npm - @goscribe/server - Versions diffs - 1.3.4 → 1.6.0 - Mend

@goscribe/server 1.3.4 → 1.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (383) hide show

package/.env.example +12 -0
package/.vscode/settings.json +3 -0
package/REFACTOR_NOTES.md +60 -0
package/TESTING_PROMPT.md +225 -0
package/dist/context.d.ts +14 -1
package/dist/context.js +23 -2
package/dist/controllers/admin.controller.d.ts +715 -0
package/dist/controllers/admin.controller.js +9 -0
package/dist/controllers/annotations.controller.d.ts +439 -0
package/dist/controllers/annotations.controller.js +9 -0
package/dist/controllers/app-router.controller.d.ts +3011 -0
package/dist/controllers/app-router.controller.js +38 -0
package/dist/controllers/app-router.controller.test.d.ts +1 -0
package/dist/controllers/app-router.controller.test.js +36 -0
package/dist/controllers/auth.controller.d.ts +323 -0
package/dist/controllers/auth.controller.js +9 -0
package/dist/controllers/base.controller.d.ts +4 -0
package/dist/controllers/base.controller.js +5 -0
package/dist/controllers/chat.controller.d.ts +341 -0
package/dist/controllers/chat.controller.js +9 -0
package/dist/controllers/copilot.controller.d.ts +397 -0
package/dist/controllers/copilot.controller.js +9 -0
package/dist/controllers/flashcards.controller.d.ts +651 -0
package/dist/controllers/flashcards.controller.js +9 -0
package/dist/controllers/members.controller.d.ts +339 -0
package/dist/controllers/members.controller.js +9 -0
package/dist/controllers/notifications.controller.d.ts +199 -0
package/dist/controllers/notifications.controller.js +9 -0
package/dist/controllers/payment.controller.d.ts +181 -0
package/dist/controllers/payment.controller.js +9 -0
package/dist/controllers/podcast.controller.d.ts +575 -0
package/dist/controllers/podcast.controller.js +9 -0
package/dist/controllers/router-module.controller.d.ts +5 -0
package/dist/controllers/router-module.controller.js +6 -0
package/dist/controllers/studyguide.controller.d.ts +73 -0
package/dist/controllers/studyguide.controller.js +9 -0
package/dist/controllers/worksheets.controller.d.ts +829 -0
package/dist/controllers/worksheets.controller.js +9 -0
package/dist/controllers/workspace.controller.d.ts +1207 -0
package/dist/controllers/workspace.controller.js +9 -0
package/dist/lib/activity_human_description.test.js +16 -15
package/dist/lib/activity_log_service.test.js +28 -23
package/dist/lib/ai/config.d.ts +20 -0
package/dist/lib/ai/config.js +31 -0
package/dist/lib/ai/embedding-client.d.ts +8 -0
package/dist/lib/ai/embedding-client.js +30 -0
package/dist/lib/ai/index.d.ts +48 -0
package/dist/lib/ai/index.js +29 -0
package/dist/lib/ai/inference-backend/client.d.ts +28 -0
package/dist/lib/ai/inference-backend/client.js +301 -0
package/dist/lib/ai/inference-backend/mocks.d.ts +12 -0
package/dist/lib/ai/inference-backend/mocks.js +133 -0
package/dist/lib/ai/inference-backend/types.d.ts +44 -0
package/dist/lib/ai/inference-backend/types.js +1 -0
package/dist/lib/ai/json-parse.d.ts +2 -0
package/dist/lib/ai/json-parse.js +34 -0
package/dist/lib/ai/llm-client.d.ts +7 -0
package/dist/lib/ai/llm-client.js +36 -0
package/dist/lib/ai/mock.d.ts +2 -0
package/dist/lib/ai/mock.js +10 -0
package/dist/lib/ai/types.d.ts +9 -0
package/dist/lib/ai/types.js +1 -0
package/dist/lib/chunking.d.ts +19 -0
package/dist/lib/chunking.js +47 -0
package/dist/lib/curated-kb-seed.d.ts +12 -0
package/dist/lib/curated-kb-seed.js +155 -0
package/dist/lib/email.js +67 -108
package/dist/lib/embeddings.d.ts +2 -0
package/dist/lib/embeddings.js +1 -0
package/dist/lib/ensure-curated-kb-catalog.d.ts +6 -0
package/dist/lib/ensure-curated-kb-catalog.js +53 -0
package/dist/lib/env.d.ts +1 -5
package/dist/lib/env.js +2 -7
package/dist/lib/inference.d.ts +1 -8
package/dist/lib/inference.js +1 -19
package/dist/lib/kb-meta.d.ts +8 -0
package/dist/lib/kb-meta.js +77 -0
package/dist/lib/note-text.d.ts +1 -0
package/dist/lib/note-text.js +47 -0
package/dist/lib/notification-service.test.js +37 -36
package/dist/lib/pdf.d.ts +11 -0
package/dist/lib/pdf.js +11 -0
package/dist/lib/usage_service.d.ts +2 -1
package/dist/lib/usage_service.js +30 -12
package/dist/lib/worksheet-generation.js +4 -4
package/dist/lib/worksheet-generation.test.js +32 -17
package/dist/lib/workspace-kb.d.ts +5 -0
package/dist/lib/workspace-kb.js +7 -0
package/dist/models/controller-context.model.d.ts +8 -0
package/dist/models/controller-context.model.js +1 -0
package/dist/repositories/artifact.repository.d.ts +60 -0
package/dist/repositories/artifact.repository.js +40 -0
package/dist/repositories/base.repository.d.ts +14 -0
package/dist/repositories/base.repository.js +14 -0
package/dist/repositories/invitation.repository.d.ts +94 -0
package/dist/repositories/invitation.repository.js +44 -0
package/dist/repositories/notification.repository.d.ts +72 -0
