@flowerforce/flowerbase 1.7.6-beta.3 → 1.7.6-beta.5

package/dist/auth/providers/anon-user/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/anon-user/controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAOzC;;;;GAIG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,eAAe,iBAwE5D"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/anon-user/controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAOzC;;;;GAIG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,eAAe,iBAyE5D"}

package/dist/auth/providers/anon-user/controller.js

@@ -54,6 +54,7 @@ function anonUserController(app) {
                     email: anonEmail,
                     status: 'confirmed',
                     createdAt: now,
+                    lastLoginAt: now,
                     custom_data: {},
                     identities: [
                         {

package/dist/auth/providers/custom-function/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/custom-function/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAUzC;;;;GAIG;AACH,wBAAsB,wBAAwB,CAAC,GAAG,EAAE,eAAe,iBAqIlE"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/custom-function/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAUzC;;;;GAIG;AACH,wBAAsB,wBAAwB,CAAC,GAAG,EAAE,eAAe,iBA0IlE"}

package/dist/auth/providers/custom-function/controller.js

@@ -111,15 +111,17 @@ function customFunctionController(app) {
                     user_data: Object.assign(Object.assign({}, (user || {})), { id: authUser._id.toString(), email: authUser.email }),
                     custom_data: Object.assign({}, (user || {}))
                 };
+                const now = new Date();
                 const refreshToken = this.createRefreshToken(currentUserData);
                 const refreshTokenHash = (0, crypto_1.hashToken)(refreshToken);
                 yield authDb.collection(refreshTokensCollection).insertOne({
                     userId: authUser._id,
                     tokenHash: refreshTokenHash,
-                    createdAt: new Date(),
+                    createdAt: now,
                     expiresAt: new Date(Date.now() + refreshTokenTtlMs),
                     revokedAt: null
                 });
+                yield authDb.collection(authCollection).updateOne({ _id: authUser._id }, { $set: { lastLoginAt: now } });
                 return {
                     access_token: this.createAccessToken(currentUserData),
                     refresh_token: refreshToken,

package/dist/auth/providers/local-userpass/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAqCzC;;;;GAIG;AACH,wBAAsB,uBAAuB,CAAC,GAAG,EAAE,eAAe,iBAqXjE"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAuCzC;;;;GAIG;AACH,wBAAsB,uBAAuB,CAAC,GAAG,EAAE,eAAe,iBAsZjE"}

package/dist/auth/providers/local-userpass/controller.js

@@ -81,7 +81,7 @@ function localUserPassController(app) {
                 const currentFunction = functionsList[resetPasswordConfig.resetFunctionName];
                 const baseArgs = { token, tokenId, email, password, username: email };
                 const args = Array.isArray(extraArguments) ? [baseArgs, ...extraArguments] : [baseArgs];
-                yield (0, context_1.GenerateContext)({
+                const response = yield (0, context_1.GenerateContext)({
                     args,
                     app,
                     rules: {},
@@ -89,10 +89,32 @@ function localUserPassController(app) {
                     currentFunction,
                     functionName: resetPasswordConfig.resetFunctionName,
                     functionsList,
-                    services
+                    services,
+                    runAsSystem: true
                 });
-                return;
+                const resetStatus = response === null || response === void 0 ? void 0 : response.status;
+                if (resetStatus === 'success') {
+                    if (!password) {
+                        throw new Error(utils_1.AUTH_ERRORS.INVALID_RESET_FUNCTION_RESPONSE);
+                    }
+                    const hashedPassword = yield (0, crypto_1.hashPassword)(password);
+                    yield authDb.collection(authCollection).updateOne({ email }, {
+                        $set: {
+                            password: hashedPassword
+                        }
+                    });
+                    yield (authDb === null || authDb === void 0 ? void 0 : authDb.collection(resetPasswordCollection).deleteOne({ email }));
+                    return { status: 'success' };
+                }
+                if (resetStatus === 'pending') {
+                    return { status: 'pending' };
+                }
+                if (resetStatus === 'fail') {
+                    throw new Error(utils_1.AUTH_ERRORS.INVALID_RESET_PARAMS);
+                }
+                throw new Error(utils_1.AUTH_ERRORS.INVALID_RESET_FUNCTION_RESPONSE);
             }
+            return { status: 'pending' };
         });
         /**
          * Endpoint for user registration.
@@ -214,15 +236,17 @@ function localUserPassController(app) {
                 if (authUser && authUser.status !== 'confirmed') {
                     throw new Error(utils_1.AUTH_ERRORS.USER_NOT_CONFIRMED);
                 }
+                const now = new Date();
                 const refreshToken = this.createRefreshToken(userWithCustomData);
                 const refreshTokenHash = (0, crypto_1.hashToken)(refreshToken);
                 yield authDb.collection(refreshTokensCollection).insertOne({
                     userId: authUser._id,
                     tokenHash: refreshTokenHash,
-                    createdAt: new Date(),
+                    createdAt: now,
                     expiresAt: new Date(Date.now() + refreshTokenTtlMs),
                     revokedAt: null
                 });
+                yield authDb.collection(authCollection).updateOne({ _id: authUser._id }, { $set: { lastLoginAt: now } });
                 return {
                     access_token: this.createAccessToken(userWithCustomData),
                     refresh_token: refreshToken,
@@ -271,11 +295,9 @@ function localUserPassController(app) {
                     res.status(429);
                     return { message: 'Too many requests' };
                 }
-                yield handleResetPasswordRequest(req.body.email, req.body.password, req.body.arguments);
+                const result = yield handleResetPasswordRequest(req.body.email, req.body.password, req.body.arguments);
                 res.status(202);
-                return {
-                    status: 'ok'
-                };
+                return result;
             });
         });
         /**

package/dist/auth/utils.d.ts

@@ -146,6 +146,7 @@ export declare enum AUTH_ERRORS {
     INVALID_TOKEN = "Invalid refresh token provided",
     INVALID_RESET_PARAMS = "Invalid token or tokenId provided",
     MISSING_RESET_FUNCTION = "Missing reset function",
+    INVALID_RESET_FUNCTION_RESPONSE = "Invalid reset function response",
     USER_NOT_CONFIRMED = "User not confirmed"
 }
 export interface AuthConfig {

