@flowerforce/flowerbase 1.8.4-beta.8 → 1.8.4-beta.9

package/dist/auth/providers/local-userpass/controller.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AA4CzC;;;;GAIG;AACH,wBAAsB,uBAAuB,CAAC,GAAG,EAAE,eAAe,iBAmajE"}
+{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/controller.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AA+CzC;;;;GAIG;AACH,wBAAsB,uBAAuB,CAAC,GAAG,EAAE,eAAe,iBA0bjE"}

package/dist/auth/providers/local-userpass/controller.js

@@ -20,6 +20,7 @@ const state_1 = require("../../../state");
 const context_1 = require("../../../utils/context");
 const crypto_1 = require("../../../utils/crypto");
 const utils_1 = require("../../utils");
+const handleUserRegistration_2 = require("../../../shared/handleUserRegistration");
 const rateLimitStore = new Map();
 const isRateLimited = (key, maxAttempts, windowMs) => {
     var _a;
@@ -210,6 +211,22 @@ function localUserPassController(app) {
             res.status(200);
             return { status: 'confirmed' };
         }));
+        app.post(utils_1.AUTH_ENDPOINTS.CONFIRM_SEND, {
+            schema: utils_1.CONFIRM_SEND_SCHEMA
+        }, (req, res) => __awaiter(this, void 0, void 0, function* () {
+            const localUserpassProvider = resolveLocalUserpassProvider();
+            if (!localUserpassProvider || localUserpassProvider.disabled) {
+                throw new Error('Local userpass authentication disabled');
+            }
+            const key = `confirm-send:${req.ip}`;
+            if (isRateLimited(key, resetMaxAttempts, rateLimitWindowMs)) {
+                res.status(429).send({ message: 'Too many requests' });
+                return;
+            }
+            yield (0, handleUserRegistration_2.sendConfirmationRequest)(app, req.body.email);
+            res.status(202);
+            return { status: 'ok' };
+        }));
         /**
          * Endpoint for user login.
          *

package/dist/auth/providers/local-userpass/dtos.d.ts

@@ -51,4 +51,9 @@ export interface ConfirmUserDto {
         tokenId: string;
     };
 }
+export interface ConfirmUserSendDto {
+    Body: {
+        email: string;
+    };
+}
 //# sourceMappingURL=dtos.d.ts.map

package/dist/auth/providers/local-userpass/dtos.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"dtos.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/dtos.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG;IAC5B,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,MAAM,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,KAAK,EAAE,cAAc,CAAA;IACrB,UAAU,EAAE,iBAAiB,CAAA;CAC9B,CAAA;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,eAAe,CAAA;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,YAAY,CAAA;IAClB,KAAK,EAAE,eAAe,GAAG,gBAAgB,GAAG,0BAA0B,CAAA;CACvE;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;CACF;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,SAAS,CAAC,EAAE,OAAO,EAAE,CAAA;KACtB,CAAA;CACF;AAED,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,OAAO,EAAE,MAAM,CAAA;QACf,QAAQ,EAAE,MAAM,CAAA;KACjB,CAAA;CACF;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,OAAO,EAAE,MAAM,CAAA;KAChB,CAAA;CACF"}
+{"version":3,"file":"dtos.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/dtos.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG;IAC5B,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,MAAM,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,KAAK,EAAE,cAAc,CAAA;IACrB,UAAU,EAAE,iBAAiB,CAAA;CAC9B,CAAA;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,eAAe,CAAA;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,YAAY,CAAA;IAClB,KAAK,EAAE,eAAe,GAAG,gBAAgB,GAAG,0BAA0B,CAAA;CACvE;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;CACF;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,SAAS,CAAC,EAAE,OAAO,EAAE,CAAA;KACtB,CAAA;CACF;AAED,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,OAAO,EAAE,MAAM,CAAA;QACf,QAAQ,EAAE,MAAM,CAAA;KACjB,CAAA;CACF;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,OAAO,EAAE,MAAM,CAAA;KAChB,CAAA;CACF;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;CACF"}

