abmp-npm 1.1.64 → 1.1.66

package/backend/consts.js

@@ -1,4 +1,5 @@
 const PAC_API_URL = 'https://members.abmp.com/eweb/api/Wix';
+const SSO_TOKEN_AUTH_API_URL = 'https://members.professionalassistcorp.com/';
 
 /**
  * Valid configuration keys for getSiteConfigs function
@@ -38,4 +39,5 @@ module.exports = {
   PAC_API_URL,
   COMPILED_FILTERS_FIELDS,
   MEMBERSHIPS_TYPES,
+  SSO_TOKEN_AUTH_API_URL,
 };

package/backend/daily-pull/sync-to-cms-methods.js

@@ -2,7 +2,7 @@ const { taskManager } = require('psdev-task-manager');
 
 const { CONFIG_KEYS } = require('../consts');
 const { fetchPACMembers } = require('../pac-api-methods');
-const { TASKS_NAMES } = require('../tasks');
+const { TASKS_NAMES } = require('../tasks/consts');
 const { getSiteConfigs } = require('../utils');
 
 const { bulkProcessAndSaveMemberData } = require('./bulk-process-methods');

package/backend/index.js

@@ -9,7 +9,8 @@ module.exports = {
   ...require('./members-area-methods'), //TODO: remove it once we finish NPM movement
   ...require('./members-data-methods'), //TODO: remove it once we finish NPM movement
   ...require('./cms-data-methods'), //TODO: remove it once we finish NPM movement
-  ...require('./sso-methods'),
+  ...require('./routers'),
+  ...require('./login'),
   ...require('./data-hooks'),
   ...require('./http-functions'),
 };

package/backend/login/index.js

@@ -0,0 +1,19 @@
+const { loginQAMember } = require('./qa-login-methods');
+const { authenticateSSOToken } = require('./sso-methods');
+
+const createLoginMethods = generateSessionToken => {
+  //There is no generateSessionToken SDK version,  and the signOn of @wix/identity returns 403 error regardless that the permissions are valid
+  //Therefore, as a workaround we need to inject the Velo version of generateSessionToken to the login methods.
+  const injectGenerateSessionTokenToMethod =
+    method =>
+    async (...args) =>
+      await method(...args, generateSessionToken);
+  return {
+    loginQAMember: injectGenerateSessionTokenToMethod(loginQAMember),
+    authenticateSSOToken: injectGenerateSessionTokenToMethod(authenticateSSOToken),
+  };
+};
+
+module.exports = {
+  createLoginMethods,
+};

package/backend/login/qa-login-methods.js

@@ -0,0 +1,72 @@
+const { getMemberByEmail, getQAUsers } = require('../members-data-methods');
+const { getSecret } = require('../utils');
+
+const validateQAUser = async userEmail => {
+  const qaUsers = await getQAUsers();
+  const matchingUser = qaUsers.find(user => user.email === userEmail);
+  if (!matchingUser) {
+    return { error: `Invalid user email: ${userEmail}` };
+  }
+  return { valid: true, user: matchingUser };
+};
+
+/**
+ * Login a QA user
+ * @param {Object} params - The parameters for the login
+ * @param {string} params.userEmail - The email of the user to login
+ * @param {string} params.secret - The secret of the user to login
+ * @param {Function} generateSessionToken - a dependency of the method, injected by the createLoginMethods function
+ * @returns {Promise<Object>} The result of the login
+ */
+const loginQAMember = async ({ userEmail, secret }, generateSessionToken) => {
+  try {
+    const userValidation = await validateQAUser(userEmail);
+    if (userValidation.error) {
+      return { success: false, error: userValidation.error };
+    }
+
+    const qaSecret = await getSecret('ABMP_QA_SECRET');
+    if (secret !== qaSecret) {
+      return { success: false, error: 'Invalid secret' };
+    }
+
+    const token = await generateSessionToken(userValidation.user, qaSecret);
+
+    const result = await getMemberCMSId(userEmail);
+    if (!result.success) {
+      return { success: false, error: result.error };
+    }
+
+    return {
+      success: true,
+      token,
+      memberCMSId: result.memberCMSId,
+    };
+  } catch (error) {
+    console.error('QA login error:', error);
+    return { error: 'Failed to generate session token' };
+  }
+};
+
+async function getMemberCMSId(userEmail) {
+  try {
+    const userValidation = await validateQAUser(userEmail);
+    if (userValidation.error) {
+      return { success: false, error: userValidation.error };
+    }
+
+    const member = await getMemberByEmail(userEmail);
+
+    if (!member) {
+      return { success: false, error: `No Member found in DB matching email: ${userEmail}` };
+    }
+    return { success: true, memberCMSId: member._id };
+  } catch (error) {
+    console.error('Error getting member CMS ID:', error);
+    return { success: false, error: 'Failed to retrieve member data' };
+  }
+}
+
+module.exports = {
+  loginQAMember,
+};

