npm - @omnizap-system/omnizap - Versions diffs - 2.5.12 - Mend

@omnizap-system/omnizap 2.5.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (425) hide show

package/.clusterfuzzlite/Dockerfile +10 -0
package/.env.example +907 -0
package/.github/codeql/codeql-config.yml +10 -0
package/.github/dependabot.yml +35 -0
package/.github/workflows/ci.yml +73 -0
package/.github/workflows/codeql.yml +106 -0
package/.github/workflows/db-migration-check.yml +98 -0
package/.github/workflows/dependency-review.yml +22 -0
package/.github/workflows/deploy.yml +95 -0
package/.github/workflows/release.yml +106 -0
package/.github/workflows/security-attest-provenance.yml +51 -0
package/.github/workflows/security-gitleaks.yml +34 -0
package/.github/workflows/security-runner-hardening.yml +31 -0
package/.github/workflows/security-scorecard.yml +44 -0
package/.github/workflows/security-zap-baseline.yml +44 -0
package/.github/workflows/security-zap-full-scan.yml +43 -0
package/.github/workflows/security-zizmor.yml +36 -0
package/.github/workflows/wiki-sync.yml +44 -0
package/.gitleaks.toml +15 -0
package/.prettierrc +34 -0
package/CODE_OF_CONDUCT.md +114 -0
package/LICENSE +56 -0
package/README.md +110 -0
package/SECURITY.md +110 -0
package/app/config/index.js +4 -0
package/app/configParts/adminIdentity.js +92 -0
package/app/configParts/baileysConfig.js +1818 -0
package/app/configParts/groupUtils.js +692 -0
package/app/configParts/loggerConfig.js +394 -0
package/app/configParts/messagePersistenceService.js +305 -0
package/app/connection/baileysCompatibility.test.js +40 -0
package/app/connection/baileysDbAuthState.js +344 -0
package/app/connection/socketController.js +2243 -0
package/app/controllers/messageController.js +7 -0
package/app/controllers/messagePipeline/commandMiddleware.js +146 -0
package/app/controllers/messagePipeline/conversationMiddleware.js +183 -0
package/app/controllers/messagePipeline/messagePipelineMiddlewares.test.js +522 -0
package/app/controllers/messagePipeline/postProcessingMiddleware.js +41 -0
package/app/controllers/messagePipeline/preProcessingMiddlewares.js +166 -0
package/app/controllers/messageProcessingPipeline.js +699 -0
package/app/modules/adminModule/AGENT.md +4056 -0
package/app/modules/adminModule/adminAiHelpService.js +56 -0
package/app/modules/adminModule/adminConfigRuntime.js +177 -0
package/app/modules/adminModule/commandConfig.json +7122 -0
package/app/modules/adminModule/groupCommandHandlers.js +1823 -0
package/app/modules/adminModule/groupCommandHandlers.test.js +350 -0
package/app/modules/adminModule/groupEventHandlers.js +399 -0
package/app/modules/aiModule/AGENT.md +547 -0
package/app/modules/aiModule/aiAiHelpService.js +14 -0
package/app/modules/aiModule/aiConfigRuntime.js +135 -0
package/app/modules/aiModule/catCommand.js +967 -0
package/app/modules/aiModule/commandConfig.json +981 -0
package/app/modules/analyticsModule/messageAnalysisEventRepository.js +83 -0
package/app/modules/gameModule/AGENT.md +196 -0
package/app/modules/gameModule/commandConfig.json +366 -0
package/app/modules/gameModule/diceCommand.js +42 -0
package/app/modules/gameModule/gameAiHelpService.js +14 -0
package/app/modules/gameModule/gameConfigRuntime.js +68 -0
package/app/modules/menuModule/AGENT.md +205 -0
package/app/modules/menuModule/commandConfig.json +366 -0
package/app/modules/menuModule/common.js +316 -0
package/app/modules/menuModule/menuAiHelpService.js +14 -0
package/app/modules/menuModule/menuConfigRuntime.js +68 -0
package/app/modules/menuModule/menus.js +66 -0
package/app/modules/playModule/AGENT.md +321 -0
package/app/modules/playModule/commandConfig.json +584 -0
package/app/modules/playModule/playAiHelpService.js +14 -0
package/app/modules/playModule/playCommand.js +1417 -0
package/app/modules/playModule/playConfigRuntime.js +68 -0
package/app/modules/quoteModule/AGENT.md +199 -0
package/app/modules/quoteModule/commandConfig.json +366 -0
package/app/modules/quoteModule/quoteAiHelpService.js +14 -0
package/app/modules/quoteModule/quoteCommand.js +842 -0
package/app/modules/quoteModule/quoteConfigRuntime.js +68 -0
package/app/modules/rpgPokemonModule/AGENT.md +229 -0
package/app/modules/rpgPokemonModule/commandConfig.json +386 -0
package/app/modules/rpgPokemonModule/rpgBattleCanvasRenderer.js +795 -0
package/app/modules/rpgPokemonModule/rpgBattleService.js +2110 -0
package/app/modules/rpgPokemonModule/rpgBattleService.test.js +770 -0
package/app/modules/rpgPokemonModule/rpgEvolutionUtils.js +22 -0
package/app/modules/rpgPokemonModule/rpgPokemonAiHelpService.js +14 -0
package/app/modules/rpgPokemonModule/rpgPokemonCommand.js +174 -0
package/app/modules/rpgPokemonModule/rpgPokemonConfigRuntime.js +68 -0
package/app/modules/rpgPokemonModule/rpgPokemonDomain.js +192 -0
package/app/modules/rpgPokemonModule/rpgPokemonDomain.test.js +93 -0
package/app/modules/rpgPokemonModule/rpgPokemonEvolution.test.js +46 -0
package/app/modules/rpgPokemonModule/rpgPokemonMessages.js +746 -0
package/app/modules/rpgPokemonModule/rpgPokemonRepository.js +1847 -0
package/app/modules/rpgPokemonModule/rpgPokemonService.js +6839 -0
package/app/modules/rpgPokemonModule/rpgProfileCanvasRenderer.js +354 -0
package/app/modules/statsModule/AGENT.md +320 -0
package/app/modules/statsModule/commandConfig.json +540 -0
package/app/modules/statsModule/globalRankingCommand.js +64 -0
package/app/modules/statsModule/rankingCommand.js +41 -0
package/app/modules/statsModule/rankingCommon.js +1305 -0
package/app/modules/statsModule/statsAiHelpService.js +14 -0
package/app/modules/statsModule/statsConfigRuntime.js +68 -0
package/app/modules/stickerModule/AGENT.md +692 -0
