@flowerforce/flowerbase 1.2.1-beta.10 → 1.2.1-beta.12

package/dist/auth/providers/local-userpass/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAmCzC;;;;GAIG;AACH,wBAAsB,uBAAuB,CAAC,GAAG,EAAE,eAAe,iBA+RjE"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAqCzC;;;;GAIG;AACH,wBAAsB,uBAAuB,CAAC,GAAG,EAAE,eAAe,iBAgUjE"}

package/dist/auth/providers/local-userpass/controller.js

@@ -109,6 +109,38 @@ function localUserPassController(app) {
             res === null || res === void 0 ? void 0 : res.status(201);
             return { userId: result.insertedId.toString() };
         }));
+        /**
+         * Endpoint for confirming a user registration.
+         *
+         * @route {POST} /confirm
+         * @param {ConfirmUserDto} req - The request object with confirmation data.
+         * @returns {Promise<Object>} A promise resolving with confirmation status.
+         */
+        app.post(utils_1.AUTH_ENDPOINTS.CONFIRM, {
+            schema: utils_1.CONFIRM_USER_SCHEMA
+        }, (req, res) => __awaiter(this, void 0, void 0, function* () {
+            const key = `confirm:${req.ip}`;
+            if (isRateLimited(key, resetMaxAttempts, rateLimitWindowMs)) {
+                res.status(429).send({ message: 'Too many requests' });
+                return;
+            }
+            const existing = yield db.collection(authCollection).findOne({
+                confirmationToken: req.body.token,
+                confirmationTokenId: req.body.tokenId
+            });
+            if (!existing) {
+                res.status(500);
+                throw new Error(utils_1.AUTH_ERRORS.INVALID_TOKEN);
+            }
+            if (existing.status !== 'confirmed') {
+                yield db.collection(authCollection).updateOne({ _id: existing._id }, {
+                    $set: { status: 'confirmed' },
+                    $unset: { confirmationToken: '', confirmationTokenId: '' }
+                });
+            }
+            res.status(200);
+            return { status: 'confirmed' };
+        }));
         /**
          * Endpoint for user login.
          *
@@ -142,17 +174,8 @@ function localUserPassController(app) {
                     : {};
                 authUser === null || authUser === void 0 ? true : delete authUser.password;
                 const userWithCustomData = Object.assign(Object.assign({}, authUser), { user_data: Object.assign(Object.assign({}, (user || {})), { _id: authUser._id }), data: { email: authUser.email }, id: authUser._id.toString() });
-                if (authUser && authUser.status === 'pending') {
-                    try {
-                        yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ _id: authUser._id }, {
-                            $set: {
-                                status: 'confirmed'
-                            }
-                        }));
-                    }
-                    catch (error) {
-                        console.log('>>> 🚀 ~ localUserPassController ~ error:', error);
-                    }
+                if (authUser && authUser.status !== 'confirmed') {
+                    throw new Error(utils_1.AUTH_ERRORS.USER_NOT_CONFIRMED);
                 }
                 const refreshToken = this.createRefreshToken(userWithCustomData);
                 const refreshTokenHash = (0, crypto_1.hashToken)(refreshToken);

package/dist/auth/providers/local-userpass/dtos.d.ts

@@ -41,4 +41,10 @@ export interface ConfirmResetPasswordDto {
         password: string;
     };
 }
+export interface ConfirmUserDto {
+    Body: {
+        token: string;
+        tokenId: string;
+    };
+}
 //# sourceMappingURL=dtos.d.ts.map

