@volcanicminds/backend 2.2.21 → 2.3.2

package/lib/api/auth/controller/auth.ts

@@ -23,13 +23,13 @@ export async function register(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(400).send(new Error('Repeated password not match'))
   }
 
-  let existings = await req.server['userManager'].retrieveUserByEmail(data.email)
+  let existings = await req.server['userManager'].retrieveUserByEmail(data.email, req.runner)
   if (existings) {
     return reply.status(400).send(new Error('Email already registered'))
   }
 
   if ((data.requiredRoles || []).includes('admin')) {
-    existings = await req.server['userManager'].findQuery({ 'roles:in': 'admin' })
+    existings = await req.server['userManager'].findQuery({ 'roles:in': 'admin' }, req.runner)
     if (existings?.records?.length) {
       return reply.status(400).send(new Error('User admin already registered'))
     }
@@ -42,7 +42,7 @@ export async function register(req: FastifyRequest, reply: FastifyReply) {
     data.roles.push(publicRole)
   }
 
-  const user = await req.server['userManager'].createUser({ ...data, password: password })
+  const user = await req.server['userManager'].createUser({ ...data, password: password }, req.runner)
   if (!user) {
     return reply.status(400).send(new Error('User not registered'))
   }
@@ -53,7 +53,7 @@ export async function register(req: FastifyRequest, reply: FastifyReply) {
 export async function unregister(req: FastifyRequest, reply: FastifyReply) {
   const { email, password } = req.data()
 
-  let user = await req.server['userManager'].retrieveUserByPassword(email, password)
+  let user = await req.server['userManager'].retrieveUserByPassword(email, password, req.runner)
   let isValid = await req.server['userManager'].isValidUser(user)
 
   if (!isValid) {
@@ -64,7 +64,7 @@ export async function unregister(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(403).send(new Error('User blocked'))
   }
 
-  user = await req.server['userManager'].disableUserById(user.getId())
+  user = await req.server['userManager'].disableUserById(user.getId(), req.runner)
   isValid = await req.server['userManager'].isValidUser(user)
 
   if (!isValid) {
@@ -113,7 +113,7 @@ export async function changePassword(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(400).send(new Error('Repeated new password not match'))
   }
 
-  let user = await req.server['userManager'].retrieveUserByPassword(email, oldPassword)
+  let user = await req.server['userManager'].retrieveUserByPassword(email, oldPassword, req.runner)
   let isValid = await req.server['userManager'].isValidUser(user)
 
   if (!isValid) {
@@ -124,7 +124,7 @@ export async function changePassword(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(403).send(new Error('User blocked'))
   }
 
-  user = await req.server['userManager'].changePassword(email, newPassword1, oldPassword)
+  user = await req.server['userManager'].changePassword(email, newPassword1, oldPassword, req.runner)
   isValid = await req.server['userManager'].isValidUser(user)
   return { ok: isValid }
 }
@@ -142,9 +142,9 @@ export async function forgotPassword(req: FastifyRequest, reply: FastifyReply) {
 
   let user = null as any
   if (email) {
-    user = await req.server['userManager'].retrieveUserByEmail(email)
+    user = await req.server['userManager'].retrieveUserByEmail(email, req.runner)
   } else if (username) {
-    user = await req.server['userManager'].retrieveUserByUsername(username)
+    user = await req.server['userManager'].retrieveUserByUsername(username, req.runner)
   }
 
   let isValid = await req.server['userManager'].isValidUser(user)
@@ -157,7 +157,7 @@ export async function forgotPassword(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(403).send(new Error('User blocked'))
   }
 
-  user = await req.server['userManager'].forgotPassword(user.email)
+  user = await req.server['userManager'].forgotPassword(user.email, req.runner)
   isValid = await req.server['userManager'].isValidUser(user)
 
   return { ok: isValid }
@@ -170,7 +170,7 @@ export async function confirmEmail(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(400).send(new Error('Missing the confirm email token'))
   }
 
