npm - @flowerforce/flowerbase - Versions diffs - 1.7.3-beta.3 → 1.7.3 - Mend

@flowerforce/flowerbase 1.7.3-beta.3 → 1.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/CHANGELOG.md +9 -0
package/dist/auth/controller.d.ts.map +1 -1
package/dist/auth/controller.js +1 -1
package/dist/auth/plugins/jwt.d.ts.map +1 -1
package/dist/auth/plugins/jwt.js +8 -5
package/dist/auth/providers/custom-function/controller.d.ts.map +1 -1
package/dist/auth/providers/custom-function/controller.js +8 -4
package/dist/auth/providers/local-userpass/controller.d.ts.map +1 -1
package/dist/auth/providers/local-userpass/controller.js +1 -1
package/dist/monitoring/utils.d.ts.map +1 -1
package/dist/monitoring/utils.js +3 -2
package/dist/services/mongodb-atlas/index.d.ts.map +1 -1
package/dist/services/mongodb-atlas/index.js +11 -10
package/package.json +1 -1
package/src/auth/controller.ts +3 -0
package/src/auth/plugins/jwt.test.ts +35 -2
package/src/auth/plugins/jwt.ts +15 -9
package/src/auth/providers/custom-function/controller.ts +14 -2
package/src/auth/providers/local-userpass/controller.ts +6 -1
package/src/monitoring/utils.ts +3 -2
package/src/services/mongodb-atlas/__tests__/realmCompatibility.test.ts +18 -0
package/src/services/mongodb-atlas/index.ts +13 -10

package/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,12 @@
+## 1.7.3 (2026-02-17)
+### 🩹 Fixes
+- response EJSON in function ([fa70c11](https://github.com/flowerforce/flowerbase/commit/fa70c11))
+- issues #5 #6 #7 #8 #10 #11 #12 #13 #14 ([#5](https://github.com/flowerforce/flowerbase/issues/5), [#6](https://github.com/flowerforce/flowerbase/issues/6), [#7](https://github.com/flowerforce/flowerbase/issues/7), [#8](https://github.com/flowerforce/flowerbase/issues/8), [#10](https://github.com/flowerforce/flowerbase/issues/10), [#11](https://github.com/flowerforce/flowerbase/issues/11), [#12](https://github.com/flowerforce/flowerbase/issues/12), [#13](https://github.com/flowerforce/flowerbase/issues/13), [#14](https://github.com/flowerforce/flowerbase/issues/14))
 ## 1.7.2 (2026-02-12)

package/dist/auth/controller.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/auth/controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAQzC;;;;GAIG;AACH,wBAAsB,cAAc,CAAC,GAAG,EAAE,eAAe,~~iBAwKxD~~"}
1	+ {"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../src/auth/controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAQzC;;;;GAIG;AACH,wBAAsB,cAAc,CAAC,GAAG,EAAE,eAAe,iBA2KxD"}

package/dist/auth/controller.js CHANGED Viewed

@@ -111,7 +111,7 @@ function authController(app) {
                     : {};
                 res.status(201);
                 return {
-                    access_token: this.createAccessToken(Object.assign(Object.assign({}, auth_user), { user_data: Object.assign(Object.assign({}, user), { id: req.user.sub }) }))
+                    access_token: this.createAccessToken(Object.assign(Object.assign({}, auth_user), { user_data: Object.assign(Object.assign({}, user), { id: req.user.sub }), custom_data: Object.assign({}, user) }))
                 };
             });
         });

package/dist/auth/plugins/jwt.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../src/auth/plugins/jwt.ts"],"names":[],"mappings":"AAKA,KAAK,OAAO,GAAG;IACb,MAAM,EAAE,MAAM,CAAA;CACf,CAAA;~~AAeD~~;;;;;;;GAOG;iUAC8C,OAAO;AAAxD,~~wBA4GE~~"}
1	+ {"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../src/auth/plugins/jwt.ts"],"names":[],"mappings":"AAKA,KAAK,OAAO,GAAG;IACb,MAAM,EAAE,MAAM,CAAA;CACf,CAAA;AAkBD;;;;;;;GAOG;iUAC8C,OAAO;AAAxD,wBA+GE"}

