frontend-hamroun 1.2.16 → 1.2.17

package/dist/backend/auth.js

@@ -1,387 +0,0 @@
-const jwt = require('jsonwebtoken');
-const bcrypt = require('bcrypt');
-const crypto = require('crypto');
-/**
- * Authentication service
- */
-export class Auth {
-    constructor(options) {
-        this.loginAttempts = new Map();
-        /**
-         * Login middleware to authenticate users
-         */
-        this.login = async (req, res) => {
-            try {
-                const { username, password } = req.body;
-                const ip = req.ip || req.connection.remoteAddress || '';
-                // Check rate limiting
-                if (!this.checkRateLimit(ip)) {
-                    res.status(429).json({
-                        success: false,
-                        message: 'Too many login attempts. Please try again later.'
-                    });
-                    return;
-                }
-                if (!username || !password) {
-                    res.status(400).json({
-                        success: false,
-                        message: 'Username and password are required'
-                    });
-                    return;
-                }
-                // Use custom find user function if provided
-                if (!this.options.findUser) {
-                    res.status(500).json({
-                        success: false,
-                        message: 'User finder function not configured'
-                    });
-                    return;
-                }
-                const user = await this.options.findUser(username);
-                if (!user) {
-                    res.status(401).json({
-                        success: false,
-                        message: 'Invalid credentials'
-                    });
-                    return;
-                }
-                // Verify password
-                const isPasswordValid = await this.options.verifyPassword(password, user.password);
-                if (!isPasswordValid) {
-                    res.status(401).json({
-                        success: false,
-                        message: 'Invalid credentials'
-                    });
-                    return;
-                }
-                // Create a sanitized user object (without password)
-                const userWithoutPassword = { ...user };
-                delete userWithoutPassword.password;
-                // Generate tokens
-                const tokenPair = this.generateTokenPair({
-                    id: user.id || user._id,
-                    username: user.username,
-                    role: user.role || 'user'
-                });
-                // Save refresh token if the function is provided
-                if (this.options.saveRefreshToken) {
-                    const refreshExpiry = new Date();
-                    refreshExpiry.setSeconds(refreshExpiry.getSeconds() +
-                        this.getExpirationSeconds(this.options.refreshExpiration || '7d'));
-                    await this.options.saveRefreshToken(user.id || user._id, tokenPair.refreshToken, refreshExpiry);
-                }
-                // Set authentication cookies if using cookie-based auth
-                if (req.body.useCookies) {
-                    this.setAuthCookies(res, tokenPair);
-                }
-                res.json({
-                    success: true,
-                    message: 'Authentication successful',
-                    tokens: tokenPair,
-                    user: userWithoutPassword
-                });
-            }
-            catch (error) {
-                console.error('Authentication error:', error);
-                res.status(500).json({
-                    success: false,
-                    message: 'Authentication failed',
-                    error: process.env.NODE_ENV !== 'production' ? error.message : undefined
-                });
-            }
-        };
-        /**
-         * Refresh token handler
-         */
-        this.refreshToken = async (req, res) => {
-            try {
-                // Get refresh token from cookies or request body
-                const refreshToken = req.cookies?.refreshToken || req.body.refreshToken;
-                if (!refreshToken) {
-                    res.status(401).json({
-                        success: false,
-                        message: 'Refresh token required'
-                    });
-                    return;
-                }
-                // Verify the refresh token
-                const decoded = this.verifyToken(refreshToken, 'refresh');
-                // Check if token is still valid in database if verification function provided
-                if (this.options.verifyRefreshToken) {
-                    const isValid = await this.options.verifyRefreshToken(decoded.id, refreshToken);
-                    if (!isValid) {
-                        this.clearAuthCookies(res);
-                        res.status(401).json({
-                            success: false,
-                            message: 'Invalid refresh token'
-                        });
-                        return;
-                    }
