hazo_auth 1.4.2 → 1.6.1

package/dist/app/api/hazo_auth/reset_password/route.js

@@ -0,0 +1,76 @@
+// file_description: API route for resetting user password using a reset token
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { reset_password } from "../../../../lib/services/password_reset_service";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { get_password_requirements_config } from "../../../../lib/password_requirements_config.server";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        const body = await request.json();
+        const { token, new_password } = body;
+        // Validate input
+        if (!token) {
+            logger.warn("password_reset_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: "Token is required",
+            });
+            return NextResponse.json({ error: "Token is required" }, { status: 400 });
+        }
+        if (!new_password) {
+            logger.warn("password_reset_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: "New password is required",
+            });
+            return NextResponse.json({ error: "New password is required" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Get password requirements from config
+        const passwordRequirements = get_password_requirements_config();
+        // Reset password using the password reset service
+        const result = await reset_password(hazoConnect, {
+            token,
+            new_password,
+            minimum_length: passwordRequirements.minimum_length,
+        });
+        if (!result.success) {
+            logger.warn("password_reset_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: result.error,
+            });
+            return NextResponse.json({
+                success: false,
+                error: result.error || "Failed to reset password",
+            }, { status: 400 });
+        }
+        logger.info("password_reset_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id: result.user_id,
+            email: result.email,
+        });
+        return NextResponse.json({
+            success: true,
+            message: "Password has been reset successfully",
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        logger.error("password_reset_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error: error_message,
+        });
+        return NextResponse.json({
+            success: false,
+            error: "An error occurred while resetting your password",
+        }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/update_user/route.d.ts

@@ -0,0 +1,9 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function PATCH(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+    email_changed: boolean | undefined;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/update_user/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/update_user/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAQxD,wBAAsB,KAAK,CAAC,OAAO,EAAE,WAAW;;;;;;IAkH/C"}

package/dist/app/api/hazo_auth/update_user/route.js

@@ -0,0 +1,95 @@
+// file_description: API route for updating user profile information
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { update_user_profile } from "../../../../lib/services/user_update_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import { require_auth } from "../../../../lib/auth/auth_utils.server";
+// section: api_handler
+export async function PATCH(request) {
+    const logger = create_app_logger();
+    try {
+        // Use centralized auth check
+        let user_id;
+        try {
+            const user = await require_auth(request);
+            user_id = user.user_id;
+        }
+        catch (error) {
+            if (error instanceof Error && error.message === "Authentication required") {
+                logger.warn("user_update_authentication_failed", {
+                    filename: get_filename(),
+                    line_number: get_line_number(),
+                    error: "User not authenticated",
+                });
+                return NextResponse.json({ error: "Authentication required" }, { status: 401 });
+            }
+            throw error;
+        }
+        const body = await request.json();
+        const { name, email, profile_picture_url, profile_source } = body;
+        // Validate input (at least one field must be provided)
+        if (name === undefined && email === undefined && profile_picture_url === undefined) {
+            logger.warn("user_update_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: "No fields to update",
+            });
+            return NextResponse.json({ error: "At least one field (name, email, or profile_picture_url) must be provided" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance
+        const hazoConnect = get_hazo_connect_instance();
+        // Update user profile
+        const result = await update_user_profile(hazoConnect, user_id, {
+            name,
+            email,
+            profile_picture_url,
+            profile_source,
+        });
+        if (!result.success) {
+            logger.warn("user_update_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: result.error,
+                user_id,
+                email_changed: result.email_changed,
+            });
+            return NextResponse.json({ error: result.error || "Failed to update user profile" }, { status: 400 });
+        }
+        logger.info("user_update_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id,
+            email_changed: result.email_changed,
+        });
+        // Create response
+        const response = NextResponse.json({
+            success: true,
+            message: "Profile updated successfully",
+            email_changed: result.email_changed,
+        }, { status: 200 });
+        // If email changed, update the cookie (match login route cookie settings)
+        if (result.email_changed && email) {
+            response.cookies.set("hazo_auth_user_email", email, {
+                httpOnly: true,
+                secure: process.env.NODE_ENV === "production",
+                sameSite: "lax",
+                path: "/",
+                maxAge: 60 * 60 * 24 * 30, // 30 days
+            });
+        }
+        return response;
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("user_update_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Failed to update user profile. Please try again." }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/upload_profile_picture/route.d.ts

