@enderworld/onlyapi 1.5.1

package/src/infrastructure/database/sqlite-user.repository.ts

@@ -0,0 +1,260 @@
+import type { Database } from "bun:sqlite";
+import type { User } from "../../core/entities/user.entity.js";
+import type { UserRole } from "../../core/entities/user.entity.js";
+import { type AppError, conflict, internal, notFound } from "../../core/errors/app-error.js";
+import type {
+  CreateUserData,
+  UpdateUserData,
+  UserListOptions,
+  UserRepository,
+} from "../../core/ports/user.repository.js";
+import type { UserId } from "../../core/types/brand.js";
+import { brand } from "../../core/types/brand.js";
+import { decodeCursor, encodeCursor } from "../../core/types/pagination.js";
+import { type Result, err, ok } from "../../core/types/result.js";
+import { generateId } from "../../shared/utils/id.js";
+
+/**
+ * SQLite user repository — zero external dependencies (bun:sqlite is built-in).
+ * Production-ready persistence that swaps cleanly for the in-memory adapter.
+ */
+
+interface UserRow {
+  id: string;
+  email: string;
+  password_hash: string;
+  role: string;
+  email_verified: number;
+  mfa_secret: string | null;
+  mfa_enabled: number;
+  password_changed_at: number | null;
+  failed_login_attempts: number;
+  locked_until: number | null;
+  created_at: number;
+  updated_at: number;
+}
+
+const rowToUser = (row: UserRow): User => ({
+  id: brand<string, "UserId">(row.id),
+  email: row.email,
+  passwordHash: row.password_hash,
+  role: row.role as UserRole,
+  emailVerified: row.email_verified === 1,
+  mfaEnabled: row.mfa_enabled === 1,
+  mfaSecret: row.mfa_secret,
+  passwordChangedAt:
+    row.password_changed_at !== null ? brand<number, "Timestamp">(row.password_changed_at) : null,
+  createdAt: brand<number, "Timestamp">(row.created_at),
+  updatedAt: brand<number, "Timestamp">(row.updated_at),
+});
+
+/** Build SET clause entries from partial update data */
+const buildUpdateFields = (data: UpdateUserData, now: number): [string, unknown][] => {
+  const fields: [string, unknown][] = [];
+  if (data.email !== undefined) fields.push(["email = ?", data.email]);
+  if (data.passwordHash !== undefined) fields.push(["password_hash = ?", data.passwordHash]);
+  if (data.role !== undefined) fields.push(["role = ?", data.role]);
+  if (data.emailVerified !== undefined)
+    fields.push(["email_verified = ?", data.emailVerified ? 1 : 0]);
+  if (data.mfaEnabled !== undefined) fields.push(["mfa_enabled = ?", data.mfaEnabled ? 1 : 0]);
+  if (data.mfaSecret !== undefined) fields.push(["mfa_secret = ?", data.mfaSecret]);
+  if (data.passwordChangedAt !== undefined)
+    fields.push(["password_changed_at = ?", data.passwordChangedAt]);
+  fields.push(["updated_at = ?", now]);
+  return fields;
+};
+
+/** Detect SQLite UNIQUE constraint violations */
+const isUniqueViolation = (e: unknown): boolean =>
+  e instanceof Error && e.message.includes("UNIQUE");
+
+export const createSqliteUserRepository = (db: Database): UserRepository => {
+  // Pre-compile queries for performance
+  const findByIdStmt = db.prepare<UserRow, [string]>("SELECT * FROM users WHERE id = ?");
+  const findByEmailStmt = db.prepare<UserRow, [string]>("SELECT * FROM users WHERE email = ?");
+  const insertStmt = db.prepare(
+    "INSERT INTO users (id, email, password_hash, role, email_verified, mfa_enabled, failed_login_attempts, locked_until, created_at, updated_at) VALUES (?, ?, ?, ?, 0, 0, 0, NULL, ?, ?)",
+  );
+  const deleteStmt = db.prepare("DELETE FROM users WHERE id = ?");
+
+  return {
+    async findById(id: UserId): Promise<Result<User, AppError>> {
+      try {
+        const row = findByIdStmt.get(id);
+        if (!row) return err(notFound("User"));
+        return ok(rowToUser(row));
+      } catch (e: unknown) {
+        return err(internal("Database error", e));
+      }
+    },
+
+    async findByEmail(email: string): Promise<Result<User, AppError>> {
+      try {
+        const row = findByEmailStmt.get(email);
+        if (!row) return err(notFound("User"));
+        return ok(rowToUser(row));
+      } catch (e: unknown) {
+        return err(internal("Database error", e));
+      }
+    },
+
+    async create(data: CreateUserData): Promise<Result<User, AppError>> {
+      try {
+        const id = generateId();
+        const now = Date.now();
+
+        try {
+          insertStmt.run(id, data.email, data.passwordHash, data.role, now, now);
+        } catch (e: unknown) {
+          if (isUniqueViolation(e)) return err(conflict("Email already exists"));
+          throw e;
+        }
+
+        const user: User = {
+          id: brand<string, "UserId">(id),
+          email: data.email,
+          passwordHash: data.passwordHash,
+          role: data.role,
+          emailVerified: false,
