@flowerforce/flowerbase 1.2.1-beta.16 → 1.2.1-beta.17

package/README.md

@@ -229,11 +229,12 @@ However, all users will be required to reset their passwords since it is not pos
 
 ### ✅ Supported Auth Method
 
-The only authentication mode currently re-implemented in `@flowerforce/flowerbase` is:
+The authentication modes currently re-implemented in `@flowerforce/flowerbase` are:
 
 - Local Email/Password (local-userpass)
+- Anonymous (anon-user)
 
-> Other methods (OAuth, API key, anonymous, etc.) are not supported yet.
+> Other methods (OAuth, API key, etc.) are not supported yet.
 
 ####  Example user:
 ```js
@@ -270,13 +271,18 @@ Example
         "name": "local-userpass",
         "type": "local-userpass",
         "disabled": false,
-        "auth_collection": "my-users-collection" //custom collection name
+        "auth_collection": "my-users-collection", //custom collection name
         "config": {
             "autoConfirm": true,
             "resetPasswordSubject": "reset",
             "resetPasswordUrl": "https://my.app.url/password-reset",
             "runConfirmationFunction": false
         }
+    },
+    "anon-user": {
+        "name": "anon-user",
+        "type": "anon-user",
+        "disabled": false
     }
 }
 

package/dist/auth/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/auth/controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAQzC;;;;GAIG;AACH,wBAAsB,cAAc,CAAC,GAAG,EAAE,eAAe,iBA4IxD"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/auth/controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAQzC;;;;GAIG;AACH,wBAAsB,cAAc,CAAC,GAAG,EAAE,eAAe,iBA+IxD"}

package/dist/auth/controller.js

@@ -12,8 +12,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.authController = authController;
 const bson_1 = require("bson");
 const constants_1 = require("../constants");
-const utils_1 = require("./utils");
 const crypto_1 = require("../utils/crypto");
+const utils_1 = require("./utils");
 const HANDLER_TYPE = 'preHandler';
 /**
  * Controller for handling user authentication, profile retrieval, and session management.
@@ -95,7 +95,7 @@ function authController(app) {
                     : {};
                 res.status(201);
                 return {
-                    access_token: this.createAccessToken(Object.assign(Object.assign({}, auth_user), { user_data: user }))
+                    access_token: this.createAccessToken(Object.assign(Object.assign({}, auth_user), { user_data: Object.assign(Object.assign({}, user), { id: req.user.sub }) }))
                 };
             });
         });

package/dist/auth/plugins/jwt.js

@@ -88,8 +88,8 @@ exports.default = (0, fastify_plugin_1.default)(function (fastify, opts) {
         });
         fastify.decorate('createAccessToken', function (user) {
             const id = user._id.toString();
-            const userDataId = user.user_data._id.toString();
-            const user_data = Object.assign({ _id: userDataId, id: userDataId, email: user.email }, user.user_data);
+            // const userDataId = user.user_data._id.toString()
+            const user_data = Object.assign(Object.assign({}, user.user_data), { _id: id, id: id, email: user.email });
             return this.jwt.sign({
                 typ: 'access',
                 id,
@@ -99,7 +99,7 @@ exports.default = (0, fastify_plugin_1.default)(function (fastify, opts) {
             }, {
                 iss: BAAS_ID,
                 jti: BAAS_ID,
-                sub: user._id.toJSON(),
+                sub: id,
                 expiresIn: '300m'
             });
         });

package/dist/auth/providers/anon-user/controller.d.ts

@@ -0,0 +1,8 @@
+import { FastifyInstance } from 'fastify';
+/**
+ * Controller for handling anonymous user login.
+ * @testable
+ * @param {FastifyInstance} app - The Fastify instance.
