@feardread/fear 1.2.1 → 2.0.0

package/libs/passport/index.js

@@ -0,0 +1,137 @@
+const passport = require("passport");
+const LocalStrategy = require("passport-local").Strategy;
+const FacebookStrategy = require("passport-facebook").Strategy;
+const GoogleStrategy = require("passport-google-oauth20").Strategy;
+
+const secret = require("../config/secret");
+const User = require("../models/user");
+
+passport.serializeUser((user, done) => {
+  done(null, user._id); // Only serialize user ID, not entire user object
+});
+
+passport.deserializeUser((id, done) => {
+  User.findById(id)
+    .lean()
+    .exec()
+    .then((user) => done(null, user))
+    .catch((err) => done(err, null));
+});
+
+/**
+ * Finds or creates a user from OAuth profile
+ */
+function findOrCreateOAuthUser(profile, provider, accessToken) {
+  const query = { [`${provider}Id`]: profile.id };
+  
+  return User.findOne(query)
+    .then((user) => {
+      if (user) {
+        return user;
+      }
+
+      // Create new user
+      const userData = {
+        [`${provider}Id`]: profile.id,
+        [`${provider}AccessToken`]: accessToken,
+        username: profile.displayName,
+        email: profile._json?.email || profile.emails?.[0]?.value,
+      };
+
+      if (provider === "facebook") {
+        userData.tokens = [{ kind: "facebook", token: accessToken }];
+        userData.profile = {
+          name: profile.displayName,
+          picture: `https://graph.facebook.com/${profile.id}/picture?type=large`,
+        };
+      }
+
+      return User.create(userData);
+    })
+    .then((user) => {
+      // If user already existed, return immediately
+      if (user.createdAt && Date.now() - user.createdAt > 1000) {
+        return user;
+      }
+      
+      // Create cart for new user
+      return createUserCart(user._id).then(() => user);
+    });
+}
+
+// ============================================
+// Strategy Configurations
+// ============================================
+
+/**
+ * Local Strategy (Email/Password Login)
+ */
+passport.use(
+  "login",
+  new LocalStrategy(
+    {
+      usernameField: "email",
+      passwordField: "password",
+      passReqToCallback: true,
+    },
+    (req, email, password, done) => {
+      User.findOne({ email: email.toLowerCase() })
+        .then((user) => {
+          if (!user) {
+            return done(null, false, req.flash("loginMessage", "No user found with this email"));
+          }
+
+          const isValidPassword = user.comparePassword(password);
+          
+          if (!isValidPassword) {
+            return done(null, false, req.flash("loginMessage", "Incorrect password"));
+          }
+
+          return done(null, user);
+        })
+        .catch((err) => done(err));
+    }
+  )
+);
+
+/**
+ * Google OAuth Strategy
+ */
+passport.use(
+  "google",
+  new GoogleStrategy(
+    {
+      clientID: process.env.GOOGLE_CLIENT_ID,
+      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
+      callbackURL: process.env.GOOGLE_CALLBACK_URL || "http://localhost:4000/fear/api/auth/google",
+      scope: ["profile", "email"],
+    },
+    (accessToken, refreshToken, profile, done) => {
+      findOrCreateOAuthUser(profile, "google", accessToken)
+        .then((user) => done(null, user))
+        .catch((err) => done(err, false));
+    }
+  )
+);
+
+/**
+ * Facebook OAuth Strategy
+ */
+passport.use(
+  "facebook",
+  new FacebookStrategy(
+    {
+      clientID: secret.facebook.clientID,
+      clientSecret: secret.facebook.clientSecret,
+      callbackURL: secret.facebook.callbackURL,
+      profileFields: ["id", "displayName", "email", "picture.type(large)"],
+    },
+    (accessToken, refreshToken, profile, done) => {
+      findOrCreateOAuthUser(profile, "facebook", accessToken)
+        .then((user) => done(null, user))
+        .catch((err) => done(err, false));
+    }
+  )
+);
+
+module.exports = passport;

