@feardread/fear 1.1.4 → 1.1.6

package/models/payment.js

@@ -0,0 +1,139 @@
+const mongoose = require("mongoose");
+const crypto = require("crypto");
+
+const paymentMethodSchema = new mongoose.Schema(
+  {
+    userId: { type: mongoose.Schema.Types.ObjectId. ref: "User", required: true, index: true, },
+    paymentType: {  type: String, enum: ["razorpay", "paypal", "card", "upi", "netbanking", "stripe"], required: true, },
+    paymentToken: { type: String, required: true, },
+    isDefault: { type: Boolean, default: false, },
+    isActive: { type: Boolean,  default: true, },
+    cardDetails: {
+      last4: { type: String, maxlength: 4, },
+      brand: { type: String, },
+      expiryMonth: { type: String, maxlength: 2, },
+      expiryYear: { type: String, maxlength: 4, },
+      cardholderName: { type: String, },
+      fingerprint: { type: String,} 
+    },
+    paypalDetails: { 
+      email: { type: String, },
+      payerId: { type: String, },
+    },
+    upiDetails: {
+      vpa: { type: String, },
+    },
+    billingAddress: { type: mongoose.Schema.Types.ObjectId, ref: "Address", required: true, index: true, },
+    metadata: { type: Map,  of: String, },
+  },
+  {
+    timestamps: true,
+  }
+);
+
+// Indexes for better query performance
+paymentMethodSchema.index({ userId: 1, isDefault: 1 });
+paymentMethodSchema.index({ userId: 1, isActive: 1 });
+paymentMethodSchema.index({ createdAt: -1 });
+
+// Middleware to ensure only one default payment method per user
+paymentMethodSchema.pre("save", async function (next) {
+  if (this.isDefault && this.isModified("isDefault")) {
+    // Remove default flag from other payment methods for this user
+    await mongoose.model("PaymentMethod").updateMany(
+      {
+        userId: this.userId,
+        _id: { $ne: this._id },
+        isDefault: true,
+      },
+      { isDefault: false }
+    );
+  }
+  next();
+});
+paymentMethodSchema.statics.getDefaultPaymentMethod = async function (userId) {
+  return await this.findOne({
+    userId,
+    isDefault: true,
+    isActive: true,
+  });
+};
+paymentMethodSchema.statics.getUserPaymentMethods = async function (userId) {
+  return await this.find({
+    userId,
+    isActive: true,
+  }).sort({ isDefault: -1, createdAt: -1 });
+};
+
+paymentMethodSchema.methods.setAsDefault = async function () {
+  await mongoose.model("PaymentMethod").updateMany(
+    {
+      userId: this.userId,
+      _id: { $ne: this._id },
+    },
+    { isDefault: false }
+  );
+  
+  this.isDefault = true;
+  return await this.save();
+};
+paymentMethodSchema.methods.softDelete = async function () {
+  this.isActive = false;
+  if (this.isDefault) {
+    this.isDefault = false;
+    // Optionally set another method as default
+    const otherMethod = await mongoose.model("PaymentMethod").findOne({
+      userId: this.userId,
+      _id: { $ne: this._id },
+      isActive: true,
+    });
+    if (otherMethod) {
+      otherMethod.isDefault = true;
+      await otherMethod.save();
+    }
+  }
+  return await this.save();
+};
+
+// Virtual for masked card number display
+paymentMethodSchema.virtual("displayNumber").get(function () {
+  if (this.cardDetails?.last4) {
+    return `•••• •••• •••• ${this.cardDetails.last4}`;
+  }
+  if (this.paypalDetails?.email) {
+    return this.paypalDetails.email;
+  }
+  if (this.upiDetails?.vpa) {
+    return this.upiDetails.vpa;
+  }
+  return "Payment Method";
+});
+
+// Virtual for expiry display
+paymentMethodSchema.virtual("expiryDisplay").get(function () {
+  if (this.cardDetails?.expiryMonth && this.cardDetails?.expiryYear) {
+    return `${this.cardDetails.expiryMonth}/${this.cardDetails.expiryYear}`;
+  }
+  return null;
+});
+
+// Virtual for checking if card is expired
+paymentMethodSchema.virtual("isExpired").get(function () {
+  if (this.cardDetails?.expiryMonth && this.cardDetails?.expiryYear) {
+    const now = new Date();
+    const expiryDate = new Date(
+      parseInt(this.cardDetails.expiryYear),
+      parseInt(this.cardDetails.expiryMonth) - 1
+    );
+    return now > expiryDate;
+  }
+  return false;
+});
+
+// Ensure virtuals are included in JSON
+paymentMethodSchema.set("toJSON", { virtuals: true });
+paymentMethodSchema.set("toObject", { virtuals: true });
+
+const PaymentMethod = mongoose.model("PaymentMethod", paymentMethodSchema);
+
+module.exports = PaymentMethod;