+ */
+export declare function anonUserController(app: FastifyInstance): Promise<void>;
+//# sourceMappingURL=controller.d.ts.map

package/dist/auth/providers/anon-user/controller.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/anon-user/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAOzC;;;;GAIG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,eAAe,iBA8E5D"}

package/dist/auth/providers/anon-user/controller.js

@@ -0,0 +1,90 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.anonUserController = anonUserController;
+const constants_1 = require("../../../constants");
+const crypto_1 = require("../../../utils/crypto");
+const handleUserRegistration_model_1 = require("../../../shared/models/handleUserRegistration.model");
+const utils_1 = require("../../utils");
+/**
+ * Controller for handling anonymous user login.
+ * @testable
+ * @param {FastifyInstance} app - The Fastify instance.
+ */
+function anonUserController(app) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const db = app.mongo.client.db(constants_1.DB_NAME);
+        const { authCollection, refreshTokensCollection, providers } = constants_1.AUTH_CONFIG;
+        const refreshTokenTtlMs = constants_1.DEFAULT_CONFIG.REFRESH_TOKEN_TTL_DAYS * 24 * 60 * 60 * 1000;
+        const anonUserTtlSeconds = constants_1.DEFAULT_CONFIG.ANON_USER_TTL_SECONDS;
+        try {
+            yield db.collection(authCollection).createIndex({ createdAt: 1 }, {
+                expireAfterSeconds: anonUserTtlSeconds,
+                partialFilterExpression: { 'identities.provider_type': handleUserRegistration_model_1.PROVIDER.ANON_USER }
+            });
+        }
+        catch (error) {
+            console.error('Failed to ensure anonymous user TTL index', error);
+        }
+        app.post(utils_1.AUTH_ENDPOINTS.LOGIN, function () {
+            return __awaiter(this, void 0, void 0, function* () {
+                const anonProvider = providers === null || providers === void 0 ? void 0 : providers['anon-user'];
+                if (anonProvider === null || anonProvider === void 0 ? void 0 : anonProvider.disabled) {
+                    throw new Error('Anonymous authentication disabled');
+                }
+                const now = new Date();
+                const insertResult = yield db.collection(authCollection).insertOne({
+                    status: 'confirmed',
+                    createdAt: now,
+                    custom_data: {},
+                    identities: [
+                        {
+                            provider_type: handleUserRegistration_model_1.PROVIDER.ANON_USER,
+                            provider_data: {}
+                        }
+                    ]
+                });
+                const userId = insertResult.insertedId;
+                yield db.collection(authCollection).updateOne({ _id: userId }, {
+                    $set: {
+                        identities: [
+                            {
+                                id: userId.toString(),
+                                provider_id: userId.toString(),
+                                provider_type: handleUserRegistration_model_1.PROVIDER.ANON_USER,
+                                provider_data: {}
+                            }
+                        ]
+                    }
+                });
+                const currentUserData = {
+                    _id: userId,
+                    user_data: {}
+                };
+                const refreshToken = this.createRefreshToken(currentUserData);
+                const refreshTokenHash = (0, crypto_1.hashToken)(refreshToken);
+                yield db.collection(refreshTokensCollection).insertOne({
+                    userId,
+                    tokenHash: refreshTokenHash,
+                    createdAt: now,
