npm - @drax/identity-back - Versions diffs - 3.13.0 → 3.15.0 - Mend

@drax/identity-back 3.13.0 → 3.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (150) hide show

package/src/config/PasswordPolicyConfig.ts ADDED Viewed

@@ -0,0 +1,14 @@
+enum PasswordPolicyConfig {
+    MinLength = "PASSWORD_POLICY_MIN_LENGTH",
+    MaxLength = "PASSWORD_POLICY_MAX_LENGTH",
+    RequireUppercase = "PASSWORD_POLICY_REQUIRE_UPPERCASE",
+    RequireLowercase = "PASSWORD_POLICY_REQUIRE_LOWERCASE",
+    RequireNumber = "PASSWORD_POLICY_REQUIRE_NUMBER",
+    RequireSpecialChar = "PASSWORD_POLICY_REQUIRE_SPECIAL_CHAR",
+    DisallowSpaces = "PASSWORD_POLICY_DISALLOW_SPACES",
+    PreventReuse = "PASSWORD_POLICY_PREVENT_REUSE",
+    ExpirationDays = "PASSWORD_POLICY_EXPIRATION_DAYS",
+}
+export default PasswordPolicyConfig;
+export {PasswordPolicyConfig};

package/src/controllers/UserApiKeyController.ts CHANGED Viewed

@@ -1,149 +1,35 @@
 import type {IUserApiKey, IUserApiKeyBase} from "@drax/identity-share";
-import {AbstractFastifyController} from "@drax/crud-back";
-import {ValidationError, UnauthorizedError} from "@drax/common-back";
+import {AbstractFastifyController, CustomRequest} from "@drax/crud-back";
 import UserApiKeyServiceFactory from "../factory/UserApiKeyServiceFactory.js";
 import UserApiKeyService from "../services/UserApiKeyService.js";
 import UserApiKeyPermissions from "../permissions/UserApiKeyPermissions.js";
-class UserApiKeyController extends AbstractFastifyController<IUserApiKey, IUserApiKeyBase, IUserApiKeyBase>   {
+type UserApiKeyPayload = IUserApiKeyBase & {
+    user?: string
+}
+class UserApiKeyController extends AbstractFastifyController<IUserApiKey, UserApiKeyPayload, UserApiKeyPayload> {
     protected service: UserApiKeyService
+    protected userField: string = 'user'
+    protected userFilter: boolean = true
+    protected userSetter: boolean = true
+    protected userAssert: boolean = true
     constructor() {
         super(UserApiKeyServiceFactory(), UserApiKeyPermissions)
     }
-    async paginate(request, reply) {
-        try {
-            request.rbac.assertAuthenticated()
-            request.rbac.assertOrPermissions([
-                UserApiKeyPermissions.View,
-                UserApiKeyPermissions.ViewMy
-            ])
-            const filters = []
-            if(!request.rbac.hasPermission(UserApiKeyPermissions.View)){
-                filters.push({field: "user", operator: "eq", value: request.rbac.userId})
-            }
-            const page = request.query.page
-            const limit = request.query.limit
-            const orderBy = request.query.orderBy
-            const order = request.query.order
-            const search = request.query.search
-            const userApiKeyService = UserApiKeyServiceFactory()
-            let paginateResult = await userApiKeyService.paginate({page, limit, orderBy, order, search, filters})
-            return paginateResult
-        } catch (e) {
-            console.log("/api/user-api-keys",e)
-            if (e instanceof ValidationError) {
-                reply.statusCode = e.statusCode
-                reply.send({error: e.message, inputErrors: e.errors})
-            } else if (e instanceof UnauthorizedError) {
-                reply.statusCode = e.statusCode
-                reply.send({error: e.message})
-            } else {
-                reply.statusCode = 500
-                reply.send({error: 'error.server'})
-            }
-        }
+    async preCreate(request: CustomRequest, payload: UserApiKeyPayload): Promise<UserApiKeyPayload> {
+        request.rbac.assertAuthenticated()
+        payload.createdBy = request.rbac.userId
+        return payload
     }
-    async create(request, reply) {
-        try {
-            request.rbac.assertOrPermissions([UserApiKeyPermissions.Create, UserApiKeyPermissions.CreateMy])
-            const payload = request.body
-            if(!request.rbac.hasPermission(UserApiKeyPermissions.Create) || !payload.user){
-                payload.user = request.rbac.userId
-            }
-            payload.createdBy = request.rbac.userId
-            const userApiKeyService = UserApiKeyServiceFactory()
-            let userApiKey = await userApiKeyService.create(payload)
-            return userApiKey
-        } catch (e) {
-            if (e instanceof ValidationError) {
-                reply.statusCode = e.statusCode
-                reply.send({error: e.message, inputErrors: e.errors})
-            } else if (e instanceof UnauthorizedError) {
-                reply.statusCode = e.statusCode
-                reply.send({error: e.message})
-            } else {
-                reply.statusCode = 500
-                reply.send({error: 'error.server'})
-            }
-        }
-    }
-    async update(request, reply) {
-        try {
-            request.rbac.assertPermission(UserApiKeyPermissions.Update)
-            const id = request.params.id
-            const payload = request.body
-            const userApiKeyService = UserApiKeyServiceFactory()
-            let userApiKey = await userApiKeyService.update(id, payload)
-            return userApiKey
-        } catch (e) {
-            if (e instanceof ValidationError) {
-                reply.statusCode = e.statusCode
-                reply.send({error: e.message, inputErrors: e.errors})
-            }
-            if (e instanceof UnauthorizedError) {
-                reply.statusCode = e.statusCode
-                reply.send({error: e.message})
-            } else if (e instanceof UnauthorizedError) {
-                reply.statusCode = e.statusCode
-                reply.send({error: e.message})
-            } else {
-                reply.statusCode = 500
-                reply.send({error: 'error.server'})
-            }
-        }
-    }
-    async delete(request, reply) : Promise<void>  {
-        try {
-            request.rbac.assertPermission(UserApiKeyPermissions.Delete)
-            const id = request.params.id
-            const userApiKeyService = UserApiKeyServiceFactory()
-            let r = await userApiKeyService.delete(id)
-            if(r){
-                reply.send({message: 'Deleted successfully'})
-            }else{
-                reply.statusCode(400).send({message: 'Not deleted'})
-            }
-        } catch (e) {
-            if (e instanceof ValidationError) {
-                reply.statusCode = e.statusCode
-                reply.send({error: e.message, inputErrors: e.errors})
-            } else if (e instanceof UnauthorizedError) {
-                reply.statusCode = e.statusCode
-                reply.send({error: e.message})
-            } else {
-                reply.statusCode = 500
-                reply.send({error: 'error.server'})
-            }
-        }
-    }
 }
 export default UserApiKeyController;
 export {
     UserApiKeyController
 }

