@flowerforce/flowerbase 1.7.5 → 1.7.6-beta.1

package/dist/utils/index.d.ts

@@ -1,3 +1,4 @@
 export declare const readFileContent: (filePath: string) => string;
 export declare const readJsonContent: (filePath: string) => unknown;
+export declare const recursivelyCollectFiles: (dir: string) => string[];
 //# sourceMappingURL=index.d.ts.map

package/dist/utils/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,eAAe,GAAI,UAAU,MAAM,WAAuC,CAAA;AACvF,eAAO,MAAM,eAAe,GAAI,UAAU,MAAM,KACL,OAAO,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,eAAe,GAAI,UAAU,MAAM,WAAuC,CAAA;AACvF,eAAO,MAAM,eAAe,GAAI,UAAU,MAAM,KACL,OAAO,CAAA;AAElD,eAAO,MAAM,uBAAuB,GAAI,KAAK,MAAM,KAAG,MAAM,EAQ3D,CAAA"}

package/dist/utils/index.js

@@ -3,9 +3,20 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.readJsonContent = exports.readFileContent = void 0;
-const fs_1 = __importDefault(require("fs"));
-const readFileContent = (filePath) => fs_1.default.readFileSync(filePath, 'utf-8');
+exports.recursivelyCollectFiles = exports.readJsonContent = exports.readFileContent = void 0;
+const node_fs_1 = __importDefault(require("node:fs"));
+const node_path_1 = __importDefault(require("node:path"));
+const readFileContent = (filePath) => node_fs_1.default.readFileSync(filePath, 'utf-8');
 exports.readFileContent = readFileContent;
 const readJsonContent = (filePath) => JSON.parse((0, exports.readFileContent)(filePath));
 exports.readJsonContent = readJsonContent;
+const recursivelyCollectFiles = (dir) => {
+    return node_fs_1.default.readdirSync(dir, { withFileTypes: true }).flatMap((entry) => {
+        const fullPath = node_path_1.default.join(dir, entry.name);
+        if (entry.isDirectory()) {
+            return (0, exports.recursivelyCollectFiles)(fullPath);
+        }
+        return entry.isFile() ? [fullPath] : [];
+    });
+};
+exports.recursivelyCollectFiles = recursivelyCollectFiles;

package/dist/utils/initializer/exposeRoutes.js

@@ -56,7 +56,7 @@ const exposeRoutes = (fastify) => __awaiter(void 0, void 0, void 0, function* ()
         }, function (req, res) {
             return __awaiter(this, void 0, void 0, function* () {
                 const { authCollection } = constants_1.AUTH_CONFIG;
-                const db = fastify.mongo.client.db(constants_1.DB_NAME);
+                const db = fastify.mongo.client.db(constants_1.AUTH_DB_NAME);
                 const { email, password } = req.body;
                 const hashedPassword = yield (0, crypto_1.hashPassword)(password);
                 const now = new Date();

package/dist/utils/initializer/mongodbCSFLE.d.ts

@@ -0,0 +1,69 @@
+import { UUID, type Document, type AWSEncryptionKeyOptions, type AWSKMSProviderConfiguration, type AzureEncryptionKeyOptions, type AzureKMSProviderConfiguration, type GCPKMSProviderConfiguration, type GCPEncryptionKeyOptions, type KMIPKMSProviderConfiguration, type KMIPEncryptionKeyOptions, type LocalKMSProviderConfiguration, type AutoEncryptionExtraOptions, type AutoEncryptionOptions } from "mongodb";
+import { type EncryptionSchemas } from "../../features/encryption/interface";
+type KMSProviderConfig = {
+    /**
+     * The alias of the key. It must be referenced in the schema map
+     * to select which key to use for encryption.
+     */
+    keyAlias: string;
+    /**
+     * KMS Provider name.
+     */
+    provider: "aws";
+    /**
+     * KMS Provider specific authorization configuration.
+     */
+    config: AWSKMSProviderConfiguration;
+    /**
+     * Configuration of the master key.
+     */
+    masterKey: AWSEncryptionKeyOptions;
+} | {
+    keyAlias: string;
+    provider: "azure";
+    config: AzureKMSProviderConfiguration;
+    masterKey: AzureEncryptionKeyOptions;
+} | {
+    keyAlias: string;
+    provider: "gcp";
+    config: GCPKMSProviderConfiguration;
+    masterKey: GCPEncryptionKeyOptions;
+} | {
+    keyAlias: string;
+    provider: "kmip";
+    config: KMIPKMSProviderConfiguration;
+    masterKey: KMIPEncryptionKeyOptions;
+} | {
+    keyAlias: string;
+    provider: "local";
+    config: LocalKMSProviderConfiguration;
+};
+export type MongoDbEncryptionConfig = {
+    kmsProviders: KMSProviderConfig[];
+    /**
+     * The Key Vault database name
+     * @default encryption
+     */
+    keyVaultDb?: string;
+    /**
+   * The Key Vault database collection
+   * @default __keyVault
+   */
+    keyVaultCollection?: string;
+    extraOptions?: AutoEncryptionExtraOptions;
+};
+type DataKey = {
+    dataKeyId: UUID;
+    dataKeyAlias: string;
+};
+export declare const buildSchemaMap: (schemas: EncryptionSchemas, dataKeys: DataKey[]) => Record<string, Document>;
+/**
+ * Setup MongoDB Client-Side Field Level Encryption (CSFLE).
+ * @see https://www.mongodb.com/docs/manual/core/csfle
+ */
+export declare const setupMongoDbCSFLE: (config: MongoDbEncryptionConfig & {
+    mongodbUrl: string;
+    schemas?: EncryptionSchemas;
+}) => Promise<AutoEncryptionOptions>;
+export {};
+//# sourceMappingURL=mongodbCSFLE.d.ts.map

