@flowerforce/flowerbase 1.0.3-beta.5 → 1.0.3-beta.7

package/dist/auth/plugins/jwt.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../src/auth/plugins/jwt.ts"],"names":[],"mappings":"AAIA,KAAK,OAAO,GAAG;IACb,MAAM,EAAE,MAAM,CAAA;CACf,CAAA;AAED;;;;;;;GAOG;iUAC8C,OAAO;AAAxD,wBAqDE"}
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../src/auth/plugins/jwt.ts"],"names":[],"mappings":"AAIA,KAAK,OAAO,GAAG;IACb,MAAM,EAAE,MAAM,CAAA;CACf,CAAA;AAED;;;;;;;GAOG;iUAC8C,OAAO;AAAxD,wBAwDE"}

package/dist/auth/plugins/jwt.js

@@ -43,10 +43,11 @@ exports.default = (0, fastify_plugin_1.default)(function (fastify, opts) {
         fastify.decorate('createAccessToken', function (user) {
             const id = user._id.toString();
             const userDataId = user.user_data._id.toString();
-            const user_data = Object.assign({ _id: userDataId, id: userDataId }, user.user_data);
+            const user_data = Object.assign({ _id: userDataId, id: userDataId, email: user.email }, user.user_data);
             return this.jwt.sign({
                 typ: 'access',
                 id,
+                data: user_data,
                 user_data: user_data,
                 custom_data: user_data
             }, {

package/dist/auth/providers/custom-function/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/custom-function/controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAYzC;;;;GAIG;AACH,wBAAsB,wBAAwB,CAAC,GAAG,EAAE,eAAe,iBA2ElE"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/custom-function/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAezC;;;;GAIG;AACH,wBAAsB,wBAAwB,CAAC,GAAG,EAAE,eAAe,iBA8ElE"}

package/dist/auth/providers/custom-function/controller.js

@@ -8,10 +8,14 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.customFunctionController = customFunctionController;
-const bson_1 = require("bson");
 const constants_1 = require("../../../constants");
+const handleUserRegistration_1 = __importDefault(require("../../../shared/handleUserRegistration"));
+const handleUserRegistration_model_1 = require("../../../shared/models/handleUserRegistration.model");
 const state_1 = require("../../../state");
 const context_1 = require("../../../utils/context");
 const utils_1 = require("../../utils");
@@ -62,18 +66,19 @@ function customFunctionController(app) {
                         id
                     }
                 });
-                const currentUserData = {
-                    _id: new bson_1.ObjectId(res.id),
-                    user_data: {
-                        _id: new bson_1.ObjectId(res.id),
-                    }
-                };
                 if (res.id) {
+                    const user = yield (0, handleUserRegistration_1.default)(app, { run_as_system: true, skipUserCheck: true, provider: handleUserRegistration_model_1.PROVIDER.CUSTOM_FUNCTION })({ email: res.id, password: (0, utils_1.generatePassword)() });
+                    const currentUserData = {
+                        _id: user.insertedId,
+                        user_data: {
+                            _id: user.insertedId,
+                        }
+                    };
                     return {
                         access_token: this.createAccessToken(currentUserData),
                         refresh_token: this.createRefreshToken(currentUserData),
                         device_id: '',
-                        user_id: res.id
+                        user_id: user.insertedId.toString(),
                     };
                 }
                 throw new Error("Authentication Failed");

package/dist/auth/providers/local-userpass/controller.js

@@ -17,6 +17,7 @@ const mail_1 = __importDefault(require("@sendgrid/mail"));
 const constants_1 = require("../../../constants");
 const services_1 = require("../../../services");
 const handleUserRegistration_1 = __importDefault(require("../../../shared/handleUserRegistration"));
+const handleUserRegistration_model_1 = require("../../../shared/models/handleUserRegistration.model");
 const state_1 = require("../../../state");
 const context_1 = require("../../../utils/context");
 const crypto_1 = require("../../../utils/crypto");
@@ -42,7 +43,7 @@ function localUserPassController(app) {
         app.post(utils_1.AUTH_ENDPOINTS.REGISTRATION, {
             schema: utils_1.REGISTRATION_SCHEMA
         }, (req, res) => __awaiter(this, void 0, void 0, function* () {
-            const result = yield (0, handleUserRegistration_1.default)(app, { run_as_system: true })({ email: req.body.email.toLowerCase(), password: req.body.password });
+            const result = yield (0, handleUserRegistration_1.default)(app, { run_as_system: true, provider: handleUserRegistration_model_1.PROVIDER.LOCAL_USERPASS })({ email: req.body.email.toLowerCase(), password: req.body.password });
             res === null || res === void 0 ? void 0 : res.status(201);
             return { userId: result === null || result === void 0 ? void 0 : result.insertedId.toString() };
         }));

