npm - @nauth-toolkit/core - Versions diffs - 0.1.0 → 0.1.5 - Mend

@nauth-toolkit/core 0.1.0 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (184) hide show

package/LICENSE +90 -0
package/README.md +9 -0
package/package.json +8 -3
package/jest.config.js +0 -15
package/jest.setup.ts +0 -6
package/src/adapters/database-columns.ts +0 -165
package/src/adapters/express.adapter.ts +0 -385
package/src/adapters/fastify.adapter.ts +0 -416
package/src/adapters/index.ts +0 -16
package/src/adapters/storage.factory.ts +0 -143
package/src/bootstrap.ts +0 -374
package/src/dto/auth-challenge.dto.ts +0 -231
package/src/dto/auth-response.dto.ts +0 -253
package/src/dto/challenge-response.dto.ts +0 -234
package/src/dto/change-password-request.dto.ts +0 -50
package/src/dto/change-password-response.dto.ts +0 -29
package/src/dto/change-password.dto.ts +0 -57
package/src/dto/error-response.dto.ts +0 -136
package/src/dto/get-available-methods.dto.ts +0 -55
package/src/dto/get-challenge-data-response.dto.ts +0 -28
package/src/dto/get-challenge-data.dto.ts +0 -69
package/src/dto/get-client-info.dto.ts +0 -104
package/src/dto/get-device-token-response.dto.ts +0 -25
package/src/dto/get-events-by-type.dto.ts +0 -76
package/src/dto/get-ip-address-response.dto.ts +0 -24
package/src/dto/get-mfa-status.dto.ts +0 -94
package/src/dto/get-risk-assessment-history.dto.ts +0 -39
package/src/dto/get-session-id-response.dto.ts +0 -25
package/src/dto/get-setup-data-response.dto.ts +0 -31
package/src/dto/get-setup-data.dto.ts +0 -75
package/src/dto/get-suspicious-activity.dto.ts +0 -42
package/src/dto/get-user-agent-response.dto.ts +0 -23
package/src/dto/get-user-auth-history.dto.ts +0 -95
package/src/dto/get-user-by-email.dto.ts +0 -61
package/src/dto/get-user-by-id.dto.ts +0 -46
package/src/dto/get-user-devices.dto.ts +0 -53
package/src/dto/get-user-response.dto.ts +0 -17
package/src/dto/has-provider.dto.ts +0 -56
package/src/dto/index.ts +0 -57
package/src/dto/is-trusted-device-response.dto.ts +0 -34
package/src/dto/list-providers-response.dto.ts +0 -23
package/src/dto/login.dto.ts +0 -95
package/src/dto/logout-all-response.dto.ts +0 -24
package/src/dto/logout-all.dto.ts +0 -65
package/src/dto/logout-response.dto.ts +0 -25
package/src/dto/logout.dto.ts +0 -64
package/src/dto/refresh-token.dto.ts +0 -36
package/src/dto/remove-devices.dto.ts +0 -85
package/src/dto/resend-code-response.dto.ts +0 -32
package/src/dto/resend-code.dto.ts +0 -51
package/src/dto/reset-password.dto.ts +0 -115
package/src/dto/respond-challenge.dto.ts +0 -272
package/src/dto/set-mfa-exemption.dto.ts +0 -112
package/src/dto/set-must-change-password-response.dto.ts +0 -27
package/src/dto/set-must-change-password.dto.ts +0 -46
package/src/dto/set-preferred-method.dto.ts +0 -80
package/src/dto/setup-mfa.dto.ts +0 -98
package/src/dto/signup.dto.ts +0 -174
package/src/dto/social-auth.dto.ts +0 -422
package/src/dto/trust-device-response.dto.ts +0 -30
package/src/dto/trust-device.dto.ts +0 -9
package/src/dto/update-user-attributes-request.dto.ts +0 -51
package/src/dto/user-response.dto.ts +0 -138
package/src/dto/user-update.dto.ts +0 -222
package/src/dto/verify-email.dto.ts +0 -313
package/src/dto/verify-mfa-code.dto.ts +0 -103
package/src/dto/verify-phone-by-sub.dto.ts +0 -78
package/src/dto/verify-phone.dto.ts +0 -245
package/src/entities/auth-audit.entity.ts +0 -232
package/src/entities/challenge-session.entity.ts +0 -116
package/src/entities/index.ts +0 -29
package/src/entities/login-attempt.entity.ts +0 -64
package/src/entities/mfa-device.entity.ts +0 -151
package/src/entities/rate-limit.entity.ts +0 -44
package/src/entities/session.entity.ts +0 -180
package/src/entities/social-account.entity.ts +0 -96
package/src/entities/storage-lock.entity.ts +0 -39
package/src/entities/trusted-device.entity.ts +0 -112
package/src/entities/user.entity.ts +0 -243
package/src/entities/verification-token.entity.ts +0 -141
package/src/enums/auth-audit-event-type.enum.ts +0 -360
package/src/enums/error-codes.enum.ts +0 -420
package/src/enums/mfa-method.enum.ts +0 -97
package/src/enums/risk-factor.enum.ts +0 -111
package/src/exceptions/nauth.exception.ts +0 -231
