hazo_auth 1.4.1 → 1.6.0

package/src/app/api/hazo_auth/register/route.ts

@@ -1,109 +0,0 @@
-// file_description: API route for user registration using hazo_connect to insert into hazo_users table
-// section: imports
-import { NextRequest, NextResponse } from "next/server";
-import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
-import { create_app_logger } from "../../../../lib/app_logger";
-import { register_user } from "../../../../lib/services/registration_service";
-import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
-import { sanitize_error_for_user } from "../../../../lib/utils/error_sanitizer";
-
-// section: api_handler
-export async function POST(request: NextRequest) {
-  const logger = create_app_logger();
-
-  try {
-    const body = await request.json();
-    const { name, email, password, url_on_logon } = body;
-
-    // Validate input
-    if (!email || !password) {
-      logger.warn("registration_validation_failed", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        email: email || "missing",
-        has_password: !!password,
-      });
-
-      return NextResponse.json(
-        { error: "Email and password are required" },
-        { status: 400 }
-      );
-    }
-
-    // Validate email format
-    const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
-    if (!email_pattern.test(email)) {
-      logger.warn("registration_invalid_email", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        email,
-      });
-
-      return NextResponse.json(
-        { error: "Invalid email address format" },
-        { status: 400 }
-      );
-    }
-
-    // Get singleton hazo_connect instance (reuses same connection across all routes)
-    const hazoConnect = get_hazo_connect_instance();
-
-    // Register user using the registration service
-    const result = await register_user(hazoConnect, {
-      email,
-      password,
-      name,
-      url_on_logon,
-    });
-
-    if (!result.success) {
-      const status_code = result.error === "Email address already registered" ? 409 : 500;
-
-      logger.warn("registration_failed", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        email,
-        error: result.error,
-      });
-
-      return NextResponse.json(
-        { error: result.error || "Registration failed" },
-        { status: status_code }
-      );
-    }
-
-    logger.info("registration_successful", {
-      filename: get_filename(),
-      line_number: get_line_number(),
-      user_id: result.user_id,
-      email,
-      has_name: !!name,
-    });
-
-    return NextResponse.json(
-      {
-        success: true,
-        message: "Registration successful",
-        user_id: result.user_id,
-      },
-      { status: 201 }
-    );
-  } catch (error) {
-    const user_friendly_error = sanitize_error_for_user(error, {
-      logToConsole: true,
-      logToLogger: true,
-      logger,
-      context: {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        operation: "register_api_route",
-      },
-    });
-
-    return NextResponse.json(
-      { error: user_friendly_error },
-      { status: 500 }
-    );
-  }
-}
-

package/src/app/api/hazo_auth/remove_profile_picture/route.ts

@@ -1,86 +0,0 @@
-// file_description: API route for removing profile pictures
-// section: imports
-import { NextRequest, NextResponse } from "next/server";
-import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
-import { create_app_logger } from "../../../../lib/app_logger";
-import { remove_user_profile_picture } from "../../../../lib/services/profile_picture_remove_service";
-import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
-
-// section: api_handler
-export async function DELETE(request: NextRequest) {
-  const logger = create_app_logger();
-
-  try {
-    // Use centralized auth check
-    let user_id: string;
-    try {
-      const { require_auth } = await import("../../../../lib/auth/auth_utils.server");
-      const user = await require_auth(request);
-      user_id = user.user_id;
-    } catch (error) {
-      if (error instanceof Error && error.message === "Authentication required") {
-        logger.warn("profile_picture_remove_authentication_failed", {
-          filename: get_filename(),
-          line_number: get_line_number(),
-          error: "User not authenticated",
-        });
-
-        return NextResponse.json(
-          { error: "Authentication required" },
-          { status: 401 }
-        );
-      }
-      throw error;
-    }
-
-    // Get singleton hazo_connect instance
-    const hazoConnect = get_hazo_connect_instance();
-
-    // Remove profile picture
-    const result = await remove_user_profile_picture(hazoConnect, user_id);
-
-    if (!result.success) {
-      logger.warn("profile_picture_remove_failed", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        user_id,
-        error: result.error,
-      });
-
-      return NextResponse.json(
-        { error: result.error || "Failed to remove profile picture" },
-        { status: 400 }
-      );
-    }
-
-    logger.info("profile_picture_remove_successful", {
-      filename: get_filename(),
-      line_number: get_line_number(),
-      user_id,
-    });
-
-    return NextResponse.json(
-      {
-        success: true,
-        message: "Profile picture removed successfully",
-      },
-      { status: 200 }
-    );
-  } catch (error) {
-    const error_message = error instanceof Error ? error.message : "Unknown error";
-    const error_stack = error instanceof Error ? error.stack : undefined;
-
-    logger.error("profile_picture_remove_error", {
-      filename: get_filename(),
-      line_number: get_line_number(),
-      error_message,
-      error_stack,
-    });
-
-    return NextResponse.json(
-      { error: "Failed to remove profile picture. Please try again." },
-      { status: 500 }
-    );
-  }
-}
-