-                }
-                // Generate new token pair
-                const tokenPair = this.generateTokenPair({
-                    id: decoded.id,
-                    // We need to fetch the user data again for complete payload
-                    ...(this.options.findUser ? await this.options.findUser(decoded.id) : {})
-                });
-                // Update refresh token in database if save function provided
-                if (this.options.saveRefreshToken) {
-                    const refreshExpiry = new Date();
-                    refreshExpiry.setSeconds(refreshExpiry.getSeconds() +
-                        this.getExpirationSeconds(this.options.refreshExpiration || '7d'));
-                    await this.options.saveRefreshToken(decoded.id, tokenPair.refreshToken, refreshExpiry);
-                }
-                // Set cookies if cookie-based auth is used
-                const useCookies = req.cookies?.accessToken || req.body.useCookies;
-                if (useCookies) {
-                    this.setAuthCookies(res, tokenPair);
-                }
-                res.json({
-                    success: true,
-                    message: 'Token refreshed successfully',
-                    tokens: tokenPair
-                });
-            }
-            catch (error) {
-                this.clearAuthCookies(res);
-                res.status(401).json({
-                    success: false,
-                    message: 'Invalid or expired refresh token',
-                    error: process.env.NODE_ENV !== 'production' ? error.message : undefined
-                });
-            }
-        };
-        /**
-         * Logout handler
-         */
-        this.logout = async (req, res) => {
-            try {
-                // Clear cookies
-                this.clearAuthCookies(res);
-                // Invalidate refresh token if verification function provided
-                const refreshToken = req.cookies?.refreshToken || req.body.refreshToken;
-                if (refreshToken && this.options.saveRefreshToken) {
-                    try {
-                        const decoded = this.verifyToken(refreshToken, 'refresh');
-                        // Check if invalidateToken function exists, otherwise we just remove it from storage
-                        if (typeof this.options.saveRefreshToken === 'function') {
-                            // We pass null as the token to indicate deletion/invalidation
-                            await this.options.saveRefreshToken(decoded.id, '', new Date());
-                        }
-                    }
-                    catch (e) {
-                        // Token already invalid, nothing to do
-                    }
-                }
-                res.json({ success: true, message: 'Logged out successfully' });
-            }
-            catch (error) {
-                console.error('Logout error:', error);
-                res.status(500).json({ success: false, message: 'Logout failed', error: error.message });
-            }
-        };
-        /**
-         * Middleware to verify user is authenticated
-         */
-        this.authenticate = (req, res, next) => {
-            try {
-                // Get token from Authorization header or cookies
-                let token = req.cookies?.accessToken;
-                if (!token) {
-                    const authHeader = req.headers.authorization;
-                    if (authHeader && authHeader.startsWith('Bearer ')) {
-                        token = authHeader.split(' ')[1];
-                    }
-                }
-                if (!token) {
-                    res.status(401).json({
-                        success: false,
-                        message: 'Authentication required'
-                    });
-                    return;
-                }
-                const decoded = this.verifyToken(token, 'access');
-                // Add user info to request
-                req.user = decoded;
-                next();
-            }
-            catch (error) {
-                res.status(401).json({
-                    success: false,
-                    message: 'Invalid or expired token',
-                    error: process.env.NODE_ENV !== 'production' ? error.message : undefined
-                });
-            }
-        };
-        /**
-         * Middleware to check if user has required role
-         */
-        this.hasRole = (role) => {
-            return (req, res, next) => {
-                const user = req.user;
-                if (!user) {
-                    res.status(401).json({
-                        success: false,
-                        message: 'Authentication required'
-                    });
-                    return;
-                }
-                const roles = Array.isArray(role) ? role : [role];
-                if (roles.includes(user.role)) {
-                    next();
-                }
-                else {
-                    res.status(403).json({
-                        success: false,
-                        message: 'Insufficient permissions'
-                    });
-                }
