npm - @omnizap-system/omnizap - Versions diffs - 2.5.12 - Mend

@omnizap-system/omnizap 2.5.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (425) hide show

package/.clusterfuzzlite/Dockerfile +10 -0
package/.env.example +907 -0
package/.github/codeql/codeql-config.yml +10 -0
package/.github/dependabot.yml +35 -0
package/.github/workflows/ci.yml +73 -0
package/.github/workflows/codeql.yml +106 -0
package/.github/workflows/db-migration-check.yml +98 -0
package/.github/workflows/dependency-review.yml +22 -0
package/.github/workflows/deploy.yml +95 -0
package/.github/workflows/release.yml +106 -0
package/.github/workflows/security-attest-provenance.yml +51 -0
package/.github/workflows/security-gitleaks.yml +34 -0
package/.github/workflows/security-runner-hardening.yml +31 -0
package/.github/workflows/security-scorecard.yml +44 -0
package/.github/workflows/security-zap-baseline.yml +44 -0
package/.github/workflows/security-zap-full-scan.yml +43 -0
package/.github/workflows/security-zizmor.yml +36 -0
package/.github/workflows/wiki-sync.yml +44 -0
package/.gitleaks.toml +15 -0
package/.prettierrc +34 -0
package/CODE_OF_CONDUCT.md +114 -0
package/LICENSE +56 -0
package/README.md +110 -0
package/SECURITY.md +110 -0
package/app/config/index.js +4 -0
package/app/configParts/adminIdentity.js +92 -0
package/app/configParts/baileysConfig.js +1818 -0
package/app/configParts/groupUtils.js +692 -0
package/app/configParts/loggerConfig.js +394 -0
package/app/configParts/messagePersistenceService.js +305 -0
package/app/connection/baileysCompatibility.test.js +40 -0
package/app/connection/baileysDbAuthState.js +344 -0
package/app/connection/socketController.js +2243 -0
package/app/controllers/messageController.js +7 -0
package/app/controllers/messagePipeline/commandMiddleware.js +146 -0
package/app/controllers/messagePipeline/conversationMiddleware.js +183 -0
package/app/controllers/messagePipeline/messagePipelineMiddlewares.test.js +522 -0
package/app/controllers/messagePipeline/postProcessingMiddleware.js +41 -0
package/app/controllers/messagePipeline/preProcessingMiddlewares.js +166 -0
package/app/controllers/messageProcessingPipeline.js +699 -0
package/app/modules/adminModule/AGENT.md +4056 -0
package/app/modules/adminModule/adminAiHelpService.js +56 -0
package/app/modules/adminModule/adminConfigRuntime.js +177 -0
package/app/modules/adminModule/commandConfig.json +7122 -0
package/app/modules/adminModule/groupCommandHandlers.js +1823 -0
package/app/modules/adminModule/groupCommandHandlers.test.js +350 -0
package/app/modules/adminModule/groupEventHandlers.js +399 -0
package/app/modules/aiModule/AGENT.md +547 -0
package/app/modules/aiModule/aiAiHelpService.js +14 -0
package/app/modules/aiModule/aiConfigRuntime.js +135 -0
package/app/modules/aiModule/catCommand.js +967 -0
package/app/modules/aiModule/commandConfig.json +981 -0
package/app/modules/analyticsModule/messageAnalysisEventRepository.js +83 -0
package/app/modules/gameModule/AGENT.md +196 -0
package/app/modules/gameModule/commandConfig.json +366 -0
package/app/modules/gameModule/diceCommand.js +42 -0
package/app/modules/gameModule/gameAiHelpService.js +14 -0
package/app/modules/gameModule/gameConfigRuntime.js +68 -0
package/app/modules/menuModule/AGENT.md +205 -0
package/app/modules/menuModule/commandConfig.json +366 -0
package/app/modules/menuModule/common.js +316 -0
package/app/modules/menuModule/menuAiHelpService.js +14 -0
package/app/modules/menuModule/menuConfigRuntime.js +68 -0
package/app/modules/menuModule/menus.js +66 -0
package/app/modules/playModule/AGENT.md +321 -0
package/app/modules/playModule/commandConfig.json +584 -0
package/app/modules/playModule/playAiHelpService.js +14 -0
package/app/modules/playModule/playCommand.js +1417 -0
package/app/modules/playModule/playConfigRuntime.js +68 -0
package/app/modules/quoteModule/AGENT.md +199 -0
package/app/modules/quoteModule/commandConfig.json +366 -0
package/app/modules/quoteModule/quoteAiHelpService.js +14 -0
package/app/modules/quoteModule/quoteCommand.js +842 -0
package/app/modules/quoteModule/quoteConfigRuntime.js +68 -0
package/app/modules/rpgPokemonModule/AGENT.md +229 -0
package/app/modules/rpgPokemonModule/commandConfig.json +386 -0
package/app/modules/rpgPokemonModule/rpgBattleCanvasRenderer.js +795 -0
package/app/modules/rpgPokemonModule/rpgBattleService.js +2110 -0
package/app/modules/rpgPokemonModule/rpgBattleService.test.js +770 -0
package/app/modules/rpgPokemonModule/rpgEvolutionUtils.js +22 -0
package/app/modules/rpgPokemonModule/rpgPokemonAiHelpService.js +14 -0
package/app/modules/rpgPokemonModule/rpgPokemonCommand.js +174 -0
package/app/modules/rpgPokemonModule/rpgPokemonConfigRuntime.js +68 -0
package/app/modules/rpgPokemonModule/rpgPokemonDomain.js +192 -0
package/app/modules/rpgPokemonModule/rpgPokemonDomain.test.js +93 -0
package/app/modules/rpgPokemonModule/rpgPokemonEvolution.test.js +46 -0
package/app/modules/rpgPokemonModule/rpgPokemonMessages.js +746 -0
package/app/modules/rpgPokemonModule/rpgPokemonRepository.js +1847 -0
package/app/modules/rpgPokemonModule/rpgPokemonService.js +6839 -0
package/app/modules/rpgPokemonModule/rpgProfileCanvasRenderer.js +354 -0
package/app/modules/statsModule/AGENT.md +320 -0
package/app/modules/statsModule/commandConfig.json +540 -0
package/app/modules/statsModule/globalRankingCommand.js +64 -0
package/app/modules/statsModule/rankingCommand.js +41 -0
package/app/modules/statsModule/rankingCommon.js +1305 -0
package/app/modules/statsModule/statsAiHelpService.js +14 -0
package/app/modules/statsModule/statsConfigRuntime.js +68 -0
package/app/modules/stickerModule/AGENT.md +692 -0
package/app/modules/stickerModule/addStickerMetadata.js +239 -0
package/app/modules/stickerModule/commandConfig.json +1216 -0
package/app/modules/stickerModule/convertToWebp.js +367 -0
package/app/modules/stickerModule/stickerAiHelpService.js +14 -0
package/app/modules/stickerModule/stickerCommand.js +446 -0
package/app/modules/stickerModule/stickerConfigRuntime.js +68 -0
package/app/modules/stickerModule/stickerConvertCommand.js +159 -0
package/app/modules/stickerModule/stickerTextCommand.js +653 -0
package/app/modules/stickerPackModule/AGENT.md +215 -0
package/app/modules/stickerPackModule/autoPackCollectorRuntime.js +20 -0
package/app/modules/stickerPackModule/autoPackCollectorService.js +357 -0
package/app/modules/stickerPackModule/commandConfig.json +387 -0
package/app/modules/stickerPackModule/domainEventOutboxRepository.js +227 -0
package/app/modules/stickerPackModule/domainEvents.js +52 -0
package/app/modules/stickerPackModule/semanticReclassificationEngine.js +429 -0
package/app/modules/stickerPackModule/semanticReclassificationEngine.test.js +75 -0
package/app/modules/stickerPackModule/semanticThemeClusterService.js +544 -0
