@internetderdinge/api 1.229.3 → 1.229.4

package/dist/src/accounts/accounts.controller.js

@@ -10,13 +10,13 @@ const getAccountById = catchAsync(async (req, res) => {
         throw new ApiError(httpStatus.NOT_FOUND, "Account not found");
     }
     res.send({
-        ...account.data,
+        ...account,
         notification: entryDeviceNotifications?.settings,
     });
 });
 const setDeviceToken = catchAsync(async (req, res) => {
     const account = await accountsService.getAccountById(req.auth.sub);
-    const devices = account.data.app_metadata.devices || [];
+    const devices = account.app_metadata.devices || [];
     const alreadyExisting = devices.find((d) => d.fck === req.body.token);
     if (!alreadyExisting) {
         devices.push({ fck: req.body.token });
@@ -34,7 +34,8 @@ const avatar = catchAsync(async (req, res) => {
 });
 const updateEntry = catchAsync(async (req, res) => {
     const account = await accountsService.getAccountById(req.auth.sub);
-    const { isSocial } = account?.data.identities[0];
+    console.log("account", account);
+    const { isSocial } = account.identities[0];
     const { given_name, family_name, email, notification, ...updateBody } = req.body;
     const trimmedGivenName = typeof given_name === "string" ? given_name.trim() : undefined;
     const trimmedFamilyName = typeof family_name === "string" ? family_name.trim() : undefined;
@@ -42,7 +43,7 @@ const updateEntry = catchAsync(async (req, res) => {
     const hasFamilyName = !!trimmedFamilyName;
     const update = isSocial
         ? {
-            ...account.data.app_metadata,
+            ...account.app_metadata,
             ...updateBody,
             ...(hasGivenName ? { first_name: trimmedGivenName } : {}),
             ...(hasFamilyName ? { last_name: trimmedFamilyName } : {}),
@@ -75,7 +76,8 @@ const deleteCurrent = catchAsync(async (req, res) => {
 });
 const current = catchAsync(async (req, res) => {
     const user = await accountsService.getAccountById(req.auth.sub);
-    res.send(user.data);
+    console.log("user", user);
+    res.send(user);
 });
 const mfaEnroll = catchAsync(async (req, res) => {
     const { mfaEnroll } = req.body;

package/dist/src/accounts/accounts.validation.js

@@ -23,9 +23,7 @@ export const createAccountSchema = {
 export const getUsersSchema = zPagination;
 export const getAccountSchema = {
     params: z.object({
-        accountId: z
-            .string()
-            .openapi({
+        accountId: z.string().openapi({
             example: process.env.SCHEMA_EXAMPLE_ACCOUNT_ID || "auth0|60452f4c0dc85b0062326",
             description: "Auth Account ID",
         }),
@@ -33,9 +31,7 @@ export const getAccountSchema = {
 };
 export const updateAccountSchema = {
     params: z.object({
-        accountId: z
-            .string()
-            .openapi({
+        accountId: z.string().openapi({
             example: process.env.SCHEMA_EXAMPLE_ACCOUNT_ID || "auth0|60452f4c0dc85b0062326",
             description: "Auth Account ID",
         }),
@@ -52,9 +48,7 @@ export const updateAccountSchema = {
             .optional()
             .openapi({ example: "female", description: "Gender" }),
         email: z
-            .string()
-            .email()
-            .optional()
+            .preprocess((value) => (value === "" ? undefined : value), z.string().email().optional())
             .openapi({ description: "User email address" }),
         given_name: z
             .string()
@@ -74,9 +68,7 @@ export const updateAccountSchema = {
 };
 export const deleteEntrySchema = {
     params: z.object({
-        accountId: z
-            .string()
-            .openapi({
+        accountId: z.string().openapi({
             example: process.env.SCHEMA_EXAMPLE_ACCOUNT_ID || "auth0|60452f4c0dc85b0062326",
             description: "Auth Account ID",
         }),