-  let user = await req.server['userManager'].retrieveUserByConfirmationToken(code)
+  let user = await req.server['userManager'].retrieveUserByConfirmationToken(code, req.runner)
   let isValid = await req.server['userManager'].isValidUser(user)
 
   if (!isValid) {
@@ -181,7 +181,7 @@ export async function confirmEmail(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(403).send(new Error('User blocked'))
   }
 
-  user = await req.server['userManager'].userConfirmation(user)
+  user = await req.server['userManager'].userConfirmation(user, req.runner)
   isValid = await req.server['userManager'].isValidUser(user)
 
   return { ok: isValid }
@@ -202,7 +202,7 @@ export async function resetPassword(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(400).send(new Error('Repeated new password not match'))
   }
 
-  let user = await req.server['userManager'].retrieveUserByResetPasswordToken(code)
+  let user = await req.server['userManager'].retrieveUserByResetPasswordToken(code, req.runner)
   let isValid = await req.server['userManager'].isValidUser(user)
 
   if (!isValid) {
@@ -213,7 +213,7 @@ export async function resetPassword(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(403).send(new Error('User blocked'))
   }
 
-  user = await req.server['userManager'].resetPassword(user, newPassword1)
+  user = await req.server['userManager'].resetPassword(user, newPassword1, req.runner)
   isValid = await req.server['userManager'].isValidUser(user)
   return { ok: isValid, user }
 }
@@ -233,7 +233,7 @@ export async function login(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(400).send(new Error('Password not valid'))
   }
 
-  let user = await req.server['userManager'].retrieveUserByPassword(email, password)
+  let user = await req.server['userManager'].retrieveUserByPassword(email, password, req.runner)
   if (!user) {
     return reply.status(403).send(new Error('Wrong credentials'))
   }
@@ -262,7 +262,10 @@ export async function login(req: FastifyRequest, reply: FastifyReply) {
   const isMandatory = mfa_policy === MfaPolicy.MANDATORY
 
   if (isMfaEnabled || isMandatory) {
-    const tempToken = await reply.jwtSign({ sub: user.externalId, role: 'pre-auth-mfa' }, { expiresIn: '5m' })
+    const tempToken = await reply.jwtSign(
+      { sub: user.externalId, role: 'pre-auth-mfa', tid: req.tenant?.id },
+      { expiresIn: '5m' }
+    )
     // Use 202 Accepted to bypass 200 OK strict schema filtering
     return reply.status(202).send({
       mfaRequired: isMfaEnabled, // If enabled, verify. If not enabled but mandatory, setup.
@@ -272,13 +275,13 @@ export async function login(req: FastifyRequest, reply: FastifyReply) {
   }
 
   if (config.options.reset_external_id_on_login) {
-    user = await req.server['userManager'].resetExternalId(user.getId())
+    user = await req.server['userManager'].resetExternalId(user.getId(), req.runner)
   }
 
   // https://www.iana.org/assignments/jwt/jwt.xhtml
-  const token = await reply.jwtSign({ sub: user.externalId })
+  const token = await reply.jwtSign({ sub: user.externalId, tid: req.tenant?.id })
   const refreshToken = reply.server.jwt['refreshToken']
-    ? await reply.server.jwt['refreshToken'].sign({ sub: user.externalId })
+    ? await reply.server.jwt['refreshToken'].sign({ sub: user.externalId, tid: req.tenant?.id })
     : undefined
 
   const AUTH_MODE = process.env.AUTH_MODE || 'BEARER'
@@ -342,14 +345,14 @@ export async function refreshToken(req: FastifyRequest, reply: FastifyReply) {
     return reply.status(403).send(new Error('Mismatched tokens'))
   }
 
-  const user = await req.server['userManager'].retrieveUserByExternalId(tokenData.sub)
+  const user = await req.server['userManager'].retrieveUserByExternalId(tokenData.sub, req.runner)
   const isValid = await req.server['userManager'].isValidUser(user)
 
   if (!isValid) {
     return reply.status(403).send(new Error('Wrong refresh token'))
   }
 