package/dist/auth/utils.d.ts

@@ -95,6 +95,21 @@ export declare const CONFIRM_USER_SCHEMA: {
         required: string[];
     };
 };
+export declare const CONFIRM_SEND_SCHEMA: {
+    tags: string[];
+    body: {
+        type: string;
+        properties: {
+            email: {
+                type: string;
+                pattern: string;
+                minLength: number;
+                maxLength: number;
+            };
+        };
+        required: string[];
+    };
+};
 export declare const RESET_SCHEMA: {
     tags: string[];
     body: {
@@ -134,6 +149,7 @@ export declare enum AUTH_ENDPOINTS {
     LOGIN = "/login",
     REGISTRATION = "/register",
     CONFIRM = "/confirm",
+    CONFIRM_SEND = "/confirm/send",
     PROFILE = "/profile",
     SESSION = "/session",
     RESET = "/reset/send",

package/dist/auth/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,cAAc;;;CAA4C,CAAC;AACxE,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;CAexB,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;CAc7B,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;CAgB7B,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;CAWhC,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;CAU/B,CAAA;AAED,eAAO,MAAM,YAAY;;;;;;;;;;;;;;CAAoB,CAAA;AAE7C,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;CAe/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,UAAU,gBAAgB;IAC1B,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;IAC1D,sBAAsB,2BAA2B;IACjD,+BAA+B,oCAAoC;IACnE,kBAAkB,uBAAuB;CAC1C;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;IACjC,WAAW,CAAC,EAAE,QAAQ,CAAA;CACvB;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,WAAW,CAAA;IACjB,IAAI,EAAE,WAAW,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAMD;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAuCjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAarC,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,eAAW,WAG3C,CAAA"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,cAAc;;;CAA4C,CAAC;AACxE,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;CAexB,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;CAc7B,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;CAgB7B,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;CAWhC,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;CAU/B,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;CAAoB,CAAA;AAEpD,eAAO,MAAM,YAAY;;;;;;;;;;;;;;CAAoB,CAAA;AAE7C,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;CAe/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,YAAY,kBAAkB;IAC9B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,UAAU,gBAAgB;IAC1B,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;IAC1D,sBAAsB,2BAA2B;IACjD,+BAA+B,oCAAoC;IACnE,kBAAkB,uBAAuB;CAC1C;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;IACjC,WAAW,CAAC,EAAE,QAAQ,CAAA;CACvB;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,WAAW,CAAA;IACjB,IAAI,EAAE,WAAW,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAMD;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAuCjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAarC,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,eAAW,WAG3C,CAAA"}

package/dist/auth/utils.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.generatePassword = exports.loadCustomUserData = exports.loadAuthConfig = exports.AUTH_ERRORS = exports.AUTH_ENDPOINTS = exports.REGISTRATION_SCHEMA = exports.RESET_SCHEMA = exports.CONFIRM_USER_SCHEMA = exports.CONFIRM_RESET_SCHEMA = exports.RESET_CALL_SCHEMA = exports.RESET_SEND_SCHEMA = exports.LOGIN_SCHEMA = exports.PASSWORD_RULES = void 0;
+exports.generatePassword = exports.loadCustomUserData = exports.loadAuthConfig = exports.AUTH_ERRORS = exports.AUTH_ENDPOINTS = exports.REGISTRATION_SCHEMA = exports.RESET_SCHEMA = exports.CONFIRM_SEND_SCHEMA = exports.CONFIRM_USER_SCHEMA = exports.CONFIRM_RESET_SCHEMA = exports.RESET_CALL_SCHEMA = exports.RESET_SEND_SCHEMA = exports.LOGIN_SCHEMA = exports.PASSWORD_RULES = void 0;
 const crypto_1 = __importDefault(require("crypto"));
 const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
@@ -80,6 +80,7 @@ exports.CONFIRM_USER_SCHEMA = {
         required: ['token', 'tokenId']
     }
 };
+exports.CONFIRM_SEND_SCHEMA = exports.RESET_SEND_SCHEMA;
 exports.RESET_SCHEMA = exports.RESET_SEND_SCHEMA;
 exports.REGISTRATION_SCHEMA = {
     tags: ['Auth'],
@@ -102,6 +103,7 @@ var AUTH_ENDPOINTS;
     AUTH_ENDPOINTS["LOGIN"] = "/login";
     AUTH_ENDPOINTS["REGISTRATION"] = "/register";
     AUTH_ENDPOINTS["CONFIRM"] = "/confirm";
+    AUTH_ENDPOINTS["CONFIRM_SEND"] = "/confirm/send";
     AUTH_ENDPOINTS["PROFILE"] = "/profile";
     AUTH_ENDPOINTS["SESSION"] = "/session";
     AUTH_ENDPOINTS["RESET"] = "/reset/send";

