@fdm-monster/server 1.5.0-rc2 → 1.5.1

package/dist/middleware/{exception.handler.js → exception.filter.js}

@@ -2,16 +2,16 @@
 Object.defineProperty(exports, "__esModule", {
     value: true
 });
-Object.defineProperty(exports, "exceptionHandler", {
+Object.defineProperty(exports, "exceptionFilter", {
     enumerable: true,
     get: function() {
-        return exceptionHandler;
+        return exceptionFilter;
     }
 });
 const _runtimeexceptions = require("../exceptions/runtime.exceptions");
 const _serverconstants = require("../server.constants");
 const _httpstatuscodesconstants = require("../constants/http-status-codes.constants");
-function exceptionHandler(err, req, res, next) {
+function exceptionFilter(err, req, res, next) {
     const isTest = process.env.NODE_ENV === _serverconstants.AppConstants.defaultTestEnv;
     if (!isTest) {
         console.error("[API Exception Handler]", err.stack || err?.response?.data);
@@ -27,7 +27,8 @@ function exceptionHandler(err, req, res, next) {
     if (err instanceof _runtimeexceptions.AuthenticationError) {
         const code = err.statusCode || 401;
         return res.status(code).send({
-            error: err.message
+            error: err.message,
+            reasonCode: err.reasonCode
         });
     }
     if (err instanceof _runtimeexceptions.AuthorizationError) {
@@ -49,12 +50,6 @@ function exceptionHandler(err, req, res, next) {
             error: err.message
         });
     }
-    if (err instanceof _runtimeexceptions.PasswordChangeRequiredError) {
-        const code = err.statusCode || _httpstatuscodesconstants.HttpStatusCode.CONFLICT;
-        return res.status(code).send({
-            error: err.message
-        });
-    }
     if (err instanceof _runtimeexceptions.NotFoundException) {
         const code = err.statusCode || 404;
         return res.status(code).send({
@@ -99,4 +94,4 @@ function exceptionHandler(err, req, res, next) {
     next();
 }
 
-//# sourceMappingURL=exception.handler.js.map
+//# sourceMappingURL=exception.filter.js.map

package/dist/middleware/exception.filter.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/middleware/exception.filter.ts"],"names":["exceptionFilter","err","req","res","next","isTest","process","env","NODE_ENV","AppConstants","defaultTestEnv","console","error","stack","response","data","isAxiosError","code","status","send","type","AuthenticationError","statusCode","message","reasonCode","AuthorizationError","HttpStatusCode","FORBIDDEN","permissions","roles","reason","ForbiddenError","NotFoundException","BadRequestException","ValidationException","name","errors","InternalServerException","ExternalServiceError"],"mappings":";;;;+BAegBA;;;eAAAA;;;mCANT;iCACsB;0CAEE;AAGxB,SAASA,gBAAgBC,GAAqB,EAAEC,GAAY,EAAEC,GAAa,EAAEC,IAAkB;IACpG,MAAMC,SAASC,QAAQC,GAAG,CAACC,QAAQ,KAAKC,6BAAY,CAACC,cAAc;IACnE,IAAI,CAACL,QAAQ;QACXM,QAAQC,KAAK,CAAC,2BAA2BX,IAAIY,KAAK,IAAIZ,KAAKa,UAAUC;IACvE;IACA,IAAId,IAAIe,YAAY,EAAE;QACpB,MAAMC,OAAOhB,IAAIa,QAAQ,EAAEI,UAAU;QACrC,OAAOf,IAAIe,MAAM,CAACD,MAAME,IAAI,CAAC;YAC3BP,OAAO;YACPQ,MAAM;YACNL,MAAMd,IAAIa,QAAQ,EAAEC;QACtB;IACF;IACA,IAAId,eAAeoB,sCAAmB,EAAE;QACtC,MAAMJ,OAAOhB,IAAIqB,UAAU,IAAI;QAC/B,OAAOnB,IAAIe,MAAM,CAACD,MAAME,IAAI,CAAC;YAAEP,OAAOX,IAAIsB,OAAO;YAAEC,YAAYvB,IAAIuB,UAAU;QAAC;IAChF;IACA,IAAIvB,eAAewB,qCAAkB,EAAE;QACrC,MAAMR,OAAOhB,IAAIqB,UAAU,IAAII,wCAAc,CAACC,SAAS;QACvD,MAAMC,cAAc3B,IAAI2B,WAAW;QACnC,MAAMC,QAAQ5B,IAAI4B,KAAK;QACvB,MAAMjB,QAAQX,IAAIsB,OAAO,IAAI;QAC7B,MAAMO,SAAS7B,IAAI6B,MAAM;QACzB,OAAO3B,IAAIe,MAAM,CAACD,MAAME,IAAI,CAAC;YAAEP;YAAOkB;YAAQF;YAAaC;QAAM;IACnE;IACA,IAAI5B,eAAe8B,iCAAc,EAAE;QACjC,MAAMd,OAAOhB,IAAIqB,UAAU,IAAII,wCAAc,CAACC,SAAS;QACvD,OAAOxB,IAAIe,MAAM,CAACD,MAAME,IAAI,CAAC;YAAEP,OAAOX,IAAIsB,OAAO;QAAC;IACpD;IACA,IAAItB,eAAe+B,oCAAiB,EAAE;QACpC,MAAMf,OAAOhB,IAAIqB,UAAU,IAAI;QAC/B,OAAOnB,IAAIe,MAAM,CAACD,MAAME,IAAI,CAAC;YAAEP,OAAOX,IAAIsB,OAAO;QAAC;IACpD;IACA,IAAItB,eAAegC,sCAAmB,EAAE;QACtC,MAAMhB,OAAOhB,IAAIqB,UAAU,IAAI;QAC/B,OAAOnB,IAAIe,MAAM,CAACD,MAAME,IAAI,CAAC;YAAEP,OAAOX,IAAIsB,OAAO;QAAC;IACpD;IACA,IAAItB,eAAeiC,sCAAmB,EAAE;QACtC,MAAMjB,OAAOhB,IAAIqB,UAAU,IAAI;QAC/B,OAAOnB,IAAIe,MAAM,CAACD,MAAME,IAAI,CAAC;YAC3BP,OAAO;YACPQ,MAAMnB,IAAIkC,IAAI;YACdC,QAAQnC,IAAImC,MAAM;QACpB;IACF;IACA,IAAInC,eAAeoC,0CAAuB,EAAE;QAC1C,MAAMpB,OAAOhB,IAAIqB,UAAU,IAAI;QAC/B,OAAOnB,IAAIe,MAAM,CAACD,MAAME,IAAI,CAAC;YAC3BP,OAAOX,IAAIsB,OAAO;YAClBH,MAAMnB,IAAIkC,IAAI;YACdtB,OAAOZ,IAAIY,KAAK;QAClB;IACF;IACA,IAAIZ,eAAeqC,uCAAoB,EAAE;QACvC,MAAMrB,OAAOhB,IAAIW,KAAK,CAACU,UAAU,IAAI;QACrC,OAAOnB,IAAIe,MAAM,CAACD,MAAME,IAAI,CAAClB,IAAIW,KAAK;IACxC;IACA,IAAI,CAAC,CAACX,KAAK;QACT,MAAMgB,OAAOhB,IAAIqB,UAAU,IAAI;QAC/B,OAAOnB,IAAIe,MAAM,CAACD,MAAME,IAAI,CAAC;YAC3BP,OAAO;YACPQ,MAAMnB,IAAIkC,IAAI;YACdtB,OAAOZ,IAAIY,KAAK;QAClB;IACF;IAEA,wCAAwC;IACxCT;AACF"}

package/dist/middleware/global.middleware.js

@@ -35,7 +35,7 @@ const validateWizardCompleted = (0, _awilixexpress.inject)(({ settingsStore, log
             "/api/test",
             "/api/auth/login-required"
         ];
-        if (allowedPaths.includes(req.path)) {
+        if (allowedPaths.includes(req.path) || !req.path.startsWith("/api")) {
             next();
             return;
         } else {

package/dist/middleware/global.middleware.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/middleware/global.middleware.ts"],"names":["interceptRoles","validateWhitelistedIp","validateWizardCompleted","inject","settingsStore","loggerFactory","req","res","next","logger","name","serverSettings","getSettings","getWizardSettings","wizardCompleted","allowedPaths","includes","path","error","ForbiddenError","join","getServerSettings","whitelistEnabled","whitelist","serverSettingsKey","whitelistedIpAddresses","ipAddress","socket","remoteAddress","length","subnextMatched","find","w","startsWith","roleService","roles","user","roleName","getAppDefaultRole"],"mappings":";;;;;;;;;;;IA+DaA,cAAc;eAAdA;;IA9BAC,qBAAqB;eAArBA;;IA1BAC,uBAAuB;eAAvBA;;;+BAPU;yCACW;mCACH;AAKxB,MAAMA,0BAA0BC,IAAAA,qBAAM,EAC3C,CAAC,EAAEC,aAAa,EAAEC,aAAa,EAAmE,GAChG,OAAOC,KAAcC,KAAeC;QAClC,MAAMC,SAASJ,cAAcJ,sBAAsBS,IAAI;QACvD,MAAMC,iBAAiBP,cAAcQ,WAAW;QAChD,IAAI,CAAC,CAACR,cAAcS,iBAAiB,IAAIC,iBAAiB;YACxDN;YACA;QACF;QAEA,MAAMO,eAAe;YACnB;YACA;YACA;YACA;SACD;QACD,IAAIA,aAAaC,QAAQ,CAACV,IAAIW,IAAI,GAAG;YACnCT;YACA;QACF,OAAO;YACLC,OAAOS,KAAK,CAAC,wBAAwBZ,IAAIW,IAAI;YAC7C,MAAM,IAAIE,iCAAc,CAAC,CAAC,6DAA6D,EAAEJ,aAAaK,IAAI,CAAC,MAAM,CAAC;QACpH;IACF;AAGG,MAAMnB,wBAAwBE,IAAAA,qBAAM,EACzC,CAAC,EAAEC,aAAa,EAAEC,aAAa,EAAmE,GAChG,OAAOC,KAAcC,KAAeC;QAClC,MAAMC,SAASJ,cAAcJ,sBAAsBS,IAAI;QACvD,MAAMC,iBAAiBP,cAAcQ,WAAW;QAChD,IAAI,AAAC,CAACD,kBAAkB,CAACP,cAAciB,iBAAiB,MAAO,CAACjB,cAAciB,iBAAiB,IAAIC,kBAAkB;YACnHd;YACA;QACF;QAEA,MAAMe,YAAYZ,cAAc,CAACa,0CAAiB,CAAC,CAACC,sBAAsB;QAC1E,MAAMC,YAAYpB,IAAIqB,MAAM,CAACC,aAAa;QAC1C,iDAAiD;QACjD,uDAAuD;QACvD,IAAIL,WAAWM,UAAU,CAACN,UAAUP,QAAQ,CAACU,cAAcA,cAAc,oBAAoB;YAC3F,8DAA8D;YAC9D,MAAMI,iBAAiBP,UAAUQ,IAAI,CAAC,CAACC;gBACrC,OAAON,UAAUO,UAAU,CAACD;YAC9B;YAEA,IAAI,CAACF,gBAAgB;gBACnBrB,OAAOS,KAAK,CAAC,sCAAsCZ,IAAIqB,MAAM,CAACC,aAAa;gBAC3E,MAAM,IAAIT,iCAAc,CAAC,aAAab,IAAIqB,MAAM,CAACC,aAAa;YAChE;QACF;QAEApB;IACF;AAGG,MAAMR,iBAAiBG,IAAAA,qBAAM,EAClC,CAAC,EAAEC,aAAa,EAAE8B,WAAW,EAAE,GAC7B,OAAO5B,KAAcC,KAAeC;QAClC,MAAMG,iBAAiB,MAAMP,cAAcQ,WAAW;QAEtDN,IAAI6B,KAAK,GAAG7B,IAAI8B,IAAI,EAAED;QAEtB,sEAAsE;QACtE,IAAIxB,kBAAkB,CAACL,IAAI8B,IAAI,EAAE;YAC/B,MAAMC,WAAW,MAAMH,YAAYI,iBAAiB;YACpDhC,IAAI6B,KAAK,GAAG;gBAACE;aAAS;QACxB;QAEA7B;IACF"}
+{"version":3,"sources":["../../src/middleware/global.middleware.ts"],"names":["interceptRoles","validateWhitelistedIp","validateWizardCompleted","inject","settingsStore","loggerFactory","req","res","next","logger","name","serverSettings","getSettings","getWizardSettings","wizardCompleted","allowedPaths","includes","path","startsWith","error","ForbiddenError","join","getServerSettings","whitelistEnabled","whitelist","serverSettingsKey","whitelistedIpAddresses","ipAddress","socket","remoteAddress","length","subnextMatched","find","w","roleService","roles","user","roleName","getAppDefaultRole"],"mappings":";;;;;;;;;;;IA+DaA,cAAc;eAAdA;;IA9BAC,qBAAqB;eAArBA;;IA1BAC,uBAAuB;eAAvBA;;;+BAPU;yCACW;mCACH;AAKxB,MAAMA,0BAA0BC,IAAAA,qBAAM,EAC3C,CAAC,EAAEC,aAAa,EAAEC,aAAa,EAAmE,GAChG,OAAOC,KAAcC,KAAeC;QAClC,MAAMC,SAASJ,cAAcJ,sBAAsBS,IAAI;QACvD,MAAMC,iBAAiBP,cAAcQ,WAAW;QAChD,IAAI,CAAC,CAACR,cAAcS,iBAAiB,IAAIC,iBAAiB;YACxDN;YACA;QACF;QAEA,MAAMO,eAAe;YACnB;YACA;YACA;YACA;SACD;QACD,IAAIA,aAAaC,QAAQ,CAACV,IAAIW,IAAI,KAAK,CAACX,IAAIW,IAAI,CAACC,UAAU,CAAC,SAAS;YACnEV;YACA;QACF,OAAO;YACLC,OAAOU,KAAK,CAAC,wBAAwBb,IAAIW,IAAI;YAC7C,MAAM,IAAIG,iCAAc,CAAC,CAAC,6DAA6D,EAAEL,aAAaM,IAAI,CAAC,MAAM,CAAC;QACpH;IACF;AAGG,MAAMpB,wBAAwBE,IAAAA,qBAAM,EACzC,CAAC,EAAEC,aAAa,EAAEC,aAAa,EAAmE,GAChG,OAAOC,KAAcC,KAAeC;QAClC,MAAMC,SAASJ,cAAcJ,sBAAsBS,IAAI;QACvD,MAAMC,iBAAiBP,cAAcQ,WAAW;QAChD,IAAI,AAAC,CAACD,kBAAkB,CAACP,cAAckB,iBAAiB,MAAO,CAAClB,cAAckB,iBAAiB,IAAIC,kBAAkB;YACnHf;YACA;QACF;QAEA,MAAMgB,YAAYb,cAAc,CAACc,0CAAiB,CAAC,CAACC,sBAAsB;QAC1E,MAAMC,YAAYrB,IAAIsB,MAAM,CAACC,aAAa;QAC1C,iDAAiD;QACjD,uDAAuD;QACvD,IAAIL,WAAWM,UAAU,CAACN,UAAUR,QAAQ,CAACW,cAAcA,cAAc,oBAAoB;YAC3F,8DAA8D;YAC9D,MAAMI,iBAAiBP,UAAUQ,IAAI,CAAC,CAACC;gBACrC,OAAON,UAAUT,UAAU,CAACe;YAC9B;YAEA,IAAI,CAACF,gBAAgB;gBACnBtB,OAAOU,KAAK,CAAC,sCAAsCb,IAAIsB,MAAM,CAACC,aAAa;gBAC3E,MAAM,IAAIT,iCAAc,CAAC,aAAad,IAAIsB,MAAM,CAACC,aAAa;YAChE;QACF;QAEArB;IACF;AAGG,MAAMR,iBAAiBG,IAAAA,qBAAM,EAClC,CAAC,EAAEC,aAAa,EAAE8B,WAAW,EAAE,GAC7B,OAAO5B,KAAcC,KAAeC;QAClC,MAAMG,iBAAiB,MAAMP,cAAcQ,WAAW;QAEtDN,IAAI6B,KAAK,GAAG7B,IAAI8B,IAAI,EAAED;QAEtB,sEAAsE;QACtE,IAAIxB,kBAAkB,CAACL,IAAI8B,IAAI,EAAE;YAC/B,MAAMC,WAAW,MAAMH,YAAYI,iBAAiB;YACpDhC,IAAI6B,KAAK,GAAG;gBAACE;aAAS;QACxB;QAEA7B;IACF"}