package/app/modules/stickerModule/addStickerMetadata.js +239 -0
package/app/modules/stickerModule/commandConfig.json +1216 -0
package/app/modules/stickerModule/convertToWebp.js +367 -0
package/app/modules/stickerModule/stickerAiHelpService.js +14 -0
package/app/modules/stickerModule/stickerCommand.js +446 -0
package/app/modules/stickerModule/stickerConfigRuntime.js +68 -0
package/app/modules/stickerModule/stickerConvertCommand.js +159 -0
package/app/modules/stickerModule/stickerTextCommand.js +653 -0
package/app/modules/stickerPackModule/AGENT.md +215 -0
package/app/modules/stickerPackModule/autoPackCollectorRuntime.js +20 -0
package/app/modules/stickerPackModule/autoPackCollectorService.js +357 -0
package/app/modules/stickerPackModule/commandConfig.json +387 -0
package/app/modules/stickerPackModule/domainEventOutboxRepository.js +227 -0
package/app/modules/stickerPackModule/domainEvents.js +52 -0
package/app/modules/stickerPackModule/semanticReclassificationEngine.js +429 -0
package/app/modules/stickerPackModule/semanticReclassificationEngine.test.js +75 -0
package/app/modules/stickerPackModule/semanticThemeClusterService.js +544 -0
package/app/modules/stickerPackModule/stickerAssetClassificationRepository.js +400 -0
package/app/modules/stickerPackModule/stickerAssetRepository.js +400 -0
package/app/modules/stickerPackModule/stickerAssetReprocessQueueRepository.js +175 -0
package/app/modules/stickerPackModule/stickerAutoPackByTagsRuntime.js +3702 -0
package/app/modules/stickerPackModule/stickerClassificationBackgroundRuntime.js +559 -0
package/app/modules/stickerPackModule/stickerClassificationService.js +557 -0
package/app/modules/stickerPackModule/stickerDedicatedTaskWorkerRuntime.js +249 -0
package/app/modules/stickerPackModule/stickerDomainEventBus.js +65 -0
package/app/modules/stickerPackModule/stickerDomainEventConsumerRuntime.js +208 -0
package/app/modules/stickerPackModule/stickerMarketplaceDriftService.js +99 -0
package/app/modules/stickerPackModule/stickerObjectStorageService.js +285 -0
package/app/modules/stickerPackModule/stickerPackAiHelpService.js +14 -0
package/app/modules/stickerPackModule/stickerPackCommandHandlers.js +1148 -0
package/app/modules/stickerPackModule/stickerPackConfigRuntime.js +68 -0
package/app/modules/stickerPackModule/stickerPackEngagementRepository.js +152 -0
package/app/modules/stickerPackModule/stickerPackErrors.js +30 -0
package/app/modules/stickerPackModule/stickerPackInteractionEventRepository.js +101 -0
package/app/modules/stickerPackModule/stickerPackItemRepository.js +432 -0
package/app/modules/stickerPackModule/stickerPackMarketplaceService.js +313 -0
package/app/modules/stickerPackModule/stickerPackMessageService.js +268 -0
package/app/modules/stickerPackModule/stickerPackRepository.js +450 -0
package/app/modules/stickerPackModule/stickerPackScoreSnapshotRepository.js +179 -0
package/app/modules/stickerPackModule/stickerPackScoreSnapshotRuntime.js +271 -0
package/app/modules/stickerPackModule/stickerPackService.js +733 -0
package/app/modules/stickerPackModule/stickerPackServiceRuntime.js +32 -0
package/app/modules/stickerPackModule/stickerPackUtils.js +107 -0
package/app/modules/stickerPackModule/stickerStorageService.js +559 -0
package/app/modules/stickerPackModule/stickerWorkerPipelineRuntime.js +242 -0
package/app/modules/stickerPackModule/stickerWorkerTaskQueueRepository.js +242 -0
package/app/modules/systemMetricsModule/AGENT.md +193 -0
package/app/modules/systemMetricsModule/commandConfig.json +344 -0
package/app/modules/systemMetricsModule/pingCommand.js +399 -0
package/app/modules/systemMetricsModule/systemMetricsAiHelpService.js +14 -0
package/app/modules/systemMetricsModule/systemMetricsConfigRuntime.js +68 -0
package/app/modules/tiktokModule/AGENT.md +196 -0
package/app/modules/tiktokModule/commandConfig.json +366 -0
package/app/modules/tiktokModule/tiktokAiHelpService.js +14 -0
package/app/modules/tiktokModule/tiktokCommand.js +716 -0
package/app/modules/tiktokModule/tiktokConfigRuntime.js +68 -0
package/app/modules/userModule/AGENT.md +200 -0
package/app/modules/userModule/commandConfig.json +386 -0
package/app/modules/userModule/userAiHelpService.js +14 -0
package/app/modules/userModule/userCommand.js +1155 -0
package/app/modules/userModule/userConfigRuntime.js +68 -0
package/app/modules/waifuPicsModule/AGENT.md +431 -0
package/app/modules/waifuPicsModule/commandConfig.json +780 -0
package/app/modules/waifuPicsModule/waifuPicsAiHelpService.js +14 -0
package/app/modules/waifuPicsModule/waifuPicsCommand.js +586 -0
package/app/modules/waifuPicsModule/waifuPicsConfigRuntime.js +68 -0
package/app/observability/metrics.js +766 -0
package/app/services/ai/aiHelpResponseCacheRepository.js +280 -0
package/app/services/ai/aiLearningRepository.js +400 -0
package/app/services/ai/commandConfigEnrichmentRepository.js +769 -0
package/app/services/ai/commandConfigEnrichmentService.js +452 -0
package/app/services/ai/commandConfigValidationService.js +443 -0
package/app/services/ai/commandToolBuilderService.js +192 -0
package/app/services/ai/conversationRouterService.js +516 -0
package/app/services/ai/geminiService.js +115 -0
package/app/services/ai/geminiService.test.js +87 -0
package/app/services/ai/globalModuleAiHelpService.js +1412 -0
package/app/services/ai/globalToolCallingService.js +203 -0
package/app/services/ai/messageCommandExecutionService.js +391 -0
package/app/services/ai/moduleAiHelpCoreService.js +1099 -0
package/app/services/ai/moduleAiHelpWrapperFactory.js +65 -0
package/app/services/ai/moduleCommandConfigRuntimeService.js +113 -0