+                    expiresAt: new Date(Date.now() + refreshTokenTtlMs),
+                    revokedAt: null
+                });
+                return {
+                    access_token: this.createAccessToken(currentUserData),
+                    refresh_token: refreshToken,
+                    device_id: '',
+                    user_id: userId.toString()
+                };
+            });
+        });
+    });
+}

package/dist/auth/providers/anon-user/dtos.d.ts

@@ -0,0 +1,10 @@
+export type LoginSuccessDto = {
+    access_token: string;
+    device_id: string;
+    refresh_token: string;
+    user_id: string;
+};
+export interface LoginDto {
+    Reply: LoginSuccessDto;
+}
+//# sourceMappingURL=dtos.d.ts.map

package/dist/auth/providers/anon-user/dtos.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dtos.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/anon-user/dtos.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG;IAC5B,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,MAAM,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,WAAW,QAAQ;IACvB,KAAK,EAAE,eAAe,CAAA;CACvB"}

package/dist/auth/providers/anon-user/dtos.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/auth/utils.d.ts

@@ -142,6 +142,7 @@ export interface AuthConfig {
     'api-key': ApiKey;
     'local-userpass': LocalUserpass;
     'custom-function': CustomFunction;
+    'anon-user'?: AnonUser;
 }
 interface ApiKey {
     name: string;
@@ -162,6 +163,11 @@ interface CustomFunction {
         "authFunctionName": string;
     };
 }
+export interface AnonUser {
+    name: "anon-user";
+    type: "anon-user";
+    disabled: boolean;
+}
 export interface Config {
     autoConfirm: boolean;
     confirmationFunctionName?: string;

package/dist/auth/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;CAcxB,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;CAa7B,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;CAe7B,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;CAUhC,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;CAS/B,CAAA;AAED,eAAO,MAAM,YAAY;;;;;;;;;;;;;CAAoB,CAAA;AAE7C,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;CAc/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,UAAU,gBAAgB;IAC1B,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;IAC1D,sBAAsB,2BAA2B;IACjD,kBAAkB,uBAAuB;CAC1C;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;CAClC;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAMD;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAGjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAGrC,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,eAAW,WAG3C,CAAA"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;CAcxB,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;CAa7B,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;CAe7B,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;CAUhC,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;CAS/B,CAAA;AAED,eAAO,MAAM,YAAY;;;;;;;;;;;;;CAAoB,CAAA;AAE7C,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;CAc/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,UAAU,gBAAgB;IAC1B,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;IAC1D,sBAAsB,2BAA2B;IACjD,kBAAkB,uBAAuB;CAC1C;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;IACjC,WAAW,CAAC,EAAE,QAAQ,CAAA;CACvB;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,WAAW,CAAA;IACjB,IAAI,EAAE,WAAW,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAMD;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAGjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAGrC,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,eAAW,WAG3C,CAAA"}

package/dist/constants.d.ts

@@ -12,6 +12,7 @@ export declare const DEFAULT_CONFIG: {
     AUTH_LOGIN_MAX_ATTEMPTS: number;
     AUTH_RESET_MAX_ATTEMPTS: number;
     REFRESH_TOKEN_TTL_DAYS: number;
+    ANON_USER_TTL_SECONDS: number;