package/dist/shared/handleUserRegistration.d.ts

@@ -1,4 +1,12 @@
+import type { FastifyInstance } from "fastify/types/instance";
 import { HandleUserRegistration } from "./models/handleUserRegistration.model";
+export declare const sendConfirmationRequest: (app: FastifyInstance, email: string) => Promise<{
+    status: "success";
+} | {
+    status: "pending";
+} | {
+    status: "fail";
+} | null>;
 /**
  * Register user
  *

package/dist/shared/handleUserRegistration.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handleUserRegistration.d.ts","sourceRoot":"","sources":["../../src/shared/handleUserRegistration.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,sBAAsB,EAAE,MAAM,uCAAuC,CAAA;AAE9E;;;;;;GAMG;AACH,QAAA,MAAM,sBAAsB,EAAE,sBAwJ7B,CAAA;AAED,eAAe,sBAAsB,CAAA"}
+{"version":3,"file":"handleUserRegistration.d.ts","sourceRoot":"","sources":["../../src/shared/handleUserRegistration.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AAM7D,OAAO,EAAE,sBAAsB,EAAE,MAAM,uCAAuC,CAAA;AAI9E,eAAO,MAAM,uBAAuB,GAChC,KAAK,eAAe,EACpB,OAAO,MAAM;;;;;;SAgGhB,CAAA;AAED;;;;;;GAMG;AACH,QAAA,MAAM,sBAAsB,EAAE,sBA+E7B,CAAA;AAED,eAAe,sBAAsB,CAAA"}