package/app/services/ai/moduleToolExecutorService.js +464 -0
package/app/services/ai/moduleToolRegistryService.js +178 -0
package/app/services/ai/toolCandidateSelectorService.js +781 -0
package/app/services/auth/googleWebLinkService.js +80 -0
package/app/services/auth/whatsappLoginLinkService.js +230 -0
package/app/services/external/pokeApiService.js +398 -0
package/app/services/group/groupMetadataService.js +311 -0
package/app/services/infra/dbWriteQueue.js +874 -0
package/app/services/infra/featureFlagService.js +131 -0
package/app/services/infra/queueUtils.js +55 -0
package/app/services/messaging/captchaService.js +491 -0
package/app/services/messaging/messagePersistenceService.js +1 -0
package/app/services/messaging/newsBroadcastService.js +347 -0
package/app/services/sticker/stickerFocusService.js +347 -0
package/app/services/sticker/stickerFocusService.test.js +43 -0
package/app/store/aiPromptStore.js +38 -0
package/app/store/conversationSessionStore.js +131 -0
package/app/store/groupConfigStore.js +58 -0
package/app/store/premiumUserStore.js +54 -0
package/app/utils/antiLink/antiLinkModule.js +700 -0
package/app/utils/http/getImageBufferModule.js +18 -0
package/app/utils/json/jsonSanitizer.js +113 -0
package/app/utils/json/jsonSanitizer.test.js +40 -0
package/app/utils/systemMetrics/systemMetricsModule.js +88 -0
package/app/workers/aiLearningWorker.js +605 -0
package/app/workers/commandConfigEnrichmentWorker.js +242 -0
package/database/index.js +2075 -0
package/database/init.js +151 -0
package/database/migrations/.gitkeep +0 -0
package/database/migrations/20260307_d0_hardening_down.sql +64 -0
package/database/migrations/20260307_d0_hardening_up.sql +79 -0
package/database/migrations/20260307_d1_terms_acceptance_down.sql +11 -0
package/database/migrations/20260307_d1_terms_acceptance_up.sql +37 -0
package/database/migrations/20260307_d2_auth_hardening_down.sql +75 -0
package/database/migrations/20260307_d2_auth_hardening_up.sql +100 -0
package/database/migrations/20260314_d7_canonical_sender_down.sql +53 -0
package/database/migrations/20260314_d7_canonical_sender_up.sql +114 -0
package/database/migrations/20260406_d30_security_analytics_down.sql +95 -0
package/database/migrations/20260406_d30_security_analytics_up.sql +292 -0
package/database/migrations/20260407_d31_web_google_session_token_hardening_down.sql +2 -0
package/database/migrations/20260407_d31_web_google_session_token_hardening_up.sql +17 -0
package/database/migrations/20260408_d32_ai_help_response_cache_down.sql +1 -0
package/database/migrations/20260408_d32_ai_help_response_cache_up.sql +22 -0
package/database/migrations/20260409_d33_ai_learning_tables_down.sql +4 -0
package/database/migrations/20260409_d33_ai_learning_tables_up.sql +52 -0
package/database/migrations/20260410_d34_command_config_enrichment_down.sql +3 -0
package/database/migrations/20260410_d34_command_config_enrichment_up.sql +48 -0
package/database/schema.sql +1186 -0
package/docker-compose.yml +104 -0
package/docs/audits/stickerCatalogController-out-of-scope.md +103 -0
package/docs/audits/stickerCatalogController-symbols.md +58 -0
package/docs/compliance/acceptable-use-policy-2026-03-07.md +35 -0
package/docs/compliance/dpa-b2b-standard-2026-03-07.md +80 -0
package/docs/compliance/monthly-compliance-checklist-2026-03-07.md +88 -0
package/docs/compliance/notice-and-takedown-policy-2026-03-07.md +34 -0
package/docs/compliance/privacy-policy-2026-03-07.md +75 -0
package/docs/compliance/subprocessors-inventory-2026-03-07.md +16 -0
package/docs/database/production-db-evolution-runbook-2026q1.md +365 -0
package/docs/security/dsar-lgpd-runbook-2026-03-07.md +86 -0
package/docs/security/incident-response-lgpd-anpd-runbook-2026-03-07.md +77 -0
package/docs/security/network-hardening-runbook-2026-03-07.md +137 -0
package/docs/seo/omnizap-seo-playbook-br-2026-02-28.md +238 -0
package/docs/seo/satellite-page-template.md +116 -0
package/docs/seo/satellite-pages-phase1.json +364 -0
package/docs/wiki/Home.md +120 -0
package/docs/wiki/pair-extraordinaire-2026-03-08.md +3 -0
package/docs/wiki/recent-changes-2026-03-08.md +47 -0
package/ecosystem.prod.config.cjs +135 -0
package/eslint.config.js +89 -0
package/index.js +488 -0
package/ml/clip_classifier/Dockerfile +18 -0
package/ml/clip_classifier/README.md +118 -0
package/ml/clip_classifier/adaptive_scoring.py +40 -0
package/ml/clip_classifier/classifier.py +654 -0
package/ml/clip_classifier/embedding_store.py +481 -0
package/ml/clip_classifier/env_loader.py +15 -0
package/ml/clip_classifier/llm_label_expander.py +144 -0
package/ml/clip_classifier/main.py +213 -0
package/ml/clip_classifier/requirements.txt +10 -0
package/ml/clip_classifier/similarity_engine.py +74 -0
package/new-logo.png +0 -0
package/observability/alert-rules.yml +60 -0
package/observability/grafana/dashboards/omnizap-mysql.json +136 -0
package/observability/grafana/dashboards/omnizap-overview.json +170 -0
package/observability/grafana/provisioning/dashboards/dashboards.yml +11 -0
package/observability/grafana/provisioning/datasources/datasources.yml +15 -0
package/observability/loki-config.yml +38 -0
package/observability/mysql-setup.sql +46 -0
package/observability/prometheus.yml +35 -0
package/observability/promtail-config.yml +84 -0
package/observability/sticker-catalog-slo.md +83 -0
package/observability/sticker-scale-hardening-rollout.md +128 -0
package/package.json +144 -0
package/public/apple-touch-icon.png +0 -0
package/public/assets/css/commands-react.input.css +71 -0
package/public/assets/css/create-pack-react.input.css +31 -0
package/public/assets/css/home-react.input.css +106 -0
