@ozdao/martyrs 0.2.585 → 0.2.586
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth.server.js +161 -96
- package/dist/{authJwt-J1csaMWA.js → authJwt-DKbMMjw0.js} +33 -0
- package/dist/chats.server.js +2 -2
- package/dist/community.server.js +1 -1
- package/dist/core.server.js +191 -2
- package/dist/{core.websocket-C2FxNmZ1.js → core.websocket-Cl76z2wT.js} +41 -5
- package/dist/{crud-q1ye5IhV.js → crud-DpOXTZep.js} +1 -1
- package/dist/events.server.js +2 -2
- package/dist/files.server.js +1 -1
- package/dist/gallery.server.js +1 -1
- package/dist/index-kvBwwb0w.js +427 -0
- package/dist/inventory.server.js +2 -2
- package/dist/{mailing-DuEFRsa3.js → mailing-DT7nbNjZ.js} +16 -3
- package/dist/{main-xL-jtBkT.js → main-BIf-WirR.js} +863 -865
- package/dist/marketplace.server.js +1 -1
- package/dist/martyrs/dist/{main-xL-jtBkT.js → main-BIf-WirR.js} +192 -38
- package/dist/martyrs/dist/main-BIf-WirR.js.map +1 -0
- package/dist/martyrs/dist/{web-BA6h6Z8P.js → web-O7lXcjg0.js} +2 -2
- package/dist/martyrs/dist/{web-BA6h6Z8P.js.map → web-O7lXcjg0.js.map} +1 -1
- package/dist/martyrs/src/components/Button/{Button.vue2.js → Button.vue.js} +8 -7
- package/dist/martyrs/src/components/Button/Button.vue.js.map +1 -0
- package/dist/martyrs/src/components/Feed/Feed.vue.js +1 -1
- package/dist/martyrs/src/components/FieldBig/FieldBig.vue.js +1 -1
- package/dist/martyrs/src/components/Loader/Loader.vue.js +1 -1
- package/dist/martyrs/src/components/Loader/Loader.vue.js.map +1 -1
- package/dist/martyrs/src/components/Spoiler/{Spoiler.vue2.js → Spoiler.vue.js} +2 -2
- package/dist/martyrs/src/components/Spoiler/Spoiler.vue.js.map +1 -0
- package/dist/martyrs/src/components/Tooltip/Tooltip.vue2.js +17 -22
- package/dist/martyrs/src/components/Tooltip/Tooltip.vue2.js.map +1 -1
- package/dist/martyrs/src/modules/auth/auth.client.js +18 -24
- package/dist/martyrs/src/modules/auth/auth.client.js.map +1 -1
- package/dist/martyrs/src/modules/auth/views/components/blocks/OtpDialog.vue.js +178 -0
- package/dist/martyrs/src/modules/auth/views/components/blocks/OtpDialog.vue.js.map +1 -0
- package/dist/martyrs/src/modules/auth/views/components/pages/Invite.vue.js +1 -1
- package/dist/martyrs/src/modules/auth/views/components/pages/Profile.vue.js +53 -45
- package/dist/martyrs/src/modules/auth/views/components/pages/Profile.vue.js.map +1 -1
- package/dist/martyrs/src/modules/auth/views/components/pages/ProfileEditAccount.vue.js +198 -14
- package/dist/martyrs/src/modules/auth/views/components/pages/ProfileEditAccount.vue.js.map +1 -1
- package/dist/martyrs/src/modules/auth/views/components/pages/ProfileEditProfile.vue.js +1 -1
- package/dist/martyrs/src/modules/auth/views/components/pages/ResetPassword.vue.js +70 -29
- package/dist/martyrs/src/modules/auth/views/components/pages/ResetPassword.vue.js.map +1 -1
- package/dist/martyrs/src/modules/auth/views/components/pages/SignIn.vue.js +2 -2
- package/dist/martyrs/src/modules/auth/views/components/pages/SignIn.vue.js.map +1 -1
- package/dist/martyrs/src/modules/auth/views/components/pages/SignUp.vue.js +86 -30
- package/dist/martyrs/src/modules/auth/views/components/pages/SignUp.vue.js.map +1 -1
- package/dist/martyrs/src/modules/auth/views/plugins/otp.plugin.js +100 -0
- package/dist/martyrs/src/modules/auth/views/plugins/otp.plugin.js.map +1 -0
- package/dist/martyrs/src/modules/auth/views/router/auth.router.js +2 -31
- package/dist/martyrs/src/modules/auth/views/router/auth.router.js.map +1 -1
- package/dist/martyrs/src/modules/auth/views/router/users.router.js +0 -14
- package/dist/martyrs/src/modules/auth/views/router/users.router.js.map +1 -1
- package/dist/martyrs/src/modules/auth/views/store/auth.js +1 -56
- package/dist/martyrs/src/modules/auth/views/store/auth.js.map +1 -1
- package/dist/martyrs/src/modules/auth/views/store/users.js +5 -1
- package/dist/martyrs/src/modules/auth/views/store/users.js.map +1 -1
- package/dist/martyrs/src/modules/community/components/pages/BlogPost.vue.js +1 -1
- package/dist/martyrs/src/modules/community/components/pages/CreateBlogPost.vue.js +1 -1
- package/dist/martyrs/src/modules/core/views/components/blocks/CardHeader.vue.js +0 -1
- package/dist/martyrs/src/modules/core/views/components/blocks/CardHeader.vue.js.map +1 -1
- package/dist/martyrs/src/modules/core/views/components/blocks/PopupAuth.vue.js +1 -1
- package/dist/martyrs/src/modules/core/views/components/blocks/PopupDateSelector.vue.js +1 -1
- package/dist/martyrs/src/modules/core/views/components/elements/OnlineIndicator.vue.js +74 -0
- package/dist/martyrs/src/modules/core/views/components/elements/OnlineIndicator.vue.js.map +1 -0
- package/dist/martyrs/src/modules/core/views/components/layouts/App.vue.js.map +1 -1
- package/dist/martyrs/src/modules/core/views/components/layouts/Client.vue.js +63 -47
- package/dist/martyrs/src/modules/core/views/components/layouts/Client.vue.js.map +1 -1
- package/dist/martyrs/src/modules/core/views/components/partials/Header.vue.js +1 -1
- package/dist/martyrs/src/modules/core/views/components/partials/Navigation.vue.js +1 -1
- package/dist/martyrs/src/modules/core/views/components/partials/NavigationBar.vue.js +1 -1
- package/dist/martyrs/src/modules/core/views/components/sections/{Filters.vue2.js → Filters.vue.js} +2 -2
- package/dist/martyrs/src/modules/core/views/components/sections/Filters.vue.js.map +1 -0
- package/dist/martyrs/src/modules/events/components/elements/ButtonCheck.vue.js +1 -1
- package/dist/martyrs/src/modules/events/components/elements/ButtonJoin.vue.js +1 -1
- package/dist/martyrs/src/modules/events/components/pages/EditEvent.vue.js +1 -1
- package/dist/martyrs/src/modules/events/components/pages/EditEventTickets.vue.js +1 -1
- package/dist/martyrs/src/modules/events/components/pages/Event.vue.js +1 -1
- package/dist/martyrs/src/modules/events/components/sections/EditTickets.vue.js +1 -1
- package/dist/martyrs/src/modules/gallery/components/sections/BackofficeGallery.vue.js +1 -1
- package/dist/martyrs/src/modules/inventory/components/forms/AdjustmentForm.vue.js +1 -1
- package/dist/martyrs/src/modules/inventory/components/forms/ColumnSettingsMenu.vue.js +1 -1
- package/dist/martyrs/src/modules/inventory/components/forms/HistoryView.vue.js +1 -1
- package/dist/martyrs/src/modules/inventory/components/forms/StockAlertsForm.vue.js +1 -1
- package/dist/martyrs/src/modules/inventory/components/pages/InventoryEdit.vue.js +1 -1
- package/dist/martyrs/src/modules/landing/components/sections/SectionGuide.vue.js +1 -1