package/app/modules/stickerPackModule/stickerAssetClassificationRepository.js +400 -0
package/app/modules/stickerPackModule/stickerAssetRepository.js +400 -0
package/app/modules/stickerPackModule/stickerAssetReprocessQueueRepository.js +175 -0
package/app/modules/stickerPackModule/stickerAutoPackByTagsRuntime.js +3702 -0
package/app/modules/stickerPackModule/stickerClassificationBackgroundRuntime.js +559 -0
package/app/modules/stickerPackModule/stickerClassificationService.js +557 -0
package/app/modules/stickerPackModule/stickerDedicatedTaskWorkerRuntime.js +249 -0
package/app/modules/stickerPackModule/stickerDomainEventBus.js +65 -0
package/app/modules/stickerPackModule/stickerDomainEventConsumerRuntime.js +208 -0
package/app/modules/stickerPackModule/stickerMarketplaceDriftService.js +99 -0
package/app/modules/stickerPackModule/stickerObjectStorageService.js +285 -0
package/app/modules/stickerPackModule/stickerPackAiHelpService.js +14 -0
package/app/modules/stickerPackModule/stickerPackCommandHandlers.js +1148 -0
package/app/modules/stickerPackModule/stickerPackConfigRuntime.js +68 -0
package/app/modules/stickerPackModule/stickerPackEngagementRepository.js +152 -0
package/app/modules/stickerPackModule/stickerPackErrors.js +30 -0
package/app/modules/stickerPackModule/stickerPackInteractionEventRepository.js +101 -0
package/app/modules/stickerPackModule/stickerPackItemRepository.js +432 -0
package/app/modules/stickerPackModule/stickerPackMarketplaceService.js +313 -0
package/app/modules/stickerPackModule/stickerPackMessageService.js +268 -0
package/app/modules/stickerPackModule/stickerPackRepository.js +450 -0
package/app/modules/stickerPackModule/stickerPackScoreSnapshotRepository.js +179 -0
package/app/modules/stickerPackModule/stickerPackScoreSnapshotRuntime.js +271 -0
package/app/modules/stickerPackModule/stickerPackService.js +733 -0
package/app/modules/stickerPackModule/stickerPackServiceRuntime.js +32 -0
package/app/modules/stickerPackModule/stickerPackUtils.js +107 -0
package/app/modules/stickerPackModule/stickerStorageService.js +559 -0
package/app/modules/stickerPackModule/stickerWorkerPipelineRuntime.js +242 -0
package/app/modules/stickerPackModule/stickerWorkerTaskQueueRepository.js +242 -0
package/app/modules/systemMetricsModule/AGENT.md +193 -0
package/app/modules/systemMetricsModule/commandConfig.json +344 -0
package/app/modules/systemMetricsModule/pingCommand.js +399 -0
package/app/modules/systemMetricsModule/systemMetricsAiHelpService.js +14 -0
package/app/modules/systemMetricsModule/systemMetricsConfigRuntime.js +68 -0
package/app/modules/tiktokModule/AGENT.md +196 -0
package/app/modules/tiktokModule/commandConfig.json +366 -0
package/app/modules/tiktokModule/tiktokAiHelpService.js +14 -0
package/app/modules/tiktokModule/tiktokCommand.js +716 -0
package/app/modules/tiktokModule/tiktokConfigRuntime.js +68 -0
package/app/modules/userModule/AGENT.md +200 -0
package/app/modules/userModule/commandConfig.json +386 -0
package/app/modules/userModule/userAiHelpService.js +14 -0
package/app/modules/userModule/userCommand.js +1155 -0
package/app/modules/userModule/userConfigRuntime.js +68 -0
package/app/modules/waifuPicsModule/AGENT.md +431 -0
package/app/modules/waifuPicsModule/commandConfig.json +780 -0
package/app/modules/waifuPicsModule/waifuPicsAiHelpService.js +14 -0
package/app/modules/waifuPicsModule/waifuPicsCommand.js +586 -0
package/app/modules/waifuPicsModule/waifuPicsConfigRuntime.js +68 -0
package/app/observability/metrics.js +766 -0
package/app/services/ai/aiHelpResponseCacheRepository.js +280 -0
package/app/services/ai/aiLearningRepository.js +400 -0
package/app/services/ai/commandConfigEnrichmentRepository.js +769 -0
package/app/services/ai/commandConfigEnrichmentService.js +452 -0
package/app/services/ai/commandConfigValidationService.js +443 -0
package/app/services/ai/commandToolBuilderService.js +192 -0
package/app/services/ai/conversationRouterService.js +516 -0
package/app/services/ai/geminiService.js +115 -0
package/app/services/ai/geminiService.test.js +87 -0
package/app/services/ai/globalModuleAiHelpService.js +1412 -0
package/app/services/ai/globalToolCallingService.js +203 -0
package/app/services/ai/messageCommandExecutionService.js +391 -0
package/app/services/ai/moduleAiHelpCoreService.js +1099 -0
package/app/services/ai/moduleAiHelpWrapperFactory.js +65 -0
package/app/services/ai/moduleCommandConfigRuntimeService.js +113 -0
package/app/services/ai/moduleToolExecutorService.js +464 -0
package/app/services/ai/moduleToolRegistryService.js +178 -0
package/app/services/ai/toolCandidateSelectorService.js +781 -0
package/app/services/auth/googleWebLinkService.js +80 -0
package/app/services/auth/whatsappLoginLinkService.js +230 -0
package/app/services/external/pokeApiService.js +398 -0
package/app/services/group/groupMetadataService.js +311 -0
package/app/services/infra/dbWriteQueue.js +874 -0
package/app/services/infra/featureFlagService.js +131 -0
package/app/services/infra/queueUtils.js +55 -0
package/app/services/messaging/captchaService.js +491 -0
package/app/services/messaging/messagePersistenceService.js +1 -0
package/app/services/messaging/newsBroadcastService.js +347 -0
package/app/services/sticker/stickerFocusService.js +347 -0
package/app/services/sticker/stickerFocusService.test.js +43 -0
package/app/store/aiPromptStore.js +38 -0
package/app/store/conversationSessionStore.js +131 -0
package/app/store/groupConfigStore.js +58 -0
package/app/store/premiumUserStore.js +54 -0
package/app/utils/antiLink/antiLinkModule.js +700 -0
package/app/utils/http/getImageBufferModule.js +18 -0
package/app/utils/json/jsonSanitizer.js +113 -0
package/app/utils/json/jsonSanitizer.test.js +40 -0
package/app/utils/systemMetrics/systemMetricsModule.js +88 -0
package/app/workers/aiLearningWorker.js +605 -0
package/app/workers/commandConfigEnrichmentWorker.js +242 -0
package/database/index.js +2075 -0
package/database/init.js +151 -0
package/database/migrations/.gitkeep +0 -0
package/database/migrations/20260307_d0_hardening_down.sql +64 -0
package/database/migrations/20260307_d0_hardening_up.sql +79 -0
package/database/migrations/20260307_d1_terms_acceptance_down.sql +11 -0
package/database/migrations/20260307_d1_terms_acceptance_up.sql +37 -0
package/database/migrations/20260307_d2_auth_hardening_down.sql +75 -0
package/database/migrations/20260307_d2_auth_hardening_up.sql +100 -0
package/database/migrations/20260314_d7_canonical_sender_down.sql +53 -0
package/database/migrations/20260314_d7_canonical_sender_up.sql +114 -0
package/database/migrations/20260406_d30_security_analytics_down.sql +95 -0
package/database/migrations/20260406_d30_security_analytics_up.sql +292 -0
