@teamvortexsoftware/vortex-nextjs-15-sdk 0.0.1 → 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +143 -373
- package/dist/config.d.ts +56 -11
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +81 -20
- package/dist/handlers/invitations.js +98 -84
- package/dist/handlers/jwt.d.ts.map +1 -1
- package/dist/handlers/jwt.js +58 -10
- package/dist/index.d.ts +3 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +8 -1
- package/dist/routes.d.ts +100 -10
- package/dist/routes.d.ts.map +1 -1
- package/dist/routes.js +100 -7
- package/dist/utils.d.ts +5 -5
- package/dist/utils.d.ts.map +1 -1
- package/dist/utils.js +37 -3
- package/package.json +11 -7
package/dist/config.d.ts
CHANGED
|
@@ -7,27 +7,72 @@ export interface AuthenticatedUser {
|
|
|
7
7
|
}[];
|
|
8
8
|
groups: {
|
|
9
9
|
type: string;
|
|
10
|
-
id
|
|
10
|
+
id?: string;
|
|
11
|
+
groupId?: string;
|
|
11
12
|
name: string;
|
|
12
13
|
}[];
|
|
13
14
|
role?: string;
|
|
15
|
+
attributes?: Record<string, any>;
|
|
14
16
|
}
|
|
15
|
-
export interface
|
|
16
|
-
|
|
17
|
+
export interface InvitationResource {
|
|
18
|
+
invitationId: string;
|
|
19
|
+
}
|
|
20
|
+
export interface InvitationTargetResource {
|
|
21
|
+
invitationIds: string[];
|
|
22
|
+
target: {
|
|
23
|
+
type: string;
|
|
24
|
+
value: string;
|
|
25
|
+
};
|
|
26
|
+
}
|
|
27
|
+
export interface GroupResource {
|
|
28
|
+
groupType: string;
|
|
29
|
+
groupId: string;
|
|
30
|
+
}
|
|
31
|
+
export interface AccessControlHook<T = any> {
|
|
32
|
+
(request: NextRequest, user: AuthenticatedUser | null, resource?: T): Promise<boolean>;
|
|
33
|
+
}
|
|
34
|
+
export interface InvitationAccessHook extends AccessControlHook<InvitationResource> {
|
|
35
|
+
}
|
|
36
|
+
export interface InvitationTargetAccessHook extends AccessControlHook<InvitationTargetResource> {
|
|
37
|
+
}
|
|
38
|
+
export interface GroupAccessHook extends AccessControlHook<GroupResource> {
|
|
39
|
+
}
|
|
40
|
+
export interface BasicAccessHook extends AccessControlHook<void> {
|
|
41
|
+
}
|
|
42
|
+
export interface JwtContext {
|
|
43
|
+
widgetId?: string;
|
|
44
|
+
groupId?: string;
|
|
45
|
+
groupType?: string;
|
|
17
46
|
}
|
|
18
47
|
export interface VortexConfig {
|
|
19
48
|
apiKey: string;
|
|
20
49
|
apiBaseUrl?: string;
|
|
21
50
|
authenticateUser?: (request: NextRequest) => Promise<AuthenticatedUser | null>;
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
51
|
+
generateJwtAttributes?: (request: NextRequest, context?: JwtContext) => Promise<Record<string, any>>;
|
|
52
|
+
canAccessInvitationsByTarget?: BasicAccessHook;
|
|
53
|
+
canAccessInvitation?: InvitationAccessHook;
|
|
54
|
+
canDeleteInvitation?: InvitationAccessHook;
|
|
55
|
+
canAcceptInvitations?: InvitationTargetAccessHook;
|
|
56
|
+
canAccessInvitationsByGroup?: GroupAccessHook;
|
|
57
|
+
canDeleteInvitationsByGroup?: GroupAccessHook;
|
|
58
|
+
canReinvite?: InvitationAccessHook;
|
|
29
59
|
}
|
|
30
60
|
export declare function configureVortex(config: VortexConfig): void;
|
|
31
|
-
export declare function
|
|
61
|
+
export declare function configureVortexAsync(configPromiseOrConfig: Promise<VortexConfig> | VortexConfig): void | Promise<void>;
|
|
62
|
+
export declare function configureVortexLazy(configFactory: () => Promise<VortexConfig>): void;
|
|
63
|
+
export declare function getVortexConfig(request?: NextRequest): Promise<VortexConfig>;
|
|
32
64
|
export declare function authenticateRequest(request: NextRequest): Promise<AuthenticatedUser | null>;
|
|
65
|
+
/**
|
|
66
|
+
* Creates a set of access control hooks that allow all operations.
|
|
67
|
+
* Useful for demos, development, or when you want to handle authorization elsewhere.