package/src/controllers/UserController.ts CHANGED Viewed

@@ -20,6 +20,7 @@ import UserEmailService from "../services/UserEmailService.js";
 import {IDraxCrudEvent, IDraxFieldFilter} from "@drax/crud-share";
 import TenantServiceFactory from "../factory/TenantServiceFactory.js";
 import {CustomRequest} from "@drax/crud-back/dist";
+import PasswordPolicyServiceFactory from "../factory/PasswordPolicyServiceFactory.js";
 const BASE_FILE_DIR = DraxConfig.getOrLoad(CommonConfig.FileDir) || 'files';
 const AVATAR_DIR = DraxConfig.getOrLoad(IdentityConfig.AvatarDir) || 'avatar';
@@ -91,6 +92,15 @@ class UserController extends AbstractFastifyController<IUser, IUserCreate, IUser
         }
     }
+    async passwordPolicy(request, reply) {
+        try {
+            const passwordPolicyService = PasswordPolicyServiceFactory()
+            return await passwordPolicyService.getFinalPolicy()
+        } catch (e) {
+            this.handleError(e, reply)
+        }
+    }
     async me(request, reply) {
         try {
             if (request.authUser) {
@@ -504,4 +514,3 @@ export default UserController;
 export {
     UserController
 }

package/src/factory/PasswordPolicyResolverFactory.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import PasswordPolicyResolver from "../resolver/PasswordPolicyResolver.js";
+let passwordPolicyResolver: PasswordPolicyResolver
+const PasswordPolicyResolverFactory = (): PasswordPolicyResolver => {
+    if (!passwordPolicyResolver) {
+        passwordPolicyResolver = new PasswordPolicyResolver()
+    }
+    return passwordPolicyResolver
+}
+export default PasswordPolicyResolverFactory

package/src/factory/PasswordPolicyServiceFactory.ts ADDED Viewed

@@ -0,0 +1,38 @@
+import PasswordPolicyService from "../services/PasswordPolicyService.js";
+import PasswordPolicyResolverFactory from "./PasswordPolicyResolverFactory.js";
+import UserPasswordHistoryServiceFactory from "./UserPasswordHistoryServiceFactory.js";
+import UserMongoRepository from "../repository/mongo/UserMongoRepository.js";
+import UserSqliteRepository from "../repository/sqlite/UserSqliteRepository.js";
+import {COMMON, CommonConfig, DraxConfig} from "@drax/common-back";
+import type {IUserRepository} from "../interfaces/IUserRepository.js";
+let passwordPolicyService: PasswordPolicyService
+const PasswordPolicyServiceFactory = (verbose: boolean = false): PasswordPolicyService => {
+    if (!passwordPolicyService) {
+        let userRepository: IUserRepository
+        switch (DraxConfig.getOrLoad(CommonConfig.DbEngine)) {
+            case COMMON.DB_ENGINES.MONGODB:
+                userRepository = new UserMongoRepository()
+                break;
+            case COMMON.DB_ENGINES.SQLITE:
+                userRepository = new UserSqliteRepository(DraxConfig.getOrLoad(CommonConfig.SqliteDbFile), verbose)
+                userRepository.build()
+                break;
+            default:
+                throw new Error("DraxConfig.DB_ENGINE must be one of " + Object.values(COMMON.DB_ENGINES).join(", "));
+        }
+        const passwordPolicyResolver = PasswordPolicyResolverFactory()
+        passwordPolicyService = new PasswordPolicyService(
+            passwordPolicyResolver,
+            userRepository,
+            UserPasswordHistoryServiceFactory(verbose)
+        )
+    }
+    return passwordPolicyService
+}
+export default PasswordPolicyServiceFactory

package/src/factory/UserPasswordHistoryServiceFactory.ts ADDED Viewed

@@ -0,0 +1,31 @@
+import {COMMON, CommonConfig, DraxConfig} from "@drax/common-back";
+import type {IUserPasswordHistoryRepository} from "../interfaces/IUserPasswordHistoryRepository.js";
+import UserPasswordHistoryMongoRepository from "../repository/mongo/UserPasswordHistoryMongoRepository.js";
+import UserPasswordHistorySqliteRepository from "../repository/sqlite/UserPasswordHistorySqliteRepository.js";
+import UserPasswordHistoryService from "../services/UserPasswordHistoryService.js";
+let userPasswordHistoryService: UserPasswordHistoryService
+const UserPasswordHistoryServiceFactory = (verbose: boolean = false): UserPasswordHistoryService => {
+    if (!userPasswordHistoryService) {
+        let repository: IUserPasswordHistoryRepository
+        switch (DraxConfig.getOrLoad(CommonConfig.DbEngine)) {
+            case COMMON.DB_ENGINES.MONGODB:
+                repository = new UserPasswordHistoryMongoRepository()
+                break;
+            case COMMON.DB_ENGINES.SQLITE:
+                const sqliteRepository = new UserPasswordHistorySqliteRepository(DraxConfig.getOrLoad(CommonConfig.SqliteDbFile), verbose)
+                sqliteRepository.build()
+                repository = sqliteRepository
+                break;
+            default:
+                throw new Error("DraxConfig.DB_ENGINE must be one of " + Object.values(COMMON.DB_ENGINES).join(", "));
+        }
+        userPasswordHistoryService = new UserPasswordHistoryService(repository)
+    }
+    return userPasswordHistoryService
+}
+export default UserPasswordHistoryServiceFactory