package/dist/auth/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,cAAc;;;CAA4C,CAAC;AACxE,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;CAexB,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;CAc7B,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;CAgB7B,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;CAWhC,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;CAU/B,CAAA;AAED,eAAO,MAAM,YAAY;;;;;;;;;;;;;;CAAoB,CAAA;AAE7C,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;CAe/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,UAAU,gBAAgB;IAC1B,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;IAC1D,sBAAsB,2BAA2B;IACjD,kBAAkB,uBAAuB;CAC1C;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;IACjC,WAAW,CAAC,EAAE,QAAQ,CAAA;CACvB;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,WAAW,CAAA;IACjB,IAAI,EAAE,WAAW,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAMD;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAuCjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAarC,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,eAAW,WAG3C,CAAA"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,cAAc;;;CAA4C,CAAC;AACxE,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;CAexB,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;CAc7B,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;CAgB7B,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;CAWhC,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;CAU/B,CAAA;AAED,eAAO,MAAM,YAAY;;;;;;;;;;;;;;CAAoB,CAAA;AAE7C,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;CAe/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,UAAU,gBAAgB;IAC1B,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;IAC1D,sBAAsB,2BAA2B;IACjD,+BAA+B,oCAAoC;IACnE,kBAAkB,uBAAuB;CAC1C;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;IACjC,WAAW,CAAC,EAAE,QAAQ,CAAA;CACvB;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,WAAW,CAAA;IACjB,IAAI,EAAE,WAAW,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAMD;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAuCjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAarC,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,eAAW,WAG3C,CAAA"}

package/dist/auth/utils.js

@@ -115,6 +115,7 @@ var AUTH_ERRORS;
     AUTH_ERRORS["INVALID_TOKEN"] = "Invalid refresh token provided";
     AUTH_ERRORS["INVALID_RESET_PARAMS"] = "Invalid token or tokenId provided";
     AUTH_ERRORS["MISSING_RESET_FUNCTION"] = "Missing reset function";
+    AUTH_ERRORS["INVALID_RESET_FUNCTION_RESPONSE"] = "Invalid reset function response";
     AUTH_ERRORS["USER_NOT_CONFIRMED"] = "User not confirmed";
 })(AUTH_ERRORS || (exports.AUTH_ERRORS = AUTH_ERRORS = {}));
 const resolveAppPath = () => { var _a, _b, _c; return (_c = (_a = process.env.FLOWERBASE_APP_PATH) !== null && _a !== void 0 ? _a : (_b = require.main) === null || _b === void 0 ? void 0 : _b.path) !== null && _c !== void 0 ? _c : process.cwd(); };

package/dist/features/endpoints/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/features/endpoints/utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAA;AAKvE,OAAO,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAA;AAE9D;;;GAGG;AACH,eAAO,MAAM,aAAa,GAAU,gBAAuB,KAAG,OAAO,CAAC,SAAS,CA+B9E,CAAA;AAED;;;;;;GAMG;AACH,eAAO,MAAM,gBAAgB,GAC3B,KAAK,eAAe,EACpB,SAAS,UAAU,CAAC,OAAO,eAAe,CAAC,EAC3C,UAAU,MAAM;;;;;;;CAkDhB,CAAA;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,GAAI,kEAM7B,qBAAqB,MACR,KAAK,cAAc,EAAE,KAAK,YAAY,gBA6CrD,CAAA"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/features/endpoints/utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAA;AAKvE,OAAO,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAA;AAE9D;;;GAGG;AACH,eAAO,MAAM,aAAa,GAAU,gBAAuB,KAAG,OAAO,CAAC,SAAS,CA+B9E,CAAA;AAED;;;;;;GAMG;AACH,eAAO,MAAM,gBAAgB,GAC3B,KAAK,eAAe,EACpB,SAAS,UAAU,CAAC,OAAO,eAAe,CAAC,EAC3C,UAAU,MAAM;;;;;;;CAkDhB,CAAA;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,GAAI,kEAM7B,qBAAqB,MACR,KAAK,cAAc,EAAE,KAAK,YAAY,gBAgDrD,CAAA"}

package/dist/features/endpoints/utils.js

@@ -135,6 +135,9 @@ const generateHandler = ({ app, currentFunction, functionName, functionsList, ru
                 setStatusCode: (code) => {
                     res.status(code);
                 },
+                setHeader: (name, value) => {
+                    res.header(name, value);
+                },
                 setBody: (body) => {
                     customResponseBody.data = body;
                 }

package/dist/features/triggers/interface.d.ts

@@ -22,7 +22,7 @@ type Config = {
     isAutoTrigger?: boolean;
     match: Record<string, unknown>;
     operation_types: string[];
-    operation_type?: 'CREATE' | 'DELETE' | 'LOGOUT';
+    operation_type?: 'CREATE' | 'DELETE' | 'LOGIN' | 'LOGOUT';
     providers?: string[];
     project: Record<string, unknown>;
     service_name: string;