- package/dist/martyrs/src/modules/marketplace/views/components/pages/Marketplace.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/blocks/ActionButtons.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/cards/AlbumCard.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/cards/ArtistCardSmall.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/cards/PlaylistCard.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/cards/TrackListCard.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/forms/AlbumForm.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/forms/ArtistForm.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/forms/PlaylistForm.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/forms/SearchForm.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/forms/TrackForm.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/pages/Album.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/pages/Artist.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/pages/MusicLibrary.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/pages/Playlist.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/pages/SearchResults.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/pages/Track.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/pages/TrackCreate.vue.js +0 -1
- package/dist/martyrs/src/modules/music/components/pages/TrackCreate.vue.js.map +1 -1
- package/dist/martyrs/src/modules/music/components/player/FullscreenPlayer.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/player/MusicPlayer.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/player/PlayerControls.vue.js +1 -1
- package/dist/martyrs/src/modules/music/components/player/VolumeControl.vue.js +1 -1
- package/dist/martyrs/src/modules/notifications/components/sections/NotificationPreferences.vue.js +1 -1
- package/dist/martyrs/src/modules/orders/components/forms/FormApplicationDetails.vue.js +1 -1
- package/dist/martyrs/src/modules/orders/components/forms/FormCustomerDetails.vue.js +1 -1
- package/dist/martyrs/src/modules/orders/components/forms/FormSelectCustomer.vue.js +1 -2
- package/dist/martyrs/src/modules/orders/components/forms/FormSelectCustomer.vue.js.map +1 -1
- package/dist/martyrs/src/modules/orders/components/pages/OrderBackoffice.vue.js +1 -1
- package/dist/martyrs/src/modules/orders/components/pages/OrderCreate.vue.js +1 -1
- package/dist/martyrs/src/modules/orders/components/pages/OrderCreateBackoffice.vue.js +1 -1
- package/dist/martyrs/src/modules/orders/components/sections/ApplicationDetails.vue.js +1 -1
- package/dist/martyrs/src/modules/orders/components/sections/CustomerDetails.vue.js +1 -1
- package/dist/martyrs/src/modules/orders/components/sections/FormDelivery.vue.js +1 -1
- package/dist/martyrs/src/modules/organizations/components/blocks/CardDepartment.vue.js +1 -1
- package/dist/martyrs/src/modules/organizations/components/elements/ButtonToggleMembership.vue.js +1 -1
- package/dist/martyrs/src/modules/organizations/components/forms/AddExistingMembersForm.vue.js +1 -1
- package/dist/martyrs/src/modules/organizations/components/forms/DepartmentForm.vue.js +2 -2
- package/dist/martyrs/src/modules/organizations/components/forms/InviteForm.vue.js +1 -1
- package/dist/martyrs/src/modules/organizations/components/pages/Department.vue.js +1 -1
- package/dist/martyrs/src/modules/organizations/components/pages/OrganizationEdit.vue.js +2 -2
- package/dist/martyrs/src/modules/organizations/components/sections/Documents.vue.js +1 -2
- package/dist/martyrs/src/modules/organizations/components/sections/Documents.vue.js.map +1 -1
- package/dist/martyrs/src/modules/organizations/components/sections/MembersAdd.vue.js +1 -1
- package/dist/martyrs/src/modules/organizations/components/sections/Organizations.vue.js +0 -1
- package/dist/martyrs/src/modules/organizations/components/sections/Organizations.vue.js.map +1 -1
- package/dist/martyrs/src/modules/pages/views/components/blocks/CardPage.vue.js +0 -1
- package/dist/martyrs/src/modules/pages/views/components/blocks/CardPage.vue.js.map +1 -1
- package/dist/martyrs/src/modules/pages/views/components/pages/PageEdit.vue.js +1 -1
- package/dist/martyrs/src/modules/pages/views/components/partials/SidebarPages.vue.js +1 -1
- package/dist/martyrs/src/modules/products/components/pages/Categories.vue.js +0 -1
- package/dist/martyrs/src/modules/products/components/pages/Categories.vue.js.map +1 -1
- package/dist/martyrs/src/modules/products/components/pages/CategoryEdit.vue.js +2 -2
- package/dist/martyrs/src/modules/products/components/pages/Product.vue.js +0 -1
- package/dist/martyrs/src/modules/products/components/pages/Product.vue.js.map +1 -1
- package/dist/martyrs/src/modules/products/components/pages/ProductEdit.vue.js +1 -1
- package/dist/martyrs/src/modules/products/components/pages/Products.vue.js +3 -3
- package/dist/martyrs/src/modules/products/components/pages/Products.vue.js.map +1 -1
- package/dist/martyrs/src/modules/products/components/sections/EditAttributes.vue.js +1 -1
- package/dist/martyrs/src/modules/products/components/sections/EditDiscounts.vue.js +1 -1
- package/dist/martyrs/src/modules/products/components/sections/EditVariants.vue.js +1 -1
- package/dist/martyrs/src/modules/products/components/sections/FilterProducts.vue.js +1 -1
- package/dist/martyrs/src/modules/products/components/sections/ProductConfigurator.vue.js +1 -1
- package/dist/martyrs/src/modules/products/components/sections/ProductsRecommended.vue.js +1 -1
- package/dist/martyrs/src/modules/products/components/sections/SectionProduct.vue.js +1 -1
- package/dist/martyrs/src/modules/rents/views/components/pages/Gant/GanttToolbar.vue.js +1 -1
- package/dist/martyrs/src/modules/rents/views/components/pages/RentsEdit.vue.js +1 -1
- package/dist/martyrs/src/modules/reports/components/sections/FormReport.vue.js +1 -1
- package/dist/martyrs/src/modules/spots/components/layouts/Spots.vue.js +1 -1
- package/dist/martyrs/src/modules/spots/components/pages/Map.vue.js +1 -1
- package/dist/martyrs/src/modules/spots/components/pages/Spot.vue.js +1 -1
- package/dist/martyrs/src/modules/spots/components/pages/SpotEdit.vue.js +1 -1
- package/dist/martyrs/src/modules/spots/components/sections/WorktimeEdit.vue.js +1 -1
- package/dist/martyrs.css +1 -1
- package/dist/martyrs.es.js +1 -1
- package/dist/music.server.js +1 -1
- package/dist/notifications.server.js +1 -1
- package/dist/orders.server.js +7 -6
- package/dist/organizations.server.js +2 -2
- package/dist/products.server.js +2 -2
- package/dist/profile.schema-C31Lynn3.js +21 -0
- package/dist/rents.server.js +1 -1
- package/dist/sessions.service-COcwjd0f.js +86 -0
- package/dist/style.css +178 -108
- package/dist/{tickets.controller-B7r0mK-5.js → tickets.controller-DdF85W-i.js} +1 -1
- package/dist/visitors.service-B1dhhuSo.js +83 -0