package/dist/middleware/passport.js

@@ -2,22 +2,32 @@
 Object.defineProperty(exports, "__esModule", {
     value: true
 });
-Object.defineProperty(exports, "initializePassportStrategies", {
-    enumerable: true,
-    get: function() {
+function _export(target, all) {
+    for(var name in all)Object.defineProperty(target, name, {
+        enumerable: true,
+        get: all[name]
+    });
+}
+_export(exports, {
+    getPassportJwtOptions: function() {
+        return getPassportJwtOptions;
+    },
+    initializePassportStrategies: function() {
         return initializePassportStrategies;
+    },
+    verifyUserCallback: function() {
+        return verifyUserCallback;
     }
 });
 const _passportjwt = require("passport-jwt");
 const _passportanonymous = require("passport-anonymous");
-const _models = require("../models");
 const _containertokens = require("../container.tokens");
 const _serverconstants = require("../server.constants");
-function initializePassportStrategies(passport, container) {
-    const settingsStore = container.resolve(_containertokens.DITokens.settingsStore);
-    const configService = container.resolve(_containertokens.DITokens.configService);
-    const opts = {
-        jwtFromRequest: _passportjwt.ExtractJwt.fromAuthHeaderAsBearerToken(),
+const _runtimeexceptions = require("../exceptions/runtime.exceptions");
+const _authorizationconstants = require("../constants/authorization.constants");
+function getPassportJwtOptions(settingsStore, configService, jwtFromRequest = _passportjwt.ExtractJwt.fromAuthHeaderAsBearerToken()) {
+    return {
+        jwtFromRequest: jwtFromRequest,
         secretOrKeyProvider: async (req, token, done)=>{
             const { jwtSecret } = await settingsStore.getCredentialSettings();
             return done(null, jwtSecret);
@@ -25,17 +35,36 @@ function initializePassportStrategies(passport, container) {
         audience: configService.get(_serverconstants.AppConstants.OVERRIDE_JWT_AUDIENCE, _serverconstants.AppConstants.DEFAULT_JWT_AUDIENCE),
         issuer: configService.get(_serverconstants.AppConstants.OVERRIDE_JWT_ISSUER, _serverconstants.AppConstants.DEFAULT_JWT_ISSUER)
     };
-    passport.use(new _passportjwt.Strategy(opts, function(jwt_payload, done) {
-        _models.User.findById(jwt_payload.userId, function(err, user) {
+}
+function verifyUserCallback(userService) {
+    return function(jwt_payload, done) {
+        userService.getUser(jwt_payload.userId).then((user)=>{
+            if (user && user.isVerified && !user.needsPasswordChange) {
+                return done(null, user);
+            }
+            if (user && user.needsPasswordChange) {
+                console.log("Needs password change");
+                return done(new _runtimeexceptions.AuthenticationError("Password change required", _authorizationconstants.AUTH_ERROR_REASON.PasswordChangeRequired), false);
+            }
+            if (user && !user?.isVerified) {
+                console.log("Needs password change");
+                return done(new _runtimeexceptions.AuthenticationError("User not verified", _authorizationconstants.AUTH_ERROR_REASON.AccountNotVerified), false);
+            }
+            return done(null, false);
+        }).catch((err)=>{
             if (err) {
                 return done(err, false);
             }
-            if (user) {
-                return done(null, user);
-            } else {
-                return done(null, false);
-            }
         });
+    };
+}
+function initializePassportStrategies(passport, container) {
+    const settingsStore = container.resolve(_containertokens.DITokens.settingsStore);
+    const configService = container.resolve(_containertokens.DITokens.configService);
+    const userService = container.resolve(_containertokens.DITokens.userService);
+    const opts = getPassportJwtOptions(settingsStore, configService, _passportjwt.ExtractJwt.fromAuthHeaderAsBearerToken());
+    passport.use(new _passportjwt.Strategy(opts, function(jwt_payload, done) {
+        verifyUserCallback(userService)(jwt_payload, done);
     }));
     passport.use(new _passportanonymous.Strategy());
     return passport;

package/dist/middleware/passport.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/middleware/passport.ts"],"names":["initializePassportStrategies","passport","container","settingsStore","resolve","DITokens","configService","opts","jwtFromRequest","ExtractJwt","fromAuthHeaderAsBearerToken","secretOrKeyProvider","req","token","done","jwtSecret","getCredentialSettings","audience","get","AppConstants","OVERRIDE_JWT_AUDIENCE","DEFAULT_JWT_AUDIENCE","issuer","OVERRIDE_JWT_ISSUER","DEFAULT_JWT_ISSUER","use","JwtStrategy","jwt_payload","User","findById","userId","err","user","AnonymousStrategy"],"mappings":";;;;+BAWgBA;;;eAAAA;;;6BAXqD;mCACvB;wBACzB;iCACI;iCACI;AAOtB,SAASA,6BAA6BC,QAAwB,EAAEC,SAA+B;IACpG,MAAMC,gBAAgBD,UAAUE,OAAO,CAAgBC,yBAAQ,CAACF,aAAa;IAC7E,MAAMG,gBAAgBJ,UAAUE,OAAO,CAAgBC,yBAAQ,CAACC,aAAa;IAE7E,MAAMC,OAAwB;QAC5BC,gBAAgBC,uBAAU,CAACC,2BAA2B;QACtDC,qBAAqB,OAAOC,KAAKC,OAAeC;YAC9C,MAAM,EAAEC,SAAS,EAAE,GAAG,MAAMZ,cAAca,qBAAqB;YAC/D,OAAOF,KAAK,MAAMC;QACpB;QACAE,UAAUX,cAAcY,GAAG,CAACC,6BAAY,CAACC,qBAAqB,EAAED,6BAAY,CAACE,oBAAoB;QACjGC,QAAQhB,cAAcY,GAAG,CAACC,6BAAY,CAACI,mBAAmB,EAAEJ,6BAAY,CAACK,kBAAkB;IAC7F;IAEAvB,SAASwB,GAAG,CACV,IAAIC,qBAAW,CAACnB,MAAM,SAAUoB,WAAW,EAAEb,IAAI;QAC/Cc,YAAI,CAACC,QAAQ,CAACF,YAAYG,MAAM,EAAE,SAAUC,GAAQ,EAAEC,IAAW;YAC/D,IAAID,KAAK;gBACP,OAAOjB,KAAKiB,KAAK;YACnB;YACA,IAAIC,MAAM;gBACR,OAAOlB,KAAK,MAAMkB;YACpB,OAAO;gBACL,OAAOlB,KAAK,MAAM;YACpB;QACF;IACF;IAEFb,SAASwB,GAAG,CAAC,IAAIQ,2BAAiB;IAClC,OAAOhC;AACT"}
+{"version":3,"sources":["../../src/middleware/passport.ts"],"names":["getPassportJwtOptions","initializePassportStrategies","verifyUserCallback","settingsStore","configService","jwtFromRequest","ExtractJwt","fromAuthHeaderAsBearerToken","secretOrKeyProvider","req","token","done","jwtSecret","getCredentialSettings","audience","get","AppConstants","OVERRIDE_JWT_AUDIENCE","DEFAULT_JWT_AUDIENCE","issuer","OVERRIDE_JWT_ISSUER","DEFAULT_JWT_ISSUER","userService","jwt_payload","getUser","userId","then","user","isVerified","needsPasswordChange","console","log","AuthenticationError","AUTH_ERROR_REASON","PasswordChangeRequired","AccountNotVerified","catch","err","passport","container","resolve","DITokens","opts","use","JwtStrategy","AnonymousStrategy"],"mappings":";;;;;;;;;;;IAkBgBA,qBAAqB;eAArBA;;IA2CAC,4BAA4B;eAA5BA;;IA3BAC,kBAAkB;eAAlBA;;;6BAlC+F;mCACjE;iCACrB;iCACI;mCAQO;wCACF;AAM3B,SAASF,sBACdG,aAA4B,EAC5BC,aAA4B,EAC5BC,iBAAiEC,uBAAU,CAACC,2BAA2B,EAAE;IAEzG,OAAO;QACLF,gBAAgBA;QAChBG,qBAAqB,OAAOC,KAAKC,OAAeC;YAC9C,MAAM,EAAEC,SAAS,EAAE,GAAG,MAAMT,cAAcU,qBAAqB;YAC/D,OAAOF,KAAK,MAAMC;QACpB;QACAE,UAAUV,cAAcW,GAAG,CAACC,6BAAY,CAACC,qBAAqB,EAAED,6BAAY,CAACE,oBAAoB;QACjGC,QAAQf,cAAcW,GAAG,CAACC,6BAAY,CAACI,mBAAmB,EAAEJ,6BAAY,CAACK,kBAAkB;IAC7F;AACF;AAEO,SAASnB,mBAAmBoB,WAAyB;IAC1D,OAAO,SAAUC,WAAgB,EAAEZ,IAAsB;QACvDW,YACGE,OAAO,CAACD,YAAYE,MAAM,EAC1BC,IAAI,CAAC,CAACC;YACL,IAAIA,QAAQA,KAAKC,UAAU,IAAI,CAACD,KAAKE,mBAAmB,EAAE;gBACxD,OAAOlB,KAAK,MAAMgB;YACpB;YACA,IAAIA,QAAQA,KAAKE,mBAAmB,EAAE;gBACpCC,QAAQC,GAAG,CAAC;gBACZ,OAAOpB,KAAK,IAAIqB,sCAAmB,CAAC,4BAA4BC,yCAAiB,CAACC,sBAAsB,GAAG;YAC7G;YACA,IAAIP,QAAQ,CAACA,MAAMC,YAAY;gBAC7BE,QAAQC,GAAG,CAAC;gBACZ,OAAOpB,KAAK,IAAIqB,sCAAmB,CAAC,qBAAqBC,yCAAiB,CAACE,kBAAkB,GAAG;YAClG;YAEA,OAAOxB,KAAK,MAAM;QACpB,GACCyB,KAAK,CAAC,CAACC;YACN,IAAIA,KAAK;gBACP,OAAO1B,KAAK0B,KAAK;YACnB;QACF;IACJ;AACF;AAEO,SAASpC,6BAA6BqC,QAAwB,EAAEC,SAA+B;IACpG,MAAMpC,gBAAgBoC,UAAUC,OAAO,CAAgBC,yBAAQ,CAACtC,aAAa;IAC7E,MAAMC,gBAAgBmC,UAAUC,OAAO,CAAgBC,yBAAQ,CAACrC,aAAa;IAC7E,MAAMkB,cAAciB,UAAUC,OAAO,CAAeC,yBAAQ,CAACnB,WAAW;IAExE,MAAMoB,OAAO1C,sBAAsBG,eAAeC,eAAeE,uBAAU,CAACC,2BAA2B;IAEvG+B,SAASK,GAAG,CACV,IAAIC,qBAAW,CAACF,MAAM,SAAUnB,WAAW,EAAEZ,IAAI;QAC/CT,mBAAmBoB,aAAaC,aAAaZ;IAC/C;IAEF2B,SAASK,GAAG,CAAC,IAAIE,2BAAiB;IAClC,OAAOP;AACT"}

package/dist/server.constants.js

@@ -14,6 +14,8 @@ const AppConstants = {
     VERSION_KEY: "npm_package_version",
     SERVER_PORT_KEY: "SERVER_PORT",
     MONGO_KEY: "MONGO",
+    DATABASE_PATH: "DATABASE_PATH",
+    DATABASE_FILE: "DATABASE_FILE",
     pm2ServiceName: "FDM",
     logAppName: "fdm-monster",
     // @Deprecated: old storage path
@@ -34,6 +36,8 @@ const AppConstants = {
     // Boolean string (true/false), persisted always
     OVERRIDE_REGISTRATION_ENABLED: "OVERRIDE_REGISTRATION_ENABLED",
     // Number
+    DEFAULT_USERNAME_MINLEN: 3,
+    // Number
     DEFAULT_PASSWORD_MINLEN: 8,
     // String, persisted always
     OVERRIDE_JWT_SECRET: "OVERRIDE_JWT_SECRET",
@@ -73,7 +77,7 @@ const AppConstants = {
     orgName: "fdm-monster",
     // Wizard version changes will trigger a re-run of the wizard
     currentWizardVersion: 1,
-    defaultClientMinimum: "1.3.11",
+    defaultClientMinimum: "1.4.0",
     influxUrl: "INFLUX_URL",
     influxToken: "INFLUX_TOKEN",
     influxOrg: "INFLUX_ORG",
@@ -96,7 +100,9 @@ const AppConstants = {
     // Sentry
     sentryCustomDsnToken: "SENTRY_CUSTOM_DSN",
     sentryCustomDsnDefault: "https://164b8028a8a745bba3dbcab991b84ae7@o4503975545733120.ingest.sentry.io/4505101598261248",
-    debugRoutesKey: "DEBUG_ROUTES"
+    debugRoutesKey: "DEBUG_ROUTES",
+    enableExperimentalTypeormKey: "ENABLE_EXPERIMENTAL_TYPEORM",
+    enableExperimentalTypeormDefault: "false"
 };
 