package/dist/features/triggers/interface.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../src/features/triggers/interface.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAA;AACnD,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAE5D,MAAM,WAAW,OAAO;IACtB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,WAAW,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;IACd,gBAAgB,EAAE;QAChB,QAAQ,EAAE;YACR,MAAM,EAAE;gBACN,aAAa,EAAE,MAAM,CAAA;aACtB,CAAA;SACF,CAAA;KACF,CAAA;CACF;AAED,KAAK,MAAM,GAAG;IACZ,UAAU,EAAE,MAAM,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,aAAa,EAAE,OAAO,CAAA;IACtB,2BAA2B,EAAE,OAAO,CAAA;IACpC,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC9B,eAAe,EAAE,MAAM,EAAE,CAAA;IACzB,cAAc,CAAC,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,CAAA;IAC/C,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAChC,YAAY,EAAE,MAAM,CAAA;IACpB,mBAAmB,EAAE,OAAO,CAAA;IAC5B,sBAAsB,EAAE,OAAO,CAAA;IAC/B,SAAS,EAAE,OAAO,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG,WAAW,GAAG,UAAU,GAAG,gBAAgB,CAAA;AACrE,MAAM,MAAM,QAAQ,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,OAAO,CAAA;CAAE,EAAE,CAAA;AAE/D,MAAM,MAAM,aAAa,GAAG;IAC1B,MAAM,EAAE,MAAM,CAAA;IACd,cAAc,EAAE,QAAQ,CAAA;IACxB,GAAG,EAAE,eAAe,CAAA;IACpB,QAAQ,EAAE,QAAQ,CAAA;IAClB,aAAa,EAAE,SAAS,CAAA;IACxB,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,EAAE,WAAW,CAAA;IACxB,YAAY,EAAE,MAAM,CAAA;CACrB,CAAA"}
+{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../src/features/triggers/interface.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAA;AACnD,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAE5D,MAAM,WAAW,OAAO;IACtB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,WAAW,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;IACd,gBAAgB,EAAE;QAChB,QAAQ,EAAE;YACR,MAAM,EAAE;gBACN,aAAa,EAAE,MAAM,CAAA;aACtB,CAAA;SACF,CAAA;KACF,CAAA;CACF;AAED,KAAK,MAAM,GAAG;IACZ,UAAU,EAAE,MAAM,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,aAAa,EAAE,OAAO,CAAA;IACtB,2BAA2B,EAAE,OAAO,CAAA;IACpC,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC9B,eAAe,EAAE,MAAM,EAAE,CAAA;IACzB,cAAc,CAAC,EAAE,QAAQ,GAAG,QAAQ,GAAG,OAAO,GAAG,QAAQ,CAAA;IACzD,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAChC,YAAY,EAAE,MAAM,CAAA;IACpB,mBAAmB,EAAE,OAAO,CAAA;IAC5B,sBAAsB,EAAE,OAAO,CAAA;IAC/B,SAAS,EAAE,OAAO,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG,WAAW,GAAG,UAAU,GAAG,gBAAgB,CAAA;AACrE,MAAM,MAAM,QAAQ,GAAG;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,OAAO,CAAA;CAAE,EAAE,CAAA;AAE/D,MAAM,MAAM,aAAa,GAAG;IAC1B,MAAM,EAAE,MAAM,CAAA;IACd,cAAc,EAAE,QAAQ,CAAA;IACxB,GAAG,EAAE,eAAe,CAAA;IACpB,QAAQ,EAAE,QAAQ,CAAA;IAClB,aAAa,EAAE,SAAS,CAAA;IACxB,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,EAAE,WAAW,CAAA;IACxB,YAAY,EAAE,MAAM,CAAA;CACrB,CAAA"}

package/dist/features/triggers/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/features/triggers/utils.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,aAAa,EAAW,QAAQ,EAAE,MAAM,aAAa,CAAA;AA0E9D;;;;;;;GAOG;AACH,eAAO,MAAM,YAAY,GAAU,gBAAuB,KAAG,OAAO,CAAC,QAAQ,CAkB5E,CAAA;AA+mBD,eAAO,MAAM,gBAAgB;kHAxlB1B,aAAa;iHAggBb,aAAa;uHA/Yb,aAAa;CA2ef,CAAA"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/features/triggers/utils.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,aAAa,EAAW,QAAQ,EAAE,MAAM,aAAa,CAAA;AA0E9D;;;;;;;GAOG;AACH,eAAO,MAAM,YAAY,GAAU,gBAAuB,KAAG,OAAO,CAAC,QAAQ,CAkB5E,CAAA;AA2qBD,eAAO,MAAM,gBAAgB;kHAppB1B,aAAa;iHA4jBb,aAAa;uHA1cb,aAAa;CAsiBf,CAAA"}

package/dist/features/triggers/utils.js

@@ -170,6 +170,7 @@ const handleCronTrigger = (_a) => __awaiter(void 0, [_a], void 0, function* ({ c
 const mapOpInverse = {
     CREATE: ['insert', 'update', 'replace'],
     DELETE: ['delete'],
+    LOGIN: ['insert', 'update'],
     LOGOUT: ['update'],
 };
 const normalizeOperationTypes = (operationTypes = []) => operationTypes.map((op) => op.toLowerCase());
@@ -270,6 +271,8 @@ const handleAuthenticationTrigger = (_a) => __awaiter(void 0, [_a], void 0, func
             const isUpdate = operationType === 'update';
             const isReplace = operationType === 'replace';
             const isDelete = operationType === 'delete';
+            const isLoginInsert = isInsert && !!(fullDocument === null || fullDocument === void 0 ? void 0 : fullDocument.lastLoginAt);
+            const isLoginUpdate = isUpdate && !!updatedFields && 'lastLoginAt' in updatedFields;
             const isLogoutUpdate = isUpdate && !!updatedFields && 'lastLogoutAt' in updatedFields;
             let confirmedCandidate = false;
             let confirmedDocument = fullDocument;
@@ -353,6 +356,63 @@ const handleAuthenticationTrigger = (_a) => __awaiter(void 0, [_a], void 0, func
                 }
                 return;
             }
+            if (operation_type === 'LOGIN') {
+                if (!isLoginInsert && !isLoginUpdate) {
+                    return;
+                }
+                let loginDocument = fullDocument !== null && fullDocument !== void 0 ? fullDocument : confirmedDocument;
+                if (!loginDocument && (documentKey === null || documentKey === void 0 ? void 0 : documentKey._id)) {
+                    loginDocument = (yield collection.findOne({
+                        _id: documentKey._id
+                    }));
+                }
+                if (!matchesProviderFilter(loginDocument, providerFilter)) {
+                    return;
+                }
+                const userData = buildUserData(loginDocument);
+                if (!userData) {
+                    return;
+                }
+                const op = {
+                    operationType: 'LOGIN',
+                    fullDocument,
+                    fullDocumentBeforeChange,
+                    documentKey,
+                    updateDescription
+                };
+                try {
+                    emitTriggerEvent({
+                        status: 'fired',
+                        triggerName,
+                        triggerType,
+                        functionName,
+                        meta: Object.assign(Object.assign({}, baseMeta), { event: 'LOGIN' })
+                    });
+                    yield (0, context_1.GenerateContext)({
+                        args: [Object.assign({ user: userData }, op)],
+                        app,
+                        rules: state_1.StateManager.select("rules"),
+                        user: {}, // TODO from currentUser ??
+                        currentFunction: triggerHandler,
+                        functionName,
+                        functionsList,
+                        services,
+                        runAsSystem: true
+                    });
+                }
+                catch (error) {
+                    emitTriggerEvent({
+                        status: 'error',
+                        triggerName,
+                        triggerType,
+                        functionName,
+                        meta: Object.assign(Object.assign({}, baseMeta), { event: 'LOGIN' }),
+                        error
+                    });
+                    console.log("🚀 ~ handleAuthenticationTrigger ~ error:", error);
+                }
+                return;
+            }
             if (isDelete) {
                 if (isAutoTrigger || operation_type !== 'DELETE') {
                     return;

