@friggframework/core 2.0.0-next.41 → 2.0.0-next.42

package/user/tests/use-cases/get-user-from-bearer-token.test.js

@@ -0,0 +1,64 @@
+const {
+    GetUserFromBearerToken,
+} = require('../../use-cases/get-user-from-bearer-token');
+const { TestUserRepository } = require('../doubles/test-user-repository');
+
+describe('GetUserFromBearerToken Use Case', () => {
+    let userRepository;
+    let getUserFromBearerToken;
+    let userConfig;
+
+    beforeEach(() => {
+        userConfig = {
+            usePassword: true,
+            primary: 'individual',
+            individualUserRequired: true,
+            organizationUserRequired: false,
+        };
+        userRepository = new TestUserRepository({ userConfig });
+        getUserFromBearerToken = new GetUserFromBearerToken({
+            userRepository,
+            userConfig
+        });
+    });
+
+    it('should retrieve a user for a valid bearer token', async () => {
+        const userId = 'user-123';
+        const token = await userRepository.createToken(userId);
+        const createdUserData = await userRepository.createIndividualUser({
+            id: userId,
+        });
+
+        const user = await getUserFromBearerToken.execute(`Bearer ${token}`);
+
+        expect(user).toBeDefined();
+        expect(user.getId()).toBe(createdUserData.id);
+    });
+
+    it('should throw an unauthorized error if the bearer token is missing', async () => {
+        await expect(getUserFromBearerToken.execute(null)).rejects.toThrow(
+            'Missing Authorization Header'
+        );
+    });
+
+    it('should throw an unauthorized error for an invalid token format', async () => {
+        await expect(
+            getUserFromBearerToken.execute('InvalidToken')
+        ).rejects.toThrow('Invalid Token Format');
+    });
+
+    it('should throw an unauthorized error if the Session Token is not found', async () => {
+        userRepository.getSessionToken = jest.fn().mockResolvedValue(null);
+        await expect(
+            getUserFromBearerToken.execute('Bearer invalid-token')
+        ).rejects.toThrow('Session Token Not Found');
+    });
+
+    it('should throw an unauthorized error if the token is valid but finds no user', async () => {
+        userRepository.getSessionToken = jest.fn().mockResolvedValue(null);
+        const token = await userRepository.createToken('user-dne');
+        await expect(
+            getUserFromBearerToken.execute(`Bearer ${token}`)
+        ).rejects.toThrow('Session Token Not Found');
+    });
+}); 

