@umituz/react-native-firebase 2.6.0 → 2.6.2

package/src/domains/account-deletion/infrastructure/services/AccountDeletionReauthHandler_part_aa

@@ -0,0 +1,150 @@
+/**
+ * Account Deletion Reauthentication Handler
+ * Single Responsibility: Handle reauthentication during account deletion
+ *
+ * Max lines: 150 (enforced for maintainability)
+ */
+
+import type { User } from 'firebase/auth';
+import { getFirebaseAuth } from '../../../auth/infrastructure/config/FirebaseAuthClient';
+import { userValidationService } from '../../domain/services/UserValidationService';
+import type { Result } from '../../../../shared/domain/utils';
+import type { AccountDeletionOptions } from '../../application/ports/reauthentication.types';
+import type { AccountDeletionResult, ReauthenticationContext } from './AccountDeletionTypes';
+
+/**
+ * Handle reauthentication during account deletion
+ * Coordinates reauthentication flow with credential management
+ */
+export async function handleReauthentication(
+  user: User,
+  options: AccountDeletionOptions,
+  originalUserId: string | undefined,
+  repository: any
+): Promise<AccountDeletionResult | null> {
+  // Validate user hasn't changed before reauthentication
+  if (originalUserId) {
+    const auth = getFirebaseAuth();
+    const validation = userValidationService.validateUserUnchanged(auth, originalUserId);
+    if (!validation.success) {
+      return {
+        success: false,
+        error: validation.error!,
+        requiresReauth: false,
+      };
+    }
+  }
+
+  // Import reauthentication functions
+  const {
+    getUserAuthProvider,
+    reauthenticateWithApple,
+    reauthenticateWithPassword,
+    reauthenticateWithGoogle,
+  } = await import('./reauthentication.service');
+
+  const provider = getUserAuthProvider(user);
+
+  // Attempt reauthentication based on provider
+  let reauthResult: { success: boolean; error?: { code?: string; message?: string } } | null = null;
+
+  if (provider === 'apple.com') {
+    reauthResult = await reauthenticateWithApple(user);
+  } else if (provider === 'google.com') {
+    const googleToken = await getGoogleToken(options);
+    if (!googleToken) {
+      return {
+        success: false,
+        error: { code: 'auth/google-reauth', message: 'Google reauthentication required' },
+        requiresReauth: true,
+      };
+    }
+    reauthResult = await reauthenticateWithGoogle(user, googleToken);
+  } else if (provider === 'password') {
+    const password = await getPassword(options);
+    if (!password) {
+      return {
+        success: false,
+        error: { code: 'auth/password-reauth', message: 'Password required' },
+        requiresReauth: true,
+      };
+    }
+    reauthResult = await reauthenticateWithPassword(user, password);
+  } else {
+    return null;
+  }
+
+  // If reauthentication successful, retry deletion
+  if (reauthResult.success) {
+    return await retryDeletionAfterReauth(originalUserId, repository);
+  }
+
+  return {
+    success: false,
+    error: {
+      code: reauthResult.error?.code || 'auth/reauth-failed',
+      message: reauthResult.error?.message || 'Reauthentication failed',
+    },
+    requiresReauth: true,
+  };
+}
+
+/**
+ * Get Google ID token from options or callback
+ */
+async function getGoogleToken(options: AccountDeletionOptions): Promise<string | undefined> {
+  if (options.googleIdToken) {
+    return options.googleIdToken;
+  }
+
+  if (options.onGoogleReauthRequired) {
+    return await options.onGoogleReauthRequired();
+  }
+
+  return undefined;
+}
+
+/**
+ * Get password from options or callback
+ */
+async function getPassword(options: AccountDeletionOptions): Promise<string | undefined> {
+  if (options.password) {
+    return options.password;
+  }
+
+  if (options.onPasswordRequired) {
+    return await options.onPasswordRequired();
+  }
+
+  return undefined;
+}
+
+/**
+ * Retry deletion after successful reauthentication
+ */
+async function retryDeletionAfterReauth(
+  originalUserId: string | undefined,
+  repository: any
+): Promise<AccountDeletionResult> {
+  try {
+    const auth = getFirebaseAuth();
+    const user = auth?.currentUser;
+
+    if (!user) {
+      return {
+        success: false,
+        error: { code: 'auth/not-ready', message: 'User not found after reauthentication' },
+        requiresReauth: false,
+      };
+    }
+
+    // Validate user hasn't changed after reauthentication
+    if (originalUserId) {
+      const validation = userValidationService.validateUserUnchanged(auth, originalUserId);
+      if (!validation.success) {
+        return {
+          success: false,
+          error: validation.error!,
+          requiresReauth: false,
+        };
+      }