package/dist/utils/context/helpers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/utils/context/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAG1C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAE3C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAA;AAEvD,KAAK,QAAQ,GAAG;IACd,MAAM,EAAE,CACN,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,GAAG,MAAM,EACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KACzC,MAAM,CAAA;IACX,MAAM,EAAE,CACN,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,GAAG,MAAM,EACpB,YAAY,CAAC,EAAE,OAAO,EACtB,sBAAsB,CAAC,EAAE,MAAM,EAAE,KAC9B,OAAO,CAAA;CACb,CAAA;AAgFD;;;;;;;;;GASG;AACH,eAAO,MAAM,mBAAmB,GAAI,4GAUjC,yBAAyB;;;;;;;;;;;;;uBA4DP,SAAS;yBAGP,SAAS;;;;;;;;;;;;;;;;;;uBAcb,MAAM;;;;;;+BA5CU,MAAM,OAAO,QAAQ;;;;sCA1HrC,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8BAsGT,CAAC;iCAAa,CAAC;;;;;;;;;;;;;;;;;;;kCAtGP,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;0BAsGT,CAAC;6BAAa,CAAC;;;;;;;;;;;;;;;;;;kCAtGP,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;0BAsGT,CAAC;6BAAa,CAAC;;;;;;;;;;;;;;;4BAyEF,MAAM,OAAO,aAAa,WAAW,SAAS;;;CAiBrE,CAAA"}
+{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/utils/context/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAG1C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAE3C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAA;AAEvD,KAAK,QAAQ,GAAG;IACd,MAAM,EAAE,CACN,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,GAAG,MAAM,EACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KACzC,MAAM,CAAA;IACX,MAAM,EAAE,CACN,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,GAAG,MAAM,EACpB,YAAY,CAAC,EAAE,OAAO,EACtB,sBAAsB,CAAC,EAAE,MAAM,EAAE,KAC9B,OAAO,CAAA;CACb,CAAA;AAgFD;;;;;;;;;GASG;AACH,eAAO,MAAM,mBAAmB,GAAI,4GAUjC,yBAAyB;;;;;;;;;;;;;uBA4DP,SAAS;yBAGP,SAAS;;;;;;;;;;;;;;;;;;uBAcb,MAAM;;;;;;+BA5CU,MAAM,OAAO,QAAQ;;;;sCA1HrC,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8BAsGT,CAAC;iCAAa,CAAC;;;;;;;;;;;;;;;;;;;kCAtGP,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;0BAsGT,CAAC;6BAAa,CAAC;;;;;;;;;;;;;;;;;;kCAtGP,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;0BAsGT,CAAC;6BAAa,CAAC;;;;;;;;;;;;;;;4BAyEF,MAAM,OAAO,aAAa,WAAW,SAAS;;;CAkBrE,CAAA"}

package/dist/utils/context/helpers.js

@@ -176,16 +176,17 @@ const generateContextData = ({ user, services, app, rules, currentFunction, func
             https: getService('api'),
             functions: {
                 execute: (name, ...args) => {
-                    const currentFunction = functionsList[name];
+                    const targetFunction = functionsList[name];
                     return GenerateContextSync({
                         args,
                         app,
                         rules,
                         user,
-                        currentFunction,
+                        currentFunction: targetFunction,
                         functionName: String(name),
                         functionsList,
                         services,
+                        runAsSystem: currentFunction.run_as_system,
                         deserializeArgs: false
                     });
                 }

package/dist/utils/context/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/context/index.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAA;AA4JnD;;;;;;;;;;GAUG;AACH,wBAAsB,eAAe,CAAC,EACpC,IAAI,EACJ,GAAG,EACH,KAAK,EACL,IAAI,EACJ,eAAe,EACf,aAAa,EACb,QAAQ,EACR,YAAY,EACZ,WAAW,EACX,eAAsB,EACtB,OAAO,EACP,OAAO,EACR,EAAE,qBAAqB,GAAG,OAAO,CAAC,OAAO,CAAC,CA2G1C;AAED,wBAAgB,mBAAmB,CAAC,EAClC,IAAI,EACJ,GAAG,EACH,KAAK,EACL,IAAI,EACJ,eAAe,EACf,aAAa,EACb,QAAQ,EACR,YAAY,EACZ,WAAW,EACX,eAAsB,EACtB,OAAO,EACR,EAAE,qBAAqB,GAAG,OAAO,CA4BjC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/utils/context/index.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAA;AA4JnD;;;;;;;;;;GAUG;AACH,wBAAsB,eAAe,CAAC,EACpC,IAAI,EACJ,GAAG,EACH,KAAK,EACL,IAAI,EACJ,eAAe,EACf,aAAa,EACb,QAAQ,EACR,YAAY,EACZ,WAAW,EACX,eAAsB,EACtB,OAAO,EACP,OAAO,EACR,EAAE,qBAAqB,GAAG,OAAO,CAAC,OAAO,CAAC,CA2G1C;AAED,wBAAgB,mBAAmB,CAAC,EAClC,IAAI,EACJ,GAAG,EACH,KAAK,EACL,IAAI,EACJ,eAAe,EACf,aAAa,EACb,QAAQ,EACR,YAAY,EACZ,WAAW,EACX,eAAsB,EACtB,OAAO,EACR,EAAE,qBAAqB,GAAG,OAAO,CA6BjC"}

