@drax/identity-back 0.8.11 → 0.10.0

package/dist/config/IdentityConfig.js

@@ -7,6 +7,7 @@ var IdentityConfig;
     IdentityConfig["ApiKeyCacheTTL"] = "DRAX_APIKEY_CACHE_TTL";
     IdentityConfig["RbacCacheTTL"] = "DRAX_RBAC_CACHE_TTL";
     IdentityConfig["AvatarDir"] = "DRAX_AVATAR_DIR";
+    IdentityConfig["defaultRole"] = "DRAX_DEFAULT_ROLE";
 })(IdentityConfig || (IdentityConfig = {}));
 export default IdentityConfig;
 export { IdentityConfig };

package/dist/controllers/UserController.js

@@ -1,11 +1,13 @@
 import { AbstractFastifyController } from "@drax/crud-back";
-import { CommonConfig, DraxConfig, StoreManager, UploadFileError, ValidationError, UnauthorizedError } from "@drax/common-back";
+import RegistrationCompleteHtml from "../html/RegistrationCompleteHtml.js";
+import { CommonConfig, DraxConfig, StoreManager, UploadFileError, ValidationError, UnauthorizedError, SecuritySensitiveError } from "@drax/common-back";
 import UserServiceFactory from "../factory/UserServiceFactory.js";
 import RoleServiceFactory from "../factory/RoleServiceFactory.js";
 import UserPermissions from "../permissions/UserPermissions.js";
 import BadCredentialsError from "../errors/BadCredentialsError.js";
 import { join } from "path";
 import { IdentityConfig } from "../config/IdentityConfig.js";
+import UserEmailService from "../services/UserEmailService.js";
 const BASE_FILE_DIR = DraxConfig.getOrLoad(CommonConfig.FileDir) || 'files';
 const AVATAR_DIR = DraxConfig.getOrLoad(IdentityConfig.AvatarDir) || 'avatar';
 const BASE_URL = DraxConfig.getOrLoad(CommonConfig.BaseUrl) ? DraxConfig.get(CommonConfig.BaseUrl).replace(/\/$/, '') : '';
@@ -120,6 +122,84 @@ class UserController extends AbstractFastifyController {
             }
         }
     }
+    async register(request, reply) {
+        try {
+            if (request.rbac.getAuthUser) {
+                throw new UnauthorizedError();
+            }
+            const payload = request.body;
+            const defaultRole = DraxConfig.getOrLoad(IdentityConfig.defaultRole);
+            if (!defaultRole) {
+                throw new ValidationError([{ field: 'username', reason: 'Default role not found' }]);
+            }
+            const roleService = RoleServiceFactory();
+            const role = await roleService.findByName(defaultRole);
+            if (!role) {
+                throw new ValidationError([{ field: 'role', reason: 'Role not found' }]);
+            }
+            else if (role.name === 'Admin') {
+                payload.tenant = null;
+            }
+            payload.role = role.id;
+            payload.origin ?? (payload.origin = 'Registry');
+            const userService = UserServiceFactory();
+            let user = await userService.register(payload);
+            //SEND EMAIL FOR EMAIL VERIFICATION
+            await UserEmailService.emailVerifyCode(user.emailCode, user.email);
+            return user;
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            else if (e instanceof UnauthorizedError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'error.server' });
+            }
+        }
+    }
+    async verifyEmail(request, reply) {
+        try {
+            const emailCode = request.params.code;
+            const userService = UserServiceFactory();
+            const r = await userService.verifyEmail(emailCode);
+            if (r) {
+                const html = RegistrationCompleteHtml;
+                reply.header('Content-Type', 'text/html; charset=utf-8').send(html);
+            }
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            reply.code(500);
+            reply.send({ error: 'error.server' });
+        }
+    }
+    async verifyPhone(request, reply) {
+        try {
+            const phoneCode = request.params.code;
+            const userService = UserServiceFactory();
+            return await userService.verifyPhone(phoneCode);
+        }
+        catch (e) {
+            console.error(e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            reply.code(500);
+            reply.send({ error: 'error.server' });
+        }
+    }
     async create(request, reply) {
         try {
             request.rbac.assertPermission(UserPermissions.Create);
@@ -141,6 +221,7 @@ class UserController extends AbstractFastifyController {
             return user;
         }
         catch (e) {
+            console.error(e);
             if (e instanceof ValidationError) {
                 reply.statusCode = e.statusCode;
                 reply.send({ error: e.message, inputErrors: e.errors });
@@ -176,6 +257,7 @@ class UserController extends AbstractFastifyController {
             return user;