package/dist/repositories/notification.repository.js +44 -0
package/dist/repositories/router-module.repository.d.ts +10 -0
package/dist/repositories/router-module.repository.js +14 -0
package/dist/repositories/user.repository.d.ts +74 -0
package/dist/repositories/user.repository.js +37 -0
package/dist/repositories/workspace-member.repository.d.ts +31 -0
package/dist/repositories/workspace-member.repository.js +31 -0
package/dist/repositories/workspace.repository.d.ts +97 -0
package/dist/repositories/workspace.repository.js +79 -0
package/dist/routers/_app.d.ts +566 -111
package/dist/routers/_app.js +4 -0
package/dist/routers/admin.d.ts +0 -4
package/dist/routers/admin.js +21 -549
package/dist/routers/annotations.js +12 -170
package/dist/routers/artifactVersions.d.ts +65 -0
package/dist/routers/artifactVersions.js +14 -0
package/dist/routers/auth.d.ts +0 -6
package/dist/routers/auth.js +37 -422
package/dist/routers/chat.js +15 -229
package/dist/routers/copilot.d.ts +14 -13
package/dist/routers/copilot.js +13 -532
package/dist/routers/flashcards.d.ts +17 -6
package/dist/routers/flashcards.js +23 -349
package/dist/routers/knowledgeBase.d.ts +421 -0
package/dist/routers/knowledgeBase.js +118 -0
package/dist/routers/members.d.ts +0 -41
package/dist/routers/members.js +22 -710
package/dist/routers/notes.d.ts +94 -0
package/dist/routers/notes.js +37 -0
package/dist/routers/notifications.js +7 -109
package/dist/routers/payment.d.ts +2 -12
package/dist/routers/payment.js +11 -393
package/dist/routers/podcast.d.ts +1 -1
package/dist/routers/podcast.js +11 -784
package/dist/routers/studyguide.js +3 -129
package/dist/routers/worksheets.d.ts +29 -14
package/dist/routers/worksheets.js +49 -628
package/dist/routers/workspace.d.ts +27 -71
package/dist/routers/workspace.js +29 -922
package/dist/scripts/purge-deleted-users.js +2 -2
package/dist/server.js +10 -3
package/dist/services/activity/activity-human-description.service.d.ts +13 -0
package/dist/services/activity/activity-human-description.service.js +221 -0
package/dist/services/activity/activity-human-description.service.test.d.ts +1 -0
package/dist/services/activity/activity-human-description.service.test.js +16 -0
package/dist/services/activity/activity-log.service.d.ts +87 -0
package/dist/services/activity/activity-log.service.js +276 -0
package/dist/services/activity/activity-log.service.test.d.ts +1 -0
package/dist/services/activity/activity-log.service.test.js +27 -0
package/dist/services/activity-human-description.service.d.ts +13 -0
package/dist/services/activity-human-description.service.js +221 -0
package/dist/services/activity-human-description.service.test.d.ts +1 -0
package/dist/services/activity-human-description.service.test.js +16 -0
package/dist/services/activity-log.service.d.ts +87 -0
package/dist/services/activity-log.service.js +276 -0
package/dist/services/activity-log.service.test.d.ts +1 -0
package/dist/services/activity-log.service.test.js +27 -0
package/dist/services/admin/admin.service.d.ts +270 -0
package/dist/services/admin/admin.service.js +476 -0
package/dist/services/admin.service.d.ts +270 -0
package/dist/services/admin.service.js +476 -0
package/dist/services/ai/ai-session.service.d.ts +5 -0
package/dist/services/ai/ai-session.service.js +4 -0
package/dist/services/ai-session.service.d.ts +60 -0
package/dist/services/ai-session.service.js +561 -0
package/dist/services/annotation.service.d.ts +177 -0
package/dist/services/annotation.service.js +154 -0
package/dist/services/artifact-notification.service.d.ts +14 -0
package/dist/services/artifact-notification.service.js +20 -0
package/dist/services/artifact-version.service.d.ts +38 -0
package/dist/services/artifact-version.service.js +129 -0
package/dist/services/artifacts/annotation.service.d.ts +177 -0
package/dist/services/artifacts/annotation.service.js +154 -0
package/dist/services/artifacts/artifact-version.service.d.ts +38 -0
package/dist/services/artifacts/artifact-version.service.js +129 -0
package/dist/services/artifacts/chat.service.d.ts +127 -0
package/dist/services/artifacts/chat.service.js +182 -0
package/dist/services/artifacts/study-guide.service.d.ts +18 -0
package/dist/services/artifacts/study-guide.service.js +65 -0
package/dist/services/auth/auth.service.d.ts +94 -0
package/dist/services/auth/auth.service.js +368 -0
package/dist/services/auth.service.d.ts +94 -0
package/dist/services/auth.service.js +368 -0
package/dist/services/base.service.d.ts +14 -0
package/dist/services/base.service.js +14 -0
package/dist/services/billing/payment.service.d.ts +44 -0
package/dist/services/billing/payment.service.js +365 -0
package/dist/services/billing/subscription.service.d.ts +37 -0
package/dist/services/billing/subscription.service.js +654 -0
package/dist/services/billing/usage.service.d.ts +47 -0
package/dist/services/billing/usage.service.js +149 -0
