@flowerforce/flowerbase 1.2.0 → 1.2.1-beta.10

package/dist/utils/crypto/index.js

@@ -12,7 +12,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.generateToken = exports.comparePassword = exports.hashPassword = void 0;
+exports.hashToken = exports.generateToken = exports.comparePassword = exports.hashPassword = void 0;
 const node_crypto_1 = __importDefault(require("node:crypto"));
 const node_util_1 = require("node:util");
 const scrypt = (0, node_util_1.promisify)(node_crypto_1.default.scrypt);
@@ -47,7 +47,11 @@ exports.comparePassword = comparePassword;
  * > Generate a random token
  * @param length -> the token length
  */
-const generateToken = (length = 32) => {
+const generateToken = (length = 64) => {
     return node_crypto_1.default.randomBytes(length).toString('hex');
 };
 exports.generateToken = generateToken;
+const hashToken = (token) => {
+    return node_crypto_1.default.createHash('sha256').update(token).digest('hex');
+};
+exports.hashToken = hashToken;

package/dist/utils/initializer/exposeRoutes.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"exposeRoutes.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/exposeRoutes.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAOzC;;;;GAIG;AACH,eAAO,MAAM,YAAY,GAAU,SAAS,eAAe,kBAiE1D,CAAA"}
+{"version":3,"file":"exposeRoutes.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/exposeRoutes.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAOzC;;;;GAIG;AACH,eAAO,MAAM,YAAY,GAAU,SAAS,eAAe,kBA0E1D,CAAA"}

package/dist/utils/initializer/exposeRoutes.js

@@ -23,12 +23,19 @@ const crypto_1 = require("../crypto");
 const exposeRoutes = (fastify) => __awaiter(void 0, void 0, void 0, function* () {
     try {
         fastify.get(`${constants_1.API_VERSION}/app/:appId/location`, (req) => __awaiter(void 0, void 0, void 0, function* () {
-            return ({
+            var _a, _b, _c;
+            const schema = (_a = constants_1.DEFAULT_CONFIG === null || constants_1.DEFAULT_CONFIG === void 0 ? void 0 : constants_1.DEFAULT_CONFIG.HTTPS_SCHEMA) !== null && _a !== void 0 ? _a : 'http';
+            const headerHost = (_b = req.headers.host) !== null && _b !== void 0 ? _b : 'localhost:3000';
+            const hostname = headerHost.split(':')[0];
+            const port = (_c = constants_1.DEFAULT_CONFIG === null || constants_1.DEFAULT_CONFIG === void 0 ? void 0 : constants_1.DEFAULT_CONFIG.PORT) !== null && _c !== void 0 ? _c : 3000;
+            const host = `${hostname}:${port}`;
+            const wsSchema = 'wss';
+            return {
                 deployment_model: 'LOCAL',
                 location: 'IE',
-                hostname: `${constants_1.DEFAULT_CONFIG.HTTPS_SCHEMA}://${req.headers.host}`,
-                ws_hostname: `${constants_1.DEFAULT_CONFIG.HTTPS_SCHEMA === 'https' ? 'wss' : 'ws'}://${req.headers.host}`
-            });
+                hostname: `${schema}://${host}`,
+                ws_hostname: `${wsSchema}://${host}`
+            };
         }));
         fastify.get('/health', () => __awaiter(void 0, void 0, void 0, function* () {
             return ({

package/dist/utils/initializer/registerPlugins.d.ts

@@ -1,4 +1,5 @@
 import { FastifyInstance } from 'fastify';
+import { CorsConfig } from '../../';
 import { Functions } from '../../features/functions/interface';
 type RegisterFunction = FastifyInstance['register'];
 type RegisterPluginsParams = {
@@ -6,6 +7,7 @@ type RegisterPluginsParams = {
     mongodbUrl: string;
     jwtSecret: string;
     functionsList: Functions;
+    corsConfig?: CorsConfig;
 };
 /**
  * > Used to register all plugins
@@ -14,6 +16,6 @@ type RegisterPluginsParams = {
  * @param jwtSecret -> connection jwt
  * @tested
  */
-export declare const registerPlugins: ({ register, mongodbUrl, jwtSecret, functionsList }: RegisterPluginsParams) => Promise<void>;
+export declare const registerPlugins: ({ register, mongodbUrl, jwtSecret, functionsList, corsConfig }: RegisterPluginsParams) => Promise<void>;
 export {};
 //# sourceMappingURL=registerPlugins.d.ts.map

