@justair/justair-library 6.10.0-alpha.b5e7ec1 → 6.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. package/dist/index.d.ts +4 -3
  2. package/dist/index.d.ts.map +1 -1
  3. package/dist/models/admin.d.ts.map +1 -1
  4. package/dist/models/measurements.d.ts +6 -6
  5. package/dist/models/tests/cookieConsent.test.d.ts +2 -0
  6. package/dist/models/tests/cookieConsent.test.d.ts.map +1 -0
  7. package/dist/models/users.d.ts +3 -0
  8. package/dist/models/users.d.ts.map +1 -1
  9. package/package.json +3 -14
  10. package/src/index.js +10 -5
  11. package/src/models/admin.js +1 -11
  12. package/src/models/users.js +43 -1
  13. package/tsconfig.json +0 -4
  14. package/dist/models/passwordResetToken.d.ts +0 -158
  15. package/dist/models/passwordResetToken.d.ts.map +0 -1
  16. package/dist/modules/audit/actions.d.ts +0 -28
  17. package/dist/modules/audit/actions.d.ts.map +0 -1
  18. package/dist/modules/audit/auditLog.d.ts +0 -32
  19. package/dist/modules/audit/auditLog.d.ts.map +0 -1
  20. package/dist/modules/audit/index.d.ts +0 -4
  21. package/dist/modules/audit/index.d.ts.map +0 -1
  22. package/dist/modules/audit/schema.d.ts +0 -321
  23. package/dist/modules/audit/schema.d.ts.map +0 -1
  24. package/dist/modules/audit/tests/actions.test.d.ts +0 -2
  25. package/dist/modules/audit/tests/actions.test.d.ts.map +0 -1
  26. package/dist/modules/audit/tests/auditLog.test.d.ts +0 -2
  27. package/dist/modules/audit/tests/auditLog.test.d.ts.map +0 -1
  28. package/dist/modules/audit/tests/schema.test.d.ts +0 -2
  29. package/dist/modules/audit/tests/schema.test.d.ts.map +0 -1
  30. package/dist/modules/auth/cookieConfig.d.ts +0 -42
  31. package/dist/modules/auth/cookieConfig.d.ts.map +0 -1
  32. package/dist/modules/auth/extractClaims.d.ts +0 -22
  33. package/dist/modules/auth/extractClaims.d.ts.map +0 -1
  34. package/dist/modules/auth/index.d.ts +0 -6
  35. package/dist/modules/auth/index.d.ts.map +0 -1
  36. package/dist/modules/auth/oidcVerifier.d.ts +0 -22
  37. package/dist/modules/auth/oidcVerifier.d.ts.map +0 -1
  38. package/dist/modules/auth/requestContext.d.ts +0 -25
  39. package/dist/modules/auth/requestContext.d.ts.map +0 -1
  40. package/dist/modules/auth/silentRefresh.d.ts +0 -33
  41. package/dist/modules/auth/silentRefresh.d.ts.map +0 -1
  42. package/dist/modules/auth/tests/cookieConfig.test.d.ts +0 -2
  43. package/dist/modules/auth/tests/cookieConfig.test.d.ts.map +0 -1
  44. package/dist/modules/auth/tests/extractClaims.test.d.ts +0 -2
  45. package/dist/modules/auth/tests/extractClaims.test.d.ts.map +0 -1
  46. package/dist/modules/auth/tests/oidcVerifier.test.d.ts +0 -2
  47. package/dist/modules/auth/tests/oidcVerifier.test.d.ts.map +0 -1
  48. package/dist/modules/auth/tests/requestContext.test.d.ts +0 -2
  49. package/dist/modules/auth/tests/requestContext.test.d.ts.map +0 -1
  50. package/dist/modules/auth/tests/silentRefresh.test.d.ts +0 -2
  51. package/dist/modules/auth/tests/silentRefresh.test.d.ts.map +0 -1
  52. package/src/models/passwordResetToken.js +0 -32
  53. package/src/modules/audit/actions.js +0 -28
  54. package/src/modules/audit/auditLog.js +0 -39
  55. package/src/modules/audit/index.js +0 -8
  56. package/src/modules/audit/schema.js +0 -44
  57. package/src/modules/audit/tests/actions.test.js +0 -26
  58. package/src/modules/audit/tests/auditLog.test.js +0 -47
