@intlayer/backend 3.0.0

package/dist/esm/services/sessionAuth.service.mjs

@@ -0,0 +1,337 @@
+import { logger } from './../logger/index.mjs';
+import {
+  Cookies,
+  getClearCookieOptions,
+  getCookieOptions,
+  MAX_AGE
+} from './../utils/cookies.mjs';
+import { GenericError } from './../utils/errors/index.mjs';
+import { mapUserToAPI } from './../utils/mapper/user.mjs';
+import { hash, genSalt, compare } from "bcrypt";
+import { t } from "express-intlayer";
+import jwt from "jsonwebtoken";
+import { v4 as uuidv4 } from "uuid";
+import { getUserByEmail, getUserById, updateUserById } from './user.service.mjs';
+const addSession = async (user) => {
+  const userSessionToken = uuidv4();
+  const session = {
+    sessionToken: userSessionToken,
+    expires: new Date(Date.now() + MAX_AGE)
+  };
+  const updatedUser = await updateUserById(user._id, { session });
+  return updatedUser;
+};
+const removeSession = async (user) => {
+  const session = void 0;
+  const updatedUser = await updateUserById(user._id, { session });
+  return updatedUser;
+};
+const setUserAuth = async (res, user) => {
+  const formattedUser = mapUserToAPI(user);
+  const userToken = jwt.sign(formattedUser, process.env.JWT_TOKEN_SECRET, {
+    expiresIn: MAX_AGE
+  });
+  if (!userToken) {
+    throw new GenericError("JWT_TOKEN_CREATION_FAILED_USER", { user });
+  }
+  const cookieOptions = getCookieOptions();
+  res.cookie(Cookies.JWT_USER, userToken, cookieOptions);
+  const userWithSession = await addSession(user);
+  const userSessionToken = userWithSession.session?.sessionToken;
+  res.cookie(Cookies.JWT_AUTH, userSessionToken, cookieOptions);
+  res.locals.user = user;
+  logger.info(
+    `User logged in - User: Name: ${user.name}, id: ${String(user._id)}`
+  );
+};
+const clearUserAuth = async (res) => {
+  const { user } = res.locals;
+  const cookiesOptions = getClearCookieOptions();
+  if (user) {
+    await removeSession(user);
+  }
+  res.cookie(Cookies.JWT_AUTH, "", cookiesOptions);
+  res.cookie(Cookies.JWT_USER, "", cookiesOptions);
+  res.locals.user = null;
+  res.locals.authType = null;
+};
+const setOrganizationAuth = (res, organization) => {
+  const organizationData = {
+    _id: organization._id,
+    name: organization.name
+  };
+  const organizationToken = jwt.sign(
+    organizationData,
+    process.env.JWT_TOKEN_SECRET,
+    {
+      expiresIn: MAX_AGE
+    }
+  );
+  if (!organizationToken) {
+    throw new GenericError("JWT_TOKEN_CREATION_FAILED_ORGANIZATION", {
+      organization
+    });
+  }
+  res.cookie(Cookies.JWT_ORGANIZATION, organizationToken, getCookieOptions());
+  res.locals.organization = organization;
+};
+const clearOrganizationAuth = (res) => {
+  res.locals.organization = null;
+  res.cookie(Cookies.JWT_ORGANIZATION, "", getClearCookieOptions());
+};
+const setProjectAuth = (res, project) => {
+  const { organization } = res.locals;
+  const projectData = {
+    _id: project._id,
+    name: project.name
+  };
+  const projectToken = jwt.sign(projectData, process.env.JWT_TOKEN_SECRET, {
+    expiresIn: MAX_AGE
+  });
+  if (!projectToken) {
+    throw new GenericError("JWT_TOKEN_CREATION_FAILED_PROJECT", {
+      project
+    });
+  }
+  res.cookie(Cookies.JWT_PROJECT, projectToken, getCookieOptions());
+  if (!organization) {
+    throw new GenericError("ORGANIZATION_NOT_FOUND", {
+      project
+    });
+  }
+  if (
+    // if the project is not in the organization's projects
+    String(organization._id) !== String(project.organizationId)
+  ) {
+    throw new GenericError("JWT_TOKEN_ORGANIZATION_MISMATCH_PROJECT", {
+      project
+    });
+  }
+  res.locals.project = project;
+};
+const clearProjectAuth = (res) => {
+  res.locals.project = null;
+  res.cookie(Cookies.JWT_PROJECT, "", getClearCookieOptions());
+};
+const activateUser = async (userId, secret) => {
+  return await updateUserProvider(userId, "email", {
+    secret
+  });
+};
+const generateSecret = (length) => {
+  const characters = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+  return Array.from(
+    { length },
+    () => characters.charAt(Math.floor(Math.random() * characters.length))
+  ).join("");
+};
+const requestPasswordReset = async (email) => {
+  const user = await getUserByEmail(email);
+  if (!user) {
+    throw new GenericError("USER_NOT_FOUND", { email });
+  }
+  return updateUserProvider(user._id, "email", {
+    secret: generateSecret(35)
+  });
+};
+const resetUserPassword = async (userId, secret, newPassword) => {
+  const emailAndPasswordProvider = await getUserProvider(userId, "email");
+  if (!emailAndPasswordProvider) {
+    throw new GenericError("USER_PROVIDER_NOT_FOUND", { userId });
+  }
+  if (emailAndPasswordProvider.secret !== secret) {
+    throw new GenericError("USER_PROVIDER_SECRET_NOT_VALID", { userId });
+  }
+  const updatedUser = await updateUserProvider(userId, "email", {
+    passwordHash: await hash(newPassword, await genSalt()),
+    secret
+  });
+  return updatedUser;
+};
+const getUserProvider = async (userId, provider, providerAccountId) => {
+  const user = await getUserById(userId);
+  if (!user) {
+    throw new GenericError("USER_NOT_FOUND", { userId });
+  }
+  const userProvider = user.provider?.find(
+    (providerEl) => providerEl.provider === provider && !providerAccountId || providerAccountId && providerEl.providerAccountId === providerAccountId
+  );
+  return userProvider ?? null;
+};
+const formatUserProviderUpdate = (provider, user, providerUpdate) => {
+  const userProvider = user.provider.toObject();
+  const userProviderToUpdate = userProvider?.find(
+    (providerEl) => providerEl.provider === provider
+  );
+  let updatedProvider;
+  if (userProviderToUpdate) {
+    const otherProviders = user.provider?.filter((p) => p.provider !== provider) ?? [];
+    updatedProvider = [
+      ...otherProviders,
+      { ...userProviderToUpdate, ...providerUpdate, provider }
+    ];
+  } else {
+    updatedProvider = [
+      ...user.provider ?? [],
+      { ...providerUpdate, provider }
+    ];
+  }
+  return updatedProvider;
+};
+const updateUserProvider = async (userId, provider, providerUpdate) => {
+  const user = await getUserById(userId);
+  if (!user) {
+    throw new GenericError("USER_NOT_FOUND", { userId });
+  }
+  const formattedProviderToUpdate = formatUserProviderUpdate(
+    provider,
+    user,
+    providerUpdate
+  );
+  const updatedUser = await updateUserById(userId, {
+    provider: formattedProviderToUpdate
+  });
+  logger.info(
+    `User provider updated - User: Name: ${updatedUser.name}, id: ${String(updatedUser._id)} - Provider: ${provider}`
+  );
+  return updatedUser;
+};
+const addUserProvider = async (userId, provider) => {
+  const user = await getUserById(userId);
+  if (!user) {
+    throw new GenericError("USER_NOT_FOUND", { userId });
+  }
+  const existingProvider = await getUserProvider(userId, provider.provider);
+  if (existingProvider) {
+    throw new GenericError("USER_PROVIDER_ALREADY_EXISTS", {
+      userId,
+      provider
+    });
+  }
+  const updatedProvider = [...user.provider ?? [], provider];
+  const updatedUser = await updateUserById(userId, {
+    provider: updatedProvider
+  });
+  logger.info(
+    `User provider added - User: Name: ${updatedUser.name}, id: ${String(updatedUser._id)} - Provider: ${provider.provider}`
+  );
+  return updatedUser;
+};
+const removeUserProvider = async (userId, provider, providerAccountId) => {
+  const user = await getUserById(userId);
+  if (!user) {
+    throw new GenericError("USER_NOT_FOUND", { userId });
+  }
+  const existingProvider = await getUserProvider(
+    userId,
+    provider,
+    providerAccountId
+  );
+  if (!existingProvider) {
+    throw new GenericError("USER_PROVIDER_NOT_FOUND", {
+      userId,
+      provider
+    });
+  }
+  const updatedProvider = user.provider?.filter(
+    (p) => p.provider !== provider && (!providerAccountId || providerAccountId && p.providerAccountId !== providerAccountId)
+  );
+  return await updateUserById(userId, {
+    provider: updatedProvider
+  });
+};
+const testUserPassword = async (email, password) => {
+  const user = await getUserByEmail(email);
+  if (!user) {
+    const errorMessages = {
+      en: `User not found - ${email}`,
+      fr: `Utilisateur non trouv\xE9 - ${email}`,
+      es: `Usuario no encontrado - ${email}`
+    };
+    return { user: null, error: t(errorMessages) };
+  }
+  const userEmailPasswordProvider = user.provider?.find(
+    (provider) => provider.provider === "email"
+  );
+  if (!userEmailPasswordProvider?.passwordHash) {
+    const errorMessages = {
+      en: `User request to login but no password defined: ${user.email}`,
+      fr: `Demande de connexion d'utilisateur mais pas de mot de passe d\xE9fini : ${user.email}`,
+      es: `Solicitud de inicio de sesi\xF3n de usuario pero no se define la contrase\xF1a : ${user.email}`
+    };
+    return { user: null, error: t(errorMessages) };
+  }
+  const isMatch = await compare(
+    password,
+    userEmailPasswordProvider.passwordHash
+  );
+  if (!isMatch) {
+    const errorMessages = {
+      en: `Incorrect email or password: ${email}`,
+      fr: `Email ou mot de passe incorrect : ${email}`,
+      es: `Correo electr\xF3nico o contrase\xF1a incorrecta : ${email}`
+    };
+    logger.error(errorMessages.en);
+    const randomNumber = Math.floor(Math.random() * 1e3) + 1e3;
+    await new Promise((resolve) => setTimeout(resolve, randomNumber));
+    return { user: null, error: t(errorMessages) };
+  }
+  return { user };
+};
+const hashUserPassword = async (userWithPasswordNotHashed) => {
+  const { password, ...user } = userWithPasswordNotHashed;
+  if (!password) {
+    throw new GenericError("USER_PASSWORD_NOT_DEFINED", { user });
+  }
+  const userProvider = formatUserProviderUpdate("email", user, {
+    passwordHash: await hash(password, await genSalt()),
+    secret: generateSecret(35)
+  });
+  return { ...user, provider: userProvider };
+};
+const changeUserPassword = async (userId, oldPassword, newPassword) => {
+  const user = await getUserById(userId);
+  if (!user) {
+    throw new GenericError("USER_NOT_FOUND", { userId });
+  }
+  const { email } = user;
+  await testUserPassword(email, oldPassword);
+  const updatedUser = await updateUserProvider(userId, "email", {
+    passwordHash: await hash(newPassword, await genSalt())
+  });
+  return updatedUser;
+};
+const resetPassword = async (userId, password) => {
+  const user = await getUserById(userId);
+  if (!user) {
+    throw new GenericError("USER_NOT_FOUND", { userId });
+  }
+  const updatedUser = await updateUserProvider(userId, "email", {
+    passwordHash: await hash(password, await genSalt())
+  });
+  return updatedUser;
+};
+export {
+  activateUser,
+  addSession,
+  addUserProvider,
+  changeUserPassword,
+  clearOrganizationAuth,
+  clearProjectAuth,
+  clearUserAuth,
+  formatUserProviderUpdate,
+  generateSecret,
+  getUserProvider,
+  hashUserPassword,
+  removeSession,
+  removeUserProvider,
+  requestPasswordReset,
+  resetPassword,
+  resetUserPassword,
+  setOrganizationAuth,
+  setProjectAuth,
+  setUserAuth,
+  testUserPassword,
+  updateUserProvider
+};
+//# sourceMappingURL=sessionAuth.service.mjs.map

