npm - aloux-iam - Versions diffs - 0.0.144 → 0.0.146 - Mend

aloux-iam 0.0.144 → 0.0.146

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

package/README.md +277 -238
package/index.js +12 -6
package/lib/config/utils.js +40 -10
package/lib/controllers/auth.js +33 -1
package/lib/controllers/business.js +25 -51
package/lib/controllers/company.js +7 -7
package/lib/controllers/functions.js +38 -62
package/lib/controllers/label.js +26 -25
package/lib/controllers/log.js +24 -24
package/lib/controllers/menu.js +47 -74
package/lib/controllers/permission.js +52 -72
package/lib/controllers/user.js +124 -175
package/lib/middleware.js +15 -23
package/lib/models/Company.js +0 -1
package/lib/models/Permission.js +3 -1
package/lib/models/User.js +11 -8
package/lib/providers.js +7 -0
package/lib/router.js +16 -25
package/lib/services/auth.js +88 -113
package/lib/services/totp.js +13 -11
package/lib/services/user.js +55 -38
package/package.json +12 -16
package/CONTRIBUTING.md +0 -1
package/lib/controllers/operationsAWS.js +0 -228
package/lib/services/bigQuery.js +0 -88
package/lib/services/s3.js +0 -72
package/lib/services/ses.js +0 -98
package/lib/services/sns.js +0 -22

package/README.md CHANGED Viewed

@@ -1,272 +1,311 @@
-# Aloux IAM
+# aloux-iam
-Uso de esta librearía para administración de menus, privilegios, funciones, usuarios y envio de notificaciones por medio de correos y mensajes de texto
+Librería Node.js para gestión de identidad y acceso (IAM) en APIs Express + MongoDB.
-## Installation
+## Instalación
 ```bash
-$ npm install aloux-iam --save
+npm install aloux-iam
 ```
-## Usage
-En archivo `init.js`
+## Configuración básica
 ```js
-// Require
-const { IAMRouter, IAMSwagger } = require('aloux-iam')
+const express     = require('express')
+const mongoose    = require('mongoose')
+const cookieParser = require('cookie-parser')
+const { IAMRouter } = require('aloux-iam')
+const app = express()
+app.use(express.json())
+app.use(cookieParser())
 app.use(IAMRouter)
-// swagger
-app.use(
-    "/aloux-iam",
-    swaggerUI.serveFiles(IAMswagger, {}),
-    swaggerUI.setup(IAMswagger)
-    )
-// URL Swagger
-// [BASE_URL]/docs-iam/#/default/
+mongoose.connect(process.env.MONGO_URI)
+app.listen(3000)
 ```
-En archivo `router.js`
+### Proteger tus propias rutas
 ```js
-// Require
 const { IAMAuth } = require('aloux-iam')
-// Example
-router.post('/customer', IAMAuth, customer.create)
+app.get('/api/mi-recurso', IAMAuth, (req, res) => {
+  // req.user  → usuario autenticado con funciones y permisos
+  // req.token → JWT string
+  res.json({ user: req.user })
+})
 ```
-## Variables de entorno
+### Swagger
-Requiere las siguientes variables de entorno (.env)
-| Variable              |   Description |
-| ----------------------|---------------|
-| AUTH_SECRET           |   Required, para cifrar la contraseña |
-| AWS_SECRET_ACCESS_KEY |   Required, para acceso a S3 y SES AWS. |
-| AWS_ACCESS_KEY_ID     |   Required, para acceso a S3 y SES AWS. |
-| AWS_REGION            |   Required, para acceso a S3 y SES AWS. |
-| AWS_BUCKET            |   Required, para guardar la foto de perfil en AWS. |
-| AWS_EMAIL_SENDER      |   Required, para mandar el correo de recuperación de contraseña |
-| DEBUG                 |   Required, para validar si el ambiente es dev o PROD |
-| SWAGGER_SERVER       |   Required, para acceder al swagger de IAM |