package/dist/auth/utils.d.ts

@@ -116,7 +116,6 @@ export interface CustomUserDataConfig {
     user_id_field: string;
     on_user_creation_function_name: string;
 }
-export declare const PROVIDER_TYPE = "local-userpass";
 /**
  * > Loads the auth config json file
  * @testable
@@ -133,5 +132,6 @@ export declare const getMailConfig: (resetPasswordConfig: Config, token: string,
     mailToken: string;
     body: string;
 };
+export declare const generatePassword: (length?: number) => string;
 export {};
 //# sourceMappingURL=utils.d.ts.map

package/dist/auth/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,YAAY;;;;;;;;;;;;;CASxB,CAAA;AAED,eAAO,MAAM,YAAY;;;;;;;;;;;;;CASxB,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;CAUhC,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;CAS/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;CAC3D;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;CAClC;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;IACzB,UAAU,EAAE;QACV,IAAI,EAAE,MAAM,CAAA;QACZ,OAAO,EAAE,MAAM,CAAA;QACf,SAAS,EAAE,MAAM,CAAA;KAClB,CAAA;CACF;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAED,eAAO,MAAM,aAAa,mBAAmB,CAAA;AAE7C;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAGjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAGrC,CAAA;AAED,eAAO,MAAM,aAAa,GACxB,qBAAqB,MAAM,EAC3B,OAAO,MAAM,EACb,SAAS,MAAM;;;;;CA4ChB,CAAA"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,YAAY;;;;;;;;;;;;;CASxB,CAAA;AAED,eAAO,MAAM,YAAY;;;;;;;;;;;;;CASxB,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;CAUhC,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;CAS/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;CAC3D;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;CAClC;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;IACzB,UAAU,EAAE;QACV,IAAI,EAAE,MAAM,CAAA;QACZ,OAAO,EAAE,MAAM,CAAA;QACf,SAAS,EAAE,MAAM,CAAA;KAClB,CAAA;CACF;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAGD;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAGjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAGrC,CAAA;AAED,eAAO,MAAM,aAAa,GACxB,qBAAqB,MAAM,EAC3B,OAAO,MAAM,EACb,SAAS,MAAM;;;;;CA2DhB,CAAA;AAMD,eAAO,MAAM,gBAAgB,GAAI,eAAW,WAG3C,CAAA"}

