@internetderdinge/api 1.229.2 → 1.229.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@internetderdinge/api",
-  "version": "1.229.2",
+  "version": "1.229.4",
   "description": "Shared OpenIoT API modules",
   "main": "dist/src/index.js",
   "type": "module",

package/src/accounts/accounts.controller.ts

@@ -36,7 +36,7 @@ const getAccountById = catchAsync(
       throw new ApiError(httpStatus.NOT_FOUND, "Account not found");
     }
     res.send({
-      ...account.data,
+      ...account,
       notification: entryDeviceNotifications?.settings,
     });
   },
@@ -46,7 +46,7 @@ const setDeviceToken = catchAsync(
   async (req: AuthenticatedRequest, res: Response): Promise<void> => {
     const account = await accountsService.getAccountById(req.auth.sub);
 
-    const devices: Device[] = account.data.app_metadata.devices || [];
+    const devices: Device[] = account.app_metadata.devices || [];
     const alreadyExisting = devices.find((d) => d.fck === req.body.token);
     if (!alreadyExisting) {
       devices.push({ fck: req.body.token });
@@ -74,7 +74,9 @@ const updateEntry = catchAsync(
   async (req: AuthenticatedRequest, res: Response): Promise<void> => {
     const account = await accountsService.getAccountById(req.auth.sub);
 
-    const { isSocial } = account?.data.identities[0];
+    console.log("account", account);
+
+    const { isSocial } = account.identities[0];
 
     const {
       given_name,
@@ -93,7 +95,7 @@ const updateEntry = catchAsync(
 
     const update = isSocial
       ? {
-          ...account.data.app_metadata,
+          ...account.app_metadata,
           ...updateBody,
           ...(hasGivenName ? { first_name: trimmedGivenName } : {}),
           ...(hasFamilyName ? { last_name: trimmedFamilyName } : {}),
@@ -136,7 +138,8 @@ const deleteCurrent = catchAsync(
 const current = catchAsync(
   async (req: AuthenticatedRequest, res: Response): Promise<void> => {
     const user = await accountsService.getAccountById(req.auth.sub);
-    res.send(user.data);
+    console.log("user", user);
+    res.send(user);
   },
 );
 

package/src/accounts/accounts.service.ts

@@ -10,7 +10,7 @@ type Stock = any; // Replace with the actual Stock type if available
  * @returns {Promise<Stock>}
  */
 export const getAccountById = async (id: ObjectId): Promise<Stock> => {
-  return auth0.users.get({ id });
+  return auth0.users.get(id);
 };
 
 /**
@@ -54,7 +54,7 @@ export const updateMetaDataById = async (
   updateBody: Record<string, any>,
 ): Promise<Stock> => {
   // now use the generic update and pass app_metadata
-  return auth0.users.update({ id }, { app_metadata: updateBody });
+  return auth0.users.update(id, { app_metadata: updateBody });
 };
 
 /**
@@ -65,14 +65,14 @@ export const updateUserById = async (
   updateBody: Record<string, any>,
 ): Promise<Stock> => {
   // switch to the v3 ManagementClient users.update
-  return auth0.users.update({ id }, updateBody);
+  return auth0.users.update(id, updateBody);
 };
 
 /**
  * Delete user by id
  */
 export const deleteById = async (userId: ObjectId): Promise<Stock> => {
-  return auth0.users.delete({ id: userId });
+  return auth0.users.delete(userId);
 };
 
 export default {

package/src/accounts/accounts.validation.ts

@@ -35,25 +35,21 @@ export const getUsersSchema = zPagination;
 
 export const getAccountSchema = {
   params: z.object({
-    accountId: z
-      .string()
-      .openapi({
-        example:
-          process.env.SCHEMA_EXAMPLE_ACCOUNT_ID || "auth0|60452f4c0dc85b0062326",
-        description: "Auth Account ID",
-      }),
+    accountId: z.string().openapi({
+      example:
+        process.env.SCHEMA_EXAMPLE_ACCOUNT_ID || "auth0|60452f4c0dc85b0062326",
+      description: "Auth Account ID",
+    }),
   }),
 };
 
