@goscribe/server 1.2.0 → 1.3.1

package/dist/routers/auth.js

@@ -1,15 +1,33 @@
 import { z } from 'zod';
-import { router, publicProcedure } from '../trpc.js';
+import { router, publicProcedure, authedProcedure } from '../trpc.js';
+import PusherService from '../lib/pusher.js';
+import { logger } from '../lib/logger.js';
 import bcrypt from 'bcryptjs';
 import { serialize } from 'cookie';
 import crypto from 'node:crypto';
 import { TRPCError } from '@trpc/server';
 import { supabaseClient } from '../lib/storage.js';
+import { sendVerificationEmail, sendAccountDeletionScheduledEmail, sendAccountRestoredEmail, sendPasswordResetEmail, } from '../lib/email.js';
+import { createStripeCustomer } from '../lib/stripe.js';
+import { notifyAdminsAccountDeletionScheduled, notifyAdminsOnSignup, } from '../lib/notification-service.js';
 // Helper to create custom auth token
+const passwordFieldSchema = z
+    .string()
+    .min(8, 'Password must be at least 8 characters')
+    .regex(/[A-Z]/, 'Password must contain at least one uppercase letter')
+    .regex(/[0-9]/, 'Password must contain at least one number')
+    .regex(/[^a-zA-Z0-9]/, 'Password must contain at least one special character');
+function hashPasswordResetToken(rawToken) {
+    return crypto.createHash('sha256').update(rawToken, 'utf8').digest('hex');
+}
+/** Use until `npx prisma generate` runs after adding PasswordResetToken to the schema. */
+function passwordResetDb(ctx) {
+    return ctx.db.passwordResetToken;
+}
 function createCustomAuthToken(userId) {
     const secret = process.env.AUTH_SECRET;
     if (!secret) {
-        throw new Error("AUTH_SECRET is not set");
+        throw new TRPCError({ code: 'INTERNAL_SERVER_ERROR', message: "AUTH_SECRET is not set" });
     }
     const base64UserId = Buffer.from(userId, 'utf8').toString('base64url');
     const hmac = crypto.createHmac('sha256', secret);
@@ -37,18 +55,58 @@ export const auth = router({
             message: 'Profile updated successfully',
         };
     }),
-    uploadProfilePicture: publicProcedure
+    changePassword: authedProcedure
+        .input(z.object({
+        currentPassword: z.string().min(1, "Current password is required"),
+        newPassword: passwordFieldSchema,
+    }))
         .mutation(async ({ ctx, input }) => {
-        const objectKey = `profile_picture_${ctx.session.user.id}`;
+        const user = await ctx.db.user.findUnique({
+            where: { id: ctx.session.user.id },
+            select: { id: true, passwordHash: true },
+        });
+        if (!user) {
+            throw new TRPCError({ code: 'NOT_FOUND', message: 'User not found' });
+        }
+        if (!user.passwordHash) {
+            throw new TRPCError({
+                code: 'BAD_REQUEST',
+                message: 'Password change is unavailable for this account.',
+            });
+        }
+        const validCurrentPassword = await bcrypt.compare(input.currentPassword, user.passwordHash);
+        if (!validCurrentPassword) {
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: 'Current password is incorrect' });
+        }
+        const isSamePassword = await bcrypt.compare(input.newPassword, user.passwordHash);
+        if (isSamePassword) {
+            throw new TRPCError({
+                code: 'BAD_REQUEST',
+                message: 'New password must be different from current password',
+            });
+        }
+        const newHash = await bcrypt.hash(input.newPassword, 10);
+        await ctx.db.user.update({
+            where: { id: user.id },
+            data: { passwordHash: newHash },
+        });
+        return { success: true, message: 'Password changed successfully' };
+    }),
+    uploadProfilePicture: authedProcedure
+        .mutation(async ({ ctx }) => {
+        const userId = ctx.session.user.id;
+        logger.info(`Generating upload URL for user ${userId}`, 'AUTH');
+        const objectKey = `profile_picture_${userId}`;
         const { data: signedUrlData, error: signedUrlError } = await supabaseClient.storage
             .from('media')
-            .createSignedUploadUrl(objectKey, { upsert: true }); // 5 minutes
+            .createSignedUploadUrl(objectKey, { upsert: true });
         if (signedUrlError) {
+            logger.error(`Failed to generate upload URL: ${signedUrlError.message}`, 'AUTH');