package/dist/src/accounts/auth0.service.js

@@ -1,20 +1,20 @@
 // @ts-nocheck
 import { AuthenticationClient, ManagementClient } from "auth0";
-import { promises as fs, readFileSync } from "fs";
+import { promises as fs } from "fs";
 let tokenManagementClient = {
     clientId: process.env.AUTH0_CLIENT_ID,
     clientSecret: process.env.AUTH0_CLIENT_SECRET,
 };
 //if (config.env !== 'production') {
+/*
 try {
-    console.warn("Auth0 client: use local token from cache try");
-    const token = readFileSync("./token.txt", "utf8");
-    console.warn("Auth0 client: use local token from cache");
-    tokenManagementClient = { token };
-}
-catch (error) {
-    console.log("Auth0 Client: use new token");
-}
+  console.warn("Auth0 client: use local token from cache try");
+  const token = readFileSync("./token.txt", "utf8");
+  console.warn("Auth0 client: use local token from cache");
+  tokenManagementClient = { token };
+} catch (error) {
+  console.log("Auth0 Client: use new token");
+} */
 //}
 // IoT Api
 /*
@@ -91,10 +91,10 @@ export const getAuth0Token = async () => {
             pendingTokenPromise = null;
             return cachedToken;
         }
-        //}
+        console.warn("Auth0 Client: Requesting new token from Auth0");
         const tokenResponse = await auth0AuthClient.oauth.clientCredentialsGrant(grantOpts);
-        const expiresIn = tokenResponse.data.expires_in || 3600;
-        cachedToken = tokenResponse.data.access_token;
+        const expiresIn = tokenResponse.expires_in || 3600;
+        cachedToken = tokenResponse.access_token;
         tokenExpiresAt = now + expiresIn;
         // if (process.env.NODE_ENV !== 'production') {
         await writeTokenFile(TOKEN_FILE_PATH, cachedToken, tokenExpiresAt);
@@ -123,6 +123,7 @@ export const getAuth0ManagementToken = async () => {
             pendingManagementTokenPromise = null;
             return cachedManagementToken;
         }
+        console.warn("Auth0 Management Client: Requesting new token from Auth0");
         const tokenResponse = await auth0AuthClient.oauth.clientCredentialsGrant(grantOpts);
         const expiresIn = tokenResponse.data.expires_in || 3600;
         cachedManagementToken = tokenResponse.data.access_token;
@@ -173,7 +174,7 @@ export const getUsersByIds = async (postIDs) => {
         page: 0,
     };
     const page = await auth0.users.list(params);
-    return page.data || [];
+    return page || [];
 };
 export default {
     auth0,

package/dist/src/devices/devices.route.js

@@ -7,9 +7,9 @@ import { validateQuerySearchUserAndOrganization } from "../middlewares/validateQ
 import { validateDevice } from "../middlewares/validateDevice.js";
 import * as devicesController from "./devices.controller.js";
 import { resetDevice } from "./devices.controller.js";
-import { createDeviceSchema, queryDevicesSchema, getDeviceSchema, getEventsSchema, pingDeviceSchema, registerDeviceSchema, ledLightSchema, rebootDeviceSchema, getImageSchema, updateSingleImageMetaSchema, uploadSingleImageSchema, resetDeviceSchema, } from "./devices.validation.js";
+import { createDeviceSchema, queryDevicesSchema, getDeviceSchema, updateDeviceSchema, getEventsSchema, pingDeviceSchema, registerDeviceSchema, ledLightSchema, rebootDeviceSchema, getImageSchema, updateSingleImageMetaSchema, uploadSingleImageSchema, resetDeviceSchema, } from "./devices.validation.js";
 import { deviceResponseSchema, devicesResponseSchema, eventResponseSchema, genericResponseSchema, imageResponseSchema, uploadResponseSchema, resetResponseSchema, } from "./devices.schemas.js";
-import { validateOrganizationDelete, } from "../middlewares/validateAction.js";
+import { validateOrganizationDelete, validateOrganizationUpdate, } from "../middlewares/validateAction.js";
 export const devicesRouteSpecs = [
     {
         method: "post",
@@ -58,6 +58,16 @@ export const devicesRouteSpecs = [
     {
         method: "post",
         path: "/:deviceId",
+        validate: [auth("manageUsers"), validateDevice, validateOrganizationUpdate],
+        requestSchema: updateDeviceSchema,
+        responseSchema: deviceResponseSchema,
+        handler: devicesController.updateEntry,
+        summary: "Update a device",
+        description: "Modify the properties of an existing device identified by its ID.",
+    },
+    {
+        method: "delete",
+        path: "/:deviceId",
         handler: devicesController.deleteEntry,
         summary: "Delete a device",
         description: "Remove the specified device from the system.",

package/dist/src/devicesNotifications/devicesNotifications.controller.js

@@ -16,6 +16,7 @@ export const setDeviceToken = catchAsync(async (req, res) => {
         user: res.req.auth.sub,
         body: req.body,
     });
+    console.log("Setting device tokenddddd for user:", res.req.auth.sub);
     res.status(httpStatus.CREATED).send(user);
 });
 export const removeDeviceToken = catchAsync(async (req, res) => {

package/dist/src/middlewares/auth.js

@@ -20,8 +20,10 @@ const verifyCallback = (req, resolve, reject, requiredRights) => async (err, use
     resolve();
 };
 const auth = function authFactory(...requiredRights) {
+    console.log("Creating auth middleware with required rights:", requiredRights);
     return async function authMiddleware(req, res, next) {
         try {
+            console.log("Authenticating request:");
             // Check for custom token in X-API-Key header
             const apiKey = req.headers["x-api-key"];
             if (apiKey && apiKey.length === 64) {

