@open-mercato/onboarding 0.4.2-canary-c02407ff85

package/src/modules/onboarding/lib/service.ts

@@ -0,0 +1,90 @@
+import { randomBytes, createHash } from 'node:crypto'
+import { hash } from 'bcryptjs'
+import { EntityManager } from '@mikro-orm/postgresql'
+import { OnboardingRequest } from '../data/entities'
+import type { OnboardingStartInput } from '../data/validators'
+
+type CreateRequestOptions = {
+  expiresInHours?: number
+}
+
+export class OnboardingService {
+  constructor(private readonly em: EntityManager) {}
+
+  async createOrUpdateRequest(input: OnboardingStartInput, options: CreateRequestOptions = {}) {
+    const expiresInHours = options.expiresInHours ?? 24
+    const token = randomBytes(32).toString('hex')
+    const tokenHash = hashToken(token)
+    const expiresAt = new Date(Date.now() + expiresInHours * 60 * 60 * 1000)
+    const now = new Date()
+    const passwordHash = await hash(input.password, 10)
+
+    const existing = await this.em.findOne(OnboardingRequest, { email: input.email })
+    if (existing) {
+      const lastSentAt = existing.lastEmailSentAt ?? existing.updatedAt ?? existing.createdAt
+      if (existing.status === 'pending' && lastSentAt && lastSentAt.getTime() > Date.now() - 10 * 60 * 1000) {
+        const remainingMs = 10 * 60 * 1000 - (Date.now() - lastSentAt.getTime())
+        const waitMinutes = Math.max(1, Math.ceil(remainingMs / (60 * 1000)))
+        throw new Error(`PENDING_REQUEST:${waitMinutes}`)
+      }
+      existing.tokenHash = tokenHash
+      existing.status = 'pending'
+      existing.firstName = input.firstName
+      existing.lastName = input.lastName
+      existing.organizationName = input.organizationName
+      existing.locale = input.locale ?? existing.locale ?? 'en'
+      existing.termsAccepted = true
+      existing.passwordHash = passwordHash
+      existing.expiresAt = expiresAt
+      existing.completedAt = null
+      existing.tenantId = null
+      existing.organizationId = null
+      existing.userId = null
+      existing.lastEmailSentAt = now
+      await this.em.flush()
+      return { request: existing, token }
+    }
+
+    const request = this.em.create(OnboardingRequest, {
+      email: input.email,
+      tokenHash,
+      status: 'pending',
+      firstName: input.firstName,
+      lastName: input.lastName,
+      organizationName: input.organizationName,
+      locale: input.locale ?? 'en',
+      termsAccepted: true,
+      passwordHash,
+      expiresAt,
+      lastEmailSentAt: now,
+      createdAt: now,
+      updatedAt: now,
+    })
+    await this.em.persistAndFlush(request)
+    return { request, token }
+  }
+
+  async findPendingByToken(token: string) {
+    const tokenHash = hashToken(token)
+    const now = new Date()
+    return this.em.findOne(OnboardingRequest, {
+      tokenHash,
+      status: 'pending',
+      expiresAt: { $gt: now } as any,
+    })
+  }
+
+  async markCompleted(request: OnboardingRequest, data: { tenantId: string; organizationId: string; userId: string }) {
+    request.status = 'completed'
+    request.completedAt = new Date()
+    request.tenantId = data.tenantId
+    request.organizationId = data.organizationId
+    request.userId = data.userId
+    request.passwordHash = null
+    await this.em.flush()
+  }
+}
+
+function hashToken(token: string) {
+  return createHash('sha256').update(token).digest('hex')
+}