package/public/assets/css/login-react.input.css +58 -0
package/public/assets/css/stickers-react.input.css +18 -0
package/public/assets/css/terms-react.input.css +115 -0
package/public/assets/css/user-react.input.css +57 -0
package/public/assets/images/brand-icon-192.png +0 -0
package/public/assets/images/brand-logo-128.webp +0 -0
package/public/assets/images/hero-banner-1280.jpg +0 -0
package/public/comandos/commands-catalog.json +4517 -0
package/public/css/api-docs.css +161 -0
package/public/css/stickers-admin.css +1288 -0
package/public/css/styles.css +679 -0
package/public/css/systemadm/admin.css +474 -0
package/public/css/systemadm/base.css +73 -0
package/public/css/systemadm/components.css +662 -0
package/public/css/systemadm/layout.css +229 -0
package/public/css/systemadm/tokens.css +56 -0
package/public/favicon-16x16.png +0 -0
package/public/favicon-32x32.png +0 -0
package/public/favicon.ico +0 -0
package/public/js/apps/apiDocsApp.js +235 -0
package/public/js/apps/commandsReactApp.js +528 -0
package/public/js/apps/createPackApp.js +1646 -0
package/public/js/apps/homeReactApp.js +942 -0
package/public/js/apps/loginReactApp.js +496 -0
package/public/js/apps/stickersAdminApp.js +1753 -0
package/public/js/apps/stickersApp.js +3797 -0
package/public/js/apps/termsReactApp.js +528 -0
package/public/js/apps/userApp.js +2540 -0
package/public/js/apps/userProfile/actions.js +66 -0
package/public/js/apps/userReactApp.js +547 -0
package/public/js/catalog.js +950 -0
package/public/pages/api-docs.html +40 -0
package/public/pages/aup.html +158 -0
package/public/pages/comandos.html +41 -0
package/public/pages/dpa.html +227 -0
package/public/pages/home.html +45 -0
package/public/pages/licenca.html +182 -0
package/public/pages/login.html +40 -0
package/public/pages/notice-and-takedown.html +234 -0
package/public/pages/politica-de-privacidade.html +251 -0
package/public/pages/seo-bot-whatsapp-para-grupo.html +350 -0
package/public/pages/seo-bot-whatsapp-sem-programar.html +350 -0
package/public/pages/seo-como-automatizar-avisos-no-whatsapp.html +350 -0
package/public/pages/seo-como-criar-comandos-whatsapp.html +350 -0
package/public/pages/seo-como-evitar-spam-no-whatsapp.html +350 -0
package/public/pages/seo-como-moderar-grupo-whatsapp.html +350 -0
package/public/pages/seo-como-organizar-comunidade-whatsapp.html +350 -0
package/public/pages/seo-melhor-bot-whatsapp-para-grupos.html +350 -0
package/public/pages/stickers-admin.html +31 -0
package/public/pages/stickers-create.html +41 -0
package/public/pages/stickers.html +45 -0
package/public/pages/suboperadores.html +237 -0
package/public/pages/termos-de-uso-texto-integral.html +241 -0
package/public/pages/termos-de-uso.html +41 -0
package/public/pages/user-password-reset.html +32 -0
package/public/pages/user-systemadm.html +508 -0
package/public/pages/user.html +39 -0
package/public/robots.txt +9 -0
package/public/site.webmanifest +24 -0
package/public/sitemap.xml +98 -0
package/schemas/command-config.schema.json +582 -0
package/scripts/baileys-compat-smoke.mjs +12 -0
package/scripts/cache-bust.mjs +142 -0
package/scripts/deploy.sh +916 -0
package/scripts/email-broadcast-terms-update.mjs +170 -0
package/scripts/enrich-command-discovery-fields.mjs +286 -0
package/scripts/generate-command-config-schema.mjs +273 -0
package/scripts/generate-commands-catalog.mjs +308 -0
package/scripts/generate-module-agents.mjs +631 -0
package/scripts/generate-seo-satellite-pages.mjs +400 -0
package/scripts/github-deploy-notify.mjs +174 -0
package/scripts/github-release-notify.mjs +219 -0
package/scripts/release.sh +599 -0
package/scripts/run-codeql-local.sh +116 -0
package/scripts/run-prettier-all.mjs +25 -0
package/scripts/security-smoketest.mjs +581 -0
package/scripts/sticker-catalog-loadtest.mjs +210 -0
package/scripts/sticker-worker-task.mjs +119 -0
package/scripts/sync-readme-snapshot.mjs +133 -0
package/scripts/validate-command-config-schema.mjs +130 -0
package/scripts/validate-command-configs.mjs +15 -0
package/scripts/wiki-sync.sh +191 -0
package/server/auth/googleWebAuth/googleWebAuthRuntime.js +62 -0
package/server/auth/googleWebAuth/googleWebAuthService.js +807 -0
package/server/auth/jwt/webJwtService.js +147 -0
package/server/auth/stickerCatalogAuthContext.js +165 -0
package/server/auth/termsAcceptance/termsAcceptanceHandler.js +189 -0
package/server/auth/userPassword/index.js +14 -0
package/server/auth/userPassword/userPasswordAuthService.js +422 -0
package/server/auth/userPassword/userPasswordCrypto.js +199 -0
package/server/auth/userPassword/userPasswordCrypto.test.js +76 -0
package/server/auth/userPassword/userPasswordRecoveryService.js +728 -0
package/server/auth/validation/authSchemas.js +236 -0
package/server/auth/webAccount/webAccountHandlers.js +1434 -0
package/server/controllers/admin/adminBanService.js +138 -0
package/server/controllers/admin/adminPanelHandlers.js +2083 -0
package/server/controllers/admin/stickerCatalogAdminContext.js +17 -0
package/server/controllers/admin/systemAdminController.js +201 -0
package/server/controllers/email/emailAutomationController.js +239 -0
package/server/controllers/metricsController.js +21 -0
package/server/controllers/seo/stickerCatalogSeoContext.js +514 -0
package/server/controllers/sticker/nonCatalogHandlers.js +303 -0
package/server/controllers/sticker/stickerCatalogController.js +4700 -0
package/server/controllers/system/contactController.js +115 -0
package/server/controllers/system/githubController.js +137 -0
package/server/controllers/system/stickerCatalogSystemContext.js +758 -0
package/server/controllers/system/storageController.js +154 -0