package/dist/utils/initializer/mongodbCSFLE.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mongodbCSFLE.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/mongodbCSFLE.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,IAAI,EAEJ,KAAK,QAAQ,EACb,KAAK,uBAAuB,EAC5B,KAAK,2BAA2B,EAChC,KAAK,yBAAyB,EAC9B,KAAK,6BAA6B,EAClC,KAAK,2BAA2B,EAChC,KAAK,uBAAuB,EAC5B,KAAK,4BAA4B,EACjC,KAAK,wBAAwB,EAC7B,KAAK,6BAA6B,EAClC,KAAK,0BAA0B,EAE/B,KAAK,qBAAqB,EAC3B,MAAM,SAAS,CAAC;AACjB,OAAO,EAAoF,KAAK,iBAAiB,EAAE,MAAM,qCAAqC,CAAC;AAG/J,KAAK,iBAAiB,GAClB;IACA;;;OAGG;IACH,QAAQ,EAAE,MAAM,CAAA;IAChB;;OAEG;IACH,QAAQ,EAAE,KAAK,CAAA;IACf;;OAEG;IACH,MAAM,EAAE,2BAA2B,CAAA;IACnC;;OAEG;IACH,SAAS,EAAE,uBAAuB,CAAA;CACnC,GAAG;IACF,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,6BAA6B,CAAC;IACtC,SAAS,EAAE,yBAAyB,CAAA;CACrC,GAAG;IACF,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,KAAK,CAAA;IACf,MAAM,EAAE,2BAA2B,CAAC;IACpC,SAAS,EAAE,uBAAuB,CAAA;CACnC,GAAG;IACF,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,4BAA4B,CAAC;IACrC,SAAS,EAAE,wBAAwB,CAAA;CACpC,GAAG;IACF,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,6BAA6B,CAAC;CACvC,CAAA;AAEH,MAAM,MAAM,uBAAuB,GAAG;IACpC,YAAY,EAAE,iBAAiB,EAAE,CAAC;IAClC;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB;;;KAGC;IACD,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,YAAY,CAAC,EAAE,0BAA0B,CAAA;CAC1C,CAAA;AAOD,KAAK,OAAO,GAAG;IAAE,SAAS,EAAE,IAAI,CAAC;IAAC,YAAY,EAAE,MAAM,CAAA;CAAE,CAAA;AAkFxD,eAAO,MAAM,cAAc,GAAI,SAAS,iBAAiB,EAAE,UAAU,OAAO,EAAE,6BAK7E,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,iBAAiB,GAC5B,QAAQ,uBAAuB,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,iBAAiB,CAAA;CAAE,KACpF,OAAO,CAAC,qBAAqB,CA8C/B,CAAA"}

package/dist/utils/initializer/mongodbCSFLE.js

@@ -0,0 +1,131 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.setupMongoDbCSFLE = exports.buildSchemaMap = void 0;
+const mongodb_1 = require("mongodb");
+const constants_1 = require("../../constants");
+function ensureUniqueKeyAltNameIndex(db, config) {
+    return __awaiter(this, void 0, void 0, function* () {
+        yield db.collection(config.keyVaultCollection).createIndex({ keyAltNames: 1 }, {
+            unique: true,
+            partialFilterExpression: { keyAltNames: { $exists: true } },
+        });
+    });
+}
+/**
+ * Ensure provided KMS Providers DEK keys exist in the key vault. If not, they are created.
+ */
+function ensureDataEncryptionKeys(clientEncryption, keyVaultDb, config) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const keys = [];
+        for (const kmsProvider of config.kmsProviders) {
+            const existingKey = yield keyVaultDb.collection(config.keyVaultCollection).findOne({
+                keyAltNames: kmsProvider.keyAlias,
+            });
+            if ((existingKey === null || existingKey === void 0 ? void 0 : existingKey._id) instanceof mongodb_1.Binary) {
+                keys.push({ dataKeyId: existingKey._id, dataKeyAlias: kmsProvider.keyAlias });
+                continue;
+            }
+            const dataKeyId = yield clientEncryption.createDataKey(kmsProvider.provider, {
+                masterKey: "masterKey" in kmsProvider ? kmsProvider.masterKey : undefined,
+                keyAltNames: [kmsProvider.keyAlias],
+            });
+            console.log(`[MongoDB Encryption] Created new key with alias ${kmsProvider.keyAlias}`);
+            keys.push({ dataKeyId, dataKeyAlias: kmsProvider.keyAlias });
+        }
+        return keys;
+    });
+}
+/**
+ * Recursively resolve key aliases in an encryption schema to their corresponding key IDs.
+ */
+const resolveKeyAliases = (schema, dataKeys) => {
+    var _a, _b;
+    if ("encrypt" in schema) {
+        if (!schema.encrypt.keyAlias) {
+            return schema;
+        }
+        const keyId = (_a = dataKeys.find(k => k.dataKeyAlias === schema.encrypt.keyAlias)) === null || _a === void 0 ? void 0 : _a.dataKeyId;
+        if (!keyId) {
+            throw new Error(`Key with alias ${schema.encrypt.keyAlias} could not be found in the Key Vault.`);
+        }
+        return {
+            encrypt: {
+                bsonType: schema.encrypt.bsonType,
+                algorithm: schema.encrypt.algorithm,
+                keyId: [keyId]
+            }
+        };
+    }
+    const mappedSchema = {
+        bsonType: "object",
+        properties: Object.entries(schema.properties).reduce((acc, [property, config]) => {
+            acc[property] = resolveKeyAliases(config, dataKeys);
+            return acc;
+        }, {})
+    };
+    if (schema.encryptMetadata) {
+        const keyId = (_b = dataKeys.find(k => k.dataKeyAlias === schema.encryptMetadata.keyAlias)) === null || _b === void 0 ? void 0 : _b.dataKeyId;
+        if (!keyId) {
+            throw new Error(`Key with alias ${schema.encryptMetadata.keyAlias} could not be found in the Key Vault.`);
+        }
+        mappedSchema.encryptMetadata = { keyId: [keyId] };
+    }
+    return mappedSchema;
+};
+const buildSchemaMap = (schemas, dataKeys) => {
+    return Object.entries(schemas).reduce((acc, [key, schema]) => {
+        acc[key] = resolveKeyAliases(schema, dataKeys);
+        return acc;
+    }, {});
+};
+exports.buildSchemaMap = buildSchemaMap;
+/**
+ * Setup MongoDB Client-Side Field Level Encryption (CSFLE).
+ * @see https://www.mongodb.com/docs/manual/core/csfle
+ */
+const setupMongoDbCSFLE = (config) => __awaiter(void 0, void 0, void 0, function* () {
+    var _a, _b;
+    if (config.kmsProviders.length === 0) {
+        throw new Error('At least one KMS Provider is required when using MongoDB encryption');
+    }
+    const requiredConfig = {
+        kmsProviders: config.kmsProviders,
+        keyVaultDb: (_a = config.keyVaultDb) !== null && _a !== void 0 ? _a : constants_1.DEFAULT_CONFIG.MONGODB_ENCRYPTION_CONFIG.keyVaultDb,
+        keyVaultCollection: (_b = config.keyVaultDb) !== null && _b !== void 0 ? _b : constants_1.DEFAULT_CONFIG.MONGODB_ENCRYPTION_CONFIG.keyVaultCollection,
+    };
+    const kmsProviders = requiredConfig.kmsProviders.reduce((acc, { provider, config }) => (Object.assign(Object.assign({}, acc), { [provider]: config })), {});
+    const keyVaultNamespace = `${requiredConfig.keyVaultDb}.${requiredConfig.keyVaultCollection}`;
+    const keyVaultClient = new mongodb_1.MongoClient(config.mongodbUrl, {
+        maxPoolSize: 1,
+        autoEncryption: {
+            keyVaultNamespace,
+            kmsProviders,
+            extraOptions: config.extraOptions
+        }
+    });
+    yield keyVaultClient.connect();
+    const keyVaultDb = keyVaultClient.db(requiredConfig.keyVaultDb);
+    yield ensureUniqueKeyAltNameIndex(keyVaultDb, requiredConfig);
+    const clientEncryption = new mongodb_1.ClientEncryption(keyVaultClient, {
+        keyVaultNamespace,
+        kmsProviders,
+    });
+    const dataKeys = yield ensureDataEncryptionKeys(clientEncryption, keyVaultDb, requiredConfig);
+    yield keyVaultClient.close();
+    return {
+        keyVaultNamespace,
+        kmsProviders,
+        schemaMap: config.schemas ? (0, exports.buildSchemaMap)(config.schemas, dataKeys) : undefined,
+        extraOptions: config.extraOptions
+    };
+});
+exports.setupMongoDbCSFLE = setupMongoDbCSFLE;