|
|
68
|
+
*/
|
|
69
|
+
export declare function createAllowAllAccessControl(): {
|
|
70
|
+
canAccessInvitationsByTarget: () => Promise<boolean>;
|
|
71
|
+
canAccessInvitation: () => Promise<boolean>;
|
|
72
|
+
canDeleteInvitation: () => Promise<boolean>;
|
|
73
|
+
canAcceptInvitations: () => Promise<boolean>;
|
|
74
|
+
canAccessInvitationsByGroup: () => Promise<boolean>;
|
|
75
|
+
canDeleteInvitationsByGroup: () => Promise<boolean>;
|
|
76
|
+
canReinvite: () => Promise<boolean>;
|
|
77
|
+
};
|
|
33
78
|
//# sourceMappingURL=config.d.ts.map
|
package/dist/config.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE;QAAE,IAAI,EAAE,OAAO,GAAG,KAAK,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IACxD,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE;QAAE,IAAI,EAAE,OAAO,GAAG,KAAK,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IACxD,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,EAAE,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IACxE,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC;AAGD,MAAM,WAAW,kBAAkB;IACjC,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,wBAAwB;IACvC,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,MAAM,EAAE;QACN,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;CACH;AAED,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAGD,MAAM,WAAW,iBAAiB,CAAC,CAAC,GAAG,GAAG;IACxC,CAAC,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,iBAAiB,GAAG,IAAI,EAAE,QAAQ,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACxF;AAGD,MAAM,WAAW,oBAAqB,SAAQ,iBAAiB,CAAC,kBAAkB,CAAC;CAAG;AACtF,MAAM,WAAW,0BAA2B,SAAQ,iBAAiB,CAAC,wBAAwB,CAAC;CAAG;AAClG,MAAM,WAAW,eAAgB,SAAQ,iBAAiB,CAAC,aAAa,CAAC;CAAG;AAC5E,MAAM,WAAW,eAAgB,SAAQ,iBAAiB,CAAC,IAAI,CAAC;CAAG;AAEnE,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAAC;IAE/E,qBAAqB,CAAC,EAAE,CAAC,OAAO,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE,UAAU,KAAK,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IAErG,4BAA4B,CAAC,EAAE,eAAe,CAAC;IAC/C,mBAAmB,CAAC,EAAE,oBAAoB,CAAC;IAC3C,mBAAmB,CAAC,EAAE,oBAAoB,CAAC;IAC3C,oBAAoB,CAAC,EAAE,0BAA0B,CAAC;IAClD,2BAA2B,CAAC,EAAE,eAAe,CAAC;IAC9C,2BAA2B,CAAC,EAAE,eAAe,CAAC;IAC9C,WAAW,CAAC,EAAE,oBAAoB,CAAC;CACpC;AAQD,wBAAgB,eAAe,CAAC,MAAM,EAAE,YAAY,GAAG,IAAI,CAY1D;AAED,wBAAgB,oBAAoB,CAAC,qBAAqB,EAAE,OAAO,CAAC,YAAY,CAAC,GAAG,YAAY,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAQtH;AAED,wBAAgB,mBAAmB,CAAC,aAAa,EAAE,MAAM,OAAO,CAAC,YAAY,CAAC,GAAG,IAAI,CAKpF;AAED,wBAAsB,eAAe,CAAC,OAAO,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC,CAyClF;AAGD,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAcjG;AAED;;;GAGG;AACH,wBAAgB,2BAA2B;;;;;;;;EAY1C"}
|
package/dist/config.js
CHANGED
|
@@ -48,11 +48,16 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
48
48
|
};
|
|
49
49
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
50
50
|
exports.configureVortex = configureVortex;
|
|
51
|
+
exports.configureVortexAsync = configureVortexAsync;
|
|
52
|
+
exports.configureVortexLazy = configureVortexLazy;
|
|
51
53
|
exports.getVortexConfig = getVortexConfig;
|
|
52
54
|
exports.authenticateRequest = authenticateRequest;
|
|
55
|
+
exports.createAllowAllAccessControl = createAllowAllAccessControl;
|
|
53
56
|
// Store configuration template (immutable after first set)
|
|
54
57
|
var configTemplate = null;
|
|
55
58
|
var isConfigLocked = false;
|
|
59
|
+
var configPromise = null;
|
|
60
|
+
var lazyConfigFactory = null;
|
|
56
61
|
function configureVortex(config) {
|
|
57
62
|
if (isConfigLocked && configTemplate) {
|
|
58
63
|
throw new Error('Vortex configuration is already locked. Configuration can only be set once for security reasons.');
|
|
@@ -64,20 +69,56 @@ function configureVortex(config) {
|
|
|
64
69
|
configTemplate = __assign({}, config);
|
|
65
70
|
isConfigLocked = true;
|
|
66
71
|
}
|
|
67
|
-
function
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
}
|
|
73
|
-
|
|
74
|
-
|
|
72
|
+
function configureVortexAsync(configPromiseOrConfig) {
|
|
73
|
+
if (configPromiseOrConfig instanceof Promise) {
|
|
74