package/dist/utils/initializer/registerPlugins.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"registerPlugins.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/registerPlugins.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAOzC,OAAO,EAAE,SAAS,EAAE,MAAM,oCAAoC,CAAA;AAE9D,KAAK,gBAAgB,GAAG,eAAe,CAAC,UAAU,CAAC,CAAA;AAGnD,KAAK,qBAAqB,GAAG;IAC3B,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,SAAS,CAAA;CACzB,CAAA;AAQD;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,GAAU,oDAKnC,qBAAqB,kBAoBvB,CAAA"}
+{"version":3,"file":"registerPlugins.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/registerPlugins.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAEzC,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAMnC,OAAO,EAAE,SAAS,EAAE,MAAM,oCAAoC,CAAA;AAE9D,KAAK,gBAAgB,GAAG,eAAe,CAAC,UAAU,CAAC,CAAA;AAGnD,KAAK,qBAAqB,GAAG;IAC3B,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,SAAS,CAAA;IACxB,UAAU,CAAC,EAAE,UAAU,CAAA;CACxB,CAAA;AAQD;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,GAAU,gEAMnC,qBAAqB,kBAsBvB,CAAA"}

package/dist/utils/initializer/registerPlugins.js

@@ -28,11 +28,12 @@ const constants_1 = require("../../constants");
  * @param jwtSecret -> connection jwt
  * @tested
  */
-const registerPlugins = (_a) => __awaiter(void 0, [_a], void 0, function* ({ register, mongodbUrl, jwtSecret, functionsList }) {
+const registerPlugins = (_a) => __awaiter(void 0, [_a], void 0, function* ({ register, mongodbUrl, jwtSecret, functionsList, corsConfig }) {
     try {
         const registersConfig = yield getRegisterConfig({
             mongodbUrl,
             jwtSecret,
+            corsConfig,
             functionsList
         });
         registersConfig.forEach(({ plugin, options, pluginName }) => {
@@ -43,6 +44,7 @@ const registerPlugins = (_a) => __awaiter(void 0, [_a], void 0, function* ({ reg
             catch (e) {
                 console.log('Registration FAILED --->', pluginName);
                 console.log('Error --->', e);
+                throw e;
             }
         });
     }
@@ -57,15 +59,16 @@ exports.registerPlugins = registerPlugins;
  * @param jwtSecret -> connection jwt
  * @testable
  */
-const getRegisterConfig = (_a) => __awaiter(void 0, [_a], void 0, function* ({ mongodbUrl, jwtSecret }) {
+const getRegisterConfig = (_a) => __awaiter(void 0, [_a], void 0, function* ({ mongodbUrl, jwtSecret, corsConfig }) {
+    const corsOptions = corsConfig !== null && corsConfig !== void 0 ? corsConfig : {
+        origin: '*',
+        methods: ['POST', 'GET']
+    };
     return [
         {
             pluginName: 'cors',
             plugin: cors_1.default,
-            options: {
-                origin: '*',
-                methods: ['POST', 'GET', 'DELETE']
-            }
+            options: corsOptions
         },
         {
             pluginName: 'fastifyMongodb',

package/dist/utils/roles/helpers.js

@@ -31,13 +31,20 @@ const evaluateExpression = (params, expression, user) => __awaiter(void 0, void
 });
 exports.evaluateExpression = evaluateExpression;
 const evaluateComplexExpression = (condition, params, user) => __awaiter(void 0, void 0, void 0, function* () {
+    var _a;
     const [key, config] = condition;
-    const { name } = config['%function'];
+    const functionConfig = config['%function'];
+    const { name, arguments: fnArguments } = functionConfig;
     const functionsList = state_1.StateManager.select('functions');
     const app = state_1.StateManager.select('app');
     const currentFunction = functionsList[name];
+    const expansionContext = Object.assign(Object.assign(Object.assign({}, params.expansions), params.cursor), { '%%root': params.cursor, '%%user': user, '%%true': true, '%%false': false });
+    const expandedArguments = fnArguments && fnArguments.length
+        ? ((_a = (0, rules_1.expandQuery)({ args: fnArguments }, expansionContext)
+            .args) !== null && _a !== void 0 ? _a : [])
+        : [params.cursor];
     const response = yield (0, context_1.GenerateContext)({
-        args: [params.cursor],
+        args: expandedArguments,
         app,
         rules: state_1.StateManager.select("rules"),
         user,
@@ -45,5 +52,6 @@ const evaluateComplexExpression = (condition, params, user) => __awaiter(void 0,
         functionsList,
         services: services_1.services
     });
-    return key === '%%true' ? response : !response;
+    const isTruthy = Boolean(response);
+    return key === '%%true' ? isTruthy : !isTruthy;
 });