package/user/tests/use-cases/login-user.test.js

@@ -0,0 +1,140 @@
+const bcrypt = require('bcryptjs');
+const { LoginUser } = require('../../use-cases/login-user');
+const { TestUserRepository } = require('../doubles/test-user-repository');
+
+jest.mock('bcryptjs', () => ({
+    compareSync: jest.fn(),
+}));
+
+describe('LoginUser Use Case', () => {
+    let userRepository;
+    let loginUser;
+    let userConfig;
+
+    beforeEach(() => {
+        userConfig = { usePassword: true, individualUserRequired: true, organizationUserRequired: false };
+        userRepository = new TestUserRepository({ userConfig });
+        loginUser = new LoginUser({ userRepository, userConfig });
+
+        bcrypt.compareSync.mockClear();
+    });
+
+    describe('With Password Authentication', () => {
+        it('should successfully log in a user with correct credentials', async () => {
+            const username = 'test-user';
+            const password = 'password123';
+            await userRepository.createIndividualUser({
+                username,
+                hashword: 'hashed-password',
+            });
+
+            bcrypt.compareSync.mockReturnValue(true);
+
+            const user = await loginUser.execute({ username, password });
+
+            expect(bcrypt.compareSync).toHaveBeenCalledWith(
+                password,
+                'hashed-password'
+            );
+            expect(user).toBeDefined();
+            expect(user.getIndividualUser().username).toBe(username);
+        });
+
+        it('should throw an unauthorized error for an incorrect password', async () => {
+            const username = 'test-user';
+            const password = 'wrong-password';
+            await userRepository.createIndividualUser({
+                username,
+                hashword: 'hashed-password',
+            });
+
+            bcrypt.compareSync.mockReturnValue(false);
+
+            await expect(
+                loginUser.execute({ username, password })
+            ).rejects.toThrow('Incorrect username or password');
+        });
+
+        it('should throw an unauthorized error for a non-existent user', async () => {
+            const username = 'non-existent-user';
+            const password = 'password123';
+
+            await expect(
+                loginUser.execute({ username, password })
+            ).rejects.toThrow('user not found');
+        });
+    });
+
+    describe('Without Password (appUserId)', () => {
+        beforeEach(() => {
+            userConfig = { usePassword: false, individualUserRequired: true, organizationUserRequired: false };
+            userRepository = new TestUserRepository({ userConfig });
+            loginUser = new LoginUser({
+                userRepository,
+                userConfig,
+            });
+        });
+
+        it('should successfully retrieve a user by appUserId', async () => {
+            const appUserId = 'app-user-123';
+            const createdUserData = await userRepository.createIndividualUser({
+                appUserId,
+            });
+
+            const result = await loginUser.execute({ appUserId });
+            expect(result.getId()).toBe(createdUserData.id);
+        });
+    });
+
+    describe('With Organization User', () => {
+        beforeEach(() => {
+            userConfig = {
+                primary: 'organization',
+                individualUserRequired: false,
+                organizationUserRequired: true,
+            };
+            userRepository = new TestUserRepository({ userConfig });
+            loginUser = new LoginUser({
+                userRepository,
+                userConfig,
+            });
+        });
+
+        it('should successfully retrieve an organization user by appOrgId', async () => {
+            const appOrgId = 'app-org-123';
+            const createdUserData = await userRepository.createOrganizationUser({
+                name: 'Test Org',
+                appOrgId,
+            });
+
+            const result = await loginUser.execute({ appOrgId });
+            expect(result.getId()).toBe(createdUserData.id);
+        });
+
+        it('should throw an unauthorized error for a non-existent organization user', async () => {
+            const appOrgId = 'non-existent-org';
+
+            await expect(loginUser.execute({ appOrgId })).rejects.toThrow(
+                'org user non-existent-org not found'
+            );
+        });
+    });
+
+    describe('Required User Checks', () => {
+        it('should throw an error if a required individual user is not found', async () => {
+            userConfig = {
+                individualUserRequired: true,
+                usePassword: false,
+            };
+            userRepository = new TestUserRepository({ userConfig });
+            loginUser = new LoginUser({
+                userRepository,
+                userConfig,
+            });
+
+            await expect(
+                loginUser.execute({ appUserId: 'a-non-existent-user-id' })
+            ).rejects.toThrow('user not found');
+        });
+    });
+}); 

package/user/use-cases/create-individual-user.js

@@ -0,0 +1,61 @@
+const { get } = require('../../assertions');
+const Boom = require('@hapi/boom');
+const { User } = require('../user');
+
+/**
+ * Use case for creating an individual user.
+ * @class CreateIndividualUser
+ */
+class CreateIndividualUser {
+    /**
+     * Creates a new CreateIndividualUser instance.
+     * @param {Object} params - Configuration parameters.
+     * @param {import('../user-repository-interface').UserRepositoryInterface} params.userRepository - Repository for user data operations.
+     * @param {Object} params.userConfig - The user properties inside of the app definition.
+     */
+    constructor({ userRepository, userConfig }) {
+        this.userRepository = userRepository;
+        this.userConfig = userConfig;
+    }
+
+    /**
+     * Executes the use case.
+     * @async
+     * @param {Object} params - The parameters for creating the user.
+     * @returns {Promise<import('../user').User>} The newly created user object.
+     */
+    async execute(params) {
+        let hashword;
+        if (this.userConfig.usePassword) {
+            hashword = get(params, 'password');
+        }
+
+        const email = get(params, 'email', null);
+        const username = get(params, 'username', null);
+        if (!email && !username) {
+            throw Boom.badRequest('email or username is required');
+        }
+
+        const appUserId = get(params, 'appUserId', null);
+        const organizationUserId = get(params, 'organizationUserId', null);
+
+        const individualUserData = await this.userRepository.createIndividualUser({
+            email,
+            username,
+            hashword,
+            appUserId,
+            organizationUser: organizationUserId,
+        });
+
+        return new User(
+            individualUserData,
+            null,
+            this.userConfig.usePassword,
+            this.userConfig.primary,
+            this.userConfig.individualUserRequired,
+            this.userConfig.organizationUserRequired
+        );
+    }
+}
+
+module.exports = { CreateIndividualUser };