package/src/domains/account-deletion/infrastructure/services/AccountDeletionReauthHandler_part_ab

@@ -0,0 +1,24 @@
+    }
+
+    // Delete account
+    const result = await repository.deleteAccount(user);
+    if (result.success) {
+      return { success: true };
+    }
+
+    return {
+      success: false,
+      error: result.error,
+      requiresReauth: false,
+    };
+  } catch (error: unknown) {
+    return {
+      success: false,
+      error: {
+        code: 'auth/failed',
+        message: error instanceof Error ? error.message : 'Unknown error',
+      },
+      requiresReauth: false,
+    };
+  }
+}

package/src/domains/account-deletion/infrastructure/services/AccountDeletionRepository.ts.bak

@@ -0,0 +1,266 @@
+/**
+ * Account Deletion Repository
+ * Single Responsibility: Handle account deletion persistence
+ *
+ * Infrastructure repository that manages account deletion operations.
+ * Uses ServiceBase for error handling and initialization.
+ *
+ * Max lines: 150 (enforced for maintainability)
+ */
+
+import { deleteUser, type User } from 'firebase/auth';
+import { ServiceBase } from '../../../../shared/infrastructure/base/ServiceBase';
+import type { Result } from '../../../../shared/domain/utils';
+import { successResult } from '../../../../shared/domain/utils';
+import { markUserDeleted } from '../../../auth/infrastructure/services/user-document.service';
+
+/**
+ * Account deletion repository
+ * Manages account deletion operations and user document cleanup
+ */
+export class AccountDeletionRepository extends ServiceBase {
+  constructor() {
+    super({
+      serviceName: 'AccountDeletionRepository',
+      autoInitialize: true,
+    });
+  }
+
+  /**
+   * Delete user account from Firebase Auth
+   * Marks user document as deleted before account removal
+   */
+  async deleteAccount(user: User): Promise<Result<void>> {
+    return this.execute(async () => {
+      this.log('Deleting account', { userId: user.uid });
+
+      // Mark user document as deleted
+      const marked = await markUserDeleted(user.uid);
+      if (!marked && __DEV__) {
+        this.logError('Failed to mark user document as deleted');
+      }
+
+      // Delete user account
+      await deleteUser(user);
+
+      this.log('Account deleted successfully', { userId: user.uid });
+    }, 'account-deletion/delete-failed');
+  }
+
+  /**
+   * Validate user can be deleted
+   * Checks user is not anonymous and has valid provider
+   */
+  async validateForDeletion(user: User | null): Promise<Result<{ userId: string; provider: string }>> {
+    return this.executeSync(() => {
+      if (!user) {
+        return {
+          success: false,
+          error: {
+            code: 'auth/not-ready',
+            message: 'No authenticated user',
+          },
+        };
+      }
+
+      if (user.isAnonymous) {
+        return {
+          success: false,
+          error: {
+            code: 'auth/anonymous',
+            message: 'Cannot delete anonymous account',
+          },
+        };
+      }
+
+      const provider = this.getUserAuthProvider(user);
+      if (!provider) {
+        return {
+          success: false,
+          error: {
+            code: 'auth/unsupported',
+            message: 'Unsupported auth provider',
+          },
+        };
+      }
+
+      return successResult({
+        userId: user.uid,
+        provider,
+      });
+    }, 'account-deletion/validation-failed');
+  }
+
+  /**
+   * Get user's auth provider
+   */
+  private getUserAuthProvider(user: User): string | null {
+    if (!user.providerData || user.providerData.length === 0) {
+      return null;
+    }
+
+    for (const userInfo of user.providerData) {
+      if (userInfo.providerId) {
+        return userInfo.providerId;
+      }
+    }
+
+    return null;
+  }
+
+  /**
+   * Check if user is email/password user
+   */
+  isEmailPasswordUser(user: User): boolean {
+    return this.getUserAuthProvider(user) === 'password';
