@goscribe/server 1.3.4 → 1.5.0

package/dist/routers/auth.js

@@ -1,15 +1,14 @@
 import { z } from 'zod';
 import { router, publicProcedure, authedProcedure } from '../trpc.js';
-import PusherService from '../lib/pusher.js';
-import { logger } from '../lib/logger.js';
-import bcrypt from 'bcryptjs';
 import { serialize } from 'cookie';
-import crypto from 'node:crypto';
 import { TRPCError } from '@trpc/server';
-import { supabaseClient } from '../lib/storage.js';
-import { sendVerificationEmail, sendAccountDeletionScheduledEmail, sendAccountRestoredEmail, sendPasswordResetEmail, } from '../lib/email.js';
-import { createStripeCustomer } from '../lib/stripe.js';
-import { notifyAdminsAccountDeletionScheduled, notifyAdminsOnSignup, } from '../lib/notification-service.js';
+import PusherService from '../lib/pusher.js';
+import { logger } from '../lib/logger.js';
+import { AuthService } from '../services/auth/auth.service.js';
+/**
+ * Router owns HTTP-level concerns (cookie set/clear). The service is
+ * HTTP-free and returns pure data; the router wires it into `ctx.res`.
+ */
 function getAuthCookieConfig(isProduction) {
     return {
         httpOnly: true,
@@ -17,129 +16,27 @@ function getAuthCookieConfig(isProduction) {
         sameSite: (isProduction ? 'none' : 'lax'),
         path: '/',
         maxAge: 60 * 60 * 24 * 30,
-        // Use parent domain in production so scribe.study and api.scribe.study share auth state.
         domain: isProduction ? '.scribe.study' : undefined,
     };
 }
-// Helper to create custom auth token
 const passwordFieldSchema = z
     .string()
     .min(8, 'Password must be at least 8 characters')
     .regex(/[A-Z]/, 'Password must contain at least one uppercase letter')
     .regex(/[0-9]/, 'Password must contain at least one number')
     .regex(/[^a-zA-Z0-9]/, 'Password must contain at least one special character');
-function hashPasswordResetToken(rawToken) {
-    return crypto.createHash('sha256').update(rawToken, 'utf8').digest('hex');
-}
-/** Use until `npx prisma generate` runs after adding PasswordResetToken to the schema. */
-function passwordResetDb(ctx) {
-    return ctx.db.passwordResetToken;
-}
-function createCustomAuthToken(userId) {
-    const secret = process.env.AUTH_SECRET;
-    if (!secret) {
-        throw new TRPCError({ code: 'INTERNAL_SERVER_ERROR', message: "AUTH_SECRET is not set" });
-    }
-    const base64UserId = Buffer.from(userId, 'utf8').toString('base64url');
-    const hmac = crypto.createHmac('sha256', secret);
-    hmac.update(base64UserId);
-    const signature = hmac.digest('hex');
-    return `${base64UserId}.${signature}`;
-}
 export const auth = router({
     updateProfile: publicProcedure
-        .input(z.object({
-        name: z.string().min(1),
-    }))
-        .mutation(async ({ ctx, input }) => {
-        const { name } = input;
-        await ctx.db.user.update({
-            where: {
-                id: ctx.session.user.id,
-            },
-            data: {
-                name: name,
-            }
-        });
-        return {
-            success: true,
-            message: 'Profile updated successfully',
-        };
-    }),
+        .input(z.object({ name: z.string().min(1) }))
+        .mutation(({ ctx, input }) => new AuthService(ctx.db).updateProfile(ctx.session.user.id, input)),
     changePassword: authedProcedure
         .input(z.object({
-        currentPassword: z.string().min(1, "Current password is required"),
+        currentPassword: z.string().min(1, 'Current password is required'),
         newPassword: passwordFieldSchema,
     }))
-        .mutation(async ({ ctx, input }) => {
-        const user = await ctx.db.user.findUnique({
-            where: { id: ctx.session.user.id },
-            select: { id: true, passwordHash: true },
-        });
-        if (!user) {
-            throw new TRPCError({ code: 'NOT_FOUND', message: 'User not found' });
-        }
-        if (!user.passwordHash) {
-            throw new TRPCError({
-                code: 'BAD_REQUEST',
-                message: 'Password change is unavailable for this account.',
-            });
-        }
-        const validCurrentPassword = await bcrypt.compare(input.currentPassword, user.passwordHash);
-        if (!validCurrentPassword) {
-            throw new TRPCError({ code: 'UNAUTHORIZED', message: 'Current password is incorrect' });
-        }
-        const isSamePassword = await bcrypt.compare(input.newPassword, user.passwordHash);
-        if (isSamePassword) {
-            throw new TRPCError({
-                code: 'BAD_REQUEST',