-| MASTER_PWD            |   Optional, para utilizar contraseña maestra de usuarios en desarrollo |
-| BASE_URL              |   Optional, para swagger |
-## Endpoints disponibles
-### Endpoints user self (no auth)
-| Method    |   Endpoint                |   Description |
-| --------- | --------------------------|---------------|
-| POST      |   iam/auth/email              |   Validar correo |
-| POST      |   iam/auth/login              |   Iniciar sesión |
-| POST      |   iam/auth/forgot/password    |	Enviar código a correo |
-| POST      |   iam/auth/validate/code      |   Verificar código |
-| POST      |   iam/auth/verify/mail        |   Verificar correo |
-| GET       |   iam/auth/verify/mail/token/:token  | Valida correo (Manda correo de bienvenida) |
-| POST      |   iam/auth/reset/password     |   Reestablecer contraseña |
-| POST      |   iam/auth/signup             |   Registrarse |
-### Endpoints user self
-| Method    |   Endpoint                |   Description |
-| --------- | --------------------------|---------------|
-| GET       |	iam/auth/me                 |	Obtener información de usuario autenticado |
-| PUT       |	iam/auth/profile            |	Actualizar perfil |
-| PUT       |	iam/auth/profile/pictura    |	Actualizar solo la foto de perfil |
-| PUT       |	iam/auth/reset/password     |	Actualizar contraseña |
-| POST      |   iam/auth/send/verify/phone  |   Enviar código al teléfono de la cuenta para verificarla |
-| POST      |   iam/auth/verify/phone       | Valida teléfono del usuario de la cuenta |
-| POST      |	iam/auth/logout             |	Cerrar sesión |
-### Endpoints user
-| Method    |   Endpoint                    |   Description |
-| --------- | ------------------------------|----------------|
-| POST      |   iam/user                    |	Crear usuario |
-| GET       |	iam/user                    |	Obtener todos los usuario |
-| GET       |	iam/user/:USER_ID           |	Obtener detalle de usuario |
-| PUT       |	iam/user/:USER_ID           |	Actualizar usuario |
-| PUT       |	iam/user/:USER_ID/status    |	Activar o desactivar usuario |
-| PUT       |	iam/user/password/:USER_ID  |	Actualizar la constraseña de un usuario |
-| DELETE    |	iam/user/:USER_ID           |	Eliminar usuario |
-| GET       |	iam/user/count/all            |	Obtiene el número de usuarios |
-### Endpoints funtions
-| Method    |   Endpoint                            |   Description |
-| --------- | --------------------------------------|----------------|
-| POST      |   iam/functions                       |   Crear función |
-| PUT       |	iam/functions/:FUNCTION_ID          |	Actualizar función |
-| PUT       |	iam/functions/:FUNCTION_ID/status   |	Activar o desactivar función |
-| GET       |	iam/functions                       |	Obtener todas las funciones |
-| GET       |	iam/functions/:FUNCTION_ID          |	Obtener detalle de la función |
-| DELETE    |	iam/functions/:FUNCTION_ID          |	Eliminar función |
-| GET       |	iam/functions/count/all               |	Obtiene el número de funciones |
-### Endpoints permission
-| Method    |   Endpoint                                |   Description |
-| --------- | ------------------------------------------|---------------|
-| POST      |	iam/permission                          |   Crear permiso
-| PUT       |	iam/permission/:PERMISSION_ID           |	Actualizar permiso |
-| PUT       |	iam/permission/:PERMISSION_ID/status    |	Activar o desactivar permiso |