         }
         catch (e) {
+            console.error(e);
             if (e instanceof ValidationError) {
                 reply.statusCode = e.statusCode;
                 reply.send({ error: e.message, inputErrors: e.errors });
@@ -208,6 +290,7 @@ class UserController extends AbstractFastifyController {
             }
         }
         catch (e) {
+            console.error(e);
             if (e instanceof ValidationError) {
                 reply.statusCode = e.statusCode;
                 reply.send({ error: e.message, inputErrors: e.errors });
@@ -222,7 +305,71 @@ class UserController extends AbstractFastifyController {
             }
         }
     }
-    async myPassword(request, reply) {
+    async passwordRecoveryRequest(request, reply) {
+        //let message = 'Si el correo electrónico existe, se han enviado instrucciones.'
+        let message = 'user.events.recoveryPasswordInfo';
+        try {
+            const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+            const email = request.body.email;
+            if (!email || !emailRegex.test(email)) {
+                throw new ValidationError([{ field: 'email', reason: 'validation.email.invalid' }]);
+            }
+            const userService = UserServiceFactory();
+            const code = await userService.recoveryCode(email);
+            if (code) {
+                await UserEmailService.recoveryCode(code, email);
+            }
+            reply.send({ message });
+        }
+        catch (e) {
+            console.error('recoveryPassword error', e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            else if (e instanceof SecuritySensitiveError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ message });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'error.server' });
+            }
+        }
+    }
+    async recoveryPasswordComplete(request, reply) {
+        try {
+            const recoveryCode = request.body.recoveryCode;
+            const newPassword = request.body.newPassword;
+            if (!recoveryCode) {
+                throw new ValidationError([{ field: 'recoveryCode', reason: 'validation.required' }]);
+            }
+            if (!newPassword) {
+                throw new ValidationError([{ field: 'newPassword', reason: 'validation.required' }]);
+            }
+            const userService = UserServiceFactory();
+            const result = await userService.changeUserPasswordByCode(recoveryCode, newPassword);
+            if (result) {
+                reply.send({ message: 'action.success' });
+            }
+            else {
+                reply.statusCode = 400;
+                reply.send({ message: 'action.failure' });
+            }
+        }
+        catch (e) {
+            console.error('recoveryPassword error', e);
+            if (e instanceof ValidationError) {
+                reply.statusCode = e.statusCode;
+                reply.send({ error: e.message, inputErrors: e.errors });
+            }
+            else {
+                reply.statusCode = 500;
+                reply.send({ error: 'error.server' });
+            }
+        }
+    }
+    async changeMyPassword(request, reply) {
         try {
             if (!request.authUser) {
                 throw new UnauthorizedError();
@@ -234,7 +381,7 @@ class UserController extends AbstractFastifyController {
             return await userService.changeOwnPassword(userId, currentPassword, newPassword);
         }
         catch (e) {
-            console.error('/api/password error', e);
+            console.error('changeMyPassword error', e);
             if (e instanceof ValidationError) {
                 reply.statusCode = e.statusCode;
                 reply.send({ error: e.message, inputErrors: e.errors });
@@ -249,7 +396,7 @@ class UserController extends AbstractFastifyController {
             }
         }
     }
-    async password(request, reply) {
+    async changePassword(request, reply) {
         try {
             request.rbac.assertPermission(UserPermissions.Update);
             const userId = request.params.id;
@@ -288,7 +435,7 @@ class UserController extends AbstractFastifyController {
             };
             const destinationPath = join(BASE_FILE_DIR, AVATAR_DIR);
             const storedFile = await StoreManager.saveFile(file, destinationPath);
-            const urlFile = BASE_URL + '/api/user/avatar/' + storedFile.filename;
+            const urlFile = BASE_URL + '/api/users/avatar/' + storedFile.filename;
             //Save into DB
             const userService = UserServiceFactory();
             await userService.changeAvatar(userId, urlFile);