package/src/factory/UserServiceFactory.ts CHANGED Viewed

@@ -3,6 +3,8 @@ import UserService from "../services/UserService.js";
 import UserSqliteRepository from "../repository/sqlite/UserSqliteRepository.js";
 import {IUserRepository} from "../interfaces/IUserRepository";
 import {COMMON, CommonConfig, DraxConfig} from "@drax/common-back";
+import PasswordPolicyServiceFactory from "./PasswordPolicyServiceFactory.js";
+import UserPasswordHistoryServiceFactory from "./UserPasswordHistoryServiceFactory.js";
 let userService: UserService
@@ -22,7 +24,11 @@ const UserServiceFactory = (verbose:boolean = false) : UserService => {
                 throw new Error("DraxConfig.DB_ENGINE must be one of " + Object.values(COMMON.DB_ENGINES).join(", "));
         }
-        userService = new UserService(userRepository)
+        userService = new UserService(
+            userRepository,
+            PasswordPolicyServiceFactory(verbose),
+            UserPasswordHistoryServiceFactory(verbose)
+        )
     }
     return userService

package/src/graphql/resolvers/user-api-key.resolvers.ts CHANGED Viewed

@@ -14,15 +14,14 @@ export default {
                 rbac.assertOrPermissions([
-                    UserApiKeyPermissions.View,
-                    UserApiKeyPermissions.ViewMy
+                    UserApiKeyPermissions.View
                 ])
                 if(!Array.isArray(options.filters)){
                     options.filters = []
                 }
-                if(!rbac.hasPermission(UserApiKeyPermissions.View)){
+                if(!rbac.hasPermission(UserApiKeyPermissions.ViewAll)){
                     options.filters.push({field: "user", operator: "eq", value: rbac.userId})
                 }