package/backend/login/sso-methods.js

@@ -0,0 +1,158 @@
+const { createHmac } = require('crypto');
+
+const { decode } = require('jwt-js-decode');
+
+const { CONFIG_KEYS, SSO_TOKEN_AUTH_API_URL } = require('../consts');
+const { MEMBER_ACTIONS } = require('../daily-pull/consts');
+const { getCurrentMember } = require('../members-area-methods');
+const { getMemberByContactId, getSiteMemberId } = require('../members-data-methods');
+const {
+  formatDateToMonthYear,
+  getAddressDisplayOptions,
+  isStudent,
+  getSiteConfigs,
+  getSecret,
+} = require('../utils');
+
+/**
+ * Validates member token and retrieves member data
+ * @param {string} memberIdInput - The member ID to validate
+ * @returns {Promise<{memberData: Object|null, isValid: boolean}>} Validation result with member data
+ */
+async function validateMemberToken(memberIdInput) {
+  const invalidTokenResponse = { memberData: null, isValid: false };
+
+  if (!memberIdInput) {
+    return invalidTokenResponse;
+  }
+
+  try {
+    const member = await getCurrentMember();
+    if (!member || !member._id) {
+      console.log(
+        'member not found from members.getCurrentMember() for memberIdInput',
+        memberIdInput
+      );
+      return invalidTokenResponse;
+    }
+
+    const [dbMember, siteConfigs] = await Promise.all([
+      getMemberByContactId(member._id),
+      getSiteConfigs(),
+    ]);
+    const siteAssociation = siteConfigs[CONFIG_KEYS.SITE_ASSOCIATION];
+    const membersExternalPortalUrl = siteConfigs[CONFIG_KEYS.MEMBERS_EXTERNAL_PORTAL_URL];
+    console.log('dbMember by contact id is:', dbMember);
+    console.log('member._id', member._id);
+
+    if (!dbMember?._id) {
+      const errorMessage = `No record found in DB for logged in Member [Corrupted Data - Duplicate Members? ] - There is no match in DB for currentMember: ${JSON.stringify(
+        { memberIdInput, currentMemberId: member._id }
+      )}`;
+      console.error(errorMessage);
+      throw new Error('CORRUPTED_MEMBER_DATA');
+    }
+
+    console.log(`Id found in DB for memberIdInput :${memberIdInput} is ${dbMember?._id}`);
+
+    const memberData = dbMember;
+
+    // Format membership dates
+    memberData.memberships = memberData.memberships.map(membership => ({
+      ...membership,
+      membersince: formatDateToMonthYear(membership.membersince),
+      isSiteAssociation: membership.association === siteAssociation,
+    }));
+
+    const savedMemberId = memberData?._id;
+    const isValid = savedMemberId === memberIdInput;
+
+    if (!savedMemberId || !isValid) {
+      return invalidTokenResponse;
+    }
+
+    // Check if member is dropped
+    if (memberData.action === MEMBER_ACTIONS.DROP) {
+      return invalidTokenResponse;
+    }
+
+    // Add computed properties
+    memberData.addressDisplayOption = getAddressDisplayOptions(memberData);
+    console.log('memberData', memberData);
+    memberData.isStudent = isStudent(memberData);
+
+    return { memberData, isValid, membersExternalPortalUrl };
+  } catch (error) {
+    console.error('Error in validateMemberToken:', error);
+    throw error;
+  }
+}
+async function checkAndFetchSSO(token) {
+  const SSO_TOKEN_AUTH_API_KEY = await getSecret('SSO_TOKEN_AUTH_API_KEY');
+  const signature = createHmac('sha256', SSO_TOKEN_AUTH_API_KEY).update(token).digest('hex');
+  const professionalassistcorpUrl = `${SSO_TOKEN_AUTH_API_URL}/eweb/SSOToken.ashx?token=${token}&Partner=Wix&Signature=${signature}`;
+  const options = {
+    method: 'get',
+  };
+  try {
+    const httpResponse = await fetch(professionalassistcorpUrl, options);
+    console.log('httpResponse status', httpResponse.status);
+    if (!httpResponse.ok) {
+      throw new Error('Fetch did not succeed with status: ' + httpResponse.status);
+    }
+    const responseToken = await httpResponse.text();
+    return responseToken;
+  } catch (error) {
+    console.error('Error in checkAndFetchSSO', error);
+    return null;
+  }
+}
+
+/**
+ * Authenticate an SSO token
+ * @param {Object} params - The parameters for the authentication
+ * @param {string} params.token - The token to authenticate
+ * @param {Function} generateSessionToken - a dependency of the method, injected by the createLoginMethods function
+ * @returns {Promise<Object>} The result of the authentication
+ */
+const authenticateSSOToken = async ({ token }, generateSessionToken) => {
+  const responseToken = await checkAndFetchSSO(token);
+  const isValidToken = Boolean(
+    responseToken && typeof responseToken === 'string' && responseToken?.trim()
+  );
+  const toLogTokenData = {
+    isValidToken,
+    tokenData: responseToken
+      ? {
+          length: responseToken.length,
+          preview: responseToken.substring(0, 50),
+        }
+      : 'No token',
+  };
+  console.log('checkAndFetchSSO responseToken data', JSON.stringify(toLogTokenData, null, 2));
+  if (isValidToken) {
+    const jwt = decode(responseToken);
+    const payload = jwt.payload;
+    const membersData = await getSiteMemberId(payload);
+    console.log('membersDataCollectionId', membersData._id);
+    const sessionToken = await generateSessionToken(membersData.email);
+    const authObj = {
+      type: 'success',
+      memberId: membersData._id,
+      sessionToken,
+    };
+    return authObj;
+  } else {
+    console.log('invalid Token responseToken is: ', responseToken);
+    return {
+      type: 'error',
+      memberId: '',
+      sessionToken: '',
+    };
+  }
+};
+
+module.exports = {
+  validateMemberToken,
+  authenticateSSOToken,
+};