-                message: 'New password must be different from current password',
-            });
-        }
-        const newHash = await bcrypt.hash(input.newPassword, 10);
-        await ctx.db.user.update({
-            where: { id: user.id },
-            data: { passwordHash: newHash },
-        });
-        return { success: true, message: 'Password changed successfully' };
-    }),
-    uploadProfilePicture: authedProcedure
-        .mutation(async ({ ctx }) => {
-        const userId = ctx.session.user.id;
-        logger.info(`Generating upload URL for user ${userId}`, 'AUTH');
-        const objectKey = `profile_picture_${userId}`;
-        const { data: signedUrlData, error: signedUrlError } = await supabaseClient.storage
-            .from('media')
-            .createSignedUploadUrl(objectKey, { upsert: true });
-        if (signedUrlError) {
-            logger.error(`Failed to generate upload URL: ${signedUrlError.message}`, 'AUTH');
-            throw new TRPCError({ code: 'INTERNAL_SERVER_ERROR', message: `Failed to generate upload URL: ${signedUrlError.message}` });
-        }
-        const fileAsset = await ctx.db.fileAsset.create({
-            data: {
-                userId: userId,
-                name: 'Profile Picture',
-                mimeType: 'image/jpeg',
-                size: 0,
-                bucket: 'media',
-                objectKey: objectKey,
-            },
-        });
-        await ctx.db.user.update({
-            where: { id: userId },
-            data: {
-                fileAssetId: fileAsset.id,
-            },
-        });
-        logger.info(`Profile picture asset created and linked for user ${userId}`, 'AUTH');
-        return {
-            success: true,
-            message: 'Profile picture uploaded successfully',
-            signedUrl: signedUrlData.signedUrl,
-        };
-    }),
-    confirmProfileUpdate: authedProcedure
-        .mutation(async ({ ctx }) => {
+        .mutation(({ ctx, input }) => new AuthService(ctx.db).changePassword(ctx.session.user.id, input)),
+    uploadProfilePicture: authedProcedure.mutation(({ ctx }) => new AuthService(ctx.db).uploadProfilePicture(ctx.session.user.id)),
+    confirmProfileUpdate: authedProcedure.mutation(async ({ ctx }) => {
         logger.info(`Confirming profile update for user ${ctx.session.user.id}`, 'AUTH');
         await PusherService.emitProfileUpdate(ctx.session.user.id);
         return { success: true };
@@ -150,333 +47,51 @@ export const auth = router({
         email: z.string().email(),
         password: passwordFieldSchema,
     }))
-        .mutation(async ({ ctx, input }) => {
-        const existing = await ctx.db.user.findUnique({
-            where: { email: input.email },
-        });
-        if (existing) {
-            throw new TRPCError({ code: 'CONFLICT', message: "Email already registered" });
-        }
-        const hash = await bcrypt.hash(input.password, 10);
-        // Get default "User" role
-        const userRole = await ctx.db.role.findUnique({
-            where: { name: 'User' },
-        });
-        const user = await ctx.db.user.create({
-            data: {
-                name: input.name,
-                email: input.email,
-                passwordHash: hash,
-                roleId: userRole?.id,
-                // emailVerified is null -- user must verify
-            },
-        });
-        await notifyAdminsOnSignup(ctx.db, {
-            id: user.id,
-            name: user.name,
-            email: user.email,
-        });
-        // Create verification token (24h expiry)
-        const token = crypto.randomUUID();
-        await ctx.db.verificationToken.create({
-            data: {
-                identifier: input.email,
-                token,
-                expires: new Date(Date.now() + 24 * 60 * 60 * 1000),
-            },
-        });
-        // Send verification email (non-blocking)
-        sendVerificationEmail(input.email, token, input.name).catch(() => { });
-        // Create Stripe Customer (non-blocking for registration, but we want it)
-        createStripeCustomer(input.email, input.name).then(async (stripeCustomerId) => {
-            if (stripeCustomerId) {
-                await ctx.db.user.update({
-                    where: { id: user.id },
-                    data: { stripe_customer_id: stripeCustomerId }
-                }).catch((err) => logger.error(`Failed to update user with stripe_customer_id: ${err.message}`, 'AUTH'));
-            }
-        });
-        return { id: user.id, email: user.email, name: user.name };
-    }),
-    // Verify email with token from the email link