 export const updateAccountSchema = {
   params: z.object({
-    accountId: z
-      .string()
-      .openapi({
-        example:
-          process.env.SCHEMA_EXAMPLE_ACCOUNT_ID || "auth0|60452f4c0dc85b0062326",
-        description: "Auth Account ID",
-      }),
+    accountId: z.string().openapi({
+      example:
+        process.env.SCHEMA_EXAMPLE_ACCOUNT_ID || "auth0|60452f4c0dc85b0062326",
+      description: "Auth Account ID",
+    }),
   }),
   body: zPatchBody({
     language: z
@@ -67,9 +63,10 @@ export const updateAccountSchema = {
       .optional()
       .openapi({ example: "female", description: "Gender" }),
     email: z
-      .string()
-      .email()
-      .optional()
+      .preprocess(
+        (value) => (value === "" ? undefined : value),
+        z.string().email().optional(),
+      )
       .openapi({ description: "User email address" }),
     given_name: z
       .string()
@@ -90,13 +87,11 @@ export const updateAccountSchema = {
 
 export const deleteEntrySchema = {
   params: z.object({
-    accountId: z
-      .string()
-      .openapi({
-        example:
-          process.env.SCHEMA_EXAMPLE_ACCOUNT_ID || "auth0|60452f4c0dc85b0062326",
-        description: "Auth Account ID",
-      }),
+    accountId: z.string().openapi({
+      example:
+        process.env.SCHEMA_EXAMPLE_ACCOUNT_ID || "auth0|60452f4c0dc85b0062326",
+      description: "Auth Account ID",
+    }),
   }),
 };
 

package/src/accounts/auth0.service.ts

@@ -21,6 +21,7 @@ let tokenManagementClient: TokenManagementClient = {
 };
 
 //if (config.env !== 'production') {
+/* 
 try {
   console.warn("Auth0 client: use local token from cache try");
   const token = readFileSync("./token.txt", "utf8");
@@ -28,7 +29,7 @@ try {
   tokenManagementClient = { token };
 } catch (error) {
   console.log("Auth0 Client: use new token");
-}
+} */
 //}
 
 // IoT Api
@@ -123,12 +124,12 @@ export const getAuth0Token = async (): Promise<string> => {
       pendingTokenPromise = null;
       return cachedToken;
     }
-    //}
 
+    console.warn("Auth0 Client: Requesting new token from Auth0");
     const tokenResponse =
       await auth0AuthClient.oauth.clientCredentialsGrant(grantOpts);
-    const expiresIn = tokenResponse.data.expires_in || 3600;
-    cachedToken = tokenResponse.data.access_token;
+    const expiresIn = tokenResponse.expires_in || 3600;
+    cachedToken = tokenResponse.access_token;
     tokenExpiresAt = now + expiresIn;
 
     // if (process.env.NODE_ENV !== 'production') {
@@ -159,6 +160,7 @@ export const getAuth0ManagementToken = async (): Promise<string> => {
 
   pendingManagementTokenPromise = (async () => {
     const fileToken = await loadTokenFromFile(MANAGEMENT_TOKEN_FILE_PATH);
+
     if (fileToken && fileToken.expiresAt > now + TOKEN_BUFFER_SECONDS) {
       cachedManagementToken = fileToken.token;
       managementTokenExpiresAt = fileToken.expiresAt;
@@ -166,8 +168,10 @@ export const getAuth0ManagementToken = async (): Promise<string> => {
       return cachedManagementToken;
     }
 
+    console.warn("Auth0 Management Client: Requesting new token from Auth0");
     const tokenResponse =
       await auth0AuthClient.oauth.clientCredentialsGrant(grantOpts);
+
     const expiresIn = tokenResponse.data.expires_in || 3600;
     cachedManagementToken = tokenResponse.data.access_token;
     managementTokenExpiresAt = now + expiresIn;
@@ -192,27 +196,26 @@ export const auth0 = new ManagementClient({
 });
 
 export const getUserIdByEmail = async (email: string): Promise<User[]> => {
-  // use the users resource to look up by email
-  return auth0.usersByEmail.getByEmail({ email });
+  return auth0.users.listUsersByEmail({ email });
 };
 
 export const sendVerificationEmail = async (userID: string): Promise<any> => {
-  return auth0.jobs.verifyEmail({ user_id: userID });
+  return auth0.tickets.verifyEmail({ user_id: userID });
 };
 
 export const getUserById = async (userId: string): Promise<User> => {
-  return auth0.users.get({ id: userId });
+  return auth0.users.get(userId);
 };
 