package/backend/members-data-methods.js

@@ -2,7 +2,7 @@ const { COLLECTIONS } = require('../public/consts');
 
 const { MEMBERSHIPS_TYPES } = require('./consts');
 const { updateMemberContactInfo } = require('./contacts-methods');
-const { MEMBER_ACTIONS } = require('./daily-pull');
+const { MEMBER_ACTIONS } = require('./daily-pull/consts');
 const { wixData } = require('./elevated-modules');
 const { createSiteMember } = require('./members-area-methods');
 const {
@@ -296,6 +296,27 @@ async function urlExists(url, excludeMemberId) {
   }
 }
 
+/**
+ * Checks URL uniqueness for a member
+ * @param {string} url - The URL to check
+ * @param {string} memberId - The member ID to exclude from the check
+ * @returns {Promise<Object>} Result object with isUnique boolean
+ */
+async function checkUrlUniqueness(url, memberId) {
+  if (!url || !memberId) {
+    throw new Error('Missing required parameters: url and memberId are required');
+  }
+
+  try {
+    const trimmedUrl = url.trim();
+    const exists = await urlExists(trimmedUrl, memberId);
+
+    return { isUnique: !exists };
+  } catch (error) {
+    console.error('Error checking URL uniqueness:', error);
+    throw new Error(`Failed to check URL uniqueness: ${error.message}`);
+  }
+}
 /**
  * Get all members with external profile images
  * @returns {Promise<Array>} - Array of member IDs
@@ -400,6 +421,74 @@ const getMembersByIds = async memberIds => {
   }
 };
 
+const getMemberByEmail = async email => {
+  try {
+    const members = await wixData
+      .query(COLLECTIONS.MEMBERS_DATA)
+      .eq('email', email)
+      .limit(2)
+      .find()
+      .then(res => res.items);
+    if (members.length > 1) {
+      throw new Error(
+        `[getMemberByEmail] Multiple members found with email ${email} membersIds are : [${members.map(member => member.memberId).join(', ')}]`
+      );
+    }
+    return members[0] || null;
+  } catch (error) {
+    console.error('Error getting member by email:', error);
+    throw new Error(`Failed to get member by email: ${error.message}`);
+  }
+};
+
+const getQAUsers = async () => {
+  try {
+    return await wixData
+      .query(COLLECTIONS.QA_USERS)
+      .include('member')
+      .find()
+      .then(res => res.items.map(item => item.member));
+  } catch (error) {
+    console.error('Error getting QA users:', error);
+    throw new Error(`Failed to get QA users: ${error.message}`);
+  }
+};
+async function getSiteMemberId(data) {
+  try {
+    console.log('data', data);
+    const memberId = data?.pac?.cst_recno;
+    if (!memberId) {
+      const errorMessage = `Member ID is missing in passed data ${JSON.stringify(data)}`;
+      console.error(errorMessage);
+      throw new Error(errorMessage);
+    }
+    const queryMemberResult = await wixData
+      .query(COLLECTIONS.MEMBERS_DATA)
+      .eq('memberId', Number(memberId))
+      .find()
+      .then(res => res.items);
+    if (!queryMemberResult.length || queryMemberResult.length > 1) {
+      throw new Error(
+        `Invalid Members count found in DB for email ${data.email} members count is : [${
+          queryMemberResult.length
+        }] membersIds are : [${queryMemberResult.map(member => member.memberId).join(', ')}]`
+      );
+    }
+    let memberData = queryMemberResult[0];
+    console.log('memberData', memberData);
+    const isNewUser = !memberData.contactId;
+    if (isNewUser) {
+      const memberDataWithContactId = await createContactAndMemberIfNew(memberData);
+      console.log('memberDataWithContactId', memberDataWithContactId);
+      memberData = memberDataWithContactId;
+    }
+    return memberData;
+  } catch (error) {
+    console.error('Error in getSiteMemberId', error.message);
+    throw error;
+  }
+}
+
 module.exports = {
   findMemberByWixDataId,
   createContactAndMemberIfNew,
@@ -415,4 +504,8 @@ module.exports = {
   getAllMembersWithoutContactFormEmail,
   getAllUpdatedLoginEmails,
   getMembersByIds,
+  getMemberByEmail,
+  getQAUsers,
+  getSiteMemberId,
+  checkUrlUniqueness,
 };

package/backend/routers/index.js

@@ -0,0 +1,3 @@
+module.exports = {
+  ...require('./methods'),
+};

