npm - @ozdao/prometheus-framework - Versions diffs - 0.2.138 → 0.2.139 - Mend

@ozdao/prometheus-framework 0.2.138 → 0.2.139

Files changed (186) hide show

package/dist/index-Tcyehi73.mjs ADDED Viewed

@@ -0,0 +1,260 @@
+import require$$0 from "jsonwebtoken";
+import require$$0$1 from "crypto";
+import require$$0$2 from "mongodb";
+var authJwt;
+var hasRequiredAuthJwt;
+function requireAuthJwt() {
+  if (hasRequiredAuthJwt) return authJwt;
+  hasRequiredAuthJwt = 1;
+  const jwt = require$$0;
+  const middlewareFactory = (db) => {
+    const User = db.user;
+    const Role = db.role;
+    const verifyToken = (continueOnFail = false) => {
+      return async (req, res, next) => {
+        try {
+          if (!req.cookies.user) {
+            req.userId = null;
+            if (continueOnFail) {
+              return next();
+            } else {
+              return res.status(401).send({ message: "Unauthorized: No user cookie" });
+            }
+          }
+          let user = JSON.parse(req.cookies.user);
+          let token = req.headers["x-access-token"] || user.accessToken;
+          if (!token) {
+            req.userId = null;
+            if (continueOnFail) {
+              return next();
+            } else {
+              return res.status(401).send({ message: "Unauthorized: No token provided" });
+            }
+          }
+          const decoded = jwt.verify(token, process.env.SECRET_KEY);
+          req.userId = decoded._id;
+          next();
+        } catch (err) {
+          console.log(err);
+          req.userId = null;
+          if (continueOnFail) {
+            next();
+          } else {
+            res.status(401).send({ message: "Unauthorized: Invalid token" });
+          }
+        }
+      };
+    };
+    const checkRole = (roleToCheck) => async (req, res, next) => {
+      try {
+        const user = await User.findById(req.userId).exec();
+        if (!user) {
+          return res.status(404).send({ message: "User Not found." });
+        }
+        const roles = await Role.find({ _id: { $in: user.roles } }).exec();
+        for (let role of roles) {
+          if (role.name === roleToCheck) {
+            next();
+            return;
+          }
+        }
+        res.status(403).send({ message: `Require ${roleToCheck} Role!` });
+      } catch (err) {
+        res.status(500).send({ message: err.message });
+      }
+    };
+    const isAdmin = checkRole("admin");
+    const isModerator = checkRole("moderator");
+    return {
+      verifyToken,
+      isAdmin,
+      isModerator
+    };
+  };
+  authJwt = middlewareFactory;
+  return authJwt;
+}
+var authSecret;
+var hasRequiredAuthSecret;
+function requireAuthSecret() {
+  if (hasRequiredAuthSecret) return authSecret;
+  hasRequiredAuthSecret = 1;
+  const crypto = require$$0$1;
+  const middlewareFactory = () => {
+    const verifySecret = (method, endpoint, secret) => async (req, res, next) => {
+      const requestSignature = req.headers.signature;
+      const signature = crypto.createHmac("sha256", secret).update(method + endpoint).digest("hex");
+      if (signature === requestSignature) {
+        return next();
+      }
+      res.status(403).send("Forbidden");
+    };
+    return { verifySecret };
+  };
+  authSecret = middlewareFactory;
+  return authSecret;
+}
+var verifySignUp;
+var hasRequiredVerifySignUp;
+function requireVerifySignUp() {
+  if (hasRequiredVerifySignUp) return verifySignUp;
+  hasRequiredVerifySignUp = 1;
+  const middlewareFactory = (db) => {
+    const User = db.user;
+    db.role;
+    const checkDuplicateUsernameOrEmail = async (req, res, next) => {
+      const { type, email, phone } = req.body;
+      console.log(req.body);
+      let query;
+      if (type === "phone" && phone) {
+        query = { phone };
+      }
+      if (type === "email" && email) {
+        query = { email };
+      }
+      try {
+        const user = await User.findOne(query).exec();
+        if (user) {
+          console.log(`USER_ALREADY_REGISTERED`);
+          res.status(400).send({ errorCode: "USER_ALREADY_REGISTERED" });
+          return;
+        }
+        next();
+      } catch (err) {