package/dist/utils/roles/machines/commonValidators.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"commonValidators.d.ts","sourceRoot":"","sources":["../../../../src/utils/roles/machines/commonValidators.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAA;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAK5C,eAAO,MAAM,yBAAyB,GACpC,wBAAwB,cAAc,EACtC,aAAa,MAAM,0BAA0B,qBAS9C,CAAA;AAED,eAAO,MAAM,6BAA6B,GACxC,wBAAwB,cAAc,EACtC,aAAa,cAAc,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,iCAK9C,CAAA;AAED,eAAO,MAAM,yBAAyB,GAAI,UAAU,cAAc,YAEjE,CAAA"}
+{"version":3,"file":"commonValidators.d.ts","sourceRoot":"","sources":["../../../../src/utils/roles/machines/commonValidators.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAA;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAK5C,eAAO,MAAM,yBAAyB,GACpC,wBAAwB,cAAc,EACtC,aAAa,MAAM,0BAA0B,qBAS9C,CAAA;AAED,eAAO,MAAM,6BAA6B,GACxC,wBAAwB,cAAc,EACtC,aAAa,cAAc,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,iCAQ9C,CAAA;AAED,eAAO,MAAM,yBAAyB,GAAI,UAAU,cAAc,YAIjE,CAAA"}

package/dist/utils/roles/machines/commonValidators.js

@@ -12,7 +12,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.checkFieldsPropertyExists = exports.evaluateTopLevelPermissionsFn = exports.evaluateDocumentFiltersFn = void 0;
 const someAsync_1 = require("../../helpers/someAsync");
 const helpers_1 = require("../helpers");
-const readOnlyPermissions = ['read'];
+const readOnlyPermissions = ['read', 'search'];
 const readWritePermissions = ['write', 'delete', 'insert', ...readOnlyPermissions];
 const evaluateDocumentFiltersFn = (_a, currentType_1) => __awaiter(void 0, [_a, currentType_1], void 0, function* ({ params, role, user }, currentType) {
     var _b;
@@ -21,13 +21,17 @@ const evaluateDocumentFiltersFn = (_a, currentType_1) => __awaiter(void 0, [_a,
 });
 exports.evaluateDocumentFiltersFn = evaluateDocumentFiltersFn;
 const evaluateTopLevelPermissionsFn = (_a, currentType_1) => __awaiter(void 0, [_a, currentType_1], void 0, function* ({ params, role, user }, currentType) {
-    return role[currentType]
-        ? yield (0, helpers_1.evaluateExpression)(params, role[currentType], user)
-        : undefined;
+    const permission = role === null || role === void 0 ? void 0 : role[currentType];
+    if (typeof permission === 'undefined') {
+        return undefined;
+    }
+    return yield (0, helpers_1.evaluateExpression)(params, permission, user);
 });
 exports.evaluateTopLevelPermissionsFn = evaluateTopLevelPermissionsFn;
 const checkFieldsPropertyExists = ({ role }) => {
-    var _a;
-    return !!Object.keys((_a = role.fields) !== null && _a !== void 0 ? _a : {}).length;
+    var _a, _b;
+    const hasFields = !!Object.keys((_a = role === null || role === void 0 ? void 0 : role.fields) !== null && _a !== void 0 ? _a : {}).length;
+    const hasAdditional = !!Object.keys((_b = role === null || role === void 0 ? void 0 : role.additional_fields) !== null && _b !== void 0 ? _b : {}).length;
+    return hasFields || hasAdditional;
 };
 exports.checkFieldsPropertyExists = checkFieldsPropertyExists;

package/dist/utils/roles/machines/read/B/validators.d.ts

@@ -0,0 +1,4 @@
+import { MachineContext } from '../../interface';
+export declare const evaluateDocumentFiltersReadFn: (context: MachineContext) => Promise<boolean>;
+export declare const evaluateDocumentFiltersWriteFn: (context: MachineContext) => Promise<boolean>;
+//# sourceMappingURL=validators.d.ts.map