package/backend/routers/methods.js

@@ -0,0 +1,177 @@
+const { PAGES_PATHS } = require('../../public/consts');
+//const { fetchAllItemsInParallel } = require('../cms-data-methods'); unused at host site
+const { CONFIG_KEYS } = require('../consts');
+const { getSiteConfigs } = require('../utils');
+
+const { generateSEOTitle, stripHtmlTags, getMemberProfileData } = require('./utils');
+
+const createRoutersHandlers = wixRouterMethods => {
+  const {
+    redirect,
+    ok,
+    notFound,
+    sendStatus,
+    WixRouterSitemapEntry: _WixRouterSitemapEntry,
+  } = wixRouterMethods; // These dependencies needs to be injected as they do not have an SDK equivalent for now
+
+  async function profileRouter(request) {
+    const slug = request.path[0];
+    if (!slug) {
+      return redirect(request.baseUrl);
+    }
+    try {
+      const siteConfigs = await getSiteConfigs();
+      const siteAssociation = siteConfigs[CONFIG_KEYS.SITE_ASSOCIATION];
+      const defaultSEODescription = siteConfigs[CONFIG_KEYS.DEFAULT_PROFILE_SEO_DESCRIPTION];
+      const siteLogoUrl = siteConfigs[CONFIG_KEYS.SITE_LOGO_URL];
+      const defaultProfileImage = siteConfigs[CONFIG_KEYS.DEFAULT_PROFILE_IMAGE];
+      const profileData = await getMemberProfileData(slug, siteAssociation);
+      if (profileData && profileData.showWixUrl) {
+        const ogImage = profileData.profileImage || profileData.logoImage || siteLogoUrl;
+        const seoTitle = generateSEOTitle({
+          fullName: profileData.fullName,
+          areasOfPractices: profileData.areasOfPractices,
+          siteAssociation,
+        });
+        // Use stripped HTML from aboutService rich text content
+        let description = stripHtmlTags(profileData.aboutService) || defaultSEODescription;
+
+        // Limit description to 160 characters for optimal SEO
+        if (description.length > 160) {
+          description = description.substring(0, 157) + '...';
+        }
+        const profileUrl = `${request.baseUrl}/${PAGES_PATHS.PROFILE}/${profileData.url}`;
+        const isPrivateMember = profileData.isPrivateMember;
+        const seoData = {
+          title: seoTitle,
+          description: description,
+          noIndex: isPrivateMember,
+          metaTags: [
+            {
+              name: 'description',
+              content: description,
+            },
+            {
+              name: 'keywords',
+              content:
+                `${profileData.fullName}, ${profileData.areasOfPractices ? profileData.areasOfPractices.slice(0, 3).join(', ') : ''}, ${siteAssociation}, ${profileData.city || ''}, ${profileData.state || ''}`
+                  .replace(/,\s*,/g, ',')
+                  .replace(/^,|,$/g, ''),
+            },
+            {
+              name: 'author',
+              content: profileData.fullName,
+            },
+            {
+              name: 'robots',
+              content: isPrivateMember ? 'noindex, nofollow' : 'index, follow',
+            },
+            // Open Graph tags
+            {
+              property: 'og:type',
+              content: 'profile',
+            },
+            {
+              property: 'og:title',
+              content: seoTitle,
+            },
+            {
+              property: 'og:description',
+              content: description,
+            },
+            {
+              property: 'og:image',
+              content: ogImage,
+            },
+            {
+              property: 'og:url',
+              content: profileUrl,
+            },
+            {
+              property: 'og:site_name',
+              content: `${siteAssociation} Members`,
+            },
+            // Twitter Card tags
+            {
+              name: 'twitter:card',
+              content: 'summary_large_image',
+            },
+            {
+              name: 'twitter:title',
+              content: seoTitle,
+            },
+            {
+              name: 'twitter:description',
+              content: description,
+            },
+            {
+              name: 'twitter:image',
+              content: ogImage,
+            },
+            // Additional SEO tags
+            {
+              name: 'geo.region',
+              content: profileData.state || '',
+            },
+            {
+              name: 'geo.placename',
+              content: profileData.city || '',
+            },
+          ].filter(tag => tag.content && tag.content.trim() !== ''), // Remove empty tags
+        };
+        return ok('profile', { ...profileData, defaultProfileImage }, seoData);
+      }
+      return notFound();
+    } catch (error) {
+      console.error(error);
+      return sendStatus('500', 'Internal Server Error');
+    }
+  }
+  function profileSiteMap(_sitemapRequest) {
+    return [];
+    // Commented out - currently disabled in host site
+    //   try {
+    //     const membersQuery = wixData
+    //       .query(COLLECTIONS.MEMBERS_DATA)
+    //       .eq('showWixUrl', true)
+    //       .isNotEmpty('url')
+    //       .ne('action', 'drop')
+    //       .fields('url', 'fullName');
+
+    //     const allMembers = await fetchAllItemsInParallel(membersQuery);
+
+    //     const batchSize = 1000;
+    //     const sitemapEntries = [];
+    //     const totalItems = allMembers.items.length;
+
+    //     for (let i = 0; i < totalItems; i += batchSize) {
+    //       const batch = allMembers.items.slice(i, i + batchSize);
+    //       const batchEntries = batch.map(member => {
+    //         const entry = new WixRouterSitemapEntry(member.fullName);
+    //         entry.pageName = 'profile';
+    //         entry.url = `${PAGES_PATHS.PROFILE}/${member.url}`;
+    //         entry.title = member.fullName;
+    //         entry.changeFrequency = 'monthly';
+    //         entry.priority = 1.0;
+    //         return entry;
+    //       });
+    //       sitemapEntries.push(...batchEntries);
+    //     }
+
+    //     return sitemapEntries;
+    //   } catch (error) {
+    //     console.error('Error generating profile sitemap:', error);
+    //     return [];
+    //   }
+  }
+  //Add other routers here
+  return {
+    profileRouter,
+    profileSiteMap,
+    //Add other routers here
+  };
+};
+
+module.exports = {
+  createRoutersHandlers,
+};