-  const newToken = await reply.jwtSign({ sub: user.externalId })
+  const newToken = await reply.jwtSign({ sub: user.externalId, tid: req.tenant?.id })
   return {
     token: newToken
   }
@@ -361,43 +364,12 @@ export async function invalidateTokens(req: FastifyRequest, reply: FastifyReply)
     return reply.status(403).send(new Error('User not linked'))
   }
 
-  const user = await req.server['userManager'].resetExternalId(req.user.getId())
+  const user = await req.server['userManager'].resetExternalId(req.user.getId(), req.runner)
   isValid = await req.server['userManager'].isValidUser(user)
   return { ok: isValid }
 }
 
-export async function block(req: FastifyRequest, reply: FastifyReply) {
-  if (!req.server['userManager'].isImplemented()) {
-    throw new Error('Not implemented')
-  }
-
-  if (!req.hasRole(roles.admin) && !req.hasRole(roles.backoffice)) {
-    return reply.status(403).send({ statusCode: 403, code: 'ROLE_NOT_ALLOWED', message: 'Not allowed to block a user' })
-  }
-
-  const { id: userId } = req.parameters()
-  const { reason } = req.data()
-
-  let user = await req.server['userManager'].blockUserById(userId, reason)
-  user = await req.server['userManager'].resetExternalId(user.getId())
-  return { ok: !!user.getId() }
-}
-
-export async function unblock(req: FastifyRequest, reply: FastifyReply) {
-  if (!req.server['userManager'].isImplemented()) {
-    throw new Error('Not implemented')
-  }
 
-  if (!req.hasRole(roles.admin) && !req.hasRole(roles.backoffice)) {
-    return reply
-      .status(403)
-      .send({ statusCode: 403, code: 'ROLE_NOT_ALLOWED', message: 'Not allowed to unblock a user' })
-  }
-
-  const { id: userId } = req.parameters()
-  const user = await req.server['userManager'].unblockUserById(userId)
-  return { ok: !!user.getId() }
-}
 
 export async function mfaSetup(req: FastifyRequest, reply: FastifyReply) {
   const user = req.user
@@ -429,16 +401,16 @@ export async function mfaEnable(req: FastifyRequest, reply: FastifyReply) {
     }
 
     // 2. Save using userManager (typeorm)
-    await req.server['userManager'].saveMfaSecret(user.getId(), secret)
-    await req.server['userManager'].enableMfa(user.getId())
+    await req.server['userManager'].saveMfaSecret(user.getId(), secret, req.runner)
+    await req.server['userManager'].enableMfa(user.getId(), req.runner)
 
     // IMPORTANT: Return full tokens upon enablement if user was in pending state
     // BUT usually user is already logged in via temp token or full token.
     // If user is setting up from "Forced Setup", they need tokens now.
 
-    const finalToken = await reply.jwtSign({ sub: user.externalId })
+    const finalToken = await reply.jwtSign({ sub: user.externalId, tid: req.tenant?.id })
     const refreshToken = reply.server.jwt['refreshToken']
-      ? await reply.server.jwt['refreshToken'].sign({ sub: user.externalId })
+      ? await reply.server.jwt['refreshToken'].sign({ sub: user.externalId, tid: req.tenant?.id })
       : undefined
 
     return {
@@ -480,10 +452,10 @@ export async function mfaVerify(req: FastifyRequest, reply: FastifyReply) {
   if (!token) return reply.status(400).send(new Error('Missing token'))
 
   // 1. Retrieve secret via userManager
-  const user = await req.server['userManager'].retrieveUserByExternalId(subjectId)
+  const user = await req.server['userManager'].retrieveUserByExternalId(subjectId, req.runner)
   if (!user) return reply.status(404).send(new Error('User not found'))
 
-  const secret = await req.server['userManager'].retrieveMfaSecret(user.getId())
+  const secret = await req.server['userManager'].retrieveMfaSecret(user.getId(), req.runner)
   if (!secret) return reply.status(403).send(new Error('MFA not configured for user'))
 
