customer-registration 0.0.112 → 0.0.113

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. package/.medusa/server/src/api/auth/customer/emailpass/reset-password/route.js +1 -26
  2. package/.medusa/server/src/api/auth/customer/emailpass/route.js +19 -97
  3. package/.medusa/server/src/api/auth/customer/phonepass/register/route.js +50 -0
  4. package/.medusa/server/src/api/auth/customer/phonepass/route.js +105 -0
  5. package/.medusa/server/src/api/middlewares/{block-pending-customer.js → guard-account-deletion.js} +4 -4
  6. package/.medusa/server/src/api/middlewares/ip-rate-limit.js +48 -0
  7. package/.medusa/server/src/api/middlewares/validate-customer-registration.js +60 -0
  8. package/.medusa/server/src/api/middlewares.js +17 -4
  9. package/.medusa/server/src/api/store/customers/account-deletion/cancel-request/route.js +16 -6
  10. package/.medusa/server/src/api/store/customers/account-deletion/validators.js +11 -3
  11. package/.medusa/server/src/api/store/customers/me/contact/route.js +95 -0
  12. package/.medusa/server/src/api/store/customers/me/contact/verify/route.js +83 -0
  13. package/.medusa/server/src/api/store/customers/me/route.js +53 -0
  14. package/.medusa/server/src/api/store/customers/otp/send/route.js +1 -6
  15. package/.medusa/server/src/api/store/customers/otp/verify/route.js +95 -3
  16. package/.medusa/server/src/api/store/customers/route.js +89 -0
  17. package/.medusa/server/src/config.js +32 -23
  18. package/.medusa/server/src/modules/otp-verification/service.js +72 -1
  19. package/.medusa/server/src/providers/phonepass/index.js +9 -0
  20. package/.medusa/server/src/providers/phonepass/service.js +133 -0
  21. package/.medusa/server/src/subscribers/password-reset.js +1 -42
  22. package/.medusa/server/src/workflows/change-password.js +40 -64
  23. package/.medusa/server/src/workflows/send-contact-change-otp-workflow.js +41 -0
  24. package/.medusa/server/src/workflows/steps/determine-contact-method-step.js +8 -2
  25. package/.medusa/server/src/workflows/steps/generate-contact-change-otp-step.js +24 -0
  26. package/.medusa/server/src/workflows/steps/index.js +6 -2
  27. package/.medusa/server/src/workflows/steps/send-notification-step.js +1 -11
  28. package/.medusa/server/src/workflows/steps/sync-phonepass-entity-id-step.js +63 -0
  29. package/.medusa/server/src/workflows/steps/update-password-step.js +21 -29
  30. package/.medusa/server/src/workflows/update-contact-workflow.js +100 -0
  31. package/.medusa/server/src/workflows/verify-phone.js +11 -4
  32. package/README.md +363 -223
  33. package/package.json +3 -1
  34. package/.medusa/server/src/subscribers/customer-updated.js +0 -100
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "customer-registration",
3
- "version": "0.0.112",
3
+ "version": "0.0.113",
4
4
  "description": "Medusa plugin that overrides store customer registration, enforces email/phone verification flags, and provides OTP management module.",
5
5
  "author": "Medusa (https://medusajs.com)",
6
6
  "license": "MIT",
@@ -11,6 +11,8 @@
11
11
  "./package.json": "./package.json",
12
12
  "./.medusa/server/src/modules/*": "./.medusa/server/src/modules/*/index.js",
13
13
  "./modules/*": "./.medusa/server/src/modules/*/index.js",
14
+ "./.medusa/server/src/providers/*": "./.medusa/server/src/providers/*/index.js",
15
+ "./providers/*": "./.medusa/server/src/providers/*/index.js",
14
16
  "./helpers": "./.medusa/server/src/helpers/index.js",
15
17
  "./*": "./.medusa/server/src/*.js",
16
18
  "./admin": {
package/.medusa/server/src/subscribers/customer-updated.js DELETED
@@ -1,100 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.config = void 0;
4
- exports.default = customerUpdatedHandler;
5
- const utils_1 = require("@medusajs/framework/utils");
6
- /**
7
- * Subscriber for customer.updated events
8
- *
9
- * This subscriber listens to Medusa's built-in `customer.updated` event
10
- * and automatically sets `phone_verified = false` when a customer's phone
11
- * number is updated via Medusa's default `/store/customers/me` API.