  59. package/src/modules/audit/tests/schema.test.js +0 -50
  60. package/src/modules/auth/cookieConfig.js +0 -40
  61. package/src/modules/auth/extractClaims.js +0 -26
  62. package/src/modules/auth/index.js +0 -16
  63. package/src/modules/auth/oidcVerifier.js +0 -66
  64. package/src/modules/auth/requestContext.js +0 -20
  65. package/src/modules/auth/silentRefresh.js +0 -77
  66. package/src/modules/auth/tests/cookieConfig.test.js +0 -41
  67. package/src/modules/auth/tests/extractClaims.test.js +0 -36
  68. package/src/modules/auth/tests/oidcVerifier.test.js +0 -101
  69. package/src/modules/auth/tests/requestContext.test.js +0 -17
  70. package/src/modules/auth/tests/silentRefresh.test.js +0 -54
package/dist/index.d.ts CHANGED
@@ -18,6 +18,9 @@ import { organizationsSchema } from "./models/organizations.js";
18
18
  import { Organizations } from "./models/organizations.js";
19
19
  import { usersSchema } from "./models/users.js";
20
20
  import { Users } from "./models/users.js";
21
+ import { COOKIE_CONSENT_CATEGORIES } from "./models/users.js";
22
+ import { COOKIE_CONSENT_VALUES } from "./models/users.js";
23
+ import { validateCookieConsent } from "./models/users.js";
21
24
  import { eventsSchema } from "./models/events.js";
22
25
  import { Events } from "./models/events.js";
23
26
  import { lightMonitorSchema } from "./models/lightmonitors.js";
@@ -70,10 +73,8 @@ import { Samples } from "./models/samples.js";
70
73
  import { samplesAuditSchema } from "./models/samples.js";
71
74
  import { SamplesAudit } from "./models/samples.js";
72
75
  import { sampleParameterReferenceConcentrations } from "./models/samples.js";
73
- import { passwordResetTokenSchema } from "./models/passwordResetToken.js";
74
- import { PasswordResetToken } from "./models/passwordResetToken.js";
75
76
  import { PARAMETERS } from "./constants/pollutants.js";
76
77
  import { HEAVY_METALS } from "./constants/pollutants.js";
77
78
  import { splitName } from "./utils/splitName.js";
78
- export { Database, adminSchema, Admin, configurationsSchema, Configurations, measurementsSchema, Measurements, monitorRequestsSchema, MonitorRequests, monitorsSchema, Monitors, organizationsSchema, Organizations, usersSchema, Users, eventsSchema, Events, lightMonitorSchema, LightMonitors, monitorSuppliersSchema, MonitorSuppliers, contextsSchema, Contexts, parametersSchema, Parameters, announcementSchema, Announcements, jobsSchema, Jobs, apiKeySchema, ApiKey, UsageMetrics, usageMetricsSchema, Audit, auditSchema, EventsAudit, eventsAuditSchema, MonitorAudit, monitorAuditSchema, parametersEnum, deploymentTypesEnum, AlertsAudit, Alerts, alertsSchema, alertsAuditSchema, Features, featuresSchema, dataCompletenessSchema, DataCompleteness, networkMetricsSchema, NetworkMetrics, rateOfChangeSchema, RateOfChange, changeStreamCheckpointsSchema, ChangeStreamCheckpoints, sitesSchema, Sites, sampleSitesSchema, SampleSites, sampleSiteAuditSchema, SampleSiteAudit, sampleParametersEnum, samplesSchema, Samples, samplesAuditSchema, SamplesAudit, sampleParameterReferenceConcentrations, passwordResetTokenSchema, PasswordResetToken, PARAMETERS, HEAVY_METALS, splitName };
79