package/database/migrations/20260407_d31_web_google_session_token_hardening_down.sql +2 -0
package/database/migrations/20260407_d31_web_google_session_token_hardening_up.sql +17 -0
package/database/migrations/20260408_d32_ai_help_response_cache_down.sql +1 -0
package/database/migrations/20260408_d32_ai_help_response_cache_up.sql +22 -0
package/database/migrations/20260409_d33_ai_learning_tables_down.sql +4 -0
package/database/migrations/20260409_d33_ai_learning_tables_up.sql +52 -0
package/database/migrations/20260410_d34_command_config_enrichment_down.sql +3 -0
package/database/migrations/20260410_d34_command_config_enrichment_up.sql +48 -0
package/database/schema.sql +1186 -0
package/docker-compose.yml +104 -0
package/docs/audits/stickerCatalogController-out-of-scope.md +103 -0
package/docs/audits/stickerCatalogController-symbols.md +58 -0
package/docs/compliance/acceptable-use-policy-2026-03-07.md +35 -0
package/docs/compliance/dpa-b2b-standard-2026-03-07.md +80 -0
package/docs/compliance/monthly-compliance-checklist-2026-03-07.md +88 -0
package/docs/compliance/notice-and-takedown-policy-2026-03-07.md +34 -0
package/docs/compliance/privacy-policy-2026-03-07.md +75 -0
package/docs/compliance/subprocessors-inventory-2026-03-07.md +16 -0
package/docs/database/production-db-evolution-runbook-2026q1.md +365 -0
package/docs/security/dsar-lgpd-runbook-2026-03-07.md +86 -0
package/docs/security/incident-response-lgpd-anpd-runbook-2026-03-07.md +77 -0
package/docs/security/network-hardening-runbook-2026-03-07.md +137 -0
package/docs/seo/omnizap-seo-playbook-br-2026-02-28.md +238 -0
package/docs/seo/satellite-page-template.md +116 -0
package/docs/seo/satellite-pages-phase1.json +364 -0
package/docs/wiki/Home.md +120 -0
package/docs/wiki/pair-extraordinaire-2026-03-08.md +3 -0
package/docs/wiki/recent-changes-2026-03-08.md +47 -0
package/ecosystem.prod.config.cjs +135 -0
package/eslint.config.js +89 -0
package/index.js +488 -0
package/ml/clip_classifier/Dockerfile +18 -0
package/ml/clip_classifier/README.md +118 -0
package/ml/clip_classifier/adaptive_scoring.py +40 -0
package/ml/clip_classifier/classifier.py +654 -0
package/ml/clip_classifier/embedding_store.py +481 -0
package/ml/clip_classifier/env_loader.py +15 -0
package/ml/clip_classifier/llm_label_expander.py +144 -0
package/ml/clip_classifier/main.py +213 -0
package/ml/clip_classifier/requirements.txt +10 -0
package/ml/clip_classifier/similarity_engine.py +74 -0
package/new-logo.png +0 -0
package/observability/alert-rules.yml +60 -0
package/observability/grafana/dashboards/omnizap-mysql.json +136 -0
package/observability/grafana/dashboards/omnizap-overview.json +170 -0
package/observability/grafana/provisioning/dashboards/dashboards.yml +11 -0
package/observability/grafana/provisioning/datasources/datasources.yml +15 -0
package/observability/loki-config.yml +38 -0
package/observability/mysql-setup.sql +46 -0
package/observability/prometheus.yml +35 -0
package/observability/promtail-config.yml +84 -0
package/observability/sticker-catalog-slo.md +83 -0
package/observability/sticker-scale-hardening-rollout.md +128 -0
package/package.json +144 -0
package/public/apple-touch-icon.png +0 -0
package/public/assets/css/commands-react.input.css +71 -0
package/public/assets/css/create-pack-react.input.css +31 -0
package/public/assets/css/home-react.input.css +106 -0
package/public/assets/css/login-react.input.css +58 -0
package/public/assets/css/stickers-react.input.css +18 -0
package/public/assets/css/terms-react.input.css +115 -0
package/public/assets/css/user-react.input.css +57 -0
package/public/assets/images/brand-icon-192.png +0 -0
package/public/assets/images/brand-logo-128.webp +0 -0
package/public/assets/images/hero-banner-1280.jpg +0 -0
package/public/comandos/commands-catalog.json +4517 -0
package/public/css/api-docs.css +161 -0
package/public/css/stickers-admin.css +1288 -0
package/public/css/styles.css +679 -0
package/public/css/systemadm/admin.css +474 -0
package/public/css/systemadm/base.css +73 -0
package/public/css/systemadm/components.css +662 -0
package/public/css/systemadm/layout.css +229 -0
package/public/css/systemadm/tokens.css +56 -0
package/public/favicon-16x16.png +0 -0
package/public/favicon-32x32.png +0 -0
package/public/favicon.ico +0 -0
package/public/js/apps/apiDocsApp.js +235 -0
package/public/js/apps/commandsReactApp.js +528 -0
package/public/js/apps/createPackApp.js +1646 -0
package/public/js/apps/homeReactApp.js +942 -0
package/public/js/apps/loginReactApp.js +496 -0
package/public/js/apps/stickersAdminApp.js +1753 -0
package/public/js/apps/stickersApp.js +3797 -0
package/public/js/apps/termsReactApp.js +528 -0
package/public/js/apps/userApp.js +2540 -0
package/public/js/apps/userProfile/actions.js +66 -0
package/public/js/apps/userReactApp.js +547 -0
package/public/js/catalog.js +950 -0
package/public/pages/api-docs.html +40 -0
package/public/pages/aup.html +158 -0
package/public/pages/comandos.html +41 -0
package/public/pages/dpa.html +227 -0
package/public/pages/home.html +45 -0
package/public/pages/licenca.html +182 -0
package/public/pages/login.html +40 -0
package/public/pages/notice-and-takedown.html +234 -0
package/public/pages/politica-de-privacidade.html +251 -0
package/public/pages/seo-bot-whatsapp-para-grupo.html +350 -0
package/public/pages/seo-bot-whatsapp-sem-programar.html +350 -0
package/public/pages/seo-como-automatizar-avisos-no-whatsapp.html +350 -0
package/public/pages/seo-como-criar-comandos-whatsapp.html +350 -0
package/public/pages/seo-como-evitar-spam-no-whatsapp.html +350 -0
package/public/pages/seo-como-moderar-grupo-whatsapp.html +350 -0
package/public/pages/seo-como-organizar-comunidade-whatsapp.html +350 -0
package/public/pages/seo-melhor-bot-whatsapp-para-grupos.html +350 -0
package/public/pages/stickers-admin.html +31 -0
package/public/pages/stickers-create.html +41 -0
package/public/pages/stickers.html +45 -0
package/public/pages/suboperadores.html +237 -0
package/public/pages/termos-de-uso-texto-integral.html +241 -0
package/public/pages/termos-de-uso.html +41 -0
package/public/pages/user-password-reset.html +32 -0
package/public/pages/user-systemadm.html +508 -0
package/public/pages/user.html +39 -0
package/public/robots.txt +9 -0
package/public/site.webmanifest +24 -0
package/public/sitemap.xml +98 -0
package/schemas/command-config.schema.json +582 -0
package/scripts/baileys-compat-smoke.mjs +12 -0
package/scripts/cache-bust.mjs +142 -0
package/scripts/deploy.sh +916 -0
package/scripts/email-broadcast-terms-update.mjs +170 -0
package/scripts/enrich-command-discovery-fields.mjs +286 -0
package/scripts/generate-command-config-schema.mjs +273 -0
package/scripts/generate-commands-catalog.mjs +308 -0
package/scripts/generate-module-agents.mjs +631 -0