package/user/use-cases/create-organization-user.js

@@ -0,0 +1,47 @@
+const { get } = require('../../assertions');
+const { User } = require('../user');
+
+/**
+ * Use case for creating an organization user.
+ * @class CreateOrganizationUser
+ */
+class CreateOrganizationUser {
+    /**
+     * Creates a new CreateOrganizationUser instance.
+     * @param {Object} params - Configuration parameters.
+     * @param {import('../user-repository-interface').UserRepositoryInterface} params.userRepository - Repository for user data operations.
+     * @param {Object} params.userConfig - The user properties inside of the app definition.
+     */
+    constructor({ userRepository, userConfig }) {
+        this.userRepository = userRepository;
+        this.userConfig = userConfig;
+    }
+
+    /**
+     * Executes the use case.
+     * @async
+     * @param {Object} params - The parameters for creating the user.
+     * @returns {Promise<import('../user').User>} The newly created user object.
+     */
+    async execute(params) {
+        const name = get(params, 'name');
+        const appOrgId = get(params, 'appOrgId');
+
+        const organizationUserData =
+            await this.userRepository.createOrganizationUser({
+                name,
+                appOrgId,
+            });
+
+        return new User(
+            null,
+            organizationUserData,
+            this.userConfig.usePassword,
+            this.userConfig.primary,
+            this.userConfig.individualUserRequired,
+            this.userConfig.organizationUserRequired
+        );
+    }
+}
+
+module.exports = { CreateOrganizationUser }; 

package/user/use-cases/create-token-for-user-id.js

@@ -0,0 +1,30 @@
+const crypto = require('crypto');
+
+/**
+ * Use case for creating a token for a user ID.
+ * @class CreateTokenForUserId
+ */
+class CreateTokenForUserId {
+    /**
+     * Creates a new CreateTokenForUserId instance.
+     * @param {Object} params - Configuration parameters.
+     * @param {import('../user-repository-interface').UserRepositoryInterface} params.userRepository - Repository for user data operations.
+     */
+    constructor({ userRepository }) {
+        this.userRepository = userRepository;
+    }
+
+    /**
+     * Executes the use case.
+     * @async
+     * @param {string} userId - The ID of the user to create a token for.
+     * @param {number} minutes - The number of minutes until the token expires.
+     * @returns {Promise<string>} The user token.
+     */
+    async execute(userId, minutes) {
+        const rawToken = crypto.randomBytes(20).toString('hex');
+        return this.userRepository.createToken(userId, rawToken, minutes);
+    }
+}
+
+module.exports = { CreateTokenForUserId }; 

package/user/use-cases/get-user-from-bearer-token.js

@@ -0,0 +1,77 @@
+const Boom = require('@hapi/boom');
+const { User } = require('../user');
+
+/**
+ * Use case for retrieving a user from a bearer token.
+ * @class GetUserFromBearerToken
+ */
+class GetUserFromBearerToken {
+    /**
+     * Creates a new GetUserFromBearerToken instance.
+     * @param {Object} params - Configuration parameters.
+     * @param {import('../user-repository-interface').UserRepositoryInterface} params.userRepository - Repository for user data operations.
+     * @param {Object} params.userConfig - The user config in the app definition.
+     */
+    constructor({ userRepository, userConfig }) {
+        this.userRepository = userRepository;
+        this.userConfig = userConfig;
+    }
+
+    /**
+     * Executes the use case.
+     * @async
+     * @param {string} bearerToken - The bearer token from the authorization header.
+     * @returns {Promise<import('../user').User>} The authenticated user object.
+     * @throws {Boom} 401 Unauthorized if the token is missing, malformed, or invalid.
+     */
+    async execute(bearerToken) {
+        if (!bearerToken) {
+            throw Boom.unauthorized('Missing Authorization Header');
+        }
+
+        const token = bearerToken.split(' ')[1]?.trim();
+        if (!token) {
+            throw Boom.unauthorized('Invalid Token Format');
+        }
+
+        const sessionToken = await this.userRepository.getSessionToken(token);
+
+        if (!sessionToken) {
+            throw Boom.unauthorized('Session Token Not Found');
+        }
+
+        if (this.userConfig.primary === 'organization') {
+            const organizationUserData = await this.userRepository.findOrganizationUserById(sessionToken.user);
+
+            if (!organizationUserData) {
+                throw Boom.unauthorized('Organization User Not Found');
+            }
+
+            return new User(
+                null,
+                organizationUserData,
+                this.userConfig.usePassword,
+                this.userConfig.primary,
+                this.userConfig.individualUserRequired,
+                this.userConfig.organizationUserRequired
+            );
+        }
+
+        const individualUserData = await this.userRepository.findIndividualUserById(sessionToken.user);
+
+        if (!individualUserData) {
+            throw Boom.unauthorized('Individual User Not Found');
+        }
+
+        return new User(
+            individualUserData,
+            null,
+            this.userConfig.usePassword,
+            this.userConfig.primary,
+            this.userConfig.individualUserRequired,
+            this.userConfig.organizationUserRequired
+        );
+    }
+}
+
+module.exports = { GetUserFromBearerToken }; 