   // 2. Verify via mfaManager
@@ -491,12 +463,12 @@ export async function mfaVerify(req: FastifyRequest, reply: FastifyReply) {
   if (!isValid) return reply.status(403).send(new Error('Invalid MFA token'))
 
   if (config.options.reset_external_id_on_login) {
-    await req.server['userManager'].resetExternalId(user.getId())
+    await req.server['userManager'].resetExternalId(user.getId(), req.runner)
   }
 
-  const finalToken = await reply.jwtSign({ sub: user.externalId })
+  const finalToken = await reply.jwtSign({ sub: user.externalId, tid: req.tenant?.id })
   const refreshToken = reply.server.jwt['refreshToken']
-    ? await reply.server.jwt['refreshToken'].sign({ sub: user.externalId })
+    ? await reply.server.jwt['refreshToken'].sign({ sub: user.externalId, tid: req.tenant?.id })
     : undefined
 
   return {
@@ -520,7 +492,7 @@ export async function mfaDisable(req: FastifyRequest, reply: FastifyReply) {
   }
 
   try {
-    await req.server['userManager'].disableMfa(user.getId())
+    await req.server['userManager'].disableMfa(user.getId(), req.runner)
     return { ok: true }
   } catch (error: any) {
     req.log.error({ err: error }, 'MFA Disable failed')
@@ -528,22 +500,4 @@ export async function mfaDisable(req: FastifyRequest, reply: FastifyReply) {
   }
 }
 
-export async function resetMfa(req: FastifyRequest, reply: FastifyReply) {
-  const { id } = req.parameters()
-
-  if (!req.hasRole(roles.admin)) {
-    return reply.status(403).send(new Error('Only admins can reset MFA'))
-  }
-
-  if (!id) {
-    return reply.status(400).send(new Error('Missing user id'))
-  }
 
-  try {
-    await req.server['userManager'].disableMfa(id)
-    return { ok: true }
-  } catch (error: any) {
-    req.log.error({ err: error }, 'MFA Reset failed')
-    return reply.status(500).send(new Error('Failed to reset MFA'))
-  }
-}

package/lib/api/auth/routes.ts

@@ -174,37 +174,7 @@ export default {
         }
       }
     },
-    {
-      method: 'POST',
-      path: '/block/:id',
-      roles: [roles.admin, roles.backoffice],
-      handler: 'auth.block',
-      middlewares: ['global.isAuthenticated'],
-      config: {
-        title: 'Block a user by id',
-        description: 'Block a user by id',
-        params: { $ref: 'onlyIdSchema#' },
-        body: { $ref: 'blockBodySchema#' },
-        response: {
-          200: { $ref: 'defaultResponse#' }
-        }
-      }
-    },
-    {
-      method: 'POST',
-      path: '/unblock/:id',
-      roles: [roles.admin, roles.backoffice],
-      handler: 'auth.unblock',
-      middlewares: ['global.isAuthenticated'],
-      config: {
-        title: 'Unblock a user by id',
-        description: 'Unblock a user by id',
-        params: { $ref: 'onlyIdSchema#' },
-        response: {
-          200: { $ref: 'defaultResponse#' }
-        }
-      }
-    },
+
     {
       method: 'POST',
       path: '/mfa/setup',
@@ -237,7 +207,7 @@ export default {
     {
       method: 'POST',
       path: '/mfa/verify',
-      roles: [], // Open, validation via temp token manually in controller
+      roles: [],
       handler: 'auth.mfaVerify',
       middlewares: [],
       config: {
@@ -263,6 +233,7 @@ export default {
           200: { $ref: 'defaultResponse#' }
         }
       }
-    }
+    },
+
   ]
 }

package/lib/api/tool/controller/tool.ts

@@ -1,6 +1,11 @@
 import { FastifyReply, FastifyRequest } from 'fastify'
 
 export async function synchronizeSchemas(req: FastifyRequest, reply: FastifyReply) {
+  const { multi_tenant } = global.config?.options || {}
+  if (multi_tenant?.enabled) {
+    throw new Error('Schema synchronization is not supported in multi-tenant mode.')
+  }
+
   if (!req.server['dataBaseManager'].isImplemented()) {
     throw new Error('Not implemented')
   }

package/lib/api/users/controller/user.ts

@@ -90,7 +90,40 @@ export async function isAdmin(req: FastifyRequest, reply: FastifyReply) {
   return reply.send({ isAdmin: user?.getId() && req.hasRole(roles.admin) })
 }
 