package/src/index.ts CHANGED Viewed

@@ -5,6 +5,8 @@ import TenantServiceFactory from "./factory/TenantServiceFactory.js";
 import UserApiKeyServiceFactory from "./factory/UserApiKeyServiceFactory.js";
 import UserLoginFailServiceFactory from "./factory/UserLoginFailServiceFactory.js";
 import UserSessionServiceFactory from "./factory/UserSessionServiceFactory.js";
+import PasswordPolicyServiceFactory from "./factory/PasswordPolicyServiceFactory.js";
+import UserPasswordHistoryServiceFactory from "./factory/UserPasswordHistoryServiceFactory.js";
 import RoleService from "./services/RoleService.js";
 import UserService from "./services/UserService.js";
@@ -13,6 +15,9 @@ import PermissionService from "./services/PermissionService.js";
 import UserApiKeyService from "./services/UserApiKeyService.js";
 import UserSessionService from "./services/UserSessionService.js";
 import UserLoginFailService from "./services/UserLoginFailService.js";
+import UserPasswordHistoryService from "./services/UserPasswordHistoryService.js";
+import PasswordPolicyService from "./services/PasswordPolicyService.js";
+import PasswordPolicyResolver from "./resolver/PasswordPolicyResolver.js";
 import Rbac from "./rbac/Rbac.js";
@@ -29,6 +34,7 @@ import {rbacMiddleware} from "./middleware/rbacMiddleware.js";
 import {apiKeyMiddleware} from "./middleware/apiKeyMiddleware.js";
 import IdentityConfig from "./config/IdentityConfig.js";
+import PasswordPolicyConfig from "./config/PasswordPolicyConfig.js";
 import BadCredentialsError from "./errors/BadCredentialsError.js";
 import CreateUserIfNotExist from "./setup/CreateUserIfNotExist.js";
@@ -37,6 +43,7 @@ import CreateOrUpdateRole from "./setup/CreateOrUpdateRole.js";
 import LoadPermissions from "./setup/LoadPermissions.js";
 import LoadIdentityConfigFromEnv from "./setup/LoadIdentityConfigFromEnv.js";
 import RecoveryUserPassword from "./setup/RecoveryUserPassword.js";
+import SetProjectPasswordPolicy from "./setup/SetProjectPasswordPolicy.js";
 import type {IRoleRepository} from "./interfaces/IRoleRepository";
 import type {ITenantRepository} from "./interfaces/ITenantRepository";
@@ -44,6 +51,7 @@ import type {IUserRepository} from "./interfaces/IUserRepository";
 import type {IUserApiKeyRepository} from "./interfaces/IUserApiKeyRepository";
 import type {IUserLoginFailRepository} from "./interfaces/IUserLoginFailRepository";
 import type {IUserSessionRepository} from "./interfaces/IUserSessionRepository";
+import type {IUserPasswordHistoryRepository} from "./interfaces/IUserPasswordHistoryRepository";
 import {RoleModel, RoleMongoSchema} from "./models/RoleModel.js";
 import {TenantModel, TenantMongoSchema} from "./models/TenantModel.js";
@@ -51,6 +59,7 @@ import {UserModel, UserMongoSchema} from "./models/UserModel.js";
 import {UserApiKeyModel, UserApiKeyMongoSchema} from "./models/UserApiKeyModel.js";
 import {UserSessionModel,UserSessionMongoSchema} from "./models/UserSessionModel.js";
 import {UserLoginFailModel,UserLoginFailMongoSchema} from "./models/UserLoginFailModel.js";
+import {UserPasswordHistoryModel, UserPasswordHistoryMongoSchema} from "./models/UserPasswordHistoryModel.js";
 import RoleMongoRepository from "./repository/mongo/RoleMongoRepository.js";
@@ -59,6 +68,7 @@ import UserMongoRepository from "./repository/mongo/UserMongoRepository.js";
 import UserApiKeyMongoRepository from "./repository/mongo/UserApiKeyMongoRepository.js";