|
+
configPromise = configPromiseOrConfig.then(function (config) {
|
|
75
|
+
configureVortex(config);
|
|
76
|
+
});
|
|
77
|
+
}
|
|
78
|
+
else {
|
|
79
|
+
configureVortex(configPromiseOrConfig);
|
|
75
80
|
}
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
81
|
+
}
|
|
82
|
+
function configureVortexLazy(configFactory) {
|
|
83
|
+
if (isConfigLocked && configTemplate) {
|
|
84
|
+
throw new Error('Vortex configuration is already locked. Configuration can only be set once for security reasons.');
|
|
79
85
|
}
|
|
80
|
-
|
|
86
|
+
lazyConfigFactory = configFactory;
|
|
87
|
+
}
|
|
88
|
+
function getVortexConfig(request) {
|
|
89
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
90
|
+
var baseConfig;
|
|
91
|
+
return __generator(this, function (_a) {
|
|
92
|
+
switch (_a.label) {
|
|
93
|
+
case 0:
|
|
94
|
+
// Initialize lazily if lazy factory is set and config hasn't been initialized
|
|
95
|
+
if (lazyConfigFactory && !configTemplate && !configPromise) {
|
|
96
|
+
// Lazy initializing Vortex configuration
|
|
97
|
+
configPromise = lazyConfigFactory().then(function (config) {
|
|
98
|
+
configureVortex(config);
|
|
99
|
+
});
|
|
100
|
+
}
|
|
101
|
+
if (!(configPromise && !configTemplate)) return [3 /*break*/, 2];
|
|
102
|
+
return [4 /*yield*/, configPromise];
|
|
103
|
+
case 1:
|
|
104
|
+
_a.sent();
|
|
105
|
+
_a.label = 2;
|
|
106
|
+
case 2:
|
|
107
|
+
baseConfig = {
|
|
108
|
+
apiKey: (configTemplate === null || configTemplate === void 0 ? void 0 : configTemplate.apiKey) || process.env.VORTEX_API_KEY,
|
|
109
|
+
apiBaseUrl: (configTemplate === null || configTemplate === void 0 ? void 0 : configTemplate.apiBaseUrl) || process.env.VORTEX_API_BASE_URL,
|
|
110
|
+
};
|
|
111
|
+
if (!baseConfig.apiKey) {
|
|
112
|
+
throw new Error('Vortex not configured. Call configureVortex() or set VORTEX_API_KEY environment variable');
|
|
113
|
+
}
|
|
114
|
+
// Copy hooks from template if they exist
|
|
115
|
+
if (configTemplate) {
|
|
116
|
+
return [2 /*return*/, __assign(__assign({}, baseConfig), { authenticateUser: configTemplate.authenticateUser, generateJwtAttributes: configTemplate.generateJwtAttributes, canAccessInvitationsByTarget: configTemplate.canAccessInvitationsByTarget, canAccessInvitation: configTemplate.canAccessInvitation, canDeleteInvitation: configTemplate.canDeleteInvitation, canAcceptInvitations: configTemplate.canAcceptInvitations, canAccessInvitationsByGroup: configTemplate.canAccessInvitationsByGroup, canDeleteInvitationsByGroup: configTemplate.canDeleteInvitationsByGroup, canReinvite: configTemplate.canReinvite })];
|
|
117
|
+
}
|
|
118
|
+
return [2 /*return*/, baseConfig];
|
|
119
|
+
}
|
|
120
|
+
});
|
|
121
|
+
});
|
|
81
122
|
}
|
|
82
123
|
// Helper function to authenticate user for any request
|
|
83
124
|
function authenticateRequest(request) {
|
|
@@ -85,23 +126,43 @@ function authenticateRequest(request) {
|
|
|
85
126
|
var config, error_1;
|
|
86
127
|
return __generator(this, function (_a) {
|
|
87
128
|
switch (_a.label) {
|
|
88
|
-
case 0:
|
|
89
|
-
|
|
129
|
+
case 0: return [4 /*yield*/, getVortexConfig(request)];
|
|
130
|
+
case 1:
|
|
131
|
+
config = _a.sent();
|
|
90
132
|
if (!config.authenticateUser) {
|
|
91
133
|
return [2 /*return*/, null];
|
|
92
134
|
}
|
|
93
|
-
_a.label =
|
|
94
|
-
case
|
|
95
|
-
_a.trys.push([
|
|
135
|
+
_a.label = 2;
|
|
136
|
+
case 2:
|
|
137
|
+
_a.trys.push([2, 4, , 5]);
|
|
96
138
|
return [4 /*yield*/, config.authenticateUser(request)];
|
|
97
|
-
case
|
|
98
|
-
case
|
|
139
|
+
case 3: return [2 /*return*/, _a.sent()];
|
|
140
|
+
case 4:
|
|
99
141
|
error_1 = _a.sent();
|
|
100
142
|
// Log error but don't expose details
|
|
101
143
|
console.error('Authentication error:', error_1);
|
|
102
144
|
return [2 /*return*/, null];
|
|
103
|
-
case
|
|
145
|
+
case 5: return [2 /*return*/];
|
|
104
146
|
}
|
|
105
147
|
});
|
|
106
148
|
});
|
|
107
149
|
}
|
|
150
|
+
/**
|
|
151
|
+
* Creates a set of access control hooks that allow all operations.