package/user/use-cases/login-user.js

@@ -0,0 +1,122 @@
+const Boom = require('@hapi/boom');
+const {
+    RequiredPropertyError,
+} = require('../../errors');
+const { User } = require('../user');
+
+/**
+ * Use case for logging in a user.
+ * @class LoginUser
+ */
+class LoginUser {
+    /**
+     * Creates a new LoginUser instance.
+     * @param {Object} params - Configuration parameters.
+     * @param {import('../user-repository-interface').UserRepositoryInterface} params.userRepository - Repository for user data operations.
+     * @param {Object} params.userConfig - The user properties inside of the app definition.
+     */
+    constructor({ userRepository, userConfig }) {
+        this.userRepository = userRepository;
+        this.userConfig = userConfig;
+    }
+
+    /**
+     * Executes the use case.
+     * @async
+     * @param {Object} userCredentials - The user's credentials for authentication.
+     * @param {string} [userCredentials.username] - The username for authentication.
+     * @param {string} [userCredentials.password] - The password for authentication.
+     * @param {string} [userCredentials.appUserId] - The app user id for authentication if no username and password are provided.
+     * @param {string} [userCredentials.appOrgId] - The app organization id for authentication if no username and password are provided.
+     * @returns {Promise<import('../user').User>} The authenticated user object.
+     */
+    async execute(userCredentials) {
+        const { username, password, appUserId, appOrgId } = userCredentials;
+        if (this.userConfig.individualUserRequired) {
+            if (this.userConfig.usePassword) {
+                if (!username) {
+                    throw new RequiredPropertyError({
+                        parent: this,
+                        key: 'username',
+                    });
+                }
+                if (!password) {
+                    throw new RequiredPropertyError({
+                        parent: this,
+                        key: 'password',
+                    });
+                }
+
+                const individualUserData =
+                    await this.userRepository.findIndividualUserByUsername(
+                        username
+                    );
+
+                if (!individualUserData) {
+                    throw Boom.unauthorized('user not found');
+                }
+
+                const individualUser = new User(
+                    individualUserData,
+                    null,
+                    this.userConfig.usePassword,
+                    this.userConfig.primary,
+                    this.userConfig.individualUserRequired,
+                    this.userConfig.organizationUserRequired
+                );
+
+                if (!individualUser.isPasswordValid(password)) {
+                    throw Boom.unauthorized('Incorrect username or password');
+                }
+
+                return individualUser;
+            } else {
+                const individualUserData =
+                    await this.userRepository.findIndividualUserByAppUserId(
+                        appUserId
+                    );
+
+                if (!individualUserData) {
+                    throw Boom.unauthorized('user not found');
+                }
+
+                const individualUser = new User(
+                    individualUserData,
+                    null,
+                    this.userConfig.usePassword,
+                    this.userConfig.primary,
+                    this.userConfig.individualUserRequired,
+                    this.userConfig.organizationUserRequired
+                );
+
+                return individualUser;
+            }
+        }
+
+
+        if (this.userConfig.organizationUserRequired) {
+
+            const organizationUserData =
+                await this.userRepository.findOrganizationUserByAppOrgId(appOrgId);
+
+            if (!organizationUserData) {
+                throw Boom.unauthorized(`org user ${appOrgId} not found`);
+            }
+
+            const organizationUser = new User(
+                null,
+                organizationUserData,
+                this.userConfig.usePassword,
+                this.userConfig.primary,
+                this.userConfig.individualUserRequired,
+                this.userConfig.organizationUserRequired
+            );
+
+            return organizationUser;
+        }
+
+        return null;
+    }
+}
+
+module.exports = { LoginUser }; 