package/dist/utils/initializer/registerPlugins.d.ts

@@ -1,6 +1,8 @@
 import { FastifyInstance } from 'fastify';
 import { CorsConfig } from '../../';
 import { Functions } from '../../features/functions/interface';
+import { EncryptionSchemas } from '../../features/encryption/interface';
+import { MongoDbEncryptionConfig } from './mongodbCSFLE';
 type RegisterFunction = FastifyInstance['register'];
 type RegisterPluginsParams = {
     register: RegisterFunction;
@@ -8,6 +10,8 @@ type RegisterPluginsParams = {
     jwtSecret: string;
     functionsList: Functions;
     corsConfig?: CorsConfig;
+    encryptionSchemas?: EncryptionSchemas;
+    mongodbEncryptionConfig?: MongoDbEncryptionConfig;
 };
 /**
  * > Used to register all plugins
@@ -16,6 +20,6 @@ type RegisterPluginsParams = {
  * @param jwtSecret -> connection jwt
  * @tested
  */
-export declare const registerPlugins: ({ register, mongodbUrl, jwtSecret, functionsList, corsConfig }: RegisterPluginsParams) => Promise<void>;
+export declare const registerPlugins: ({ register, mongodbUrl, jwtSecret, functionsList, corsConfig, mongodbEncryptionConfig, encryptionSchemas }: RegisterPluginsParams) => Promise<void>;
 export {};
 //# sourceMappingURL=registerPlugins.d.ts.map

package/dist/utils/initializer/registerPlugins.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"registerPlugins.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/registerPlugins.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAEzC,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAOnC,OAAO,EAAE,SAAS,EAAE,MAAM,oCAAoC,CAAA;AAG9D,KAAK,gBAAgB,GAAG,eAAe,CAAC,UAAU,CAAC,CAAA;AAGnD,KAAK,qBAAqB,GAAG;IAC3B,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,SAAS,CAAA;IACxB,UAAU,CAAC,EAAE,UAAU,CAAA;CACxB,CAAA;AAQD;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,GAAU,gEAMnC,qBAAqB,kBAsBvB,CAAA"}
+{"version":3,"file":"registerPlugins.d.ts","sourceRoot":"","sources":["../../../src/utils/initializer/registerPlugins.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAEzC,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAA;AAOnC,OAAO,EAAE,SAAS,EAAE,MAAM,oCAAoC,CAAA;AAC9D,OAAO,EAAE,iBAAiB,EAAE,MAAM,qCAAqC,CAAA;AAEvE,OAAO,EAAqB,uBAAuB,EAAE,MAAM,gBAAgB,CAAA;AAE3E,KAAK,gBAAgB,GAAG,eAAe,CAAC,UAAU,CAAC,CAAA;AAGnD,KAAK,qBAAqB,GAAG;IAC3B,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,SAAS,CAAA;IACxB,UAAU,CAAC,EAAE,UAAU,CAAA;IACvB,iBAAiB,CAAC,EAAE,iBAAiB,CAAA;IACrC,uBAAuB,CAAC,EAAE,uBAAuB,CAAA;CAClD,CAAA;AAQD;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,GAAU,4GAQnC,qBAAqB,kBAwBvB,CAAA"}