package/dist/auth/utils.js

@@ -3,9 +3,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getMailConfig = exports.loadCustomUserData = exports.loadAuthConfig = exports.PROVIDER_TYPE = exports.AUTH_ERRORS = exports.AUTH_ENDPOINTS = exports.REGISTRATION_SCHEMA = exports.CONFIRM_RESET_SCHEMA = exports.RESET_SCHEMA = exports.LOGIN_SCHEMA = void 0;
+exports.generatePassword = exports.getMailConfig = exports.loadCustomUserData = exports.loadAuthConfig = exports.AUTH_ERRORS = exports.AUTH_ENDPOINTS = exports.REGISTRATION_SCHEMA = exports.CONFIRM_RESET_SCHEMA = exports.RESET_SCHEMA = exports.LOGIN_SCHEMA = void 0;
+const crypto_1 = __importDefault(require("crypto"));
 const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
+const CHARSET = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_=+[]{};:,.<>?";
 exports.LOGIN_SCHEMA = {
     body: {
         type: 'object',
@@ -63,7 +65,6 @@ var AUTH_ERRORS;
     AUTH_ERRORS["INVALID_TOKEN"] = "Invalid refresh token provided";
     AUTH_ERRORS["INVALID_RESET_PARAMS"] = "Invalid token or tokenId provided";
 })(AUTH_ERRORS || (exports.AUTH_ERRORS = AUTH_ERRORS = {}));
-exports.PROVIDER_TYPE = 'local-userpass';
 /**
  * > Loads the auth config json file
  * @testable
@@ -88,10 +89,19 @@ const getMailConfig = (resetPasswordConfig, token, tokenId) => {
     const ENV_PREFIX = 'ENV';
     const { from, subject, mailToken } = mailConfig;
     const [fromPrefix, fromPath] = from.split('.');
+    if (!fromPath) {
+        throw new Error(`Invalid fromPath: ${fromPath}`);
+    }
     const currentSender = (_a = (fromPrefix === ENV_PREFIX ? process.env[fromPath] : from)) !== null && _a !== void 0 ? _a : '';
     const [subjectPrefix, subjectPath] = subject.split('.');
+    if (!subjectPath) {
+        throw new Error(`Invalid subjectPath: ${subjectPath}`);
+    }
     const currentSubject = (_b = (subjectPrefix === ENV_PREFIX ? process.env[subjectPath] : subject)) !== null && _b !== void 0 ? _b : '';
     const [mailTokenPrefix, mailTokenPath] = mailToken.split('.');
+    if (!mailTokenPath) {
+        throw new Error(`Invalid mailTokenPath: ${mailTokenPath}`);
+    }
     const currentMailToken = (_c = (mailTokenPrefix === 'ENV' ? process.env[mailTokenPath] : mailToken)) !== null && _c !== void 0 ? _c : '';
     const link = `${resetPasswordUrl}/${token}/${tokenId}`;
     const body = `<body style="font-family: Arial, sans-serif; background-color: #f4f4f4; text-align: center; padding: 20px;">
@@ -124,3 +134,8 @@ const getMailConfig = (resetPasswordConfig, token, tokenId) => {
     };
 };
 exports.getMailConfig = getMailConfig;
+const generatePassword = (length = 20) => {
+    const bytes = crypto_1.default.randomBytes(length);
+    return Array.from(bytes, (b) => CHARSET[b % CHARSET.length]).join("");
+};
+exports.generatePassword = generatePassword;

package/dist/services/mongodb-atlas/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/mongodb-atlas/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAAyC,oBAAoB,EAAE,MAAM,SAAS,CAAA;AAoqBrF,QAAA,MAAM,YAAY,EAAE,oBAmBlB,CAAA;AAEF,eAAe,YAAY,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/mongodb-atlas/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAAyC,oBAAoB,EAAE,MAAM,SAAS,CAAA;AAkpBrF,QAAA,MAAM,YAAY,EAAE,oBAmBlB,CAAA;AAEF,eAAe,YAAY,CAAA"}

package/dist/services/mongodb-atlas/index.js

@@ -161,11 +161,7 @@ const getOperators = (collection, { rules = {}, collName, user, run_as_system })
      *  - If validation fails, throws an error; otherwise, updates the document.
      */
     updateOne: (query, data, options) => __awaiter(void 0, void 0, void 0, function* () {
-        console.log('Step1 - query', query);
-        console.log('Step1 - data', data);
-        console.log('Step1 - options', options);
         if (!run_as_system) {
-            console.log('Step1 - runs_as_system');
             (0, utils_2.checkDenyOperation)(rules, collection.collectionName, model_1.CRUD_OPERATIONS.UPDATE);
             const { filters, roles } = rules[collName] || {};
             // Apply access control filters
@@ -175,18 +171,10 @@ const getOperators = (collection, { rules = {}, collName, user, run_as_system })
                 ? (0, utils_2.normalizeQuery)(formattedQuery)
                 : formattedQuery;
             const result = yield collection.findOne({ $and: safeQuery });
-            /*  const formattedQuery = getFormattedQuery(filters, query, user) */
-            console.log('Step2 - formattedQuery', formattedQuery);
-            // Retrieve the document to check permissions before updating
-            console.log('Step2 after fq  - collection ', collection);
-            /*   const result = await collection.findOne({ $and: formattedQuery }) */
-            console.log('result ', result);
             if (!result) {
-                console.log('check step error in !result');
                 throw new Error('Update not permitted');
             }
             const winningRole = (0, utils_1.getWinningRole)(result, user, roles);
-            console.log('Step3 - winningRole', winningRole);
             // Check if the update data contains MongoDB update operators (e.g., $set, $inc)
             const hasOperators = Object.keys(data).some((key) => key.startsWith('$'));
             // Flatten the update object to extract the actual fields being modified
@@ -203,7 +191,6 @@ const getOperators = (collection, { rules = {}, collName, user, run_as_system })
                 },
                 ...Object.entries(data).map(([key, value]) => ({ [key]: value }))
             ];
-            console.log('Step5 - pipeline', pipeline);
             const [docToCheck] = hasOperators
                 ? yield collection.aggregate(pipeline).toArray()
                 : [data];
@@ -216,11 +203,9 @@ const getOperators = (collection, { rules = {}, collName, user, run_as_system })
                     expansions: {}
                 }, user)
                 : { status: true, document: docToCheck };
-            console.log('Step6 - status', status);
             // Ensure no unauthorized changes are made
             const areDocumentsEqual = (0, isEqual_1.default)(document, docToCheck);
             if (!status || !areDocumentsEqual) {
-                console.log('check step error in status or documentsEqual');
                 throw new Error('Update not permitted');
             }
             return collection.updateOne({ $and: formattedQuery }, data, options);