+        .mutation(({ ctx, input }) => new AuthService(ctx.db).signup(input)),
     verifyEmail: publicProcedure
-        .input(z.object({
-        token: z.string(),
-    }))
-        .mutation(async ({ ctx, input }) => {
-        const record = await ctx.db.verificationToken.findUnique({
-            where: { token: input.token },
-        });
-        if (!record) {
-            throw new TRPCError({ code: 'NOT_FOUND', message: 'Invalid or expired verification link' });
-        }
-        if (record.expires < new Date()) {
-            // Clean up expired token
-            await ctx.db.verificationToken.deleteMany({ where: { token: input.token } });
-            throw new TRPCError({ code: 'BAD_REQUEST', message: 'Verification link has expired. Please request a new one.' });
-        }
-        // Mark user as verified
-        await ctx.db.user.update({
-            where: { email: record.identifier },
-            data: { emailVerified: new Date() },
-        });
-        // Delete used token
-        await ctx.db.verificationToken.deleteMany({ where: { token: input.token } });
-        return { success: true, message: 'Email verified successfully' };
-    }),
-    // Resend verification email (for logged-in users who haven't verified)
-    resendVerification: publicProcedure
-        .mutation(async ({ ctx }) => {
-        if (!ctx.session?.user?.id) {
-            throw new TRPCError({ code: 'UNAUTHORIZED', message: 'Not logged in' });
-        }
-        const user = await ctx.db.user.findUnique({
-            where: { id: ctx.session.user.id },
-        });
-        if (!user || !user.email) {
-            throw new TRPCError({ code: 'NOT_FOUND', message: 'User not found' });
-        }
-        if (user.emailVerified) {
-            return { success: true, message: 'Email is already verified' };
-        }
-        // Delete any existing tokens for this email
-        await ctx.db.verificationToken.deleteMany({
-            where: { identifier: user.email },
-        });
-        // Create new token
-        const token = crypto.randomUUID();
-        await ctx.db.verificationToken.create({
-            data: {
-                identifier: user.email,
-                token,
-                expires: new Date(Date.now() + 24 * 60 * 60 * 1000),
-            },
-        });
-        const sent = await sendVerificationEmail(user.email, token, user.name);
-        if (!sent) {
-            throw new TRPCError({ code: 'INTERNAL_SERVER_ERROR', message: 'Failed to send email. Please try again.' });
-        }
-        return { success: true, message: 'Verification email sent' };
-    }),
+        .input(z.object({ token: z.string() }))
+        .mutation(({ ctx, input }) => new AuthService(ctx.db).verifyEmail(input.token)),
+    resendVerification: publicProcedure.mutation(({ ctx }) => new AuthService(ctx.db).resendVerification(ctx.session?.user?.id)),
     login: publicProcedure
         .input(z.object({
         email: z.string().email(),
         password: z.string().min(6),
     }))
         .mutation(async ({ ctx, input }) => {
-        const user = await ctx.db.user.findUnique({
-            where: { email: input.email },
-        });
-        if (!user) {
-            throw new TRPCError({ code: 'UNAUTHORIZED', message: "Invalid credentials" });
-        }
-        if (user.deletedAt) {
-            throw new TRPCError({ code: 'UNAUTHORIZED', message: "Account scheduled for deletion. Please check your email for a restore link." });
-        }
-        const valid = await bcrypt.compare(input.password, user.passwordHash);
-        if (!valid) {
-            throw new TRPCError({ code: 'UNAUTHORIZED', message: "Invalid credentials" });
-        }
-        // Create custom auth token
-        const authToken = createCustomAuthToken(user.id);
-        const isProduction = (process.env.NODE_ENV === "production" || process.env.RENDER);
-        const cookieValue = serialize("auth_token", authToken, getAuthCookieConfig(isProduction));
-        ctx.res.setHeader("Set-Cookie", cookieValue);
-        return {
-            id: user.id,
-            email: user.email,
-            name: user.name,
-            token: authToken
-        };
+        const result = await new AuthService(ctx.db).login(input);
+        const isProduction = (process.env.NODE_ENV === 'production' || process.env.RENDER);
+        const cookieValue = serialize('auth_token', result.token, getAuthCookieConfig(isProduction));
+        ctx.res.setHeader('Set-Cookie', cookieValue);
+        return result;
     }),
-    /**
-     * Request a password reset email. Always returns the same message (no email enumeration).