+          mfaEnabled: false,
+          mfaSecret: null,
+          passwordChangedAt: null,
+          createdAt: brand<number, "Timestamp">(now),
+          updatedAt: brand<number, "Timestamp">(now),
+        };
+
+        return ok(user);
+      } catch (e: unknown) {
+        return err(internal("Database error", e));
+      }
+    },
+
+    async update(id: UserId, data: UpdateUserData): Promise<Result<User, AppError>> {
+      try {
+        const existing = findByIdStmt.get(id);
+        if (!existing) return err(notFound("User"));
+
+        const fieldMap = buildUpdateFields(data, Date.now());
+        const sql = `UPDATE users SET ${fieldMap.map(([f]) => f).join(", ")} WHERE id = ?`;
+        const values = [...fieldMap.map(([, v]) => v), id];
+        db.run(sql, values as import("bun:sqlite").SQLQueryBindings[]);
+
+        const updated = findByIdStmt.get(id);
+        if (!updated) return err(internal("User disappeared after update"));
+        return ok(rowToUser(updated));
+      } catch (e: unknown) {
+        if (isUniqueViolation(e)) return err(conflict("Email already exists"));
+        return err(internal("Database error", e));
+      }
+    },
+
+    async delete(id: UserId): Promise<Result<void, AppError>> {
+      try {
+        const existing = findByIdStmt.get(id);
+        if (!existing) return err(notFound("User"));
+
+        deleteStmt.run(id);
+        return ok(undefined);
+      } catch (e: unknown) {
+        return err(internal("Database error", e));
+      }
+    },
+
+    // biome-ignore lint/complexity/noExcessiveCognitiveComplexity: SQL builder with cursor/filter/search needs branching
+    async list(options: UserListOptions) {
+      try {
+        const conditions: string[] = [];
+        const params: unknown[] = [];
+
+        // Cursor-based pagination: cursor encodes created_at timestamp
+        if (options.cursor !== undefined) {
+          const decoded = decodeCursor(options.cursor);
+          if (decoded !== null) {
+            conditions.push("created_at < ?");
+            params.push(Number(decoded));
+          }
+        }
+
+        // Filter by role
+        if (options.role !== undefined) {
+          conditions.push("role = ?");
+          params.push(options.role);
+        }
+
+        // Search by email (prefix match)
+        if (options.search !== undefined) {
+          conditions.push("email LIKE ?");
+          params.push(`%${options.search}%`);
+        }
+
+        const where = conditions.length > 0 ? `WHERE ${conditions.join(" AND ")}` : "";
+        const limit = Math.min(options.limit, 100);
+
+        // Fetch one extra to know if there are more results
+        const sql = `SELECT * FROM users ${where} ORDER BY created_at DESC LIMIT ?`;
+        params.push(limit + 1);
+
+        const rows = db
+          .query(sql)
+          .all(...(params as import("bun:sqlite").SQLQueryBindings[])) as UserRow[];
+
+        const hasMore = rows.length > limit;
+        const items = (hasMore ? rows.slice(0, limit) : rows).map(rowToUser);
+
+        const lastItem = items[items.length - 1];
+        const nextCursor =
+          hasMore && lastItem !== undefined ? encodeCursor(String(lastItem.createdAt)) : null;
+
+        return ok({ items, nextCursor, hasMore });
+      } catch (e: unknown) {
+        return err(internal("Database error", e));
+      }
+    },
+
+    async count() {
+      try {
+        const row = db.query("SELECT COUNT(*) as cnt FROM users").get() as { cnt: number };
+        return ok(row.cnt);
+      } catch (e: unknown) {
+        return err(internal("Database error", e));
+      }
+    },
+  };
+};
+
+/**
+ * Account lockout helpers — query/update failed login attempts directly.
+ */
+export const createAccountLockoutQueries = (db: Database) => {
+  const getAttemptsStmt = db.prepare<
+    { failed_login_attempts: number; locked_until: number | null },
+    [string]
+  >("SELECT failed_login_attempts, locked_until FROM users WHERE email = ?");
+
+  const incrementFailedStmt = db.prepare(
+    "UPDATE users SET failed_login_attempts = failed_login_attempts + 1 WHERE email = ?",
+  );
+
+  const lockAccountStmt = db.prepare(
+    "UPDATE users SET locked_until = ?, failed_login_attempts = ? WHERE email = ?",
+  );
+
+  const resetAttemptsStmt = db.prepare(
+    "UPDATE users SET failed_login_attempts = 0, locked_until = NULL WHERE email = ?",
+  );
+
+  return {
+    getAttempts(email: string) {
+      return getAttemptsStmt.get(email);
+    },
+    incrementFailed(email: string) {
+      incrementFailedStmt.run(email);
+    },
+    lockAccount(email: string, until: number, attempts: number) {
+      lockAccountStmt.run(until, attempts, email);
+    },
+    resetAttempts(email: string) {
+      resetAttemptsStmt.run(email);
+    },
+  };
+};