+        console.log(err);
+        res.status(500).send({ message: err.message });
+      }
+    };
+    const checkRolesExisted = (req, res, next) => {
+      if (req.body.roles) {
+        for (let i = 0; i < req.body.roles.length; i++) {
+          if (!ROLES.includes(req.body.roles[i])) {
+            console.log(`Failed! Role ${req.body.roles[i]} does not exist!`);
+            res.status(400).send({
+              message: `Failed! Role ${req.body.roles[i]} does not exist!`
+            });
+            return;
+          }
+        }
+      }
+      next();
+    };
+    return {
+      checkDuplicateUsernameOrEmail,
+      checkRolesExisted
+    };
+  };
+  verifySignUp = middlewareFactory;
+  return verifySignUp;
+}
+var verifyUser;
+var hasRequiredVerifyUser;
+function requireVerifyUser() {
+  if (hasRequiredVerifyUser) return verifyUser;
+  hasRequiredVerifyUser = 1;
+  const middlewareFactory = (db) => {
+    const User = db.user;
+    db.role;
+    const checkUserExist = async (req, res, next) => {
+      const { type, email, phone } = req.body;
+      let query;
+      if (type === "phone" && phone) {
+        query = { phone };
+      }
+      if (type === "email" && email) {
+        query = { email };
+      }
+      try {
+        const user = await User.findOne(query).exec();
+        if (!user) {
+          console.log(query);
+          res.status(400).send({ errorCode: "USER_NOT_REGISTERED_YET" });
+          return;
+        }
+        next();
+      } catch (err) {
+        res.status(500).send({ message: err.message });
+      }
+    };
+    return {
+      checkUserExist
+    };
+  };
+  verifyUser = middlewareFactory;
+  return verifyUser;
+}
+var verifyInvites;
+var hasRequiredVerifyInvites;
+function requireVerifyInvites() {
+  if (hasRequiredVerifyInvites) return verifyInvites;
+  hasRequiredVerifyInvites = 1;
+  const { ObjectId } = require$$0$2;
+  const middlewareFactory = (db) => {
+    const User = db.user;
+    const Invite = db.invite;
+    const Membership = db.membership;
+    const checkInviteExist = async (req, res, next) => {
+      for (let invite of req.body.invites) {
+        let query;
+        if (invite.contact.includes("@")) {
+          query = { invitedEmail: invite.contact };
+        } else {
+          query = { invitedPhone: invite.contact };
+        }
+        query["owner.target"] = req.body.owner.target;
+        const userInvite = await Invite.findOne(query).exec();
+        if (userInvite) {
+          console.log(userInvite);
+          res.status(400).send({ message: "Инвайт c таким email или телефоном уже создан!" });
+          return;
+        }
+      }
+      next();
+    };
+    const checkUsersExist = async (req, res, next) => {
+      for (let invite of req.body.invites) {
+        let query;
+        if (invite.contact.includes("@")) {
+          query = { email: invite.contact };
+        } else {
+          query = { phone: invite.contact };
+        }
+        const user = await User.findOne(query).exec();
+        console.log(req.params);
+        if (user) {
+          const membership = await Membership.findOne({ user: new ObjectId(user._id), "owner.target": req.body.owner.target }).exec();
+          if (membership) {
+            console.log(membership);
+            res.status(400).send({ message: "Пользователь с таким email или телефоном уже добавлен в организацию!" });
+            return;
+          }
+        }
+      }
+      next();
+    };
+    return {
+      checkInviteExist,
+      checkUsersExist
+    };
+  };
+  verifyInvites = middlewareFactory;
+  return verifyInvites;
+}
+const middlewareIndexFactory = (db) => {
+  const authJwt2 = requireAuthJwt()(db);
+  const authSecret2 = requireAuthSecret()();
+  const verifySignUp2 = requireVerifySignUp()(db);
+  const verifyUser2 = requireVerifyUser()(db);
+  const verifyInvites2 = requireVerifyInvites()(db);
+  return {
+    authJwt: authJwt2,
+    authSecret: authSecret2,
+    verifySignUp: verifySignUp2,
+    verifyUser: verifyUser2,
+    verifyInvites: verifyInvites2
+  };
+};
+var middlewares = middlewareIndexFactory;
+export {
+  middlewares as m
+};