-export async function resetMfa(req: FastifyRequest, reply: FastifyReply) {
+export async function block(req: FastifyRequest, reply: FastifyReply) {
+  if (!req.server['userManager'].isImplemented()) {
+    throw new Error('Not implemented')
+  }
+
+  if (!req.hasRole(roles.admin) && !req.hasRole(roles.backoffice)) {
+    return reply.status(403).send({ statusCode: 403, code: 'ROLE_NOT_ALLOWED', message: 'Not allowed to block a user' })
+  }
+
+  const { id: userId } = req.parameters()
+  const { reason } = req.data()
+
+  let user = await req.server['userManager'].blockUserById(userId, reason, req.runner)
+  user = await req.server['userManager'].resetExternalId(user.getId(), req.runner)
+  return { ok: !!user.getId() }
+}
+
+export async function unblock(req: FastifyRequest, reply: FastifyReply) {
+  if (!req.server['userManager'].isImplemented()) {
+    throw new Error('Not implemented')
+  }
+
+  if (!req.hasRole(roles.admin) && !req.hasRole(roles.backoffice)) {
+    return reply
+      .status(403)
+      .send({ statusCode: 403, code: 'ROLE_NOT_ALLOWED', message: 'Not allowed to unblock a user' })
+  }
+
+  const { id: userId } = req.parameters()
+  const user = await req.server['userManager'].unblockUserById(userId, req.runner)
+  return { ok: !!user.getId() }
+}
+
+export async function resetMfaByAdmin(req: FastifyRequest, reply: FastifyReply) {
   const { id } = req.parameters()
 
   if (!req.hasRole(roles.admin)) {
@@ -102,10 +135,44 @@ export async function resetMfa(req: FastifyRequest, reply: FastifyReply) {
   }
 
   try {
-    await req.server['userManager'].disableMfa(id)
+    await req.server['userManager'].disableMfa(id, req.runner)
     return { ok: true }
   } catch (error) {
     req.log.error(error)
     return reply.status(500).send(new Error('Failed to reset MFA'))
   }
 }
+
+export async function resetPasswordByAdmin(req: FastifyRequest, reply: FastifyReply) {
+  // Check if feature is enabled via config
+  if (config.options?.allow_admin_change_password_users !== true) {
+    return reply.status(404).send()
+  }
+
+  if (!req.hasRole(roles.admin)) {
+    return reply.status(403).send(new Error('Only admins can reset user passwords'))
+  }
+
+  const { id } = req.parameters()
+  if (!id) {
+    return reply.status(400).send(new Error('Missing user id'))
+  }
+
+  const { password } = req.data()
+  if (!password) {
+    return reply.status(400).send(new Error('Missing password in request body'))
+  }
+
+  try {
+    const user = await req.server['userManager'].retrieveUserById(id)
+    if (!user) {
+      return reply.status(404).send(new Error('User not found'))
+    }
+
+    await req.server['userManager'].resetPassword(user, password)
+    return { ok: true }
+  } catch (error) {
+    req.log.error(error)
+    return reply.status(500).send(new Error('Failed to reset password'))
+  }
+}