package/dist/auth/plugins/jwt.js CHANGED Viewed

@@ -16,6 +16,7 @@ const jwt_1 = __importDefault(require("@fastify/jwt"));
 const fastify_plugin_1 = __importDefault(require("fastify-plugin"));
 const mongodb_1 = require("mongodb");
 const constants_1 = require("../../constants");
+const isRecord = (value) => !!value && typeof value === 'object' && !Array.isArray(value);
 const unauthorizedSessionError = {
     message: 'Unauthorized',
     error: 'unauthorized',
@@ -94,14 +95,16 @@ exports.default = (0, fastify_plugin_1.default)(function (fastify, opts) {
         });
         fastify.decorate('createAccessToken', function (user) {
             const id = user._id.toString();
-            // const userDataId = user.user_data._id.toString()
-            const user_data = Object.assign(Object.assign({}, user.user_data), { _id: id, id: id, email: user.email });
+            const userData = isRecord(user.user_data) ? Object.assign({}, user.user_data) : {};
+            const customData = isRecord(user.custom_data)
+                ? Object.assign({}, user.custom_data) : Object.assign({}, userData);
+            const mergedUserData = Object.assign(Object.assign(Object.assign({}, customData), userData), { _id: id, id, email: typeof user.email === 'string' ? user.email : userData.email });
             return this.jwt.sign({
                 typ: 'access',
                 id,
-                data: user_data,
-                user_data: user_data,
-                custom_data: user_data
+                data: mergedUserData,
+                user_data: mergedUserData,
+                custom_data: customData
             }, {
                 iss: BAAS_ID,
                 jti: BAAS_ID,

package/dist/auth/providers/custom-function/controller.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/custom-function/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AASzC;;;;GAIG;AACH,wBAAsB,wBAAwB,CAAC,GAAG,EAAE,eAAe,~~iBAqGlE~~"}
1	+ {"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/custom-function/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AASzC;;;;GAIG;AACH,wBAAsB,wBAAwB,CAAC,GAAG,EAAE,eAAe,iBAiHlE"}

package/dist/auth/providers/custom-function/controller.js CHANGED Viewed

@@ -26,7 +26,7 @@ function customFunctionController(app) {
         const functionsList = state_1.StateManager.select('functions');
         const services = state_1.StateManager.select('services');
         const db = app.mongo.client.db(constants_1.DB_NAME);
-        const { authCollection, refreshTokensCollection } = constants_1.AUTH_CONFIG;
+        const { authCollection, refreshTokensCollection, userCollection, user_id_field } = constants_1.AUTH_CONFIG;
         const refreshTokenTtlMs = constants_1.DEFAULT_CONFIG.REFRESH_TOKEN_TTL_DAYS * 24 * 60 * 60 * 1000;
         /**
          * Endpoint for user login.
@@ -80,11 +80,15 @@ function customFunctionController(app) {
                     reply.code(401).send({ message: 'Unauthorized' });
                     return;
                 }
+                const user = user_id_field && userCollection
+                    ? yield db
+                        .collection(userCollection)
+                        .findOne({ [user_id_field]: authUser._id.toString() })
+                    : {};
                 const currentUserData = {
                     _id: authUser._id,
-                    user_data: {
-                        _id: authUser._id
-                    }
+                    user_data: Object.assign(Object.assign({}, (user || {})), { id: authUser._id.toString(), email: authUser.email }),
+                    custom_data: Object.assign({}, (user || {}))
                 };
                 const refreshToken = this.createRefreshToken(currentUserData);
                 const refreshTokenHash = (0, crypto_1.hashToken)(refreshToken);

package/dist/auth/providers/local-userpass/controller.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAqCzC;;;;GAIG;AACH,wBAAsB,uBAAuB,CAAC,GAAG,EAAE,eAAe,~~iBA+WjE~~"}
1	+ {"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAqCzC;;;;GAIG;AACH,wBAAsB,uBAAuB,CAAC,GAAG,EAAE,eAAe,iBAoXjE"}

package/dist/auth/providers/local-userpass/controller.js CHANGED Viewed

@@ -209,7 +209,7 @@ function localUserPassController(app) {
                         .findOne({ [user_id_field]: authUser._id.toString() })
                     : {};
                 authUser === null || authUser === void 0 ? true : delete authUser.password;
-                const userWithCustomData = Object.assign(Object.assign({}, authUser), { user_data: Object.assign(Object.assign({}, (user || {})), { _id: authUser._id }), data: { email: authUser.email }, id: authUser._id.toString() });
+                const userWithCustomData = Object.assign(Object.assign({}, authUser), { user_data: Object.assign(Object.assign({}, (user || {})), { id: authUser._id.toString(), email: authUser.email }), custom_data: Object.assign({}, (user || {})), data: { email: authUser.email }, id: authUser._id.toString() });
                 if (authUser && authUser.status !== 'confirmed') {
                     throw new Error(utils_1.AUTH_ERRORS.USER_NOT_CONFIRMED);
                 }