package/src/handlers/auth.handler.ts +0 -260
package/src/handlers/client-info.handler.ts +0 -101
package/src/handlers/csrf.handler.ts +0 -156
package/src/handlers/token-delivery.handler.ts +0 -118
package/src/index.ts +0 -118
package/src/interfaces/client-info.interface.ts +0 -85
package/src/interfaces/config.interface.ts +0 -2135
package/src/interfaces/entities.interface.ts +0 -226
package/src/interfaces/index.ts +0 -15
package/src/interfaces/logger.interface.ts +0 -283
package/src/interfaces/mfa-provider.interface.ts +0 -154
package/src/interfaces/oauth.interface.ts +0 -148
package/src/interfaces/provider.interface.ts +0 -47
package/src/interfaces/social-auth-provider.interface.ts +0 -131
package/src/interfaces/storage-adapter.interface.ts +0 -82
package/src/interfaces/template.interface.ts +0 -510
package/src/interfaces/token-verifier.interface.ts +0 -110
package/src/internal.ts +0 -178
package/src/platform/interfaces.ts +0 -299
package/src/schemas/auth-config.schema.ts +0 -646
package/src/services/adaptive-mfa-decision.service.spec.ts +0 -1058
package/src/services/adaptive-mfa-decision.service.ts +0 -457
package/src/services/auth-audit.service.spec.ts +0 -675
package/src/services/auth-audit.service.ts +0 -558
package/src/services/auth-challenge-helper.service.spec.ts +0 -3227
package/src/services/auth-challenge-helper.service.ts +0 -825
package/src/services/auth-flow-context-builder.service.ts +0 -520
package/src/services/auth-flow-rules.ts +0 -202
package/src/services/auth-flow-state-definitions.ts +0 -190
package/src/services/auth-flow-state-machine.service.ts +0 -207
package/src/services/auth-flow-state-machine.types.ts +0 -316
package/src/services/auth.service.spec.ts +0 -4195
package/src/services/auth.service.ts +0 -3727
package/src/services/challenge.service.spec.ts +0 -1363
package/src/services/challenge.service.ts +0 -696
package/src/services/client-info.service.spec.ts +0 -572
package/src/services/client-info.service.ts +0 -374
package/src/services/csrf.service.ts +0 -54
package/src/services/email-verification.service.spec.ts +0 -1229
package/src/services/email-verification.service.ts +0 -578
package/src/services/geo-location.service.spec.ts +0 -603
package/src/services/geo-location.service.ts +0 -599
package/src/services/index.ts +0 -13
package/src/services/jwt.service.spec.ts +0 -882
package/src/services/jwt.service.ts +0 -621
package/src/services/mfa-base.service.spec.ts +0 -246
package/src/services/mfa-base.service.ts +0 -611
package/src/services/mfa.service.spec.ts +0 -693
package/src/services/mfa.service.ts +0 -960
package/src/services/password.service.spec.ts +0 -166
package/src/services/password.service.ts +0 -309
package/src/services/phone-verification.service.spec.ts +0 -1120
package/src/services/phone-verification.service.ts +0 -751
package/src/services/risk-detection.service.spec.ts +0 -1292
package/src/services/risk-detection.service.ts +0 -1012
package/src/services/risk-scoring.service.spec.ts +0 -204
package/src/services/risk-scoring.service.ts +0 -131
package/src/services/session.service.spec.ts +0 -1293
package/src/services/session.service.ts +0 -803
package/src/services/social-account.service.spec.ts +0 -725
package/src/services/social-auth-base.service.spec.ts +0 -418
package/src/services/social-auth-base.service.ts +0 -581
package/src/services/social-auth.service.spec.ts +0 -238
package/src/services/social-auth.service.ts +0 -436
package/src/services/social-provider-registry.service.spec.ts +0 -238
package/src/services/social-provider-registry.service.ts +0 -122
package/src/services/trusted-device.service.spec.ts +0 -505
package/src/services/trusted-device.service.ts +0 -339
package/src/storage/account-lockout-storage.service.spec.ts +0 -310
package/src/storage/account-lockout-storage.service.ts +0 -89
package/src/storage/index.ts +0 -3
package/src/storage/memory-storage.adapter.ts +0 -443
package/src/storage/rate-limit-storage.service.spec.ts +0 -247
package/src/storage/rate-limit-storage.service.ts +0 -38
package/src/templates/html-template.engine.spec.ts +0 -161
package/src/templates/html-template.engine.ts +0 -688
package/src/templates/index.ts +0 -7