|
|
152
|
+
* Useful for demos, development, or when you want to handle authorization elsewhere.
|
|
153
|
+
*/
|
|
154
|
+
function createAllowAllAccessControl() {
|
|
155
|
+
var _this = this;
|
|
156
|
+
var allowAll = function () { return __awaiter(_this, void 0, void 0, function () { return __generator(this, function (_a) {
|
|
157
|
+
return [2 /*return*/, true];
|
|
158
|
+
}); }); };
|
|
159
|
+
return {
|
|
160
|
+
canAccessInvitationsByTarget: allowAll,
|
|
161
|
+
canAccessInvitation: allowAll,
|
|
162
|
+
canDeleteInvitation: allowAll,
|
|
163
|
+
canAcceptInvitations: allowAll,
|
|
164
|
+
canAccessInvitationsByGroup: allowAll,
|
|
165
|
+
canDeleteInvitationsByGroup: allowAll,
|
|
166
|
+
canReinvite: allowAll,
|
|
167
|
+
};
|
|
168
|
+
}
|
|
@@ -52,29 +52,31 @@ function handleGetInvitationsByTarget(request) {
|
|
|
52
52
|
return __generator(this, function (_a) {
|
|
53
53
|
switch (_a.label) {
|
|
54
54
|
case 0:
|
|
55
|
-
_a.trys.push([0,
|
|
55
|
+
_a.trys.push([0, 7, , 8]);
|
|
56
56
|
if (request.method !== 'GET') {
|
|
57
57
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Method not allowed', 405)];
|
|
58
58
|
}
|
|
59
|
-
|
|
60
|
-
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
59
|
+
return [4 /*yield*/, (0, config_1.getVortexConfig)(request)];
|
|
61
60
|
case 1:
|
|
61
|
+
config = _a.sent();
|
|
62
|
+
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
63
|
+
case 2:
|
|
62
64
|
user = _a.sent();
|
|
63
|
-
if (!config.canAccessInvitationsByTarget) return [3 /*break*/,
|
|
65
|
+
if (!config.canAccessInvitationsByTarget) return [3 /*break*/, 4];
|
|
64
66
|
return [4 /*yield*/, config.canAccessInvitationsByTarget(request, user)];
|
|
65
|
-
case
|
|
67
|
+
case 3:
|
|
66
68
|
hasAccess = _a.sent();
|
|
67
69
|
if (!hasAccess) {
|
|
68
70
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied', 403)];
|
|
69
71
|
}
|
|
70
|
-
return [3 /*break*/,
|
|
71
|
-
case
|
|
72
|
+
return [3 /*break*/, 5];
|
|
73
|
+
case 4:
|
|
72
74
|
if (!user) {
|
|
73
75
|
// If no access control hook is configured, require authentication
|
|
74
76
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied. Configure access control hooks for invitation endpoints.', 403)];
|
|
75
77
|
}
|
|
76
|
-
_a.label =
|
|
77
|
-
case
|
|
78
|
+
_a.label = 5;
|
|
79
|
+
case 5:
|
|
78
80
|
targetType = (0, utils_1.sanitizeInput)((0, utils_1.getQueryParam)(request, 'targetType'));
|
|
79
81
|
targetValue = (0, utils_1.sanitizeInput)((0, utils_1.getQueryParam)(request, 'targetValue'));
|
|
80
82
|
if (!targetType || !targetValue) {
|
|
@@ -85,14 +87,14 @@ function handleGetInvitationsByTarget(request) {
|
|
|
85
87
|
}
|
|
86
88
|
vortex = new vortex_node_22_sdk_1.Vortex(config.apiKey);
|
|
87
89
|
return [4 /*yield*/, vortex.getInvitationsByTarget(targetType, targetValue)];
|
|
88
|
-
case
|
|
90
|
+
case 6:
|
|
89
91
|
invitations = _a.sent();
|
|
90
92
|
return [2 /*return*/, (0, utils_1.createApiResponse)({ invitations: invitations })];
|
|
91
|
-
case
|
|
93
|
+
case 7:
|
|
92
94
|
error_1 = _a.sent();
|
|
93
95
|
console.error('Error in handleGetInvitationsByTarget:', error_1);
|
|
94
96
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('An error occurred while processing your request', 500)];
|
|
95
|
-
case
|
|
97
|
+
case 8: return [2 /*return*/];
|
|
96
98
|
}
|
|
97
99
|
});
|
|
98
100
|
});
|
|
@@ -103,7 +105,7 @@ function handleGetInvitation(request, invitationId) {
|
|
|
103
105
|
return __generator(this, function (_a) {
|
|
104
106
|
switch (_a.label) {
|
|
105
107
|
case 0:
|
|
106
|
-
_a.trys.push([0,
|
|
108
|
+
_a.trys.push([0, 7, , 8]);
|
|
107
109
|
if (request.method !== 'GET') {
|
|
108
110
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Method not allowed', 405)];
|
|
109
111
|
}
|
|