package/dist/services/chat.service.d.ts +127 -0
package/dist/services/chat.service.js +182 -0
package/dist/services/content/copilot.service.d.ts +113 -0
package/dist/services/content/copilot.service.js +439 -0
package/dist/services/content/flashcard-progress.service.d.ts +159 -0
package/dist/services/content/flashcard-progress.service.js +432 -0
package/dist/services/content/flashcard.service.d.ts +184 -0
package/dist/services/content/flashcard.service.js +339 -0
package/dist/services/content/media-analysis.service.d.ts +23 -0
package/dist/services/content/media-analysis.service.js +404 -0
package/dist/services/content/podcast.service.d.ts +267 -0
package/dist/services/content/podcast.service.js +653 -0
package/dist/services/content/worksheet-content.service.d.ts +37 -0
package/dist/services/content/worksheet-content.service.js +84 -0
package/dist/services/content/worksheet-content.service.test.d.ts +1 -0
package/dist/services/content/worksheet-content.service.test.js +69 -0
package/dist/services/content/worksheet-generation.service.d.ts +91 -0
package/dist/services/content/worksheet-generation.service.js +95 -0
package/dist/services/content/worksheet-generation.service.test.d.ts +1 -0
package/dist/services/content/worksheet-generation.service.test.js +20 -0
package/dist/services/content/worksheet.service.d.ts +347 -0
package/dist/services/content/worksheet.service.js +599 -0
package/dist/services/copilot.service.d.ts +116 -0
package/dist/services/copilot.service.js +447 -0
package/dist/services/flashcard-progress.service.d.ts +2 -2
package/dist/services/flashcard-progress.service.js +3 -2
package/dist/services/flashcard.service.d.ts +140 -0
package/dist/services/flashcard.service.js +325 -0
package/dist/services/invitation.service.d.ts +66 -0
package/dist/services/invitation.service.js +348 -0
package/dist/services/knowledge/knowledge-base.service.d.ts +316 -0
package/dist/services/knowledge/knowledge-base.service.js +544 -0
package/dist/services/knowledge-base.service.d.ts +316 -0
package/dist/services/knowledge-base.service.js +536 -0
package/dist/services/media-analysis.service.d.ts +23 -0
package/dist/services/media-analysis.service.js +384 -0
package/dist/services/member.service.d.ts +36 -0
package/dist/services/member.service.js +193 -0
package/dist/services/members/invitation.service.d.ts +66 -0
package/dist/services/members/invitation.service.js +348 -0
package/dist/services/members/member.service.d.ts +36 -0
package/dist/services/members/member.service.js +193 -0
package/dist/services/note.service.d.ts +55 -0
package/dist/services/note.service.js +111 -0
package/dist/services/notification.service.d.ts +214 -0
package/dist/services/notification.service.js +550 -0
package/dist/services/notification.service.test.d.ts +1 -0
package/dist/services/notification.service.test.js +87 -0
package/dist/services/notifications/notification.service.d.ts +214 -0
package/dist/services/notifications/notification.service.js +550 -0
package/dist/services/notifications/notification.service.test.d.ts +1 -0
package/dist/services/notifications/notification.service.test.js +87 -0
package/dist/services/payment.service.d.ts +55 -0
package/dist/services/payment.service.js +368 -0
package/dist/services/podcast.service.d.ts +267 -0
package/dist/services/podcast.service.js +654 -0
package/dist/services/router-module.service.d.ts +7 -0
package/dist/services/router-module.service.js +10 -0
package/dist/services/study-guide.service.d.ts +18 -0
package/dist/services/study-guide.service.js +65 -0
package/dist/services/subscription.service.d.ts +37 -0
package/dist/services/subscription.service.js +654 -0
package/dist/services/usage-limit-policy.service.d.ts +12 -0
package/dist/services/usage-limit-policy.service.js +22 -0
package/dist/services/usage-limit-policy.service.test.d.ts +1 -0
package/dist/services/usage-limit-policy.service.test.js +46 -0
package/dist/services/usage.service.d.ts +27 -0
package/dist/services/usage.service.js +77 -0
package/dist/services/worksheet-content.service.d.ts +42 -0
package/dist/services/worksheet-content.service.js +84 -0
package/dist/services/worksheet-content.service.test.d.ts +1 -0
package/dist/services/worksheet-content.service.test.js +69 -0
package/dist/services/worksheet-generation.service.d.ts +91 -0
package/dist/services/worksheet-generation.service.js +95 -0
package/dist/services/worksheet-generation.service.test.d.ts +1 -0
package/dist/services/worksheet-generation.service.test.js +20 -0
package/dist/services/worksheet.service.d.ts +385 -0
package/dist/services/worksheet.service.js +596 -0
package/dist/services/workspace/workspace-analytics.service.d.ts +24 -0
package/dist/services/workspace/workspace-analytics.service.js +95 -0
package/dist/services/workspace/workspace-kb.service.d.ts +40 -0
package/dist/services/workspace/workspace-kb.service.js +184 -0