package/src/infrastructure/database/sqlite-verification-tokens.ts

@@ -0,0 +1,112 @@
+import type { Database } from "bun:sqlite";
+import { type AppError, internal, unauthorized } from "../../core/errors/app-error.js";
+import type {
+  VerificationTokenRepository,
+  VerificationTokenType,
+} from "../../core/ports/verification-token.js";
+import type { UserId } from "../../core/types/brand.js";
+import { brand } from "../../core/types/brand.js";
+import { type Result, err, ok } from "../../core/types/result.js";
+import { generateId } from "../../shared/utils/id.js";
+
+/**
+ * SQLite-backed verification token repository.
+ * Tokens are SHA-256 hashed before storage — raw tokens are never persisted.
+ */
+
+const hashToken = async (raw: string): Promise<string> => {
+  const data = new TextEncoder().encode(raw);
+  const buf = await crypto.subtle.digest("SHA-256", data);
+  return Array.from(new Uint8Array(buf))
+    .map((b) => b.toString(16).padStart(2, "0"))
+    .join("");
+};
+
+const generateRawToken = (): string => {
+  const bytes = new Uint8Array(32);
+  crypto.getRandomValues(bytes);
+  return Array.from(bytes)
+    .map((b) => b.toString(16).padStart(2, "0"))
+    .join("");
+};
+
+interface TokenRow {
+  id: string;
+  user_id: string;
+  type: string;
+  token_hash: string;
+  expires_at: number;
+  used_at: number | null;
+  created_at: number;
+}
+
+export const createSqliteVerificationTokenRepo = (db: Database): VerificationTokenRepository => {
+  const insertStmt = db.prepare(
+    "INSERT INTO verification_tokens (id, user_id, type, token_hash, expires_at, used_at, created_at) VALUES (?, ?, ?, ?, ?, NULL, ?)",
+  );
+  const findByHashStmt = db.prepare<TokenRow, [string, string]>(
+    "SELECT * FROM verification_tokens WHERE token_hash = ? AND type = ?",
+  );
+  const markUsedStmt = db.prepare("UPDATE verification_tokens SET used_at = ? WHERE id = ?");
+  const invalidateStmt = db.prepare(
+    "DELETE FROM verification_tokens WHERE user_id = ? AND type = ?",
+  );
+  const pruneStmt = db.prepare(
+    "DELETE FROM verification_tokens WHERE expires_at <= ? OR used_at IS NOT NULL",
+  );
+
+  return {
+    async create(
+      userId: UserId,
+      type: VerificationTokenType,
+      ttlMs: number,
+    ): Promise<Result<string, AppError>> {
+      try {
+        const rawToken = generateRawToken();
+        const tokenHash = await hashToken(rawToken);
+        const id = generateId();
+        const now = Date.now();
+        insertStmt.run(id, userId, type, tokenHash, now + ttlMs, now);
+        return ok(rawToken);
+      } catch (e: unknown) {
+        return err(internal("Failed to create verification token", e));
+      }
+    },
+
+    async verify(rawToken: string, type: VerificationTokenType): Promise<Result<UserId, AppError>> {
+      try {
+        const tokenHash = await hashToken(rawToken);
+        const row = findByHashStmt.get(tokenHash, type);
+        if (!row) return err(unauthorized("Invalid or expired token"));
+        if (row.used_at !== null) return err(unauthorized("Token already used"));
+        if (row.expires_at <= Date.now()) return err(unauthorized("Token has expired"));
+
+        markUsedStmt.run(Date.now(), row.id);
+        return ok(brand<string, "UserId">(row.user_id));
+      } catch (e: unknown) {
+        return err(internal("Failed to verify token", e));
+      }
+    },
+
+    async invalidateAll(
+      userId: UserId,
+      type: VerificationTokenType,
+    ): Promise<Result<void, AppError>> {
+      try {
+        invalidateStmt.run(userId, type);
+        return ok(undefined);
+      } catch (e: unknown) {
+        return err(internal("Failed to invalidate tokens", e));
+      }
+    },
+
+    async prune(): Promise<Result<number, AppError>> {
+      try {
+        const result = pruneStmt.run(Date.now());
+        return ok(result.changes);
+      } catch (e: unknown) {
+        return err(internal("Failed to prune verification tokens", e));
+      }
+    },
+  };
+};