- package/dist/wallet.server.js +2 -2
- package/dist/{web-BA6h6Z8P.js → web-O7lXcjg0.js} +1 -1
- package/package.json +5 -1
- package/src/cli/commands/create.js +106 -0
- package/src/cli/index.js +25 -0
- package/src/cli/templates/app/.env.development.mustache +14 -0
- package/src/cli/templates/app/.env.production.mustache +14 -0
- package/src/cli/templates/app/Dockerfile +36 -0
- package/src/cli/templates/app/babel.config.js +14 -0
- package/src/cli/templates/app/env.js +3 -0
- package/src/cli/templates/app/index.js +46 -0
- package/src/cli/templates/app/mongodb.config.js +18 -0
- package/src/cli/templates/app/package.json.mustache +65 -0
- package/src/cli/templates/app/src/client.js +22 -0
- package/src/cli/templates/app/src/components/pages/Index.vue +11 -0
- package/src/cli/templates/app/src/configs/global.config.js.mustache +40 -0
- package/src/cli/templates/app/src/localization/extensions.js +2 -0
- package/src/cli/templates/app/src/localization/index.js +44 -0
- package/src/cli/templates/app/src/localization/overrides.js +2 -0
- package/src/cli/templates/app/src/localization/translations.js +10 -0
- package/src/cli/templates/app/src/models/index.js +9 -0
- package/src/cli/templates/app/src/router/index.js +48 -0
- package/src/cli/templates/app/src/scss/theme.scss +18 -0
- package/src/cli/templates/app/src/server.js +68 -0
- package/src/cli/templates/app/src/store/index.js +9 -0
- package/src/cli/templates/docker-compose.yaml.mustache +47 -0
- package/src/cli/templates/nginx/Dockerfile +5 -0
- package/src/cli/templates/nginx/default.conf.mustache +55 -0
- package/src/cli/templates/public/favicon/.gitkeep +0 -0
- package/src/cli/templates/start-dev.sh.mustache +131 -0
- package/src/cli/templates/start-prod.sh.mustache +12 -0
- package/src/components/Button/Button.vue +61 -15
- package/src/components/Loader/Loader.vue +1 -1
- package/src/components/Tooltip/Tooltip.vue +31 -23
- package/src/modules/TASKS.MD +30 -1
- package/src/modules/auth/CLAUDE.md +381 -0
- package/src/modules/auth/FIXES.md +0 -38
- package/src/modules/auth/auth.client.js +4 -6
- package/src/modules/auth/auth.server.js +4 -15
- package/src/modules/auth/controllers/middlewares/authJwt.js +59 -17
- package/src/modules/auth/controllers/middlewares/index.js +4 -1
- package/src/modules/auth/controllers/middlewares/otp.middleware.js +166 -0
- package/src/modules/auth/controllers/middlewares/verifySignUp.js +0 -1
- package/src/modules/auth/controllers/middlewares/verifyUser.js +58 -11
- package/src/modules/auth/controllers/routes/auth.routes.js +48 -6
- package/src/modules/auth/controllers/routes/users.routes.js +29 -8
- package/src/modules/auth/controllers/services/auth.service.js +62 -12
- package/src/modules/auth/controllers/services/otp.service.js +109 -0
- package/src/modules/auth/controllers/services/users.service.js +46 -6
- package/src/modules/auth/models/otp.model.js +20 -0
- package/src/modules/auth/views/components/blocks/OtpDialog.vue +168 -0
- package/src/modules/auth/views/components/pages/Profile.vue +18 -13
- package/src/modules/auth/views/components/pages/ProfileEditAccount.vue +199 -45
- package/src/modules/auth/views/components/pages/ResetPassword.vue +170 -132
- package/src/modules/auth/views/components/pages/SignIn.vue +2 -1
- package/src/modules/auth/views/components/pages/SignUp.vue +203 -147
- package/src/modules/auth/views/plugins/otp.plugin.js +104 -0
- package/src/modules/auth/views/router/auth.router.js +1 -24
- package/src/modules/auth/views/router/users.router.js +1 -12
- package/src/modules/auth/views/store/auth.js +0 -68
- package/src/modules/auth/views/store/users.js +6 -2
- package/src/modules/core/controllers/classes/core.websocket.js +57 -6
- package/src/modules/core/controllers/middlewares/visitor.logger.js +49 -0
- package/src/modules/core/controllers/services/requests.service.js +53 -0
- package/src/modules/core/controllers/services/sessions.service.js +98 -0
- package/src/modules/core/controllers/services/visitors.service.js +102 -0
- package/src/modules/core/controllers/utils/mailing.js +16 -3
- package/src/modules/core/core.server.js +45 -3
- package/src/modules/core/models/request.model.js +30 -0
- package/src/modules/core/models/session.model.js +43 -0
- package/src/modules/core/models/visitor.model.js +28 -0
- package/src/modules/core/views/components/elements/OnlineIndicator.vue +115 -0
- package/src/modules/core/views/components/layouts/App.vue +2 -2
- package/src/modules/core/views/components/layouts/Client.vue +443 -477
- package/src/modules/orders/controllers/orders.controller.js +3 -3
- package/src/modules/products/components/pages/Products.vue +1 -1
- package/dist/_virtual/alignment-pattern.js +0 -5
- package/dist/_virtual/alignment-pattern.js.map +0 -1
- package/dist/_virtual/browser.js +0 -8
- package/dist/_virtual/browser.js.map +0 -1
- package/dist/_virtual/browser2.js +0 -5
- package/dist/_virtual/browser2.js.map +0 -1
- package/dist/_virtual/canvas.js +0 -5
- package/dist/_virtual/canvas.js.map +0 -1
- package/dist/_virtual/dijkstra.js +0 -5
- package/dist/_virtual/dijkstra.js.map +0 -1
- package/dist/_virtual/error-correction-code.js +0 -5
- package/dist/_virtual/error-correction-code.js.map +0 -1
- package/dist/_virtual/error-correction-level.js +0 -5
- package/dist/_virtual/error-correction-level.js.map +0 -1
- package/dist/_virtual/finder-pattern.js +0 -5
- package/dist/_virtual/finder-pattern.js.map +0 -1
- package/dist/_virtual/format-info.js +0 -5
- package/dist/_virtual/format-info.js.map +0 -1
- package/dist/_virtual/galois-field.js +0 -5
- package/dist/_virtual/galois-field.js.map +0 -1
- package/dist/_virtual/mask-pattern.js +0 -5
- package/dist/_virtual/mask-pattern.js.map +0 -1
- package/dist/_virtual/mode.js +0 -5
- package/dist/_virtual/mode.js.map +0 -1
- package/dist/_virtual/polynomial.js +0 -5
- package/dist/_virtual/polynomial.js.map +0 -1
- package/dist/_virtual/qrcode.js +0 -5
- package/dist/_virtual/qrcode.js.map +0 -1
- package/dist/_virtual/regex.js +0 -5
- package/dist/_virtual/regex.js.map +0 -1
- package/dist/_virtual/segments.js +0 -5
- package/dist/_virtual/segments.js.map +0 -1
- package/dist/_virtual/svg-tag.js +0 -5
- package/dist/_virtual/svg-tag.js.map +0 -1
- package/dist/_virtual/utils.js +0 -5
- package/dist/_virtual/utils.js.map +0 -1
- package/dist/_virtual/utils2.js +0 -5
- package/dist/_virtual/utils2.js.map +0 -1
- package/dist/_virtual/version-check.js +0 -5
- package/dist/_virtual/version-check.js.map +0 -1
- package/dist/_virtual/version.js +0 -5
- package/dist/_virtual/version.js.map +0 -1
- package/dist/index-_Edcmck_.js +0 -170
- package/dist/martyrs/dist/main-xL-jtBkT.js.map +0 -1