@@ -111,34 +113,36 @@ function handleGetInvitation(request, invitationId) {
|
|
|
111
113
|
if (!sanitizedId) {
|
|
112
114
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Invalid invitation ID', 400)];
|
|
113
115
|
}
|
|
114
|
-
|
|
115
|
-
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
116
|
+
return [4 /*yield*/, (0, config_1.getVortexConfig)(request)];
|
|
116
117
|
case 1:
|
|
118
|
+
config = _a.sent();
|
|
119
|
+
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
120
|
+
case 2:
|
|
117
121
|
user = _a.sent();
|
|
118
|
-
if (!config.canAccessInvitation) return [3 /*break*/,
|
|
122
|
+
if (!config.canAccessInvitation) return [3 /*break*/, 4];
|
|
119
123
|
return [4 /*yield*/, config.canAccessInvitation(request, user, { invitationId: sanitizedId })];
|
|
120
|
-
case
|
|
124
|
+
case 3:
|
|
121
125
|
hasAccess = _a.sent();
|
|
122
126
|
if (!hasAccess) {
|
|
123
127
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied', 403)];
|
|
124
128
|
}
|
|
125
|
-
return [3 /*break*/,
|
|
126
|
-
case
|
|
129
|
+
return [3 /*break*/, 5];
|
|
130
|
+
case 4:
|
|
127
131
|
if (!user) {
|
|
128
132
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied. Configure access control hooks for invitation endpoints.', 403)];
|
|
129
133
|
}
|
|
130
|
-
_a.label =
|
|
131
|
-
case
|
|
134
|
+
_a.label = 5;
|
|
135
|
+
case 5:
|
|
132
136
|
vortex = new vortex_node_22_sdk_1.Vortex(config.apiKey);
|
|
133
137
|
return [4 /*yield*/, vortex.getInvitation(sanitizedId)];
|
|
134
|
-
case
|
|
138
|
+
case 6:
|
|
135
139
|
invitation = _a.sent();
|
|
136
140
|
return [2 /*return*/, (0, utils_1.createApiResponse)(invitation)];
|
|
137
|
-
case
|
|
141
|
+
case 7:
|
|
138
142
|
error_2 = _a.sent();
|
|
139
143
|
console.error('Error in handleGetInvitation:', error_2);
|
|
140
144
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('An error occurred while processing your request', 500)];
|
|
141
|
-
case
|
|
145
|
+
case 8: return [2 /*return*/];
|
|
142
146
|
}
|
|
143
147
|
});
|
|
144
148
|
});
|
|
@@ -149,7 +153,7 @@ function handleRevokeInvitation(request, invitationId) {
|
|
|
149
153
|
return __generator(this, function (_a) {
|
|
150
154
|
switch (_a.label) {
|
|
151
155
|
case 0:
|
|
152
|
-
_a.trys.push([0,
|
|
156
|
+
_a.trys.push([0, 7, , 8]);
|
|
153
157
|
if (request.method !== 'DELETE') {
|
|
154
158
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Method not allowed', 405)];
|
|
155
159
|
}
|
|
@@ -157,34 +161,36 @@ function handleRevokeInvitation(request, invitationId) {
|
|
|
157
161
|
if (!sanitizedId) {
|
|
158
162
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Invalid invitation ID', 400)];
|
|
159
163
|
}
|
|
160
|
-
|
|
161
|
-
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
164
|
+
return [4 /*yield*/, (0, config_1.getVortexConfig)(request)];
|
|
162
165
|
case 1:
|
|
166
|
+
config = _a.sent();
|
|
167
|
+
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
168
|
+
case 2:
|
|
163
169
|
user = _a.sent();
|
|
164
|
-
if (!config.canDeleteInvitation) return [3 /*break*/,
|
|
170
|
+
if (!config.canDeleteInvitation) return [3 /*break*/, 4];
|
|
165
171
|
return [4 /*yield*/, config.canDeleteInvitation(request, user, { invitationId: sanitizedId })];
|
|
166
|
-
case
|
|
172
|
+
case 3:
|
|
167
173
|
hasAccess = _a.sent();
|
|
168
174
|
if (!hasAccess) {
|
|
169
175
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied', 403)];
|
|
170
176
|
}
|
|
171
|
-
return [3 /*break*/,
|
|
172
|
-
case
|
|
177
|
+
return [3 /*break*/, 5];
|
|
178
|
+
case 4:
|
|
173
179
|
if (!user) {
|
|
174
180
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied. Configure access control hooks for invitation endpoints.', 403)];
|
|
175
181
|
}
|
|
176
|
-
_a.label =
|
|
177
|
-
case
|
|
182
|
+
_a.label = 5;
|
|
183
|
+
case 5:
|
|
178
184
|