package/dist/auth/providers/local-userpass/dtos.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"dtos.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/dtos.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG;IAC5B,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,MAAM,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,eAAe,CAAA;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,YAAY,CAAA;IAClB,KAAK,EAAE,eAAe,GAAG,gBAAgB,CAAA;CAC1C;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;CACF;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,SAAS,CAAC,EAAE,OAAO,EAAE,CAAA;KACtB,CAAA;CACF;AAED,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,OAAO,EAAE,MAAM,CAAA;QACf,QAAQ,EAAE,MAAM,CAAA;KACjB,CAAA;CACF"}
+{"version":3,"file":"dtos.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/dtos.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG;IAC5B,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,MAAM,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,eAAe,CAAA;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,YAAY,CAAA;IAClB,KAAK,EAAE,eAAe,GAAG,gBAAgB,CAAA;CAC1C;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;CACF;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,SAAS,CAAC,EAAE,OAAO,EAAE,CAAA;KACtB,CAAA;CACF;AAED,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,OAAO,EAAE,MAAM,CAAA;QACf,QAAQ,EAAE,MAAM,CAAA;KACjB,CAAA;CACF;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,OAAO,EAAE,MAAM,CAAA;KAChB,CAAA;CACF"}

package/dist/auth/utils.d.ts

@@ -72,6 +72,20 @@ export declare const CONFIRM_RESET_SCHEMA: {
         required: string[];
     };
 };
+export declare const CONFIRM_USER_SCHEMA: {
+    body: {
+        type: string;
+        properties: {
+            token: {
+                type: string;
+            };
+            tokenId: {
+                type: string;
+            };
+        };
+        required: string[];
+    };
+};
 export declare const RESET_SCHEMA: {
     body: {
         type: string;
@@ -108,6 +122,7 @@ export declare const REGISTRATION_SCHEMA: {
 export declare enum AUTH_ENDPOINTS {
     LOGIN = "/login",
     REGISTRATION = "/register",
+    CONFIRM = "/confirm",
     PROFILE = "/profile",
     SESSION = "/session",
     RESET = "/reset/send",
@@ -119,7 +134,8 @@ export declare enum AUTH_ERRORS {
     INVALID_CREDENTIALS = "Invalid credentials",
     INVALID_TOKEN = "Invalid refresh token provided",
     INVALID_RESET_PARAMS = "Invalid token or tokenId provided",
-    MISSING_RESET_FUNCTION = "Missing reset function"
+    MISSING_RESET_FUNCTION = "Missing reset function",
+    USER_NOT_CONFIRMED = "User not confirmed"
 }
 export interface AuthConfig {
     auth_collection?: string;
@@ -148,6 +164,7 @@ interface CustomFunction {
 }
 export interface Config {
     autoConfirm: boolean;
+    confirmationFunctionName?: string;
     resetFunctionName: string;
     resetPasswordUrl: string;
     runConfirmationFunction: boolean;

package/dist/auth/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;CAcxB,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;CAa7B,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;CAe7B,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;CAUhC,CAAA;AAED,eAAO,MAAM,YAAY;;;;;;;;;;;;;CAAoB,CAAA;AAE7C,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;CAc/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,UAAU,gBAAgB;IAC1B,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;IAC1D,sBAAsB,2BAA2B;CAClD;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;CAClC;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAMD;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAGjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAGrC,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,eAAW,WAG3C,CAAA"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;CAcxB,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;CAa7B,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;CAe7B,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;CAUhC,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;CAS/B,CAAA;AAED,eAAO,MAAM,YAAY;;;;;;;;;;;;;CAAoB,CAAA;AAE7C,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;CAc/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,UAAU,gBAAgB;IAC1B,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;IAC1D,sBAAsB,2BAA2B;IACjD,kBAAkB,uBAAuB;CAC1C;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;CAClC;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAMD;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAGjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAGrC,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,eAAW,WAG3C,CAAA"}