-     */
     requestPasswordReset: publicProcedure
         .input(z.object({ email: z.string().email() }))
-        .mutation(async ({ ctx, input }) => {
-        const email = input.email.trim().toLowerCase();
-        const generic = {
-            success: true,
-            message: 'If an account exists for this email, we sent password reset instructions.',
-        };
-        const user = await ctx.db.user.findUnique({
-            where: { email },
-            select: {
-                id: true,
-                email: true,
-                name: true,
-                passwordHash: true,
-                deletedAt: true,
-            },
-        });
-        if (!user?.passwordHash || user.deletedAt || !user.email) {
-            return generic;
-        }
-        await passwordResetDb(ctx).deleteMany({
-            where: { userId: user.id, usedAt: null },
-        });
-        const rawToken = crypto.randomBytes(32).toString('hex');
-        const tokenHash = hashPasswordResetToken(rawToken);
-        const expiresAt = new Date(Date.now() + 60 * 60 * 1000);
-        await passwordResetDb(ctx).create({
-            data: {
-                userId: user.id,
-                tokenHash,
-                expiresAt,
-            },
-        });
-        sendPasswordResetEmail(user.email, rawToken, user.name).catch(() => { });
-        return generic;
-    }),
-    /**
-     * Complete password reset using the token from the email link.
-     */
+        .mutation(({ ctx, input }) => new AuthService(ctx.db).requestPasswordReset(input)),
     resetPassword: publicProcedure
         .input(z.object({
         token: z.string().min(1),
         newPassword: passwordFieldSchema,
     }))
-        .mutation(async ({ ctx, input }) => {
-        const tokenHash = hashPasswordResetToken(input.token);
-        const record = await passwordResetDb(ctx).findUnique({
-            where: { tokenHash },
-        });
-        if (!record || record.usedAt || record.expiresAt < new Date()) {
-            throw new TRPCError({
-                code: 'BAD_REQUEST',
-                message: 'Invalid or expired reset link. Please request a new one.',
-            });
-        }
-        const newHash = await bcrypt.hash(input.newPassword, 10);
-        await ctx.db.user.update({
-            where: { id: record.userId },
-            data: { passwordHash: newHash },
-        });
-        await passwordResetDb(ctx).update({
-            where: { id: record.id },
-            data: { usedAt: new Date() },
-        });
-        await passwordResetDb(ctx).deleteMany({
-            where: { userId: record.userId, id: { not: record.id } },
-        });
-        return { success: true, message: 'Password updated. You can sign in now.' };
-    }),
-    getSession: publicProcedure.query(async ({ ctx }) => {
-        // Just return the current session from context
-        if (!ctx.session) {
-            throw new TRPCError({ code: 'UNAUTHORIZED', message: "No session found" });
-        }
-        const userId = ctx.session.user.id;
-        const user = await ctx.db.user.findUnique({
-            where: { id: userId },
-            include: {
-                profilePicture: true,
-                role: true,
-            }
-        });
-        if (!user) {
-            throw new TRPCError({ code: 'NOT_FOUND', message: "User not found" });
-        }
-        const profilePictureUrl = user.profilePicture?.objectKey
-            ? `/profile-picture/${user.profilePicture.objectKey}?t=${new Date(user.updatedAt).getTime()}`
-            : null;
-        logger.info(`Session fetched for user ${userId}, profilePicture: ${profilePictureUrl}`, 'AUTH');
-        return {
-            user: {
-                id: user.id,
-                email: user.email,
-                name: user.name,
-                emailVerified: !!user.emailVerified,
-                profilePicture: profilePictureUrl,
-                role: user.role,
-            }
-        };
-    }),
-    requestAccountDeletion: authedProcedure
-        .mutation(async ({ ctx }) => {
-        const user = await ctx.db.user.findUnique({
-            where: { id: ctx.session.user.id },
-        });
-        if (!user) {
-            throw new TRPCError({ code: 'NOT_FOUND', message: 'User not found' });
-        }
-        // Mark user as deleted
-        await ctx.db.user.update({