vortex = new vortex_node_22_sdk_1.Vortex(config.apiKey);
|
|
179
185
|
return [4 /*yield*/, vortex.revokeInvitation(sanitizedId)];
|
|
180
|
-
case
|
|
186
|
+
case 6:
|
|
181
187
|
_a.sent();
|
|
182
188
|
return [2 /*return*/, (0, utils_1.createApiResponse)({ success: true })];
|
|
183
|
-
case
|
|
189
|
+
case 7:
|
|
184
190
|
error_3 = _a.sent();
|
|
185
191
|
console.error('Error in handleRevokeInvitation:', error_3);
|
|
186
192
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('An error occurred while processing your request', 500)];
|
|
187
|
-
case
|
|
193
|
+
case 8: return [2 /*return*/];
|
|
188
194
|
}
|
|
189
195
|
});
|
|
190
196
|
});
|
|
@@ -195,7 +201,7 @@ function handleAcceptInvitations(request) {
|
|
|
195
201
|
return __generator(this, function (_a) {
|
|
196
202
|
switch (_a.label) {
|
|
197
203
|
case 0:
|
|
198
|
-
_a.trys.push([0,
|
|
204
|
+
_a.trys.push([0, 8, , 9]);
|
|
199
205
|
if (request.method !== 'POST') {
|
|
200
206
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Method not allowed', 405)];
|
|
201
207
|
}
|
|
@@ -217,37 +223,39 @@ function handleAcceptInvitations(request) {
|
|
|
217
223
|
if (!['email', 'username', 'phoneNumber'].includes(target.type)) {
|
|
218
224
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('target.type must be email, username, or phoneNumber', 400)];
|
|
219
225
|
}
|
|
220
|
-
|
|
221
|
-
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
226
|
+
return [4 /*yield*/, (0, config_1.getVortexConfig)(request)];
|
|
222
227
|
case 2:
|
|
228
|
+
config = _a.sent();
|
|
229
|
+
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
230
|
+
case 3:
|
|
223
231
|
user = _a.sent();
|
|
224
|
-
if (!config.canAcceptInvitations) return [3 /*break*/,
|
|
232
|
+
if (!config.canAcceptInvitations) return [3 /*break*/, 5];
|
|
225
233
|
return [4 /*yield*/, config.canAcceptInvitations(request, user, { invitationIds: sanitizedIds, target: target })];
|
|
226
|
-
case
|
|
234
|
+
case 4:
|
|
227
235
|
hasAccess = _a.sent();
|
|
228
236
|
if (!hasAccess) {
|
|
229
237
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied', 403)];
|
|
230
238
|
}
|
|
231
|
-
return [3 /*break*/,
|
|
232
|
-
case
|
|
239
|
+
return [3 /*break*/, 6];
|
|
240
|
+
case 5:
|
|
233
241
|
if (!user) {
|
|
234
242
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied. Configure access control hooks for invitation endpoints.', 403)];
|
|
235
243
|
}
|
|
236
|
-
_a.label =
|
|
237
|
-
case
|
|
244
|
+
_a.label = 6;
|
|
245
|
+
case 6:
|
|
238
246
|
vortex = new vortex_node_22_sdk_1.Vortex(config.apiKey);
|
|
239
247
|
return [4 /*yield*/, vortex.acceptInvitations(sanitizedIds, {
|
|
240
248
|
type: target.type,
|
|
241
249
|
value: (0, utils_1.sanitizeInput)(target.value) || target.value
|
|
242
250
|
})];
|
|
243
|
-
case
|
|
251
|
+
case 7:
|
|
244
252
|
result = _a.sent();
|
|
245
253
|
return [2 /*return*/, (0, utils_1.createApiResponse)(result)];
|
|
246
|
-
case
|
|
254
|
+
case 8:
|
|
247
255
|
error_4 = _a.sent();
|
|
248
256
|
console.error('Error in handleAcceptInvitations:', error_4);
|
|
249
257
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('An error occurred while processing your request', 500)];
|
|
250
|
-
case
|
|
258
|
+
case 9: return [2 /*return*/];
|
|
251
259
|
}
|
|
252
260
|
});
|
|
253
261
|
});
|
|
@@ -258,7 +266,7 @@ function handleGetInvitationsByGroup(request, groupType, groupId) {
|
|
|
258
266
|
return __generator(this, function (_a) {
|
|
259
267
|
switch (_a.label) {
|
|
260
268
|
case 0:
|
|
261
|
-
_a.trys.push([0,
|
|
269
|
+
_a.trys.push([0, 7, , 8]);
|
|
262
270
|
if (request.method !== 'GET') {
|
|
263
271
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Method not allowed', 405)];
|
|
264
272
|
}
|
|
@@ -267,37 +275,39 @@ function handleGetInvitationsByGroup(request, groupType, groupId) {