 export const avatar = async (userId: string): Promise<User> => {
-  return auth0.users.get({ id: userId });
+  return auth0.users.get(userId);
 };
 
 export const mfaEnrollAccount = async (
   userId: string,
   mfaToken: string,
 ): Promise<any> => {
-  const ticketResponse = await auth0.guardian.createEnrollmentTicket({
+  const ticketResponse = await auth0.guardian.enrollments.createTicket({
     user_id: userId,
     send_mail: false,
   });
@@ -221,15 +224,15 @@ export const mfaEnrollAccount = async (
 };
 
 export const mfaDisableAccount = async (userId: string): Promise<any> => {
-  await auth0.users.deleteAuthenticationMethods({ id: userId });
+  await auth0.users.authenticationMethods.deleteAll(userId);
   return { success: true };
 };
 
 export const getUsersByIds = async (postIDs: string[]): Promise<User[]> => {
-  let q = "";
-  postIDs.forEach((e, i) => {
-    if (e) q = `${q} ${i >= 2 ? " OR " : ""} user_id:"${e}"`;
-  });
+  const userIds = postIDs.filter(Boolean);
+  if (!userIds.length) return [];
+
+  const q = userIds.map((id) => `user_id:"${id}"`).join(" OR ");
 
   const params = {
     search_engine: "v3",
@@ -238,7 +241,8 @@ export const getUsersByIds = async (postIDs: string[]): Promise<User[]> => {
     page: 0,
   };
 
-  return auth0.users.getAll(params);
+  const page = await auth0.users.list(params);
+  return page || [];
 };
 
 export default {

package/src/devices/devices.route.ts

@@ -94,6 +94,17 @@ export const devicesRouteSpecs: RouteSpec[] = [
   {
     method: "post",
     path: "/:deviceId",
+    validate: [auth("manageUsers"), validateDevice, validateOrganizationUpdate],
+    requestSchema: updateDeviceSchema,
+    responseSchema: deviceResponseSchema,
+    handler: devicesController.updateEntry,
+    summary: "Update a device",
+    description:
+      "Modify the properties of an existing device identified by its ID.",
+  },
+  {
+    method: "delete",
+    path: "/:deviceId",
     handler: devicesController.deleteEntry,
     summary: "Delete a device",
     description: "Remove the specified device from the system.",

package/src/devicesNotifications/devicesNotifications.controller.ts

@@ -22,6 +22,8 @@ export const setDeviceToken = catchAsync(
       user: res.req.auth.sub,
       body: req.body,
     });
+
+    console.log("Setting device tokenddddd for user:", res.req.auth.sub);
     res.status(httpStatus.CREATED).send(user);
   },
 );

package/src/middlewares/auth.ts

@@ -36,17 +36,18 @@ const verifyCallback: VerifyCallback =
         return reject(new ApiError(httpStatus.FORBIDDEN, "Forbidden"));
       }
     }
-
     resolve();
   };
 
 const auth = function authFactory(...requiredRights: string[]) {
+  console.log("Creating auth middleware with required rights:", requiredRights);
   return async function authMiddleware(
     req: AuthRequest,
     res: Response,
     next: NextFunction,
   ): Promise<void> {
     try {
+      console.log("Authenticating request:");
       // Check for custom token in X-API-Key header
       const apiKey = req.headers["x-api-key"] as string | undefined;
       if (apiKey && apiKey.length === 64) {
@@ -93,6 +94,7 @@ const auth = function authFactory(...requiredRights: string[]) {
             err.message || "Sorry we were unable to process your request.";
           return res.status(status).send({ message });
         }
+
         next();
       });
     } catch (error) {

package/src/middlewares/validateAdmin.ts

@@ -1,20 +1,31 @@
-import httpStatus from 'http-status';
-import ApiError from '../utils/ApiError';
-import type { Request, Response, NextFunction } from 'express';
+import httpStatus from "http-status";
+import ApiError from "../utils/ApiError";
+import type { Request, Response, NextFunction } from "express";
 
 const isAdmin = (user: Record<string, any> | undefined): boolean => {
-  //return false;
+  return false;
   if (!user) return false;
 
   // return false; // TODO: Remove this line when the user object is properly defined
-  return user['https://memo.wirewire.de/roles'] ? user['https://memo.wirewire.de/roles'].includes('admin') : false;
+  return user["https://memo.wirewire.de/roles"]
+    ? user["https://memo.wirewire.de/roles"].includes("admin")
+    : false;
 };
 