             throw new TRPCError({ code: 'INTERNAL_SERVER_ERROR', message: `Failed to generate upload URL: ${signedUrlError.message}` });
         }
-        await ctx.db.fileAsset.create({
+        const fileAsset = await ctx.db.fileAsset.create({
             data: {
-                userId: ctx.session.user.id,
+                userId: userId,
                 name: 'Profile Picture',
                 mimeType: 'image/jpeg',
                 size: 0,
@@ -56,36 +114,139 @@ export const auth = router({
                 objectKey: objectKey,
             },
         });
+        await ctx.db.user.update({
+            where: { id: userId },
+            data: {
+                fileAssetId: fileAsset.id,
+            },
+        });
+        logger.info(`Profile picture asset created and linked for user ${userId}`, 'AUTH');
         return {
             success: true,
             message: 'Profile picture uploaded successfully',
             signedUrl: signedUrlData.signedUrl,
         };
     }),
+    confirmProfileUpdate: authedProcedure
+        .mutation(async ({ ctx }) => {
+        logger.info(`Confirming profile update for user ${ctx.session.user.id}`, 'AUTH');
+        await PusherService.emitProfileUpdate(ctx.session.user.id);
+        return { success: true };
+    }),
     signup: publicProcedure
         .input(z.object({
         name: z.string().min(1),
         email: z.string().email(),
-        password: z.string().min(6),
+        password: passwordFieldSchema,
     }))
         .mutation(async ({ ctx, input }) => {
         const existing = await ctx.db.user.findUnique({
             where: { email: input.email },
         });
         if (existing) {
-            throw new Error("Email already registered");
+            throw new TRPCError({ code: 'CONFLICT', message: "Email already registered" });
         }
         const hash = await bcrypt.hash(input.password, 10);
+        // Get default "User" role
+        const userRole = await ctx.db.role.findUnique({
+            where: { name: 'User' },
+        });
         const user = await ctx.db.user.create({
             data: {
                 name: input.name,
                 email: input.email,
                 passwordHash: hash,
-                emailVerified: new Date(), // skip verification for demo
+                roleId: userRole?.id,
+                // emailVerified is null -- user must verify
             },
         });
+        await notifyAdminsOnSignup(ctx.db, {
+            id: user.id,
+            name: user.name,
+            email: user.email,
+        });
+        // Create verification token (24h expiry)
+        const token = crypto.randomUUID();
+        await ctx.db.verificationToken.create({
+            data: {
+                identifier: input.email,
+                token,
+                expires: new Date(Date.now() + 24 * 60 * 60 * 1000),
+            },
+        });
+        // Send verification email (non-blocking)
+        sendVerificationEmail(input.email, token, input.name).catch(() => { });
+        // Create Stripe Customer (non-blocking for registration, but we want it)
+        createStripeCustomer(input.email, input.name).then(async (stripeCustomerId) => {
+            if (stripeCustomerId) {
+                await ctx.db.user.update({
+                    where: { id: user.id },
+                    data: { stripe_customer_id: stripeCustomerId }
+                }).catch((err) => logger.error(`Failed to update user with stripe_customer_id: ${err.message}`, 'AUTH'));
+            }
+        });
         return { id: user.id, email: user.email, name: user.name };
     }),
+    // Verify email with token from the email link
+    verifyEmail: publicProcedure
+        .input(z.object({
+        token: z.string(),
+    }))
+        .mutation(async ({ ctx, input }) => {
+        const record = await ctx.db.verificationToken.findUnique({
+            where: { token: input.token },
+        });
+        if (!record) {
+            throw new TRPCError({ code: 'NOT_FOUND', message: 'Invalid or expired verification link' });
+        }
+        if (record.expires < new Date()) {
+            // Clean up expired token
+            await ctx.db.verificationToken.deleteMany({ where: { token: input.token } });
+            throw new TRPCError({ code: 'BAD_REQUEST', message: 'Verification link has expired. Please request a new one.' });
+        }