package/dist/shared/handleUserRegistration.js

@@ -9,11 +9,89 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.sendConfirmationRequest = void 0;
 const constants_1 = require("../constants");
 const monitoring_1 = require("../services/monitoring");
 const state_1 = require("../state");
 const context_1 = require("../utils/context");
 const crypto_1 = require("../utils/crypto");
+const sendConfirmationRequest = (app, email) => __awaiter(void 0, void 0, void 0, function* () {
+    var _a;
+    const { authCollection } = constants_1.AUTH_CONFIG;
+    const localUserpassConfig = constants_1.AUTH_CONFIG.localUserpassConfig;
+    const autoConfirm = (localUserpassConfig === null || localUserpassConfig === void 0 ? void 0 : localUserpassConfig.autoConfirm) === true;
+    const runConfirmationFunction = (localUserpassConfig === null || localUserpassConfig === void 0 ? void 0 : localUserpassConfig.runConfirmationFunction) === true;
+    const confirmationFunctionName = localUserpassConfig === null || localUserpassConfig === void 0 ? void 0 : localUserpassConfig.confirmationFunctionName;
+    const normalizedEmail = email.toLowerCase();
+    const mongo = app === null || app === void 0 ? void 0 : app.mongo;
+    const db = mongo.client.db(constants_1.AUTH_DB_NAME);
+    const authUser = yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).findOne({ email: normalizedEmail }));
+    if (!authUser) {
+        return null;
+    }
+    if (authUser.status === 'confirmed' || autoConfirm) {
+        return { status: 'success' };
+    }
+    if (!runConfirmationFunction) {
+        throw new Error('Missing confirmation function');
+    }
+    if (!confirmationFunctionName) {
+        throw new Error('Missing confirmation function name');
+    }
+    const functionsList = state_1.StateManager.select('functions');
+    const services = state_1.StateManager.select('services');
+    const confirmationFunction = functionsList[confirmationFunctionName];
+    if (!confirmationFunction) {
+        throw new Error(`Confirmation function not found: ${confirmationFunctionName}`);
+    }
+    const token = (0, crypto_1.generateToken)();
+    const tokenId = (0, crypto_1.generateToken)();
+    yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ email: normalizedEmail }, {
+        $set: {
+            status: 'pending',
+            confirmationToken: token,
+            confirmationTokenId: tokenId
+        }
+    }));
+    let confirmationStatus = 'fail';
+    try {
+        const response = yield (0, context_1.GenerateContext)({
+            args: [{
+                    token,
+                    tokenId,
+                    username: normalizedEmail
+                }],
+            app,
+            rules: {},
+            user: {},
+            currentFunction: confirmationFunction,
+            functionName: confirmationFunctionName,
+            functionsList,
+            services,
+            runAsSystem: true
+        });
+        confirmationStatus = (_a = response === null || response === void 0 ? void 0 : response.status) !== null && _a !== void 0 ? _a : 'fail';
+    }
+    catch (_b) {
+        confirmationStatus = 'fail';
+    }
+    if (confirmationStatus === 'success') {
+        yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ email: normalizedEmail }, {
+            $set: { status: 'confirmed' },
+            $unset: { confirmationToken: '', confirmationTokenId: '' }
+        }));
+        return { status: 'success' };
+    }
+    if (confirmationStatus === 'pending') {
+        return { status: 'pending' };
+    }
+    yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ email: normalizedEmail }, {
+        $set: { status: 'failed' },
+        $unset: { confirmationToken: '', confirmationTokenId: '' }
+    }));
+    return { status: 'fail' };
+});
+exports.sendConfirmationRequest = sendConfirmationRequest;
 /**
  * Register user
  *
@@ -22,7 +100,7 @@ const crypto_1 = require("../utils/crypto");
  * @returns {Promise<InsertOneResult<Document>>} A promise resolving to the result of the insert operation.
  */
 const handleUserRegistration = (app, opt) => (_a) => __awaiter(void 0, [_a], void 0, function* ({ email, password }) {
-    var _b, _c;
+    var _b;
     const { run_as_system, skipUserCheck, provider } = opt !== null && opt !== void 0 ? opt : {};
     const origin = (_b = opt === null || opt === void 0 ? void 0 : opt.monitoring) === null || _b === void 0 ? void 0 : _b.invokedFrom;
     const meta = { action: 'registerUser', email, provider };
@@ -40,8 +118,6 @@ const handleUserRegistration = (app, opt) => (_a) => __awaiter(void 0, [_a], voi
         const { authCollection } = constants_1.AUTH_CONFIG;
         const localUserpassConfig = constants_1.AUTH_CONFIG.localUserpassConfig;
         const autoConfirm = (localUserpassConfig === null || localUserpassConfig === void 0 ? void 0 : localUserpassConfig.autoConfirm) === true;
-        const runConfirmationFunction = (localUserpassConfig === null || localUserpassConfig === void 0 ? void 0 : localUserpassConfig.runConfirmationFunction) === true;
-        const confirmationFunctionName = localUserpassConfig === null || localUserpassConfig === void 0 ? void 0 : localUserpassConfig.confirmationFunctionName;
         const mongo = app === null || app === void 0 ? void 0 : app.mongo;
         const db = mongo.client.db(constants_1.AUTH_DB_NAME);
         const hashedPassword = yield (0, crypto_1.hashPassword)(password);
@@ -79,62 +155,7 @@ const handleUserRegistration = (app, opt) => (_a) => __awaiter(void 0, [_a], voi
         if (!(result === null || result === void 0 ? void 0 : result.insertedId) || skipUserCheck || autoConfirm) {
             return result;
         }
-        if (!runConfirmationFunction) {
-            throw new Error('Missing confirmation function');
-        }
-        if (!confirmationFunctionName) {
-            throw new Error('Missing confirmation function name');
-        }
-        const functionsList = state_1.StateManager.select('functions');
-        const services = state_1.StateManager.select('services');
-        const confirmationFunction = functionsList[confirmationFunctionName];
-        if (!confirmationFunction) {
-            throw new Error(`Confirmation function not found: ${confirmationFunctionName}`);
-        }
-        const token = (0, crypto_1.generateToken)();
-        const tokenId = (0, crypto_1.generateToken)();
-        yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ _id: result.insertedId }, {
-            $set: {
-                confirmationToken: token,
-                confirmationTokenId: tokenId
-            }
-        }));
-        let confirmationStatus = 'fail';
-        try {
-            const response = yield (0, context_1.GenerateContext)({
-                args: [{
-                        token,
-                        tokenId,
-                        username: email
-                    }],
-                app,
-                rules: {},
-                user: {},
-                currentFunction: confirmationFunction,
-                functionName: confirmationFunctionName,
-                functionsList,
-                services,
-                runAsSystem: true
-            });
-            confirmationStatus = (_c = response === null || response === void 0 ? void 0 : response.status) !== null && _c !== void 0 ? _c : 'fail';
-        }
-        catch (_d) {
-            confirmationStatus = 'fail';
-        }
-        if (confirmationStatus === 'success') {
-            yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ _id: result.insertedId }, {
-                $set: { status: 'confirmed' },
-                $unset: { confirmationToken: '', confirmationTokenId: '' }
-            }));
-            return result;
-        }
-        if (confirmationStatus === 'pending') {
-            return result;
-        }
-        yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ _id: result.insertedId }, {
-            $set: { status: 'failed' },
-            $unset: { confirmationToken: '', confirmationTokenId: '' }
-        }));
+        yield (0, exports.sendConfirmationRequest)(app, email);
         return result;
     }
     catch (error) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flowerforce/flowerbase",
-  "version": "1.8.4-beta.8",
+  "version": "1.8.4-beta.9",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/src/auth/providers/local-userpass/__tests__/controller.test.ts