-| GET       |	iam/permission                          |   Obtener todas los permisos |
-| GET       |	iam/permission/:PERMISSION_ID           |	Obtener detalle de la permiso |
-| DELETE    |	iam/permission/:PERMISSION_ID           |	Eliminar permiso |
-| GET       |	iam/permission/count/all                  |	Obtiene el número de permisos |
-### Endpoints menu
-| Method    |   Endpoint                |   Description |
-| --------- | --------------------------|---------------|
-| POST      |   /iam/menu               |   Crea un elemento de menú |
-| PUT       |   /iam/menu/:MENU_ID           |   Actualiza un elemento de menú |
-| PUT       |   /iam/menu/:MENU_ID/status    |   Activa o desactiva un menú |
-| GET       |   /iam/menu               |   Obtiene todos los elementos de menú |
-| GET       |   /iam/menu/:MENU_ID           |   Obtiene el detalle de un elemento de menú |
-| DELETE    |   /iam/menu/:MENU_ID           |   Elimina un elemento de menú |
-| POST      |   /iam/menu/order         |   Ordena los elementos de menú |
-| GET       |	iam/menu/count        |	Obtiene el número de menús |
-## Aloux-AWS
-#### Aggregate file
 ```js
-// Require
-const { AlouxAWS } = require('aloux-iam')
-// variables
-/*
-* AWS_REGION
-* AWS_BUCKET
-*/
-/**
- * pathFile = folder/file_name-file_id
- * file     = req.files.property
- */
-// a constant is created to save the new element
-const result = await AlouxAWS.upload('folder/file_name', req.files.data)
+const swaggerUI        = require('swagger-ui-express')
+const { IAMSwagger }   = require('aloux-iam')
+app.use('/docs-iam', swaggerUI.serveFiles(IAMSwagger, {}), swaggerUI.setup(IAMSwagger))
 ```
-#### Eliminate many files
-```js
-// Require
-const { AlouxAWS } = require('aloux-iam')
+## Integración con aloux-cloud
-// variables
-/*
-* AWS_REGION
-* AWS_BUCKET
-*/
-/**
- * files = [{key: 'folder/file1'},{key: 'folder/file1'}]
- */
-// delete selected files
-const files = [{key: 'folder/file1.png'},{key: 'folder/file1.png'}]
-const deleteFiles = await AlouxAWS.deleteMany(files)
-```
-#### Eliminate file
 ```js
-// Require
-const { AlouxAWS } = require('aloux-iam')
-// variables
-/*
-* AWS_REGION
-* AWS_BUCKET
-*/
-/**
- * file = folder/file_name
- */
-// delete the file
-const file = 'folder/file_name.png'
-const deleteFile = await AlouxAWS.delete(file)
+const iam   = require('aloux-iam')
+const cloud = require('aloux-cloud')
+iam.init({
+  email:     cloud.ses,
+  sms:       cloud.sns,
+  storage:   cloud.s3,
+  analytics: cloud.bigQuery,
+})
 ```
-### Usage for emails
-#### Send email
-```js
-// Require
-const { AlouxAWS } = require('aloux-iam')
-// variables
-/*
-* AWS_REGION
-* AWS_EMAIL_SENDER
-*/
-/**
- * email: Destination email
- * message: Mail body
- * subject: Mail subject
- */
-// a constant is created to request the data from the req.body.
-const { email, message, subject } = req.body
-const sendEmail = await AlouxAWS.sendCustom(email, message, subject)
-// example of the messages variable
-// this variable must be sent as a string if you want to send modified HTML
-/*
-message: "<!DOCTYPE html><html lang='en'><head><meta charset='UTF-8'><meta name='viewport' content='width=device-width, initial-scale=1.0'><title>Document</title></head><body><h1>Information</h1></body></html>"
-*/
+Cada provider es opcional. Si no se configura, el IAM funciona sin ese servicio.