package/lib/api/users/routes.ts

@@ -180,20 +180,76 @@ export default {
         }
       }
     },
+    {
+      method: 'POST',
+      path: '/:id/block',
+      roles: [roles.admin, roles.backoffice],
+      handler: 'user.block',
+      middlewares: ['global.isAuthenticated'],
+      config: {
+        title: 'Block a user by id',
+        description: 'Block a user by id',
+        params: { $ref: 'onlyIdSchema#' },
+        body: { $ref: 'blockBodySchema#' },
+        response: {
+          200: { $ref: 'defaultResponse#' }
+        }
+      }
+    },
+    {
+      method: 'POST',
+      path: '/:id/unblock',
+      roles: [roles.admin, roles.backoffice],
+      handler: 'user.unblock',
+      middlewares: ['global.isAuthenticated'],
+      config: {
+        title: 'Unblock a user by id',
+        description: 'Unblock a user by id',
+        params: { $ref: 'onlyIdSchema#' },
+        response: {
+          200: { $ref: 'defaultResponse#' }
+        }
+      }
+    },
     {
       method: 'POST',
       path: '/:id/mfa/reset',
       roles: [roles.admin],
-      handler: 'user.resetMfa',
+      handler: 'user.resetMfaByAdmin',
       middlewares: ['global.isAuthenticated'],
       config: {
-        title: 'Reset MFA for user',
+        title: 'Reset MFA for specific user',
         description: 'Disable MFA for a specific user (Admin only)',
         params: { $ref: 'globalParamsSchema#' },
         response: {
           200: { $ref: 'defaultResponse#' }
         }
       }
+    },
+    {
+      method: 'POST',
+      path: '/:id/password/reset',
+      roles: [roles.admin],
+      handler: 'user.resetPasswordByAdmin',
+      middlewares: ['global.isAuthenticated'],
+      config: {
+        title: 'Reset password for specific user',
+        description:
+          'Admin can reset password for a specific user. Requires config option allow_admin_change_password_users to be enabled.',
+        params: { $ref: 'globalParamsSchema#' },
+        body: {
+          type: 'object',
+          required: ['password'],
+          properties: {
+            password: { type: 'string', minLength: 6 }
+          }
+        },
+        response: {
+          200: { $ref: 'defaultResponse#' }
+        }
+      }
     }
   ]
+
+
 }

package/lib/config/general.ts

@@ -3,11 +3,18 @@ export default {
   options: {
     allow_multiple_admin: false,
     admin_can_change_passwords: false,
+    allow_admin_change_password_users: false,
     reset_external_id_on_login: false,
     scheduler: false,
     embedded_auth: true,
     mfa_policy: process.env.MFA_POLICY || 'OPTIONAL', // OPTIONAL, MANDATORY, ONE_WAY
     mfa_admin_forced_reset_email: null,
-    mfa_admin_forced_reset_until: null
+    mfa_admin_forced_reset_until: null,
+    multi_tenant: {
+      enabled: false,
+      resolver: 'subdomain', // subdomain, header, query
+      header_key: 'x-tenant-id',
+      query_key: 'tid'
+    }
   }
 }