package/server/controllers/system/systemController.js +135 -0
package/server/controllers/system/systemMetricsController.js +156 -0
package/server/controllers/system/visitController.js +90 -0
package/server/controllers/userController.js +145 -0
package/server/email/emailAutomationRuntime.js +225 -0
package/server/email/emailAutomationService.js +125 -0
package/server/email/emailOutboxRepository.js +282 -0
package/server/email/emailTemplateService.js +480 -0
package/server/email/emailTransportService.js +156 -0
package/server/http/clientIp.js +95 -0
package/server/http/httpRequestUtils.js +262 -0
package/server/http/httpRequestUtils.test.js +80 -0
package/server/http/httpServer.js +180 -0
package/server/http/requestContext.js +20 -0
package/server/http/siteRoutingUtils.js +87 -0
package/server/index.js +1 -0
package/server/middleware/cachePolicy.js +26 -0
package/server/middleware/cachePolicyHelpers.js +1 -0
package/server/middleware/endpointRateLimit.js +181 -0
package/server/middleware/rateLimit.js +70 -0
package/server/middleware/requireAdminAuth.js +48 -0
package/server/middleware/securityHeaders.js +97 -0
package/server/routes/admin/systemAdminRouter.js +64 -0
package/server/routes/email/emailAutomationRouter.js +46 -0
package/server/routes/health/healthRouter.js +41 -0
package/server/routes/indexRouter.js +234 -0
package/server/routes/metrics/metricsRouter.js +58 -0
package/server/routes/static/staticPageRouter.js +134 -0
package/server/routes/sticker/catalogHandlers/catalogAdminHttp.js +105 -0
package/server/routes/sticker/catalogHandlers/catalogAuthHttp.js +77 -0
package/server/routes/sticker/catalogHandlers/catalogPublicHttp.js +120 -0
package/server/routes/sticker/catalogHandlers/catalogUploadHttp.js +83 -0
package/server/routes/sticker/catalogRouter.js +77 -0
package/server/routes/sticker/stickerApiRouter.js +84 -0
package/server/routes/sticker/stickerDataRouter.js +145 -0
package/server/routes/sticker/stickerSiteRouter.js +43 -0
package/server/routes/user/userApiPaths.js +66 -0
package/server/routes/user/userRouter.js +65 -0
package/server/utils/safePath.js +26 -0
package/utils/logger/loggerModule.js +35 -0
package/vite.config.mjs +38 -0

package/server/auth/jwt/webJwtService.js ADDED Viewed

@@ -0,0 +1,147 @@
+import jwt from 'jsonwebtoken';
+const parseEnvBool = (value, fallback = false) => {
+  if (value === undefined || value === null || value === '') return fallback;
+  const normalized = String(value).trim().toLowerCase();
+  if (['1', 'true', 'yes', 'y', 'on'].includes(normalized)) return true;
+  if (['0', 'false', 'no', 'n', 'off'].includes(normalized)) return false;
+  return fallback;
+};
+const clampInt = (value, fallback, min, max) => {
+  const parsed = Number(value);
+  if (!Number.isFinite(parsed)) return fallback;
+  return Math.max(min, Math.min(max, Math.floor(parsed)));
+};
+const WEB_AUTH_JWT_SECRET = String(process.env.WEB_AUTH_JWT_SECRET || '').trim();
+const WEB_AUTH_JWT_ISSUER = String(process.env.WEB_AUTH_JWT_ISSUER || 'omnizap-system').trim() || 'omnizap-system';
+const WEB_AUTH_JWT_AUDIENCE = String(process.env.WEB_AUTH_JWT_AUDIENCE || 'omnizap-web').trim() || 'omnizap-web';
+const WEB_AUTH_JWT_EXPIRES_IN = String(process.env.WEB_AUTH_JWT_EXPIRES_IN || '7d').trim() || '7d';
+const WEB_AUTH_JWT_DISABLED = parseEnvBool(process.env.WEB_AUTH_JWT_DISABLED, false);
+const isNonEmptyString = (value) => typeof value === 'string' && value.trim().length > 0;
+const normalizeGoogleSubject = (value) =>
+  String(value || '')
+    .trim()
+    .replace(/[^a-zA-Z0-9_-]/g, '')
+    .slice(0, 80);
+const normalizeEmail = (value) =>
+  String(value || '')
+    .trim()
+    .toLowerCase()
+    .slice(0, 255);
+const normalizeJid = (value) =>
+  String(value || '')
+    .trim()
+    .toLowerCase()
+    .slice(0, 255);
+const normalizeName = (value) =>
+  String(value || '')
+    .trim()
+    .slice(0, 120);
+const resolveExpiresIn = ({ expiresInSeconds = null } = {}) => {
+  if (Number.isFinite(Number(expiresInSeconds))) {
+    return clampInt(expiresInSeconds, 60, 60, 60 * 60 * 24 * 365);
+  }
+  return WEB_AUTH_JWT_EXPIRES_IN;
+};
+export const isWebAuthJwtEnabled = () => !WEB_AUTH_JWT_DISABLED && isNonEmptyString(WEB_AUTH_JWT_SECRET);
+export const extractBearerTokenFromRequest = (req) => {
+  const headerValue = req?.headers?.authorization;
+  if (typeof headerValue !== 'string') return '';
+  const trimmed = headerValue.trim();
+  if (!trimmed) return '';
+  const [scheme, token] = trimmed.split(/\s+/, 2);
+  if (!scheme || !token) return '';
+  if (scheme.toLowerCase() !== 'bearer') return '';
+  return token.trim();
+};
+export const signWebAuthJwt = ({ sub = '', sessionToken = '', ownerJid = '', ownerPhone = '', email = '', name = '', authMethod = 'google' } = {}, { expiresInSeconds = null } = {}) => {
+  if (!isWebAuthJwtEnabled()) return '';
+  const normalizedSub = normalizeGoogleSubject(sub);
+  const normalizedSessionToken = String(sessionToken || '')
+    .trim()
+    .slice(0, 36);
+  const normalizedOwnerJid = normalizeJid(ownerJid);
+  const normalizedOwnerPhone = String(ownerPhone || '')
+    .trim()
+    .replace(/\D+/g, '')
+    .slice(0, 20);
+  const normalizedEmail = normalizeEmail(email);
+  const normalizedName = normalizeName(name);
+  if (!normalizedSub) return '';
+  const payload = {
+    sub: normalizedSub,
+    amr:
+      String(authMethod || 'google')
+        .trim()
+        .toLowerCase() || 'google',
+  };
+  if (normalizedSessionToken) payload.sid = normalizedSessionToken;
+  if (normalizedOwnerJid) payload.owner_jid = normalizedOwnerJid;
+  if (normalizedOwnerPhone) payload.owner_phone = normalizedOwnerPhone;