12
- *
13
- * Logic:
14
- * - Stores the current phone in customer metadata as `_previous_phone`
15
- * - On first update with phone: sets `phone_verified = false`
16
- * - On subsequent updates: compares stored previous phone with current phone
17
- * - Only resets `phone_verified = false` if phone actually changed
18
- */
19
- async function customerUpdatedHandler({ event: { data }, container, }) {
20
- const customerId = data.id;
21
- console.log(`[customer-updated] Event received for customer: ${customerId}`);
22
- if (!customerId) {
23
- console.error("[customer-updated] No customer ID in event data");
24
- return;
25
- }
26
- try {
27
- // Get customer service to retrieve current customer data
28
- const customerService = container.resolve(utils_1.Modules.CUSTOMER);
29
- // Get database connection to update phone_verified directly
30
- const knex = container.resolve(utils_1.ContainerRegistrationKeys.PG_CONNECTION);
31
- // Retrieve the updated customer (has new phone after update)
32
- const customer = await customerService.retrieveCustomer(customerId);
33
- if (!customer) {
34
- console.error(`[customer-updated] Customer ${customerId} not found`);
35
- return;
36
- }
37
- console.log(`[customer-updated] Customer retrieved: ${customerId}, phone: ${customer.phone || 'none'}`);
38
- // Get previous phone from metadata (stored in previous update)
39
- const previousPhone = customer.metadata?._previous_phone;
40
- const currentPhone = customer.phone ? customer.phone.trim() : null;
41
- // Only reset phone_verified if:
42
- // 1. Customer has a phone number
43
- // 2. Either it's the first update (no previous phone) OR phone changed
44
- if (currentPhone) {
45
- if (!previousPhone) {
46
- // First update - set phone_verified to false
47
- await knex.raw(`UPDATE customer
48
- SET phone_verified = ?, updated_at = NOW()
49
- WHERE id = ?`, [false, customerId]);
50
- console.log(`[customer-updated] Phone verification reset for customer ${customerId} (first time storing phone: ${currentPhone})`);
51
- }
52
- else if (previousPhone.trim() !== currentPhone) {
53
- // Phone was changed - reset verification
54
- await knex.raw(`UPDATE customer
55
- SET phone_verified = ?, updated_at = NOW()
56
- WHERE id = ?`, [false, customerId]);
57
- console.log(`[customer-updated] Phone verification reset for customer ${customerId} (phone changed from ${previousPhone} to ${currentPhone})`);
58
- }
59
- else {
60
- // Phone not changed
61
- console.log(`[customer-updated] Phone not changed for customer ${customerId} (${currentPhone}), skipping verification reset`);
62
- }
63
- // Store current phone in metadata for next comparison
64
- const currentMetadata = customer.metadata || {};
65
- await customerService.updateCustomers(customerId, {
66
- metadata: {
67
- ...currentMetadata,
68
- _previous_phone: currentPhone,
69
- },
70
- });
71
- }
72
- else {
73
- // No phone number - clear stored previous phone if it exists
74
- if (previousPhone) {
75
- const currentMetadata = customer.metadata || {};
76
- await customerService.updateCustomers(customerId, {
77
- metadata: {
78
- ...currentMetadata,
79
- _previous_phone: null,
80
- },
81
- });
82
- }
83
- console.log(`[customer-updated] No phone number found for customer ${customerId}, skipping verification reset`);
84
- }
85
- }
86
- catch (error) {
87
- // Log error but don't throw - subscriber errors shouldn't break the main flow
88
- console.error(`[customer-updated] Error processing customer update for ${customerId}:`, error);