package/src/utils/common-passwords.spec.ts +0 -230
package/src/utils/common-passwords.ts +0 -170
package/src/utils/context-storage.ts +0 -188
package/src/utils/cookie-names.util.ts +0 -67
package/src/utils/cookies.util.ts +0 -94
package/src/utils/index.ts +0 -12
package/src/utils/ip-extractor.spec.ts +0 -330
package/src/utils/ip-extractor.ts +0 -220
package/src/utils/nauth-logger.spec.ts +0 -388
package/src/utils/nauth-logger.ts +0 -215
package/src/utils/pii-redactor.spec.ts +0 -130
package/src/utils/pii-redactor.ts +0 -288
package/src/utils/setup/get-repositories.ts +0 -140
package/src/utils/setup/init-services.ts +0 -422
package/src/utils/setup/init-social.ts +0 -189
package/src/utils/setup/init-storage.ts +0 -94
package/src/utils/setup/register-mfa.ts +0 -165
package/src/utils/setup/run-nauth-migrations.ts +0 -61
package/src/utils/token-delivery-policy.ts +0 -38
package/src/validators/template.validator.ts +0 -219
package/tsconfig.json +0 -37
package/tsconfig.lint.json +0 -6

package/src/storage/rate-limit-storage.service.spec.ts DELETED Viewed

@@ -1,247 +0,0 @@
-import { RateLimitStorageService } from './rate-limit-storage.service';
-import { StorageAdapter } from '../interfaces/storage-adapter.interface';
-/**
- * Rate Limit Storage Service Unit Tests
- *
- * Tests rate limiting storage operations.
- * Covers counter increment, window management, and expiration handling.
- *
- * Platform-agnostic: Uses direct instantiation, no NestJS dependencies.
- */
-describe('RateLimitStorageService', () => {
-  let service: RateLimitStorageService;
-  let mockStorageAdapter: jest.Mocked<StorageAdapter>;
-  beforeEach(() => {
-    // Create mock storage adapter
-    mockStorageAdapter = {
-      initialize: jest.fn(),
-      isHealthy: jest.fn(),
-      get: jest.fn(),
-      set: jest.fn(),
-      del: jest.fn(),
-      exists: jest.fn(),
-      incr: jest.fn(),
-      decr: jest.fn(),
-      expire: jest.fn(),
-      ttl: jest.fn(),
-      hget: jest.fn(),
-      hset: jest.fn(),
-      hgetall: jest.fn(),
-      hdel: jest.fn(),
-      lpush: jest.fn(),
-      lrange: jest.fn(),
-      llen: jest.fn(),
-      keys: jest.fn(),
-      scan: jest.fn(),
-      cleanup: jest.fn(),
-      disconnect: jest.fn(),
-    } as any;
-    // Instantiate service directly
-    service = new RateLimitStorageService(mockStorageAdapter);
-  });
-  afterEach(() => {
-    jest.clearAllMocks();
-  });
-  // ============================================================================
-  // Service Initialization
-  // ============================================================================
-  it('should be defined', () => {
-    expect(service).toBeDefined();
-  });
-  // ============================================================================
-  // incrementRateLimit() Method
-  // ============================================================================
-  describe('incrementRateLimit', () => {
-    it('should increment counter and return count', async () => {
-      mockStorageAdapter.incr.mockResolvedValue(1);
-      mockStorageAdapter.expire.mockResolvedValue();
-      const result = await service.incrementRateLimit('user-123', '/api/login', 60000);
-      expect(result).toBe(1);
-      expect(mockStorageAdapter.incr).toHaveBeenCalledWith('nauth:ratelimit:user-123:/api/login');
-    });
-    it('should set expiry on first request in window', async () => {
-      mockStorageAdapter.incr.mockResolvedValue(1);
-      mockStorageAdapter.expire.mockResolvedValue();
-      await service.incrementRateLimit('user-123', '/api/login', 60000);
-      expect(mockStorageAdapter.expire).toHaveBeenCalledWith(
-        'nauth:ratelimit:user-123:/api/login',
-        60, // 60000ms = 60 seconds
-      );
-    });
-    it('should not set expiry on subsequent requests', async () => {
-      mockStorageAdapter.incr.mockResolvedValue(2);
-      mockStorageAdapter.expire.mockResolvedValue();
-      await service.incrementRateLimit('user-123', '/api/login', 60000);
-      expect(mockStorageAdapter.expire).not.toHaveBeenCalled();
-    });
-    it('should convert windowMs to seconds for TTL', async () => {
-      mockStorageAdapter.incr.mockResolvedValue(1);