+ export { Database, adminSchema, Admin, configurationsSchema, Configurations, measurementsSchema, Measurements, monitorRequestsSchema, MonitorRequests, monitorsSchema, Monitors, organizationsSchema, Organizations, usersSchema, Users, COOKIE_CONSENT_CATEGORIES, COOKIE_CONSENT_VALUES, validateCookieConsent, eventsSchema, Events, lightMonitorSchema, LightMonitors, monitorSuppliersSchema, MonitorSuppliers, contextsSchema, Contexts, parametersSchema, Parameters, announcementSchema, Announcements, jobsSchema, Jobs, apiKeySchema, ApiKey, UsageMetrics, usageMetricsSchema, Audit, auditSchema, EventsAudit, eventsAuditSchema, MonitorAudit, monitorAuditSchema, parametersEnum, deploymentTypesEnum, AlertsAudit, Alerts, alertsSchema, alertsAuditSchema, Features, featuresSchema, dataCompletenessSchema, DataCompleteness, networkMetricsSchema, NetworkMetrics, rateOfChangeSchema, RateOfChange, changeStreamCheckpointsSchema, ChangeStreamCheckpoints, sitesSchema, Sites, sampleSitesSchema, SampleSites, sampleSiteAuditSchema, SampleSiteAudit, sampleParametersEnum, samplesSchema, Samples, samplesAuditSchema, SamplesAudit, sampleParameterReferenceConcentrations, PARAMETERS, HEAVY_METALS, splitName };
79
80
  //# sourceMappingURL=index.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.js"],"names":[],"mappings":"AAsFA;;;iBAEC;yBA5BwB,oBAAoB;qBADxB,gBAAgB;4BA3DF,mBAAmB;sBAAnB,mBAAmB;qCAI/C,4BAA4B;+BAA5B,4BAA4B;mCAM5B,0BAA0B;6BAA1B,0BAA0B;sCAI1B,6BAA6B;gCAA7B,6BAA6B;+BAQ7B,sBAAsB;yBAAtB,sBAAsB;oCACsB,2BAA2B;8BAA3B,2BAA2B;4BAQ3C,mBAAmB;sBAAnB,mBAAmB;6BAM/C,oBAAoB;uBAApB,oBAAoB;mCAbuB,2BAA2B;8BAA3B,2BAA2B;uCAItE,8BAA8B;iCAA9B,8BAA8B;+BACI,sBAAsB;yBAAtB,sBAAsB;iCAClB,wBAAwB;2BAAxB,wBAAwB;mCAQnB,2BAA2B;8BAA3B,2BAA2B;2BAC5C,kBAAkB;qBAAlB,kBAAkB;6BACd,oBAAoB;uBAApB,oBAAoB;6BACR,0BAA0B;mCAA1B,0BAA0B;sBA/BpE,0BAA0B;4BAA1B,0BAA0B;4BA2B1B,oBAAoB;kCAApB,oBAAoB;6BAfpB,sBAAsB;mCAAtB,sBAAsB;+BAAtB,sBAAsB;oCAAtB,sBAAsB;4BAyBtB,oBAAoB;uBAApB,oBAAoB;6BAApB,oBAAoB;kCAApB,oBAAoB;yBACc,sBAAsB;+BAAtB,sBAAsB;uCAIxD,8BAA8B;iCAA9B,8BAA8B;qCACgB,4BAA4B;+BAA5B,4BAA4B;mCAChC,0BAA0B;6BAA1B,0BAA0B;8CAIpE,qCAAqC;wCAArC,qCAAqC;4BAOT,mBAAmB;sBAAnB,mBAAmB;kCAS/C,yBAAyB;4BAAzB,yBAAyB;sCAAzB,yBAAyB;gCAAzB,yBAAyB;qCAAzB,yBAAyB;8BASzB,qBAAqB;wBAArB,qBAAqB;mCAArB,qBAAqB;6BAArB,qBAAqB;uDAArB,qBAAqB;yCACiC,gCAAgC;mCAAhC,gCAAgC;2BAvBpD,2BAA2B;6BAA3B,2BAA2B;0BAC1C,sBAAsB"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.js"],"names":[],"mappings":"AA2FA;;;iBAEC;yBA3BwB,oBAAoB;qBADxB,gBAAgB;4BAjEF,mBAAmB;sBAAnB,mBAAmB;qCAI/C,4BAA4B;+BAA5B,4BAA4B;mCAM5B,0BAA0B;6BAA1B,0BAA0B;sCAI1B,6BAA6B;gCAA7B,6BAA6B;+BAQ7B,sBAAsB;yBAAtB,sBAAsB;oCACsB,2BAA2B;8BAA3B,2BAA2B;4BAcvE,mBAAmB;sBAAnB,mBAAmB;0CAAnB,mBAAmB;sCAAnB,mBAAmB;sCAAnB,mBAAmB;6BAMnB,oBAAoB;uBAApB,oBAAoB;mCAnBuB,2BAA2B;8BAA3B,2BAA2B;uCAItE,8BAA8B;iCAA9B,8BAA8B;+BACI,sBAAsB;yBAAtB,sBAAsB;iCAClB,wBAAwB;2BAAxB,wBAAwB;mCAcnB,2BAA2B;8BAA3B,2BAA2B;2BAC5C,kBAAkB;qBAAlB,kBAAkB;6BACd,oBAAoB;uBAApB,oBAAoB;6BACR,0BAA0B;mCAA1B,0BAA0B;sBArCpE,0BAA0B;4BAA1B,0BAA0B;4BAiC1B,oBAAoB;kCAApB,oBAAoB;6BArBpB,sBAAsB;mCAAtB,sBAAsB;+BAAtB,sBAAsB;oCAAtB,sBAAsB;4BA+BtB,oBAAoB;uBAApB,oBAAoB;6BAApB,oBAAoB;kCAApB,oBAAoB;yBACc,sBAAsB;+BAAtB,sBAAsB;uCAIxD,8BAA8B;iCAA9B,8BAA8B;qCACgB,4BAA4B;+BAA5B,4BAA4B;mCAChC,0BAA0B;6BAA1B,0BAA0B;8CAIpE,qCAAqC;wCAArC,qCAAqC;4BAOT,mBAAmB;sBAAnB,mBAAmB;kCAS/C,yBAAyB;4BAAzB,yBAAyB;sCAAzB,yBAAyB;gCAAzB,yBAAyB;qCAAzB,yBAAyB;8BASzB,qBAAqB;wBAArB,qBAAqB;mCAArB,qBAAqB;6BAArB,qBAAqB;uDAArB,qBAAqB;2BAtBa,2BAA2B;6BAA3B,2BAA2B;0BAC1C,sBAAsB"}
@@ -1 +1 @@
1