package/dist/shared/handleUserRegistration.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handleUserRegistration.d.ts","sourceRoot":"","sources":["../../src/shared/handleUserRegistration.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,sBAAsB,EAAE,MAAM,uCAAuC,CAAA;AAE9E;;;;;;GAMG;AACH,QAAA,MAAM,sBAAsB,EAAE,sBAiD7B,CAAA;AAED,eAAe,sBAAsB,CAAA"}
+{"version":3,"file":"handleUserRegistration.d.ts","sourceRoot":"","sources":["../../src/shared/handleUserRegistration.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,sBAAsB,EAAE,MAAM,uCAAuC,CAAA;AAE9E;;;;;;GAMG;AACH,QAAA,MAAM,sBAAsB,EAAE,sBAkD7B,CAAA;AAED,eAAe,sBAAsB,CAAA"}

package/dist/shared/handleUserRegistration.js

@@ -9,7 +9,6 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-const utils_1 = require("../auth/utils");
 const constants_1 = require("../constants");
 const crypto_1 = require("../utils/crypto");
 /**
@@ -20,27 +19,28 @@ const crypto_1 = require("../utils/crypto");
  * @returns {Promise<InsertOneResult<Document>>} A promise resolving to the result of the insert operation.
  */
 const handleUserRegistration = (app, opt) => (_a) => __awaiter(void 0, [_a], void 0, function* ({ email, password }) {
-    const { run_as_system } = opt !== null && opt !== void 0 ? opt : {};
+    const { run_as_system, skipUserCheck, provider } = opt !== null && opt !== void 0 ? opt : {};
     if (!run_as_system) {
         throw new Error('only run_as_system');
     }
     const { authCollection } = constants_1.AUTH_CONFIG;
-    const db = app === null || app === void 0 ? void 0 : app.mongo.client.db(constants_1.DB_NAME);
+    const mongo = app === null || app === void 0 ? void 0 : app.mongo;
+    const db = mongo.client.db(constants_1.DB_NAME);
     const hashedPassword = yield (0, crypto_1.hashPassword)(password);
     const existingUser = yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).findOne({ email }));
-    if (existingUser) {
+    if (existingUser && !skipUserCheck) {
         throw new Error('This email address is already used');
     }
     const result = yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).insertOne({
         email,
         password: hashedPassword,
-        status: 'pending', // confirmed
+        status: skipUserCheck ? 'confirmed' : 'pending',
         custom_data: {
         // TODO: aggiungere dati personalizzati alla registrazione
         },
         identities: [
             {
-                provider_type: utils_1.PROVIDER_TYPE,
+                provider_type: provider,
                 provider_data: { email }
             }
         ]
@@ -51,7 +51,7 @@ const handleUserRegistration = (app, opt) => (_a) => __awaiter(void 0, [_a], voi
                 {
                     id: result === null || result === void 0 ? void 0 : result.insertedId.toString(),
                     provider_id: result === null || result === void 0 ? void 0 : result.insertedId.toString(),
-                    provider_type: utils_1.PROVIDER_TYPE,
+                    provider_type: provider,
                     provider_data: { email }
                 }
             ]

package/dist/shared/models/handleUserRegistration.model.d.ts

@@ -9,8 +9,14 @@ type RegistrationParams = {
 export type Options = {
     user?: User;
     rules?: Rules;
+    skipUserCheck?: boolean;
+    provider?: PROVIDER;
     run_as_system?: boolean;
 };
 export type HandleUserRegistration = (app: FastifyInstance, opt: Options) => (params: RegistrationParams) => Promise<InsertOneResult<Document>>;
+export declare enum PROVIDER {
+    LOCAL_USERPASS = "local-userpass",
+    CUSTOM_FUNCTION = "custom-function"
+}
 export {};
 //# sourceMappingURL=handleUserRegistration.model.d.ts.map