|
|
|
267
275
|
if (!sanitizedGroupType || !sanitizedGroupId) {
|
|
268
276
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Invalid group parameters', 400)];
|
|
269
277
|
}
|
|
270
|
-
|
|
271
|
-
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
278
|
+
return [4 /*yield*/, (0, config_1.getVortexConfig)(request)];
|
|
272
279
|
case 1:
|
|
280
|
+
config = _a.sent();
|
|
281
|
+
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
282
|
+
case 2:
|
|
273
283
|
user = _a.sent();
|
|
274
|
-
if (!config.canAccessInvitationsByGroup) return [3 /*break*/,
|
|
284
|
+
if (!config.canAccessInvitationsByGroup) return [3 /*break*/, 4];
|
|
275
285
|
return [4 /*yield*/, config.canAccessInvitationsByGroup(request, user, {
|
|
276
286
|
groupType: sanitizedGroupType,
|
|
277
287
|
groupId: sanitizedGroupId
|
|
278
288
|
})];
|
|
279
|
-
case
|
|
289
|
+
case 3:
|
|
280
290
|
hasAccess = _a.sent();
|
|
281
291
|
if (!hasAccess) {
|
|
282
292
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied', 403)];
|
|
283
293
|
}
|
|
284
|
-
return [3 /*break*/,
|
|
285
|
-
case
|
|
294
|
+
return [3 /*break*/, 5];
|
|
295
|
+
case 4:
|
|
286
296
|
if (!user) {
|
|
287
297
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied. Configure access control hooks for invitation endpoints.', 403)];
|
|
288
298
|
}
|
|
289
|
-
_a.label =
|
|
290
|
-
case
|
|
299
|
+
_a.label = 5;
|
|
300
|
+
case 5:
|
|
291
301
|
vortex = new vortex_node_22_sdk_1.Vortex(config.apiKey);
|
|
292
302
|
return [4 /*yield*/, vortex.getInvitationsByGroup(sanitizedGroupType, sanitizedGroupId)];
|
|
293
|
-
case
|
|
303
|
+
case 6:
|
|
294
304
|
invitations = _a.sent();
|
|
295
305
|
return [2 /*return*/, (0, utils_1.createApiResponse)({ invitations: invitations })];
|
|
296
|
-
case
|
|
306
|
+
case 7:
|
|
297
307
|
error_5 = _a.sent();
|
|
298
308
|
console.error('Error in handleGetInvitationsByGroup:', error_5);
|
|
299
309
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('An error occurred while processing your request', 500)];
|
|
300
|
-
case
|
|
310
|
+
case 8: return [2 /*return*/];
|
|
301
311
|
}
|
|
302
312
|
});
|
|
303
313
|
});
|
|
@@ -308,7 +318,7 @@ function handleDeleteInvitationsByGroup(request, groupType, groupId) {
|
|
|
308
318
|
return __generator(this, function (_a) {
|
|
309
319
|
switch (_a.label) {
|
|
310
320
|
case 0:
|
|
311
|
-
_a.trys.push([0,
|
|
321
|
+
_a.trys.push([0, 7, , 8]);
|
|
312
322
|
if (request.method !== 'DELETE') {
|
|
313
323
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Method not allowed', 405)];
|
|
314
324
|
}
|
|
@@ -317,37 +327,39 @@ function handleDeleteInvitationsByGroup(request, groupType, groupId) {
|
|
|
317
327
|
if (!sanitizedGroupType || !sanitizedGroupId) {
|
|
318
328
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Invalid group parameters', 400)];
|
|
319
329
|
}
|
|
320
|
-
|
|
321
|
-
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
330
|
+
return [4 /*yield*/, (0, config_1.getVortexConfig)(request)];
|
|
322
331
|
case 1:
|
|
332
|
+
config = _a.sent();
|
|
333
|
+
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
334
|
+
case 2:
|
|
323
335
|
user = _a.sent();
|
|
324
|
-
if (!config.canDeleteInvitationsByGroup) return [3 /*break*/,
|
|
336
|
+
if (!config.canDeleteInvitationsByGroup) return [3 /*break*/, 4];
|
|
325
337
|
return [4 /*yield*/, config.canDeleteInvitationsByGroup(request, user, {
|
|
326
338
|
groupType: sanitizedGroupType,
|
|
327
339
|
groupId: sanitizedGroupId
|
|
328
340
|
})];
|
|
329
|
-
case
|
|
341
|
+
case 3:
|
|
330
342
|
hasAccess = _a.sent();
|
|
331
343
|
if (!hasAccess) {
|
|
332
344
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied', 403)];
|
|
333
345
|
}
|
|
334
|
-
return [3 /*break*/,
|
|
335
|
-
case
|
|
346
|
+
return [3 /*break*/, 5];
