npm - @ozdao/martyrs - Versions diffs - 0.2.585 → 0.2.587 - Mend

@ozdao/martyrs 0.2.585 → 0.2.587

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (391) hide show

package/dist/auth.server.js CHANGED Viewed

@@ -1,12 +1,13 @@
-import { a as applyProfileSchema, m as modelsFactory } from "./profile.schema-CjLOfG7b.js";
-import { m as middlewareIndexFactory } from "./index-_Edcmck_.js";
+import { m as middlewareIndexFactory, i as initOtpService } from "./index-kvBwwb0w.js";
 import bcrypt from "bcryptjs";
 import jwt from "jsonwebtoken";
 import { Types } from "mongoose";
 import jwkToPem from "jwk-to-pem";
-import { m as mailing } from "./mailing-DuEFRsa3.js";
+import { g as getSessionsService } from "./sessions.service-COcwjd0f.js";
+import { g as getVisitorsService } from "./visitors.service-B1dhhuSo.js";
 import { a as addUserStatusFields, b as addMembersQuantity } from "./addUserStatusFields-Cc-JpmPo.js";
 import { a as applyCredentialsSchema } from "./credentials.schema--2vvcu8c.js";
+import { a as applyProfileSchema } from "./profile.schema-C31Lynn3.js";
 import { a as applySocialsSchema } from "./socials.schema-DxnnaBgO.js";
 async function verifyAppleIdToken(id_token) {
   const decodedToken = jwt.decode(id_token, { complete: true });
@@ -43,7 +44,7 @@ async function verifyAppleIdToken(id_token) {
   return decodedToken.payload;
 }
 const ObjectId$1 = { Types }.Types.ObjectId;
-const controllerFactory$2 = (db) => {
+const controllerFactory$1 = (db) => {
   const User = db.user;
   const Membership = db.membership;
   db.department;
@@ -91,9 +92,24 @@ const controllerFactory$2 = (db) => {
           return res.status(401).send({ errorCode: "INCORRECT_PASSWORD_ENTERED", accessToken: null });
         }
       }
+      const sessionsService = getSessionsService();
+      const session = await sessionsService.createSession({
+        userId: user._id,
+        visitorId: req.visitorId || null,
+        req
+      });
+      if (req.visitorId) {
+        const visitorsService = getVisitorsService();
+        await visitorsService.linkVisitorToUser({
+          visitorId: req.visitorId,
+          userId: user._id,
+          sessionId: session._id
+        });
+      }
       const token = jwt.sign(
         {
-          _id: user._id
+          _id: user._id,
+          session_id: session._id
         },
         process.env.SECRET_KEY,
         {
@@ -167,9 +183,24 @@ const controllerFactory$2 = (db) => {
         console.log(err);
       }
     }
+    const sessionsService = getSessionsService();
+    const session = await sessionsService.createSession({
+      userId: user._id,
+      visitorId: req.visitorId || null,
+      req
+    });
+    if (req.visitorId) {
+      const visitorsService = getVisitorsService();
+      await visitorsService.linkVisitorToUser({
+        visitorId: req.visitorId,
+        userId: user._id,
+        sessionId: session._id
+      });
+    }
     const token = jwt.sign(
       {
         _id: user._id,
+        session_id: session._id,
         organization: invite ? invite.organization : null
       },
       process.env.SECRET_KEY,
@@ -189,17 +220,11 @@ const controllerFactory$2 = (db) => {
   };
   const updatePassword = async (req, res) => {
     try {
-      const { phone, email, password, type } = req.body;
-      let query;
-      if (type === "phone" && phone) {
-        query = { phone };
-      }
-      if (type === "email" && email) {
-        query = { email };
-      }
-      if (!query || !password) {
+      const { identifier, password, type } = req.body;
+      if (!identifier || !type || !password) {
         return res.status(400).send({ errorCode: "MISSING_REQUIRED_PARAMETERS" });
       }
+      const query = type === "phone" ? { phone: identifier } : { email: identifier };
       const salt = await bcrypt.genSalt(8);