package/dist/factory/UserRegistryServiceFactory.js

@@ -0,0 +1,24 @@
+import UserRegistryService from "../services/UserRegistryService.js";
+import { COMMON, CommonConfig, DraxConfig } from "@drax/common-back";
+import UserRegistrySqliteRepository from "../repository/sqlite/UserRegistrySqliteRepository.js";
+import UserRegistryMongoRepository from "../repository/mongo/UserRegistryMongoRepository.js";
+let userRegistryService;
+const UserRegistryServiceFactory = (verbose = false) => {
+    if (!userRegistryService) {
+        let repository;
+        switch (DraxConfig.getOrLoad(CommonConfig.DbEngine)) {
+            case COMMON.DB_ENGINES.MONGODB:
+                repository = new UserRegistryMongoRepository();
+                break;
+            case COMMON.DB_ENGINES.SQLITE:
+                const dbFile = DraxConfig.getOrLoad(CommonConfig.SqliteDbFile);
+                repository = new UserRegistrySqliteRepository(dbFile, verbose);
+                break;
+            default:
+                throw new Error("DraxConfig.DB_ENGINE must be one of " + Object.values(COMMON.DB_ENGINES).join(", "));
+        }
+        userRegistryService = new UserRegistryService(repository);
+    }
+    return userRegistryService;
+};
+export default UserRegistryServiceFactory;

package/dist/html/RegistrationCompleteHtml.js

@@ -0,0 +1,51 @@
+const html = `
+                <!DOCTYPE html>
+    <html lang="en">
+    <head>
+      <meta charset="UTF-8">
+      <meta name="viewport" content="width=device-width, initial-scale=1.0">
+      <title>Registro Completo</title>
+      <style>
+        body {
+          margin: 0;
+          height: 100vh;
+          display: flex;
+          justify-content: center;
+          align-items: center;
+          background-color: #f5f5f5;
+          font-family: Arial, sans-serif;
+        }
+        .container {
+          width: 300px;
+          border: 1px solid grey;
+          padding: 20px;
+          text-align: center;
+          background: white;
+          box-shadow: 0 4px 8px rgba(0, 0, 0, 0.2);
+          border-radius: 8px;
+        }
+        .title {
+          color: darkgreen;
+          font-size: 20px;
+          font-weight: bold;
+          margin-bottom: 20px;
+        }
+        .link {
+          margin-top: 20px;
+          text-decoration: none;
+          color: #007bff;
+        }
+        .link:hover {
+          text-decoration: underline;
+        }
+      </style>
+    </head>
+    <body>
+      <div class="container">
+        <div class="title">Registro Completo</div>
+        <a href="/login" class="link">Login</a>
+      </div>
+    </body>
+    </html>
+                `;
+export default html;

package/dist/models/UserModel.js

@@ -29,7 +29,7 @@ const UserSchema = new mongoose.Schema({
             message: "Invalid email format"
         }
     },
-    password: { type: String, required: true, index: false },
+    password: { type: String, required: true, index: false, select: false },
     name: { type: String, required: false, index: false },
     active: { type: Boolean, required: true, default: false, index: false },
     phone: {
@@ -64,6 +64,11 @@ const UserSchema = new mongoose.Schema({
             required: false,
             index: false
         }],
+    emailVerified: { type: Boolean, required: true, default: false, index: false },
+    phoneVerified: { type: Boolean, required: true, default: false, index: false },
+    emailCode: { type: String, required: false, index: false, select: false },
+    phoneCode: { type: String, required: false, index: false, select: false },
+    recoveryCode: { type: String, required: false, index: false, select: false },
 }, { timestamps: true });
 UserSchema.set('toJSON', { getters: true });
 UserSchema.plugin(uniqueValidator, { message: 'validation.unique' });