package/src/infrastructure/events/event-bus.ts

@@ -0,0 +1,105 @@
+/**
+ * In-memory event bus implementation.
+ *
+ * Synchronous publish with async handler execution (fire-and-forget).
+ * Handlers that throw are caught and logged — never crash the publisher.
+ */
+
+import type {
+  DomainEvent,
+  DomainEventType,
+  EventBus,
+  EventHandler,
+} from "../../core/ports/event-bus.js";
+import type { Logger } from "../../core/ports/logger.js";
+
+interface EventBusDeps {
+  readonly logger: Logger;
+}
+
+export const createEventBus = (deps: EventBusDeps): EventBus => {
+  const { logger } = deps;
+
+  /** type → Set<handler> */
+  const handlers = new Map<DomainEventType, Set<EventHandler>>();
+  /** Wildcard handlers that receive ALL events */
+  const wildcardHandlers = new Set<EventHandler>();
+
+  const getOrCreate = (type: DomainEventType): Set<EventHandler> => {
+    let set = handlers.get(type);
+    if (!set) {
+      set = new Set();
+      handlers.set(type, set);
+    }
+    return set;
+  };
+
+  const invokeHandler = (handler: EventHandler, event: DomainEvent): void => {
+    try {
+      const result = handler(event);
+      // If handler returns a Promise, catch async errors
+      if (result && typeof result === "object" && "catch" in result) {
+        (result as Promise<void>).catch((err: unknown) => {
+          logger.error("Async event handler error", {
+            event: event.type,
+            eventId: event.id,
+            error: err instanceof Error ? err.message : String(err),
+          });
+        });
+      }
+    } catch (err: unknown) {
+      logger.error("Sync event handler error", {
+        event: event.type,
+        eventId: event.id,
+        error: err instanceof Error ? err.message : String(err),
+      });
+    }
+  };
+
+  return {
+    publish(event: DomainEvent): void {
+      logger.debug("Event published", { type: event.type, eventId: event.id });
+
+      // Type-specific handlers
+      const typeHandlers = handlers.get(event.type);
+      if (typeHandlers) {
+        for (const handler of typeHandlers) {
+          invokeHandler(handler, event);
+        }
+      }
+
+      // Wildcard handlers
+      for (const handler of wildcardHandlers) {
+        invokeHandler(handler, event);
+      }
+    },
+
+    subscribe(type: DomainEventType, handler: EventHandler): () => void {
+      const set = getOrCreate(type);
+      set.add(handler);
+      logger.debug("Event handler subscribed", { type, handlerCount: set.size });
+
+      return () => {
+        set.delete(handler);
+        if (set.size === 0) handlers.delete(type);
+      };
+    },
+
+    subscribeAll(handler: EventHandler): () => void {
+      wildcardHandlers.add(handler);
+      logger.debug("Wildcard event handler subscribed", { handlerCount: wildcardHandlers.size });
+
+      return () => {
+        wildcardHandlers.delete(handler);
+      };
+    },
+
+    get handlerCount(): number {
+      let count = wildcardHandlers.size;
+      for (const set of handlers.values()) {
+        count += set.size;
+      }
+      return count;
+    },
+  };
+};