package/dist/auth/utils.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.generatePassword = exports.loadCustomUserData = exports.loadAuthConfig = exports.AUTH_ERRORS = exports.AUTH_ENDPOINTS = exports.REGISTRATION_SCHEMA = exports.RESET_SCHEMA = exports.CONFIRM_RESET_SCHEMA = exports.RESET_CALL_SCHEMA = exports.RESET_SEND_SCHEMA = exports.LOGIN_SCHEMA = void 0;
+exports.generatePassword = exports.loadCustomUserData = exports.loadAuthConfig = exports.AUTH_ERRORS = exports.AUTH_ENDPOINTS = exports.REGISTRATION_SCHEMA = exports.RESET_SCHEMA = exports.CONFIRM_USER_SCHEMA = exports.CONFIRM_RESET_SCHEMA = exports.RESET_CALL_SCHEMA = exports.RESET_SEND_SCHEMA = exports.LOGIN_SCHEMA = void 0;
 const crypto_1 = __importDefault(require("crypto"));
 const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
@@ -64,6 +64,16 @@ exports.CONFIRM_RESET_SCHEMA = {
         required: ['password', 'token', 'tokenId']
     }
 };
+exports.CONFIRM_USER_SCHEMA = {
+    body: {
+        type: 'object',
+        properties: {
+            token: { type: 'string' },
+            tokenId: { type: 'string' }
+        },
+        required: ['token', 'tokenId']
+    }
+};
 exports.RESET_SCHEMA = exports.RESET_SEND_SCHEMA;
 exports.REGISTRATION_SCHEMA = {
     body: {
@@ -84,6 +94,7 @@ var AUTH_ENDPOINTS;
 (function (AUTH_ENDPOINTS) {
     AUTH_ENDPOINTS["LOGIN"] = "/login";
     AUTH_ENDPOINTS["REGISTRATION"] = "/register";
+    AUTH_ENDPOINTS["CONFIRM"] = "/confirm";
     AUTH_ENDPOINTS["PROFILE"] = "/profile";
     AUTH_ENDPOINTS["SESSION"] = "/session";
     AUTH_ENDPOINTS["RESET"] = "/reset/send";
@@ -97,6 +108,7 @@ var AUTH_ERRORS;
     AUTH_ERRORS["INVALID_TOKEN"] = "Invalid refresh token provided";
     AUTH_ERRORS["INVALID_RESET_PARAMS"] = "Invalid token or tokenId provided";
     AUTH_ERRORS["MISSING_RESET_FUNCTION"] = "Missing reset function";
+    AUTH_ERRORS["USER_NOT_CONFIRMED"] = "User not confirmed";
 })(AUTH_ERRORS || (exports.AUTH_ERRORS = AUTH_ERRORS = {}));
 const resolveAppPath = () => { var _a, _b, _c; return (_c = (_a = process.env.FLOWERBASE_APP_PATH) !== null && _a !== void 0 ? _a : (_b = require.main) === null || _b === void 0 ? void 0 : _b.path) !== null && _c !== void 0 ? _c : process.cwd(); };
 /**

package/dist/constants.d.ts

@@ -28,6 +28,7 @@ export declare const AUTH_CONFIG: {
     resetPasswordCollection: string;
     refreshTokensCollection: string;
     resetPasswordConfig: import("./auth/utils").Config;
+    localUserpassConfig: import("./auth/utils").Config;
     user_id_field: string;
     on_user_creation_function_name: string;
     providers: {

package/dist/constants.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,IAAI,CAAA;AAUpC,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;iBAiBsB,eAAe,EAAE;;CAEjE,CAAA;AACD,eAAO,MAAM,WAAW,QAA8C,CAAA;AACtE,eAAO,MAAM,YAAY,QAA8B,CAAA;AACvD,eAAO,MAAM,OAAO,QAAgB,CAAA;AAGpC,eAAO,MAAM,WAAW;;;;;;;;;;;;;CAWvB,CAAA;AAID,eAAO,MAAM,SAAS;;;CAGrB,CAAA"}
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,IAAI,CAAA;AAUpC,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;iBAiBsB,eAAe,EAAE;;CAEjE,CAAA;AACD,eAAO,MAAM,WAAW,QAA8C,CAAA;AACtE,eAAO,MAAM,YAAY,QAA8B,CAAA;AACvD,eAAO,MAAM,OAAO,QAAgB,CAAA;AAGpC,eAAO,MAAM,WAAW;;;;;;;;;;;;;;CAYvB,CAAA;AAID,eAAO,MAAM,SAAS;;;CAGrB,CAAA"}