+## Variables de entorno
+### Requeridas
+| Variable | Descripción |
+|----------|-------------|
+| `AUTH_SECRET` | Clave secreta para firmar JWT |
+| `MONGO_URI` | URI de conexión a MongoDB |
+### Sesión y autenticación
+| Variable | Default | Descripción |
+|----------|---------|-------------|
+| `SESSION_TIME` | — | Duración del token en minutos |
+| `MAX_TOKENS` | `5` | Sesiones activas simultáneas por usuario |
+| `FAILED_ATTEMPS` | `5` | Intentos fallidos antes de bloquear la cuenta |
+| `SESSION_INTERRUPTOR` | — | Si `true`, valida expiración en cada request |
+| `SERVICE_ACCOUNT_TTL_DAYS` | permanente | Días de vida del token de cuentas de servicio |
+| `DEBUG` | — | Si `true`, activa `MASTER_PWD` y URL de Swagger |
+| `MASTER_PWD` | — | Contraseña maestra que omite bcrypt (requiere `DEBUG=true`) |
+| `SWAGGER_SERVER` | — | URL del servidor en Swagger cuando `DEBUG=true` |
+### Emails (requiere provider `email`)
+| Variable | Descripción |
+|----------|-------------|
+| `SEND_EMAIL_USER` | Si `true`, envía credenciales al crear usuario admin |
+| `SUBJECT_EMAIL` | Asunto por defecto de los emails |
+| `CHANGE_PWD` | Si `true`, fuerza cambio de contraseña en primer login |
+| `VERIFY_ACCOUNT_URL` | URL base para verificación de cuenta |
+| `URL_VERIFY_EMAIL` | URL para confirmar cambio de email |
+| `TEMPLATE_ACCOUNT` | Path al template HTML de credenciales |
+| `TEMPLATE_RECOVER_PASSWORD` | Path al template HTML de recuperación |
+| `TEMPLATE_VERIFY_EMAIL` | Path al template HTML de verificación |
+| `TEMPLATE_WELCOME` | Path al template HTML de bienvenida |
+| `TEMPLATE_CHANGE_MAIL` | Path al template HTML de cambio de email |
+### Branding y multi-app
+| Variable | Descripción |
+|----------|-------------|
+| `APP` | Identificador de app para templates con sufijo |
+| `PROJECT_NAME` | Nombre de la app en templates y SMS |
+| `PROJECT_URL` | URL del proyecto en SMS de verificación |
+| `BRAND_COLOR` | Color principal para templates de email |
+| `BRAND_LOGO` | URL del logo para templates de email |
+| `FUNCTION_NAME` | Función asignada por defecto al hacer signup |
+### Historial
+| Variable | Descripción |
+|----------|-------------|
+| `HISTORY` | Si `true`, registra historial de acciones |
+| `HISTORY_ENDPOINTS` | Paths separados por coma a registrar |
+### Analytics (requiere provider `analytics`)
+| Variable | Descripción |
+|----------|-------------|
+| `UPLOAD_CUSTOMER` | Si `true`, inserta nuevos usuarios en BigQuery |
+| `UPLOAD_CUSTOMER_TABLE` | Tabla de BigQuery donde insertar |
+## Exportaciones
+| Export | Tipo | Descripción |
+|--------|------|-------------|
+| `IAMRouter` | Express Router | Monta todos los endpoints `/iam/*` |
+| `IAMAuth` | Middleware | Autenticación JWT para tus rutas |
+| `IAMSwagger` | Object | Spec OpenAPI lista para swagger-ui-express |
+| `IAMUserModel` | Mongoose Model | Modelo User |
+| `IAMUserBusiness` | Mongoose Model | Modelo Business |
+| `IAMFunctionsModel` | Mongoose Model | Modelo Functions |
+| `IAMPermissionModel` | Mongoose Model | Modelo Permission |
+| `IAMMenuModel` | Mongoose Model | Modelo Menu |
+| `AlouxHistory` | Service | Controlador de historial |
+| `init` | Function | Registra providers de aloux-cloud |
+## Flujos de creación de usuarios
+### Signup público — `POST /iam/auth/signup`
+El usuario se registra solo. Requiere `email` y `pwd`. Se le asigna la función definida en `FUNCTION_NAME`.
+### Usuario administrado — `POST /iam/user`
+Un admin crea el usuario. Requiere `email` y `pwd`. Permite asignar funciones, empresas y negocios.
+### Cuenta de servicio — `POST /iam/user/service`
+Sin `email` ni contraseña. Para comunicación machine-to-machine. Devuelve un API token permanente una sola vez en la respuesta.