package/dist/services/workspace/workspace.service.d.ts +263 -0
package/dist/services/workspace/workspace.service.js +401 -0
package/dist/services/workspace-analytics.service.d.ts +24 -0
package/dist/services/workspace-analytics.service.js +95 -0
package/dist/services/workspace-kb.service.d.ts +40 -0
package/dist/services/workspace-kb.service.js +184 -0
package/dist/services/workspace-progress.service.d.ts +27 -0
package/dist/services/workspace-progress.service.js +56 -0
package/dist/services/workspace-progress.service.test.d.ts +1 -0
package/dist/services/workspace-progress.service.test.js +49 -0
package/dist/services/workspace.service.d.ts +307 -0
package/dist/services/workspace.service.js +390 -0
package/dist/trpc.d.ts +12 -4
package/dist/trpc.js +7 -13
package/package.json +5 -6
package/prisma/migrations/20260509000001_add_knowledge_base/migration.sql +99 -0
package/prisma/migrations/20260509000002_curate_knowledge_base/migration.sql +52 -0
package/prisma/migrations/20260522000000_add_notes/migration.sql +27 -0
package/prisma/migrations/20260524000000_remove_notes/migration.sql +3 -0
package/prisma/schema.prisma +150 -48
package/prisma/seed.mjs +67 -0
package/scripts/debug/README.md +4 -0
package/src/README.md +63 -0
package/src/context.ts +33 -3
package/src/lib/ai/config.ts +34 -0
package/src/lib/ai/embedding-client.ts +47 -0
package/src/lib/ai/index.ts +65 -0
package/src/lib/ai/inference-backend/client.ts +479 -0
package/src/lib/ai/inference-backend/mocks.ts +171 -0
package/src/lib/ai/inference-backend/types.ts +50 -0
package/src/lib/ai/json-parse.ts +35 -0
package/src/lib/ai/llm-client.ts +54 -0
package/src/lib/ai/mock.ts +12 -0
package/src/lib/ai/types.ts +11 -0
package/src/lib/chunking.ts +81 -0
package/src/lib/curated-kb-seed.ts +164 -0
package/src/lib/email.ts +77 -115
package/src/lib/embeddings.ts +9 -0
package/src/lib/ensure-curated-kb-catalog.ts +60 -0
package/src/lib/env.ts +2 -7
package/src/lib/inference.ts +1 -21
package/src/lib/kb-meta.ts +81 -0
package/src/lib/pdf.ts +23 -0
package/src/lib/workspace-kb.ts +7 -0
package/src/repositories/artifact.repository.ts +55 -0
package/src/repositories/base.repository.ts +19 -0
package/src/repositories/invitation.repository.ts +53 -0
package/src/repositories/notification.repository.ts +53 -0
package/src/repositories/user.repository.ts +44 -0
package/src/repositories/workspace-member.repository.ts +38 -0
package/src/repositories/workspace.repository.ts +89 -0
package/src/routers/_app.ts +4 -0
package/src/routers/admin.ts +124 -692
package/src/routers/annotations.ts +25 -203
package/src/routers/artifactVersions.ts +32 -0
package/src/routers/auth.ts +82 -520
package/src/routers/chat.ts +42 -245
package/src/routers/copilot.ts +41 -666
package/src/routers/flashcards.ts +108 -404
package/src/routers/knowledgeBase.ts +216 -0
package/src/routers/members.ts +60 -782
package/src/routers/notifications.ts +15 -117
package/src/routers/payment.ts +37 -446
package/src/routers/podcast.ts +36 -898
package/src/routers/studyguide.ts +5 -144
package/src/routers/worksheets.ts +171 -735
package/src/routers/workspace.ts +141 -1108
package/src/scripts/purge-deleted-users.ts +2 -2
package/src/server.ts +10 -3
package/src/{lib/activity_human_description.test.ts → services/activity/activity-human-description.service.test.ts} +1 -1
package/src/{lib/activity_log_service.test.ts → services/activity/activity-log.service.test.ts} +1 -1
package/src/{lib/activity_log_service.ts → services/activity/activity-log.service.ts} +2 -2
package/src/services/admin/admin.service.ts +612 -0
package/src/services/ai/ai-session.service.ts +5 -0
package/src/services/artifacts/annotation.service.ts +189 -0
package/src/services/artifacts/artifact-version.service.ts +151 -0
package/src/services/artifacts/chat.service.ts +197 -0
package/src/services/artifacts/study-guide.service.ts +72 -0
package/src/services/auth/auth.service.ts +473 -0
package/src/services/base.service.ts +19 -0
package/src/services/billing/payment.service.ts +433 -0
package/src/{lib/subscription_service.ts → services/billing/subscription.service.ts} +5 -5
package/src/services/billing/usage.service.ts +207 -0
package/src/services/content/copilot.service.ts +587 -0
package/src/services/{flashcard-progress.service.ts → content/flashcard-progress.service.ts} +18 -12
package/src/services/content/flashcard.service.ts +417 -0
package/src/services/content/media-analysis.service.ts +561 -0
package/src/services/content/podcast.service.ts +777 -0
package/src/services/content/worksheet-content.service.test.ts +83 -0
package/src/services/content/worksheet-content.service.ts +117 -0
package/src/{lib/worksheet-generation.test.ts → services/content/worksheet-generation.service.test.ts} +3 -3
package/src/services/content/worksheet.service.ts +751 -0
package/src/services/knowledge/knowledge-base.service.ts +705 -0