+  }
+
+  /**
+   * Check if user is Google user
+   */
+  isGoogleUser(user: User): boolean {
+    return this.getUserAuthProvider(user) === 'google.com';
+  }
+
+  /**
+   * Check if user is Apple user
+   */
+  isAppleUser(user: User): boolean {
+    return this.getUserAuthProvider(user) === 'apple.com';
+  }
+
+  /**
+   * Get user ID from user object
+   */
+  getUserId(user: User): string {
+    return user.uid;
+  }
+
+  /**
+   * Check if user email is verified
+   */
+  isEmailVerified(user: User): boolean {
+    return user.emailVerified || false;
+  }
+
+  /**
+   * Get user email
+   */
+  getEmail(user: User): string | null {
+    return user.email || null;
+  }
+
+  /**
+   * Get account creation time
+   */
+  getCreationTime(user: User): Date | null {
+    if (!user.metadata.creationTime) {
+      return null;
+    }
+    return new Date(user.metadata.creationTime);
+  }
+
+  /**
+   * Get last sign-in time
+   */
+  getLastSignInTime(user: User): Date | null {
+    if (!user.metadata.lastSignInTime) {
+      return null;
+    }
+    return new Date(user.metadata.lastSignInTime);
+  }
+
+  /**
+   * Check if account is new (created within specified days)
+   */
+  isAccountNew(user: User, maxAgeDays: number = 1): boolean {
+    const creationTime = this.getCreationTime(user);
+    if (!creationTime) return false;
+
+    const ageMs = Date.now() - creationTime.getTime();
+    const maxAgeMs = maxAgeDays * 24 * 60 * 60 * 1000;
+
+    return ageMs <= maxAgeMs;
+  }
+
+  /**
+   * Check if user recently signed in
+   */
+  isRecentSignIn(user: User, maxAgeMinutes: number = 5): boolean {
+    const lastSignIn = this.getLastSignInTime(user);
+    if (!lastSignIn) return false;
+
+    const timeSinceSignIn = Date.now() - lastSignIn.getTime();
+    const maxAgeMs = maxAgeMinutes * 60 * 1000;
+
+    return timeSinceSignIn <= maxAgeMs;
+  }
+
+  /**
+   * Mark user as deleted in database
+   * Separate method for flexibility
+   */
+  async markUserDeleted(userId: string): Promise<Result<void>> {
+    return this.execute(async () => {
+      this.log('Marking user as deleted', { userId });
+
+      const marked = await markUserDeleted(userId);
+      if (!marked) {
+        this.logError('Failed to mark user as deleted in database');
+      }
+
+      return successResult();
+    }, 'account-deletion/mark-failed');
+  }
+
+  /**
+   * Cleanup user data
+   * Override in subclass for custom cleanup logic
+   */
+  protected async cleanupUserData(userId: string): Promise<Result<void>> {
+    return this.execute(async () => {
+      this.log('Cleaning up user data', { userId });
+      // Override in subclass for custom cleanup
+      return successResult();
+    }, 'account-deletion/cleanup-failed');
+  }
+
+  /**
+   * Complete deletion with cleanup
+   * Deletes account and cleans up user data
+   */
+  async deleteWithCleanup(user: User): Promise<Result<void>> {
+    return this.execute(async () => {
+      this.log('Starting deletion with cleanup', { userId: user.uid });
+
+      // Delete account (includes marking document as deleted)
+      const deleteResult = await this.deleteAccount(user);
+      if (!deleteResult.success) {
+        return deleteResult;
+      }
+
+      // Cleanup additional user data
+      const cleanupResult = await this.cleanupUserData(user.uid);
+      if (!cleanupResult.success) {
+        this.logError('Cleanup failed, but account was deleted', {
+          userId: user.uid,
+          error: cleanupResult.error,
+        });
+      }
+
+      this.log('Deletion with cleanup completed', { userId: user.uid });
+    }, 'account-deletion/complete-failed');
+  }
+}
+
+/**
+ * Factory function to create account deletion repository
+ */
+export function createAccountDeletionRepository(): AccountDeletionRepository {
+  return new AccountDeletionRepository();
+}
+
+/**
+ * Default singleton instance
+ */
+export const accountDeletionRepository = createAccountDeletionRepository();

