema: Schema = MnemonicSchema,
-): Model<IMnemonicDocument<TID>> {
-  return connection.model<IMnemonicDocument<TID>>(
-    modelName,
-    schema,
-    collection,
-  );
-}
-
+export declare function MnemonicModel<TModelName extends string = BaseModelName, TCollection extends string = SchemaCollection, TID extends PlatformID = Buffer>(connection: Connection, modelName?: TModelName, collection?: TCollection, schema?: Schema): Model<IMnemonicDocument<TID>>;
 export default MnemonicModel;
+//# sourceMappingURL=mnemonic.d.ts.map

package/src/models/mnemonic.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mnemonic.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-express-suite/src/models/mnemonic.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,iCAAiC,CAAC;AAC5E,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AAErE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAElE;;;;;;;;;;GAUG;AACH,wBAAgB,aAAa,CAC3B,UAAU,SAAS,MAAM,GAAG,aAAa,EACzC,WAAW,SAAS,MAAM,GAAG,gBAAgB,EAC7C,GAAG,SAAS,UAAU,GAAG,MAAM,EAE/B,UAAU,EAAE,UAAU,EACtB,SAAS,GAAE,UAAiD,EAC5D,UAAU,GAAE,WAAsD,EAClE,MAAM,GAAE,MAAuB,GAC9B,KAAK,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAM/B;AAED,eAAe,aAAa,CAAC"}