package/libs/passport.js

@@ -0,0 +1,22 @@
+const passport = require("passport")     
+const User = require("../models/user")
+require("dotenv").config();
+
+
+   // serializing
+   passport.serializeUser(function (user, done) {
+       done(null, user.id);
+   });
+
+   // deserializing
+   passport.deserializeUser(async function (id, done) {
+       try {
+           let user = await User.findById(id)
+           done(null, user)
+       } catch (err) {
+           done(err, null);
+       }
+
+   });
+
+   module.exports = passport

package/libs/paypal/index.js

@@ -0,0 +1,82 @@
+const paypal = require('paypal-rest-sdk');
+
+module.exports = function ( fear ) {
+    const _this = {};
+    _this.logger = fear.getLogger();
+    _this.validator = fear.getValidator();
+    _this.env = fear.getEnvironment();
+
+    _this.clientId = _this.env.PAYPAL_CLIENT_ID;
+    _this.clientSecret = _this.env.PAYPAL_CLIENT_SECRET;
+
+    if (!_this.clientId || !_this.clientSecret) {
+        throw new Error('Missing PayPal client ID or client secret. Please update .env');
+    }
+    _this.logger.warn('PayPal Payment Handler initialized')
+
+    _this.initEnvironment = () => {
+        return new paypal.core.SandboxEnvironment(_this.clientId, _this.clientSecret);
+    };
+    _this.initClient = () => {
+        return new paypal.core.PayPalHttpClient(_this.initEnvironment());
+    };
+    _this.handleError = (res, statusCode, message, error) => {
+        _this.logger.error(`PayPal Error :: `, error);
+        return res.status(statusCode).json({ success: false, message: message, error: error.message || error });
+    };
+
+    return {
+        createPayPalOrder(req, res) {
+            const { amount, currency = "USD" } = req.body;
+
+            // Validate required fields
+            if (!amount || isNaN(amount) || amount <= 0) {
+                return res.status(400).json({ success: false, message: "Invalid amount. Must be a positive number." });
+            }
+
+            const request = new paypal.orders.OrdersCreateRequest();
+            request.prefer("return=representation");
+            request.requestBody({
+                intent: "CAPTURE",
+                purchase_units: [{
+                    amount: {
+                        currency_code: currency,
+                        value: amount.toString(),
+                    },
+                }],
+            });
+
+            return _this.initClient()
+                .exeute(request)
+                .then((result) => {
+                    _this.logger.info(`PayPal order created successfully: ${result.id}`);
+                    return res.status(200).json({success: true, orderId: result.id, order: result });
+                })
+                .catch(error => _this.handleError( res, 500, "Error creating PayPal order", error ));
+        },
+
+        capturePayPalOrder(req, res) {
+            const { orderId } = req.body;
+
+            if (!orderId || typeof orderId !== 'string') {
+                return res.status(400).json({ success: false, message: "Invalid or missing orderId" });
+            }
+
+            const request = new paypal.orders.OrdersCaptureRequest(orderId);
+            request.requestBody({});
+
+            return _this.initClient()
+                .execute(request)
+                .then((result) => {
+                    _this.logger.info(`PayPal order captured successfully: ${result.id}`);
+                    return res.status(200).json({
+                        success: true,
+                        captureId: result.id,
+                        status: result.status,
+                        capture: result
+                    });
+                })
+                .catch(error => _this.handleError( res, 500, "Error capturing PayPal order", error ));
+        }
+    };
+};