+  if (normalizedEmail) payload.email = normalizedEmail;
+  if (normalizedName) payload.name = normalizedName;
+  return jwt.sign(payload, WEB_AUTH_JWT_SECRET, {
+    issuer: WEB_AUTH_JWT_ISSUER,
+    audience: WEB_AUTH_JWT_AUDIENCE,
+    expiresIn: resolveExpiresIn({ expiresInSeconds }),
+  });
+};
+export const verifyWebAuthJwt = (token) => {
+  if (!isWebAuthJwtEnabled()) return null;
+  const rawToken = String(token || '').trim();
+  if (!rawToken) return null;
+  try {
+    const decoded = jwt.verify(rawToken, WEB_AUTH_JWT_SECRET, {
+      issuer: WEB_AUTH_JWT_ISSUER,
+      audience: WEB_AUTH_JWT_AUDIENCE,
+    });
+    if (!decoded || typeof decoded !== 'object') return null;
+    const normalizedSub = normalizeGoogleSubject(decoded.sub);
+    if (!normalizedSub) return null;
+    return {
+      sub: normalizedSub,
+      sid: String(decoded.sid || '')
+        .trim()
+        .slice(0, 36),
+      owner_jid: normalizeJid(decoded.owner_jid),
+      owner_phone: String(decoded.owner_phone || '')
+        .replace(/\D+/g, '')
+        .slice(0, 20),
+      email: normalizeEmail(decoded.email),
+      name: normalizeName(decoded.name),
+      amr:
+        String(decoded.amr || '')
+          .trim()
+          .toLowerCase() || 'google',
+      exp: Number(decoded.exp || 0),
+      iat: Number(decoded.iat || 0),
+    };
+  } catch {
+    return null;
+  }
+};

package/server/auth/stickerCatalogAuthContext.js ADDED Viewed

@@ -0,0 +1,165 @@
+import { createGoogleWebAuthRuntime, normalizeGoogleSubject } from './googleWebAuth/googleWebAuthRuntime.js';
+import { isWebAuthJwtEnabled, signWebAuthJwt, verifyWebAuthJwt } from './jwt/webJwtService.js';
+import userPasswordAuthService from './userPassword/index.js';
+import { createUserPasswordRecoveryService } from './userPassword/userPasswordRecoveryService.js';
+import { createTermsAcceptanceHandler } from './termsAcceptance/termsAcceptanceHandler.js';
+import { createWebAccountAuthHandlers } from './webAccount/webAccountHandlers.js';
+import { parseTermsAcceptancePayload, parseUserPasswordLoginPayload, parseUserPasswordRecoveryRequestPayload, parseUserPasswordRecoveryVerifyPayload, parseUserPasswordUpsertPayload } from './validation/authSchemas.js';
+export const createStickerCatalogAuthContext = ({ executeQuery, runSqlTransaction, tables, logger, sendJson, readJsonBody, parseCookies, getCookieValuesFromRequest, appendSetCookie, buildCookieString, normalizeEmail, normalizeJid, sanitizeText, toIsoOrNull, toWhatsAppPhoneDigits, resolveWhatsAppOwnerJidFromLoginPayload, assertGoogleIdentityNotBanned, queueAutomatedEmail, queueWelcomeEmail, resolveRequestRemoteIp, toSiteAbsoluteUrl, listStickerPacksByOwner, listStickerPackEngagementByPackIds, mapPackSummary, isPackPubliclyVisible, resolveMyProfileOwnerCandidates, shouldHidePackFromMyProfileDefault, parseEnvBool, clampInt, userProfileWebPath, userPasswordResetWebPath, passwordRecoverySessionAuthMethod, passwordRecoverySessionTtlSeconds, webSessionCookieName, notAllowedErrorCode, stickerWebGoogleClientId, stickerWebGoogleAuthRequired, stickerWebGoogleSessionTtlMs, stickerApiBasePath, stickerWebPath, stickerLoginWebPath, siteOrigin }) => {
+  const enqueueGoogleWebWelcomeEmail = ({ email, name, ownerJid }) => {
+    const normalizedEmail = normalizeEmail(email);
+    if (!normalizedEmail || !normalizedEmail.includes('@')) return;
+    const safeName = sanitizeText(name || '', 80, { allowEmpty: true }) || '';
+    const normalizedOwnerJid = normalizeJid(ownerJid) || null;
+    const idempotencyKey = `google_web_welcome:${normalizedEmail}:${new Date().toISOString().slice(0, 10)}`;
+    void queueWelcomeEmail({
+      to: normalizedEmail,
+      name: safeName,
+      redirectUrl: `${siteOrigin}/user/`,
+      homeUrl: `${siteOrigin}/`,
+      metadata: {
+        trigger: 'google_web_auth',
+        owner_jid: normalizedOwnerJid,
+      },
+      idempotencyKey,
+    }).catch((error) => {
+      logger.warn('Falha ao enfileirar e-mail de boas-vindas pós-login Google Web.', {
+        action: 'google_web_welcome_email_enqueue_failed',
+        email: normalizedEmail,
+        owner_jid: normalizedOwnerJid,
+        error: error?.message,
+      });
+    });
+  };
+  const googleWebAuth = createGoogleWebAuthRuntime({
+    executeQuery,
+    runSqlTransaction,
+    tables,
+    logger,
+    sendJson,
+    readJsonBody,
+    parseCookies,
+    getCookieValuesFromRequest,
+    appendSetCookie,
+    buildCookieString,
+    normalizeEmail,
+    normalizeJid,
+    sanitizeText,
+    toIsoOrNull,
+    toWhatsAppPhoneDigits,
+    resolveWhatsAppOwnerJidFromLoginPayload,
+    assertGoogleIdentityNotBanned,
+    googleClientId: stickerWebGoogleClientId,
+    sessionTtlMs: stickerWebGoogleSessionTtlMs,
+    apiBasePath: stickerApiBasePath,
+    webPath: stickerWebPath,
+    loginWebPath: stickerLoginWebPath,
+    configuredSessionCookiePath: process.env.STICKER_WEB_GOOGLE_SESSION_COOKIE_PATH,
+    notAllowedErrorCode,
+    onGoogleWebSessionCreated: ({ email, name, ownerJid }) => {
+      enqueueGoogleWebWelcomeEmail({ email, name, ownerJid });
+    },
+  });
+  const { upsertGoogleWebUserRecord, resolveGoogleWebSessionFromRequest, mapGoogleSessionResponseData, setGoogleWebSessionCookie, issueAccessTokenForSession, createPersistedGoogleWebSessionFromIdentity, handleGoogleAuthSessionRequest, revokeGoogleWebSessionsByIdentity, buildGoogleOwnerJid } = googleWebAuth;
+  const userPasswordRecoveryService = createUserPasswordRecoveryService({
+    executeQuery,
+    userPasswordAuthService,
+    queueAutomatedEmail,