     SWAGGER_UI_USER: string;
     SWAGGER_UI_PASSWORD: string;
     CORS_OPTIONS: {
@@ -35,6 +36,7 @@ export declare const AUTH_CONFIG: {
         "custom-function": {
             authFunctionName: string;
         };
+        "anon-user": import("./auth/utils").AnonUser | undefined;
     };
 };
 export declare const S3_CONFIG: {

package/dist/constants.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,IAAI,CAAA;AAUpC,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;iBAiBsB,eAAe,EAAE;;CAEjE,CAAA;AACD,eAAO,MAAM,WAAW,QAA8C,CAAA;AACtE,eAAO,MAAM,YAAY,QAA8B,CAAA;AACvD,eAAO,MAAM,OAAO,QAAgB,CAAA;AAGpC,eAAO,MAAM,WAAW;;;;;;;;;;;;;;CAYvB,CAAA;AAID,eAAO,MAAM,SAAS;;;CAGrB,CAAA"}
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,IAAI,CAAA;AAUpC,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;iBAkBsB,eAAe,EAAE;;CAEjE,CAAA;AACD,eAAO,MAAM,WAAW,QAA8C,CAAA;AACtE,eAAO,MAAM,YAAY,QAA8B,CAAA;AACvD,eAAO,MAAM,OAAO,QAAgB,CAAA;AAGpC,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;CAavB,CAAA;AAID,eAAO,MAAM,SAAS;;;CAGrB,CAAA"}

package/dist/constants.js

@@ -29,6 +29,7 @@ exports.DEFAULT_CONFIG = {
     AUTH_LOGIN_MAX_ATTEMPTS: Number(process.env.AUTH_LOGIN_MAX_ATTEMPTS) || 10,
     AUTH_RESET_MAX_ATTEMPTS: Number(process.env.AUTH_RESET_MAX_ATTEMPTS) || 5,
     REFRESH_TOKEN_TTL_DAYS: Number(process.env.REFRESH_TOKEN_TTL_DAYS) || 60,
+    ANON_USER_TTL_SECONDS: Number(process.env.ANON_USER_TTL_SECONDS) || 3 * 60 * 60,
     SWAGGER_UI_USER: process.env.SWAGGER_UI_USER || '',
     SWAGGER_UI_PASSWORD: process.env.SWAGGER_UI_PASSWORD || '',
     CORS_OPTIONS: {
@@ -50,7 +51,8 @@ exports.AUTH_CONFIG = {
     user_id_field,
     on_user_creation_function_name,
     providers: {
-        "custom-function": (_c = configuration['custom-function']) === null || _c === void 0 ? void 0 : _c.config
+        "custom-function": (_c = configuration['custom-function']) === null || _c === void 0 ? void 0 : _c.config,
+        "anon-user": configuration['anon-user']
     }
 };
 exports.S3_CONFIG = {

package/dist/shared/models/handleUserRegistration.model.d.ts

@@ -20,7 +20,8 @@ type RegistrationResult = {
 export type HandleUserRegistration = (app: FastifyInstance, opt: Options) => (params: RegistrationParams) => Promise<RegistrationResult>;
 export declare enum PROVIDER {
     LOCAL_USERPASS = "local-userpass",
-    CUSTOM_FUNCTION = "custom-function"
+    CUSTOM_FUNCTION = "custom-function",
+    ANON_USER = "anon-user"
 }
 export {};
 //# sourceMappingURL=handleUserRegistration.model.d.ts.map

package/dist/shared/models/handleUserRegistration.model.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handleUserRegistration.model.d.ts","sourceRoot":"","sources":["../../../src/shared/models/handleUserRegistration.model.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AACtC,OAAO,EAAE,KAAK,EAAE,MAAM,gCAAgC,CAAA;AAEtD,KAAK,kBAAkB,GAAG;IACxB,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,aAAa,CAAC,EAAE,OAAO,CAAA;CACxB,CAAA;AAED,KAAK,kBAAkB,GAAG;IACxB,UAAU,CAAC,EAAE;QACX,QAAQ,EAAE,MAAM,MAAM,CAAA;KACvB,CAAA;CACF,CAAA;AAED,MAAM,MAAM,sBAAsB,GAAG,CACnC,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,OAAO,KACT,CAAC,MAAM,EAAE,kBAAkB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAA;AAEhE,oBAAY,QAAQ;IAClB,cAAc,mBAAmB;IACjC,eAAe,oBAAoB;CACpC"}
+{"version":3,"file":"handleUserRegistration.model.d.ts","sourceRoot":"","sources":["../../../src/shared/models/handleUserRegistration.model.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AACtC,OAAO,EAAE,KAAK,EAAE,MAAM,gCAAgC,CAAA;AAEtD,KAAK,kBAAkB,GAAG;IACxB,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,OAAO,GAAG;IACpB,IAAI,CAAC,EAAE,IAAI,CAAA;IACX,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,aAAa,CAAC,EAAE,OAAO,CAAA;CACxB,CAAA;AAED,KAAK,kBAAkB,GAAG;IACxB,UAAU,CAAC,EAAE;QACX,QAAQ,EAAE,MAAM,MAAM,CAAA;KACvB,CAAA;CACF,CAAA;AAED,MAAM,MAAM,sBAAsB,GAAG,CACnC,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,OAAO,KACT,CAAC,MAAM,EAAE,kBAAkB,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAA;AAEhE,oBAAY,QAAQ;IAClB,cAAc,mBAAmB;IACjC,eAAe,oBAAoB;IACnC,SAAS,cAAc;CACxB"}