package/dist/monitoring/utils.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/monitoring/utils.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,SAAS,CAAA;AAG9D,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,6BAA6B,CAAA;AAIxD,MAAM,MAAM,YAAY,GAAG;IACzB,EAAE,EAAE,MAAM,CAAA;IACV,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,CAAC,EAAE,OAAO,CAAA;CACf,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,OAAO,EAAE,CAAA;IACf,WAAW,EAAE,OAAO,CAAA;IACpB,IAAI,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACtC,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,YAAY,CAAC,EAAE,OAAO,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,EAAE,EAAE,MAAM,CAAA;IACV,UAAU,EAAE,MAAM,CAAA;IAClB,IAAI,EAAE,OAAO,GAAG,WAAW,CAAA;IAC3B,KAAK,CAAC,EAAE,OAAO,CAAA;IACf,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC9B,WAAW,EAAE,OAAO,CAAA;IACpB,IAAI,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACtC,IAAI,CAAC,EAAE,MAAM,CAAA;CACd,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB,CAAC,CAAC,EAAE,MAAM,CAAA;IACV,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,KAAK,CAAC,EAAE,MAAM,CAAA;CACf,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB,GAAG,EAAE,CAAC,KAAK,EAAE,YAAY,KAAK,IAAI,CAAA;IAClC,IAAI,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,KAAK,YAAY,EAAE,CAAA;IAC5C,KAAK,EAAE,MAAM,IAAI,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,WAAW,EAAE,MAAM,CAAA;IACnB,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,IAAI,CAAC,EAAE,OAAO,CAAA;IACd,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,MAAM,QAAsB,CAAA;AACzC,eAAO,MAAM,SAAS,KAAK,CAAA;AAC3B,eAAO,MAAM,SAAS,KAAK,CAAA;AAC3B,eAAO,MAAM,UAAU,MAAM,CAAA;AAC7B,eAAO,MAAM,oBAAoB,KAAK,CAAA;AAEtC,eAAO,MAAM,SAAS,eACuD,CAAA;AAE7E,eAAO,MAAM,aAAa,GAAI,OAAO,OAAO,KAAG,KAAK,IAAI,OAAO,CAAC,OAAO,CAC2B,CAAA;AAElG,eAAO,MAAM,aAAa,GAAI,OAAO,OAAO,KAAG,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CACf,CAAA;AAE/D,eAAO,MAAM,aAAa,GAAI,OAAO,OAAO,WAc3C,CAAA;AAeD,eAAO,MAAM,YAAY,GAAI,OAAO,MAAM,WAWzC,CAAA;AAED,eAAO,MAAM,oBAAoB,GAAI,OAAO,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,4BAOlE,CAAA;AAED,eAAO,MAAM,WAAW,GAAI,OAAO,OAAO,KAAG,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAS3E,CAAA;AAED,eAAO,MAAM,iBAAiB,GAAI,OAAO,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,MAAM,KAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAuCvG,CAAA;AAED,eAAO,MAAM,QAAQ,GAAI,OAAO,OAAO,EAAE,cAAS,KAAG,OAqCpD,CAAA;AAED,eAAO,MAAM,eAAe,GAAI,OAAO,OAAO;;;;;;CAc7C,CAAA;AAED,eAAO,MAAM,WAAW,GAAI,SAAS,cAAc,CAAC,SAAS,CAAC,YAQ7D,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,UAAU,MAAM,EAAE,WAAW,MAAM,KAAG,UAqCtE,CAAA;AAED,eAAO,MAAM,eAAe,GAAI,KAAK,MAAM,uEAS1C,CAAA;AAED,eAAO,MAAM,aAAa,cAC8C,CAAA;AAExE,eAAO,MAAM,cAAc,GAAI,OAAO,SAAS;;;;;;;;;;;;;;;;aA2B9C,CAAA;AAED,eAAO,MAAM,4BAA4B,GACvC,OAAO,KAAK,GAAG,SAAS,EACxB,YAAY,MAAM,EAClB,OAAO,OAAO,EACd,cAAc,OAAO,6DAItB,CAAA;AAED,eAAO,MAAM,sBAAsB,GAAI,UAAU,MAAM,EAAE,QAAQ,MAAM,aAiBtE,CAAA;AAED,eAAO,MAAM,SAAS,GAAI,UAAU,MAAM,EAAE,QAAQ,MAAM,WAYzD,CAAA;AAED,eAAO,MAAM,kBAAkB,GAC7B,KAAK,eAAe,EACpB,SAAS,MAAM,EACf,cAAc,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,~~iDAuDtC~~,CAAA;AAED,eAAO,MAAM,WAAW,GAAI,eAAe,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;;;aAajE,CAAA"}