+## Endpoints
+### Autenticación (sin token)
+| Método | Endpoint | Descripción |
+|--------|----------|-------------|
+| `POST` | `/iam/auth/email` | Verificar si un email existe |
+| `POST` | `/iam/auth/login` | Iniciar sesión |
+| `POST` | `/iam/auth/logo` | Logo de empresa por email |
+| `POST` | `/iam/auth/forgot/password` | Enviar código de recuperación |
+| `POST` | `/iam/auth/validate/code` | Validar código de recuperación |
+| `POST` | `/iam/auth/reset/password` | Resetear contraseña con código |
+| `POST` | `/iam/auth/verify/mail` | Enviar email de verificación de cuenta |
+| `GET`  | `/iam/auth/verify/mail/token/:token` | Activar cuenta por token |
+| `POST` | `/iam/auth/signup` | Registro público (requiere `pwd`) |
+| `GET`  | `/iam/generatePassword` | Generar contraseña segura aleatoria |
+### Autenticación (con token)
+| Método | Endpoint | Descripción |
+|--------|----------|-------------|
+| `GET`   | `/iam/auth/me` | Perfil del usuario autenticado |
+| `PATCH` | `/iam/auth/profile` | Actualizar perfil |
+| `PUT`   | `/iam/auth/profile/pictura` | Actualizar foto de perfil |
+| `PUT`   | `/iam/auth/reset/password` | Cambiar contraseña |
+| `POST`  | `/iam/auth/send/verify/phone` | Enviar código SMS |
+| `POST`  | `/iam/auth/verify/phone` | Validar código de teléfono |
+| `POST`  | `/iam/auth/logout` | Cerrar sesión |
+| `PATCH` | `/iam/auth/mail` | Iniciar cambio de email |
+| `POST`  | `/iam/auth/validate/mail` | Confirmar nuevo email |
+### 2FA / TOTP
+| Método | Endpoint | Descripción |
+|--------|----------|-------------|
+| `GET`  | `/iam/totp/setup` | Genera QR y secreto TOTP |
+| `POST` | `/iam/totp/activate` | Activa 2FA tras escanear QR |
+| `POST` | `/iam/totp/verify` | Verifica código TOTP en el login |
+### Usuarios
+| Método | Endpoint | Descripción |
+|--------|----------|-------------|
+| `POST`   | `/iam/user` | Crear usuario administrado |
+| `POST`   | `/iam/user/service` | Crear cuenta de servicio |
+| `GET`    | `/iam/user` | Listar usuarios `?page&itemsPerPage&search` |
+| `GET`    | `/iam/user/:USER_ID` | Obtener usuario |
+| `PATCH`  | `/iam/user/:USER_ID` | Actualizar usuario |
+| `PUT`    | `/iam/user/:USER_ID/status` | Cambiar estado |
+| `PUT`    | `/iam/user/password/:USER_ID` | Cambiar contraseña |
+| `DELETE` | `/iam/user/:USER_ID` | Eliminar usuario |
+| `GET`    | `/iam/user/count/all` | Contar usuarios |
+| `GET`    | `/iam/business/user` | Usuarios del negocio actual |
+| `GET`    | `/iam/user/by/my/companies` | Usuarios de mis empresas |
+### Funciones
+| Método | Endpoint | Descripción |
+|--------|----------|-------------|
+| `POST`   | `/iam/functions` | Crear función |
+| `GET`    | `/iam/functions` | Listar funciones |
+| `GET`    | `/iam/functions/:FUNCTION_ID` | Obtener función |
+| `PATCH`  | `/iam/functions/:FUNCTION_ID` | Actualizar función |
+| `PUT`    | `/iam/functions/:FUNCTION_ID/status` | Cambiar estado |
+| `DELETE` | `/iam/functions/:FUNCTION_ID` | Eliminar función |
+| `GET`    | `/iam/functions/count/all` | Contar funciones |
+### Permisos
+| Método | Endpoint | Descripción |
+|--------|----------|-------------|
+| `POST`   | `/iam/permission` | Crear permiso |
+| `GET`    | `/iam/permission` | Listar permisos |
+| `GET`    | `/iam/permission/:PERMISSION_ID` | Obtener permiso |
+| `PATCH`  | `/iam/permission/:PERMISSION_ID` | Actualizar permiso |
+| `PUT`    | `/iam/permission/:PERMISSION_ID/status` | Cambiar estado |
+| `DELETE` | `/iam/permission/:PERMISSION_ID` | Eliminar permiso |