package/dist/esm/services/sessionAuth.service.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/services/sessionAuth.service.ts"],"sourcesContent":["import { logger } from '@logger';\nimport { ResponseWithInformation } from '@middlewares/sessionAuth.middleware';\nimport {\n  Cookies,\n  getClearCookieOptions,\n  getCookieOptions,\n  MAX_AGE,\n} from '@utils/cookies';\nimport { GenericError } from '@utils/errors';\nimport { mapUserToAPI } from '@utils/mapper/user';\nimport { hash, genSalt, compare } from 'bcrypt';\nimport type { Response } from 'express';\n// @ts-ignore express-intlayer not build yet\nimport { t } from 'express-intlayer';\nimport jwt from 'jsonwebtoken';\nimport type { Document, ObjectId } from 'mongoose';\nimport { v4 as uuidv4 } from 'uuid';\n// eslint-disable-next-line import/no-cycle\nimport { getUserByEmail, getUserById, updateUserById } from './user.service';\nimport type { Organization } from '@/types/organization.types';\nimport type { Project } from '@/types/project.types';\nimport type {\n  SessionProviders,\n  EmailPasswordSessionProvider,\n  GoogleSessionProvider,\n  GithubSessionProvider,\n  Session,\n} from '@/types/session.types';\nimport type { User, UserWithPasswordNotHashed } from '@/types/user.types';\n\n/**\n * Adds a session to a user or updates the existing one.\n * @param user - User object.\n * @returns Updated user object.\n */\nexport const addSession = async (user: User): Promise<User> => {\n  const userSessionToken = uuidv4();\n\n  const session: Session = {\n    sessionToken: userSessionToken,\n    expires: new Date(Date.now() + MAX_AGE),\n  };\n\n  const updatedUser: User = await updateUserById(user._id, { session });\n\n  return updatedUser;\n};\n\nexport const removeSession = async (user: User): Promise<User> => {\n  const session = undefined;\n\n  const updatedUser: User = await updateUserById(user._id, { session });\n\n  return updatedUser;\n};\n\n/**\n * Set user auth locals object\n * @param res - Express response object.\n * @param user - User object.\n */\nexport const setUserAuth = async (res: Response, user: User) => {\n  const formattedUser = mapUserToAPI(user);\n\n  const userToken = jwt.sign(formattedUser, process.env.JWT_TOKEN_SECRET!, {\n    expiresIn: MAX_AGE,\n  });\n\n  if (!userToken) {\n    throw new GenericError('JWT_TOKEN_CREATION_FAILED_USER', { user });\n  }\n\n  const cookieOptions = getCookieOptions();\n\n  res.cookie(Cookies.JWT_USER, userToken, cookieOptions);\n\n  const userWithSession = await addSession(user);\n\n  const userSessionToken = userWithSession.session?.sessionToken;\n\n  res.cookie(Cookies.JWT_AUTH, userSessionToken, cookieOptions);\n\n  res.locals.user = user;\n  logger.info(\n    `User logged in - User: Name: ${user.name}, id: ${String(user._id)}`\n  );\n};\n\n/**\n * Clears the JWT auth cookies and user locals object.\n * @param res - Express response object.\n */\nexport const clearUserAuth = async (res: ResponseWithInformation) => {\n  const { user } = res.locals;\n  const cookiesOptions = getClearCookieOptions();\n\n  if (user) {\n    await removeSession(user);\n  }\n\n  res.cookie(Cookies.JWT_AUTH, '', cookiesOptions);\n  res.cookie(Cookies.JWT_USER, '', cookiesOptions);\n\n  res.locals.user = null;\n  res.locals.authType = null;\n};\n\n/**\n *\n * @param res\n * @param organization\n * @returns\n */\nexport const setOrganizationAuth = (\n  res: ResponseWithInformation,\n  organization: Organization\n) => {\n  const organizationData = {\n    _id: organization._id,\n    name: organization.name,\n  };\n\n  const organizationToken = jwt.sign(\n    organizationData,\n    process.env.JWT_TOKEN_SECRET!,\n    {\n      expiresIn: MAX_AGE,\n    }\n  );\n\n  if (!organizationToken) {\n    throw new GenericError('JWT_TOKEN_CREATION_FAILED_ORGANIZATION', {\n      organization,\n    });\n  }\n\n  res.cookie(Cookies.JWT_ORGANIZATION, organizationToken, getCookieOptions());\n\n  res.locals.organization = organization;\n};\n\n/**\n * Clears the JWT organization cookies and organization locals object.\n * @param res - Express response object.\n */\nexport const clearOrganizationAuth = (res: ResponseWithInformation) => {\n  res.locals.organization = null;\n\n  res.cookie(Cookies.JWT_ORGANIZATION, '', getClearCookieOptions());\n};\n\n/**\n * Set project auth locals object\n * @param res - Express response object.\n * @param project - Project object.\n */\nexport const setProjectAuth = (\n  res: ResponseWithInformation,\n  project: Project\n) => {\n  const { organization } = res.locals;\n  const projectData = {\n    _id: project._id,\n    name: project.name,\n  };\n\n  const projectToken = jwt.sign(projectData, process.env.JWT_TOKEN_SECRET!, {\n    expiresIn: MAX_AGE,\n  });\n\n  if (!projectToken) {\n    throw new GenericError('JWT_TOKEN_CREATION_FAILED_PROJECT', {\n      project,\n    });\n  }\n\n  res.cookie(Cookies.JWT_PROJECT, projectToken, getCookieOptions());\n\n  if (!organization) {\n    throw new GenericError('ORGANIZATION_NOT_FOUND', {\n      project,\n    });\n  }\n\n  if (\n    // if the project is not in the organization's projects\n    String(organization._id) !== String(project.organizationId)\n  ) {\n    throw new GenericError('JWT_TOKEN_ORGANIZATION_MISMATCH_PROJECT', {\n      project,\n    });\n  }\n\n  res.locals.project = project;\n};\n\n/**\n * Clears the JWT project cookies and project locals object.\n * @param res - Express response object.\n */\nexport const clearProjectAuth = (res: Response) => {\n  res.locals.project = null;\n\n  res.cookie(Cookies.JWT_PROJECT, '', getClearCookieOptions());\n};\n\n/**\n * Activates a user by setting the emailValidated flag to true.\n * @param user - The user object.\n * @returns\n */\nexport const activateUser = async (\n  userId: string | ObjectId,\n  secret: string\n): Promise<User> => {\n  return await updateUserProvider(userId, 'email', {\n    secret,\n  });\n};\n\n/**\n * Generates a random secret string of a specified length.\n * @param length - The length of the secret.\n * @returns The generated secret string.