package/dist/constants.js

@@ -10,12 +10,12 @@ var __rest = (this && this.__rest) || function (s, e) {
         }
     return t;
 };
-var _a, _b;
+var _a, _b, _c;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.S3_CONFIG = exports.AUTH_CONFIG = exports.DB_NAME = exports.HTTPS_SCHEMA = exports.API_VERSION = exports.DEFAULT_CONFIG = void 0;
 const utils_1 = require("./auth/utils");
 const { database_name, collection_name = 'users', user_id_field = 'id', on_user_creation_function_name } = (0, utils_1.loadCustomUserData)();
-const _c = (0, utils_1.loadAuthConfig)(), { auth_collection = 'auth_users' } = _c, configuration = __rest(_c, ["auth_collection"]);
+const _d = (0, utils_1.loadAuthConfig)(), { auth_collection = 'auth_users' } = _d, configuration = __rest(_d, ["auth_collection"]);
 exports.DEFAULT_CONFIG = {
     PORT: Number(process.env.PORT) || 3000,
     MONGODB_URL: process.env.MONGODB_URL || '',
@@ -46,10 +46,11 @@ exports.AUTH_CONFIG = {
     resetPasswordCollection: 'reset_password_requests',
     refreshTokensCollection: 'auth_refresh_tokens',
     resetPasswordConfig: (_a = configuration['local-userpass']) === null || _a === void 0 ? void 0 : _a.config,
+    localUserpassConfig: (_b = configuration['local-userpass']) === null || _b === void 0 ? void 0 : _b.config,
     user_id_field,
     on_user_creation_function_name,
     providers: {
-        "custom-function": (_b = configuration['custom-function']) === null || _b === void 0 ? void 0 : _b.config
+        "custom-function": (_c = configuration['custom-function']) === null || _c === void 0 ? void 0 : _c.config
     }
 };
 exports.S3_CONFIG = {

package/dist/shared/handleUserRegistration.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handleUserRegistration.d.ts","sourceRoot":"","sources":["../../src/shared/handleUserRegistration.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,sBAAsB,EAAE,MAAM,uCAAuC,CAAA;AAE9E;;;;;;GAMG;AACH,QAAA,MAAM,sBAAsB,EAAE,sBAmD7B,CAAA;AAED,eAAe,sBAAsB,CAAA"}
+{"version":3,"file":"handleUserRegistration.d.ts","sourceRoot":"","sources":["../../src/shared/handleUserRegistration.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,sBAAsB,EAAE,MAAM,uCAAuC,CAAA;AAE9E;;;;;;GAMG;AACH,QAAA,MAAM,sBAAsB,EAAE,sBAkI7B,CAAA;AAED,eAAe,sBAAsB,CAAA"}