package/dist/utils/roles/machines/read/B/validators.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validators.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/B/validators.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AAGhD,eAAO,MAAM,6BAA6B,GAAI,SAAS,cAAc,qBACzB,CAAA;AAE5C,eAAO,MAAM,8BAA8B,GAAI,SAAS,cAAc,qBACzB,CAAA"}

package/dist/utils/roles/machines/read/B/validators.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.evaluateDocumentFiltersWriteFn = exports.evaluateDocumentFiltersReadFn = void 0;
+const commonValidators_1 = require("../../commonValidators");
+const evaluateDocumentFiltersReadFn = (context) => (0, commonValidators_1.evaluateDocumentFiltersFn)(context, 'read');
+exports.evaluateDocumentFiltersReadFn = evaluateDocumentFiltersReadFn;
+const evaluateDocumentFiltersWriteFn = (context) => (0, commonValidators_1.evaluateDocumentFiltersFn)(context, 'write');
+exports.evaluateDocumentFiltersWriteFn = evaluateDocumentFiltersWriteFn;

package/dist/utils/roles/machines/read/C/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/C/index.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAGxC,eAAO,MAAM,aAAa,EAAE,MAsC3B,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/C/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAGxC,eAAO,MAAM,aAAa,EAAE,MAyC3B,CAAA"}

package/dist/utils/roles/machines/read/C/index.js

@@ -10,7 +10,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.STEP_C_STATES = void 0;
-const commonValidators_1 = require("../../commonValidators");
+const validators_1 = require("./validators");
 const utils_1 = require("../../utils");
 exports.STEP_C_STATES = {
     evaluateTopLevelRead: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, endValidation }) {
@@ -20,10 +20,13 @@ exports.STEP_C_STATES = {
             step: 1,
             stepName: 'evaluateTopLevelRead'
         });
-        const check = yield (0, commonValidators_1.evaluateTopLevelPermissionsFn)(context, 'read');
-        return check
-            ? endValidation({ success: true })
-            : next('evaluateTopLevelWrite', { check });
+        const check = yield (0, validators_1.evaluateTopLevelReadFn)(context);
+        if (check) {
+            return (0, validators_1.checkFieldsPropertyExists)(context)
+                ? next('checkFieldsProperty')
+                : endValidation({ success: true });
+        }
+        return next('evaluateTopLevelWrite', { check });
     }),
     evaluateTopLevelWrite: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, endValidation }) {
         var _b;
@@ -33,7 +36,7 @@ exports.STEP_C_STATES = {
             step: 2,
             stepName: 'evaluateTopLevelWrite'
         });
-        const check = yield (0, commonValidators_1.evaluateTopLevelPermissionsFn)(context, 'write');
+        const check = yield (0, validators_1.evaluateTopLevelWriteFn)(context);
         if (check)
             return endValidation({ success: true });
         return ((_b = context === null || context === void 0 ? void 0 : context.prevParams) === null || _b === void 0 ? void 0 : _b.check) === false
@@ -47,7 +50,7 @@ exports.STEP_C_STATES = {
             step: 3,
             stepName: 'checkFieldsProperty'
         });
-        const check = (0, commonValidators_1.checkFieldsPropertyExists)(context);
+        const check = (0, validators_1.checkFieldsPropertyExists)(context);
         return goToNextValidationStage(check ? 'checkIsValidFieldName' : 'checkAdditionalFields');
     })
 };

package/dist/utils/roles/machines/read/C/validators.d.ts

@@ -0,0 +1,5 @@
+import { MachineContext } from '../../interface';
+export declare const evaluateTopLevelReadFn: (context: MachineContext) => Promise<boolean | undefined>;
+export declare const evaluateTopLevelWriteFn: (context: MachineContext) => Promise<boolean | undefined>;
+export { checkFieldsPropertyExists } from '../../commonValidators';
+//# sourceMappingURL=validators.d.ts.map

package/dist/utils/roles/machines/read/C/validators.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validators.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/C/validators.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AAMhD,eAAO,MAAM,sBAAsB,GAAU,SAAS,cAAc,iCAKnE,CAAA;AAED,eAAO,MAAM,uBAAuB,GAAU,SAAS,cAAc,iCAKpE,CAAA;AAED,OAAO,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAA"}