package/dist/orders.server.js CHANGED Viewed

@@ -5,7 +5,7 @@ const profile_schema = require("./profile.schema-CkOhhf37.js");
 const credentials_schema = require("./credentials.schema-B-KD_ozQ.js");
 const queryProcessor = require("./queryProcessor-iewDZq_f.js");
 const mailing = require("./mailing-BX0q8DIs.js");
-const index = require("./index-CDbtWkBj.js");
+const index = require("./index-DNI4aUP2.js");
 const require$$0 = require("node-cache");
 const applyOwnershipSchema$1 = ownership_schema.ownership_schema;
 var order_model = (db) => {
@@ -261,6 +261,7 @@ async function sendOrderMessage(orderData) {
 const controllerFactory$1 = (db) => {
   const Order = db.order;
   const Customer = db.customer;
+  const Leftover = db.leftover;
   const create = async (req, res) => {
     const orderData = req.body;
     req.userId || req.body.creator.target;
@@ -409,10 +410,10 @@ const controllerFactory$1 = (db) => {
 };
 var orders_controller = controllerFactory$1;
 const controllerFactory = orders_controller;
-const middlewareFactory = index.server;
+const middlewareFactoryAuth = index.middlewares;
 var orders_routes = function(app, db, origins, publicPath) {
   const controller = controllerFactory(db);
-  middlewareFactory(db);
+  middlewareFactoryAuth(db);
   app.post(
     "/api/orders/create",
     // [
@@ -441,7 +442,7 @@ var orders_routes = function(app, db, origins, publicPath) {
 };
 const NodeCache = require$$0;
 const stdTTL = 60 * 5;
-class Cache {
+let Cache$1 = class Cache {
   constructor(ttlSeconds = stdTTL) {
     this.cache = new NodeCache({ stdTTL: ttlSeconds });
   }
@@ -457,8 +458,8 @@ class Cache {
   async flush() {
     this.cache.flushAll();
   }
-}
-var globals_cashe = Cache;
+};
+var globals_cache = Cache$1;
 let Logger$1 = class Logger {
   static logModel = null;
   constructor(db) {
@@ -494,12 +495,12 @@ let Logger$1 = class Logger {
 };
 var globals_logger = Logger$1;
 const globalsQuery = queryProcessor.queryProcessor;
-const Cashe = globals_cashe;
+const Cache2 = globals_cache;
 const Logger2 = globals_logger;
 let CRUD$1 = class CRUD {
   constructor(basePath, app, db, model) {
     this.model = model;
-    this.cache = new Cashe();
+    this.cache = new Cache2();
     this.logger = new Logger2(db);
     this.app = app;
     this.basePath = basePath;

package/dist/orders.server.mjs CHANGED Viewed

@@ -4,7 +4,7 @@ import { p as profile_schema } from "./profile.schema-24ZpZQJe.mjs";
 import { c as credentials_schema } from "./credentials.schema-C9dmNy7o.mjs";
 import { q as queryProcessor } from "./queryProcessor-DQSFR9YA.mjs";
 import { m as mailing } from "./mailing-Cdp8NXhP.mjs";
-import { s as server } from "./index-C-8xOJnM.mjs";
+import { m as middlewares } from "./index-Tcyehi73.mjs";
 import require$$0 from "node-cache";
 const applyOwnershipSchema$1 = ownership_schema;
 var order_model = (db) => {
@@ -260,6 +260,7 @@ async function sendOrderMessage(orderData) {
 const controllerFactory$1 = (db) => {
   const Order = db.order;
   const Customer = db.customer;
+  const Leftover = db.leftover;
   const create = async (req, res) => {
     const orderData = req.body;
     req.userId || req.body.creator.target;
@@ -408,10 +409,10 @@ const controllerFactory$1 = (db) => {
 };
 var orders_controller = controllerFactory$1;
 const controllerFactory = orders_controller;
-const middlewareFactory = server;
+const middlewareFactoryAuth = middlewares;
 var orders_routes = function(app, db, origins, publicPath) {
   const controller = controllerFactory(db);
-  middlewareFactory(db);
+  middlewareFactoryAuth(db);
   app.post(
     "/api/orders/create",
     // [
@@ -440,7 +441,7 @@ var orders_routes = function(app, db, origins, publicPath) {
 };
 const NodeCache = require$$0;
 const stdTTL = 60 * 5;
-class Cache {
+let Cache$1 = class Cache {
   constructor(ttlSeconds = stdTTL) {
     this.cache = new NodeCache({ stdTTL: ttlSeconds });
   }
@@ -456,8 +457,8 @@ class Cache {
   async flush() {
     this.cache.flushAll();
   }
-}
-var globals_cashe = Cache;
+};
+var globals_cache = Cache$1;
 let Logger$1 = class Logger {
   static logModel = null;
   constructor(db) {
@@ -493,12 +494,12 @@ let Logger$1 = class Logger {
 };
 var globals_logger = Logger$1;
 const globalsQuery = queryProcessor;
-const Cashe = globals_cashe;
+const Cache2 = globals_cache;
 const Logger2 = globals_logger;
 let CRUD$1 = class CRUD {
   constructor(basePath, app, db, model) {
     this.model = model;
-    this.cache = new Cashe();
+    this.cache = new Cache2();
     this.logger = new Logger2(db);
     this.app = app;
     this.basePath = basePath;