package/dist/repository/mongo/UserApiKeyMongoRepository.js

@@ -1,7 +1,7 @@
 import { UserApiKeyModel } from "../../models/UserApiKeyModel.js";
 import { mongoose, MongooseErrorToValidationError, MongooseQueryFilter, MongooseSort, MongoServerErrorToValidationError } from "@drax/common-back";
 import { MongoServerError } from "mongodb";
-class UserMongoRepository {
+class UserApiKeyMongoRepository {
     constructor() {
     }
     async create(data) {
@@ -68,4 +68,4 @@ class UserMongoRepository {
         };
     }
 }
-export default UserMongoRepository;
+export default UserApiKeyMongoRepository;

package/dist/repository/mongo/UserMongoRepository.js

@@ -39,6 +39,18 @@ class UserMongoRepository {
             throw e;
         }
     }
+    async updatePartial(id, data) {
+        try {
+            const item = await UserModel.findOneAndUpdate({ _id: id }, data, { new: true }).populate(['role', 'tenant']).exec();
+            return item;
+        }
+        catch (e) {
+            if (e instanceof mongoose.Error.ValidationError) {
+                throw MongooseErrorToValidationError(e);
+            }
+            throw e;
+        }
+    }
     async delete(id) {
         const result = await UserModel.deleteOne({ _id: id }).exec();
         return result.deletedCount == 1;
@@ -51,10 +63,26 @@ class UserMongoRepository {
         const user = await UserModel.findOne({ username: username }).populate(['role', 'tenant']).exec();
         return user;
     }
+    async findByUsernameWithPassword(username) {
+        const user = await UserModel.findOne({ username: username }).select('+password').populate(['role', 'tenant']).exec();
+        return user;
+    }
     async findByEmail(email) {
         const user = await UserModel.findOne({ email: email }).populate(['role', 'tenant']).exec();
         return user;
     }
+    async findByEmailCode(code) {
+        const user = await UserModel.findOne({ emailCode: { $eq: code }, emailVerified: { $eq: false } }).populate(['role', 'tenant']).exec();
+        return user;
+    }
+    async findByPhoneCode(code) {
+        const user = await UserModel.findOne({ phoneCode: { $eq: code }, phoneVerified: { $eq: false } }).populate(['role', 'tenant']).exec();
+        return user;
+    }
+    async findByRecoveryCode(code) {
+        const user = await UserModel.findOne({ recoveryCode: { $eq: code }, active: { $eq: true } }).populate(['role', 'tenant']).exec();
+        return user;
+    }
     async paginate({ page = 1, limit = 5, orderBy = '', order = false, search = '', filters = [] }) {
         const query = {};
         if (search) {