- package/dist/martyrs/node_modules/.pnpm/bignumber.js@9.1.2/node_modules/bignumber.js/bignumber.js +0 -1336
- package/dist/martyrs/node_modules/.pnpm/bignumber.js@9.1.2/node_modules/bignumber.js/bignumber.js.map +0 -1
- package/dist/martyrs/src/components/Button/Button.vue2.js.map +0 -1
- package/dist/martyrs/src/components/Spoiler/Spoiler.vue2.js.map +0 -1
- package/dist/martyrs/src/modules/auth/views/components/pages/EnterCode.vue.js +0 -166
- package/dist/martyrs/src/modules/auth/views/components/pages/EnterCode.vue.js.map +0 -1
- package/dist/martyrs/src/modules/auth/views/components/pages/EnterPassword.vue.js +0 -118
- package/dist/martyrs/src/modules/auth/views/components/pages/EnterPassword.vue.js.map +0 -1
- package/dist/martyrs/src/modules/auth/views/components/sections/ProfileEditCredentials.vue.js +0 -360
- package/dist/martyrs/src/modules/auth/views/components/sections/ProfileEditCredentials.vue.js.map +0 -1
- package/dist/martyrs/src/modules/auth/views/store/twofa.js +0 -40
- package/dist/martyrs/src/modules/auth/views/store/twofa.js.map +0 -1
- package/dist/martyrs/src/modules/core/views/components/sections/Filters.vue2.js.map +0 -1
- package/dist/martyrs/src/modules/wallet/views/components/blocks/CardBalanceReplenished.vue.js +0 -43
- package/dist/martyrs/src/modules/wallet/views/components/blocks/CardBalanceReplenished.vue.js.map +0 -1
- package/dist/martyrs/src/modules/wallet/views/components/blocks/CardDeposit.vue.js +0 -47
- package/dist/martyrs/src/modules/wallet/views/components/blocks/CardDeposit.vue.js.map +0 -1
- package/dist/martyrs/src/modules/wallet/views/components/blocks/CashDeposit.vue.js +0 -29
- package/dist/martyrs/src/modules/wallet/views/components/blocks/CashDeposit.vue.js.map +0 -1
- package/dist/martyrs/src/modules/wallet/views/components/blocks/CryptoDeposit.vue.js +0 -89
- package/dist/martyrs/src/modules/wallet/views/components/blocks/CryptoDeposit.vue.js.map +0 -1
- package/dist/martyrs/src/modules/wallet/views/components/blocks/CryptoDepositProcessing.vue.js +0 -136
- package/dist/martyrs/src/modules/wallet/views/components/blocks/CryptoDepositProcessing.vue.js.map +0 -1
- package/dist/martyrs/src/modules/wallet/views/components/pages/Wallet.vue.js +0 -238
- package/dist/martyrs/src/modules/wallet/views/components/pages/Wallet.vue.js.map +0 -1
- package/dist/martyrs/src/modules/wallet/views/localization/wallet.json.js +0 -9
- package/dist/martyrs/src/modules/wallet/views/localization/wallet.json.js.map +0 -1
- package/dist/martyrs/src/modules/wallet/views/store/wallet.store.js +0 -134
- package/dist/martyrs/src/modules/wallet/views/store/wallet.store.js.map +0 -1
- package/dist/node_modules/.pnpm/dijkstrajs@1.0.3/node_modules/dijkstrajs/dijkstra.js +0 -106
- package/dist/node_modules/.pnpm/dijkstrajs@1.0.3/node_modules/dijkstrajs/dijkstra.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/browser.js +0 -79
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/browser.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/can-promise.js +0 -14
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/can-promise.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/alignment-pattern.js +0 -43
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/alignment-pattern.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/alphanumeric-data.js +0 -85
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/alphanumeric-data.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/bit-buffer.js +0 -40
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/bit-buffer.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/bit-matrix.js +0 -34
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/bit-matrix.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/byte-data.js +0 -36
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/byte-data.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/error-correction-code.js +0 -367
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/error-correction-code.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/error-correction-level.js +0 -52
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/error-correction-level.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/finder-pattern.js +0 -25
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/finder-pattern.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/format-info.js +0 -24
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/format-info.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/galois-field.js +0 -38
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/galois-field.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/kanji-data.js +0 -46
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/kanji-data.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/mask-pattern.js +0 -149
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/mask-pattern.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/mode.js +0 -90
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/mode.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/numeric-data.js +0 -41
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/numeric-data.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/polynomial.js +0 -44
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/polynomial.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/qrcode.js +0 -279
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/qrcode.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/reed-solomon-encoder.js +0 -38
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/reed-solomon-encoder.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/regex.js +0 -33
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/regex.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/segments.js +0 -201
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/segments.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/utils.js +0 -84
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/utils.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/version-check.js +0 -14
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/version-check.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/version.js +0 -107
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/core/version.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/renderer/canvas.js +0 -61
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/renderer/canvas.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/renderer/svg-tag.js +0 -64
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/renderer/svg-tag.js.map +0 -1
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/renderer/utils.js +0 -87