package/src/services/members/invitation.service.ts +427 -0
package/src/services/members/member.service.ts +241 -0
package/src/{lib/notification-service.test.ts → services/notifications/notification.service.test.ts} +2 -2
package/src/{lib/notification-service.ts → services/notifications/notification.service.ts} +102 -1
package/src/services/workspace/workspace-analytics.service.ts +107 -0
package/src/services/workspace/workspace-kb.service.ts +273 -0
package/src/services/workspace/workspace.service.ts +488 -0
package/src/trpc.ts +7 -15
package/src/lib/ai-session.ts +0 -704
package/src/lib/usage_service.ts +0 -74
package/src/lib/workspace-access.ts +0 -13
/package/{check-difficulty.cjs → scripts/debug/check-difficulty.cjs} +0 -0
/package/{check-questions.cjs → scripts/debug/check-questions.cjs} +0 -0
/package/{db-summary.cjs → scripts/debug/db-summary.cjs} +0 -0
/package/{mcq-test.cjs → scripts/debug/mcq-test.cjs} +0 -0
/package/{test-generate.js → scripts/debug/test-generate.js} +0 -0
/package/{test-ratio.cjs → scripts/debug/test-ratio.cjs} +0 -0
/package/{zod-test.cjs → scripts/debug/zod-test.cjs} +0 -0
/package/src/{lib/activity_human_description.ts → services/activity/activity-human-description.service.ts} +0 -0
/package/src/{lib/worksheet-generation.ts → services/content/worksheet-generation.service.ts} +0 -0

package/dist/services/auth/auth.service.js ADDED Viewed

@@ -0,0 +1,368 @@
+import { TRPCError } from '@trpc/server';
+import bcrypt from 'bcryptjs';
+import crypto from 'node:crypto';
+import { BaseService } from '../base.service.js';
+import { supabaseClient } from '../../lib/storage.js';
+import { sendVerificationEmail, sendAccountDeletionScheduledEmail, sendAccountRestoredEmail, sendPasswordResetEmail, } from '../../lib/email.js';
+import { createStripeCustomer } from '../../lib/stripe.js';
+import { notifyAdminsAccountDeletionScheduled, notifyAdminsOnSignup, } from '../notifications/notification.service.js';
+export function hashPasswordResetToken(rawToken) {
+    return crypto.createHash('sha256').update(rawToken, 'utf8').digest('hex');
+}
+export function createCustomAuthToken(userId) {
+    const secret = process.env.AUTH_SECRET;
+    if (!secret) {
+        throw new TRPCError({ code: 'INTERNAL_SERVER_ERROR', message: 'AUTH_SECRET is not set' });
+    }
+    const base64UserId = Buffer.from(userId, 'utf8').toString('base64url');
+    const hmac = crypto.createHmac('sha256', secret);
+    hmac.update(base64UserId);
+    const signature = hmac.digest('hex');
+    return `${base64UserId}.${signature}`;
+}
+function passwordResetDb(db) {
+    return db.passwordResetToken;
+}
+export class AuthService extends BaseService {
+    constructor(db) {
+        super(db);
+    }
+    async updateProfile(userId, input) {
+        await this.db.user.update({
+            where: { id: userId },
+            data: { name: input.name },
+        });
+        return { success: true, message: 'Profile updated successfully' };
+    }
+    async changePassword(userId, input) {
+        const user = await this.db.user.findUnique({
+            where: { id: userId },
+            select: { id: true, passwordHash: true },
+        });
+        if (!user) {
+            throw new TRPCError({ code: 'NOT_FOUND', message: 'User not found' });
+        }
+        if (!user.passwordHash) {
+            throw new TRPCError({
+                code: 'BAD_REQUEST',
+                message: 'Password change is unavailable for this account.',
+            });
+        }
+        const validCurrentPassword = await bcrypt.compare(input.currentPassword, user.passwordHash);
+        if (!validCurrentPassword) {
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: 'Current password is incorrect' });
+        }
+        const isSamePassword = await bcrypt.compare(input.newPassword, user.passwordHash);
+        if (isSamePassword) {
+            throw new TRPCError({
+                code: 'BAD_REQUEST',
+                message: 'New password must be different from current password',
+            });
+        }
+        const newHash = await bcrypt.hash(input.newPassword, 10);
+        await this.db.user.update({
+            where: { id: user.id },
+            data: { passwordHash: newHash },
+        });
+        return { success: true, message: 'Password changed successfully' };
+    }
+    async uploadProfilePicture(userId) {
+        this.logger.info(`Generating upload URL for user ${userId}`, 'AUTH');
+        const objectKey = `profile_picture_${userId}`;
+        const { data: signedUrlData, error: signedUrlError } = await supabaseClient.storage
+            .from('media')
+            .createSignedUploadUrl(objectKey, { upsert: true });
+        if (signedUrlError) {
+            this.logger.error(`Failed to generate upload URL: ${signedUrlError.message}`, 'AUTH');