package/dist/utils/context/index.js

@@ -153,7 +153,8 @@ function GenerateContext(_a) {
         if (!currentFunction)
             return;
         const functionsQueue = state_1.StateManager.select("functionsQueue");
-        const functionToRun = Object.assign({ run_as_system: runAsSystem }, currentFunction);
+        const effectiveRunAsSystem = Boolean(runAsSystem || currentFunction.run_as_system);
+        const functionToRun = Object.assign(Object.assign({}, currentFunction), { run_as_system: effectiveRunAsSystem });
         const run = () => __awaiter(this, void 0, void 0, function* () {
             var _a;
             const contextData = (0, helpers_1.generateContextData)({
@@ -232,7 +233,8 @@ function GenerateContextSync({ args, app, rules, user, currentFunction, function
     var _a;
     if (!currentFunction)
         return;
-    const functionToRun = Object.assign({ run_as_system: runAsSystem }, currentFunction);
+    const effectiveRunAsSystem = Boolean(runAsSystem || currentFunction.run_as_system);
+    const functionToRun = Object.assign(Object.assign({}, currentFunction), { run_as_system: effectiveRunAsSystem });
     const contextData = (0, helpers_1.generateContextData)({
         user,
         services,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flowerforce/flowerbase",
-  "version": "1.7.6-beta.3",
+  "version": "1.7.6-beta.5",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/auth/providers/anon-user/controller.ts

@@ -50,6 +50,7 @@ export async function anonUserController(app: FastifyInstance) {
         email: anonEmail,
         status: 'confirmed',
         createdAt: now,
+        lastLoginAt: now,
         custom_data: {},
         identities: [
           {

package/src/auth/providers/custom-function/controller.ts

@@ -128,15 +128,20 @@ export async function customFunctionController(app: FastifyInstance) {
           ...(user || {})
         }
       }
+      const now = new Date()
       const refreshToken = this.createRefreshToken(currentUserData)
       const refreshTokenHash = hashToken(refreshToken)
       await authDb.collection(refreshTokensCollection).insertOne({
         userId: authUser._id,
         tokenHash: refreshTokenHash,
-        createdAt: new Date(),
+        createdAt: now,
         expiresAt: new Date(Date.now() + refreshTokenTtlMs),
         revokedAt: null
       })
+      await authDb.collection(authCollection!).updateOne(
+        { _id: authUser._id },
+        { $set: { lastLoginAt: now } }
+      )
       return {
         access_token: this.createAccessToken(currentUserData),
         refresh_token: refreshToken,