package/src/domains/account-deletion/infrastructure/services/AccountDeletionRepository_part_aa

@@ -0,0 +1,150 @@
+/**
+ * Account Deletion Repository
+ * Single Responsibility: Handle account deletion persistence
+ *
+ * Infrastructure repository that manages account deletion operations.
+ * Uses ServiceBase for error handling and initialization.
+ *
+ * Max lines: 150 (enforced for maintainability)
+ */
+
+import { deleteUser, type User } from 'firebase/auth';
+import { ServiceBase } from '../../../../shared/infrastructure/base/ServiceBase';
+import type { Result } from '../../../../shared/domain/utils';
+import { successResult } from '../../../../shared/domain/utils';
+import { markUserDeleted } from '../../../auth/infrastructure/services/user-document.service';
+
+/**
+ * Account deletion repository
+ * Manages account deletion operations and user document cleanup
+ */
+export class AccountDeletionRepository extends ServiceBase {
+  constructor() {
+    super({
+      serviceName: 'AccountDeletionRepository',
+      autoInitialize: true,
+    });
+  }
+
+  /**
+   * Delete user account from Firebase Auth
+   * Marks user document as deleted before account removal
+   */
+  async deleteAccount(user: User): Promise<Result<void>> {
+    return this.execute(async () => {
+      this.log('Deleting account', { userId: user.uid });
+
+      // Mark user document as deleted
+      const marked = await markUserDeleted(user.uid);
+      if (!marked && __DEV__) {
+        this.logError('Failed to mark user document as deleted');
+      }
+
+      // Delete user account
+      await deleteUser(user);
+
+      this.log('Account deleted successfully', { userId: user.uid });
+    }, 'account-deletion/delete-failed');
+  }
+
+  /**
+   * Validate user can be deleted
+   * Checks user is not anonymous and has valid provider
+   */
+  async validateForDeletion(user: User | null): Promise<Result<{ userId: string; provider: string }>> {
+    return this.executeSync(() => {
+      if (!user) {
+        return {
+          success: false,
+          error: {
+            code: 'auth/not-ready',
+            message: 'No authenticated user',
+          },
+        };
+      }
+
+      if (user.isAnonymous) {
+        return {
+          success: false,
+          error: {
+            code: 'auth/anonymous',
+            message: 'Cannot delete anonymous account',
+          },
+        };
+      }
+
+      const provider = this.getUserAuthProvider(user);
+      if (!provider) {
+        return {
+          success: false,
+          error: {
+            code: 'auth/unsupported',
+            message: 'Unsupported auth provider',
+          },
+        };
+      }
+
+      return successResult({
+        userId: user.uid,
+        provider,
+      });
+    }, 'account-deletion/validation-failed');
+  }
+
+  /**
+   * Get user's auth provider
+   */
+  private getUserAuthProvider(user: User): string | null {
+    if (!user.providerData || user.providerData.length === 0) {
+      return null;
+    }
+
+    for (const userInfo of user.providerData) {
+      if (userInfo.providerId) {
+        return userInfo.providerId;
+      }
+    }
+
+    return null;
+  }
+
+  /**
+   * Check if user is email/password user
+   */
+  isEmailPasswordUser(user: User): boolean {
+    return this.getUserAuthProvider(user) === 'password';
+  }
+
+  /**
+   * Check if user is Google user
+   */
+  isGoogleUser(user: User): boolean {
+    return this.getUserAuthProvider(user) === 'google.com';
+  }
+
+  /**
+   * Check if user is Apple user
+   */
+  isAppleUser(user: User): boolean {
+    return this.getUserAuthProvider(user) === 'apple.com';
+  }
+
+  /**
+   * Get user ID from user object
+   */
+  getUserId(user: User): string {
+    return user.uid;
+  }
+
+  /**
+   * Check if user email is verified
+   */
+  isEmailVerified(user: User): boolean {
+    return user.emailVerified || false;
+  }
+
+  /**
+   * Get user email
+   */
+  getEmail(user: User): string | null {
+    return user.email || null;

package/src/domains/account-deletion/infrastructure/services/AccountDeletionRepository_part_ab