       const hashedPassword = await bcrypt.hash(password, salt);
       const user = await User.findOneAndUpdate(query, {
@@ -208,7 +233,14 @@ const controllerFactory$2 = (db) => {
       if (!user) {
         return res.status(404).send({ errorCode: "ERROR_UPDATING_USER" });
       }
-      const token = jwt.sign({ _id: user._id }, process.env.SECRET_KEY, {
+      const sessionsService = getSessionsService();
+      await sessionsService.deactivateAllUserSessions(user._id);
+      const session = await sessionsService.createSession({
+        userId: user._id,
+        visitorId: req.visitorId || null,
+        req
+      });
+      const token = jwt.sign({ _id: user._id, session_id: session._id }, process.env.SECRET_KEY, {
         expiresIn: 86400
       });
       const authorities = user.roles.map((role) => `ROLE_${role.name.toUpperCase()}`);
@@ -231,54 +263,54 @@ const controllerFactory$2 = (db) => {
     updatePassword
   };
 };
-const { sendEmail, sendSms } = mailing;
-const controllerFactory$1 = (db) => {
-  const sendcode = async (req, res) => {
-    const code = Math.floor(1e3 + Math.random() * 9e3);
-    const type = req.body.type;
-    const method = req.body.method;
-    if (type === "email") {
-      const emailSent = await sendEmail(req.body.email, `${process.env.APP_NAME} Verification Code`, `Your ${process.env.APP_NAME} verification code is ${code}`);
-      if (emailSent) {
-        res.send({ code, type, method });
-      } else {
-        console.log(emailSent);
-        res.status(500).send("Failed to send email");
-      }
-    } else if (type === "phone") {
-      const smsSent = await sendSms(req.body.phone, `Your ${process.env.APP_NAME} verification code: ${code}`);
-      if (smsSent) {
-        res.send({ code, type, method });
-      } else {
-        res.status(500).send("Failed to send SMS");
-      }
-    }
-  };
-  return {
-    sendcode
-  };
-};
 const authRoutes = (function(app, db, origins) {
-  const controller = controllerFactory$2(db);
-  const controllerTwofa = controllerFactory$1();
-  const { verifySignUp, verifyUser } = middlewareIndexFactory(db);
+  const controller = controllerFactory$1(db);
+  const { verifySignUp, verifyUser, otp, authJwt } = middlewareIndexFactory(db);
   app.post(
     "/api/auth/signup",
     [
-      verifySignUp.checkDuplicateUsernameOrEmail
-      // verifySignUp.checkRolesExisted
+      verifySignUp.checkDuplicateUsernameOrEmail,
+      otp.stepUp("signup", (req) => ({
+        identifier: req.body.type === "email" ? req.body.email : req.body.phone,
+        type: req.body.type
+      }))
     ],
     controller.signup
   );
   app.post("/api/auth/signin", controller.signin);
-  app.post("/api/auth/reset-password", [verifyUser.checkUserExist], controllerTwofa.sendcode);
-  app.post("/api/auth/update-password", controller.updatePassword);
-});
-const twofaRoutes = (function(app, db) {
-  const controller = controllerFactory$1();
-  const { verifySignUp, verifyUser } = middlewareIndexFactory(db);
-  app.post("/api/twofa/sendcode", [verifySignUp.checkDuplicateUsernameOrEmail], controller.sendcode);
-  app.post("/api/twofa/sendcodereset", [verifyUser.checkUserExist], controller.sendcode);
+  app.post(
+    "/api/auth/reset-password",
+    [
+      verifyUser.checkUserExist,
+      otp.stepUp("reset-password", (req) => ({
+        identifier: req.body.identifier,
+        type: req.body.type
+      }))
+    ],
+    controller.updatePassword
+  );
+  app.post("/api/auth/logout", [authJwt.verifyToken()], async (req, res) => {
+    try {
+      if (req.sessionId) {
+        const sessionsService = getSessionsService();
+        await sessionsService.deactivateSession(req.sessionId);
+      }
+      res.status(200).send({ success: true });
+    } catch (err) {
+      res.status(500).send({ message: err.message });