package/dist/src/middlewares/validateAdmin.js

@@ -1,18 +1,20 @@
-import httpStatus from 'http-status';
-import ApiError from '../utils/ApiError';
+import httpStatus from "http-status";
+import ApiError from "../utils/ApiError";
 const isAdmin = (user) => {
-    //return false;
+    return false;
     if (!user)
         return false;
     // return false; // TODO: Remove this line when the user object is properly defined
-    return user['https://memo.wirewire.de/roles'] ? user['https://memo.wirewire.de/roles'].includes('admin') : false;
+    return user["https://memo.wirewire.de/roles"]
+        ? user["https://memo.wirewire.de/roles"].includes("admin")
+        : false;
 };
 const validateAdmin = async (req, res, next) => {
     if (isAdmin(req.auth)) {
         next();
     }
     else {
-        next(new ApiError(httpStatus.FORBIDDEN, 'User is not part of the admin group (validateAdmin)'));
+        next(new ApiError(httpStatus.FORBIDDEN, "User is not part of the admin group (validateAdmin)"));
     }
 };
 export { isAdmin, validateAdmin };

package/dist/src/users/users.route.js

@@ -108,7 +108,6 @@ export const userRouteSpecs = [
         handler: userController.updateUser,
         summary: "Update a user by ID",
         description: "Replaces a user’s full record with the provided data.",
-        memoOnly: true,
     },
     {
         method: "patch",
@@ -119,7 +118,6 @@ export const userRouteSpecs = [
         handler: userController.updateUser,
         summary: "Partially update a user by ID",
         description: "Applies partial updates to a user’s record by ID.",
-        memoOnly: true,
     },
     {
         method: "delete",

package/dist/src/users/users.service.js

@@ -104,7 +104,9 @@ export const getUserByOwner = async (owner, organization) => {
     const user = await User.findOne({ owner, organization });
     if (!user)
         return null;
+    console.log("Found user for owner and organization:", owner, organization, user);
     const auth0User = await populateAuth0User(user);
+    console.log("Found user for owner and organizationddddddd:", owner, organization, user);
     const json = user.toJSON();
     json.auth0User = auth0User;
     return json;

package/dist/src/users/users.validation.js

@@ -1,7 +1,6 @@
 // @ts-nocheck
 import { z } from "zod";
 import { extendZodWithOpenApi } from "@asteasolutions/zod-to-openapi";
-import { password } from "../validations/custom.validation.js";
 import { zPagination, zGet, zObjectId, zObjectIdFor, zPatchBody, zUpdate, zDelete, } from "../utils/zValidations.js";
 extendZodWithOpenApi(z);
 export const createUserSchema = {
@@ -55,19 +54,6 @@ export const getCurrentUserSchema = {
 export const updateUserSchema = {
     ...zUpdate("userId"),
     body: zPatchBody({
-        password: z
-            .string()
-            .refine((val) => {
-            try {
-                password(val);
-                return true;
-            }
-            catch {
-                return false;
-            }
-        }, { message: "Invalid password format" })
-            .optional()
-            .openapi({ description: "New user password" }),
         name: z.string().optional().openapi({ description: "User full name" }),
         timezone: z.string().optional().openapi({ description: "IANA timezone" }),
         avatar: z.string().optional().openapi({ description: "Avatar URL" }),
@@ -89,7 +75,11 @@ export const updateUserSchema = {
             .enum(["user", "admin", "patient", "onlyself"])
             .optional()
             .openapi({ description: "User role" }),
-        inviteCode: z.string().optional().openapi({ description: "Invite code" }),
+        inviteCode: z
+            .string()
+            .nullable()
+            .optional()
+            .openapi({ description: "Invite code" }),
         organization: zObjectId
             .optional()
             .openapi({ description: "Organization ObjectId" }),
@@ -107,7 +97,11 @@ export const updateInviteSchema = {
     body: z.object({
         organization: zObjectId.openapi({ description: "Organization ObjectId" }),
         status: z.enum(["accepted"]).openapi({ description: "Invite status" }),
-        inviteCode: z.string().optional().openapi({ description: "Invite code" }),
+        inviteCode: z
+            .string()
+            .nullable()
+            .optional()
+            .openapi({ description: "Invite code" }),
     }),
 };
 export const organizationRemoveSchema = {

package/dist/src/utils/userName.js

@@ -3,7 +3,7 @@ import { getUserById } from "../accounts/auth0.service";
 const generateUserName = async (patient) => {
     if (patient.owner) {
         const auth0UserById = await getUserById(patient.owner);
-        patient.auth0User = auth0UserById.data;
+        patient.auth0User = auth0UserById;
     }
     if (patient?.auth0User?.app_metadata?.first_name) {
         return `${patient.auth0User.app_metadata.first_name} ${patient.auth0User.app_metadata.last_name}`;