- package/dist/node_modules/.pnpm/qrcode@1.5.4/node_modules/qrcode/lib/renderer/utils.js.map +0 -1
- package/dist/profile.schema-CjLOfG7b.js +0 -92
- package/src/modules/auth/controllers/middlewares/visitor.logger.js +0 -75
- package/src/modules/auth/controllers/routes/twofa.routes.js +0 -8
- package/src/modules/auth/controllers/services/twofa.service.js +0 -30
- package/src/modules/auth/models/request.model.js +0 -14
- package/src/modules/auth/models/visitor.model.js +0 -11
- package/src/modules/auth/views/components/pages/EnterCode.vue +0 -204
- package/src/modules/auth/views/components/pages/EnterPassword.vue +0 -123
- package/src/modules/auth/views/components/sections/ProfileEditCredentials.vue +0 -329
- package/src/modules/auth/views/store/twofa.js +0 -70
- package/src/modules/auth//320/220/320/240/320/245/320/230/320/242/320/225/320/232/320/242/320/243/320/240/320/220.md +0 -445
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import * as cookie from "cookie";
|
|
2
2
|
import jwt from "jsonwebtoken";
|
|
3
3
|
import uWS from "uWebSockets.js";
|
|
4
|
+
import { g as getSessionsService } from "./sessions.service-COcwjd0f.js";
|
|
4
5
|
class WebSocketManager {
|
|
5
6
|
constructor(options = {}) {
|
|
6
7
|
if (options.ssl) {
|
|
@@ -24,9 +25,14 @@ class WebSocketManager {
|
|
|
24
25
|
idleTimeout: 120,
|
|
25
26
|
compression: uWS.SHARED_COMPRESSOR,
|
|
26
27
|
maxBackpressure: 1024 * 1024,
|
|
27
|
-
// Обработчик аутентификации и апгрейда соединения
|
|
28
|
+
// Обработчик аутентификации и апгрейда соединения (синхронный - uWS требует)
|
|
28
29
|
upgrade: (res, req, context) => {
|
|
29
30
|
let userId = null;
|
|
31
|
+
let sessionId = null;
|
|
32
|
+
let aborted = false;
|
|
33
|
+
res.onAborted(() => {
|
|
34
|
+
aborted = true;
|
|
35
|
+
});
|
|
30
36
|
const headers = {};
|
|
31
37
|
req.forEach((key, value) => {
|
|
32
38
|
headers[key.toLowerCase()] = value;
|
|
@@ -41,22 +47,47 @@ class WebSocketManager {
|
|
|
41
47
|
const token = JSON.parse(decodeURIComponent(cookies.user));
|
|
42
48
|
const decoded = jwt.verify(token.accessToken, process.env.SECRET_KEY);
|
|
43
49
|
userId = decoded._id;
|
|
50
|
+
sessionId = decoded.session_id;
|
|
44
51
|
}
|
|
45
52
|
}
|
|
46
53
|
} catch (err) {
|
|
47
54
|
console.error("Invalid token:", err);
|
|
48
55
|
}
|
|
56
|
+
if (aborted) return;
|
|
49
57
|
if (process.env.REQUIRE_AUTH === "true" && !userId) {
|
|
50
58
|
res.writeStatus("401 Unauthorized").end("Authentication required");
|
|
51
59
|
return;
|
|
52
60
|
}
|
|
53
|
-
const userData = { userId };
|
|
61
|
+
const userData = { userId, sessionId, needsSessionValidation: !!sessionId };
|
|
54
62
|
res.upgrade(userData, secWebSocketKey, secWebSocketProtocol, secWebSocketExtensions, context);
|
|
55
63
|
},
|
|
56
|
-
// Обработчик открытия соединения
|
|
57
|
-
open: (ws) => {
|
|
58
|
-
|
|
64
|
+
// Обработчик открытия соединения (async безопасен здесь)
|
|
65
|
+
open: async (ws) => {
|
|
66
|
+
const userData = ws.getUserData();
|
|
67
|
+
ws.userId = userData.userId;
|
|
68
|
+
ws.sessionId = userData.sessionId;
|
|
59
69
|
ws.subscriptions = /* @__PURE__ */ new Set();
|
|
70
|
+
ws.lastSeenAt = Date.now();
|
|
71
|
+
if (userData.needsSessionValidation) {
|
|
72
|
+
try {
|
|
73
|
+
const sessionsService = getSessionsService();
|
|
74
|
+
const session = await sessionsService.validateSession({
|
|
75
|
+
sessionId: userData.sessionId,
|
|
76
|
+
userId: userData.userId
|
|
77
|
+
});
|
|
78
|
+
if (!session) {
|
|
79
|
+
ws.end(4001, "Session expired or revoked");
|
|
80
|
+
return;
|
|
81
|
+
}
|
|
82
|
+
sessionsService.touchSession(userData.sessionId).catch((err) => {
|
|
83
|
+
console.error("Error updating session lastSeenAt:", err);
|
|
84
|
+
});
|
|
85
|
+
} catch (err) {
|
|
86
|
+
console.error("Session validation error:", err);
|
|
87
|
+
ws.end(4002, "Session validation failed");
|
|
88
|
+
return;
|
|
89
|
+
}
|
|
90
|
+
}
|
|
60
91
|
if (ws.userId) {
|
|
61
92
|
this._trackUserConnection(ws.userId, ws);
|
|
62
93
|
} else {
|
|
@@ -82,6 +113,11 @@ class WebSocketManager {
|
|
|
82
113
|
await this._handleRpcCall(ws, msg);
|
|
83
114
|
return;
|
|
84
115
|
}
|
|
116
|
+
if (msg.type === "ping") {
|
|
117
|
+
ws.lastSeenAt = Date.now();
|
|
118
|
+
ws.send(JSON.stringify({ type: "pong" }), false);
|
|
119
|
+
return;
|
|
120
|
+
}
|
|
85
121
|
const moduleName = msg.module;
|
|
86
122
|
console.log(`[WebSocket Server] Message from ${ws.userId || "anonymous"}, module: ${moduleName}, type: ${msg.type}, subscriptions:`, Array.from(ws.subscriptions));
|
|
87
123
|
if (moduleName && this.modules.has(moduleName)) {
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { m as middlewareFactory } from "./authJwt-
|
|
1
|
+
import { m as middlewareFactory } from "./authJwt-DKbMMjw0.js";
|
|
2
2
|
import { q as queryProcessorCore } from "./queryProcessor-C_5Iipam.js";
|
|
3
3
|
import { O as ObserverNamespaced } from "./core.observer-MZsqaE6F.js";
|
|
4
4
|
import { L as LoggerNamespaced } from "./abac-BPl9Bmf9.js";
|
package/dist/events.server.js
CHANGED
|
@@ -2,11 +2,11 @@ import { q as queryProcessorCore } from "./queryProcessor-C_5Iipam.js";
|
|
|
2
2
|
import { c as createFriendlyURL, a as applyMetadataSchema } from "./metadata.schema-CIRR_WQ-.js";
|
|
3
3
|
import Stripe from "stripe";
|
|
4
4
|
import { Types } from "mongoose";
|
|
5
|
-
import { c as controllerFactory } from "./tickets.controller-
|
|
5
|
+
import { c as controllerFactory } from "./tickets.controller-DdF85W-i.js";
|
|
6
6
|
import { a as applyCommonSchema } from "./common.schema-DswiUXKB.js";
|
|
7
7
|
import { a as applyEngagementSchema } from "./engagement.schema-fh6W1fb_.js";
|
|
8
8
|
import { a as applyOwnershipSchema } from "./ownership.schema-fwwDf_e5.js";
|
|
9
|
-
import { m as middlewareIndexFactory$1 } from "./index-
|
|
9
|
+
import { m as middlewareIndexFactory$1 } from "./index-kvBwwb0w.js";
|
|
10
10
|
import { c as coreabac } from "./abac-BPl9Bmf9.js";
|
|
11
11
|
class serviceIntegrations {
|
|
12
12
|
async createProduct(event) {
|
package/dist/files.server.js
CHANGED
package/dist/gallery.server.js
CHANGED
|
@@ -3,7 +3,7 @@ import path from "path";
|
|
|
3
3
|
import { a as applyCommonSchema } from "./common.schema-DswiUXKB.js";
|
|
4
4
|
import { a as applyEngagementSchema } from "./engagement.schema-fh6W1fb_.js";
|
|
5
5
|
import { a as applyOwnershipSchema } from "./ownership.schema-fwwDf_e5.js";
|
|
6
|
-
import { m as middlewareIndexFactory } from "./index-
|
|
6
|
+
import { m as middlewareIndexFactory } from "./index-kvBwwb0w.js";
|
|
7
7
|
const controllerFactory = (db) => {
|
|
8
8