package/dist/shared/models/handleUserRegistration.model.js

@@ -5,4 +5,5 @@ var PROVIDER;
 (function (PROVIDER) {
     PROVIDER["LOCAL_USERPASS"] = "local-userpass";
     PROVIDER["CUSTOM_FUNCTION"] = "custom-function";
+    PROVIDER["ANON_USER"] = "anon-user";
 })(PROVIDER || (exports.PROVIDER = PROVIDER = {}));

package/dist/utils/context/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/context/index.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAA;AA0GnD;;;;;;;;;;GAUG;AACH,wBAAsB,eAAe,CAAC,EACpC,IAAI,EACJ,GAAG,EACH,KAAK,EACL,IAAI,EACJ,eAAe,EACf,aAAa,EACb,QAAQ,EACR,WAAW,EACX,eAAsB,EACtB,OAAO,EACP,OAAO,EACR,EAAE,qBAAqB,GAAG,OAAO,CAAC,OAAO,CAAC,CAuK1C"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/context/index.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAA;AA0GnD;;;;;;;;;;GAUG;AACH,wBAAsB,eAAe,CAAC,EACpC,IAAI,EACJ,GAAG,EACH,KAAK,EACL,IAAI,EACJ,eAAe,EACf,aAAa,EACb,QAAQ,EACR,WAAW,EACX,eAAsB,EACtB,OAAO,EACP,OAAO,EACR,EAAE,qBAAqB,GAAG,OAAO,CAAC,OAAO,CAAC,CAgK1C"}

package/dist/utils/context/index.js

@@ -186,16 +186,9 @@ function GenerateContext(_a) {
                             moduleCache.set(importTarget, syntheticModule);
                             return syntheticModule;
                         });
-                        const importModuleDynamically = ((specifier) => __awaiter(this, void 0, void 0, function* () {
-                            const module = yield loadModule(specifier);
-                            if (module.status === 'unlinked') {
-                                yield module.link(loadModule);
-                            }
-                            if (module.status === 'linked') {
-                                yield module.evaluate();
-                            }
-                            return module;
-                        }));
+                        const importModuleDynamically = (specifier, _script, _importAssertions) => {
+                            return loadModule(specifier);
+                        };
                         const sourceModule = new vmModules.SourceTextModule(wrapEsmModule(functionToRun.code), {
                             context: vmContext,
                             identifier: entryFile,

package/dist/utils/initializer/registerPlugins.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"registerPlugins.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/registerPlugins.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAEzC,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAMnC,OAAO,EAAE,SAAS,EAAE,MAAM,oCAAoC,CAAA;AAE9D,KAAK,gBAAgB,GAAG,eAAe,CAAC,UAAU,CAAC,CAAA;AAGnD,KAAK,qBAAqB,GAAG;IAC3B,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,SAAS,CAAA;IACxB,UAAU,CAAC,EAAE,UAAU,CAAA;CACxB,CAAA;AAQD;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,GAAU,gEAMnC,qBAAqB,kBAsBvB,CAAA"}
+{"version":3,"file":"registerPlugins.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/registerPlugins.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAEzC,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAOnC,OAAO,EAAE,SAAS,EAAE,MAAM,oCAAoC,CAAA;AAE9D,KAAK,gBAAgB,GAAG,eAAe,CAAC,UAAU,CAAC,CAAA;AAGnD,KAAK,qBAAqB,GAAG;IAC3B,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,SAAS,CAAA;IACxB,UAAU,CAAC,EAAE,UAAU,CAAA;CACxB,CAAA;AAQD;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,GAAU,gEAMnC,qBAAqB,kBAsBvB,CAAA"}

package/dist/utils/initializer/registerPlugins.js

@@ -18,8 +18,9 @@ const mongodb_1 = __importDefault(require("@fastify/mongodb"));
 const fastify_raw_body_1 = __importDefault(require("fastify-raw-body"));