@@ -0,0 +1,116 @@
+  }
+
+  /**
+   * Get account creation time
+   */
+  getCreationTime(user: User): Date | null {
+    if (!user.metadata.creationTime) {
+      return null;
+    }
+    return new Date(user.metadata.creationTime);
+  }
+
+  /**
+   * Get last sign-in time
+   */
+  getLastSignInTime(user: User): Date | null {
+    if (!user.metadata.lastSignInTime) {
+      return null;
+    }
+    return new Date(user.metadata.lastSignInTime);
+  }
+
+  /**
+   * Check if account is new (created within specified days)
+   */
+  isAccountNew(user: User, maxAgeDays: number = 1): boolean {
+    const creationTime = this.getCreationTime(user);
+    if (!creationTime) return false;
+
+    const ageMs = Date.now() - creationTime.getTime();
+    const maxAgeMs = maxAgeDays * 24 * 60 * 60 * 1000;
+
+    return ageMs <= maxAgeMs;
+  }
+
+  /**
+   * Check if user recently signed in
+   */
+  isRecentSignIn(user: User, maxAgeMinutes: number = 5): boolean {
+    const lastSignIn = this.getLastSignInTime(user);
+    if (!lastSignIn) return false;
+
+    const timeSinceSignIn = Date.now() - lastSignIn.getTime();
+    const maxAgeMs = maxAgeMinutes * 60 * 1000;
+
+    return timeSinceSignIn <= maxAgeMs;
+  }
+
+  /**
+   * Mark user as deleted in database
+   * Separate method for flexibility
+   */
+  async markUserDeleted(userId: string): Promise<Result<void>> {
+    return this.execute(async () => {
+      this.log('Marking user as deleted', { userId });
+
+      const marked = await markUserDeleted(userId);
+      if (!marked) {
+        this.logError('Failed to mark user as deleted in database');
+      }
+
+      return successResult();
+    }, 'account-deletion/mark-failed');
+  }
+
+  /**
+   * Cleanup user data
+   * Override in subclass for custom cleanup logic
+   */
+  protected async cleanupUserData(userId: string): Promise<Result<void>> {
+    return this.execute(async () => {
+      this.log('Cleaning up user data', { userId });
+      // Override in subclass for custom cleanup
+      return successResult();
+    }, 'account-deletion/cleanup-failed');
+  }
+
+  /**
+   * Complete deletion with cleanup
+   * Deletes account and cleans up user data
+   */
+  async deleteWithCleanup(user: User): Promise<Result<void>> {
+    return this.execute(async () => {
+      this.log('Starting deletion with cleanup', { userId: user.uid });
+
+      // Delete account (includes marking document as deleted)
+      const deleteResult = await this.deleteAccount(user);
+      if (!deleteResult.success) {
+        return deleteResult;
+      }
+
+      // Cleanup additional user data
+      const cleanupResult = await this.cleanupUserData(user.uid);
+      if (!cleanupResult.success) {
+        this.logError('Cleanup failed, but account was deleted', {
+          userId: user.uid,
+          error: cleanupResult.error,
+        });
+      }
+
+      this.log('Deletion with cleanup completed', { userId: user.uid });
+    }, 'account-deletion/complete-failed');
+  }
+}
+
+/**
+ * Factory function to create account deletion repository
+ */
+export function createAccountDeletionRepository(): AccountDeletionRepository {
+  return new AccountDeletionRepository();
+}
+
+/**
+ * Default singleton instance
+ */
+export const accountDeletionRepository = createAccountDeletionRepository();