package/dist/shared/handleUserRegistration.js

@@ -10,6 +10,8 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 const constants_1 = require("../constants");
+const state_1 = require("../state");
+const context_1 = require("../utils/context");
 const crypto_1 = require("../utils/crypto");
 /**
  * Register user
@@ -19,11 +21,16 @@ const crypto_1 = require("../utils/crypto");
  * @returns {Promise<InsertOneResult<Document>>} A promise resolving to the result of the insert operation.
  */
 const handleUserRegistration = (app, opt) => (_a) => __awaiter(void 0, [_a], void 0, function* ({ email, password }) {
+    var _b;
     const { run_as_system, skipUserCheck, provider } = opt !== null && opt !== void 0 ? opt : {};
     if (!run_as_system) {
         throw new Error('only run_as_system');
     }
     const { authCollection } = constants_1.AUTH_CONFIG;
+    const localUserpassConfig = constants_1.AUTH_CONFIG.localUserpassConfig;
+    const autoConfirm = (localUserpassConfig === null || localUserpassConfig === void 0 ? void 0 : localUserpassConfig.autoConfirm) === true;
+    const runConfirmationFunction = (localUserpassConfig === null || localUserpassConfig === void 0 ? void 0 : localUserpassConfig.runConfirmationFunction) === true;
+    const confirmationFunctionName = localUserpassConfig === null || localUserpassConfig === void 0 ? void 0 : localUserpassConfig.confirmationFunctionName;
     const mongo = app === null || app === void 0 ? void 0 : app.mongo;
     const db = mongo.client.db(constants_1.DB_NAME);
     const hashedPassword = yield (0, crypto_1.hashPassword)(password);
@@ -34,7 +41,7 @@ const handleUserRegistration = (app, opt) => (_a) => __awaiter(void 0, [_a], voi
     const result = yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).insertOne({
         email,
         password: hashedPassword,
-        status: skipUserCheck ? 'confirmed' : 'pending',
+        status: skipUserCheck || autoConfirm ? 'confirmed' : 'pending',
         createdAt: new Date(),
         custom_data: {
         // TODO: aggiungere dati personalizzati alla registrazione
@@ -58,6 +65,64 @@ const handleUserRegistration = (app, opt) => (_a) => __awaiter(void 0, [_a], voi
             ]
         }
     }));
+    if (!(result === null || result === void 0 ? void 0 : result.insertedId) || skipUserCheck || autoConfirm) {
+        return result;
+    }
+    if (!runConfirmationFunction) {
+        throw new Error('Missing confirmation function');
+    }
+    if (!confirmationFunctionName) {
+        throw new Error('Missing confirmation function name');
+    }
+    const functionsList = state_1.StateManager.select('functions');
+    const services = state_1.StateManager.select('services');
+    const confirmationFunction = functionsList[confirmationFunctionName];
+    if (!confirmationFunction) {
+        throw new Error(`Confirmation function not found: ${confirmationFunctionName}`);
+    }
+    const token = (0, crypto_1.generateToken)();
+    const tokenId = (0, crypto_1.generateToken)();
+    yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ _id: result.insertedId }, {
+        $set: {
+            confirmationToken: token,
+            confirmationTokenId: tokenId
+        }
+    }));
+    let confirmationStatus = 'fail';
+    try {
+        const response = yield (0, context_1.GenerateContext)({
+            args: [{
+                    token,
+                    tokenId,
+                    username: email
+                }],
+            app,
+            rules: {},
+            user: {},
+            currentFunction: confirmationFunction,
+            functionsList,
+            services,
+            runAsSystem: true
+        });
+        confirmationStatus = (_b = response === null || response === void 0 ? void 0 : response.status) !== null && _b !== void 0 ? _b : 'fail';
+    }
+    catch (_c) {
+        confirmationStatus = 'fail';
+    }
+    if (confirmationStatus === 'success') {
+        yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ _id: result.insertedId }, {
+            $set: { status: 'confirmed' },
+            $unset: { confirmationToken: '', confirmationTokenId: '' }
+        }));
+        return result;
+    }
+    if (confirmationStatus === 'pending') {
+        return result;
+    }
+    yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ _id: result.insertedId }, {
+        $set: { status: 'failed' },
+        $unset: { confirmationToken: '', confirmationTokenId: '' }
+    }));
     return result;
 });
 exports.default = handleUserRegistration;