package/scripts/generate-seo-satellite-pages.mjs +400 -0
package/scripts/github-deploy-notify.mjs +174 -0
package/scripts/github-release-notify.mjs +219 -0
package/scripts/release.sh +599 -0
package/scripts/run-codeql-local.sh +116 -0
package/scripts/run-prettier-all.mjs +25 -0
package/scripts/security-smoketest.mjs +581 -0
package/scripts/sticker-catalog-loadtest.mjs +210 -0
package/scripts/sticker-worker-task.mjs +119 -0
package/scripts/sync-readme-snapshot.mjs +133 -0
package/scripts/validate-command-config-schema.mjs +130 -0
package/scripts/validate-command-configs.mjs +15 -0
package/scripts/wiki-sync.sh +191 -0
package/server/auth/googleWebAuth/googleWebAuthRuntime.js +62 -0
package/server/auth/googleWebAuth/googleWebAuthService.js +807 -0
package/server/auth/jwt/webJwtService.js +147 -0
package/server/auth/stickerCatalogAuthContext.js +165 -0
package/server/auth/termsAcceptance/termsAcceptanceHandler.js +189 -0
package/server/auth/userPassword/index.js +14 -0
package/server/auth/userPassword/userPasswordAuthService.js +422 -0
package/server/auth/userPassword/userPasswordCrypto.js +199 -0
package/server/auth/userPassword/userPasswordCrypto.test.js +76 -0
package/server/auth/userPassword/userPasswordRecoveryService.js +728 -0
package/server/auth/validation/authSchemas.js +236 -0
package/server/auth/webAccount/webAccountHandlers.js +1434 -0
package/server/controllers/admin/adminBanService.js +138 -0
package/server/controllers/admin/adminPanelHandlers.js +2083 -0
package/server/controllers/admin/stickerCatalogAdminContext.js +17 -0
package/server/controllers/admin/systemAdminController.js +201 -0
package/server/controllers/email/emailAutomationController.js +239 -0
package/server/controllers/metricsController.js +21 -0
package/server/controllers/seo/stickerCatalogSeoContext.js +514 -0
package/server/controllers/sticker/nonCatalogHandlers.js +303 -0
package/server/controllers/sticker/stickerCatalogController.js +4700 -0
package/server/controllers/system/contactController.js +115 -0
package/server/controllers/system/githubController.js +137 -0
package/server/controllers/system/stickerCatalogSystemContext.js +758 -0
package/server/controllers/system/storageController.js +154 -0
package/server/controllers/system/systemController.js +135 -0
package/server/controllers/system/systemMetricsController.js +156 -0
package/server/controllers/system/visitController.js +90 -0
package/server/controllers/userController.js +145 -0
package/server/email/emailAutomationRuntime.js +225 -0
package/server/email/emailAutomationService.js +125 -0
package/server/email/emailOutboxRepository.js +282 -0
package/server/email/emailTemplateService.js +480 -0
package/server/email/emailTransportService.js +156 -0
package/server/http/clientIp.js +95 -0
package/server/http/httpRequestUtils.js +262 -0
package/server/http/httpRequestUtils.test.js +80 -0
package/server/http/httpServer.js +180 -0
package/server/http/requestContext.js +20 -0
package/server/http/siteRoutingUtils.js +87 -0
package/server/index.js +1 -0
package/server/middleware/cachePolicy.js +26 -0
package/server/middleware/cachePolicyHelpers.js +1 -0
package/server/middleware/endpointRateLimit.js +181 -0
package/server/middleware/rateLimit.js +70 -0
package/server/middleware/requireAdminAuth.js +48 -0
package/server/middleware/securityHeaders.js +97 -0
package/server/routes/admin/systemAdminRouter.js +64 -0
package/server/routes/email/emailAutomationRouter.js +46 -0
package/server/routes/health/healthRouter.js +41 -0
package/server/routes/indexRouter.js +234 -0
package/server/routes/metrics/metricsRouter.js +58 -0
package/server/routes/static/staticPageRouter.js +134 -0
package/server/routes/sticker/catalogHandlers/catalogAdminHttp.js +105 -0
package/server/routes/sticker/catalogHandlers/catalogAuthHttp.js +77 -0
package/server/routes/sticker/catalogHandlers/catalogPublicHttp.js +120 -0
package/server/routes/sticker/catalogHandlers/catalogUploadHttp.js +83 -0
package/server/routes/sticker/catalogRouter.js +77 -0
package/server/routes/sticker/stickerApiRouter.js +84 -0
package/server/routes/sticker/stickerDataRouter.js +145 -0
package/server/routes/sticker/stickerSiteRouter.js +43 -0
package/server/routes/user/userApiPaths.js +66 -0
package/server/routes/user/userRouter.js +65 -0
package/server/utils/safePath.js +26 -0
package/utils/logger/loggerModule.js +35 -0
package/vite.config.mjs +38 -0

package/server/email/emailTemplateService.js ADDED Viewed

@@ -0,0 +1,480 @@
+const DEFAULT_SITE_ORIGIN = 'https://omnizap.shop';
+const DEFAULT_BRAND_NAME = 'OmniZap';
+const resolveSiteOrigin = () =>
+  String(process.env.SITE_ORIGIN || process.env.WHATSAPP_LOGIN_BASE_URL || DEFAULT_SITE_ORIGIN)
+    .trim()
+    .replace(/\/+$/, '') || DEFAULT_SITE_ORIGIN;
+const normalizeTemplateKey = (value) =>
+  String(value || '')
+    .trim()
+    .toLowerCase()
+    .replace(/[^a-z0-9_:-]/g, '')
+    .slice(0, 64);
+const normalizeText = (value, maxLength = 500) =>
+  String(value || '')
+    .trim()
+    .slice(0, maxLength);
+const escapeHtml = (value) =>
+  String(value || '')
+    .replace(/&/g, '&amp;')
+    .replace(/</g, '&lt;')
+    .replace(/>/g, '&gt;')
+    .replace(/"/g, '&quot;')
+    .replace(/'/g, '&#39;');
+const normalizeHttpUrl = (value, fallback = '') => {
+  const normalized = String(value || '')
+    .trim()
+    .replace(/\s+/g, '');
+  if (!normalized) return fallback;
+  if (!/^https?:\/\//i.test(normalized)) return fallback;
+  return normalized.slice(0, 2_000);
+};
+const normalizeEmailAddress = (value) => {
+  const raw = String(value || '').trim();
+  if (!raw) return '';
+  const betweenAngles = raw.match(/<([^>]+)>/);
+  const candidate = String(betweenAngles?.[1] || raw)
+    .trim()
+    .replace(/^mailto:/i, '');
+  if (!candidate.includes('@')) return '';
+  return candidate.slice(0, 255);
+};
+const normalizePhoneDigits = (value, maxLength = 20) =>
+  String(value || '')
+    .replace(/\D+/g, '')
+    .slice(0, maxLength);
+const isLikelyPhoneDigits = (digits) => {
+  const normalized = normalizePhoneDigits(digits, 20);
+  return normalized.length >= 10 && normalized.length <= 15;
+};
+const formatPhonePn = (digits) => {
+  const normalized = normalizePhoneDigits(digits, 20);
+  if (!normalized) return '';
+  if (normalized.length === 13 && normalized.startsWith('55')) {
+    return `+${normalized.slice(0, 2)} ${normalized.slice(2, 4)} ${normalized.slice(4, 9)}-${normalized.slice(9, 13)}`;
+  }
+  if (normalized.length === 12 && normalized.startsWith('55')) {
+    return `+${normalized.slice(0, 2)} ${normalized.slice(2, 4)} ${normalized.slice(4, 8)}-${normalized.slice(8, 12)}`;
+  }
+  return `+${normalized}`;
+};
+const resolveBrandConfig = (payload = {}) => {