package/dist/utils/initializer/registerPlugins.js

@@ -23,6 +23,7 @@ const controller_3 = require("../../auth/providers/custom-function/controller");
 const controller_4 = require("../../auth/providers/local-userpass/controller");
 const constants_1 = require("../../constants");
 const plugin_1 = __importDefault(require("../../monitoring/plugin"));
+const mongodbCSFLE_1 = require("./mongodbCSFLE");
 /**
  * > Used to register all plugins
  * @param register -> the fastify register method
@@ -30,13 +31,15 @@ const plugin_1 = __importDefault(require("../../monitoring/plugin"));
  * @param jwtSecret -> connection jwt
  * @tested
  */
-const registerPlugins = (_a) => __awaiter(void 0, [_a], void 0, function* ({ register, mongodbUrl, jwtSecret, functionsList, corsConfig }) {
+const registerPlugins = (_a) => __awaiter(void 0, [_a], void 0, function* ({ register, mongodbUrl, jwtSecret, functionsList, corsConfig, mongodbEncryptionConfig, encryptionSchemas }) {
     try {
         const registersConfig = yield getRegisterConfig({
             mongodbUrl,
             jwtSecret,
             corsConfig,
-            functionsList
+            functionsList,
+            mongodbEncryptionConfig,
+            encryptionSchemas
         });
         registersConfig.forEach(({ plugin, options, pluginName }) => {
             try {
@@ -61,11 +64,14 @@ exports.registerPlugins = registerPlugins;
  * @param jwtSecret -> connection jwt
  * @testable
  */
-const getRegisterConfig = (_a) => __awaiter(void 0, [_a], void 0, function* ({ mongodbUrl, jwtSecret, corsConfig }) {
+const getRegisterConfig = (_a) => __awaiter(void 0, [_a], void 0, function* ({ mongodbUrl, jwtSecret, corsConfig, encryptionSchemas, mongodbEncryptionConfig, }) {
     const corsOptions = corsConfig !== null && corsConfig !== void 0 ? corsConfig : {
         origin: '*',
         methods: ['POST', 'GET']
     };
+    const autoEncryption = mongodbEncryptionConfig
+        ? yield (0, mongodbCSFLE_1.setupMongoDbCSFLE)(Object.assign({ mongodbUrl, schemas: encryptionSchemas }, mongodbEncryptionConfig))
+        : undefined;
     const baseConfig = [
         {
             pluginName: 'cors',
@@ -76,8 +82,24 @@ const getRegisterConfig = (_a) => __awaiter(void 0, [_a], void 0, function* ({ m
             pluginName: 'fastifyMongodb',
             plugin: mongodb_1.default,
             options: {
+                url: mongodbUrl,
                 forceClose: true,
-                url: mongodbUrl
+                autoEncryption
+            }
+        },
+        /**
+         * When auto-encryption is active, add another MongoDB client with bypass for change streams.
+         * The $changeStream operator does not support automatic encryption, only decryption.
+         * @see https://www.mongodb.com/docs/manual/core/csfle/reference/supported-operations
+         */
+        autoEncryption && {
+            pluginName: 'fastifyMongodb',
+            plugin: mongodb_1.default,
+            options: {
+                name: "changestream",
+                url: mongodbUrl,
+                forceClose: true,
+                autoEncryption: Object.assign(Object.assign({}, autoEncryption), { bypassAutoEncryption: true })
             }
         },
         {
@@ -133,5 +155,5 @@ const getRegisterConfig = (_a) => __awaiter(void 0, [_a], void 0, function* ({ m
             options: { basePath: '/monit' }
         });
     }
-    return baseConfig;
+    return baseConfig.filter(Boolean);
 });

package/dist/utils/rules-matcher/interface.d.ts

@@ -311,6 +311,8 @@ export type Operators = {
      * @returns
      */
     $regex: OperatorsFunction;
+    '%stringToOid': OperatorsFunction;
+    '%oidToString': OperatorsFunction;
 };
 export declare enum RulesOperators {
     $exists = "$exists",
@@ -328,7 +330,9 @@ export declare enum RulesOperators {
     $nin = "$nin",
     $all = "$all",
     $size = "$size",
-    $regex = "$regex"
+    $regex = "$regex",
+    '%stringToOid' = "%stringToOid",
+    '%oidToString' = "%oidToString"
 }
 export type RulesOperatorsInArray<T> = Partial<{
     [KEY in keyof T]: Partial<{