 import UserSessionMongoRepository from "./repository/mongo/UserSessionMongoRepository.js";
 import UserLoginFailMongoRepository from "./repository/mongo/UserLoginFailMongoRepository.js";
+import UserPasswordHistoryMongoRepository from "./repository/mongo/UserPasswordHistoryMongoRepository.js";
 import RoleSqliteRepository from "./repository/sqlite/RoleSqliteRepository.js";
 import TenantSqliteRepository from "./repository/sqlite/TenantSqliteRepository.js";
@@ -66,6 +76,7 @@ import UserSqliteRepository from "./repository/sqlite/UserSqliteRepository.js";
 import UserApiKeySqliteRepository from "./repository/sqlite/UserApiKeySqliteRepository.js";
 import UserLoginFailSqliteRepository from "./repository/sqlite/UserLoginFailSqliteRepository.js";
 import UserSessionSqliteRepository from "./repository/sqlite/UserSessionSqliteRepository.js";
+import UserPasswordHistorySqliteRepository from "./repository/sqlite/UserPasswordHistorySqliteRepository.js";
 import {RolePermissions} from "./permissions/RolePermissions.js";
@@ -81,6 +92,8 @@ import {RoleSchema, RoleBaseSchema} from "./schemas/RoleSchema.js";
 import {UserApiKeySchema, UserApiKeyBaseSchema} from "./schemas/UserApiKeySchema.js";
 import {UserLoginFailBaseSchema, UserLoginFailSchema} from "./schemas/UserLoginFailSchema.js";
 import {UserSessionBaseSchema, UserSessionSchema} from "./schemas/UserSessionSchema.js";
+import {defaultPasswordPolicy} from "./policies/defaultPasswordPolicy.js";
+import {PasswordPolicySchema} from "./schemas/PasswordPolicySchema.js";
 const graphqlMergeResult = await GraphqlMerge()
@@ -95,6 +108,7 @@ export type {
     IUserApiKeyRepository,
     IUserLoginFailRepository,
     IUserSessionRepository,
+    IUserPasswordHistoryRepository,
 }
 export {
@@ -118,6 +132,9 @@ export {
     UserApiKeyService,
     UserSessionService,
     UserLoginFailService,
+    UserPasswordHistoryService,
+    PasswordPolicyService,
+    PasswordPolicyResolver,
     PermissionService,
     Rbac,
@@ -128,6 +145,8 @@ export {
     UserApiKeyServiceFactory,
     UserSessionServiceFactory,
     UserLoginFailServiceFactory,
+    UserPasswordHistoryServiceFactory,
+    PasswordPolicyServiceFactory,
     //GQL
     identityTypeDefs,
@@ -163,6 +182,7 @@ export {
     UserApiKeyMongoRepository,
     UserSessionMongoRepository,
     UserLoginFailMongoRepository,
+    UserPasswordHistoryMongoRepository,
     //Mongo Models
     RoleModel,
@@ -171,6 +191,7 @@ export {
     UserApiKeyModel,
     UserSessionModel,
     UserLoginFailModel,
+    UserPasswordHistoryModel,
     RoleMongoSchema,
     TenantMongoSchema,
@@ -178,6 +199,7 @@ export {
     UserApiKeyMongoSchema,
     UserSessionMongoSchema,
     UserLoginFailMongoSchema,
+    UserPasswordHistoryMongoSchema,
     //Sqlite Repositories
     RoleSqliteRepository,
@@ -186,12 +208,16 @@ export {
     UserApiKeySqliteRepository,
     UserLoginFailSqliteRepository,
     UserSessionSqliteRepository,
+    UserPasswordHistorySqliteRepository,
     //Config
     IdentityConfig,
+    PasswordPolicyConfig,
     //Errors
     BadCredentialsError,
+    defaultPasswordPolicy,
+    PasswordPolicySchema,
     //Setup
     LoadIdentityConfigFromEnv,
@@ -199,7 +225,6 @@ export {
     CreateOrUpdateRole,
     CreateUserIfNotExist,
     CreateTenantIfNotExist,
-    RecoveryUserPassword
+    RecoveryUserPassword,
+    SetProjectPasswordPolicy
 }