\n */\nexport const generateSecret = (length: number): string => {\n  const characters =\n    'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';\n  return Array.from({ length }, () =>\n    characters.charAt(Math.floor(Math.random() * characters.length))\n  ).join('');\n};\n\n/**\n * Handles a password reset request for a user.\n * @param email - The user's email.\n * @param organization - The organization associated with the user.\n * @returns The user object or null if no user was found.\n */\nexport const requestPasswordReset = async (\n  email: string\n): Promise<User | null> => {\n  const user = await getUserByEmail(email);\n\n  if (!user) {\n    throw new GenericError('USER_NOT_FOUND', { email });\n  }\n\n  return updateUserProvider(user._id as unknown as string, 'email', {\n    secret: generateSecret(35),\n  });\n};\n\n/**\n * Resets a user's password.\n * @param userId - The ID of the user.\n * @param secret - The secret token associated with the user.\n * @param newPassword - The new password to set.\n * @returns The updated user or null if the reset failed.\n */\nexport const resetUserPassword = async (\n  userId: string | ObjectId,\n  secret: string,\n  newPassword: string\n): Promise<User> => {\n  const emailAndPasswordProvider = await getUserProvider(userId, 'email');\n\n  if (!emailAndPasswordProvider) {\n    throw new GenericError('USER_PROVIDER_NOT_FOUND', { userId });\n  }\n\n  if (emailAndPasswordProvider.secret !== secret) {\n    throw new GenericError('USER_PROVIDER_SECRET_NOT_VALID', { userId });\n  }\n\n  const updatedUser: User = await updateUserProvider(userId, 'email', {\n    passwordHash: await hash(newPassword, await genSalt()),\n    secret,\n  });\n\n  return updatedUser;\n};\n\ntype UserProvider<T extends SessionProviders['provider']> = T extends 'email'\n  ? EmailPasswordSessionProvider\n  : T extends 'google'\n    ? GoogleSessionProvider\n    : T extends 'github'\n      ? GithubSessionProvider\n      : SessionProviders;\n\n/**\n * Gets a user's provider.\n * @param userId - The ID of the user.\n * @param provider - The provider to get.\n * @returns The user's provider.\n */\nexport const getUserProvider = async <T extends SessionProviders['provider']>(\n  userId: string | ObjectId,\n  provider: T,\n  providerAccountId?: string\n): Promise<UserProvider<T> | null> => {\n  const user = await getUserById(userId);\n\n  if (!user) {\n    throw new GenericError('USER_NOT_FOUND', { userId });\n  }\n\n  const userProvider = user.provider?.find(\n    (providerEl) =>\n      (providerEl.provider === provider && !providerAccountId) ||\n      (providerAccountId &&\n        (providerEl as GithubSessionProvider).providerAccountId ===\n          providerAccountId)\n  );\n\n  return (userProvider as UserProvider<T>) ?? null;\n};\n\n/**\n * Formats the given fields of a user's provider.\n * @param provider - The provider to update.\n * @param user - The user object.\n * @param providerUpdate - The updates to apply to the provider.\n * @returns The updated user provider.\n */\nexport const formatUserProviderUpdate = <\n  T extends SessionProviders['provider'],\n>(\n  provider: T,\n  user: Partial<User>,\n  providerUpdate: Partial<UserProvider<T>>\n): User['provider'] => {\n  const userProvider: SessionProviders[] = (\n    user.provider as unknown as Document\n  ).toObject();\n  const userProviderToUpdate = userProvider?.find(\n    (providerEl) => providerEl.provider === provider\n  );\n\n  let updatedProvider: User['provider'];\n\n  if (userProviderToUpdate) {\n    const otherProviders =\n      user.provider?.filter((p) => p.provider !== provider) ?? [];\n\n    updatedProvider = [\n      ...otherProviders,\n      { ...userProviderToUpdate, ...providerUpdate, provider },\n    ];\n  } else {\n    updatedProvider = [\n      ...(user.provider ?? []),\n      { ...providerUpdate, provider } as SessionProviders,\n    ];\n  }\n\n  return updatedProvider;\n};\n\n/**\n * Updates the given fields of a user's provider.\n * @param userId - The ID of the user.\n * @param provider - The provider to update.\n * @param providerUpdate - The updates to apply to the provider.\n * @returns The updated user.\n */\nexport const updateUserProvider = async <\n  T extends SessionProviders['provider'],\n>(\n  userId: string | ObjectId,\n  provider: T,\n  providerUpdate: Partial<UserProvider<T>>\n): Promise<User> => {\n  const user = await getUserById(userId);\n\n  if (!user) {\n    throw new GenericError('USER_NOT_FOUND', { userId });\n  }\n\n  const formattedProviderToUpdate = formatUserProviderUpdate(\n    provider,\n    user,\n    providerUpdate\n  );\n\n  const updatedUser: User = await updateUserById(userId, {\n    provider: formattedProviderToUpdate,\n  });\n\n  logger.info(\n    `User provider updated - User: Name: ${updatedUser.name}, id: ${String(updatedUser._id)} - Provider: ${provider}`\n  );\n\n  return updatedUser;\n};\n\n/**\n * Updates the given fields of a user's provider.\n * @param userId - The ID of the user.\n * @param provider - The updates to apply to the provider.\n * @returns The updated user.\n */\nexport const addUserProvider = async (\n  userId: string | ObjectId,\n  provider: SessionProviders\n): Promise<User> => {\n  const user = await getUserById(userId);\n\n  if (!user) {\n    throw new GenericError('USER_NOT_FOUND', { userId });\n  }\n\n  const existingProvider = await getUserProvider(userId, provider.provider);\n\n  if (existingProvider) {\n    throw new GenericError('USER_PROVIDER_ALREADY_EXISTS', {\n      userId,\n      provider,\n    });\n  }\n\n  const updatedProvider = [...(user.provider ?? []), provider];\n\n  const updatedUser = await updateUserById(userId, {\n    provider: updatedProvider,\n  });\n\n  logger.info(\n    `User provider added - User: Name: ${updatedUser.name}, id: ${String(updatedUser._id)} - Provider: ${provider.provider}`\n  );\n\n  return updatedUser;\n};\n\n/**\n * Removes a user's provider.\n * @param userId - The ID of the user.\n * @param provider - The provider to remove.\n * @returns The updated user.