package/dist/utils/rules-matcher/interface.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../src/utils/rules-matcher/interface.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,EAAE,GAAG,KAAK,OAAO,CAAA;AAE7C,MAAM,MAAM,iBAAiB,GAAG;IAC9B,EAAE,EAAE,MAAM,SAAS,CAAA;IACnB,KAAK,EAAE,GAAG,CAAA;IACV,GAAG,CAAC,EAAE,GAAG,CAAA;CACV,CAAA;AAED,MAAM,WAAW,iBAAiB;IAChC;;;;;;;OAOG;IACH,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,OAAO,CAAA;IAC/B;;;;;;;;;OASG;IACH,IAAI,EAAE,CACJ,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAC1B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KAC1B;QACH,KAAK,EAAE,OAAO,CAAA;QACd,IAAI,EAAE,MAAM,CAAA;KACb,CAAA;IACD;;;;;;;;;OASG;IACH,MAAM,EAAE,CACN,KAAK,EAAE,WAAW,CAAC,GAAG,CAAC,EACvB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KACzB,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IACxB;;;;;;OAMG;IACH,MAAM,EAAE,WAAW,CAAA;IACnB;;;;;;OAMG;IACH,SAAS,EAAE,WAAW,CAAA;IACtB;;;;;;OAMG;IACH,QAAQ,EAAE,WAAW,CAAA;IACrB;;;;;;OAMG;IACH,UAAU,EAAE,WAAW,CAAA;IACvB;;;;;;OAMG;IACH,QAAQ,EAAE,WAAW,CAAA;IACrB;;;;;;OAMG;IACH,qBAAqB,EAAE,CAAC,KAAK,EAAE,WAAW,GAAG,SAAS,GAAG,MAAM,KAAK,iBAAiB,CAAA;IACrF;;;;;;OAMG;IACH,SAAS,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,MAAM,GAAG,IAAI,CAAA;IACxC;;;;;;OAMG;IACH,cAAc,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,iBAAiB,CAAA;IACjD;;;;;;;OAOG;IACH,OAAO,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,OAAO,CAAA;IAChC;;;;;;OAMG;IACH,UAAU,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,CAAA;IACrC;;;;;;;;OAQG;IACH,OAAO,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,KAAK,MAAM,CAAA;IAClD;;;;;;;OAOG;IACH,WAAW,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,KAAK,MAAM,CAAA;IACpC;;;;;;;;OAQG;IACH,SAAS,EAAE,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACvC,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,EACrB,IAAI,EAAE,CAAC,EACP,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KAC1B,OAAO,CAAA;IACZ;;;;;;;OAOG;IACH,OAAO,EAAE,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACrC,KAAK,CAAC,EAAE,CAAC,EACT,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KAC1B,MAAM,EAAE,GAAG,IAAI,CAAA;CACrB;AAED,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,GAAG,KAAK,OAAO,CAAA;AAElF,MAAM,MAAM,SAAS,GAAG;IACtB;;;;;;;;OAQG;IACH,OAAO,EAAE,iBAAiB,CAAA;IAC1B;;;;;;;OAOG;IACH,GAAG,EAAE,iBAAiB,CAAA;IACtB;;;;;;;OAOG;IACH,GAAG,EAAE,iBAAiB,CAAA;IACtB;;;;;;;OAOG;IACH,GAAG,EAAE,iBAAiB,CAAA;IACtB;;;;;;;OAOG;IACH,IAAI,EAAE,iBAAiB,CAAA;IACvB;;;;;;;OAOG;IACH,GAAG,EAAE,iBAAiB,CAAA;IACtB;;;;;;;OAOG;IACH,IAAI,EAAE,iBAAiB,CAAA;IACvB;;;;;;;OAOG;IACH,MAAM,EAAE,iBAAiB,CAAA;IACzB;;;;;;;OAOG;IACH,OAAO,EAAE,iBAAiB,CAAA;IAC1B;;;;;;;OAOG;IACH,MAAM,EAAE,iBAAiB,CAAA;IACzB;;;;;;;OAOG;IACH,OAAO,EAAE,iBAAiB,CAAA;IAE1B;;;;;;;;OAQG;IACH,GAAG,EAAE,iBAAiB,CAAA;IACtB;;;;;;;;OAQG;IACH,IAAI,EAAE,iBAAiB,CAAA;IACvB;;;;;;;;OAQG;IACH,IAAI,EAAE,iBAAiB,CAAA;IACvB;;;;;;;OAOG;IACH,KAAK,EAAE,iBAAiB,CAAA;IACxB;;;;;;;;;OASG;IACH,MAAM,EAAE,iBAAiB,CAAA;CAC1B,CAAA;AAED,oBAAY,cAAc;IACxB,OAAO,YAAY;IACnB,GAAG,QAAQ;IACX,GAAG,QAAQ;IACX,GAAG,QAAQ;IACX,IAAI,SAAS;IACb,GAAG,QAAQ;IACX,IAAI,SAAS;IACb,MAAM,WAAW;IACjB,OAAO,YAAY;IACnB,MAAM,WAAW;IACjB,OAAO,YAAY;IACnB,GAAG,QAAQ;IACX,IAAI,SAAS;IACb,IAAI,SAAS;IACb,KAAK,UAAU;IACf,MAAM,WAAW;CAClB;AAED,MAAM,MAAM,qBAAqB,CAAC,CAAC,IAAI,OAAO,CAAC;KAC5C,GAAG,IAAI,MAAM,CAAC,GAAG,OAAO,CAAC;SACvB,CAAC,IAAI,MAAM,OAAO,cAAc,GAAG,CAAC,CAAC,GAAG,CAAC;KAC3C,CAAC;CACH,CAAC,CAAA;AAEF,MAAM,MAAM,eAAe,CAAC,CAAC,IAAI;IAAE,eAAe,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,CAAC,CAAA;AAElE,oBAAY,UAAU;IACpB,IAAI,SAAS;IACb,GAAG,QAAQ;CACZ;AAED,MAAM,MAAM,WAAW,CAAC,CAAC,IACrB,eAAe,CAAC,CAAC,CAAC,GAClB;KACG,CAAC,IAAI,MAAM,OAAO,UAAU,GACzB,KAAK,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,GAChD,KAAK,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;CAC3C,GACD,KAAK,CAAC,OAAO,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAA"}