+    revokeWebSessionsByIdentity: revokeGoogleWebSessionsByIdentity,
+    tables,
+    logger,
+    runSqlTransaction,
+  });
+  const handleTermsAcceptanceRequest = createTermsAcceptanceHandler({
+    executeQuery,
+    tables,
+    logger,
+    sendJson,
+    readJsonBody,
+    parseTermsAcceptancePayload,
+    parseCookies,
+    resolveGoogleWebSessionFromRequest,
+    normalizeGoogleSubject,
+    normalizeEmail,
+    normalizeJid,
+    resolveRequestRemoteIp,
+    sanitizeText,
+    webSessionCookieName,
+  });
+  const { handlePasswordAuthRequest, handlePasswordRecoveryRequest, handlePasswordRecoveryVerifyRequest, handlePasswordRecoverySessionCreateRequest, handlePasswordRecoverySessionStatusRequest, handlePasswordRecoverySessionRequest, handlePasswordRecoverySessionVerifyRequest, handlePasswordLoginRequest, handleMyProfileRequest } = createWebAccountAuthHandlers({
+    sendJson,
+    readJsonBody,
+    logger,
+    parseUserPasswordUpsertPayload,
+    parseUserPasswordRecoveryRequestPayload,
+    parseUserPasswordRecoveryVerifyPayload,
+    parseUserPasswordLoginPayload,
+    resolveGoogleWebSessionFromRequest,
+    mapGoogleSessionResponseData,
+    revokeGoogleWebSessionsByIdentity,
+    createPersistedGoogleWebSessionFromIdentity,
+    setGoogleWebSessionCookie,
+    issueAccessTokenForSession,
+    userPasswordAuthService,
+    userPasswordRecoveryService,
+    resolveRequestRemoteIp,
+    normalizeEmail,
+    normalizeGoogleSubject,
+    normalizeJid,
+    isWebAuthJwtEnabled,
+    signWebAuthJwt,
+    verifyWebAuthJwt,
+    passwordRecoverySessionAuthMethod,
+    passwordRecoverySessionTtlSeconds: passwordRecoverySessionTtlSeconds,
+    userProfileWebPath: userProfileWebPath,
+    userPasswordResetWebPath: userPasswordResetWebPath,
+    toSiteAbsoluteUrl,
+    executeQuery,
+    tables,
+    toIsoOrNull,
+    sanitizeText,
+    listStickerPacksByOwner,
+    listStickerPackEngagementByPackIds,
+    mapPackSummary,
+    isPackPubliclyVisible,
+    resolveMyProfileOwnerCandidates,
+    shouldHidePackFromMyProfileDefault,
+    parseEnvBool,
+    clampInt,
+    stickerWebGoogleClientId,
+    stickerWebGoogleAuthRequired,
+    toWhatsAppPhoneDigits,
+    getActiveSocket: () => globalThis.getActiveSocketBridge?.() || null,
+    profilePictureUrlFromActiveSocket: (jid, type, timeout) => globalThis.profilePictureUrlFromActiveSocketBridge?.(jid, type, timeout) || Promise.resolve(null),
+  });
+  return {
+    upsertGoogleWebUserRecord,
+    resolveGoogleWebSessionFromRequest,
+    mapGoogleSessionResponseData,
+    setGoogleWebSessionCookie,
+    issueAccessTokenForSession,
+    createPersistedGoogleWebSessionFromIdentity,
+    handleGoogleAuthSessionRequest,
+    revokeGoogleWebSessionsByIdentity,
+    buildGoogleOwnerJid,
+    handleTermsAcceptanceRequest,
+    handlePasswordAuthRequest,
+    handlePasswordRecoveryRequest,
+    handlePasswordRecoveryVerifyRequest,
+    handlePasswordRecoverySessionCreateRequest,
+    handlePasswordRecoverySessionStatusRequest,
+    handlePasswordRecoverySessionRequest,
+    handlePasswordRecoverySessionVerifyRequest,
+    handlePasswordLoginRequest,
+    handleMyProfileRequest,
+  };
+};

package/server/auth/termsAcceptance/termsAcceptanceHandler.js ADDED Viewed

@@ -0,0 +1,189 @@
+import { createHash, randomUUID } from 'node:crypto';
+const DEFAULT_LEGAL_VERSION = '2026-03-07';
+const normalizeLegalDocumentKey = (value) =>
+  String(value || '')
+    .trim()
+    .toLowerCase()
+    .replace(/[^a-z0-9_-]/g, '')
+    .slice(0, 64);
+const normalizeLegalDocumentVersion = (value) =>
+  String(value || '')
+    .trim()
+    .slice(0, 64);
+const normalizeTermsAcceptanceSource = (value) =>
+  String(value || '')
+    .trim()
+    .toLowerCase()
+    .replace(/[^a-z0-9_-]/g, '')
+    .slice(0, 32);
+const normalizeTermsAcceptanceSessionKey = (value) =>
+  String(value || '')
+    .trim()
+    .slice(0, 80);
+const normalizeRequestUserAgent = (value) =>
+  String(value || '')
+    .trim()
+    .slice(0, 512) || null;
+const parseAcceptedAtClientDate = (value) => {
+  const parsedAt = Date.parse(String(value || '').trim());
+  if (!Number.isFinite(parsedAt)) return null;
+  return new Date(parsedAt);
+};
+const buildLegalDocumentVersionHash = (documentKey, documentVersion) => createHash('sha256').update(`${documentKey}:${documentVersion}`).digest('hex');
+const defaultSanitizeText = (value, maxLength, { allowEmpty = true } = {}) => {
+  const normalized = String(value || '')
+    .trim()
+    .slice(0, Math.max(0, Number(maxLength) || 0));
+  if (!normalized && !allowEmpty) return '';
+  return normalized;
+};
+export const createTermsAcceptanceHandler = ({ executeQuery, tables, logger, sendJson, readJsonBody, parseTermsAcceptancePayload, parseCookies, resolveGoogleWebSessionFromRequest, normalizeGoogleSubject, normalizeEmail, normalizeJid, resolveRequestRemoteIp, sanitizeText, webSessionCookieName = 'omnizap_sid' }) => {
+  const sanitize = typeof sanitizeText === 'function' ? sanitizeText : defaultSanitizeText;
+  const legalTermsVersion =
+    sanitize(process.env.LEGAL_TERMS_VERSION || DEFAULT_LEGAL_VERSION, 64, {
+      allowEmpty: false,
+    }) || DEFAULT_LEGAL_VERSION;
+  const legalPrivacyVersion =
+    sanitize(process.env.LEGAL_PRIVACY_VERSION || DEFAULT_LEGAL_VERSION, 64, {
+      allowEmpty: false,
+    }) || DEFAULT_LEGAL_VERSION;
+  const legalAupVersion =
+    sanitize(process.env.LEGAL_AUP_VERSION || DEFAULT_LEGAL_VERSION, 64, {
+      allowEmpty: false,
+    }) || DEFAULT_LEGAL_VERSION;
+  const legalDefaultAcceptanceSource =
+    sanitize(process.env.LEGAL_TERMS_ACCEPTANCE_SOURCE || 'login_web', 32, {