package/backend/routers/utils.js

@@ -0,0 +1,118 @@
+const { getMainAddress } = require('../../public/Utils/sharedUtils');
+const { getMemberBySlug } = require('../members-data-methods');
+const {
+  getAddressesByStatus,
+  formatDateToMonthYear,
+  hasStudentMembership,
+  isPAC_STAFF,
+} = require('../utils');
+
+function generateSEOTitle({ fullName, areasOfPractices, siteAssociation }) {
+  return `${fullName}${
+    areasOfPractices && areasOfPractices.length > 0
+      ? ` | ${areasOfPractices.slice(0, 3).join(', ')}`
+      : ''
+  } | ${siteAssociation} Member`;
+}
+
+function stripHtmlTags(html) {
+  if (!html) return '';
+  // Remove HTML tags and decode HTML entities
+  return html
+    .replace(/<[^>]*>/g, '') // Remove HTML tags
+    .replace(/&nbsp;/g, ' ') // Replace non-breaking spaces
+    .replace(/&amp;/g, '&') // Replace encoded ampersands
+    .replace(/&lt;/g, '<') // Replace encoded less than
+    .replace(/&gt;/g, '>') // Replace encoded greater than
+    .replace(/&quot;/g, '"') // Replace encoded quotes
+    .replace(/&#39;/g, "'") // Replace encoded apostrophes
+    .replace(/\s+/g, ' ') // Replace multiple whitespace with single space
+    .trim(); // Remove leading/trailing whitespace
+}
+
+function shouldHaveStudentBadge(member, siteAssociation) {
+  return hasStudentMembership({
+    member,
+    checkAssociation: true,
+    siteAssociation,
+  });
+}
+
+function transformMemberToProfileData(member, siteAssociation) {
+  if (!member) {
+    throw new Error('member is required');
+  }
+  const addresses = member.addresses || [];
+  const mainAddress = getMainAddress(member.addressDisplayOption, addresses);
+  const licenceNo = member.licenses
+    ?.map(val => val.license)
+    .filter(Boolean)
+    .join(', ');
+  const processedAddresses = getAddressesByStatus(member.addresses, member.addressDisplayOption);
+
+  const memberships = member.memberships || [];
+  const siteAssociationMembership = memberships.find(m => m.association === siteAssociation);
+
+  const areasOfPractices =
+    member.areasOfPractices
+      ?.filter(item => typeof item === 'string' && item.trim().length > 0)
+      .map(item => item.trim())
+      .sort((a, b) =>
+        a.localeCompare(b, undefined, {
+          sensitivity: 'base',
+          numeric: true,
+        })
+      ) || [];
+  return {
+    mainAddress,
+    testimonials: member.testimonial || [],
+    licenceNo,
+    processedAddresses,
+    memberSince:
+      (member.showABMP &&
+        siteAssociationMembership &&
+        formatDateToMonthYear(siteAssociationMembership?.membersince)) ||
+      '',
+    shouldHaveStudentBadge: shouldHaveStudentBadge(member, siteAssociation),
+    logoImage: member.logoImage,
+    fullName: member.fullName,
+    profileImage: member.profileImage,
+    showContactForm: member.showContactForm,
+    bookingUrl: member.bookingUrl,
+    aboutService: member.aboutService,
+    businessName: (member.showBusinessName && member.businessName) || '',
+    phone: member.toShowPhone || '',
+    areasOfPractices,
+    gallery: member.gallery,
+    bannerImages: member.bannerImages,
+    showWixUrl: member.showWixUrl,
+    _id: member._id,
+    url: member.url,
+    isPrivateMember: isPAC_STAFF(member),
+  };
+}
+
+const getMemberProfileData = async (slug, siteAssociation) => {
+  try {
+    const member = await getMemberBySlug({
+      slug,
+      excludeDropped: true,
+      excludeSearchedMember: false,
+    });
+
+    if (!member) {
+      return null;
+    }
+
+    return transformMemberToProfileData(member, siteAssociation);
+  } catch (error) {
+    console.error(error);
+    throw error;
+  }
+};
+
+module.exports = {
+  generateSEOTitle,
+  stripHtmlTags,
+  getMemberProfileData,
+};

package/backend/utils.js

@@ -1,20 +1,18 @@
-const { elevate } = require('@wix/essentials');
+const { auth } = require('@wix/essentials');
 const { secrets } = require('@wix/secrets');
 const { site } = require('@wix/urls');
 const { encode } = require('ngeohash');
 