+{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../src/utils/rules-matcher/interface.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,EAAE,GAAG,KAAK,OAAO,CAAA;AAE7C,MAAM,MAAM,iBAAiB,GAAG;IAC9B,EAAE,EAAE,MAAM,SAAS,CAAA;IACnB,KAAK,EAAE,GAAG,CAAA;IACV,GAAG,CAAC,EAAE,GAAG,CAAA;CACV,CAAA;AAED,MAAM,WAAW,iBAAiB;IAChC;;;;;;;OAOG;IACH,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,OAAO,CAAA;IAC/B;;;;;;;;;OASG;IACH,IAAI,EAAE,CACJ,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EAC1B,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KAC1B;QACH,KAAK,EAAE,OAAO,CAAA;QACd,IAAI,EAAE,MAAM,CAAA;KACb,CAAA;IACD;;;;;;;;;OASG;IACH,MAAM,EAAE,CACN,KAAK,EAAE,WAAW,CAAC,GAAG,CAAC,EACvB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KACzB,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IACxB;;;;;;OAMG;IACH,MAAM,EAAE,WAAW,CAAA;IACnB;;;;;;OAMG;IACH,SAAS,EAAE,WAAW,CAAA;IACtB;;;;;;OAMG;IACH,QAAQ,EAAE,WAAW,CAAA;IACrB;;;;;;OAMG;IACH,UAAU,EAAE,WAAW,CAAA;IACvB;;;;;;OAMG;IACH,QAAQ,EAAE,WAAW,CAAA;IACrB;;;;;;OAMG;IACH,qBAAqB,EAAE,CAAC,KAAK,EAAE,WAAW,GAAG,SAAS,GAAG,MAAM,KAAK,iBAAiB,CAAA;IACrF;;;;;;OAMG;IACH,SAAS,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,MAAM,GAAG,IAAI,CAAA;IACxC;;;;;;OAMG;IACH,cAAc,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,iBAAiB,CAAA;IACjD;;;;;;;OAOG;IACH,OAAO,EAAE,CAAC,KAAK,EAAE,GAAG,KAAK,OAAO,CAAA;IAChC;;;;;;OAMG;IACH,UAAU,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,CAAA;IACrC;;;;;;;;OAQG;IACH,OAAO,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,KAAK,MAAM,CAAA;IAClD;;;;;;;OAOG;IACH,WAAW,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,KAAK,MAAM,CAAA;IACpC;;;;;;;;OAQG;IACH,SAAS,EAAE,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACvC,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,EACrB,IAAI,EAAE,CAAC,EACP,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KAC1B,OAAO,CAAA;IACZ;;;;;;;OAOG;IACH,OAAO,EAAE,CAAC,CAAC,SAAS,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACrC,KAAK,CAAC,EAAE,CAAC,EACT,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,KAC1B,MAAM,EAAE,GAAG,IAAI,CAAA;CACrB;AAED,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,GAAG,KAAK,OAAO,CAAA;AAElF,MAAM,MAAM,SAAS,GAAG;IACtB;;;;;;;;OAQG;IACH,OAAO,EAAE,iBAAiB,CAAA;IAC1B;;;;;;;OAOG;IACH,GAAG,EAAE,iBAAiB,CAAA;IACtB;;;;;;;OAOG;IACH,GAAG,EAAE,iBAAiB,CAAA;IACtB;;;;;;;OAOG;IACH,GAAG,EAAE,iBAAiB,CAAA;IACtB;;;;;;;OAOG;IACH,IAAI,EAAE,iBAAiB,CAAA;IACvB;;;;;;;OAOG;IACH,GAAG,EAAE,iBAAiB,CAAA;IACtB;;;;;;;OAOG;IACH,IAAI,EAAE,iBAAiB,CAAA;IACvB;;;;;;;OAOG;IACH,MAAM,EAAE,iBAAiB,CAAA;IACzB;;;;;;;OAOG;IACH,OAAO,EAAE,iBAAiB,CAAA;IAC1B;;;;;;;OAOG;IACH,MAAM,EAAE,iBAAiB,CAAA;IACzB;;;;;;;OAOG;IACH,OAAO,EAAE,iBAAiB,CAAA;IAE1B;;;;;;;;OAQG;IACH,GAAG,EAAE,iBAAiB,CAAA;IACtB;;;;;;;;OAQG;IACH,IAAI,EAAE,iBAAiB,CAAA;IACvB;;;;;;;;OAQG;IACH,IAAI,EAAE,iBAAiB,CAAA;IACvB;;;;;;;OAOG;IACH,KAAK,EAAE,iBAAiB,CAAA;IACxB;;;;;;;;;OASG;IACH,MAAM,EAAE,iBAAiB,CAAA;IACzB,cAAc,EAAE,iBAAiB,CAAA;IACjC,cAAc,EAAE,iBAAiB,CAAA;CAClC,CAAA;AAED,oBAAY,cAAc;IACxB,OAAO,YAAY;IACnB,GAAG,QAAQ;IACX,GAAG,QAAQ;IACX,GAAG,QAAQ;IACX,IAAI,SAAS;IACb,GAAG,QAAQ;IACX,IAAI,SAAS;IACb,MAAM,WAAW;IACjB,OAAO,YAAY;IACnB,MAAM,WAAW;IACjB,OAAO,YAAY;IACnB,GAAG,QAAQ;IACX,IAAI,SAAS;IACb,IAAI,SAAS;IACb,KAAK,UAAU;IACf,MAAM,WAAW;IACjB,cAAc,iBAAiB;IAC/B,cAAc,iBAAiB;CAChC;AAED,MAAM,MAAM,qBAAqB,CAAC,CAAC,IAAI,OAAO,CAAC;KAC5C,GAAG,IAAI,MAAM,CAAC,GAAG,OAAO,CAAC;SACvB,CAAC,IAAI,MAAM,OAAO,cAAc,GAAG,CAAC,CAAC,GAAG,CAAC;KAC3C,CAAC;CACH,CAAC,CAAA;AAEF,MAAM,MAAM,eAAe,CAAC,CAAC,IAAI;IAAE,eAAe,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,CAAC,CAAA;AAElE,oBAAY,UAAU;IACpB,IAAI,SAAS;IACb,GAAG,QAAQ;CACZ;AAED,MAAM,MAAM,WAAW,CAAC,CAAC,IACrB,eAAe,CAAC,CAAC,CAAC,GAClB;KACG,CAAC,IAAI,MAAM,OAAO,UAAU,GACzB,KAAK,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,GAChD,KAAK,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;CAC3C,GACD,KAAK,CAAC,OAAO,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAA"}