+        // Mark user as verified
+        await ctx.db.user.update({
+            where: { email: record.identifier },
+            data: { emailVerified: new Date() },
+        });
+        // Delete used token
+        await ctx.db.verificationToken.deleteMany({ where: { token: input.token } });
+        return { success: true, message: 'Email verified successfully' };
+    }),
+    // Resend verification email (for logged-in users who haven't verified)
+    resendVerification: publicProcedure
+        .mutation(async ({ ctx }) => {
+        if (!ctx.session?.user?.id) {
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: 'Not logged in' });
+        }
+        const user = await ctx.db.user.findUnique({
+            where: { id: ctx.session.user.id },
+        });
+        if (!user || !user.email) {
+            throw new TRPCError({ code: 'NOT_FOUND', message: 'User not found' });
+        }
+        if (user.emailVerified) {
+            return { success: true, message: 'Email is already verified' };
+        }
+        // Delete any existing tokens for this email
+        await ctx.db.verificationToken.deleteMany({
+            where: { identifier: user.email },
+        });
+        // Create new token
+        const token = crypto.randomUUID();
+        await ctx.db.verificationToken.create({
+            data: {
+                identifier: user.email,
+                token,
+                expires: new Date(Date.now() + 24 * 60 * 60 * 1000),
+            },
+        });
+        const sent = await sendVerificationEmail(user.email, token, user.name);
+        if (!sent) {
+            throw new TRPCError({ code: 'INTERNAL_SERVER_ERROR', message: 'Failed to send email. Please try again.' });
+        }
+        return { success: true, message: 'Verification email sent' };
+    }),
     login: publicProcedure
         .input(z.object({
         email: z.string().email(),
@@ -96,11 +257,14 @@ export const auth = router({
             where: { email: input.email },
         });
         if (!user) {
-            throw new Error("Invalid credentials");
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: "Invalid credentials" });
+        }
+        if (user.deletedAt) {
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: "Account scheduled for deletion. Please check your email for a restore link." });
         }
         const valid = await bcrypt.compare(input.password, user.passwordHash);
         if (!valid) {
-            throw new Error("Invalid credentials");
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: "Invalid credentials" });
         }
         // Create custom auth token
         const authToken = createCustomAuthToken(user.id);
@@ -121,33 +285,189 @@ export const auth = router({
             token: authToken
         };
     }),
+    /**
+     * Request a password reset email. Always returns the same message (no email enumeration).
+     */
+    requestPasswordReset: publicProcedure
+        .input(z.object({ email: z.string().email() }))
+        .mutation(async ({ ctx, input }) => {
+        const email = input.email.trim().toLowerCase();
+        const generic = {
+            success: true,
+            message: 'If an account exists for this email, we sent password reset instructions.',
+        };
+        const user = await ctx.db.user.findUnique({
+            where: { email },
+            select: {
+                id: true,
+                email: true,
+                name: true,
+                passwordHash: true,
+                deletedAt: true,
+            },
+        });
+        if (!user?.passwordHash || user.deletedAt || !user.email) {
+            return generic;
+        }
+        await passwordResetDb(ctx).deleteMany({
+            where: { userId: user.id, usedAt: null },
+        });
+        const rawToken = crypto.randomBytes(32).toString('hex');
+        const tokenHash = hashPasswordResetToken(rawToken);
+        const expiresAt = new Date(Date.now() + 60 * 60 * 1000);
+        await passwordResetDb(ctx).create({
+            data: {
+                userId: user.id,
+                tokenHash,
+                expiresAt,
+            },
+        });
+        sendPasswordResetEmail(user.email, rawToken, user.name).catch(() => { });
+        return generic;
+    }),
+    /**
+     * Complete password reset using the token from the email link.