package/dist/utils/context/helpers.d.ts

@@ -23,10 +23,10 @@ export declare const generateContextData: ({ user, services, app, rules, current
             method?: string | undefined;
             url?: string | undefined;
             host?: string | undefined;
-            id?: string | undefined;
             ips?: string[];
             hostname?: string | undefined;
             ip?: string | undefined;
+            id?: string | undefined;
         };
         user: unknown;
         environment: {
@@ -69,16 +69,16 @@ export declare const generateContextData: ({ user, services, app, rules, current
                         message: string;
                     };
                 } | import("undici").Dispatcher.ResponseData<T>>;
-            } | {
-                emailPasswordAuth: {
-                    registerUser: ReturnType<import("../../shared/models/handleUserRegistration.model").HandleUserRegistration>;
-                };
             } | {
                 lambda: (region: string) => import("aws-sdk").Lambda & {
                     Invoke: (...args: Parameters<import("aws-sdk").Lambda["invoke"]>) => Promise<import("aws-sdk/lib/request").PromiseResult<import("aws-sdk/clients/lambda").InvocationResponse, import("aws-sdk").AWSError>>;
                     InvokeAsync: import("aws-sdk").Lambda["invokeAsync"];
                 };
                 s3: (region: string) => import("aws-sdk").S3;
+            } | {
+                emailPasswordAuth: {
+                    registerUser: ReturnType<import("../../shared/models/handleUserRegistration.model").HandleUserRegistration>;
+                };
             } | undefined;
         };
         functions: {

package/dist/utils/context/helpers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/utils/context/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAE3C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAA;AAEvD;;;;;;;;;GASG;AACH,eAAO,MAAM,mBAAmB,GAAI,0FASjC,yBAAyB;;;uBAGT,SAAS;yBAGP,SAAS;;;;;;;;;;;;;;;;;;uBAcb,MAAM;;;+BAGE,MAAM,OAAO,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;6BAlCG,GAE3C;;;;;;;4BAiDgB,MAAM,OAAO,aAAa,WAAW,SAAS;;;CAclE,CAAA"}
+{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/utils/context/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAE3C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAA;AAEvD;;;;;;;;;GASG;AACH,eAAO,MAAM,mBAAmB,GAAI,0FASjC,yBAAyB;;;uBAGT,SAAS;yBAGP,SAAS;;;;;;;;;;;;;;;;;;uBAcb,MAAM;;;+BAGE,MAAM,OAAO,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;6BAlCG,GAE3C;;;;;;;;;;;4BAiDgB,MAAM,OAAO,aAAa,WAAW,SAAS;;;CAclE,CAAA"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flowerforce/flowerbase",
-  "version": "1.2.1-beta.10",
+  "version": "1.2.1-beta.12",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/auth/providers/local-userpass/controller.ts

@@ -1,6 +1,6 @@
 import { FastifyInstance } from 'fastify'
+import { ObjectId } from 'mongodb'
 import { AUTH_CONFIG, DB_NAME, DEFAULT_CONFIG } from '../../../constants'
-import { services } from '../../../services'
 import handleUserRegistration from '../../../shared/handleUserRegistration'
 import { PROVIDER } from '../../../shared/models/handleUserRegistration.model'
 import { StateManager } from '../../../state'
@@ -10,6 +10,7 @@ import {
   AUTH_ENDPOINTS,
   AUTH_ERRORS,
   CONFIRM_RESET_SCHEMA,
+  CONFIRM_USER_SCHEMA,
   LOGIN_SCHEMA,
   REGISTRATION_SCHEMA,
   RESET_CALL_SCHEMA,
@@ -17,6 +18,7 @@ import {
 } from '../../utils'
 import {
   ConfirmResetPasswordDto,
+  ConfirmUserDto,
   LoginDto,
   RegistrationDto,
   ResetPasswordCallDto,
@@ -142,6 +144,50 @@ export async function localUserPassController(app: FastifyInstance) {
     }
   )
 