|
const Photo = db.photo;
|
|
9
9
|
const read = async (req, res) => {
|
|
@@ -0,0 +1,427 @@
|
|
|
1
|
+
import { m as middlewareFactory$5 } from "./authJwt-DKbMMjw0.js";
|
|
2
|
+
import crypto from "crypto";
|
|
3
|
+
import * as mongodb from "mongodb";
|
|
4
|
+
import { m as mailing } from "./mailing-DT7nbNjZ.js";
|
|
5
|
+
const middlewareFactory$4 = () => {
|
|
6
|
+
const verifySecret = (method, endpoint, secret) => async (req, res, next) => {
|
|
7
|
+
const requestSignature = req.headers.signature;
|
|
8
|
+
const signature = crypto.createHmac("sha256", secret).update(method + endpoint).digest("hex");
|
|
9
|
+
if (signature === requestSignature) {
|
|
10
|
+
return next();
|
|
11
|
+
}
|
|
12
|
+
res.status(403).send("Forbidden");
|
|
13
|
+
};
|
|
14
|
+
return { verifySecret };
|
|
15
|
+
};
|
|
16
|
+
const middlewareFactory$3 = (db) => {
|
|
17
|
+
const User = db.user;
|
|
18
|
+
db.role;
|
|
19
|
+
const checkDuplicateUsernameOrEmail = async (req, res, next) => {
|
|
20
|
+
const { type, email, phone } = req.body;
|
|
21
|
+
let query;
|
|
22
|
+
if (type === "phone" && phone) {
|
|
23
|
+
query = { phone };
|
|
24
|
+
}
|
|
25
|
+
if (type === "email" && email) {
|
|
26
|
+
query = { email };
|
|
27
|
+
}
|
|
28
|
+
try {
|
|
29
|
+
const user = await User.findOne(query).exec();
|
|
30
|
+
if (user) {
|
|
31
|
+
console.log(`USER_ALREADY_REGISTERED`);
|
|
32
|
+
res.status(400).send({ errorCode: "USER_ALREADY_REGISTERED" });
|
|
33
|
+
return;
|
|
34
|
+
}
|
|
35
|
+
next();
|
|
36
|
+
} catch (err) {
|
|
37
|
+
console.log(err);
|
|
38
|
+
res.status(500).send({ message: err.message });
|
|
39
|
+
}
|
|
40
|
+
};
|
|
41
|
+
const checkRolesExisted = (req, res, next) => {
|
|
42
|
+
next();
|
|
43
|
+
};
|
|
44
|
+
return {
|
|
45
|
+
checkDuplicateUsernameOrEmail,
|
|
46
|
+
checkRolesExisted
|
|
47
|
+
};
|
|
48
|
+
};
|
|
49
|
+
const middlewareFactory$2 = (db) => {
|
|
50
|
+
const User = db.user;
|
|
51
|
+
db.role;
|
|
52
|
+
const checkOwnership = (req, res, next) => {
|
|
53
|
+
if (!req.userId || req.userId !== req.params._id) {
|
|
54
|
+
return res.status(403).json({ errorCode: "FORBIDDEN", message: "Cannot modify other users" });
|
|
55
|
+
}
|
|
56
|
+
next();
|
|
57
|
+
};
|
|
58
|
+
const checkDuplicateUsername = async (req, res, next) => {
|
|
59
|
+
const { username } = req.body;
|
|
60
|
+
if (!username) {
|
|
61
|
+
return next();
|
|
62
|
+
}
|
|
63
|
+
try {
|
|
64
|
+
const user = await User.findOne({
|
|
65
|
+
username,
|
|
66
|
+
_id: { $ne: req.body._id }
|
|
67
|
+
// Исключаем текущего пользователя из поиска
|
|
68
|
+
});
|
|
69
|
+
if (user) {
|
|
70
|
+
console.log(`USERNAME_ALREADY_USED`);
|
|
71
|
+
res.status(400).send({ errorCode: "USERNAME_ALREADY_USED" });
|
|
72
|
+
return;
|
|
73
|
+
}
|
|
74
|
+
next();
|
|
75
|
+
} catch (err) {
|
|
76
|
+
console.log(err);
|
|
77
|
+
res.status(500).send({ message: err.message });
|
|
78
|
+
}
|
|
79
|
+
};
|
|
80
|
+
const checkDuplicateEmail = async (req, res, next) => {
|
|
81
|
+
const { email } = req.body;
|
|
82
|
+
if (!email) {
|
|
83
|
+
return next();
|
|
84
|
+
}
|
|
85
|
+
try {
|
|
86
|
+
const user = await User.findOne({
|
|
87
|
+
email,
|
|
88
|
+
_id: { $ne: req.params._id }
|
|
89
|
+
});
|
|
90
|
+
if (user) {
|
|
91
|
+
return res.status(400).json({ errorCode: "EMAIL_ALREADY_USED" });
|
|
92
|
+
}
|
|
93
|
+
next();
|
|
94
|
+
} catch (err) {
|
|
95
|
+
res.status(500).send({ message: err.message });
|
|
96
|
+
}
|
|
97
|
+
};
|
|
98
|
+
const checkDuplicatePhone = async (req, res, next) => {
|
|
99
|
+
const { phone } = req.body;
|
|
100
|
+
if (!phone) {
|
|
101
|
+
return next();
|
|
102
|
+
}
|
|
103
|
+
try {
|
|
104
|
+
const user = await User.findOne({
|
|
105
|
+
phone,
|
|
106
|
+
_id: { $ne: req.params._id }
|
|
107
|
+
});
|
|
108
|
+
if (user) {
|
|
109
|
+
return res.status(400).json({ errorCode: "PHONE_ALREADY_USED" });
|
|
110
|
+
}
|
|
111
|
+
next();
|
|
112
|
+
} catch (err) {
|
|
113
|
+
res.status(500).send({ message: err.message });
|
|
114
|
+
}
|
|
115
|
+
};
|
|
116
|
+
const checkUserExist = async (req, res, next) => {
|
|
117
|
+
const { type, identifier } = req.body;
|
|
118
|
+
if (!type || !identifier) {
|
|
119
|
+
return res.status(400).json({ errorCode: "MISSING_IDENTIFIER" });
|
|
120
|
+
}
|
|
121
|
+
const query = type === "phone" ? { phone: identifier } : { email: identifier };
|
|
122
|
+
try {
|
|
123
|
+
const user = await User.findOne(query).exec();
|
|
124
|
+
if (!user) {
|
|
125
|
+
return res.status(400).json({ errorCode: "USER_NOT_REGISTERED_YET" });
|
|
126
|
+
}
|
|
127
|
+
next();
|
|
128
|
+
} catch (err) {
|
|
129
|
+
res.status(500).send({ message: err.message });
|
|
130
|
+
}
|
|
131
|
+
};
|
|
132
|
+
return {
|
|
133
|
+
checkOwnership,
|
|
134
|
+
checkDuplicateUsername,
|
|
135
|
+
checkDuplicateEmail,
|
|
136
|
+
checkDuplicatePhone,
|
|
137
|
+
checkUserExist
|
|
138
|
+
};
|
|
139
|
+
};
|
|
140
|
+
const { ObjectId } = mongodb;
|
|
141
|
+
const middlewareFactory$1 = (db) => {
|
|
142
|
+
const User = db.user;
|
|
143
|
+
const Invite = db.invite;
|
|
144
|
+
const Membership = db.membership;
|
|
145
|
+
const checkInviteExist = async (req, res, next) => {
|
|
146
|
+
for (let invite of req.body.invites) {
|
|
147
|
+
let query;
|
|
148
|
+
if (invite.contact.includes("@")) {
|
|
149
|
+
query = { invitedEmail: invite.contact };
|
|
150
|
+
} else {
|
|
151
|
+
query = { invitedPhone: invite.contact };
|
|
152
|
+
}
|
|
153
|
+
query["owner.target"] = req.body.owner.target;
|
|
154
|
+
const userInvite = await Invite.findOne(query).exec();
|
|
155
|
+
if (userInvite) {
|
|
156
|
+
console.log(userInvite);
|
|
157
|
+
res.status(400).send({ message: "Инвайт c таким email или телефоном уже создан!" });
|
|
158
|
+
return;
|
|
159
|
+
}
|
|
160
|
+
}
|
|
161
|
+
next();
|
|
162
|
+
};
|
|
163
|
+
const checkUsersExist = async (req, res, next) => {
|
|
164
|
+
for (let invite of req.body.invites) {
|
|
165
|
+
let query;
|
|
166
|
+
if (invite.contact.includes("@")) {
|
|
167
|
+
query = { email: invite.contact };
|
|
168
|
+
} else {
|
|
169
|
+
query = { phone: invite.contact };
|
|
170
|
+
}
|
|
171
|
+
const user = await User.findOne(query).exec();
|
|
172
|
+
console.log(req.params);
|
|
173
|
+
if (user) {
|
|
174
|
+
const membership = await Membership.findOne({
|
|
175
|
+
user: new ObjectId(user._id),
|
|
176
|
+
"owner.target": req.body.owner.target
|
|
177
|
+
}).exec();
|
|
178
|
+
if (membership) {
|
|
179
|
+
console.log(membership);
|
|
180
|
+
res.status(400).send({
|
|
181
|
+
message: "Пользователь с таким email или телефоном уже добавлен в организацию!"