+  const siteOrigin = normalizeHttpUrl(payload?.siteOrigin || resolveSiteOrigin(), resolveSiteOrigin());
+  const supportFallback = `${siteOrigin}/termos-de-uso/`;
+  const replyToAddress = normalizeEmailAddress(payload?.replyTo || process.env.SMTP_REPLY_TO || process.env.EMAIL_REPLY_TO || process.env.MAIL_REPLY_TO || '');
+  const fromAddress = normalizeEmailAddress(process.env.SMTP_FROM || process.env.EMAIL_FROM || process.env.MAIL_FROM || process.env.SMTP_USER || process.env.EMAIL_USER || process.env.MAIL_USER || '');
+  const supportPhoneCandidate = normalizePhoneDigits(payload?.supportPhone || process.env.EMAIL_BRAND_SUPPORT_PHONE || process.env.WHATSAPP_SUPPORT_NUMBER || process.env.OWNER_NUMBER || '', 20);
+  const supportPhoneDigits = isLikelyPhoneDigits(supportPhoneCandidate) ? supportPhoneCandidate : '';
+  const supportPhonePn = formatPhonePn(supportPhoneDigits);
+  const supportWhatsappUrl = supportPhoneDigits ? `https://wa.me/${supportPhoneDigits}` : '';
+  const resolvedSupportUrl = normalizeHttpUrl(payload?.supportUrl || supportWhatsappUrl || process.env.EMAIL_BRAND_SUPPORT_URL || supportFallback, supportFallback);
+  const resolvedSupportLabel = normalizeText(payload?.supportLabel || supportPhonePn || process.env.EMAIL_BRAND_SUPPORT_LABEL || 'Central de suporte', 80);
+  return {
+    siteOrigin,
+    brandName: normalizeText(payload?.brandName || process.env.EMAIL_BRAND_NAME || DEFAULT_BRAND_NAME, 80) || DEFAULT_BRAND_NAME,
+    brandTagline: normalizeText(payload?.brandTagline || process.env.EMAIL_BRAND_TAGLINE || 'Automação profissional para WhatsApp.', 120) || null,
+    brandLogoUrl: normalizeHttpUrl(payload?.brandLogoUrl || payload?.logoUrl || process.env.EMAIL_BRAND_LOGO_URL || '', ''),
+    supportUrl: resolvedSupportUrl,
+    supportLabel: resolvedSupportLabel || 'Central de suporte',
+    supportEmail: replyToAddress || fromAddress || '',
+  };
+};
+const renderParagraphsHtml = (value, { maxParagraphs = 6, maxLength = 8_000 } = {}) => {
+  const normalized = String(value || '')
+    .replace(/\r/g, '')
+    .trim()
+    .slice(0, maxLength);
+  if (!normalized) return '';
+  const paragraphs = normalized
+    .split(/\n{2,}/)
+    .map((entry) => entry.trim())
+    .filter(Boolean)
+    .slice(0, maxParagraphs);
+  if (!paragraphs.length) return '';
+  return paragraphs.map((paragraph) => `<p style="margin:0 0 12px;color:#334155;font-size:15px;line-height:1.65;">${escapeHtml(paragraph)}</p>`).join('');
+};
+const renderEmailLayout = ({ payload = {}, preheader = '', heading = '', greeting = '', intro = '', body = '', ctaLabel = '', ctaUrl = '', ctaHint = '', secondaryCtaLabel = '', secondaryCtaUrl = '', securityNote = '', footerMessage = '' } = {}) => {
+  const brand = resolveBrandConfig(payload);
+  const safePreheader = normalizeText(preheader, 160);
+  const safeHeading = normalizeText(heading, 120);
+  const safeGreeting = normalizeText(greeting, 150);
+  const safeIntro = normalizeText(intro, 300);
+  const safeCtaLabel = normalizeText(ctaLabel, 80);
+  const safeCtaUrl = normalizeHttpUrl(ctaUrl, '');
+  const safeCtaHint = normalizeText(ctaHint, 220);
+  const safeSecondaryCtaLabel = normalizeText(secondaryCtaLabel, 80);
+  const safeSecondaryCtaUrl = normalizeHttpUrl(secondaryCtaUrl, '');
+  const safeSecurityNote = normalizeText(securityNote, 220);
+  const safeFooterMessage = normalizeText(footerMessage, 220);
+  const year = new Date().getUTCFullYear();
+  const logoBlock = brand.brandLogoUrl ? `<img src="${escapeHtml(brand.brandLogoUrl)}" alt="${escapeHtml(brand.brandName)}" width="132" style="display:block;border:0;outline:none;text-decoration:none;height:auto;margin:0 auto;" />` : `<div style="display:inline-block;font-size:26px;font-weight:800;color:#0f172a;letter-spacing:0.2px;">${escapeHtml(brand.brandName)}</div>`;
+  const greetingBlock = safeGreeting ? `<p style="margin:0 0 10px;color:#0f172a;font-size:16px;font-weight:700;line-height:1.5;">${escapeHtml(safeGreeting)}</p>` : '';
+  const introBlock = safeIntro ? `<p style="margin:0 0 14px;color:#334155;font-size:15px;line-height:1.65;">${escapeHtml(safeIntro)}</p>` : '';
+  const bodyBlock = renderParagraphsHtml(body);
+  const ctaBlock =
+    safeCtaUrl && safeCtaLabel
+      ? `
+        <table role="presentation" cellpadding="0" cellspacing="0" border="0" style="margin:10px 0 10px;">
+          <tr>
+            <td align="center" bgcolor="#1d4ed8" style="border-radius:10px;">
+              <a href="${escapeHtml(safeCtaUrl)}" style="display:inline-block;padding:12px 20px;font-size:15px;line-height:1.2;font-weight:700;color:#ffffff;text-decoration:none;">${escapeHtml(safeCtaLabel)}</a>
+            </td>
+          </tr>
+        </table>
+      `.trim()
+      : '';
+  const ctaHintBlock = safeCtaHint ? `<p style="margin:4px 0 0;color:#64748b;font-size:13px;line-height:1.55;">${escapeHtml(safeCtaHint)}</p>` : '';
+  const secondaryCtaBlock = safeSecondaryCtaLabel && safeSecondaryCtaUrl ? `<p style="margin:10px 0 0;color:#1e293b;font-size:14px;line-height:1.6;">${escapeHtml(safeSecondaryCtaLabel)}: <a href="${escapeHtml(safeSecondaryCtaUrl)}" style="color:#2563eb;text-decoration:none;">${escapeHtml(safeSecondaryCtaUrl)}</a></p>` : '';
+  const fallbackLinkBlock = safeCtaUrl ? `<p style="margin:12px 0 0;color:#64748b;font-size:12px;line-height:1.6;word-break:break-all;">Se o botão não funcionar, copie e cole este link no navegador: ${escapeHtml(safeCtaUrl)}</p>` : '';
+  const securityNoteBlock = safeSecurityNote ? `<p style="margin:16px 0 0;padding:10px 12px;background:#f8fafc;border:1px solid #e2e8f0;border-radius:8px;color:#475569;font-size:12px;line-height:1.6;">${escapeHtml(safeSecurityNote)}</p>` : '';
+  const supportEmailLine = brand.supportEmail ? `<span style="display:block;margin-top:6px;">E-mail: <a href="mailto:${escapeHtml(brand.supportEmail)}" style="color:#2563eb;text-decoration:none;">${escapeHtml(brand.supportEmail)}</a></span>` : '';
+  const footerMessageBlock = safeFooterMessage ? `<span style="display:block;margin-top:6px;color:#64748b;">${escapeHtml(safeFooterMessage)}</span>` : '';
+  const taglineBlock = brand.brandTagline ? `<p style="margin:8px 0 0;color:#64748b;font-size:13px;line-height:1.6;">${escapeHtml(brand.brandTagline)}</p>` : '';
+  return `
+<!doctype html>
+<html lang="pt-BR">
+  <body style="margin:0;padding:0;background:#f1f5f9;font-family:'Segoe UI',Roboto,Helvetica,Arial,sans-serif;">
+    <div style="display:none;max-height:0;overflow:hidden;opacity:0;color:transparent;">${escapeHtml(safePreheader)}</div>
+    <table role="presentation" cellpadding="0" cellspacing="0" border="0" width="100%" style="background:#f1f5f9;padding:28px 10px;">
+      <tr>
+        <td align="center">