package/src/auth/providers/local-userpass/__tests__/controller.test.ts

@@ -0,0 +1,200 @@
+jest.mock('../../../../constants', () => ({
+  AUTH_CONFIG: {
+    authCollection: 'auth_users',
+    refreshTokensCollection: 'refresh_tokens',
+    resetPasswordCollection: 'reset_password_requests',
+    userCollection: 'users',
+    user_id_field: 'id',
+    authProviders: {
+      'local-userpass': {
+        disabled: false
+      }
+    },
+    resetPasswordConfig: {
+      runResetFunction: true,
+      resetFunctionName: 'customReset'
+    }
+  },
+  AUTH_DB_NAME: 'test-auth-db',
+  DB_NAME: 'test-db',
+  DEFAULT_CONFIG: {
+    RESET_PASSWORD_TTL_SECONDS: 3600,
+    AUTH_RATE_LIMIT_WINDOW_MS: 60000,
+    AUTH_LOGIN_MAX_ATTEMPTS: 5,
+    AUTH_REGISTER_MAX_ATTEMPTS: 5,
+    AUTH_RESET_MAX_ATTEMPTS: 5,
+    REFRESH_TOKEN_TTL_DAYS: 1
+  }
+}))
+
+jest.mock('../../../../state', () => ({
+  StateManager: {
+    select: jest.fn((key: string) => {
+      if (key === 'functions') {
+        return {
+          customReset: { name: 'customReset', code: 'exports = async () => ({ status: "success" })' }
+        }
+      }
+      if (key === 'services') {
+        return {}
+      }
+      return {}
+    })
+  }
+}))
+
+jest.mock('../../../../utils/context', () => ({
+  GenerateContext: jest.fn()
+}))
+
+jest.mock('../../../../utils/crypto', () => ({
+  comparePassword: jest.fn(),
+  generateToken: jest.fn(() => 'generated-token'),
+  hashPassword: jest.fn(async (password: string) => `hashed:${password}`),
+  hashToken: jest.fn(() => 'hashed-token')
+}))
+
+import { AUTH_ERRORS } from '../../../utils'
+import { localUserPassController } from '../controller'
+import { GenerateContext } from '../../../../utils/context'
+import { hashPassword } from '../../../../utils/crypto'
+
+describe('localUserPassController reset call', () => {
+  const buildApp = () => {
+    let resetCallHandler:
+      | ((req: { body: { email: string; password: string; arguments?: unknown[] }; ip: string }, res: { status: jest.Mock }) => Promise<unknown>)
+      | undefined
+
+    const authUsersCollection = {
+      findOne: jest.fn().mockResolvedValue({
+        _id: 'auth-user-1',
+        email: 'john@doe.com',
+        password: 'old-hash'
+      }),
+      updateOne: jest.fn().mockResolvedValue({ acknowledged: true })
+    }
+    const resetCollection = {
+      createIndex: jest.fn().mockResolvedValue('ok'),
+      updateOne: jest.fn().mockResolvedValue({ acknowledged: true }),
+      deleteOne: jest.fn().mockResolvedValue({ acknowledged: true }),
+      findOne: jest.fn()
+    }
+    const refreshCollection = {
+      createIndex: jest.fn().mockResolvedValue('ok'),
+      insertOne: jest.fn()
+    }
+    const usersCollection = {
+      findOne: jest.fn()
+    }
+    const db = {
+      collection: jest.fn((name: string) => {
+        if (name === 'auth_users') return authUsersCollection
+        if (name === 'reset_password_requests') return resetCollection
+        if (name === 'refresh_tokens') return refreshCollection
+        if (name === 'users') return usersCollection
+        return {}
+      })
+    }
+    const app = {
+      mongo: { client: { db: jest.fn().mockReturnValue(db) } },
+      post: jest.fn((path: string, _opts: unknown, handler: typeof resetCallHandler) => {
+        if (path === '/reset/call') {
+          resetCallHandler = handler
+        }
+      })
+    }
+
+    return { app, authUsersCollection, resetCollection, resetCallHandlerRef: () => resetCallHandler }
+  }
+
+  beforeEach(() => {
+    jest.clearAllMocks()
+  })
+
+  it('hashes and applies the password when the custom reset function returns success', async () => {
+    ;(GenerateContext as jest.Mock).mockResolvedValue({ status: 'success' })
+    const { app, authUsersCollection, resetCollection, resetCallHandlerRef } = buildApp()
+
+    await localUserPassController(app as never)
+
+    const res = { status: jest.fn() }
+    const result = await resetCallHandlerRef()?.(
+      {
+        body: { email: 'john@doe.com', password: 'new-secret', arguments: ['extra'] },
+        ip: '127.0.0.1'
+      },
+      res
+    )
+
+    expect(GenerateContext).toHaveBeenCalledWith(expect.objectContaining({
+      args: [
+        {
+          token: 'generated-token',
+          tokenId: 'generated-token',
+          email: 'john@doe.com',
+          password: 'new-secret',
+          username: 'john@doe.com'
+        },
+        'extra'
+      ],
+      runAsSystem: true
+    }))
+    expect(hashPassword).toHaveBeenCalledWith('new-secret')
+    expect(authUsersCollection.updateOne).toHaveBeenCalledWith(
+      { email: 'john@doe.com' },
+      { $set: { password: 'hashed:new-secret' } }
+    )
+    expect(resetCollection.deleteOne).toHaveBeenCalledWith({ email: 'john@doe.com' })
+    expect(res.status).toHaveBeenCalledWith(202)
+    expect(result).toEqual({ status: 'success' })
+  })
+
+  it('returns pending without changing the password when the custom reset function returns pending', async () => {
+    ;(GenerateContext as jest.Mock).mockResolvedValue({ status: 'pending' })
+    const { app, authUsersCollection, resetCollection, resetCallHandlerRef } = buildApp()
+
+    await localUserPassController(app as never)
+
+    const res = { status: jest.fn() }
+    const result = await resetCallHandlerRef()?.(
+      {
+        body: { email: 'john@doe.com', password: 'new-secret' },
+        ip: '127.0.0.1'
+      },
+      res
+    )
+
+    expect(hashPassword).not.toHaveBeenCalled()
+    expect(authUsersCollection.updateOne).not.toHaveBeenCalledWith(
+      { email: 'john@doe.com' },
+      expect.objectContaining({ $set: { password: expect.any(String) } })
+    )
+    expect(resetCollection.deleteOne).not.toHaveBeenCalled()
+    expect(res.status).toHaveBeenCalledWith(202)
+    expect(result).toEqual({ status: 'pending' })
+  })
+
+  it('rejects the request when the custom reset function returns fail', async () => {
+    ;(GenerateContext as jest.Mock).mockResolvedValue({ status: 'fail' })
+    const { app, authUsersCollection, resetCollection, resetCallHandlerRef } = buildApp()
+
+    await localUserPassController(app as never)
+
+    const res = { status: jest.fn() }
+
+    await expect(
+      resetCallHandlerRef()?.(
+        {
+          body: { email: 'john@doe.com', password: 'new-secret' },
+          ip: '127.0.0.1'
+        },
+        res
+      )
+    ).rejects.toThrow(AUTH_ERRORS.INVALID_RESET_PARAMS)
+
+    expect(hashPassword).not.toHaveBeenCalled()
+    expect(authUsersCollection.updateOne).not.toHaveBeenCalled()
+    expect(resetCollection.deleteOne).not.toHaveBeenCalled()
+    expect(res.status).not.toHaveBeenCalled()
+  })
+})

package/src/auth/providers/local-userpass/controller.ts

@@ -27,6 +27,8 @@ import {
 
 const rateLimitStore = new Map<string, number[]>()
 
+type ResetFunctionResult = { status?: 'success' | 'pending' | 'fail' }
+
 const isRateLimited = (key: string, maxAttempts: number, windowMs: number) => {
   const now = Date.now()
   const existing = rateLimitStore.get(key) ?? []
@@ -106,7 +108,7 @@ export async function localUserPassController(app: FastifyInstance) {
       const currentFunction = functionsList[resetPasswordConfig.resetFunctionName]
       const baseArgs = { token, tokenId, email, password, username: email }
       const args = Array.isArray(extraArguments) ? [baseArgs, ...extraArguments] : [baseArgs]
-      await GenerateContext({
+      const response = await GenerateContext({
         args,
         app,
         rules: {},
@@ -114,11 +116,41 @@ export async function localUserPassController(app: FastifyInstance) {
         currentFunction,
         functionName: resetPasswordConfig.resetFunctionName,
         functionsList,
-        services
-      })
-      return
+        services,
+        runAsSystem: true
+      }) as ResetFunctionResult
+      const resetStatus = response?.status
+
+      if (resetStatus === 'success') {
+        if (!password) {
+          throw new Error(AUTH_ERRORS.INVALID_RESET_FUNCTION_RESPONSE)
+        }
+
+        const hashedPassword = await hashPassword(password)
+        await authDb.collection(authCollection!).updateOne(
+          { email },
+          {
+            $set: {
+              password: hashedPassword
+            }
+          }
+        )
+        await authDb?.collection(resetPasswordCollection).deleteOne({ email })
+        return { status: 'success' as const }
+      }
+
+      if (resetStatus === 'pending') {
+        return { status: 'pending' as const }
+      }
+
+      if (resetStatus === 'fail') {
+        throw new Error(AUTH_ERRORS.INVALID_RESET_PARAMS)
+      }
+
+      throw new Error(AUTH_ERRORS.INVALID_RESET_FUNCTION_RESPONSE)
     }
 