package/src/infrastructure/events/event-factory.ts

@@ -0,0 +1,31 @@
+/**
+ * Domain event factory — creates properly structured DomainEvent instances.
+ */
+
+import type { DomainEvent, DomainEventType } from "../../core/ports/event-bus.js";
+import type { UserId } from "../../core/types/brand.js";
+import { generateId } from "../../shared/utils/id.js";
+
+interface CreateEventOptions {
+  readonly type: DomainEventType;
+  readonly userId?: UserId | undefined;
+  readonly payload?: Readonly<Record<string, unknown>> | undefined;
+  readonly ip?: string | undefined;
+}
+
+export interface DomainEventFactory {
+  create(options: CreateEventOptions): DomainEvent;
+}
+
+export const createDomainEventFactory = (): DomainEventFactory => ({
+  create(options: CreateEventOptions): DomainEvent {
+    return {
+      id: generateId(),
+      type: options.type,
+      timestamp: new Date().toISOString(),
+      ...(options.userId ? { userId: options.userId } : {}),
+      payload: options.payload ?? {},
+      ...(options.ip ? { ip: options.ip } : {}),
+    };
+  },
+});

package/src/infrastructure/events/in-memory-webhook-registry.ts

@@ -0,0 +1,67 @@
+/**
+ * In-memory webhook registry — stores webhook subscriptions in a Map.
+ *
+ * For production use, swap with a SQLite/Redis-backed adapter.
+ */
+
+import type { AppError } from "../../core/errors/app-error.js";
+import { notFound } from "../../core/errors/app-error.js";
+import type { DomainEventType } from "../../core/ports/event-bus.js";
+import type {
+  CreateWebhookData,
+  WebhookDelivery,
+  WebhookRegistry,
+  WebhookSubscription,
+} from "../../core/ports/webhook.js";
+import type { Result } from "../../core/types/result.js";
+import { err, ok } from "../../core/types/result.js";
+import { generateId } from "../../shared/utils/id.js";
+
+export const createInMemoryWebhookRegistry = (): WebhookRegistry => {
+  const store = new Map<string, WebhookSubscription>();
+  const deliveries: WebhookDelivery[] = [];
+
+  return {
+    create(data: CreateWebhookData): Result<WebhookSubscription, AppError> {
+      const sub: WebhookSubscription = {
+        id: generateId(),
+        url: data.url,
+        events: [...data.events],
+        secret: data.secret,
+        active: true,
+        createdAt: new Date().toISOString(),
+      };
+      store.set(sub.id, sub);
+      return ok(sub);
+    },
+
+    list(): Result<ReadonlyArray<WebhookSubscription>, AppError> {
+      return ok([...store.values()]);
+    },
+
+    findByEvent(eventType: DomainEventType): Result<ReadonlyArray<WebhookSubscription>, AppError> {
+      const matching = [...store.values()].filter(
+        (sub) => sub.active && (sub.events.length === 0 || sub.events.includes(eventType)),
+      );
+      return ok(matching);
+    },
+
+    remove(id: string): Result<void, AppError> {
+      if (!store.has(id)) return err(notFound("Webhook subscription"));
+      store.delete(id);
+      return ok(undefined);
+    },
+
+    setActive(id: string, active: boolean): Result<void, AppError> {
+      const sub = store.get(id);
+      if (!sub) return err(notFound("Webhook subscription"));
+      store.set(id, { ...sub, active });
+      return ok(undefined);
+    },
+
+    recordDelivery(delivery: WebhookDelivery): Result<void, AppError> {
+      deliveries.push(delivery);
+      return ok(undefined);
+    },
+  };
+};