 //# sourceMappingURL=server.constants.js.map

package/dist/server.constants.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/server.constants.ts"],"names":["AppConstants","NON_NPM_MODE_KEY","NODE_ENV_KEY","VERSION_KEY","SERVER_PORT_KEY","MONGO_KEY","pm2ServiceName","logAppName","defaultFileStorageFolder","defaultLogsFolder","defaultLogZipsFolder","defaultClientBundleStorage","defaultClientBundleZipsStorage","defaultServerPort","defaultMongoStringUnauthenticated","apiRoute","enableClientDistAutoUpdateKey","ENABLE_EXPERIMENTAL_WHITELIST_SETTINGS","OVERRIDE_LOGIN_REQUIRED","OVERRIDE_REGISTRATION_ENABLED","DEFAULT_PASSWORD_MINLEN","OVERRIDE_JWT_SECRET","OVERRIDE_JWT_EXPIRES_IN","DEFAULT_JWT_EXPIRES_IN","DEFAULT_REFRESH_TOKEN_ATTEMPTS","DEFAULT_REFRESH_TOKEN_EXPIRY","OVERRIDE_JWT_ISSUER","DEFAULT_JWT_ISSUER","OVERRIDE_JWT_AUDIENCE","DEFAULT_JWT_AUDIENCE","OVERRIDE_IS_DEMO_MODE","OVERRIDE_DEMO_USERNAME","DEFAULT_DEMO_USERNAME","OVERRIDE_DEMO_PASSWORD","DEFAULT_DEMO_PASSWORD","OVERRIDE_DEMO_ROLE","DEFAULT_DEMO_ROLE","defaultDevelopmentEnv","defaultTestEnv","defaultProductionEnv","knownEnvNames","GITHUB_PAT","serverPackageName","clientPackageName","clientRepoName","serverRepoName","orgName","currentWizardVersion","defaultClientMinimum","influxUrl","influxToken","influxOrg","influxBucket","defaultWebsocketHandshakeTimeout","defaultSocketThrottleRate","debugSocketStatesKey","defaultDebugSocketStates","enableMqttAutoDiscoveryToken","enableMqttAutoDiscoveryDefault","mqttUrlToken","mqttPortToken","mqttPortDefault","mqttUsernameToken","mqttPasswordToken","monsterPiFilePath","sentryCustomDsnToken","sentryCustomDsnDefault","debugRoutesKey"],"mappings":";;;;+BAAaA;;;eAAAA;;;AAAN,MAAMA,eAAe;IAC1BC,kBAAkB;IAClBC,cAAc;IACdC,aAAa;IACbC,iBAAiB;IACjBC,WAAW;IAEXC,gBAAgB;IAChBC,YAAY;IAEZ,gCAAgC;IAChCC,0BAA0B;IAC1BC,mBAAmB;IACnBC,sBAAsB;IACtB,yCAAyC;IACzCC,4BAA4B;IAC5BC,gCAAgC;IAChCC,mBAAmB;IACnBC,mCAAmC;IACnCC,UAAU;IACVC,+BAA+B;IAE/B,qFAAqF;IACrFC,wCAAwC;IACxC,gDAAgD;IAChDC,yBAAyB;IACzB,gDAAgD;IAChDC,+BAA+B;IAC/B,SAAS;IACTC,yBAAyB;IACzB,2BAA2B;IAC3BC,qBAAqB;IACrB,oCAAoC;IACpCC,yBAAyB;IACzBC,wBAAwB,KAAK;IAC7B,SAAS;IACTC,gCAAgC,CAAC;IACjC,wBAAwB;IACxBC,8BAA8B,KAAK,KAAK,KAAK;IAC7C,wBAAwB;IACxBC,qBAAqB;IACrBC,oBAAoB;IACpB,wBAAwB;IACxBC,uBAAuB;IACvBC,sBAAsB;IAEtBC,uBAAuB;IACvBC,wBAAwB;IACxBC,uBAAuB;IACvBC,wBAAwB;IACxBC,uBAAuB;IACvBC,oBAAoB;IACpBC,mBAAmB;IAEnBC,uBAAuB;IACvBC,gBAAgB;IAChBC,sBAAsB;IACtBC,eAAe;QAAC;QAAe;QAAc;KAAO;IACpDC,YAAY;IACZC,mBAAmB;IACnBC,mBAAmB;IACnBC,gBAAgB;IAChBC,gBAAgB;IAChBC,SAAS;IACT,6DAA6D;IAC7DC,sBAAsB;IACtBC,sBAAsB;IAEtBC,WAAW;IACXC,aAAa;IACbC,WAAW;IACXC,cAAc;IAEd,mBAAmB;IACnBC,kCAAkC;IAClCC,2BAA2B;IAC3BC,sBAAsB;IACtBC,0BAA0B;IAE1B,8BAA8B;IAC9BC,8BAA8B;IAC9BC,gCAAgC;IAChCC,cAAc;IACdC,eAAe;IACfC,iBAAiB;IACjBC,mBAAmB;IACnBC,mBAAmB;IAEnB,YAAY;IACZC,mBAAmB;IAEnB,SAAS;IACTC,sBAAsB;IACtBC,wBAAwB;IAExBC,gBAAgB;AAClB"}
+{"version":3,"sources":["../src/server.constants.ts"],"names":["AppConstants","NON_NPM_MODE_KEY","NODE_ENV_KEY","VERSION_KEY","SERVER_PORT_KEY","MONGO_KEY","DATABASE_PATH","DATABASE_FILE","pm2ServiceName","logAppName","defaultFileStorageFolder","defaultLogsFolder","defaultLogZipsFolder","defaultClientBundleStorage","defaultClientBundleZipsStorage","defaultServerPort","defaultMongoStringUnauthenticated","apiRoute","enableClientDistAutoUpdateKey","ENABLE_EXPERIMENTAL_WHITELIST_SETTINGS","OVERRIDE_LOGIN_REQUIRED","OVERRIDE_REGISTRATION_ENABLED","DEFAULT_USERNAME_MINLEN","DEFAULT_PASSWORD_MINLEN","OVERRIDE_JWT_SECRET","OVERRIDE_JWT_EXPIRES_IN","DEFAULT_JWT_EXPIRES_IN","DEFAULT_REFRESH_TOKEN_ATTEMPTS","DEFAULT_REFRESH_TOKEN_EXPIRY","OVERRIDE_JWT_ISSUER","DEFAULT_JWT_ISSUER","OVERRIDE_JWT_AUDIENCE","DEFAULT_JWT_AUDIENCE","OVERRIDE_IS_DEMO_MODE","OVERRIDE_DEMO_USERNAME","DEFAULT_DEMO_USERNAME","OVERRIDE_DEMO_PASSWORD","DEFAULT_DEMO_PASSWORD","OVERRIDE_DEMO_ROLE","DEFAULT_DEMO_ROLE","defaultDevelopmentEnv","defaultTestEnv","defaultProductionEnv","knownEnvNames","GITHUB_PAT","serverPackageName","clientPackageName","clientRepoName","serverRepoName","orgName","currentWizardVersion","defaultClientMinimum","influxUrl","influxToken","influxOrg","influxBucket","defaultWebsocketHandshakeTimeout","defaultSocketThrottleRate","debugSocketStatesKey","defaultDebugSocketStates","enableMqttAutoDiscoveryToken","enableMqttAutoDiscoveryDefault","mqttUrlToken","mqttPortToken","mqttPortDefault","mqttUsernameToken","mqttPasswordToken","monsterPiFilePath","sentryCustomDsnToken","sentryCustomDsnDefault","debugRoutesKey","enableExperimentalTypeormKey","enableExperimentalTypeormDefault"],"mappings":";;;;+BAAaA;;;eAAAA;;;AAAN,MAAMA,eAAe;IAC1BC,kBAAkB;IAClBC,cAAc;IACdC,aAAa;IACbC,iBAAiB;IACjBC,WAAW;IACXC,eAAe;IACfC,eAAe;IAEfC,gBAAgB;IAChBC,YAAY;IAEZ,gCAAgC;IAChCC,0BAA0B;IAC1BC,mBAAmB;IACnBC,sBAAsB;IACtB,yCAAyC;IACzCC,4BAA4B;IAC5BC,gCAAgC;IAChCC,mBAAmB;IACnBC,mCAAmC;IACnCC,UAAU;IACVC,+BAA+B;IAE/B,qFAAqF;IACrFC,wCAAwC;IACxC,gDAAgD;IAChDC,yBAAyB;IACzB,gDAAgD;IAChDC,+BAA+B;IAC/B,SAAS;IACTC,yBAAyB;IACzB,SAAS;IACTC,yBAAyB;IACzB,2BAA2B;IAC3BC,qBAAqB;IACrB,oCAAoC;IACpCC,yBAAyB;IACzBC,wBAAwB,KAAK;IAC7B,SAAS;IACTC,gCAAgC,CAAC;IACjC,wBAAwB;IACxBC,8BAA8B,KAAK,KAAK,KAAK;IAC7C,wBAAwB;IACxBC,qBAAqB;IACrBC,oBAAoB;IACpB,wBAAwB;IACxBC,uBAAuB;IACvBC,sBAAsB;IAEtBC,uBAAuB;IACvBC,wBAAwB;IACxBC,uBAAuB;IACvBC,wBAAwB;IACxBC,uBAAuB;IACvBC,oBAAoB;IACpBC,mBAAmB;IAEnBC,uBAAuB;IACvBC,gBAAgB;IAChBC,sBAAsB;IACtBC,eAAe;QAAC;QAAe;QAAc;KAAO;IACpDC,YAAY;IACZC,mBAAmB;IACnBC,mBAAmB;IACnBC,gBAAgB;IAChBC,gBAAgB;IAChBC,SAAS;IACT,6DAA6D;IAC7DC,sBAAsB;IACtBC,sBAAsB;IAEtBC,WAAW;IACXC,aAAa;IACbC,WAAW;IACXC,cAAc;IAEd,mBAAmB;IACnBC,kCAAkC;IAClCC,2BAA2B;IAC3BC,sBAAsB;IACtBC,0BAA0B;IAE1B,8BAA8B;IAC9BC,8BAA8B;IAC9BC,gCAAgC;IAChCC,cAAc;IACdC,eAAe;IACfC,iBAAiB;IACjBC,mBAAmB;IACnBC,mBAAmB;IAEnB,YAAY;IACZC,mBAAmB;IAEnB,SAAS;IACTC,sBAAsB;IACtBC,wBAAwB;IAExBC,gBAAgB;IAEhBC,8BAA8B;IAC9BC,kCAAkC;AACpC"}

package/dist/server.host.js

@@ -13,7 +13,7 @@ const _mongoose = /*#__PURE__*/ _interop_require_default(require("mongoose"));
 const _connecthistoryapifallback = /*#__PURE__*/ _interop_require_default(require("connect-history-api-fallback"));
 const _awilixexpress = require("awilix-express");
 const _path = require("path");
-const _exceptionhandler = require("./middleware/exception.handler");
+const _exceptionfilter = require("./middleware/exception.filter");
 const _serverenv = require("./server.env");
 const _runtimeexceptions = require("./exceptions/runtime.exceptions");
 const _serverconstants = require("./server.constants");
@@ -63,7 +63,7 @@ class ServerHost {
         }).use((0, _awilixexpress.loadControllers)(`${routePath}/*.controller.*`, {
             cwd: __dirname,
             ignore: "**/*.map"
-        })).use(_exceptionhandler.exceptionHandler);
+        })).use(_exceptionfilter.exceptionFilter);
         // Serve the files for our frontend - do this later than the controllers
         const bundleDistPath = (0, _path.join)((0, _fsutils.superRootPath)(), _serverconstants.AppConstants.defaultClientBundleStorage, "dist");
         app.use(_express.default.static(bundleDistPath));
@@ -82,7 +82,7 @@ class ServerHost {
             if (!path.startsWith("/socket.io")) {
                 throw new _runtimeexceptions.NotFoundException(`${resource} resource was not found`, path);
             }
-        }).use(_exceptionhandler.exceptionHandler);
+        }).use(_exceptionfilter.exceptionFilter);
     }
     async httpListen() {
         const port = (0, _serverenv.fetchServerPort)();