+    }
+  });
+  app.post("/api/auth/logout-all", [authJwt.verifyToken()], async (req, res) => {
+    try {
+      if (req.userId) {
+        const sessionsService = getSessionsService();
+        await sessionsService.deactivateAllUserSessions(req.userId);
+      }
+      res.status(200).send({ success: true });
+    } catch (err) {
+      res.status(500).send({ message: err.message });
+    }
+  });
 });
 const ObjectId = { Types }.Types.ObjectId;
 const controllerFactory = (db) => {
@@ -343,6 +375,13 @@ const controllerFactory = (db) => {
     });
     query.push(addMembersQuantity());
     if (req.query.user) query.push(addUserStatusFields(req.query.user));
+    query.push({
+      $project: {
+        password: 0,
+        refreshToken: 0,
+        __v: 0
+      }
+    });
     query.push({
       $skip: skip
     });
@@ -371,14 +410,16 @@ const controllerFactory = (db) => {
       if (!user) {
         return res.status(404).send({ errorCode: "USER_NOT_CREATED", message: "User is not created." });
       }
-      res.status(200).send(user);
+      const { password, refreshToken, __v, ...safeUser } = user.toObject();
+      res.status(200).send(safeUser);
     } catch (err) {
       return res.status(500).send({ errorCode: "INTERNAL_SERVER_ERROR", message: err });
     }
   };
   const update = async (req, res) => {
     try {
-      const user = await User.findOneAndUpdate({ _id: req.params._id }, req.body, { new: true });
+      const { email, phone, ...safeData } = req.body;
+      const user = await User.findOneAndUpdate({ _id: req.params._id }, safeData, { new: true }).select("-password -refreshToken -__v");
       if (!user) {
         return res.status(404).send({ errorCode: "UPDATE_FAILED", message: "Something wrong when updating user." });
       }
@@ -387,11 +428,30 @@ const controllerFactory = (db) => {
       return res.status(500).send({ errorCode: "INTERNAL_SERVER_ERROR", message: err });
     }
   };
-  const remove = async (req, res) => {
+  const updateEmail = async (req, res) => {
     try {
-      const user = await User.findOneAndDelete({ phone: req.params.phone });
+      const user = await User.findOneAndUpdate(
+        { _id: req.params._id },
+        { email: req.body.email },
+        { new: true }
+      ).select("-password -refreshToken -__v");
       if (!user) {
-        return res.status(404).send({ errorCode: "DELETION_FAILED", message: "User is not deleted." });
+        return res.status(404).send({ errorCode: "UPDATE_FAILED", message: "Something wrong when updating email." });
+      }
+      res.status(200).send(user);
+    } catch (err) {
+      return res.status(500).send({ errorCode: "INTERNAL_SERVER_ERROR", message: err });
+    }
+  };
+  const updatePhone = async (req, res) => {
+    try {
+      const user = await User.findOneAndUpdate(
+        { _id: req.params._id },
+        { phone: req.body.phone },
+        { new: true }
+      ).select("-password -refreshToken -__v");
+      if (!user) {
+        return res.status(404).send({ errorCode: "UPDATE_FAILED", message: "Something wrong when updating phone." });
       }
       res.status(200).send(user);
     } catch (err) {
@@ -402,31 +462,35 @@ const controllerFactory = (db) => {
     read,
     create,
     update,
-    remove
+    updateEmail,
+    updatePhone
   };
 };
 const usersRoutes = (function(app, db, origins) {
   const controller = controllerFactory(db);
-  const { authJwt, verifyUser } = middlewareIndexFactory(db);
+  const { authJwt, verifyUser, otp } = middlewareIndexFactory(db);
   app.post("/api/users", [authJwt.verifyToken(), verifyUser.checkDuplicateUsername], controller.create);
   app.get("/api/users", controller.read);
-  app.put("/api/users/:_id", [authJwt.verifyToken(), verifyUser.checkDuplicateUsername], controller.update);