-const { COLLECTIONS } = require('../public/consts');
+const { COLLECTIONS, ADDRESS_STATUS_TYPES } = require('../public/consts');
+const { formatAddress, generateId } = require('../public/Utils/sharedUtils');
 
-const { CONFIG_KEYS, GEO_HASH_PRECISION } = require('./consts');
+const { CONFIG_KEYS, GEO_HASH_PRECISION, MEMBERSHIPS_TYPES } = require('./consts');
 const { wixData } = require('./elevated-modules');
-const { urlExists } = require('./members-data-methods');
-const elevatedGetSecretValue = elevate(secrets.getSecretValue);
+const elevatedGetSecretValue = auth.elevate(secrets.getSecretValue);
 
 /**
  * Retrieves site configuration values from the database
- * @param {string} [configKey] - The configuration key to retrieve. Must be one of:
- *   - 'AUTOMATION_EMAIL_TRIGGER_ID' - Email template ID for triggered emails
- *   - 'SITE_ASSOCIATION' - Site association configuration
+ * @param {keyof typeof CONFIG_KEYS} [configKey] - The configuration key to retrieve
  * @returns {Promise<any>} The configuration value for the specified key, or all configs if no key provided
  * @example
  * // Get specific config
@@ -60,18 +58,26 @@ function formatDateToMonthYear(dateString) {
   return date.toLocaleDateString('en-US', options);
 }
 
-/**
- * Check if member is a student
- * @param {Object} member - The member object
- * @returns {boolean} True if member has student membership
- */
-function isStudent(member) {
+function hasStudentMembership({ member, checkAssociation = false, siteAssociation = null }) {
   const memberships = member?.memberships;
   if (!Array.isArray(memberships)) return false;
 
-  return memberships.some(membership => membership.membertype === 'student');
+  return memberships.some(membership => {
+    const isStudent = membership.membertype === MEMBERSHIPS_TYPES.STUDENT;
+    const hasCorrectAssociation = !checkAssociation || membership.association === siteAssociation;
+    return isStudent && hasCorrectAssociation;
+  });
 }
 
+function isStudent(member) {
+  return hasStudentMembership({ member, checkAssociation: false });
+}
+
+function isPAC_STAFF(member) {
+  return Boolean(
+    member?.memberships?.some(membership => membership.membertype === MEMBERSHIPS_TYPES.PAC_STAFF)
+  );
+}
 /**
  * Get address display options for member
  * @param {Object} member - The member object
@@ -85,7 +91,22 @@ function getAddressDisplayOptions(member) {
   }
   return displayOptions;
 }
-
+function getAddressesByStatus(addresses = [], addressDisplayOption = []) {
+  const visible = addresses.filter(addr => addr.addressStatus !== ADDRESS_STATUS_TYPES.DONT_SHOW);
+  if (visible.length < 2) {
+    return [];
+  }
+  const opts = Array.isArray(addressDisplayOption) ? addressDisplayOption : [];
+  const mainOpt = opts.find(o => o.isMain);
+  const mainKey = mainOpt ? mainOpt.key : visible[0].key; // fallback to the first visible if none marked
+  return visible
+    .filter(addr => addr?.key !== mainKey)
+    .map(addr => {
+      const addressString = formatAddress(addr);
+      return addressString ? { _id: generateId(), address: addressString } : null;
+    })
+    .filter(Boolean);
+}
 const queryAllItems = async query => {
   console.log('start query');
   let oldResults = await query.find();
@@ -132,28 +153,6 @@ const normalizeUrlForComparison = url => {
   return url.toLowerCase().replace(/-\d+$/, '');
 };
 
-/**
- * Checks URL uniqueness for a member
- * @param {string} url - The URL to check
- * @param {string} memberId - The member ID to exclude from the check
- * @returns {Promise<Object>} Result object with isUnique boolean
- */
-async function checkUrlUniqueness(url, memberId) {
-  if (!url || !memberId) {
-    throw new Error('Missing required parameters: url and memberId are required');
-  }
-
-  try {
-    const trimmedUrl = url.trim();
-    const exists = await urlExists(trimmedUrl, memberId);
-
-    return { isUnique: !exists };
-  } catch (error) {
-    console.error('Error checking URL uniqueness:', error);
-    throw new Error(`Failed to check URL uniqueness: ${error.message}`);
-  }
-}
-
 async function getSecret(secretKey) {
   return await elevatedGetSecretValue(secretKey).value;
 }
@@ -197,12 +196,14 @@ module.exports = {
   isValidArray,
   normalizeUrlForComparison,
   queryAllItems,
-  checkUrlUniqueness,
   formatDateToMonthYear,
   isStudent,
+  hasStudentMembership,
   getAddressDisplayOptions,
   getSecret,
   getSiteBaseUrl,
   encodeXml,
   formatDateOnly,
+  getAddressesByStatus,
+  isPAC_STAFF,
 };