package/src/infrastructure/events/index.ts

@@ -0,0 +1,4 @@
+export { createEventBus } from "./event-bus.js";
+export { createDomainEventFactory } from "./event-factory.js";
+export { createWebhookDispatcher } from "./webhook-dispatcher.js";
+export { createInMemoryWebhookRegistry } from "./in-memory-webhook-registry.js";

package/src/infrastructure/events/webhook-dispatcher.ts

@@ -0,0 +1,114 @@
+/**
+ * Webhook dispatcher — delivers domain events to registered webhook URLs.
+ *
+ * Features:
+ * - HMAC-SHA256 signature in X-Webhook-Signature header
+ * - Retry with exponential backoff (via job queue)
+ * - Delivery recording for audit trail
+ */
+
+import type { DomainEvent } from "../../core/ports/event-bus.js";
+import type { Logger } from "../../core/ports/logger.js";
+import type { WebhookRegistry, WebhookSubscription } from "../../core/ports/webhook.js";
+import { generateId } from "../../shared/utils/id.js";
+
+interface WebhookDispatcherDeps {
+  readonly registry: WebhookRegistry;
+  readonly logger: Logger;
+  readonly timeoutMs?: number | undefined;
+}
+
+export interface WebhookDispatcher {
+  /** Dispatch an event to all matching webhook subscriptions */
+  dispatch(event: DomainEvent): void;
+}
+
+const signPayload = async (payload: string, secret: string): Promise<string> => {
+  const encoder = new TextEncoder();
+  const key = await crypto.subtle.importKey(
+    "raw",
+    encoder.encode(secret),
+    { name: "HMAC", hash: "SHA-256" },
+    false,
+    ["sign"],
+  );
+  const sig = await crypto.subtle.sign("HMAC", key, encoder.encode(payload));
+  return Array.from(new Uint8Array(sig))
+    .map((b) => b.toString(16).padStart(2, "0"))
+    .join("");
+};
+
+const deliverWebhook = async (
+  sub: WebhookSubscription,
+  event: DomainEvent,
+  logger: Logger,
+  timeoutMs: number,
+): Promise<void> => {
+  const body = JSON.stringify({
+    id: event.id,
+    type: event.type,
+    timestamp: event.timestamp,
+    payload: event.payload,
+  });
+
+  const signature = await signPayload(body, sub.secret);
+  const deliveryId = generateId();
+
+  try {
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), timeoutMs);
+
+    const res = await fetch(sub.url, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "X-Webhook-Id": sub.id,
+        "X-Webhook-Delivery": deliveryId,
+        "X-Webhook-Signature": `sha256=${signature}`,
+        "X-Webhook-Event": event.type,
+      },
+      body,
+      signal: controller.signal,
+    });
+
+    clearTimeout(timeout);
+
+    logger.debug("Webhook delivered", {
+      webhookId: sub.id,
+      deliveryId,
+      url: sub.url,
+      status: res.status,
+      success: res.ok,
+    });
+  } catch (err: unknown) {
+    logger.warn("Webhook delivery failed", {
+      webhookId: sub.id,
+      deliveryId,
+      url: sub.url,
+      error: err instanceof Error ? err.message : String(err),
+    });
+  }
+};
+
+export const createWebhookDispatcher = (deps: WebhookDispatcherDeps): WebhookDispatcher => {
+  const { registry, logger } = deps;
+  const timeoutMs = deps.timeoutMs ?? 5_000;
+
+  return {
+    dispatch(event: DomainEvent): void {
+      const subsResult = registry.findByEvent(event.type);
+      if (!subsResult.ok) {
+        logger.error("Failed to find webhook subscriptions", {
+          event: event.type,
+          error: subsResult.error.message,
+        });
+        return;
+      }
+
+      for (const sub of subsResult.value) {
+        // Fire-and-forget — errors caught inside
+        deliverWebhook(sub, event, logger, timeoutMs);
+      }
+    },
+  };
+};