+            throw new TRPCError({
+                code: 'INTERNAL_SERVER_ERROR',
+                message: `Failed to generate upload URL: ${signedUrlError.message}`,
+            });
+        }
+        const fileAsset = await this.db.fileAsset.create({
+            data: {
+                userId,
+                name: 'Profile Picture',
+                mimeType: 'image/jpeg',
+                size: 0,
+                bucket: 'media',
+                objectKey,
+            },
+        });
+        await this.db.user.update({
+            where: { id: userId },
+            data: { fileAssetId: fileAsset.id },
+        });
+        this.logger.info(`Profile picture asset created and linked for user ${userId}`, 'AUTH');
+        return {
+            success: true,
+            message: 'Profile picture uploaded successfully',
+            signedUrl: signedUrlData.signedUrl,
+        };
+    }
+    /**
+     * Signup creates a user + sends verification email + kicks off Stripe customer
+     * creation. The caller (router) does NOT need to set any cookies here.
+     */
+    async signup(input) {
+        const existing = await this.db.user.findUnique({
+            where: { email: input.email },
+        });
+        if (existing) {
+            throw new TRPCError({ code: 'CONFLICT', message: 'Email already registered' });
+        }
+        const hash = await bcrypt.hash(input.password, 10);
+        const userRole = await this.db.role.findUnique({
+            where: { name: 'User' },
+        });
+        const user = await this.db.user.create({
+            data: {
+                name: input.name,
+                email: input.email,
+                passwordHash: hash,
+                roleId: userRole?.id,
+            },
+        });
+        await notifyAdminsOnSignup(this.db, {
+            id: user.id,
+            name: user.name,
+            email: user.email,
+        });
+        const token = crypto.randomUUID();
+        await this.db.verificationToken.create({
+            data: {
+                identifier: input.email,
+                token,
+                expires: new Date(Date.now() + 24 * 60 * 60 * 1000),
+            },
+        });
+        sendVerificationEmail(input.email, token, input.name).catch(() => { });
+        createStripeCustomer(input.email, input.name).then(async (stripeCustomerId) => {
+            if (stripeCustomerId) {
+                await this.db.user
+                    .update({
+                    where: { id: user.id },
+                    data: { stripe_customer_id: stripeCustomerId },
+                })
+                    .catch((err) => this.logger.error(`Failed to update user with stripe_customer_id: ${err.message}`, 'AUTH'));
+            }
+        });
+        return { id: user.id, email: user.email, name: user.name };
+    }
+    async verifyEmail(token) {
+        const record = await this.db.verificationToken.findUnique({
+            where: { token },
+        });
+        if (!record) {
+            throw new TRPCError({
+                code: 'NOT_FOUND',
+                message: 'Invalid or expired verification link',
+            });
+        }
+        if (record.expires < new Date()) {
+            await this.db.verificationToken.deleteMany({ where: { token } });
+            throw new TRPCError({
+                code: 'BAD_REQUEST',
+                message: 'Verification link has expired. Please request a new one.',
+            });
+        }
+        await this.db.user.update({
+            where: { email: record.identifier },
+            data: { emailVerified: new Date() },
+        });
+        await this.db.verificationToken.deleteMany({ where: { token } });
+        return { success: true, message: 'Email verified successfully' };
+    }
+    async resendVerification(sessionUserId) {
+        if (!sessionUserId) {
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: 'Not logged in' });
+        }
+        const user = await this.db.user.findUnique({ where: { id: sessionUserId } });
+        if (!user || !user.email) {
+            throw new TRPCError({ code: 'NOT_FOUND', message: 'User not found' });
+        }
+        if (user.emailVerified) {
+            return { success: true, message: 'Email is already verified' };
+        }
+        await this.db.verificationToken.deleteMany({
+            where: { identifier: user.email },
+        });
+        const token = crypto.randomUUID();
+        await this.db.verificationToken.create({
+            data: {
+                identifier: user.email,
+                token,
+                expires: new Date(Date.now() + 24 * 60 * 60 * 1000),
+            },
+        });
+        const sent = await sendVerificationEmail(user.email, token, user.name);
+        if (!sent) {
+            throw new TRPCError({