package/dist/server.host.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/server.host.ts"],"names":["ServerHost","bootTask","taskManagerService","socketIoGateway","appInstance","configService","logger","constructor","loggerFactory","name","boot","app","quick_boot","listenRequests","mongoose","set","serveControllerRoutes","runOnce","httpListen","hasConnected","connections","readyState","routePath","use","req","res","next","originalUrl","startsWith","history","loadControllers","cwd","__dirname","ignore","exceptionHandler","bundleDistPath","join","superRootPath","AppConstants","defaultClientBundleStorage","express","static","backupClientPath","clientPackageName","get","path","resource","endsWith","error","NotFoundException","port","fetchServerPort","isProductionEnvironment","debugRoutesKey","expressListRoutes","require","prefix","Number","isNaN","parseInt","Error","hostOrFqdn","server","listen","log","attachServer"],"mappings":";;;;+BAkBaA;;;eAAAA;;;gEAlBwB;iEAChB;kFACD;+BAEY;sBACX;kCACY;2BACD;mCACE;iCACL;yBACC;0BAIU;;;;;;AAIjC,MAAMA;IACXC,SAAmB;IACnBC,mBAAuC;IACvCC,gBAAiC;IACjCC,cAAkC,KAAK;IACvCC,cAA6B;IACrBC,OAAsB;IAE9BC,YAAY,EACVC,aAAa,EACbP,QAAQ,EACRC,kBAAkB,EAClBC,eAAe,EACfE,aAAa,EAOd,CAAE;QACD,IAAI,CAACC,MAAM,GAAGE,cAAcR,WAAWS,IAAI;QAC3C,IAAI,CAACR,QAAQ,GAAGA;QAChB,IAAI,CAACC,kBAAkB,GAAGA;QAC1B,IAAI,CAACC,eAAe,GAAGA;QACvB,IAAI,CAACE,aAAa,GAAGA;IACvB;IAEA,MAAMK,KAAKC,GAAgB,EAAEC,aAAa,KAAK,EAAEC,iBAAiB,IAAI,EAAE;QACtE,oFAAoF;QACpFC,iBAAQ,CAACC,GAAG,CAAC,eAAe;QAE5B,IAAI,CAACX,WAAW,GAAGO;QACnB,IAAI,CAACK,qBAAqB,CAAC,IAAI,CAACZ,WAAW;QAE3C,IAAI,CAACQ,YAAY;YACf,MAAM,IAAI,CAACX,QAAQ,CAACgB,OAAO;QAC7B;QAEA,IAAIJ,gBAAgB,OAAO,IAAI,CAACK,UAAU;IAC5C;IAEAC,eAAe;QACb,OAAOL,iBAAQ,CAACM,WAAW,CAAC,EAAE,CAACC,UAAU;IAC3C;IAEAL,sBAAsBL,GAAgB,EAAE;QACtC,MAAMW,YAAY;QAElB,6EAA6E;QAC7EX,IACGY,GAAG,CAAC,CAACC,KAAKC,KAAKC;YACd,IAAI,CAACF,IAAIG,WAAW,CAACC,UAAU,CAAC,WAAW,CAACJ,IAAIG,WAAW,CAACC,UAAU,CAAC,eAAe;gBACpFC,IAAAA,kCAAO,IAAGL,KAAKC,KAAKC;YACtB,OAAO;gBACLA;YACF;QACF,GACCH,GAAG,CAACO,IAAAA,8BAAe,EAAC,CAAC,EAAER,UAAU,eAAe,CAAC,EAAE;YAAES,KAAKC;YAAWC,QAAQ;QAAW,IACxFV,GAAG,CAACW,kCAAgB;QAEvB,wEAAwE;QACxE,MAAMC,iBAAiBC,IAAAA,UAAI,EAACC,IAAAA,sBAAa,KAAIC,6BAAY,CAACC,0BAA0B,EAAE;QACtF5B,IAAIY,GAAG,CAACiB,gBAAO,CAACC,MAAM,CAACN;QACvB,gCAAgC;QAChC,MAAMO,mBAAmBN,IAAAA,UAAI,EAACC,IAAAA,sBAAa,KAAI,gBAAgBC,6BAAY,CAACK,iBAAiB,EAAE;QAC/FhC,IAAIY,GAAG,CAACiB,gBAAO,CAACC,MAAM,CAACC;QAEvB/B,IACGiC,GAAG,CAAC,KAAK,CAACpB,KAAKC;YACd,MAAMoB,OAAOrB,IAAIG,WAAW;YAE5B,IAAImB,WAAW;YACf,IAAID,KAAKjB,UAAU,CAAC,iBAAiBiB,KAAKjB,UAAU,CAAC,WAAWiB,KAAKjB,UAAU,CAAC,aAAa;gBAC3FkB,WAAW;YACb,OAAO,IAAID,KAAKE,QAAQ,CAAC,YAAY;gBACnCD,WAAW;YACb;YAEA,IAAI,CAACxC,MAAM,CAAC0C,KAAK,CAAC,CAAC,EAAEF,SAAS,cAAc,EAAED,KAAK,eAAe,CAAC;YAEnE,IAAI,CAACA,KAAKjB,UAAU,CAAC,eAAe;gBAClC,MAAM,IAAIqB,oCAAiB,CAAC,CAAC,EAAEH,SAAS,uBAAuB,CAAC,EAAED;YACpE;QACF,GACCtB,GAAG,CAACW,kCAAgB;IACzB;IAEA,MAAMhB,aAAa;QACjB,MAAMgC,OAAOC,IAAAA,0BAAe;QAC5B,IAAI,CAACC,IAAAA,iCAAuB,OAAM,IAAI,CAAC/C,aAAa,CAACuC,GAAG,CAACN,6BAAY,CAACe,cAAc,EAAE,aAAa,QAAQ;YACzG,MAAMC,oBAAoBC,QAAQ;YAClCD,kBAAkB,IAAI,CAAClD,WAAW,EAAG;gBAAEoD,QAAQ;YAAI;QACrD;QAEA,IAAI,CAACN,QAAQO,OAAOC,KAAK,CAACC,SAAST,QAAQ;YACzC,MAAM,IAAIU,MAAM;QAClB;QAEA,MAAMC,aAAa;QACnB,MAAMC,SAAS,IAAI,CAAC1D,WAAW,CAAE2D,MAAM,CAACJ,SAAST,OAAOW,YAAY;YAClE,IAAI,CAACvD,MAAM,CAAC0D,GAAG,CAAC,CAAC,8CAA8C,EAAEd,KAAK,CAAC;QACzE;QACA,IAAI,CAAC/C,eAAe,CAAC8D,YAAY,CAACH;IACpC;AACF"}
+{"version":3,"sources":["../src/server.host.ts"],"names":["ServerHost","bootTask","taskManagerService","socketIoGateway","appInstance","configService","logger","constructor","loggerFactory","name","boot","app","quick_boot","listenRequests","mongoose","set","serveControllerRoutes","runOnce","httpListen","hasConnected","connections","readyState","routePath","use","req","res","next","originalUrl","startsWith","history","loadControllers","cwd","__dirname","ignore","exceptionFilter","bundleDistPath","join","superRootPath","AppConstants","defaultClientBundleStorage","express","static","backupClientPath","clientPackageName","get","path","resource","endsWith","error","NotFoundException","port","fetchServerPort","isProductionEnvironment","debugRoutesKey","expressListRoutes","require","prefix","Number","isNaN","parseInt","Error","hostOrFqdn","server","listen","log","attachServer"],"mappings":";;;;+BAkBaA;;;eAAAA;;;gEAlBwB;iEAChB;kFACD;+BAEY;sBACX;iCACW;2BACA;mCACE;iCACL;yBACC;0BAIU;;;;;;AAIjC,MAAMA;IACXC,SAAmB;IACnBC,mBAAuC;IACvCC,gBAAiC;IACjCC,cAAkC,KAAK;IACvCC,cAA6B;IACrBC,OAAsB;IAE9BC,YAAY,EACVC,aAAa,EACbP,QAAQ,EACRC,kBAAkB,EAClBC,eAAe,EACfE,aAAa,EAOd,CAAE;QACD,IAAI,CAACC,MAAM,GAAGE,cAAcR,WAAWS,IAAI;QAC3C,IAAI,CAACR,QAAQ,GAAGA;QAChB,IAAI,CAACC,kBAAkB,GAAGA;QAC1B,IAAI,CAACC,eAAe,GAAGA;QACvB,IAAI,CAACE,aAAa,GAAGA;IACvB;IAEA,MAAMK,KAAKC,GAAgB,EAAEC,aAAa,KAAK,EAAEC,iBAAiB,IAAI,EAAE;QACtE,oFAAoF;QACpFC,iBAAQ,CAACC,GAAG,CAAC,eAAe;QAE5B,IAAI,CAACX,WAAW,GAAGO;QACnB,IAAI,CAACK,qBAAqB,CAAC,IAAI,CAACZ,WAAW;QAE3C,IAAI,CAACQ,YAAY;YACf,MAAM,IAAI,CAACX,QAAQ,CAACgB,OAAO;QAC7B;QAEA,IAAIJ,gBAAgB,OAAO,IAAI,CAACK,UAAU;IAC5C;IAEAC,eAAe;QACb,OAAOL,iBAAQ,CAACM,WAAW,CAAC,EAAE,CAACC,UAAU;IAC3C;IAEAL,sBAAsBL,GAAgB,EAAE;QACtC,MAAMW,YAAY;QAElB,6EAA6E;QAC7EX,IACGY,GAAG,CAAC,CAACC,KAAKC,KAAKC;YACd,IAAI,CAACF,IAAIG,WAAW,CAACC,UAAU,CAAC,WAAW,CAACJ,IAAIG,WAAW,CAACC,UAAU,CAAC,eAAe;gBACpFC,IAAAA,kCAAO,IAAGL,KAAKC,KAAKC;YACtB,OAAO;gBACLA;YACF;QACF,GACCH,GAAG,CAACO,IAAAA,8BAAe,EAAC,CAAC,EAAER,UAAU,eAAe,CAAC,EAAE;YAAES,KAAKC;YAAWC,QAAQ;QAAW,IACxFV,GAAG,CAACW,gCAAe;QAEtB,wEAAwE;QACxE,MAAMC,iBAAiBC,IAAAA,UAAI,EAACC,IAAAA,sBAAa,KAAIC,6BAAY,CAACC,0BAA0B,EAAE;QACtF5B,IAAIY,GAAG,CAACiB,gBAAO,CAACC,MAAM,CAACN;QACvB,gCAAgC;QAChC,MAAMO,mBAAmBN,IAAAA,UAAI,EAACC,IAAAA,sBAAa,KAAI,gBAAgBC,6BAAY,CAACK,iBAAiB,EAAE;QAC/FhC,IAAIY,GAAG,CAACiB,gBAAO,CAACC,MAAM,CAACC;QAEvB/B,IACGiC,GAAG,CAAC,KAAK,CAACpB,KAAKC;YACd,MAAMoB,OAAOrB,IAAIG,WAAW;YAE5B,IAAImB,WAAW;YACf,IAAID,KAAKjB,UAAU,CAAC,iBAAiBiB,KAAKjB,UAAU,CAAC,WAAWiB,KAAKjB,UAAU,CAAC,aAAa;gBAC3FkB,WAAW;YACb,OAAO,IAAID,KAAKE,QAAQ,CAAC,YAAY;gBACnCD,WAAW;YACb;YAEA,IAAI,CAACxC,MAAM,CAAC0C,KAAK,CAAC,CAAC,EAAEF,SAAS,cAAc,EAAED,KAAK,eAAe,CAAC;YAEnE,IAAI,CAACA,KAAKjB,UAAU,CAAC,eAAe;gBAClC,MAAM,IAAIqB,oCAAiB,CAAC,CAAC,EAAEH,SAAS,uBAAuB,CAAC,EAAED;YACpE;QACF,GACCtB,GAAG,CAACW,gCAAe;IACxB;IAEA,MAAMhB,aAAa;QACjB,MAAMgC,OAAOC,IAAAA,0BAAe;QAC5B,IAAI,CAACC,IAAAA,iCAAuB,OAAM,IAAI,CAAC/C,aAAa,CAACuC,GAAG,CAACN,6BAAY,CAACe,cAAc,EAAE,aAAa,QAAQ;YACzG,MAAMC,oBAAoBC,QAAQ;YAClCD,kBAAkB,IAAI,CAAClD,WAAW,EAAG;gBAAEoD,QAAQ;YAAI;QACrD;QAEA,IAAI,CAACN,QAAQO,OAAOC,KAAK,CAACC,SAAST,QAAQ;YACzC,MAAM,IAAIU,MAAM;QAClB;QAEA,MAAMC,aAAa;QACnB,MAAMC,SAAS,IAAI,CAAC1D,WAAW,CAAE2D,MAAM,CAACJ,SAAST,OAAOW,YAAY;YAClE,IAAI,CAACvD,MAAM,CAAC0D,GAAG,CAAC,CAAC,8CAA8C,EAAEd,KAAK,CAAC;QACzE;QACA,IAAI,CAAC/C,eAAe,CAAC8D,YAAY,CAACH;IACpC;AACF"}