package/dist/organizations.server.js CHANGED Viewed

@@ -9,7 +9,7 @@ const require$$5 = require("@googlemaps/google-maps-services-js");
 const addMembersQuantity$1 = require("./addMembersQuantity-B8UgqlUM.js");
 const queryProcessor = require("./queryProcessor-iewDZq_f.js");
 const mailing = require("./mailing-BX0q8DIs.js");
-const index = require("./index-CDbtWkBj.js");
+const index = require("./index-DNI4aUP2.js");
 const engagement_schema = require("./engagement.schema-D-9md46B.js");
 const ownership_schema = require("./ownership.schema-DN0SlQL6.js");
 const credentials_schema = require("./credentials.schema-B-KD_ozQ.js");
@@ -101,7 +101,6 @@ const controllerFactory$5 = (db) => {
     const sort = {
       ...sortParam === "distance" ? { "distanceExist": -1 } : {},
       [sortParam]: sortOrder === "desc" ? -1 : 1,
-      "numberOfProducts": -1,
       "_id": 1
     };
     console.log(sort);
@@ -179,7 +178,7 @@ const controllerFactory$5 = (db) => {
         console.log(err);
         return res.status(500).send({ message: "Error occurred while geocoding." });
       }
-      const radius = city ? 500 : state ? 1e3 : 5e3;
+      const radius = city ? 25 : state ? 50 : 250;
       matchConditions.push({
         "spots.location.coordinates": {
           $geoWithin: {
@@ -212,9 +211,9 @@ const controllerFactory$5 = (db) => {
       if (locationRadius) {
         radius = parseFloat(locationRadius) / earthRadiusKm;
       } else if (city) {
-        radius = 500 / earthRadiusKm;
+        radius = 25 / earthRadiusKm;
       } else if (state) {
-        radius = 1e3 / earthRadiusKm;
+        radius = 50 / earthRadiusKm;
       } else {
         radius = null;
       }
@@ -451,6 +450,7 @@ const ObjectId = require$$0.Types.ObjectId;
 const queryProcessorGlobals = queryProcessor.queryProcessor;
 const controllerFactory$4 = (db) => {
   const Membership = db.membership;
+  const Department = db.department;
   const read = async (req, res) => {
     try {
       let search = req.query.search;
@@ -537,15 +537,18 @@ const controllerFactory$4 = (db) => {
   };
   const deleteMembership = async (req, res) => {
     const { _id, type, target, user: user2, role } = req.body;
-    console.log(req.body);
     try {
-      const membership = _id ? await Membership.findOneAndDelete({ _id: new ObjectId(req.body._id) }) : await Membership.findOne({ type, target, user: user2, role });
+      const membership = _id ? await Membership.findOneAndDelete({ _id: new ObjectId(_id) }) : await Membership.findOneAndDelete({ type, target, user: user2, role });
       if (!membership) {
         return res.status(404).send({ errorCode: "MEMBERSHIP_NOT_FOUND" });
-      } else {
-        await Membership.deleteOne({ _id: membership._id });
-        res.status(200).send(membership);
       }
+      if (membership.type === "organization") {
+        await Department.updateMany(
+          { organization: target },
+          { $pull: { members: { user: user2 } } }
+        );
+      }
+      res.status(200).send(membership);
     } catch (error) {
       console.log(error);
       res.status(500).send({ errorCode: "SERVER_ERROR" });
@@ -591,9 +594,14 @@ const сontrollerFactory = (db) => {
     const creator = req.body.creator;
     const owner = req.body.owner;
     const list = req.body.invites;
+    const createdInvites = [];
+    const createdMemberships = [];
     try {
       for (let invite of list) {
         let user2 = null;
+        if (!invite || !invite.contact) {
+          continue;
+        }
         if (invite.contact.includes("@")) {
           user2 = await User.findOne({ email: invite.contact });
         } else {
@@ -607,7 +615,8 @@ const сontrollerFactory = (db) => {
             role: "member",
             label: "member"
           });
-          await membership.save();
+          const savedMembership = await membership.save();
+          createdMemberships.push(savedMembership);
         } else {
           const newInvite = new Invite({
             code: uuid(),
@@ -618,10 +627,11 @@ const сontrollerFactory = (db) => {
             phone: !invite.contact.includes("@") ? invite.contact : null
           });
           const savedInvite = await newInvite.save();
+          createdInvites.push(savedInvite);
           if (savedInvite.email !== null) {
             const to = savedInvite.email;
             const subject = "You have been added to the organization";
-            const text = `You have been invited to join an organization on ${process.env.APP_NAME}! Use this link to register: ${process.env.API_URL}/auth/invite?inviteCode=${newInvite.code}&type=email"`;
+            const text = `You have been invited to join an organization on ${process.env.APP_NAME}! Use this link to register: ${process.env.API_URL}/auth/invite?inviteCode=${newInvite.code}&type=email`;
             await sendEmail(to, subject, text);
           }
           if (savedInvite.phone !== null) {
@@ -631,7 +641,11 @@ const сontrollerFactory = (db) => {
           }
         }
       }
-      res.status(200).json({ message: "Invites sent successfully!" });
+      res.status(200).json({
+        message: "Invites sent successfully!",
+        createdInvites,
+        createdMemberships
+      });
     } catch (error) {
       console.error(error);
       res.status(500).json({ message: "Something went wrong" });
@@ -709,10 +723,10 @@ var memberships_routes = function(app, db) {
   );
 };
 const controllerFactory = invites_controller;
-const middlewareFactory = index.server;
+const middlewareFactoryAuth = index.middlewares;
 var invites_routes = function(app, db) {
   const controller = controllerFactory(db);
-  const { verifyInvites } = middlewareFactory(db);
+  const { verifyInvites } = middlewareFactoryAuth(db);
   app.get(
     "/api/invites/get/:_id",
     controller.getOneByCode
@@ -942,6 +956,7 @@ var organization_model = (db) => {
     timestamps: true
   });
   applyEngagementSchema(OrganizationSchema);
+  OrganizationSchema.index({ _id: 1, owner: 1 });
   const Organization = db.mongoose.model("Organization", OrganizationSchema);
   return Organization;
 };
@@ -978,6 +993,7 @@ var membership_model = (mongoose) => {
   }, {
     timestamps: true
   });
+  MembershipSchema.index({ user: 1, target: 1 });
   const Membership = mongoose.model("Membership", MembershipSchema);
   return Membership;
 };