package/package.json

@@ -1,10 +1,11 @@
 {
   "name": "abmp-npm",
-  "version": "1.1.64",
+  "version": "1.1.66",
   "main": "index.js",
   "scripts": {
+    "check-cycles": "madge --circular .",
     "test": "echo \"Error: no test specified\" && exit 1",
-    "lint": "eslint .",
+    "lint": "npm run check-cycles && eslint .",
     "lint:fix": "eslint . --fix",
     "format": "prettier --write \"**/*.{js,json,md}\"",
     "format:check": "prettier --check \"**/*.{js,json,md}\"",
@@ -23,6 +24,7 @@
     "eslint-plugin-promise": "^7.1.0",
     "globals": "^15.10.0",
     "husky": "^9.1.6",
+    "madge": "^8.0.0",
     "prettier": "^3.3.3"
   },
   "dependencies": {
@@ -30,15 +32,19 @@
     "@wix/crm": "^1.0.1061",
     "@wix/data": "^1.0.303",
     "@wix/essentials": "^0.1.28",
+    "@wix/identity": "^1.0.178",
     "@wix/media": "^1.0.213",
     "@wix/members": "^1.0.365",
     "@wix/secrets": "^1.0.62",
     "@wix/site-location": "^1.31.0",
+    "@wix/site-members": "^1.32.0",
+    "@wix/site-storage": "^1.22.0",
     "@wix/site-window": "^1.44.0",
     "@wix/urls": "^1.0.57",
     "aws4": "^1.13.2",
     "axios": "^1.13.1",
     "crypto": "^1.0.1",
+    "jwt-js-decode": "^1.9.0",
     "lodash": "^4.17.21",
     "ngeohash": "^0.6.3",
     "phone": "^3.1.67",

package/pages/LoadingPage.js

@@ -0,0 +1,20 @@
+const { window: wixWindow, rendering } = require('@wix/site-window');
+
+const { LIGHTBOX_NAMES } = require('../public/consts');
+const { checkAndLogin } = require('../public/sso-auth-methods');
+
+async function loadingPageOnReady(authenticateSSOToken) {
+  const renderingEnv = await rendering.env();
+  //This calls needs to triggered on client side, otherwise PAC API will return 401 error
+  if (renderingEnv === 'browser') {
+    //Need to pass authenticateSSOToken to checkAndLogin so it will run as a web method not a public one.
+    await checkAndLogin(authenticateSSOToken).catch(error => {
+      wixWindow.openLightbox(LIGHTBOX_NAMES.LOGIN_ERROR_ALERT);
+      console.error(`Something went wrong while logging in: ${error}`);
+    });
+  }
+}
+
+module.exports = {
+  loadingPageOnReady,
+};

package/pages/QAPage.js

@@ -0,0 +1,39 @@
+const { location: wixLocationFrontend } = require('@wix/site-location');
+const { authentication } = require('@wix/site-members');
+const { local } = require('@wix/site-storage');
+
+async function qaPageOnReady({ $w: _$w, loginQAMember }) {
+  try {
+    const { userEmail, secret, redirectTo, ...restQueryParams } = await wixLocationFrontend.query();
+
+    if (!userEmail || !secret) {
+      throw new Error('Missing required parameters: userEmail and/or secret');
+    }
+
+    const result = await loginQAMember({ userEmail, secret });
+
+    if (!result.success || !result.token) {
+      throw new Error(result.error || 'Login failed');
+    }
+
+    await authentication.applySessionToken(result.token);
+    console.log('QA user logged in successfully');
+
+    await local.setItem('memberId', result.memberCMSId);
+    const queryParams = new URLSearchParams({ ...restQueryParams, token: result.memberCMSId });
+    const redirectUrl = redirectTo ? `/${redirectTo}?${queryParams.toString()}` : '/';
+
+    await wixLocationFrontend.to(redirectUrl);
+  } catch (error) {
+    console.error('QA login failed:', error);
+
+    const qaTextElement = _$w('#qaText');
+    if (qaTextElement) {
+      qaTextElement.text = 'Login failed: ' + (error.message || 'Unknown error');
+    }
+  }
+}
+
+module.exports = {
+  qaPageOnReady,
+};

package/pages/index.js

@@ -3,4 +3,6 @@ module.exports = {
   ...require('./Profile.js'),
   ...require('./Home.js'),
   ...require('./personalDetails.js'),
+  ...require('./QAPage.js'),
+  ...require('./LoadingPage.js'),
 };

package/public/Utils/sharedUtils.js

@@ -168,4 +168,5 @@ module.exports = {
   calculateDistance,
   toRadians,
   generateId,
+  formatAddress,
 };

package/public/consts.js

@@ -12,6 +12,7 @@ const COLLECTIONS = {
   INTERESTS: 'interests',
   STATE_CITY_MAP: 'City',
   UPDATED_LOGIN_EMAILS: 'updatedLoginEmails',
+  QA_Users: 'QA_Users', //Make QA users configurable per site
 };
 