+     */
+    resetPassword: publicProcedure
+        .input(z.object({
+        token: z.string().min(1),
+        newPassword: passwordFieldSchema,
+    }))
+        .mutation(async ({ ctx, input }) => {
+        const tokenHash = hashPasswordResetToken(input.token);
+        const record = await passwordResetDb(ctx).findUnique({
+            where: { tokenHash },
+        });
+        if (!record || record.usedAt || record.expiresAt < new Date()) {
+            throw new TRPCError({
+                code: 'BAD_REQUEST',
+                message: 'Invalid or expired reset link. Please request a new one.',
+            });
+        }
+        const newHash = await bcrypt.hash(input.newPassword, 10);
+        await ctx.db.user.update({
+            where: { id: record.userId },
+            data: { passwordHash: newHash },
+        });
+        await passwordResetDb(ctx).update({
+            where: { id: record.id },
+            data: { usedAt: new Date() },
+        });
+        await passwordResetDb(ctx).deleteMany({
+            where: { userId: record.userId, id: { not: record.id } },
+        });
+        return { success: true, message: 'Password updated. You can sign in now.' };
+    }),
     getSession: publicProcedure.query(async ({ ctx }) => {
         // Just return the current session from context
         if (!ctx.session) {
-            throw new Error("No session found");
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: "No session found" });
         }
+        const userId = ctx.session.user.id;
         const user = await ctx.db.user.findUnique({
-            where: { id: ctx.session.user.id },
+            where: { id: userId },
+            include: {
+                profilePicture: true,
+                role: true,
+            }
         });
         if (!user) {
-            throw new Error("User not found");
+            throw new TRPCError({ code: 'NOT_FOUND', message: "User not found" });
         }
+        const profilePictureUrl = user.profilePicture?.objectKey
+            ? `/profile-picture/${user.profilePicture.objectKey}?t=${new Date(user.updatedAt).getTime()}`
+            : null;
+        logger.info(`Session fetched for user ${userId}, profilePicture: ${profilePictureUrl}`, 'AUTH');
         return {
             user: {
                 id: user.id,
                 email: user.email,
                 name: user.name,
+                emailVerified: !!user.emailVerified,
+                profilePicture: profilePictureUrl,
+                role: user.role,
             }
         };
     }),
+    requestAccountDeletion: authedProcedure
+        .mutation(async ({ ctx }) => {
+        const user = await ctx.db.user.findUnique({
+            where: { id: ctx.session.user.id },
+        });
+        if (!user) {
+            throw new TRPCError({ code: 'NOT_FOUND', message: 'User not found' });
+        }
+        // Mark user as deleted
+        await ctx.db.user.update({
+            where: { id: user.id },
+            data: { deletedAt: new Date() },
+        });
+        await notifyAdminsAccountDeletionScheduled(ctx.db, {
+            id: user.id,
+            name: user.name,
+            email: user.email,
+        }).catch(() => { });
+        // Clear existing restore tokens
+        await ctx.db.verificationToken.deleteMany({
+            where: { identifier: `restore-${user.email}` },
+        });
+        // Create restore token (30 days expiry)
+        const token = crypto.randomUUID();
+        await ctx.db.verificationToken.create({
+            data: {
+                identifier: `restore-${user.email}`,
+                token,
+                expires: new Date(Date.now() + 30 * 24 * 60 * 60 * 1000),
+            },
+        });
+        // Send email
+        if (user.email) {
+            sendAccountDeletionScheduledEmail(user.email, token).catch(() => { });
+        }
+        // Log out user by clearing cookie
+        ctx.res.setHeader("Set-Cookie", serialize("auth_token", "", {
+            httpOnly: true,
+            secure: process.env.NODE_ENV === "production",
+            sameSite: "lax",
+            path: "/",
+            maxAge: 0,
+        }));
+        return { success: true, message: 'Account scheduled for deletion' };
+    }),
+    restoreAccount: publicProcedure