+| `GET`    | `/iam/permission/count/all` | Contar permisos |
+### Menús
+| Método | Endpoint | Descripción |
+|--------|----------|-------------|
+| `POST`   | `/iam/menu` | Crear elemento |
+| `GET`    | `/iam/menu` | Listar menús |
+| `GET`    | `/iam/menu/:MENU_ID` | Obtener elemento |
+| `PATCH`  | `/iam/menu/:MENU_ID` | Actualizar elemento |
+| `PUT`    | `/iam/menu/:MENU_ID/status` | Cambiar estado |
+| `POST`   | `/iam/menu/order` | Reordenar |
+| `DELETE` | `/iam/menu/:MENU_ID` | Eliminar elemento |
+| `GET`    | `/iam/menu/count/all` | Contar menús |
+### Empresas
+| Método | Endpoint | Descripción |
+|--------|----------|-------------|
+| `POST`   | `/iam/company` | Crear empresa |
+| `GET`    | `/iam/company` | Listar empresas |
+| `GET`    | `/iam/company/my` | Mis empresas |
+| `GET`    | `/iam/company/:COMPANY_ID` | Detalle |
+| `PATCH`  | `/iam/company/:COMPANY_ID` | Actualizar |
+| `PATCH`  | `/iam/company/:COMPANY_ID/picture` | Actualizar logo |
+| `PATCH`  | `/iam/company/:COMPANY_ID/favicon` | Actualizar favicon |
+| `GET`    | `/iam/company/:ID/identity` | Identidad pública |
+| `PUT`    | `/iam/company/:COMPANY_ID/gkey` | Configurar Google Key |
+| `DELETE` | `/iam/company/:COMPANY_ID/gkey` | Eliminar Google Key |
+| `DELETE` | `/iam/company/:COMPANY_ID` | Eliminar empresa |
+### Negocios
+| Método | Endpoint | Descripción |
+|--------|----------|-------------|
+| `POST`   | `/iam/business` | Crear negocio |
+| `GET`    | `/iam/business` | Listar negocios |
+| `POST`   | `/iam/business/company` | Negocios de una empresa |
+| `GET`    | `/iam/business/my` | Mis negocios |
+| `GET`    | `/iam/business/my/company/:COMPANY_ID` | Mis negocios por empresa |
+| `GET`    | `/iam/business/:BUSINESS_ID` | Detalle |
+| `PUT`    | `/iam/business/:BUSINESS_ID` | Actualizar |
+| `PATCH`  | `/iam/business/:BUSINESS_ID/picture` | Actualizar logo |
+| `PATCH`  | `/iam/business/:BUSINESS_ID/favicon` | Actualizar favicon |
+| `GET`    | `/iam/business/:ID/identity` | Identidad pública |
+| `PATCH`  | `/iam/business/:BUSINESS_ID/useCompanyKey` | Usar clave de empresa |
+| `POST`   | `/iam/business/:BUSINESS_ID/inheritKey` | Heredar clave de empresa |
+| `DELETE` | `/iam/business/:BUSINESS_ID` | Eliminar negocio |
+### Logs, Etiquetas e Historial
+| Método | Endpoint | Descripción |
+|--------|----------|-------------|
+| `POST`   | `/iam/log` | Crear log |
+| `POST`   | `/iam/log/retrieve` | Recuperar logs con filtros y analytics |
+| `GET`    | `/iam/log/:LOG_ID` | Obtener log |
+| `PATCH`  | `/iam/log/:LOG_ID` | Actualizar log |
+| `PUT`    | `/iam/log/:LOG_ID/status` | Cambiar estado |
+| `DELETE` | `/iam/log/:LOG_ID` | Eliminar log |
+| `GET`    | `/iam/log/count/all` | Contar logs |
+| `POST`   | `/iam/label` | Crear etiqueta |
+| `GET`    | `/iam/label` | Listar etiquetas |
+| `POST`   | `/iam/retrieve/history` | Listar historial |
+| `GET`    | `/iam/history/:HISTORY_ID` | Detalle de historial |
+## Respuesta de error estándar
+Todos los errores del IAM devuelven siempre la misma estructura:
+```json
+{
+  "code":       400,
+  "title":      "Título del error",
+  "detail":     "Descripción detallada",
+  "suggestion": "Qué hacer para resolverlo"
+}
 ```
-### Usage for sns
-#### Send sns
-```js
-// Require
-const { AlouxAWS } = require('aloux-iam')
-// variables
-/*
-* AWS_REGION
-*/
-/**
- * phoneNumber: Destination number
- * message: Message body
- */
-// a constant is created to request the data from the req.body.
