cca-auth-module 0.1.42 → 0.1.46
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +13 -25
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +13 -25
- package/dist/index.mjs.map +1 -1
- package/dist/infrastructure/repository/AuthRepository.d.ts +2 -2
- package/package.json +1 -1
package/dist/index.d.mts
CHANGED
|
@@ -26,8 +26,8 @@ declare class AuthRepository extends BaseRepository<AuthEntity> implements IExte
|
|
|
26
26
|
findByUserId(userId: string): Promise<AuthEntity | null>;
|
|
27
27
|
logout(userId: string): Promise<void>;
|
|
28
28
|
updateTwoFactorSecret(userId: string, secret: string): Promise<void>;
|
|
29
|
-
enableTwoFactor(
|
|
30
|
-
disableTwoFactor(
|
|
29
|
+
enableTwoFactor(auth: AuthEntity): Promise<void>;
|
|
30
|
+
disableTwoFactor(auth: AuthEntity): Promise<void>;
|
|
31
31
|
isTwoFactorEnabled(userId: string): Promise<boolean>;
|
|
32
32
|
getTwoFactorSecret(userId: string): Promise<string | null>;
|
|
33
33
|
}
|
package/dist/index.d.ts
CHANGED
|
@@ -26,8 +26,8 @@ declare class AuthRepository extends BaseRepository<AuthEntity> implements IExte
|
|
|
26
26
|
findByUserId(userId: string): Promise<AuthEntity | null>;
|
|
27
27
|
logout(userId: string): Promise<void>;
|
|
28
28
|
updateTwoFactorSecret(userId: string, secret: string): Promise<void>;
|
|
29
|
-
enableTwoFactor(
|
|
30
|
-
disableTwoFactor(
|
|
29
|
+
enableTwoFactor(auth: AuthEntity): Promise<void>;
|
|
30
|
+
disableTwoFactor(auth: AuthEntity): Promise<void>;
|
|
31
31
|
isTwoFactorEnabled(userId: string): Promise<boolean>;
|
|
32
32
|
getTwoFactorSecret(userId: string): Promise<string | null>;
|
|
33
33
|
}
|
package/dist/index.js
CHANGED
|
@@ -565,7 +565,7 @@ var _TwoFactorEnableUseCase = class _TwoFactorEnableUseCase {
|
|
|
565
565
|
if (!isValid) {
|
|
566
566
|
throw new TwoFactorError("Invalid verification code");
|
|
567
567
|
}
|
|
568
|
-
await this.authRepository.enableTwoFactor(user
|
|
568
|
+
await this.authRepository.enableTwoFactor(user);
|
|
569
569
|
}
|
|
570
570
|
};
|
|
571
571
|
__name(_TwoFactorEnableUseCase, "TwoFactorEnableUseCase");
|
|
@@ -646,7 +646,7 @@ var _TwoFactorDisableUseCase = class _TwoFactorDisableUseCase {
|
|
|
646
646
|
if (!isValid) {
|
|
647
647
|
throw new TwoFactorError("Invalid verification code");
|
|
648
648
|
}
|
|
649
|
-
await this.authRepository.disableTwoFactor(
|
|
649
|
+
await this.authRepository.disableTwoFactor(user);
|
|
650
650
|
}
|
|
651
651
|
};
|
|
652
652
|
__name(_TwoFactorDisableUseCase, "TwoFactorDisableUseCase");
|
|
@@ -785,10 +785,9 @@ var _AuthRepository = class _AuthRepository extends import_cca_core8.BaseReposit
|
|
|
785
785
|
return super.create(entity);
|
|
786
786
|
}
|
|
787
787
|
async findByUserId(userId) {
|
|
788
|
-
const query = this.repository.createQueryBuilder("auth").leftJoinAndSelect("auth.user", "user").addSelect("auth.
|
|
789
|
-
|
|
790
|
-
|
|
791
|
-
return result;
|
|
788
|
+
const query = this.repository.createQueryBuilder("auth").leftJoinAndSelect("auth.user", "user").addSelect("auth.twoFactorSecret").where("user.id = :userId", { userId });
|
|
789
|
+
return await query.getOne();
|
|
790
|
+
;
|
|
792
791
|
}
|
|
793
792
|
async logout(userId) {
|
|
794
793
|
const auth = await this.findByUserId(userId);
|
|
@@ -807,22 +806,11 @@ var _AuthRepository = class _AuthRepository extends import_cca_core8.BaseReposit
|
|
|
807
806
|
auth.twoFactorSecret = secret;
|
|
808
807
|
await this.update(auth.id, auth);
|
|
809
808
|
}
|
|
810
|
-
async enableTwoFactor(
|
|
811
|
-
const auth = await this.findByUserId(userId);
|
|
812
|
-
if (!auth) {
|
|
813
|
-
throw new NotFoundError("Auth not found");
|
|
814
|
-
}
|
|
815
|
-
if (!auth.twoFactorSecret) {
|
|
816
|
-
throw new NotFoundError("Two-factor secret not set");
|
|
817
|
-
}
|
|
809
|
+
async enableTwoFactor(auth) {
|
|
818
810
|
auth.twoFactorEnabled = true;
|
|
819
811
|
await this.update(auth.id, auth);
|
|
820
812
|
}
|
|
821
|
-
async disableTwoFactor(
|
|
822
|
-
const auth = await this.findByUserId(userId);
|
|
823
|
-
if (!auth) {
|
|
824
|
-
throw new NotFoundError("Auth not found");
|
|
825
|
-
}
|
|
813
|
+
async disableTwoFactor(auth) {
|
|
826
814
|
auth.twoFactorEnabled = false;
|
|
827
815
|
auth.twoFactorSecret = null;
|
|
828
816
|
await this.update(auth.id, auth);
|
|
@@ -955,18 +943,18 @@ var _TwoFactorService = class _TwoFactorService {
|
|
|
955
943
|
}
|
|
956
944
|
validateConfiguration() {
|
|
957
945
|
if (!this.config.app_name?.trim()) {
|
|
958
|
-
throw new
|
|
946
|
+
throw new TwoFactorError("Application name (appName) is required in configuration");
|
|
959
947
|
}
|
|
960
948
|
if (this.twoFactorConfig.secretLength < 16) {
|
|
961
|
-
throw new
|
|
949
|
+
throw new TwoFactorError("Secret length must be at least 16 characters");
|
|
962
950
|
}
|
|
963
951
|
if (this.twoFactorConfig.tokenWindow < 0 || this.twoFactorConfig.tokenWindow > 5) {
|
|
964
|
-
throw new
|
|
952
|
+
throw new TwoFactorError("Token verification window must be between 0 and 5");
|
|
965
953
|
}
|
|
966
954
|
}
|
|
967
955
|
ensureInitialized() {
|
|
968
956
|
if (!this.initialized) {
|
|
969
|
-
throw new
|
|
957
|
+
throw new TwoFactorError("TwoFactorService must be initialized before use");
|
|
970
958
|
}
|
|
971
959
|
}
|
|
972
960
|
generateSecret(email) {
|
|
@@ -992,7 +980,7 @@ var _TwoFactorService = class _TwoFactorService {
|
|
|
992
980
|
return await QRCode.toDataURL(otpAuthUrl, this.twoFactorConfig.qrCodeOptions);
|
|
993
981
|
} catch (error) {
|
|
994
982
|
console.error("QR code generation failed:", error);
|
|
995
|
-
throw new
|
|
983
|
+
throw new TwoFactorError("Failed to generate QR code");
|
|
996
984
|
}
|
|
997
985
|
}
|
|
998
986
|
verifyToken(token, secret) {
|
|
@@ -1006,7 +994,7 @@ var _TwoFactorService = class _TwoFactorService {
|
|
|
1006
994
|
});
|
|
1007
995
|
} catch (error) {
|
|
1008
996
|
console.error("Token verification failed:", error);
|
|
1009
|
-
throw new
|
|
997
|
+
throw new TwoFactorError("Failed to verify 2FA token");
|
|
1010
998
|
}
|
|
1011
999
|
}
|
|
1012
1000
|
};
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/application/config/ConfigManager.ts","../src/utils/Errors.ts","../src/application/service/utils/configInstance.ts","../src/infrastructure/container/createAuthContainer.ts","../src/application/useCase/LoginUseCase.ts","../src/application/dtos/UserDTO.ts","../src/application/validators/authValidation.ts","../src/application/mappers/utils/mapper.ts","../src/application/mappers/createUserMappings.ts","../src/application/dtos/RegisterDTO.ts","../src/application/useCase/LogoutUseCase.ts","../src/application/useCase/RegisterUseCase.ts","../src/application/useCase/RefreshTokenUseCase.ts","../src/application/useCase/TwoFactorSetupUseCase.ts","../src/application/useCase/TwoFactorEnableUseCase.ts","../src/application/useCase/TwoFactorVerifyUseCase.ts","../src/application/useCase/TwoFactorDisableUseCase.ts","../src/presentation/controller/AuthController.ts","../src/presentation/middleware/RequireComplete2FA.ts","../src/infrastructure/repository/AuthRepository.ts","../src/infrastructure/services/JwtAuthService.ts","../src/infrastructure/services/TwoFactorService.ts"],"sourcesContent":["import { authConfig } from \"./application/service/utils/configInstance\";\r\nimport { ConfigSource, IConfig } from \"./domain/interfaces/configTypes\";\r\nimport { createAuthContainer } from \"./infrastructure/container/createAuthContainer\";\r\nimport { AuthController } from \"./presentation/controller/AuthController\";\r\n\r\nexport { createAuthContainer, AuthController, authConfig, ConfigSource, IConfig };\r\n","import { EventEmitter } from \"events\";\r\nimport { IConfig, ConfigSource } from \"../../domain/interfaces/configTypes\";\r\nimport { ConfigNotFoundException } from \"../../utils/Errors\";\r\n\r\nexport class ConfigManager extends EventEmitter {\r\n private config?: IConfig;\r\n private configSource?: ConfigSource;\r\n\r\n setConfigSource(source: ConfigSource): void {\r\n this.configSource = source;\r\n }\r\n\r\n setConfig(cfg: IConfig): void {\r\n this.config = { ...cfg };\r\n this.emit(\"configAvailable\", this.config);\r\n }\r\n\r\n getConfig(): IConfig | undefined {\r\n return this.config;\r\n }\r\n\r\n async loadConfig(): Promise<IConfig> {\r\n if (!this.configSource) {\r\n throw new ConfigNotFoundException(\"Config source not set\");\r\n }\r\n try {\r\n const config = await this.configSource();\r\n this.setConfig(config);\r\n return config;\r\n } catch (error) {\r\n throw new ConfigNotFoundException(\"Error loading configuration\");\r\n }\r\n }\r\n}\r\n\r\nexport const configManager = new ConfigManager();\r\n","export class AppError extends Error {\r\n constructor(\r\n public message: string,\r\n public statusCode: number = 500,\r\n public name: string = \"AppError\"\r\n ) {\r\n super(message);\r\n Object.setPrototypeOf(this, new.target.prototype);\r\n Error.captureStackTrace(this);\r\n }\r\n}\r\n\r\nexport class ValidationError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"ValidationError\";\r\n }\r\n}\r\n\r\nexport class ConfigNotFoundException extends AppError {\r\n constructor(message: string) {\r\n super(message);\r\n this.name = \"ConfigNotFoundException\";\r\n }\r\n}\r\n\r\nexport class NotFoundError extends AppError {\r\n constructor(message: string) {\r\n super(message, 404, \"UserNotFoundError\");\r\n }\r\n}\r\n\r\nexport class ForbiddenError extends AppError {\r\n constructor(message: string = \"Forbidden access\") {\r\n super(message, 403);\r\n this.name = \"ForbiddenError\";\r\n }\r\n}\r\n\r\nexport class UnauthorizedError extends AppError {\r\n constructor(message: string = \"Unauthorized access\") {\r\n super(message, 401);\r\n this.name = \"UnauthorizedError\";\r\n }\r\n}\r\n\r\nexport class JwtError extends AppError {\r\n constructor(message: string) {\r\n super(message, 401);\r\n this.name = \"JwtError\";\r\n }\r\n}\r\n\r\nexport class RegistrationError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"RegistrationError\";\r\n }\r\n}\r\n\r\nexport class TwoFactorError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"TwoFactorERROR\";\r\n }\r\n}","import { configManager } from \"../../config/ConfigManager\";\r\nimport { IConfig, ConfigSource } from \"../../../domain/interfaces/configTypes\";\r\n\r\nexport const authConfig = (configSource: ConfigSource): void => {\r\n configManager.setConfigSource(configSource);\r\n};\r\n\r\nexport const createConfigInstance = async (): Promise<IConfig> => {\r\n return configManager.getConfig() ?? (await configManager.loadConfig());\r\n};\r\n","import { BaseContainer, BaseDatabase } from \"cca-core\";\r\nimport { AuthEntity } from \"cca-entities\";\r\n\r\nimport { LoginUseCase } from \"../../application/useCase/LoginUseCase\";\r\nimport { LogoutUseCase } from \"../../application/useCase/LogoutUseCase\";\r\nimport { RegisterUseCase } from \"../../application/useCase/RegisterUseCase\";\r\nimport { RefreshTokenUseCase } from \"../../application/useCase/RefreshTokenUseCase\";\r\nimport { TwoFactorSetupUseCase } from \"../../application/useCase/TwoFactorSetupUseCase\";\r\nimport { TwoFactorEnableUseCase } from \"../../application/useCase/TwoFactorEnableUseCase\";\r\nimport { TwoFactorVerifyUseCase } from \"../../application/useCase/TwoFactorVerifyUseCase\";\r\nimport { TwoFactorDisableUseCase } from \"../../application/useCase/TwoFactorDisableUseCase\";\r\n\r\nimport { AuthController } from \"../../presentation/controller/AuthController\";\r\nimport { RequireComplete2FA } from \"../../presentation/middleware/RequireComplete2FA\";\r\n\r\nimport { AuthRepository } from \"../repository/AuthRepository\";\r\nimport { JwtAuthService } from \"../services/JwtAuthService\";\r\nimport { TwoFactorService } from \"../services/TwoFactorService\";\r\nimport { createConfigInstance } from \"../../application/service/utils/configInstance\";\r\n\r\nasync function createAuthContainer(database: BaseDatabase) {\r\n const container = new BaseContainer({ database });\r\n\r\n const authRepository = new AuthRepository(\r\n database.getRepository(AuthEntity)\r\n );\r\n container.registerRepository<AuthEntity>(\"AuthRepository\", authRepository);\r\n\r\n const jwtAuthService = new JwtAuthService(authRepository);\r\n container.registerService(\"JwtAuthService\", jwtAuthService);\r\n\r\n const configData = await createConfigInstance();\r\n\r\n const twoFactorService = new TwoFactorService(configData);\r\n container.registerService(\"TwoFactorService\", twoFactorService);\r\n\r\n const requireComplete2FA = new RequireComplete2FA(jwtAuthService);\r\n\r\n const loginUseCase = new LoginUseCase(authRepository, jwtAuthService);\r\n const logoutUseCase = new LogoutUseCase(authRepository);\r\n const registerUseCase = new RegisterUseCase(authRepository);\r\n const refreshTokenUseCase = new RefreshTokenUseCase(\r\n authRepository,\r\n jwtAuthService\r\n );\r\n\r\n const twoFactorSetupUseCase = new TwoFactorSetupUseCase(twoFactorService, authRepository);\r\n const twoFactorEnableUseCase = new TwoFactorEnableUseCase(twoFactorService, authRepository);\r\n const twoFactorVerifyUseCase = new TwoFactorVerifyUseCase(\r\n twoFactorService,\r\n authRepository,\r\n jwtAuthService\r\n );\r\n const twoFactorDisableUseCase = new TwoFactorDisableUseCase(twoFactorService, authRepository);\r\n\r\n container.registerService(\"LoginUseCase\", loginUseCase);\r\n container.registerService(\"LogoutUseCase\", logoutUseCase);\r\n container.registerService(\"RegisterUseCase\", registerUseCase);\r\n container.registerService(\"RefreshTokenUseCase\", refreshTokenUseCase);\r\n container.registerService(\"TwoFactorSetupUseCase\", twoFactorSetupUseCase);\r\n container.registerService(\"TwoFactorEnableUseCase\", twoFactorEnableUseCase);\r\n container.registerService(\"TwoFactorVerifyUseCase\", twoFactorVerifyUseCase);\r\n container.registerService(\"TwoFactorDisableUseCase\", twoFactorDisableUseCase);\r\n\r\n const authController = new AuthController(\r\n loginUseCase,\r\n logoutUseCase,\r\n registerUseCase,\r\n refreshTokenUseCase,\r\n twoFactorSetupUseCase,\r\n twoFactorEnableUseCase,\r\n twoFactorVerifyUseCase,\r\n twoFactorDisableUseCase\r\n );\r\n\r\n return { container, authController, requireComplete2FA };\r\n}\r\n\r\nexport { createAuthContainer };","import { IBaseService, validateRepository } from \"cca-core\";\r\nimport { AuthEntity, UserEntity, UserRole } from \"cca-entities\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\nimport { JwtAuthService } from \"../../infrastructure/services/JwtAuthService\";\r\nimport { UserDTO } from \"../dtos/UserDTO\";\r\nimport { LoginDTO } from \"../dtos/LoginDTO\";\r\nimport { validateAdminSecret, validateLoginDTO } from \"../validators/authValidation\";\r\nimport { mapper } from \"../mappers/utils/mapper\";\r\n\r\ninterface TokenPair {\r\n accessToken: string;\r\n refreshToken: string;\r\n}\r\n\r\ninterface LoginResponse {\r\n token: TokenPair;\r\n user: UserDTO;\r\n}\r\n\r\nexport class LoginUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly authService: JwtAuthService;\r\n\r\n constructor(\r\n repository: AuthRepository,\r\n authService: JwtAuthService\r\n ) {\r\n this.repository = repository;\r\n this.authService = authService\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(loginDTO: LoginDTO, adminPassword?: string): Promise<LoginResponse> {\r\n const auth = await this.validateLogin(loginDTO, adminPassword);\r\n const token = await this.handleAuthentication(auth);\r\n const userDTO = this.mapUserToDTO(auth.user);\r\n\r\n return { token, user: userDTO };\r\n }\r\n\r\n private async validateLogin(\r\n loginDTO: LoginDTO,\r\n adminPassword?: string\r\n ): Promise<AuthEntity> {\r\n const auth = await validateLoginDTO(loginDTO, this.repository);\r\n\r\n if (loginDTO.role === UserRole.ADMIN && adminPassword) {\r\n await validateAdminSecret(adminPassword);\r\n }\r\n\r\n return auth;\r\n }\r\n\r\n private async handleAuthentication(auth: AuthEntity): Promise<TokenPair> {\r\n const token = this.generateTokens(auth);\r\n await this.updateUserStatus(auth);\r\n await this.updateUserRefreshToken(auth, token.refreshToken);\r\n\r\n return token;\r\n }\r\n\r\n private generateTokens(auth: AuthEntity): TokenPair {\r\n return {\r\n accessToken: this.authService.generateAccessToken(auth.user),\r\n refreshToken: this.authService.generateRefreshToken(auth.user)\r\n };\r\n }\r\n\r\n private async updateUserStatus(auth: AuthEntity): Promise<void> {\r\n auth.user.lastLoginAt = new Date();\r\n auth.user.isActive = true;\r\n await this.repository.update(auth.id, auth);\r\n }\r\n\r\n private async updateUserRefreshToken(\r\n auth: AuthEntity,\r\n refreshToken: string\r\n ): Promise<void> {\r\n auth.refreshToken = refreshToken;\r\n await this.repository.update(auth.id, { refreshToken });\r\n }\r\n\r\n private mapUserToDTO(user: UserEntity): UserDTO {\r\n return mapper.map(user, UserEntity, UserDTO);\r\n }\r\n}","import { AutoMap } from \"@automapper/classes\";\r\nimport { UserRole } from \"cca-entities\";\r\n\r\nexport class UserDTO {\r\n @AutoMap()\r\n id!: string;\r\n\r\n @AutoMap()\r\n name!: string;\r\n\r\n @AutoMap()\r\n email!: string;\r\n\r\n @AutoMap()\r\n role!: UserRole;\r\n\r\n adminPassword?: string;\r\n}","import * as yup from \"yup\";\r\nimport { AuthEntity, UserRole } from \"cca-entities\";\r\nimport bcrypt from \"bcrypt\";\r\n\r\nimport {\r\n ForbiddenError,\r\n NotFoundError,\r\n ValidationError,\r\n} from \"../../utils/Errors\";\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nimport { RegisterDTO } from \"../dtos/RegisterDTO\";\r\nimport { LoginDTO } from \"../dtos/LoginDTO\";\r\nimport { createConfigInstance } from \"../service/utils/configInstance\";\r\n\r\nconst schemas = {\r\n id: yup.string().uuid(\"Invalid user ID format\"),\r\n email: yup\r\n .string()\r\n .email(\"Invalid email format\")\r\n .max(255, \"Email cannot exceed 255 characters\"),\r\n name: yup\r\n .string()\r\n .required(\"Name is required\")\r\n .min(2, \"Name must be at least 2 characters long\")\r\n .max(50, \"Name cannot exceed 50 characters\")\r\n .matches(/^[a-zA-Z\\s]+$/, \"Name must only contain letters and spaces\"),\r\n password: yup\r\n .string()\r\n .required(\"Password required\")\r\n .min(8, \"Password too short\")\r\n .max(100, \"Password too long\")\r\n .matches(\r\n /^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]/,\r\n \"Password must contain uppercase, lowercase, number and special character\"\r\n ),\r\n role: yup\r\n .string()\r\n .required(\"Role is required\")\r\n .oneOf(Object.values(UserRole), \"Invalid role specified\"),\r\n};\r\n\r\nexport const validateEmail = async (\r\n email: string,\r\n repository: AuthRepository\r\n): Promise<AuthEntity> => {\r\n try {\r\n await schemas.email.validate(email?.trim().toLowerCase());\r\n const user = await repository.findByEmail(email);\r\n if (!user) {\r\n throw new NotFoundError(\r\n \"The email address or password is incorrect. Please retry\"\r\n );\r\n }\r\n return user;\r\n } catch (error: any) {\r\n throw new ValidationError(error.message || \"Invalid email format\");\r\n }\r\n};\r\n\r\nexport const validatePassword = async (password?: string): Promise<void> => {\r\n if (password) {\r\n try {\r\n await schemas.password.validate(password);\r\n } catch (error: any) {\r\n throw new ValidationError(error.message || \"Invalid password format\");\r\n }\r\n }\r\n};\r\n\r\nexport const validateEmailUniqueness = async (\r\n repository: AuthRepository,\r\n email: string,\r\n excludeUserId?: string\r\n): Promise<void> => {\r\n try {\r\n await schemas.email.validate(email?.trim().toLowerCase());\r\n\r\n const existingUser = await repository.findByEmail(email);\r\n\r\n if (!existingUser) return;\r\n if (existingUser.id === excludeUserId) return;\r\n\r\n throw new ValidationError(`Email ${email} is already in use.`);\r\n } catch (error: any) {\r\n if (error instanceof ValidationError) {\r\n throw error;\r\n }\r\n throw new ValidationError(\"user email validation failed\");\r\n }\r\n};\r\n\r\nexport const validateRegisterDTO = async (\r\n auth: RegisterDTO,\r\n repository: AuthRepository\r\n): Promise<void> => {\r\n const { name, email, role, password } = auth;\r\n\r\n await Promise.all([\r\n schemas.name.validate(name),\r\n schemas.role.validate(role),\r\n validateEmailUniqueness(repository, email),\r\n validatePassword(password),\r\n ]);\r\n};\r\n\r\nexport const validateLoginDTO = async (\r\n data: LoginDTO,\r\n repository: AuthRepository\r\n): Promise<AuthEntity> => {\r\n const { email, role, password } = data;\r\n\r\n await Promise.all([schemas.role.validate(role), schemas.password.validate(password)]);\r\n\r\n const auth = await validateEmail(email, repository);\r\n if (!auth || !auth.password) {\r\n throw new NotFoundError(\"Invalid credentials\");\r\n }\r\n\r\n const isMatch = await bcrypt.compare(password, auth.password);\r\n if (!isMatch) {\r\n throw new ForbiddenError(\"Invalid credentials\");\r\n }\r\n\r\n return auth;\r\n};\r\n\r\nexport const validateAdminSecret = async (\r\n secretPassword?: string\r\n): Promise<void> => {\r\n if (!secretPassword) {\r\n throw new ValidationError(\"Admin password is required\");\r\n }\r\n\r\n try {\r\n const config = await createConfigInstance();\r\n\r\n if (!config.adminSecretPassword) {\r\n throw new ValidationError(\"ADMIN_SECRET_PASSWORD not found in config\");\r\n }\r\n\r\n if (parseInt(secretPassword) !== parseInt(config.adminSecretPassword)) {\r\n throw new ValidationError(\"Invalid admin password\");\r\n }\r\n } catch (error) {\r\n if (error instanceof ValidationError) {\r\n throw error;\r\n }\r\n throw new ValidationError(\"Error validating admin password\");\r\n }\r\n};\r\n","import { createMapper } from '@automapper/core';\r\nimport { classes } from '@automapper/classes';\r\n\r\nimport { createUserMappings } from '../createUserMappings';\r\n\r\nexport const mapper = createMapper({\r\n strategyInitializer: classes(),\r\n});\r\n\r\ncreateUserMappings(mapper);\r\n","import { Mapper, createMap, forMember, mapFrom } from '@automapper/core';\r\nimport { AuthEntity, UserEntity } from 'cca-entities';\r\n\r\nimport { RegisterDTO } from '../dtos/RegisterDTO';\r\nimport { UserDTO } from '../dtos/UserDTO';\r\n\r\nexport function createUserMappings(mapper: Mapper): void {\r\n createMap(\r\n mapper, \r\n RegisterDTO,\r\n AuthEntity,\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.password, mapFrom(src => src.password)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n\r\n createMap(\r\n mapper, \r\n RegisterDTO,\r\n UserEntity,\r\n forMember(dest => dest.name, mapFrom(src => src.name)),\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n\r\n createMap(\r\n mapper,\r\n UserEntity,\r\n UserDTO,\r\n forMember(dest => dest.id, mapFrom(src => src.id)),\r\n forMember(dest => dest.name, mapFrom(src => src.name)),\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n}","import { UserRole } from \"cca-entities\";\r\n\r\nexport class RegisterDTO {\r\n email!: string;\r\n name!: string;\r\n password!: string;\r\n role!: UserRole;\r\n adminPassword?: string;\r\n}\r\n","import { IBaseService, validateRepository } from \"cca-core\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\nimport { NotFoundError } from \"../../utils/Errors\";\r\n\r\n\r\nexport class LogoutUseCase implements IBaseService {\r\n private readonly repository: AuthRepository\r\n\r\n constructor(repository: AuthRepository) {\r\n this.repository = repository;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(authId: string): Promise<void> {\r\n try {\r\n await this.repository.logout(authId);\r\n } catch (error) {\r\n new NotFoundError(\"Auth not found\");\r\n }\r\n }\r\n}","import { IBaseService, validateRepository } from \"cca-core\";\r\nimport * as bcrypt from \"bcrypt\";\r\nimport { AuthEntity, UserEntity, UserRole } from \"cca-entities\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nimport { mapper } from \"../mappers/utils/mapper\";\r\nimport { RegisterDTO } from \"../dtos/RegisterDTO\";\r\nimport { validateAdminSecret, validateRegisterDTO } from \"../validators/authValidation\";\r\nimport { RegistrationError } from \"../../utils/Errors\";\r\n\r\nexport class RegisterUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly SALT_ROUNDS = 10;\r\n\r\n constructor(repository: AuthRepository) {\r\n this.repository = repository;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n public async execute(\r\n email: string,\r\n name: string,\r\n password: string,\r\n role: UserRole = UserRole.GUEST,\r\n adminPassword?: string\r\n ): Promise<AuthEntity | undefined> {\r\n try {\r\n\r\n const normalizedDTO = this.normalizeAuthDTO({\r\n email,\r\n name,\r\n password,\r\n role,\r\n adminPassword\r\n });\r\n\r\n if (role === UserRole.ADMIN && adminPassword) {\r\n await validateAdminSecret(adminPassword);\r\n }\r\n\r\n await validateRegisterDTO(normalizedDTO, this.repository);\r\n\r\n const hashedPassword = await this.hashPassword(normalizedDTO.password);\r\n const authEntity = await this.createAuthEntity(\r\n normalizedDTO,\r\n hashedPassword\r\n );\r\n\r\n return await this.repository.create(authEntity);\r\n } catch (error: any) {\r\n throw new RegistrationError(`Registration failed: ${error.message}`);\r\n }\r\n }\r\n\r\n private normalizeAuthDTO(dto: RegisterDTO): RegisterDTO {\r\n return {\r\n name: dto.name.trim(),\r\n email: dto.email.trim().toLowerCase(),\r\n role: dto.role,\r\n password: dto.password.trim(),\r\n adminPassword: dto.adminPassword?.trim()\r\n };\r\n }\r\n\r\n private async hashPassword(password: string): Promise<string> {\r\n return await bcrypt.hash(password, this.SALT_ROUNDS);\r\n }\r\n\r\n private async createAuthEntity(dto: RegisterDTO, hashedPassword: string): Promise<AuthEntity> {\r\n const authEntity = mapper.map(dto, RegisterDTO, AuthEntity);\r\n const userEntity = mapper.map(dto, RegisterDTO, UserEntity);\r\n\r\n authEntity.password = hashedPassword;\r\n authEntity.refreshToken = \"\";\r\n authEntity.user = userEntity;\r\n authEntity.user.updatedAt = null as any;\r\n\r\n return authEntity;\r\n }\r\n}\r\n","import { IBaseService, validateRepository } from \"cca-core\";\r\n\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\n\r\nimport { JwtAuthService } from \"../../infrastructure/services/JwtAuthService\";\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nexport class RefreshTokenUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly service: JwtAuthService;\r\n\r\n constructor(repository: AuthRepository, service: JwtAuthService) {\r\n this.repository = repository;\r\n this.service = service;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(\r\n refreshToken: string\r\n ): Promise<{ accessToken: string; refreshToken: string } | null> {\r\n try {\r\n const decoded = await this.service.verifyRefreshToken(refreshToken);\r\n\r\n const auth = decoded.userId\r\n ? await this.repository.findById(decoded.userId)\r\n : null;\r\n\r\n if (!auth || auth.refreshToken !== refreshToken) {\r\n return null;\r\n }\r\n\r\n const accessToken = this.service.generateAccessToken(auth.user);\r\n const newRefreshToken = this.service.generateRefreshToken(auth.user);\r\n\r\n await this.repository.update(auth.id, {\r\n refreshToken: newRefreshToken,\r\n });\r\n\r\n return { accessToken, refreshToken: newRefreshToken };\r\n } catch (error) {\r\n return null;\r\n }\r\n }\r\n\r\n async verityToken(token: string): Promise<IDecodedToken> {\r\n return await this.service.verifyAccessToken(token);\r\n }\r\n}\r\n","import { IBaseService } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorSetupResponse } from '../../domain/interfaces/ITwoFactorSetupResponse';\r\n\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorSetupUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize()\r\n ]);\r\n \r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string): Promise<ITwoFactorSetupResponse> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const user = await this.authRepository.findByUserId(userId);\r\n \r\n if (!user) {\r\n throw new TwoFactorError('User not found');\r\n }\r\n \r\n if (user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is already enabled');\r\n }\r\n \r\n const { secret, otpAuthUrl } = this.twoFactorService.generateSecret(user.email);\r\n const qrCodeUrl = await this.twoFactorService.generateQRCode(otpAuthUrl);\r\n \r\n await this.authRepository.updateTwoFactorSecret(userId, secret);\r\n \r\n return { secret, otpAuthUrl, qrCodeUrl };\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorEnable } from '../../domain/interfaces/ITwoFactorEnable';\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorEnableUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n \r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n \r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string, dto: ITwoFactorEnable): Promise<void> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { token } = dto;\r\n \r\n if (!token) {\r\n throw new TwoFactorError('Token is required');\r\n }\r\n \r\n const user = await this.authRepository.findByUserId(userId); \r\n \r\n if (!user || !user.twoFactorSecret) {\r\n throw new TwoFactorError('Please set up two-factor authentication first');\r\n }\r\n \r\n if (user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is already enabled');\r\n }\r\n \r\n const isValid = this.twoFactorService.verifyToken(token, user.twoFactorSecret);\r\n \r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n \r\n await this.authRepository.enableTwoFactor(user.id);\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { JwtAuthService } from '../../infrastructure/services/JwtAuthService';\r\nimport { ITwoFactorVerify } from '../../domain/interfaces/ITwoFactorVerify';\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorVerifyUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private jwtService: JwtAuthService;\r\n private isInitialized = false;\r\n\r\n constructor(\r\n twoFactorService: TwoFactorService,\r\n authRepository: AuthRepository,\r\n jwtService: JwtAuthService\r\n ) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n this.jwtService = jwtService;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n\r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n this.jwtService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n4\r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(dto: ITwoFactorVerify): Promise<{ token: string; refreshToken: string }> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { userId, token } = dto;\r\n\r\n if (!userId || !token) {\r\n throw new TwoFactorError('user ID and token are required');\r\n }\r\n\r\n const auth = await this.authRepository.findByUserId(userId);\r\n\r\n console.log(\"auth\", auth);\r\n \r\n\r\n if (!auth || !auth.twoFactorSecret || !auth.twoFactorEnabled) {\r\n throw new TwoFactorError('Invalid request');\r\n }\r\n\r\n const isValid = this.twoFactorService.verifyToken(token, auth.twoFactorSecret);\r\n\r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n\r\n return {\r\n token: this.jwtService.generateAccessToken(auth.user),\r\n refreshToken: this.jwtService.generateRefreshToken(auth.user)\r\n }\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorEnable } from '../../domain/interfaces/ITwoFactorEnable';\r\n\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorDisableUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n4\r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string, dto: ITwoFactorEnable): Promise<void> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { token } = dto;\r\n \r\n const user = await this.authRepository.findByUserId(userId);\r\n \r\n if (!user || !user.twoFactorSecret || !user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is not enabled');\r\n }\r\n \r\n const isValid = this.twoFactorService.verifyToken(token, user.twoFactorSecret);\r\n \r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n \r\n await this.authRepository.disableTwoFactor(userId);\r\n }\r\n}","import { NextFunction, Request, Response } from \"express\";\r\n\r\nimport { LoginDTO } from \"../../application/dtos/LoginDTO\";\r\nimport { RegisterDTO } from \"../../application/dtos/RegisterDTO\";\r\n\r\nimport { RegisterUseCase } from \"../../application/useCase/RegisterUseCase\";\r\nimport { LoginUseCase } from \"../../application/useCase/LoginUseCase\";\r\nimport { LogoutUseCase } from \"../../application/useCase/LogoutUseCase\";\r\nimport { RefreshTokenUseCase } from \"../../application/useCase/RefreshTokenUseCase\";\r\nimport { TwoFactorSetupUseCase } from \"../../application/useCase/TwoFactorSetupUseCase\";\r\nimport { TwoFactorEnableUseCase } from \"../../application/useCase/TwoFactorEnableUseCase\";\r\nimport { TwoFactorVerifyUseCase } from \"../../application/useCase/TwoFactorVerifyUseCase\";\r\nimport { TwoFactorDisableUseCase } from \"../../application/useCase/TwoFactorDisableUseCase\";\r\n\r\nimport { IRefreshTokenRequest } from \"../../domain/interfaces/IRefreshTokenRequest\";\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\nimport { ITwoFactorEnable } from \"../../domain/interfaces/ITwoFactorEnable\";\r\nimport { ITwoFactorVerify } from \"../../domain/interfaces/ITwoFactorVerify\";\r\n\r\n\r\nexport class AuthController {\r\n private readonly loginUseCase: LoginUseCase;\r\n private readonly logoutUseCase: LogoutUseCase;\r\n private readonly registerUseCase: RegisterUseCase;\r\n private readonly refreshTokenUseCase: RefreshTokenUseCase;\r\n\r\n private twoFactorSetupUseCase: TwoFactorSetupUseCase;\r\n private twoFactorEnableUseCase: TwoFactorEnableUseCase;\r\n private twoFactorVerifyUseCase: TwoFactorVerifyUseCase;\r\n private twoFactorDisableUseCase: TwoFactorDisableUseCase;\r\n\r\n constructor(\r\n loginUseCase: LoginUseCase,\r\n logoutUseCase: LogoutUseCase,\r\n registerUseCase: RegisterUseCase,\r\n refreshTokenUseCase: RefreshTokenUseCase,\r\n twoFactorSetupUseCase: TwoFactorSetupUseCase,\r\n twoFactorEnableUseCase: TwoFactorEnableUseCase,\r\n twoFactorVerifyUseCase: TwoFactorVerifyUseCase,\r\n twoFactorDisableUseCase: TwoFactorDisableUseCase\r\n ) {\r\n this.loginUseCase = loginUseCase;\r\n this.logoutUseCase = logoutUseCase;\r\n this.registerUseCase = registerUseCase;\r\n this.refreshTokenUseCase = refreshTokenUseCase;\r\n this.twoFactorSetupUseCase = twoFactorSetupUseCase;\r\n this.twoFactorEnableUseCase = twoFactorEnableUseCase;\r\n this.twoFactorVerifyUseCase = twoFactorVerifyUseCase;\r\n this.twoFactorDisableUseCase = twoFactorDisableUseCase;\r\n }\r\n\r\n login = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const { adminPassword, ...loginDTO }: LoginDTO = req.body;\r\n const result = await this.loginUseCase.execute(loginDTO, adminPassword);\r\n res.status(201).json(result);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n logout = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction\r\n ): Promise<void> => {\r\n try {\r\n await this.logoutUseCase.execute(req.params.id);\r\n res.status(200).json({ message: 'Logged out successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n register = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction\r\n ): Promise<void> => {\r\n try {\r\n const { email, name, password, role, adminPassword }: RegisterDTO = req.body;\r\n await this.registerUseCase.execute(email, name, password, role, adminPassword);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n refreshToken = async (req: Request, res: Response) => {\r\n const { refreshToken }: IRefreshTokenRequest = req.body;\r\n const result = await this.refreshTokenUseCase.execute(refreshToken);\r\n res.json(result);\r\n };\r\n\r\n verifyToken = async (token: string): Promise<IDecodedToken> => {\r\n return await this.refreshTokenUseCase.verityToken(token);\r\n };\r\n\r\n setup2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const result = await this.twoFactorSetupUseCase.execute(userId);\r\n res.status(200).json(result);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n enable2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const dto: ITwoFactorEnable = req.body;\r\n await this.twoFactorEnableUseCase.execute(userId, dto);\r\n res.status(200).json({ message: 'Two-factor authentication has been enabled successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n verify2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const dto: ITwoFactorVerify = req.body;\r\n const result = await this.twoFactorVerifyUseCase.execute(dto);\r\n res.status(200).json({\r\n message: 'Two-factor authentication successful',\r\n ...result\r\n });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n disable2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const dto: ITwoFactorEnable = req.body;\r\n await this.twoFactorDisableUseCase.execute(userId, dto);\r\n res.status(200).json({ message: 'Two-factor authentication has been disabled successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n}\r\n","import { NextFunction, Request, Response } from 'express';\r\nimport { JwtAuthService } from '../../infrastructure/services/JwtAuthService';\r\n\r\nexport class RequireComplete2FA {\r\n private readonly jwtService: JwtAuthService;\r\n\r\n constructor(jwtService: JwtAuthService) {\r\n this.jwtService = jwtService;\r\n }\r\n\r\n public async execute(req: Request, res: Response, next: NextFunction) {\r\n try {\r\n const token = req.headers.authorization?.split(' ')[1];\r\n\r\n if (!token) {\r\n return res.status(401).json({ message: 'Authentication required' });\r\n }\r\n\r\n const decoded = await this.jwtService.verifyAccessToken(token);\r\n\r\n if (!decoded.twoFactorAuthenticated) {\r\n return res.status(403).json({\r\n message: 'Two-factor authentication required',\r\n code: 'REQUIRE_2FA',\r\n userId: decoded.id\r\n });\r\n }\r\n\r\n req.auth = { ...decoded, twoFactorAuthenticated: true };\r\n next();\r\n } catch (error) {\r\n return res.status(401).json({ message: 'Invalid or expired token' });\r\n }\r\n }\r\n}","import { BaseRepository, IExtendedBaseRepository } from \"cca-core\";\r\nimport { AuthEntity } from \"cca-entities\";\r\nimport { Repository } from \"typeorm\";\r\nimport { NotFoundError } from \"../../utils/Errors\";\r\n\r\nexport class AuthRepository\r\n extends BaseRepository<AuthEntity>\r\n implements IExtendedBaseRepository<AuthEntity> {\r\n constructor(repository: Repository<AuthEntity>) {\r\n super(repository);\r\n }\r\n\r\n async findByEmail(email: string): Promise<AuthEntity | null> {\r\n const query = this.repository\r\n .createQueryBuilder(\"auth\")\r\n .leftJoinAndSelect(\"auth.user\", \"user\")\r\n .addSelect(\"auth.password\")\r\n .where(\"auth.email = :email\", { email });\r\n\r\n return await query.getOne();\r\n }\r\n\r\n async create(entity: Omit<AuthEntity, \"createdAt\">): Promise<AuthEntity> {\r\n return super.create(entity);\r\n }\r\n\r\n async findByUserId(userId: string): Promise<AuthEntity | null> {\r\n const query = this.repository\r\n .createQueryBuilder(\"auth\")\r\n .leftJoinAndSelect(\"auth.user\", \"user\")\r\n .addSelect(\"auth.two_factor_secret\") \r\n .where(\"user.id = :userId\", { userId });\r\n\r\n const result = await query.getOne();\r\n console.log(\"User_1\", result);\r\n \r\n return result;\r\n }\r\n\r\n async logout(userId: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n auth.refreshToken = \"\";\r\n auth.user.isActive = false;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async updateTwoFactorSecret(userId: string, secret: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n auth.twoFactorSecret = secret;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async enableTwoFactor(userId: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n if (!auth.twoFactorSecret) {\r\n throw new NotFoundError(\"Two-factor secret not set\");\r\n }\r\n\r\n auth.twoFactorEnabled = true;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async disableTwoFactor(userId: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n auth.twoFactorEnabled = false;\r\n auth.twoFactorSecret = null;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async isTwoFactorEnabled(userId: string): Promise<boolean> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n return !!auth.twoFactorEnabled;\r\n }\r\n\r\n async getTwoFactorSecret(userId: string): Promise<string | null> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n return auth.twoFactorSecret;\r\n }\r\n}\r\n","import * as jwt from \"jsonwebtoken\";\r\nimport { Secret, SignOptions } from \"jsonwebtoken\";\r\nimport * as bcrypt from \"bcrypt\";\r\nimport { IBaseService, validateRepository } from \"cca-core\";\r\nimport { AuthEntity, UserEntity } from \"cca-entities\";\r\n\r\nimport { IJwtConfig } from \"../../domain/interfaces/IJwtConfig\";\r\nimport { IAuthService } from \"../../domain/interfaces/IAuthService\";\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\n\r\nimport {\r\n ForbiddenError,\r\n JwtError,\r\n NotFoundError,\r\n UnauthorizedError,\r\n} from \"../../utils/Errors\";\r\n\r\nimport { AuthRepository } from \"../repository/AuthRepository\";\r\nimport { createConfigInstance } from \"../../application/service/utils/configInstance\";\r\n\r\nexport class JwtAuthService implements IBaseService, IAuthService {\r\n private jwtConfig: IJwtConfig | undefined;\r\n\r\n constructor(private readonly repository: AuthRepository, config?: IJwtConfig) {\r\n this.loadConfig(config);\r\n }\r\n\r\n private async loadConfig(config?: IJwtConfig) {\r\n const configData = await createConfigInstance();\r\n\r\n this.jwtConfig = {\r\n accessTokenSecret: configData.accessTokenSecret,\r\n refreshTokenSecret: configData.refreshTokenSecret,\r\n accessTokenExpiry: parseInt(configData.accessTokenExpiry, 10),\r\n refreshTokenExpiry: parseInt(configData.refreshTokenExpiry, 10),\r\n ...config,\r\n };\r\n\r\n this.validateConfiguration();\r\n }\r\n\r\n async initialize(): Promise<void> {\r\n await validateRepository(this.repository, repo => repo.getAll());\r\n }\r\n\r\n private validateConfiguration(): void {\r\n if (!this.jwtConfig?.accessTokenSecret || !this.jwtConfig?.refreshTokenSecret) {\r\n throw new JwtError(\"JWT secrets required in config\");\r\n }\r\n }\r\n\r\n async validateUser(email: string, password: string): Promise<AuthEntity | null> {\r\n const user = await this.repository.findByEmail(email);\r\n if (!user) {\r\n throw new NotFoundError(\"Invalid credentials\");\r\n }\r\n\r\n const validPassword = await bcrypt.compare(password, user.password);\r\n if (!validPassword) {\r\n throw new ForbiddenError(\"Invalid credentials\");\r\n }\r\n\r\n return user;\r\n }\r\n\r\n private verifyJwtConfig() {\r\n if (!this.jwtConfig) throw new JwtError(\"JWT config not loaded\");\r\n }\r\n\r\n generateAccessToken(user: UserEntity): string {\r\n this.verifyJwtConfig();\r\n return jwt.sign(\r\n { userId: user.id, email: user.email, role: user.role },\r\n this.jwtConfig!.accessTokenSecret as Secret,\r\n { expiresIn: this.jwtConfig!.accessTokenExpiry }\r\n );\r\n }\r\n\r\n generateRefreshToken(user: UserEntity): string {\r\n this.verifyJwtConfig();\r\n return jwt.sign(\r\n { userId: user.id },\r\n this.jwtConfig!.refreshTokenSecret as Secret,\r\n { expiresIn: this.jwtConfig!.refreshTokenExpiry }\r\n );\r\n }\r\n\r\n async verifyToken(token: string, secret: string): Promise<IDecodedToken> {\r\n try {\r\n return jwt.verify(token, secret) as IDecodedToken;\r\n } catch {\r\n throw new UnauthorizedError();\r\n }\r\n }\r\n\r\n async verifyAccessToken(token: string): Promise<IDecodedToken> {\r\n this.verifyJwtConfig();\r\n return this.verifyToken(token, this.jwtConfig!.accessTokenSecret);\r\n }\r\n\r\n async verifyRefreshToken(token: string): Promise<IDecodedToken> {\r\n this.verifyJwtConfig();\r\n return this.verifyToken(token, this.jwtConfig!.refreshTokenSecret);\r\n }\r\n}\r\n","import * as speakeasy from 'speakeasy';\r\nimport * as QRCode from 'qrcode';\r\nimport { IBaseService } from 'cca-core';\r\nimport { IConfig } from '../../domain/interfaces/configTypes';\r\n\r\nexport class TwoFactorService implements IBaseService {\r\n private readonly config: IConfig;\r\n private initialized: boolean = false;\r\n private readonly twoFactorConfig: {\r\n tokenWindow: number;\r\n secretLength: number;\r\n qrCodeOptions: QRCode.QRCodeToDataURLOptions;\r\n };\r\n\r\n constructor(config: IConfig) {\r\n this.config = config;\r\n \r\n this.twoFactorConfig = {\r\n tokenWindow: parseInt(config.tokenWindow) ?? 1,\r\n secretLength: parseInt(config.secretLength) ?? 20,\r\n qrCodeOptions: {\r\n errorCorrectionLevel: 'M',\r\n margin: 4,\r\n scale: 4,\r\n color: {\r\n dark: '#000000',\r\n light: '#ffffff'\r\n }\r\n }\r\n };\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n try {\r\n this.validateConfiguration();\r\n this.initialized = true;\r\n } catch (error) {\r\n console.error('TwoFactorService initialization failed:', error);\r\n throw new Error('Failed to initialize TwoFactorService');\r\n }\r\n }\r\n\r\n private validateConfiguration(): void {\r\n if (!this.config.app_name?.trim()) {\r\n throw new Error('Application name (appName) is required in configuration');\r\n }\r\n\r\n if (this.twoFactorConfig.secretLength < 16) {\r\n throw new Error('Secret length must be at least 16 characters');\r\n }\r\n\r\n if (this.twoFactorConfig.tokenWindow < 0 || this.twoFactorConfig.tokenWindow > 5) {\r\n throw new Error('Token verification window must be between 0 and 5');\r\n }\r\n }\r\n\r\n private ensureInitialized(): void {\r\n if (!this.initialized) {\r\n throw new Error('TwoFactorService must be initialized before use');\r\n }\r\n }\r\n\r\n public generateSecret(email: string): { secret: string; otpAuthUrl: string } {\r\n this.ensureInitialized();\r\n\r\n try {\r\n const secretObj = speakeasy.generateSecret({\r\n length: this.twoFactorConfig.secretLength,\r\n name: `${this.config.app_name}:${email}`,\r\n issuer: this.config.app_name\r\n });\r\n \r\n return {\r\n secret: secretObj.base32,\r\n otpAuthUrl: secretObj.otpauth_url || ''\r\n };\r\n } catch (error) {\r\n console.error('Error generating 2FA secret:', error);\r\n throw new Error('Failed to generate 2FA secret');\r\n }\r\n }\r\n\r\n public async generateQRCode(otpAuthUrl: string): Promise<string> {\r\n this.ensureInitialized();\r\n\r\n try {\r\n return await QRCode.toDataURL(otpAuthUrl, this.twoFactorConfig.qrCodeOptions);\r\n } catch (error) {\r\n console.error('QR code generation failed:', error);\r\n throw new Error('Failed to generate QR code');\r\n }\r\n }\r\n\r\n public verifyToken(token: string, secret: string): boolean {\r\n this.ensureInitialized();\r\n\r\n try {\r\n return speakeasy.totp.verify({\r\n secret,\r\n encoding: 'base32',\r\n token,\r\n window: this.twoFactorConfig.tokenWindow\r\n });\r\n } catch (error) {\r\n console.error('Token verification failed:', error);\r\n throw new Error('Failed to verify 2FA token');\r\n }\r\n }\r\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,oBAA6B;;;ACAtB,IAAM,YAAN,MAAM,kBAAiB,MAAM;AAAA,EAClC,YACS,SACA,aAAqB,KACrB,OAAe,YACtB;AACA,UAAM,OAAO;AAJN;AACA;AACA;AAGP,WAAO,eAAe,MAAM,WAAW,SAAS;AAChD,UAAM,kBAAkB,IAAI;AAAA,EAC9B;AACF;AAVoC;AAA7B,IAAM,WAAN;AAYA,IAAM,mBAAN,MAAM,yBAAwB,SAAS;AAAA,EAC5C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL8C;AAAvC,IAAM,kBAAN;AAOA,IAAM,2BAAN,MAAM,iCAAgC,SAAS;AAAA,EACpD,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AALsD;AAA/C,IAAM,0BAAN;AAOA,IAAM,iBAAN,MAAM,uBAAsB,SAAS;AAAA,EAC1C,YAAY,SAAiB;AAC3B,UAAM,SAAS,KAAK,mBAAmB;AAAA,EACzC;AACF;AAJ4C;AAArC,IAAM,gBAAN;AAMA,IAAM,kBAAN,MAAM,wBAAuB,SAAS;AAAA,EAC3C,YAAY,UAAkB,oBAAoB;AAChD,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL6C;AAAtC,IAAM,iBAAN;AAOA,IAAM,qBAAN,MAAM,2BAA0B,SAAS;AAAA,EAC9C,YAAY,UAAkB,uBAAuB;AACnD,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALgD;AAAzC,IAAM,oBAAN;AAOA,IAAM,YAAN,MAAM,kBAAiB,SAAS;AAAA,EACrC,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALuC;AAAhC,IAAM,WAAN;AAOA,IAAM,qBAAN,MAAM,2BAA0B,SAAS;AAAA,EAC9C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALgD;AAAzC,IAAM,oBAAN;AAOA,IAAM,kBAAN,MAAM,wBAAuB,SAAS;AAAA,EAC3C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL6C;AAAtC,IAAM,iBAAN;;;ADxDA,IAAM,iBAAN,MAAM,uBAAsB,2BAAa;AAAA,EAI5C,gBAAgB,QAA4B;AACxC,SAAK,eAAe;AAAA,EACxB;AAAA,EAEA,UAAU,KAAoB;AAC1B,SAAK,SAAS,EAAE,GAAG,IAAI;AACvB,SAAK,KAAK,mBAAmB,KAAK,MAAM;AAAA,EAC5C;AAAA,EAEA,YAAiC;AAC7B,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,aAA+B;AACjC,QAAI,CAAC,KAAK,cAAc;AACpB,YAAM,IAAI,wBAAwB,uBAAuB;AAAA,IAC7D;AACA,QAAI;AACA,YAAM,SAAS,MAAM,KAAK,aAAa;AACvC,WAAK,UAAU,MAAM;AACrB,aAAO;AAAA,IACX,SAAS,OAAO;AACZ,YAAM,IAAI,wBAAwB,6BAA6B;AAAA,IACnE;AAAA,EACJ;AACJ;AA7BgD;AAAzC,IAAM,gBAAN;AA+BA,IAAM,gBAAgB,IAAI,cAAc;;;AEhCxC,IAAM,aAAa,wBAAC,iBAAqC;AAC9D,gBAAc,gBAAgB,YAAY;AAC5C,GAF0B;AAInB,IAAM,uBAAuB,mCAA8B;AAChE,SAAO,cAAc,UAAU,KAAM,MAAM,cAAc,WAAW;AACtE,GAFoC;;;ACPpC,IAAAA,oBAA4C;AAC5C,IAAAC,uBAA2B;;;ACD3B,sBAAiD;AACjD,IAAAC,uBAAiD;;;ACDjD,qBAAwB;AAGjB,IAAM,WAAN,MAAM,SAAQ;AAcrB;AAdqB;AAEnB;AAAA,MADC,wBAAQ;AAAA,GADE,SAEX;AAGA;AAAA,MADC,wBAAQ;AAAA,GAJE,SAKX;AAGA;AAAA,MADC,wBAAQ;AAAA,GAPE,SAQX;AAGA;AAAA,MADC,wBAAQ;AAAA,GAVE,SAWX;AAXK,IAAM,UAAN;;;ACHP,UAAqB;AACrB,0BAAqC;AACrC,oBAAmB;AAanB,IAAM,UAAU;AAAA,EACd,IAAQ,WAAO,EAAE,KAAK,wBAAwB;AAAA,EAC9C,OACG,WAAO,EACP,MAAM,sBAAsB,EAC5B,IAAI,KAAK,oCAAoC;AAAA,EAChD,MACG,WAAO,EACP,SAAS,kBAAkB,EAC3B,IAAI,GAAG,yCAAyC,EAChD,IAAI,IAAI,kCAAkC,EAC1C,QAAQ,iBAAiB,2CAA2C;AAAA,EACvE,UACG,WAAO,EACP,SAAS,mBAAmB,EAC5B,IAAI,GAAG,oBAAoB,EAC3B,IAAI,KAAK,mBAAmB,EAC5B;AAAA,IACC;AAAA,IACA;AAAA,EACF;AAAA,EACF,MACG,WAAO,EACP,SAAS,kBAAkB,EAC3B,MAAM,OAAO,OAAO,4BAAQ,GAAG,wBAAwB;AAC5D;AAEO,IAAM,gBAAgB,8BAC3B,OACA,eACwB;AACxB,MAAI;AACF,UAAM,QAAQ,MAAM,SAAS,OAAO,KAAK,EAAE,YAAY,CAAC;AACxD,UAAM,OAAO,MAAM,WAAW,YAAY,KAAK;AAC/C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT,SAAS,OAAY;AACnB,UAAM,IAAI,gBAAgB,MAAM,WAAW,sBAAsB;AAAA,EACnE;AACF,GAhB6B;AAkBtB,IAAM,mBAAmB,8BAAO,aAAqC;AAC1E,MAAI,UAAU;AACZ,QAAI;AACF,YAAM,QAAQ,SAAS,SAAS,QAAQ;AAAA,IAC1C,SAAS,OAAY;AACnB,YAAM,IAAI,gBAAgB,MAAM,WAAW,yBAAyB;AAAA,IACtE;AAAA,EACF;AACF,GARgC;AAUzB,IAAM,0BAA0B,8BACrC,YACA,OACA,kBACkB;AAClB,MAAI;AACF,UAAM,QAAQ,MAAM,SAAS,OAAO,KAAK,EAAE,YAAY,CAAC;AAExD,UAAM,eAAe,MAAM,WAAW,YAAY,KAAK;AAEvD,QAAI,CAAC,aAAc;AACnB,QAAI,aAAa,OAAO,cAAe;AAEvC,UAAM,IAAI,gBAAgB,SAAS,KAAK,qBAAqB;AAAA,EAC/D,SAAS,OAAY;AACnB,QAAI,iBAAiB,iBAAiB;AACpC,YAAM;AAAA,IACR;AACA,UAAM,IAAI,gBAAgB,8BAA8B;AAAA,EAC1D;AACF,GApBuC;AAsBhC,IAAM,sBAAsB,8BACjC,MACA,eACkB;AAClB,QAAM,EAAE,MAAM,OAAO,MAAM,SAAS,IAAI;AAExC,QAAM,QAAQ,IAAI;AAAA,IAChB,QAAQ,KAAK,SAAS,IAAI;AAAA,IAC1B,QAAQ,KAAK,SAAS,IAAI;AAAA,IAC1B,wBAAwB,YAAY,KAAK;AAAA,IACzC,iBAAiB,QAAQ;AAAA,EAC3B,CAAC;AACH,GAZmC;AAc5B,IAAM,mBAAmB,8BAC9B,MACA,eACwB;AACxB,QAAM,EAAE,OAAO,MAAM,SAAS,IAAI;AAElC,QAAM,QAAQ,IAAI,CAAC,QAAQ,KAAK,SAAS,IAAI,GAAG,QAAQ,SAAS,SAAS,QAAQ,CAAC,CAAC;AAEpF,QAAM,OAAO,MAAM,cAAc,OAAO,UAAU;AAClD,MAAI,CAAC,QAAQ,CAAC,KAAK,UAAU;AAC3B,UAAM,IAAI,cAAc,qBAAqB;AAAA,EAC/C;AAEA,QAAM,UAAU,MAAM,cAAAC,QAAO,QAAQ,UAAU,KAAK,QAAQ;AAC5D,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,eAAe,qBAAqB;AAAA,EAChD;AAEA,SAAO;AACT,GAnBgC;AAqBzB,IAAM,sBAAsB,8BACjC,mBACkB;AAClB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,gBAAgB,4BAA4B;AAAA,EACxD;AAEA,MAAI;AACF,UAAM,SAAS,MAAM,qBAAqB;AAE1C,QAAI,CAAC,OAAO,qBAAqB;AAC/B,YAAM,IAAI,gBAAgB,2CAA2C;AAAA,IACvE;AAEA,QAAI,SAAS,cAAc,MAAM,SAAS,OAAO,mBAAmB,GAAG;AACrE,YAAM,IAAI,gBAAgB,wBAAwB;AAAA,IACpD;AAAA,EACF,SAAS,OAAO;AACd,QAAI,iBAAiB,iBAAiB;AACpC,YAAM;AAAA,IACR;AACA,UAAM,IAAI,gBAAgB,iCAAiC;AAAA,EAC7D;AACF,GAvBmC;;;AC/HnC,IAAAC,eAA6B;AAC7B,IAAAC,kBAAwB;;;ACDxB,kBAAsD;AACtD,IAAAC,uBAAuC;;;ACChC,IAAM,eAAN,MAAM,aAAY;AAMzB;AANyB;AAAlB,IAAM,cAAN;;;ADIA,SAAS,mBAAmBC,SAAsB;AACrD;AAAA,IACIA;AAAA,IACA;AAAA,IACA;AAAA,QACA,uBAAU,UAAQ,KAAK,WAAO,qBAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,QACvD,uBAAU,UAAQ,KAAK,cAAU,qBAAQ,SAAO,IAAI,QAAQ,CAAC;AAAA,QAC7D,uBAAU,UAAQ,KAAK,UAAM,qBAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAE1D;AAAA,IACIA;AAAA,IACA;AAAA,IACA;AAAA,QACA,uBAAU,UAAQ,KAAK,UAAM,qBAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,QACrD,uBAAU,UAAQ,KAAK,WAAO,qBAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,QACvD,uBAAU,UAAQ,KAAK,UAAM,qBAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAE1D;AAAA,IACIA;AAAA,IACA;AAAA,IACA;AAAA,QACA,uBAAU,UAAQ,KAAK,QAAI,qBAAQ,SAAO,IAAI,EAAE,CAAC;AAAA,QACjD,uBAAU,UAAQ,KAAK,UAAM,qBAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,QACrD,uBAAU,UAAQ,KAAK,WAAO,qBAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,QACvD,uBAAU,UAAQ,KAAK,UAAM,qBAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAC9D;AAzBgB;;;ADDT,IAAM,aAAS,2BAAa;AAAA,EACjC,yBAAqB,yBAAQ;AAC/B,CAAC;AAED,mBAAmB,MAAM;;;AHWlB,IAAM,gBAAN,MAAM,cAAqC;AAAA,EAIhD,YACE,YACA,aACA;AACA,SAAK,aAAa;AAClB,SAAK,cAAc;AAAA,EACrB;AAAA,EAEA,MAAa,aAA4B;AACvC,cAAM,oCAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAM,QAAQ,UAAoB,eAAgD;AAChF,UAAM,OAAO,MAAM,KAAK,cAAc,UAAU,aAAa;AAC7D,UAAM,QAAQ,MAAM,KAAK,qBAAqB,IAAI;AAClD,UAAM,UAAU,KAAK,aAAa,KAAK,IAAI;AAE3C,WAAO,EAAE,OAAO,MAAM,QAAQ;AAAA,EAChC;AAAA,EAEA,MAAc,cACZ,UACA,eACqB;AACrB,UAAM,OAAO,MAAM,iBAAiB,UAAU,KAAK,UAAU;AAE7D,QAAI,SAAS,SAAS,8BAAS,SAAS,eAAe;AACrD,YAAM,oBAAoB,aAAa;AAAA,IACzC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,qBAAqB,MAAsC;AACvE,UAAM,QAAQ,KAAK,eAAe,IAAI;AACtC,UAAM,KAAK,iBAAiB,IAAI;AAChC,UAAM,KAAK,uBAAuB,MAAM,MAAM,YAAY;AAE1D,WAAO;AAAA,EACT;AAAA,EAEQ,eAAe,MAA6B;AAClD,WAAO;AAAA,MACL,aAAa,KAAK,YAAY,oBAAoB,KAAK,IAAI;AAAA,MAC3D,cAAc,KAAK,YAAY,qBAAqB,KAAK,IAAI;AAAA,IAC/D;AAAA,EACF;AAAA,EAEA,MAAc,iBAAiB,MAAiC;AAC9D,SAAK,KAAK,cAAc,oBAAI,KAAK;AACjC,SAAK,KAAK,WAAW;AACrB,UAAM,KAAK,WAAW,OAAO,KAAK,IAAI,IAAI;AAAA,EAC5C;AAAA,EAEA,MAAc,uBACZ,MACA,cACe;AACf,SAAK,eAAe;AACpB,UAAM,KAAK,WAAW,OAAO,KAAK,IAAI,EAAE,aAAa,CAAC;AAAA,EACxD;AAAA,EAEQ,aAAa,MAA2B;AAC9C,WAAO,OAAO,IAAI,MAAM,iCAAY,OAAO;AAAA,EAC7C;AACF;AArEkD;AAA3C,IAAM,eAAN;;;AMpBP,IAAAC,mBAAiD;AAM1C,IAAM,iBAAN,MAAM,eAAsC;AAAA,EAG/C,YAAY,YAA4B;AACpC,SAAK,aAAa;AAAA,EACtB;AAAA,EAEA,MAAa,aAA4B;AACrC,cAAM,qCAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACrF;AAAA,EAEA,MAAM,QAAQ,QAA+B;AACzC,QAAI;AACA,YAAM,KAAK,WAAW,OAAO,MAAM;AAAA,IACvC,SAAS,OAAO;AACZ,UAAI,cAAc,gBAAgB;AAAA,IACtC;AAAA,EACJ;AACJ;AAlBmD;AAA5C,IAAM,gBAAN;;;ACNP,IAAAC,mBAAiD;AACjD,IAAAC,UAAwB;AACxB,IAAAC,uBAAiD;AAS1C,IAAM,mBAAN,MAAM,iBAAwC;AAAA,EAInD,YAAY,YAA4B;AAFxC,SAAiB,cAAc;AAG7B,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAa,aAA4B;AACvC,cAAM,qCAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAa,QACX,OACA,MACA,UACA,OAAiB,8BAAS,OAC1B,eACiC;AACjC,QAAI;AAEF,YAAM,gBAAgB,KAAK,iBAAiB;AAAA,QAC1C;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF,CAAC;AAED,UAAI,SAAS,8BAAS,SAAS,eAAe;AAC5C,cAAM,oBAAoB,aAAa;AAAA,MACzC;AAEA,YAAM,oBAAoB,eAAe,KAAK,UAAU;AAExD,YAAM,iBAAiB,MAAM,KAAK,aAAa,cAAc,QAAQ;AACrE,YAAM,aAAa,MAAM,KAAK;AAAA,QAC5B;AAAA,QACA;AAAA,MACF;AAEA,aAAO,MAAM,KAAK,WAAW,OAAO,UAAU;AAAA,IAChD,SAAS,OAAY;AACnB,YAAM,IAAI,kBAAkB,wBAAwB,MAAM,OAAO,EAAE;AAAA,IACrE;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA+B;AACtD,WAAO;AAAA,MACL,MAAM,IAAI,KAAK,KAAK;AAAA,MACpB,OAAO,IAAI,MAAM,KAAK,EAAE,YAAY;AAAA,MACpC,MAAM,IAAI;AAAA,MACV,UAAU,IAAI,SAAS,KAAK;AAAA,MAC5B,eAAe,IAAI,eAAe,KAAK;AAAA,IACzC;AAAA,EACF;AAAA,EAEA,MAAc,aAAa,UAAmC;AAC5D,WAAO,MAAa,aAAK,UAAU,KAAK,WAAW;AAAA,EACrD;AAAA,EAEA,MAAc,iBAAiB,KAAkB,gBAA6C;AAC5F,UAAM,aAAa,OAAO,IAAI,KAAK,aAAa,+BAAU;AAC1D,UAAM,aAAa,OAAO,IAAI,KAAK,aAAa,+BAAU;AAE1D,eAAW,WAAW;AACtB,eAAW,eAAe;AAC1B,eAAW,OAAO;AAClB,eAAW,KAAK,YAAY;AAE5B,WAAO;AAAA,EACT;AACF;AAxEqD;AAA9C,IAAM,kBAAN;;;ACXP,IAAAC,mBAAiD;AAO1C,IAAM,uBAAN,MAAM,qBAA4C;AAAA,EAIvD,YAAY,YAA4B,SAAyB;AAC/D,SAAK,aAAa;AAClB,SAAK,UAAU;AAAA,EACjB;AAAA,EAEA,MAAa,aAA4B;AACvC,cAAM,qCAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAM,QACJ,cAC+D;AAC/D,QAAI;AACF,YAAM,UAAU,MAAM,KAAK,QAAQ,mBAAmB,YAAY;AAElE,YAAM,OAAO,QAAQ,SACjB,MAAM,KAAK,WAAW,SAAS,QAAQ,MAAM,IAC7C;AAEJ,UAAI,CAAC,QAAQ,KAAK,iBAAiB,cAAc;AAC/C,eAAO;AAAA,MACT;AAEA,YAAM,cAAc,KAAK,QAAQ,oBAAoB,KAAK,IAAI;AAC9D,YAAM,kBAAkB,KAAK,QAAQ,qBAAqB,KAAK,IAAI;AAEnE,YAAM,KAAK,WAAW,OAAO,KAAK,IAAI;AAAA,QACpC,cAAc;AAAA,MAChB,CAAC;AAED,aAAO,EAAE,aAAa,cAAc,gBAAgB;AAAA,IACtD,SAAS,OAAO;AACd,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,OAAuC;AACvD,WAAO,MAAM,KAAK,QAAQ,kBAAkB,KAAK;AAAA,EACnD;AACF;AA3CyD;AAAlD,IAAM,sBAAN;;;ACCA,IAAM,yBAAN,MAAM,uBAA6C;AAAA,EAKxD,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EACxB;AAAA,EACA,MAAM,aAA4B;AAChC,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MAChB,KAAK,iBAAiB,WAAW;AAAA,IACnC,CAAC;AAED,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEA,MAAM,QAAQ,QAAkD;AAC9D,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,eAAe,gBAAgB;AAAA,IAC3C;AAEA,QAAI,KAAK,kBAAkB;AACzB,YAAM,IAAI,eAAe,8CAA8C;AAAA,IACzE;AAEA,UAAM,EAAE,QAAQ,WAAW,IAAI,KAAK,iBAAiB,eAAe,KAAK,KAAK;AAC9E,UAAM,YAAY,MAAM,KAAK,iBAAiB,eAAe,UAAU;AAEvE,UAAM,KAAK,eAAe,sBAAsB,QAAQ,MAAM;AAE9D,WAAO,EAAE,QAAQ,YAAY,UAAU;AAAA,EACzC;AACF;AAzC0D;AAAnD,IAAM,wBAAN;;;ACRP,IAAAC,mBAAiD;AAO1C,IAAM,0BAAN,MAAM,wBAA8C;AAAA,EAKzD,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EAExB;AAAA,EACA,MAAM,aAA4B;AAC9B,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,UACjC,qCAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AAED,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEF,MAAM,QAAQ,QAAgB,KAAsC;AAClE,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,EAAE,MAAM,IAAI;AAElB,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,eAAe,mBAAmB;AAAA,IAC9C;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,QAAQ,CAAC,KAAK,iBAAiB;AAClC,YAAM,IAAI,eAAe,+CAA+C;AAAA,IAC1E;AAEA,QAAI,KAAK,kBAAkB;AACzB,YAAM,IAAI,eAAe,8CAA8C;AAAA,IACzE;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACtD;AAEA,UAAM,KAAK,eAAe,gBAAgB,KAAK,EAAE;AAAA,EACnD;AACF;AAlD2D;AAApD,IAAM,yBAAN;;;ACPP,IAAAC,mBAAiD;AAQ1C,IAAM,0BAAN,MAAM,wBAA8C;AAAA,EAMvD,YACI,kBACA,gBACA,YACF;AANF,SAAQ,gBAAgB;AAOpB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AACtB,SAAK,aAAa;AAAA,EACtB;AAAA,EACA,MAAM,aAA4B;AAC9B,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,MACjC,KAAK,WAAW,WAAW;AAAA,UAC3B,qCAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AACT;AACQ,SAAK,gBAAgB;AAAA,EACzB;AAAA,EAEA,MAAM,QAAQ,KAAyE;AACnF,QAAI,CAAC,KAAK,eAAe;AACrB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEF,UAAM,EAAE,QAAQ,MAAM,IAAI;AAE1B,QAAI,CAAC,UAAU,CAAC,OAAO;AACnB,YAAM,IAAI,eAAe,gCAAgC;AAAA,IAC7D;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,YAAQ,IAAI,QAAQ,IAAI;AAGxB,QAAI,CAAC,QAAQ,CAAC,KAAK,mBAAmB,CAAC,KAAK,kBAAkB;AAC1D,YAAM,IAAI,eAAe,iBAAiB;AAAA,IAC9C;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACV,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACxD;AAEA,WAAO;AAAA,MACH,OAAO,KAAK,WAAW,oBAAoB,KAAK,IAAI;AAAA,MACpD,cAAc,KAAK,WAAW,qBAAqB,KAAK,IAAI;AAAA,IAChE;AAAA,EACJ;AACJ;AA1D2D;AAApD,IAAM,yBAAN;;;ACRP,IAAAC,mBAAiD;AAQ1C,IAAM,2BAAN,MAAM,yBAA+C;AAAA,EAK1D,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EACxB;AAAA,EACA,MAAM,aAA4B;AAChC,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,UACjC,qCAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AACL;AACI,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEA,MAAM,QAAQ,QAAgB,KAAsC;AAClE,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,EAAE,MAAM,IAAI;AAElB,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,QAAQ,CAAC,KAAK,mBAAmB,CAAC,KAAK,kBAAkB;AAC5D,YAAM,IAAI,eAAe,0CAA0C;AAAA,IACrE;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACtD;AAEA,UAAM,KAAK,eAAe,iBAAiB,MAAM;AAAA,EACnD;AACF;AAzC4D;AAArD,IAAM,0BAAN;;;ACYA,IAAM,kBAAN,MAAM,gBAAe;AAAA,EAW1B,YACE,cACA,eACA,iBACA,qBACA,uBACA,wBACA,wBACA,yBACA;AAWF,iBAAQ,8BAAO,KAAc,KAAe,SAAuB;AACjE,UAAI;AACF,cAAM,EAAE,eAAe,GAAG,SAAS,IAAc,IAAI;AACrD,cAAM,SAAS,MAAM,KAAK,aAAa,QAAQ,UAAU,aAAa;AACtE,YAAI,OAAO,GAAG,EAAE,KAAK,MAAM;AAAA,MAC7B,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GARQ;AAUR,kBAAS,8BACP,KACA,KACA,SACkB;AAClB,UAAI;AACF,cAAM,KAAK,cAAc,QAAQ,IAAI,OAAO,EAAE;AAC9C,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0BAA0B,CAAC;AAAA,MAC7D,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXS;AAaT,oBAAW,8BACT,KACA,KACA,SACkB;AAClB,UAAI;AACF,cAAM,EAAE,OAAO,MAAM,UAAU,MAAM,cAAc,IAAiB,IAAI;AACxE,cAAM,KAAK,gBAAgB,QAAQ,OAAO,MAAM,UAAU,MAAM,aAAa;AAAA,MAC/E,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXW;AAaX,wBAAe,8BAAO,KAAc,QAAkB;AACpD,YAAM,EAAE,aAAa,IAA0B,IAAI;AACnD,YAAM,SAAS,MAAM,KAAK,oBAAoB,QAAQ,YAAY;AAClE,UAAI,KAAK,MAAM;AAAA,IACjB,GAJe;AAMf,uBAAc,8BAAO,UAA0C;AAC7D,aAAO,MAAM,KAAK,oBAAoB,YAAY,KAAK;AAAA,IACzD,GAFc;AAId,oBAAW,8BAAO,KAAc,KAAe,SAAuB;AACpE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,SAAS,MAAM,KAAK,sBAAsB,QAAQ,MAAM;AAC9D,YAAI,OAAO,GAAG,EAAE,KAAK,MAAM;AAAA,MAC7B,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GARW;AAUX,qBAAY,8BAAO,KAAc,KAAe,SAAuB;AACrE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,MAAwB,IAAI;AAClC,cAAM,KAAK,uBAAuB,QAAQ,QAAQ,GAAG;AACrD,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0DAA0D,CAAC;AAAA,MAC7F,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GATY;AAWZ,qBAAY,8BAAO,KAAc,KAAe,SAAuB;AACrE,UAAI;AACF,cAAM,MAAwB,IAAI;AAClC,cAAM,SAAS,MAAM,KAAK,uBAAuB,QAAQ,GAAG;AAC5D,YAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UACnB,SAAS;AAAA,UACT,GAAG;AAAA,QACL,CAAC;AAAA,MACH,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXY;AAaZ,sBAAa,8BAAO,KAAc,KAAe,SAAuB;AACtE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,MAAwB,IAAI;AAClC,cAAM,KAAK,wBAAwB,QAAQ,QAAQ,GAAG;AACtD,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,2DAA2D,CAAC;AAAA,MAC9F,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GATa;AA1FX,SAAK,eAAe;AACpB,SAAK,gBAAgB;AACrB,SAAK,kBAAkB;AACvB,SAAK,sBAAsB;AAC3B,SAAK,wBAAwB;AAC7B,SAAK,yBAAyB;AAC9B,SAAK,yBAAyB;AAC9B,SAAK,0BAA0B;AAAA,EACjC;AA4FF;AAzH4B;AAArB,IAAM,iBAAN;;;ACjBA,IAAM,sBAAN,MAAM,oBAAmB;AAAA,EAG9B,YAAY,YAA4B;AACtC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAa,QAAQ,KAAc,KAAe,MAAoB;AACpE,QAAI;AACF,YAAM,QAAQ,IAAI,QAAQ,eAAe,MAAM,GAAG,EAAE,CAAC;AAErD,UAAI,CAAC,OAAO;AACV,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0BAA0B,CAAC;AAAA,MACpE;AAEA,YAAM,UAAU,MAAM,KAAK,WAAW,kBAAkB,KAAK;AAE7D,UAAI,CAAC,QAAQ,wBAAwB;AACnC,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UAC1B,SAAS;AAAA,UACT,MAAM;AAAA,UACN,QAAQ,QAAQ;AAAA,QAClB,CAAC;AAAA,MACH;AAEA,UAAI,OAAO,EAAE,GAAG,SAAS,wBAAwB,KAAK;AACtD,WAAK;AAAA,IACP,SAAS,OAAO;AACd,aAAO,IAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACrE;AAAA,EACF;AACF;AA/BgC;AAAzB,IAAM,qBAAN;;;ACHP,IAAAC,mBAAwD;AAKjD,IAAM,kBAAN,MAAM,wBACH,gCACuC;AAAA,EAC/C,YAAY,YAAoC;AAC9C,UAAM,UAAU;AAAA,EAClB;AAAA,EAEA,MAAM,YAAY,OAA2C;AAC3D,UAAM,QAAQ,KAAK,WAChB,mBAAmB,MAAM,EACzB,kBAAkB,aAAa,MAAM,EACrC,UAAU,eAAe,EACzB,MAAM,uBAAuB,EAAE,MAAM,CAAC;AAEzC,WAAO,MAAM,MAAM,OAAO;AAAA,EAC5B;AAAA,EAEA,MAAM,OAAO,QAA4D;AACvE,WAAO,MAAM,OAAO,MAAM;AAAA,EAC5B;AAAA,EAEA,MAAM,aAAa,QAA4C;AAC7D,UAAM,QAAQ,KAAK,WAChB,mBAAmB,MAAM,EACzB,kBAAkB,aAAa,MAAM,EACrC,UAAU,wBAAwB,EAClC,MAAM,qBAAqB,EAAE,OAAO,CAAC;AAEtC,UAAM,SAAS,MAAM,MAAM,OAAO;AAClC,YAAQ,IAAI,UAAU,MAAM;AAE9B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,OAAO,QAA+B;AAC1C,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,SAAK,eAAe;AACpB,SAAK,KAAK,WAAW;AAErB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,sBAAsB,QAAgB,QAA+B;AACzE,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,SAAK,kBAAkB;AAEvB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,gBAAgB,QAA+B;AACnD,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,QAAI,CAAC,KAAK,iBAAiB;AACzB,YAAM,IAAI,cAAc,2BAA2B;AAAA,IACrD;AAEA,SAAK,mBAAmB;AAExB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,iBAAiB,QAA+B;AACpD,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,SAAK,mBAAmB;AACxB,SAAK,kBAAkB;AAEvB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,mBAAmB,QAAkC;AACzD,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,WAAO,CAAC,CAAC,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,mBAAmB,QAAwC;AAC/D,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,WAAO,KAAK;AAAA,EACd;AACF;AAnGiD;AAF1C,IAAM,iBAAN;;;ACLP,UAAqB;AAErB,IAAAC,UAAwB;AACxB,IAAAC,mBAAiD;AAiB1C,IAAM,kBAAN,MAAM,gBAAqD;AAAA,EAGhE,YAA6B,YAA4B,QAAqB;AAAjD;AAC3B,SAAK,WAAW,MAAM;AAAA,EACxB;AAAA,EAEA,MAAc,WAAW,QAAqB;AAC5C,UAAM,aAAa,MAAM,qBAAqB;AAE9C,SAAK,YAAY;AAAA,MACf,mBAAmB,WAAW;AAAA,MAC9B,oBAAoB,WAAW;AAAA,MAC/B,mBAAoB,SAAS,WAAW,mBAAmB,EAAE;AAAA,MAC7D,oBAAoB,SAAS,WAAW,oBAAoB,EAAE;AAAA,MAC9D,GAAG;AAAA,IACL;AAEA,SAAK,sBAAsB;AAAA,EAC7B;AAAA,EAEA,MAAM,aAA4B;AAChC,cAAM,qCAAmB,KAAK,YAAY,UAAQ,KAAK,OAAO,CAAC;AAAA,EACjE;AAAA,EAEQ,wBAA8B;AACpC,QAAI,CAAC,KAAK,WAAW,qBAAqB,CAAC,KAAK,WAAW,oBAAoB;AAC7E,YAAM,IAAI,SAAS,gCAAgC;AAAA,IACrD;AAAA,EACF;AAAA,EAEA,MAAM,aAAa,OAAe,UAA8C;AAC9E,UAAM,OAAO,MAAM,KAAK,WAAW,YAAY,KAAK;AACpD,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,qBAAqB;AAAA,IAC/C;AAEA,UAAM,gBAAgB,MAAa,gBAAQ,UAAU,KAAK,QAAQ;AAClE,QAAI,CAAC,eAAe;AAClB,YAAM,IAAI,eAAe,qBAAqB;AAAA,IAChD;AAEA,WAAO;AAAA,EACT;AAAA,EAEQ,kBAAkB;AACxB,QAAI,CAAC,KAAK,UAAW,OAAM,IAAI,SAAS,uBAAuB;AAAA,EACjE;AAAA,EAEA,oBAAoB,MAA0B;AAC5C,SAAK,gBAAgB;AACrB,WAAW;AAAA,MACT,EAAE,QAAQ,KAAK,IAAI,OAAO,KAAK,OAAO,MAAM,KAAK,KAAK;AAAA,MACtD,KAAK,UAAW;AAAA,MAChB,EAAE,WAAW,KAAK,UAAW,kBAAkB;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,qBAAqB,MAA0B;AAC7C,SAAK,gBAAgB;AACrB,WAAW;AAAA,MACT,EAAE,QAAQ,KAAK,GAAG;AAAA,MAClB,KAAK,UAAW;AAAA,MAChB,EAAE,WAAW,KAAK,UAAW,mBAAmB;AAAA,IAClD;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,OAAe,QAAwC;AACvE,QAAI;AACF,aAAW,WAAO,OAAO,MAAM;AAAA,IACjC,QAAQ;AACN,YAAM,IAAI,kBAAkB;AAAA,IAC9B;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,OAAuC;AAC7D,SAAK,gBAAgB;AACrB,WAAO,KAAK,YAAY,OAAO,KAAK,UAAW,iBAAiB;AAAA,EAClE;AAAA,EAEA,MAAM,mBAAmB,OAAuC;AAC9D,SAAK,gBAAgB;AACrB,WAAO,KAAK,YAAY,OAAO,KAAK,UAAW,kBAAkB;AAAA,EACnE;AACF;AApFkE;AAA3D,IAAM,iBAAN;;;ACpBP,gBAA2B;AAC3B,aAAwB;AAIjB,IAAM,oBAAN,MAAM,kBAAyC;AAAA,EASpD,YAAY,QAAiB;AAP7B,SAAQ,cAAuB;AAQ7B,SAAK,SAAS;AAEd,SAAK,kBAAkB;AAAA,MACrB,aAAa,SAAS,OAAO,WAAW,KAAK;AAAA,MAC7C,cAAc,SAAS,OAAO,YAAY,KAAK;AAAA,MAC/C,eAAe;AAAA,QACb,sBAAsB;AAAA,QACtB,QAAQ;AAAA,QACR,OAAO;AAAA,QACP,OAAO;AAAA,UACL,MAAM;AAAA,UACN,OAAO;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,KAAK,YAAa;AAEtB,QAAI;AACF,WAAK,sBAAsB;AAC3B,WAAK,cAAc;AAAA,IACrB,SAAS,OAAO;AACd,cAAQ,MAAM,2CAA2C,KAAK;AAC9D,YAAM,IAAI,MAAM,uCAAuC;AAAA,IACzD;AAAA,EACF;AAAA,EAEQ,wBAA8B;AACpC,QAAI,CAAC,KAAK,OAAO,UAAU,KAAK,GAAG;AACjC,YAAM,IAAI,MAAM,yDAAyD;AAAA,IAC3E;AAEA,QAAI,KAAK,gBAAgB,eAAe,IAAI;AAC1C,YAAM,IAAI,MAAM,8CAA8C;AAAA,IAChE;AAEA,QAAI,KAAK,gBAAgB,cAAc,KAAK,KAAK,gBAAgB,cAAc,GAAG;AAChF,YAAM,IAAI,MAAM,mDAAmD;AAAA,IACrE;AAAA,EACF;AAAA,EAEQ,oBAA0B;AAChC,QAAI,CAAC,KAAK,aAAa;AACrB,YAAM,IAAI,MAAM,iDAAiD;AAAA,IACnE;AAAA,EACF;AAAA,EAEO,eAAe,OAAuD;AAC3E,SAAK,kBAAkB;AAEvB,QAAI;AACF,YAAM,YAAsB,yBAAe;AAAA,QACzC,QAAQ,KAAK,gBAAgB;AAAA,QAC7B,MAAM,GAAG,KAAK,OAAO,QAAQ,IAAI,KAAK;AAAA,QACtC,QAAQ,KAAK,OAAO;AAAA,MACtB,CAAC;AAED,aAAO;AAAA,QACL,QAAQ,UAAU;AAAA,QAClB,YAAY,UAAU,eAAe;AAAA,MACvC;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,gCAAgC,KAAK;AACnD,YAAM,IAAI,MAAM,+BAA+B;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,MAAa,eAAe,YAAqC;AAC/D,SAAK,kBAAkB;AAEvB,QAAI;AACF,aAAO,MAAa,iBAAU,YAAY,KAAK,gBAAgB,aAAa;AAAA,IAC9E,SAAS,OAAO;AACd,cAAQ,MAAM,8BAA8B,KAAK;AACjD,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAAA,EACF;AAAA,EAEO,YAAY,OAAe,QAAyB;AACzD,SAAK,kBAAkB;AAEvB,QAAI;AACF,aAAiB,eAAK,OAAO;AAAA,QAC3B;AAAA,QACA,UAAU;AAAA,QACV;AAAA,QACA,QAAQ,KAAK,gBAAgB;AAAA,MAC/B,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,8BAA8B,KAAK;AACjD,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAAA,EACF;AACF;AAzGsD;AAA/C,IAAM,mBAAN;;;AlBeP,eAAe,oBAAoB,UAAwB;AACzD,QAAM,YAAY,IAAI,gCAAc,EAAE,SAAS,CAAC;AAEhD,QAAM,iBAAiB,IAAI;AAAA,IACzB,SAAS,cAAc,+BAAU;AAAA,EACnC;AACA,YAAU,mBAA+B,kBAAkB,cAAc;AAEzE,QAAM,iBAAiB,IAAI,eAAe,cAAc;AACxD,YAAU,gBAAgB,kBAAkB,cAAc;AAE1D,QAAM,aAAa,MAAM,qBAAqB;AAE9C,QAAM,mBAAmB,IAAI,iBAAiB,UAAU;AACxD,YAAU,gBAAgB,oBAAoB,gBAAgB;AAE9D,QAAM,qBAAqB,IAAI,mBAAmB,cAAc;AAEhE,QAAM,eAAe,IAAI,aAAa,gBAAgB,cAAc;AACpE,QAAM,gBAAgB,IAAI,cAAc,cAAc;AACtD,QAAM,kBAAkB,IAAI,gBAAgB,cAAc;AAC1D,QAAM,sBAAsB,IAAI;AAAA,IAC9B;AAAA,IACA;AAAA,EACF;AAEA,QAAM,wBAAwB,IAAI,sBAAsB,kBAAkB,cAAc;AACxF,QAAM,yBAAyB,IAAI,uBAAuB,kBAAkB,cAAc;AAC1F,QAAM,yBAAyB,IAAI;AAAA,IACjC;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACA,QAAM,0BAA0B,IAAI,wBAAwB,kBAAkB,cAAc;AAE5F,YAAU,gBAAgB,gBAAgB,YAAY;AACtD,YAAU,gBAAgB,iBAAiB,aAAa;AACxD,YAAU,gBAAgB,mBAAmB,eAAe;AAC5D,YAAU,gBAAgB,uBAAuB,mBAAmB;AACpE,YAAU,gBAAgB,yBAAyB,qBAAqB;AACxE,YAAU,gBAAgB,0BAA0B,sBAAsB;AAC1E,YAAU,gBAAgB,0BAA0B,sBAAsB;AAC1E,YAAU,gBAAgB,2BAA2B,uBAAuB;AAE5E,QAAM,iBAAiB,IAAI;AAAA,IACzB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,SAAO,EAAE,WAAW,gBAAgB,mBAAmB;AACzD;AAxDe;","names":["import_cca_core","import_cca_entities","import_cca_entities","bcrypt","import_core","import_classes","import_cca_entities","mapper","import_cca_core","import_cca_core","bcrypt","import_cca_entities","import_cca_core","import_cca_core","import_cca_core","import_cca_core","import_cca_core","bcrypt","import_cca_core"]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/application/config/ConfigManager.ts","../src/utils/Errors.ts","../src/application/service/utils/configInstance.ts","../src/infrastructure/container/createAuthContainer.ts","../src/application/useCase/LoginUseCase.ts","../src/application/dtos/UserDTO.ts","../src/application/validators/authValidation.ts","../src/application/mappers/utils/mapper.ts","../src/application/mappers/createUserMappings.ts","../src/application/dtos/RegisterDTO.ts","../src/application/useCase/LogoutUseCase.ts","../src/application/useCase/RegisterUseCase.ts","../src/application/useCase/RefreshTokenUseCase.ts","../src/application/useCase/TwoFactorSetupUseCase.ts","../src/application/useCase/TwoFactorEnableUseCase.ts","../src/application/useCase/TwoFactorVerifyUseCase.ts","../src/application/useCase/TwoFactorDisableUseCase.ts","../src/presentation/controller/AuthController.ts","../src/presentation/middleware/RequireComplete2FA.ts","../src/infrastructure/repository/AuthRepository.ts","../src/infrastructure/services/JwtAuthService.ts","../src/infrastructure/services/TwoFactorService.ts"],"sourcesContent":["import { authConfig } from \"./application/service/utils/configInstance\";\r\nimport { ConfigSource, IConfig } from \"./domain/interfaces/configTypes\";\r\nimport { createAuthContainer } from \"./infrastructure/container/createAuthContainer\";\r\nimport { AuthController } from \"./presentation/controller/AuthController\";\r\n\r\nexport { createAuthContainer, AuthController, authConfig, ConfigSource, IConfig };\r\n","import { EventEmitter } from \"events\";\r\nimport { IConfig, ConfigSource } from \"../../domain/interfaces/configTypes\";\r\nimport { ConfigNotFoundException } from \"../../utils/Errors\";\r\n\r\nexport class ConfigManager extends EventEmitter {\r\n private config?: IConfig;\r\n private configSource?: ConfigSource;\r\n\r\n setConfigSource(source: ConfigSource): void {\r\n this.configSource = source;\r\n }\r\n\r\n setConfig(cfg: IConfig): void {\r\n this.config = { ...cfg };\r\n this.emit(\"configAvailable\", this.config);\r\n }\r\n\r\n getConfig(): IConfig | undefined {\r\n return this.config;\r\n }\r\n\r\n async loadConfig(): Promise<IConfig> {\r\n if (!this.configSource) {\r\n throw new ConfigNotFoundException(\"Config source not set\");\r\n }\r\n try {\r\n const config = await this.configSource();\r\n this.setConfig(config);\r\n return config;\r\n } catch (error) {\r\n throw new ConfigNotFoundException(\"Error loading configuration\");\r\n }\r\n }\r\n}\r\n\r\nexport const configManager = new ConfigManager();\r\n","export class AppError extends Error {\r\n constructor(\r\n public message: string,\r\n public statusCode: number = 500,\r\n public name: string = \"AppError\"\r\n ) {\r\n super(message);\r\n Object.setPrototypeOf(this, new.target.prototype);\r\n Error.captureStackTrace(this);\r\n }\r\n}\r\n\r\nexport class ValidationError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"ValidationError\";\r\n }\r\n}\r\n\r\nexport class ConfigNotFoundException extends AppError {\r\n constructor(message: string) {\r\n super(message);\r\n this.name = \"ConfigNotFoundException\";\r\n }\r\n}\r\n\r\nexport class NotFoundError extends AppError {\r\n constructor(message: string) {\r\n super(message, 404, \"UserNotFoundError\");\r\n }\r\n}\r\n\r\nexport class ForbiddenError extends AppError {\r\n constructor(message: string = \"Forbidden access\") {\r\n super(message, 403);\r\n this.name = \"ForbiddenError\";\r\n }\r\n}\r\n\r\nexport class UnauthorizedError extends AppError {\r\n constructor(message: string = \"Unauthorized access\") {\r\n super(message, 401);\r\n this.name = \"UnauthorizedError\";\r\n }\r\n}\r\n\r\nexport class JwtError extends AppError {\r\n constructor(message: string) {\r\n super(message, 401);\r\n this.name = \"JwtError\";\r\n }\r\n}\r\n\r\nexport class RegistrationError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"RegistrationError\";\r\n }\r\n}\r\n\r\nexport class TwoFactorError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"TwoFactorERROR\";\r\n }\r\n}","import { configManager } from \"../../config/ConfigManager\";\r\nimport { IConfig, ConfigSource } from \"../../../domain/interfaces/configTypes\";\r\n\r\nexport const authConfig = (configSource: ConfigSource): void => {\r\n configManager.setConfigSource(configSource);\r\n};\r\n\r\nexport const createConfigInstance = async (): Promise<IConfig> => {\r\n return configManager.getConfig() ?? (await configManager.loadConfig());\r\n};\r\n","import { BaseContainer, BaseDatabase } from \"cca-core\";\r\nimport { AuthEntity } from \"cca-entities\";\r\n\r\nimport { LoginUseCase } from \"../../application/useCase/LoginUseCase\";\r\nimport { LogoutUseCase } from \"../../application/useCase/LogoutUseCase\";\r\nimport { RegisterUseCase } from \"../../application/useCase/RegisterUseCase\";\r\nimport { RefreshTokenUseCase } from \"../../application/useCase/RefreshTokenUseCase\";\r\nimport { TwoFactorSetupUseCase } from \"../../application/useCase/TwoFactorSetupUseCase\";\r\nimport { TwoFactorEnableUseCase } from \"../../application/useCase/TwoFactorEnableUseCase\";\r\nimport { TwoFactorVerifyUseCase } from \"../../application/useCase/TwoFactorVerifyUseCase\";\r\nimport { TwoFactorDisableUseCase } from \"../../application/useCase/TwoFactorDisableUseCase\";\r\n\r\nimport { AuthController } from \"../../presentation/controller/AuthController\";\r\nimport { RequireComplete2FA } from \"../../presentation/middleware/RequireComplete2FA\";\r\n\r\nimport { AuthRepository } from \"../repository/AuthRepository\";\r\nimport { JwtAuthService } from \"../services/JwtAuthService\";\r\nimport { TwoFactorService } from \"../services/TwoFactorService\";\r\nimport { createConfigInstance } from \"../../application/service/utils/configInstance\";\r\n\r\nasync function createAuthContainer(database: BaseDatabase) {\r\n const container = new BaseContainer({ database });\r\n\r\n const authRepository = new AuthRepository(\r\n database.getRepository(AuthEntity)\r\n );\r\n container.registerRepository<AuthEntity>(\"AuthRepository\", authRepository);\r\n\r\n const jwtAuthService = new JwtAuthService(authRepository);\r\n container.registerService(\"JwtAuthService\", jwtAuthService);\r\n\r\n const configData = await createConfigInstance();\r\n\r\n const twoFactorService = new TwoFactorService(configData);\r\n container.registerService(\"TwoFactorService\", twoFactorService);\r\n\r\n const requireComplete2FA = new RequireComplete2FA(jwtAuthService);\r\n\r\n const loginUseCase = new LoginUseCase(authRepository, jwtAuthService);\r\n const logoutUseCase = new LogoutUseCase(authRepository);\r\n const registerUseCase = new RegisterUseCase(authRepository);\r\n const refreshTokenUseCase = new RefreshTokenUseCase(\r\n authRepository,\r\n jwtAuthService\r\n );\r\n\r\n const twoFactorSetupUseCase = new TwoFactorSetupUseCase(twoFactorService, authRepository);\r\n const twoFactorEnableUseCase = new TwoFactorEnableUseCase(twoFactorService, authRepository);\r\n const twoFactorVerifyUseCase = new TwoFactorVerifyUseCase(\r\n twoFactorService,\r\n authRepository,\r\n jwtAuthService\r\n );\r\n const twoFactorDisableUseCase = new TwoFactorDisableUseCase(twoFactorService, authRepository);\r\n\r\n container.registerService(\"LoginUseCase\", loginUseCase);\r\n container.registerService(\"LogoutUseCase\", logoutUseCase);\r\n container.registerService(\"RegisterUseCase\", registerUseCase);\r\n container.registerService(\"RefreshTokenUseCase\", refreshTokenUseCase);\r\n container.registerService(\"TwoFactorSetupUseCase\", twoFactorSetupUseCase);\r\n container.registerService(\"TwoFactorEnableUseCase\", twoFactorEnableUseCase);\r\n container.registerService(\"TwoFactorVerifyUseCase\", twoFactorVerifyUseCase);\r\n container.registerService(\"TwoFactorDisableUseCase\", twoFactorDisableUseCase);\r\n\r\n const authController = new AuthController(\r\n loginUseCase,\r\n logoutUseCase,\r\n registerUseCase,\r\n refreshTokenUseCase,\r\n twoFactorSetupUseCase,\r\n twoFactorEnableUseCase,\r\n twoFactorVerifyUseCase,\r\n twoFactorDisableUseCase\r\n );\r\n\r\n return { container, authController, requireComplete2FA };\r\n}\r\n\r\nexport { createAuthContainer };","import { IBaseService, validateRepository } from \"cca-core\";\r\nimport { AuthEntity, UserEntity, UserRole } from \"cca-entities\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\nimport { JwtAuthService } from \"../../infrastructure/services/JwtAuthService\";\r\nimport { UserDTO } from \"../dtos/UserDTO\";\r\nimport { LoginDTO } from \"../dtos/LoginDTO\";\r\nimport { validateAdminSecret, validateLoginDTO } from \"../validators/authValidation\";\r\nimport { mapper } from \"../mappers/utils/mapper\";\r\n\r\ninterface TokenPair {\r\n accessToken: string;\r\n refreshToken: string;\r\n}\r\n\r\ninterface LoginResponse {\r\n token: TokenPair;\r\n user: UserDTO;\r\n}\r\n\r\nexport class LoginUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly authService: JwtAuthService;\r\n\r\n constructor(\r\n repository: AuthRepository,\r\n authService: JwtAuthService\r\n ) {\r\n this.repository = repository;\r\n this.authService = authService\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(loginDTO: LoginDTO, adminPassword?: string): Promise<LoginResponse> {\r\n const auth = await this.validateLogin(loginDTO, adminPassword);\r\n const token = await this.handleAuthentication(auth);\r\n const userDTO = this.mapUserToDTO(auth.user);\r\n\r\n return { token, user: userDTO };\r\n }\r\n\r\n private async validateLogin(\r\n loginDTO: LoginDTO,\r\n adminPassword?: string\r\n ): Promise<AuthEntity> {\r\n const auth = await validateLoginDTO(loginDTO, this.repository);\r\n\r\n if (loginDTO.role === UserRole.ADMIN && adminPassword) {\r\n await validateAdminSecret(adminPassword);\r\n }\r\n\r\n return auth;\r\n }\r\n\r\n private async handleAuthentication(auth: AuthEntity): Promise<TokenPair> {\r\n const token = this.generateTokens(auth);\r\n await this.updateUserStatus(auth);\r\n await this.updateUserRefreshToken(auth, token.refreshToken);\r\n\r\n return token;\r\n }\r\n\r\n private generateTokens(auth: AuthEntity): TokenPair {\r\n return {\r\n accessToken: this.authService.generateAccessToken(auth.user),\r\n refreshToken: this.authService.generateRefreshToken(auth.user)\r\n };\r\n }\r\n\r\n private async updateUserStatus(auth: AuthEntity): Promise<void> {\r\n auth.user.lastLoginAt = new Date();\r\n auth.user.isActive = true;\r\n await this.repository.update(auth.id, auth);\r\n }\r\n\r\n private async updateUserRefreshToken(\r\n auth: AuthEntity,\r\n refreshToken: string\r\n ): Promise<void> {\r\n auth.refreshToken = refreshToken;\r\n await this.repository.update(auth.id, { refreshToken });\r\n }\r\n\r\n private mapUserToDTO(user: UserEntity): UserDTO {\r\n return mapper.map(user, UserEntity, UserDTO);\r\n }\r\n}","import { AutoMap } from \"@automapper/classes\";\r\nimport { UserRole } from \"cca-entities\";\r\n\r\nexport class UserDTO {\r\n @AutoMap()\r\n id!: string;\r\n\r\n @AutoMap()\r\n name!: string;\r\n\r\n @AutoMap()\r\n email!: string;\r\n\r\n @AutoMap()\r\n role!: UserRole;\r\n\r\n adminPassword?: string;\r\n}","import * as yup from \"yup\";\r\nimport { AuthEntity, UserRole } from \"cca-entities\";\r\nimport bcrypt from \"bcrypt\";\r\n\r\nimport {\r\n ForbiddenError,\r\n NotFoundError,\r\n ValidationError,\r\n} from \"../../utils/Errors\";\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nimport { RegisterDTO } from \"../dtos/RegisterDTO\";\r\nimport { LoginDTO } from \"../dtos/LoginDTO\";\r\nimport { createConfigInstance } from \"../service/utils/configInstance\";\r\n\r\nconst schemas = {\r\n id: yup.string().uuid(\"Invalid user ID format\"),\r\n email: yup\r\n .string()\r\n .email(\"Invalid email format\")\r\n .max(255, \"Email cannot exceed 255 characters\"),\r\n name: yup\r\n .string()\r\n .required(\"Name is required\")\r\n .min(2, \"Name must be at least 2 characters long\")\r\n .max(50, \"Name cannot exceed 50 characters\")\r\n .matches(/^[a-zA-Z\\s]+$/, \"Name must only contain letters and spaces\"),\r\n password: yup\r\n .string()\r\n .required(\"Password required\")\r\n .min(8, \"Password too short\")\r\n .max(100, \"Password too long\")\r\n .matches(\r\n /^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]/,\r\n \"Password must contain uppercase, lowercase, number and special character\"\r\n ),\r\n role: yup\r\n .string()\r\n .required(\"Role is required\")\r\n .oneOf(Object.values(UserRole), \"Invalid role specified\"),\r\n};\r\n\r\nexport const validateEmail = async (\r\n email: string,\r\n repository: AuthRepository\r\n): Promise<AuthEntity> => {\r\n try {\r\n await schemas.email.validate(email?.trim().toLowerCase());\r\n const user = await repository.findByEmail(email);\r\n if (!user) {\r\n throw new NotFoundError(\r\n \"The email address or password is incorrect. Please retry\"\r\n );\r\n }\r\n return user;\r\n } catch (error: any) {\r\n throw new ValidationError(error.message || \"Invalid email format\");\r\n }\r\n};\r\n\r\nexport const validatePassword = async (password?: string): Promise<void> => {\r\n if (password) {\r\n try {\r\n await schemas.password.validate(password);\r\n } catch (error: any) {\r\n throw new ValidationError(error.message || \"Invalid password format\");\r\n }\r\n }\r\n};\r\n\r\nexport const validateEmailUniqueness = async (\r\n repository: AuthRepository,\r\n email: string,\r\n excludeUserId?: string\r\n): Promise<void> => {\r\n try {\r\n await schemas.email.validate(email?.trim().toLowerCase());\r\n\r\n const existingUser = await repository.findByEmail(email);\r\n\r\n if (!existingUser) return;\r\n if (existingUser.id === excludeUserId) return;\r\n\r\n throw new ValidationError(`Email ${email} is already in use.`);\r\n } catch (error: any) {\r\n if (error instanceof ValidationError) {\r\n throw error;\r\n }\r\n throw new ValidationError(\"user email validation failed\");\r\n }\r\n};\r\n\r\nexport const validateRegisterDTO = async (\r\n auth: RegisterDTO,\r\n repository: AuthRepository\r\n): Promise<void> => {\r\n const { name, email, role, password } = auth;\r\n\r\n await Promise.all([\r\n schemas.name.validate(name),\r\n schemas.role.validate(role),\r\n validateEmailUniqueness(repository, email),\r\n validatePassword(password),\r\n ]);\r\n};\r\n\r\nexport const validateLoginDTO = async (\r\n data: LoginDTO,\r\n repository: AuthRepository\r\n): Promise<AuthEntity> => {\r\n const { email, role, password } = data;\r\n\r\n await Promise.all([schemas.role.validate(role), schemas.password.validate(password)]);\r\n\r\n const auth = await validateEmail(email, repository);\r\n if (!auth || !auth.password) {\r\n throw new NotFoundError(\"Invalid credentials\");\r\n }\r\n\r\n const isMatch = await bcrypt.compare(password, auth.password);\r\n if (!isMatch) {\r\n throw new ForbiddenError(\"Invalid credentials\");\r\n }\r\n\r\n return auth;\r\n};\r\n\r\nexport const validateAdminSecret = async (\r\n secretPassword?: string\r\n): Promise<void> => {\r\n if (!secretPassword) {\r\n throw new ValidationError(\"Admin password is required\");\r\n }\r\n\r\n try {\r\n const config = await createConfigInstance();\r\n\r\n if (!config.adminSecretPassword) {\r\n throw new ValidationError(\"ADMIN_SECRET_PASSWORD not found in config\");\r\n }\r\n\r\n if (parseInt(secretPassword) !== parseInt(config.adminSecretPassword)) {\r\n throw new ValidationError(\"Invalid admin password\");\r\n }\r\n } catch (error) {\r\n if (error instanceof ValidationError) {\r\n throw error;\r\n }\r\n throw new ValidationError(\"Error validating admin password\");\r\n }\r\n};\r\n","import { createMapper } from '@automapper/core';\r\nimport { classes } from '@automapper/classes';\r\n\r\nimport { createUserMappings } from '../createUserMappings';\r\n\r\nexport const mapper = createMapper({\r\n strategyInitializer: classes(),\r\n});\r\n\r\ncreateUserMappings(mapper);\r\n","import { Mapper, createMap, forMember, mapFrom } from '@automapper/core';\r\nimport { AuthEntity, UserEntity } from 'cca-entities';\r\n\r\nimport { RegisterDTO } from '../dtos/RegisterDTO';\r\nimport { UserDTO } from '../dtos/UserDTO';\r\n\r\nexport function createUserMappings(mapper: Mapper): void {\r\n createMap(\r\n mapper, \r\n RegisterDTO,\r\n AuthEntity,\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.password, mapFrom(src => src.password)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n\r\n createMap(\r\n mapper, \r\n RegisterDTO,\r\n UserEntity,\r\n forMember(dest => dest.name, mapFrom(src => src.name)),\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n\r\n createMap(\r\n mapper,\r\n UserEntity,\r\n UserDTO,\r\n forMember(dest => dest.id, mapFrom(src => src.id)),\r\n forMember(dest => dest.name, mapFrom(src => src.name)),\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n}","import { UserRole } from \"cca-entities\";\r\n\r\nexport class RegisterDTO {\r\n email!: string;\r\n name!: string;\r\n password!: string;\r\n role!: UserRole;\r\n adminPassword?: string;\r\n}\r\n","import { IBaseService, validateRepository } from \"cca-core\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\nimport { NotFoundError } from \"../../utils/Errors\";\r\n\r\n\r\nexport class LogoutUseCase implements IBaseService {\r\n private readonly repository: AuthRepository\r\n\r\n constructor(repository: AuthRepository) {\r\n this.repository = repository;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(authId: string): Promise<void> {\r\n try {\r\n await this.repository.logout(authId);\r\n } catch (error) {\r\n new NotFoundError(\"Auth not found\");\r\n }\r\n }\r\n}","import { IBaseService, validateRepository } from \"cca-core\";\r\nimport * as bcrypt from \"bcrypt\";\r\nimport { AuthEntity, UserEntity, UserRole } from \"cca-entities\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nimport { mapper } from \"../mappers/utils/mapper\";\r\nimport { RegisterDTO } from \"../dtos/RegisterDTO\";\r\nimport { validateAdminSecret, validateRegisterDTO } from \"../validators/authValidation\";\r\nimport { RegistrationError } from \"../../utils/Errors\";\r\n\r\nexport class RegisterUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly SALT_ROUNDS = 10;\r\n\r\n constructor(repository: AuthRepository) {\r\n this.repository = repository;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n public async execute(\r\n email: string,\r\n name: string,\r\n password: string,\r\n role: UserRole = UserRole.GUEST,\r\n adminPassword?: string\r\n ): Promise<AuthEntity | undefined> {\r\n try {\r\n\r\n const normalizedDTO = this.normalizeAuthDTO({\r\n email,\r\n name,\r\n password,\r\n role,\r\n adminPassword\r\n });\r\n\r\n if (role === UserRole.ADMIN && adminPassword) {\r\n await validateAdminSecret(adminPassword);\r\n }\r\n\r\n await validateRegisterDTO(normalizedDTO, this.repository);\r\n\r\n const hashedPassword = await this.hashPassword(normalizedDTO.password);\r\n const authEntity = await this.createAuthEntity(\r\n normalizedDTO,\r\n hashedPassword\r\n );\r\n\r\n return await this.repository.create(authEntity);\r\n } catch (error: any) {\r\n throw new RegistrationError(`Registration failed: ${error.message}`);\r\n }\r\n }\r\n\r\n private normalizeAuthDTO(dto: RegisterDTO): RegisterDTO {\r\n return {\r\n name: dto.name.trim(),\r\n email: dto.email.trim().toLowerCase(),\r\n role: dto.role,\r\n password: dto.password.trim(),\r\n adminPassword: dto.adminPassword?.trim()\r\n };\r\n }\r\n\r\n private async hashPassword(password: string): Promise<string> {\r\n return await bcrypt.hash(password, this.SALT_ROUNDS);\r\n }\r\n\r\n private async createAuthEntity(dto: RegisterDTO, hashedPassword: string): Promise<AuthEntity> {\r\n const authEntity = mapper.map(dto, RegisterDTO, AuthEntity);\r\n const userEntity = mapper.map(dto, RegisterDTO, UserEntity);\r\n\r\n authEntity.password = hashedPassword;\r\n authEntity.refreshToken = \"\";\r\n authEntity.user = userEntity;\r\n authEntity.user.updatedAt = null as any;\r\n\r\n return authEntity;\r\n }\r\n}\r\n","import { IBaseService, validateRepository } from \"cca-core\";\r\n\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\n\r\nimport { JwtAuthService } from \"../../infrastructure/services/JwtAuthService\";\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nexport class RefreshTokenUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly service: JwtAuthService;\r\n\r\n constructor(repository: AuthRepository, service: JwtAuthService) {\r\n this.repository = repository;\r\n this.service = service;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(\r\n refreshToken: string\r\n ): Promise<{ accessToken: string; refreshToken: string } | null> {\r\n try {\r\n const decoded = await this.service.verifyRefreshToken(refreshToken);\r\n\r\n const auth = decoded.userId\r\n ? await this.repository.findById(decoded.userId)\r\n : null;\r\n\r\n if (!auth || auth.refreshToken !== refreshToken) {\r\n return null;\r\n }\r\n\r\n const accessToken = this.service.generateAccessToken(auth.user);\r\n const newRefreshToken = this.service.generateRefreshToken(auth.user);\r\n\r\n await this.repository.update(auth.id, {\r\n refreshToken: newRefreshToken,\r\n });\r\n\r\n return { accessToken, refreshToken: newRefreshToken };\r\n } catch (error) {\r\n return null;\r\n }\r\n }\r\n\r\n async verityToken(token: string): Promise<IDecodedToken> {\r\n return await this.service.verifyAccessToken(token);\r\n }\r\n}\r\n","import { IBaseService } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorSetupResponse } from '../../domain/interfaces/ITwoFactorSetupResponse';\r\n\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorSetupUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize()\r\n ]);\r\n \r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string): Promise<ITwoFactorSetupResponse> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const user = await this.authRepository.findByUserId(userId);\r\n \r\n if (!user) {\r\n throw new TwoFactorError('User not found');\r\n }\r\n \r\n if (user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is already enabled');\r\n }\r\n \r\n const { secret, otpAuthUrl } = this.twoFactorService.generateSecret(user.email);\r\n const qrCodeUrl = await this.twoFactorService.generateQRCode(otpAuthUrl);\r\n \r\n await this.authRepository.updateTwoFactorSecret(userId, secret);\r\n \r\n return { secret, otpAuthUrl, qrCodeUrl };\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorEnable } from '../../domain/interfaces/ITwoFactorEnable';\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorEnableUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n \r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n \r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string, dto: ITwoFactorEnable): Promise<void> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { token } = dto;\r\n \r\n if (!token) {\r\n throw new TwoFactorError('Token is required');\r\n }\r\n \r\n const user = await this.authRepository.findByUserId(userId); \r\n \r\n if (!user || !user.twoFactorSecret) {\r\n throw new TwoFactorError('Please set up two-factor authentication first');\r\n }\r\n \r\n if (user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is already enabled');\r\n }\r\n \r\n const isValid = this.twoFactorService.verifyToken(token, user.twoFactorSecret);\r\n \r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n \r\n await this.authRepository.enableTwoFactor(user);\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { JwtAuthService } from '../../infrastructure/services/JwtAuthService';\r\nimport { ITwoFactorVerify } from '../../domain/interfaces/ITwoFactorVerify';\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorVerifyUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private jwtService: JwtAuthService;\r\n private isInitialized = false;\r\n\r\n constructor(\r\n twoFactorService: TwoFactorService,\r\n authRepository: AuthRepository,\r\n jwtService: JwtAuthService\r\n ) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n this.jwtService = jwtService;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n\r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n this.jwtService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n4\r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(dto: ITwoFactorVerify): Promise<{ token: string; refreshToken: string }> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { userId, token } = dto;\r\n\r\n if (!userId || !token) {\r\n throw new TwoFactorError('user ID and token are required');\r\n }\r\n\r\n const auth = await this.authRepository.findByUserId(userId);\r\n\r\n console.log(\"auth\", auth);\r\n \r\n\r\n if (!auth || !auth.twoFactorSecret || !auth.twoFactorEnabled) {\r\n throw new TwoFactorError('Invalid request');\r\n }\r\n\r\n const isValid = this.twoFactorService.verifyToken(token, auth.twoFactorSecret);\r\n\r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n\r\n return {\r\n token: this.jwtService.generateAccessToken(auth.user),\r\n refreshToken: this.jwtService.generateRefreshToken(auth.user)\r\n }\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorEnable } from '../../domain/interfaces/ITwoFactorEnable';\r\n\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorDisableUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n4\r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string, dto: ITwoFactorEnable): Promise<void> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { token } = dto;\r\n \r\n const user = await this.authRepository.findByUserId(userId);\r\n \r\n if (!user || !user.twoFactorSecret || !user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is not enabled');\r\n }\r\n \r\n const isValid = this.twoFactorService.verifyToken(token, user.twoFactorSecret);\r\n \r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n \r\n await this.authRepository.disableTwoFactor(user);\r\n }\r\n}","import { NextFunction, Request, Response } from \"express\";\r\n\r\nimport { LoginDTO } from \"../../application/dtos/LoginDTO\";\r\nimport { RegisterDTO } from \"../../application/dtos/RegisterDTO\";\r\n\r\nimport { RegisterUseCase } from \"../../application/useCase/RegisterUseCase\";\r\nimport { LoginUseCase } from \"../../application/useCase/LoginUseCase\";\r\nimport { LogoutUseCase } from \"../../application/useCase/LogoutUseCase\";\r\nimport { RefreshTokenUseCase } from \"../../application/useCase/RefreshTokenUseCase\";\r\nimport { TwoFactorSetupUseCase } from \"../../application/useCase/TwoFactorSetupUseCase\";\r\nimport { TwoFactorEnableUseCase } from \"../../application/useCase/TwoFactorEnableUseCase\";\r\nimport { TwoFactorVerifyUseCase } from \"../../application/useCase/TwoFactorVerifyUseCase\";\r\nimport { TwoFactorDisableUseCase } from \"../../application/useCase/TwoFactorDisableUseCase\";\r\n\r\nimport { IRefreshTokenRequest } from \"../../domain/interfaces/IRefreshTokenRequest\";\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\nimport { ITwoFactorEnable } from \"../../domain/interfaces/ITwoFactorEnable\";\r\nimport { ITwoFactorVerify } from \"../../domain/interfaces/ITwoFactorVerify\";\r\n\r\n\r\nexport class AuthController {\r\n private readonly loginUseCase: LoginUseCase;\r\n private readonly logoutUseCase: LogoutUseCase;\r\n private readonly registerUseCase: RegisterUseCase;\r\n private readonly refreshTokenUseCase: RefreshTokenUseCase;\r\n\r\n private twoFactorSetupUseCase: TwoFactorSetupUseCase;\r\n private twoFactorEnableUseCase: TwoFactorEnableUseCase;\r\n private twoFactorVerifyUseCase: TwoFactorVerifyUseCase;\r\n private twoFactorDisableUseCase: TwoFactorDisableUseCase;\r\n\r\n constructor(\r\n loginUseCase: LoginUseCase,\r\n logoutUseCase: LogoutUseCase,\r\n registerUseCase: RegisterUseCase,\r\n refreshTokenUseCase: RefreshTokenUseCase,\r\n twoFactorSetupUseCase: TwoFactorSetupUseCase,\r\n twoFactorEnableUseCase: TwoFactorEnableUseCase,\r\n twoFactorVerifyUseCase: TwoFactorVerifyUseCase,\r\n twoFactorDisableUseCase: TwoFactorDisableUseCase\r\n ) {\r\n this.loginUseCase = loginUseCase;\r\n this.logoutUseCase = logoutUseCase;\r\n this.registerUseCase = registerUseCase;\r\n this.refreshTokenUseCase = refreshTokenUseCase;\r\n this.twoFactorSetupUseCase = twoFactorSetupUseCase;\r\n this.twoFactorEnableUseCase = twoFactorEnableUseCase;\r\n this.twoFactorVerifyUseCase = twoFactorVerifyUseCase;\r\n this.twoFactorDisableUseCase = twoFactorDisableUseCase;\r\n }\r\n\r\n login = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const { adminPassword, ...loginDTO }: LoginDTO = req.body;\r\n const result = await this.loginUseCase.execute(loginDTO, adminPassword);\r\n res.status(201).json(result);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n logout = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction\r\n ): Promise<void> => {\r\n try {\r\n await this.logoutUseCase.execute(req.params.id);\r\n res.status(200).json({ message: 'Logged out successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n register = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction\r\n ): Promise<void> => {\r\n try {\r\n const { email, name, password, role, adminPassword }: RegisterDTO = req.body;\r\n await this.registerUseCase.execute(email, name, password, role, adminPassword);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n refreshToken = async (req: Request, res: Response) => {\r\n const { refreshToken }: IRefreshTokenRequest = req.body;\r\n const result = await this.refreshTokenUseCase.execute(refreshToken);\r\n res.json(result);\r\n };\r\n\r\n verifyToken = async (token: string): Promise<IDecodedToken> => {\r\n return await this.refreshTokenUseCase.verityToken(token);\r\n };\r\n\r\n setup2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const result = await this.twoFactorSetupUseCase.execute(userId);\r\n res.status(200).json(result);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n enable2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const dto: ITwoFactorEnable = req.body;\r\n await this.twoFactorEnableUseCase.execute(userId, dto);\r\n res.status(200).json({ message: 'Two-factor authentication has been enabled successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n verify2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const dto: ITwoFactorVerify = req.body;\r\n const result = await this.twoFactorVerifyUseCase.execute(dto);\r\n