package/dist/organizations.server.mjs CHANGED Viewed

@@ -8,7 +8,7 @@ import require$$5 from "@googlemaps/google-maps-services-js";
 import { a as addUserStatusFields_1, b as addMembersQuantity_1 } from "./addMembersQuantity-BXp_LeQd.mjs";
 import { q as queryProcessor } from "./queryProcessor-DQSFR9YA.mjs";
 import { m as mailing } from "./mailing-Cdp8NXhP.mjs";
-import { s as server } from "./index-C-8xOJnM.mjs";
+import { m as middlewares } from "./index-Tcyehi73.mjs";
 import { e as engagement_schema } from "./engagement.schema-CCdSLKd4.mjs";
 import { o as ownership_schema } from "./ownership.schema-oyx6eNkZ.mjs";
 import { c as credentials_schema } from "./credentials.schema-C9dmNy7o.mjs";
@@ -100,7 +100,6 @@ const controllerFactory$5 = (db) => {
     const sort = {
       ...sortParam === "distance" ? { "distanceExist": -1 } : {},
       [sortParam]: sortOrder === "desc" ? -1 : 1,
-      "numberOfProducts": -1,
       "_id": 1
     };
     console.log(sort);
@@ -178,7 +177,7 @@ const controllerFactory$5 = (db) => {
         console.log(err);
         return res.status(500).send({ message: "Error occurred while geocoding." });
       }
-      const radius = city ? 500 : state ? 1e3 : 5e3;
+      const radius = city ? 25 : state ? 50 : 250;
       matchConditions.push({
         "spots.location.coordinates": {
           $geoWithin: {
@@ -211,9 +210,9 @@ const controllerFactory$5 = (db) => {
       if (locationRadius) {
         radius = parseFloat(locationRadius) / earthRadiusKm;
       } else if (city) {
-        radius = 500 / earthRadiusKm;
+        radius = 25 / earthRadiusKm;
       } else if (state) {
-        radius = 1e3 / earthRadiusKm;
+        radius = 50 / earthRadiusKm;
       } else {
         radius = null;
       }
@@ -450,6 +449,7 @@ const ObjectId = require$$0.Types.ObjectId;
 const queryProcessorGlobals = queryProcessor;
 const controllerFactory$4 = (db) => {
   const Membership = db.membership;
+  const Department = db.department;
   const read = async (req, res) => {
     try {
       let search = req.query.search;
@@ -536,15 +536,18 @@ const controllerFactory$4 = (db) => {
   };
   const deleteMembership = async (req, res) => {
     const { _id, type, target, user: user2, role } = req.body;
-    console.log(req.body);
     try {
-      const membership = _id ? await Membership.findOneAndDelete({ _id: new ObjectId(req.body._id) }) : await Membership.findOne({ type, target, user: user2, role });
+      const membership = _id ? await Membership.findOneAndDelete({ _id: new ObjectId(_id) }) : await Membership.findOneAndDelete({ type, target, user: user2, role });
       if (!membership) {
         return res.status(404).send({ errorCode: "MEMBERSHIP_NOT_FOUND" });
-      } else {
-        await Membership.deleteOne({ _id: membership._id });
-        res.status(200).send(membership);
       }
+      if (membership.type === "organization") {
+        await Department.updateMany(
+          { organization: target },
+          { $pull: { members: { user: user2 } } }
+        );
+      }
+      res.status(200).send(membership);
     } catch (error) {
       console.log(error);
       res.status(500).send({ errorCode: "SERVER_ERROR" });