-      mockStorageAdapter.expire.mockResolvedValue();
-      await service.incrementRateLimit('user-123', '/api/login', 120000); // 2 minutes
-      expect(mockStorageAdapter.expire).toHaveBeenCalledWith(
-        'nauth:ratelimit:user-123:/api/login',
-        120, // 120000ms = 120 seconds
-      );
-    });
-    it('should round up windowMs to seconds', async () => {
-      mockStorageAdapter.incr.mockResolvedValue(1);
-      mockStorageAdapter.expire.mockResolvedValue();
-      await service.incrementRateLimit('user-123', '/api/login', 1500); // 1.5 seconds
-      expect(mockStorageAdapter.expire).toHaveBeenCalledWith(
-        'nauth:ratelimit:user-123:/api/login',
-        2, // Math.ceil(1500 / 1000) = 2
-      );
-    });
-    it('should use correct key format', async () => {
-      mockStorageAdapter.incr.mockResolvedValue(1);
-      mockStorageAdapter.expire.mockResolvedValue();
-      await service.incrementRateLimit('ip-192.168.1.1', '/api/signup', 30000);
-      expect(mockStorageAdapter.incr).toHaveBeenCalledWith('nauth:ratelimit:ip-192.168.1.1:/api/signup');
-    });
-  });
-  // ============================================================================
-  // getRateLimit() Method
-  // ============================================================================
-  describe('getRateLimit', () => {
-    it('should return current rate limit count', async () => {
-      mockStorageAdapter.get.mockResolvedValue('5');
-      const result = await service.getRateLimit('user-123', '/api/login');
-      expect(result).toBe(5);
-      expect(mockStorageAdapter.get).toHaveBeenCalledWith('nauth:ratelimit:user-123:/api/login');
-    });
-    it('should return 0 when no limit recorded', async () => {
-      mockStorageAdapter.get.mockResolvedValue(null);
-      const result = await service.getRateLimit('user-123', '/api/login');
-      expect(result).toBe(0);
-    });
-    it('should parse string value to number', async () => {
-      mockStorageAdapter.get.mockResolvedValue('10');
-      const result = await service.getRateLimit('user-123', '/api/login');
-      expect(result).toBe(10);
-    });
-    it('should handle empty string', async () => {
-      mockStorageAdapter.get.mockResolvedValue('');
-      const result = await service.getRateLimit('user-123', '/api/login');
-      expect(result).toBe(0);
-    });
-    it('should use correct key format', async () => {
-      mockStorageAdapter.get.mockResolvedValue('3');
-      await service.getRateLimit('ip-10.0.0.1', '/api/reset-password');
-      expect(mockStorageAdapter.get).toHaveBeenCalledWith('nauth:ratelimit:ip-10.0.0.1:/api/reset-password');
-    });
-  });
-  // ============================================================================
-  // resetRateLimit() Method
-  // ============================================================================
-  describe('resetRateLimit', () => {
-    it('should delete rate limit counter', async () => {
-      mockStorageAdapter.del.mockResolvedValue();
-      await service.resetRateLimit('user-123', '/api/login');
-      expect(mockStorageAdapter.del).toHaveBeenCalledWith('nauth:ratelimit:user-123:/api/login');
-    });
-    it('should reset limit for correct identifier and endpoint', async () => {
-      mockStorageAdapter.del.mockResolvedValue();
-      await service.resetRateLimit('ip-192.168.1.1', '/api/signup');
-      expect(mockStorageAdapter.del).toHaveBeenCalledWith('nauth:ratelimit:ip-192.168.1.1:/api/signup');
-    });
-  });
-  // ============================================================================
-  // Integration Tests
-  // ============================================================================
-  describe('Integration', () => {
-    it('should track rate limit across multiple requests', async () => {
-      mockStorageAdapter.incr.mockResolvedValueOnce(1).mockResolvedValueOnce(2).mockResolvedValueOnce(3);
-      mockStorageAdapter.expire.mockResolvedValue();
-      mockStorageAdapter.get.mockResolvedValue('3');
-      // Make 3 requests
-      await service.incrementRateLimit('user-123', '/api/login', 60000);
-      await service.incrementRateLimit('user-123', '/api/login', 60000);