package/models/user.js

@@ -1,68 +1,135 @@
-const mongoose = require("mongoose");
-const bcrypt = require("bcrypt");
-const crypto = require("crypto");
+const mongoose = require('mongoose');
+const bcrypt = require('bcrypt');
 
 const userSchema = new mongoose.Schema({
-    name: { type: String, required: true },
-    lastname: { type: String, required: false },
-    email: { type: String, required: true, unique: true },
-    username: { type: String, required: false, unique: false },
-    mobile: { type: String, required: false, unique: true },
-    password: { type: String, required: true },
-    avatar: { type: Object, required: false, default: {
+  email: { type: String, required: true, unique: true, lowercase: true, trim: true,
+    match: [/^\S+@\S+\.\S+$/, 'Please enter a valid email']
+  },
+  password: { type: String, required: true, minlength: 8, select: false },
+  firstName: { type: String, required: true, trim: true },
+  lastName: { type: String, required: true, trim: true },
+  displayName: { type: String, trim: true },
+  avatar: { type: Object, required: false, default: {
       public_id: '',
-      secure_url: ''
-    }},
-    role: { type: String, default: "customer" },
-    isBlocked: { type: Boolean, default: false },
-    address: { type: String },
-    shipping: { type: String },
-    wishlist: [{ type: mongoose.Schema.Types.ObjectId, ref: "Product" }],
-    refreshToken: { type: String },
-      passwordChangedAt: Date,
-      passwordResetToken: String,
-      passwordResetExpires: Date
+      secure_url: '',
+    }, trim: true
+  },
+  bio: { type: String, maxlength: 500 },
+  dateOfBirth: Date,
+  mobile: { type: String, trim: true, unique: false, required: false },
+  role: { type: String, 
+    enum: ['user', 'admin', 'moderator'], default: 'user' },
+  status: { type: String, 
+    enum: ['active', 'inactive', 'suspended', 'deleted'], default: 'active' },
+  emailVerified: { type: Boolean, default: false },
+  emailVerificationToken: String,
+  emailVerificationExpires: Date,
+  passwordResetToken: String,
+  passwordResetExpires: Date,
+  twoFactorSecret: { type: String, select: false},
+  twoFactorEnabled: { type: Boolean, default: false },
+  preferences: {
+    language: { type: String, default: 'en' },
+    timezone: { type: String, default: 'UTC' },
+    notifications: {
+      email: { type: Boolean, default: true },
+      push: { type: Boolean, default: true },
+      sms: { type: Boolean, default: false }
     },
-  { timestamps: true }
-);
+    theme: { type: String, enum: ['light', 'dark', 'auto'], default: 'auto' }
+  },
+  socialAccounts: [{
+    provider: { type: String,
+      enum: ['google', 'facebook', 'github', 'apple']},
+    providerId: String,
+    email: String,
+    connectedAt: {
+      type: Date,
+      default: Date.now
+    }
+  }],
+  lastLoginAt: Date,
+  lastLoginIP: String,
+  loginAttempts: { type: Number, default: 0 },
+  lockUntil: Date
+}, {
+  timestamps: true
+});
+
+// Indexes
+userSchema.index({ email: 1 });
+userSchema.index({ 'profile.firstName': 1, 'profile.lastName': 1 });
+userSchema.index({ createdAt: 1 });
+userSchema.index({ status: 1, role: 1 });
+
+// Virtual for full name
+userSchema.virtual('profile.fullName').get(function() {
+  return `${this.profile.firstName} ${this.profile.lastName}`;
+});
 
-// Hooks
-userSchema.pre("save", async function (next) {
-  if (!this.isModified("password")) {
+// Hash password before saving
+userSchema.pre('save', async function(next) {
+  if (!this.isModified('password')) return next();
+  
+  try {
+    const salt = await bcrypt.genSalt(12);
+    this.password = await bcrypt.hash(this.password, salt);
     next();
+  } catch (error) {
+    next(error);
   }
-  const salt = await bcrypt.genSaltSync(10);
-  this.password = await bcrypt.hash(this.password, salt);
-  next();
 });
 