+          <table role="presentation" cellpadding="0" cellspacing="0" border="0" width="100%" style="max-width:640px;">
+            <tr>
+              <td align="center" style="padding:0 0 16px;">
+                ${logoBlock}
+                ${taglineBlock}
+              </td>
+            </tr>
+            <tr>
+              <td style="background:#ffffff;border:1px solid #dbe3ef;border-radius:14px;padding:26px 24px;box-shadow:0 4px 24px rgba(15,23,42,0.06);">
+                <h1 style="margin:0 0 14px;color:#0f172a;font-size:25px;line-height:1.25;">${escapeHtml(safeHeading)}</h1>
+                ${greetingBlock}
+                ${introBlock}
+                ${bodyBlock}
+                ${ctaBlock}
+                ${ctaHintBlock}
+                ${secondaryCtaBlock}
+                ${fallbackLinkBlock}
+                ${securityNoteBlock}
+              </td>
+            </tr>
+            <tr>
+              <td style="padding:14px 2px 0;color:#64748b;font-size:12px;line-height:1.7;text-align:left;">
+                <span style="display:block;">${escapeHtml(brand.brandName)} © ${year}. Todos os direitos reservados.</span>
+                <span style="display:block;margin-top:6px;">Central de suporte: <a href="${escapeHtml(brand.supportUrl)}" style="color:#2563eb;text-decoration:none;">${escapeHtml(brand.supportLabel)}</a></span>
+                ${supportEmailLine}
+                ${footerMessageBlock}
+              </td>
+            </tr>
+          </table>
+        </td>
+      </tr>
+    </table>
+  </body>
+</html>
+  `.trim();
+};
+const resolveNavigationLinks = (payload = {}) => {
+  const siteOrigin = normalizeHttpUrl(payload?.siteOrigin || resolveSiteOrigin(), resolveSiteOrigin());
+  const defaultRedirectUrl = normalizeHttpUrl(process.env.EMAIL_DEFAULT_REDIRECT_URL || `${siteOrigin}/user/`, `${siteOrigin}/user/`);
+  const defaultHomeUrl = normalizeHttpUrl(process.env.EMAIL_DEFAULT_CTA_URL || `${siteOrigin}/`, `${siteOrigin}/`);
+  const redirectUrl = normalizeHttpUrl(payload?.redirectUrl || payload?.userUrl || payload?.loginUrl || defaultRedirectUrl, defaultRedirectUrl);
+  const homeUrl = normalizeHttpUrl(payload?.ctaUrl || payload?.homeUrl || payload?.link || defaultHomeUrl, defaultHomeUrl);
+  return {
+    siteOrigin,
+    redirectUrl,
+    homeUrl,
+  };
+};
+const resolveWelcomeBotWhatsApp = (payload = {}) => {
+  const botPhoneCandidate = normalizePhoneDigits(payload?.botPhone || payload?.botNumber || process.env.EMAIL_WELCOME_BOT_PHONE || process.env.WHATSAPP_BOT_NUMBER || process.env.BOT_NUMBER || process.env.BOT_PHONE_NUMBER || process.env.PHONE_NUMBER || process.env.EMAIL_BRAND_SUPPORT_PHONE || '', 20);
+  const botPhoneDigits = isLikelyPhoneDigits(botPhoneCandidate) ? botPhoneCandidate : '';
+  const botPhonePn = formatPhonePn(botPhoneDigits);
+  const botWhatsAppUrl = botPhoneDigits ? `https://wa.me/${botPhoneDigits}` : '';
+  return {
+    botPhonePn,
+    botWhatsAppUrl,
+  };
+};
+const resolveTermsUrl = (payload = {}) => {
+  const siteOrigin = normalizeHttpUrl(payload?.siteOrigin || resolveSiteOrigin(), resolveSiteOrigin());
+  const defaultTermsUrl = normalizeHttpUrl(`${siteOrigin}/termos-de-uso/`, `${DEFAULT_SITE_ORIGIN}/termos-de-uso/`);
+  return normalizeHttpUrl(payload?.termsUrl || process.env.EMAIL_TERMS_URL || defaultTermsUrl, defaultTermsUrl);
+};
+const buildWelcomeTemplate = (payload = {}) => {
+  const name = normalizeText(payload?.name || payload?.firstName || '', 80) || 'você';
+  const { redirectUrl, homeUrl } = resolveNavigationLinks(payload);
+  const { botPhonePn, botWhatsAppUrl } = resolveWelcomeBotWhatsApp(payload);
+  const ctaUrl = botWhatsAppUrl || homeUrl;
+  const ctaLabel = botWhatsAppUrl ? 'Abrir WhatsApp do Bot' : 'Abrir OmniZap';
+  const ctaHint = botPhonePn ? `WhatsApp do bot: ${botPhonePn}` : `Link de redirecionamento: ${redirectUrl}`;
+  const subject = 'Bem-vindo(a) ao OmniZap';
+  return {
+    subject,
+    text: [`Olá, ${name}!`, '', 'Sua conta no OmniZap foi preparada e já está pronta para uso.', `Redirecionamento da conta: ${redirectUrl}`, botWhatsAppUrl ? `WhatsApp do bot: ${botWhatsAppUrl}` : `Abrir plataforma: ${homeUrl}`, '', 'Se você não solicitou este e-mail, desconsidere esta mensagem.'].join('\n'),
+    html: renderEmailLayout({
+      payload,
+      preheader: 'Sua conta no OmniZap está pronta para uso.',
+      heading: 'Bem-vindo(a) ao OmniZap',
+      greeting: `Olá, ${name}!`,
+      intro: 'Sua conta foi preparada com sucesso. Use o botão abaixo para abrir o WhatsApp do bot.',
+      ctaLabel,
+      ctaUrl,
+      ctaHint,
+      securityNote: 'Se você não reconhece esta ação, ignore este e-mail.',
+      footerMessage: 'Este e-mail foi enviado automaticamente pelo sistema.',
+    }),
+  };
+};
+const buildMagicLinkTemplate = (payload = {}) => {
+  const name = normalizeText(payload?.name || payload?.firstName || '', 80) || 'você';
+  const link = normalizeHttpUrl(payload?.link || payload?.magicLink || payload?.loginUrl || '', '');
+  if (!link) return null;
+  const expiresInMinutes = Number(payload?.expiresInMinutes);
+  const expirationMessage = Number.isFinite(expiresInMinutes) && expiresInMinutes > 0 ? `Este link expira em ${Math.max(1, Math.floor(expiresInMinutes))} minuto(s).` : 'Este link pode expirar em alguns minutos.';
+  const subject = 'Seu link de acesso ao OmniZap';
+  return {
+    subject,
+    text: [`Olá, ${name}!`, '', 'Use o link abaixo para acessar sua conta com segurança:', link, '', expirationMessage, 'Se você não solicitou este acesso, ignore esta mensagem.'].join('\n'),
+    html: renderEmailLayout({
+      payload,
+      preheader: 'Use seu link de acesso seguro do OmniZap.',
+      heading: 'Seu link de acesso',
+      greeting: `Olá, ${name}!`,
+      intro: 'Clique no botão abaixo para entrar na sua conta.',
+      ctaLabel: 'Acessar conta',
+      ctaUrl: link,
+      ctaHint: expirationMessage,
+      securityNote: 'Não compartilhe este link com terceiros.',
+      footerMessage: 'Para sua segurança, este link é pessoal e temporário.',
+    }),
+  };
+};
+const buildPasswordResetCodeTemplate = (payload = {}) => {
+  const name = normalizeText(payload?.name || payload?.firstName || '', 80) || 'você';
+  const codeDigits = String(payload?.code || '')
+    .replace(/\D+/g, '')
+    .slice(0, 6);
+  if (!/^\d{6}$/.test(codeDigits)) return null;
+  const purpose = normalizeText(payload?.purpose || 'reset', 24).toLowerCase() === 'setup' ? 'setup' : 'reset';
+  const expiresInMinutesRaw = Number(payload?.expiresInMinutes);
+  const expiresInMinutes = Number.isFinite(expiresInMinutesRaw) ? Math.max(1, Math.min(60, Math.floor(expiresInMinutesRaw))) : 15;
+  const purposeLabel = purpose === 'setup' ? 'criação de senha' : 'redefinição de senha';
