@umituz/react-native-firebase 2.6.0 → 2.6.1

package/src/application/auth/use-cases/SignOutUseCase.ts

@@ -0,0 +1,288 @@
+/**
+ * Sign Out Use Case
+ * Single Responsibility: Handle user sign out operations
+ *
+ * Application use case for user sign out.
+ * Ensures proper cleanup and state management.
+ *
+ * Max lines: 150 (enforced for maintainability)
+ */
+
+import type { User } from 'firebase/auth';
+import type { Result } from '../../../shared/domain/utils';
+import type { IAuthPort } from '../ports/AuthPort';
+
+/**
+ * Sign out use case result
+ */
+export interface SignOutUseCaseResult extends Result<void> {
+  readonly wasSignedIn: boolean;
+}
+
+/**
+ * Sign out use case options
+ */
+export interface SignOutOptions {
+  /** Clear local data */
+  readonly clearLocalData?: boolean;
+  /** Navigate to sign in screen */
+  readonly navigateToSignIn?: boolean;
+  /** Show confirmation dialog */
+  readonly showConfirmation?: boolean;
+}
+
+/**
+ * Sign out use case
+ * Handles user sign out with proper cleanup
+ */
+export class SignOutUseCase {
+  private readonly authPort: IAuthPort;
+
+  constructor(authPort: IAuthPort) {
+    this.authPort = authPort;
+  }
+
+  /**
+   * Execute sign out use case
+   * Signs out user and performs cleanup
+   */
+  async execute(options: SignOutOptions = {}): Promise<SignOutUseCaseResult> {
+    const wasSignedIn = this.authPort.isAuthenticated();
+
+    // Check if user is signed in
+    if (!wasSignedIn) {
+      return {
+        success: true,
+        wasSignedIn: false,
+      };
+    }
+
+    // Sign out from auth
+    const result = await this.authPort.signOut();
+
+    if (!result.success) {
+      return {
+        success: false,
+        error: result.error,
+        wasSignedIn,
+      };
+    }
+
+    // Perform cleanup
+    await this.performCleanup(options);
+
+    return {
+      success: true,
+      wasSignedIn,
+    };
+  }
+
+  /**
+   * Perform cleanup after sign out
+   */
+  private async performCleanup(options: SignOutOptions): Promise<void> {
+    // Clear local data if requested
+    if (options.clearLocalData) {
+      await this.clearLocalData();
+    }
+
+    // Additional cleanup can be added here
+    // For example: clear cache, reset state, etc.
+  }
+
+  /**
+   * Clear local data
+   * Override in subclass for custom cleanup
+   */
+  protected async clearLocalData(): Promise<void> {
+    // Default implementation does nothing
+    // Subclass can override for custom cleanup
+    if (__DEV__) {
+      console.log('[SignOutUseCase] Clearing local data');
+    }
+  }
+
+  /**
+   * Check if user is signed in
+   */
+  isSignedIn(): boolean {
+    return this.authPort.isAuthenticated();
+  }
+
+  /**
+   * Get current user
+   */
+  getCurrentUser(): User | null {
+    return this.authPort.getCurrentUser();
+  }
+
+  /**
+   * Get current user ID
+   */
+  getCurrentUserId(): string | null {
+    return this.authPort.getCurrentUserId();
+  }
+
+  /**
+   * Check if user is anonymous
+   */
+  isAnonymous(): boolean {
+    return this.authPort.isAnonymous();
+  }
+
+  /**
+   * Confirm sign out
+   * Useful for showing confirmation dialog
+   */
+  async confirmSignOut(): Promise<boolean> {
+    // Default implementation always returns true
+    // Override in subclass to show confirmation dialog
+    return true;
+  }
+
+  /**
+   * Validate can sign out
+   * Check if sign out is allowed
+   */
+  async canSignOut(): Promise<Result<void>> {
+    if (!this.isSignedIn()) {
+      return {
+        success: false,
+        error: {
+          code: 'auth/not-signed-in',
+          message: 'No user is currently signed in',
+        },
+      };
+    }
+
+    // Additional checks can be added here
+    // For example: check for unsaved changes, active operations, etc.
+
+    return { success: true };
+  }
+
+  /**
+   * Sign out with confirmation
+   * Shows confirmation dialog before signing out
+   */
+  async signOutWithConfirmation(): Promise<SignOutUseCaseResult> {
+    const confirmed = await this.confirmSignOut();
+
+    if (!confirmed) {
+      return {
+        success: false,
+        error: {
+          code: 'auth/sign-out-cancelled',
+          message: 'Sign out was cancelled',
+        },
+        wasSignedIn: this.isSignedIn(),
+      };
+    }
+
+    return this.execute();
+  }
+
+  /**
+   * Sign out and navigate
+   * Signs out and navigates to sign in screen
+   */
+  async signOutAndNavigate(): Promise<SignOutUseCaseResult> {
+    return this.execute({
+      clearLocalData: true,
+      navigateToSignIn: true,
+    });
+  }
+
+  /**
+   * Force sign out
+   * Signs out even if there are errors
+   */
+  async forceSignOut(): Promise<void> {
+    try {
+      await this.execute({
+        clearLocalData: true,
+      });
+    } catch (error) {
+      // Ignore errors during force sign out
+      if (__DEV__) {
+        console.error('[SignOutUseCase] Force sign out error:', error);
+      }
+    }
+
+    // Ensure local data is cleared
+    await this.clearLocalData();
+  }
+
+  /**
+   * Get sign out statistics
+   */
+  getSignOutStats(): {
+    readonly isSignedIn: boolean;
+    readonly isAnonymous: boolean;
+    readonly hasUserId: boolean;
+  } {
+    return {
+      isSignedIn: this.isSignedIn(),
+      isAnonymous: this.isAnonymous(),
+      hasUserId: this.getCurrentUserId() !== null,
+    };
+  }
+
+  /**
+   * Create sign out options
+   */
+  createOptions(options: Partial<SignOutOptions> = {}): SignOutOptions {
+    return {
+      clearLocalData: false,
+      navigateToSignIn: false,
+      showConfirmation: false,
+      ...options,
+    };
+  }
+
+  /**
+   * Quick sign out helper
+   */
+  async quickSignOut(): Promise<SignOutUseCaseResult> {
+    return this.execute();
+  }
+
+  /**
+   * Check if confirmation should be shown
+   */
+  shouldShowConfirmation(): boolean {
+    // Default: show confirmation for authenticated users
+    return this.isSignedIn() && !this.isAnonymous();
+  }
+
+  /**
+   * Get user-friendly sign out message
+   */
+  getSignOutMessage(): string {
+    if (!this.isSignedIn()) {
+      return 'You are not signed in';
+    }
+
+    if (this.isAnonymous()) {
+      return 'Sign out from guest session?';
+    }
+
+    return 'Are you sure you want to sign out?';
+  }
+}
+
+/**
+ * Factory function to create sign out use case
+ */
+export function createSignOutUseCase(authPort: IAuthPort): SignOutUseCase {
+  return new SignOutUseCase(authPort);
+}
+
+/**
+ * Factory function to create sign out use case with default auth port
+ */
+export async function createDefaultSignOutUseCase(): Promise<SignOutUseCase> {
+  const { createAuthPort } = await import('../ports/AuthPort');
+  const authPort = createAuthPort();
+  return createSignOutUseCase(authPort);
+}