package/src/app/api/hazo_auth/resend_verification/route.ts

@@ -1,108 +0,0 @@
-// file_description: API route for resending email verification using hazo_connect
-// section: imports
-import { NextRequest, NextResponse } from "next/server";
-import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
-import { create_app_logger } from "../../../../lib/app_logger";
-import { resend_verification_email } from "../../../../lib/services/email_verification_service";
-import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
-
-// section: api_handler
-export async function POST(request: NextRequest) {
-  const logger = create_app_logger();
-
-  try {
-    const body = await request.json();
-    const { email } = body;
-
-    // Validate input
-    if (!email) {
-      logger.warn("resend_verification_validation_failed", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        email: email || "missing",
-      });
-
-      return NextResponse.json(
-        { error: "Email is required" },
-        { status: 400 }
-      );
-    }
-
-    // Validate email format
-    const email_pattern = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
-    if (!email_pattern.test(email)) {
-      logger.warn("resend_verification_invalid_email", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        email,
-      });
-
-      return NextResponse.json(
-        { error: "Invalid email address format" },
-        { status: 400 }
-      );
-    }
-
-    // Get singleton hazo_connect instance (reuses same connection across all routes)
-    const hazoConnect = get_hazo_connect_instance();
-
-    // Resend verification email using the email verification service
-    const result = await resend_verification_email(hazoConnect, {
-      email,
-    });
-
-    if (!result.success) {
-      logger.error("resend_verification_failed", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        email,
-        error: result.error,
-      });
-
-      // Return error response (500) when email sending fails
-      // This is a technical error, not a security issue, so we can reveal it
-      return NextResponse.json(
-        {
-          success: false,
-          error: result.error || "Failed to resend verification email",
-        },
-        { status: 500 }
-      );
-    }
-
-    logger.info("resend_verification_requested", {
-      filename: get_filename(),
-      line_number: get_line_number(),
-      email,
-    });
-
-    // Always return success to prevent email enumeration attacks
-    return NextResponse.json(
-      {
-        success: true,
-        message: "If an account with that email exists and is not verified, a verification link has been sent.",
-      },
-      { status: 200 }
-    );
-  } catch (error) {
-    const error_message = error instanceof Error ? error.message : "Unknown error";
-    const error_stack = error instanceof Error ? error.stack : undefined;
-
-    logger.error("resend_verification_error", {
-      filename: get_filename(),
-      line_number: get_line_number(),
-      error_message,
-      error_stack,
-    });
-
-    // Still return 200 OK to prevent email enumeration attacks
-    return NextResponse.json(
-      {
-        success: true,
-        message: "If an account with that email exists and is not verified, a verification link has been sent.",
-      },
-      { status: 200 }
-    );
-  }
-}
-

package/src/app/api/hazo_auth/reset_password/route.ts

@@ -1,107 +0,0 @@
-// file_description: API route for resetting user password using a reset token
-// section: imports
-import { NextRequest, NextResponse } from "next/server";
-import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
-import { reset_password } from "../../../../lib/services/password_reset_service";
-import { create_app_logger } from "../../../../lib/app_logger";
-import { get_password_requirements_config } from "../../../../lib/password_requirements_config.server";
-import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
-
-// section: api_handler
-export async function POST(request: NextRequest) {
-  const logger = create_app_logger();
-
-  try {
-    const body = await request.json();
-    const { token, new_password } = body;
-
-    // Validate input
-    if (!token) {
-      logger.warn("password_reset_validation_failed", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        error: "Token is required",
-      });
-
-      return NextResponse.json(
-        { error: "Token is required" },
-        { status: 400 }
-      );
-    }
-
-    if (!new_password) {
-      logger.warn("password_reset_validation_failed", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        error: "New password is required",
-      });
-
-      return NextResponse.json(
-        { error: "New password is required" },
-        { status: 400 }
-      );
-    }
-
-    // Get singleton hazo_connect instance (reuses same connection across all routes)
-    const hazoConnect = get_hazo_connect_instance();
-
-    // Get password requirements from config
-    const passwordRequirements = get_password_requirements_config();
-
-    // Reset password using the password reset service
-    const result = await reset_password(hazoConnect, {
-      token,
-      new_password,
-      minimum_length: passwordRequirements.minimum_length,
-    });
-
-    if (!result.success) {
-      logger.warn("password_reset_failed", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        error: result.error,
-      });
-
-      return NextResponse.json(
-        {
-          success: false,
-          error: result.error || "Failed to reset password",
-        },
-        { status: 400 }
-      );
-    }
-
-    logger.info("password_reset_successful", {
-      filename: get_filename(),
-      line_number: get_line_number(),
-      user_id: result.user_id,
-      email: result.email,
-    });
-
-    return NextResponse.json(
-      {
-        success: true,
-        message: "Password has been reset successfully",
-      },
-      { status: 200 }
-    );
-  } catch (error) {
-    const error_message =
-      error instanceof Error ? error.message : "Unknown error";
-
-    logger.error("password_reset_error", {
-      filename: get_filename(),
-      line_number: get_line_number(),
-      error: error_message,
-    });
-
-    return NextResponse.json(
-      {
-        success: false,
-        error: "An error occurred while resetting your password",
-      },
-      { status: 500 }
-    );
-  }
-}
-