-const { phoneNumber, message } = req.body
-const sendSns = await AlouxAWS.sendMessagePhone(phoneNumber, message)
-// example of the phoneNumber variable
-// this variable must be sent as a string and taking into account the telephone prefix
-/*
-phoneNumber: "+52244-------"
-*/
+## Licencia
-```
+MIT

package/index.js CHANGED Viewed

@@ -1,10 +1,16 @@
+const REQUIRED_ENV = ['AUTH_SECRET', 'SESSION_TIME'];
+const missingEnv = REQUIRED_ENV.filter(k => !process.env[k]);
+if (missingEnv.length > 0) {
+  throw new Error(`[aloux-iam] Variables de entorno requeridas faltantes: ${missingEnv.join(', ')}`);
+}
 const IAMrouter = require("./lib/router");
 const IAMauth = require("./lib/middleware");
-const awsAloux = require("./lib/controllers/operationsAWS");
 const historyAloux = require("./lib/controllers/history");
-const awsBQ = require("./lib/services/bigQuery");
-const YAML = require("yamljs");
+const providers = require("./lib/providers");
+const jsyaml = require("js-yaml");
 const path = require("path");
+const fs = require("fs");
 const User = require("./lib/models/User");
 const Functions = require("./lib/models/Functions");
@@ -14,7 +20,7 @@ const Business = require("./lib/models/Business");
 // swagger
 const swagger_path = path.resolve(__dirname, "./lib/swagger.yaml");
-const swagger = YAML.load(swagger_path);
+const swagger = jsyaml.load(fs.readFileSync(swagger_path, "utf8"));
 if (process.env.DEBUG === "true") {
   swagger["servers"] = [];
@@ -32,7 +38,7 @@ module.exports = {
   IAMPermissionModel: Permission,
   IAMMenuModel: Menu,
-  AlouxAWS: awsAloux,
-  AlouxBQ: awsBQ,
   AlouxHistory: historyAloux,
+  init: (p = {}) => providers.set(p),
 };

package/lib/config/utils.js CHANGED Viewed

@@ -1,17 +1,22 @@
 const fs = require("fs");
 const self = module.exports;
-self.responseError = async (res, error) => {
-  let obj = error;
-  if (!error.code) {
-    obj = {
-      code: 400,
-      title: "Error",
-      detail: error.message,
-      suggestion: "Revisar el detalle",
-    };
+self.responseError = (res, error, defaultCode, defaultTitle, defaultSuggestion) => {
+  let code, title, detail, suggestion;
+  if (error && typeof error.code === "number") {
+    code       = error.code;
+    title      = error.title      || "Error";
+    detail     = typeof error.detail === "string" ? error.detail : "";
+    suggestion = error.suggestion || "Revisa el detalle";
+  } else {
+    code       = defaultCode       || 400;
+    title      = defaultTitle      || "Error";
+    detail     = error?.message    || "";
+    suggestion = defaultSuggestion || "Revisa el detalle";
   }
-  res.status(obj.code).send(obj);
+  res.status(code).send({ code, title, detail, suggestion });
 };
 self.generatePaginationResponse = async (count, page, itemsPerPage, items) => {
@@ -69,6 +74,31 @@ self.brand = {
   },
 };
+self.escapeRegex = (str) => {
+  if (typeof str !== 'string') return '';
+  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+};
+self.hashToken = (token) => {
+  const crypto = require('crypto');
+  return crypto.createHash('sha256').update(String(token)).digest('hex');
+};
+self.hashCode = (code) => {
+  const crypto = require('crypto');
+  return crypto.createHash('sha256').update(String(code)).digest('hex');
+};
+self.sanitizeSort = (sort, allowedFields) => {
+  if (!sort || typeof sort !== 'object' || Array.isArray(sort)) return null;
+  const safe = {};
+  for (const [key, val] of Object.entries(sort)) {
+    const n = Number(val);
+    if (allowedFields.includes(key) && (n === 1 || n === -1)) safe[key] = n;
+  }
+  return Object.keys(safe).length > 0 ? safe : null;
+};
 // Gkey
 self.resolveGkey = (business) => {
   const businessGkey = business.gkey || null;