package/libs/stripe/index.js

@@ -0,0 +1,306 @@
+const stripe = require('stripe');
+
+module.exports = function ( fear ) {
+  const _this = {};
+  _this.env = fear.getEnvironment();
+  _this.logger = fear.getLogger();
+
+  if (!_this.env.STRIPE_SECRET_KEY) {
+    throw new Error('Missing STRIPE_SECRET_KEY. Please update .env');
+  }
+
+  _this.stripe = stripe(_this.env.STRIPE_SECRET_KEY);
+  _this.webhookSecret = _this.env.STRIPE_WEBHOOK_SECRET;
+  _this.logger.warn('Stripe Payment Handler initialized');
+
+  _this.handleError = (res, statusCode, error) => {
+    _this.logger.error(`Stripe Error :: `, error);
+    return res.status(statusCode).json({ success: false, message: error.message, error });
+  };
+
+  _this.handleSuccess = (res, statusCode, data) => {
+    _this.logger.info(`Stripe Success ::`, data);
+    return res.status(statusCode).json({ success: true, message: "Stripe Success", result: data });
+  };
+
+  return {
+
+    createPaymentIntent: (req, res) => {
+      const { currency, amount, metadata } = req.body;
+
+      if (!amount || amount <= 0) {
+        return _this.handleError(res, 400, {message: 'Amount is required and must be greater than 0'})
+      }
+      const paymentIntentParams = {
+        amount,
+        metadata,
+        currency: (currency) ? currency.toLowerCase() : 'usd',
+        automatic_payment_methods: { enabled: true }
+      };
+
+      return _this.stripe.paymentIntents
+        .create(paymentIntentParams)
+        .then(result => _this.handleSuccess(res, 200, result))
+        .catch(error => _this.handleError(res, 500, error));
+    },
+
+    retrievePaymentIntent: (req, res) => {
+      const { id } = req.params;
+
+      if (!id) {
+        return res.status(400).json({ success: false,  message: 'Payment intent ID is required'});
+      }
+
+      return _this.stripe.paymentIntents.retrieve(id)
+        .then(result => _this.handleSuccess(res, 200, result))
+        .catch(error => _this.handleError(res, 500, error));
+    },
+
+    cancelPaymentIntent: (req, res) => {
+      const { id } = req.params;
+
+      if (!id) {
+        return res.status(400).json({
+          success: false,
+          message: 'Payment intent ID is required'
+        });
+      }
+
+      return _this.stripe.paymentIntents.cancel(id)
+        .then(result => {
+          return _this.handleSuccess(res, 200, 'Payment intent cancelled', result);
+        })
+        .catch(error => {
+          return _this.handleError(res, error.statusCode || 500, 'Failed to cancel payment intent', error, 'Error cancelling payment intent');
+        });
+    },
+
+    createCustomer: (req, res) => {
+      const { email, name, metadata } = req.body;
+
+      if (!email) {
+        return res.status(400).json({
+          success: false,
+          message: 'Email is required'
+        });
+      }
+
+      return _this.stripe.customers.create({
+        email,
+        name,
+        metadata
+      })
+        .then(result => {
+          return _this.handleSuccess(res, 200, 'Customer created successfully', result);
+        })
+        .catch(error => {
+          return _this.handleError(res, 500, 'Failed to create customer', error, 'Error creating customer');
+        });
+    },
+
+    retrieveCustomer: (req, res) => {
+      const { id } = req.params;
+
+      if (!id) {
+        return res.status(400).json({
+          success: false,
+          message: 'Customer ID is required'
+        });
+      }
+
+      return _this.stripe.customers.retrieve(id)
+        .then(result => {
+          return _this.handleSuccess(res, 200, 'Customer retrieved', result);
+        })
+        .catch(error => {
+          return _this.handleError(res, error.statusCode || 500, 'Failed to retrieve customer', error, 'Error retrieving customer');
+        });
+    },
+
+    listCustomers: (req, res) => {
+      const { limit = 10 } = req.query;
+      const parsedLimit = Number(limit);
+
+      if (isNaN(parsedLimit) || parsedLimit <= 0) {
+        return res.status(400).json({
+          success: false,
+          message: 'Limit must be a positive number'
+        });
+      }
+
+      return _this.stripe.customers.list({ limit: parsedLimit })
+        .then(result => {
+          _this.logger.info(`Customers retrieved :: count: ${result.data.length}`);
+          return res.status(200).json({
+            success: true,
+            message: 'Customers retrieved',
+            result: result.data,
+            count: result.data.length
+          });
+        })
+        .catch(error => {
+          return _this.handleError(res, 500, 'Failed to list customers', error, 'Error listing customers');
+        });
+    },
+
+    createRefund: (req, res) => {
+      const { paymentIntentId, amount, reason } = req.body;
+
+      if (!paymentIntentId) {
+        return res.status(400).json({
+          success: false,
+          message: 'Payment intent ID is required'
+        });
+      }
+
+      const refundParams = {