-  app.delete("/api/users/:_id", [authJwt.verifyToken()], controller.remove);
+  app.put("/api/users/:_id", [
+    authJwt.verifyToken(),
+    verifyUser.checkOwnership,
+    verifyUser.checkDuplicateUsername
+  ], controller.update);
+  app.put("/api/users/:_id/email", [
+    authJwt.verifyToken(),
+    authJwt.loadUser,
+    verifyUser.checkOwnership,
+    verifyUser.checkDuplicateEmail,
+    otp.dualVerify("email")
+  ], controller.updateEmail);
+  app.put("/api/users/:_id/phone", [
+    authJwt.verifyToken(),
+    authJwt.loadUser,
+    verifyUser.checkOwnership,
+    verifyUser.checkDuplicatePhone,
+    otp.dualVerify("phone")
+  ], controller.updatePhone);
 });
-const RequestModel = (db) => {
-  const RequestSchema = new db.mongoose.Schema({
-    visitor: {
-      type: db.mongoose.Schema.Types.ObjectId,
-      ref: "Visitor"
-    },
-    path: String,
-    method: String,
-    timestamp: { type: Date, default: Date.now }
-  });
-  RequestSchema.index({ visitor: 1 });
-  const Request = db.mongoose.model("Request", RequestSchema);
-  return Request;
-};
 const RoleModel = (db) => {
   const RoleSchema = new db.mongoose.Schema({
     name: String
@@ -476,42 +540,56 @@ const UserModel = (db) => {
   const User = db.mongoose.model("User", UserSchema);
   return User;
 };
-const VisitorModel = (db) => {
-  const VisitorSchema = new db.mongoose.Schema({
-    ip: String,
-    userAgent: String,
-    acceptLanguage: String,
-    fingerprint: { type: String, unique: true }
+const OtpModel = (db) => {
+  const OtpSchema = new db.mongoose.Schema({
+    challengeId: { type: String, required: true, unique: true },
+    identifier: { type: String, required: true },
+    target: { type: db.mongoose.Schema.Types.ObjectId, ref: "User", default: null },
+    code: { type: String, required: true },
+    type: { type: String, enum: ["email", "phone"], required: true },
+    purpose: { type: String, required: true },
+    attempts: { type: Number, default: 0 },
+    verifiedAt: { type: Date, default: null },
+    invalidatedAt: { type: Date, default: null },
+    createdAt: { type: Date, default: Date.now, expires: 600 }
   });
-  const Visitor = db.mongoose.model("Visitor", VisitorSchema);
-  return Visitor;
+  OtpSchema.index({ identifier: 1, purpose: 1 });
+  OtpSchema.index({ target: 1, purpose: 1 }, { sparse: true });
+  return db.mongoose.model("Otp", OtpSchema);
 };
-function initializeAuth(app, db, origins, publicPath) {
+function initializeAuth({ app, db, origins, publicPath, wss }) {
   db.role = RoleModel(db);
   db.user = UserModel(db);
-  db.visitor = VisitorModel(db);
-  db.request = RequestModel(db);
+  db.otp = OtpModel(db);
+  initOtpService(db);
   if (app) {
     authRoutes(app, db);
-    twofaRoutes(app, db);
     usersRoutes(app, db);
-    const visitorModule = modelsFactory(db);
-    app.use(visitorModule.visitorLogger);
+  }
+  if (wss) {
+    wss.registerRpcMethod("auth", "getOnlineStatus", async ({ userId }) => {
+      if (!userId) return { isOnline: false, lastSeenAt: null };
+      const isOnline = wss.userConnections.has(userId.toString());
+      if (isOnline) return { isOnline: true, lastSeenAt: /* @__PURE__ */ new Date() };
+      const session = await db.session.findOne(
+        { target: new db.mongoose.Types.ObjectId(userId), isActive: true },
+        { lastSeenAt: 1 },
+        { sort: { lastSeenAt: -1 } }
+      ).lean();
+      return { isOnline: false, lastSeenAt: session?.lastSeenAt || null };
+    }, { requireAuth: false });
   }
 }
 const models = {
   RoleModel,
-  UserModel,
-  VisitorModel
+  UserModel
 };
 const routes = {
   authRoutes,
-  twofaRoutes,
   usersRoutes
 };
 const controllers = {
-  AuthController: controllerFactory$2,
-  TwoFaController: controllerFactory$1,
+  AuthController: controllerFactory$1,
   UsersController: controllerFactory
 };
 const auth_server = {