1	+ {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/monitoring/utils.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,SAAS,CAAA;AAG9D,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,6BAA6B,CAAA;AAIxD,MAAM,MAAM,YAAY,GAAG;IACzB,EAAE,EAAE,MAAM,CAAA;IACV,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,CAAC,EAAE,OAAO,CAAA;CACf,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,OAAO,EAAE,CAAA;IACf,WAAW,EAAE,OAAO,CAAA;IACpB,IAAI,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACtC,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,YAAY,CAAC,EAAE,OAAO,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,EAAE,EAAE,MAAM,CAAA;IACV,UAAU,EAAE,MAAM,CAAA;IAClB,IAAI,EAAE,OAAO,GAAG,WAAW,CAAA;IAC3B,KAAK,CAAC,EAAE,OAAO,CAAA;IACf,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC9B,WAAW,EAAE,OAAO,CAAA;IACpB,IAAI,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACtC,IAAI,CAAC,EAAE,MAAM,CAAA;CACd,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB,CAAC,CAAC,EAAE,MAAM,CAAA;IACV,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,KAAK,CAAC,EAAE,MAAM,CAAA;CACf,CAAA;AAED,MAAM,MAAM,UAAU,GAAG;IACvB,GAAG,EAAE,CAAC,KAAK,EAAE,YAAY,KAAK,IAAI,CAAA;IAClC,IAAI,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,KAAK,YAAY,EAAE,CAAA;IAC5C,KAAK,EAAE,MAAM,IAAI,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,SAAS,GAAG;IACtB,WAAW,EAAE,MAAM,CAAA;IACnB,KAAK,CAAC,EAAE,KAAK,CAAA;IACb,IAAI,CAAC,EAAE,OAAO,CAAA;IACd,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB,CAAA;AAED,eAAO,MAAM,MAAM,QAAsB,CAAA;AACzC,eAAO,MAAM,SAAS,KAAK,CAAA;AAC3B,eAAO,MAAM,SAAS,KAAK,CAAA;AAC3B,eAAO,MAAM,UAAU,MAAM,CAAA;AAC7B,eAAO,MAAM,oBAAoB,KAAK,CAAA;AAEtC,eAAO,MAAM,SAAS,eACuD,CAAA;AAE7E,eAAO,MAAM,aAAa,GAAI,OAAO,OAAO,KAAG,KAAK,IAAI,OAAO,CAAC,OAAO,CAC2B,CAAA;AAElG,eAAO,MAAM,aAAa,GAAI,OAAO,OAAO,KAAG,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CACf,CAAA;AAE/D,eAAO,MAAM,aAAa,GAAI,OAAO,OAAO,WAc3C,CAAA;AAeD,eAAO,MAAM,YAAY,GAAI,OAAO,MAAM,WAWzC,CAAA;AAED,eAAO,MAAM,oBAAoB,GAAI,OAAO,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,4BAOlE,CAAA;AAED,eAAO,MAAM,WAAW,GAAI,OAAO,OAAO,KAAG,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,OAAO,CAS3E,CAAA;AAED,eAAO,MAAM,iBAAiB,GAAI,OAAO,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,MAAM,KAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAuCvG,CAAA;AAED,eAAO,MAAM,QAAQ,GAAI,OAAO,OAAO,EAAE,cAAS,KAAG,OAqCpD,CAAA;AAED,eAAO,MAAM,eAAe,GAAI,OAAO,OAAO;;;;;;CAc7C,CAAA;AAED,eAAO,MAAM,WAAW,GAAI,SAAS,cAAc,CAAC,SAAS,CAAC,YAQ7D,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,UAAU,MAAM,EAAE,WAAW,MAAM,KAAG,UAqCtE,CAAA;AAED,eAAO,MAAM,eAAe,GAAI,KAAK,MAAM,uEAS1C,CAAA;AAED,eAAO,MAAM,aAAa,cAC8C,CAAA;AAExE,eAAO,MAAM,cAAc,GAAI,OAAO,SAAS;;;;;;;;;;;;;;;;aA2B9C,CAAA;AAED,eAAO,MAAM,4BAA4B,GACvC,OAAO,KAAK,GAAG,SAAS,EACxB,YAAY,MAAM,EAClB,OAAO,OAAO,EACd,cAAc,OAAO,6DAItB,CAAA;AAED,eAAO,MAAM,sBAAsB,GAAI,UAAU,MAAM,EAAE,QAAQ,MAAM,aAiBtE,CAAA;AAED,eAAO,MAAM,SAAS,GAAI,UAAU,MAAM,EAAE,QAAQ,MAAM,WAYzD,CAAA;AAED,eAAO,MAAM,kBAAkB,GAC7B,KAAK,eAAe,EACpB,SAAS,MAAM,EACf,cAAc,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,iDAwDtC,CAAA;AAED,eAAO,MAAM,WAAW,GAAI,eAAe,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;;;aAajE,CAAA"}