+  const subject = purpose === 'setup' ? 'Codigo para criar sua senha no OmniZap' : 'Codigo para redefinir sua senha no OmniZap';
+  const codeDisplay = `${codeDigits.slice(0, 3)} ${codeDigits.slice(3, 6)}`;
+  return {
+    subject,
+    text: [`Olá, ${name}!`, '', `Use este código para concluir a ${purposeLabel}:`, codeDigits, '', `Este código expira em ${expiresInMinutes} minuto(s).`, 'Se você não solicitou esta ação, ignore este e-mail.'].join('\n'),
+    html: renderEmailLayout({
+      payload,
+      preheader: `Seu código de ${purposeLabel} do OmniZap.`,
+      heading: purpose === 'setup' ? 'Criacao de senha' : 'Redefinicao de senha',
+      greeting: `Olá, ${name}!`,
+      intro: `Use o codigo abaixo para concluir a ${purposeLabel}.`,
+      body: `Codigo de verificacao: ${codeDisplay}\nValidade: ${expiresInMinutes} minuto(s).`,
+      ctaLabel: '',
+      ctaUrl: '',
+      ctaHint: '',
+      securityNote: 'Nao compartilhe este codigo com terceiros. A equipe OmniZap nunca pede esse codigo por mensagem.',
+      footerMessage: 'Mensagem automatica de seguranca do OmniZap.',
+    }),
+  };
+};
+const buildProjectUpdateTemplate = (payload = {}) => {
+  const name = normalizeText(payload?.name || payload?.firstName || '', 80) || 'usuário';
+  const title = normalizeText(payload?.title || payload?.heading || 'Atualização do projeto OmniZap', 120) || 'Atualização do projeto OmniZap';
+  const message = normalizeText(payload?.message || payload?.body || 'Temos uma nova atualização do projeto. Confira os detalhes no painel.', 6_000) || 'Temos uma nova atualização do projeto. Confira os detalhes no painel.';
+  const details = normalizeText(payload?.details || '', 6_000);
+  const ctaUrl = normalizeHttpUrl(payload?.ctaUrl || payload?.link || payload?.loginUrl || '', '');
+  const ctaLabel = normalizeText(payload?.ctaLabel || 'Ver atualização', 80) || 'Ver atualização';
+  const subject = normalizeText(payload?.subject || title, 180) || title;
+  const textLines = [`Olá, ${name}!`, '', title, '', message];
+  if (details) {
+    textLines.push('', details);
+  }
+  if (ctaUrl) {
+    textLines.push('', `Acesse: ${ctaUrl}`);
+  }
+  textLines.push('', 'Mensagem automática do OmniZap.');
+  return {
+    subject,
+    text: textLines.join('\n'),
+    html: renderEmailLayout({
+      payload,
+      preheader: title,
+      heading: title,
+      greeting: `Olá, ${name}!`,
+      intro: message,
+      body: details,
+      ctaLabel: ctaUrl ? ctaLabel : '',
+      ctaUrl,
+      ctaHint: ctaUrl ? 'Abra o link para ver os detalhes completos.' : '',
+      securityNote: 'Se você não reconhece esta comunicação, entre em contato com o suporte.',
+      footerMessage: 'Comunicado oficial do projeto OmniZap.',
+    }),
+  };
+};
+const buildStandardTemplate = (payload = {}) => {
+  const { redirectUrl, homeUrl } = resolveNavigationLinks(payload);
+  const name = normalizeText(payload?.name || payload?.firstName || '', 80);
+  const subject = normalizeText(payload?.subject || payload?.title || 'Comunicado OmniZap', 180) || 'Comunicado OmniZap';
+  const heading = normalizeText(payload?.heading || payload?.title || 'Atualização OmniZap', 120) || 'Atualização OmniZap';
+  const intro = normalizeText(payload?.intro || payload?.message || payload?.summary || 'Temos uma nova comunicação para você.', 2_000);
+  const details = normalizeText(payload?.body || payload?.details || '', 6_000);
+  const ctaUrl = homeUrl;
+  const ctaLabel = normalizeText(payload?.ctaLabel || 'Abrir OmniZap', 80) || 'Abrir OmniZap';
+  const ctaHint = normalizeText(payload?.ctaHint || `Link de redirecionamento: ${redirectUrl}`, 220);
+  const securityNote = normalizeText(payload?.securityNote || 'Se não reconhece esta mensagem, ignore e entre em contato com o suporte.', 220) || 'Se não reconhece esta mensagem, ignore e entre em contato com o suporte.';
+  const footerMessage = normalizeText(payload?.footerMessage || 'Mensagem automática do projeto OmniZap.', 220);
+  const greeting = name ? `Olá, ${name}!` : '';
+  const textLines = [];
+  if (greeting) {
+    textLines.push(greeting, '');
+  }
+  textLines.push(heading, '');
+  if (intro) {
+    textLines.push(intro);
+  }
+  if (details) {
+    textLines.push('', details);
+  }
+  if (redirectUrl) {
+    textLines.push('', `Redirecionamento da conta: ${redirectUrl}`);
+  }
+  if (ctaUrl) {
+    textLines.push('', `Abrir plataforma: ${ctaUrl}`);
+  }
+  textLines.push('', 'Mensagem automática do OmniZap.');
+  return {
+    subject,
+    text: textLines.join('\n'),
+    html: renderEmailLayout({
+      payload,
+      preheader: heading,
+      heading,
+      greeting,
+      intro,
+      body: details,
+      ctaLabel: ctaUrl ? ctaLabel : '',
+      ctaUrl,
+      ctaHint: ctaUrl ? ctaHint : '',
+      securityNote,
+      footerMessage,
+    }),
+  };
+};
+const buildTermsUpdateTemplate = (payload = {}) => {
+  const name = normalizeText(payload?.name || payload?.firstName || '', 80) || 'usuário';
+  const { botPhonePn, botWhatsAppUrl } = resolveWelcomeBotWhatsApp(payload);
+  const termsUrl = resolveTermsUrl(payload);
+  const fallbackOpenUrl = normalizeHttpUrl(process.env.EMAIL_DEFAULT_CTA_URL || `${resolveSiteOrigin()}/`, `${resolveSiteOrigin()}/`);
+  const ctaUrl = botWhatsAppUrl || fallbackOpenUrl;
+  const ctaLabel = botWhatsAppUrl ? 'Abrir WhatsApp do Bot' : 'Abrir OmniZap';
+  const subject = normalizeText(payload?.subject || 'Atualização dos Termos de Serviço do OmniZap', 180) || 'Atualização dos Termos de Serviço do OmniZap';
+  const heading = normalizeText(payload?.heading || 'Atualização dos Termos de Serviço', 120) || 'Atualização dos Termos de Serviço';
+  const intro = normalizeText(payload?.intro || payload?.message || 'Atualizamos nossos Termos de Serviço para refletir melhorias operacionais, de segurança e de comunicação do projeto.', 2_000) || 'Atualizamos nossos Termos de Serviço para refletir melhorias operacionais, de segurança e de comunicação do projeto.';
+  const body = normalizeText(payload?.body || 'Recomendamos a leitura da nova versão para entender como tratamos os dados de login e os comunicados enviados por e-mail.', 6_000) || 'Recomendamos a leitura da nova versão para entender como tratamos os dados de login e os comunicados enviados por e-mail.';
+  const securityNote = normalizeText(payload?.securityNote || 'Se você tiver dúvidas sobre os novos termos, fale com nosso suporte oficial.', 220) || 'Se você tiver dúvidas sobre os novos termos, fale com nosso suporte oficial.';
+  const textLines = [`Olá, ${name}!`, '', heading, '', intro, '', body, '', `WhatsApp do bot: ${ctaUrl}`, `Novos Termos de Serviço: ${termsUrl}`, '', 'Mensagem automática do OmniZap.'];
+  return {