-            };
-        };
-        this.options = {
-            tokenExpiration: '15m',
-            refreshExpiration: '7d',
-            saltRounds: 10,
-            secureCookies: process.env.NODE_ENV === 'production',
-            httpOnlyCookies: true,
-            rateLimit: true,
-            ...options,
-            refreshSecret: options.refreshSecret || options.jwtSecret
-        };
-        if (!options.jwtSecret) {
-            throw new Error('JWT secret is required for authentication');
-        }
-        // Set default password verification if not provided
-        if (!this.options.verifyPassword) {
-            this.options.verifyPassword = this.verifyPasswordWithBcrypt;
-        }
-    }
-    /**
-     * Hash a password using bcrypt
-     */
-    async hashPassword(password) {
-        return await bcrypt.hash(password, this.options.saltRounds || 10);
-    }
-    /**
-     * Verify a password against a hash using bcrypt
-     */
-    async verifyPasswordWithBcrypt(password, hashedPassword) {
-        return await bcrypt.compare(password, hashedPassword);
-    }
-    /**
-     * Generate a cryptographically secure random token
-     */
-    generateSecureToken(length = 32) {
-        return crypto.randomBytes(length).toString('hex');
-    }
-    /**
-     * Generate token pair (access token + refresh token)
-     */
-    generateTokenPair(payload) {
-        // Calculate expiration times
-        const expiresIn = this.getExpirationSeconds(this.options.tokenExpiration || '15m');
-        // Generate the access token
-        const accessToken = jwt.sign({ ...payload, type: 'access' }, this.options.jwtSecret, { expiresIn: this.options.tokenExpiration });
-        // Generate the refresh token
-        const refreshToken = jwt.sign({ id: payload.id, type: 'refresh' }, this.options.refreshSecret, { expiresIn: this.options.refreshExpiration });
-        return {
-            accessToken,
-            refreshToken,
-            expiresIn
-        };
-    }
-    /**
-     * Convert JWT expiration time to seconds
-     */
-    getExpirationSeconds(expiration) {
-        const unit = expiration.charAt(expiration.length - 1);
-        const value = parseInt(expiration.slice(0, -1));
-        switch (unit) {
-            case 's': return value;
-            case 'm': return value * 60;
-            case 'h': return value * 60 * 60;
-            case 'd': return value * 60 * 60 * 24;
-            default: return 3600; // Default 1 hour
-        }
-    }
-    /**
-     * Verify a JWT token
-     */
-    verifyToken(token, type = 'access') {
-        try {
-            const secret = type === 'access' ? this.options.jwtSecret : this.options.refreshSecret;
-            const decoded = jwt.verify(token, secret);
-            // Verify token type matches expected type
-            if (typeof decoded === 'object' && decoded.type !== type) {
-                throw new Error('Invalid token type');
-            }
-            return decoded;
-        }
-        catch (error) {
-            throw new Error('Invalid or expired token');
-        }
-    }
-    /**
-     * Set authentication cookies
-     */
-    setAuthCookies(res, tokens) {
-        // Set access token cookie
-        res.cookie('accessToken', tokens.accessToken, {
-            httpOnly: this.options.httpOnlyCookies,
-            secure: this.options.secureCookies,
-            domain: this.options.cookieDomain,
-            sameSite: 'strict',
-            maxAge: tokens.expiresIn * 1000
-        });
-        // Set refresh token cookie with longer expiration
-        const refreshExpiresIn = this.getExpirationSeconds(this.options.refreshExpiration || '7d');
-        res.cookie('refreshToken', tokens.refreshToken, {
-            httpOnly: true, // Always HTTP only for refresh tokens
-            secure: this.options.secureCookies,
-            domain: this.options.cookieDomain,
-            sameSite: 'strict',
-            maxAge: refreshExpiresIn * 1000,
-            path: '/api/auth/refresh' // Restrict to refresh endpoint
-        });
-    }
-    /**
-     * Clear authentication cookies
-     */
-    clearAuthCookies(res) {
-        res.clearCookie('accessToken');
-        res.clearCookie('refreshToken', { path: '/api/auth/refresh' });
-    }
-    /**
-     * Check and handle rate limiting
-     */
-    checkRateLimit(ip) {
-        if (!this.options.rateLimit) {
-            return true;
-        }
-        const now = Date.now();
-        const attempt = this.loginAttempts.get(ip);
-        if (!attempt) {
-            this.loginAttempts.set(ip, { count: 1, resetTime: now + 3600000 });
-            return true;
-        }
-        // Reset if time expired
-        if (now > attempt.resetTime) {
-            this.loginAttempts.set(ip, { count: 1, resetTime: now + 3600000 });
-            return true;
-        }
-        // Check attempts
-        if (attempt.count >= 5) {
-            return false;
-        }
-        // Increment counter
-        attempt.count++;
-        this.loginAttempts.set(ip, attempt);
-        return true;
-    }
-}
-/**
- * Create an authentication service
- */
-export function createAuth(options) {
-    return new Auth(options);
-}