+    return { status: 'pending' as const }
   }
 
   /**
@@ -283,15 +315,20 @@ export async function localUserPassController(app: FastifyInstance) {
         throw new Error(AUTH_ERRORS.USER_NOT_CONFIRMED)
       }
 
+      const now = new Date()
       const refreshToken = this.createRefreshToken(userWithCustomData)
       const refreshTokenHash = hashToken(refreshToken)
       await authDb.collection(refreshTokensCollection).insertOne({
         userId: authUser._id,
         tokenHash: refreshTokenHash,
-        createdAt: new Date(),
+        createdAt: now,
         expiresAt: new Date(Date.now() + refreshTokenTtlMs),
         revokedAt: null
       })
+      await authDb.collection(authCollection!).updateOne(
+        { _id: authUser._id },
+        { $set: { lastLoginAt: now } }
+      )
 
       return {
         access_token: this.createAccessToken(userWithCustomData),
@@ -347,15 +384,13 @@ export async function localUserPassController(app: FastifyInstance) {
         res.status(429)
         return { message: 'Too many requests' }
       }
-      await handleResetPasswordRequest(
+      const result = await handleResetPasswordRequest(
         req.body.email,
         req.body.password,
         req.body.arguments
       )
       res.status(202)
-      return {
-        status: 'ok'
-      }
+      return result
     }
   )
 

package/src/auth/utils.ts

@@ -117,6 +117,7 @@ export enum AUTH_ERRORS {
   INVALID_TOKEN = 'Invalid refresh token provided',
   INVALID_RESET_PARAMS = 'Invalid token or tokenId provided',
   MISSING_RESET_FUNCTION = 'Missing reset function',
+  INVALID_RESET_FUNCTION_RESPONSE = 'Invalid reset function response',
   USER_NOT_CONFIRMED = 'User not confirmed'
 }
 

package/src/features/endpoints/__tests__/utils.test.ts

@@ -0,0 +1,65 @@
+import { GenerateContext } from '../../../utils/context'
+import { generateHandler } from '../utils'
+
+jest.mock('../../../utils/context', () => ({
+  GenerateContext: jest.fn()
+}))
+
+const mockedGenerateContext = jest.mocked(GenerateContext)
+
+describe('generateHandler', () => {
+  beforeEach(() => {
+    mockedGenerateContext.mockReset()
+  })
+
+  it('allows endpoint functions to set custom response headers', async () => {
+    mockedGenerateContext.mockImplementation(async ({ args }) => {
+      const [, response] = args as [
+        { body: { text: () => string; rawBody: Buffer | string | undefined } },
+        {
+          setStatusCode: (code: number) => void
+          setHeader: (name: string, value: string | number | readonly string[]) => void
+          setBody: (body: unknown) => void
+        }
+      ]
+
+      response.setStatusCode(201)
+      response.setHeader('Content-Type', 'application/json')
+      response.setHeader('Cache-Control', 'no-store')
+      response.setBody(JSON.stringify({ ok: true }))
+
+      return { ignored: true }
+    })
+
+    const handler = generateHandler({
+      app: {} as any,
+      currentFunction: { code: 'module.exports = function () {}' } as any,
+      functionName: 'endpointHandler',
+      functionsList: {
+        endpointHandler: { code: 'module.exports = function () {}' }
+      } as any,
+      http_method: 'POST',
+      rulesList: {} as any
+    })
+
+    const res = {
+      status: jest.fn(),
+      header: jest.fn(),
+      send: jest.fn((body) => body)
+    } as any
+
+    const response = await handler({
+      body: { hello: 'world' },
+      headers: { accept: 'application/json' },
+      query: { page: '1' },
+      rawBody: '{"hello":"world"}',
+      user: { id: 'user-1' }
+    } as any, res)
+
+    expect(res.status).toHaveBeenCalledWith(201)
+    expect(res.header).toHaveBeenCalledWith('Content-Type', 'application/json')
+    expect(res.header).toHaveBeenCalledWith('Cache-Control', 'no-store')
+    expect(res.send).toHaveBeenCalledWith(JSON.stringify({ ok: true }))
+    expect(response).toBe(JSON.stringify({ ok: true }))
+  })
+})

package/src/features/endpoints/utils.ts

@@ -138,6 +138,9 @@ export const generateHandler = ({
         setStatusCode: (code: number) => {
           res.status(code)
         },
+        setHeader: (name: string, value: string | number | readonly string[]) => {
+          res.header(name, value)
+        },
         setBody: (body: unknown) => {
           customResponseBody.data = body
         }

package/src/features/triggers/interface.ts

@@ -24,7 +24,7 @@ type Config = {
   isAutoTrigger?: boolean
   match: Record<string, unknown>
   operation_types: string[]
-  operation_type?: 'CREATE' | 'DELETE' | 'LOGOUT'
+  operation_type?: 'CREATE' | 'DELETE' | 'LOGIN' | 'LOGOUT'
   providers?: string[]
   project: Record<string, unknown>
   service_name: string

package/src/features/triggers/utils.ts

@@ -172,6 +172,7 @@ const handleCronTrigger = async ({
 const mapOpInverse = {
   CREATE: ['insert', 'update', 'replace'],
   DELETE: ['delete'],
+  LOGIN: ['insert', 'update'],
   LOGOUT: ['update'],
 }
 