@@ -13,6 +13,11 @@ jest.mock('../../../../constants', () => ({
     resetPasswordConfig: {
       runResetFunction: true,
       resetFunctionName: 'customReset'
+    },
+    localUserpassConfig: {
+      autoConfirm: false,
+      runConfirmationFunction: true,
+      confirmationFunctionName: 'customConfirm'
     }
   },
   AUTH_DB_NAME: 'test-auth-db',
@@ -32,7 +37,8 @@ jest.mock('../../../../state', () => ({
     select: jest.fn((key: string) => {
       if (key === 'functions') {
         return {
-          customReset: { name: 'customReset', code: 'exports = async () => ({ status: "success" })' }
+          customReset: { name: 'customReset', code: 'exports = async () => ({ status: "success" })' },
+          customConfirm: { name: 'customConfirm', code: 'exports = async () => ({ status: "pending" })' }
         }
       }
       if (key === 'services') {
@@ -61,15 +67,14 @@ import { hashPassword } from '../../../../utils/crypto'
 
 describe('localUserPassController reset call', () => {
   const buildApp = () => {
-    let resetCallHandler:
-      | ((req: { body: { email: string; password: string; arguments?: unknown[] }; ip: string }, res: { status: jest.Mock }) => Promise<unknown>)
-      | undefined
+    const routeHandlers: Record<string, ((req: { body: any; ip: string }, res: { status: jest.Mock; send?: jest.Mock }) => Promise<unknown>) | undefined> = {}
 
     const authUsersCollection = {
       findOne: jest.fn().mockResolvedValue({
         _id: 'auth-user-1',
         email: 'john@doe.com',
-        password: 'old-hash'
+        password: 'old-hash',
+        status: 'pending'
       }),
       updateOne: jest.fn().mockResolvedValue({ acknowledged: true })
     }
@@ -97,14 +102,17 @@ describe('localUserPassController reset call', () => {
     }
     const app = {
       mongo: { client: { db: jest.fn().mockReturnValue(db) } },
-      post: jest.fn((path: string, _opts: unknown, handler: typeof resetCallHandler) => {
-        if (path === '/reset/call') {
-          resetCallHandler = handler
-        }
+      post: jest.fn((path: string, _opts: unknown, handler: (req: { body: any; ip: string }, res: { status: jest.Mock; send?: jest.Mock }) => Promise<unknown>) => {
+        routeHandlers[path] = handler
       })
     }
 
-    return { app, authUsersCollection, resetCollection, resetCallHandlerRef: () => resetCallHandler }
+    return {
+      app,
+      authUsersCollection,
+      resetCollection,
+      routeHandlerRef: (path: string) => routeHandlers[path]
+    }
   }
 
   beforeEach(() => {
@@ -112,13 +120,13 @@ describe('localUserPassController reset call', () => {
   })
 
   it('hashes and applies the password when the custom reset function returns success', async () => {
-    ;(GenerateContext as jest.Mock).mockResolvedValue({ status: 'success' })
-    const { app, authUsersCollection, resetCollection, resetCallHandlerRef } = buildApp()
+    ; (GenerateContext as jest.Mock).mockResolvedValue({ status: 'success' })
+    const { app, authUsersCollection, resetCollection, routeHandlerRef } = buildApp()
 
     await localUserPassController(app as never)
 
     const res = { status: jest.fn() }
-    const result = await resetCallHandlerRef()?.(
+    const result = await routeHandlerRef('/reset/call')?.(
       {
         body: { email: 'john@doe.com', password: 'new-secret', arguments: ['extra'] },
         ip: '127.0.0.1'
@@ -150,13 +158,13 @@ describe('localUserPassController reset call', () => {
   })
 