+        payment_intent: paymentIntentId
+      };
+
+      if (amount) refundParams.amount = amount;
+      if (reason) refundParams.reason = reason;
+
+      return _this.stripe.refunds.create(refundParams)
+        .then(result => {
+          return _this.handleSuccess(res, 200, 'Refund created successfully', result);
+        })
+        .catch(error => {
+          return _this.handleError(res, error.statusCode || 500, 'Failed to create refund', error, 'Error creating refund');
+        });
+    },
+
+    createCheckoutSession: (req, res) => {
+      const { lineItems, successUrl, cancelUrl, metadata, customer } = req.body;
+
+      if (!lineItems || !Array.isArray(lineItems) || lineItems.length === 0) {
+        return res.status(400).json({
+          success: false,
+          message: 'Line items are required and must be a non-empty array'
+        });
+      }
+
+      if (!successUrl || !cancelUrl) {
+        return res.status(400).json({
+          success: false,
+          message: 'Success and cancel URLs are required'
+        });
+      }
+
+      const sessionParams = {
+        line_items: lineItems,
+        mode: 'payment',
+        success_url: successUrl,
+        cancel_url: cancelUrl
+      };
+
+      if (metadata) sessionParams.metadata = metadata;
+      if (customer) sessionParams.customer = customer;
+
+      return _this.stripe.checkout.sessions.create(sessionParams)
+        .then(result => {
+          return _this.handleSuccess(res, 200, 'Checkout session created', result);
+        })
+        .catch(error => {
+          return _this.handleError(res, error.statusCode || 500, 'Failed to create checkout session', error, 'Error creating checkout session');
+        });
+    },
+
+    createSubscription: (req, res) => {
+      const { customerId, priceId, metadata } = req.body;
+
+      if (!customerId || !priceId) {
+        return res.status(400).json({
+          success: false,
+          message: 'Customer ID and Price ID are required'
+        });
+      }
+
+      const subscriptionParams = {
+        customer: customerId,
+        items: [{ price: priceId }]
+      };
+
+      if (metadata) subscriptionParams.metadata = metadata;
+
+      return _this.stripe.subscriptions.create(subscriptionParams)
+        .then(result => {
+          return _this.handleSuccess(res, 200, 'Subscription created successfully', result);
+        })
+        .catch(error => {
+          return _this.handleError(res, error.statusCode || 500, 'Failed to create subscription', error, 'Error creating subscription');
+        });
+    },
+
+    cancelSubscription: (req, res) => {
+      const { id } = req.params;
+
+      if (!id) {
+        return _this.handleError(res, 400, {message: 'Subscription ID is required'})
+      }
+
+      return _this.stripe.subscriptions.cancel(id)
+        .then(result =>  _this.handleSuccess(res, 200, 'Subscription cancelled', result))
+        .catch(error => _this.handleError(res, error.statusCode || 500, 'Failed to cancel subscription', error, 'Error cancelling subscription'));
+    },
+
+    handleWebhook: (req, res) => {
+      const sig = req.headers['stripe-signature'];
+
+      if (!sig) {
+        return res.status(400).json({
+          success: false,
+          message: 'Missing stripe-signature header'
+        });
+      }
+
+      if (!_this.webhookSecret) {
+        _this.logger.warn('Webhook secret not configured');
+        return res.status(400).json({
+          success: false,
+          message: 'Webhook secret not configured'
+        });
+      }
+
+      let event;
+
+      try {
+        event = _this.stripe.webhooks.constructEvent(
+          req.body,
+          sig,
+          _this.webhookSecret
+        );
+      } catch (error) {
+        return _this.handleError(res, 400, 'Webhook signature verification failed', error, 'Webhook verification error');
+      }
+
+      _this.logger.info(`Webhook received: ${event.type}`);
+
+      return res.status(200).json({
+        success: true,
+        received: true
+      });
+    },
+
+    saveStripePayment: (req, res) => {
+      const { paymentMethodId, customerId } = req.body;
+
+      if (!paymentMethodId || !customerId) {
+        return res.status(400).json({success: false, message: 'Payment method ID and customer ID are required' });
+      }
+
+      return _this.stripe.paymentMethods.attach(paymentMethodId, { customer: customerId })
+        .then(() => {
+          return _this.stripe.customers.update(customerId, {
+            invoice_settings: {
+              default_payment_method: paymentMethodId,
+            },
+          });
+        })
+        .then((result) => {
+          _this.logger.info('Stripe payment method saved :: ', result.id);
+          return _this.handleSuccess(res, 200, result)
+        })
+        .catch(error => _this.handleError(res, error.statusCode || 500, 'Failed to save payment method', error, 'Error saving payment method'));
+    }
+  };
+};