package/src/application/auth/use-cases/index.ts

@@ -0,0 +1,26 @@
+/**
+ * Auth Use Cases
+ * Application layer use cases for authentication
+ */
+
+export type {
+  SignInUseCaseResult,
+  SignInOptions,
+} from './SignInUseCase';
+
+export {
+  SignInUseCase,
+  createSignInUseCase,
+  createDefaultSignInUseCase,
+} from './SignInUseCase';
+
+export type {
+  SignOutUseCaseResult,
+  SignOutOptions,
+} from './SignOutUseCase';
+
+export {
+  SignOutUseCase,
+  createSignOutUseCase,
+  createDefaultSignOutUseCase,
+} from './SignOutUseCase';

package/src/domains/account-deletion/domain/index.ts

@@ -0,0 +1,15 @@
+/**
+ * Account Deletion Domain Layer
+ * Domain-Driven Design (DDD) - Domain Exports
+ *
+ * Pure domain logic without infrastructure concerns.
+ * Exports domain services for account deletion operations.
+ */
+
+// Domain Services
+export {
+  UserValidationService,
+  createUserValidationService,
+  userValidationService,
+} from './services/UserValidationService';
+export type { UserValidationResult } from './services/UserValidationService';

package/src/domains/account-deletion/domain/services/UserValidationService.ts

@@ -0,0 +1,295 @@
+/**
+ * User Validation Service
+ * Single Responsibility: Validate user state for account operations
+ *
+ * Domain service that encapsulates user validation logic.
+ * Moves business logic from infrastructure to domain layer.
+ *
+ * Max lines: 150 (enforced for maintainability)
+ */
+
+import type { Auth, User } from 'firebase/auth';
+import type { Result } from '../../../../shared/domain/utils';
+import { successResult, failureResultFrom } from '../../../../shared/domain/utils';
+
+/**
+ * User validation result
+ */
+export interface UserValidationResult {
+  readonly valid: boolean;
+  readonly error?: { code: string; message: string };
+  readonly userId?: string;
+}
+
+/**
+ * User validation service
+ * Provides user validation functionality for account operations
+ */
+export class UserValidationService {
+  /**
+   * Validate user is ready for deletion
+   * Checks user exists, not anonymous, and has required provider
+   */
+  validateForDeletion(user: User | null): Result<{ userId: string; provider: string }> {
+    if (!user) {
+      return failureResultFrom('auth/not-ready', 'No authenticated user');
+    }
+
+    if (user.isAnonymous) {
+      return failureResultFrom('auth/anonymous', 'Cannot delete anonymous account');
+    }
+
+    const provider = this.getUserAuthProvider(user);
+    if (!provider) {
+      return failureResultFrom('auth/unsupported', 'Unsupported auth provider');
+    }
+
+    return successResult({
+      userId: user.uid,
+      provider,
+    });
+  }
+
+  /**
+   * Validate user hasn't changed during operation
+   * Critical for preventing race conditions
+   */
+  validateUserUnchanged(auth: Auth | null, originalUserId: string): Result<void> {
+    if (!auth) {
+      return failureResultFrom('auth/not-ready', 'Auth not initialized');
+    }
+
+    const currentUserId = auth.currentUser?.uid;
+
+    if (!currentUserId) {
+      return failureResultFrom('auth/user-signed-out', 'User signed out during operation');
+    }
+
+    if (currentUserId !== originalUserId) {
+      return failureResultFrom('auth/user-changed', 'User changed during operation');
+    }
+
+    return successResult();
+  }
+
+  /**
+   * Validate user credentials are present
+   */
+  validateCredentials(
+    user: User,
+    options: {
+      password?: string;
+      googleIdToken?: string;
+    }
+  ): Result<void> {
+    const provider = this.getUserAuthProvider(user);
+
+    if (provider === 'password' && !options.password) {
+      return failureResultFrom('auth/password-required', 'Password required for reauthentication');
+    }
+
+    if (provider === 'google.com' && !options.googleIdToken) {
+      return failureResultFrom('auth/google-token-required', 'Google ID token required for reauthentication');
+    }
+
+    return successResult();
+  }
+
+  /**
+   * Get user's auth provider
+   * Returns provider ID or null if unknown
+   */
+  getUserAuthProvider(user: User): string | null {
+    if (!user.providerData || user.providerData.length === 0) {
+      return null;
+    }
+
+    // Check all providers
+    for (const userInfo of user.providerData) {
+      if (userInfo.providerId) {
+        return userInfo.providerId;
+      }
+    }
+
+    return null;
+  }
+
+  /**
+   * Check if user has specific provider
+   */
+  hasProvider(user: User, providerId: string): boolean {
+    if (!user.providerData || user.providerData.length === 0) {
+      return false;
+    }
+
+    return user.providerData.some(
+      userInfo => userInfo.providerId === providerId