   it('returns pending without changing the password when the custom reset function returns pending', async () => {
-    ;(GenerateContext as jest.Mock).mockResolvedValue({ status: 'pending' })
-    const { app, authUsersCollection, resetCollection, resetCallHandlerRef } = buildApp()
+    ; (GenerateContext as jest.Mock).mockResolvedValue({ status: 'pending' })
+    const { app, authUsersCollection, resetCollection, routeHandlerRef } = buildApp()
 
     await localUserPassController(app as never)
 
     const res = { status: jest.fn() }
-    const result = await resetCallHandlerRef()?.(
+    const result = await routeHandlerRef('/reset/call')?.(
       {
         body: { email: 'john@doe.com', password: 'new-secret' },
         ip: '127.0.0.1'
@@ -175,15 +183,15 @@ describe('localUserPassController reset call', () => {
   })
 
   it('rejects the request when the custom reset function returns fail', async () => {
-    ;(GenerateContext as jest.Mock).mockResolvedValue({ status: 'fail' })
-    const { app, authUsersCollection, resetCollection, resetCallHandlerRef } = buildApp()
+    ; (GenerateContext as jest.Mock).mockResolvedValue({ status: 'fail' })
+    const { app, authUsersCollection, resetCollection, routeHandlerRef } = buildApp()
 
     await localUserPassController(app as never)
 
     const res = { status: jest.fn() }
 
     await expect(
-      resetCallHandlerRef()?.(
+      routeHandlerRef('/reset/call')?.(
         {
           body: { email: 'john@doe.com', password: 'new-secret' },
           ip: '127.0.0.1'
@@ -197,4 +205,44 @@ describe('localUserPassController reset call', () => {
     expect(resetCollection.deleteOne).not.toHaveBeenCalled()
     expect(res.status).not.toHaveBeenCalled()
   })
+
+  it('resends the confirmation email for local-userpass users', async () => {
+    ; (GenerateContext as jest.Mock).mockResolvedValue({ status: 'pending' })
+    const { app, authUsersCollection, routeHandlerRef } = buildApp()
+
+    await localUserPassController(app as never)
+
+    const res = { status: jest.fn() }
+    const result = await routeHandlerRef('/confirm/send')?.(
+      {
+        body: { email: 'John@Doe.com' },
+        ip: '127.0.0.1'
+      },
+      res
+    )
+
+    expect(GenerateContext).toHaveBeenCalledWith(expect.objectContaining({
+      args: [
+        {
+          token: 'generated-token',
+          tokenId: 'generated-token',
+          username: 'john@doe.com'
+        }
+      ],
+      functionName: 'customConfirm',
+      runAsSystem: true
+    }))
+    expect(authUsersCollection.updateOne).toHaveBeenCalledWith(
+      { email: 'john@doe.com' },
+      {
+        $set: {
+          status: 'pending',
+          confirmationToken: 'generated-token',
+          confirmationTokenId: 'generated-token'
+        }
+      }
+    )
+    expect(res.status).toHaveBeenCalledWith(202)
+    expect(result).toEqual({ status: 'ok' })
+  })
 })

package/src/auth/providers/local-userpass/controller.ts

@@ -15,6 +15,7 @@ import {
   AUTH_ENDPOINTS,
   AUTH_ERRORS,
   CONFIRM_RESET_SCHEMA,
+  CONFIRM_SEND_SCHEMA,
   CONFIRM_USER_SCHEMA,
   LOGIN_SCHEMA,
   REGISTRATION_SCHEMA,
@@ -23,12 +24,14 @@ import {
 } from '../../utils'
 import {
   ConfirmResetPasswordDto,
+  ConfirmUserSendDto,
   ConfirmUserDto,
   LoginDto,
   RegistrationDto,
   ResetPasswordCallDto,
   ResetPasswordSendDto
 } from './dtos'
+import { sendConfirmationRequest } from '../../../shared/handleUserRegistration'
 
 const rateLimitStore = new Map<string, number[]>()
 
@@ -267,6 +270,29 @@ export async function localUserPassController(app: FastifyInstance) {
     }
   )
 