+  /**
+   * Endpoint for confirming a user registration.
+   *
+   * @route {POST} /confirm
+   * @param {ConfirmUserDto} req - The request object with confirmation data.
+   * @returns {Promise<Object>} A promise resolving with confirmation status.
+   */
+  app.post<ConfirmUserDto>(
+    AUTH_ENDPOINTS.CONFIRM,
+    {
+      schema: CONFIRM_USER_SCHEMA
+    },
+    async (req, res) => {
+      const key = `confirm:${req.ip}`
+      if (isRateLimited(key, resetMaxAttempts, rateLimitWindowMs)) {
+        res.status(429).send({ message: 'Too many requests' })
+        return
+      }
+
+      const existing = await db.collection(authCollection!).findOne({
+        confirmationToken: req.body.token,
+        confirmationTokenId: req.body.tokenId
+      }) as { _id: ObjectId; status?: string } | null
+
+      if (!existing) {
+        res.status(500)
+        throw new Error(AUTH_ERRORS.INVALID_TOKEN)
+      }
+
+      if (existing.status !== 'confirmed') {
+        await db.collection(authCollection!).updateOne(
+          { _id: existing._id },
+          {
+            $set: { status: 'confirmed' },
+            $unset: { confirmationToken: '', confirmationTokenId: '' }
+          }
+        )
+      }
+
+      res.status(200)
+      return { status: 'confirmed' }
+    }
+  )
+
   /**
    * Endpoint for user login.
    *
@@ -192,19 +238,8 @@ export async function localUserPassController(app: FastifyInstance) {
         id: authUser._id.toString()
       }
 
-      if (authUser && authUser.status === 'pending') {
-        try {
-          await db?.collection(authCollection!).updateOne(
-            { _id: authUser._id },
-            {
-              $set: {
-                status: 'confirmed'
-              }
-            }
-          )
-        } catch (error) {
-          console.log('>>> 🚀 ~ localUserPassController ~ error:', error)
-        }
+      if (authUser && authUser.status !== 'confirmed') {
+        throw new Error(AUTH_ERRORS.USER_NOT_CONFIRMED)
       }
 
       const refreshToken = this.createRefreshToken(userWithCustomData)

package/src/auth/providers/local-userpass/dtos.ts

@@ -49,3 +49,10 @@ export interface ConfirmResetPasswordDto {
     password: string
   }
 }
+
+export interface ConfirmUserDto {
+  Body: {
+    token: string
+    tokenId: string
+  }
+}

package/src/auth/utils.ts

@@ -64,6 +64,17 @@ export const CONFIRM_RESET_SCHEMA = {
   }
 }
 
+export const CONFIRM_USER_SCHEMA = {
+  body: {
+    type: 'object',
+    properties: {
+      token: { type: 'string' },
+      tokenId: { type: 'string' }
+    },
+    required: ['token', 'tokenId']
+  }
+}
+
 export const RESET_SCHEMA = RESET_SEND_SCHEMA
 
 export const REGISTRATION_SCHEMA = {
@@ -85,6 +96,7 @@ export const REGISTRATION_SCHEMA = {
 export enum AUTH_ENDPOINTS {
   LOGIN = '/login',
   REGISTRATION = '/register',
+  CONFIRM = '/confirm',
   PROFILE = '/profile',
   SESSION = '/session',
   RESET = '/reset/send',
@@ -97,7 +109,8 @@ export enum AUTH_ERRORS {
   INVALID_CREDENTIALS = 'Invalid credentials',
   INVALID_TOKEN = 'Invalid refresh token provided',
   INVALID_RESET_PARAMS = 'Invalid token or tokenId provided',
-  MISSING_RESET_FUNCTION = 'Missing reset function'
+  MISSING_RESET_FUNCTION = 'Missing reset function',
+  USER_NOT_CONFIRMED = 'User not confirmed'
 }
 
 export interface AuthConfig {
@@ -130,6 +143,7 @@ interface CustomFunction {
 
 export interface Config {
   autoConfirm: boolean
+  confirmationFunctionName?: string
   resetFunctionName: string
   resetPasswordUrl: string
   runConfirmationFunction: boolean

package/src/constants.ts

@@ -40,6 +40,7 @@ export const AUTH_CONFIG = {
   resetPasswordCollection: 'reset_password_requests',
   refreshTokensCollection: 'auth_refresh_tokens',
   resetPasswordConfig: configuration['local-userpass']?.config,
+  localUserpassConfig: configuration['local-userpass']?.config,
   user_id_field,
   on_user_creation_function_name,
   providers: {

package/src/shared/handleUserRegistration.ts

@@ -1,5 +1,7 @@
 import { AUTH_CONFIG, DB_NAME } from "../constants"
-import { hashPassword } from "../utils/crypto"
+import { StateManager } from "../state"
+import { GenerateContext } from "../utils/context"
+import { generateToken, hashPassword } from "../utils/crypto"
 import { HandleUserRegistration } from "./models/handleUserRegistration.model"
 