package/dist/monitoring/utils.js CHANGED Viewed

@@ -354,14 +354,15 @@ const resolveUserContext = (app, userId, userPayload) => __awaiter(void 0, void
         : (customUser && typeof customUser[userIdField] !== 'undefined'
             ? String(customUser[userIdField])
             : normalizedUserId);
-    const user_data = Object.assign(Object.assign({}, (customUser ? (0, exports.stripSensitiveFields)(customUser) : {})), { id, _id: id, email: authUser && typeof authUser.email === 'string'
+    const custom_data = customUser ? (0, exports.stripSensitiveFields)(customUser) : {};
+    const user_data = Object.assign(Object.assign({}, custom_data), { id, _id: id, email: authUser && typeof authUser.email === 'string'
             ? authUser.email
             : undefined });
     const user = {
         id,
         user_data,
         data: user_data,
-        custom_data: user_data
+        custom_data
     };
     if (isObjectId) {
         user._id = new mongodb_1.ObjectId(id);

package/dist/services/mongodb-atlas/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/mongodb-atlas/index.ts"],"names":[],"mappings":"AAuBA,OAAO,EAGL,oBAAoB,EAErB,MAAM,SAAS,CAAA;~~AA0tChB~~,QAAA,MAAM,YAAY,EAAE,oBA6BlB,CAAA;AAEF,eAAe,YAAY,CAAA"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/mongodb-atlas/index.ts"],"names":[],"mappings":"AAuBA,OAAO,EAGL,oBAAoB,EAErB,MAAM,SAAS,CAAA;AA6tChB,QAAA,MAAM,YAAY,EAAE,oBA6BlB,CAAA;AAEF,eAAe,YAAY,CAAA"}

package/dist/services/mongodb-atlas/index.js CHANGED Viewed

@@ -112,6 +112,7 @@ const normalizeFindOneAndUpdateOptions = (options) => {
     }
     return Object.assign(Object.assign({}, rest), { returnDocument: returnNewDocument ? 'after' : 'before' });
 };
+const buildAndQuery = (clauses) => clauses.length ? { $and: clauses } : {};
 const hasAtomicOperators = (data) => Object.keys(data).some((key) => key.startsWith('$'));
 const normalizeUpdatePayload = (data) => hasAtomicOperators(data) ? data : { $set: data };
 const hasOperatorExpressions = (value) => isPlainObject(value) && Object.keys(value).some((key) => key.startsWith('$'));
@@ -356,7 +357,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system, monito
                     logService('findOne query', { collName, formattedQuery });
                     const safeQuery = (0, utils_3.normalizeQuery)(formattedQuery);
                     logService('findOne normalizedQuery', { collName, safeQuery });
-                    const result = yield collection.findOne({ $and: safeQuery }, resolvedOptions);
+                    const result = yield collection.findOne(buildAndQuery(safeQuery), resolvedOptions);
                     logDebug('findOne result', {
                         collection: collName,
                         result
@@ -417,7 +418,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system, monito
                     // Apply access control filters
                     const formattedQuery = (0, utils_3.getFormattedQuery)(filters, query, user);
                     // Retrieve the document to check permissions before deleting
-                    const result = yield collection.findOne({ $and: formattedQuery });
+                    const result = yield collection.findOne(buildAndQuery(formattedQuery));
                     const winningRole = (0, utils_2.getWinningRole)(result, user, roles);
                     logDebug('delete winningRole', {
                         collection: collName,
@@ -435,7 +436,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system, monito
                     if (!status) {
                         throw new Error('Delete not permitted');
                     }
-                    const res = yield collection.deleteOne({ $and: formattedQuery }, options);
+                    const res = yield collection.deleteOne(buildAndQuery(formattedQuery), options);
                     emitMongoEvent('deleteOne');
                     return res;
                 }
@@ -536,10 +537,10 @@ const getOperators = (collection, { rules, collName, user, run_as_system, monito
                     const safeQuery = Array.isArray(formattedQuery)
                         ? (0, utils_3.normalizeQuery)(formattedQuery)
                         : formattedQuery;
-                    const result = yield collection.findOne({ $and: safeQuery });
+                    const result = yield collection.findOne(buildAndQuery(safeQuery));
                     if (!result) {
                         if (options === null || options === void 0 ? void 0 : options.upsert) {
-                            const upsertResult = yield collection.updateOne({ $and: safeQuery }, normalizedData, options);
+                            const upsertResult = yield collection.updateOne(buildAndQuery(safeQuery), normalizedData, options);
                             emitMongoEvent('updateOne');
                             return upsertResult;
                         }
@@ -563,7 +564,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system, monito
                     if (!status || !areDocumentsEqual) {
                         throw new Error('Update not permitted');
                     }
-                    const res = yield collection.updateOne({ $and: safeQuery }, normalizedData, options);
+                    const res = yield collection.updateOne(buildAndQuery(safeQuery), normalizedData, options);
                     emitMongoEvent('updateOne');
                     return res;
                 }
@@ -596,7 +597,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system, monito
                     const safeQuery = Array.isArray(formattedQuery)
                         ? (0, utils_3.normalizeQuery)(formattedQuery)
                         : formattedQuery;
-                    const result = yield collection.findOne({ $and: safeQuery });
+                    const result = yield collection.findOne(buildAndQuery(safeQuery));
                     if (!result) {
                         throw new Error('Update not permitted');
                     }
@@ -609,7 +610,7 @@ const getOperators = (collection, { rules, collName, user, run_as_system, monito
                         : getUpdatedPaths(normalizedData);
                     const [docToCheck] = Array.isArray(normalizedData)
                         ? yield collection.aggregate([
-                            { $match: { $and: safeQuery } },
+                            { $match: buildAndQuery(safeQuery) },
                             { $limit: 1 },
                             ...normalizedData
                         ]).toArray()
@@ -627,8 +628,8 @@ const getOperators = (collection, { rules, collName, user, run_as_system, monito
                         throw new Error('Update not permitted');
                     }
                     const updateResult = normalizedOptions
-                        ? yield collection.findOneAndUpdate({ $and: safeQuery }, normalizedData, normalizedOptions)
-                        : yield collection.findOneAndUpdate({ $and: safeQuery }, normalizedData);
+                        ? yield collection.findOneAndUpdate(buildAndQuery(safeQuery), normalizedData, normalizedOptions)
+                        : yield collection.findOneAndUpdate(buildAndQuery(safeQuery), normalizedData);
                     if (!updateResult) {
                         emitMongoEvent('findOneAndUpdate');
                         return updateResult;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@flowerforce/flowerbase",
-  "version": "1.7.3-beta.3",
+  "version": "1.7.3",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/auth/controller.ts CHANGED Viewed