package/dist/utils/roles/machines/read/C/validators.js

@@ -0,0 +1,29 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkFieldsPropertyExists = exports.evaluateTopLevelWriteFn = exports.evaluateTopLevelReadFn = void 0;
+const commonValidators_1 = require("../../commonValidators");
+const evaluateTopLevelReadFn = (context) => __awaiter(void 0, void 0, void 0, function* () {
+    if (context.params.type !== 'read') {
+        return false;
+    }
+    return (0, commonValidators_1.evaluateTopLevelPermissionsFn)(context, 'read');
+});
+exports.evaluateTopLevelReadFn = evaluateTopLevelReadFn;
+const evaluateTopLevelWriteFn = (context) => __awaiter(void 0, void 0, void 0, function* () {
+    if (!['read', 'write'].includes(context.params.type)) {
+        return undefined;
+    }
+    return (0, commonValidators_1.evaluateTopLevelPermissionsFn)(context, 'write');
+});
+exports.evaluateTopLevelWriteFn = evaluateTopLevelWriteFn;
+var commonValidators_2 = require("../../commonValidators");
+Object.defineProperty(exports, "checkFieldsPropertyExists", { enumerable: true, get: function () { return commonValidators_2.checkFieldsPropertyExists; } });

package/dist/utils/roles/machines/read/D/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/D/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAIxC,eAAO,MAAM,aAAa,EAAE,MAqB3B,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/D/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAkB,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAqBxD,eAAO,MAAM,aAAa,EAAE,MAa3B,CAAA"}

package/dist/utils/roles/machines/read/D/index.js

@@ -12,6 +12,16 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.STEP_D_STATES = void 0;
 const utils_1 = require("../../utils");
 const validators_1 = require("./validators");
+const runCheckIsValidFieldName = (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, endValidation }) {
+    (0, utils_1.logMachineInfo)({
+        enabled: context.enableLog,
+        machine: 'D',
+        step: 2,
+        stepName: 'checkIsValidFieldName'
+    });
+    const document = (0, validators_1.checkIsValidFieldNameFn)(context);
+    return endValidation({ success: !!Object.keys(document).length, document });
+});
 exports.STEP_D_STATES = {
     checkAdditionalFields: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, endValidation }) {
         (0, utils_1.logMachineInfo)({
@@ -21,16 +31,8 @@ exports.STEP_D_STATES = {
             stepName: 'checkAdditionalFields'
         });
         const check = (0, validators_1.checkAdditionalFieldsFn)(context);
-        return check ? next('checkIsValidFieldName') : endValidation({ success: false });
+        return check ? next('evaluateRead') : endValidation({ success: false });
     }),
-    checkIsValidFieldName: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, endValidation }) {
-        (0, utils_1.logMachineInfo)({
-            enabled: context.enableLog,
-            machine: 'D',
-            step: 2,
-            stepName: 'checkIsValidFieldName'
-        });
-        const document = (0, validators_1.checkIsValidFieldNameFn)(context);
-        return endValidation({ success: !!Object.keys(document).length, document });
-    })
+    evaluateRead: runCheckIsValidFieldName,
+    checkIsValidFieldName: runCheckIsValidFieldName
 };

package/dist/utils/rules.d.ts

@@ -1,2 +1,2 @@
-export declare function expandQuery(template: Record<string, unknown>, objs: Record<string, unknown>): any;
+export declare function expandQuery(template: Record<string, unknown>, objs: Record<string, unknown>): Record<string, unknown>;
 //# sourceMappingURL=rules.d.ts.map

package/dist/utils/rules.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"rules.d.ts","sourceRoot":"","sources":["../../src/utils/rules.ts"],"names":[],"mappings":"AAOA,wBAAgB,WAAW,CACzB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,OAqB9B"}
+{"version":3,"file":"rules.d.ts","sourceRoot":"","sources":["../../src/utils/rules.ts"],"names":[],"mappings":"AAkCA,wBAAgB,WAAW,CACzB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAES,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAC9D"}