- {"version":3,"file":"admin.d.ts","sourceRoot":"","sources":["../../src/models/admin.js"],"names":[],"mappings":"AAEA,8BAsBG;AAcH,wBAAmD"}
1
+ {"version":3,"file":"admin.d.ts","sourceRoot":"","sources":["../../src/models/admin.js"],"names":[],"mappings":"AAEA,8BAgBG;AAUH,wBAAmD"}
@@ -6,10 +6,10 @@ export const annotationSchema: mongoose.Schema<any, mongoose.Model<any, any, any
6
6
  _id: true;
7
7
  timestamps: false;
8
8
  }, {
9
- comment: string;
10
- measurementIdentifier: string;
11
9
  source: "admin" | "processing_engine";
12
10
  timestamp: Date;
11
+ comment: string;
12
+ measurementIdentifier: string;
13
13
  adminId?: {
14
14
  prototype?: mongoose.Types.ObjectId;
15
15
  cacheHexString?: unknown;
@@ -20,10 +20,10 @@ export const annotationSchema: mongoose.Schema<any, mongoose.Model<any, any, any
20
20
  isValid?: {};
21
21
  };
22
22
  }, mongoose.Document<unknown, {}, mongoose.FlatRecord<{
23
- comment: string;
24
- measurementIdentifier: string;
25
23
  source: "admin" | "processing_engine";
26
24
  timestamp: Date;
25
+ comment: string;
26
+ measurementIdentifier: string;
27
27
  adminId?: {
28
28
  prototype?: mongoose.Types.ObjectId;
29
29
  cacheHexString?: unknown;
@@ -34,10 +34,10 @@ export const annotationSchema: mongoose.Schema<any, mongoose.Model<any, any, any
34
34
  isValid?: {};
35
35
  };
36
36
  }>> & mongoose.FlatRecord<{
37
- comment: string;
38
- measurementIdentifier: string;
39
37
  source: "admin" | "processing_engine";
40
38
  timestamp: Date;
39
+ comment: string;
40
+ measurementIdentifier: string;
41
41
  adminId?: {
42
42
  prototype?: mongoose.Types.ObjectId;
43
43
  cacheHexString?: unknown;
@@ -0,0 +1,2 @@
1
+ export {};
2
+ //# sourceMappingURL=cookieConsent.test.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cookieConsent.test.d.ts","sourceRoot":"","sources":["../../../src/models/tests/cookieConsent.test.js"],"names":[],"mappings":""}
@@ -1,3 +1,6 @@
1
1
  export const usersSchema: any;
2
2
  export const Users: any;
3
+ export const COOKIE_CONSENT_CATEGORIES: string[];
4
+ export const COOKIE_CONSENT_VALUES: string[];
5
+ export function validateCookieConsent(consent: any): string;
3
6
  //# sourceMappingURL=users.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"users.d.ts","sourceRoot":"","sources":["../../src/models/users.js"],"names":[],"mappings":"AAEA,8BAgDE;AAIF,wBAAmD"}
1
+ {"version":3,"file":"users.d.ts","sourceRoot":"","sources":["../../src/models/users.js"],"names":[],"mappings":"AAqCA,8BAiDE;AAIF,wBAAmD;AAxFnD,iDAA4D;AAC5D,6CAAmD;AAUnD,4DAsBC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@justair/justair-library",
3
- "version": "6.10.0-alpha.b5e7ec1",
3
+ "version": "6.10.0",
4
4
  "description": "JustAir Internal Library",
5
5
  "main": "src/index.js",
6
6
  "type": "module",
@@ -13,18 +13,10 @@
13
13
  "./constants": {
14
14
  "types": "./dist/constants/pollutants.d.ts",
15
15
  "default": "./src/constants/pollutants.js"
16
- },
17
- "./auth": {
18
- "types": "./dist/modules/auth/index.d.ts",
19
- "default": "./src/modules/auth/index.js"
20
- },
21
- "./audit": {
22
- "types": "./dist/modules/audit/index.d.ts",
23
- "default": "./src/modules/audit/index.js"
24
16
  }
25
17
  },
26
18
  "scripts": {
27
- "test": "node --experimental-vm-modules node_modules/jest/bin/jest.js",
19
+ "test": "node --experimental-vm-modules node_modules/.bin/jest",
28
20
  "build": "tsc",
29