+      allowEmpty: false,
+    }) || 'login_web';
+  const legalDocumentRegistry = Object.freeze({
+    termos_de_uso: legalTermsVersion,
+    politica_de_privacidade: legalPrivacyVersion,
+    politica_uso_aceitavel: legalAupVersion,
+  });
+  const resolveTermsAcceptanceDocuments = (documents = []) => {
+    const uniqueByVersion = new Map();
+    for (const doc of Array.isArray(documents) ? documents : []) {
+      const documentKey = normalizeLegalDocumentKey(doc?.document_key);
+      if (!documentKey) continue;
+      const fallbackVersion = legalDocumentRegistry[documentKey] || '';
+      const documentVersion = normalizeLegalDocumentVersion(doc?.document_version) || fallbackVersion;
+      if (!documentVersion) continue;
+      const uniqueKey = `${documentKey}:${documentVersion}`;
+      if (uniqueByVersion.has(uniqueKey)) continue;
+      uniqueByVersion.set(uniqueKey, {
+        documentKey,
+        documentVersion,
+        documentVersionHash: buildLegalDocumentVersionHash(documentKey, documentVersion),
+        isCurrentVersion: fallbackVersion ? fallbackVersion === documentVersion : false,
+      });
+    }
+    return Array.from(uniqueByVersion.values());
+  };
+  return async (req, res) => {
+    if (req.method !== 'POST') {
+      sendJson(req, res, 405, { error: 'Metodo nao permitido.' });
+      return;
+    }
+    let payload = {};
+    try {
+      payload = await readJsonBody(req);
+    } catch (error) {
+      sendJson(req, res, Number(error?.statusCode || 400), {
+        error: error?.message || 'Body invalido.',
+      });
+      return;
+    }
+    try {
+      payload = parseTermsAcceptancePayload(payload);
+    } catch (error) {
+      sendJson(req, res, Number(error?.statusCode || 400), {
+        error: error?.message || 'Payload de aceite juridico invalido.',
+        code: error?.code || 'INVALID_PAYLOAD',
+        details: Array.isArray(error?.details) ? error.details : undefined,
+      });
+      return;
+    }
+    const acceptedDocuments = resolveTermsAcceptanceDocuments(payload.documents);
+    if (!acceptedDocuments.length) {
+      sendJson(req, res, 400, {
+        error: 'Nenhum documento valido para registrar aceite.',
+        code: 'TERMS_ACCEPTANCE_EMPTY',
+      });
+      return;
+    }
+    const source = normalizeTermsAcceptanceSource(payload.source) || legalDefaultAcceptanceSource;
+    const acceptedAt = new Date();
+    const acceptedAtClient = parseAcceptedAtClientDate(payload.accepted_at);
+    const cookies = parseCookies(req);
+    const sessionKey = normalizeTermsAcceptanceSessionKey(cookies[webSessionCookieName] || '');
+    const remoteIp = resolveRequestRemoteIp(req);
+    const userAgent = normalizeRequestUserAgent(req.headers?.['user-agent'] || '');
+    const session = await resolveGoogleWebSessionFromRequest(req).catch(() => null);
+    const normalizedGoogleSub = normalizeGoogleSubject(session?.sub || '');
+    const normalizedEmail = normalizeEmail(session?.email || '');
+    const normalizedOwnerJid = normalizeJid(session?.ownerJid || '') || '';
+    const metadata = JSON.stringify({
+      accepted: true,
+      context: payload.context || null,
+      legal_document_registry: legalDocumentRegistry,
+    });
+    const valueRows = acceptedDocuments.map(() => '(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)').join(', ');
+    const params = [];
+    for (const doc of acceptedDocuments) {
+      params.push(randomUUID(), doc.documentKey, doc.documentVersion, doc.documentVersionHash, acceptedAt, acceptedAtClient, source, normalizedGoogleSub || null, normalizedEmail || null, normalizedOwnerJid || null, sessionKey || null, remoteIp || null, userAgent, metadata);
+    }
+    try {
+      await executeQuery(
+        `INSERT INTO ${tables.STICKER_WEB_TERMS_ACCEPTANCE_EVENT}
+          (event_id, document_key, document_version, document_version_hash, accepted_at, accepted_at_client, source, google_sub, email, owner_jid, session_key, ip_address, user_agent, metadata)
+         VALUES ${valueRows}`,
+        params,
+      );
+      sendJson(req, res, 201, {
+        data: {
+          accepted: true,
+          source,
+          accepted_at: acceptedAt.toISOString(),
+          accepted_documents: acceptedDocuments.map((doc) => ({
+            document_key: doc.documentKey,
+            document_version: doc.documentVersion,
+            document_version_hash: doc.documentVersionHash,
+            current_version: doc.isCurrentVersion,
+          })),
+        },
+      });
+    } catch (error) {
+      logger.warn('Falha ao registrar aceite juridico versionado.', {
+        action: 'web_terms_acceptance_insert_failed',
+        error: error?.message,
+        source,
+        document_count: acceptedDocuments.length,
+      });
+      sendJson(req, res, Number(error?.statusCode || 500), {
+        error: 'Falha ao registrar aceite juridico.',
+        code: 'TERMS_ACCEPTANCE_INSERT_FAILED',
+      });
+    }
+  };
+};

package/server/auth/userPassword/index.js ADDED Viewed

@@ -0,0 +1,14 @@
+import { executeQuery, TABLES } from '../../../database/index.js';
+import logger from '#logger';
+import { createUserPasswordAuthService } from './userPasswordAuthService.js';
+const userPasswordAuthService = createUserPasswordAuthService({
+  executeQuery,
+  tables: TABLES,
+  logger,
+});
+export default userPasswordAuthService;
+export { createUserPasswordAuthService };
+export { DEFAULT_USER_PASSWORD_POLICY, hashUserPassword, resolveUserPasswordPolicy, validateUserPassword, verifyUserPasswordHash } from './userPasswordCrypto.js';