res.status(200).json({\r\n message: 'Two-factor authentication successful',\r\n ...result\r\n });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n disable2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const dto: ITwoFactorEnable = req.body;\r\n await this.twoFactorDisableUseCase.execute(userId, dto);\r\n res.status(200).json({ message: 'Two-factor authentication has been disabled successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n}\r\n","import { NextFunction, Request, Response } from 'express';\r\nimport { JwtAuthService } from '../../infrastructure/services/JwtAuthService';\r\n\r\nexport class RequireComplete2FA {\r\n private readonly jwtService: JwtAuthService;\r\n\r\n constructor(jwtService: JwtAuthService) {\r\n this.jwtService = jwtService;\r\n }\r\n\r\n public async execute(req: Request, res: Response, next: NextFunction) {\r\n try {\r\n const token = req.headers.authorization?.split(' ')[1];\r\n\r\n if (!token) {\r\n return res.status(401).json({ message: 'Authentication required' });\r\n }\r\n\r\n const decoded = await this.jwtService.verifyAccessToken(token);\r\n\r\n if (!decoded.twoFactorAuthenticated) {\r\n return res.status(403).json({\r\n message: 'Two-factor authentication required',\r\n code: 'REQUIRE_2FA',\r\n userId: decoded.id\r\n });\r\n }\r\n\r\n req.auth = { ...decoded, twoFactorAuthenticated: true };\r\n next();\r\n } catch (error) {\r\n return res.status(401).json({ message: 'Invalid or expired token' });\r\n }\r\n }\r\n}","import { BaseRepository, IExtendedBaseRepository } from \"cca-core\";\r\nimport { AuthEntity } from \"cca-entities\";\r\nimport { Repository } from \"typeorm\";\r\nimport { NotFoundError } from \"../../utils/Errors\";\r\n\r\nexport class AuthRepository\r\n extends BaseRepository<AuthEntity>\r\n implements IExtendedBaseRepository<AuthEntity> {\r\n constructor(repository: Repository<AuthEntity>) {\r\n super(repository);\r\n }\r\n\r\n async findByEmail(email: string): Promise<AuthEntity | null> {\r\n const query = this.repository\r\n .createQueryBuilder(\"auth\")\r\n .leftJoinAndSelect(\"auth.user\", \"user\")\r\n .addSelect(\"auth.password\")\r\n .where(\"auth.email = :email\", { email });\r\n\r\n return await query.getOne();\r\n }\r\n\r\n async create(entity: Omit<AuthEntity, \"createdAt\">): Promise<AuthEntity> {\r\n return super.create(entity);\r\n }\r\n\r\n async findByUserId(userId: string): Promise<AuthEntity | null> {\r\n const query = this.repository\r\n .createQueryBuilder(\"auth\")\r\n .leftJoinAndSelect(\"auth.user\", \"user\")\r\n .addSelect(\"auth.twoFactorSecret\")\r\n .where(\"user.id = :userId\", { userId });\r\n\r\n return await query.getOne();;\r\n }\r\n\r\n async logout(userId: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n auth.refreshToken = \"\";\r\n auth.user.isActive = false;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async updateTwoFactorSecret(userId: string, secret: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n auth.twoFactorSecret = secret;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async enableTwoFactor(auth: AuthEntity): Promise<void> {\r\n\r\n auth.twoFactorEnabled = true;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async disableTwoFactor(auth: AuthEntity): Promise<void> {\r\n\r\n auth.twoFactorEnabled = false;\r\n auth.twoFactorSecret = null;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async isTwoFactorEnabled(userId: string): Promise<boolean> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n return !!auth.twoFactorEnabled;\r\n }\r\n\r\n async getTwoFactorSecret(userId: string): Promise<string | null> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n return auth.twoFactorSecret;\r\n }\r\n}\r\n","import * as jwt from \"jsonwebtoken\";\r\nimport { Secret, SignOptions } from \"jsonwebtoken\";\r\nimport * as bcrypt from \"bcrypt\";\r\nimport { IBaseService, validateRepository } from \"cca-core\";\r\nimport { AuthEntity, UserEntity } from \"cca-entities\";\r\n\r\nimport { IJwtConfig } from \"../../domain/interfaces/IJwtConfig\";\r\nimport { IAuthService } from \"../../domain/interfaces/IAuthService\";\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\n\r\nimport {\r\n ForbiddenError,\r\n JwtError,\r\n NotFoundError,\r\n UnauthorizedError,\r\n} from \"../../utils/Errors\";\r\n\r\nimport { AuthRepository } from \"../repository/AuthRepository\";\r\nimport { createConfigInstance } from \"../../application/service/utils/configInstance\";\r\n\r\nexport class JwtAuthService implements IBaseService, IAuthService {\r\n private jwtConfig: IJwtConfig | undefined;\r\n\r\n constructor(private readonly repository: AuthRepository, config?: IJwtConfig) {\r\n this.loadConfig(config);\r\n }\r\n\r\n private async loadConfig(config?: IJwtConfig) {\r\n const configData = await createConfigInstance();\r\n\r\n this.jwtConfig = {\r\n accessTokenSecret: configData.accessTokenSecret,\r\n refreshTokenSecret: configData.refreshTokenSecret,\r\n accessTokenExpiry: parseInt(configData.accessTokenExpiry, 10),\r\n refreshTokenExpiry: parseInt(configData.refreshTokenExpiry, 10),\r\n ...config,\r\n };\r\n\r\n this.validateConfiguration();\r\n }\r\n\r\n async initialize(): Promise<void> {\r\n await validateRepository(this.repository, repo => repo.getAll());\r\n }\r\n\r\n private validateConfiguration(): void {\r\n if (!this.jwtConfig?.accessTokenSecret || !this.jwtConfig?.refreshTokenSecret) {\r\n throw new JwtError(\"JWT secrets required in config\");\r\n }\r\n }\r\n\r\n async validateUser(email: string, password: string): Promise<AuthEntity | null> {\r\n const user = await this.repository.findByEmail(email);\r\n if (!user) {\r\n throw new NotFoundError(\"Invalid credentials\");\r\n }\r\n\r\n const validPassword = await bcrypt.compare(password, user.password);\r\n if (!validPassword) {\r\n throw new ForbiddenError(\"Invalid credentials\");\r\n }\r\n\r\n return user;\r\n }\r\n\r\n private verifyJwtConfig() {\r\n if (!this.jwtConfig) throw new JwtError(\"JWT config not loaded\");\r\n }\r\n\r\n generateAccessToken(user: UserEntity): string {\r\n this.verifyJwtConfig();\r\n return jwt.sign(\r\n { userId: user.id, email: user.email, role: user.role },\r\n this.jwtConfig!.accessTokenSecret as Secret,\r\n { expiresIn: this.jwtConfig!.accessTokenExpiry }\r\n );\r\n }\r\n\r\n generateRefreshToken(user: UserEntity): string {\r\n this.verifyJwtConfig();\r\n return jwt.sign(\r\n { userId: user.id },\r\n this.jwtConfig!.refreshTokenSecret as Secret,\r\n { expiresIn: this.jwtConfig!.refreshTokenExpiry }\r\n );\r\n }\r\n\r\n async verifyToken(token: string, secret: string): Promise<IDecodedToken> {\r\n try {\r\n return jwt.verify(token, secret) as IDecodedToken;\r\n } catch {\r\n throw new UnauthorizedError();\r\n }\r\n }\r\n\r\n async verifyAccessToken(token: string): Promise<IDecodedToken> {\r\n this.verifyJwtConfig();\r\n return this.verifyToken(token, this.jwtConfig!.accessTokenSecret);\r\n }\r\n\r\n async verifyRefreshToken(token: string): Promise<IDecodedToken> {\r\n this.verifyJwtConfig();\r\n return this.verifyToken(token, this.jwtConfig!.refreshTokenSecret);\r\n }\r\n}\r\n","import * as speakeasy from 'speakeasy';\r\nimport * as QRCode from 'qrcode';\r\nimport { IBaseService } from 'cca-core';\r\n\r\nimport { IConfig } from '../../domain/interfaces/configTypes';\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorService implements IBaseService {\r\n private readonly config: IConfig;\r\n private initialized: boolean = false;\r\n private readonly twoFactorConfig: {\r\n tokenWindow: number;\r\n secretLength: number;\r\n qrCodeOptions: QRCode.QRCodeToDataURLOptions;\r\n };\r\n\r\n constructor(config: IConfig) {\r\n this.config = config;\r\n \r\n this.twoFactorConfig = {\r\n tokenWindow: parseInt(config.tokenWindow) ?? 1,\r\n secretLength: parseInt(config.secretLength) ?? 20,\r\n qrCodeOptions: {\r\n errorCorrectionLevel: 'M',\r\n margin: 4,\r\n scale: 4,\r\n color: {\r\n dark: '#000000',\r\n light: '#ffffff'\r\n }\r\n }\r\n };\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n try {\r\n this.validateConfiguration();\r\n this.initialized = true;\r\n } catch (error) {\r\n console.error('TwoFactorService initialization failed:', error);\r\n throw new Error('Failed to initialize TwoFactorService');\r\n }\r\n }\r\n\r\n private validateConfiguration(): void {\r\n if (!this.config.app_name?.trim()) {\r\n throw new TwoFactorError('Application name (appName) is required in configuration');\r\n }\r\n\r\n if (this.twoFactorConfig.secretLength < 16) {\r\n throw new TwoFactorError('Secret length must be at least 16 characters');\r\n }\r\n\r\n if (this.twoFactorConfig.tokenWindow < 0 || this.twoFactorConfig.tokenWindow > 5) {\r\n throw new TwoFactorError('Token verification window must be between 0 and 5');\r\n }\r\n }\r\n\r\n private ensureInitialized(): void {\r\n if (!this.initialized) {\r\n throw new TwoFactorError('TwoFactorService must be initialized before use');\r\n }\r\n }\r\n\r\n public generateSecret(email: string): { secret: string; otpAuthUrl: string } {\r\n this.ensureInitialized();\r\n\r\n try {\r\n const secretObj = speakeasy.generateSecret({\r\n length: this.twoFactorConfig.secretLength,\r\n name: `${this.config.app_name}:${email}`,\r\n issuer: this.config.app_name\r\n });\r\n \r\n return {\r\n secret: secretObj.base32,\r\n otpAuthUrl: secretObj.otpauth_url || ''\r\n };\r\n } catch (error) {\r\n console.error('Error generating 2FA secret:', error);\r\n throw new Error('Failed to generate 2FA secret');\r\n }\r\n }\r\n\r\n public async generateQRCode(otpAuthUrl: string): Promise<string> {\r\n this.ensureInitialized();\r\n\r\n try {\r\n return await QRCode.toDataURL(otpAuthUrl, this.twoFactorConfig.qrCodeOptions);\r\n } catch (error) {\r\n console.error('QR code generation failed:', error);\r\n throw new TwoFactorError('Failed to generate QR code');\r\n }\r\n }\r\n\r\n public verifyToken(token: string, secret: string): boolean {\r\n this.ensureInitialized();\r\n\r\n try {\r\n return speakeasy.totp.verify({\r\n secret,\r\n encoding: 'base32',\r\n token,\r\n window: this.twoFactorConfig.tokenWindow\r\n });\r\n } catch (error) {\r\n console.error('Token verification failed:', error);\r\n throw new TwoFactorError('Failed to verify 2FA token');\r\n }\r\n }\r\n}"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,oBAA6B;;;ACAtB,IAAM,YAAN,MAAM,kBAAiB,MAAM;AAAA,EAClC,YACS,SACA,aAAqB,KACrB,OAAe,YACtB;AACA,UAAM,OAAO;AAJN;AACA;AACA;AAGP,WAAO,eAAe,MAAM,WAAW,SAAS;AAChD,UAAM,kBAAkB,IAAI;AAAA,EAC9B;AACF;AAVoC;AAA7B,IAAM,WAAN;AAYA,IAAM,mBAAN,MAAM,yBAAwB,SAAS;AAAA,EAC5C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL8C;AAAvC,IAAM,kBAAN;AAOA,IAAM,2BAAN,MAAM,iCAAgC,SAAS;AAAA,EACpD,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AALsD;AAA/C,IAAM,0BAAN;AAOA,IAAM,iBAAN,MAAM,uBAAsB,SAAS;AAAA,EAC1C,YAAY,SAAiB;AAC3B,UAAM,SAAS,KAAK,mBAAmB;AAAA,EACzC;AACF;AAJ4C;AAArC,IAAM,gBAAN;AAMA,IAAM,kBAAN,MAAM,wBAAuB,SAAS;AAAA,EAC3C,YAAY,UAAkB,oBAAoB;AAChD,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL6C;AAAtC,IAAM,iBAAN;AAOA,IAAM,qBAAN,MAAM,2BAA0B,SAAS;AAAA,EAC9C,YAAY,UAAkB,uBAAuB;AACnD,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALgD;AAAzC,IAAM,oBAAN;AAOA,IAAM,YAAN,MAAM,kBAAiB,SAAS;AAAA,EACrC,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALuC;AAAhC,IAAM,WAAN;AAOA,IAAM,qBAAN,MAAM,2BAA0B,SAAS;AAAA,EAC9C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALgD;AAAzC,IAAM,oBAAN;AAOA,IAAM,kBAAN,MAAM,wBAAuB,SAAS;AAAA,EAC3C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL6C;AAAtC,IAAM,iBAAN;;;ADxDA,IAAM,iBAAN,MAAM,uBAAsB,2BAAa;AAAA,EAI5C,gBAAgB,QAA4B;AACxC,SAAK,eAAe;AAAA,EACxB;AAAA,EAEA,UAAU,KAAoB;AAC1B,SAAK,SAAS,EAAE,GAAG,IAAI;AACvB,SAAK,KAAK,mBAAmB,KAAK,MAAM;AAAA,EAC5C;AAAA,EAEA,YAAiC;AAC7B,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,aAA+B;AACjC,QAAI,CAAC,KAAK,cAAc;AACpB,YAAM,IAAI,wBAAwB,uBAAuB;AAAA,IAC7D;AACA,QAAI;AACA,YAAM,SAAS,MAAM,KAAK,aAAa;AACvC,WAAK,UAAU,MAAM;AACrB,aAAO;AAAA,IACX,SAAS,OAAO;AACZ,YAAM,IAAI,wBAAwB,6BAA6B;AAAA,IACnE;AAAA,EACJ;AACJ;AA7BgD;AAAzC,IAAM,gBAAN;AA+BA,IAAM,gBAAgB,IAAI,cAAc;;;AEhCxC,IAAM,aAAa,wBAAC,iBAAqC;AAC9D,gBAAc,gBAAgB,YAAY;AAC5C,GAF0B;AAInB,IAAM,uBAAuB,mCAA8B;AAChE,SAAO,cAAc,UAAU,KAAM,MAAM,cAAc,WAAW;AACtE,GAFoC;;;ACPpC,IAAAA,oBAA4C;AAC5C,IAAAC,uBAA2B;;;ACD3B,sBAAiD;AACjD,IAAAC,uBAAiD;;;ACDjD,qBAAwB;AAGjB,IAAM,WAAN,MAAM,SAAQ;AAcrB;AAdqB;AAEnB;AAAA,MADC,wBAAQ;AAAA,GADE,SAEX;AAGA;AAAA,MADC,wBAAQ;AAAA,GAJE,SAKX;AAGA;AAAA,MADC,wBAAQ;AAAA,GAPE,SAQX;AAGA;AAAA,MADC,wBAAQ;AAAA,GAVE,SAWX;AAXK,IAAM,UAAN;;;ACHP,UAAqB;AACrB,0BAAqC;AACrC,oBAAmB;AAanB,IAAM,UAAU;AAAA,EACd,IAAQ,WAAO,EAAE,KAAK,wBAAwB;AAAA,EAC9C,OACG,WAAO,EACP,MAAM,sBAAsB,EAC5B,IAAI,KAAK,oCAAoC;AAAA,EAChD,MACG,WAAO,EACP,SAAS,kBAAkB,EAC3B,IAAI,GAAG,yCAAyC,EAChD,IAAI,IAAI,kCAAkC,EAC1C,QAAQ,iBAAiB,2CAA2C;AAAA,EACvE,UACG,WAAO,EACP,SAAS,mBAAmB,EAC5B,IAAI,GAAG,oBAAoB,EAC3B,IAAI,KAAK,mBAAmB,EAC5B;AAAA,IACC;AAAA,IACA;AAAA,EACF;AAAA,EACF,MACG,WAAO,EACP,SAAS,kBAAkB,EAC3B,MAAM,OAAO,OAAO,4BAAQ,GAAG,wBAAwB;AAC5D;AAEO,IAAM,gBAAgB,8BAC3B,OACA,eACwB;AACxB,MAAI;AACF,UAAM,QAAQ,MAAM,SAAS,OAAO,KAAK,EAAE,YAAY,CAAC;AACxD,UAAM,OAAO,MAAM,WAAW,YAAY,KAAK;AAC/C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT,SAAS,OAAY;AACnB,UAAM,IAAI,gBAAgB,MAAM,WAAW,sBAAsB;AAAA,EACnE;AACF,GAhB6B;AAkBtB,IAAM,mBAAmB,8BAAO,aAAqC;AAC1E,MAAI,UAAU;AACZ,QAAI;AACF,YAAM,QAAQ,SAAS,SAAS,QAAQ;AAAA,IAC1C,SAAS,OAAY;AACnB,YAAM,IAAI,gBAAgB,MAAM,WAAW,yBAAyB;AAAA,IACtE;AAAA,EACF;AACF,GARgC;AAUzB,IAAM,0BAA0B,8BACrC,YACA,OACA,kBACkB;AAClB,MAAI;AACF,UAAM,QAAQ,MAAM,SAAS,OAAO,KAAK,EAAE,YAAY,CAAC;AAExD,UAAM,eAAe,MAAM,WAAW,YAAY,KAAK;AAEvD,QAAI,CAAC,aAAc;AACnB,QAAI,aAAa,OAAO,cAAe;AAEvC,UAAM,IAAI,gBAAgB,SAAS,KAAK,qBAAqB;AAAA,EAC/D,SAAS,OAAY;AACnB,QAAI,iBAAiB,iBAAiB;AACpC,YAAM;AAAA,IACR;AACA,UAAM,IAAI,gBAAgB,8BAA8B;AAAA,EAC1D;AACF,GApBuC;AAsBhC,IAAM,sBAAsB,8BACjC,MACA,eACkB;AAClB,QAAM,EAAE,MAAM,OAAO,MAAM,SAAS,IAAI;AAExC,QAAM,QAAQ,IAAI;AAAA,IAChB,QAAQ,KAAK,SAAS,IAAI;AAAA,IAC1B,QAAQ,KAAK,SAAS,IAAI;AAAA,IAC1B,wBAAwB,YAAY,KAAK;AAAA,IACzC,iBAAiB,QAAQ;AAAA,EAC3B,CAAC;AACH,GAZmC;AAc5B,IAAM,mBAAmB,8BAC9B,MACA,eACwB;AACxB,QAAM,EAAE,OAAO,MAAM,SAAS,IAAI;AAElC,QAAM,QAAQ,IAAI,CAAC,QAAQ,KAAK,SAAS,IAAI,GAAG,QAAQ,SAAS,SAAS,QAAQ,CAAC,CAAC;AAEpF,QAAM,OAAO,MAAM,cAAc,OAAO,UAAU;AAClD,MAAI,CAAC,QAAQ,CAAC,KAAK,UAAU;AAC3B,UAAM,IAAI,cAAc,qBAAqB;AAAA,EAC/C;AAEA,QAAM,UAAU,MAAM,cAAAC,QAAO,QAAQ,UAAU,KAAK,QAAQ;AAC5D,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,eAAe,qBAAqB;AAAA,EAChD;AAEA,SAAO;AACT,GAnBgC;AAqBzB,IAAM,sBAAsB,8BACjC,mBACkB;AAClB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,gBAAgB,4BAA4B;AAAA,EACxD;AAEA,MAAI;AACF,UAAM,SAAS,MAAM,qBAAqB;AAE1C,QAAI,CAAC,OAAO,qBAAqB;AAC/B,YAAM,IAAI,gBAAgB,2CAA2C;AAAA,IACvE;AAEA,QAAI,SAAS,cAAc,MAAM,SAAS,OAAO,mBAAmB,GAAG;AACrE,YAAM,IAAI,gBAAgB,wBAAwB;AAAA,IACpD;AAAA,EACF,SAAS,OAAO;AACd,QAAI,iBAAiB,iBAAiB;AACpC,YAAM;AAAA,IACR;AACA,UAAM,IAAI,gBAAgB,iCAAiC;AAAA,EAC7D;AACF,GAvBmC;;;AC/HnC,IAAAC,eAA6B;AAC7B,IAAAC,kBAAwB;;;ACDxB,kBAAsD;AACtD,IAAAC,uBAAuC;;;ACChC,IAAM,eAAN,MAAM,aAAY;AAMzB;AANyB;AAAlB,IAAM,cAAN;;;ADIA,SAAS,mBAAmBC,SAAsB;AACrD;AAAA,IACIA;AAAA,IACA;AAAA,IACA;AAAA,QACA,uBAAU,UAAQ,KAAK,WAAO,qBAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,QACvD,uBAAU,UAAQ,KAAK,cAAU,qBAAQ,SAAO,IAAI,QAAQ,CAAC;AAAA,QAC7D,uBAAU,UAAQ,KAAK,UAAM,qBAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAE1D;AAAA,IACIA;AAAA,IACA;AAAA,IACA;AAAA,QACA,uBAAU,UAAQ,KAAK,UAAM,qBAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,QACrD,uBAAU,UAAQ,KAAK,WAAO,qBAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,QACvD,uBAAU,UAAQ,KAAK,UAAM,qBAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAE1D;AAAA,IACIA;AAAA,IACA;AAAA,IACA;AAAA,QACA,uBAAU,UAAQ,KAAK,QAAI,qBAAQ,SAAO,IAAI,EAAE,CAAC;AAAA,QACjD,uBAAU,UAAQ,KAAK,UAAM,qBAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,QACrD,uBAAU,UAAQ,KAAK,WAAO,qBAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,QACvD,uBAAU,UAAQ,KAAK,UAAM,qBAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAC9D;AAzBgB;;;ADDT,IAAM,aAAS,2BAAa;AAAA,EACjC,yBAAqB,yBAAQ;AAC/B,CAAC;AAED,mBAAmB,MAAM;;;AHWlB,IAAM,gBAAN,MAAM,cAAqC;AAAA,EAIhD,YACE,YACA,aACA;AACA,SAAK,aAAa;AAClB,SAAK,cAAc;AAAA,EACrB;AAAA,EAEA,MAAa,aAA4B;AACvC,cAAM,oCAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAM,QAAQ,UAAoB,eAAgD;AAChF,UAAM,OAAO,MAAM,KAAK,cAAc,UAAU,aAAa;AAC7D,UAAM,QAAQ,MAAM,KAAK,qBAAqB,IAAI;AAClD,UAAM,UAAU,KAAK,aAAa,KAAK,IAAI;AAE3C,WAAO,EAAE,OAAO,MAAM,QAAQ;AAAA,EAChC;AAAA,EAEA,MAAc,cACZ,UACA,eACqB;AACrB,UAAM,OAAO,MAAM,iBAAiB,UAAU,KAAK,UAAU;AAE7D,QAAI,SAAS,SAAS,8BAAS,SAAS,eAAe;AACrD,YAAM,oBAAoB,aAAa;AAAA,IACzC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,qBAAqB,MAAsC;AACvE,UAAM,QAAQ,KAAK,eAAe,IAAI;AACtC,UAAM,KAAK,iBAAiB,IAAI;AAChC,UAAM,KAAK,uBAAuB,MAAM,MAAM,YAAY;AAE1D,WAAO;AAAA,EACT;AAAA,EAEQ,eAAe,MAA6B;AAClD,WAAO;AAAA,MACL,aAAa,KAAK,YAAY,oBAAoB,KAAK,IAAI;AAAA,MAC3D,cAAc,KAAK,YAAY,qBAAqB,KAAK,IAAI;AAAA,IAC/D;AAAA,EACF;AAAA,EAEA,MAAc,iBAAiB,MAAiC;AAC9D,SAAK,KAAK,cAAc,oBAAI,KAAK;AACjC,SAAK,KAAK,WAAW;AACrB,UAAM,KAAK,WAAW,OAAO,KAAK,IAAI,IAAI;AAAA,EAC5C;AAAA,EAEA,MAAc,uBACZ,MACA,cACe;AACf,SAAK,eAAe;AACpB,UAAM,KAAK,WAAW,OAAO,KAAK,IAAI,EAAE,aAAa,CAAC;AAAA,EACxD;AAAA,EAEQ,aAAa,MAA2B;AAC9C,WAAO,OAAO,IAAI,MAAM,iCAAY,OAAO;AAAA,EAC7C;AACF;AArEkD;AAA3C,IAAM,eAAN;;;AMpBP,IAAAC,mBAAiD;AAM1C,IAAM,iBAAN,MAAM,eAAsC;AAAA,EAG/C,YAAY,YAA4B;AACpC,SAAK,aAAa;AAAA,EACtB;AAAA,EAEA,MAAa,aAA4B;AACrC,cAAM,qCAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACrF;AAAA,EAEA,MAAM,QAAQ,QAA+B;AACzC,QAAI;AACA,YAAM,KAAK,WAAW,OAAO,MAAM;AAAA,IACvC,SAAS,OAAO;AACZ,UAAI,cAAc,gBAAgB;AAAA,IACtC;AAAA,EACJ;AACJ;AAlBmD;AAA5C,IAAM,gBAAN;;;ACNP,IAAAC,mBAAiD;AACjD,IAAAC,UAAwB;AACxB,IAAAC,uBAAiD;AAS1C,IAAM,mBAAN,MAAM,iBAAwC;AAAA,EAInD,YAAY,YAA4B;AAFxC,SAAiB,cAAc;AAG7B,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAa,aAA4B;AACvC,cAAM,qCAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAa,QACX,OACA,MACA,UACA,OAAiB,8BAAS,OAC1B,eACiC;AACjC,QAAI;AAEF,YAAM,gBAAgB,KAAK,iBAAiB;AAAA,QAC1C;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF,CAAC;AAED,UAAI,SAAS,8BAAS,SAAS,eAAe;AAC5C,cAAM,oBAAoB,aAAa;AAAA,MACzC;AAEA,YAAM,oBAAoB,eAAe,KAAK,UAAU;AAExD,YAAM,iBAAiB,MAAM,KAAK,aAAa,cAAc,QAAQ;AACrE,YAAM,aAAa,MAAM,KAAK;AAAA,QAC5B;AAAA,QACA;AAAA,MACF;AAEA,aAAO,MAAM,KAAK,WAAW,OAAO,UAAU;AAAA,IAChD,SAAS,OAAY;AACnB,YAAM,IAAI,kBAAkB,wBAAwB,MAAM,OAAO,EAAE;AAAA,IACrE;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA+B;AACtD,WAAO;AAAA,MACL,MAAM,IAAI,KAAK,KAAK;AAAA,MACpB,OAAO,IAAI,MAAM,KAAK,EAAE,YAAY;AAAA,MACpC,MAAM,IAAI;AAAA,MACV,UAAU,IAAI,SAAS,KAAK;AAAA,MAC5B,eAAe,IAAI,eAAe,KAAK;AAAA,IACzC;AAAA,EACF;AAAA,EAEA,MAAc,aAAa,UAAmC;AAC5D,WAAO,MAAa,aAAK,UAAU,KAAK,WAAW;AAAA,EACrD;AAAA,EAEA,MAAc,iBAAiB,KAAkB,gBAA6C;AAC5F,UAAM,aAAa,OAAO,IAAI,KAAK,aAAa,+BAAU;AAC1D,UAAM,aAAa,OAAO,IAAI,KAAK,aAAa,+BAAU;AAE1D,eAAW,WAAW;AACtB,eAAW,eAAe;AAC1B,eAAW,OAAO;AAClB,eAAW,KAAK,YAAY;AAE5B,WAAO;AAAA,EACT;AACF;AAxEqD;AAA9C,IAAM,kBAAN;;;ACXP,IAAAC,mBAAiD;AAO1C,IAAM,uBAAN,MAAM,qBAA4C;AAAA,EAIvD,YAAY,YAA4B,SAAyB;AAC/D,SAAK,aAAa;AAClB,SAAK,UAAU;AAAA,EACjB;AAAA,EAEA,MAAa,aAA4B;AACvC,cAAM,qCAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAM,QACJ,cAC+D;AAC/D,QAAI;AACF,YAAM,UAAU,MAAM,KAAK,QAAQ,mBAAmB,YAAY;AAElE,YAAM,OAAO,QAAQ,SACjB,MAAM,KAAK,WAAW,SAAS,QAAQ,MAAM,IAC7C;AAEJ,UAAI,CAAC,QAAQ,KAAK,iBAAiB,cAAc;AAC/C,eAAO;AAAA,MACT;AAEA,YAAM,cAAc,KAAK,QAAQ,oBAAoB,KAAK,IAAI;AAC9D,YAAM,kBAAkB,KAAK,QAAQ,qBAAqB,KAAK,IAAI;AAEnE,YAAM,KAAK,WAAW,OAAO,KAAK,IAAI;AAAA,QACpC,cAAc;AAAA,MAChB,CAAC;AAED,aAAO,EAAE,aAAa,cAAc,gBAAgB;AAAA,IACtD,SAAS,OAAO;AACd,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,OAAuC;AACvD,WAAO,MAAM,KAAK,QAAQ,kBAAkB,KAAK;AAAA,EACnD;AACF;AA3CyD;AAAlD,IAAM,sBAAN;;;ACCA,IAAM,yBAAN,MAAM,uBAA6C;AAAA,EAKxD,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EACxB;AAAA,EACA,MAAM,aAA4B;AAChC,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MAChB,KAAK,iBAAiB,WAAW;AAAA,IACnC,CAAC;AAED,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEA,MAAM,QAAQ,QAAkD;AAC9D,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,eAAe,gBAAgB;AAAA,IAC3C;AAEA,QAAI,KAAK,kBAAkB;AACzB,YAAM,IAAI,eAAe,8CAA8C;AAAA,IACzE;AAEA,UAAM,EAAE,QAAQ,WAAW,IAAI,KAAK,iBAAiB,eAAe,KAAK,KAAK;AAC9E,UAAM,YAAY,MAAM,KAAK,iBAAiB,eAAe,UAAU;AAEvE,UAAM,KAAK,eAAe,sBAAsB,QAAQ,MAAM;AAE9D,WAAO,EAAE,QAAQ,YAAY,UAAU;AAAA,EACzC;AACF;AAzC0D;AAAnD,IAAM,wBAAN;;;ACRP,IAAAC,mBAAiD;AAO1C,IAAM,0BAAN,MAAM,wBAA8C;AAAA,EAKzD,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EAExB;AAAA,EACA,MAAM,aAA4B;AAC9B,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,UACjC,qCAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AAED,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEF,MAAM,QAAQ,QAAgB,KAAsC;AAClE,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,EAAE,MAAM,IAAI;AAElB,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,eAAe,mBAAmB;AAAA,IAC9C;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,QAAQ,CAAC,KAAK,iBAAiB;AAClC,YAAM,IAAI,eAAe,+CAA+C;AAAA,IAC1E;AAEA,QAAI,KAAK,kBAAkB;AACzB,YAAM,IAAI,eAAe,8CAA8C;AAAA,IACzE;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACtD;AAEA,UAAM,KAAK,eAAe,gBAAgB,IAAI;AAAA,EAChD;AACF;AAlD2D;AAApD,IAAM,yBAAN;;;ACPP,IAAAC,mBAAiD;AAQ1C,IAAM,0BAAN,MAAM,wBAA8C;AAAA,EAMvD,YACI,kBACA,gBACA,YACF;AANF,SAAQ,gBAAgB;AAOpB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AACtB,SAAK,aAAa;AAAA,EACtB;AAAA,EACA,MAAM,aAA4B;AAC9B,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,MACjC,KAAK,WAAW,WAAW;AAAA,UAC3B,qCAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AACT;AACQ,SAAK,gBAAgB;AAAA,EACzB;AAAA,EAEA,MAAM,QAAQ,KAAyE;AACnF,QAAI,CAAC,KAAK,eAAe;AACrB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEF,UAAM,EAAE,QAAQ,MAAM,IAAI;AAE1B,QAAI,CAAC,UAAU,CAAC,OAAO;AACnB,YAAM,IAAI,eAAe,gCAAgC;AAAA,IAC7D;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,YAAQ,IAAI,QAAQ,IAAI;AAGxB,QAAI,CAAC,QAAQ,CAAC,KAAK,mBAAmB,CAAC,KAAK,kBAAkB;AAC1D,YAAM,IAAI,eAAe,iBAAiB;AAAA,IAC9C;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACV,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACxD;AAEA,WAAO;AAAA,MACH,OAAO,KAAK,WAAW,oBAAoB,KAAK,IAAI;AAAA,MACpD,cAAc,KAAK,WAAW,qBAAqB,KAAK,IAAI;AAAA,IAChE;AAAA,EACJ;AACJ;AA1D2D;AAApD,IAAM,yBAAN;;;ACRP,IAAAC,mBAAiD;AAQ1C,IAAM,2BAAN,MAAM,yBAA+C;AAAA,EAK1D,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EACxB;AAAA,EACA,MAAM,aAA4B;AAChC,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,UACjC,qCAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AACL;AACI,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEA,MAAM,QAAQ,QAAgB,KAAsC;AAClE,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,EAAE,MAAM,IAAI;AAElB,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,QAAQ,CAAC,KAAK,mBAAmB,CAAC,KAAK,kBAAkB;AAC5D,YAAM,IAAI,eAAe,0CAA0C;AAAA,IACrE;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACtD;AAEA,UAAM,KAAK,eAAe,iBAAiB,IAAI;AAAA,EACjD;AACF;AAzC4D;AAArD,IAAM,0BAAN;;;ACYA,IAAM,kBAAN,MAAM,gBAAe;AAAA,EAW1B,YACE,cACA,eACA,iBACA,qBACA,uBACA,wBACA,wBACA,yBACA;AAWF,iBAAQ,8BAAO,KAAc,KAAe,SAAuB;AACjE,UAAI;AACF,cAAM,EAAE,eAAe,GAAG,SAAS,IAAc,IAAI;AACrD,cAAM,SAAS,MAAM,KAAK,aAAa,QAAQ,UAAU,aAAa;AACtE,YAAI,OAAO,GAAG,EAAE,KAAK,MAAM;AAAA,MAC7B,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GARQ;AAUR,kBAAS,8BACP,KACA,KACA,SACkB;AAClB,UAAI;AACF,cAAM,KAAK,cAAc,QAAQ,IAAI,OAAO,EAAE;AAC9C,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0BAA0B,CAAC;AAAA,MAC7D,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXS;AAaT,oBAAW,8BACT,KACA,KACA,SACkB;AAClB,UAAI;AACF,cAAM,EAAE,OAAO,MAAM,UAAU,MAAM,cAAc,IAAiB,IAAI;AACxE,cAAM,KAAK,gBAAgB,QAAQ,OAAO,MAAM,UAAU,MAAM,aAAa;AAAA,MAC/E,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXW;AAaX,wBAAe,8BAAO,KAAc,QAAkB;AACpD,YAAM,EAAE,aAAa,IAA0B,IAAI;AACnD,YAAM,SAAS,MAAM,KAAK,oBAAoB,QAAQ,YAAY;AAClE,UAAI,KAAK,MAAM;AAAA,IACjB,GAJe;AAMf,uBAAc,8BAAO,UAA0C;AAC7D,aAAO,MAAM,KAAK,oBAAoB,YAAY,KAAK;AAAA,IACzD,GAFc;AAId,oBAAW,8BAAO,KAAc,KAAe,SAAuB;AACpE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,SAAS,MAAM,KAAK,sBAAsB,QAAQ,MAAM;AAC9D,YAAI,OAAO,GAAG,EAAE,KAAK,MAAM;AAAA,MAC7B,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GARW;AAUX,qBAAY,8BAAO,KAAc,KAAe,SAAuB;AACrE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,MAAwB,IAAI;AAClC,cAAM,KAAK,uBAAuB,QAAQ,QAAQ,GAAG;AACrD,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0DAA0D,CAAC;AAAA,MAC7F,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GATY;AAWZ,qBAAY,8BAAO,KAAc,KAAe,SAAuB;AACrE,UAAI;AACF,cAAM,MAAwB,IAAI;AAClC,cAAM,SAAS,MAAM,KAAK,uBAAuB,QAAQ,GAAG;AAC5D,YAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UACnB,SAAS;AAAA,UACT,GAAG;AAAA,QACL,CAAC;AAAA,MACH,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXY;AAaZ,sBAAa,8BAAO,KAAc,KAAe,SAAuB;AACtE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,MAAwB,IAAI;AAClC,cAAM,KAAK,wBAAwB,QAAQ,QAAQ,GAAG;AACtD,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,2DAA2D,CAAC;AAAA,MAC9F,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GATa;AA1FX,SAAK,eAAe;AACpB,SAAK,gBAAgB;AACrB,SAAK,kBAAkB;AACvB,SAAK,sBAAsB;AAC3B,SAAK,wBAAwB;AAC7B,SAAK,yBAAyB;AAC9B,SAAK,yBAAyB;AAC9B,SAAK,0BAA0B;AAAA,EACjC;AA4FF;AAzH4B;AAArB,IAAM,iBAAN;;;ACjBA,IAAM,sBAAN,MAAM,oBAAmB;AAAA,EAG9B,YAAY,YAA4B;AACtC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAa,QAAQ,KAAc,KAAe,MAAoB;AACpE,QAAI;AACF,YAAM,QAAQ,IAAI,QAAQ,eAAe,MAAM,GAAG,EAAE,CAAC;AAErD,UAAI,CAAC,OAAO;AACV,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0BAA0B,CAAC;AAAA,MACpE;AAEA,YAAM,UAAU,MAAM,KAAK,WAAW,kBAAkB,KAAK;AAE7D,UAAI,CAAC,QAAQ,wBAAwB;AACnC,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UAC1B,SAAS;AAAA,UACT,MAAM;AAAA,UACN,QAAQ,QAAQ;AAAA,QAClB,CAAC;AAAA,MACH;AAEA,UAAI,OAAO,EAAE,GAAG,SAAS,wBAAwB,KAAK;AACtD,WAAK;AAAA,IACP,SAAS,OAAO;AACd,aAAO,IAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACrE;AAAA,EACF;AACF;AA/BgC;AAAzB,IAAM,qBAAN;;;ACHP,IAAAC,mBAAwD;AAKjD,IAAM,kBAAN,MAAM,wBACH,gCACuC;AAAA,EAC/C,YAAY,YAAoC;AAC9C,UAAM,UAAU;AAAA,EAClB;AAAA,EAEA,MAAM,YAAY,OAA2C;AAC3D,UAAM,QAAQ,KAAK,WAChB,mBAAmB,MAAM,EACzB,kBAAkB,aAAa,MAAM,EACrC,UAAU,eAAe,EACzB,MAAM,uBAAuB,EAAE,MAAM,CAAC;AAEzC,WAAO,MAAM,MAAM,OAAO;AAAA,EAC5B;AAAA,EAEA,MAAM,OAAO,QAA4D;AACvE,WAAO,MAAM,OAAO,MAAM;AAAA,EAC5B;AAAA,EAEA,MAAM,aAAa,QAA4C;AAC7D,UAAM,QAAQ,KAAK,WAChB,mBAAmB,MAAM,EACzB,kBAAkB,aAAa,MAAM,EACrC,UAAU,sBAAsB,EAChC,MAAM,qBAAqB,EAAE,OAAO,CAAC;AAExC,WAAO,MAAM,MAAM,OAAO;AAAE;AAAA,EAC9B;AAAA,EAEA,MAAM,OAAO,QAA+B;AAC1C,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,SAAK,eAAe;AACpB,SAAK,KAAK,WAAW;AAErB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,sBAAsB,QAAgB,QAA+B;AACzE,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,SAAK,kBAAkB;AAEvB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,gBAAgB,MAAiC;AAEpD,SAAK,mBAAmB;AAEzB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,iBAAiB,MAAiC;AAEtD,SAAK,mBAAmB;AACxB,SAAK,kBAAkB;AAEvB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,mBAAmB,QAAkC;AACzD,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,WAAO,CAAC,CAAC,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,mBAAmB,QAAwC;AAC/D,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,WAAO,KAAK;AAAA,EACd;AACF;AApFiD;AAF1C,IAAM,iBAAN;;;ACLP,UAAqB;AAErB,IAAAC,UAAwB;AACxB,IAAAC,mBAAiD;AAiB1C,IAAM,kBAAN,MAAM,gBAAqD;AAAA,EAGhE,YAA6B,YAA4B,QAAqB;AAAjD;AAC3B,SAAK,WAAW,MAAM;AAAA,EACxB;AAAA,EAEA,MAAc,WAAW,QAAqB;AAC5C,UAAM,aAAa,MAAM,qBAAqB;AAE9C,SAAK,YAAY;AAAA,MACf,mBAAmB,WAAW;AAAA,MAC9B,oBAAoB,WAAW;AAAA,MAC/B,mBAAoB,SAAS,WAAW,mBAAmB,EAAE;AAAA,MAC7D,oBAAoB,SAAS,WAAW,oBAAoB,EAAE;AAAA,MAC9D,GAAG;AAAA,IACL;AAEA,SAAK,sBAAsB;AAAA,EAC7B;AAAA,EAEA,MAAM,aAA4B;AAChC,cAAM,qCAAmB,KAAK,YAAY,UAAQ,KAAK,OAAO,CAAC;AAAA,EACjE;AAAA,EAEQ,wBAA8B;AACpC,QAAI,CAAC,KAAK,WAAW,qBAAqB,CAAC,KAAK,WAAW,oBAAoB;AAC7E,YAAM,IAAI,SAAS,gCAAgC;AAAA,IACrD;AAAA,EACF;AAAA,EAEA,MAAM,aAAa,OAAe,UAA8C;AAC9E,UAAM,OAAO,MAAM,KAAK,WAAW,YAAY,KAAK;AACpD,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,qBAAqB;AAAA,IAC/C;AAEA,UAAM,gBAAgB,MAAa,gBAAQ,UAAU,KAAK,QAAQ;AAClE,QAAI,CAAC,eAAe;AAClB,YAAM,IAAI,eAAe,qBAAqB;AAAA,IAChD;AAEA,WAAO;AAAA,EACT;AAAA,EAEQ,kBAAkB;AACxB,QAAI,CAAC,KAAK,UAAW,OAAM,IAAI,SAAS,uBAAuB;AAAA,EACjE;AAAA,EAEA,oBAAoB,MAA0B;AAC5C,SAAK,gBAAgB;AACrB,WAAW;AAAA,MACT,EAAE,QAAQ,KAAK,IAAI,OAAO,KAAK,OAAO,MAAM,KAAK,KAAK;AAAA,MACtD,KAAK,UAAW;AAAA,MAChB,EAAE,WAAW,KAAK,UAAW,kBAAkB;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,qBAAqB,MAA0B;AAC7C,SAAK,gBAAgB;AACrB,WAAW;AAAA,MACT,EAAE,QAAQ,KAAK,GAAG;AAAA,MAClB,KAAK,UAAW;AAAA,MAChB,EAAE,WAAW,KAAK,UAAW,mBAAmB;AAAA,IAClD;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,OAAe,QAAwC;AACvE,QAAI;AACF,aAAW,WAAO,OAAO,MAAM;AAAA,IACjC,QAAQ;AACN,YAAM,IAAI,kBAAkB;AAAA,IAC9B;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,OAAuC;AAC7D,SAAK,gBAAgB;AACrB,WAAO,KAAK,YAAY,OAAO,KAAK,UAAW,iBAAiB;AAAA,EAClE;AAAA,EAEA,MAAM,mBAAmB,OAAuC;AAC9D,SAAK,gBAAgB;AACrB,WAAO,KAAK,YAAY,OAAO,KAAK,UAAW,kBAAkB;AAAA,EACnE;AACF;AApFkE;AAA3D,IAAM,iBAAN;;;ACpBP,gBAA2B;AAC3B,aAAwB;AAMjB,IAAM,oBAAN,MAAM,kBAAyC;AAAA,EASpD,YAAY,QAAiB;AAP7B,SAAQ,cAAuB;AAQ7B,SAAK,SAAS;AAEd,SAAK,kBAAkB;AAAA,MACrB,aAAa,SAAS,OAAO,WAAW,KAAK;AAAA,MAC7C,cAAc,SAAS,OAAO,YAAY,KAAK;AAAA,MAC/C,eAAe;AAAA,QACb,sBAAsB;AAAA,QACtB,QAAQ;AAAA,QACR,OAAO;AAAA,QACP,OAAO;AAAA,UACL,MAAM;AAAA,UACN,OAAO;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,KAAK,YAAa;AAEtB,QAAI;AACF,WAAK,sBAAsB;AAC3B,WAAK,cAAc;AAAA,IACrB,SAAS,OAAO;AACd,cAAQ,MAAM,2CAA2C,KAAK;AAC9D,YAAM,IAAI,MAAM,uCAAuC;AAAA,IACzD;AAAA,EACF;AAAA,EAEQ,wBAA8B;AACpC,QAAI,CAAC,KAAK,OAAO,UAAU,KAAK,GAAG;AACjC,YAAM,IAAI,eAAe,yDAAyD;AAAA,IACpF;AAEA,QAAI,KAAK,gBAAgB,eAAe,IAAI;AAC1C,YAAM,IAAI,eAAe,8CAA8C;AAAA,IACzE;AAEA,QAAI,KAAK,gBAAgB,cAAc,KAAK,KAAK,gBAAgB,cAAc,GAAG;AAChF,YAAM,IAAI,eAAe,mDAAmD;AAAA,IAC9E;AAAA,EACF;AAAA,EAEQ,oBAA0B;AAChC,QAAI,CAAC,KAAK,aAAa;AACrB,YAAM,IAAI,eAAe,iDAAiD;AAAA,IAC5E;AAAA,EACF;AAAA,EAEO,eAAe,OAAuD;AAC3E,SAAK,kBAAkB;AAEvB,QAAI;AACF,YAAM,YAAsB,yBAAe;AAAA,QACzC,QAAQ,KAAK,gBAAgB;AAAA,QAC7B,MAAM,GAAG,KAAK,OAAO,QAAQ,IAAI,KAAK;AAAA,QACtC,QAAQ,KAAK,OAAO;AAAA,MACtB,CAAC;AAED,aAAO;AAAA,QACL,QAAQ,UAAU;AAAA,QAClB,YAAY,UAAU,eAAe;AAAA,MACvC;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,gCAAgC,KAAK;AACnD,YAAM,IAAI,MAAM,+BAA+B;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,MAAa,eAAe,YAAqC;AAC/D,SAAK,kBAAkB;AAEvB,QAAI;AACF,aAAO,MAAa,iBAAU,YAAY,KAAK,gBAAgB,aAAa;AAAA,IAC9E,SAAS,OAAO;AACd,cAAQ,MAAM,8BAA8B,KAAK;AACjD,YAAM,IAAI,eAAe,4BAA4B;AAAA,IACvD;AAAA,EACF;AAAA,EAEO,YAAY,OAAe,QAAyB;AACzD,SAAK,kBAAkB;AAEvB,QAAI;AACF,aAAiB,eAAK,OAAO;AAAA,QAC3B;AAAA,QACA,UAAU;AAAA,QACV;AAAA,QACA,QAAQ,KAAK,gBAAgB;AAAA,MAC/B,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,8BAA8B,KAAK;AACjD,YAAM,IAAI,eAAe,4BAA4B;AAAA,IACvD;AAAA,EACF;AACF;AAzGsD;AAA/C,IAAM,mBAAN;;;AlBaP,eAAe,oBAAoB,UAAwB;AACzD,QAAM,YAAY,IAAI,gCAAc,EAAE,SAAS,CAAC;AAEhD,QAAM,iBAAiB,IAAI;AAAA,IACzB,SAAS,cAAc,+BAAU;AAAA,EACnC;AACA,YAAU,mBAA+B,kBAAkB,cAAc;AAEzE,QAAM,iBAAiB,IAAI,eAAe,cAAc;AACxD,YAAU,gBAAgB,kBAAkB,cAAc;AAE1D,QAAM,aAAa,MAAM,qBAAqB;AAE9C,QAAM,mBAAmB,IAAI,iBAAiB,UAAU;AACxD,YAAU,gBAAgB,oBAAoB,gBAAgB;AAE9D,QAAM,qBAAqB,IAAI,mBAAmB,cAAc;AAEhE,QAAM,eAAe,IAAI,aAAa,gBAAgB,cAAc;AACpE,QAAM,gBAAgB,IAAI,cAAc,cAAc;AACtD,QAAM,kBAAkB,IAAI,gBAAgB,cAAc;AAC1D,QAAM,sBAAsB,IAAI;AAAA,IAC9B;AAAA,IACA;AAAA,EACF;AAEA,QAAM,wBAAwB,IAAI,sBAAsB,kBAAkB,cAAc;AACxF,QAAM,yBAAyB,IAAI,uBAAuB,kBAAkB,cAAc;AAC1F,QAAM,yBAAyB,IAAI;AAAA,IACjC;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACA,QAAM,0BAA0B,IAAI,wBAAwB,kBAAkB,cAAc;AAE5F,YAAU,gBAAgB,gBAAgB,YAAY;AACtD,YAAU,gBAAgB,iBAAiB,aAAa;AACxD,YAAU,gBAAgB,mBAAmB,eAAe;AAC5D,YAAU,gBAAgB,uBAAuB,mBAAmB;AACpE,YAAU,gBAAgB,yBAAyB,qBAAqB;AACxE,YAAU,gBAAgB,0BAA0B,sBAAsB;AAC1E,YAAU,gBAAgB,0BAA0B,sBAAsB;AAC1E,YAAU,gBAAgB,2BAA2B,uBAAuB;AAE5E,QAAM,iBAAiB,IAAI;AAAA,IACzB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,SAAO,EAAE,WAAW,gBAAgB,mBAAmB;AACzD;AAxDe;","names":["import_cca_core","import_cca_entities","import_cca_entities","bcrypt","import_core","import_classes","import_cca_entities","mapper","import_cca_core","import_cca_core","bcrypt","import_cca_entities","import_cca_core","import_cca_core","import_cca_core","import_cca_core","import_cca_core","bcrypt","import_cca_core"]}
|
package/dist/index.mjs
CHANGED
|
@@ -530,7 +530,7 @@ var _TwoFactorEnableUseCase = class _TwoFactorEnableUseCase {
|
|
|
530
530
|
if (!isValid) {
|
|
531
531
|
throw new TwoFactorError("Invalid verification code");
|
|
532
532
|
}
|
|
533
|
-
await this.authRepository.enableTwoFactor(user
|
|
533
|
+
await this.authRepository.enableTwoFactor(user);
|
|
534
534
|
}
|
|
535
535
|
};
|
|
536
536
|
__name(_TwoFactorEnableUseCase, "TwoFactorEnableUseCase");
|
|
@@ -611,7 +611,7 @@ var _TwoFactorDisableUseCase = class _TwoFactorDisableUseCase {
|
|
|
611
611
|
if (!isValid) {
|
|
612
612
|
throw new TwoFactorError("Invalid verification code");
|
|
613
613
|
}
|
|
614
|
-
await this.authRepository.disableTwoFactor(
|
|
614
|
+
await this.authRepository.disableTwoFactor(user);
|
|
615
615
|
}
|
|
616
616
|
};
|
|
617
617
|
__name(_TwoFactorDisableUseCase, "TwoFactorDisableUseCase");
|
|
@@ -750,10 +750,9 @@ var _AuthRepository = class _AuthRepository extends BaseRepository {
|
|
|
750
750
|
return super.create(entity);
|
|
751
751
|
}
|
|
752
752
|
async findByUserId(userId) {
|
|
753
|
-
const query = this.repository.createQueryBuilder("auth").leftJoinAndSelect("auth.user", "user").addSelect("auth.