-      await service.incrementRateLimit('user-123', '/api/login', 60000);
-      const count = await service.getRateLimit('user-123', '/api/login');
-      expect(count).toBe(3);
-      expect(mockStorageAdapter.expire).toHaveBeenCalledTimes(1); // Only on first request
-    });
-    it('should reset rate limit correctly', async () => {
-      mockStorageAdapter.incr.mockResolvedValue(5);
-      mockStorageAdapter.expire.mockResolvedValue();
-      mockStorageAdapter.del.mockResolvedValue();
-      mockStorageAdapter.get.mockResolvedValue(null);
-      await service.incrementRateLimit('user-123', '/api/login', 60000);
-      await service.resetRateLimit('user-123', '/api/login');
-      const count = await service.getRateLimit('user-123', '/api/login');
-      expect(count).toBe(0);
-    });
-    it('should handle different endpoints independently', async () => {
-      mockStorageAdapter.incr.mockResolvedValueOnce(1).mockResolvedValueOnce(1);
-      mockStorageAdapter.expire.mockResolvedValue();
-      mockStorageAdapter.get.mockResolvedValueOnce('1').mockResolvedValueOnce('1');
-      await service.incrementRateLimit('user-123', '/api/login', 60000);
-      await service.incrementRateLimit('user-123', '/api/signup', 60000);
-      const loginCount = await service.getRateLimit('user-123', '/api/login');
-      const signupCount = await service.getRateLimit('user-123', '/api/signup');
-      expect(loginCount).toBe(1);
-      expect(signupCount).toBe(1);
-    });
-  });
-});

package/src/storage/rate-limit-storage.service.ts DELETED Viewed

@@ -1,38 +0,0 @@
-import { RateLimitStorage, StorageAdapter } from '../interfaces/storage-adapter.interface';
-/**
- * Rate limit storage implementation using StorageAdapter (Platform-Agnostic)
- */
-export class RateLimitStorageService implements RateLimitStorage {
-  private readonly keyPrefix = 'nauth:ratelimit:';
-  constructor(private readonly storageAdapter: StorageAdapter) {}
-  async incrementRateLimit(identifier: string, endpoint: string, windowMs: number): Promise<number> {
-    const key = this.getKey(identifier, endpoint);
-    const count = await this.storageAdapter.incr(key);
-    if (count === 1) {
-      // First request in this window, set expiry
-      const ttl = Math.ceil(windowMs / 1000);
-      await this.storageAdapter.expire(key, ttl);
-    }
-    return count;
-  }
-  async getRateLimit(identifier: string, endpoint: string): Promise<number> {
-    const key = this.getKey(identifier, endpoint);
-    const value = await this.storageAdapter.get(key);
-    return value ? parseInt(value, 10) : 0;
-  }
-  async resetRateLimit(identifier: string, endpoint: string): Promise<void> {
-    const key = this.getKey(identifier, endpoint);
-    await this.storageAdapter.del(key);
-  }
-  private getKey(identifier: string, endpoint: string): string {
-    return `${this.keyPrefix}${identifier}:${endpoint}`;
-  }
-}

package/src/templates/html-template.engine.spec.ts DELETED Viewed

@@ -1,161 +0,0 @@
-import { HtmlTemplateEngine } from './html-template.engine';
-import { TemplateType } from '../interfaces/template.interface';
-describe('HtmlTemplateEngine', () => {
-  let engine: HtmlTemplateEngine;
-  beforeEach(() => {
-    engine = new HtmlTemplateEngine();
-  });
-  it('should be defined', () => {
-    expect(engine).toBeDefined();
-  });
-  describe('render', () => {
-    it('should render verification email template', async () => {
-      const variables = {
-        appName: 'Test App',
-        userName: 'John Doe',
-        code: '123456',
-        link: 'https://example.com/verify',
-        expiryMinutes: 60,
-        companyName: 'Test Company',
-      };
-      const email = await engine.render(TemplateType.VERIFICATION, variables);
-      expect(email.subject).toContain('Test App');
-      expect(email.html).toContain('John Doe');
-      expect(email.html).toContain('123456');
-      expect(email.html).toContain('https://example.com/verify');
-      expect(email.text).toContain('123456');
-    });
-    it('should render password reset template', async () => {
-      const variables = {
-        appName: 'Test App',