\n */\nexport const removeUserProvider = async (\n  userId: string | ObjectId,\n  provider: SessionProviders['provider'],\n  providerAccountId?: string\n) => {\n  const user = await getUserById(userId);\n\n  if (!user) {\n    throw new GenericError('USER_NOT_FOUND', { userId });\n  }\n\n  const existingProvider = await getUserProvider(\n    userId,\n    provider,\n    providerAccountId\n  );\n\n  if (!existingProvider) {\n    throw new GenericError('USER_PROVIDER_NOT_FOUND', {\n      userId,\n      provider,\n    });\n  }\n\n  const updatedProvider = user.provider?.filter(\n    (p) =>\n      p.provider !== provider &&\n      (!providerAccountId ||\n        (providerAccountId &&\n          (p as GithubSessionProvider).providerAccountId !== providerAccountId))\n  );\n\n  return await updateUserById(userId, {\n    provider: updatedProvider,\n  });\n};\n\ntype TestUserPasswordResult = { user: User | null; error?: string };\n\n/**\n * Logs in a user.\n * @param email - The user's email.\n * @param password - The user's password.\n * @returns The user object.\n */\nexport const testUserPassword = async (\n  email: string,\n  password: string\n): Promise<TestUserPasswordResult> => {\n  const user = await getUserByEmail(email);\n\n  if (!user) {\n    const errorMessages = {\n      en: `User not found - ${email}`,\n      fr: `Utilisateur non trouvé - ${email}`,\n      es: `Usuario no encontrado - ${email}`,\n    };\n\n    return { user: null, error: t(errorMessages) };\n  }\n\n  const userEmailPasswordProvider = user.provider?.find(\n    (provider) => provider.provider === 'email'\n  );\n\n  if (!userEmailPasswordProvider?.passwordHash) {\n    const errorMessages = {\n      en: `User request to login but no password defined: ${user.email}`,\n      fr: `Demande de connexion d'utilisateur mais pas de mot de passe défini : ${user.email}`,\n      es: `Solicitud de inicio de sesión de usuario pero no se define la contraseña : ${user.email}`,\n    };\n\n    return { user: null, error: t(errorMessages) };\n  }\n\n  const isMatch = await compare(\n    password,\n    userEmailPasswordProvider.passwordHash\n  );\n\n  if (!isMatch) {\n    const errorMessages = {\n      en: `Incorrect email or password: ${email}`,\n      fr: `Email ou mot de passe incorrect : ${email}`,\n      es: `Correo electrónico o contraseña incorrecta : ${email}`,\n    };\n\n    logger.error(errorMessages.en);\n\n    // Await a random time to prevent brute force attacks\n    const randomNumber = Math.floor(Math.random() * 1000) + 1000;\n    await new Promise((resolve) => setTimeout(resolve, randomNumber));\n\n    return { user: null, error: t(errorMessages) };\n  }\n\n  return { user };\n};\n\n/**\n * Hashes a user's password.\n * @param userWithPasswordNotHashed - The user object with password not hashed.\n * @returns The user object with hashed password.\n */\nexport const hashUserPassword = async (\n  userWithPasswordNotHashed: UserWithPasswordNotHashed\n): Promise<Partial<User>> => {\n  const { password, ...user } = userWithPasswordNotHashed;\n\n  if (!password) {\n    throw new GenericError('USER_PASSWORD_NOT_DEFINED', { user });\n  }\n\n  const userProvider = formatUserProviderUpdate('email', user, {\n    passwordHash: await hash(password, await genSalt()),\n    secret: generateSecret(35),\n  });\n\n  return { ...user, provider: userProvider };\n};\n\n/**\n * Changes a user's password.\n * @param userId - The ID of the user.\n * @param oldPassword - The user's old password.\n * @param newPassword - The user's new password.\n * @returns The updated user or null if the password change failed.\n */\nexport const changeUserPassword = async (\n  userId: string | ObjectId,\n  oldPassword: string,\n  newPassword: string\n) => {\n  const user = await getUserById(userId);\n\n  if (!user) {\n    throw new GenericError('USER_NOT_FOUND', { userId });\n  }\n\n  const { email } = user;\n\n  await testUserPassword(email, oldPassword);\n\n  const updatedUser: User = await updateUserProvider(userId, 'email', {\n    passwordHash: await hash(newPassword, await genSalt()),\n  });\n\n  return updatedUser;\n};\n\n/**\n * Resets a user's password.\n * @param userId - The ID of the user.\n * @param secret - The secret token associated with the user.\n * @param newPassword - The new password to set.\n * @returns The updated user or null if the reset failed.\n */\nexport const resetPassword = async (userId: string, password: string) => {\n  const user = await getUserById(userId);\n\n  if (!user) {\n    throw new GenericError('USER_NOT_FOUND', { userId });\n  }\n\n  const updatedUser: User = await updateUserProvider(userId, 'email', {\n    passwordHash: await hash(password, await genSalt()),\n  });\n\n  return updatedUser;\n};\n"],"mappings":"AAAA,SAAS,cAAc;AAEvB;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,oBAAoB;AAC7B,SAAS,oBAAoB;AAC7B,SAAS,MAAM,SAAS,eAAe;AAGvC,SAAS,SAAS;AAClB,OAAO,SAAS;AAEhB,SAAS,MAAM,cAAc;AAE7B,SAAS,gBAAgB,aAAa,sBAAsB;AAiBrD,MAAM,aAAa,OAAO,SAA8B;AAC7D,QAAM,mBAAmB,OAAO;AAEhC,QAAM,UAAmB;AAAA,IACvB,cAAc;AAAA,IACd,SAAS,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO;AAAA,EACxC;AAEA,QAAM,cAAoB,MAAM,eAAe,KAAK,KAAK,EAAE,QAAQ,CAAC;AAEpE,SAAO;AACT;AAEO,MAAM,gBAAgB,OAAO,SAA8B;AAChE,QAAM,UAAU;AAEhB,QAAM,cAAoB,MAAM,eAAe,KAAK,KAAK,EAAE,QAAQ,CAAC;AAEpE,SAAO;AACT;AAOO,MAAM,cAAc,OAAO,KAAe,SAAe;AAC9D,QAAM,gBAAgB,aAAa,IAAI;AAEvC,QAAM,YAAY,IAAI,KAAK,eAAe,QAAQ,IAAI,kBAAmB;AAAA,IACvE,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,aAAa,kCAAkC,EAAE,KAAK,CAAC;AAAA,EACnE;AAEA,QAAM,gBAAgB,iBAAiB;AAEvC,MAAI,OAAO,QAAQ,UAAU,WAAW,aAAa;AAErD,QAAM,kBAAkB,MAAM,WAAW,IAAI;AAE7C,QAAM,mBAAmB,gBAAgB,SAAS;AAElD,MAAI,OAAO,QAAQ,UAAU,kBAAkB,aAAa;AAE5D,MAAI,OAAO,OAAO;AAClB,SAAO;AAAA,IACL,gCAAgC,KAAK,IAAI,SAAS,OAAO,KAAK,GAAG,CAAC;AAAA,EACpE;AACF;AAMO,MAAM,gBAAgB,OAAO,QAAiC;AACnE,QAAM,EAAE,KAAK,IAAI,IAAI;AACrB,QAAM,iBAAiB,sBAAsB;AAE7C,MAAI,MAAM;AACR,UAAM,cAAc,IAAI;AAAA,EAC1B;AAEA,MAAI,OAAO,QAAQ,UAAU,IAAI,cAAc;AAC/C,MAAI,OAAO,QAAQ,UAAU,IAAI,cAAc;AAE/C,MAAI,OAAO,OAAO;AAClB,MAAI,OAAO,WAAW;AACxB;AAQO,MAAM,sBAAsB,CACjC,KACA,iBACG;AACH,QAAM,mBAAmB;AAAA,IACvB,KAAK,aAAa;AAAA,IAClB,MAAM,aAAa;AAAA,EACrB;AAEA,QAAM,oBAAoB,IAAI;AAAA,IAC5B;AAAA,IACA,QAAQ,IAAI;AAAA,IACZ;AAAA,MACE,WAAW;AAAA,IACb;AAAA,EACF;AAEA,MAAI,CAAC,mBAAmB;AACtB,UAAM,IAAI,aAAa,0CAA0C;AAAA,MAC/D;AAAA,IACF,CAAC;AAAA,EACH;AAEA,MAAI,OAAO,QAAQ,kBAAkB,mBAAmB,iBAAiB,CAAC;AAE1E,MAAI,OAAO,eAAe;AAC5B;AAMO,MAAM,wBAAwB,CAAC,QAAiC;AACrE,MAAI,OAAO,eAAe;AAE1B,MAAI,OAAO,QAAQ,kBAAkB,IAAI,sBAAsB,CAAC;AAClE;AAOO,MAAM,iBAAiB,CAC5B,KACA,YACG;AACH,QAAM,EAAE,aAAa,IAAI,IAAI;AAC7B,QAAM,cAAc;AAAA,IAClB,KAAK,QAAQ;AAAA,IACb,MAAM,QAAQ;AAAA,EAChB;AAEA,QAAM,eAAe,IAAI,KAAK,aAAa,QAAQ,IAAI,kBAAmB;AAAA,IACxE,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,cAAc;AACjB,UAAM,IAAI,aAAa,qCAAqC;AAAA,MAC1D;AAAA,IACF,CAAC;AAAA,EACH;AAEA,MAAI,OAAO,QAAQ,aAAa,cAAc,iBAAiB,CAAC;AAEhE,MAAI,CAAC,cAAc;AACjB,UAAM,IAAI,aAAa,0BAA0B;AAAA,MAC/C;AAAA,IACF,CAAC;AAAA,EACH;AAEA;AAAA;AAAA,IAEE,OAAO,aAAa,GAAG,MAAM,OAAO,QAAQ,cAAc;AAAA,IAC1D;AACA,UAAM,IAAI,aAAa,2CAA2C;AAAA,MAChE;AAAA,IACF,CAAC;AAAA,EACH;AAEA,MAAI,OAAO,UAAU;AACvB;AAMO,MAAM,mBAAmB,CAAC,QAAkB;AACjD,MAAI,OAAO,UAAU;AAErB,MAAI,OAAO,QAAQ,aAAa,IAAI,sBAAsB,CAAC;AAC7D;AAOO,MAAM,eAAe,OAC1B,QACA,WACkB;AAClB,SAAO,MAAM,mBAAmB,QAAQ,SAAS;AAAA,IAC/C;AAAA,EACF,CAAC;AACH;AAOO,MAAM,iBAAiB,CAAC,WAA2B;AACxD,QAAM,aACJ;AACF,SAAO,MAAM;AAAA,IAAK,EAAE,OAAO;AAAA,IAAG,MAC5B,WAAW,OAAO,KAAK,MAAM,KAAK,OAAO,IAAI,WAAW,MAAM,CAAC;AAAA,EACjE,EAAE,KAAK,EAAE;AACX;AAQO,MAAM,uBAAuB,OAClC,UACyB;AACzB,QAAM,OAAO,MAAM,eAAe,KAAK;AAEvC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,aAAa,kBAAkB,EAAE,MAAM,CAAC;AAAA,EACpD;AAEA,SAAO,mBAAmB,KAAK,KAA0B,SAAS;AAAA,IAChE,QAAQ,eAAe,EAAE;AAAA,EAC3B,CAAC;AACH;AASO,MAAM,oBAAoB,OAC/B,QACA,QACA,gBACkB;AAClB,QAAM,2BAA2B,MAAM,gBAAgB,QAAQ,OAAO;AAEtE,MAAI,CAAC,0BAA0B;AAC7B,UAAM,IAAI,aAAa,2BAA2B,EAAE,OAAO,CAAC;AAAA,EAC9D;AAEA,MAAI,yBAAyB,WAAW,QAAQ;AAC9C,UAAM,IAAI,aAAa,kCAAkC,EAAE,OAAO,CAAC;AAAA,EACrE;AAEA,QAAM,cAAoB,MAAM,mBAAmB,QAAQ,SAAS;AAAA,IAClE,cAAc,MAAM,KAAK,aAAa,MAAM,QAAQ,CAAC;AAAA,IACrD;AAAA,EACF,CAAC;AAED,SAAO;AACT;AAgBO,MAAM,kBAAkB,OAC7B,QACA,UACA,sBACoC;AACpC,QAAM,OAAO,MAAM,YAAY,MAAM;AAErC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,aAAa,kBAAkB,EAAE,OAAO,CAAC;AAAA,EACrD;AAEA,QAAM,eAAe,KAAK,UAAU;AAAA,IAClC,CAAC,eACE,WAAW,aAAa,YAAY,CAAC,qBACrC,qBACE,WAAqC,sBACpC;AAAA,EACR;AAEA,SAAQ,gBAAoC;AAC9C;AASO,MAAM,2BAA2B,CAGtC,UACA,MACA,mBACqB;AACrB,QAAM,eACJ,KAAK,SACL,SAAS;AACX,QAAM,uBAAuB,cAAc;AAAA,IACzC,CAAC,eAAe,WAAW,aAAa;AAAA,EAC1C;AAEA,MAAI;AAEJ,MAAI,sBAAsB;AACxB,UAAM,iBACJ,KAAK,UAAU,OAAO,CAAC,MAAM,EAAE,aAAa,QAAQ,KAAK,CAAC;AAE5D,sBAAkB;AAAA,MAChB,GAAG;AAAA,MACH,EAAE,GAAG,sBAAsB,GAAG,gBAAgB,SAAS;AAAA,IACzD;AAAA,EACF,OAAO;AACL,sBAAkB;AAAA,MAChB,GAAI,KAAK,YAAY,CAAC;AAAA,MACtB,EAAE,GAAG,gBAAgB,SAAS;AAAA,IAChC;AAAA,EACF;AAEA,SAAO;AACT;AASO,MAAM,qBAAqB,OAGhC,QACA,UACA,mBACkB;AAClB,QAAM,OAAO,MAAM,YAAY,MAAM;AAErC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,aAAa,kBAAkB,EAAE,OAAO,CAAC;AAAA,EACrD;AAEA,QAAM,4BAA4B;AAAA,IAChC;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,cAAoB,MAAM,eAAe,QAAQ;AAAA,IACrD,UAAU;AAAA,EACZ,CAAC;AAED,SAAO;AAAA,IACL,uCAAuC,YAAY,IAAI,SAAS,OAAO,YAAY,GAAG,CAAC,gBAAgB,QAAQ;AAAA,EACjH;AAEA,SAAO;AACT;AAQO,MAAM,kBAAkB,OAC7B,QACA,aACkB;AAClB,QAAM,OAAO,MAAM,YAAY,MAAM;AAErC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,aAAa,kBAAkB,EAAE,OAAO,CAAC;AAAA,EACrD;AAEA,QAAM,mBAAmB,MAAM,gBAAgB,QAAQ,SAAS,QAAQ;AAExE,MAAI,kBAAkB;AACpB,UAAM,IAAI,aAAa,gCAAgC;AAAA,MACrD;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AAEA,QAAM,kBAAkB,CAAC,GAAI,KAAK,YAAY,CAAC,GAAI,QAAQ;AAE3D,QAAM,cAAc,MAAM,eAAe,QAAQ;AAAA,IAC/C,UAAU;AAAA,EACZ,CAAC;AAED,SAAO;AAAA,IACL,qCAAqC,YAAY,IAAI,SAAS,OAAO,YAAY,GAAG,CAAC,gBAAgB,SAAS,QAAQ;AAAA,EACxH;AAEA,SAAO;AACT;AAQO,MAAM,qBAAqB,OAChC,QACA,UACA,sBACG;AACH,QAAM,OAAO,MAAM,YAAY,MAAM;AAErC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,aAAa,kBAAkB,EAAE,OAAO,CAAC;AAAA,EACrD;AAEA,QAAM,mBAAmB,MAAM;AAAA,IAC7B;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,MAAI,CAAC,kBAAkB;AACrB,UAAM,IAAI,aAAa,2BAA2B;AAAA,MAChD;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AAEA,QAAM,kBAAkB,KAAK,UAAU;AAAA,IACrC,CAAC,MACC,EAAE,aAAa,aACd,CAAC,qBACC,qBACE,EAA4B,sBAAsB;AAAA,EAC3D;AAEA,SAAO,MAAM,eAAe,QAAQ;AAAA,IAClC,UAAU;AAAA,EACZ,CAAC;AACH;AAUO,MAAM,mBAAmB,OAC9B,OACA,aACoC;AACpC,QAAM,OAAO,MAAM,eAAe,KAAK;AAEvC,MAAI,CAAC,MAAM;AACT,UAAM,gBAAgB;AAAA,MACpB,IAAI,oBAAoB,KAAK;AAAA,MAC7B,IAAI,+BAA4B,KAAK;AAAA,MACrC,IAAI,2BAA2B,KAAK;AAAA,IACtC;AAEA,WAAO,EAAE,MAAM,MAAM,OAAO,EAAE,aAAa,EAAE;AAAA,EAC/C;AAEA,QAAM,4BAA4B,KAAK,UAAU;AAAA,IAC/C,CAAC,aAAa,SAAS,aAAa;AAAA,EACtC;AAEA,MAAI,CAAC,2BAA2B,cAAc;AAC5C,UAAM,gBAAgB;AAAA,MACpB,IAAI,kDAAkD,KAAK,KAAK;AAAA,MAChE,IAAI,2EAAwE,KAAK,KAAK;AAAA,MACtF,IAAI,oFAA8E,KAAK,KAAK;AAAA,IAC9F;AAEA,WAAO,EAAE,MAAM,MAAM,OAAO,EAAE,aAAa,EAAE;AAAA,EAC/C;AAEA,QAAM,UAAU,MAAM;AAAA,IACpB;AAAA,IACA,0BAA0B;AAAA,EAC5B;AAEA,MAAI,CAAC,SAAS;AACZ,UAAM,gBAAgB;AAAA,MACpB,IAAI,gCAAgC,KAAK;AAAA,MACzC,IAAI,qCAAqC,KAAK;AAAA,MAC9C,IAAI,sDAAgD,KAAK;AAAA,IAC3D;AAEA,WAAO,MAAM,cAAc,EAAE;AAG7B,UAAM,eAAe,KAAK,MAAM,KAAK,OAAO,IAAI,GAAI,IAAI;AACxD,UAAM,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,YAAY,CAAC;AAEhE,WAAO,EAAE,MAAM,MAAM,OAAO,EAAE,aAAa,EAAE;AAAA,EAC/C;AAEA,SAAO,EAAE,KAAK;AAChB;AAOO,MAAM,mBAAmB,OAC9B,8BAC2B;AAC3B,QAAM,EAAE,UAAU,GAAG,KAAK,IAAI;AAE9B,MAAI,CAAC,UAAU;AACb,UAAM,IAAI,aAAa,6BAA6B,EAAE,KAAK,CAAC;AAAA,EAC9D;AAEA,QAAM,eAAe,yBAAyB,SAAS,MAAM;AAAA,IAC3D,cAAc,MAAM,KAAK,UAAU,MAAM,QAAQ,CAAC;AAAA,IAClD,QAAQ,eAAe,EAAE;AAAA,EAC3B,CAAC;AAED,SAAO,EAAE,GAAG,MAAM,UAAU,aAAa;AAC3C;AASO,MAAM,qBAAqB,OAChC,QACA,aACA,gBACG;AACH,QAAM,OAAO,MAAM,YAAY,MAAM;AAErC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,aAAa,kBAAkB,EAAE,OAAO,CAAC;AAAA,EACrD;AAEA,QAAM,EAAE,MAAM,IAAI;AAElB,QAAM,iBAAiB,OAAO,WAAW;AAEzC,QAAM,cAAoB,MAAM,mBAAmB,QAAQ,SAAS;AAAA,IAClE,cAAc,MAAM,KAAK,aAAa,MAAM,QAAQ,CAAC;AAAA,EACvD,CAAC;AAED,SAAO;AACT;AASO,MAAM,gBAAgB,OAAO,QAAgB,aAAqB;AACvE,QAAM,OAAO,MAAM,YAAY,MAAM;AAErC,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,aAAa,kBAAkB,EAAE,OAAO,CAAC;AAAA,EACrD;AAEA,QAAM,cAAoB,MAAM,mBAAmB,QAAQ,SAAS;AAAA,IAClE,cAAc,MAAM,KAAK,UAAU,MAAM,QAAQ,CAAC;AAAA,EACpD,CAAC;AAED,SAAO;AACT;","names":[]}