@@ -124,6 +124,9 @@ export async function authController(app: FastifyInstance) {
           user_data: {
             ...user,
             id: req.user.sub
+          },
+          custom_data: {
+            ...user
           }
         })
       }

package/src/auth/plugins/jwt.test.ts CHANGED Viewed

@@ -13,9 +13,10 @@ jest.mock('node:diagnostics_channel', () => {
   }
 })
+import { ObjectId } from 'bson'
 import fastify, { FastifyInstance, FastifyReply } from 'fastify'
+import * as jwt from 'jsonwebtoken'
 import jwtAuthPlugin from './jwt'
-import { ObjectId } from 'bson'
 const SECRET = 'test-secret'
@@ -52,7 +53,7 @@ describe('jwtAuthentication', () => {
     const collectionMock = { findOne: findOneMock }
     const dbMock = { collection: jest.fn().mockReturnValue(collectionMock) }
     const mongoMock = { client: { db: jest.fn().mockReturnValue(dbMock) } }
-    ;(app as any).mongo = mongoMock
+      ; (app as any).mongo = mongoMock
   }
   const createReply = () => {
@@ -111,4 +112,36 @@ describe('jwtAuthentication', () => {
     expect(reply.code).toHaveBeenCalledWith(401)
     expect(reply.send).toHaveBeenCalledWith(unauthorizedSessionError)
   })
+  it('preserves linked custom_data _id in access token payload', async () => {
+    const authId = new ObjectId()
+    const linkedId = new ObjectId()
+    const token = (app as any).createAccessToken({
+      _id: authId,
+      email: 'owner@example.com',
+      user_data: {
+        _id: linkedId.toHexString(),
+        role: 'owner'
+      },
+      custom_data: {
+        _id: linkedId.toHexString(),
+        role: 'owner'
+      }
+    })
+    const decoded = jwt.decode(token) as {
+      id: string
+      data: { _id: string; id: string }
+      user_data: { _id: string; id: string }
+      custom_data: { _id: string; role: string }
+      sub: string
+    }
+    expect(decoded.id).toBe(authId.toHexString())
+    expect(decoded.sub).toBe(authId.toHexString())
+    expect(decoded.data._id).toBe(authId.toHexString())
+    expect(decoded.user_data._id).toBe(authId.toHexString())
+    expect(decoded.custom_data._id).toBe(linkedId.toHexString())
+    expect(decoded.custom_data.role).toBe('owner')
+  })
 })