21
  "prepublish": "npm run build"
30
22
  },
@@ -34,21 +26,18 @@
34
26
  "author": "Britney Epps",
35
27
  "license": "ISC",
36
28
  "dependencies": {
37
- "jose": "^5.10.0",
38
29
  "mongoose": "^7.8.3",
39
30
  "nanoid": "^5.1.6",
40
31
  "winston": "^3.10.0"
41
32
  },
42
33
  "jest": {
43
34
  "testEnvironment": "node",
44
- "transform": {},
45
- "testTimeout": 60000
35
+ "transform": {}
46
36
  },
47
37
  "devDependencies": {
48
38
  "@jest/globals": "^29",
49
39
  "@types/node": "^16.0.0",
50
40
  "jest": "^29",
51
- "mongodb-memory-server": "^11.2.0",
52
41
  "jest-environment-node": "^29",
53
42
  "ts-node": "^10.0.0",
54
43
  "typescript": "^5.3.2"
package/src/index.js CHANGED
@@ -29,7 +29,13 @@ import {
29
29
  } from "./models/monitorSuppliers.js";
30
30
  import { contextsSchema, Contexts } from "./models/contexts.js";
31
31
  import { parametersSchema, Parameters } from "./models/parameters.js";
32
- import { usersSchema, Users } from "./models/users.js";
32
+ import {
33
+ usersSchema,
34
+ Users,
35
+ COOKIE_CONSENT_CATEGORIES,
36
+ COOKIE_CONSENT_VALUES,
37
+ validateCookieConsent,
38
+ } from "./models/users.js";
33
39
  import {
34
40
  eventsSchema,
35
41
  Events,
@@ -82,7 +88,6 @@ import {
82
88
  SamplesAudit,
83
89
  sampleParameterReferenceConcentrations,
84
90
  } from "./models/samples.js";
85
- import { passwordResetTokenSchema, PasswordResetToken } from "./models/passwordResetToken.js";
86
91
 
87
92
  export function createLoggerInstance({ DATADOG_API_KEY, APPLICATION_NAME }) {
88
93
  return new CustomLogger({ DATADOG_API_KEY, APPLICATION_NAME });
@@ -104,6 +109,9 @@ export {
104
109
  Organizations,
105
110
  usersSchema,
106
111
  Users,
112
+ COOKIE_CONSENT_CATEGORIES,
113
+ COOKIE_CONSENT_VALUES,
114
+ validateCookieConsent,
107
115
  eventsSchema,
108
116
  Events,
109
117
  lightMonitorSchema,
@@ -159,9 +167,6 @@ export {
159
167
  samplesAuditSchema,
160
168
  SamplesAudit,
161
169
  sampleParameterReferenceConcentrations,
162
- // Password reset tokens (JA-2946)
163
- passwordResetTokenSchema,
164
- PasswordResetToken,
165
170
  // Pollutant constants
166
171
  PARAMETERS,
167
172
  HEAVY_METALS,
@@ -13,12 +13,6 @@ const adminSchema = mongoose.Schema({
13
13
  authorized: { type: Boolean, default: false },
14
14
  isActive: { type: Boolean, default: false },
15
15
  hasSeenWelcomeScreen: { type: Boolean, default: false },
16
- // Keycloak migration (JA-2814, auth-contracts #5). externalAuthId = Keycloak `sub`.
17
- // Intentionally NO default: it must stay `undefined` (not null) until the migration
18
- // writes it, so the sparse-unique index below skips un-migrated admins instead of
19
- // colliding on many nulls. ssoProvider is reserved for future IdP brokering.
20
- externalAuthId: { type: String },
21
- ssoProvider: { type: String, default: null },
22
16
  },
23
17
  {
24
18
  timestamps: true
@@ -30,12 +24,8 @@ adminSchema.index({ orgId: 1, isActive: 1 });
30
24
  adminSchema.index({ email: 1, isActive: 1 });
31
25
  // Permission-based queries
32
26
  adminSchema.index({ orgId: 1, permissionName: 1 });
33
- // Keycloak subject join key — unique per migrated admin; sparse so absent values
34
- // (un-migrated admins, where externalAuthId is undefined) are not indexed and do
35
- // not collide. Depends on externalAuthId having NO schema default (see above).