-// Methods
-userSchema.methods.compare = async function (entered) {
-  return await bcrypt.compare(entered, this.password);
+// Method to compare passwords
+userSchema.methods.comparePassword = async function(candidatePassword) {
+  return await bcrypt.compare(candidatePassword, this.password);
 };
 
-userSchema.methods.token = async function () {
-  const resettoken = crypto.randomBytes(32).toString("hex");
-
-  this.passwordResetToken = crypto.createHash("sha256").update(resettoken).digest("hex");
-  this.passwordResetExpires = Date.now() + 30 * 60 * 1000;
-
-  return resettoken;
+// Method to check if account is locked
+userSchema.methods.isLocked = function() {
+  return !!(this.lockUntil && this.lockUntil > Date.now());
 };
 
-//Statics
-userSchema.statics.countUsers = function () {
-  return this.countDocuments({});
+// Method to increment login attempts
+userSchema.methods.incLoginAttempts = async function() {
+  if (this.lockUntil && this.lockUntil < Date.now()) {
+    return await this.updateOne({
+      $set: { loginAttempts: 1 },
+      $unset: { lockUntil: 1 }
+    });
+  }
+  
+  const updates = { $inc: { loginAttempts: 1 } };
+  const maxAttempts = 5;
+  const lockTime = 2 * 60 * 60 * 1000; // 2 hours
+  
+  if (this.loginAttempts + 1 >= maxAttempts && !this.isLocked()) {
+    updates.$set = { lockUntil: Date.now() + lockTime };
+  }
+  
+  return await this.updateOne(updates);
 };
 
-userSchema.statics.findByEmail = async function (email) {
-return await this.findOne({ email });
+// Method to reset login attempts
+userSchema.methods.resetLoginAttempts = async function() {
+  return await this.updateOne({
+    $set: { loginAttempts: 0 },
+    $unset: { lockUntil: 1 }
+  });
 };
 
-// Query
-userSchema.query.paginate = function ({ page, limit }) {
-  const skip = limit * (page - 1);
-  return this.skip(skip).limit(limit);
+// Remove sensitive data from JSON output
+userSchema.methods.toJSON = function() {
+  const obj = this.toObject();
+  delete obj.password;
+  delete obj.twoFactorSecret;
+  delete obj.emailVerificationToken;
+  delete obj.emailVerificationExpires;
+  delete obj.passwordResetToken;
+  delete obj.passwordResetExpires;
+  delete obj.loginAttempts;
+  delete obj.lockUntil;
+  return obj;
 };
 
-module.exports = mongoose.model("User", userSchema);
+module.exports = mongoose.model('User', userSchema);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@feardread/fear",
-  "version": "1.1.4",
+  "version": "1.1.6",
   "description": "",
   "main": "index.js",
   "scripts": {

package/routes/address.js

@@ -0,0 +1,15 @@
+const Address = require('../controllers/address');
+
+module.exports = ( fear ) => {
+      const router = fear.createRouter();
+      const handler = fear.getHandler();
+
+      router.get("/all", handler.async(Address.all));
+      router.post("/new", handler.async(Address.create));
+      router.route("/:id")
+            .get(handler.async(Address.read))
+            .put(handler.async(Address.update))
+            .delete(handler.async(Address.delete));
+
+      return router;
+}

package/routes/order.js

@@ -5,8 +5,10 @@ module.exports = ( fear ) => {
         const handler = fear.getHandler();
         const validator = fear.getValidator();
 
-        router.get("/all", Order.list);
-        router.post("/new", Order.create);
+        router.get("/all", handler.async(Order.list));
+        router.post("/new", handler.async(Order.create));
+        router.post("/create", handler.async(Order.create));
+
         router.route('/:id')
                 .get(Order.read)
                 .put(Order.update);

package/routes/payment.js

@@ -0,0 +1,18 @@
+const Payment = require('../controllers/payment');
+
+module.exports = (fear) => {
+    const router = fear.createRouter();
+    const handler = fear.getHandler();
+    const validator = fear.getValidator();
+
+    router.get("/all", handler.async(Payment.list));
+    router.post("/new", handler.async(Payment.create));
+    router.post("/create", handler.async(Payment.create));
+    
+    router.route('/:id')
+        .get(Payment.read)
+        .put(Payment.update);
+
+
+    return router;
+}