package/src/interfaces/IUserPasswordHistory.ts ADDED Viewed

@@ -0,0 +1,21 @@
+interface IUserPasswordHistory {
+    _id?: string
+    id?: string
+    user: string
+    passwordHash: string
+    createdAt?: string | Date
+    updatedAt?: string | Date
+}
+interface IUserPasswordHistoryCreate {
+    _id?: string
+    id?: string
+    user: string
+    passwordHash: string
+    createdAt?: string | Date
+}
+export type {
+    IUserPasswordHistory,
+    IUserPasswordHistoryCreate
+}

package/src/interfaces/IUserPasswordHistoryRepository.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type {IUserPasswordHistory, IUserPasswordHistoryCreate} from "./IUserPasswordHistory.js";
+interface IUserPasswordHistoryRepository {
+    create(data: IUserPasswordHistoryCreate): Promise<IUserPasswordHistory>
+    findLatestByUserId(userId: string, limit: number): Promise<IUserPasswordHistory[]>
+}
+export type {IUserPasswordHistoryRepository}

package/src/middleware/apiKeyMiddleware.ts CHANGED Viewed

@@ -6,7 +6,7 @@ import IdentityConfig from "../config/IdentityConfig.js";
 const verifyIp = DraxConfig.getOrLoad(IdentityConfig.VerifyIP, 'boolean', true);
 const cacheTTL = DraxConfig.getOrLoad(IdentityConfig.ApiKeyCacheTTL, 'number',10000)
-const draxCache = new DraxCache<IUserApiKey>(cacheTTL);
+const draxCache = new DraxCache<IUserApiKey>({ ttl: cacheTTL, namespace: 'identity:api-key' });
 async function userApiKeyLoader(k): Promise<IUserApiKey | null> {

package/src/middleware/rbacMiddleware.ts CHANGED Viewed

@@ -5,7 +5,7 @@ import Rbac from "../rbac/Rbac.js";
 import IdentityConfig from "../config/IdentityConfig.js";
 const cacheTTL = DraxConfig.getOrLoad(IdentityConfig.RbacCacheTTL, 'number',10000) ;
-const draxCache = new DraxCache<IRole>(cacheTTL);
+const draxCache = new DraxCache<IRole>({ ttl: cacheTTL, namespace: 'identity:role' });
 async function roleLoader(k):Promise<IRole | null> {