36
- adminSchema.index({ externalAuthId: 1 }, { unique: true, sparse: true });
37
27
 
38
28
 
39
29
  const Admin = mongoose.model('Admin', adminSchema);
40
30
 
41
- export {adminSchema, Admin};
31
+ export {adminSchema, Admin};
@@ -1,5 +1,40 @@
1
1
  import mongoose from "mongoose";
2
2
 
3
+ const COOKIE_CONSENT_CATEGORIES = ["analytics_performance"];
4
+ const COOKIE_CONSENT_VALUES = ["accept", "reject"];
5
+
6
+ const cookieConsentSchemaDefinition = COOKIE_CONSENT_CATEGORIES.reduce(
7
+ (definition, category) => {
8
+ definition[category] = { type: String, enum: COOKIE_CONSENT_VALUES };
9
+ return definition;
10
+ },
11
+ {}
12
+ );
13
+
14
+ const validateCookieConsent = (consent) => {
15
+ if (typeof consent !== "object" || consent === null || Array.isArray(consent)) {
16
+ return "cookie_consent must be an object";
17
+ }
18
+
19
+ const entries = Object.entries(consent);
20
+ if (entries.length === 0) {
21
+ return "cookie_consent must include at least one category";
22
+ }
23
+
24
+ for (const [category, value] of entries) {
25
+ if (!COOKIE_CONSENT_CATEGORIES.includes(category)) {
26
+ return `Unknown cookie consent category: ${category}`;
27
+ }
28
+ if (!COOKIE_CONSENT_VALUES.includes(value)) {
29
+ return `Invalid value for ${category}: must be one of ${COOKIE_CONSENT_VALUES.join(
30
+ ", "
31
+ )}`;
32
+ }
33
+ }
34
+
35
+ return null;
36
+ };
37
+
3
38
  const usersSchema = mongoose.Schema(
4
39
  {
5
40
  name: String,
@@ -44,6 +79,7 @@ const usersSchema = mongoose.Schema(
44
79
  ],
45
80
  default: "Good",
46
81
  },
82
+ cookie_consent: cookieConsentSchemaDefinition,
47
83
  },
48
84
  {
49
85
  timestamps: true,
@@ -54,4 +90,10 @@ usersSchema.index({ phone: 1 });
54
90
 
55
91
  const Users = mongoose.model("Users", usersSchema);
56
92
 
57
- export { usersSchema, Users };
93
+ export {
94
+ usersSchema,
95
+ Users,
96
+ COOKIE_CONSENT_CATEGORIES,
97
+ COOKIE_CONSENT_VALUES,
98
+ validateCookieConsent,
99
+ };
package/tsconfig.json CHANGED
@@ -2,10 +2,6 @@
2
2
  "include": ["src/**/*"],
3
3
  "compilerOptions": {
4
4
  "allowJs": true,
5
- // Don't type-check dependency .d.ts files (e.g. mongodb-memory-server's bundled
6
- // mongodb types use AsyncDisposable/Symbol.asyncDispose from a newer lib). Our own
7
- // src is still fully checked; this only skips node_modules declarations.
8
- "skipLibCheck": true,
9
5
  // Generate d.ts files
10
6
  "declaration": true,
11
7
  "emitDeclarationOnly": true,
@@ -1,158 +0,0 @@
1
- export const passwordResetTokenSchema: mongoose.Schema<any, mongoose.Model<any, any, any, any, any, any>, {}, {}, {}, {}, {
2
- timestamps: true;
3
- }, {
4
- createdAt: NativeDate;
5
- updatedAt: NativeDate;
6
- } & {
7
- adminId: {
8
- prototype?: mongoose.Types.ObjectId;
9
- cacheHexString?: unknown;
10
- generate?: {};
11
- createFromTime?: {};
12
- createFromHexString?: {};
13
- createFromBase64?: {};
14
- isValid?: {};
15
- };
16
- tokenHash: string;
17
- used: boolean;
18
- expiresAt: Date;
19
- }, mongoose.Document<unknown, {}, mongoose.FlatRecord<{
20
- createdAt: NativeDate;
21
- updatedAt: NativeDate;
22
- } & {
23
- adminId: {
24
- prototype?: mongoose.Types.ObjectId;
25
- cacheHexString?: unknown;
26
- generate?: {};
27
- createFromTime?: {};
28
- createFromHexString?: {};
29
- createFromBase64?: {};
30
- isValid?: {};
31
- };
32
- tokenHash: string;
33
- used: boolean;
34
- expiresAt: Date;
35
- }>> & mongoose.FlatRecord<{
36
- createdAt: NativeDate;
37
- updatedAt: NativeDate;