package/dist/services/authentication/auth.service.js

@@ -10,6 +10,7 @@ Object.defineProperty(exports, "AuthService", {
 });
 const _runtimeexceptions = require("../../exceptions/runtime.exceptions");
 const _cryptoutils = require("../../utils/crypto.utils");
+const _authorizationconstants = require("../../constants/authorization.constants");
 class AuthService {
     logger;
     userService;
@@ -43,16 +44,16 @@ class AuthService {
     async loginUser(username, password) {
         const userDoc = await this.userService.findRawByUsername(username);
         if (!userDoc) {
-            throw new _runtimeexceptions.AuthenticationError("Login incorrect");
+            throw new _runtimeexceptions.AuthenticationError("Login incorrect", _authorizationconstants.AUTH_ERROR_REASON.IncorrectCredentials);
         }
         const result = (0, _cryptoutils.comparePasswordHash)(password, userDoc.passwordHash);
         if (!result) {
-            throw new _runtimeexceptions.AuthenticationError("Login incorrect");
+            throw new _runtimeexceptions.AuthenticationError("Login incorrect", _authorizationconstants.AUTH_ERROR_REASON.IncorrectCredentials);
         }
         const userId = userDoc.id.toString();
         const token = await this.signJwtToken(userId);
         await this.refreshTokenService.purgeOutdatedRefreshTokensByUserId(userId);
-        await this.purgeBlacklistedJwtCache();
+        await this.purgeOutdatedBlacklistedJwtCache();
         const refreshToken = await this.refreshTokenService.createRefreshTokenForUserId(userId);
         return {
             token,
@@ -66,10 +67,10 @@ class AuthService {
                 userId,
                 createdAt: Date.now()
             };
-            await this.purgeBlacklistedJwtCache();
+            await this.purgeOutdatedBlacklistedJwtCache();
         }
     }
-    async purgeBlacklistedJwtCache() {
+    async purgeOutdatedBlacklistedJwtCache() {
         try {
             const { jwtExpiresIn } = await this.settingsStore.getCredentialSettings();
             const now = Date.now();
@@ -91,9 +92,15 @@ class AuthService {
     async renewLoginByRefreshToken(refreshToken) {
         const userRefreshToken = await this.getValidRefreshToken(refreshToken, false);
         if (!userRefreshToken) {
-            throw new _runtimeexceptions.AuthenticationError("The refresh token was invalid or expired, could not refresh user token");
+            throw new _runtimeexceptions.AuthenticationError("The refresh token was invalid or expired, could not refresh user token", _authorizationconstants.AUTH_ERROR_REASON.InvalidOrExpiredRefreshToken);
         }
         const userId = userRefreshToken.userId.toString();
+        const user = await this.userService.getUser(userId, false);
+        if (!user) {
+            await this.refreshTokenService.deleteRefreshToken(refreshToken);
+            throw new _runtimeexceptions.AuthenticationError("User not found", _authorizationconstants.AUTH_ERROR_REASON.InvalidOrExpiredRefreshToken);
+        }
+        // If the user is not found at this point, then the user was deleted
         const token = await this.signJwtToken(userId);
         await this.increaseRefreshTokenAttemptsUsed(userRefreshToken.refreshToken);
         return token;
@@ -108,29 +115,33 @@ class AuthService {
         }
         if (Date.now() > userRefreshToken.expiresAt) {
             await this.refreshTokenService.deleteRefreshTokenByUserId(userRefreshToken.userId.toString());
-            throw new _runtimeexceptions.AuthenticationError("Refresh token expired, login required");
+            throw new _runtimeexceptions.AuthenticationError("Refresh token expired, login required", _authorizationconstants.AUTH_ERROR_REASON.InvalidOrExpiredRefreshToken);
         }
         return userRefreshToken;
     }
     async increaseRefreshTokenAttemptsUsed(refreshToken) {
         const { refreshTokenAttempts } = await this.settingsStore.getCredentialSettings();
         const userRefreshToken = await this.getValidRefreshToken(refreshToken);
-        // If no attempts are set, then we don't care about attempts
-        if (refreshTokenAttempts < 0) return;
         const attemptsUsed = userRefreshToken.refreshAttemptsUsed;
-        if (attemptsUsed >= refreshTokenAttempts) {
-            await this.refreshTokenService.deleteRefreshTokenByUserId(userRefreshToken.userId.toString());
-            throw new _runtimeexceptions.AuthenticationError("Refresh token attempts exceeded, login required");
+        // If no attempts are set, then we don't care about attempts
+        if (refreshTokenAttempts !== -1) {
+            if (attemptsUsed >= refreshTokenAttempts) {
+                await this.refreshTokenService.deleteRefreshTokenByUserId(userRefreshToken.userId.toString());
+                throw new _runtimeexceptions.AuthenticationError("Refresh token attempts exceeded, login required", _authorizationconstants.AUTH_ERROR_REASON.InvalidOrExpiredRefreshToken);
+            }
         }
         await this.refreshTokenService.updateRefreshTokenAttempts(refreshToken, attemptsUsed + 1);
     }
     async signJwtToken(userId) {
-        const user = await this.userService.getUser(userId);
+        const user = await this.userService.getUser(userId, false);
+        if (!user) {
+            throw new _runtimeexceptions.AuthenticationError("User not found", _authorizationconstants.AUTH_ERROR_REASON.InvalidOrExpiredRefreshToken);
+        }
         if (user.needsPasswordChange) {
-            throw new _runtimeexceptions.PasswordChangeRequiredError();
+            throw new _runtimeexceptions.AuthenticationError("Password change required", _authorizationconstants.AUTH_ERROR_REASON.PasswordChangeRequired);
         }
         if (!user.isVerified) {
-            throw new _runtimeexceptions.AuthenticationError("User is not verified yet");
+            throw new _runtimeexceptions.AuthenticationError("User is not verified yet", _authorizationconstants.AUTH_ERROR_REASON.AccountNotVerified);
         }
         return this.jwtService.signJwtToken(userId, user.username);
     }