 const controller_1 = require("../../auth/controller");
 const jwt_1 = __importDefault(require("../../auth/plugins/jwt"));
-const controller_2 = require("../../auth/providers/custom-function/controller");
-const controller_3 = require("../../auth/providers/local-userpass/controller");
+const controller_2 = require("../../auth/providers/anon-user/controller");
+const controller_3 = require("../../auth/providers/custom-function/controller");
+const controller_4 = require("../../auth/providers/local-userpass/controller");
 const constants_1 = require("../../constants");
 /**
  * > Used to register all plugins
@@ -104,17 +105,24 @@ const getRegisterConfig = (_a) => __awaiter(void 0, [_a], void 0, function* ({ m
         },
         {
             pluginName: 'localUserPassController',
-            plugin: controller_3.localUserPassController,
+            plugin: controller_4.localUserPassController,
             options: {
                 prefix: `${constants_1.API_VERSION}/app/:appId/auth/providers/local-userpass`
             }
         },
         {
             pluginName: 'customFunctionController',
-            plugin: controller_2.customFunctionController,
+            plugin: controller_3.customFunctionController,
             options: {
                 prefix: `${constants_1.API_VERSION}/app/:appId/auth/providers/custom-function`
             }
+        },
+        {
+            pluginName: 'anonUserController',
+            plugin: controller_2.anonUserController,
+            options: {
+                prefix: `${constants_1.API_VERSION}/app/:appId/auth/providers/anon-user`
+            }
         }
     ];
 });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flowerforce/flowerbase",
-  "version": "1.2.1-beta.16",
+  "version": "1.2.1-beta.17",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/auth/controller.ts

@@ -1,9 +1,9 @@
 import { ObjectId } from 'bson'
 import { FastifyInstance } from 'fastify'
 import { AUTH_CONFIG, DB_NAME, DEFAULT_CONFIG } from '../constants'
+import { hashToken } from '../utils/crypto'
 import { SessionCreatedDto } from './dtos'
 import { AUTH_ENDPOINTS, AUTH_ERRORS } from './utils'
-import { hashToken } from '../utils/crypto'
 
 const HANDLER_TYPE = 'preHandler'
 
@@ -101,7 +101,10 @@ export async function authController(app: FastifyInstance) {
       return {
         access_token: this.createAccessToken({
           ...auth_user,
-          user_data: user
+          user_data: {
+            ...user,
+            id: req.user.sub
+          }
         })
       }
     }

package/src/auth/plugins/jwt.ts

@@ -91,13 +91,13 @@ export default fp(async function (fastify, opts: Options) {
 
   fastify.decorate('createAccessToken', function (user: WithId<Document>) {
     const id = user._id.toString()
-    const userDataId = user.user_data._id.toString()
+    // const userDataId = user.user_data._id.toString()
 
     const user_data = {
-      _id: userDataId,
-      id: userDataId,
+      ...user.user_data,
+      _id: id,
+      id: id,
       email: user.email,
-      ...user.user_data
     }
 
     return this.jwt.sign(
@@ -111,7 +111,7 @@ export default fp(async function (fastify, opts: Options) {
       {
         iss: BAAS_ID,
         jti: BAAS_ID,
-        sub: user._id.toJSON(),
+        sub: id,
         expiresIn: '300m'
       }
     )

package/src/auth/providers/anon-user/controller.ts

@@ -0,0 +1,91 @@
+import { FastifyInstance } from 'fastify'
+import { AUTH_CONFIG, DB_NAME, DEFAULT_CONFIG } from '../../../constants'
+import { hashToken } from '../../../utils/crypto'
+import { PROVIDER } from '../../../shared/models/handleUserRegistration.model'
+import { AUTH_ENDPOINTS } from '../../utils'
+import { LoginDto } from './dtos'
+
+/**
+ * Controller for handling anonymous user login.
+ * @testable
+ * @param {FastifyInstance} app - The Fastify instance.