38
- } & {
39
- adminId: {
40
- prototype?: mongoose.Types.ObjectId;
41
- cacheHexString?: unknown;
42
- generate?: {};
43
- createFromTime?: {};
44
- createFromHexString?: {};
45
- createFromBase64?: {};
46
- isValid?: {};
47
- };
48
- tokenHash: string;
49
- used: boolean;
50
- expiresAt: Date;
51
- }> & {
52
- _id: mongoose.Types.ObjectId;
53
- }>;
54
- export const PasswordResetToken: mongoose.Model<{
55
- createdAt: NativeDate;
56
- updatedAt: NativeDate;
57
- } & {
58
- adminId: {
59
- prototype?: mongoose.Types.ObjectId;
60
- cacheHexString?: unknown;
61
- generate?: {};
62
- createFromTime?: {};
63
- createFromHexString?: {};
64
- createFromBase64?: {};
65
- isValid?: {};
66
- };
67
- tokenHash: string;
68
- used: boolean;
69
- expiresAt: Date;
70
- }, {}, {}, {}, mongoose.Document<unknown, {}, {
71
- createdAt: NativeDate;
72
- updatedAt: NativeDate;
73
- } & {
74
- adminId: {
75
- prototype?: mongoose.Types.ObjectId;
76
- cacheHexString?: unknown;
77
- generate?: {};
78
- createFromTime?: {};
79
- createFromHexString?: {};
80
- createFromBase64?: {};
81
- isValid?: {};
82
- };
83
- tokenHash: string;
84
- used: boolean;
85
- expiresAt: Date;
86
- }> & {
87
- createdAt: NativeDate;
88
- updatedAt: NativeDate;
89
- } & {
90
- adminId: {
91
- prototype?: mongoose.Types.ObjectId;
92
- cacheHexString?: unknown;
93
- generate?: {};
94
- createFromTime?: {};
95
- createFromHexString?: {};
96
- createFromBase64?: {};
97
- isValid?: {};
98
- };
99
- tokenHash: string;
100
- used: boolean;
101
- expiresAt: Date;
102
- } & {
103
- _id: mongoose.Types.ObjectId;
104
- }, mongoose.Schema<any, mongoose.Model<any, any, any, any, any, any>, {}, {}, {}, {}, {
105
- timestamps: true;
106
- }, {
107
- createdAt: NativeDate;
108
- updatedAt: NativeDate;
109
- } & {
110
- adminId: {
111
- prototype?: mongoose.Types.ObjectId;
112
- cacheHexString?: unknown;
113
- generate?: {};
114
- createFromTime?: {};
115
- createFromHexString?: {};
116
- createFromBase64?: {};
117
- isValid?: {};
118
- };
119
- tokenHash: string;
120
- used: boolean;
121
- expiresAt: Date;
122
- }, mongoose.Document<unknown, {}, mongoose.FlatRecord<{
123
- createdAt: NativeDate;
124
- updatedAt: NativeDate;
125
- } & {
126
- adminId: {
127
- prototype?: mongoose.Types.ObjectId;
128
- cacheHexString?: unknown;
129
- generate?: {};
130
- createFromTime?: {};
131
- createFromHexString?: {};
132
- createFromBase64?: {};
133
- isValid?: {};
134
- };
135
- tokenHash: string;
136
- used: boolean;
137
- expiresAt: Date;
138
- }>> & mongoose.FlatRecord<{
139
- createdAt: NativeDate;
140
- updatedAt: NativeDate;
141
- } & {
142
- adminId: {
143
- prototype?: mongoose.Types.ObjectId;
144
- cacheHexString?: unknown;
145
- generate?: {};
146
- createFromTime?: {};
147
- createFromHexString?: {};
148
- createFromBase64?: {};
149
- isValid?: {};
150
- };
151
- tokenHash: string;
152
- used: boolean;
153
- expiresAt: Date;
154
- }> & {
155
- _id: mongoose.Types.ObjectId;
156
- }>>;
157
- import mongoose from 'mongoose';
158
- //# sourceMappingURL=passwordResetToken.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"passwordResetToken.d.ts","sourceRoot":"","sources":["../../src/models/passwordResetToken.js"],"names":[],"mappings":"AAgBA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAQE;AAKF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAA0F;qBA7BrE,UAAU"}
@@ -1,28 +0,0 @@
1
- /**
2
- * Auth/compliance audit action enum (auth-contracts #4 — EXACT strings, frozen).