package/src/models/UserPasswordHistoryModel.ts ADDED Viewed

@@ -0,0 +1,42 @@
+import {mongoose} from "@drax/common-back";
+import {PaginateModel} from "mongoose";
+import uniqueValidator from "mongoose-unique-validator";
+import mongoosePaginate from "mongoose-paginate-v2";
+import type {IUserPasswordHistory} from "../interfaces/IUserPasswordHistory.js";
+const UserPasswordHistoryMongoSchema = new mongoose.Schema<IUserPasswordHistory>({
+    user: {type: String, required: true, index: true},
+    passwordHash: {type: String, required: true, index: false}
+}, {timestamps: true});
+UserPasswordHistoryMongoSchema.plugin(uniqueValidator, {message: "validation.unique"});
+UserPasswordHistoryMongoSchema.plugin(mongoosePaginate);
+UserPasswordHistoryMongoSchema.virtual("id").get(function () {
+    return this._id.toString();
+});
+UserPasswordHistoryMongoSchema.set("toJSON", {getters: true, virtuals: true});
+UserPasswordHistoryMongoSchema.set("toObject", {getters: true, virtuals: true});
+const MODEL_NAME = "UserPasswordHistory";
+const COLLECTION_NAME = "user_password_history";
+let UserPasswordHistoryModel;
+try {
+    UserPasswordHistoryModel = mongoose.model<IUserPasswordHistory, PaginateModel<IUserPasswordHistory>>(MODEL_NAME, UserPasswordHistoryMongoSchema, COLLECTION_NAME);
+} catch (e) {
+    if (e.name === "OverwriteModelError") {
+        UserPasswordHistoryModel = mongoose.model<IUserPasswordHistory, PaginateModel<IUserPasswordHistory>>(MODEL_NAME);
+    } else {
+        throw e;
+    }
+}
+export {
+    UserPasswordHistoryMongoSchema,
+    UserPasswordHistoryModel
+}
+export default UserPasswordHistoryModel

package/src/permissions/UserApiKeyPermissions.ts CHANGED Viewed

@@ -1,10 +1,9 @@
 enum UserApiKeyPermissions {
     Create = "userApiKey:create",
-    CreateMy = "userApiKey:createMy",
     Update = "userApiKey:update",
     Delete = "userApiKey:delete",
     View = "userApiKey:view",
-    ViewMy = "userApiKey:viewMy",
+    ViewAll = "userApiKey:viewAll",
     Manage = "userApiKey:manage",
 }

package/src/policies/defaultPasswordPolicy.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type {IPasswordPolicy} from "@drax/identity-share/dist";
+const defaultPasswordPolicy: IPasswordPolicy = {
+    minLength: 8,
+    maxLength: 64,
+    requireUppercase: true,
+    requireLowercase: true,
+    requireNumber: true,
+    requireSpecialChar: false,
+    disallowSpaces: true,
+    preventReuse: 3,
+    expirationDays: null
+}
+export {
+    defaultPasswordPolicy
+}

package/src/repository/mongo/UserPasswordHistoryMongoRepository.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import {AbstractMongoRepository} from "@drax/crud-back";
+import type {IUserPasswordHistoryRepository} from "../../interfaces/IUserPasswordHistoryRepository.js";
+import type {IUserPasswordHistory, IUserPasswordHistoryCreate} from "../../interfaces/IUserPasswordHistory.js";
+import {UserPasswordHistoryModel} from "../../models/UserPasswordHistoryModel.js";
+class UserPasswordHistoryMongoRepository extends AbstractMongoRepository<IUserPasswordHistory, IUserPasswordHistoryCreate, IUserPasswordHistoryCreate> implements IUserPasswordHistoryRepository {
+    constructor() {
+        super();
+        this._model = UserPasswordHistoryModel;
+        this._searchFields = ["user"];
+        this._populateFields = ["user"];
+    }
+    async findLatestByUserId(userId: string, limit: number): Promise<IUserPasswordHistory[]> {
+        return UserPasswordHistoryModel
+            .find({user: userId})
+            .sort({createdAt: -1})
+            .limit(limit)
+            .lean(true)
+            .exec() as Promise<IUserPasswordHistory[]>
+    }
+}
+export default UserPasswordHistoryMongoRepository
+export {UserPasswordHistoryMongoRepository}