+ */
+export async function anonUserController(app: FastifyInstance) {
+  const db = app.mongo.client.db(DB_NAME)
+  const { authCollection, refreshTokensCollection, providers } = AUTH_CONFIG
+  const refreshTokenTtlMs = DEFAULT_CONFIG.REFRESH_TOKEN_TTL_DAYS * 24 * 60 * 60 * 1000
+  const anonUserTtlSeconds = DEFAULT_CONFIG.ANON_USER_TTL_SECONDS
+
+  try {
+    await db.collection(authCollection!).createIndex(
+      { createdAt: 1 },
+      {
+        expireAfterSeconds: anonUserTtlSeconds,
+        partialFilterExpression: { 'identities.provider_type': PROVIDER.ANON_USER }
+      }
+    )
+  } catch (error) {
+    console.error('Failed to ensure anonymous user TTL index', error)
+  }
+
+  app.post<LoginDto>(
+    AUTH_ENDPOINTS.LOGIN,
+    async function () {
+      const anonProvider = providers?.['anon-user']
+      if (anonProvider?.disabled) {
+        throw new Error('Anonymous authentication disabled')
+      }
+
+      const now = new Date()
+      const insertResult = await db.collection(authCollection!).insertOne({
+        status: 'confirmed',
+        createdAt: now,
+        custom_data: {},
+        identities: [
+          {
+            provider_type: PROVIDER.ANON_USER,
+            provider_data: {}
+          }
+        ]
+      })
+
+      const userId = insertResult.insertedId
+      await db.collection(authCollection!).updateOne(
+        { _id: userId },
+        {
+          $set: {
+            identities: [
+              {
+                id: userId.toString(),
+                provider_id: userId.toString(),
+                provider_type: PROVIDER.ANON_USER,
+                provider_data: {}
+              }
+            ]
+          }
+        }
+      )
+
+      const currentUserData = {
+        _id: userId,
+        user_data: {}
+      }
+      const refreshToken = this.createRefreshToken(currentUserData)
+      const refreshTokenHash = hashToken(refreshToken)
+      await db.collection(refreshTokensCollection).insertOne({
+        userId,
+        tokenHash: refreshTokenHash,
+        createdAt: now,
+        expiresAt: new Date(Date.now() + refreshTokenTtlMs),
+        revokedAt: null
+      })
+
+      return {
+        access_token: this.createAccessToken(currentUserData),
+        refresh_token: refreshToken,
+        device_id: '',
+        user_id: userId.toString()
+      }
+    }
+  )
+}

package/src/auth/providers/anon-user/dtos.ts

@@ -0,0 +1,10 @@
+export type LoginSuccessDto = {
+  access_token: string
+  device_id: string
+  refresh_token: string
+  user_id: string
+}
+
+export interface LoginDto {
+  Reply: LoginSuccessDto
+}

package/src/auth/utils.ts

@@ -118,6 +118,7 @@ export interface AuthConfig {
   'api-key': ApiKey
   'local-userpass': LocalUserpass
   'custom-function': CustomFunction
+  'anon-user'?: AnonUser
 }
 
 interface ApiKey {
@@ -141,6 +142,12 @@ interface CustomFunction {
   }
 }
 
+export interface AnonUser {
+  name: "anon-user"
+  type: "anon-user"
+  disabled: boolean
+}
+
 export interface Config {
   autoConfirm: boolean
   confirmationFunctionName?: string

package/src/constants.ts

@@ -22,6 +22,7 @@ export const DEFAULT_CONFIG = {
   AUTH_LOGIN_MAX_ATTEMPTS: Number(process.env.AUTH_LOGIN_MAX_ATTEMPTS) || 10,
   AUTH_RESET_MAX_ATTEMPTS: Number(process.env.AUTH_RESET_MAX_ATTEMPTS) || 5,
   REFRESH_TOKEN_TTL_DAYS: Number(process.env.REFRESH_TOKEN_TTL_DAYS) || 60,
+  ANON_USER_TTL_SECONDS: Number(process.env.ANON_USER_TTL_SECONDS) || 3 * 60 * 60,
   SWAGGER_UI_USER: process.env.SWAGGER_UI_USER || '',
   SWAGGER_UI_PASSWORD: process.env.SWAGGER_UI_PASSWORD || '',
   CORS_OPTIONS: {
@@ -44,7 +45,8 @@ export const AUTH_CONFIG = {
   user_id_field,
   on_user_creation_function_name,
   providers: {