+    );
+  }
+
+  /**
+   * Check if user is email/password user
+   */
+  isEmailPasswordUser(user: User): boolean {
+    return this.hasProvider(user, 'password');
+  }
+
+  /**
+   * Check if user is Google user
+   */
+  isGoogleUser(user: User): boolean {
+    return this.hasProvider(user, 'google.com');
+  }
+
+  /**
+   * Check if user is Apple user
+   */
+  isAppleUser(user: User): boolean {
+    return this.hasProvider(user, 'apple.com');
+  }
+
+  /**
+   * Check if user requires reauthentication
+   * Based on provider and operation type
+   */
+  requiresReauthentication(user: User, operation: 'delete' | 'update'): boolean {
+    // Email/password users always need recent auth
+    if (this.isEmailPasswordUser(user)) {
+      return true;
+    }
+
+    // Social providers may require recent auth for sensitive operations
+    if (operation === 'delete') {
+      return true;
+    }
+
+    return false;
+  }
+
+  /**
+   * Validate user email
+   */
+  validateEmail(user: User): Result<void> {
+    const email = user.email;
+
+    if (!email) {
+      return failureResultFrom('auth/no-email', 'User has no email');
+    }
+
+    const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+    if (!emailRegex.test(email)) {
+      return failureResultFrom('auth/invalid-email', 'Invalid email format');
+    }
+
+    return successResult();
+  }
+
+  /**
+   * Validate user is verified (if applicable)
+   */
+  validateVerified(user: User, requireVerification: boolean = false): Result<void> {
+    if (requireVerification && !user.emailVerified) {
+      return failureResultFrom('auth/unverified', 'Email not verified');
+    }
+
+    return successResult();
+  }
+
+  /**
+   * Get user metadata
+   */
+  getUserMetadata(user: User): {
+    readonly createdAt: number | null;
+    readonly lastSignInAt: number | null;
+  } {
+    return {
+      createdAt: user.metadata.creationTime ? new Date(user.metadata.creationTime).getTime() : null,
+      lastSignInAt: user.metadata.lastSignInTime ? new Date(user.metadata.lastSignInTime).getTime() : null,
+    };
+  }
+
+  /**
+   * Check if account is new (created recently)
+   */
+  isAccountNew(user: User, maxAgeMs: number = 24 * 60 * 60 * 1000): boolean {
+    const metadata = this.getUserMetadata(user);
+    if (!metadata.createdAt) return false;
+
+    const age = Date.now() - metadata.createdAt;
+    return age <= maxAgeMs;
+  }
+
+  /**
+   * Check if user recently signed in
+   */
+  isRecentSignIn(user: User, maxAgeMs: number = 5 * 60 * 1000): boolean {
+    const metadata = this.getUserMetadata(user);
+    if (!metadata.lastSignInAt) return false;
+
+    const timeSinceSignIn = Date.now() - metadata.lastSignInAt;
+    return timeSinceSignIn <= maxAgeMs;
+  }
+
+  /**
+   * Validate user can perform operation
+   * Comprehensive check combining multiple validations
+   */
+  validateCanPerformOperation(
+    user: User | null,
+    operation: 'delete' | 'update',
+    options: {
+      requireVerified?: boolean;
+      maxSignInAge?: number;
+      password?: string;
+      googleIdToken?: string;
+    } = {}
+  ): Result<{ userId: string; provider: string }> {
+    // Validate user ready for operation
+    const deletionValidation = this.validateForDeletion(user);
+    if (!deletionValidation.success) {
+      return deletionValidation;
+    }
+
+    const userId = deletionValidation.data!.userId;
+    const provider = deletionValidation.data!.provider;
+
+    // Validate email
+    if (user) {
+      const emailValidation = this.validateEmail(user);
+      if (!emailValidation.success) {
+        return emailValidation;
+      }
+
+      // Validate verification status
+      const verifiedValidation = this.validateVerified(user, options.requireVerified);
+      if (!verifiedValidation.success) {
+        return verifiedValidation;
+      }
+
+      // Check if recent sign-in required
+      if (options.maxSignInAge && !this.isRecentSignIn(user, options.maxSignInAge)) {
+        return failureResultFrom('auth/stale-session', 'Session too old, please sign in again');
+      }
+
+      // Validate credentials
+      const credentialsValidation = this.validateCredentials(user, options);
+      if (!credentialsValidation.success) {
+        return credentialsValidation;
+      }
+    }
+
+    return successResult({ userId, provider });
+  }
+}
+
+/**
+ * Factory function to create user validation service
+ */
+export function createUserValidationService(): UserValidationService {
+  return new UserValidationService();
+}
+
+/**
+ * Default instance for convenience
+ */
+export const userValidationService = createUserValidationService();