package/dist/esm/services/user.service.mjs

@@ -0,0 +1,122 @@
+import { UserModel } from './../models/user.model.mjs';
+import { GenericError } from './../utils/errors/index.mjs';
+import {
+  validateUser
+} from './../utils/validation/validateUser.mjs';
+import { hashUserPassword } from './sessionAuth.service.mjs';
+const createUser = async (user) => {
+  const fieldsToCheck = ["email"];
+  const errors = validateUser(user, fieldsToCheck);
+  if (Object.keys(errors).length > 0) {
+    throw new GenericError("USER_INVALID_FIELDS", {
+      userEmail: user.email,
+      errors
+    });
+  }
+  let newUser;
+  if (user.password) {
+    const userWithHashedPassword = await hashUserPassword(user);
+    newUser = await UserModel.create(userWithHashedPassword);
+  } else {
+    newUser = await UserModel.create(user);
+  }
+  if (!newUser) {
+    throw new GenericError("USER_CREATION_FAILED", { userEmail: user.email });
+  }
+  return newUser;
+};
+const getUserByEmail = async (email) => {
+  return await UserModel.findOne({ email });
+};
+const getUsersByEmails = async (emails) => {
+  return await UserModel.find({ email: { $in: emails } });
+};
+const checkUserExists = async (email) => {
+  const user = await UserModel.exists({ email });
+  return user !== null;
+};
+const getUserById = async (userId) => {
+  return await UserModel.findById(userId);
+};
+const getUsersByIds = async (userIds) => {
+  return await UserModel.find({ _id: { $in: userIds } });
+};
+const getUserBySession = async (sessionToken) => {
+  const user = await UserModel.findOne({
+    "session.sessionToken": sessionToken
+  });
+  if (!user) {
+    throw new GenericError("USER_NOT_FOUND", { sessionToken });
+  }
+  if (user.session?.expires && user.session.expires < /* @__PURE__ */ new Date()) {
+    throw new GenericError("USER_SESSION_EXPIRED", {
+      sessionToken,
+      userId: user.id
+    });
+  }
+  return user;
+};
+const getUserByAccount = async (provider, providerAccountId) => {
+  const user = await UserModel.findOne({
+    provider: [{ provider, providerAccountId }]
+  });
+  if (!user) {
+    throw new GenericError("USER_NOT_FOUND", {
+      provider,
+      providerAccountId
+    });
+  }
+  return user;
+};
+const findUsers = async (filters, skip, limit) => {
+  return await UserModel.find(filters).skip(skip).limit(limit);
+};
+const countUsers = async (filters) => {
+  const count = await UserModel.countDocuments(filters);
+  if (typeof count === "undefined") {
+    throw new GenericError("USER_COUNT_FAILED");
+  }
+  return count;
+};
+const updateUserById = async (userId, updates) => {
+  const keyToValidate = Object.keys(updates);
+  const errors = validateUser(updates, keyToValidate);
+  if (Object.keys(errors).length > 0) {
+    throw new GenericError("USER_INVALID_FIELDS", {
+      userId,
+      errors
+    });
+  }
+  const result = await UserModel.updateOne({ _id: userId }, { $set: updates });
+  if (result.matchedCount === 0) {
+    throw new GenericError("USER_UPDATE_FAILED", { userId });
+  }
+  const updatedUser = await UserModel.findById(userId);
+  if (!updatedUser) {
+    throw new GenericError("USER_UPDATED_USER_NOT_FOUND", { userId });
+  }
+  return updatedUser;
+};
+const deleteUser = async (userId) => {
+  await getUserById(userId);
+  const user = await UserModel.findByIdAndDelete(userId);
+  if (!user) {
+    throw new GenericError("USER_NOT_FOUND", { userId });
+  }
+  return user;
+};
+export {
+  checkUserExists,
+  countUsers,
+  createUser,
+  deleteUser,
+  findUsers,
+  getUserByAccount,
+  getUserByEmail,
+  getUserById,
+  getUserBySession,
+  getUsersByEmails,
+  getUsersByIds,
+  updateUserById
+};
+//# sourceMappingURL=user.service.mjs.map