package/src/auth/plugins/jwt.ts CHANGED Viewed

@@ -13,6 +13,9 @@ type JwtAccessWithTimestamp = {
   iat?: number
 }
+const isRecord = (value: unknown): value is Record<string, unknown> =>
+  !!value && typeof value === 'object' && !Array.isArray(value)
 const unauthorizedSessionError = {
   message: 'Unauthorized',
   error: 'unauthorized',
@@ -98,22 +101,25 @@ export default fp(async function (fastify, opts: Options) {
   fastify.decorate('createAccessToken', function (user: WithId<Document>) {
     const id = user._id.toString()
-    // const userDataId = user.user_data._id.toString()
-    const user_data = {
-      ...user.user_data,
+    const userData = isRecord(user.user_data) ? { ...user.user_data } : {}
+    const customData = isRecord(user.custom_data)
+      ? { ...user.custom_data }
+      : { ...userData }
+    const mergedUserData = {
+      ...customData,
+      ...userData,
       _id: id,
-      id: id,
-      email: user.email,
+      id,
+      email: typeof user.email === 'string' ? user.email : userData.email
     }
     return this.jwt.sign(
       {
         typ: 'access',
         id,
-        data: user_data,
-        user_data: user_data,
-        custom_data: user_data
+        data: mergedUserData,
+        user_data: mergedUserData,
+        custom_data: customData
       },
       {
         iss: BAAS_ID,

package/src/auth/providers/custom-function/controller.ts CHANGED Viewed

@@ -17,7 +17,7 @@ export async function customFunctionController(app: FastifyInstance) {
   const functionsList = StateManager.select('functions')
   const services = StateManager.select('services')
   const db = app.mongo.client.db(DB_NAME)
-  const { authCollection, refreshTokensCollection } = AUTH_CONFIG
+  const { authCollection, refreshTokensCollection, userCollection, user_id_field } = AUTH_CONFIG
   const refreshTokenTtlMs = DEFAULT_CONFIG.REFRESH_TOKEN_TTL_DAYS * 24 * 60 * 60 * 1000
   /**
@@ -89,10 +89,22 @@ export async function customFunctionController(app: FastifyInstance) {
         return
       }
+      const user =
+        user_id_field && userCollection
+          ? await db
+            .collection(userCollection)
+            .findOne({ [user_id_field]: authUser._id.toString() })
+          : {}
       const currentUserData = {
         _id: authUser._id,
         user_data: {
-          _id: authUser._id
+          ...(user || {}),
+          id: authUser._id.toString(),
+          email: authUser.email
+        },
+        custom_data: {
+          ...(user || {})
         }
       }
       const refreshToken = this.createRefreshToken(currentUserData)

package/src/auth/providers/local-userpass/controller.ts CHANGED Viewed

@@ -268,7 +268,12 @@ export async function localUserPassController(app: FastifyInstance) {
       const userWithCustomData = {
         ...authUser,
-        user_data: { ...(user || {}), _id: authUser._id },
+        user_data: {
+          ...(user || {}),
+          id: authUser._id.toString(),
+          email: authUser.email
+        },
+        custom_data: { ...(user || {}) },
         data: { email: authUser.email },
         id: authUser._id.toString()
       }

package/src/monitoring/utils.ts CHANGED Viewed

@@ -404,8 +404,9 @@ export const resolveUserContext = async (
         ? String(customUser[userIdField])
         : normalizedUserId)
+  const custom_data = customUser ? stripSensitiveFields(customUser) : {}
   const user_data = {
-    ...(customUser ? stripSensitiveFields(customUser) : {}),
+    ...custom_data,
     id,
     _id: id,
     email: authUser && typeof (authUser as { email?: unknown }).email === 'string'
@@ -417,7 +418,7 @@ export const resolveUserContext = async (
     id,
     user_data,
     data: user_data,
-    custom_data: user_data
+    custom_data
   }
   if (isObjectId) {

package/src/services/mongodb-atlas/__tests__/realmCompatibility.test.ts CHANGED Viewed