|
|
182
|
+
});
|
|
183
|
+
return;
|
|
184
|
+
}
|
|
185
|
+
}
|
|
186
|
+
}
|
|
187
|
+
next();
|
|
188
|
+
};
|
|
189
|
+
return {
|
|
190
|
+
checkInviteExist,
|
|
191
|
+
checkUsersExist
|
|
192
|
+
};
|
|
193
|
+
};
|
|
194
|
+
const { sendEmail, sendSms } = mailing;
|
|
195
|
+
const RATE_LIMIT_SECONDS = 30;
|
|
196
|
+
const MAX_ATTEMPTS = 3;
|
|
197
|
+
const generateChallengeId = () => crypto.randomBytes(32).toString("hex");
|
|
198
|
+
let instance = null;
|
|
199
|
+
function initOtpService(db) {
|
|
200
|
+
const Otp = db.otp;
|
|
201
|
+
async function sendOtp({ identifier, type, purpose, target = null }) {
|
|
202
|
+
const existingOtp = await Otp.findOne({ identifier, purpose }).sort({ createdAt: -1 });
|
|
203
|
+
if (existingOtp) {
|
|
204
|
+
const secondsSinceCreated = (Date.now() - existingOtp.createdAt.getTime()) / 1e3;
|
|
205
|
+
if (secondsSinceCreated < RATE_LIMIT_SECONDS) {
|
|
206
|
+
return {
|
|
207
|
+
errorCode: "RATE_LIMITED",
|
|
208
|
+
status: 429,
|
|
209
|
+
retryAfter: Math.ceil(RATE_LIMIT_SECONDS - secondsSinceCreated)
|
|
210
|
+
};
|
|
211
|
+
}
|
|
212
|
+
}
|
|
213
|
+
if (target) {
|
|
214
|
+
await Otp.updateMany(
|
|
215
|
+
{ target: new db.mongoose.Types.ObjectId(target), purpose, invalidatedAt: null, verifiedAt: null },
|
|
216
|
+
{ invalidatedAt: /* @__PURE__ */ new Date() }
|
|
217
|
+
);
|
|
218
|
+
} else if (identifier) {
|
|
219
|
+
await Otp.updateMany(
|
|
220
|
+
{ identifier, purpose, invalidatedAt: null, verifiedAt: null },
|
|
221
|
+
{ invalidatedAt: /* @__PURE__ */ new Date() }
|
|
222
|
+
);
|
|
223
|
+
}
|
|
224
|
+
const code = String(crypto.randomInt(1e3, 1e4));
|
|
225
|
+
const challengeId = generateChallengeId();
|
|
226
|
+
let sent = false;
|
|
227
|
+
if (type === "email") {
|
|
228
|
+
sent = await sendEmail(
|
|
229
|
+
identifier,
|
|
230
|
+
`${process.env.APP_NAME} Verification Code`,
|
|
231
|
+
`Your ${process.env.APP_NAME} verification code is ${code}`
|
|
232
|
+
);
|
|
233
|
+
} else if (type === "phone") {
|
|
234
|
+
sent = await sendSms(identifier, `Your ${process.env.APP_NAME} verification code: ${code}`);
|
|
235
|
+
}
|
|
236
|
+
if (!sent) {
|
|
237
|
+
return { errorCode: "SEND_FAILED", status: 500 };
|
|
238
|
+
}
|
|
239
|
+
await Otp.create({ identifier, code, type, purpose, target: target ? new db.mongoose.Types.ObjectId(target) : null, challengeId });
|
|
240
|
+
return { success: true, challengeId };
|
|
241
|
+
}
|
|
242
|
+
async function verifyOtp({ challengeId, code, target = null }) {
|
|
243
|
+
const otp = await Otp.findOneAndUpdate(
|
|
244
|
+
{
|
|
245
|
+
challengeId,
|
|
246
|
+
verifiedAt: null,
|
|
247
|
+
invalidatedAt: null,
|
|
248
|
+
createdAt: { $gt: new Date(Date.now() - 10 * 60 * 1e3) },
|
|
249
|
+
attempts: { $lt: MAX_ATTEMPTS },
|
|
250
|
+
...target && { target: new db.mongoose.Types.ObjectId(target) }
|
|
251
|
+
},
|
|
252
|
+
{ $inc: { attempts: 1 } },
|
|
253
|
+
{ new: true }
|
|
254
|
+
);
|
|
255
|
+
if (!otp) {
|
|
256
|
+
return { errorCode: "CODE_NOT_FOUND" };
|
|
257
|
+
}
|
|
258
|
+
if (otp.code !== code) {
|
|
259
|
+
return { errorCode: "INVALID_CODE", attemptsLeft: MAX_ATTEMPTS - otp.attempts };
|
|
260
|
+
}
|
|
261
|
+
const consumed = await Otp.findOneAndUpdate(
|
|
262
|
+
{ _id: otp._id, verifiedAt: null, attempts: { $lte: MAX_ATTEMPTS } },
|
|
263
|
+
{ verifiedAt: /* @__PURE__ */ new Date() }
|
|
264
|
+
);
|
|
265
|
+
if (!consumed) {
|
|
266
|
+
return { errorCode: "ALREADY_USED" };
|
|
267
|
+
}
|
|
268
|
+
return { valid: true };
|
|
269
|
+
}
|
|
270
|
+
instance = { sendOtp, verifyOtp };
|
|
271
|
+
return instance;
|
|
272
|
+
}
|
|
273
|
+
function getOtpService() {
|
|
274
|
+
if (!instance) {
|
|
275
|
+
throw new Error("OTP service not initialized. Call initOtpService(db) first.");
|
|
276
|
+
}
|
|
277
|
+
return instance;
|
|
278
|
+
}
|
|
279
|
+
function maskIdentifier(identifier) {
|
|
280
|
+
if (identifier.includes("@")) {
|
|
281
|
+
const [name, domain] = identifier.split("@");
|
|
282
|
+
return `${name[0]}${"*".repeat(Math.max(name.length - 2, 1))}${name.slice(-1)}@${domain}`;
|
|
283
|
+
}
|
|
284
|
+
return `${identifier.slice(0, 2)}${"*".repeat(identifier.length - 4)}${identifier.slice(-2)}`;
|
|
285
|
+
}
|
|
286
|
+
const middlewareFactory = () => {
|
|
287
|
+
const { sendOtp, verifyOtp } = getOtpService();
|
|
288
|
+
const stepUp = (purpose, getCredentials) => {
|
|
289
|
+
return async (req, res, next) => {
|
|
290
|
+
const { identifier, type, target = null } = getCredentials(req);
|
|
291
|
+
if (!identifier || !type) {
|
|
292
|
+
return res.status(400).json({ errorCode: "IDENTIFIER_REQUIRED" });
|
|
293
|
+
}
|
|
294
|
+
const { challengeId, otp } = req.body;
|
|
295
|
+
if (challengeId && otp) {
|
|
296
|
+
const result2 = await verifyOtp({ challengeId, code: otp, target });
|
|
297
|
+
if (result2.errorCode) {
|
|
298
|
+
return res.status(result2.status || 400).json({ errorCode: result2.errorCode, attemptsLeft: result2.attemptsLeft });
|
|
299
|
+
}
|
|
300
|
+
return next();
|
|
301
|
+
}
|
|
302
|
+
const result = await sendOtp({ identifier, type, purpose, target });
|
|
303
|
+
if (result.errorCode) {
|
|
304
|
+
return res.status(result.status || 500).json({ errorCode: result.errorCode, retryAfter: result.retryAfter });
|
|
305
|
+
}
|
|
306
|
+
return res.status(200).json({
|
|
307
|
+
status: "requires_otp",
|
|
308
|
+
challenge: {
|
|
309
|
+
challengeId: result.challengeId,
|
|
310
|
+
identifier: maskIdentifier(identifier)
|
|
311
|
+
}
|
|
312
|
+
});
|
|
313
|
+
};
|
|
314
|
+
};
|
|
315
|
+
const dualVerify = (field) => {
|
|
316
|
+
return async (req, res, next) => {
|
|
317
|
+
const target = req.userId;
|
|
318
|
+
const targetId = req.params._id;
|
|
319
|
+
if (target !== targetId) {
|
|
320
|
+
return res.status(403).json({ errorCode: "FORBIDDEN" });
|
|
321
|
+
}
|
|
322
|
+
const oldContact = req.user[field];
|
|
323
|
+
const newContact = req.body[field];
|
|
324
|
+
if (!newContact) {
|
|
325
|
+
return res.status(400).json({ errorCode: "MISSING_FIELD", field });
|
|
326
|
+
}
|
|
327
|
+
if (!oldContact) {
|
|
328
|
+
const { challengeId, otp } = req.body;
|
|
329
|
+
if (challengeId && otp) {
|
|
330
|
+