package/dist/esm/services/user.service.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/services/user.service.ts"],"sourcesContent":["import { UserModel } from '@models/user.model';\nimport { GenericError } from '@utils/errors';\nimport type { UserFilters } from '@utils/filtersAndPagination/getUserFiltersAndPagination';\nimport {\n  type FieldsToCheck,\n  type UserFields,\n  validateUser,\n} from '@utils/validation/validateUser';\nimport type { ObjectId } from 'mongoose';\n// eslint-disable-next-line import/no-cycle\nimport { hashUserPassword } from './sessionAuth.service';\nimport type { SessionProviders } from '@/types/session.types';\nimport type {\n  User,\n  UserAPI,\n  UserDocument,\n  UserWithPasswordNotHashed,\n} from '@/types/user.types';\n\n/**\n * Creates a new user with password in the database and hashes the password.\n * @param user - User object with password not hashed.\n * @returns Created user object.\n */\nexport const createUser = async (user: UserWithPasswordNotHashed) => {\n  const fieldsToCheck: FieldsToCheck[] = ['email'];\n\n  const errors = validateUser(user, fieldsToCheck);\n\n  if (Object.keys(errors).length > 0) {\n    throw new GenericError('USER_INVALID_FIELDS', {\n      userEmail: user.email,\n      errors,\n    });\n  }\n\n  let newUser: User;\n\n  if (user.password) {\n    const userWithHashedPassword = await hashUserPassword(user);\n\n    newUser = await UserModel.create(userWithHashedPassword);\n  } else {\n    newUser = await UserModel.create(user);\n  }\n\n  if (!newUser) {\n    throw new GenericError('USER_CREATION_FAILED', { userEmail: user.email });\n  }\n\n  return newUser;\n};\n\n/**\n * Retrieves a user by email.\n * @param email - User's email.\n * @returns User object or null if no user was found.\n */\nexport const getUserByEmail = async (email: string): Promise<User | null> => {\n  return await UserModel.findOne({ email });\n};\n\n/**\n * Retrieves users list by email.\n * @param emails - Users email.\n * @returns User object or null if no user was found.\n */\nexport const getUsersByEmails = async (\n  emails: string[]\n): Promise<User[] | null> => {\n  return await UserModel.find({ email: { $in: emails } });\n};\n\n/**\n * Checks if a user exists by email.\n * @param email - User's email.\n * @returns True if the user exists, false otherwise.\n */\nexport const checkUserExists = async (email: string) => {\n  const user = await UserModel.exists({ email });\n  return user !== null;\n};\n\n/**\n * Retrieves a user by ID.\n * @param userId - User's ID.\n * @returns User object or null if no user was found.\n */\nexport const getUserById = async (\n  userId: string | ObjectId\n): Promise<User | null> => {\n  return await UserModel.findById(userId);\n};\n\n/**\n * Retrieves a user by ID.\n * @param userId - User's ID.\n * @returns User object or null if no user was found.\n */\nexport const getUsersByIds = async (\n  userIds: (string | ObjectId)[]\n): Promise<User[] | null> => {\n  return await UserModel.find({ _id: { $in: userIds } });\n};\n\n/**\n * Retrieves a user by session token.\n * @param sessionToken - The session token.\n * @returns User object or null if no user was found.\n */\nexport const getUserBySession = async (sessionToken: string) => {\n  // Get an user by session token and check if it expired\n  const user = await UserModel.findOne({\n    'session.sessionToken': sessionToken,\n  });\n\n  if (!user) {\n    throw new GenericError('USER_NOT_FOUND', { sessionToken });\n  }\n\n  if (user.session?.expires && user.session.expires < new Date()) {\n    throw new GenericError('USER_SESSION_EXPIRED', {\n      sessionToken,\n      userId: user.id,\n    });\n  }\n\n  return user;\n};\n\n/**\n * Retrieves a user by account.\n * @param provider - The provider of the account.\n * @param providerAccountId - The provider account ID.\n * @returns User object or null if no user was found.\n */\nexport const getUserByAccount = async (\n  provider: SessionProviders['provider'],\n  providerAccountId: string\n): Promise<User> => {\n  const user = await UserModel.findOne({\n    provider: [{ provider, providerAccountId }],\n  });\n\n  if (!user) {\n    throw new GenericError('USER_NOT_FOUND', {\n      provider,\n      providerAccountId,\n    });\n  }\n\n  return user;\n};\n\n/**\n * Finds users based on filters and pagination options.\n * @param filters - MongoDB filter query.\n * @param skip - Number of documents to skip.\n * @param limit - Number of documents to limit.\n * @returns List of users matching the filters.\n */\nexport const findUsers = async (\n  filters: UserFilters,\n  skip: number,\n  limit: number\n): Promise<User[]> => {\n  return await UserModel.find(filters).skip(skip).limit(limit);\n};\n\n/**\n * Counts the total number of users that match the filters.\n * @param filters - MongoDB filter query.\n * @returns Total number of users.\n */\nexport const countUsers = async (filters: UserFilters): Promise<number> => {\n  const count = await UserModel.countDocuments(filters);\n\n  if (typeof count === 'undefined') {\n    throw new GenericError('USER_COUNT_FAILED');\n  }\n\n  return count;\n};\n\n/**\n * Updates a user's information.\n * @param user - The user object.\n * @param updates - The updates to apply to the user.\n * @returns The updated user.\n */\nexport const updateUserById = async (\n  userId: string | ObjectId,\n  updates: Partial<User>\n): Promise<User> => {\n  const keyToValidate = Object.keys(updates) as UserFields;\n  const errors = validateUser(updates, keyToValidate);\n\n  if (Object.keys(errors).length > 0) {\n    throw new GenericError('USER_INVALID_FIELDS', {\n      userId,\n      errors,\n    });\n  }\n\n  const result = await UserModel.updateOne({ _id: userId }, { $set: updates });\n\n  if (result.matchedCount === 0) {\n    throw new GenericError('USER_UPDATE_FAILED', { userId });\n  }\n\n  const updatedUser = await UserModel.findById(userId);\n\n  if (!updatedUser) {\n    throw new GenericError('USER_UPDATED_USER_NOT_FOUND', { userId });\n  }\n\n  return updatedUser;\n};\n\n/**\n * Deletes a user from the database.\n * @param userId - The user object.\n * @returns\n */\nexport const deleteUser = async (userId: string | ObjectId) => {\n  await getUserById(userId);\n\n  const user = await UserModel.findByIdAndDelete(userId);\n\n  if (!user) {\n    throw new GenericError('USER_NOT_FOUND', { userId });\n  }\n\n  return user;\n};\n"],"mappings":"AAAA,SAAS,iBAAiB;AAC1B,SAAS,oBAAoB;AAE7B;AAAA,EAGE;AAAA,OACK;AAGP,SAAS,wBAAwB;AAc1B,MAAM,aAAa,OAAO,SAAoC;AACnE,QAAM,gBAAiC,CAAC,OAAO;AAE/C,QAAM,SAAS,aAAa,MAAM,aAAa;AAE/C,MAAI,OAAO,KAAK,MAAM,EAAE,SAAS,GAAG;AAClC,UAAM,IAAI,aAAa,uBAAuB;AAAA,MAC5C,WAAW,KAAK;AAAA,MAChB;AAAA,IACF,CAAC;AAAA,EACH;AAEA,MAAI;AAEJ,MAAI,KAAK,UAAU;AACjB,UAAM,yBAAyB,MAAM,iBAAiB,IAAI;AAE1D,cAAU,MAAM,UAAU,OAAO,sBAAsB;AAAA,EACzD,OAAO;AACL,cAAU,MAAM,UAAU,OAAO,IAAI;AAAA,EACvC;AAEA,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,aAAa,wBAAwB,EAAE,WAAW,KAAK,MAAM,CAAC;AAAA,EAC1E;AAEA,SAAO;AACT;AAOO,MAAM,iBAAiB,OAAO,UAAwC;AAC3E,SAAO,MAAM,UAAU,QAAQ,EAAE,MAAM,CAAC;AAC1C;AAOO,MAAM,mBAAmB,OAC9B,WAC2B;AAC3B,SAAO,MAAM,UAAU,KAAK,EAAE,OAAO,EAAE,KAAK,OAAO,EAAE,CAAC;AACxD;AAOO,MAAM,kBAAkB,OAAO,UAAkB;AACtD,QAAM,OAAO,MAAM,UAAU,OAAO,EAAE,MAAM,CAAC;AAC7C,SAAO,SAAS;AAClB;AAOO,MAAM,cAAc,OACzB,WACyB;AACzB,SAAO,MAAM,UAAU,SAAS,MAAM;AACxC;AAOO,MAAM,gBAAgB,OAC3B,YAC2B;AAC3B,SAAO,MAAM,UAAU,KAAK,EAAE,KAAK,EAAE,KAAK,QAAQ,EAAE,CAAC;AACvD;AAOO,MAAM,mBAAmB,OAAO,iBAAyB;AAE9D,QAAM,OAAO,MAAM,UAAU,QAAQ;AAAA,IACnC,wBAAwB;AAAA,EAC1B,CAAC;AAED,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,aAAa,kBAAkB,EAAE,aAAa,CAAC;AAAA,EAC3D;AAEA,MAAI,KAAK,SAAS,WAAW,KAAK,QAAQ,UAAU,oBAAI,KAAK,GAAG;AAC9D,UAAM,IAAI,aAAa,wBAAwB;AAAA,MAC7C;AAAA,MACA,QAAQ,KAAK;AAAA,IACf,CAAC;AAAA,EACH;AAEA,SAAO;AACT;AAQO,MAAM,mBAAmB,OAC9B,UACA,sBACkB;AAClB,QAAM,OAAO,MAAM,UAAU,QAAQ;AAAA,IACnC,UAAU,CAAC,EAAE,UAAU,kBAAkB,CAAC;AAAA,EAC5C,CAAC;AAED,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,aAAa,kBAAkB;AAAA,MACvC;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AAEA,SAAO;AACT;AASO,MAAM,YAAY,OACvB,SACA,MACA,UACoB;AACpB,SAAO,MAAM,UAAU,KAAK,OAAO,EAAE,KAAK,IAAI,EAAE,MAAM,KAAK;AAC7D;AAOO,MAAM,aAAa,OAAO,YAA0C;AACzE,QAAM,QAAQ,MAAM,UAAU,eAAe,OAAO;AAEpD,MAAI,OAAO,UAAU,aAAa;AAChC,UAAM,IAAI,aAAa,mBAAmB;AAAA,EAC5C;AAEA,SAAO;AACT;AAQO,MAAM,iBAAiB,OAC5B,QACA,YACkB;AAClB,QAAM,gBAAgB,OAAO,KAAK,OAAO;AACzC,QAAM,SAAS,aAAa,SAAS,aAAa;AAElD,MAAI,OAAO,KAAK,MAAM,EAAE,SAAS,GAAG;AAClC,UAAM,IAAI,aAAa,uBAAuB;AAAA,MAC5C;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AAEA,QAAM,SAAS,MAAM,UAAU,UAAU,EAAE,KAAK,OAAO,GAAG,EAAE,MAAM,QAAQ,CAAC;AAE3E,MAAI,OAAO,iBAAiB,GAAG;AAC7B,UAAM,IAAI,aAAa,sBAAsB,EAAE,OAAO,CAAC;AAAA,EACzD;AAEA,QAAM,cAAc,MAAM,UAAU,SAAS,MAAM;AAEnD,MAAI,CAAC,aAAa;AAChB,UAAM,IAAI,aAAa,+BAA+B,EAAE,OAAO,CAAC;AAAA,EAClE;AAEA,SAAO;AACT;AAOO,MAAM,aAAa,OAAO,WAA8B;AAC7D,QAAM,YAAY,MAAM;AAExB,QAAM,OAAO,MAAM,UAAU,kBAAkB,MAAM;AAErD,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,aAAa,kBAAkB,EAAE,OAAO,CAAC;AAAA,EACrD;AAEA,SAAO;AACT;","names":[]}