-    "custom-function": configuration['custom-function']?.config
+    "custom-function": configuration['custom-function']?.config,
+    "anon-user": configuration['anon-user']
   }
 }
 

package/src/shared/models/handleUserRegistration.model.ts

@@ -28,5 +28,6 @@ export type HandleUserRegistration = (
 
 export enum PROVIDER {
   LOCAL_USERPASS = "local-userpass",
-  CUSTOM_FUNCTION = "custom-function"
+  CUSTOM_FUNCTION = "custom-function",
+  ANON_USER = "anon-user"
 }

package/src/utils/__tests__/registerPlugins.test.ts

@@ -3,6 +3,7 @@ import fastifyMongodb from '@fastify/mongodb'
 import { authController } from '../../auth/controller'
 import jwtAuthPlugin from '../../auth/plugins/jwt'
 import fastifyRawBody from 'fastify-raw-body'
+import { anonUserController } from '../../auth/providers/anon-user/controller'
 import { customFunctionController } from '../../auth/providers/custom-function/controller'
 import { localUserPassController } from '../../auth/providers/local-userpass/controller'
 import { Functions } from '../../features/functions/interface'
@@ -36,7 +37,7 @@ describe('registerPlugins', () => {
     })
 
     // Check Plugins Registration
-    expect(registerMock).toHaveBeenCalledTimes(7)
+    expect(registerMock).toHaveBeenCalledTimes(8)
     expect(registerMock).toHaveBeenCalledWith(cors, {
       origin: '*',
       methods: ['POST', 'GET']
@@ -63,6 +64,9 @@ describe('registerPlugins', () => {
     expect(registerMock).toHaveBeenCalledWith(customFunctionController, {
       prefix: `${MOCKED_API_VERSION}/app/:appId/auth/providers/custom-function`
     })
+    expect(registerMock).toHaveBeenCalledWith(anonUserController, {
+      prefix: `${MOCKED_API_VERSION}/app/:appId/auth/providers/anon-user`
+    })
   })
 
   it('should handle errors in the catch block', async () => {

package/src/utils/context/index.ts

@@ -238,18 +238,11 @@ export async function GenerateContext({
             return syntheticModule
           }
 
-          const importModuleDynamically = (async (
-            specifier: string
-          ): Promise<vm.Module> => {
-            const module = await loadModule(specifier)
-            if (module.status === 'unlinked') {
-              await module.link(loadModule)
-            }
-            if (module.status === 'linked') {
-              await module.evaluate()
-            }
-            return module
-          }) as unknown as vm.ScriptOptions['importModuleDynamically']
+          const importModuleDynamically: NonNullable<
+            vm.ScriptOptions['importModuleDynamically']
+          > = (specifier, _script, _importAssertions) => {
+            return loadModule(specifier) as unknown as vm.Module
+          }
 
           const sourceModule = new vmModules.SourceTextModule(
             wrapEsmModule(functionToRun.code),

package/src/utils/initializer/registerPlugins.ts

@@ -5,6 +5,7 @@ import fastifyRawBody from 'fastify-raw-body'
 import { CorsConfig } from '../../'
 import { authController } from '../../auth/controller'
 import jwtAuthPlugin from '../../auth/plugins/jwt'
+import { anonUserController } from '../../auth/providers/anon-user/controller'
 import { customFunctionController } from '../../auth/providers/custom-function/controller'
 import { localUserPassController } from '../../auth/providers/local-userpass/controller'
 import { API_VERSION } from '../../constants'
@@ -133,6 +134,13 @@ const getRegisterConfig = async ({
       options: {
         prefix: `${API_VERSION}/app/:appId/auth/providers/custom-function`
       }
+    },
+    {
+      pluginName: 'anonUserController',
+      plugin: anonUserController,
+      options: {
+        prefix: `${API_VERSION}/app/:appId/auth/providers/anon-user`
+      }
     }
   ] as RegisterConfig[]
 }