package/dist/shared/models/handleUserRegistration.model.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handleUserRegistration.model.d.ts","sourceRoot":"","sources":["../../../src/shared/models/handleUserRegistration.model.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAA;AACjD,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AACtC,OAAO,EAAE,KAAK,EAAE,MAAM,gCAAgC,CAAA;AAEtD,KAAK,kBAAkB,GAAG;IACxB,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,aAAa,CAAC,EAAE,OAAO,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,sBAAsB,GAAG,CACnC,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,OAAO,KACT,CAAC,MAAM,EAAE,kBAAkB,KAAK,OAAO,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAA"}
+{"version":3,"file":"handleUserRegistration.model.d.ts","sourceRoot":"","sources":["../../../src/shared/models/handleUserRegistration.model.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAA;AACjD,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AACtC,OAAO,EAAE,KAAK,EAAE,MAAM,gCAAgC,CAAA;AAEtD,KAAK,kBAAkB,GAAG;IACxB,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,aAAa,CAAC,EAAE,OAAO,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,sBAAsB,GAAG,CACnC,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,OAAO,KACT,CAAC,MAAM,EAAE,kBAAkB,KAAK,OAAO,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAA;AAEvE,oBAAY,QAAQ;IAClB,cAAc,mBAAmB;IACjC,eAAe,oBAAoB;CACpC"}

package/dist/shared/models/handleUserRegistration.model.js

@@ -1,2 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.PROVIDER = void 0;
+var PROVIDER;
+(function (PROVIDER) {
+    PROVIDER["LOCAL_USERPASS"] = "local-userpass";
+    PROVIDER["CUSTOM_FUNCTION"] = "custom-function";
+})(PROVIDER || (exports.PROVIDER = PROVIDER = {}));

package/dist/utils/crypto/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/crypto/index.ts"],"names":[],"mappings":"AAKA;;;;GAIG;AACH,eAAO,MAAM,YAAY,GAAU,WAAW,MAAM,oBAInD,CAAA;AAED;;;;;GAKG;AACH,eAAO,MAAM,eAAe,GAAU,WAAW,MAAM,EAAE,gBAAgB,MAAM,qBAK9E,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,aAAa,GAAI,eAAW,WAExC,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/crypto/index.ts"],"names":[],"mappings":"AAKA;;;;GAIG;AACH,eAAO,MAAM,YAAY,GAAU,WAAW,MAAM,oBAInD,CAAA;AAED;;;;;GAKG;AACH,eAAO,MAAM,eAAe,GAAU,WAAW,MAAM,EAAE,gBAAgB,MAAM,qBAU9E,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,aAAa,GAAI,eAAW,WAExC,CAAA"}

package/dist/utils/crypto/index.js

@@ -35,6 +35,9 @@ exports.hashPassword = hashPassword;
  */
 const comparePassword = (plaintext, storedPassword) => __awaiter(void 0, void 0, void 0, function* () {
     const [storedHash, storedSalt] = storedPassword.split('.');
+    if (!storedHash || !storedSalt) {
+        throw new Error(`Invalid stored password: ${storedPassword}`);
+    }
     const storedBuffer = Buffer.from(storedHash, 'hex');
     const buffer = (yield scrypt(plaintext, storedSalt, 64));
     return node_crypto_1.default.timingSafeEqual(buffer, storedBuffer);

package/dist/utils/initializer/exposeRoutes.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"exposeRoutes.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/exposeRoutes.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAMzC;;;;GAIG;AACH,eAAO,MAAM,YAAY,GAAU,SAAS,eAAe,kBAiE1D,CAAA"}
+{"version":3,"file":"exposeRoutes.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/exposeRoutes.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAOzC;;;;GAIG;AACH,eAAO,MAAM,YAAY,GAAU,SAAS,eAAe,kBAiE1D,CAAA"}