package/dist/utils/rules.js

@@ -5,23 +5,32 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.expandQuery = expandQuery;
 const get_1 = __importDefault(require("lodash/get"));
-const removeExtraColons = (val) => {
-    return val === null || val === void 0 ? void 0 : val.toString().replace(/:+/g, ":");
+const resolvePlaceholder = (value, objs) => {
+    if (!value.startsWith('%%'))
+        return value;
+    const path = value.slice(2);
+    const [rootKey, ...rest] = path.split('.');
+    const rootToken = `%%${rootKey}`;
+    const rootValue = objs[rootToken];
+    if (!rest.length) {
+        return rootValue === undefined ? value : rootValue;
+    }
+    const resolved = (0, get_1.default)(rootValue, rest.join('.'));
+    return resolved === undefined ? value : resolved;
 };
-// Funzione che espande dinamicamente i placeholder con supporto per percorsi annidati
+const expandValue = (input, objs) => {
+    if (Array.isArray(input)) {
+        return input.map((item) => expandValue(item, objs));
+    }
+    if (input && typeof input === 'object') {
+        return Object.fromEntries(Object.entries(input).map(([key, val]) => [key, expandValue(val, objs)]));
+    }
+    if (typeof input === 'string') {
+        return resolvePlaceholder(input, objs);
+    }
+    return input;
+};
+// Espande dinamicamente i placeholder con supporto per array e percorsi annidati
 function expandQuery(template, objs) {
-    let expandedQuery = JSON.stringify(template); // Converti l'oggetto in una stringa per sostituire i placeholder
-    const regex = /:\s*"%%([a-zA-Z0-9_.]+)"/g;
-    Object.keys(objs).forEach(() => {
-        // Espandi tutti i placeholder %%values.<nested.property>
-        const callback = (match, path) => {
-            const value = (0, get_1.default)(objs, `%%${path}`); // Recupera il valore annidato da values
-            const finalValue = typeof value === 'string' ? `"${value}"` : value && JSON.stringify(value);
-            // TODO tolto i primi : creava questo tipo di oggetto {"userId"::"%%user.id"}
-            const val = `:${value !== undefined ? finalValue : match}`; // Sostituisci se esiste, altrimenti lascia il placeholder
-            return removeExtraColons(val);
-        };
-        expandedQuery = expandedQuery.replace(regex, callback);
-    });
-    return JSON.parse(expandedQuery); // Converti la stringa JSON di nuovo in un oggetto
+    return expandValue(template, objs);
 }

package/jest.config.ts

@@ -4,21 +4,11 @@ module.exports = {
     '^.+\\.[tj]s$': [
       'ts-jest',
       {
-        tsconfig: './tsconfig.json'
+        tsconfig: '<rootDir>/tsconfig.json'
       }
     ]
   },
-  collectCoverage: false,
-  collectCoverageFrom: ['./**/*.ts'],
-  coverageDirectory: 'coverage',
-  coverageThreshold: {
-    global: {
-      branches: 50,
-      functions: 90,
-      lines: 90,
-      statements: 90
-    }
-  },
+  setupFilesAfterEnv: ['<rootDir>/jest.setup.ts'],
   testEnvironment: 'node',
   testMatch: ['./**/*.test.ts']
 }

package/jest.setup.ts

@@ -0,0 +1,28 @@
+import { Blob as NodeBlob } from 'buffer'
+import path from 'node:path'
+
+if (!process.env.FLOWERBASE_APP_PATH) {
+  process.env.FLOWERBASE_APP_PATH = path.resolve(__dirname, '../../tests/e2e/app')
+}
+
+const BaseBlob = typeof globalThis.Blob !== 'undefined' ? globalThis.Blob : NodeBlob
+
+type PolyfillFilePropertyBag = FilePropertyBag & {
+  name?: string
+}
+
+class FilePolyfill extends BaseBlob {
+  lastModified: number
+  name: string
+
+  constructor(bits?: Iterable<BlobPart>, options?: FilePropertyBag) {
+    super(bits, options as FilePropertyBag)
+    const fileOptions = options as PolyfillFilePropertyBag
+    this.name = fileOptions?.name ?? ''
+    this.lastModified = fileOptions?.lastModified ?? Date.now()
+  }
+}
+
+if (typeof globalThis.File === 'undefined') {
+  globalThis.File = FilePolyfill as unknown as typeof File
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flowerforce/flowerbase",
-  "version": "1.2.0",
+  "version": "1.2.1-beta.10",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -25,7 +25,6 @@
     "@fastify/mongodb": "^9.0.1",
     "@fastify/swagger": "^9.5.1",
     "@fastify/swagger-ui": "^5.2.3",
-    "@sendgrid/mail": "^8.1.4",
     "aws-sdk": "^2.1692.0",
     "bson": "^6.8.0",
     "dotenv": "^16.4.7",

package/src/auth/controller.ts

@@ -1,8 +1,9 @@
 import { ObjectId } from 'bson'
 import { FastifyInstance } from 'fastify'
-import { AUTH_CONFIG, DB_NAME } from '../constants'
+import { AUTH_CONFIG, DB_NAME, DEFAULT_CONFIG } from '../constants'
 import { SessionCreatedDto } from './dtos'
 import { AUTH_ENDPOINTS, AUTH_ERRORS } from './utils'
+import { hashToken } from '../utils/crypto'
 
 const HANDLER_TYPE = 'preHandler'
 