package/dist/{authJwt-J1csaMWA.js → authJwt-DKbMMjw0.js} RENAMED Viewed

@@ -1,4 +1,5 @@
 import jwt from "jsonwebtoken";
+import { g as getSessionsService } from "./sessions.service-COcwjd0f.js";
 const middlewareFactory = (db) => {
   const User = db.user;
   const Role = db.role;
@@ -28,6 +29,22 @@ const middlewareFactory = (db) => {
           }
         }
         const decoded = jwt.verify(token, process.env.SECRET_KEY);
+        if (decoded.session_id) {
+          const sessionsService = getSessionsService();
+          const session = await sessionsService.validateSession({
+            sessionId: decoded.session_id,
+            userId: decoded._id
+          });
+          if (!session) {
+            req.userId = null;
+            if (continueOnFail) {
+              return next();
+            } else {
+              return res.status(401).send({ message: "Unauthorized: Session expired or revoked" });
+            }
+          }
+          req.sessionId = decoded.session_id;
+        }
         req.userId = decoded._id;
         req.user = {
           _id: decoded._id
@@ -43,6 +60,21 @@ const middlewareFactory = (db) => {
       }
     };
   };
+  const loadUser = async (req, res, next) => {
+    try {
+      if (!req.userId) {
+        return res.status(401).json({ errorCode: "AUTH_REQUIRED" });
+      }
+      const user = await User.findById(req.userId).exec();
+      if (!user) {
+        return res.status(404).json({ errorCode: "USER_NOT_FOUND" });
+      }
+      req.user = user;
+      next();
+    } catch (err) {
+      res.status(500).send({ message: err.message });
+    }
+  };
   const checkRole = (roleToCheck) => async (req, res, next) => {
     try {
       const user = await User.findById(req.userId).exec();
@@ -66,6 +98,7 @@ const middlewareFactory = (db) => {
   const isModerator = checkRole("moderator");
   const authJwt = {
     verifyToken,
+    loadUser,
     isAdmin,
     isModerator
   };

package/dist/chats.server.js CHANGED Viewed

@@ -1,5 +1,5 @@
-import "./mailing-DuEFRsa3.js";
-import { m as middlewareIndexFactory } from "./index-_Edcmck_.js";
+import "./mailing-DT7nbNjZ.js";
+import { m as middlewareIndexFactory } from "./index-kvBwwb0w.js";
 const controllerFactory = (db) => {
   const ChatMessage = db.chat;
   const Department = db.department;
@@ -293,7 +293,7 @@ const chatsRoutes = (function(app, db, wss) {
     next();
   });
 });
-function initializeChats(app, db, wss, origins, publicPath) {
+function initializeChats({ app, db, wss, origins, publicPath }) {
   db.chat = ChatModel(db);
   if (app) {
     chatsRoutes(app, db, wss);

package/dist/community.server.js CHANGED Viewed

@@ -4,7 +4,7 @@ import { a as applyCommonSchema } from "./common.schema-DswiUXKB.js";
 import { a as applyEngagementSchema } from "./engagement.schema-fh6W1fb_.js";
 import { a as applyMetadataSchema } from "./metadata.schema-CIRR_WQ-.js";
 import { a as applyOwnershipSchema } from "./ownership.schema-fwwDf_e5.js";
-import { m as middlewareIndexFactory$1 } from "./index-_Edcmck_.js";
+import { m as middlewareIndexFactory$1 } from "./index-kvBwwb0w.js";
 import { c as coreabac } from "./abac-BPl9Bmf9.js";
 const ObjectId$2 = { Types }.Types.ObjectId;
 function getCommentsLookupStage() {
@@ -836,7 +836,7 @@ function initBlogPolicies(abac, db) {
   );
   return abac;
 }
-function initializeCommunity(app, db, origins, publicPath) {
+function initializeCommunity({ app, db, origins, publicPath }) {
   db.blogpost = BlogpostModel(db);
   db.comment = CommentModel(db);
   db.reaction = ReactionModel(db);