package/lib/defaults/managers.ts

@@ -0,0 +1,88 @@
+
+import { 
+  UserManagement, 
+  TokenManagement, 
+  DataBaseManagement, 
+  MfaManagement, 
+  TransferManagement,
+  TenantManagement,
+  TransferCallback
+} from '../../types/global.js'
+import { FastifyReply, FastifyRequest } from 'fastify'
+
+// Default implementations that throw errors or return not implemented
+export const defaultTenantManager: TenantManagement = {
+  isImplemented() { return false },
+  resolveTenant(_req) { throw new Error('Not implemented') },
+  switchContext(_tenant, _db?) { throw new Error('Not implemented') },
+  createTenant(_data) { throw new Error('Not implemented') },
+  deleteTenant(_id) { throw new Error('Not implemented') }
+}
+
+export const defaultUserManager: UserManagement = {
+  isImplemented() { return false },
+  isValidUser(_data: unknown) { throw new Error('Not implemented.') },
+  createUser(_data: unknown) { throw new Error('Not implemented.') },
+  deleteUser(_data: unknown) { throw new Error('Not implemented.') },
+  resetExternalId(_data: unknown) { throw new Error('Not implemented.') },
+  updateUserById(_id: string, _user: unknown) { throw new Error('Not implemented.') },
+  retrieveUserById(_id: string) { throw new Error('Not implemented.') },
+  retrieveUserByEmail(_email: string) { throw new Error('Not implemented.') },
+  retrieveUserByConfirmationToken(_code: string) { throw new Error('Not implemented.') },
+  retrieveUserByResetPasswordToken(_code: string) { throw new Error('Not implemented.') },
+  retrieveUserByUsername(_username: string) { throw new Error('Not implemented.') },
+  retrieveUserByExternalId(_externalId: string) { throw new Error('Not implemented.') },
+  retrieveUserByPassword(_email: string, _password: string) { throw new Error('Not implemented.') },
+  changePassword(_email: string, _password: string, _oldPassword: string) { throw new Error('Not implemented.') },
+  forgotPassword(_email: string) { throw new Error('Not implemented.') },
+  userConfirmation(_user: unknown) { throw new Error('Not implemented.') },
+  resetPassword(_user: unknown, _password: string) { throw new Error('Not implemented.') },
+  blockUserById(_id: string, _reason: string) { throw new Error('Not implemented.') },
+  unblockUserById(_data: unknown) { throw new Error('Not implemented.') },
+  countQuery(_data: unknown) { throw new Error('Not implemented.') },
+  findQuery(_data: unknown) { throw new Error('Not implemented.') },
+  disableUserById(_id: string) { throw new Error('Not implemented.') },
+  saveMfaSecret(_userId: string, _secret: string) { throw new Error('Not implemented.') },
+  retrieveMfaSecret(_userId: string) { throw new Error('Not implemented.') },
+  enableMfa(_userId: string) { throw new Error('Not implemented.') },
+  disableMfa(_userId: string) { throw new Error('Not implemented.') },
+  forceDisableMfaForAdmin(_email: string) { throw new Error('Not implemented.') }
+}
+
+export const defaultTokenManager: TokenManagement = {
+  isImplemented() { return false },
+  isValidToken(_data: unknown) { throw new Error('Not implemented.') },
+  createToken(_data: unknown) { throw new Error('Not implemented.') },
+  resetExternalId(_id: string) { throw new Error('Not implemented.') },
+  updateTokenById(_id: string, _token: unknown) { throw new Error('Not implemented.') },
+  retrieveTokenById(_id: string) { throw new Error('Not implemented.') },
+  retrieveTokenByExternalId(_id: string) { throw new Error('Not implemented.') },
+  blockTokenById(_id: string, _reason: string) { throw new Error('Not implemented.') },
+  unblockTokenById(_id: string) { throw new Error('Not implemented.') },
+  countQuery(_data: unknown) { throw new Error('Not implemented.') },
+  findQuery(_data: unknown) { throw new Error('Not implemented.') },
+  removeTokenById(_id: string) { throw new Error('Not implemented.') }
+}
+
+export const defaultDataBaseManager: DataBaseManagement = {
+  isImplemented() { return false },
+  synchronizeSchemas() { throw new Error('Not implemented.') },
+  retrieveBy(_entityName, _entityId) { throw new Error('Not implemented.') },
+  addChange(_entityName, _entityId, _status, _userId, _contents, _changeEntity) { throw new Error('Not implemented.') }
+}
+
+export const defaultMfaManager: MfaManagement = {
+  generateSetup(_appName: string, _email: string) { throw new Error('Not implemented.') },
+  verify(_token: string, _secret: string) { throw new Error('Not implemented.') }
+}
+
+export const defaultTransferManager: TransferManagement = {
+  isImplemented() { return false },
+  getPath() { throw new Error('Not implemented.') },
+  getServer() { throw new Error('Not implemented.') },
+  onUploadCreate(_callback: TransferCallback) { throw new Error('Not implemented.') },
+  onUploadFinish(_callback: TransferCallback) { throw new Error('Not implemented.') },
+  onUploadTerminate(_callback: TransferCallback) { throw new Error('Not implemented.') },
+  handle(_req: FastifyRequest, _res: FastifyReply) { throw new Error('Not implemented.') },
+  isValid(_req: FastifyRequest) { throw new Error('Not implemented.') }
+}