+  app.post<ConfirmUserSendDto>(
+    AUTH_ENDPOINTS.CONFIRM_SEND,
+    {
+      schema: CONFIRM_SEND_SCHEMA
+    },
+    async (req, res) => {
+      const localUserpassProvider = resolveLocalUserpassProvider()
+      if (!localUserpassProvider || localUserpassProvider.disabled) {
+        throw new Error('Local userpass authentication disabled')
+      }
+      const key = `confirm-send:${req.ip}`
+      if (isRateLimited(key, resetMaxAttempts, rateLimitWindowMs)) {
+        res.status(429).send({ message: 'Too many requests' })
+        return
+      }
+
+      await sendConfirmationRequest(app, req.body.email)
+
+      res.status(202)
+      return { status: 'ok' }
+    }
+  )
+
   /**
    * Endpoint for user login.
    *
@@ -308,8 +334,8 @@ export async function localUserPassController(app: FastifyInstance) {
       const user =
         user_id_field && userCollection
           ? await customUserDb
-              .collection(userCollection)
-              .findOne({ [user_id_field]: authUser._id.toString() })
+            .collection(userCollection)
+            .findOne({ [user_id_field]: authUser._id.toString() })
           : {}
       delete authUser?.password
 

package/src/auth/providers/local-userpass/dtos.ts

@@ -61,3 +61,9 @@ export interface ConfirmUserDto {
     tokenId: string
   }
 }
+
+export interface ConfirmUserSendDto {
+  Body: {
+    email: string
+  }
+}

package/src/auth/utils.ts

@@ -81,6 +81,8 @@ export const CONFIRM_USER_SCHEMA = {
   }
 }
 
+export const CONFIRM_SEND_SCHEMA = RESET_SEND_SCHEMA
+
 export const RESET_SCHEMA = RESET_SEND_SCHEMA
 
 export const REGISTRATION_SCHEMA = {
@@ -104,6 +106,7 @@ export enum AUTH_ENDPOINTS {
   LOGIN = '/login',
   REGISTRATION = '/register',
   CONFIRM = '/confirm',
+  CONFIRM_SEND = '/confirm/send',
   PROFILE = '/profile',
   SESSION = '/session',
   RESET = '/reset/send',

package/src/shared/handleUserRegistration.ts

@@ -1,3 +1,4 @@
+import type { FastifyInstance } from "fastify/types/instance"
 import { AUTH_CONFIG, AUTH_DB_NAME } from "../constants"
 import { emitServiceEvent } from "../services/monitoring"
 import { StateManager } from "../state"
@@ -5,6 +6,108 @@ import { GenerateContext } from "../utils/context"
 import { generateToken, hashPassword } from "../utils/crypto"
 import { HandleUserRegistration } from "./models/handleUserRegistration.model"
 