@@ -306,6 +307,8 @@ const handleAuthenticationTrigger = async ({
     const isUpdate = operationType === 'update'
     const isReplace = operationType === 'replace'
     const isDelete = operationType === 'delete'
+    const isLoginInsert = isInsert && !!(fullDocument as Record<string, unknown> | null)?.lastLoginAt
+    const isLoginUpdate = isUpdate && !!updatedFields && 'lastLoginAt' in updatedFields
     const isLogoutUpdate = isUpdate && !!updatedFields && 'lastLogoutAt' in updatedFields
 
     let confirmedCandidate = false
@@ -397,6 +400,63 @@ const handleAuthenticationTrigger = async ({
       return
     }
 
+    if (operation_type === 'LOGIN') {
+      if (!isLoginInsert && !isLoginUpdate) {
+        return
+      }
+      let loginDocument = fullDocument ?? confirmedDocument
+      if (!loginDocument && documentKey?._id) {
+        loginDocument = await collection.findOne({
+          _id: documentKey._id
+        }) as Record<string, unknown> | null
+      }
+      if (!matchesProviderFilter(loginDocument, providerFilter)) {
+        return
+      }
+      const userData = buildUserData(loginDocument)
+      if (!userData) {
+        return
+      }
+      const op = {
+        operationType: 'LOGIN',
+        fullDocument,
+        fullDocumentBeforeChange,
+        documentKey,
+        updateDescription
+      }
+      try {
+        emitTriggerEvent({
+          status: 'fired',
+          triggerName,
+          triggerType,
+          functionName,
+          meta: { ...baseMeta, event: 'LOGIN' }
+        })
+        await GenerateContext({
+          args: [{ user: userData, ...op }],
+          app,
+          rules: StateManager.select("rules"),
+          user: {},  // TODO from currentUser ??
+          currentFunction: triggerHandler,
+          functionName,
+          functionsList,
+          services,
+          runAsSystem: true
+        })
+      } catch (error) {
+        emitTriggerEvent({
+          status: 'error',
+          triggerName,
+          triggerType,
+          functionName,
+          meta: { ...baseMeta, event: 'LOGIN' },
+          error
+        })
+        console.log("🚀 ~ handleAuthenticationTrigger ~ error:", error)
+      }
+      return
+    }
+
     if (isDelete) {
       if (isAutoTrigger || operation_type !== 'DELETE') {
         return

package/src/utils/__tests__/contextExecuteCompatibility.test.ts

@@ -4,7 +4,7 @@ import { Functions } from '../../features/functions/interface'
 const mockServices = {
   api: jest.fn().mockReturnValue({}),
   aws: jest.fn().mockReturnValue({}),
-  'mongodb-atlas': jest.fn().mockReturnValue({})
+  'mongodb-atlas': jest.fn((_app, options) => options ?? {})
 } as any
 
 describe('context.functions.execute compatibility', () => {
@@ -91,4 +91,30 @@ describe('context.functions.execute compatibility', () => {
 
     expect(result).toBe(true)
   })
+
+  it('propagates run_as_system to child functions executed through context.functions.execute', () => {
+    const functionsList = {
+      caller: {
+        run_as_system: true,
+        code: 'module.exports = function() { return context.functions.execute("target") }'
+      },
+      target: {
+        run_as_system: false,
+        code: 'module.exports = function() { return context.services.get("mongodb-atlas").run_as_system }'
+      }
+    } as Functions
+
+    const result = GenerateContextSync({
+      args: [],
+      app: {} as any,
+      rules: {} as any,
+      user: {} as any,
+      currentFunction: functionsList.caller,
+      functionsList,
+      services: mockServices,
+      functionName: 'caller'
+    })
+
+    expect(result).toBe(true)
+  })
 })

package/src/utils/__tests__/generateContextData.test.ts

@@ -79,7 +79,11 @@ describe('generateContextData', () => {
     mockErrorLog.mockRestore()
 
     context.functions.execute('test')
-    expect(GenerateContextSyncMock).toHaveBeenCalled()
+    expect(GenerateContextSyncMock).toHaveBeenCalledWith(expect.objectContaining({
+      currentFunction,
+      functionName: 'test',
+      runAsSystem: currentFunction.run_as_system
+    }))
 
     const token = jwt.sign(
       { sub: 'user', role: 'admin' },

package/src/utils/context/helpers.ts

@@ -205,16 +205,17 @@ export const generateContextData = ({
       https: getService('api'),
       functions: {
         execute: (name: keyof typeof functionsList, ...args: Arguments) => {
-          const currentFunction = functionsList[name] as Function
+          const targetFunction = functionsList[name] as Function
           return GenerateContextSync({
             args,
             app,
             rules,
             user,
-            currentFunction,
+            currentFunction: targetFunction,
             functionName: String(name),
             functionsList,
             services,
+            runAsSystem: currentFunction.run_as_system,
             deserializeArgs: false
           })
         }

package/src/utils/context/index.ts

@@ -189,8 +189,8 @@ export async function GenerateContext({
   if (!currentFunction) return
 
   const functionsQueue = StateManager.select("functionsQueue")
-
-  const functionToRun = { run_as_system: runAsSystem, ...currentFunction }
+  const effectiveRunAsSystem = Boolean(runAsSystem || currentFunction.run_as_system)
+  const functionToRun = { ...currentFunction, run_as_system: effectiveRunAsSystem }
 
   const run = async () => {
 
@@ -309,7 +309,8 @@ export function GenerateContextSync({
 }: GenerateContextParams): unknown {
   if (!currentFunction) return
 
-  const functionToRun = { run_as_system: runAsSystem, ...currentFunction }
+  const effectiveRunAsSystem = Boolean(runAsSystem || currentFunction.run_as_system)
+  const functionToRun = { ...currentFunction, run_as_system: effectiveRunAsSystem }
   const contextData = generateContextData({
     user,
     services,