@@ -12,9 +13,19 @@ const HANDLER_TYPE = 'preHandler'
  * @param {FastifyInstance} app - The Fastify instance.
  */
 export async function authController(app: FastifyInstance) {
-  const { authCollection, userCollection } = AUTH_CONFIG
+  const { authCollection, userCollection, refreshTokensCollection } = AUTH_CONFIG
 
   const db = app.mongo.client.db(DB_NAME)
+  const refreshTokenTtlMs = DEFAULT_CONFIG.REFRESH_TOKEN_TTL_DAYS * 24 * 60 * 60 * 1000
+
+  try {
+    await db.collection(refreshTokensCollection).createIndex(
+      { expiresAt: 1 },
+      { expireAfterSeconds: 0 }
+    )
+  } catch (error) {
+    console.error('Failed to ensure refresh token TTL index', error)
+  }
 
   app.addHook(HANDLER_TYPE, app.jwtAuthentication)
 
@@ -26,6 +37,9 @@ export async function authController(app: FastifyInstance) {
    * @returns {Promise<Object>} A promise resolving with the user's profile data.
    */
   app.get(AUTH_ENDPOINTS.PROFILE, async function (req) {
+    if (req.user.typ !== 'access') {
+      throw new Error('Access token required')
+    }
     const user = await db
       .collection<Record<string, unknown>>(authCollection)
       .findOne({ _id: ObjectId.createFromHexString(req.user.id) })
@@ -56,6 +70,21 @@ export async function authController(app: FastifyInstance) {
         throw new Error(AUTH_ERRORS.INVALID_TOKEN)
       }
 
+      const authHeader = req.headers.authorization
+      if (!authHeader?.startsWith('Bearer ')) {
+        throw new Error(AUTH_ERRORS.INVALID_TOKEN)
+      }
+      const refreshToken = authHeader.slice('Bearer '.length).trim()
+      const refreshTokenHash = hashToken(refreshToken)
+      const storedToken = await db.collection(refreshTokensCollection).findOne({
+        tokenHash: refreshTokenHash,
+        revokedAt: null,
+        expiresAt: { $gt: new Date() }
+      })
+      if (!storedToken) {
+        throw new Error(AUTH_ERRORS.INVALID_TOKEN)
+      }
+
       const auth_user = await db
         ?.collection(authCollection)
         .findOne({ _id: new this.mongo.ObjectId(req.user.sub) })
@@ -82,8 +111,45 @@ export async function authController(app: FastifyInstance) {
      */
   app.delete(
     AUTH_ENDPOINTS.SESSION,
-    async function () {
-      return { status: "ok" }
+    async function (req, res) {
+      const authHeader = req.headers.authorization
+      if (!authHeader?.startsWith('Bearer ')) {
+        res.status(204)
+        return
+      }
+      const refreshToken = authHeader.slice('Bearer '.length).trim()
+      const refreshTokenHash = hashToken(refreshToken)
+      const now = new Date()
+      const expiresAt = new Date(Date.now() + refreshTokenTtlMs)
+      const updateResult = await db.collection(refreshTokensCollection).findOneAndUpdate(
+        { tokenHash: refreshTokenHash },
+        {
+          $set: {
+            revokedAt: now,
+            expiresAt
+          }
+        },
+        { returnDocument: 'after' }
+      )
+
+      const fromToken = req.user?.sub
+      let userId = updateResult?.value?.userId
+      if (!userId && fromToken) {
+        try {
+          userId = new ObjectId(fromToken)
+        } catch {
+          userId = fromToken
+        }
+      }
+
+      if (userId && authCollection) {
+        await db.collection(authCollection).updateOne(
+          { _id: userId },
+          { $set: { lastLogoutAt: now } }
+        )
+      }
+
+      return { status: 'ok' }
     }
   )
 }