|
|
754
|
-
|
|
755
|
-
|
|
756
|
-
return result;
|
|
753
|
+
const query = this.repository.createQueryBuilder("auth").leftJoinAndSelect("auth.user", "user").addSelect("auth.twoFactorSecret").where("user.id = :userId", { userId });
|
|
754
|
+
return await query.getOne();
|
|
755
|
+
;
|
|
757
756
|
}
|
|
758
757
|
async logout(userId) {
|
|
759
758
|
const auth = await this.findByUserId(userId);
|
|
@@ -772,22 +771,11 @@ var _AuthRepository = class _AuthRepository extends BaseRepository {
|
|
|
772
771
|
auth.twoFactorSecret = secret;
|
|
773
772
|
await this.update(auth.id, auth);
|
|
774
773
|
}
|
|
775
|
-
async enableTwoFactor(
|
|
776
|
-
const auth = await this.findByUserId(userId);
|
|
777
|
-
if (!auth) {
|
|
778
|
-
throw new NotFoundError("Auth not found");
|
|
779
|
-
}
|
|
780
|
-
if (!auth.twoFactorSecret) {
|
|
781
|
-
throw new NotFoundError("Two-factor secret not set");
|
|
782
|
-
}
|
|
774
|
+
async enableTwoFactor(auth) {
|
|
783
775
|
auth.twoFactorEnabled = true;
|
|
784
776
|
await this.update(auth.id, auth);
|
|
785
777
|
}
|
|
786
|
-
async disableTwoFactor(
|
|
787
|
-
const auth = await this.findByUserId(userId);
|
|
788
|
-
if (!auth) {
|
|
789
|
-
throw new NotFoundError("Auth not found");
|
|
790
|
-
}
|
|
778
|
+
async disableTwoFactor(auth) {
|
|
791
779
|
auth.twoFactorEnabled = false;
|
|
792
780
|
auth.twoFactorSecret = null;
|
|
793
781
|
await this.update(auth.id, auth);
|
|
@@ -920,18 +908,18 @@ var _TwoFactorService = class _TwoFactorService {
|
|
|
920
908
|
}
|
|
921
909
|
validateConfiguration() {
|
|
922
910
|
if (!this.config.app_name?.trim()) {
|
|
923
|
-
throw new
|
|
911
|
+
throw new TwoFactorError("Application name (appName) is required in configuration");
|
|
924
912
|
}
|
|
925
913
|
if (this.twoFactorConfig.secretLength < 16) {
|
|
926
|
-
throw new
|
|
914
|
+
throw new TwoFactorError("Secret length must be at least 16 characters");
|
|
927
915
|
}
|
|
928
916
|
if (this.twoFactorConfig.tokenWindow < 0 || this.twoFactorConfig.tokenWindow > 5) {
|
|
929
|
-
throw new
|
|
917
|
+
throw new TwoFactorError("Token verification window must be between 0 and 5");
|
|
930
918
|
}
|
|
931
919
|
}
|
|
932
920
|
ensureInitialized() {
|
|
933
921
|
if (!this.initialized) {
|
|
934
|
-
throw new
|
|
922
|
+
throw new TwoFactorError("TwoFactorService must be initialized before use");
|
|
935
923
|
}
|
|
936
924
|
}
|
|
937
925
|
generateSecret(email) {
|
|
@@ -957,7 +945,7 @@ var _TwoFactorService = class _TwoFactorService {
|
|
|
957
945
|
return await QRCode.toDataURL(otpAuthUrl, this.twoFactorConfig.qrCodeOptions);
|
|
958
946
|
} catch (error) {
|
|
959
947
|
console.error("QR code generation failed:", error);
|
|
960
|
-
throw new
|
|
948
|
+
throw new TwoFactorError("Failed to generate QR code");
|
|
961
949
|
}
|
|
962
950
|
}
|
|
963
951
|
verifyToken(token, secret) {
|
|
@@ -971,7 +959,7 @@ var _TwoFactorService = class _TwoFactorService {
|
|
|
971
959
|
});
|
|
972
960
|
} catch (error) {
|
|
973
961
|
console.error("Token verification failed:", error);
|
|
974
|
-
throw new
|
|
962
|
+
throw new TwoFactorError("Failed to verify 2FA token");
|
|
975
963
|
}
|
|
976
964
|
}
|
|
977
965
|
};
|
package/dist/index.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/application/config/ConfigManager.ts","../src/utils/Errors.ts","../src/application/service/utils/configInstance.ts","../src/infrastructure/container/createAuthContainer.ts","../src/application/useCase/LoginUseCase.ts","../src/application/dtos/UserDTO.ts","../src/application/validators/authValidation.ts","../src/application/mappers/utils/mapper.ts","../src/application/mappers/createUserMappings.ts","../src/application/dtos/RegisterDTO.ts","../src/application/useCase/LogoutUseCase.ts","../src/application/useCase/RegisterUseCase.ts","../src/application/useCase/RefreshTokenUseCase.ts","../src/application/useCase/TwoFactorSetupUseCase.ts","../src/application/useCase/TwoFactorEnableUseCase.ts","../src/application/useCase/TwoFactorVerifyUseCase.ts","../src/application/useCase/TwoFactorDisableUseCase.ts","../src/presentation/controller/AuthController.ts","../src/presentation/middleware/RequireComplete2FA.ts","../src/infrastructure/repository/AuthRepository.ts","../src/infrastructure/services/JwtAuthService.ts","../src/infrastructure/services/TwoFactorService.ts"],"sourcesContent":["import { EventEmitter } from \"events\";\r\nimport { IConfig, ConfigSource } from \"../../domain/interfaces/configTypes\";\r\nimport { ConfigNotFoundException } from \"../../utils/Errors\";\r\n\r\nexport class ConfigManager extends EventEmitter {\r\n private config?: IConfig;\r\n private configSource?: ConfigSource;\r\n\r\n setConfigSource(source: ConfigSource): void {\r\n this.configSource = source;\r\n }\r\n\r\n setConfig(cfg: IConfig): void {\r\n this.config = { ...cfg };\r\n this.emit(\"configAvailable\", this.config);\r\n }\r\n\r\n getConfig(): IConfig | undefined {\r\n return this.config;\r\n }\r\n\r\n async loadConfig(): Promise<IConfig> {\r\n if (!this.configSource) {\r\n throw new ConfigNotFoundException(\"Config source not set\");\r\n }\r\n try {\r\n const config = await this.configSource();\r\n this.setConfig(config);\r\n return config;\r\n } catch (error) {\r\n throw new ConfigNotFoundException(\"Error loading configuration\");\r\n }\r\n }\r\n}\r\n\r\nexport const configManager = new ConfigManager();\r\n","export class AppError extends Error {\r\n constructor(\r\n public message: string,\r\n public statusCode: number = 500,\r\n public name: string = \"AppError\"\r\n ) {\r\n super(message);\r\n Object.setPrototypeOf(this, new.target.prototype);\r\n Error.captureStackTrace(this);\r\n }\r\n}\r\n\r\nexport class ValidationError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"ValidationError\";\r\n }\r\n}\r\n\r\nexport class ConfigNotFoundException extends AppError {\r\n constructor(message: string) {\r\n super(message);\r\n this.name = \"ConfigNotFoundException\";\r\n }\r\n}\r\n\r\nexport class NotFoundError extends AppError {\r\n constructor(message: string) {\r\n super(message, 404, \"UserNotFoundError\");\r\n }\r\n}\r\n\r\nexport class ForbiddenError extends AppError {\r\n constructor(message: string = \"Forbidden access\") {\r\n super(message, 403);\r\n this.name = \"ForbiddenError\";\r\n }\r\n}\r\n\r\nexport class UnauthorizedError extends AppError {\r\n constructor(message: string = \"Unauthorized access\") {\r\n super(message, 401);\r\n this.name = \"UnauthorizedError\";\r\n }\r\n}\r\n\r\nexport class JwtError extends AppError {\r\n constructor(message: string) {\r\n super(message, 401);\r\n this.name = \"JwtError\";\r\n }\r\n}\r\n\r\nexport class RegistrationError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"RegistrationError\";\r\n }\r\n}\r\n\r\nexport class TwoFactorError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"TwoFactorERROR\";\r\n }\r\n}","import { configManager } from \"../../config/ConfigManager\";\r\nimport { IConfig, ConfigSource } from \"../../../domain/interfaces/configTypes\";\r\n\r\nexport const authConfig = (configSource: ConfigSource): void => {\r\n configManager.setConfigSource(configSource);\r\n};\r\n\r\nexport const createConfigInstance = async (): Promise<IConfig> => {\r\n return configManager.getConfig() ?? (await configManager.loadConfig());\r\n};\r\n","import { BaseContainer, BaseDatabase } from \"cca-core\";\r\nimport { AuthEntity } from \"cca-entities\";\r\n\r\nimport { LoginUseCase } from \"../../application/useCase/LoginUseCase\";\r\nimport { LogoutUseCase } from \"../../application/useCase/LogoutUseCase\";\r\nimport { RegisterUseCase } from \"../../application/useCase/RegisterUseCase\";\r\nimport { RefreshTokenUseCase } from \"../../application/useCase/RefreshTokenUseCase\";\r\nimport { TwoFactorSetupUseCase } from \"../../application/useCase/TwoFactorSetupUseCase\";\r\nimport { TwoFactorEnableUseCase } from \"../../application/useCase/TwoFactorEnableUseCase\";\r\nimport { TwoFactorVerifyUseCase } from \"../../application/useCase/TwoFactorVerifyUseCase\";\r\nimport { TwoFactorDisableUseCase } from \"../../application/useCase/TwoFactorDisableUseCase\";\r\n\r\nimport { AuthController } from \"../../presentation/controller/AuthController\";\r\nimport { RequireComplete2FA } from \"../../presentation/middleware/RequireComplete2FA\";\r\n\r\nimport { AuthRepository } from \"../repository/AuthRepository\";\r\nimport { JwtAuthService } from \"../services/JwtAuthService\";\r\nimport { TwoFactorService } from \"../services/TwoFactorService\";\r\nimport { createConfigInstance } from \"../../application/service/utils/configInstance\";\r\n\r\nasync function createAuthContainer(database: BaseDatabase) {\r\n const container = new BaseContainer({ database });\r\n\r\n const authRepository = new AuthRepository(\r\n database.getRepository(AuthEntity)\r\n );\r\n container.registerRepository<AuthEntity>(\"AuthRepository\", authRepository);\r\n\r\n const jwtAuthService = new JwtAuthService(authRepository);\r\n container.registerService(\"JwtAuthService\", jwtAuthService);\r\n\r\n const configData = await createConfigInstance();\r\n\r\n const twoFactorService = new TwoFactorService(configData);\r\n container.registerService(\"TwoFactorService\", twoFactorService);\r\n\r\n const requireComplete2FA = new RequireComplete2FA(jwtAuthService);\r\n\r\n const loginUseCase = new LoginUseCase(authRepository, jwtAuthService);\r\n const logoutUseCase = new LogoutUseCase(authRepository);\r\n const registerUseCase = new RegisterUseCase(authRepository);\r\n const refreshTokenUseCase = new RefreshTokenUseCase(\r\n authRepository,\r\n jwtAuthService\r\n );\r\n\r\n const twoFactorSetupUseCase = new TwoFactorSetupUseCase(twoFactorService, authRepository);\r\n const twoFactorEnableUseCase = new TwoFactorEnableUseCase(twoFactorService, authRepository);\r\n const twoFactorVerifyUseCase = new TwoFactorVerifyUseCase(\r\n twoFactorService,\r\n authRepository,\r\n jwtAuthService\r\n );\r\n const twoFactorDisableUseCase = new TwoFactorDisableUseCase(twoFactorService, authRepository);\r\n\r\n container.registerService(\"LoginUseCase\", loginUseCase);\r\n container.registerService(\"LogoutUseCase\", logoutUseCase);\r\n container.registerService(\"RegisterUseCase\", registerUseCase);\r\n container.registerService(\"RefreshTokenUseCase\", refreshTokenUseCase);\r\n container.registerService(\"TwoFactorSetupUseCase\", twoFactorSetupUseCase);\r\n container.registerService(\"TwoFactorEnableUseCase\", twoFactorEnableUseCase);\r\n container.registerService(\"TwoFactorVerifyUseCase\", twoFactorVerifyUseCase);\r\n container.registerService(\"TwoFactorDisableUseCase\", twoFactorDisableUseCase);\r\n\r\n const authController = new AuthController(\r\n loginUseCase,\r\n logoutUseCase,\r\n registerUseCase,\r\n refreshTokenUseCase,\r\n twoFactorSetupUseCase,\r\n twoFactorEnableUseCase,\r\n twoFactorVerifyUseCase,\r\n twoFactorDisableUseCase\r\n );\r\n\r\n return { container, authController, requireComplete2FA };\r\n}\r\n\r\nexport { createAuthContainer };","import { IBaseService, validateRepository } from \"cca-core\";\r\nimport { AuthEntity, UserEntity, UserRole } from \"cca-entities\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\nimport { JwtAuthService } from \"../../infrastructure/services/JwtAuthService\";\r\nimport { UserDTO } from \"../dtos/UserDTO\";\r\nimport { LoginDTO } from \"../dtos/LoginDTO\";\r\nimport { validateAdminSecret, validateLoginDTO } from \"../validators/authValidation\";\r\nimport { mapper } from \"../mappers/utils/mapper\";\r\n\r\ninterface TokenPair {\r\n accessToken: string;\r\n refreshToken: string;\r\n}\r\n\r\ninterface LoginResponse {\r\n token: TokenPair;\r\n user: UserDTO;\r\n}\r\n\r\nexport class LoginUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly authService: JwtAuthService;\r\n\r\n constructor(\r\n repository: AuthRepository,\r\n authService: JwtAuthService\r\n ) {\r\n this.repository = repository;\r\n this.authService = authService\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(loginDTO: LoginDTO, adminPassword?: string): Promise<LoginResponse> {\r\n const auth = await this.validateLogin(loginDTO, adminPassword);\r\n const token = await this.handleAuthentication(auth);\r\n const userDTO = this.mapUserToDTO(auth.user);\r\n\r\n return { token, user: userDTO };\r\n }\r\n\r\n private async validateLogin(\r\n loginDTO: LoginDTO,\r\n adminPassword?: string\r\n ): Promise<AuthEntity> {\r\n const auth = await validateLoginDTO(loginDTO, this.repository);\r\n\r\n if (loginDTO.role === UserRole.ADMIN && adminPassword) {\r\n await validateAdminSecret(adminPassword);\r\n }\r\n\r\n return auth;\r\n }\r\n\r\n private async handleAuthentication(auth: AuthEntity): Promise<TokenPair> {\r\n const token = this.generateTokens(auth);\r\n await this.updateUserStatus(auth);\r\n await this.updateUserRefreshToken(auth, token.refreshToken);\r\n\r\n return token;\r\n }\r\n\r\n private generateTokens(auth: AuthEntity): TokenPair {\r\n return {\r\n accessToken: this.authService.generateAccessToken(auth.user),\r\n refreshToken: this.authService.generateRefreshToken(auth.user)\r\n };\r\n }\r\n\r\n private async updateUserStatus(auth: AuthEntity): Promise<void> {\r\n auth.user.lastLoginAt = new Date();\r\n auth.user.isActive = true;\r\n await this.repository.update(auth.id, auth);\r\n }\r\n\r\n private async updateUserRefreshToken(\r\n auth: AuthEntity,\r\n refreshToken: string\r\n ): Promise<void> {\r\n auth.refreshToken = refreshToken;\r\n await this.repository.update(auth.id, { refreshToken });\r\n }\r\n\r\n private mapUserToDTO(user: UserEntity): UserDTO {\r\n return mapper.map(user, UserEntity, UserDTO);\r\n }\r\n}","import { AutoMap } from \"@automapper/classes\";\r\nimport { UserRole } from \"cca-entities\";\r\n\r\nexport class UserDTO {\r\n @AutoMap()\r\n id!: string;\r\n\r\n @AutoMap()\r\n name!: string;\r\n\r\n @AutoMap()\r\n email!: string;\r\n\r\n @AutoMap()\r\n role!: UserRole;\r\n\r\n adminPassword?: string;\r\n}","import * as yup from \"yup\";\r\nimport { AuthEntity, UserRole } from \"cca-entities\";\r\nimport bcrypt from \"bcrypt\";\r\n\r\nimport {\r\n ForbiddenError,\r\n NotFoundError,\r\n ValidationError,\r\n} from \"../../utils/Errors\";\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nimport { RegisterDTO } from \"../dtos/RegisterDTO\";\r\nimport { LoginDTO } from \"../dtos/LoginDTO\";\r\nimport { createConfigInstance } from \"../service/utils/configInstance\";\r\n\r\nconst schemas = {\r\n id: yup.string().uuid(\"Invalid user ID format\"),\r\n email: yup\r\n .string()\r\n .email(\"Invalid email format\")\r\n .max(255, \"Email cannot exceed 255 characters\"),\r\n name: yup\r\n .string()\r\n .required(\"Name is required\")\r\n .min(2, \"Name must be at least 2 characters long\")\r\n .max(50, \"Name cannot exceed 50 characters\")\r\n .matches(/^[a-zA-Z\\s]+$/, \"Name must only contain letters and spaces\"),\r\n password: yup\r\n .string()\r\n .required(\"Password required\")\r\n .min(8, \"Password too short\")\r\n .max(100, \"Password too long\")\r\n .matches(\r\n /^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]/,\r\n \"Password must contain uppercase, lowercase, number and special character\"\r\n ),\r\n role: yup\r\n .string()\r\n .required(\"Role is required\")\r\n .oneOf(Object.values(UserRole), \"Invalid role specified\"),\r\n};\r\n\r\nexport const validateEmail = async (\r\n email: string,\r\n repository: AuthRepository\r\n): Promise<AuthEntity> => {\r\n try {\r\n await schemas.email.validate(email?.trim().toLowerCase());\r\n const user = await repository.findByEmail(email);\r\n if (!user) {\r\n throw new NotFoundError(\r\n \"The email address or password is incorrect. Please retry\"\r\n );\r\n }\r\n return user;\r\n } catch (error: any) {\r\n throw new ValidationError(error.message || \"Invalid email format\");\r\n }\r\n};\r\n\r\nexport const validatePassword = async (password?: string): Promise<void> => {\r\n if (password) {\r\n try {\r\n await schemas.password.validate(password);\r\n } catch (error: any) {\r\n throw new ValidationError(error.message || \"Invalid password format\");\r\n }\r\n }\r\n};\r\n\r\nexport const validateEmailUniqueness = async (\r\n repository: AuthRepository,\r\n email: string,\r\n excludeUserId?: string\r\n): Promise<void> => {\r\n try {\r\n await schemas.email.validate(email?.trim().toLowerCase());\r\n\r\n const existingUser = await repository.findByEmail(email);\r\n\r\n if (!existingUser) return;\r\n if (existingUser.id === excludeUserId) return;\r\n\r\n throw new ValidationError(`Email ${email} is already in use.`);\r\n } catch (error: any) {\r\n if (error instanceof ValidationError) {\r\n throw error;\r\n }\r\n throw new ValidationError(\"user email validation failed\");\r\n }\r\n};\r\n\r\nexport const validateRegisterDTO = async (\r\n auth: RegisterDTO,\r\n repository: AuthRepository\r\n): Promise<void> => {\r\n const { name, email, role, password } = auth;\r\n\r\n await Promise.all([\r\n schemas.name.validate(name),\r\n schemas.role.validate(role),\r\n validateEmailUniqueness(repository, email),\r\n validatePassword(password),\r\n ]);\r\n};\r\n\r\nexport const validateLoginDTO = async (\r\n data: LoginDTO,\r\n repository: AuthRepository\r\n): Promise<AuthEntity> => {\r\n const { email, role, password } = data;\r\n\r\n await Promise.all([schemas.role.validate(role), schemas.password.validate(password)]);\r\n\r\n const auth = await validateEmail(email, repository);\r\n if (!auth || !auth.password) {\r\n throw new NotFoundError(\"Invalid credentials\");\r\n }\r\n\r\n const isMatch = await bcrypt.compare(password, auth.password);\r\n if (!isMatch) {\r\n throw new ForbiddenError(\"Invalid credentials\");\r\n }\r\n\r\n return auth;\r\n};\r\n\r\nexport const validateAdminSecret = async (\r\n secretPassword?: string\r\n): Promise<void> => {\r\n if (!secretPassword) {\r\n throw new ValidationError(\"Admin password is required\");\r\n }\r\n\r\n try {\r\n const config = await createConfigInstance();\r\n\r\n if (!config.adminSecretPassword) {\r\n throw new ValidationError(\"ADMIN_SECRET_PASSWORD not found in config\");\r\n }\r\n\r\n if (parseInt(secretPassword) !== parseInt(config.adminSecretPassword)) {\r\n throw new ValidationError(\"Invalid admin password\");\r\n }\r\n } catch (error) {\r\n if (error instanceof ValidationError) {\r\n throw error;\r\n }\r\n throw new ValidationError(\"Error validating admin password\");\r\n }\r\n};\r\n","import { createMapper } from '@automapper/core';\r\nimport { classes } from '@automapper/classes';\r\n\r\nimport { createUserMappings } from '../createUserMappings';\r\n\r\nexport const mapper = createMapper({\r\n strategyInitializer: classes(),\r\n});\r\n\r\ncreateUserMappings(mapper);\r\n","import { Mapper, createMap, forMember, mapFrom } from '@automapper/core';\r\nimport { AuthEntity, UserEntity } from 'cca-entities';\r\n\r\nimport { RegisterDTO } from '../dtos/RegisterDTO';\r\nimport { UserDTO } from '../dtos/UserDTO';\r\n\r\nexport function createUserMappings(mapper: Mapper): void {\r\n createMap(\r\n mapper, \r\n RegisterDTO,\r\n AuthEntity,\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.password, mapFrom(src => src.password)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n\r\n createMap(\r\n mapper, \r\n RegisterDTO,\r\n UserEntity,\r\n forMember(dest => dest.name, mapFrom(src => src.name)),\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n\r\n createMap(\r\n mapper,\r\n UserEntity,\r\n UserDTO,\r\n forMember(dest => dest.id, mapFrom(src => src.id)),\r\n forMember(dest => dest.name, mapFrom(src => src.name)),\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n}","import { UserRole } from \"cca-entities\";\r\n\r\nexport class RegisterDTO {\r\n email!: string;\r\n name!: string;\r\n password!: string;\r\n role!: UserRole;\r\n adminPassword?: string;\r\n}\r\n","import { IBaseService, validateRepository } from \"cca-core\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\nimport { NotFoundError } from \"../../utils/Errors\";\r\n\r\n\r\nexport class LogoutUseCase implements IBaseService {\r\n private readonly repository: AuthRepository\r\n\r\n constructor(repository: AuthRepository) {\r\n this.repository = repository;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(authId: string): Promise<void> {\r\n try {\r\n await this.repository.logout(authId);\r\n } catch (error) {\r\n new NotFoundError(\"Auth not found\");\r\n }\r\n }\r\n}","import { IBaseService, validateRepository } from \"cca-core\";\r\nimport * as bcrypt from \"bcrypt\";\r\nimport { AuthEntity, UserEntity, UserRole } from \"cca-entities\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nimport { mapper } from \"../mappers/utils/mapper\";\r\nimport { RegisterDTO } from \"../dtos/RegisterDTO\";\r\nimport { validateAdminSecret, validateRegisterDTO } from \"../validators/authValidation\";\r\nimport { RegistrationError } from \"../../utils/Errors\";\r\n\r\nexport class RegisterUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly SALT_ROUNDS = 10;\r\n\r\n constructor(repository: AuthRepository) {\r\n this.repository = repository;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n public async execute(\r\n email: string,\r\n name: string,\r\n password: string,\r\n role: UserRole = UserRole.GUEST,\r\n adminPassword?: string\r\n ): Promise<AuthEntity | undefined> {\r\n try {\r\n\r\n const normalizedDTO = this.normalizeAuthDTO({\r\n email,\r\n name,\r\n password,\r\n role,\r\n adminPassword\r\n });\r\n\r\n if (role === UserRole.ADMIN && adminPassword) {\r\n await validateAdminSecret(adminPassword);\r\n }\r\n\r\n await validateRegisterDTO(normalizedDTO, this.repository);\r\n\r\n const hashedPassword = await this.hashPassword(normalizedDTO.password);\r\n const authEntity = await this.createAuthEntity(\r\n normalizedDTO,\r\n hashedPassword\r\n );\r\n\r\n return await this.repository.create(authEntity);\r\n } catch (error: any) {\r\n throw new RegistrationError(`Registration failed: ${error.message}`);\r\n }\r\n }\r\n\r\n private normalizeAuthDTO(dto: RegisterDTO): RegisterDTO {\r\n return {\r\n name: dto.name.trim(),\r\n email: dto.email.trim().toLowerCase(),\r\n role: dto.role,\r\n password: dto.password.trim(),\r\n adminPassword: dto.adminPassword?.trim()\r\n };\r\n }\r\n\r\n private async hashPassword(password: string): Promise<string> {\r\n return await bcrypt.hash(password, this.SALT_ROUNDS);\r\n }\r\n\r\n private async createAuthEntity(dto: RegisterDTO, hashedPassword: string): Promise<AuthEntity> {\r\n const authEntity = mapper.map(dto, RegisterDTO, AuthEntity);\r\n const userEntity = mapper.map(dto, RegisterDTO, UserEntity);\r\n\r\n authEntity.password = hashedPassword;\r\n authEntity.refreshToken = \"\";\r\n authEntity.user = userEntity;\r\n authEntity.user.updatedAt = null as any;\r\n\r\n return authEntity;\r\n }\r\n}\r\n","import { IBaseService, validateRepository } from \"cca-core\";\r\n\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\n\r\nimport { JwtAuthService } from \"../../infrastructure/services/JwtAuthService\";\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nexport class RefreshTokenUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly service: JwtAuthService;\r\n\r\n constructor(repository: AuthRepository, service: JwtAuthService) {\r\n this.repository = repository;\r\n this.service = service;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(\r\n refreshToken: string\r\n ): Promise<{ accessToken: string; refreshToken: string } | null> {\r\n try {\r\n const decoded = await this.service.verifyRefreshToken(refreshToken);\r\n\r\n const auth = decoded.userId\r\n ? await this.repository.findById(decoded.userId)\r\n : null;\r\n\r\n if (!auth || auth.refreshToken !== refreshToken) {\r\n return null;\r\n }\r\n\r\n const accessToken = this.service.generateAccessToken(auth.user);\r\n const newRefreshToken = this.service.generateRefreshToken(auth.user);\r\n\r\n await this.repository.update(auth.id, {\r\n refreshToken: newRefreshToken,\r\n });\r\n\r\n return { accessToken, refreshToken: newRefreshToken };\r\n } catch (error) {\r\n return null;\r\n }\r\n }\r\n\r\n async verityToken(token: string): Promise<IDecodedToken> {\r\n return await this.service.verifyAccessToken(token);\r\n }\r\n}\r\n","import { IBaseService } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorSetupResponse } from '../../domain/interfaces/ITwoFactorSetupResponse';\r\n\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorSetupUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize()\r\n ]);\r\n \r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string): Promise<ITwoFactorSetupResponse> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const user = await this.authRepository.findByUserId(userId);\r\n \r\n if (!user) {\r\n throw new TwoFactorError('User not found');\r\n }\r\n \r\n if (user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is already enabled');\r\n }\r\n \r\n const { secret, otpAuthUrl } = this.twoFactorService.generateSecret(user.email);\r\n const qrCodeUrl = await this.twoFactorService.generateQRCode(otpAuthUrl);\r\n \r\n await this.authRepository.updateTwoFactorSecret(userId, secret);\r\n \r\n return { secret, otpAuthUrl, qrCodeUrl };\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorEnable } from '../../domain/interfaces/ITwoFactorEnable';\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorEnableUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n \r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n \r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string, dto: ITwoFactorEnable): Promise<void> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { token } = dto;\r\n \r\n if (!token) {\r\n throw new TwoFactorError('Token is required');\r\n }\r\n \r\n const user = await this.authRepository.findByUserId(userId); \r\n \r\n if (!user || !user.twoFactorSecret) {\r\n throw new TwoFactorError('Please set up two-factor authentication first');\r\n }\r\n \r\n if (user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is already enabled');\r\n }\r\n \r\n const isValid = this.twoFactorService.verifyToken(token, user.twoFactorSecret);\r\n \r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n \r\n await this.authRepository.enableTwoFactor(user.id);\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { JwtAuthService } from '../../infrastructure/services/JwtAuthService';\r\nimport { ITwoFactorVerify } from '../../domain/interfaces/ITwoFactorVerify';\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorVerifyUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private jwtService: JwtAuthService;\r\n private isInitialized = false;\r\n\r\n constructor(\r\n twoFactorService: TwoFactorService,\r\n authRepository: AuthRepository,\r\n jwtService: JwtAuthService\r\n ) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n this.jwtService = jwtService;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n\r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n this.jwtService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n4\r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(dto: ITwoFactorVerify): Promise<{ token: string; refreshToken: string }> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { userId, token } = dto;\r\n\r\n if (!userId || !token) {\r\n throw new TwoFactorError('user ID and token are required');\r\n }\r\n\r\n const auth = await this.authRepository.findByUserId(userId);\r\n\r\n console.log(\"auth\", auth);\r\n \r\n\r\n if (!auth || !auth.twoFactorSecret || !auth.twoFactorEnabled) {\r\n throw new TwoFactorError('Invalid request');\r\n }\r\n\r\n const isValid = this.twoFactorService.verifyToken(token, auth.twoFactorSecret);\r\n\r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n\r\n return {\r\n token: this.jwtService.generateAccessToken(auth.user),\r\n refreshToken: this.jwtService.generateRefreshToken(auth.user)\r\n }\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorEnable } from '../../domain/interfaces/ITwoFactorEnable';\r\n\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorDisableUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n4\r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string, dto: ITwoFactorEnable): Promise<void> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { token } = dto;\r\n \r\n const user = await this.authRepository.findByUserId(userId);\r\n \r\n if (!user || !user.twoFactorSecret || !user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is not enabled');\r\n }\r\n \r\n const isValid = this.twoFactorService.verifyToken(token, user.twoFactorSecret);\r\n \r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n \r\n await this.authRepository.disableTwoFactor(userId);\r\n }\r\n}","import { NextFunction, Request, Response } from \"express\";\r\n\r\nimport { LoginDTO } from \"../../application/dtos/LoginDTO\";\r\nimport { RegisterDTO } from \"../../application/dtos/RegisterDTO\";\r\n\r\nimport { RegisterUseCase } from \"../../application/useCase/RegisterUseCase\";\r\nimport { LoginUseCase } from \"../../application/useCase/LoginUseCase\";\r\nimport { LogoutUseCase } from \"../../application/useCase/LogoutUseCase\";\r\nimport { RefreshTokenUseCase } from \"../../application/useCase/RefreshTokenUseCase\";\r\nimport { TwoFactorSetupUseCase } from \"../../application/useCase/TwoFactorSetupUseCase\";\r\nimport { TwoFactorEnableUseCase } from \"../../application/useCase/TwoFactorEnableUseCase\";\r\nimport { TwoFactorVerifyUseCase } from \"../../application/useCase/TwoFactorVerifyUseCase\";\r\nimport { TwoFactorDisableUseCase } from \"../../application/useCase/TwoFactorDisableUseCase\";\r\n\r\nimport { IRefreshTokenRequest } from \"../../domain/interfaces/IRefreshTokenRequest\";\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\nimport { ITwoFactorEnable } from \"../../domain/interfaces/ITwoFactorEnable\";\r\nimport { ITwoFactorVerify } from \"../../domain/interfaces/ITwoFactorVerify\";\r\n\r\n\r\nexport class AuthController {\r\n private readonly loginUseCase: LoginUseCase;\r\n private readonly logoutUseCase: LogoutUseCase;\r\n private readonly registerUseCase: RegisterUseCase;\r\n private readonly refreshTokenUseCase: RefreshTokenUseCase;\r\n\r\n private twoFactorSetupUseCase: TwoFactorSetupUseCase;\r\n private twoFactorEnableUseCase: TwoFactorEnableUseCase;\r\n private twoFactorVerifyUseCase: TwoFactorVerifyUseCase;\r\n private twoFactorDisableUseCase: TwoFactorDisableUseCase;\r\n\r\n constructor(\r\n loginUseCase: LoginUseCase,\r\n logoutUseCase: LogoutUseCase,\r\n registerUseCase: RegisterUseCase,\r\n refreshTokenUseCase: RefreshTokenUseCase,\r\n twoFactorSetupUseCase: TwoFactorSetupUseCase,\r\n twoFactorEnableUseCase: TwoFactorEnableUseCase,\r\n twoFactorVerifyUseCase: TwoFactorVerifyUseCase,\r\n twoFactorDisableUseCase: TwoFactorDisableUseCase\r\n ) {\r\n this.loginUseCase = loginUseCase;\r\n this.logoutUseCase = logoutUseCase;\r\n this.registerUseCase = registerUseCase;\r\n this.refreshTokenUseCase = refreshTokenUseCase;\r\n this.twoFactorSetupUseCase = twoFactorSetupUseCase;\r\n this.twoFactorEnableUseCase = twoFactorEnableUseCase;\r\n this.twoFactorVerifyUseCase = twoFactorVerifyUseCase;\r\n this.twoFactorDisableUseCase = twoFactorDisableUseCase;\r\n }\r\n\r\n login = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const { adminPassword, ...loginDTO }: LoginDTO = req.body;\r\n const result = await this.loginUseCase.execute(loginDTO, adminPassword);\r\n res.status(201).json(result);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n logout = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction\r\n ): Promise<void> => {\r\n try {\r\n await this.logoutUseCase.execute(req.params.id);\r\n res.status(200).json({ message: 'Logged out successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n register = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction\r\n ): Promise<void> => {\r\n try {\r\n const { email, name, password, role, adminPassword }: RegisterDTO = req.body;\r\n await this.registerUseCase.execute(email, name, password, role, adminPassword);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n refreshToken = async (req: Request, res: Response) => {\r\n const { refreshToken }: IRefreshTokenRequest = req.body;\r\n const result = await this.refreshTokenUseCase.execute(refreshToken);\r\n res.json(result);\r\n };\r\n\r\n verifyToken = async (token: string): Promise<IDecodedToken> => {\r\n return await this.refreshTokenUseCase.verityToken(token);\r\n };\r\n\r\n setup2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const result = await this.twoFactorSetupUseCase.execute(userId);\r\n res.status(200).json(result);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n enable2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const dto: ITwoFactorEnable = req.body;\r\n await this.twoFactorEnableUseCase.execute(userId, dto);\r\n res.status(200).json({ message: 'Two-factor authentication has been enabled successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n verify2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const dto: ITwoFactorVerify = req.body;\r\n const result = await this.twoFactorVerifyUseCase.execute(dto);\r\n res.status(200).json({\r\n message: 'Two-factor authentication successful',\r\n ...result\r\n });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n disable2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const dto: ITwoFactorEnable = req.body;\r\n await this.twoFactorDisableUseCase.execute(userId, dto);\r\n res.status(200).json({ message: 'Two-factor authentication has been disabled successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n}\r\n","import { NextFunction, Request, Response } from 'express';\r\nimport { JwtAuthService } from '../../infrastructure/services/JwtAuthService';\r\n\r\nexport class RequireComplete2FA {\r\n private readonly jwtService: JwtAuthService;\r\n\r\n constructor(jwtService: JwtAuthService) {\r\n this.jwtService = jwtService;\r\n }\r\n\r\n public async execute(req: Request, res: Response, next: NextFunction) {\r\n try {\r\n const token = req.headers.authorization?.split(' ')[1];\r\n\r\n if (!token) {\r\n return res.status(401).json({ message: 'Authentication required' });\r\n }\r\n\r\n const decoded = await this.jwtService.verifyAccessToken(token);\r\n\r\n if (!decoded.twoFactorAuthenticated) {\r\n return res.status(403).json({\r\n message: 'Two-factor authentication required',\r\n code: 'REQUIRE_2FA',\r\n userId: decoded.id\r\n });\r\n }\r\n\r\n req.auth = { ...decoded, twoFactorAuthenticated: true };\r\n next();\r\n } catch (error) {\r\n return res.status(401).json({ message: 'Invalid or expired token' });\r\n }\r\n }\r\n}","import { BaseRepository, IExtendedBaseRepository } from \"cca-core\";\r\nimport { AuthEntity } from \"cca-entities\";\r\nimport { Repository } from \"typeorm\";\r\nimport { NotFoundError } from \"../../utils/Errors\";\r\n\r\nexport class AuthRepository\r\n extends BaseRepository<AuthEntity>\r\n implements IExtendedBaseRepository<AuthEntity> {\r\n constructor(repository: Repository<AuthEntity>) {\r\n super(repository);\r\n }\r\n\r\n async findByEmail(email: string): Promise<AuthEntity | null> {\r\n const query = this.repository\r\n .createQueryBuilder(\"auth\")\r\n .leftJoinAndSelect(\"auth.user\", \"user\")\r\n .addSelect(\"auth.password\")\r\n .where(\"auth.email = :email\", { email });\r\n\r\n return await query.getOne();\r\n }\r\n\r\n async create(entity: Omit<AuthEntity, \"createdAt\">): Promise<AuthEntity> {\r\n return super.create(entity);\r\n }\r\n\r\n async findByUserId(userId: string): Promise<AuthEntity | null> {\r\n const query = this.repository\r\n .createQueryBuilder(\"auth\")\r\n .leftJoinAndSelect(\"auth.user\", \"user\")\r\n .addSelect(\"auth.two_factor_secret\") \r\n .where(\"user.id = :userId\", { userId });\r\n\r\n const result = await query.getOne();\r\n console.log(\"User_1\", result);\r\n \r\n return result;\r\n }\r\n\r\n async logout(userId: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n auth.refreshToken = \"\";\r\n auth.user.isActive = false;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async updateTwoFactorSecret(userId: string, secret: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n auth.twoFactorSecret = secret;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async enableTwoFactor(userId: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n if (!auth.twoFactorSecret) {\r\n throw new NotFoundError(\"Two-factor secret not set\");\r\n }\r\n\r\n auth.twoFactorEnabled = true;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async disableTwoFactor(userId: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n auth.twoFactorEnabled = false;\r\n auth.twoFactorSecret = null;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async isTwoFactorEnabled(userId: string): Promise<boolean> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n return !!auth.twoFactorEnabled;\r\n }\r\n\r\n async getTwoFactorSecret(userId: string): Promise<string | null> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n return auth.twoFactorSecret;\r\n }\r\n}\r\n","import * as jwt from \"jsonwebtoken\";\r\nimport { Secret, SignOptions } from \"jsonwebtoken\";\r\nimport * as bcrypt from \"bcrypt\";\r\nimport { IBaseService, validateRepository } from \"cca-core\";\r\nimport { AuthEntity, UserEntity } from \"cca-entities\";\r\n\r\nimport { IJwtConfig } from \"../../domain/interfaces/IJwtConfig\";\r\nimport { IAuthService } from \"../../domain/interfaces/IAuthService\";\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\n\r\nimport {\r\n ForbiddenError,\r\n JwtError,\r\n NotFoundError,\r\n UnauthorizedError,\r\n} from \"../../utils/Errors\";\r\n\r\nimport { AuthRepository } from \"../repository/AuthRepository\";\r\nimport { createConfigInstance } from \"../../application/service/utils/configInstance\";\r\n\r\nexport class JwtAuthService implements IBaseService, IAuthService {\r\n private jwtConfig: IJwtConfig | undefined;\r\n\r\n constructor(private readonly repository: AuthRepository, config?: IJwtConfig) {\r\n this.loadConfig(config);\r\n }\r\n\r\n private async loadConfig(config?: IJwtConfig) {\r\n const configData = await createConfigInstance();\r\n\r\n this.jwtConfig = {\r\n accessTokenSecret: configData.accessTokenSecret,\r\n refreshTokenSecret: configData.refreshTokenSecret,\r\n accessTokenExpiry: parseInt(configData.accessTokenExpiry, 10),\r\n refreshTokenExpiry: parseInt(configData.refreshTokenExpiry, 10),\r\n ...config,\r\n };\r\n\r\n this.validateConfiguration();\r\n }\r\n\r\n async initialize(): Promise<void> {\r\n await validateRepository(this.repository, repo => repo.getAll());\r\n }\r\n\r\n private validateConfiguration(): void {\r\n if (!this.jwtConfig?.accessTokenSecret || !this.jwtConfig?.refreshTokenSecret) {\r\n throw new JwtError(\"JWT secrets required in config\");\r\n }\r\n }\r\n\r\n async validateUser(email: string, password: string): Promise<AuthEntity | null> {\r\n const user = await this.repository.findByEmail(email);\r\n if (!user) {\r\n throw new NotFoundError(\"Invalid credentials\");\r\n }\r\n\r\n const validPassword = await bcrypt.compare(password, user.password);\r\n if (!validPassword) {\r\n throw new ForbiddenError(\"Invalid credentials\");\r\n }\r\n\r\n return user;\r\n }\r\n\r\n private verifyJwtConfig() {\r\n if (!this.jwtConfig) throw new JwtError(\"JWT config not loaded\");\r\n }\r\n\r\n generateAccessToken(user: UserEntity): string {\r\n this.verifyJwtConfig();\r\n return jwt.sign(\r\n { userId: user.id, email: user.email, role: user.role },\r\n this.jwtConfig!.accessTokenSecret as Secret,\r\n { expiresIn: this.jwtConfig!.accessTokenExpiry }\r\n );\r\n }\r\n\r\n generateRefreshToken(user: UserEntity): string {\r\n this.verifyJwtConfig();\r\n return jwt.sign(\r\n { userId: user.id },\r\n this.jwtConfig!.refreshTokenSecret as Secret,\r\n { expiresIn: this.jwtConfig!.refreshTokenExpiry }\r\n );\r\n }\r\n\r\n async verifyToken(token: string, secret: string): Promise<IDecodedToken> {\r\n try {\r\n return jwt.verify(token, secret) as IDecodedToken;\r\n } catch {\r\n throw new UnauthorizedError();\r\n }\r\n }\r\n\r\n async verifyAccessToken(token: string): Promise<IDecodedToken> {\r\n this.verifyJwtConfig();\r\n return this.verifyToken(token, this.jwtConfig!.accessTokenSecret);\r\n }\r\n\r\n async verifyRefreshToken(token: string): Promise<IDecodedToken> {\r\n this.verifyJwtConfig();\r\n return this.verifyToken(token, this.jwtConfig!.refreshTokenSecret);\r\n }\r\n}\r\n","import * as speakeasy from 'speakeasy';\r\nimport * as QRCode from 'qrcode';\r\nimport { IBaseService } from 'cca-core';\r\nimport { IConfig } from '../../domain/interfaces/configTypes';\r\n\r\nexport class TwoFactorService implements IBaseService {\r\n private readonly config: IConfig;\r\n private initialized: boolean = false;\r\n private readonly twoFactorConfig: {\r\n tokenWindow: number;\r\n secretLength: number;\r\n qrCodeOptions: QRCode.QRCodeToDataURLOptions;\r\n };\r\n\r\n constructor(config: IConfig) {\r\n this.config = config;\r\n \r\n this.twoFactorConfig = {\r\n tokenWindow: parseInt(config.tokenWindow) ?? 1,\r\n secretLength: parseInt(config.secretLength) ?? 20,\r\n qrCodeOptions: {\r\n errorCorrectionLevel: 'M',\r\n margin: 4,\r\n scale: 4,\r\n color: {\r\n dark: '#000000',\r\n light: '#ffffff'\r\n }\r\n }\r\n };\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n try {\r\n this.validateConfiguration();\r\n this.initialized = true;\r\n } catch (error) {\r\n console.error('TwoFactorService initialization failed:', error);\r\n throw new Error('Failed to initialize TwoFactorService');\r\n }\r\n }\r\n\r\n private validateConfiguration(): void {\r\n if (!this.config.app_name?.trim()) {\r\n throw new Error('Application name (appName) is required in configuration');\r\n }\r\n\r\n if (this.twoFactorConfig.secretLength < 16) {\r\n throw new Error('Secret length must be at least 16 characters');\r\n }\r\n\r\n if (this.twoFactorConfig.tokenWindow < 0 || this.twoFactorConfig.tokenWindow > 5) {\r\n throw new Error('Token verification window must be between 0 and 5');\r\n }\r\n }\r\n\r\n private ensureInitialized(): void {\r\n if (!this.initialized) {\r\n throw new Error('TwoFactorService must be initialized before use');\r\n }\r\n }\r\n\r\n public generateSecret(email: string): { secret: string; otpAuthUrl: string } {\r\n this.ensureInitialized();\r\n\r\n try {\r\n const secretObj = speakeasy.generateSecret({\r\n length: this.twoFactorConfig.secretLength,\r\n name: `${this.config.app_name}:${email}`,\r\n issuer: this.config.app_name\r\n });\r\n \r\n return {\r\n secret: secretObj.base32,\r\n otpAuthUrl: secretObj.otpauth_url || ''\r\n };\r\n } catch (error) {\r\n console.error('Error generating 2FA secret:', error);\r\n throw new Error('Failed to generate 2FA secret');\r\n }\r\n }\r\n\r\n public async generateQRCode(otpAuthUrl: string): Promise<string> {\r\n this.ensureInitialized();\r\n\r\n try {\r\n return await QRCode.toDataURL(otpAuthUrl, this.twoFactorConfig.qrCodeOptions);\r\n } catch (error) {\r\n console.error('QR code generation failed:', error);\r\n throw new Error('Failed to generate QR code');\r\n }\r\n }\r\n\r\n public verifyToken(token: string, secret: string): boolean {\r\n this.ensureInitialized();\r\n\r\n try {\r\n return speakeasy.totp.verify({\r\n secret,\r\n encoding: 'base32',\r\n token,\r\n window: this.twoFactorConfig.tokenWindow\r\n });\r\n } catch (error) {\r\n console.error('Token verification failed:', error);\r\n throw new Error('Failed to verify 2FA token');\r\n }\r\n }\r\n}"],"mappings":";;;;;;;;;;;;;AAAA,SAAS,oBAAoB;;;ACAtB,IAAM,YAAN,MAAM,kBAAiB,MAAM;AAAA,EAClC,YACS,SACA,aAAqB,KACrB,OAAe,YACtB;AACA,UAAM,OAAO;AAJN;AACA;AACA;AAGP,WAAO,eAAe,MAAM,WAAW,SAAS;AAChD,UAAM,kBAAkB,IAAI;AAAA,EAC9B;AACF;AAVoC;AAA7B,IAAM,WAAN;AAYA,IAAM,mBAAN,MAAM,yBAAwB,SAAS;AAAA,EAC5C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL8C;AAAvC,IAAM,kBAAN;AAOA,IAAM,2BAAN,MAAM,iCAAgC,SAAS;AAAA,EACpD,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AALsD;AAA/C,IAAM,0BAAN;AAOA,IAAM,iBAAN,MAAM,uBAAsB,SAAS;AAAA,EAC1C,YAAY,SAAiB;AAC3B,UAAM,SAAS,KAAK,mBAAmB;AAAA,EACzC;AACF;AAJ4C;AAArC,IAAM,gBAAN;AAMA,IAAM,kBAAN,MAAM,wBAAuB,SAAS;AAAA,EAC3C,YAAY,UAAkB,oBAAoB;AAChD,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL6C;AAAtC,IAAM,iBAAN;AAOA,IAAM,qBAAN,MAAM,2BAA0B,SAAS;AAAA,EAC9C,YAAY,UAAkB,uBAAuB;AACnD,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALgD;AAAzC,IAAM,oBAAN;AAOA,IAAM,YAAN,MAAM,kBAAiB,SAAS;AAAA,EACrC,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALuC;AAAhC,IAAM,WAAN;AAOA,IAAM,qBAAN,MAAM,2BAA0B,SAAS;AAAA,EAC9C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALgD;AAAzC,IAAM,oBAAN;AAOA,IAAM,kBAAN,MAAM,wBAAuB,SAAS;AAAA,EAC3C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL6C;AAAtC,IAAM,iBAAN;;;ADxDA,IAAM,iBAAN,MAAM,uBAAsB,aAAa;AAAA,EAI5C,gBAAgB,QAA4B;AACxC,SAAK,eAAe;AAAA,EACxB;AAAA,EAEA,UAAU,KAAoB;AAC1B,SAAK,SAAS,EAAE,GAAG,IAAI;AACvB,SAAK,KAAK,mBAAmB,KAAK,MAAM;AAAA,EAC5C;AAAA,EAEA,YAAiC;AAC7B,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,aAA+B;AACjC,QAAI,CAAC,KAAK,cAAc;AACpB,YAAM,IAAI,wBAAwB,uBAAuB;AAAA,IAC7D;AACA,QAAI;AACA,YAAM,SAAS,MAAM,KAAK,aAAa;AACvC,WAAK,UAAU,MAAM;AACrB,aAAO;AAAA,IACX,SAAS,OAAO;AACZ,YAAM,IAAI,wBAAwB,6BAA6B;AAAA,IACnE;AAAA,EACJ;AACJ;AA7BgD;AAAzC,IAAM,gBAAN;AA+BA,IAAM,gBAAgB,IAAI,cAAc;;;AEhCxC,IAAM,aAAa,wBAAC,iBAAqC;AAC9D,gBAAc,gBAAgB,YAAY;AAC5C,GAF0B;AAInB,IAAM,uBAAuB,mCAA8B;AAChE,SAAO,cAAc,UAAU,KAAM,MAAM,cAAc,WAAW;AACtE,GAFoC;;;ACPpC,SAAS,qBAAmC;AAC5C,SAAS,cAAAA,mBAAkB;;;ACD3B,SAAuB,0BAA0B;AACjD,SAAqB,cAAAC,aAAY,YAAAC,iBAAgB;;;ACDjD,SAAS,eAAe;AAGjB,IAAM,WAAN,MAAM,SAAQ;AAcrB;AAdqB;AAEnB;AAAA,EADC,QAAQ;AAAA,GADE,SAEX;AAGA;AAAA,EADC,QAAQ;AAAA,GAJE,SAKX;AAGA;AAAA,EADC,QAAQ;AAAA,GAPE,SAQX;AAGA;AAAA,EADC,QAAQ;AAAA,GAVE,SAWX;AAXK,IAAM,UAAN;;;ACHP,YAAY,SAAS;AACrB,SAAqB,gBAAgB;AACrC,OAAO,YAAY;AAanB,IAAM,UAAU;AAAA,EACd,IAAQ,WAAO,EAAE,KAAK,wBAAwB;AAAA,EAC9C,OACG,WAAO,EACP,MAAM,sBAAsB,EAC5B,IAAI,KAAK,oCAAoC;AAAA,EAChD,MACG,WAAO,EACP,SAAS,kBAAkB,EAC3B,IAAI,GAAG,yCAAyC,EAChD,IAAI,IAAI,kCAAkC,EAC1C,QAAQ,iBAAiB,2CAA2C;AAAA,EACvE,UACG,WAAO,EACP,SAAS,mBAAmB,EAC5B,IAAI,GAAG,oBAAoB,EAC3B,IAAI,KAAK,mBAAmB,EAC5B;AAAA,IACC;AAAA,IACA;AAAA,EACF;AAAA,EACF,MACG,WAAO,EACP,SAAS,kBAAkB,EAC3B,MAAM,OAAO,OAAO,QAAQ,GAAG,wBAAwB;AAC5D;AAEO,IAAM,gBAAgB,8BAC3B,OACA,eACwB;AACxB,MAAI;AACF,UAAM,QAAQ,MAAM,SAAS,OAAO,KAAK,EAAE,YAAY,CAAC;AACxD,UAAM,OAAO,MAAM,WAAW,YAAY,KAAK;AAC/C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT,SAAS,OAAY;AACnB,UAAM,IAAI,gBAAgB,MAAM,WAAW,sBAAsB;AAAA,EACnE;AACF,GAhB6B;AAkBtB,IAAM,mBAAmB,8BAAO,aAAqC;AAC1E,MAAI,UAAU;AACZ,QAAI;AACF,YAAM,QAAQ,SAAS,SAAS,QAAQ;AAAA,IAC1C,SAAS,OAAY;AACnB,YAAM,IAAI,gBAAgB,MAAM,WAAW,yBAAyB;AAAA,IACtE;AAAA,EACF;AACF,GARgC;AAUzB,IAAM,0BAA0B,8BACrC,YACA,OACA,kBACkB;AAClB,MAAI;AACF,UAAM,QAAQ,MAAM,SAAS,OAAO,KAAK,EAAE,YAAY,CAAC;AAExD,UAAM,eAAe,MAAM,WAAW,YAAY,KAAK;AAEvD,QAAI,CAAC,aAAc;AACnB,QAAI,aAAa,OAAO,cAAe;AAEvC,UAAM,IAAI,gBAAgB,SAAS,KAAK,qBAAqB;AAAA,EAC/D,SAAS,OAAY;AACnB,QAAI,iBAAiB,iBAAiB;AACpC,YAAM;AAAA,IACR;AACA,UAAM,IAAI,gBAAgB,8BAA8B;AAAA,EAC1D;AACF,GApBuC;AAsBhC,IAAM,sBAAsB,8BACjC,MACA,eACkB;AAClB,QAAM,EAAE,MAAM,OAAO,MAAM,SAAS,IAAI;AAExC,QAAM,QAAQ,IAAI;AAAA,IAChB,QAAQ,KAAK,SAAS,IAAI;AAAA,IAC1B,QAAQ,KAAK,SAAS,IAAI;AAAA,IAC1B,wBAAwB,YAAY,KAAK;AAAA,IACzC,iBAAiB,QAAQ;AAAA,EAC3B,CAAC;AACH,GAZmC;AAc5B,IAAM,mBAAmB,8BAC9B,MACA,eACwB;AACxB,QAAM,EAAE,OAAO,MAAM,SAAS,IAAI;AAElC,QAAM,QAAQ,IAAI,CAAC,QAAQ,KAAK,SAAS,IAAI,GAAG,QAAQ,SAAS,SAAS,QAAQ,CAAC,CAAC;AAEpF,QAAM,OAAO,MAAM,cAAc,OAAO,UAAU;AAClD,MAAI,CAAC,QAAQ,CAAC,KAAK,UAAU;AAC3B,UAAM,IAAI,cAAc,qBAAqB;AAAA,EAC/C;AAEA,QAAM,UAAU,MAAM,OAAO,QAAQ,UAAU,KAAK,QAAQ;AAC5D,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,eAAe,qBAAqB;AAAA,EAChD;AAEA,SAAO;AACT,GAnBgC;AAqBzB,IAAM,sBAAsB,8BACjC,mBACkB;AAClB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,gBAAgB,4BAA4B;AAAA,EACxD;AAEA,MAAI;AACF,UAAM,SAAS,MAAM,qBAAqB;AAE1C,QAAI,CAAC,OAAO,qBAAqB;AAC/B,YAAM,IAAI,gBAAgB,2CAA2C;AAAA,IACvE;AAEA,QAAI,SAAS,cAAc,MAAM,SAAS,OAAO,mBAAmB,GAAG;AACrE,YAAM,IAAI,gBAAgB,wBAAwB;AAAA,IACpD;AAAA,EACF,SAAS,OAAO;AACd,QAAI,iBAAiB,iBAAiB;AACpC,YAAM;AAAA,IACR;AACA,UAAM,IAAI,gBAAgB,iCAAiC;AAAA,EAC7D;AACF,GAvBmC;;;AC/HnC,SAAS,oBAAoB;AAC7B,SAAS,eAAe;;;ACDxB,SAAiB,WAAW,WAAW,eAAe;AACtD,SAAS,cAAAC,aAAY,kBAAkB;;;ACChC,IAAM,eAAN,MAAM,aAAY;AAMzB;AANyB;AAAlB,IAAM,cAAN;;;ADIA,SAAS,mBAAmBC,SAAsB;AACrD;AAAA,IACIA;AAAA,IACA;AAAA,IACAC;AAAA,IACA,UAAU,UAAQ,KAAK,OAAO,QAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,IACvD,UAAU,UAAQ,KAAK,UAAU,QAAQ,SAAO,IAAI,QAAQ,CAAC;AAAA,IAC7D,UAAU,UAAQ,KAAK,MAAM,QAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAE1D;AAAA,IACID;AAAA,IACA;AAAA,IACA;AAAA,IACA,UAAU,UAAQ,KAAK,MAAM,QAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,IACrD,UAAU,UAAQ,KAAK,OAAO,QAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,IACvD,UAAU,UAAQ,KAAK,MAAM,QAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAE1D;AAAA,IACIA;AAAA,IACA;AAAA,IACA;AAAA,IACA,UAAU,UAAQ,KAAK,IAAI,QAAQ,SAAO,IAAI,EAAE,CAAC;AAAA,IACjD,UAAU,UAAQ,KAAK,MAAM,QAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,IACrD,UAAU,UAAQ,KAAK,OAAO,QAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,IACvD,UAAU,UAAQ,KAAK,MAAM,QAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAC9D;AAzBgB;;;ADDT,IAAM,SAAS,aAAa;AAAA,EACjC,qBAAqB,QAAQ;AAC/B,CAAC;AAED,mBAAmB,MAAM;;;AHWlB,IAAM,gBAAN,MAAM,cAAqC;AAAA,EAIhD,YACE,YACA,aACA;AACA,SAAK,aAAa;AAClB,SAAK,cAAc;AAAA,EACrB;AAAA,EAEA,MAAa,aAA4B;AACvC,UAAM,mBAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAM,QAAQ,UAAoB,eAAgD;AAChF,UAAM,OAAO,MAAM,KAAK,cAAc,UAAU,aAAa;AAC7D,UAAM,QAAQ,MAAM,KAAK,qBAAqB,IAAI;AAClD,UAAM,UAAU,KAAK,aAAa,KAAK,IAAI;AAE3C,WAAO,EAAE,OAAO,MAAM,QAAQ;AAAA,EAChC;AAAA,EAEA,MAAc,cACZ,UACA,eACqB;AACrB,UAAM,OAAO,MAAM,iBAAiB,UAAU,KAAK,UAAU;AAE7D,QAAI,SAAS,SAASE,UAAS,SAAS,eAAe;AACrD,YAAM,oBAAoB,aAAa;AAAA,IACzC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,qBAAqB,MAAsC;AACvE,UAAM,QAAQ,KAAK,eAAe,IAAI;AACtC,UAAM,KAAK,iBAAiB,IAAI;AAChC,UAAM,KAAK,uBAAuB,MAAM,MAAM,YAAY;AAE1D,WAAO;AAAA,EACT;AAAA,EAEQ,eAAe,MAA6B;AAClD,WAAO;AAAA,MACL,aAAa,KAAK,YAAY,oBAAoB,KAAK,IAAI;AAAA,MAC3D,cAAc,KAAK,YAAY,qBAAqB,KAAK,IAAI;AAAA,IAC/D;AAAA,EACF;AAAA,EAEA,MAAc,iBAAiB,MAAiC;AAC9D,SAAK,KAAK,cAAc,oBAAI,KAAK;AACjC,SAAK,KAAK,WAAW;AACrB,UAAM,KAAK,WAAW,OAAO,KAAK,IAAI,IAAI;AAAA,EAC5C;AAAA,EAEA,MAAc,uBACZ,MACA,cACe;AACf,SAAK,eAAe;AACpB,UAAM,KAAK,WAAW,OAAO,KAAK,IAAI,EAAE,aAAa,CAAC;AAAA,EACxD;AAAA,EAEQ,aAAa,MAA2B;AAC9C,WAAO,OAAO,IAAI,MAAMC,aAAY,OAAO;AAAA,EAC7C;AACF;AArEkD;AAA3C,IAAM,eAAN;;;AMpBP,SAAuB,sBAAAC,2BAA0B;AAM1C,IAAM,iBAAN,MAAM,eAAsC;AAAA,EAG/C,YAAY,YAA4B;AACpC,SAAK,aAAa;AAAA,EACtB;AAAA,EAEA,MAAa,aAA4B;AACrC,UAAMC,oBAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACrF;AAAA,EAEA,MAAM,QAAQ,QAA+B;AACzC,QAAI;AACA,YAAM,KAAK,WAAW,OAAO,MAAM;AAAA,IACvC,SAAS,OAAO;AACZ,UAAI,cAAc,gBAAgB;AAAA,IACtC;AAAA,EACJ;AACJ;AAlBmD;AAA5C,IAAM,gBAAN;;;ACNP,SAAuB,sBAAAC,2BAA0B;AACjD,YAAYC,aAAY;AACxB,SAAS,cAAAC,aAAY,cAAAC,aAAY,YAAAC,iBAAgB;AAS1C,IAAM,mBAAN,MAAM,iBAAwC;AAAA,EAInD,YAAY,YAA4B;AAFxC,SAAiB,cAAc;AAG7B,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAa,aAA4B;AACvC,UAAMC,oBAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAa,QACX,OACA,MACA,UACA,OAAiBC,UAAS,OAC1B,eACiC;AACjC,QAAI;AAEF,YAAM,gBAAgB,KAAK,iBAAiB;AAAA,QAC1C;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF,CAAC;AAED,UAAI,SAASA,UAAS,SAAS,eAAe;AAC5C,cAAM,oBAAoB,aAAa;AAAA,MACzC;AAEA,YAAM,oBAAoB,eAAe,KAAK,UAAU;AAExD,YAAM,iBAAiB,MAAM,KAAK,aAAa,cAAc,QAAQ;AACrE,YAAM,aAAa,MAAM,KAAK;AAAA,QAC5B;AAAA,QACA;AAAA,MACF;AAEA,aAAO,MAAM,KAAK,WAAW,OAAO,UAAU;AAAA,IAChD,SAAS,OAAY;AACnB,YAAM,IAAI,kBAAkB,wBAAwB,MAAM,OAAO,EAAE;AAAA,IACrE;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA+B;AACtD,WAAO;AAAA,MACL,MAAM,IAAI,KAAK,KAAK;AAAA,MACpB,OAAO,IAAI,MAAM,KAAK,EAAE,YAAY;AAAA,MACpC,MAAM,IAAI;AAAA,MACV,UAAU,IAAI,SAAS,KAAK;AAAA,MAC5B,eAAe,IAAI,eAAe,KAAK;AAAA,IACzC;AAAA,EACF;AAAA,EAEA,MAAc,aAAa,UAAmC;AAC5D,WAAO,MAAa,aAAK,UAAU,KAAK,WAAW;AAAA,EACrD;AAAA,EAEA,MAAc,iBAAiB,KAAkB,gBAA6C;AAC5F,UAAM,aAAa,OAAO,IAAI,KAAK,aAAaC,WAAU;AAC1D,UAAM,aAAa,OAAO,IAAI,KAAK,aAAaC,WAAU;AAE1D,eAAW,WAAW;AACtB,eAAW,eAAe;AAC1B,eAAW,OAAO;AAClB,eAAW,KAAK,YAAY;AAE5B,WAAO;AAAA,EACT;AACF;AAxEqD;AAA9C,IAAM,kBAAN;;;ACXP,SAAuB,sBAAAC,2BAA0B;AAO1C,IAAM,uBAAN,MAAM,qBAA4C;AAAA,EAIvD,YAAY,YAA4B,SAAyB;AAC/D,SAAK,aAAa;AAClB,SAAK,UAAU;AAAA,EACjB;AAAA,EAEA,MAAa,aAA4B;AACvC,UAAMC,oBAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAM,QACJ,cAC+D;AAC/D,QAAI;AACF,YAAM,UAAU,MAAM,KAAK,QAAQ,mBAAmB,YAAY;AAElE,YAAM,OAAO,QAAQ,SACjB,MAAM,KAAK,WAAW,SAAS,QAAQ,MAAM,IAC7C;AAEJ,UAAI,CAAC,QAAQ,KAAK,iBAAiB,cAAc;AAC/C,eAAO;AAAA,MACT;AAEA,YAAM,cAAc,KAAK,QAAQ,oBAAoB,KAAK,IAAI;AAC9D,YAAM,kBAAkB,KAAK,QAAQ,qBAAqB,KAAK,IAAI;AAEnE,YAAM,KAAK,WAAW,OAAO,KAAK,IAAI;AAAA,QACpC,cAAc;AAAA,MAChB,CAAC;AAED,aAAO,EAAE,aAAa,cAAc,gBAAgB;AAAA,IACtD,SAAS,OAAO;AACd,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,OAAuC;AACvD,WAAO,MAAM,KAAK,QAAQ,kBAAkB,KAAK;AAAA,EACnD;AACF;AA3CyD;AAAlD,IAAM,sBAAN;;;ACCA,IAAM,yBAAN,MAAM,uBAA6C;AAAA,EAKxD,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EACxB;AAAA,EACA,MAAM,aAA4B;AAChC,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MAChB,KAAK,iBAAiB,WAAW;AAAA,IACnC,CAAC;AAED,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEA,MAAM,QAAQ,QAAkD;AAC9D,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,eAAe,gBAAgB;AAAA,IAC3C;AAEA,QAAI,KAAK,kBAAkB;AACzB,YAAM,IAAI,eAAe,8CAA8C;AAAA,IACzE;AAEA,UAAM,EAAE,QAAQ,WAAW,IAAI,KAAK,iBAAiB,eAAe,KAAK,KAAK;AAC9E,UAAM,YAAY,MAAM,KAAK,iBAAiB,eAAe,UAAU;AAEvE,UAAM,KAAK,eAAe,sBAAsB,QAAQ,MAAM;AAE9D,WAAO,EAAE,QAAQ,YAAY,UAAU;AAAA,EACzC;AACF;AAzC0D;AAAnD,IAAM,wBAAN;;;ACRP,SAAuB,sBAAAC,2BAA0B;AAO1C,IAAM,0BAAN,MAAM,wBAA8C;AAAA,EAKzD,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EAExB;AAAA,EACA,MAAM,aAA4B;AAC9B,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,MACjCC,oBAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AAED,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEF,MAAM,QAAQ,QAAgB,KAAsC;AAClE,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,EAAE,MAAM,IAAI;AAElB,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,eAAe,mBAAmB;AAAA,IAC9C;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,QAAQ,CAAC,KAAK,iBAAiB;AAClC,YAAM,IAAI,eAAe,+CAA+C;AAAA,IAC1E;AAEA,QAAI,KAAK,kBAAkB;AACzB,YAAM,IAAI,eAAe,8CAA8C;AAAA,IACzE;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACtD;AAEA,UAAM,KAAK,eAAe,gBAAgB,KAAK,EAAE;AAAA,EACnD;AACF;AAlD2D;AAApD,IAAM,yBAAN;;;ACPP,SAAuB,sBAAAC,2BAA0B;AAQ1C,IAAM,0BAAN,MAAM,wBAA8C;AAAA,EAMvD,YACI,kBACA,gBACA,YACF;AANF,SAAQ,gBAAgB;AAOpB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AACtB,SAAK,aAAa;AAAA,EACtB;AAAA,EACA,MAAM,aAA4B;AAC9B,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,MACjC,KAAK,WAAW,WAAW;AAAA,MAC3BC,oBAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AACT;AACQ,SAAK,gBAAgB;AAAA,EACzB;AAAA,EAEA,MAAM,QAAQ,KAAyE;AACnF,QAAI,CAAC,KAAK,eAAe;AACrB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEF,UAAM,EAAE,QAAQ,MAAM,IAAI;AAE1B,QAAI,CAAC,UAAU,CAAC,OAAO;AACnB,YAAM,IAAI,eAAe,gCAAgC;AAAA,IAC7D;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,YAAQ,IAAI,QAAQ,IAAI;AAGxB,QAAI,CAAC,QAAQ,CAAC,KAAK,mBAAmB,CAAC,KAAK,kBAAkB;AAC1D,YAAM,IAAI,eAAe,iBAAiB;AAAA,IAC9C;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACV,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACxD;AAEA,WAAO;AAAA,MACH,OAAO,KAAK,WAAW,oBAAoB,KAAK,IAAI;AAAA,MACpD,cAAc,KAAK,WAAW,qBAAqB,KAAK,IAAI;AAAA,IAChE;AAAA,EACJ;AACJ;AA1D2D;AAApD,IAAM,yBAAN;;;ACRP,SAAuB,sBAAAC,2BAA0B;AAQ1C,IAAM,2BAAN,MAAM,yBAA+C;AAAA,EAK1D,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EACxB;AAAA,EACA,MAAM,aAA4B;AAChC,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,MACjCC,oBAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AACL;AACI,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEA,MAAM,QAAQ,QAAgB,KAAsC;AAClE,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,EAAE,MAAM,IAAI;AAElB,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,QAAQ,CAAC,KAAK,mBAAmB,CAAC,KAAK,kBAAkB;AAC5D,YAAM,IAAI,eAAe,0CAA0C;AAAA,IACrE;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACtD;AAEA,UAAM,KAAK,eAAe,iBAAiB,MAAM;AAAA,EACnD;AACF;AAzC4D;AAArD,IAAM,0BAAN;;;ACYA,IAAM,kBAAN,MAAM,gBAAe;AAAA,EAW1B,YACE,cACA,eACA,iBACA,qBACA,uBACA,wBACA,wBACA,yBACA;AAWF,iBAAQ,8BAAO,KAAc,KAAe,SAAuB;AACjE,UAAI;AACF,cAAM,EAAE,eAAe,GAAG,SAAS,IAAc,IAAI;AACrD,cAAM,SAAS,MAAM,KAAK,aAAa,QAAQ,UAAU,aAAa;AACtE,YAAI,OAAO,GAAG,EAAE,KAAK,MAAM;AAAA,MAC7B,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GARQ;AAUR,kBAAS,8BACP,KACA,KACA,SACkB;AAClB,UAAI;AACF,cAAM,KAAK,cAAc,QAAQ,IAAI,OAAO,EAAE;AAC9C,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0BAA0B,CAAC;AAAA,MAC7D,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXS;AAaT,oBAAW,8BACT,KACA,KACA,SACkB;AAClB,UAAI;AACF,cAAM,EAAE,OAAO,MAAM,UAAU,MAAM,cAAc,IAAiB,IAAI;AACxE,cAAM,KAAK,gBAAgB,QAAQ,OAAO,MAAM,UAAU,MAAM,aAAa;AAAA,MAC/E,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXW;AAaX,wBAAe,8BAAO,KAAc,QAAkB;AACpD,YAAM,EAAE,aAAa,IAA0B,IAAI;AACnD,YAAM,SAAS,MAAM,KAAK,oBAAoB,QAAQ,YAAY;AAClE,UAAI,KAAK,MAAM;AAAA,IACjB,GAJe;AAMf,uBAAc,8BAAO,UAA0C;AAC7D,aAAO,MAAM,KAAK,oBAAoB,YAAY,KAAK;AAAA,IACzD,GAFc;AAId,oBAAW,8BAAO,KAAc,KAAe,SAAuB;AACpE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,SAAS,MAAM,KAAK,sBAAsB,QAAQ,MAAM;AAC9D,YAAI,OAAO,GAAG,EAAE,KAAK,MAAM;AAAA,MAC7B,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GARW;AAUX,qBAAY,8BAAO,KAAc,KAAe,SAAuB;AACrE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,MAAwB,IAAI;AAClC,cAAM,KAAK,uBAAuB,QAAQ,QAAQ,GAAG;AACrD,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0DAA0D,CAAC;AAAA,MAC7F,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GATY;AAWZ,qBAAY,8BAAO,KAAc,KAAe,SAAuB;AACrE,UAAI;AACF,cAAM,MAAwB,IAAI;AAClC,cAAM,SAAS,MAAM,KAAK,uBAAuB,QAAQ,GAAG;AAC5D,YAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UACnB,SAAS;AAAA,UACT,GAAG;AAAA,QACL,CAAC;AAAA,MACH,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXY;AAaZ,sBAAa,8BAAO,KAAc,KAAe,SAAuB;AACtE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,MAAwB,IAAI;AAClC,cAAM,KAAK,wBAAwB,QAAQ,QAAQ,GAAG;AACtD,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,2DAA2D,CAAC;AAAA,MAC9F,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GATa;AA1FX,SAAK,eAAe;AACpB,SAAK,gBAAgB;AACrB,SAAK,kBAAkB;AACvB,SAAK,sBAAsB;AAC3B,SAAK,wBAAwB;AAC7B,SAAK,yBAAyB;AAC9B,SAAK,yBAAyB;AAC9B,SAAK,0BAA0B;AAAA,EACjC;AA4FF;AAzH4B;AAArB,IAAM,iBAAN;;;ACjBA,IAAM,sBAAN,MAAM,oBAAmB;AAAA,EAG9B,YAAY,YAA4B;AACtC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAa,QAAQ,KAAc,KAAe,MAAoB;AACpE,QAAI;AACF,YAAM,QAAQ,IAAI,QAAQ,eAAe,MAAM,GAAG,EAAE,CAAC;AAErD,UAAI,CAAC,OAAO;AACV,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0BAA0B,CAAC;AAAA,MACpE;AAEA,YAAM,UAAU,MAAM,KAAK,WAAW,kBAAkB,KAAK;AAE7D,UAAI,CAAC,QAAQ,wBAAwB;AACnC,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UAC1B,SAAS;AAAA,UACT,MAAM;AAAA,UACN,QAAQ,QAAQ;AAAA,QAClB,CAAC;AAAA,MACH;AAEA,UAAI,OAAO,EAAE,GAAG,SAAS,wBAAwB,KAAK;AACtD,WAAK;AAAA,IACP,SAAS,OAAO;AACd,aAAO,IAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACrE;AAAA,EACF;AACF;AA/BgC;AAAzB,IAAM,qBAAN;;;ACHP,SAAS,sBAA+C;AAKjD,IAAM,kBAAN,MAAM,wBACH,eACuC;AAAA,EAC/C,YAAY,YAAoC;AAC9C,UAAM,UAAU;AAAA,EAClB;AAAA,EAEA,MAAM,YAAY,OAA2C;AAC3D,UAAM,QAAQ,KAAK,WAChB,mBAAmB,MAAM,EACzB,kBAAkB,aAAa,MAAM,EACrC,UAAU,eAAe,EACzB,MAAM,uBAAuB,EAAE,MAAM,CAAC;AAEzC,WAAO,MAAM,MAAM,OAAO;AAAA,EAC5B;AAAA,EAEA,MAAM,OAAO,QAA4D;AACvE,WAAO,MAAM,OAAO,MAAM;AAAA,EAC5B;AAAA,EAEA,MAAM,aAAa,QAA4C;AAC7D,UAAM,QAAQ,KAAK,WAChB,mBAAmB,MAAM,EACzB,kBAAkB,aAAa,MAAM,EACrC,UAAU,wBAAwB,EAClC,MAAM,qBAAqB,EAAE,OAAO,CAAC;AAEtC,UAAM,SAAS,MAAM,MAAM,OAAO;AAClC,YAAQ,IAAI,UAAU,MAAM;AAE9B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,OAAO,QAA+B;AAC1C,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,SAAK,eAAe;AACpB,SAAK,KAAK,WAAW;AAErB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,sBAAsB,QAAgB,QAA+B;AACzE,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,SAAK,kBAAkB;AAEvB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,gBAAgB,QAA+B;AACnD,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,QAAI,CAAC,KAAK,iBAAiB;AACzB,YAAM,IAAI,cAAc,2BAA2B;AAAA,IACrD;AAEA,SAAK,mBAAmB;AAExB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,iBAAiB,QAA+B;AACpD,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,SAAK,mBAAmB;AACxB,SAAK,kBAAkB;AAEvB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,mBAAmB,QAAkC;AACzD,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,WAAO,CAAC,CAAC,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,mBAAmB,QAAwC;AAC/D,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,WAAO,KAAK;AAAA,EACd;AACF;AAnGiD;AAF1C,IAAM,iBAAN;;;ACLP,YAAY,SAAS;AAErB,YAAYC,aAAY;AACxB,SAAuB,sBAAAC,2BAA0B;AAiB1C,IAAM,kBAAN,MAAM,gBAAqD;AAAA,EAGhE,YAA6B,YAA4B,QAAqB;AAAjD;AAC3B,SAAK,WAAW,MAAM;AAAA,EACxB;AAAA,EAEA,MAAc,WAAW,QAAqB;AAC5C,UAAM,aAAa,MAAM,qBAAqB;AAE9C,SAAK,YAAY;AAAA,MACf,mBAAmB,WAAW;AAAA,MAC9B,oBAAoB,WAAW;AAAA,MAC/B,mBAAoB,SAAS,WAAW,mBAAmB,EAAE;AAAA,MAC7D,oBAAoB,SAAS,WAAW,oBAAoB,EAAE;AAAA,MAC9D,GAAG;AAAA,IACL;AAEA,SAAK,sBAAsB;AAAA,EAC7B;AAAA,EAEA,MAAM,aAA4B;AAChC,UAAMC,oBAAmB,KAAK,YAAY,UAAQ,KAAK,OAAO,CAAC;AAAA,EACjE;AAAA,EAEQ,wBAA8B;AACpC,QAAI,CAAC,KAAK,WAAW,qBAAqB,CAAC,KAAK,WAAW,oBAAoB;AAC7E,YAAM,IAAI,SAAS,gCAAgC;AAAA,IACrD;AAAA,EACF;AAAA,EAEA,MAAM,aAAa,OAAe,UAA8C;AAC9E,UAAM,OAAO,MAAM,KAAK,WAAW,YAAY,KAAK;AACpD,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,qBAAqB;AAAA,IAC/C;AAEA,UAAM,gBAAgB,MAAa,gBAAQ,UAAU,KAAK,QAAQ;AAClE,QAAI,CAAC,eAAe;AAClB,YAAM,IAAI,eAAe,qBAAqB;AAAA,IAChD;AAEA,WAAO;AAAA,EACT;AAAA,EAEQ,kBAAkB;AACxB,QAAI,CAAC,KAAK,UAAW,OAAM,IAAI,SAAS,uBAAuB;AAAA,EACjE;AAAA,EAEA,oBAAoB,MAA0B;AAC5C,SAAK,gBAAgB;AACrB,WAAW;AAAA,MACT,EAAE,QAAQ,KAAK,IAAI,OAAO,KAAK,OAAO,MAAM,KAAK,KAAK;AAAA,MACtD,KAAK,UAAW;AAAA,MAChB,EAAE,WAAW,KAAK,UAAW,kBAAkB;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,qBAAqB,MAA0B;AAC7C,SAAK,gBAAgB;AACrB,WAAW;AAAA,MACT,EAAE,QAAQ,KAAK,GAAG;AAAA,MAClB,KAAK,UAAW;AAAA,MAChB,EAAE,WAAW,KAAK,UAAW,mBAAmB;AAAA,IAClD;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,OAAe,QAAwC;AACvE,QAAI;AACF,aAAW,WAAO,OAAO,MAAM;AAAA,IACjC,QAAQ;AACN,YAAM,IAAI,kBAAkB;AAAA,IAC9B;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,OAAuC;AAC7D,SAAK,gBAAgB;AACrB,WAAO,KAAK,YAAY,OAAO,KAAK,UAAW,iBAAiB;AAAA,EAClE;AAAA,EAEA,MAAM,mBAAmB,OAAuC;AAC9D,SAAK,gBAAgB;AACrB,WAAO,KAAK,YAAY,OAAO,KAAK,UAAW,kBAAkB;AAAA,EACnE;AACF;AApFkE;AAA3D,IAAM,iBAAN;;;ACpBP,YAAY,eAAe;AAC3B,YAAY,YAAY;AAIjB,IAAM,oBAAN,MAAM,kBAAyC;AAAA,EASpD,YAAY,QAAiB;AAP7B,SAAQ,cAAuB;AAQ7B,SAAK,SAAS;AAEd,SAAK,kBAAkB;AAAA,MACrB,aAAa,SAAS,OAAO,WAAW,KAAK;AAAA,MAC7C,cAAc,SAAS,OAAO,YAAY,KAAK;AAAA,MAC/C,eAAe;AAAA,QACb,sBAAsB;AAAA,QACtB,QAAQ;AAAA,QACR,OAAO;AAAA,QACP,OAAO;AAAA,UACL,MAAM;AAAA,UACN,OAAO;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,KAAK,YAAa;AAEtB,QAAI;AACF,WAAK,sBAAsB;AAC3B,WAAK,cAAc;AAAA,IACrB,SAAS,OAAO;AACd,cAAQ,MAAM,2CAA2C,KAAK;AAC9D,YAAM,IAAI,MAAM,uCAAuC;AAAA,IACzD;AAAA,EACF;AAAA,EAEQ,wBAA8B;AACpC,QAAI,CAAC,KAAK,OAAO,UAAU,KAAK,GAAG;AACjC,YAAM,IAAI,MAAM,yDAAyD;AAAA,IAC3E;AAEA,QAAI,KAAK,gBAAgB,eAAe,IAAI;AAC1C,YAAM,IAAI,MAAM,8CAA8C;AAAA,IAChE;AAEA,QAAI,KAAK,gBAAgB,cAAc,KAAK,KAAK,gBAAgB,cAAc,GAAG;AAChF,YAAM,IAAI,MAAM,mDAAmD;AAAA,IACrE;AAAA,EACF;AAAA,EAEQ,oBAA0B;AAChC,QAAI,CAAC,KAAK,aAAa;AACrB,YAAM,IAAI,MAAM,iDAAiD;AAAA,IACnE;AAAA,EACF;AAAA,EAEO,eAAe,OAAuD;AAC3E,SAAK,kBAAkB;AAEvB,QAAI;AACF,YAAM,YAAsB,yBAAe;AAAA,QACzC,QAAQ,KAAK,gBAAgB;AAAA,QAC7B,MAAM,GAAG,KAAK,OAAO,QAAQ,IAAI,KAAK;AAAA,QACtC,QAAQ,KAAK,OAAO;AAAA,MACtB,CAAC;AAED,aAAO;AAAA,QACL,QAAQ,UAAU;AAAA,QAClB,YAAY,UAAU,eAAe;AAAA,MACvC;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,gCAAgC,KAAK;AACnD,YAAM,IAAI,MAAM,+BAA+B;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,MAAa,eAAe,YAAqC;AAC/D,SAAK,kBAAkB;AAEvB,QAAI;AACF,aAAO,MAAa,iBAAU,YAAY,KAAK,gBAAgB,aAAa;AAAA,IAC9E,SAAS,OAAO;AACd,cAAQ,MAAM,8BAA8B,KAAK;AACjD,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAAA,EACF;AAAA,EAEO,YAAY,OAAe,QAAyB;AACzD,SAAK,kBAAkB;AAEvB,QAAI;AACF,aAAiB,eAAK,OAAO;AAAA,QAC3B;AAAA,QACA,UAAU;AAAA,QACV;AAAA,QACA,QAAQ,KAAK,gBAAgB;AAAA,MAC/B,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,8BAA8B,KAAK;AACjD,YAAM,IAAI,MAAM,4BAA4B;AAAA,IAC9C;AAAA,EACF;AACF;AAzGsD;AAA/C,IAAM,mBAAN;;;AlBeP,eAAe,oBAAoB,UAAwB;AACzD,QAAM,YAAY,IAAI,cAAc,EAAE,SAAS,CAAC;AAEhD,QAAM,iBAAiB,IAAI;AAAA,IACzB,SAAS,cAAcC,WAAU;AAAA,EACnC;AACA,YAAU,mBAA+B,kBAAkB,cAAc;AAEzE,QAAM,iBAAiB,IAAI,eAAe,cAAc;AACxD,YAAU,gBAAgB,kBAAkB,cAAc;AAE1D,QAAM,aAAa,MAAM,qBAAqB;AAE9C,QAAM,mBAAmB,IAAI,iBAAiB,UAAU;AACxD,YAAU,gBAAgB,oBAAoB,gBAAgB;AAE9D,QAAM,qBAAqB,IAAI,mBAAmB,cAAc;AAEhE,QAAM,eAAe,IAAI,aAAa,gBAAgB,cAAc;AACpE,QAAM,gBAAgB,IAAI,cAAc,cAAc;AACtD,QAAM,kBAAkB,IAAI,gBAAgB,cAAc;AAC1D,QAAM,sBAAsB,IAAI;AAAA,IAC9B;AAAA,IACA;AAAA,EACF;AAEA,QAAM,wBAAwB,IAAI,sBAAsB,kBAAkB,cAAc;AACxF,QAAM,yBAAyB,IAAI,uBAAuB,kBAAkB,cAAc;AAC1F,QAAM,yBAAyB,IAAI;AAAA,IACjC;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACA,QAAM,0BAA0B,IAAI,wBAAwB,kBAAkB,cAAc;AAE5F,YAAU,gBAAgB,gBAAgB,YAAY;AACtD,YAAU,gBAAgB,iBAAiB,aAAa;AACxD,YAAU,gBAAgB,mBAAmB,eAAe;AAC5D,YAAU,gBAAgB,uBAAuB,mBAAmB;AACpE,YAAU,gBAAgB,yBAAyB,qBAAqB;AACxE,YAAU,gBAAgB,0BAA0B,sBAAsB;AAC1E,YAAU,gBAAgB,0BAA0B,sBAAsB;AAC1E,YAAU,gBAAgB,2BAA2B,uBAAuB;AAE5E,QAAM,iBAAiB,IAAI;AAAA,IACzB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,SAAO,EAAE,WAAW,gBAAgB,mBAAmB;AACzD;AAxDe;","names":["AuthEntity","UserEntity","UserRole","AuthEntity","mapper","AuthEntity","UserRole","UserEntity","validateRepository","validateRepository","validateRepository","bcrypt","AuthEntity","UserEntity","UserRole","validateRepository","UserRole","AuthEntity","UserEntity","validateRepository","validateRepository","validateRepository","validateRepository","validateRepository","validateRepository","validateRepository","validateRepository","bcrypt","validateRepository","validateRepository","AuthEntity"]}