+                code: 'INTERNAL_SERVER_ERROR',
+                message: 'Failed to send email. Please try again.',
+            });
+        }
+        return { success: true, message: 'Verification email sent' };
+    }
+    /**
+     * Verifies credentials and returns the user + an auth token. The router
+     * is responsible for setting the cookie (Express `res` is not available
+     * here — we keep services HTTP-free).
+     */
+    async login(input) {
+        const user = await this.db.user.findUnique({ where: { email: input.email } });
+        if (!user) {
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: 'Invalid credentials' });
+        }
+        if (user.deletedAt) {
+            throw new TRPCError({
+                code: 'UNAUTHORIZED',
+                message: 'Account scheduled for deletion. Please check your email for a restore link.',
+            });
+        }
+        const valid = await bcrypt.compare(input.password, user.passwordHash);
+        if (!valid) {
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: 'Invalid credentials' });
+        }
+        const authToken = createCustomAuthToken(user.id);
+        return {
+            id: user.id,
+            email: user.email,
+            name: user.name,
+            token: authToken,
+        };
+    }
+    async requestPasswordReset(input) {
+        const email = input.email.trim().toLowerCase();
+        const generic = {
+            success: true,
+            message: 'If an account exists for this email, we sent password reset instructions.',
+        };
+        const user = await this.db.user.findUnique({
+            where: { email },
+            select: {
+                id: true,
+                email: true,
+                name: true,
+                passwordHash: true,
+                deletedAt: true,
+            },
+        });
+        if (!user?.passwordHash || user.deletedAt || !user.email) {
+            return generic;
+        }
+        await passwordResetDb(this.db).deleteMany({
+            where: { userId: user.id, usedAt: null },
+        });
+        const rawToken = crypto.randomBytes(32).toString('hex');
+        const tokenHash = hashPasswordResetToken(rawToken);
+        const expiresAt = new Date(Date.now() + 60 * 60 * 1000);
+        await passwordResetDb(this.db).create({
+            data: { userId: user.id, tokenHash, expiresAt },
+        });
+        sendPasswordResetEmail(user.email, rawToken, user.name).catch(() => { });
+        return generic;
+    }
+    async resetPassword(input) {
+        const tokenHash = hashPasswordResetToken(input.token);
+        const record = await passwordResetDb(this.db).findUnique({
+            where: { tokenHash },
+        });
+        if (!record || record.usedAt || record.expiresAt < new Date()) {
+            throw new TRPCError({
+                code: 'BAD_REQUEST',
+                message: 'Invalid or expired reset link. Please request a new one.',
+            });
+        }
+        const newHash = await bcrypt.hash(input.newPassword, 10);
+        await this.db.user.update({
+            where: { id: record.userId },
+            data: { passwordHash: newHash },
+        });
+        await passwordResetDb(this.db).update({
+            where: { id: record.id },
+            data: { usedAt: new Date() },
+        });
+        await passwordResetDb(this.db).deleteMany({
+            where: { userId: record.userId, id: { not: record.id } },
+        });
+        return { success: true, message: 'Password updated. You can sign in now.' };
+    }
+    async getSession(sessionUserId) {
+        if (!sessionUserId) {
+            throw new TRPCError({ code: 'UNAUTHORIZED', message: 'No session found' });
+        }
+        const user = await this.db.user.findUnique({
+            where: { id: sessionUserId },
+            include: { profilePicture: true, role: true },
+        });
+        if (!user) {
+            throw new TRPCError({ code: 'NOT_FOUND', message: 'User not found' });
+        }
+        const profilePictureUrl = user.profilePicture?.objectKey
+            ? `/profile-picture/${user.profilePicture.objectKey}?t=${new Date(user.updatedAt).getTime()}`
+            : null;
+        this.logger.info(`Session fetched for user ${sessionUserId}, profilePicture: ${profilePictureUrl}`, 'AUTH');
+        return {
+            user: {
+                id: user.id,
+                email: user.email,
+                name: user.name,
+                emailVerified: !!user.emailVerified,
+                profilePicture: profilePictureUrl,
+                role: user.role,
+            },
+        };
+    }
+    async requestAccountDeletion(userId) {
+        const user = await this.db.user.findUnique({ where: { id: userId } });
+        if (!user) {