package/dist/utils/rules-matcher/interface.js

@@ -19,6 +19,8 @@ var RulesOperators;
     RulesOperators["$all"] = "$all";
     RulesOperators["$size"] = "$size";
     RulesOperators["$regex"] = "$regex";
+    RulesOperators["%stringToOid"] = "%stringToOid";
+    RulesOperators["%oidToString"] = "%oidToString";
 })(RulesOperators || (exports.RulesOperators = RulesOperators = {}));
 var RulesModes;
 (function (RulesModes) {

package/dist/utils/rules-matcher/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/utils/rules-matcher/utils.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAe,MAAM,aAAa,CAAA;AAIvE;;GAEG;AACH,QAAA,MAAM,iBAAiB,EAAE,iBAsNxB,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,SAAS,EAAE,SAwDvB,CAAA;AAID,eAAe,iBAAiB,CAAA"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/utils/rules-matcher/utils.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAe,MAAM,aAAa,CAAA;AAsDvE;;GAEG;AACH,QAAA,MAAM,iBAAiB,EAAE,iBAsNxB,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,SAAS,EAAE,SAoDvB,CAAA;AAID,eAAe,iBAAiB,CAAA"}

package/dist/utils/rules-matcher/utils.js

@@ -4,10 +4,44 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.operators = void 0;
+const bson_1 = require("bson");
 const get_1 = __importDefault(require("lodash/get"));
-const intersection_1 = __importDefault(require("lodash/intersection"));
 const trimStart_1 = __importDefault(require("lodash/trimStart"));
 const EMPTY_STRING_REGEXP = /^\s*$/;
+const HEX_24_REGEXP = /^[a-fA-F0-9]{24}$/;
+const toObjectIdHex = (value) => {
+    if (value instanceof bson_1.ObjectId) {
+        return value.toHexString();
+    }
+    if (typeof value === 'string') {
+        if (!HEX_24_REGEXP.test(value) || !bson_1.ObjectId.isValid(value)) {
+            return null;
+        }
+        return new bson_1.ObjectId(value).toHexString();
+    }
+    if (!value || typeof value !== 'object') {
+        return null;
+    }
+    const maybeObjectId = value;
+    if (maybeObjectId._bsontype === 'ObjectId' && typeof maybeObjectId.toHexString === 'function') {
+        const hex = maybeObjectId.toHexString();
+        return HEX_24_REGEXP.test(hex) ? hex.toLowerCase() : null;
+    }
+    return null;
+};
+const areSemanticallyEqual = (left, right) => {
+    const leftOid = toObjectIdHex(left);
+    const rightOid = toObjectIdHex(right);
+    if (leftOid || rightOid) {
+        return leftOid !== null && rightOid !== null && leftOid === rightOid;
+    }
+    return left === right;
+};
+const includesWithSemanticEquality = (value, candidate) => rulesMatcherUtils
+    .forceArray(candidate)
+    .some((item) => rulesMatcherUtils
+    .forceArray(value)
+    .some((sourceItem) => rulesMatcherUtils.forceArray(item).some((candidateItem) => areSemanticallyEqual(sourceItem, candidateItem))));
 /**
  * Defines a utility object named rulesMatcherUtils, which contains various helper functions used for processing rules and data in a rule-matching context.
  */
@@ -187,8 +221,8 @@ const rulesMatcherUtils = {
  */
 exports.operators = {
     $exists: (a, b) => !rulesMatcherUtils.isEmpty(a) === b,
-    $eq: (a, b) => a === b,
-    $ne: (a, b) => a !== b,
+    $eq: (a, b) => areSemanticallyEqual(a, b),
+    $ne: (a, b) => !areSemanticallyEqual(a, b),
     $gt: (a, b) => rulesMatcherUtils.forceNumber(a) > parseFloat(b),
     $gte: (a, b) => rulesMatcherUtils.forceNumber(a) >= parseFloat(b),
     $lt: (a, b) => rulesMatcherUtils.forceNumber(a) < parseFloat(b),
@@ -197,22 +231,23 @@ exports.operators = {
     $strGte: (a, b) => String(a || '').length >= parseFloat(b),
     $strLt: (a, b) => String(a || '').length < parseFloat(b),
     $strLte: (a, b) => String(a || '').length <= parseFloat(b),
-    $in: (a, b) => rulesMatcherUtils
-        .forceArray(b)
-        .some((c) => (0, intersection_1.default)(rulesMatcherUtils.forceArray(a), rulesMatcherUtils.forceArray(c))
-        .length),
-    $nin: (a, b) => !rulesMatcherUtils
-        .forceArray(b)
-        .some((c) => (0, intersection_1.default)(rulesMatcherUtils.forceArray(a), rulesMatcherUtils.forceArray(c))
-        .length),
-    $all: (a, b) => rulesMatcherUtils
-        .forceArray(b)
-        .every((c) => (0, intersection_1.default)(rulesMatcherUtils.forceArray(a), rulesMatcherUtils.forceArray(c))
-        .length),
+    $in: (a, b) => includesWithSemanticEquality(a, b),
+    $nin: (a, b) => !includesWithSemanticEquality(a, b),
+    $all: (a, b) => rulesMatcherUtils.forceArray(b).every((candidate) => rulesMatcherUtils
+        .forceArray(a)
+        .some((value) => rulesMatcherUtils.forceArray(candidate).some((item) => areSemanticallyEqual(value, item)))),
     $size: (a, b) => Array.isArray(a) && a.length === parseFloat(b),
     $regex: (a, b, opt) => rulesMatcherUtils
         .forceArray(b)
-        .some((c) => (c instanceof RegExp ? c.test(a) : new RegExp(c, opt).test(a)))
+        .some((c) => (c instanceof RegExp ? c.test(a) : new RegExp(c, opt).test(a))),
+    '%stringToOid': (a, b) => {
+        const converted = toObjectIdHex(b);
+        return converted !== null && areSemanticallyEqual(a, converted);
+    },
+    '%oidToString': (a, b) => {
+        const converted = toObjectIdHex(b);
+        return converted !== null && areSemanticallyEqual(a, converted);
+    }
 };
 // export default operators
 exports.default = rulesMatcherUtils;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flowerforce/flowerbase",
-  "version": "1.7.5",
+  "version": "1.7.6-beta.1",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -14,7 +14,8 @@
   "scripts": {
     "test": "npx jest",
     "build": "rm -rf dist/ && tsc",
-    "start": "node dist/src/index.ts"
+    "start": "node dist/src/index.ts",
+    "tsc:noemit": "tsc --noEmit"
   },
   "keywords": [],
   "author": "",
@@ -30,6 +31,7 @@
     "@fastify/swagger-ui": "^5.2.3",
     "@fastify/websocket": "^11.2.0",
     "bson": "^6.8.0",
+    "codemirror": "^5.65.16",
     "dotenv": "^16.4.7",
     "fastify": "^5.0.0",
     "fastify-plugin": "^5.0.1",