package/libs/validator/index.js

@@ -52,7 +52,7 @@ exports.input = {
    * @returns {object} Validation result
    */
   register: (data) => {
-    const { email, password, firstname, lastname, name } = data;
+    const { email, password, firstName, lastName, displayName } = data;
 
     if (!email) return { isValid: false, message: "Email is required" };
     if (!exports.input.email(email)) return { isValid: false, message: "Please provide a valid email address" };
@@ -60,7 +60,7 @@ exports.input = {
     const passwordValidation = exports.input.password(password);
     if (!passwordValidation.isValid) return passwordValidation;
 
-    const fullName = firstname && lastname ? `${firstname} ${lastname}` : name;
+    const fullName = (displayName) ? displayName : `${firstName} ${lastName}`;
     if (!fullName) return { isValid: false, message: "Name is required" };
 
     return { isValid: true, name: fullName };

package/models/address.js

@@ -0,0 +1,37 @@
+const mongoose = require('mongoose');
+
+const addressSchema = new mongoose.Schema({
+  userId: { type: mongoose.Schema.Types.ObjectId, ref: 'User', required: true, index: true },
+  type: { type: String, enum: ['home', 'work', 'billing', 'shipping', 'other'], default: 'billing' },
+  isDefault: { type: Boolean, default: false },
+  name: { type: String, trim: true, maxlength: 50 },
+  line1: { type: String, required: true, trim: true },
+  line2: { type: String, trim: true },
+  city: { type: String, required: true, trim: true },
+  state: { type: String, required: true, trim: true },
+  zipCode: { type: String, required: true, trim: true },
+  country: { type: String, required: true, default: 'US', uppercase: true },
+  coordinates: { type: { type: String, enum: ['Point'], default: 'Point' },
+    coordinates: { type: [Number], default: [0, 0] }},
+  phoneNumber: { type: String, trim: true },
+  deliveryInstructions: { type: String, trim: true, maxlength: 500 }
+}, {
+  timestamps: true
+});
+
+// Indexes
+addressSchema.index({ userId: 1, isDefault: 1 });
+addressSchema.index({ coordinates: '2dsphere' });
+
+// Ensure only one default address per user
+addressSchema.pre('save', async function(next) {
+  if (this.isDefault) {
+    await this.constructor.updateMany(
+      { userId: this.userId, _id: { $ne: this._id } },
+      { $set: { isDefault: false } }
+    );
+  }
+  next();
+});
+
+module.exports = mongoose.model('Address', addressSchema);