+type ConfirmationResult = { status?: 'success' | 'pending' | 'fail' }
+
+export const sendConfirmationRequest = async (
+    app: FastifyInstance,
+    email: string
+) => {
+    const { authCollection } = AUTH_CONFIG
+    const localUserpassConfig = AUTH_CONFIG.localUserpassConfig
+    const autoConfirm = localUserpassConfig?.autoConfirm === true
+    const runConfirmationFunction = localUserpassConfig?.runConfirmationFunction === true
+    const confirmationFunctionName = localUserpassConfig?.confirmationFunctionName
+    const normalizedEmail = email.toLowerCase()
+    const mongo = app?.mongo
+    const db = mongo.client.db(AUTH_DB_NAME)
+    const authUser = await db?.collection(authCollection!).findOne({ email: normalizedEmail }) as {
+        status?: string
+    } | null
+
+    if (!authUser) {
+        return null
+    }
+
+    if (authUser.status === 'confirmed' || autoConfirm) {
+        return { status: 'success' as const }
+    }
+
+    if (!runConfirmationFunction) {
+        throw new Error('Missing confirmation function')
+    }
+
+    if (!confirmationFunctionName) {
+        throw new Error('Missing confirmation function name')
+    }
+
+    const functionsList = StateManager.select('functions')
+    const services = StateManager.select('services')
+    const confirmationFunction = functionsList[confirmationFunctionName]
+    if (!confirmationFunction) {
+        throw new Error(`Confirmation function not found: ${confirmationFunctionName}`)
+    }
+
+    const token = generateToken()
+    const tokenId = generateToken()
+    await db?.collection(authCollection!).updateOne(
+        { email: normalizedEmail },
+        {
+            $set: {
+                status: 'pending',
+                confirmationToken: token,
+                confirmationTokenId: tokenId
+            }
+        }
+    )
+
+    let confirmationStatus: ConfirmationResult['status'] = 'fail'
+    try {
+        const response = await GenerateContext({
+            args: [{
+                token,
+                tokenId,
+                username: normalizedEmail
+            }],
+            app,
+            rules: {},
+            user: {},
+            currentFunction: confirmationFunction,
+            functionName: confirmationFunctionName,
+            functionsList,
+            services,
+            runAsSystem: true
+        }) as ConfirmationResult
+        confirmationStatus = response?.status ?? 'fail'
+    } catch {
+        confirmationStatus = 'fail'
+    }
+
+    if (confirmationStatus === 'success') {
+        await db?.collection(authCollection!).updateOne(
+            { email: normalizedEmail },
+            {
+                $set: { status: 'confirmed' },
+                $unset: { confirmationToken: '', confirmationTokenId: '' }
+            }
+        )
+        return { status: 'success' as const }
+    }
+
+    if (confirmationStatus === 'pending') {
+        return { status: 'pending' as const }
+    }
+
+    await db?.collection(authCollection!).updateOne(
+        { email: normalizedEmail },
+        {
+            $set: { status: 'failed' },
+            $unset: { confirmationToken: '', confirmationTokenId: '' }
+        }
+    )
+
+    return { status: 'fail' as const }
+}
+
 /**
  * Register user
  *
@@ -32,8 +135,6 @@ const handleUserRegistration: HandleUserRegistration = (app, opt) => async ({ em
         const { authCollection } = AUTH_CONFIG
         const localUserpassConfig = AUTH_CONFIG.localUserpassConfig
         const autoConfirm = localUserpassConfig?.autoConfirm === true
-        const runConfirmationFunction = localUserpassConfig?.runConfirmationFunction === true
-        const confirmationFunctionName = localUserpassConfig?.confirmationFunctionName
         const mongo = app?.mongo
         const db = mongo.client.db(AUTH_DB_NAME)
         const hashedPassword = await hashPassword(password)
@@ -79,78 +180,7 @@ const handleUserRegistration: HandleUserRegistration = (app, opt) => async ({ em
             return result
         }
 
-        if (!runConfirmationFunction) {
-            throw new Error('Missing confirmation function')
-        }
-
-        if (!confirmationFunctionName) {
-            throw new Error('Missing confirmation function name')
-        }
-
-        const functionsList = StateManager.select('functions')
-        const services = StateManager.select('services')
-        const confirmationFunction = functionsList[confirmationFunctionName]
-        if (!confirmationFunction) {
-            throw new Error(`Confirmation function not found: ${confirmationFunctionName}`)
-        }
-
-        const token = generateToken()
-        const tokenId = generateToken()
-        await db?.collection(authCollection!).updateOne(
-            { _id: result.insertedId },
-            {
-                $set: {
-                    confirmationToken: token,
-                    confirmationTokenId: tokenId
-                }
-            }
-        )
-
-        type ConfirmationResult = { status?: 'success' | 'pending' | 'fail' }
-        let confirmationStatus: ConfirmationResult['status'] = 'fail'
-        try {
-            const response = await GenerateContext({
-                args: [{
-                    token,
-                    tokenId,
-                    username: email
-                }],
-                app,
-                rules: {},
-                user: {},
-                currentFunction: confirmationFunction,
-                functionName: confirmationFunctionName,
-                functionsList,
-                services,
-                runAsSystem: true
-            }) as ConfirmationResult
-            confirmationStatus = response?.status ?? 'fail'
-        } catch {
-            confirmationStatus = 'fail'
-        }
-
-        if (confirmationStatus === 'success') {
-            await db?.collection(authCollection!).updateOne(
-                { _id: result.insertedId },
-                {
-                    $set: { status: 'confirmed' },
-                    $unset: { confirmationToken: '', confirmationTokenId: '' }
-                }
-            )
-            return result
-        }
-
-        if (confirmationStatus === 'pending') {
-            return result
-        }
-
-        await db?.collection(authCollection!).updateOne(
-            { _id: result.insertedId },
-            {
-                $set: { status: 'failed' },
-                $unset: { confirmationToken: '', confirmationTokenId: '' }
-            }
-        )
+        await sendConfirmationRequest(app, email)
         return result
     } catch (error) {
         emitServiceEvent({