package/dist/repository/sqlite/UserSqliteRepository.js

@@ -17,7 +17,11 @@ const tableFields = [
     { name: "avatar", type: "TEXT", unique: false, primary: false },
     { name: "origin", type: "TEXT", unique: false, primary: false },
     { name: "createdAt", type: "TEXT", unique: false, primary: false },
-    { name: "updatedAt", type: "TEXT", unique: false, primary: false }
+    { name: "updatedAt", type: "TEXT", unique: false, primary: false },
+    { name: "emailVerified", type: "INTEGER", unique: false, primary: false },
+    { name: "phoneVerified", type: "INTEGER", unique: false, primary: false },
+    { name: "emailCode", type: "TEXT", unique: false, primary: false },
+    { name: "phoneCode", type: "TEXT", unique: false, primary: false },
 ];
 class UserSqliteRepository {
     constructor(dataBaseFile, verbose = false) {
@@ -62,6 +66,9 @@ class UserSqliteRepository {
             throw SqliteErrorToValidationError(e, userData);
         }
     }
+    async updatePartial(id, userData) {
+        return this.update(id, userData);
+    }
     async update(id, userData) {
         try {
             if (!await this.findRoleById(userData.role)) {
@@ -111,6 +118,15 @@ class UserSqliteRepository {
         user.tenant = await this.findTenantById(user.tenant);
         return user;
     }
+    async findByUsernameWithPassword(username) {
+        const user = this.db.prepare('SELECT * FROM users WHERE username = ?').get(username);
+        if (!user) {
+            return null;
+        }
+        user.role = await this.findRoleById(user.role);
+        user.tenant = await this.findTenantById(user.tenant);
+        return user;
+    }
     async findByEmail(email) {
         const user = this.db.prepare('SELECT * FROM users WHERE email = ?').get(email);
         if (!user) {
@@ -120,6 +136,33 @@ class UserSqliteRepository {
         user.tenant = await this.findTenantById(user.tenant);
         return user;
     }
+    async findByEmailCode(code) {
+        const user = this.db.prepare('SELECT * FROM users WHERE emailVerifyCode = ? AND emailVerified = 0').get(code);
+        if (!user) {
+            return null;
+        }
+        user.role = await this.findRoleById(user.role);
+        user.tenant = await this.findTenantById(user.tenant);
+        return user;
+    }
+    async findByRecoveryCode(code) {
+        const user = this.db.prepare('SELECT * FROM users WHERE recoveryCode = ? AND active = 1').get(code);
+        if (!user) {
+            return null;
+        }
+        user.role = await this.findRoleById(user.role);
+        user.tenant = await this.findTenantById(user.tenant);
+        return user;
+    }
+    async findByPhoneCode(code) {
+        const user = this.db.prepare('SELECT * FROM users WHERE phoneCode = ? AND phoneVerified = 0').get(code);
+        if (!user) {
+            return null;
+        }
+        user.role = await this.findRoleById(user.role);
+        user.tenant = await this.findTenantById(user.tenant);
+        return user;
+    }
     async paginate({ page = 1, limit = 5, orderBy = '', order = false, search = '', filters = [] }) {
         const offset = page > 1 ? (page - 1) * limit : 0;
         let where = "";

package/dist/routes/UserRoutes.js

@@ -1,18 +1,23 @@
 import UserController from "../controllers/UserController.js";
 async function UserRoutes(fastify, options) {
     const controller = new UserController();
-    fastify.post('/api/auth', (req, rep) => controller.auth(req, rep));
-    fastify.get('/api/me', (req, rep) => controller.me(req, rep));
+    fastify.post('/api/auth/login', (req, rep) => controller.auth(req, rep));
+    fastify.get('/api/auth/me', (req, rep) => controller.me(req, rep));
     fastify.get('/api/users/search', (req, rep) => controller.search(req, rep));
     fastify.get('/api/users/export', (req, rep) => controller.export(req, rep));
     fastify.get('/api/users', (req, rep) => controller.paginate(req, rep));
     fastify.post('/api/users', (req, rep) => controller.create(req, rep));
     fastify.put('/api/users/:id', (req, rep) => controller.update(req, rep));
     fastify.delete('/api/users/:id', (req, rep) => controller.delete(req, rep));
-    fastify.post('/api/password', (req, rep) => controller.myPassword(req, rep));
-    fastify.post('/api/password/:id', (req, rep) => controller.password(req, rep));
-    fastify.post('/api/user/avatar', (req, rep) => controller.updateAvatar(req, rep));
-    fastify.get('/api/user/avatar/:filename', (req, rep) => controller.getAvatar(req, rep));
+    fastify.post('/api/users/register', (req, rep) => controller.register(req, rep));
+    fastify.get('/api/users/verify-email/:code', (req, rep) => controller.verifyEmail(req, rep));
+    fastify.get('/api/users/verify-phone/:code', (req, rep) => controller.verifyPhone(req, rep));
+    fastify.post('/api/users/password/change', (req, rep) => controller.changeMyPassword(req, rep));
+    fastify.post('/api/users/password/change/:id', (req, rep) => controller.changePassword(req, rep));
+    fastify.post('/api/users/password/recovery/request', (req, rep) => controller.passwordRecoveryRequest(req, rep));
+    fastify.post('/api/users/password/recovery/complete', (req, rep) => controller.recoveryPasswordComplete(req, rep));
+    fastify.post('/api/users/avatar', (req, rep) => controller.updateAvatar(req, rep));
+    fastify.get('/api/users/avatar/:filename', (req, rep) => controller.getAvatar(req, rep));
 }
 export default UserRoutes;
 export { UserRoutes };