package/dist/utils/initializer/exposeRoutes.js

@@ -13,6 +13,7 @@ exports.exposeRoutes = void 0;
 const node_process_1 = require("node:process");
 const utils_1 = require("../../auth/utils");
 const constants_1 = require("../../constants");
+const handleUserRegistration_model_1 = require("../../shared/models/handleUserRegistration.model");
 const crypto_1 = require("../crypto");
 /**
  * > Used to expose all app routes
@@ -64,7 +65,7 @@ const exposeRoutes = (fastify) => __awaiter(void 0, void 0, void 0, function* ()
                             {
                                 id: result === null || result === void 0 ? void 0 : result.insertedId.toString(),
                                 provider_id: result === null || result === void 0 ? void 0 : result.insertedId.toString(),
-                                provider_type: utils_1.PROVIDER_TYPE,
+                                provider_type: handleUserRegistration_model_1.PROVIDER.LOCAL_USERPASS,
                                 provider_data: { email }
                             }
                         ]

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flowerforce/flowerbase",
-  "version": "1.0.3-beta.5",
+  "version": "1.0.3-beta.7",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/auth/plugins/jwt.ts

@@ -37,12 +37,15 @@ export default fp(async function (fastify, opts: Options) {
     const user_data = {
       _id: userDataId,
       id: userDataId,
+      email: user.email,
       ...user.user_data
     }
+
     return this.jwt.sign(
       {
         typ: 'access',
         id,
+        data: user_data,
         user_data: user_data,
         custom_data: user_data
       },

package/src/auth/providers/custom-function/controller.ts

@@ -1,10 +1,12 @@
-import { ObjectId } from 'bson'
 import { FastifyInstance } from 'fastify'
 import { AUTH_CONFIG } from '../../../constants'
+import handleUserRegistration from '../../../shared/handleUserRegistration'
+import { PROVIDER } from '../../../shared/models/handleUserRegistration.model'
 import { StateManager } from '../../../state'
 import { GenerateContext } from '../../../utils/context'
 import {
   AUTH_ENDPOINTS,
+  generatePassword,
 } from '../../utils'
 import {
   LoginDto
@@ -72,18 +74,21 @@ export async function customFunctionController(app: FastifyInstance) {
         }
       })
 
-      const currentUserData = {
-        _id: new ObjectId(res.id),
-        user_data: {
-          _id: new ObjectId(res.id),
-        }
-      }
+
       if (res.id) {
+        const user = await handleUserRegistration(app, { run_as_system: true, skipUserCheck: true, provider: PROVIDER.CUSTOM_FUNCTION })({ email: res.id, password: generatePassword() })
+
+        const currentUserData = {
+          _id: user.insertedId,
+          user_data: {
+            _id: user.insertedId,
+          }
+        }
         return {
           access_token: this.createAccessToken(currentUserData),
           refresh_token: this.createRefreshToken(currentUserData),
           device_id: '',
-          user_id: res.id
+          user_id: user.insertedId.toString(),
         }
       }
 

package/src/auth/providers/local-userpass/controller.ts

@@ -3,6 +3,7 @@ import { FastifyInstance } from 'fastify'
 import { AUTH_CONFIG, DB_NAME } from '../../../constants'
 import { services } from '../../../services'
 import handleUserRegistration from '../../../shared/handleUserRegistration'
+import { PROVIDER } from '../../../shared/models/handleUserRegistration.model'
 import { StateManager } from '../../../state'
 import { GenerateContext } from '../../../utils/context'
 import { comparePassword, generateToken, hashPassword } from '../../../utils/crypto'
@@ -21,7 +22,6 @@ import {
   RegistrationDto,
   ResetPasswordDto
 } from './dtos'
-
 /**
  * Controller for handling local user registration and login.
  * @testable
@@ -53,7 +53,7 @@ export async function localUserPassController(app: FastifyInstance) {
     },
     async (req, res) => {
 
-      const result = await handleUserRegistration(app, { run_as_system: true })({ email: req.body.email.toLowerCase(), password: req.body.password })
+      const result = await handleUserRegistration(app, { run_as_system: true, provider: PROVIDER.LOCAL_USERPASS })({ email: req.body.email.toLowerCase(), password: req.body.password })
 
       res?.status(201)
       return { userId: result?.insertedId.toString() }

package/src/auth/utils.ts

@@ -1,6 +1,9 @@
+import crypto from "crypto";
 import fs from 'fs'
 import path from 'path'
 
+const CHARSET =
+  "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_=+[]{};:,.<>?";
 export const LOGIN_SCHEMA = {
   body: {
     type: 'object',
@@ -112,7 +115,6 @@ export interface CustomUserDataConfig {
   on_user_creation_function_name: string
 }
 