package/dist/services/authentication/auth.service.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/services/authentication/auth.service.ts"],"names":["AuthService","logger","userService","jwtService","settingsStore","refreshTokenService","blacklistedJwtCache","constructor","loggerFactory","name","loginUser","username","password","userDoc","findRawByUsername","AuthenticationError","result","comparePasswordHash","passwordHash","userId","id","toString","token","signJwtToken","purgeOutdatedRefreshTokensByUserId","purgeBlacklistedJwtCache","refreshToken","createRefreshTokenForUserId","logoutUserId","jwtToken","deleteRefreshTokenByUserId","length","createdAt","Date","now","jwtExpiresIn","getCredentialSettings","keys","Object","key","err","error","logoutUserRefreshToken","userRefreshToken","getValidRefreshToken","renewLoginByRefreshToken","increaseRefreshTokenAttemptsUsed","isJwtTokenBlacklisted","throwNotFoundError","getRefreshToken","expiresAt","refreshTokenAttempts","attemptsUsed","refreshAttemptsUsed","updateRefreshTokenAttempts","user","getUser","needsPasswordChange","PasswordChangeRequiredError","isVerified"],"mappings":";;;;+BAWaA;;;eAAAA;;;mCAXoD;6BAC7B;AAU7B,MAAMA;IACHC,OAAsB;IACtBC,YAAuC;IACvCC,WAAqC;IACrCC,cAA6B;IAC7BC,oBAAuD;IAC/D;;GAEC,GACD,AAAQC,sBAAkF,CAAC,EAAE;IAE7F;;;;;;;;GAQC,GAED;;;;;;GAMC,GAEDC,YAAY,EACVL,WAAW,EACXC,UAAU,EACVK,aAAa,EACbJ,aAAa,EACbC,mBAAmB,EAOpB,CAAE;QACD,IAAI,CAACH,WAAW,GAAGA;QACnB,IAAI,CAACC,UAAU,GAAGA;QAClB,IAAI,CAACF,MAAM,GAAGO,cAAcR,YAAYS,IAAI;QAC5C,IAAI,CAACL,aAAa,GAAGA;QACrB,IAAI,CAACC,mBAAmB,GAAGA;IAC7B;IAEA,MAAMK,UAAUC,QAAgB,EAAEC,QAAgB,EAAE;QAClD,MAAMC,UAAU,MAAM,IAAI,CAACX,WAAW,CAACY,iBAAiB,CAACH;QACzD,IAAI,CAACE,SAAS;YACZ,MAAM,IAAIE,sCAAmB,CAAC;QAChC;QACA,MAAMC,SAASC,IAAAA,gCAAmB,EAACL,UAAUC,QAAQK,YAAY;QACjE,IAAI,CAACF,QAAQ;YACX,MAAM,IAAID,sCAAmB,CAAC;QAChC;QAEA,MAAMI,SAASN,QAAQO,EAAE,CAACC,QAAQ;QAClC,MAAMC,QAAQ,MAAM,IAAI,CAACC,YAAY,CAACJ;QAEtC,MAAM,IAAI,CAACd,mBAAmB,CAACmB,kCAAkC,CAACL;QAClE,MAAM,IAAI,CAACM,wBAAwB;QAEnC,MAAMC,eAAe,MAAM,IAAI,CAACrB,mBAAmB,CAACsB,2BAA2B,CAACR;QAChF,OAAO;YACLG;YACAI;QACF;IACF;IAEA,MAAME,aAAaT,MAAmB,EAAEU,QAAiB,EAAE;QACzD,MAAM,IAAI,CAACxB,mBAAmB,CAACyB,0BAA0B,CAACX;QAC1D,IAAIU,UAAUE,QAAQ;YACpB,IAAI,CAACzB,mBAAmB,CAACuB,SAAS,GAAG;gBAAEV;gBAAQa,WAAWC,KAAKC,GAAG;YAAG;YACrE,MAAM,IAAI,CAACT,wBAAwB;QACrC;IACF;IAEA,MAAMA,2BAA2B;QAC/B,IAAI;YACF,MAAM,EAAEU,YAAY,EAAE,GAAG,MAAM,IAAI,CAAC/B,aAAa,CAACgC,qBAAqB;YACvE,MAAMF,MAAMD,KAAKC,GAAG;YACpB,MAAMG,OAAOC,OAAOD,IAAI,CAAC,IAAI,CAAC/B,mBAAmB;YACjD,KAAK,MAAMiC,OAAOF,KAAM;gBACtB,MAAM,EAAEL,SAAS,EAAE,GAAG,IAAI,CAAC1B,mBAAmB,CAACiC,IAAI;gBACnD,IAAIL,MAAMF,YAAYG,cAAc;oBAClC,OAAO,IAAI,CAAC7B,mBAAmB,CAACiC,IAAI;gBACtC;YACF;QACF,EAAE,OAAOC,KAAK;YACZ,IAAI,CAACvC,MAAM,CAACwC,KAAK,CAAC,yCAAyCD;QAC7D;IACF;IAEA,MAAME,uBAAuBhB,YAAoB,EAAE;QACjD,MAAMiB,mBAAmB,MAAM,IAAI,CAACC,oBAAoB,CAAClB;QACzD,MAAM,IAAI,CAACrB,mBAAmB,CAACyB,0BAA0B,CAACa,iBAAiBxB,MAAM,CAACE,QAAQ;IAC5F;IAEA,MAAMwB,yBAAyBnB,YAAoB,EAAmB;QACpE,MAAMiB,mBAAmB,MAAM,IAAI,CAACC,oBAAoB,CAAClB,cAAc;QACvE,IAAI,CAACiB,kBAAkB;YACrB,MAAM,IAAI5B,sCAAmB,CAAC;QAChC;QAEA,MAAMI,SAASwB,iBAAiBxB,MAAM,CAACE,QAAQ;QAC/C,MAAMC,QAAQ,MAAM,IAAI,CAACC,YAAY,CAACJ;QACtC,MAAM,IAAI,CAAC2B,gCAAgC,CAACH,iBAAiBjB,YAAY;QACzE,OAAOJ;IACT;IAEAyB,sBAAsBlB,QAAgB,EAAE;QACtC,OAAO,IAAI,CAACvB,mBAAmB,CAACuB,SAAS;IAC3C;IAEA,MAAMe,qBAAqBlB,YAAoB,EAAEsB,qBAA8B,IAAI,EAAE;QACnF,MAAML,mBAAmB,MAAM,IAAI,CAACtC,mBAAmB,CAAC4C,eAAe,CAACvB,cAAcsB;QACtF,IAAI,CAACL,kBAAkB;YACrB,OAAO;QACT;QACA,IAAIV,KAAKC,GAAG,KAAKS,iBAAiBO,SAAS,EAAE;YAC3C,MAAM,IAAI,CAAC7C,mBAAmB,CAACyB,0BAA0B,CAACa,iBAAiBxB,MAAM,CAACE,QAAQ;YAC1F,MAAM,IAAIN,sCAAmB,CAAC;QAChC;QACA,OAAO4B;IACT;IAEA,MAAMG,iCAAiCpB,YAAoB,EAAiB;QAC1E,MAAM,EAAEyB,oBAAoB,EAAE,GAAG,MAAM,IAAI,CAAC/C,aAAa,CAACgC,qBAAqB;QAC/E,MAAMO,mBAAmB,MAAM,IAAI,CAACC,oBAAoB,CAAClB;QAEzD,4DAA4D;QAC5D,IAAIyB,uBAAuB,GAAG;QAE9B,MAAMC,eAAeT,iBAAiBU,mBAAmB;QACzD,IAAID,gBAAgBD,sBAAsB;YACxC,MAAM,IAAI,CAAC9C,mBAAmB,CAACyB,0BAA0B,CAACa,iBAAiBxB,MAAM,CAACE,QAAQ;YAC1F,MAAM,IAAIN,sCAAmB,CAAC;QAChC;QAEA,MAAM,IAAI,CAACV,mBAAmB,CAACiD,0BAA0B,CAAC5B,cAAc0B,eAAe;IACzF;IAEA,MAAM7B,aAAaJ,MAAmB,EAAE;QACtC,MAAMoC,OAAO,MAAM,IAAI,CAACrD,WAAW,CAACsD,OAAO,CAACrC;QAC5C,IAAIoC,KAAKE,mBAAmB,EAAE;YAC5B,MAAM,IAAIC,8CAA2B;QACvC;QACA,IAAI,CAACH,KAAKI,UAAU,EAAE;YACpB,MAAM,IAAI5C,sCAAmB,CAAC;QAChC;QACA,OAAO,IAAI,CAACZ,UAAU,CAACoB,YAAY,CAACJ,QAAQoC,KAAK5C,QAAQ;IAC3D;AACF"}
+{"version":3,"sources":["../../../src/services/authentication/auth.service.ts"],"names":["AuthService","logger","userService","jwtService","settingsStore","refreshTokenService","blacklistedJwtCache","constructor","loggerFactory","name","loginUser","username","password","userDoc","findRawByUsername","AuthenticationError","AUTH_ERROR_REASON","IncorrectCredentials","result","comparePasswordHash","passwordHash","userId","id","toString","token","signJwtToken","purgeOutdatedRefreshTokensByUserId","purgeOutdatedBlacklistedJwtCache","refreshToken","createRefreshTokenForUserId","logoutUserId","jwtToken","deleteRefreshTokenByUserId","length","createdAt","Date","now","jwtExpiresIn","getCredentialSettings","keys","Object","key","err","error","logoutUserRefreshToken","userRefreshToken","getValidRefreshToken","renewLoginByRefreshToken","InvalidOrExpiredRefreshToken","user","getUser","deleteRefreshToken","increaseRefreshTokenAttemptsUsed","isJwtTokenBlacklisted","throwNotFoundError","getRefreshToken","expiresAt","refreshTokenAttempts","attemptsUsed","refreshAttemptsUsed","updateRefreshTokenAttempts","needsPasswordChange","PasswordChangeRequired","isVerified","AccountNotVerified"],"mappings":";;;;+BAYaA;;;eAAAA;;;mCAZuB;6BACA;wCASF;AAE3B,MAAMA;IACHC,OAAsB;IACtBC,YAAuC;IACvCC,WAAqC;IACrCC,cAA6B;IAC7BC,oBAAuD;IAC/D;;GAEC,GACD,AAAQC,sBAAkF,CAAC,EAAE;IAE7F;;;;;;;;GAQC,GAED;;;;;;GAMC,GAEDC,YAAY,EACVL,WAAW,EACXC,UAAU,EACVK,aAAa,EACbJ,aAAa,EACbC,mBAAmB,EAOpB,CAAE;QACD,IAAI,CAACH,WAAW,GAAGA;QACnB,IAAI,CAACC,UAAU,GAAGA;QAClB,IAAI,CAACF,MAAM,GAAGO,cAAcR,YAAYS,IAAI;QAC5C,IAAI,CAACL,aAAa,GAAGA;QACrB,IAAI,CAACC,mBAAmB,GAAGA;IAC7B;IAEA,MAAMK,UAAUC,QAAgB,EAAEC,QAAgB,EAAE;QAClD,MAAMC,UAAU,MAAM,IAAI,CAACX,WAAW,CAACY,iBAAiB,CAACH;QACzD,IAAI,CAACE,SAAS;YACZ,MAAM,IAAIE,sCAAmB,CAAC,mBAAmBC,yCAAiB,CAACC,oBAAoB;QACzF;QACA,MAAMC,SAASC,IAAAA,gCAAmB,EAACP,UAAUC,QAAQO,YAAY;QACjE,IAAI,CAACF,QAAQ;YACX,MAAM,IAAIH,sCAAmB,CAAC,mBAAmBC,yCAAiB,CAACC,oBAAoB;QACzF;QAEA,MAAMI,SAASR,QAAQS,EAAE,CAACC,QAAQ;QAClC,MAAMC,QAAQ,MAAM,IAAI,CAACC,YAAY,CAACJ;QACtC,MAAM,IAAI,CAAChB,mBAAmB,CAACqB,kCAAkC,CAACL;QAClE,MAAM,IAAI,CAACM,gCAAgC;QAE3C,MAAMC,eAAe,MAAM,IAAI,CAACvB,mBAAmB,CAACwB,2BAA2B,CAACR;QAChF,OAAO;YACLG;YACAI;QACF;IACF;IAEA,MAAME,aAAaT,MAAmB,EAAEU,QAAiB,EAAE;QACzD,MAAM,IAAI,CAAC1B,mBAAmB,CAAC2B,0BAA0B,CAACX;QAC1D,IAAIU,UAAUE,QAAQ;YACpB,IAAI,CAAC3B,mBAAmB,CAACyB,SAAS,GAAG;gBAAEV;gBAAQa,WAAWC,KAAKC,GAAG;YAAG;YACrE,MAAM,IAAI,CAACT,gCAAgC;QAC7C;IACF;IAEA,MAAMA,mCAAmC;QACvC,IAAI;YACF,MAAM,EAAEU,YAAY,EAAE,GAAG,MAAM,IAAI,CAACjC,aAAa,CAACkC,qBAAqB;YACvE,MAAMF,MAAMD,KAAKC,GAAG;YACpB,MAAMG,OAAOC,OAAOD,IAAI,CAAC,IAAI,CAACjC,mBAAmB;YACjD,KAAK,MAAMmC,OAAOF,KAAM;gBACtB,MAAM,EAAEL,SAAS,EAAE,GAAG,IAAI,CAAC5B,mBAAmB,CAACmC,IAAI;gBACnD,IAAIL,MAAMF,YAAYG,cAAc;oBAClC,OAAO,IAAI,CAAC/B,mBAAmB,CAACmC,IAAI;gBACtC;YACF;QACF,EAAE,OAAOC,KAAK;YACZ,IAAI,CAACzC,MAAM,CAAC0C,KAAK,CAAC,yCAAyCD;QAC7D;IACF;IAEA,MAAME,uBAAuBhB,YAAoB,EAAE;QACjD,MAAMiB,mBAAmB,MAAM,IAAI,CAACC,oBAAoB,CAAClB;QACzD,MAAM,IAAI,CAACvB,mBAAmB,CAAC2B,0BAA0B,CAACa,iBAAiBxB,MAAM,CAACE,QAAQ;IAC5F;IAEA,MAAMwB,yBAAyBnB,YAAoB,EAAmB;QACpE,MAAMiB,mBAAmB,MAAM,IAAI,CAACC,oBAAoB,CAAClB,cAAc;QACvE,IAAI,CAACiB,kBAAkB;YACrB,MAAM,IAAI9B,sCAAmB,CAC3B,0EACAC,yCAAiB,CAACgC,4BAA4B;QAElD;QAEA,MAAM3B,SAASwB,iBAAiBxB,MAAM,CAACE,QAAQ;QAC/C,MAAM0B,OAAO,MAAM,IAAI,CAAC/C,WAAW,CAACgD,OAAO,CAAC7B,QAAQ;QACpD,IAAI,CAAC4B,MAAM;YACT,MAAM,IAAI,CAAC5C,mBAAmB,CAAC8C,kBAAkB,CAACvB;YAClD,MAAM,IAAIb,sCAAmB,CAAC,kBAAkBC,yCAAiB,CAACgC,4BAA4B;QAChG;QAEA,oEAAoE;QACpE,MAAMxB,QAAQ,MAAM,IAAI,CAACC,YAAY,CAACJ;QACtC,MAAM,IAAI,CAAC+B,gCAAgC,CAACP,iBAAiBjB,YAAY;QACzE,OAAOJ;IACT;IAEA6B,sBAAsBtB,QAAgB,EAAE;QACtC,OAAO,IAAI,CAACzB,mBAAmB,CAACyB,SAAS;IAC3C;IAEA,MAAMe,qBAAqBlB,YAAoB,EAAE0B,qBAA8B,IAAI,EAAE;QACnF,MAAMT,mBAAmB,MAAM,IAAI,CAACxC,mBAAmB,CAACkD,eAAe,CAAC3B,cAAc0B;QACtF,IAAI,CAACT,kBAAkB;YACrB,OAAO;QACT;QACA,IAAIV,KAAKC,GAAG,KAAKS,iBAAiBW,SAAS,EAAE;YAC3C,MAAM,IAAI,CAACnD,mBAAmB,CAAC2B,0BAA0B,CAACa,iBAAiBxB,MAAM,CAACE,QAAQ;YAC1F,MAAM,IAAIR,sCAAmB,CAAC,yCAAyCC,yCAAiB,CAACgC,4BAA4B;QACvH;QACA,OAAOH;IACT;IAEA,MAAMO,iCAAiCxB,YAAoB,EAAiB;QAC1E,MAAM,EAAE6B,oBAAoB,EAAE,GAAG,MAAM,IAAI,CAACrD,aAAa,CAACkC,qBAAqB;QAC/E,MAAMO,mBAAmB,MAAM,IAAI,CAACC,oBAAoB,CAAClB;QACzD,MAAM8B,eAAeb,iBAAiBc,mBAAmB;QAEzD,4DAA4D;QAC5D,IAAIF,yBAAyB,CAAC,GAAG;YAC/B,IAAIC,gBAAgBD,sBAAsB;gBACxC,MAAM,IAAI,CAACpD,mBAAmB,CAAC2B,0BAA0B,CAACa,iBAAiBxB,MAAM,CAACE,QAAQ;gBAC1F,MAAM,IAAIR,sCAAmB,CAC3B,mDACAC,yCAAiB,CAACgC,4BAA4B;YAElD;QACF;QAEA,MAAM,IAAI,CAAC3C,mBAAmB,CAACuD,0BAA0B,CAAChC,cAAc8B,eAAe;IACzF;IAEA,MAAMjC,aAAaJ,MAAmB,EAAE;QACtC,MAAM4B,OAAO,MAAM,IAAI,CAAC/C,WAAW,CAACgD,OAAO,CAAC7B,QAAQ;QACpD,IAAI,CAAC4B,MAAM;YACT,MAAM,IAAIlC,sCAAmB,CAAC,kBAAkBC,yCAAiB,CAACgC,4BAA4B;QAChG;QACA,IAAIC,KAAKY,mBAAmB,EAAE;YAC5B,MAAM,IAAI9C,sCAAmB,CAAC,4BAA4BC,yCAAiB,CAAC8C,sBAAsB;QACpG;QACA,IAAI,CAACb,KAAKc,UAAU,EAAE;YACpB,MAAM,IAAIhD,sCAAmB,CAAC,4BAA4BC,yCAAiB,CAACgD,kBAAkB;QAChG;QACA,OAAO,IAAI,CAAC7D,UAAU,CAACsB,YAAY,CAACJ,QAAQ4B,KAAKtC,QAAQ;IAC3D;AACF"}

package/dist/services/authentication/refresh-token.service.js

@@ -12,6 +12,7 @@ const _models = require("../../models");
 const _uuid = require("uuid");
 const _serverconstants = require("../../server.constants");
 const _runtimeexceptions = require("../../exceptions/runtime.exceptions");
+const _authorizationconstants = require("../../constants/authorization.constants");
 class RefreshTokenService {
     settingsStore;
     logger;
@@ -25,7 +26,7 @@ class RefreshTokenService {
         });
         if (!userRefreshToken) {
             if (throwNotFoundError) {
-                throw new _runtimeexceptions.AuthenticationError("The refresh token was not found");
+                throw new _runtimeexceptions.AuthenticationError("The refresh token was not found", _authorizationconstants.AUTH_ERROR_REASON.InvalidOrExpiredRefreshToken);
             }
             return null;
         }
@@ -47,7 +48,7 @@ class RefreshTokenService {
         return refreshToken;
     }
     async updateRefreshTokenAttempts(refreshToken, refreshAttemptsUsed) {
-        await this.getRefreshToken(refreshToken);
+        await this.getRefreshToken(refreshToken, true);
         await _models.RefreshToken.updateOne({
             refreshToken
         }, {