package/dist/backend/database.d.ts

@@ -1,27 +0,0 @@
-import mongoose from 'mongoose';
-import { DatabaseOptions } from './types';
-/**
- * Database connector for MongoDB using Mongoose
- */
-export declare class DatabaseConnector {
-    private options;
-    private connection;
-    private _connected;
-    constructor(options: DatabaseOptions);
-    /**
-     * Connect to the database
-     */
-    connect(): Promise<mongoose.Connection>;
-    /**
-     * Disconnect from the database
-     */
-    disconnect(): Promise<void>;
-    /**
-     * Check if connected to the database
-     */
-    isConnected(): boolean;
-    /**
-     * Get the mongoose connection
-     */
-    getConnection(): mongoose.Connection | null;
-}

package/dist/backend/database.js

@@ -1,91 +0,0 @@
-import mongoose from 'mongoose';
-/**
- * Database connector for MongoDB using Mongoose
- */
-export class DatabaseConnector {
-    constructor(options) {
-        this.connection = null;
-        this._connected = false; // Renamed from isConnected to _connected
-        this.options = {
-            retryAttempts: 3,
-            retryDelay: 1000,
-            connectionTimeout: 10000,
-            autoIndex: true,
-            ...options
-        };
-    }
-    /**
-     * Connect to the database
-     */
-    async connect() {
-        try {
-            if (this._connected && this.connection) {
-                return this.connection;
-            }
-            // Set Mongoose options
-            mongoose.set('strictQuery', true);
-            // Connect with retry logic
-            let attempts = 0;
-            while (attempts < (this.options.retryAttempts || 3)) {
-                try {
-                    await mongoose.connect(this.options.uri, {
-                        dbName: this.options.name,
-                        connectTimeoutMS: this.options.connectionTimeout,
-                        autoIndex: this.options.autoIndex,
-                        ...this.options.options
-                    });
-                    break;
-                }
-                catch (error) {
-                    attempts++;
-                    if (attempts >= (this.options.retryAttempts || 3)) {
-                        throw error;
-                    }
-                    console.log(`Connection attempt ${attempts} failed. Retrying in ${this.options.retryDelay}ms...`);
-                    await new Promise(resolve => setTimeout(resolve, this.options.retryDelay));
-                }
-            }
-            this.connection = mongoose.connection;
-            this._connected = true;
-            // Log successful connection
-            console.log(`Connected to MongoDB at ${this.options.uri}/${this.options.name}`);
-            // Handle connection events
-            this.connection.on('error', (err) => {
-                console.error('MongoDB connection error:', err);
-                this._connected = false;
-            });
-            this.connection.on('disconnected', () => {
-                console.log('MongoDB disconnected');
-                this._connected = false;
-            });
-            return this.connection;
-        }
-        catch (error) {
-            console.error('Failed to connect to MongoDB:', error);
-            throw error;
-        }
-    }
-    /**
-     * Disconnect from the database
-     */
-    async disconnect() {
-        if (this.connection) {
-            await mongoose.disconnect();
-            this._connected = false;
-            this.connection = null;
-            console.log('Disconnected from MongoDB');
-        }
-    }
-    /**
-     * Check if connected to the database
-     */
-    isConnected() {
-        return this._connected;
-    }
-    /**
-     * Get the mongoose connection
-     */
-    getConnection() {
-        return this.connection;
-    }
-}

package/dist/backend/model.d.ts

@@ -1,43 +0,0 @@
-import { Schema, Document } from 'mongoose';
-import { Model } from './types';
-/**
- * Creates a data model from a Mongoose schema
- * @param name Model name
- * @param schema Mongoose schema definition
- * @returns Model implementation with CRUD operations
- */
-export declare function createModel<T extends Document>(name: string, schema: Schema<T>): Model<T>;
-/**
- * Schema field types for simplified schema creation
- */
-export declare const FieldTypes: {
-    String: {
-        type: StringConstructor;
-    };
-    Number: {
-        type: NumberConstructor;
-    };
-    Boolean: {
-        type: BooleanConstructor;
-    };
-    Date: {
-        type: DateConstructor;
-    };
-    ObjectId: {
-        type: StringConstructor;
-    };
-    Required: (fieldType: any) => any;
-    Unique: (fieldType: any) => any;
-    Ref: (model: string) => {
-        type: StringConstructor;
-        ref: string;
-    };
-    Enum: (values: any[]) => {
-        type: StringConstructor;
-        enum: any[];
-    };
-    Default: (fieldType: any, defaultValue: any) => any;
-    Array: (fieldType: any) => {
-        type: any[];
-    };
-};