-export const PROVIDER_TYPE = 'local-userpass'
 
 /**
  * > Loads the auth config json file
@@ -142,11 +144,26 @@ export const getMailConfig = (
   const { from, subject, mailToken } = mailConfig
 
   const [fromPrefix, fromPath] = from.split('.')
+
+  if (!fromPath) {
+    throw new Error(`Invalid fromPath: ${fromPath}`)
+  }
+
   const currentSender = (fromPrefix === ENV_PREFIX ? process.env[fromPath] : from) ?? ''
   const [subjectPrefix, subjectPath] = subject.split('.')
+
+  if (!subjectPath) {
+    throw new Error(`Invalid subjectPath: ${subjectPath}`)
+  }
+
   const currentSubject =
     (subjectPrefix === ENV_PREFIX ? process.env[subjectPath] : subject) ?? ''
   const [mailTokenPrefix, mailTokenPath] = mailToken.split('.')
+
+  if (!mailTokenPath) {
+    throw new Error(`Invalid mailTokenPath: ${mailTokenPath}`)
+  }
+
   const currentMailToken =
     (mailTokenPrefix === 'ENV' ? process.env[mailTokenPath] : mailToken) ?? ''
 
@@ -180,3 +197,12 @@ export const getMailConfig = (
     body
   }
 }
+
+
+
+
+
+export const generatePassword = (length = 20) => {
+  const bytes = crypto.randomBytes(length);
+  return Array.from(bytes, (b) => CHARSET[b % CHARSET.length]).join("");
+}

package/src/services/mongodb-atlas/index.ts

@@ -183,11 +183,7 @@ const getOperators: GetOperatorsFunction = (
    *  - If validation fails, throws an error; otherwise, updates the document.
    */
   updateOne: async (query, data, options) => {
-    console.log('Step1 - query', query)
-    console.log('Step1 - data', data)
-    console.log('Step1 - options', options)
     if (!run_as_system) {
-      console.log('Step1 - runs_as_system')
 
       checkDenyOperation(rules, collection.collectionName, CRUD_OPERATIONS.UPDATE)
       const { filters, roles } = rules[collName] || {}
@@ -201,22 +197,11 @@ const getOperators: GetOperatorsFunction = (
 
       const result = await collection.findOne({ $and: safeQuery })
 
-      /*  const formattedQuery = getFormattedQuery(filters, query, user) */
-      console.log('Step2 - formattedQuery', formattedQuery)
-
-      // Retrieve the document to check permissions before updating
-      console.log('Step2 after fq  - collection ', collection)
-      /*   const result = await collection.findOne({ $and: formattedQuery }) */
-      console.log('result ', result)
-
       if (!result) {
-        console.log('check step error in !result')
-
         throw new Error('Update not permitted')
       }
 
       const winningRole = getWinningRole(result, user, roles)
-      console.log('Step3 - winningRole', winningRole)
 
       // Check if the update data contains MongoDB update operators (e.g., $set, $inc)
       const hasOperators = Object.keys(data).some((key) => key.startsWith('$'))
@@ -235,7 +220,6 @@ const getOperators: GetOperatorsFunction = (
         },
         ...Object.entries(data).map(([key, value]) => ({ [key]: value }))
       ]
-      console.log('Step5 - pipeline', pipeline)
       const [docToCheck] = hasOperators
         ? await collection.aggregate(pipeline).toArray()
         : ([data] as [Document])
@@ -252,12 +236,10 @@ const getOperators: GetOperatorsFunction = (
           user
         )
         : { status: true, document: docToCheck }
-      console.log('Step6 - status', status)
       // Ensure no unauthorized changes are made
       const areDocumentsEqual = isEqual(document, docToCheck)
 
       if (!status || !areDocumentsEqual) {
-        console.log('check step error in status or documentsEqual')
         throw new Error('Update not permitted')
       }
       return collection.updateOne({ $and: formattedQuery }, data, options)