@@ -250,6 +250,24 @@ describe('mongodb-atlas Realm compatibility', () => {
     expect(find).toHaveBeenCalledWith({ active: true }, { session })
   })
+  it('allows findOne({}) without emitting an empty $and query', async () => {
+    const doc = { _id: new ObjectId(), label: 'first' }
+    const findOne = jest.fn().mockResolvedValue(doc)
+    const collection = {
+      collectionName: 'todos',
+      findOne
+    }
+    const operators = MongoDbAtlas(createAppWithCollection(collection) as any, {
+      rules: createRules(),
+      user: { id: 'user-1' }
+    }).db('db').collection('todos')
+    const result = await operators.findOne({})
+    expect(result).toEqual(doc)
+    expect(findOne).toHaveBeenCalledWith({}, undefined)
+  })
   it('returns insertMany insertedIds as an array', async () => {
     const id0 = new ObjectId()
     const id1 = new ObjectId()

package/src/services/mongodb-atlas/index.ts CHANGED Viewed

@@ -136,6 +136,9 @@ const normalizeFindOneAndUpdateOptions = (
   }
 }
+const buildAndQuery = (clauses: MongoFilter<Document>[]): MongoFilter<Document> =>
+  clauses.length ? { $and: clauses } : {}
 const hasAtomicOperators = (data: Document) => Object.keys(data).some((key) => key.startsWith('$'))
 const normalizeUpdatePayload = (data: Document) =>
@@ -410,7 +413,7 @@ const getOperators: GetOperatorsFunction = (
           logService('findOne query', { collName, formattedQuery })
           const safeQuery = normalizeQuery(formattedQuery)
           logService('findOne normalizedQuery', { collName, safeQuery })
-          const result = await collection.findOne({ $and: safeQuery }, resolvedOptions)
+          const result = await collection.findOne(buildAndQuery(safeQuery), resolvedOptions)
           logDebug('findOne result', {
             collection: collName,
             result
@@ -477,7 +480,7 @@ const getOperators: GetOperatorsFunction = (
           const formattedQuery = getFormattedQuery(filters, query, user)
           // Retrieve the document to check permissions before deleting
-          const result = await collection.findOne({ $and: formattedQuery })
+          const result = await collection.findOne(buildAndQuery(formattedQuery))
           const winningRole = getWinningRole(result, user, roles)
           logDebug('delete winningRole', {
@@ -502,7 +505,7 @@ const getOperators: GetOperatorsFunction = (
             throw new Error('Delete not permitted')
           }
-          const res = await collection.deleteOne({ $and: formattedQuery }, options)
+          const res = await collection.deleteOne(buildAndQuery(formattedQuery), options)
           emitMongoEvent('deleteOne')
           return res
         }
@@ -610,12 +613,12 @@ const getOperators: GetOperatorsFunction = (
             ? normalizeQuery(formattedQuery)
             : formattedQuery
-          const result = await collection.findOne({ $and: safeQuery })
+          const result = await collection.findOne(buildAndQuery(safeQuery))
           if (!result) {
             if (options?.upsert) {
               const upsertResult = await collection.updateOne(
-                { $and: safeQuery },
+                buildAndQuery(safeQuery),
                 normalizedData,
                 options
               )
@@ -649,7 +652,7 @@ const getOperators: GetOperatorsFunction = (
           if (!status || !areDocumentsEqual) {
             throw new Error('Update not permitted')
           }
-          const res = await collection.updateOne({ $and: safeQuery }, normalizedData, options)
+          const res = await collection.updateOne(buildAndQuery(safeQuery), normalizedData, options)
           emitMongoEvent('updateOne')
           return res
         }
@@ -685,7 +688,7 @@ const getOperators: GetOperatorsFunction = (
             ? normalizeQuery(formattedQuery)
             : formattedQuery
-          const result = await collection.findOne({ $and: safeQuery })
+          const result = await collection.findOne(buildAndQuery(safeQuery))
           if (!result) {
             throw new Error('Update not permitted')
@@ -700,7 +703,7 @@ const getOperators: GetOperatorsFunction = (
             : getUpdatedPaths(normalizedData as Document)
           const [docToCheck] = Array.isArray(normalizedData)
             ? await collection.aggregate([
-              { $match: { $and: safeQuery } },
+              { $match: buildAndQuery(safeQuery) },
               { $limit: 1 },
               ...normalizedData
             ]).toArray()
@@ -725,8 +728,8 @@ const getOperators: GetOperatorsFunction = (
           }
           const updateResult = normalizedOptions
-            ? await collection.findOneAndUpdate({ $and: safeQuery }, normalizedData, normalizedOptions)
-            : await collection.findOneAndUpdate({ $and: safeQuery }, normalizedData)
+            ? await collection.findOneAndUpdate(buildAndQuery(safeQuery), normalizedData, normalizedOptions)
+            : await collection.findOneAndUpdate(buildAndQuery(safeQuery), normalizedData)
           if (!updateResult) {
             emitMongoEvent('findOneAndUpdate')
             return updateResult