+            throw new TRPCError({ code: 'NOT_FOUND', message: 'User not found' });
+        }
+        await this.db.user.update({
+            where: { id: user.id },
+            data: { deletedAt: new Date() },
+        });
+        await notifyAdminsAccountDeletionScheduled(this.db, {
+            id: user.id,
+            name: user.name,
+            email: user.email,
+        }).catch(() => { });
+        await this.db.verificationToken.deleteMany({
+            where: { identifier: `restore-${user.email}` },
+        });
+        const token = crypto.randomUUID();
+        await this.db.verificationToken.create({
+            data: {
+                identifier: `restore-${user.email}`,
+                token,
+                expires: new Date(Date.now() + 30 * 24 * 60 * 60 * 1000),
+            },
+        });
+        if (user.email) {
+            sendAccountDeletionScheduledEmail(user.email, token).catch(() => { });
+        }
+        return { success: true, message: 'Account scheduled for deletion' };
+    }
+    async restoreAccount(token) {
+        const record = await this.db.verificationToken.findUnique({ where: { token } });
+        if (!record || !record.identifier.startsWith('restore-')) {
+            throw new TRPCError({
+                code: 'NOT_FOUND',
+                message: 'Invalid or expired restore link',
+            });
+        }
+        if (record.expires < new Date()) {
+            await this.db.verificationToken.deleteMany({ where: { token } });
+            throw new TRPCError({ code: 'BAD_REQUEST', message: 'Restore link has expired.' });
+        }
+        const email = record.identifier.replace('restore-', '');
+        await this.db.user.update({
+            where: { email },
+            data: { deletedAt: null },
+        });
+        await this.db.verificationToken.deleteMany({ where: { token } });
+        sendAccountRestoredEmail(email).catch(() => { });
+        return { success: true, message: 'Account restored successfully' };
+    }
+}

package/dist/services/auth.service.d.ts ADDED Viewed

@@ -0,0 +1,94 @@
+import type { PrismaClient } from '@prisma/client';
+import { BaseService } from './base.service.js';
+export declare function hashPasswordResetToken(rawToken: string): string;
+export declare function createCustomAuthToken(userId: string): string;
+export declare class AuthService extends BaseService {
+    constructor(db: PrismaClient);
+    updateProfile(userId: string, input: {
+        name: string;
+    }): Promise<{
+        success: boolean;
+        message: string;
+    }>;
+    changePassword(userId: string, input: {
+        currentPassword: string;
+        newPassword: string;
+    }): Promise<{
+        success: boolean;
+        message: string;
+    }>;
+    uploadProfilePicture(userId: string): Promise<{
+        success: boolean;
+        message: string;
+        signedUrl: string;
+    }>;
+    /**
+     * Signup creates a user + sends verification email + kicks off Stripe customer
+     * creation. The caller (router) does NOT need to set any cookies here.
+     */
+    signup(input: {
+        name: string;
+        email: string;
+        password: string;
+    }): Promise<{
+        id: string;
+        email: string | null;
+        name: string | null;
+    }>;
+    verifyEmail(token: string): Promise<{
+        success: boolean;
+        message: string;
+    }>;
+    resendVerification(sessionUserId: string | undefined): Promise<{
+        success: boolean;
+        message: string;
+    }>;
+    /**
+     * Verifies credentials and returns the user + an auth token. The router
+     * is responsible for setting the cookie (Express `res` is not available
+     * here — we keep services HTTP-free).
+     */
+    login(input: {
+        email: string;
+        password: string;
+    }): Promise<{
+        id: string;
+        email: string | null;
+        name: string | null;
+        token: string;
+    }>;
+    requestPasswordReset(input: {
+        email: string;
+    }): Promise<{
+        success: true;
+        message: string;
+    }>;
+    resetPassword(input: {
+        token: string;
+        newPassword: string;
+    }): Promise<{
+        success: boolean;
+        message: string;
+    }>;
+    getSession(sessionUserId: string | undefined): Promise<{
+        user: {
+            id: string;
+            email: string | null;
+            name: string | null;
+            emailVerified: boolean;
+            profilePicture: string | null;
+            role: {
+                name: string;
+                id: string;
+            } | null;
+        };
+    }>;
+    requestAccountDeletion(userId: string): Promise<{
+        success: boolean;
+        message: string;
+    }>;
+    restoreAccount(token: string): Promise<{
+        success: boolean;
+        message: string;
+    }>;
+}