3
- * Distinct domain from the measurement-lineage `Audit` model in
4
- * models/measurements.js: this tracks WHO did WHAT to admin/auth state, for the
5
- * government-compliance audit trail.
6
- *
7
- * Emit sites (in the services): login (success/failure), logout, forgot-password
8
- * (requested/completed), silent refresh, and the admin mutation sites
9
- * (create/update/delete, role.change when permissionName changes,
10
- * deactivate/reactivate when isActive toggles).
11
- */
12
- export const AUDIT_ACTIONS: Readonly<{
13
- LOGIN_SUCCESS: "auth.login.success";
14
- LOGIN_FAILURE: "auth.login.failure";
15
- LOGOUT: "auth.logout";
16
- PASSWORD_RESET_REQUESTED: "auth.password.reset.requested";
17
- PASSWORD_RESET_COMPLETED: "auth.password.reset.completed";
18
- TOKEN_REFRESH: "auth.token.refresh";
19
- ADMIN_CREATE: "admin.create";
20
- ADMIN_UPDATE: "admin.update";
21
- ADMIN_DELETE: "admin.delete";
22
- ADMIN_ROLE_CHANGE: "admin.role.change";
23
- ADMIN_DEACTIVATE: "admin.deactivate";
24
- ADMIN_REACTIVATE: "admin.reactivate";
25
- }>;
26
- /** Frozen list of all valid action strings — used as the AuditLog schema enum. */
27
- export const AUDIT_ACTION_VALUES: readonly ("auth.login.success" | "auth.login.failure" | "auth.logout" | "auth.password.reset.requested" | "auth.password.reset.completed" | "auth.token.refresh" | "admin.create" | "admin.update" | "admin.delete" | "admin.role.change" | "admin.deactivate" | "admin.reactivate")[];
28
- //# sourceMappingURL=actions.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"actions.d.ts","sourceRoot":"","sources":["../../../src/modules/audit/actions.js"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH;;;;;;;;;;;;;GAaG;AAEH,kFAAkF;AAClF,yTAA+E"}
@@ -1,32 +0,0 @@
1
- /**
2
- * Single canonical audit write path (auth-contracts #4).
3
- *
4
- * writeAudit(entry) ──► AuditLog.create
5
- * │ ok │ throws (db down, validation)
6
- * ▼ ▼
7
- * return true logger.error + return false (NEVER throws)
8
- *
9
- * An audit hiccup must not fail the request it is recording (e.g. a login). The
10
- * caller gets a boolean and decides; the failure is logged at error for compliance
11
- * follow-up. Inject the consuming service's logger via deps.logger (DI); it falls
12
- * back to a no-op rather than raw console so it honors the "no console" rule.
13
- *
14
- * @param {{action:string, actor?:object, resource?:object, outcome:string,
15
- * reason?:string, metadata?:object, requestId?:string}} entry
16
- * @param {{ logger?: { error: Function } }} [deps]
17
- * @returns {Promise<boolean>} true if persisted, false if the write failed
18
- */
19
- export function writeAudit({ action, actor, resource, outcome, reason, metadata, requestId }?: {
20
- action: string;
21
- actor?: object;
22
- resource?: object;
23
- outcome: string;
24
- reason?: string;
25
- metadata?: object;
26
- requestId?: string;
27
- }, { logger }?: {
28
- logger?: {
29
- error: Function;
30
- };
31
- }): Promise<boolean>;
32
- //# sourceMappingURL=auditLog.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"auditLog.d.ts","sourceRoot":"","sources":["../../../src/modules/audit/auditLog.js"],"names":[],"mappings":"AAKA;;;;;;;;;;;;;;;;;GAiBG;AACH,+FALW;IAAC,MAAM,EAAC,MAAM,CAAC;IAAC,KAAK,CAAC,EAAC,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAC,MAAM,CAAC;IAAC,OAAO,EAAC,MAAM,CAAC;IAC/D,MAAM,CAAC,EAAC,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAC,MAAM,CAAC;IAAC,SAAS,CAAC,EAAC,MAAM,CAAA;CAAC,eACrD;IAAE,MAAM,CAAC,EAAE;QAAE,KAAK,WAAU;KAAE,CAAA;CAAE,GAC9B,OAAO,CAAC,OAAO,CAAC,CAiB5B"}
@@ -1,4 +0,0 @@
1
- export { writeAudit } from "./auditLog.js";
2
- export { AUDIT_ACTIONS, AUDIT_ACTION_VALUES } from "./actions.js";
3
- export { AuditLog, auditLogSchema } from "./schema.js";
4
- //# sourceMappingURL=index.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/modules/audit/index.js"],"names":[],"mappings":""}