package/src/auth/__tests__/controller.test.ts

@@ -7,6 +7,7 @@ jest.mock('../../constants', () => ({
     userCollection: 'users',
     user_id_field: 'id'
   },
+  AUTH_DB_NAME: 'test-auth-db',
   DB_NAME: 'test-db',
   DEFAULT_CONFIG: {
     REFRESH_TOKEN_TTL_DAYS: 1

package/src/auth/controller.ts

@@ -1,6 +1,6 @@
 import { ObjectId } from 'bson'
 import { FastifyInstance } from 'fastify'
-import { AUTH_CONFIG, DB_NAME, DEFAULT_CONFIG } from '../constants'
+import { AUTH_CONFIG, AUTH_DB_NAME, DB_NAME, DEFAULT_CONFIG } from '../constants'
 import { StateManager } from '../state'
 import { hashToken } from '../utils/crypto'
 import { SessionCreatedDto } from './dtos'
@@ -23,11 +23,12 @@ type UnauthorizedSessionReply = typeof unauthorizedSessionError
 export async function authController(app: FastifyInstance) {
   const { authCollection, userCollection, refreshTokensCollection } = AUTH_CONFIG
 
-  const db = app.mongo.client.db(DB_NAME)
+  const authDb = app.mongo.client.db(AUTH_DB_NAME)
+  const customUserDb = app.mongo.client.db(DB_NAME)
   const refreshTokenTtlMs = DEFAULT_CONFIG.REFRESH_TOKEN_TTL_DAYS * 24 * 60 * 60 * 1000
 
   try {
-    await db.collection(refreshTokensCollection).createIndex(
+    await authDb.collection(refreshTokensCollection).createIndex(
       { expiresAt: 1 },
       { expireAfterSeconds: 0 }
     )
@@ -36,7 +37,7 @@ export async function authController(app: FastifyInstance) {
   }
 
   try {
-    await db.collection(authCollection).createIndex(
+    await authDb.collection(authCollection).createIndex(
       { email: 1 },
       {
         unique: true
@@ -63,12 +64,12 @@ export async function authController(app: FastifyInstance) {
     if (req.user.typ !== 'access') {
       throw new Error('Access token required')
     }
-    const authUser = await db
+    const authUser = await authDb
       .collection<Record<string, unknown>>(authCollection)
       .findOne({ _id: ObjectId.createFromHexString(req.user.id) })
 
     const customData = userCollection && AUTH_CONFIG.user_id_field
-      ? await db
+      ? await customUserDb
         .collection<Record<string, unknown>>(userCollection)
         .findOne({ [AUTH_CONFIG.user_id_field]: req.user.id })
       : null
@@ -117,7 +118,7 @@ export async function authController(app: FastifyInstance) {
       }
       const refreshToken = authHeader.slice('Bearer '.length).trim()
       const refreshTokenHash = hashToken(refreshToken)
-      const storedToken = await db.collection(refreshTokensCollection).findOne({
+      const storedToken = await authDb.collection(refreshTokensCollection).findOne({
         tokenHash: refreshTokenHash,
         revokedAt: null,
         expiresAt: { $gt: new Date() }
@@ -127,7 +128,7 @@ export async function authController(app: FastifyInstance) {
         return
       }
 
-      const auth_user = await db
+      const auth_user = await authDb
         ?.collection(authCollection)
         .findOne({ _id: new this.mongo.ObjectId(req.user.sub) })
 
@@ -137,7 +138,7 @@ export async function authController(app: FastifyInstance) {
       }
 
       const user = userCollection && AUTH_CONFIG.user_id_field
-        ? (await db!.collection(userCollection).findOne({ [AUTH_CONFIG.user_id_field]: req.user.sub }))
+        ? (await customUserDb.collection(userCollection).findOne({ [AUTH_CONFIG.user_id_field]: req.user.sub }))
         : {}
 
       res.status(201)
@@ -175,7 +176,7 @@ export async function authController(app: FastifyInstance) {
       const refreshTokenHash = hashToken(refreshToken)
       const now = new Date()
       const expiresAt = new Date(Date.now() + refreshTokenTtlMs)
-      const updateResult = await db.collection(refreshTokensCollection).findOneAndUpdate(
+      const updateResult = await authDb.collection(refreshTokensCollection).findOneAndUpdate(
         { tokenHash: refreshTokenHash },
         {
           $set: {
@@ -197,7 +198,7 @@ export async function authController(app: FastifyInstance) {
       }
 
       if (userId && authCollection) {
-        await db.collection(authCollection).updateOne(
+        await authDb.collection(authCollection).updateOne(
           { _id: userId },
           { $set: { lastLogoutAt: now } }
         )

package/src/auth/plugins/jwt.ts

@@ -1,7 +1,7 @@
 import fastifyJwt from '@fastify/jwt'
 import fp from 'fastify-plugin'
 import { Document, ObjectId, WithId } from 'mongodb'
-import { AUTH_CONFIG, DB_NAME, DEFAULT_CONFIG } from '../../constants'
+import { AUTH_CONFIG, AUTH_DB_NAME, DEFAULT_CONFIG } from '../../constants'
 
 type Options = {
   secret: string
@@ -51,7 +51,7 @@ export default fp(async function (fastify, opts: Options) {
       return
     }
 
-    const db = fastify.mongo?.client?.db(DB_NAME)
+    const db = fastify.mongo?.client?.db(AUTH_DB_NAME)
     if (!db) {
       fastify.log.warn('Mongo client unavailable while checking logout state')
       return