|
|
1
|
+
{"version":3,"sources":["../src/application/config/ConfigManager.ts","../src/utils/Errors.ts","../src/application/service/utils/configInstance.ts","../src/infrastructure/container/createAuthContainer.ts","../src/application/useCase/LoginUseCase.ts","../src/application/dtos/UserDTO.ts","../src/application/validators/authValidation.ts","../src/application/mappers/utils/mapper.ts","../src/application/mappers/createUserMappings.ts","../src/application/dtos/RegisterDTO.ts","../src/application/useCase/LogoutUseCase.ts","../src/application/useCase/RegisterUseCase.ts","../src/application/useCase/RefreshTokenUseCase.ts","../src/application/useCase/TwoFactorSetupUseCase.ts","../src/application/useCase/TwoFactorEnableUseCase.ts","../src/application/useCase/TwoFactorVerifyUseCase.ts","../src/application/useCase/TwoFactorDisableUseCase.ts","../src/presentation/controller/AuthController.ts","../src/presentation/middleware/RequireComplete2FA.ts","../src/infrastructure/repository/AuthRepository.ts","../src/infrastructure/services/JwtAuthService.ts","../src/infrastructure/services/TwoFactorService.ts"],"sourcesContent":["import { EventEmitter } from \"events\";\r\nimport { IConfig, ConfigSource } from \"../../domain/interfaces/configTypes\";\r\nimport { ConfigNotFoundException } from \"../../utils/Errors\";\r\n\r\nexport class ConfigManager extends EventEmitter {\r\n private config?: IConfig;\r\n private configSource?: ConfigSource;\r\n\r\n setConfigSource(source: ConfigSource): void {\r\n this.configSource = source;\r\n }\r\n\r\n setConfig(cfg: IConfig): void {\r\n this.config = { ...cfg };\r\n this.emit(\"configAvailable\", this.config);\r\n }\r\n\r\n getConfig(): IConfig | undefined {\r\n return this.config;\r\n }\r\n\r\n async loadConfig(): Promise<IConfig> {\r\n if (!this.configSource) {\r\n throw new ConfigNotFoundException(\"Config source not set\");\r\n }\r\n try {\r\n const config = await this.configSource();\r\n this.setConfig(config);\r\n return config;\r\n } catch (error) {\r\n throw new ConfigNotFoundException(\"Error loading configuration\");\r\n }\r\n }\r\n}\r\n\r\nexport const configManager = new ConfigManager();\r\n","export class AppError extends Error {\r\n constructor(\r\n public message: string,\r\n public statusCode: number = 500,\r\n public name: string = \"AppError\"\r\n ) {\r\n super(message);\r\n Object.setPrototypeOf(this, new.target.prototype);\r\n Error.captureStackTrace(this);\r\n }\r\n}\r\n\r\nexport class ValidationError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"ValidationError\";\r\n }\r\n}\r\n\r\nexport class ConfigNotFoundException extends AppError {\r\n constructor(message: string) {\r\n super(message);\r\n this.name = \"ConfigNotFoundException\";\r\n }\r\n}\r\n\r\nexport class NotFoundError extends AppError {\r\n constructor(message: string) {\r\n super(message, 404, \"UserNotFoundError\");\r\n }\r\n}\r\n\r\nexport class ForbiddenError extends AppError {\r\n constructor(message: string = \"Forbidden access\") {\r\n super(message, 403);\r\n this.name = \"ForbiddenError\";\r\n }\r\n}\r\n\r\nexport class UnauthorizedError extends AppError {\r\n constructor(message: string = \"Unauthorized access\") {\r\n super(message, 401);\r\n this.name = \"UnauthorizedError\";\r\n }\r\n}\r\n\r\nexport class JwtError extends AppError {\r\n constructor(message: string) {\r\n super(message, 401);\r\n this.name = \"JwtError\";\r\n }\r\n}\r\n\r\nexport class RegistrationError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"RegistrationError\";\r\n }\r\n}\r\n\r\nexport class TwoFactorError extends AppError {\r\n constructor(message: string) {\r\n super(message, 400);\r\n this.name = \"TwoFactorERROR\";\r\n }\r\n}","import { configManager } from \"../../config/ConfigManager\";\r\nimport { IConfig, ConfigSource } from \"../../../domain/interfaces/configTypes\";\r\n\r\nexport const authConfig = (configSource: ConfigSource): void => {\r\n configManager.setConfigSource(configSource);\r\n};\r\n\r\nexport const createConfigInstance = async (): Promise<IConfig> => {\r\n return configManager.getConfig() ?? (await configManager.loadConfig());\r\n};\r\n","import { BaseContainer, BaseDatabase } from \"cca-core\";\r\nimport { AuthEntity } from \"cca-entities\";\r\n\r\nimport { LoginUseCase } from \"../../application/useCase/LoginUseCase\";\r\nimport { LogoutUseCase } from \"../../application/useCase/LogoutUseCase\";\r\nimport { RegisterUseCase } from \"../../application/useCase/RegisterUseCase\";\r\nimport { RefreshTokenUseCase } from \"../../application/useCase/RefreshTokenUseCase\";\r\nimport { TwoFactorSetupUseCase } from \"../../application/useCase/TwoFactorSetupUseCase\";\r\nimport { TwoFactorEnableUseCase } from \"../../application/useCase/TwoFactorEnableUseCase\";\r\nimport { TwoFactorVerifyUseCase } from \"../../application/useCase/TwoFactorVerifyUseCase\";\r\nimport { TwoFactorDisableUseCase } from \"../../application/useCase/TwoFactorDisableUseCase\";\r\n\r\nimport { AuthController } from \"../../presentation/controller/AuthController\";\r\nimport { RequireComplete2FA } from \"../../presentation/middleware/RequireComplete2FA\";\r\n\r\nimport { AuthRepository } from \"../repository/AuthRepository\";\r\nimport { JwtAuthService } from \"../services/JwtAuthService\";\r\nimport { TwoFactorService } from \"../services/TwoFactorService\";\r\nimport { createConfigInstance } from \"../../application/service/utils/configInstance\";\r\n\r\nasync function createAuthContainer(database: BaseDatabase) {\r\n const container = new BaseContainer({ database });\r\n\r\n const authRepository = new AuthRepository(\r\n database.getRepository(AuthEntity)\r\n );\r\n container.registerRepository<AuthEntity>(\"AuthRepository\", authRepository);\r\n\r\n const jwtAuthService = new JwtAuthService(authRepository);\r\n container.registerService(\"JwtAuthService\", jwtAuthService);\r\n\r\n const configData = await createConfigInstance();\r\n\r\n const twoFactorService = new TwoFactorService(configData);\r\n container.registerService(\"TwoFactorService\", twoFactorService);\r\n\r\n const requireComplete2FA = new RequireComplete2FA(jwtAuthService);\r\n\r\n const loginUseCase = new LoginUseCase(authRepository, jwtAuthService);\r\n const logoutUseCase = new LogoutUseCase(authRepository);\r\n const registerUseCase = new RegisterUseCase(authRepository);\r\n const refreshTokenUseCase = new RefreshTokenUseCase(\r\n authRepository,\r\n jwtAuthService\r\n );\r\n\r\n const twoFactorSetupUseCase = new TwoFactorSetupUseCase(twoFactorService, authRepository);\r\n const twoFactorEnableUseCase = new TwoFactorEnableUseCase(twoFactorService, authRepository);\r\n const twoFactorVerifyUseCase = new TwoFactorVerifyUseCase(\r\n twoFactorService,\r\n authRepository,\r\n jwtAuthService\r\n );\r\n const twoFactorDisableUseCase = new TwoFactorDisableUseCase(twoFactorService, authRepository);\r\n\r\n container.registerService(\"LoginUseCase\", loginUseCase);\r\n container.registerService(\"LogoutUseCase\", logoutUseCase);\r\n container.registerService(\"RegisterUseCase\", registerUseCase);\r\n container.registerService(\"RefreshTokenUseCase\", refreshTokenUseCase);\r\n container.registerService(\"TwoFactorSetupUseCase\", twoFactorSetupUseCase);\r\n container.registerService(\"TwoFactorEnableUseCase\", twoFactorEnableUseCase);\r\n container.registerService(\"TwoFactorVerifyUseCase\", twoFactorVerifyUseCase);\r\n container.registerService(\"TwoFactorDisableUseCase\", twoFactorDisableUseCase);\r\n\r\n const authController = new AuthController(\r\n loginUseCase,\r\n logoutUseCase,\r\n registerUseCase,\r\n refreshTokenUseCase,\r\n twoFactorSetupUseCase,\r\n twoFactorEnableUseCase,\r\n twoFactorVerifyUseCase,\r\n twoFactorDisableUseCase\r\n );\r\n\r\n return { container, authController, requireComplete2FA };\r\n}\r\n\r\nexport { createAuthContainer };","import { IBaseService, validateRepository } from \"cca-core\";\r\nimport { AuthEntity, UserEntity, UserRole } from \"cca-entities\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\nimport { JwtAuthService } from \"../../infrastructure/services/JwtAuthService\";\r\nimport { UserDTO } from \"../dtos/UserDTO\";\r\nimport { LoginDTO } from \"../dtos/LoginDTO\";\r\nimport { validateAdminSecret, validateLoginDTO } from \"../validators/authValidation\";\r\nimport { mapper } from \"../mappers/utils/mapper\";\r\n\r\ninterface TokenPair {\r\n accessToken: string;\r\n refreshToken: string;\r\n}\r\n\r\ninterface LoginResponse {\r\n token: TokenPair;\r\n user: UserDTO;\r\n}\r\n\r\nexport class LoginUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly authService: JwtAuthService;\r\n\r\n constructor(\r\n repository: AuthRepository,\r\n authService: JwtAuthService\r\n ) {\r\n this.repository = repository;\r\n this.authService = authService\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(loginDTO: LoginDTO, adminPassword?: string): Promise<LoginResponse> {\r\n const auth = await this.validateLogin(loginDTO, adminPassword);\r\n const token = await this.handleAuthentication(auth);\r\n const userDTO = this.mapUserToDTO(auth.user);\r\n\r\n return { token, user: userDTO };\r\n }\r\n\r\n private async validateLogin(\r\n loginDTO: LoginDTO,\r\n adminPassword?: string\r\n ): Promise<AuthEntity> {\r\n const auth = await validateLoginDTO(loginDTO, this.repository);\r\n\r\n if (loginDTO.role === UserRole.ADMIN && adminPassword) {\r\n await validateAdminSecret(adminPassword);\r\n }\r\n\r\n return auth;\r\n }\r\n\r\n private async handleAuthentication(auth: AuthEntity): Promise<TokenPair> {\r\n const token = this.generateTokens(auth);\r\n await this.updateUserStatus(auth);\r\n await this.updateUserRefreshToken(auth, token.refreshToken);\r\n\r\n return token;\r\n }\r\n\r\n private generateTokens(auth: AuthEntity): TokenPair {\r\n return {\r\n accessToken: this.authService.generateAccessToken(auth.user),\r\n refreshToken: this.authService.generateRefreshToken(auth.user)\r\n };\r\n }\r\n\r\n private async updateUserStatus(auth: AuthEntity): Promise<void> {\r\n auth.user.lastLoginAt = new Date();\r\n auth.user.isActive = true;\r\n await this.repository.update(auth.id, auth);\r\n }\r\n\r\n private async updateUserRefreshToken(\r\n auth: AuthEntity,\r\n refreshToken: string\r\n ): Promise<void> {\r\n auth.refreshToken = refreshToken;\r\n await this.repository.update(auth.id, { refreshToken });\r\n }\r\n\r\n private mapUserToDTO(user: UserEntity): UserDTO {\r\n return mapper.map(user, UserEntity, UserDTO);\r\n }\r\n}","import { AutoMap } from \"@automapper/classes\";\r\nimport { UserRole } from \"cca-entities\";\r\n\r\nexport class UserDTO {\r\n @AutoMap()\r\n id!: string;\r\n\r\n @AutoMap()\r\n name!: string;\r\n\r\n @AutoMap()\r\n email!: string;\r\n\r\n @AutoMap()\r\n role!: UserRole;\r\n\r\n adminPassword?: string;\r\n}","import * as yup from \"yup\";\r\nimport { AuthEntity, UserRole } from \"cca-entities\";\r\nimport bcrypt from \"bcrypt\";\r\n\r\nimport {\r\n ForbiddenError,\r\n NotFoundError,\r\n ValidationError,\r\n} from \"../../utils/Errors\";\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nimport { RegisterDTO } from \"../dtos/RegisterDTO\";\r\nimport { LoginDTO } from \"../dtos/LoginDTO\";\r\nimport { createConfigInstance } from \"../service/utils/configInstance\";\r\n\r\nconst schemas = {\r\n id: yup.string().uuid(\"Invalid user ID format\"),\r\n email: yup\r\n .string()\r\n .email(\"Invalid email format\")\r\n .max(255, \"Email cannot exceed 255 characters\"),\r\n name: yup\r\n .string()\r\n .required(\"Name is required\")\r\n .min(2, \"Name must be at least 2 characters long\")\r\n .max(50, \"Name cannot exceed 50 characters\")\r\n .matches(/^[a-zA-Z\\s]+$/, \"Name must only contain letters and spaces\"),\r\n password: yup\r\n .string()\r\n .required(\"Password required\")\r\n .min(8, \"Password too short\")\r\n .max(100, \"Password too long\")\r\n .matches(\r\n /^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[@$!%*?&])[A-Za-z\\d@$!%*?&]/,\r\n \"Password must contain uppercase, lowercase, number and special character\"\r\n ),\r\n role: yup\r\n .string()\r\n .required(\"Role is required\")\r\n .oneOf(Object.values(UserRole), \"Invalid role specified\"),\r\n};\r\n\r\nexport const validateEmail = async (\r\n email: string,\r\n repository: AuthRepository\r\n): Promise<AuthEntity> => {\r\n try {\r\n await schemas.email.validate(email?.trim().toLowerCase());\r\n const user = await repository.findByEmail(email);\r\n if (!user) {\r\n throw new NotFoundError(\r\n \"The email address or password is incorrect. Please retry\"\r\n );\r\n }\r\n return user;\r\n } catch (error: any) {\r\n throw new ValidationError(error.message || \"Invalid email format\");\r\n }\r\n};\r\n\r\nexport const validatePassword = async (password?: string): Promise<void> => {\r\n if (password) {\r\n try {\r\n await schemas.password.validate(password);\r\n } catch (error: any) {\r\n throw new ValidationError(error.message || \"Invalid password format\");\r\n }\r\n }\r\n};\r\n\r\nexport const validateEmailUniqueness = async (\r\n repository: AuthRepository,\r\n email: string,\r\n excludeUserId?: string\r\n): Promise<void> => {\r\n try {\r\n await schemas.email.validate(email?.trim().toLowerCase());\r\n\r\n const existingUser = await repository.findByEmail(email);\r\n\r\n if (!existingUser) return;\r\n if (existingUser.id === excludeUserId) return;\r\n\r\n throw new ValidationError(`Email ${email} is already in use.`);\r\n } catch (error: any) {\r\n if (error instanceof ValidationError) {\r\n throw error;\r\n }\r\n throw new ValidationError(\"user email validation failed\");\r\n }\r\n};\r\n\r\nexport const validateRegisterDTO = async (\r\n auth: RegisterDTO,\r\n repository: AuthRepository\r\n): Promise<void> => {\r\n const { name, email, role, password } = auth;\r\n\r\n await Promise.all([\r\n schemas.name.validate(name),\r\n schemas.role.validate(role),\r\n validateEmailUniqueness(repository, email),\r\n validatePassword(password),\r\n ]);\r\n};\r\n\r\nexport const validateLoginDTO = async (\r\n data: LoginDTO,\r\n repository: AuthRepository\r\n): Promise<AuthEntity> => {\r\n const { email, role, password } = data;\r\n\r\n await Promise.all([schemas.role.validate(role), schemas.password.validate(password)]);\r\n\r\n const auth = await validateEmail(email, repository);\r\n if (!auth || !auth.password) {\r\n throw new NotFoundError(\"Invalid credentials\");\r\n }\r\n\r\n const isMatch = await bcrypt.compare(password, auth.password);\r\n if (!isMatch) {\r\n throw new ForbiddenError(\"Invalid credentials\");\r\n }\r\n\r\n return auth;\r\n};\r\n\r\nexport const validateAdminSecret = async (\r\n secretPassword?: string\r\n): Promise<void> => {\r\n if (!secretPassword) {\r\n throw new ValidationError(\"Admin password is required\");\r\n }\r\n\r\n try {\r\n const config = await createConfigInstance();\r\n\r\n if (!config.adminSecretPassword) {\r\n throw new ValidationError(\"ADMIN_SECRET_PASSWORD not found in config\");\r\n }\r\n\r\n if (parseInt(secretPassword) !== parseInt(config.adminSecretPassword)) {\r\n throw new ValidationError(\"Invalid admin password\");\r\n }\r\n } catch (error) {\r\n if (error instanceof ValidationError) {\r\n throw error;\r\n }\r\n throw new ValidationError(\"Error validating admin password\");\r\n }\r\n};\r\n","import { createMapper } from '@automapper/core';\r\nimport { classes } from '@automapper/classes';\r\n\r\nimport { createUserMappings } from '../createUserMappings';\r\n\r\nexport const mapper = createMapper({\r\n strategyInitializer: classes(),\r\n});\r\n\r\ncreateUserMappings(mapper);\r\n","import { Mapper, createMap, forMember, mapFrom } from '@automapper/core';\r\nimport { AuthEntity, UserEntity } from 'cca-entities';\r\n\r\nimport { RegisterDTO } from '../dtos/RegisterDTO';\r\nimport { UserDTO } from '../dtos/UserDTO';\r\n\r\nexport function createUserMappings(mapper: Mapper): void {\r\n createMap(\r\n mapper, \r\n RegisterDTO,\r\n AuthEntity,\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.password, mapFrom(src => src.password)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n\r\n createMap(\r\n mapper, \r\n RegisterDTO,\r\n UserEntity,\r\n forMember(dest => dest.name, mapFrom(src => src.name)),\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n\r\n createMap(\r\n mapper,\r\n UserEntity,\r\n UserDTO,\r\n forMember(dest => dest.id, mapFrom(src => src.id)),\r\n forMember(dest => dest.name, mapFrom(src => src.name)),\r\n forMember(dest => dest.email, mapFrom(src => src.email)),\r\n forMember(dest => dest.role, mapFrom(src => src.role)));\r\n}","import { UserRole } from \"cca-entities\";\r\n\r\nexport class RegisterDTO {\r\n email!: string;\r\n name!: string;\r\n password!: string;\r\n role!: UserRole;\r\n adminPassword?: string;\r\n}\r\n","import { IBaseService, validateRepository } from \"cca-core\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\nimport { NotFoundError } from \"../../utils/Errors\";\r\n\r\n\r\nexport class LogoutUseCase implements IBaseService {\r\n private readonly repository: AuthRepository\r\n\r\n constructor(repository: AuthRepository) {\r\n this.repository = repository;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(authId: string): Promise<void> {\r\n try {\r\n await this.repository.logout(authId);\r\n } catch (error) {\r\n new NotFoundError(\"Auth not found\");\r\n }\r\n }\r\n}","import { IBaseService, validateRepository } from \"cca-core\";\r\nimport * as bcrypt from \"bcrypt\";\r\nimport { AuthEntity, UserEntity, UserRole } from \"cca-entities\";\r\n\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nimport { mapper } from \"../mappers/utils/mapper\";\r\nimport { RegisterDTO } from \"../dtos/RegisterDTO\";\r\nimport { validateAdminSecret, validateRegisterDTO } from \"../validators/authValidation\";\r\nimport { RegistrationError } from \"../../utils/Errors\";\r\n\r\nexport class RegisterUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly SALT_ROUNDS = 10;\r\n\r\n constructor(repository: AuthRepository) {\r\n this.repository = repository;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n public async execute(\r\n email: string,\r\n name: string,\r\n password: string,\r\n role: UserRole = UserRole.GUEST,\r\n adminPassword?: string\r\n ): Promise<AuthEntity | undefined> {\r\n try {\r\n\r\n const normalizedDTO = this.normalizeAuthDTO({\r\n email,\r\n name,\r\n password,\r\n role,\r\n adminPassword\r\n });\r\n\r\n if (role === UserRole.ADMIN && adminPassword) {\r\n await validateAdminSecret(adminPassword);\r\n }\r\n\r\n await validateRegisterDTO(normalizedDTO, this.repository);\r\n\r\n const hashedPassword = await this.hashPassword(normalizedDTO.password);\r\n const authEntity = await this.createAuthEntity(\r\n normalizedDTO,\r\n hashedPassword\r\n );\r\n\r\n return await this.repository.create(authEntity);\r\n } catch (error: any) {\r\n throw new RegistrationError(`Registration failed: ${error.message}`);\r\n }\r\n }\r\n\r\n private normalizeAuthDTO(dto: RegisterDTO): RegisterDTO {\r\n return {\r\n name: dto.name.trim(),\r\n email: dto.email.trim().toLowerCase(),\r\n role: dto.role,\r\n password: dto.password.trim(),\r\n adminPassword: dto.adminPassword?.trim()\r\n };\r\n }\r\n\r\n private async hashPassword(password: string): Promise<string> {\r\n return await bcrypt.hash(password, this.SALT_ROUNDS);\r\n }\r\n\r\n private async createAuthEntity(dto: RegisterDTO, hashedPassword: string): Promise<AuthEntity> {\r\n const authEntity = mapper.map(dto, RegisterDTO, AuthEntity);\r\n const userEntity = mapper.map(dto, RegisterDTO, UserEntity);\r\n\r\n authEntity.password = hashedPassword;\r\n authEntity.refreshToken = \"\";\r\n authEntity.user = userEntity;\r\n authEntity.user.updatedAt = null as any;\r\n\r\n return authEntity;\r\n }\r\n}\r\n","import { IBaseService, validateRepository } from \"cca-core\";\r\n\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\n\r\nimport { JwtAuthService } from \"../../infrastructure/services/JwtAuthService\";\r\nimport { AuthRepository } from \"../../infrastructure/repository/AuthRepository\";\r\n\r\nexport class RefreshTokenUseCase implements IBaseService {\r\n private readonly repository: AuthRepository;\r\n private readonly service: JwtAuthService;\r\n\r\n constructor(repository: AuthRepository, service: JwtAuthService) {\r\n this.repository = repository;\r\n this.service = service;\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n await validateRepository(this.repository, (repo: AuthRepository) => repo.getAll());\r\n }\r\n\r\n async execute(\r\n refreshToken: string\r\n ): Promise<{ accessToken: string; refreshToken: string } | null> {\r\n try {\r\n const decoded = await this.service.verifyRefreshToken(refreshToken);\r\n\r\n const auth = decoded.userId\r\n ? await this.repository.findById(decoded.userId)\r\n : null;\r\n\r\n if (!auth || auth.refreshToken !== refreshToken) {\r\n return null;\r\n }\r\n\r\n const accessToken = this.service.generateAccessToken(auth.user);\r\n const newRefreshToken = this.service.generateRefreshToken(auth.user);\r\n\r\n await this.repository.update(auth.id, {\r\n refreshToken: newRefreshToken,\r\n });\r\n\r\n return { accessToken, refreshToken: newRefreshToken };\r\n } catch (error) {\r\n return null;\r\n }\r\n }\r\n\r\n async verityToken(token: string): Promise<IDecodedToken> {\r\n return await this.service.verifyAccessToken(token);\r\n }\r\n}\r\n","import { IBaseService } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorSetupResponse } from '../../domain/interfaces/ITwoFactorSetupResponse';\r\n\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorSetupUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize()\r\n ]);\r\n \r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string): Promise<ITwoFactorSetupResponse> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const user = await this.authRepository.findByUserId(userId);\r\n \r\n if (!user) {\r\n throw new TwoFactorError('User not found');\r\n }\r\n \r\n if (user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is already enabled');\r\n }\r\n \r\n const { secret, otpAuthUrl } = this.twoFactorService.generateSecret(user.email);\r\n const qrCodeUrl = await this.twoFactorService.generateQRCode(otpAuthUrl);\r\n \r\n await this.authRepository.updateTwoFactorSecret(userId, secret);\r\n \r\n return { secret, otpAuthUrl, qrCodeUrl };\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorEnable } from '../../domain/interfaces/ITwoFactorEnable';\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorEnableUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n \r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n \r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string, dto: ITwoFactorEnable): Promise<void> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { token } = dto;\r\n \r\n if (!token) {\r\n throw new TwoFactorError('Token is required');\r\n }\r\n \r\n const user = await this.authRepository.findByUserId(userId); \r\n \r\n if (!user || !user.twoFactorSecret) {\r\n throw new TwoFactorError('Please set up two-factor authentication first');\r\n }\r\n \r\n if (user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is already enabled');\r\n }\r\n \r\n const isValid = this.twoFactorService.verifyToken(token, user.twoFactorSecret);\r\n \r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n \r\n await this.authRepository.enableTwoFactor(user);\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { JwtAuthService } from '../../infrastructure/services/JwtAuthService';\r\nimport { ITwoFactorVerify } from '../../domain/interfaces/ITwoFactorVerify';\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorVerifyUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private jwtService: JwtAuthService;\r\n private isInitialized = false;\r\n\r\n constructor(\r\n twoFactorService: TwoFactorService,\r\n authRepository: AuthRepository,\r\n jwtService: JwtAuthService\r\n ) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n this.jwtService = jwtService;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n\r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n this.jwtService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n4\r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(dto: ITwoFactorVerify): Promise<{ token: string; refreshToken: string }> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { userId, token } = dto;\r\n\r\n if (!userId || !token) {\r\n throw new TwoFactorError('user ID and token are required');\r\n }\r\n\r\n const auth = await this.authRepository.findByUserId(userId);\r\n\r\n console.log(\"auth\", auth);\r\n \r\n\r\n if (!auth || !auth.twoFactorSecret || !auth.twoFactorEnabled) {\r\n throw new TwoFactorError('Invalid request');\r\n }\r\n\r\n const isValid = this.twoFactorService.verifyToken(token, auth.twoFactorSecret);\r\n\r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n\r\n return {\r\n token: this.jwtService.generateAccessToken(auth.user),\r\n refreshToken: this.jwtService.generateRefreshToken(auth.user)\r\n }\r\n }\r\n}","import { IBaseService, validateRepository } from 'cca-core';\r\n\r\nimport { TwoFactorService } from '../../infrastructure/services/TwoFactorService';\r\nimport { AuthRepository } from '../../infrastructure/repository/AuthRepository';\r\nimport { ITwoFactorEnable } from '../../domain/interfaces/ITwoFactorEnable';\r\n\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorDisableUseCase implements IBaseService{\r\n private twoFactorService: TwoFactorService;\r\n private authRepository: AuthRepository;\r\n private isInitialized = false;\r\n\r\n constructor(twoFactorService: TwoFactorService, authRepository: AuthRepository) {\r\n this.twoFactorService = twoFactorService;\r\n this.authRepository = authRepository;\r\n }\r\n async initialize(): Promise<void> {\r\n if (this.isInitialized) return;\r\n \r\n await Promise.all([\r\n this.twoFactorService.initialize(),\r\n validateRepository(this.authRepository, repo => repo.getAll())\r\n ]);\r\n4\r\n this.isInitialized = true;\r\n }\r\n\r\n async execute(userId: string, dto: ITwoFactorEnable): Promise<void> {\r\n if (!this.isInitialized) {\r\n await this.initialize();\r\n }\r\n \r\n const { token } = dto;\r\n \r\n const user = await this.authRepository.findByUserId(userId);\r\n \r\n if (!user || !user.twoFactorSecret || !user.twoFactorEnabled) {\r\n throw new TwoFactorError('Two-factor authentication is not enabled');\r\n }\r\n \r\n const isValid = this.twoFactorService.verifyToken(token, user.twoFactorSecret);\r\n \r\n if (!isValid) {\r\n throw new TwoFactorError('Invalid verification code');\r\n }\r\n \r\n await this.authRepository.disableTwoFactor(user);\r\n }\r\n}","import { NextFunction, Request, Response } from \"express\";\r\n\r\nimport { LoginDTO } from \"../../application/dtos/LoginDTO\";\r\nimport { RegisterDTO } from \"../../application/dtos/RegisterDTO\";\r\n\r\nimport { RegisterUseCase } from \"../../application/useCase/RegisterUseCase\";\r\nimport { LoginUseCase } from \"../../application/useCase/LoginUseCase\";\r\nimport { LogoutUseCase } from \"../../application/useCase/LogoutUseCase\";\r\nimport { RefreshTokenUseCase } from \"../../application/useCase/RefreshTokenUseCase\";\r\nimport { TwoFactorSetupUseCase } from \"../../application/useCase/TwoFactorSetupUseCase\";\r\nimport { TwoFactorEnableUseCase } from \"../../application/useCase/TwoFactorEnableUseCase\";\r\nimport { TwoFactorVerifyUseCase } from \"../../application/useCase/TwoFactorVerifyUseCase\";\r\nimport { TwoFactorDisableUseCase } from \"../../application/useCase/TwoFactorDisableUseCase\";\r\n\r\nimport { IRefreshTokenRequest } from \"../../domain/interfaces/IRefreshTokenRequest\";\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\nimport { ITwoFactorEnable } from \"../../domain/interfaces/ITwoFactorEnable\";\r\nimport { ITwoFactorVerify } from \"../../domain/interfaces/ITwoFactorVerify\";\r\n\r\n\r\nexport class AuthController {\r\n private readonly loginUseCase: LoginUseCase;\r\n private readonly logoutUseCase: LogoutUseCase;\r\n private readonly registerUseCase: RegisterUseCase;\r\n private readonly refreshTokenUseCase: RefreshTokenUseCase;\r\n\r\n private twoFactorSetupUseCase: TwoFactorSetupUseCase;\r\n private twoFactorEnableUseCase: TwoFactorEnableUseCase;\r\n private twoFactorVerifyUseCase: TwoFactorVerifyUseCase;\r\n private twoFactorDisableUseCase: TwoFactorDisableUseCase;\r\n\r\n constructor(\r\n loginUseCase: LoginUseCase,\r\n logoutUseCase: LogoutUseCase,\r\n registerUseCase: RegisterUseCase,\r\n refreshTokenUseCase: RefreshTokenUseCase,\r\n twoFactorSetupUseCase: TwoFactorSetupUseCase,\r\n twoFactorEnableUseCase: TwoFactorEnableUseCase,\r\n twoFactorVerifyUseCase: TwoFactorVerifyUseCase,\r\n twoFactorDisableUseCase: TwoFactorDisableUseCase\r\n ) {\r\n this.loginUseCase = loginUseCase;\r\n this.logoutUseCase = logoutUseCase;\r\n this.registerUseCase = registerUseCase;\r\n this.refreshTokenUseCase = refreshTokenUseCase;\r\n this.twoFactorSetupUseCase = twoFactorSetupUseCase;\r\n this.twoFactorEnableUseCase = twoFactorEnableUseCase;\r\n this.twoFactorVerifyUseCase = twoFactorVerifyUseCase;\r\n this.twoFactorDisableUseCase = twoFactorDisableUseCase;\r\n }\r\n\r\n login = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const { adminPassword, ...loginDTO }: LoginDTO = req.body;\r\n const result = await this.loginUseCase.execute(loginDTO, adminPassword);\r\n res.status(201).json(result);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n logout = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction\r\n ): Promise<void> => {\r\n try {\r\n await this.logoutUseCase.execute(req.params.id);\r\n res.status(200).json({ message: 'Logged out successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n register = async (\r\n req: Request,\r\n res: Response,\r\n next: NextFunction\r\n ): Promise<void> => {\r\n try {\r\n const { email, name, password, role, adminPassword }: RegisterDTO = req.body;\r\n await this.registerUseCase.execute(email, name, password, role, adminPassword);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n refreshToken = async (req: Request, res: Response) => {\r\n const { refreshToken }: IRefreshTokenRequest = req.body;\r\n const result = await this.refreshTokenUseCase.execute(refreshToken);\r\n res.json(result);\r\n };\r\n\r\n verifyToken = async (token: string): Promise<IDecodedToken> => {\r\n return await this.refreshTokenUseCase.verityToken(token);\r\n };\r\n\r\n setup2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const result = await this.twoFactorSetupUseCase.execute(userId);\r\n res.status(200).json(result);\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n enable2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const dto: ITwoFactorEnable = req.body;\r\n await this.twoFactorEnableUseCase.execute(userId, dto);\r\n res.status(200).json({ message: 'Two-factor authentication has been enabled successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n verify2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const dto: ITwoFactorVerify = req.body;\r\n const result = await this.twoFactorVerifyUseCase.execute(dto);\r\n res.status(200).json({\r\n message: 'Two-factor authentication successful',\r\n ...result\r\n });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n\r\n disable2FA = async (req: Request, res: Response, next: NextFunction) => {\r\n try {\r\n const userId = req.auth!.id;\r\n const dto: ITwoFactorEnable = req.body;\r\n await this.twoFactorDisableUseCase.execute(userId, dto);\r\n res.status(200).json({ message: 'Two-factor authentication has been disabled successfully' });\r\n } catch (error) {\r\n next(error);\r\n }\r\n };\r\n}\r\n","import { NextFunction, Request, Response } from 'express';\r\nimport { JwtAuthService } from '../../infrastructure/services/JwtAuthService';\r\n\r\nexport class RequireComplete2FA {\r\n private readonly jwtService: JwtAuthService;\r\n\r\n constructor(jwtService: JwtAuthService) {\r\n this.jwtService = jwtService;\r\n }\r\n\r\n public async execute(req: Request, res: Response, next: NextFunction) {\r\n try {\r\n const token = req.headers.authorization?.split(' ')[1];\r\n\r\n if (!token) {\r\n return res.status(401).json({ message: 'Authentication required' });\r\n }\r\n\r\n const decoded = await this.jwtService.verifyAccessToken(token);\r\n\r\n if (!decoded.twoFactorAuthenticated) {\r\n return res.status(403).json({\r\n message: 'Two-factor authentication required',\r\n code: 'REQUIRE_2FA',\r\n userId: decoded.id\r\n });\r\n }\r\n\r\n req.auth = { ...decoded, twoFactorAuthenticated: true };\r\n next();\r\n } catch (error) {\r\n return res.status(401).json({ message: 'Invalid or expired token' });\r\n }\r\n }\r\n}","import { BaseRepository, IExtendedBaseRepository } from \"cca-core\";\r\nimport { AuthEntity } from \"cca-entities\";\r\nimport { Repository } from \"typeorm\";\r\nimport { NotFoundError } from \"../../utils/Errors\";\r\n\r\nexport class AuthRepository\r\n extends BaseRepository<AuthEntity>\r\n implements IExtendedBaseRepository<AuthEntity> {\r\n constructor(repository: Repository<AuthEntity>) {\r\n super(repository);\r\n }\r\n\r\n async findByEmail(email: string): Promise<AuthEntity | null> {\r\n const query = this.repository\r\n .createQueryBuilder(\"auth\")\r\n .leftJoinAndSelect(\"auth.user\", \"user\")\r\n .addSelect(\"auth.password\")\r\n .where(\"auth.email = :email\", { email });\r\n\r\n return await query.getOne();\r\n }\r\n\r\n async create(entity: Omit<AuthEntity, \"createdAt\">): Promise<AuthEntity> {\r\n return super.create(entity);\r\n }\r\n\r\n async findByUserId(userId: string): Promise<AuthEntity | null> {\r\n const query = this.repository\r\n .createQueryBuilder(\"auth\")\r\n .leftJoinAndSelect(\"auth.user\", \"user\")\r\n .addSelect(\"auth.twoFactorSecret\")\r\n .where(\"user.id = :userId\", { userId });\r\n\r\n return await query.getOne();;\r\n }\r\n\r\n async logout(userId: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n auth.refreshToken = \"\";\r\n auth.user.isActive = false;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async updateTwoFactorSecret(userId: string, secret: string): Promise<void> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n auth.twoFactorSecret = secret;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async enableTwoFactor(auth: AuthEntity): Promise<void> {\r\n\r\n auth.twoFactorEnabled = true;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async disableTwoFactor(auth: AuthEntity): Promise<void> {\r\n\r\n auth.twoFactorEnabled = false;\r\n auth.twoFactorSecret = null;\r\n\r\n await this.update(auth.id, auth);\r\n }\r\n\r\n async isTwoFactorEnabled(userId: string): Promise<boolean> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n return !!auth.twoFactorEnabled;\r\n }\r\n\r\n async getTwoFactorSecret(userId: string): Promise<string | null> {\r\n const auth = await this.findByUserId(userId);\r\n if (!auth) {\r\n throw new NotFoundError(\"Auth not found\");\r\n }\r\n\r\n return auth.twoFactorSecret;\r\n }\r\n}\r\n","import * as jwt from \"jsonwebtoken\";\r\nimport { Secret, SignOptions } from \"jsonwebtoken\";\r\nimport * as bcrypt from \"bcrypt\";\r\nimport { IBaseService, validateRepository } from \"cca-core\";\r\nimport { AuthEntity, UserEntity } from \"cca-entities\";\r\n\r\nimport { IJwtConfig } from \"../../domain/interfaces/IJwtConfig\";\r\nimport { IAuthService } from \"../../domain/interfaces/IAuthService\";\r\nimport { IDecodedToken } from \"../../domain/interfaces/IDecodedToken\";\r\n\r\nimport {\r\n ForbiddenError,\r\n JwtError,\r\n NotFoundError,\r\n UnauthorizedError,\r\n} from \"../../utils/Errors\";\r\n\r\nimport { AuthRepository } from \"../repository/AuthRepository\";\r\nimport { createConfigInstance } from \"../../application/service/utils/configInstance\";\r\n\r\nexport class JwtAuthService implements IBaseService, IAuthService {\r\n private jwtConfig: IJwtConfig | undefined;\r\n\r\n constructor(private readonly repository: AuthRepository, config?: IJwtConfig) {\r\n this.loadConfig(config);\r\n }\r\n\r\n private async loadConfig(config?: IJwtConfig) {\r\n const configData = await createConfigInstance();\r\n\r\n this.jwtConfig = {\r\n accessTokenSecret: configData.accessTokenSecret,\r\n refreshTokenSecret: configData.refreshTokenSecret,\r\n accessTokenExpiry: parseInt(configData.accessTokenExpiry, 10),\r\n refreshTokenExpiry: parseInt(configData.refreshTokenExpiry, 10),\r\n ...config,\r\n };\r\n\r\n this.validateConfiguration();\r\n }\r\n\r\n async initialize(): Promise<void> {\r\n await validateRepository(this.repository, repo => repo.getAll());\r\n }\r\n\r\n private validateConfiguration(): void {\r\n if (!this.jwtConfig?.accessTokenSecret || !this.jwtConfig?.refreshTokenSecret) {\r\n throw new JwtError(\"JWT secrets required in config\");\r\n }\r\n }\r\n\r\n async validateUser(email: string, password: string): Promise<AuthEntity | null> {\r\n const user = await this.repository.findByEmail(email);\r\n if (!user) {\r\n throw new NotFoundError(\"Invalid credentials\");\r\n }\r\n\r\n const validPassword = await bcrypt.compare(password, user.password);\r\n if (!validPassword) {\r\n throw new ForbiddenError(\"Invalid credentials\");\r\n }\r\n\r\n return user;\r\n }\r\n\r\n private verifyJwtConfig() {\r\n if (!this.jwtConfig) throw new JwtError(\"JWT config not loaded\");\r\n }\r\n\r\n generateAccessToken(user: UserEntity): string {\r\n this.verifyJwtConfig();\r\n return jwt.sign(\r\n { userId: user.id, email: user.email, role: user.role },\r\n this.jwtConfig!.accessTokenSecret as Secret,\r\n { expiresIn: this.jwtConfig!.accessTokenExpiry }\r\n );\r\n }\r\n\r\n generateRefreshToken(user: UserEntity): string {\r\n this.verifyJwtConfig();\r\n return jwt.sign(\r\n { userId: user.id },\r\n this.jwtConfig!.refreshTokenSecret as Secret,\r\n { expiresIn: this.jwtConfig!.refreshTokenExpiry }\r\n );\r\n }\r\n\r\n async verifyToken(token: string, secret: string): Promise<IDecodedToken> {\r\n try {\r\n return jwt.verify(token, secret) as IDecodedToken;\r\n } catch {\r\n throw new UnauthorizedError();\r\n }\r\n }\r\n\r\n async verifyAccessToken(token: string): Promise<IDecodedToken> {\r\n this.verifyJwtConfig();\r\n return this.verifyToken(token, this.jwtConfig!.accessTokenSecret);\r\n }\r\n\r\n async verifyRefreshToken(token: string): Promise<IDecodedToken> {\r\n this.verifyJwtConfig();\r\n return this.verifyToken(token, this.jwtConfig!.refreshTokenSecret);\r\n }\r\n}\r\n","import * as speakeasy from 'speakeasy';\r\nimport * as QRCode from 'qrcode';\r\nimport { IBaseService } from 'cca-core';\r\n\r\nimport { IConfig } from '../../domain/interfaces/configTypes';\r\nimport { TwoFactorError } from '../../utils/Errors';\r\n\r\nexport class TwoFactorService implements IBaseService {\r\n private readonly config: IConfig;\r\n private initialized: boolean = false;\r\n private readonly twoFactorConfig: {\r\n tokenWindow: number;\r\n secretLength: number;\r\n qrCodeOptions: QRCode.QRCodeToDataURLOptions;\r\n };\r\n\r\n constructor(config: IConfig) {\r\n this.config = config;\r\n \r\n this.twoFactorConfig = {\r\n tokenWindow: parseInt(config.tokenWindow) ?? 1,\r\n secretLength: parseInt(config.secretLength) ?? 20,\r\n qrCodeOptions: {\r\n errorCorrectionLevel: 'M',\r\n margin: 4,\r\n scale: 4,\r\n color: {\r\n dark: '#000000',\r\n light: '#ffffff'\r\n }\r\n }\r\n };\r\n }\r\n\r\n public async initialize(): Promise<void> {\r\n if (this.initialized) return;\r\n\r\n try {\r\n this.validateConfiguration();\r\n this.initialized = true;\r\n } catch (error) {\r\n console.error('TwoFactorService initialization failed:', error);\r\n throw new Error('Failed to initialize TwoFactorService');\r\n }\r\n }\r\n\r\n private validateConfiguration(): void {\r\n if (!this.config.app_name?.trim()) {\r\n throw new TwoFactorError('Application name (appName) is required in configuration');\r\n }\r\n\r\n if (this.twoFactorConfig.secretLength < 16) {\r\n throw new TwoFactorError('Secret length must be at least 16 characters');\r\n }\r\n\r\n if (this.twoFactorConfig.tokenWindow < 0 || this.twoFactorConfig.tokenWindow > 5) {\r\n throw new TwoFactorError('Token verification window must be between 0 and 5');\r\n }\r\n }\r\n\r\n private ensureInitialized(): void {\r\n if (!this.initialized) {\r\n throw new TwoFactorError('TwoFactorService must be initialized before use');\r\n }\r\n }\r\n\r\n public generateSecret(email: string): { secret: string; otpAuthUrl: string } {\r\n this.ensureInitialized();\r\n\r\n try {\r\n const secretObj = speakeasy.generateSecret({\r\n length: this.twoFactorConfig.secretLength,\r\n name: `${this.config.app_name}:${email}`,\r\n issuer: this.config.app_name\r\n });\r\n \r\n return {\r\n secret: secretObj.base32,\r\n otpAuthUrl: secretObj.otpauth_url || ''\r\n };\r\n } catch (error) {\r\n console.error('Error generating 2FA secret:', error);\r\n throw new Error('Failed to generate 2FA secret');\r\n }\r\n }\r\n\r\n public async generateQRCode(otpAuthUrl: string): Promise<string> {\r\n this.ensureInitialized();\r\n\r\n try {\r\n return await QRCode.toDataURL(otpAuthUrl, this.twoFactorConfig.qrCodeOptions);\r\n } catch (error) {\r\n console.error('QR code generation failed:', error);\r\n throw new TwoFactorError('Failed to generate QR code');\r\n }\r\n }\r\n\r\n public verifyToken(token: string, secret: string): boolean {\r\n this.ensureInitialized();\r\n\r\n try {\r\n return speakeasy.totp.verify({\r\n secret,\r\n encoding: 'base32',\r\n token,\r\n window: this.twoFactorConfig.tokenWindow\r\n });\r\n } catch (error) {\r\n console.error('Token verification failed:', error);\r\n throw new TwoFactorError('Failed to verify 2FA token');\r\n }\r\n }\r\n}"],"mappings":";;;;;;;;;;;;;AAAA,SAAS,oBAAoB;;;ACAtB,IAAM,YAAN,MAAM,kBAAiB,MAAM;AAAA,EAClC,YACS,SACA,aAAqB,KACrB,OAAe,YACtB;AACA,UAAM,OAAO;AAJN;AACA;AACA;AAGP,WAAO,eAAe,MAAM,WAAW,SAAS;AAChD,UAAM,kBAAkB,IAAI;AAAA,EAC9B;AACF;AAVoC;AAA7B,IAAM,WAAN;AAYA,IAAM,mBAAN,MAAM,yBAAwB,SAAS;AAAA,EAC5C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL8C;AAAvC,IAAM,kBAAN;AAOA,IAAM,2BAAN,MAAM,iCAAgC,SAAS;AAAA,EACpD,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AALsD;AAA/C,IAAM,0BAAN;AAOA,IAAM,iBAAN,MAAM,uBAAsB,SAAS;AAAA,EAC1C,YAAY,SAAiB;AAC3B,UAAM,SAAS,KAAK,mBAAmB;AAAA,EACzC;AACF;AAJ4C;AAArC,IAAM,gBAAN;AAMA,IAAM,kBAAN,MAAM,wBAAuB,SAAS;AAAA,EAC3C,YAAY,UAAkB,oBAAoB;AAChD,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL6C;AAAtC,IAAM,iBAAN;AAOA,IAAM,qBAAN,MAAM,2BAA0B,SAAS;AAAA,EAC9C,YAAY,UAAkB,uBAAuB;AACnD,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALgD;AAAzC,IAAM,oBAAN;AAOA,IAAM,YAAN,MAAM,kBAAiB,SAAS;AAAA,EACrC,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALuC;AAAhC,IAAM,WAAN;AAOA,IAAM,qBAAN,MAAM,2BAA0B,SAAS;AAAA,EAC9C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AALgD;AAAzC,IAAM,oBAAN;AAOA,IAAM,kBAAN,MAAM,wBAAuB,SAAS;AAAA,EAC3C,YAAY,SAAiB;AAC3B,UAAM,SAAS,GAAG;AAClB,SAAK,OAAO;AAAA,EACd;AACF;AAL6C;AAAtC,IAAM,iBAAN;;;ADxDA,IAAM,iBAAN,MAAM,uBAAsB,aAAa;AAAA,EAI5C,gBAAgB,QAA4B;AACxC,SAAK,eAAe;AAAA,EACxB;AAAA,EAEA,UAAU,KAAoB;AAC1B,SAAK,SAAS,EAAE,GAAG,IAAI;AACvB,SAAK,KAAK,mBAAmB,KAAK,MAAM;AAAA,EAC5C;AAAA,EAEA,YAAiC;AAC7B,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,aAA+B;AACjC,QAAI,CAAC,KAAK,cAAc;AACpB,YAAM,IAAI,wBAAwB,uBAAuB;AAAA,IAC7D;AACA,QAAI;AACA,YAAM,SAAS,MAAM,KAAK,aAAa;AACvC,WAAK,UAAU,MAAM;AACrB,aAAO;AAAA,IACX,SAAS,OAAO;AACZ,YAAM,IAAI,wBAAwB,6BAA6B;AAAA,IACnE;AAAA,EACJ;AACJ;AA7BgD;AAAzC,IAAM,gBAAN;AA+BA,IAAM,gBAAgB,IAAI,cAAc;;;AEhCxC,IAAM,aAAa,wBAAC,iBAAqC;AAC9D,gBAAc,gBAAgB,YAAY;AAC5C,GAF0B;AAInB,IAAM,uBAAuB,mCAA8B;AAChE,SAAO,cAAc,UAAU,KAAM,MAAM,cAAc,WAAW;AACtE,GAFoC;;;ACPpC,SAAS,qBAAmC;AAC5C,SAAS,cAAAA,mBAAkB;;;ACD3B,SAAuB,0BAA0B;AACjD,SAAqB,cAAAC,aAAY,YAAAC,iBAAgB;;;ACDjD,SAAS,eAAe;AAGjB,IAAM,WAAN,MAAM,SAAQ;AAcrB;AAdqB;AAEnB;AAAA,EADC,QAAQ;AAAA,GADE,SAEX;AAGA;AAAA,EADC,QAAQ;AAAA,GAJE,SAKX;AAGA;AAAA,EADC,QAAQ;AAAA,GAPE,SAQX;AAGA;AAAA,EADC,QAAQ;AAAA,GAVE,SAWX;AAXK,IAAM,UAAN;;;ACHP,YAAY,SAAS;AACrB,SAAqB,gBAAgB;AACrC,OAAO,YAAY;AAanB,IAAM,UAAU;AAAA,EACd,IAAQ,WAAO,EAAE,KAAK,wBAAwB;AAAA,EAC9C,OACG,WAAO,EACP,MAAM,sBAAsB,EAC5B,IAAI,KAAK,oCAAoC;AAAA,EAChD,MACG,WAAO,EACP,SAAS,kBAAkB,EAC3B,IAAI,GAAG,yCAAyC,EAChD,IAAI,IAAI,kCAAkC,EAC1C,QAAQ,iBAAiB,2CAA2C;AAAA,EACvE,UACG,WAAO,EACP,SAAS,mBAAmB,EAC5B,IAAI,GAAG,oBAAoB,EAC3B,IAAI,KAAK,mBAAmB,EAC5B;AAAA,IACC;AAAA,IACA;AAAA,EACF;AAAA,EACF,MACG,WAAO,EACP,SAAS,kBAAkB,EAC3B,MAAM,OAAO,OAAO,QAAQ,GAAG,wBAAwB;AAC5D;AAEO,IAAM,gBAAgB,8BAC3B,OACA,eACwB;AACxB,MAAI;AACF,UAAM,QAAQ,MAAM,SAAS,OAAO,KAAK,EAAE,YAAY,CAAC;AACxD,UAAM,OAAO,MAAM,WAAW,YAAY,KAAK;AAC/C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT,SAAS,OAAY;AACnB,UAAM,IAAI,gBAAgB,MAAM,WAAW,sBAAsB;AAAA,EACnE;AACF,GAhB6B;AAkBtB,IAAM,mBAAmB,8BAAO,aAAqC;AAC1E,MAAI,UAAU;AACZ,QAAI;AACF,YAAM,QAAQ,SAAS,SAAS,QAAQ;AAAA,IAC1C,SAAS,OAAY;AACnB,YAAM,IAAI,gBAAgB,MAAM,WAAW,yBAAyB;AAAA,IACtE;AAAA,EACF;AACF,GARgC;AAUzB,IAAM,0BAA0B,8BACrC,YACA,OACA,kBACkB;AAClB,MAAI;AACF,UAAM,QAAQ,MAAM,SAAS,OAAO,KAAK,EAAE,YAAY,CAAC;AAExD,UAAM,eAAe,MAAM,WAAW,YAAY,KAAK;AAEvD,QAAI,CAAC,aAAc;AACnB,QAAI,aAAa,OAAO,cAAe;AAEvC,UAAM,IAAI,gBAAgB,SAAS,KAAK,qBAAqB;AAAA,EAC/D,SAAS,OAAY;AACnB,QAAI,iBAAiB,iBAAiB;AACpC,YAAM;AAAA,IACR;AACA,UAAM,IAAI,gBAAgB,8BAA8B;AAAA,EAC1D;AACF,GApBuC;AAsBhC,IAAM,sBAAsB,8BACjC,MACA,eACkB;AAClB,QAAM,EAAE,MAAM,OAAO,MAAM,SAAS,IAAI;AAExC,QAAM,QAAQ,IAAI;AAAA,IAChB,QAAQ,KAAK,SAAS,IAAI;AAAA,IAC1B,QAAQ,KAAK,SAAS,IAAI;AAAA,IAC1B,wBAAwB,YAAY,KAAK;AAAA,IACzC,iBAAiB,QAAQ;AAAA,EAC3B,CAAC;AACH,GAZmC;AAc5B,IAAM,mBAAmB,8BAC9B,MACA,eACwB;AACxB,QAAM,EAAE,OAAO,MAAM,SAAS,IAAI;AAElC,QAAM,QAAQ,IAAI,CAAC,QAAQ,KAAK,SAAS,IAAI,GAAG,QAAQ,SAAS,SAAS,QAAQ,CAAC,CAAC;AAEpF,QAAM,OAAO,MAAM,cAAc,OAAO,UAAU;AAClD,MAAI,CAAC,QAAQ,CAAC,KAAK,UAAU;AAC3B,UAAM,IAAI,cAAc,qBAAqB;AAAA,EAC/C;AAEA,QAAM,UAAU,MAAM,OAAO,QAAQ,UAAU,KAAK,QAAQ;AAC5D,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,eAAe,qBAAqB;AAAA,EAChD;AAEA,SAAO;AACT,GAnBgC;AAqBzB,IAAM,sBAAsB,8BACjC,mBACkB;AAClB,MAAI,CAAC,gBAAgB;AACnB,UAAM,IAAI,gBAAgB,4BAA4B;AAAA,EACxD;AAEA,MAAI;AACF,UAAM,SAAS,MAAM,qBAAqB;AAE1C,QAAI,CAAC,OAAO,qBAAqB;AAC/B,YAAM,IAAI,gBAAgB,2CAA2C;AAAA,IACvE;AAEA,QAAI,SAAS,cAAc,MAAM,SAAS,OAAO,mBAAmB,GAAG;AACrE,YAAM,IAAI,gBAAgB,wBAAwB;AAAA,IACpD;AAAA,EACF,SAAS,OAAO;AACd,QAAI,iBAAiB,iBAAiB;AACpC,YAAM;AAAA,IACR;AACA,UAAM,IAAI,gBAAgB,iCAAiC;AAAA,EAC7D;AACF,GAvBmC;;;AC/HnC,SAAS,oBAAoB;AAC7B,SAAS,eAAe;;;ACDxB,SAAiB,WAAW,WAAW,eAAe;AACtD,SAAS,cAAAC,aAAY,kBAAkB;;;ACChC,IAAM,eAAN,MAAM,aAAY;AAMzB;AANyB;AAAlB,IAAM,cAAN;;;ADIA,SAAS,mBAAmBC,SAAsB;AACrD;AAAA,IACIA;AAAA,IACA;AAAA,IACAC;AAAA,IACA,UAAU,UAAQ,KAAK,OAAO,QAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,IACvD,UAAU,UAAQ,KAAK,UAAU,QAAQ,SAAO,IAAI,QAAQ,CAAC;AAAA,IAC7D,UAAU,UAAQ,KAAK,MAAM,QAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAE1D;AAAA,IACID;AAAA,IACA;AAAA,IACA;AAAA,IACA,UAAU,UAAQ,KAAK,MAAM,QAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,IACrD,UAAU,UAAQ,KAAK,OAAO,QAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,IACvD,UAAU,UAAQ,KAAK,MAAM,QAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAE1D;AAAA,IACIA;AAAA,IACA;AAAA,IACA;AAAA,IACA,UAAU,UAAQ,KAAK,IAAI,QAAQ,SAAO,IAAI,EAAE,CAAC;AAAA,IACjD,UAAU,UAAQ,KAAK,MAAM,QAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,IACrD,UAAU,UAAQ,KAAK,OAAO,QAAQ,SAAO,IAAI,KAAK,CAAC;AAAA,IACvD,UAAU,UAAQ,KAAK,MAAM,QAAQ,SAAO,IAAI,IAAI,CAAC;AAAA,EAAC;AAC9D;AAzBgB;;;ADDT,IAAM,SAAS,aAAa;AAAA,EACjC,qBAAqB,QAAQ;AAC/B,CAAC;AAED,mBAAmB,MAAM;;;AHWlB,IAAM,gBAAN,MAAM,cAAqC;AAAA,EAIhD,YACE,YACA,aACA;AACA,SAAK,aAAa;AAClB,SAAK,cAAc;AAAA,EACrB;AAAA,EAEA,MAAa,aAA4B;AACvC,UAAM,mBAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAM,QAAQ,UAAoB,eAAgD;AAChF,UAAM,OAAO,MAAM,KAAK,cAAc,UAAU,aAAa;AAC7D,UAAM,QAAQ,MAAM,KAAK,qBAAqB,IAAI;AAClD,UAAM,UAAU,KAAK,aAAa,KAAK,IAAI;AAE3C,WAAO,EAAE,OAAO,MAAM,QAAQ;AAAA,EAChC;AAAA,EAEA,MAAc,cACZ,UACA,eACqB;AACrB,UAAM,OAAO,MAAM,iBAAiB,UAAU,KAAK,UAAU;AAE7D,QAAI,SAAS,SAASE,UAAS,SAAS,eAAe;AACrD,YAAM,oBAAoB,aAAa;AAAA,IACzC;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,qBAAqB,MAAsC;AACvE,UAAM,QAAQ,KAAK,eAAe,IAAI;AACtC,UAAM,KAAK,iBAAiB,IAAI;AAChC,UAAM,KAAK,uBAAuB,MAAM,MAAM,YAAY;AAE1D,WAAO;AAAA,EACT;AAAA,EAEQ,eAAe,MAA6B;AAClD,WAAO;AAAA,MACL,aAAa,KAAK,YAAY,oBAAoB,KAAK,IAAI;AAAA,MAC3D,cAAc,KAAK,YAAY,qBAAqB,KAAK,IAAI;AAAA,IAC/D;AAAA,EACF;AAAA,EAEA,MAAc,iBAAiB,MAAiC;AAC9D,SAAK,KAAK,cAAc,oBAAI,KAAK;AACjC,SAAK,KAAK,WAAW;AACrB,UAAM,KAAK,WAAW,OAAO,KAAK,IAAI,IAAI;AAAA,EAC5C;AAAA,EAEA,MAAc,uBACZ,MACA,cACe;AACf,SAAK,eAAe;AACpB,UAAM,KAAK,WAAW,OAAO,KAAK,IAAI,EAAE,aAAa,CAAC;AAAA,EACxD;AAAA,EAEQ,aAAa,MAA2B;AAC9C,WAAO,OAAO,IAAI,MAAMC,aAAY,OAAO;AAAA,EAC7C;AACF;AArEkD;AAA3C,IAAM,eAAN;;;AMpBP,SAAuB,sBAAAC,2BAA0B;AAM1C,IAAM,iBAAN,MAAM,eAAsC;AAAA,EAG/C,YAAY,YAA4B;AACpC,SAAK,aAAa;AAAA,EACtB;AAAA,EAEA,MAAa,aAA4B;AACrC,UAAMC,oBAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACrF;AAAA,EAEA,MAAM,QAAQ,QAA+B;AACzC,QAAI;AACA,YAAM,KAAK,WAAW,OAAO,MAAM;AAAA,IACvC,SAAS,OAAO;AACZ,UAAI,cAAc,gBAAgB;AAAA,IACtC;AAAA,EACJ;AACJ;AAlBmD;AAA5C,IAAM,gBAAN;;;ACNP,SAAuB,sBAAAC,2BAA0B;AACjD,YAAYC,aAAY;AACxB,SAAS,cAAAC,aAAY,cAAAC,aAAY,YAAAC,iBAAgB;AAS1C,IAAM,mBAAN,MAAM,iBAAwC;AAAA,EAInD,YAAY,YAA4B;AAFxC,SAAiB,cAAc;AAG7B,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAa,aAA4B;AACvC,UAAMC,oBAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAa,QACX,OACA,MACA,UACA,OAAiBC,UAAS,OAC1B,eACiC;AACjC,QAAI;AAEF,YAAM,gBAAgB,KAAK,iBAAiB;AAAA,QAC1C;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF,CAAC;AAED,UAAI,SAASA,UAAS,SAAS,eAAe;AAC5C,cAAM,oBAAoB,aAAa;AAAA,MACzC;AAEA,YAAM,oBAAoB,eAAe,KAAK,UAAU;AAExD,YAAM,iBAAiB,MAAM,KAAK,aAAa,cAAc,QAAQ;AACrE,YAAM,aAAa,MAAM,KAAK;AAAA,QAC5B;AAAA,QACA;AAAA,MACF;AAEA,aAAO,MAAM,KAAK,WAAW,OAAO,UAAU;AAAA,IAChD,SAAS,OAAY;AACnB,YAAM,IAAI,kBAAkB,wBAAwB,MAAM,OAAO,EAAE;AAAA,IACrE;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA+B;AACtD,WAAO;AAAA,MACL,MAAM,IAAI,KAAK,KAAK;AAAA,MACpB,OAAO,IAAI,MAAM,KAAK,EAAE,YAAY;AAAA,MACpC,MAAM,IAAI;AAAA,MACV,UAAU,IAAI,SAAS,KAAK;AAAA,MAC5B,eAAe,IAAI,eAAe,KAAK;AAAA,IACzC;AAAA,EACF;AAAA,EAEA,MAAc,aAAa,UAAmC;AAC5D,WAAO,MAAa,aAAK,UAAU,KAAK,WAAW;AAAA,EACrD;AAAA,EAEA,MAAc,iBAAiB,KAAkB,gBAA6C;AAC5F,UAAM,aAAa,OAAO,IAAI,KAAK,aAAaC,WAAU;AAC1D,UAAM,aAAa,OAAO,IAAI,KAAK,aAAaC,WAAU;AAE1D,eAAW,WAAW;AACtB,eAAW,eAAe;AAC1B,eAAW,OAAO;AAClB,eAAW,KAAK,YAAY;AAE5B,WAAO;AAAA,EACT;AACF;AAxEqD;AAA9C,IAAM,kBAAN;;;ACXP,SAAuB,sBAAAC,2BAA0B;AAO1C,IAAM,uBAAN,MAAM,qBAA4C;AAAA,EAIvD,YAAY,YAA4B,SAAyB;AAC/D,SAAK,aAAa;AAClB,SAAK,UAAU;AAAA,EACjB;AAAA,EAEA,MAAa,aAA4B;AACvC,UAAMC,oBAAmB,KAAK,YAAY,CAAC,SAAyB,KAAK,OAAO,CAAC;AAAA,EACnF;AAAA,EAEA,MAAM,QACJ,cAC+D;AAC/D,QAAI;AACF,YAAM,UAAU,MAAM,KAAK,QAAQ,mBAAmB,YAAY;AAElE,YAAM,OAAO,QAAQ,SACjB,MAAM,KAAK,WAAW,SAAS,QAAQ,MAAM,IAC7C;AAEJ,UAAI,CAAC,QAAQ,KAAK,iBAAiB,cAAc;AAC/C,eAAO;AAAA,MACT;AAEA,YAAM,cAAc,KAAK,QAAQ,oBAAoB,KAAK,IAAI;AAC9D,YAAM,kBAAkB,KAAK,QAAQ,qBAAqB,KAAK,IAAI;AAEnE,YAAM,KAAK,WAAW,OAAO,KAAK,IAAI;AAAA,QACpC,cAAc;AAAA,MAChB,CAAC;AAED,aAAO,EAAE,aAAa,cAAc,gBAAgB;AAAA,IACtD,SAAS,OAAO;AACd,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,OAAuC;AACvD,WAAO,MAAM,KAAK,QAAQ,kBAAkB,KAAK;AAAA,EACnD;AACF;AA3CyD;AAAlD,IAAM,sBAAN;;;ACCA,IAAM,yBAAN,MAAM,uBAA6C;AAAA,EAKxD,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EACxB;AAAA,EACA,MAAM,aAA4B;AAChC,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MAChB,KAAK,iBAAiB,WAAW;AAAA,IACnC,CAAC;AAED,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEA,MAAM,QAAQ,QAAkD;AAC9D,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,eAAe,gBAAgB;AAAA,IAC3C;AAEA,QAAI,KAAK,kBAAkB;AACzB,YAAM,IAAI,eAAe,8CAA8C;AAAA,IACzE;AAEA,UAAM,EAAE,QAAQ,WAAW,IAAI,KAAK,iBAAiB,eAAe,KAAK,KAAK;AAC9E,UAAM,YAAY,MAAM,KAAK,iBAAiB,eAAe,UAAU;AAEvE,UAAM,KAAK,eAAe,sBAAsB,QAAQ,MAAM;AAE9D,WAAO,EAAE,QAAQ,YAAY,UAAU;AAAA,EACzC;AACF;AAzC0D;AAAnD,IAAM,wBAAN;;;ACRP,SAAuB,sBAAAC,2BAA0B;AAO1C,IAAM,0BAAN,MAAM,wBAA8C;AAAA,EAKzD,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EAExB;AAAA,EACA,MAAM,aAA4B;AAC9B,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,MACjCC,oBAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AAED,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEF,MAAM,QAAQ,QAAgB,KAAsC;AAClE,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,EAAE,MAAM,IAAI;AAElB,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,eAAe,mBAAmB;AAAA,IAC9C;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,QAAQ,CAAC,KAAK,iBAAiB;AAClC,YAAM,IAAI,eAAe,+CAA+C;AAAA,IAC1E;AAEA,QAAI,KAAK,kBAAkB;AACzB,YAAM,IAAI,eAAe,8CAA8C;AAAA,IACzE;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACtD;AAEA,UAAM,KAAK,eAAe,gBAAgB,IAAI;AAAA,EAChD;AACF;AAlD2D;AAApD,IAAM,yBAAN;;;ACPP,SAAuB,sBAAAC,2BAA0B;AAQ1C,IAAM,0BAAN,MAAM,wBAA8C;AAAA,EAMvD,YACI,kBACA,gBACA,YACF;AANF,SAAQ,gBAAgB;AAOpB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AACtB,SAAK,aAAa;AAAA,EACtB;AAAA,EACA,MAAM,aAA4B;AAC9B,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,MACjC,KAAK,WAAW,WAAW;AAAA,MAC3BC,oBAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AACT;AACQ,SAAK,gBAAgB;AAAA,EACzB;AAAA,EAEA,MAAM,QAAQ,KAAyE;AACnF,QAAI,CAAC,KAAK,eAAe;AACrB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEF,UAAM,EAAE,QAAQ,MAAM,IAAI;AAE1B,QAAI,CAAC,UAAU,CAAC,OAAO;AACnB,YAAM,IAAI,eAAe,gCAAgC;AAAA,IAC7D;AAEA,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,YAAQ,IAAI,QAAQ,IAAI;AAGxB,QAAI,CAAC,QAAQ,CAAC,KAAK,mBAAmB,CAAC,KAAK,kBAAkB;AAC1D,YAAM,IAAI,eAAe,iBAAiB;AAAA,IAC9C;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACV,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACxD;AAEA,WAAO;AAAA,MACH,OAAO,KAAK,WAAW,oBAAoB,KAAK,IAAI;AAAA,MACpD,cAAc,KAAK,WAAW,qBAAqB,KAAK,IAAI;AAAA,IAChE;AAAA,EACJ;AACJ;AA1D2D;AAApD,IAAM,yBAAN;;;ACRP,SAAuB,sBAAAC,2BAA0B;AAQ1C,IAAM,2BAAN,MAAM,yBAA+C;AAAA,EAK1D,YAAY,kBAAoC,gBAAgC;AAFhF,SAAQ,gBAAgB;AAGtB,SAAK,mBAAmB;AACxB,SAAK,iBAAiB;AAAA,EACxB;AAAA,EACA,MAAM,aAA4B;AAChC,QAAI,KAAK,cAAe;AAExB,UAAM,QAAQ,IAAI;AAAA,MACd,KAAK,iBAAiB,WAAW;AAAA,MACjCC,oBAAmB,KAAK,gBAAgB,UAAQ,KAAK,OAAO,CAAC;AAAA,IACjE,CAAC;AACL;AACI,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEA,MAAM,QAAQ,QAAgB,KAAsC;AAClE,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,KAAK,WAAW;AAAA,IACxB;AAEA,UAAM,EAAE,MAAM,IAAI;AAElB,UAAM,OAAO,MAAM,KAAK,eAAe,aAAa,MAAM;AAE1D,QAAI,CAAC,QAAQ,CAAC,KAAK,mBAAmB,CAAC,KAAK,kBAAkB;AAC5D,YAAM,IAAI,eAAe,0CAA0C;AAAA,IACrE;AAEA,UAAM,UAAU,KAAK,iBAAiB,YAAY,OAAO,KAAK,eAAe;AAE7E,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,eAAe,2BAA2B;AAAA,IACtD;AAEA,UAAM,KAAK,eAAe,iBAAiB,IAAI;AAAA,EACjD;AACF;AAzC4D;AAArD,IAAM,0BAAN;;;ACYA,IAAM,kBAAN,MAAM,gBAAe;AAAA,EAW1B,YACE,cACA,eACA,iBACA,qBACA,uBACA,wBACA,wBACA,yBACA;AAWF,iBAAQ,8BAAO,KAAc,KAAe,SAAuB;AACjE,UAAI;AACF,cAAM,EAAE,eAAe,GAAG,SAAS,IAAc,IAAI;AACrD,cAAM,SAAS,MAAM,KAAK,aAAa,QAAQ,UAAU,aAAa;AACtE,YAAI,OAAO,GAAG,EAAE,KAAK,MAAM;AAAA,MAC7B,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GARQ;AAUR,kBAAS,8BACP,KACA,KACA,SACkB;AAClB,UAAI;AACF,cAAM,KAAK,cAAc,QAAQ,IAAI,OAAO,EAAE;AAC9C,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0BAA0B,CAAC;AAAA,MAC7D,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXS;AAaT,oBAAW,8BACT,KACA,KACA,SACkB;AAClB,UAAI;AACF,cAAM,EAAE,OAAO,MAAM,UAAU,MAAM,cAAc,IAAiB,IAAI;AACxE,cAAM,KAAK,gBAAgB,QAAQ,OAAO,MAAM,UAAU,MAAM,aAAa;AAAA,MAC/E,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXW;AAaX,wBAAe,8BAAO,KAAc,QAAkB;AACpD,YAAM,EAAE,aAAa,IAA0B,IAAI;AACnD,YAAM,SAAS,MAAM,KAAK,oBAAoB,QAAQ,YAAY;AAClE,UAAI,KAAK,MAAM;AAAA,IACjB,GAJe;AAMf,uBAAc,8BAAO,UAA0C;AAC7D,aAAO,MAAM,KAAK,oBAAoB,YAAY,KAAK;AAAA,IACzD,GAFc;AAId,oBAAW,8BAAO,KAAc,KAAe,SAAuB;AACpE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,SAAS,MAAM,KAAK,sBAAsB,QAAQ,MAAM;AAC9D,YAAI,OAAO,GAAG,EAAE,KAAK,MAAM;AAAA,MAC7B,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GARW;AAUX,qBAAY,8BAAO,KAAc,KAAe,SAAuB;AACrE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,MAAwB,IAAI;AAClC,cAAM,KAAK,uBAAuB,QAAQ,QAAQ,GAAG;AACrD,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0DAA0D,CAAC;AAAA,MAC7F,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GATY;AAWZ,qBAAY,8BAAO,KAAc,KAAe,SAAuB;AACrE,UAAI;AACF,cAAM,MAAwB,IAAI;AAClC,cAAM,SAAS,MAAM,KAAK,uBAAuB,QAAQ,GAAG;AAC5D,YAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UACnB,SAAS;AAAA,UACT,GAAG;AAAA,QACL,CAAC;AAAA,MACH,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GAXY;AAaZ,sBAAa,8BAAO,KAAc,KAAe,SAAuB;AACtE,UAAI;AACF,cAAM,SAAS,IAAI,KAAM;AACzB,cAAM,MAAwB,IAAI;AAClC,cAAM,KAAK,wBAAwB,QAAQ,QAAQ,GAAG;AACtD,YAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,2DAA2D,CAAC;AAAA,MAC9F,SAAS,OAAO;AACd,aAAK,KAAK;AAAA,MACZ;AAAA,IACF,GATa;AA1FX,SAAK,eAAe;AACpB,SAAK,gBAAgB;AACrB,SAAK,kBAAkB;AACvB,SAAK,sBAAsB;AAC3B,SAAK,wBAAwB;AAC7B,SAAK,yBAAyB;AAC9B,SAAK,yBAAyB;AAC9B,SAAK,0BAA0B;AAAA,EACjC;AA4FF;AAzH4B;AAArB,IAAM,iBAAN;;;ACjBA,IAAM,sBAAN,MAAM,oBAAmB;AAAA,EAG9B,YAAY,YAA4B;AACtC,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,MAAa,QAAQ,KAAc,KAAe,MAAoB;AACpE,QAAI;AACF,YAAM,QAAQ,IAAI,QAAQ,eAAe,MAAM,GAAG,EAAE,CAAC;AAErD,UAAI,CAAC,OAAO;AACV,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,0BAA0B,CAAC;AAAA,MACpE;AAEA,YAAM,UAAU,MAAM,KAAK,WAAW,kBAAkB,KAAK;AAE7D,UAAI,CAAC,QAAQ,wBAAwB;AACnC,eAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,UAC1B,SAAS;AAAA,UACT,MAAM;AAAA,UACN,QAAQ,QAAQ;AAAA,QAClB,CAAC;AAAA,MACH;AAEA,UAAI,OAAO,EAAE,GAAG,SAAS,wBAAwB,KAAK;AACtD,WAAK;AAAA,IACP,SAAS,OAAO;AACd,aAAO,IAAI,OAAO,GAAG,EAAE,KAAK,EAAE,SAAS,2BAA2B,CAAC;AAAA,IACrE;AAAA,EACF;AACF;AA/BgC;AAAzB,IAAM,qBAAN;;;ACHP,SAAS,sBAA+C;AAKjD,IAAM,kBAAN,MAAM,wBACH,eACuC;AAAA,EAC/C,YAAY,YAAoC;AAC9C,UAAM,UAAU;AAAA,EAClB;AAAA,EAEA,MAAM,YAAY,OAA2C;AAC3D,UAAM,QAAQ,KAAK,WAChB,mBAAmB,MAAM,EACzB,kBAAkB,aAAa,MAAM,EACrC,UAAU,eAAe,EACzB,MAAM,uBAAuB,EAAE,MAAM,CAAC;AAEzC,WAAO,MAAM,MAAM,OAAO;AAAA,EAC5B;AAAA,EAEA,MAAM,OAAO,QAA4D;AACvE,WAAO,MAAM,OAAO,MAAM;AAAA,EAC5B;AAAA,EAEA,MAAM,aAAa,QAA4C;AAC7D,UAAM,QAAQ,KAAK,WAChB,mBAAmB,MAAM,EACzB,kBAAkB,aAAa,MAAM,EACrC,UAAU,sBAAsB,EAChC,MAAM,qBAAqB,EAAE,OAAO,CAAC;AAExC,WAAO,MAAM,MAAM,OAAO;AAAE;AAAA,EAC9B;AAAA,EAEA,MAAM,OAAO,QAA+B;AAC1C,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,SAAK,eAAe;AACpB,SAAK,KAAK,WAAW;AAErB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,sBAAsB,QAAgB,QAA+B;AACzE,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,SAAK,kBAAkB;AAEvB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,gBAAgB,MAAiC;AAEpD,SAAK,mBAAmB;AAEzB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,iBAAiB,MAAiC;AAEtD,SAAK,mBAAmB;AACxB,SAAK,kBAAkB;AAEvB,UAAM,KAAK,OAAO,KAAK,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,MAAM,mBAAmB,QAAkC;AACzD,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,WAAO,CAAC,CAAC,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,mBAAmB,QAAwC;AAC/D,UAAM,OAAO,MAAM,KAAK,aAAa,MAAM;AAC3C,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,gBAAgB;AAAA,IAC1C;AAEA,WAAO,KAAK;AAAA,EACd;AACF;AApFiD;AAF1C,IAAM,iBAAN;;;ACLP,YAAY,SAAS;AAErB,YAAYC,aAAY;AACxB,SAAuB,sBAAAC,2BAA0B;AAiB1C,IAAM,kBAAN,MAAM,gBAAqD;AAAA,EAGhE,YAA6B,YAA4B,QAAqB;AAAjD;AAC3B,SAAK,WAAW,MAAM;AAAA,EACxB;AAAA,EAEA,MAAc,WAAW,QAAqB;AAC5C,UAAM,aAAa,MAAM,qBAAqB;AAE9C,SAAK,YAAY;AAAA,MACf,mBAAmB,WAAW;AAAA,MAC9B,oBAAoB,WAAW;AAAA,MAC/B,mBAAoB,SAAS,WAAW,mBAAmB,EAAE;AAAA,MAC7D,oBAAoB,SAAS,WAAW,oBAAoB,EAAE;AAAA,MAC9D,GAAG;AAAA,IACL;AAEA,SAAK,sBAAsB;AAAA,EAC7B;AAAA,EAEA,MAAM,aAA4B;AAChC,UAAMC,oBAAmB,KAAK,YAAY,UAAQ,KAAK,OAAO,CAAC;AAAA,EACjE;AAAA,EAEQ,wBAA8B;AACpC,QAAI,CAAC,KAAK,WAAW,qBAAqB,CAAC,KAAK,WAAW,oBAAoB;AAC7E,YAAM,IAAI,SAAS,gCAAgC;AAAA,IACrD;AAAA,EACF;AAAA,EAEA,MAAM,aAAa,OAAe,UAA8C;AAC9E,UAAM,OAAO,MAAM,KAAK,WAAW,YAAY,KAAK;AACpD,QAAI,CAAC,MAAM;AACT,YAAM,IAAI,cAAc,qBAAqB;AAAA,IAC/C;AAEA,UAAM,gBAAgB,MAAa,gBAAQ,UAAU,KAAK,QAAQ;AAClE,QAAI,CAAC,eAAe;AAClB,YAAM,IAAI,eAAe,qBAAqB;AAAA,IAChD;AAEA,WAAO;AAAA,EACT;AAAA,EAEQ,kBAAkB;AACxB,QAAI,CAAC,KAAK,UAAW,OAAM,IAAI,SAAS,uBAAuB;AAAA,EACjE;AAAA,EAEA,oBAAoB,MAA0B;AAC5C,SAAK,gBAAgB;AACrB,WAAW;AAAA,MACT,EAAE,QAAQ,KAAK,IAAI,OAAO,KAAK,OAAO,MAAM,KAAK,KAAK;AAAA,MACtD,KAAK,UAAW;AAAA,MAChB,EAAE,WAAW,KAAK,UAAW,kBAAkB;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,qBAAqB,MAA0B;AAC7C,SAAK,gBAAgB;AACrB,WAAW;AAAA,MACT,EAAE,QAAQ,KAAK,GAAG;AAAA,MAClB,KAAK,UAAW;AAAA,MAChB,EAAE,WAAW,KAAK,UAAW,mBAAmB;AAAA,IAClD;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,OAAe,QAAwC;AACvE,QAAI;AACF,aAAW,WAAO,OAAO,MAAM;AAAA,IACjC,QAAQ;AACN,YAAM,IAAI,kBAAkB;AAAA,IAC9B;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,OAAuC;AAC7D,SAAK,gBAAgB;AACrB,WAAO,KAAK,YAAY,OAAO,KAAK,UAAW,iBAAiB;AAAA,EAClE;AAAA,EAEA,MAAM,mBAAmB,OAAuC;AAC9D,SAAK,gBAAgB;AACrB,WAAO,KAAK,YAAY,OAAO,KAAK,UAAW,kBAAkB;AAAA,EACnE;AACF;AApFkE;AAA3D,IAAM,iBAAN;;;ACpBP,YAAY,eAAe;AAC3B,YAAY,YAAY;AAMjB,IAAM,oBAAN,MAAM,kBAAyC;AAAA,EASpD,YAAY,QAAiB;AAP7B,SAAQ,cAAuB;AAQ7B,SAAK,SAAS;AAEd,SAAK,kBAAkB;AAAA,MACrB,aAAa,SAAS,OAAO,WAAW,KAAK;AAAA,MAC7C,cAAc,SAAS,OAAO,YAAY,KAAK;AAAA,MAC/C,eAAe;AAAA,QACb,sBAAsB;AAAA,QACtB,QAAQ;AAAA,QACR,OAAO;AAAA,QACP,OAAO;AAAA,UACL,MAAM;AAAA,UACN,OAAO;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAa,aAA4B;AACvC,QAAI,KAAK,YAAa;AAEtB,QAAI;AACF,WAAK,sBAAsB;AAC3B,WAAK,cAAc;AAAA,IACrB,SAAS,OAAO;AACd,cAAQ,MAAM,2CAA2C,KAAK;AAC9D,YAAM,IAAI,MAAM,uCAAuC;AAAA,IACzD;AAAA,EACF;AAAA,EAEQ,wBAA8B;AACpC,QAAI,CAAC,KAAK,OAAO,UAAU,KAAK,GAAG;AACjC,YAAM,IAAI,eAAe,yDAAyD;AAAA,IACpF;AAEA,QAAI,KAAK,gBAAgB,eAAe,IAAI;AAC1C,YAAM,IAAI,eAAe,8CAA8C;AAAA,IACzE;AAEA,QAAI,KAAK,gBAAgB,cAAc,KAAK,KAAK,gBAAgB,cAAc,GAAG;AAChF,YAAM,IAAI,eAAe,mDAAmD;AAAA,IAC9E;AAAA,EACF;AAAA,EAEQ,oBAA0B;AAChC,QAAI,CAAC,KAAK,aAAa;AACrB,YAAM,IAAI,eAAe,iDAAiD;AAAA,IAC5E;AAAA,EACF;AAAA,EAEO,eAAe,OAAuD;AAC3E,SAAK,kBAAkB;AAEvB,QAAI;AACF,YAAM,YAAsB,yBAAe;AAAA,QACzC,QAAQ,KAAK,gBAAgB;AAAA,QAC7B,MAAM,GAAG,KAAK,OAAO,QAAQ,IAAI,KAAK;AAAA,QACtC,QAAQ,KAAK,OAAO;AAAA,MACtB,CAAC;AAED,aAAO;AAAA,QACL,QAAQ,UAAU;AAAA,QAClB,YAAY,UAAU,eAAe;AAAA,MACvC;AAAA,IACF,SAAS,OAAO;AACd,cAAQ,MAAM,gCAAgC,KAAK;AACnD,YAAM,IAAI,MAAM,+BAA+B;AAAA,IACjD;AAAA,EACF;AAAA,EAEA,MAAa,eAAe,YAAqC;AAC/D,SAAK,kBAAkB;AAEvB,QAAI;AACF,aAAO,MAAa,iBAAU,YAAY,KAAK,gBAAgB,aAAa;AAAA,IAC9E,SAAS,OAAO;AACd,cAAQ,MAAM,8BAA8B,KAAK;AACjD,YAAM,IAAI,eAAe,4BAA4B;AAAA,IACvD;AAAA,EACF;AAAA,EAEO,YAAY,OAAe,QAAyB;AACzD,SAAK,kBAAkB;AAEvB,QAAI;AACF,aAAiB,eAAK,OAAO;AAAA,QAC3B;AAAA,QACA,UAAU;AAAA,QACV;AAAA,QACA,QAAQ,KAAK,gBAAgB;AAAA,MAC/B,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,8BAA8B,KAAK;AACjD,YAAM,IAAI,eAAe,4BAA4B;AAAA,IACvD;AAAA,EACF;AACF;AAzGsD;AAA/C,IAAM,mBAAN;;;AlBaP,eAAe,oBAAoB,UAAwB;AACzD,QAAM,YAAY,IAAI,cAAc,EAAE,SAAS,CAAC;AAEhD,QAAM,iBAAiB,IAAI;AAAA,IACzB,SAAS,cAAcC,WAAU;AAAA,EACnC;AACA,YAAU,mBAA+B,kBAAkB,cAAc;AAEzE,QAAM,iBAAiB,IAAI,eAAe,cAAc;AACxD,YAAU,gBAAgB,kBAAkB,cAAc;AAE1D,QAAM,aAAa,MAAM,qBAAqB;AAE9C,QAAM,mBAAmB,IAAI,iBAAiB,UAAU;AACxD,YAAU,gBAAgB,oBAAoB,gBAAgB;AAE9D,QAAM,qBAAqB,IAAI,mBAAmB,cAAc;AAEhE,QAAM,eAAe,IAAI,aAAa,gBAAgB,cAAc;AACpE,QAAM,gBAAgB,IAAI,cAAc,cAAc;AACtD,QAAM,kBAAkB,IAAI,gBAAgB,cAAc;AAC1D,QAAM,sBAAsB,IAAI;AAAA,IAC9B;AAAA,IACA;AAAA,EACF;AAEA,QAAM,wBAAwB,IAAI,sBAAsB,kBAAkB,cAAc;AACxF,QAAM,yBAAyB,IAAI,uBAAuB,kBAAkB,cAAc;AAC1F,QAAM,yBAAyB,IAAI;AAAA,IACjC;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACA,QAAM,0BAA0B,IAAI,wBAAwB,kBAAkB,cAAc;AAE5F,YAAU,gBAAgB,gBAAgB,YAAY;AACtD,YAAU,gBAAgB,iBAAiB,aAAa;AACxD,YAAU,gBAAgB,mBAAmB,eAAe;AAC5D,YAAU,gBAAgB,uBAAuB,mBAAmB;AACpE,YAAU,gBAAgB,yBAAyB,qBAAqB;AACxE,YAAU,gBAAgB,0BAA0B,sBAAsB;AAC1E,YAAU,gBAAgB,0BAA0B,sBAAsB;AAC1E,YAAU,gBAAgB,2BAA2B,uBAAuB;AAE5E,QAAM,iBAAiB,IAAI;AAAA,IACzB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,SAAO,EAAE,WAAW,gBAAgB,mBAAmB;AACzD;AAxDe;","names":["AuthEntity","UserEntity","UserRole","AuthEntity","mapper","AuthEntity","UserRole","UserEntity","validateRepository","validateRepository","validateRepository","bcrypt","AuthEntity","UserEntity","UserRole","validateRepository","UserRole","AuthEntity","UserEntity","validateRepository","validateRepository","validateRepository","validateRepository","validateRepository","validateRepository","validateRepository","validateRepository","bcrypt","validateRepository","validateRepository","AuthEntity"]}
|
|
@@ -8,8 +8,8 @@ export declare class AuthRepository extends BaseRepository<AuthEntity> implement
|
|
|
8
8
|
findByUserId(userId: string): Promise<AuthEntity | null>;
|
|
9
9
|
logout(userId: string): Promise<void>;
|
|
10
10
|
updateTwoFactorSecret(userId: string, secret: string): Promise<void>;
|
|
11
|
-
enableTwoFactor(
|
|
12
|
-
disableTwoFactor(
|
|
11
|
+
enableTwoFactor(auth: AuthEntity): Promise<void>;
|
|
12
|
+
disableTwoFactor(auth: AuthEntity): Promise<void>;
|
|
13
13
|
isTwoFactorEnabled(userId: string): Promise<boolean>;
|
|
14
14
|
getTwoFactorSecret(userId: string): Promise<string | null>;
|
|
15
15
|
}
|