|
|
347
|
+
case 4:
|
|
336
348
|
if (!user) {
|
|
337
349
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied. Configure access control hooks for invitation endpoints.', 403)];
|
|
338
350
|
}
|
|
339
|
-
_a.label =
|
|
340
|
-
case
|
|
351
|
+
_a.label = 5;
|
|
352
|
+
case 5:
|
|
341
353
|
vortex = new vortex_node_22_sdk_1.Vortex(config.apiKey);
|
|
342
354
|
return [4 /*yield*/, vortex.deleteInvitationsByGroup(sanitizedGroupType, sanitizedGroupId)];
|
|
343
|
-
case
|
|
355
|
+
case 6:
|
|
344
356
|
_a.sent();
|
|
345
357
|
return [2 /*return*/, (0, utils_1.createApiResponse)({ success: true })];
|
|
346
|
-
case
|
|
358
|
+
case 7:
|
|
347
359
|
error_6 = _a.sent();
|
|
348
360
|
console.error('Error in handleDeleteInvitationsByGroup:', error_6);
|
|
349
361
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('An error occurred while processing your request', 500)];
|
|
350
|
-
case
|
|
362
|
+
case 8: return [2 /*return*/];
|
|
351
363
|
}
|
|
352
364
|
});
|
|
353
365
|
});
|
|
@@ -358,7 +370,7 @@ function handleReinvite(request, invitationId) {
|
|
|
358
370
|
return __generator(this, function (_a) {
|
|
359
371
|
switch (_a.label) {
|
|
360
372
|
case 0:
|
|
361
|
-
_a.trys.push([0,
|
|
373
|
+
_a.trys.push([0, 7, , 8]);
|
|
362
374
|
if (request.method !== 'POST') {
|
|
363
375
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Method not allowed', 405)];
|
|
364
376
|
}
|
|
@@ -366,34 +378,36 @@ function handleReinvite(request, invitationId) {
|
|
|
366
378
|
if (!sanitizedId) {
|
|
367
379
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Invalid invitation ID', 400)];
|
|
368
380
|
}
|
|
369
|
-
|
|
370
|
-
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
381
|
+
return [4 /*yield*/, (0, config_1.getVortexConfig)(request)];
|
|
371
382
|
case 1:
|
|
383
|
+
config = _a.sent();
|
|
384
|
+
return [4 /*yield*/, (0, config_1.authenticateRequest)(request)];
|
|
385
|
+
case 2:
|
|
372
386
|
user = _a.sent();
|
|
373
|
-
if (!config.canReinvite) return [3 /*break*/,
|
|
387
|
+
if (!config.canReinvite) return [3 /*break*/, 4];
|
|
374
388
|
return [4 /*yield*/, config.canReinvite(request, user, { invitationId: sanitizedId })];
|
|
375
|
-
case
|
|
389
|
+
case 3:
|
|
376
390
|
hasAccess = _a.sent();
|
|
377
391
|
if (!hasAccess) {
|
|
378
392
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied', 403)];
|
|
379
393
|
}
|
|
380
|
-
return [3 /*break*/,
|
|
381
|
-
case
|
|
394
|
+
return [3 /*break*/, 5];
|
|
395
|
+
case 4:
|
|
382
396
|
if (!user) {
|
|
383
397
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('Access denied. Configure access control hooks for invitation endpoints.', 403)];
|
|
384
398
|
}
|
|
385
|
-
_a.label =
|
|
386
|
-
case
|
|
399
|
+
_a.label = 5;
|
|
400
|
+
case 5:
|
|
387
401
|
vortex = new vortex_node_22_sdk_1.Vortex(config.apiKey);
|
|
388
402
|
return [4 /*yield*/, vortex.reinvite(sanitizedId)];
|
|
389
|
-
case
|
|
403
|
+
case 6:
|
|
390
404
|
invitation = _a.sent();
|
|
391
405
|
return [2 /*return*/, (0, utils_1.createApiResponse)(invitation)];
|
|
392
|
-
case
|
|
406
|
+
case 7:
|
|
393
407
|
error_7 = _a.sent();
|
|
394
408
|
console.error('Error in handleReinvite:', error_7);
|
|
395
409
|
return [2 /*return*/, (0, utils_1.createErrorResponse)('An error occurred while processing your request', 500)];
|
|
396
|
-
case
|
|
410
|
+
case 8: return [2 /*return*/];
|
|
397
411
|
}
|
|
398
412
|
});
|
|
399
413
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/handlers/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAK1C,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,WAAW,
|
|
1
|
+
{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/handlers/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAK1C,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,WAAW,wDAuE7D"}
|