@loomcore/api 0.0.12 → 0.0.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/middleware/error-handler.js +1 -8
  2. package/dist/services/auth.service.js +7 -6
  3. package/dist/services/password-reset-token.service.js +4 -3
  4. package/dist/services/user.service.js +3 -0
  5. package/dist/utils/db.utils.js +9 -3
  6. package/package.json +1 -1
package/dist/middleware/error-handler.js CHANGED
@@ -3,15 +3,8 @@ import { apiUtils } from '../utils/index.js';
3
3
  import { config } from '../config/base-api-config.js';
4
4
  const SENSITIVE_FIELDS = [
5
5
  'password',
6
- 'token',
7
- 'apiKey',
8
6
  'secret',
9
- 'credit_card',
10
- 'creditCard',
11
- 'ssn',
12
- 'email',
13
- 'phone',
14
- 'address'
7
+ 'ssn'
15
8
  ];
16
9
  const sanitizeData = (data) => {
17
10
  if (!data || typeof data !== 'object') {
package/dist/services/auth.service.js CHANGED
@@ -66,7 +66,7 @@ export class AuthService extends GenericApiService {
66
66
  });
67
67
  }
68
68
  getUserByEmail(email) {
69
- return this.collection.findOne({ email: email })
69
+ return this.collection.findOne({ email: email.toLowerCase() })
70
70
  .then((user) => {
71
71
  return user;
72
72
  });
@@ -176,17 +176,18 @@ export class AuthService extends GenericApiService {
176
176
  await this.emailService.sendHtmlEmail(emailAddress, `Reset Password for ${config.appName}`, htmlEmailBody);
177
177
  }
178
178
  async resetPassword(email, passwordResetToken, password) {
179
- const retrievedPasswordResetToken = await this.passwordResetTokenService.getByEmail(email);
179
+ const lowerCaseEmail = email.toLowerCase();
180
+ const retrievedPasswordResetToken = await this.passwordResetTokenService.getByEmail(lowerCaseEmail);
180
181
  if (!retrievedPasswordResetToken) {
181
- throw new ServerError(`Unable to retrieve password reset token for email: ${email}`);
182
+ throw new ServerError(`Unable to retrieve password reset token for email: ${lowerCaseEmail}`);
182
183
  }
183
184
  if (retrievedPasswordResetToken.token !== passwordResetToken || retrievedPasswordResetToken.expiresOn < Date.now()) {
184
185
  throw new BadRequestError('Invalid password reset token');
185
186
  }
186
- const result = await this.changePassword(EmptyUserContext, { email }, password);
187
- console.log(`password changed using forgot-password for email: ${email}`);
187
+ const result = await this.changePassword(EmptyUserContext, { email: lowerCaseEmail }, password);
188
+ console.log(`password changed using forgot-password for email: ${lowerCaseEmail}`);
188
189
  await this.passwordResetTokenService.deleteById(EmptyUserContext, retrievedPasswordResetToken._id.toString());
189
- console.log(`passwordResetToken deleted for email: ${email}`);
190
+ console.log(`passwordResetToken deleted for email: ${lowerCaseEmail}`);
190
191
  return result;
191
192
  }
192
193
  deleteRefreshTokensForDevice(deviceId) {
package/dist/services/password-reset-token.service.js CHANGED
@@ -6,15 +6,16 @@ export class PasswordResetTokenService extends GenericApiService {
6
6
  super(db, 'passwordResetTokens', 'passwordResetToken', PasswordResetTokenSpec);
7
7
  }
8
8
  async createPasswordResetToken(email, expiresOn) {
9
- await this.collection.deleteMany({ email });
9
+ const lowerCaseEmail = email.toLowerCase();
10
+ await this.collection.deleteMany({ email: lowerCaseEmail });
10
11
  const passwordResetToken = {
11
- email,
12
+ email: lowerCaseEmail,
12
13
  token: crypto.randomBytes(40).toString('hex'),
13
14
  expiresOn: expiresOn,
14
15
  };
15
16
  return super.create(EmptyUserContext, passwordResetToken);
16
17
  }
17
18
  async getByEmail(email) {
18
- return await super.findOne(EmptyUserContext, { email });
19
+ return await super.findOne(EmptyUserContext, { email: email.toLowerCase() });
19
20
  }
20
21
  }
package/dist/services/user.service.js CHANGED
@@ -11,6 +11,9 @@ export class UserService extends MultiTenantApiService {
11
11
  }
12
12
  async prepareEntity(userContext, entity, isCreate) {
13
13
  const preparedEntity = await super.prepareEntity(userContext, entity, isCreate);
14
+ if (preparedEntity.email) {
15
+ preparedEntity.email = preparedEntity.email.toLowerCase();
16
+ }
14
17
  if (!isCreate) {
15
18
  return Value.Clean(PublicUserSchema, preparedEntity);
16
19
  }
package/dist/utils/db.utils.js CHANGED
@@ -152,10 +152,15 @@ function buildMongoMatchFromQueryOptions(queryOptions) {
152
152
  for (const [key, value] of Object.entries(filters)) {
153
153
  if (value) {
154
154
  if (value.eq !== undefined) {
155
- if (typeof value.eq === 'string' && !PROPERTIES_THAT_ARE_NOT_OBJECT_IDS.includes(key)
156
- && key.endsWith('Id') && entityUtils.isValidObjectId(value.eq)) {
155
+ if (typeof value.eq === 'string'
156
+ && key.endsWith('Id')
157
+ && !PROPERTIES_THAT_ARE_NOT_OBJECT_IDS.includes(key)
158
+ && entityUtils.isValidObjectId(value.eq)) {
157
159
  match[key] = new ObjectId(value.eq);
158
160
  }
161
+ else if (typeof value.eq === 'string' && !isNaN(Number(value.eq))) {
162
+ match[key] = Number(value.eq);
163
+ }
159
164
  else {
160
165
  match[key] = value.eq;
161
166
  }
@@ -170,7 +175,8 @@ function buildMongoMatchFromQueryOptions(queryOptions) {
170
175
  }
171
176
  }
172
177
  else {
173
- match[key] = { $in: value.in };
178
+ const convertedValues = value.in.map(val => typeof val === 'string' && !isNaN(Number(val)) ? Number(val) : val);
179
+ match[key] = { $in: convertedValues };
174
180
  }
175
181
  }
176
182
  else if (value.gte !== undefined) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@loomcore/api",
3
- "version": "0.0.12",
3
+ "version": "0.0.14",
4
4
  "private": false,
5
5
  "description": "Loom Core Api - An opinionated Node.js api using Typescript, Express, and MongoDb",
6
6
  "scripts": {