 /**

package/public/index.js

@@ -1,4 +1,5 @@
 module.exports = {
   ...require('./consts'),
   ...require('./messages'),
+  ...require('./Utils/sharedUtils'),
 };

package/public/sso-auth-methods.js

@@ -0,0 +1,43 @@
+const { location: wixLocationFrontend } = require('@wix/site-location');
+const { authentication } = require('@wix/site-members');
+const { local } = require('@wix/site-storage');
+
+const { PAGES_PATHS } = require('./consts');
+
+const checkAndLogin = async authenticateSSOToken => {
+  const query = await wixLocationFrontend.query();
+  const token = query['token']?.trim();
+  try {
+    if (token) {
+      const authObj = await authenticateSSOToken({ token });
+      console.log('authObj', authObj);
+      if (authObj.type == 'success') {
+        console.log('success');
+        await Promise.all([
+          authentication.applySessionToken(authObj?.sessionToken),
+          local.setItem('memberId', authObj.memberId),
+        ]);
+        console.log('memberId', authObj.memberId);
+        const queryParams = {
+          ...query,
+          token: authObj?.memberId,
+        };
+        const redirectTo = `${PAGES_PATHS.MEMBERS_FORM}?${new URLSearchParams(queryParams).toString()}`;
+        await wixLocationFrontend.to(`/${redirectTo}`);
+      } else {
+        console.error('Something went wrong while logging in');
+        throw new Error('Authentication failed - invalid response from server');
+      }
+    } else {
+      console.log('checkAndLogin: No token found');
+      throw new Error('No authentication token found in URL');
+    }
+  } catch (error) {
+    console.error('Error in checkAndLogin', error);
+    throw error;
+  }
+};
+
+module.exports = {
+  checkAndLogin,
+};

package/backend/sso-methods.js

@@ -1,88 +0,0 @@
-const { CONFIG_KEYS } = require('./consts');
-const { MEMBER_ACTIONS } = require('./daily-pull');
-const { getCurrentMember } = require('./members-area-methods');
-const { getMemberByContactId } = require('./members-data-methods');
-const {
-  formatDateToMonthYear,
-  getAddressDisplayOptions,
-  isStudent,
-  getSiteConfigs,
-} = require('./utils');
-
-/**
- * Validates member token and retrieves member data
- * @param {string} memberIdInput - The member ID to validate
- * @returns {Promise<{memberData: Object|null, isValid: boolean}>} Validation result with member data
- */
-async function validateMemberToken(memberIdInput) {
-  const invalidTokenResponse = { memberData: null, isValid: false };
-
-  if (!memberIdInput) {
-    return invalidTokenResponse;
-  }
-
-  try {
-    const member = await getCurrentMember();
-    if (!member || !member._id) {
-      console.log(
-        'member not found from members.getCurrentMember() for memberIdInput',
-        memberIdInput
-      );
-      return invalidTokenResponse;
-    }
-
-    const [dbMember, siteConfigs] = await Promise.all([
-      getMemberByContactId(member._id),
-      getSiteConfigs(),
-    ]);
-    const siteAssociation = siteConfigs[CONFIG_KEYS.SITE_ASSOCIATION];
-    const membersExternalPortalUrl = siteConfigs[CONFIG_KEYS.MEMBERS_EXTERNAL_PORTAL_URL];
-    console.log('dbMember by contact id is:', dbMember);
-    console.log('member._id', member._id);
-
-    if (!dbMember?._id) {
-      const errorMessage = `No record found in DB for logged in Member [Corrupted Data - Duplicate Members? ] - There is no match in DB for currentMember: ${JSON.stringify(
-        { memberIdInput, currentMemberId: member._id }
-      )}`;
-      console.error(errorMessage);
-      throw new Error('CORRUPTED_MEMBER_DATA');
-    }
-
-    console.log(`Id found in DB for memberIdInput :${memberIdInput} is ${dbMember?._id}`);
-
-    const memberData = dbMember;
-
-    // Format membership dates
-    memberData.memberships = memberData.memberships.map(membership => ({
-      ...membership,
-      membersince: formatDateToMonthYear(membership.membersince),
-      isSiteAssociation: membership.association === siteAssociation,
-    }));
-
-    const savedMemberId = memberData?._id;
-    const isValid = savedMemberId === memberIdInput;
-
-    if (!savedMemberId || !isValid) {
-      return invalidTokenResponse;
-    }
-
-    // Check if member is dropped
-    if (memberData.action === MEMBER_ACTIONS.DROP) {
-      return invalidTokenResponse;
-    }
-
-    // Add computed properties
-    memberData.addressDisplayOption = getAddressDisplayOptions(memberData);
-    console.log('memberData', memberData);
-    memberData.isStudent = isStudent(memberData);
-
-    return { memberData, isValid, membersExternalPortalUrl };
-  } catch (error) {
-    console.error('Error in validateMemberToken:', error);
-    throw error;
-  }
-}
-
-module.exports = {
-  validateMemberToken,
-};