package/user/user.js

@@ -0,0 +1,77 @@
+const bcrypt = require('bcryptjs');
+
+/**
+ * Represents a user in the system. The User class is a domain entity,
+ * @class User
+ */
+class User {
+    /**
+     * Creates a new User instance.
+     * @param {import('../database/models/IndividualUser').IndividualUser} [individualUser=null] - The individual user for the user.
+     * @param {import('../database/models/OrganizationUser').OrganizationUser} [organizationUser=null] - The organization user for the user.
+     * @param {boolean} [usePassword=false] - Whether the user has a password.
+     * @param {string} [primary='individual'] - The primary user type.
+     * @param {boolean} [individualUserRequired=true] - Whether the user is required to have an individual user.
+     * @param {boolean} [organizationUserRequired=false] - Whether the user is required to have an organization user.
+     */
+    constructor(individualUser = null, organizationUser = null, usePassword = false, primary = 'individual', individualUserRequired = true, organizationUserRequired = false) {
+        this.individualUser = individualUser;
+        this.organizationUser = organizationUser;
+        this.usePassword = usePassword;
+
+        this.config = {
+            primary,
+            individualUserRequired,
+            organizationUserRequired,
+        };
+    }
+
+    getPrimaryUser() {
+        if (this.config.primary === 'organization') {
+            return this.organizationUser;
+        }
+        return this.individualUser;
+    }
+
+    getId() {
+        return this.getPrimaryUser()?.id;
+    }
+
+    isPasswordRequired() {
+        return this.usePassword;
+    }
+
+    isPasswordValid(password) {
+        if (!this.isPasswordRequired()) {
+            return true;
+        }
+
+        return bcrypt.compareSync(password, this.getPrimaryUser().hashword);
+    }
+
+    setIndividualUser(individualUser) {
+        this.individualUser = individualUser;
+    }
+
+    setOrganizationUser(organizationUser) {
+        this.organizationUser = organizationUser;
+    }
+
+    isOrganizationUserRequired() {
+        return this.config.organizationUserRequired;
+    }
+
+    isIndividualUserRequired() {
+        return this.config.individualUserRequired;
+    }
+
+    getIndividualUser() {
+        return this.individualUser;
+    }
+
+    getOrganizationUser() {
+        return this.organizationUser;
+    }
+}
+
+module.exports = { User }; 

package/websocket/repositories/websocket-connection-repository-factory.js

@@ -0,0 +1,37 @@
+const {
+    WebsocketConnectionRepositoryMongo,
+} = require('./websocket-connection-repository-mongo');
+const {
+    WebsocketConnectionRepositoryPostgres,
+} = require('./websocket-connection-repository-postgres');
+const config = require('../../database/config');
+
+/**
+ * Websocket Connection Repository Factory
+ * Creates the appropriate repository adapter based on database type
+ *
+ * @returns {WebsocketConnectionRepositoryInterface} Configured repository adapter
+ */
+function createWebsocketConnectionRepository() {
+    const dbType = config.DB_TYPE;
+
+    switch (dbType) {
+        case 'mongodb':
+            return new WebsocketConnectionRepositoryMongo();
+
+        case 'postgresql':
+            return new WebsocketConnectionRepositoryPostgres();
+
+        default:
+            throw new Error(
+                `Unsupported database type: ${dbType}. Supported values: 'mongodb', 'postgresql'`
+            );
+    }
+}
+
+module.exports = {
+    createWebsocketConnectionRepository,
+    // Export adapters for direct testing
+    WebsocketConnectionRepositoryMongo,
+    WebsocketConnectionRepositoryPostgres,
+};