@@ -590,9 +593,14 @@ const сontrollerFactory = (db) => {
     const creator = req.body.creator;
     const owner = req.body.owner;
     const list = req.body.invites;
+    const createdInvites = [];
+    const createdMemberships = [];
     try {
       for (let invite of list) {
         let user2 = null;
+        if (!invite || !invite.contact) {
+          continue;
+        }
         if (invite.contact.includes("@")) {
           user2 = await User.findOne({ email: invite.contact });
         } else {
@@ -606,7 +614,8 @@ const сontrollerFactory = (db) => {
             role: "member",
             label: "member"
           });
-          await membership.save();
+          const savedMembership = await membership.save();
+          createdMemberships.push(savedMembership);
         } else {
           const newInvite = new Invite({
             code: uuid(),
@@ -617,10 +626,11 @@ const сontrollerFactory = (db) => {
             phone: !invite.contact.includes("@") ? invite.contact : null
           });
           const savedInvite = await newInvite.save();
+          createdInvites.push(savedInvite);
           if (savedInvite.email !== null) {
             const to = savedInvite.email;
             const subject = "You have been added to the organization";
-            const text = `You have been invited to join an organization on ${process.env.APP_NAME}! Use this link to register: ${process.env.API_URL}/auth/invite?inviteCode=${newInvite.code}&type=email"`;
+            const text = `You have been invited to join an organization on ${process.env.APP_NAME}! Use this link to register: ${process.env.API_URL}/auth/invite?inviteCode=${newInvite.code}&type=email`;
             await sendEmail(to, subject, text);
           }
           if (savedInvite.phone !== null) {
@@ -630,7 +640,11 @@ const сontrollerFactory = (db) => {
           }
         }
       }
-      res.status(200).json({ message: "Invites sent successfully!" });
+      res.status(200).json({
+        message: "Invites sent successfully!",
+        createdInvites,
+        createdMemberships
+      });
     } catch (error) {
       console.error(error);
       res.status(500).json({ message: "Something went wrong" });
@@ -708,10 +722,10 @@ var memberships_routes = function(app, db) {
   );
 };
 const controllerFactory = invites_controller;
-const middlewareFactory = server;
+const middlewareFactoryAuth = middlewares;
 var invites_routes = function(app, db) {
   const controller = controllerFactory(db);
-  const { verifyInvites } = middlewareFactory(db);
+  const { verifyInvites } = middlewareFactoryAuth(db);
   app.get(
     "/api/invites/get/:_id",
     controller.getOneByCode
@@ -941,6 +955,7 @@ var organization_model = (db) => {
     timestamps: true
   });
   applyEngagementSchema(OrganizationSchema);
+  OrganizationSchema.index({ _id: 1, owner: 1 });
   const Organization = db.mongoose.model("Organization", OrganizationSchema);
   return Organization;
 };
@@ -977,6 +992,7 @@ var membership_model = (mongoose) => {
   }, {
     timestamps: true
   });
+  MembershipSchema.index({ user: 1, target: 1 });
   const Membership = mongoose.model("Membership", MembershipSchema);
   return Membership;
 };