package/src/shared/handleUserRegistration.ts

@@ -1,4 +1,4 @@
-import { PROVIDER_TYPE } from "../auth/utils"
+import { FastifyMongoObject } from "@fastify/mongodb/types"
 import { AUTH_CONFIG, DB_NAME } from "../constants"
 import { hashPassword } from "../utils/crypto"
 import { HandleUserRegistration } from "./models/handleUserRegistration.model"
@@ -11,31 +11,32 @@ import { HandleUserRegistration } from "./models/handleUserRegistration.model"
  * @returns {Promise<InsertOneResult<Document>>} A promise resolving to the result of the insert operation.
  */
 const handleUserRegistration: HandleUserRegistration = (app, opt) => async ({ email, password }) => {
-    const { run_as_system } = opt ?? {}
-    
+    const { run_as_system, skipUserCheck, provider } = opt ?? {}
+
     if (!run_as_system) {
         throw new Error('only run_as_system')
     }
 
     const { authCollection } = AUTH_CONFIG
-    const db = app?.mongo.client.db(DB_NAME)
+    const mongo: FastifyMongoObject = app?.mongo
+    const db = mongo.client.db(DB_NAME)
     const hashedPassword = await hashPassword(password)
 
     const existingUser = await db?.collection(authCollection!).findOne({ email })
-    if (existingUser) {
+    if (existingUser && !skipUserCheck) {
         throw new Error('This email address is already used')
     }
 
     const result = await db?.collection(authCollection!).insertOne({
         email,
         password: hashedPassword,
-        status: 'pending', // confirmed
+        status: skipUserCheck ? 'confirmed' : 'pending',
         custom_data: {
             // TODO: aggiungere dati personalizzati alla registrazione
         },
         identities: [
             {
-                provider_type: PROVIDER_TYPE,
+                provider_type: provider,
                 provider_data: { email }
             }
         ]
@@ -49,7 +50,7 @@ const handleUserRegistration: HandleUserRegistration = (app, opt) => async ({ em
                     {
                         id: result?.insertedId.toString(),
                         provider_id: result?.insertedId.toString(),
-                        provider_type: PROVIDER_TYPE,
+                        provider_type: provider,
                         provider_data: { email }
                     }
                 ]

package/src/shared/models/handleUserRegistration.model.ts

@@ -11,10 +11,17 @@ type RegistrationParams = {
 export type Options = {
   user?: User
   rules?: Rules
+  skipUserCheck?: boolean
+  provider?: PROVIDER
   run_as_system?: boolean
 }
 
 export type HandleUserRegistration = (
   app: FastifyInstance,
   opt: Options
-) => (params: RegistrationParams) => Promise<InsertOneResult<Document>>
+) => (params: RegistrationParams) => Promise<InsertOneResult<Document>>
+
+export enum PROVIDER {
+  LOCAL_USERPASS = "local-userpass",
+  CUSTOM_FUNCTION = "custom-function"
+}

package/src/utils/crypto/index.ts

@@ -22,6 +22,11 @@ export const hashPassword = async (plaintext: string) => {
  */
 export const comparePassword = async (plaintext: string, storedPassword: string) => {
   const [storedHash, storedSalt] = storedPassword.split('.')
+
+  if (!storedHash || !storedSalt) {
+    throw new Error(`Invalid stored password: ${storedPassword}`);
+  }
+
   const storedBuffer = Buffer.from(storedHash, 'hex')
   const buffer = (await scrypt(plaintext, storedSalt, 64)) as Buffer
   return crypto.timingSafeEqual(buffer, storedBuffer)

package/src/utils/initializer/exposeRoutes.ts

@@ -1,8 +1,9 @@
 import { uptime } from 'node:process'
 import { FastifyInstance } from 'fastify'
 import { RegistrationDto } from '../../auth/providers/local-userpass/dtos'
-import { AUTH_ENDPOINTS, PROVIDER_TYPE, REGISTRATION_SCHEMA } from '../../auth/utils'
+import { AUTH_ENDPOINTS, REGISTRATION_SCHEMA } from '../../auth/utils'
 import { API_VERSION, AUTH_CONFIG, DB_NAME, DEFAULT_CONFIG } from '../../constants'
+import { PROVIDER } from '../../shared/models/handleUserRegistration.model'
 import { hashPassword } from '../crypto'
 
 /**
@@ -59,7 +60,7 @@ export const exposeRoutes = async (fastify: FastifyInstance) => {
               {
                 id: result?.insertedId.toString(),
                 provider_id: result?.insertedId.toString(),
-                provider_type: PROVIDER_TYPE,
+                provider_type: PROVIDER.LOCAL_USERPASS,
                 provider_data: { email }
               }
             ]