package/dist/services/UserEmailService.js

@@ -0,0 +1,54 @@
+import { EmailTransportConfig, EmailLayoutServiceFactory, EmailTransportServiceFactory } from "@drax/email-back";
+import { CommonConfig, DraxConfig } from "@drax/common-back";
+class UserEmailService {
+    static async emailVerifyCode(emailCode, emailTo) {
+        let emailLayout = EmailLayoutServiceFactory.instance;
+        let baseurl = DraxConfig.getOrLoad(CommonConfig.BaseUrl);
+        let body = `
+        <h2 style="font-size: 22px; color: #333333; font-weight: 600; margin: 0 0 10px 0;">
+            Verificación de Email
+        </h2>
+        <p style="font-size: 16px; line-height: 1.6; color: #555555; margin: 0 0 15px 0;">
+        Para confirmar tu email, haz clic en el siguiente enlace:
+        </p>
+        <a href="${baseurl}/api/users/verify-email/${emailCode}" style="color: #333333; text-decoration: none; border: 1px solid #333333; padding: 10px 20px; text-align: center; text-decoration: none; display: inline-block;">Verificar Email</a>
+        `;
+        const emailFrom = DraxConfig.getOrLoad(EmailTransportConfig.authUsername);
+        const emailOptions = {
+            subject: "Verificación de Email",
+            from: emailFrom,
+            to: emailTo,
+            html: emailLayout.html(body)
+        };
+        await EmailTransportServiceFactory.instance.sendEmail(emailOptions);
+    }
+    static async recoveryCode(recoveryCode, emailTo) {
+        let emailLayout = EmailLayoutServiceFactory.instance;
+        let baseurl = DraxConfig.getOrLoad(CommonConfig.BaseUrl);
+        let body = `
+        <h2 style="font-size: 22px; color: #333333; font-weight: 600; margin: 0 0 10px 0;">
+            Recuperación de Contraseña
+        </h2>
+        <p style="font-size: 16px; line-height: 1.6; color: #555555; margin: 0 0 15px 0;">
+        Accede al siguiente link para recuperar tu contraseña:
+        </p>
+        <p style="text-align: center; width: 100%;">
+           <a href="${baseurl}/password/recovery/complete/${recoveryCode}" 
+           style="color: #333333; text-decoration: none; border: 1px solid #333333; padding: 10px 20px; text-align: center; text-decoration: none; display: inline-block;">
+           Recuperar Contraseña
+            </a>
+        </p>
+     
+        `;
+        const emailFrom = DraxConfig.getOrLoad(EmailTransportConfig.authUsername);
+        const emailOptions = {
+            subject: "Recuperación de Contraseña",
+            from: emailFrom,
+            to: emailTo,
+            html: emailLayout.html(body)
+        };
+        await EmailTransportServiceFactory.instance.sendEmail(emailOptions);
+    }
+}
+export default UserEmailService;
+export { UserEmailService };