package/dist/services/authentication/refresh-token.service.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/services/authentication/refresh-token.service.ts"],"names":["RefreshTokenService","settingsStore","logger","constructor","loggerFactory","name","getRefreshToken","refreshToken","throwNotFoundError","userRefreshToken","RefreshToken","findOne","AuthenticationError","createRefreshTokenForUserId","userId","refreshTokenExpiry","getCredentialSettings","uuidv4","timespan","AppConstants","DEFAULT_REFRESH_TOKEN_EXPIRY","warn","create","expiresAt","Date","now","refreshAttemptsUsed","updateRefreshTokenAttempts","updateOne","new","purgeOutdatedRefreshTokensByUserId","result","deleteMany","$lt","deletedCount","debug","purgeAllOutdatedRefreshTokens","deleteRefreshTokenByUserId","deleteRefreshToken","deleteOne"],"mappings":";;;;+BAWaA;;;eAAAA;;;wBATgB;sBACA;iCACA;mCAIO;AAG7B,MAAMA;IACHC,cAA6B;IAC7BC,OAAsB;IAC9BC,YAAY,EAAEC,aAAa,EAAEH,aAAa,EAAmE,CAAE;QAC7G,IAAI,CAACC,MAAM,GAAGE,cAAcJ,oBAAoBK,IAAI;QACpD,IAAI,CAACJ,aAAa,GAAGA;IACvB;IAEA,MAAMK,gBAAgBC,YAAoB,EAAEC,qBAAqB,IAAI,EAAiC;QACpG,MAAMC,mBAAmB,MAAMC,oBAAY,CAACC,OAAO,CAAC;YAClDJ;QACF;QACA,IAAI,CAACE,kBAAkB;YACrB,IAAID,oBAAoB;gBACtB,MAAM,IAAII,sCAAmB,CAAC;YAChC;YACA,OAAO;QACT;QACA,OAAOH;IACT;IAEA,MAAMI,4BAA4BC,MAAmB,EAAmB;QACtE,MAAM,EAAEC,kBAAkB,EAAE,GAAG,MAAM,IAAI,CAACd,aAAa,CAACe,qBAAqB;QAC7E,MAAMT,eAAeU,IAAAA,QAAM;QAE3B,MAAMC,WAAWH,sBAAsBI,6BAAY,CAACC,4BAA4B;QAChF,IAAI,CAACL,oBAAoB;YACvB,IAAI,CAACb,MAAM,CAACmB,IAAI,CAAC,CAAC,oEAAoE,EAAEH,SAAS,SAAS,CAAC;QAC7G;QAEA,MAAMR,oBAAY,CAACY,MAAM,CAAC;YACxBR;YACAS,WAAWC,KAAKC,GAAG,KAAKP,WAAW;YACnCX;YACAmB,qBAAqB;QACvB;QAEA,OAAOnB;IACT;IAEA,MAAMoB,2BAA2BpB,YAAoB,EAAEmB,mBAA2B,EAAE;QAClF,MAAM,IAAI,CAACpB,eAAe,CAACC;QAE3B,MAAMG,oBAAY,CAACkB,SAAS,CAC1B;YACErB;QACF,GACA;YACEmB;QACF,GACA;YACEG,KAAK;QACP;IAEJ;IAEA,MAAMC,mCAAmChB,MAAmB,EAAE;QAC5D,MAAMiB,SAAS,MAAMrB,oBAAY,CAACsB,UAAU,CAAC;YAC3ClB;YACAS,WAAW;gBACTU,KAAKT,KAAKC,GAAG;YACf;QACF;QAEA,IAAIM,OAAOG,YAAY,EAAE;YACvB,IAAI,CAAChC,MAAM,CAACiC,KAAK,CAAC,CAAC,QAAQ,EAAEJ,OAAOG,YAAY,CAAC,wCAAwC,EAAEpB,OAAO,CAAC;QACrG;IACF;IAEA,MAAMsB,gCAAgC;QACpC,MAAML,SAAS,MAAMrB,oBAAY,CAACsB,UAAU,CAAC;YAC3CT,WAAW;gBACTU,KAAKT,KAAKC,GAAG;YACf;QACF;QAEA,IAAIM,OAAOG,YAAY,EAAE;YACvB,IAAI,CAAChC,MAAM,CAACiC,KAAK,CAAC,CAAC,QAAQ,EAAEJ,OAAOG,YAAY,CAAC,8BAA8B,CAAC;QAClF;IACF;IAEA,MAAMG,2BAA2BvB,MAAmB,EAAiB;QACnE,MAAMiB,SAAS,MAAMrB,oBAAY,CAACsB,UAAU,CAAC;YAC3ClB;QACF;QAEA,IAAIiB,OAAOG,YAAY,EAAE;YACvB,IAAI,CAAChC,MAAM,CAACiC,KAAK,CAAC,CAAC,QAAQ,EAAEJ,OAAOG,YAAY,CAAC,qBAAqB,CAAC;QACzE;IACF;IAEA,MAAMI,mBAAmB/B,YAAoB,EAAiB;QAC5D,MAAMwB,SAAS,MAAMrB,oBAAY,CAAC6B,SAAS,CAAC;YAC1ChC;QACF;QAEA,oBAAoB;QACpB,IAAIwB,OAAOG,YAAY,EAAE;YACvB,IAAI,CAAChC,MAAM,CAACiC,KAAK,CAAC,CAAC,QAAQ,EAAEJ,OAAOG,YAAY,CAAC,qBAAqB,CAAC;QACzE;IACF;AACF"}
+{"version":3,"sources":["../../../src/services/authentication/refresh-token.service.ts"],"names":["RefreshTokenService","settingsStore","logger","constructor","loggerFactory","name","getRefreshToken","refreshToken","throwNotFoundError","userRefreshToken","RefreshToken","findOne","AuthenticationError","AUTH_ERROR_REASON","InvalidOrExpiredRefreshToken","createRefreshTokenForUserId","userId","refreshTokenExpiry","getCredentialSettings","uuidv4","timespan","AppConstants","DEFAULT_REFRESH_TOKEN_EXPIRY","warn","create","expiresAt","Date","now","refreshAttemptsUsed","updateRefreshTokenAttempts","updateOne","new","purgeOutdatedRefreshTokensByUserId","result","deleteMany","$lt","deletedCount","debug","purgeAllOutdatedRefreshTokens","deleteRefreshTokenByUserId","deleteRefreshToken","deleteOne"],"mappings":";;;;+BAYaA;;;eAAAA;;;wBAVgB;sBACA;iCACA;mCAIO;wCAEF;AAE3B,MAAMA;IACHC,cAA6B;IAC7BC,OAAsB;IAE9BC,YAAY,EAAEC,aAAa,EAAEH,aAAa,EAAmE,CAAE;QAC7G,IAAI,CAACC,MAAM,GAAGE,cAAcJ,oBAAoBK,IAAI;QACpD,IAAI,CAACJ,aAAa,GAAGA;IACvB;IAEA,MAAMK,gBAAgBC,YAAoB,EAAEC,qBAAqB,IAAI,EAAiC;QACpG,MAAMC,mBAAmB,MAAMC,oBAAY,CAACC,OAAO,CAAC;YAClDJ;QACF;QACA,IAAI,CAACE,kBAAkB;YACrB,IAAID,oBAAoB;gBACtB,MAAM,IAAII,sCAAmB,CAAC,mCAAmCC,yCAAiB,CAACC,4BAA4B;YACjH;YACA,OAAO;QACT;QACA,OAAOL;IACT;IAEA,MAAMM,4BAA4BC,MAAmB,EAAmB;QACtE,MAAM,EAAEC,kBAAkB,EAAE,GAAG,MAAM,IAAI,CAAChB,aAAa,CAACiB,qBAAqB;QAC7E,MAAMX,eAAeY,IAAAA,QAAM;QAE3B,MAAMC,WAAWH,sBAAsBI,6BAAY,CAACC,4BAA4B;QAChF,IAAI,CAACL,oBAAoB;YACvB,IAAI,CAACf,MAAM,CAACqB,IAAI,CAAC,CAAC,oEAAoE,EAAEH,SAAS,SAAS,CAAC;QAC7G;QAEA,MAAMV,oBAAY,CAACc,MAAM,CAAC;YACxBR;YACAS,WAAWC,KAAKC,GAAG,KAAKP,WAAW;YACnCb;YACAqB,qBAAqB;QACvB;QAEA,OAAOrB;IACT;IAEA,MAAMsB,2BAA2BtB,YAAoB,EAAEqB,mBAA2B,EAAE;QAClF,MAAM,IAAI,CAACtB,eAAe,CAACC,cAAc;QAEzC,MAAMG,oBAAY,CAACoB,SAAS,CAC1B;YACEvB;QACF,GACA;YACEqB;QACF,GACA;YACEG,KAAK;QACP;IAEJ;IAEA,MAAMC,mCAAmChB,MAAmB,EAAE;QAC5D,MAAMiB,SAAS,MAAMvB,oBAAY,CAACwB,UAAU,CAAC;YAC3ClB;YACAS,WAAW;gBACTU,KAAKT,KAAKC,GAAG;YACf;QACF;QAEA,IAAIM,OAAOG,YAAY,EAAE;YACvB,IAAI,CAAClC,MAAM,CAACmC,KAAK,CAAC,CAAC,QAAQ,EAAEJ,OAAOG,YAAY,CAAC,wCAAwC,EAAEpB,OAAO,CAAC;QACrG;IACF;IAEA,MAAMsB,gCAAgC;QACpC,MAAML,SAAS,MAAMvB,oBAAY,CAACwB,UAAU,CAAC;YAC3CT,WAAW;gBACTU,KAAKT,KAAKC,GAAG;YACf;QACF;QAEA,IAAIM,OAAOG,YAAY,EAAE;YACvB,IAAI,CAAClC,MAAM,CAACmC,KAAK,CAAC,CAAC,QAAQ,EAAEJ,OAAOG,YAAY,CAAC,8BAA8B,CAAC;QAClF;IACF;IAEA,MAAMG,2BAA2BvB,MAAmB,EAAiB;QACnE,MAAMiB,SAAS,MAAMvB,oBAAY,CAACwB,UAAU,CAAC;YAC3ClB;QACF;QAEA,IAAIiB,OAAOG,YAAY,EAAE;YACvB,IAAI,CAAClC,MAAM,CAACmC,KAAK,CAAC,CAAC,QAAQ,EAAEJ,OAAOG,YAAY,CAAC,qBAAqB,CAAC;QACzE;IACF;IAEA,MAAMI,mBAAmBjC,YAAoB,EAAiB;QAC5D,MAAM0B,SAAS,MAAMvB,oBAAY,CAAC+B,SAAS,CAAC;YAC1ClC;QACF;QAEA,oBAAoB;QACpB,IAAI0B,OAAOG,YAAY,EAAE;YACvB,IAAI,CAAClC,MAAM,CAACmC,KAAK,CAAC,CAAC,QAAQ,EAAEJ,OAAOG,YAAY,CAAC,qBAAqB,CAAC;QACzE;IACF;AACF"}

package/dist/services/authentication/role.service.js

@@ -24,6 +24,12 @@ class RoleService {
         this.appDefaultRoleNoLogin = appDefaultRoleNoLogin;
     }
     _roles = [];
+    toDto(role) {
+        return {
+            id: role.id,
+            name: role.name
+        };
+    }
     get roles() {
         return this._roles;
     }