@@ -0,0 +1,9 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare function POST(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    profile_picture_url: string;
+    message: string;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/upload_profile_picture/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/upload_profile_picture/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAaxD,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW;;;;;;IA2P9C"}

package/dist/app/api/hazo_auth/upload_profile_picture/route.js

@@ -0,0 +1,204 @@
+// file_description: API route for uploading profile pictures
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { get_profile_picture_config } from "../../../../lib/profile_picture_config.server";
+import { get_file_types_config } from "../../../../lib/file_types_config.server";
+import { update_user_profile_picture } from "../../../../lib/services/profile_picture_service";
+import { createCrudService } from "hazo_connect/server";
+import { map_db_source_to_ui } from "../../../../lib/services/profile_picture_source_mapper";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+import fs from "fs";
+import path from "path";
+// section: api_handler
+export async function POST(request) {
+    const logger = create_app_logger();
+    try {
+        // Use centralized auth check
+        let user_id;
+        try {
+            const { require_auth } = await import("../../../../lib/auth/auth_utils.server");
+            const user = await require_auth(request);
+            user_id = user.user_id;
+        }
+        catch (error) {
+            if (error instanceof Error && error.message === "Authentication required") {
+                logger.warn("profile_picture_upload_authentication_failed", {
+                    filename: get_filename(),
+                    line_number: get_line_number(),
+                    error: "User not authenticated",
+                });
+                return NextResponse.json({ error: "Authentication required" }, { status: 401 });
+            }
+            throw error;
+        }
+        // Check if upload is enabled
+        const config = get_profile_picture_config();
+        if (!config.allow_photo_upload) {
+            logger.warn("profile_picture_upload_disabled", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id,
+            });
+            return NextResponse.json({ error: "Photo upload is not enabled" }, { status: 403 });
+        }
+        if (!config.upload_photo_path) {
+            logger.warn("profile_picture_upload_path_not_configured", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id,
+            });
+            return NextResponse.json({ error: "Upload path is not configured" }, { status: 500 });
+        }
+        // Get FormData
+        const formData = await request.formData();
+        const file = formData.get("file");
+        if (!file) {
+            logger.warn("profile_picture_upload_no_file", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id,
+            });
+            return NextResponse.json({ error: "No file provided" }, { status: 400 });
+        }
+        // Validate file type
+        const fileTypes = get_file_types_config();
+        const fileType = file.type;
+        if (!fileTypes.allowed_image_mime_types.includes(fileType)) {
+            logger.warn("profile_picture_upload_invalid_type", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id,
+                fileType,
+            });
+            return NextResponse.json({ error: "Invalid file type. Only JPG and PNG files are allowed." }, { status: 400 });
+        }
+        // Validate file size (should already be compressed client-side, but check server-side too)
+        const fileSize = file.size;
+        if (fileSize > config.max_photo_size) {
+            logger.warn("profile_picture_upload_too_large", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id,
+                fileSize,
+                maxSize: config.max_photo_size,
+            });
+            return NextResponse.json({ error: `File size exceeds maximum allowed size of ${config.max_photo_size} bytes` }, { status: 400 });
+        }
+        // Get current user profile picture info before updating
+        const hazoConnect = get_hazo_connect_instance();
+        const users_service = createCrudService(hazoConnect, "hazo_users");
+        const current_users = await users_service.findBy({ id: user_id });
+        let oldProfilePictureUrl = null;
+        let oldProfileSource = null;
+        if (Array.isArray(current_users) && current_users.length > 0) {
+            const current_user = current_users[0];
+            oldProfilePictureUrl = current_user.profile_picture_url || null;
+            oldProfileSource = current_user.profile_source || null;
+        }
+        // Determine file extension from MIME type
+        const mimeToExt = {
+            "image/jpeg": "jpg",
+            "image/jpg": "jpg",
+            "image/png": "png",
+        };
+        const fileExtension = mimeToExt[fileType] || "jpg";
+        const fileName = `${user_id}.${fileExtension}`;
+        // Resolve upload path