-const validateAdmin = async (req: Request, res: Response, next: NextFunction): Promise<void> => {
+const validateAdmin = async (
+  req: Request,
+  res: Response,
+  next: NextFunction,
+): Promise<void> => {
   if (isAdmin(req.auth)) {
     next();
   } else {
-    next(new ApiError(httpStatus.FORBIDDEN, 'User is not part of the admin group (validateAdmin)'));
+    next(
+      new ApiError(
+        httpStatus.FORBIDDEN,
+        "User is not part of the admin group (validateAdmin)",
+      ),
+    );
   }
 };
 

package/src/users/users.route.ts

@@ -138,7 +138,6 @@ export const userRouteSpecs: RouteSpec[] = [
     handler: userController.updateUser,
     summary: "Update a user by ID",
     description: "Replaces a user’s full record with the provided data.",
-    memoOnly: true,
   },
   {
     method: "patch",
@@ -149,7 +148,6 @@ export const userRouteSpecs: RouteSpec[] = [
     handler: userController.updateUser,
     summary: "Partially update a user by ID",
     description: "Applies partial updates to a user’s record by ID.",
-    memoOnly: true,
   },
   {
     method: "delete",

package/src/users/users.service.ts

@@ -149,7 +149,21 @@ export const getUserByOwner = async (
 ): Promise<any | null> => {
   const user = await User.findOne({ owner, organization });
   if (!user) return null;
+
+  console.log(
+    "Found user for owner and organization:",
+    owner,
+    organization,
+    user,
+  );
   const auth0User = await populateAuth0User(user);
+
+  console.log(
+    "Found user for owner and organizationddddddd:",
+    owner,
+    organization,
+    user,
+  );
   const json = user.toJSON();
   json.auth0User = auth0User;
   return json;

package/src/users/users.validation.ts

@@ -71,21 +71,6 @@ export const getCurrentUserSchema = {
 export const updateUserSchema = {
   ...zUpdate("userId"),
   body: zPatchBody({
-    password: z
-      .string()
-      .refine(
-        (val) => {
-          try {
-            password(val);
-            return true;
-          } catch {
-            return false;
-          }
-        },
-        { message: "Invalid password format" },
-      )
-      .optional()
-      .openapi({ description: "New user password" }),
     name: z.string().optional().openapi({ description: "User full name" }),
     timezone: z.string().optional().openapi({ description: "IANA timezone" }),
     avatar: z.string().optional().openapi({ description: "Avatar URL" }),
@@ -107,7 +92,11 @@ export const updateUserSchema = {
       .enum(["user", "admin", "patient", "onlyself"])
       .optional()
       .openapi({ description: "User role" }),
-    inviteCode: z.string().optional().openapi({ description: "Invite code" }),
+    inviteCode: z
+      .string()
+      .nullable()
+      .optional()
+      .openapi({ description: "Invite code" }),
     organization: zObjectId
       .optional()
       .openapi({ description: "Organization ObjectId" }),
@@ -128,7 +117,11 @@ export const updateInviteSchema = {
   body: z.object({
     organization: zObjectId.openapi({ description: "Organization ObjectId" }),
     status: z.enum(["accepted"]).openapi({ description: "Invite status" }),
-    inviteCode: z.string().optional().openapi({ description: "Invite code" }),
+    inviteCode: z
+      .string()
+      .nullable()
+      .optional()
+      .openapi({ description: "Invite code" }),
   }),
 };
 

package/src/utils/buildRouterAndDocs.ts

@@ -69,8 +69,6 @@ export default function buildAiRouterAndDocs(
       };
     }
 
-    console.log("spec.requestScbn");
-
     if (
       spec.responseSchema &&
       !hasRoleValidation(spec.validate) &&

package/src/utils/userName.ts

@@ -5,7 +5,7 @@ import type { Patient } from "../types/patient"; // Assuming a `Patient` type ex
 const generateUserName = async (patient: Patient): Promise<string | null> => {
   if (patient.owner) {
     const auth0UserById = await getUserById(patient.owner);
-    patient.auth0User = auth0UserById.data;
+    patient.auth0User = auth0UserById;
   }
 
   if (patient?.auth0User?.app_metadata?.first_name) {