+    subject,
+    text: textLines.join('\n'),
+    html: renderEmailLayout({
+      payload,
+      preheader: 'Atualizamos os Termos de Serviço do OmniZap.',
+      heading,
+      greeting: `Olá, ${name}!`,
+      intro,
+      body,
+      ctaLabel,
+      ctaUrl,
+      ctaHint: botPhonePn ? `WhatsApp do bot: ${botPhonePn}` : '',
+      secondaryCtaLabel: 'Ver novos Termos de Serviço',
+      secondaryCtaUrl: termsUrl,
+      securityNote,
+      footerMessage: 'Comunicado oficial sobre atualização de termos.',
+    }),
+  };
+};
+const TEMPLATE_BUILDERS = {
+  standard: buildStandardTemplate,
+  default: buildStandardTemplate,
+  welcome: buildWelcomeTemplate,
+  magic_link: buildMagicLinkTemplate,
+  password_reset_code: buildPasswordResetCodeTemplate,
+  project_update: buildProjectUpdateTemplate,
+  terms_update: buildTermsUpdateTemplate,
+};
+export const renderEmailTemplate = (templateKey, payload = {}) => {
+  const normalizedTemplateKey = normalizeTemplateKey(templateKey);
+  if (!normalizedTemplateKey) return null;
+  const builder = TEMPLATE_BUILDERS[normalizedTemplateKey];
+  if (typeof builder !== 'function') return null;
+  const rendered = builder(payload || {});
+  if (!rendered) return null;
+  const subject = normalizeText(rendered.subject, 180);
+  const text = normalizeText(rendered.text, 120_000);
+  const html = normalizeText(rendered.html, 500_000);
+  if (!subject || (!text && !html)) return null;
+  return {
+    subject,
+    text: text || null,
+    html: html || null,
+    template_key: normalizedTemplateKey,
+  };
+};
+export const listAvailableEmailTemplates = () => Object.keys(TEMPLATE_BUILDERS);

package/server/email/emailTransportService.js ADDED Viewed

@@ -0,0 +1,156 @@
+import nodemailer from 'nodemailer';
+const parseEnvBool = (value, fallback) => {
+  if (value === undefined || value === null || value === '') return fallback;
+  const normalized = String(value).trim().toLowerCase();
+  if (['1', 'true', 'yes', 'y', 'on'].includes(normalized)) return true;
+  if (['0', 'false', 'no', 'n', 'off'].includes(normalized)) return false;
+  return fallback;
+};
+const resolveSmtpConfig = () => {
+  const host = String(process.env.SMTP_HOST || process.env.EMAIL_HOST || process.env.MAIL_HOST || '').trim();
+  const port = Number(process.env.SMTP_PORT || process.env.EMAIL_PORT || process.env.MAIL_PORT || 465);
+  const user = String(process.env.SMTP_USER || process.env.EMAIL_USER || process.env.MAIL_USER || '').trim();
+  const pass = String(process.env.SMTP_PASS || process.env.EMAIL_PASS || process.env.MAIL_PASS || '').trim();
+  const from =
+    String(process.env.SMTP_FROM || process.env.EMAIL_FROM || process.env.MAIL_FROM || '')
+      .trim()
+      .slice(0, 255) || '';
+  const replyTo =
+    String(process.env.SMTP_REPLY_TO || process.env.EMAIL_REPLY_TO || process.env.MAIL_REPLY_TO || '')
+      .trim()
+      .slice(0, 255) || '';
+  const secure = parseEnvBool(process.env.SMTP_SECURE || process.env.EMAIL_SECURE || process.env.MAIL_SECURE, Number(port) === 465);
+  return {
+    host,
+    port: Number.isFinite(port) ? Math.max(1, Math.min(65535, Math.floor(port))) : 465,
+    secure,
+    user,
+    pass,
+    from: from || (user ? `OmniZap <${user}>` : ''),
+    replyTo: replyTo || null,
+  };
+};
+const toConfigCacheKey = (config) => JSON.stringify(config);
+let transportCacheKey = '';
+let transporter = null;
+const buildTransporter = () => {
+  const config = resolveSmtpConfig();
+  const cacheKey = toConfigCacheKey(config);
+  if (transporter && transportCacheKey === cacheKey) {
+    return { transporter, config };
+  }
+  transportCacheKey = cacheKey;
+  transporter = nodemailer.createTransport({
+    host: config.host,
+    port: config.port,
+    secure: config.secure,
+    auth: {
+      user: config.user,
+      pass: config.pass,
+    },
+  });
+  return { transporter, config };
+};
+export const isEmailTransportConfigured = () => {
+  const config = resolveSmtpConfig();
+  return Boolean(config.host && config.port && config.user && config.pass && config.from);
+};
+export const verifyEmailTransport = async () => {
+  if (!isEmailTransportConfigured()) {
+    const error = new Error('Transporte SMTP não configurado.');
+    error.code = 'EMAIL_TRANSPORT_NOT_CONFIGURED';
+    throw error;
+  }
+  const built = buildTransporter();
+  await built.transporter.verify();
+  return true;
+};
+export const sendEmailMessage = async ({ to, subject, text = null, html = null, replyTo = null, cc = null, bcc = null, headers = null } = {}) => {
+  if (!isEmailTransportConfigured()) {
+    const error = new Error('Transporte SMTP não configurado.');
+    error.code = 'EMAIL_TRANSPORT_NOT_CONFIGURED';
+    throw error;
+  }
+  const normalizedTo =
+    String(to || '')
+      .trim()
+      .slice(0, 255) || '';
+  const normalizedSubject =
+    String(subject || '')
+      .trim()
+      .slice(0, 180) || '';
+  const normalizedText =
+    String(text || '')
+      .trim()
+      .slice(0, 120_000) || '';
+  const normalizedHtml =
+    String(html || '')
+      .trim()
+      .slice(0, 500_000) || '';
+  if (!normalizedTo || !normalizedTo.includes('@')) {
+    const error = new Error('Destinatário de e-mail inválido.');
+    error.code = 'EMAIL_INVALID_RECIPIENT';
+    throw error;
+  }
+  if (!normalizedSubject) {
+    const error = new Error('Assunto de e-mail inválido.');
+    error.code = 'EMAIL_INVALID_SUBJECT';
+    throw error;
+  }
+  if (!normalizedText && !normalizedHtml) {
+    const error = new Error('Corpo do e-mail vazio.');
+    error.code = 'EMAIL_EMPTY_BODY';
+    throw error;
+  }
+  const built = buildTransporter();
+  const info = await built.transporter.sendMail({
+    from: built.config.from,
+    to: normalizedTo,
+    subject: normalizedSubject,
+    text: normalizedText || undefined,
+    html: normalizedHtml || undefined,
+    replyTo: replyTo || built.config.replyTo || undefined,
+    cc: cc || undefined,
+    bcc: bcc || undefined,
+    headers: headers && typeof headers === 'object' ? headers : undefined,
+  });
+  return {
+    messageId: String(info?.messageId || '').trim() || null,
+    accepted: Array.isArray(info?.accepted) ? info.accepted : [],
+    rejected: Array.isArray(info?.rejected) ? info.rejected : [],
+    response: String(info?.response || '').trim() || null,
+  };
+};
+export const getEmailTransportMetadata = () => {
+  const config = resolveSmtpConfig();
+  return {
+    configured: isEmailTransportConfigured(),
+    host: config.host || null,
+    port: config.port,
+    secure: Boolean(config.secure),
+    from: config.from || null,
+    reply_to: config.replyTo || null,
+    user: config.user ? `${config.user.slice(0, 3)}***` : null,
+  };
+};