package/dist/services/authentication/role.service.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/services/authentication/role.service.ts"],"names":["RoleService","logger","settingsStore","appDefaultRole","appDefaultRoleNoLogin","constructor","loggerFactory","name","_roles","roles","getAppDefaultRole","getLoginRequired","getRolesPermissions","permissions","length","role","normalizedRole","normalizeRoleIdOrName","rolePermissions","getRolePermissions","union","ROLE_PERMS","getAppDefaultRoleIds","syncRoles","guestRole","getRoleByName","id","getSynchronizedRoleByName","roleName","authorizeRole","requiredRole","assignedRoles","find","ar","authorizeRoles","requiredRoles","subset","isAuthorized","forEach","rr","result","r","NotFoundException","getManyRoles","roleIds","map","roleId","getRole","Object","values","ROLES","storedRole","Role","findOne","newRole","create","push","assignedRole","roleInstance","console","warn"],"mappings":";;;;+BAWaA;;;eAAAA;;;wBAXS;wCACY;wBACb;mCACa;AAQ3B,MAAMA;IACHC,OAAsB;IAC9BC,cAA6B;IAC7BC,eAAwB;IACxBC,sBAA8B;IAE9BC,YAAY,EACVC,aAAa,EACbH,cAAc,EACdC,qBAAqB,EACrBF,aAAa,EAMd,CAAE;QACD,IAAI,CAACD,MAAM,GAAGK,cAAcN,YAAYO,IAAI;QAC5C,IAAI,CAACL,aAAa,GAAGA;QACrB,IAAI,CAACC,cAAc,GAAGA;QACtB,IAAI,CAACC,qBAAqB,GAAGA;IAC/B;IAEQI,SAAkB,EAAE,CAAC;IAE7B,IAAIC,QAAQ;QACV,OAAO,IAAI,CAACD,MAAM;IACpB;IAEA,MAAME,oBAAoB;QACxB,IAAI,MAAM,IAAI,CAACR,aAAa,CAACS,gBAAgB,IAAI;YAC/C,OAAO,IAAI,CAACR,cAAc;QAC5B;QACA,OAAO,IAAI,CAACC,qBAAqB;IACnC;IAEAQ,oBAAoBH,KAAe,EAAE;QACnC,IAAII,cAAwB,EAAE;QAC9B,IAAI,CAACJ,OAAOK,QAAQ,OAAO,EAAE;QAE7B,KAAK,IAAIC,QAAQN,MAAO;YACtB,MAAMO,iBAAiB,IAAI,CAACC,qBAAqB,CAACF;YAClD,MAAMG,kBAAkB,IAAI,CAACC,kBAAkB,CAACH;YAChDH,cAAcO,IAAAA,aAAK,EAACP,aAAaK;QACnC;QAEA,OAAOL;IACT;IAEAM,mBAAmBJ,IAAY,EAAE;QAC/B,MAAMC,iBAAiB,IAAI,CAACC,qBAAqB,CAACF;QAClD,OAAOM,kCAAU,CAACL,eAAe;IACnC;IAEA,MAAMM,uBAAuB;QAC3B,IAAI,CAAC,IAAI,CAACd,MAAM,EAAEM,QAAQ;YACxB,MAAM,IAAI,CAACS,SAAS;QACtB;QAEA,MAAMC,YAAY,IAAI,CAACC,aAAa,CAAC,MAAM,IAAI,CAACf,iBAAiB;QACjE,OAAO;YAACc,UAAUE,EAAE;SAAC;IACvB;IAEA,MAAMC,0BAA0BC,QAAgB,EAAE;QAChD,IAAI,CAAC,IAAI,CAACpB,MAAM,EAAEM,QAAQ;YACxB,MAAM,IAAI,CAACS,SAAS;QACtB;QAEA,OAAO,IAAI,CAACE,aAAa,CAACG;IAC5B;IAEAC,cAAcC,YAAoB,EAAEC,aAAuB,EAAE;QAC3D,OAAO,CAAC,CAACA,cAAcC,IAAI,CAAC,CAACC;YAC3B,MAAMjB,iBAAiB,IAAI,CAACC,qBAAqB,CAACgB;YAClD,IAAI,CAACjB,gBAAgB,OAAO;YAC5B,OAAOA,mBAAmBc;QAC5B;IACF;IAEAI,eAAeC,aAAuB,EAAEJ,aAAuB,EAAEK,SAAS,IAAI,EAAE;QAC9E,IAAIC,eAAe;QAEnB,IAAI,CAACF,eAAerB,QAAQ,OAAO;QACnCqB,cAAcG,OAAO,CAAC,CAACC;YACrB,MAAMC,SAAS,IAAI,CAACX,aAAa,CAACU,IAAIR;YACtCM,eAAeD,SAASC,gBAAgBG,SAASH,gBAAgBG;QACnE;QAEA,OAAOH;IACT;IAEAZ,cAAcG,QAAgB,EAAE;QAC9B,MAAMb,OAAO,IAAI,CAACP,MAAM,CAACwB,IAAI,CAAC,CAACS,IAAMA,EAAElC,IAAI,KAAKqB;QAChD,IAAI,CAACb,MAAM,MAAM,IAAI2B,oCAAiB,CAAC,CAAC,aAAa,EAAEd,SAAS,UAAU,CAAC;QAE3E,OAAOb;IACT;IAEA4B,aAAaC,OAAiB,EAAS;QACrC,OAAOA,QAAQC,GAAG,CAAC,CAACC,SAAW,IAAI,CAACC,OAAO,CAACD;IAC9C;IAEAC,QAAQD,MAAc,EAAE;QACtB,MAAM/B,OAAO,IAAI,CAACP,MAAM,CAACwB,IAAI,CAAC,CAACS,IAAMA,EAAEf,EAAE,KAAKoB;QAC9C,IAAI,CAAC/B,MAAM,MAAM,IAAI2B,oCAAiB,CAAC,CAAC,SAAS,EAAEI,OAAO,WAAW,CAAC;QAEtE,OAAO/B;IACT;IAEA,MAAMQ,YAAY;QAChB,IAAI,CAACf,MAAM,GAAG,EAAE;QAChB,KAAK,IAAIoB,YAAYoB,OAAOC,MAAM,CAACC,6BAAK,EAAG;YACzC,MAAMC,aAAa,MAAMC,YAAI,CAACC,OAAO,CAAC;gBAAE9C,MAAMqB;YAAS;YACvD,IAAI,CAACuB,YAAY;gBACf,MAAMG,UAAU,MAAMF,YAAI,CAACG,MAAM,CAAC;oBAChChD,MAAMqB;gBACR;gBACA,IAAI,CAACpB,MAAM,CAACgD,IAAI,CAACF;YACnB,OAAO;gBACL,IAAI,CAAC9C,MAAM,CAACgD,IAAI,CAACL;YACnB;QACF;IACF;IAEAlC,sBAAsBwC,YAAkC,EAAE;QACxD,MAAMC,eAAe,IAAI,CAACjD,KAAK,CAACuB,IAAI,CAAC,CAACS,IAAMA,EAAEf,EAAE,KAAK+B,gBAAgBhB,EAAElC,IAAI,KAAKkD;QAChF,IAAI,CAACC,cAAc;YACjBC,QAAQC,IAAI,CAAC,CAAC,gBAAgB,EAAEH,aAAa,wCAAwC,CAAC;YACtF;QACF;QAEA,OAAOC,aAAanD,IAAI;IAC1B;AACF"}
+{"version":3,"sources":["../../../src/services/authentication/role.service.ts"],"names":["RoleService","logger","settingsStore","appDefaultRole","appDefaultRoleNoLogin","constructor","loggerFactory","name","_roles","toDto","role","id","roles","getAppDefaultRole","getLoginRequired","getRolesPermissions","permissions","length","normalizedRole","normalizeRoleIdOrName","rolePermissions","getRolePermissions","union","ROLE_PERMS","getAppDefaultRoleIds","syncRoles","guestRole","getRoleByName","getSynchronizedRoleByName","roleName","authorizeRole","requiredRole","assignedRoles","find","ar","authorizeRoles","requiredRoles","subset","isAuthorized","forEach","rr","result","r","NotFoundException","getManyRoles","roleIds","map","roleId","getRole","Object","values","ROLES","storedRole","Role","findOne","newRole","create","push","assignedRole","roleInstance","console","warn"],"mappings":";;;;+BAYaA;;;eAAAA;;;wBAZS;wCACY;wBACb;mCACa;AAS3B,MAAMA;IACHC,OAAsB;IAC9BC,cAA6B;IAC7BC,eAAwB;IACxBC,sBAA8B;IAE9BC,YAAY,EACVC,aAAa,EACbH,cAAc,EACdC,qBAAqB,EACrBF,aAAa,EAMd,CAAE;QACD,IAAI,CAACD,MAAM,GAAGK,cAAcN,YAAYO,IAAI;QAC5C,IAAI,CAACL,aAAa,GAAGA;QACrB,IAAI,CAACC,cAAc,GAAGA;QACtB,IAAI,CAACC,qBAAqB,GAAGA;IAC/B;IAEQI,SAAkB,EAAE,CAAC;IAE7BC,MAAMC,IAAW,EAAwB;QACvC,OAAO;YACLC,IAAID,KAAKC,EAAE;YACXJ,MAAMG,KAAKH,IAAI;QACjB;IACF;IAEA,IAAIK,QAAQ;QACV,OAAO,IAAI,CAACJ,MAAM;IACpB;IAEA,MAAMK,oBAAoB;QACxB,IAAI,MAAM,IAAI,CAACX,aAAa,CAACY,gBAAgB,IAAI;YAC/C,OAAO,IAAI,CAACX,cAAc;QAC5B;QACA,OAAO,IAAI,CAACC,qBAAqB;IACnC;IAEAW,oBAAoBH,KAAe,EAAE;QACnC,IAAII,cAAwB,EAAE;QAC9B,IAAI,CAACJ,OAAOK,QAAQ,OAAO,EAAE;QAE7B,KAAK,IAAIP,QAAQE,MAAO;YACtB,MAAMM,iBAAiB,IAAI,CAACC,qBAAqB,CAACT;YAClD,MAAMU,kBAAkB,IAAI,CAACC,kBAAkB,CAACH;YAChDF,cAAcM,IAAAA,aAAK,EAACN,aAAaI;QACnC;QAEA,OAAOJ;IACT;IAEAK,mBAAmBX,IAAY,EAAE;QAC/B,MAAMQ,iBAAiB,IAAI,CAACC,qBAAqB,CAACT;QAClD,OAAOa,kCAAU,CAACL,eAAe;IACnC;IAEA,MAAMM,uBAAuB;QAC3B,IAAI,CAAC,IAAI,CAAChB,MAAM,EAAES,QAAQ;YACxB,MAAM,IAAI,CAACQ,SAAS;QACtB;QAEA,MAAMC,YAAY,IAAI,CAACC,aAAa,CAAC,MAAM,IAAI,CAACd,iBAAiB;QACjE,OAAO;YAACa,UAAUf,EAAE;SAAC;IACvB;IAEA,MAAMiB,0BAA0BC,QAAgB,EAAE;QAChD,IAAI,CAAC,IAAI,CAACrB,MAAM,EAAES,QAAQ;YACxB,MAAM,IAAI,CAACQ,SAAS;QACtB;QAEA,OAAO,IAAI,CAACE,aAAa,CAACE;IAC5B;IAEAC,cAAcC,YAAoB,EAAEC,aAAuB,EAAE;QAC3D,OAAO,CAAC,CAACA,cAAcC,IAAI,CAAC,CAACC;YAC3B,MAAMhB,iBAAiB,IAAI,CAACC,qBAAqB,CAACe;YAClD,IAAI,CAAChB,gBAAgB,OAAO;YAC5B,OAAOA,mBAAmBa;QAC5B;IACF;IAEAI,eAAeC,aAAuB,EAAEJ,aAAuB,EAAEK,SAAS,IAAI,EAAE;QAC9E,IAAIC,eAAe;QAEnB,IAAI,CAACF,eAAenB,QAAQ,OAAO;QACnCmB,cAAcG,OAAO,CAAC,CAACC;YACrB,MAAMC,SAAS,IAAI,CAACX,aAAa,CAACU,IAAIR;YACtCM,eAAeD,SAASC,gBAAgBG,SAASH,gBAAgBG;QACnE;QAEA,OAAOH;IACT;IAEAX,cAAcE,QAAgB,EAAE;QAC9B,MAAMnB,OAAO,IAAI,CAACF,MAAM,CAACyB,IAAI,CAAC,CAACS,IAAMA,EAAEnC,IAAI,KAAKsB;QAChD,IAAI,CAACnB,MAAM,MAAM,IAAIiC,oCAAiB,CAAC,CAAC,aAAa,EAAEd,SAAS,UAAU,CAAC;QAE3E,OAAOnB;IACT;IAEAkC,aAAaC,OAAiB,EAAS;QACrC,OAAOA,QAAQC,GAAG,CAAC,CAACC,SAAW,IAAI,CAACC,OAAO,CAACD;IAC9C;IAEAC,QAAQD,MAAc,EAAE;QACtB,MAAMrC,OAAO,IAAI,CAACF,MAAM,CAACyB,IAAI,CAAC,CAACS,IAAMA,EAAE/B,EAAE,KAAKoC;QAC9C,IAAI,CAACrC,MAAM,MAAM,IAAIiC,oCAAiB,CAAC,CAAC,SAAS,EAAEI,OAAO,WAAW,CAAC;QAEtE,OAAOrC;IACT;IAEA,MAAMe,YAAY;QAChB,IAAI,CAACjB,MAAM,GAAG,EAAE;QAChB,KAAK,IAAIqB,YAAYoB,OAAOC,MAAM,CAACC,6BAAK,EAAG;YACzC,MAAMC,aAAa,MAAMC,YAAI,CAACC,OAAO,CAAC;gBAAE/C,MAAMsB;YAAS;YACvD,IAAI,CAACuB,YAAY;gBACf,MAAMG,UAAU,MAAMF,YAAI,CAACG,MAAM,CAAC;oBAChCjD,MAAMsB;gBACR;gBACA,IAAI,CAACrB,MAAM,CAACiD,IAAI,CAACF;YACnB,OAAO;gBACL,IAAI,CAAC/C,MAAM,CAACiD,IAAI,CAACL;YACnB;QACF;IACF;IAEAjC,sBAAsBuC,YAAkC,EAAE;QACxD,MAAMC,eAAe,IAAI,CAAC/C,KAAK,CAACqB,IAAI,CAAC,CAACS,IAAMA,EAAE/B,EAAE,KAAK+C,gBAAgBhB,EAAEnC,IAAI,KAAKmD;QAChF,IAAI,CAACC,cAAc;YACjBC,QAAQC,IAAI,CAAC,CAAC,gBAAgB,EAAEH,aAAa,wCAAwC,CAAC;YACtF;QACF;QAEA,OAAOC,aAAapD,IAAI;IAC1B;AACF"}

package/dist/services/authentication/user.service.js

@@ -34,7 +34,7 @@ class UserService {
     async listUsers(limit = 10) {
         return _models.User.find().limit(limit);
     }
-    async findUserByRoleId(roleId) {
+    async findUsersByRoleId(roleId) {
         return _models.User.find({
             roles: {
                 $in: [
@@ -43,6 +43,19 @@ class UserService {
             }
         });
     }
+    async findVerifiedUsers() {
+        return _models.User.find({
+            isVerified: true
+        });
+    }
+    async isUserRootUser(userId) {
+        return (await _models.User.findById(userId))?.isRootUser;
+    }
+    async findRootUsers() {
+        return _models.User.find({
+            isRootUser: true
+        });
+    }
     async getDemoUserId() {
         return (await _models.User.findOne({
             isDemoUser: true
@@ -53,12 +66,12 @@ class UserService {
             username
         });
     }
-    async getUser(userId) {
+    async getUser(userId, throwNotFoundError = true) {
         const user = await _models.User.findById(userId);
-        if (!user) throw new _runtimeexceptions.NotFoundException("User not found");
+        if (!user && throwNotFoundError) throw new _runtimeexceptions.NotFoundException("User not found");
         return user;
     }
-    async getUserRoles(userId) {
+    async getUserRoleIds(userId) {
         const user = await this.getUser(userId);
         return user.roles?.map((r)=>r.toString());
     }
@@ -73,10 +86,13 @@ class UserService {
     async deleteUser(userId) {
         // Validate
         const user = await this.getUser(userId);
+        if (user.isRootUser) {
+            throw new _runtimeexceptions.InternalServerException("Cannot delete a root user.");
+        }
         // Check if the user is the last admin
         const role = this.roleService.getRoleByName(_authorizationconstants.ROLES.ADMIN);
         if (user.roles.includes(role.id)) {
-            const administrators = await this.findUserByRoleId(role.id);
+            const administrators = await this.findUsersByRoleId(role.id);
             if (administrators?.length === 1) {
                 throw new _runtimeexceptions.InternalServerException("Cannot delete the last user with ADMIN role.");
             }
@@ -102,7 +118,7 @@ class UserService {
         user.needsPasswordChange = false;
         return await user.save();
     }
-    async updatePasswordUnsafe(username, newPassword) {
+    async updatePasswordUnsafeByUsername(username, newPassword) {
         const { password } = await (0, _validators.validateInput)({
             password: newPassword
         }, _userservicevalidation.newPasswordRules);
@@ -117,9 +133,10 @@ class UserService {
         const user = await _models.User.findById(userId);
         if (!user) throw new _runtimeexceptions.NotFoundException("User not found");
         if (!isRootUser) {
-            const role = this.roleService.getRoleByName(_authorizationconstants.ROLES.ADMIN);
-            if (user.roles.includes(role.id)) {
-                throw new _runtimeexceptions.InternalServerException("Cannot set a root user with isRootUser: false as that makes no sense");
+            // Ensure at least one user is root user
+            const rootUsers = await this.findRootUsers();
+            if (rootUsers.length === 1) {
+                throw new _runtimeexceptions.InternalServerException("Cannot set the last root user to non-root user.");
             }
         }
         user.isRootUser = isRootUser;
@@ -129,9 +146,13 @@ class UserService {
         const user = await _models.User.findById(userId);
         if (!user) throw new _runtimeexceptions.NotFoundException("User not found");
         if (!isVerified) {
-            const role = this.roleService.getRoleByName(_authorizationconstants.ROLES.ADMIN);
-            if (user.roles.includes(role.id)) {
-                throw new _runtimeexceptions.InternalServerException("Cannot set a user with ADMIN role to unverified.");
+            if (user.isRootUser) {
+                throw new _runtimeexceptions.InternalServerException("Cannot set a owner (root user) to unverified.");
+            }
+            // Ensure at least one user is verified
+            const verifiedUsers = await this.findVerifiedUsers();
+            if (verifiedUsers.length === 1) {
+                throw new _runtimeexceptions.InternalServerException("Cannot set the last user to unverified.");
             }
         }
         user.isVerified = isVerified;