package/dist/esm/types/Routes.mjs

@@ -0,0 +1 @@
+//# sourceMappingURL=Routes.mjs.map

package/dist/esm/types/Routes.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/esm/types/dictionary.types.mjs

@@ -0,0 +1 @@
+//# sourceMappingURL=dictionary.types.mjs.map

package/dist/esm/types/dictionary.types.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/esm/types/organization.types.mjs

@@ -0,0 +1 @@
+//# sourceMappingURL=organization.types.mjs.map

package/dist/esm/types/organization.types.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/esm/types/project.types.mjs

@@ -0,0 +1 @@
+//# sourceMappingURL=project.types.mjs.map

package/dist/esm/types/project.types.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/esm/types/session.types.mjs

@@ -0,0 +1 @@
+//# sourceMappingURL=session.types.mjs.map

package/dist/esm/types/session.types.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/esm/types/user.types.mjs

@@ -0,0 +1 @@
+//# sourceMappingURL=user.types.mjs.map

package/dist/esm/types/user.types.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/esm/utils/CSRF.mjs

@@ -0,0 +1,21 @@
+import { doubleCsrf } from "csrf-csrf";
+import { Cookies, getCookieOptions } from './cookies.mjs';
+const {
+  generateToken,
+  // Use this in your routes to provide a CSRF hash + token cookie and token.
+  validateRequest,
+  // Also a convenience if you plan on making your own middleware.
+  doubleCsrfProtection
+  // This is the default CSRF protection middleware.
+} = doubleCsrf({
+  getSecret: () => process.env.CSRF_SECRET,
+  getTokenFromRequest: (req) => req.body.csrf_token,
+  cookieName: Cookies.XSRF_TOKEN,
+  cookieOptions: getCookieOptions()
+});
+export {
+  doubleCsrfProtection,
+  generateToken,
+  validateRequest
+};
+//# sourceMappingURL=CSRF.mjs.map

package/dist/esm/utils/CSRF.mjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/utils/CSRF.ts"],"sourcesContent":["import { doubleCsrf } from 'csrf-csrf';\nimport { Cookies, getCookieOptions } from './cookies';\n\nconst {\n  generateToken, // Use this in your routes to provide a CSRF hash + token cookie and token.\n  validateRequest, // Also a convenience if you plan on making your own middleware.\n  doubleCsrfProtection, // This is the default CSRF protection middleware.\n} = doubleCsrf({\n  getSecret: () => process.env.CSRF_SECRET!,\n  getTokenFromRequest: (req) => req.body.csrf_token,\n  cookieName: Cookies.XSRF_TOKEN,\n  cookieOptions: getCookieOptions(),\n});\n\nexport { generateToken, validateRequest, doubleCsrfProtection };\n"],"mappings":"AAAA,SAAS,kBAAkB;AAC3B,SAAS,SAAS,wBAAwB;AAE1C,MAAM;AAAA,EACJ;AAAA;AAAA,EACA;AAAA;AAAA,EACA;AAAA;AACF,IAAI,WAAW;AAAA,EACb,WAAW,MAAM,QAAQ,IAAI;AAAA,EAC7B,qBAAqB,CAAC,QAAQ,IAAI,KAAK;AAAA,EACvC,YAAY,QAAQ;AAAA,EACpB,eAAe,iBAAiB;AAClC,CAAC;","names":[]}