package/src/app/api/hazo_auth/update_user/route.ts

@@ -1,126 +0,0 @@
-// file_description: API route for updating user profile information
-// section: imports
-import { NextRequest, NextResponse } from "next/server";
-import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
-import { create_app_logger } from "../../../../lib/app_logger";
-import { update_user_profile } from "../../../../lib/services/user_update_service";
-import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
-import { require_auth } from "../../../../lib/auth/auth_utils.server";
-
-// section: api_handler
-export async function PATCH(request: NextRequest) {
-  const logger = create_app_logger();
-
-  try {
-    // Use centralized auth check
-    let user_id: string;
-    try {
-      const user = await require_auth(request);
-      user_id = user.user_id;
-    } catch (error) {
-      if (error instanceof Error && error.message === "Authentication required") {
-        logger.warn("user_update_authentication_failed", {
-          filename: get_filename(),
-          line_number: get_line_number(),
-          error: "User not authenticated",
-        });
-
-        return NextResponse.json(
-          { error: "Authentication required" },
-          { status: 401 }
-        );
-      }
-      throw error;
-    }
-
-    const body = await request.json();
-    const { name, email, profile_picture_url, profile_source } = body;
-
-    // Validate input (at least one field must be provided)
-    if (name === undefined && email === undefined && profile_picture_url === undefined) {
-      logger.warn("user_update_validation_failed", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        error: "No fields to update",
-      });
-
-      return NextResponse.json(
-        { error: "At least one field (name, email, or profile_picture_url) must be provided" },
-        { status: 400 }
-      );
-    }
-
-    // Get singleton hazo_connect instance
-    const hazoConnect = get_hazo_connect_instance();
-
-    // Update user profile
-    const result = await update_user_profile(hazoConnect, user_id, {
-      name,
-      email,
-      profile_picture_url,
-      profile_source,
-    });
-
-    if (!result.success) {
-      logger.warn("user_update_failed", {
-        filename: get_filename(),
-        line_number: get_line_number(),
-        error: result.error,
-        user_id,
-        email_changed: result.email_changed,
-      });
-
-      return NextResponse.json(
-        { error: result.error || "Failed to update user profile" },
-        { status: 400 }
-      );
-    }
-
-    logger.info("user_update_successful", {
-      filename: get_filename(),
-      line_number: get_line_number(),
-      user_id,
-      email_changed: result.email_changed,
-    });
-
-    // Create response
-    const response = NextResponse.json(
-      {
-        success: true,
-        message: "Profile updated successfully",
-        email_changed: result.email_changed,
-      },
-      { status: 200 }
-    );
-
-    // If email changed, update the cookie (match login route cookie settings)
-    if (result.email_changed && email) {
-      response.cookies.set("hazo_auth_user_email", email, {
-        httpOnly: true,
-        secure: process.env.NODE_ENV === "production",
-        sameSite: "lax",
-        path: "/",
-        maxAge: 60 * 60 * 24 * 30, // 30 days
-      });
-    }
-
-    return response;
-  } catch (error) {
-    const error_message =
-      error instanceof Error ? error.message : "Unknown error";
-    const error_stack = error instanceof Error ? error.stack : undefined;
-
-    logger.error("user_update_error", {
-      filename: get_filename(),
-      line_number: get_line_number(),
-      error_message,
-      error_stack,
-    });
-
-    return NextResponse.json(
-      { error: "Failed to update user profile. Please try again." },
-      { status: 500 }
-    );
-  }
-}
-