 /**
@@ -17,6 +19,10 @@ const handleUserRegistration: HandleUserRegistration = (app, opt) => async ({ em
     }
 
     const { authCollection } = AUTH_CONFIG
+    const localUserpassConfig = AUTH_CONFIG.localUserpassConfig
+    const autoConfirm = localUserpassConfig?.autoConfirm === true
+    const runConfirmationFunction = localUserpassConfig?.runConfirmationFunction === true
+    const confirmationFunctionName = localUserpassConfig?.confirmationFunctionName
     const mongo = app?.mongo
     const db = mongo.client.db(DB_NAME)
     const hashedPassword = await hashPassword(password)
@@ -29,7 +35,7 @@ const handleUserRegistration: HandleUserRegistration = (app, opt) => async ({ em
     const result = await db?.collection(authCollection!).insertOne({
         email,
         password: hashedPassword,
-        status: skipUserCheck ? 'confirmed' : 'pending',
+        status: skipUserCheck || autoConfirm ? 'confirmed' : 'pending',
         createdAt: new Date(),
         custom_data: {
             // TODO: aggiungere dati personalizzati alla registrazione
@@ -58,6 +64,81 @@ const handleUserRegistration: HandleUserRegistration = (app, opt) => async ({ em
         }
     )
 
+    if (!result?.insertedId || skipUserCheck || autoConfirm) {
+        return result
+    }
+
+    if (!runConfirmationFunction) {
+        throw new Error('Missing confirmation function')
+    }
+
+    if (!confirmationFunctionName) {
+        throw new Error('Missing confirmation function name')
+    }
+
+    const functionsList = StateManager.select('functions')
+    const services = StateManager.select('services')
+    const confirmationFunction = functionsList[confirmationFunctionName]
+    if (!confirmationFunction) {
+        throw new Error(`Confirmation function not found: ${confirmationFunctionName}`)
+    }
+
+    const token = generateToken()
+    const tokenId = generateToken()
+    await db?.collection(authCollection!).updateOne(
+        { _id: result.insertedId },
+        {
+            $set: {
+                confirmationToken: token,
+                confirmationTokenId: tokenId
+            }
+        }
+    )
+
+    type ConfirmationResult = { status?: 'success' | 'pending' | 'fail' }
+    let confirmationStatus: ConfirmationResult['status'] = 'fail'
+    try {
+        const response = await GenerateContext({
+            args: [{
+                token,
+                tokenId,
+                username: email
+            }],
+            app,
+            rules: {},
+            user: {},
+            currentFunction: confirmationFunction,
+            functionsList,
+            services,
+            runAsSystem: true
+        }) as ConfirmationResult
+        confirmationStatus = response?.status ?? 'fail'
+    } catch {
+        confirmationStatus = 'fail'
+    }
+
+    if (confirmationStatus === 'success') {
+        await db?.collection(authCollection!).updateOne(
+            { _id: result.insertedId },
+            {
+                $set: { status: 'confirmed' },
+                $unset: { confirmationToken: '', confirmationTokenId: '' }
+            }
+        )
+        return result
+    }
+
+    if (confirmationStatus === 'pending') {
+        return result
+    }
+
+    await db?.collection(authCollection!).updateOne(
+        { _id: result.insertedId },
+        {
+            $set: { status: 'failed' },
+            $unset: { confirmationToken: '', confirmationTokenId: '' }
+        }
+    )
     return result
 
 }