const result2 = await verifyOtp({ challengeId, code: otp, target });
|
|
331
|
+
if (result2.errorCode) {
|
|
332
|
+
return res.status(result2.status || 400).json({ errorCode: result2.errorCode, attemptsLeft: result2.attemptsLeft });
|
|
333
|
+
}
|
|
334
|
+
return next();
|
|
335
|
+
}
|
|
336
|
+
const result = await sendOtp({ identifier: newContact, type: field, purpose: `add-${field}`, target });
|
|
337
|
+
if (result.errorCode) {
|
|
338
|
+
return res.status(result.status || 500).json({ errorCode: result.errorCode, retryAfter: result.retryAfter });
|
|
339
|
+
}
|
|
340
|
+
return res.status(200).json({
|
|
341
|
+
status: "requires_otp",
|
|
342
|
+
challenge: {
|
|
343
|
+
challengeId: result.challengeId,
|
|
344
|
+
identifier: maskIdentifier(newContact)
|
|
345
|
+
}
|
|
346
|
+
});
|
|
347
|
+
}
|
|
348
|
+
const hasChallenges = req.body.challenges && Array.isArray(req.body.challenges) && req.body.challenges.length > 0;
|
|
349
|
+
if (!hasChallenges) {
|
|
350
|
+
const oldResult = await sendOtp({ identifier: oldContact, type: field, purpose: `change-${field}-old`, target });
|
|
351
|
+
if (oldResult.errorCode) {
|
|
352
|
+
return res.status(oldResult.status || 500).json({
|
|
353
|
+
errorCode: oldResult.errorCode,
|
|
354
|
+
retryAfter: oldResult.retryAfter,
|
|
355
|
+
field: "old"
|
|
356
|
+
});
|
|
357
|
+
}
|
|
358
|
+
const newResult = await sendOtp({ identifier: newContact, type: field, purpose: `change-${field}-new`, target });
|
|
359
|
+
if (newResult.errorCode) {
|
|
360
|
+
return res.status(newResult.status || 500).json({
|
|
361
|
+
errorCode: newResult.errorCode,
|
|
362
|
+
retryAfter: newResult.retryAfter,
|
|
363
|
+
field: "new"
|
|
364
|
+
});
|
|
365
|
+
}
|
|
366
|
+
return res.json({
|
|
367
|
+
status: "requires_otp",
|
|
368
|
+
mode: "dual",
|
|
369
|
+
challenges: [
|
|
370
|
+
{ challengeId: oldResult.challengeId, identifier: maskIdentifier(oldContact), label: "old" },
|
|
371
|
+
{ challengeId: newResult.challengeId, identifier: maskIdentifier(newContact), label: "new" }
|
|
372
|
+
]
|
|
373
|
+
});
|
|
374
|
+
}
|
|
375
|
+
const { challenges } = req.body;
|
|
376
|
+
if (!Array.isArray(challenges) || challenges.length !== 2) {
|
|
377
|
+
return res.status(400).json({ errorCode: "INVALID_CHALLENGES" });
|
|
378
|
+
}
|
|
379
|
+
for (const c of challenges) {
|
|
380
|
+
if (typeof c.challengeId !== "string" || c.challengeId.length !== 64) {
|
|
381
|
+
return res.status(400).json({ errorCode: "INVALID_CHALLENGE_ID" });
|
|
382
|
+
}
|
|
383
|
+
if (typeof c.code !== "string" || c.code.length !== 4) {
|
|
384
|
+
return res.status(400).json({ errorCode: "INVALID_CODE_FORMAT" });
|
|
385
|
+
}
|
|
386
|
+
}
|
|
387
|
+
const oldValid = await verifyOtp({ challengeId: challenges[0].challengeId, code: challenges[0].code, target });
|
|
388
|
+
if (oldValid.errorCode) {
|
|
389
|
+
return res.status(oldValid.status || 400).json({
|
|
390
|
+
errorCode: oldValid.errorCode,
|
|
391
|
+
field: "old",
|
|
392
|
+
attemptsLeft: oldValid.attemptsLeft
|
|
393
|
+
});
|
|
394
|
+
}
|
|
395
|
+
const newValid = await verifyOtp({ challengeId: challenges[1].challengeId, code: challenges[1].code, target });
|
|
396
|
+
if (newValid.errorCode) {
|
|
397
|
+
return res.status(newValid.status || 400).json({
|
|
398
|
+
errorCode: newValid.errorCode,
|
|
399
|
+
field: "new",
|
|
400
|
+
attemptsLeft: newValid.attemptsLeft
|
|
401
|
+
});
|
|
402
|
+
}
|
|
403
|
+
next();
|
|
404
|
+
};
|
|
405
|
+
};
|
|
406
|
+
return { stepUp, dualVerify };
|
|
407
|
+
};
|
|
408
|
+
const middlewareIndexFactory = (db) => {
|
|
409
|
+
const authJwt = middlewareFactory$5(db);
|
|
410
|
+
const authSecret = middlewareFactory$4();
|
|
411
|
+
const verifySignUp = middlewareFactory$3(db);
|
|
412
|
+
const verifyUser = middlewareFactory$2(db);
|
|
413
|
+
const verifyInvites = middlewareFactory$1(db);
|
|
414
|
+
const otp = middlewareFactory();
|
|
415
|
+
return {
|
|
416
|
+
authJwt,
|
|
417
|
+
authSecret,
|
|
418
|
+
verifySignUp,
|
|
419
|
+
verifyUser,
|
|
420
|
+
verifyInvites,
|
|
421
|
+
otp
|
|
422
|
+
};
|
|
423
|
+
};
|
|
424
|
+
export {
|
|
425
|
+
initOtpService as i,
|
|
426
|
+
middlewareIndexFactory as m
|
|
427
|
+
};
|
package/dist/inventory.server.js
CHANGED
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
import { a as applyOwnershipSchema } from "./ownership.schema-fwwDf_e5.js";
|
|
2
|
-
import { m as middlewareFactory } from "./authJwt-
|
|
2
|
+
import { m as middlewareFactory } from "./authJwt-DKbMMjw0.js";
|
|
3
3
|
import { L as LoggerNamespaced, c as coreabac } from "./abac-BPl9Bmf9.js";
|
|
4
4
|
import { q as queryProcessorCore } from "./queryProcessor-C_5Iipam.js";
|
|
5
5
|
import { C as CacheNamespaced } from "./core.cache-DALYFDdy.js";
|
|
6
6
|
import { O as ObserverNamespaced } from "./core.observer-MZsqaE6F.js";
|
|
7
7
|
import { a as Validator, V as Verifier } from "./core.verifier-gPPX_jhf.js";
|
|
8
|
-
import { C as CRUD } from "./crud-
|
|
8
|
+
import { C as CRUD } from "./crud-DpOXTZep.js";
|
|
9
9
|
const StockAdjustmentModel = (db) => {
|
|
10
10
|
const StockAdjustmentSchema = new db.mongoose.Schema({
|
|
11
11
|
product: {
|
|
@@ -41,12 +41,25 @@ async function sendEmail(to, subject, text, files = []) {
|
|
|
41
41
|
}
|
|
42
42
|
}
|
|
43
43
|
async function sendSms(phone, message) {
|
|
44
|
-
const sessionUrl = `https://api.sms.to/sms/send?api_key=${process.env.SMS_API_KEY}&to=${phone}&message=${encodeURIComponent(message)}&sender_id=${encodeURIComponent(process.env.APP_NAME)}`;
|
|
45
44
|
try {
|
|
46
|
-
const response = await axios.
|
|
45
|
+
const response = await axios.post(
|
|
46
|
+
"https://api.brevo.com/v3/transactionalSMS/send",
|
|
47
|
+
{
|
|
48
|
+
recipient: phone,
|
|
49
|
+
sender: process.env.APP_NAME?.slice(0, 11) || "App",
|
|
50
|
+
content: message,
|
|
51
|
+
type: "transactional"
|
|
52
|
+
},
|
|
53
|
+
{
|
|
54
|
+
headers: {
|
|
55
|
+
"api-key": process.env.BREVO_API_KEY,
|
|
56
|
+
"Content-Type": "application/json"
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
);
|
|
47
60
|
return true;
|
|
48
61
|
} catch (error) {
|
|
49
|
-
console.
|
|
62
|
+
console.error("SMS send failed");
|
|
50
63
|
return false;
|
|
51
64
|
}
|
|
52
65
|
}
|