+        .input(z.object({
+        token: z.string(),
+    }))
+        .mutation(async ({ ctx, input }) => {
+        const record = await ctx.db.verificationToken.findUnique({
+            where: { token: input.token },
+        });
+        if (!record || !record.identifier.startsWith('restore-')) {
+            throw new TRPCError({ code: 'NOT_FOUND', message: 'Invalid or expired restore link' });
+        }
+        if (record.expires < new Date()) {
+            await ctx.db.verificationToken.deleteMany({ where: { token: input.token } });
+            throw new TRPCError({ code: 'BAD_REQUEST', message: 'Restore link has expired.' });
+        }
+        const email = record.identifier.replace('restore-', '');
+        // Mark user as restored
+        await ctx.db.user.update({
+            where: { email },
+            data: { deletedAt: null },
+        });
+        // Delete used token
+        await ctx.db.verificationToken.deleteMany({ where: { token: input.token } });
+        // Send confirmation email
+        sendAccountRestoredEmail(email).catch(() => { });
+        return { success: true, message: 'Account restored successfully' };
+    }),
     logout: publicProcedure.mutation(async ({ ctx }) => {
         const token = ctx.cookies["auth_token"];
         if (!token) {
-            throw new Error("No token found");
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: "No token found" });
         }
-        await ctx.db.session.delete({
-            where: { id: token },
-        });
+        // We don't need to delete from db.session because we use a stateless
+        // custom HMAC auth system (auth_token cookie).
         ctx.res.setHeader("Set-Cookie", serialize("auth_token", "", {
             httpOnly: true,
             secure: process.env.NODE_ENV === "production",

package/dist/routers/chat.d.ts

@@ -1,11 +1,5 @@
 export declare const chat: import("@trpc/server").TRPCBuiltRouter<{
-    ctx: {
-        db: import("@prisma/client").PrismaClient<import("@prisma/client").Prisma.PrismaClientOptions, never, import("@prisma/client/runtime/library").DefaultArgs>;
-        session: any;
-        req: import("express").Request<import("express-serve-static-core").ParamsDictionary, any, any, import("qs").ParsedQs, Record<string, any>>;
-        res: import("express").Response<any, Record<string, any>>;
-        cookies: Record<string, string | undefined>;
-    };
+    ctx: import("../context.js").Context;
     meta: object;
     errorShape: {
         data: {
@@ -47,8 +41,8 @@ export declare const chat: import("@trpc/server").TRPCBuiltRouter<{
                 id: string;
                 createdAt: Date;
                 updatedAt: Date;
-                userId: string | null;
                 channelId: string;
+                userId: string | null;
                 message: string;
             })[];
         } & {
@@ -85,8 +79,8 @@ export declare const chat: import("@trpc/server").TRPCBuiltRouter<{
                 id: string;
                 createdAt: Date;
                 updatedAt: Date;
-                userId: string | null;
                 channelId: string;
+                userId: string | null;
                 message: string;
             })[];
         } & {
@@ -112,8 +106,8 @@ export declare const chat: import("@trpc/server").TRPCBuiltRouter<{
                 id: string;
                 createdAt: Date;
                 updatedAt: Date;
-                userId: string | null;
                 channelId: string;
+                userId: string | null;
                 message: string;
             })[];
         } & {
@@ -138,8 +132,8 @@ export declare const chat: import("@trpc/server").TRPCBuiltRouter<{
             id: string;
             createdAt: Date;
             updatedAt: Date;
-            userId: string | null;
             channelId: string;
+            userId: string | null;
             message: string;
         };
         meta: object;
@@ -158,8 +152,8 @@ export declare const chat: import("@trpc/server").TRPCBuiltRouter<{
             id: string;
             createdAt: Date;
             updatedAt: Date;
-            userId: string | null;
             channelId: string;
+            userId: string | null;
             message: string;
         };
         meta: object;