package/src/modules/onboarding/migrations/.snapshot-open-mercato.json

@@ -0,0 +1,230 @@
+{
+  "namespaces": [
+    "public"
+  ],
+  "name": "public",
+  "tables": [
+    {
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "default": "gen_random_uuid()",
+          "mappedType": "uuid"
+        },
+        "email": {
+          "name": "email",
+          "type": "text",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "mappedType": "text"
+        },
+        "token_hash": {
+          "name": "token_hash",
+          "type": "text",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "mappedType": "text"
+        },
+        "status": {
+          "name": "status",
+          "type": "text",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "default": "'pending'",
+          "mappedType": "text"
+        },
+        "first_name": {
+          "name": "first_name",
+          "type": "text",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "mappedType": "text"
+        },
+        "last_name": {
+          "name": "last_name",
+          "type": "text",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "mappedType": "text"
+        },
+        "organization_name": {
+          "name": "organization_name",
+          "type": "text",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "mappedType": "text"
+        },
+        "locale": {
+          "name": "locale",
+          "type": "text",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": true,
+          "mappedType": "text"
+        },
+        "terms_accepted": {
+          "name": "terms_accepted",
+          "type": "boolean",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "default": "false",
+          "mappedType": "boolean"
+        },
+        "password_hash": {
+          "name": "password_hash",
+          "type": "text",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": true,
+          "mappedType": "text"
+        },
+        "expires_at": {
+          "name": "expires_at",
+          "type": "timestamptz",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "length": 6,
+          "mappedType": "datetime"
+        },
+        "completed_at": {
+          "name": "completed_at",
+          "type": "timestamptz",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": true,
+          "length": 6,
+          "mappedType": "datetime"
+        },
+        "tenant_id": {
+          "name": "tenant_id",
+          "type": "uuid",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": true,
+          "mappedType": "uuid"
+        },
+        "organization_id": {
+          "name": "organization_id",
+          "type": "uuid",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": true,
+          "mappedType": "uuid"
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "uuid",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": true,
+          "mappedType": "uuid"
+        },
+        "last_email_sent_at": {
+          "name": "last_email_sent_at",
+          "type": "timestamptz",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": true,
+          "length": 6,
+          "mappedType": "datetime"
+        },
+        "created_at": {
+          "name": "created_at",
+          "type": "timestamptz",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": false,
+          "length": 6,
+          "mappedType": "datetime"
+        },
+        "updated_at": {
+          "name": "updated_at",
+          "type": "timestamptz",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": true,
+          "length": 6,
+          "mappedType": "datetime"
+        },
+        "deleted_at": {
+          "name": "deleted_at",
+          "type": "timestamptz",
+          "unsigned": false,
+          "autoincrement": false,
+          "primary": false,
+          "nullable": true,
+          "length": 6,
+          "mappedType": "datetime"
+        }
+      },
+      "name": "onboarding_requests",
+      "schema": "public",
+      "indexes": [
+        {
+          "keyName": "onboarding_requests_token_hash_unique",
+          "columnNames": [
+            "token_hash"
+          ],
+          "composite": false,
+          "constraint": true,
+          "primary": false,
+          "unique": true
+        },
+        {
+          "keyName": "onboarding_requests_email_unique",
+          "columnNames": [
+            "email"
+          ],
+          "composite": false,
+          "constraint": true,
+          "primary": false,
+          "unique": true
+        },
+        {
+          "keyName": "onboarding_requests_pkey",
+          "columnNames": [
+            "id"
+          ],
+          "composite": false,
+          "constraint": true,
+          "primary": true,
+          "unique": true
+        }
+      ],
+      "checks": [],
+      "foreignKeys": {},
+      "nativeEnums": {}
+    }
+  ],
+  "nativeEnums": {}
+}

package/src/modules/onboarding/migrations/Migration20260112142945.ts

@@ -0,0 +1,11 @@
+import { Migration } from '@mikro-orm/migrations';
+
+export class Migration20260112142945 extends Migration {
+
+  override async up(): Promise<void> {
+    this.addSql(`create table "onboarding_requests" ("id" uuid not null default gen_random_uuid(), "email" text not null, "token_hash" text not null, "status" text not null default 'pending', "first_name" text not null, "last_name" text not null, "organization_name" text not null, "locale" text null, "terms_accepted" boolean not null default false, "password_hash" text null, "expires_at" timestamptz not null, "completed_at" timestamptz null, "tenant_id" uuid null, "organization_id" uuid null, "user_id" uuid null, "last_email_sent_at" timestamptz null, "created_at" timestamptz not null, "updated_at" timestamptz null, "deleted_at" timestamptz null, constraint "onboarding_requests_pkey" primary key ("id"));`);
+    this.addSql(`alter table "onboarding_requests" add constraint "onboarding_requests_token_hash_unique" unique ("token_hash");`);
+    this.addSql(`alter table "onboarding_requests" add constraint "onboarding_requests_email_unique" unique ("email");`);
+  }
+
+}

package/tsconfig.build.json

@@ -0,0 +1,4 @@
+{
+  "$schema": "https://json.schemastore.org/tsconfig",
+  "extends": "./tsconfig.json"
+}

package/tsconfig.json

@@ -0,0 +1,9 @@
+{
+  "$schema": "https://json.schemastore.org/tsconfig",
+  "extends": "../../tsconfig.base.json",
+  "compilerOptions": {
+    "noEmit": true
+  },
+  "include": ["src/**/*", "generated/**/*"],
+  "exclude": ["node_modules", "dist", "**/__tests__/**"]
+}

package/watch.mjs

@@ -0,0 +1,6 @@
+import { watch } from '../../scripts/watch.mjs'
+import { dirname } from 'node:path'
+import { fileURLToPath } from 'node:url'
+
+const __dirname = dirname(fileURLToPath(import.meta.url))
+watch(__dirname)