-            where: { id: user.id },
-            data: { deletedAt: new Date() },
-        });
-        await notifyAdminsAccountDeletionScheduled(ctx.db, {
-            id: user.id,
-            name: user.name,
-            email: user.email,
-        }).catch(() => { });
-        // Clear existing restore tokens
-        await ctx.db.verificationToken.deleteMany({
-            where: { identifier: `restore-${user.email}` },
-        });
-        // Create restore token (30 days expiry)
-        const token = crypto.randomUUID();
-        await ctx.db.verificationToken.create({
-            data: {
-                identifier: `restore-${user.email}`,
-                token,
-                expires: new Date(Date.now() + 30 * 24 * 60 * 60 * 1000),
-            },
-        });
-        // Send email
-        if (user.email) {
-            sendAccountDeletionScheduledEmail(user.email, token).catch(() => { });
-        }
-        // Log out user by clearing cookie
-        const isProduction = (process.env.NODE_ENV === "production" || process.env.RENDER);
+        .mutation(({ ctx, input }) => new AuthService(ctx.db).resetPassword(input)),
+    getSession: publicProcedure.query(({ ctx }) => new AuthService(ctx.db).getSession(ctx.session?.user?.id)),
+    requestAccountDeletion: authedProcedure.mutation(async ({ ctx }) => {
+        const result = await new AuthService(ctx.db).requestAccountDeletion(ctx.session.user.id);
+        const isProduction = (process.env.NODE_ENV === 'production' || process.env.RENDER);
         const clearCookieConfig = getAuthCookieConfig(isProduction);
-        ctx.res.setHeader("Set-Cookie", serialize("auth_token", "", {
-            ...clearCookieConfig,
-            maxAge: 0,
-        }));
-        return { success: true, message: 'Account scheduled for deletion' };
+        ctx.res.setHeader('Set-Cookie', serialize('auth_token', '', { ...clearCookieConfig, maxAge: 0 }));
+        return result;
     }),
     restoreAccount: publicProcedure
-        .input(z.object({
-        token: z.string(),
-    }))
-        .mutation(async ({ ctx, input }) => {
-        const record = await ctx.db.verificationToken.findUnique({
-            where: { token: input.token },
-        });
-        if (!record || !record.identifier.startsWith('restore-')) {
-            throw new TRPCError({ code: 'NOT_FOUND', message: 'Invalid or expired restore link' });
-        }
-        if (record.expires < new Date()) {
-            await ctx.db.verificationToken.deleteMany({ where: { token: input.token } });
-            throw new TRPCError({ code: 'BAD_REQUEST', message: 'Restore link has expired.' });
-        }
-        const email = record.identifier.replace('restore-', '');
-        // Mark user as restored
-        await ctx.db.user.update({
-            where: { email },
-            data: { deletedAt: null },
-        });
-        // Delete used token
-        await ctx.db.verificationToken.deleteMany({ where: { token: input.token } });
-        // Send confirmation email
-        sendAccountRestoredEmail(email).catch(() => { });
-        return { success: true, message: 'Account restored successfully' };
-    }),
+        .input(z.object({ token: z.string() }))
+        .mutation(({ ctx, input }) => new AuthService(ctx.db).restoreAccount(input.token)),
     logout: publicProcedure.mutation(async ({ ctx }) => {
-        const token = ctx.cookies["auth_token"];
+        const token = ctx.cookies['auth_token'];
         if (!token) {
-            throw new TRPCError({ code: 'UNAUTHORIZED', message: "No token found" });
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: 'No token found' });
         }
-        // We don't need to delete from db.session because we use a stateless
-        // custom HMAC auth system (auth_token cookie).
-        const isProduction = (process.env.NODE_ENV === "production" || process.env.RENDER);
+        const isProduction = (process.env.NODE_ENV === 'production' || process.env.RENDER);
         const clearCookieConfig = getAuthCookieConfig(isProduction);
-        ctx.res.setHeader("Set-Cookie", serialize("auth_token", "", {
-            ...clearCookieConfig,
-            maxAge: 0, // Expire immediately
-        }));
+        ctx.res.setHeader('Set-Cookie', serialize('auth_token', '', { ...clearCookieConfig, maxAge: 0 }));
         return { success: true };
     }),
 });