-        userName: 'Jane Doe',
-        link: 'https://example.com/reset',
-        expiryMinutes: 30,
-        companyName: 'Test Company',
-      };
-      const email = await engine.render(TemplateType.PASSWORD_RESET, variables);
-      expect(email.subject).toContain('Reset'); // Capitalized in actual template
-      expect(email.html).toContain('Jane Doe');
-      expect(email.html).toContain('https://example.com/reset');
-    });
-    it('should render welcome email template', async () => {
-      const variables = {
-        appName: 'Test App',
-        userName: 'Bob Smith',
-        dashboardUrl: 'https://example.com/dashboard',
-        supportEmail: 'support@example.com',
-        companyName: 'Test Company',
-      };
-      const email = await engine.render(TemplateType.WELCOME, variables);
-      expect(email.subject).toContain('Welcome');
-      expect(email.html).toContain('Bob Smith');
-      expect(email.html).toContain('https://example.com/dashboard');
-    });
-    it('should render account lockout template', async () => {
-      const variables = {
-        appName: 'Test App',
-        userName: 'Alice Johnson',
-        reason: 'Too many failed login attempts',
-        durationMinutes: 15,
-        supportEmail: 'support@example.com',
-        companyName: 'Test Company',
-      };
-      const email = await engine.render(TemplateType.ACCOUNT_LOCKOUT, variables);
-      expect(email.subject).toContain('Account Locked');
-      expect(email.html).toContain('Alice Johnson');
-      expect(email.html).toContain('Too many failed login attempts');
-      expect(email.html).toContain('15');
-    });
-    it('should render new device login template', async () => {
-      const variables = {
-        appName: 'Test App',
-        userName: 'Charlie Brown',
-        deviceName: 'iPhone 13',
-        deviceType: 'mobile',
-        ipAddress: '192.168.1.100',
-        location: 'New York, US',
-        timestamp: '2025-10-22T12:00:00Z',
-        supportEmail: 'support@example.com',
-        companyName: 'Test Company',
-      };
-      const email = await engine.render(TemplateType.NEW_DEVICE, variables);
-      expect(email.subject).toContain('New Device Login');
-      expect(email.html).toContain('Charlie Brown');
-      expect(email.html).toContain('iPhone 13');
-      expect(email.html).toContain('192.168.1.100');
-    });
-    it('should throw error for unknown template type', async () => {
-      let error: Error | undefined;
-      try {
-        await engine.render('unknown' as any, {});
-      } catch (e) {
-        error = e as Error;
-      }
-      expect(error).toBeDefined();
-      expect(error?.message).toContain('Template "unknown" not found');
-    });
-    it('should handle missing variables gracefully', async () => {
-      const variables = {
-        appName: 'Test App',
-        // Missing other required variables
-      };
-      const email = await engine.render(TemplateType.VERIFICATION, variables);
-      expect(email.subject).toContain('Test App');
-      expect(email.html).toBeDefined();
-      expect(email.text).toBeDefined();
-    });
-    it('should replace all occurrences of a variable', async () => {
-      const variables = {
-        appName: 'Test App',
-        userName: 'Test User',
-        companyName: 'Test Company',
-      };
-      const email = await engine.render(TemplateType.WELCOME, variables);
-      // userName should appear in the greeting
-      expect(email.html).toContain('Test User');
-      expect(email.text).toContain('Test User');
-    });
-    it('should handle special characters in variables', async () => {
-      const variables = {
-        appName: 'Test & Company <Special>',
-        userName: 'John "Doe"',
-        code: '123456',
-        link: 'https://example.com/verify',
-        expiryMinutes: 60,
-        companyName: 'Test & Co.',
-      };
-      const email = await engine.render(TemplateType.VERIFICATION, variables);
-      // HTML escapes special characters in userName
-      expect(email.html).toContain('John &quot;Doe&quot;');
-      expect(email.text).toContain('John "Doe"');
-    });
-  });
-});