package/src/domains/account-deletion/index.ts

@@ -1,16 +1,24 @@
 /**
  * Account Deletion Domain
  * Handles Firebase account deletion with reauthentication
+ *
+ * Domain-Driven Design (DDD) Architecture
  */
 
+// =============================================================================
+// DOMAIN LAYER - Business Logic
+// =============================================================================
+
 export {
-  deleteCurrentUser,
-  deleteUserAccount,
-} from './infrastructure/services/account-deletion.service';
+  UserValidationService,
+  createUserValidationService,
+  userValidationService,
+} from './domain';
+export type { UserValidationResult } from './domain';
 
-export type {
-  AccountDeletionResult,
-} from './infrastructure/services/account-deletion.service';
+// =============================================================================
+// APPLICATION LAYER - Use Cases & Ports
+// =============================================================================
 
 export type {
   AccountDeletionOptions,
@@ -19,6 +27,35 @@ export type {
   ReauthCredentialResult,
 } from './application/ports/reauthentication.types';
 
+// =============================================================================
+// INFRASTRUCTURE LAYER - Implementation
+// =============================================================================
+
+// Main Service (Refactored)
+export {
+  deleteCurrentUser,
+  deleteUserAccount,
+  isDeletionInProgress,
+} from './infrastructure/services/account-deletion.service';
+
+export type {
+  AccountDeletionResult,
+} from './infrastructure/services/account-deletion.service';
+
+// Deletion Components
+export {
+  AccountDeletionRepository,
+  createAccountDeletionRepository,
+  accountDeletionRepository,
+} from './infrastructure/services/AccountDeletionRepository';
+
+export {
+  AccountDeletionExecutor,
+  createAccountDeletionExecutor,
+  accountDeletionExecutor,
+} from './infrastructure/services/AccountDeletionExecutor';
+
+// Reauthentication Service
 export {
   getUserAuthProvider,
   reauthenticateWithPassword,