89
- }
90
- }
91
- /**
92
- * Subscriber configuration
93
- *
94
- * Listens to Medusa's built-in customer.updated event
95
- * This event is triggered when a customer is updated via the updateCustomers workflow.
96
- */
97
- exports.config = {
98
- event: "customer.updated",
99
- };
100
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3VzdG9tZXItdXBkYXRlZC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9zdWJzY3JpYmVycy9jdXN0b21lci11cGRhdGVkLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQTJCQSx5Q0FtR0M7QUExSEQscURBQThFO0FBVTlFOzs7Ozs7Ozs7Ozs7R0FZRztBQUNZLEtBQUssVUFBVSxzQkFBc0IsQ0FBQyxFQUNuRCxLQUFLLEVBQUUsRUFBRSxJQUFJLEVBQUUsRUFDZixTQUFTLEdBQ2dDO0lBQ3pDLE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxFQUFFLENBQUE7SUFFMUIsT0FBTyxDQUFDLEdBQUcsQ0FBQyxtREFBbUQsVUFBVSxFQUFFLENBQUMsQ0FBQTtJQUU1RSxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7UUFDaEIsT0FBTyxDQUFDLEtBQUssQ0FBQyxpREFBaUQsQ0FBQyxDQUFBO1FBQ2hFLE9BQU07SUFDUixDQUFDO0lBRUQsSUFBSSxDQUFDO1FBQ0gseURBQXlEO1FBQ3pELE1BQU0sZUFBZSxHQUFHLFNBQVMsQ0FBQyxPQUFPLENBQ3ZDLGVBQU8sQ0FBQyxRQUFRLENBQ2pCLENBQUE7UUFFRCw0REFBNEQ7UUFDNUQsTUFBTSxJQUFJLEdBQUcsU0FBUyxDQUFDLE9BQU8sQ0FBQyxpQ0FBeUIsQ0FBQyxhQUFhLENBQUMsQ0FBQTtRQUV2RSw2REFBNkQ7UUFDN0QsTUFBTSxRQUFRLEdBQUcsTUFBTSxlQUFlLENBQUMsZ0JBQWdCLENBQUMsVUFBVSxDQUFDLENBQUE7UUFFbkUsSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2QsT0FBTyxDQUFDLEtBQUssQ0FBQywrQkFBK0IsVUFBVSxZQUFZLENBQUMsQ0FBQTtZQUNwRSxPQUFNO1FBQ1IsQ0FBQztRQUVELE9BQU8sQ0FBQyxHQUFHLENBQUMsMENBQTBDLFVBQVUsWUFBWSxRQUFRLENBQUMsS0FBSyxJQUFJLE1BQU0sRUFBRSxDQUFDLENBQUE7UUFFdkcsK0RBQStEO1FBQy9ELE1BQU0sYUFBYSxHQUFJLFFBQVEsQ0FBQyxRQUFvQyxFQUFFLGVBQXFDLENBQUE7UUFDM0csTUFBTSxZQUFZLEdBQUcsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFBO1FBRWxFLGdDQUFnQztRQUNoQyxpQ0FBaUM7UUFDakMsdUVBQXVFO1FBQ3ZFLElBQUksWUFBWSxFQUFFLENBQUM7WUFDakIsSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDO2dCQUNuQiw2Q0FBNkM7Z0JBQzdDLE1BQU0sSUFBSSxDQUFDLEdBQUcsQ0FDWjs7d0JBRWMsRUFDZCxDQUFDLEtBQUssRUFBRSxVQUFVLENBQUMsQ0FDcEIsQ0FBQTtnQkFFRCxPQUFPLENBQUMsR0FBRyxDQUNULDREQUE0RCxVQUFVLCtCQUErQixZQUFZLEdBQUcsQ0FDckgsQ0FBQTtZQUNILENBQUM7aUJBQU0sSUFBSSxhQUFhLENBQUMsSUFBSSxFQUFFLEtBQUssWUFBWSxFQUFFLENBQUM7Z0JBQ2pELHlDQUF5QztnQkFDekMsTUFBTSxJQUFJLENBQUMsR0FBRyxDQUNaOzt3QkFFYyxFQUNkLENBQUMsS0FBSyxFQUFFLFVBQVUsQ0FBQyxDQUNwQixDQUFBO2dCQUVELE9BQU8sQ0FBQyxHQUFHLENBQ1QsNERBQTRELFVBQVUsd0JBQXdCLGFBQWEsT0FBTyxZQUFZLEdBQUcsQ0FDbEksQ0FBQTtZQUNILENBQUM7aUJBQU0sQ0FBQztnQkFDTixvQkFBb0I7Z0JBQ3BCLE9BQU8sQ0FBQyxHQUFHLENBQ1QscURBQXFELFVBQVUsS0FBSyxZQUFZLGdDQUFnQyxDQUNqSCxDQUFBO1lBQ0gsQ0FBQztZQUVELHNEQUFzRDtZQUN0RCxNQUFNLGVBQWUsR0FBSSxRQUFRLENBQUMsUUFBb0MsSUFBSSxFQUFFLENBQUE7WUFDNUUsTUFBTSxlQUFlLENBQUMsZUFBZSxDQUFDLFVBQVUsRUFBRTtnQkFDaEQsUUFBUSxFQUFFO29CQUNSLEdBQUcsZUFBZTtvQkFDbEIsZUFBZSxFQUFFLFlBQVk7aUJBQzlCO2FBQ0YsQ0FBQyxDQUFBO1FBQ0osQ0FBQzthQUFNLENBQUM7WUFDTiw2REFBNkQ7WUFDN0QsSUFBSSxhQUFhLEVBQUUsQ0FBQztnQkFDbEIsTUFBTSxlQUFlLEdBQUksUUFBUSxDQUFDLFFBQW9DLElBQUksRUFBRSxDQUFBO2dCQUM1RSxNQUFNLGVBQWUsQ0FBQyxlQUFlLENBQUMsVUFBVSxFQUFFO29CQUNoRCxRQUFRLEVBQUU7d0JBQ1IsR0FBRyxlQUFlO3dCQUNsQixlQUFlLEVBQUUsSUFBSTtxQkFDdEI7aUJBQ0YsQ0FBQyxDQUFBO1lBQ0osQ0FBQztZQUNELE9BQU8sQ0FBQyxHQUFHLENBQUMseURBQXlELFVBQVUsK0JBQStCLENBQUMsQ0FBQTtRQUNqSCxDQUFDO0lBQ0gsQ0FBQztJQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7UUFDZiw4RUFBOEU7UUFDOUUsT0FBTyxDQUFDLEtBQUssQ0FDWCwyREFBMkQsVUFBVSxHQUFHLEVBQ3hFLEtBQUssQ0FDTixDQUFBO0lBQ0gsQ0FBQztBQUNILENBQUM7QUFFRDs7Ozs7R0FLRztBQUNVLFFBQUEsTUFBTSxHQUFxQjtJQUN0QyxLQUFLLEVBQUUsa0JBQWtCO0NBQzFCLENBQUEifQ==