+        const uploadPath = path.isAbsolute(config.upload_photo_path)
+            ? config.upload_photo_path
+            : path.resolve(process.cwd(), config.upload_photo_path);
+        // Create upload directory if it doesn't exist
+        if (!fs.existsSync(uploadPath)) {
+            fs.mkdirSync(uploadPath, { recursive: true });
+        }
+        // Save file
+        const filePath = path.join(uploadPath, fileName);
+        const arrayBuffer = await file.arrayBuffer();
+        const buffer = Buffer.from(arrayBuffer);
+        fs.writeFileSync(filePath, buffer);
+        // Generate URL (relative to public or absolute)
+        // For Next.js, we'll serve from a public route or use absolute path
+        // For now, use a relative path that can be served via API or static file serving
+        const profilePictureUrl = `/api/hazo_auth/profile_picture/${fileName}`;
+        // Update user record
+        const updateResult = await update_user_profile_picture(hazoConnect, user_id, profilePictureUrl, "upload");
+        if (!updateResult.success) {
+            // Clean up uploaded file
+            try {
+                fs.unlinkSync(filePath);
+            }
+            catch (error) {
+                // Ignore cleanup errors
+            }
+            logger.warn("profile_picture_upload_update_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                user_id,
+                error: updateResult.error,
+            });
+            return NextResponse.json({ error: updateResult.error || "Failed to update profile picture" }, { status: 500 });
+        }
+        // Delete old profile picture file if it exists and was an uploaded file
+        if (oldProfilePictureUrl && oldProfileSource) {
+            const oldSourceUI = map_db_source_to_ui(oldProfileSource);
+            // Only delete if the old profile picture was an uploaded file
+            if (oldSourceUI === "upload") {
+                try {
+                    // Extract filename from URL (e.g., /api/hazo_auth/profile_picture/user_id.jpg)
+                    const oldFileName = oldProfilePictureUrl.split("/").pop();
+                    if (oldFileName) {
+                        // Check if it's a user-specific file (starts with user_id)
+                        if (oldFileName.startsWith(user_id)) {
+                            const oldFilePath = path.join(uploadPath, oldFileName);
+                            // Only delete if it's a different file (different extension)
+                            if (oldFilePath !== filePath && fs.existsSync(oldFilePath)) {
+                                fs.unlinkSync(oldFilePath);
+                                logger.info("profile_picture_old_file_deleted", {
+                                    filename: get_filename(),
+                                    line_number: get_line_number(),
+                                    user_id,
+                                    oldFileName,
+                                });
+                            }
+                        }
+                    }
+                }
+                catch (error) {
+                    // Log error but don't fail the request
+                    logger.warn("profile_picture_old_file_delete_failed", {
+                        filename: get_filename(),
+                        line_number: get_line_number(),
+                        user_id,
+                        oldProfilePictureUrl,
+                        error: error instanceof Error ? error.message : "Unknown error",
+                    });
+                }
+            }
+        }
+        logger.info("profile_picture_upload_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id,
+            fileName,
+            fileSize,
+        });
+        return NextResponse.json({
+            success: true,
+            profile_picture_url: profilePictureUrl,
+            message: "Profile picture uploaded successfully",
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("profile_picture_upload_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Failed to upload profile picture. Please try again." }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/validate_reset_token/route.d.ts

@@ -0,0 +1,6 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare const dynamic = "force-dynamic";
+export declare function GET(request: NextRequest): Promise<NextResponse<{
+    success: boolean;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/validate_reset_token/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/validate_reset_token/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,eAAO,MAAM,OAAO,kBAAkB,CAAC;AAGvC,wBAAsB,GAAG,CAAC,OAAO,EAAE,WAAW;;IAqE7C"}

package/dist/app/api/hazo_auth/validate_reset_token/route.js

@@ -0,0 +1,58 @@
+// file_description: API route for validating password reset token without resetting password
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { validate_password_reset_token } from "../../../../lib/services/password_reset_service";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: route_config
+export const dynamic = 'force-dynamic';
+// section: api_handler
+export async function GET(request) {
+    const logger = create_app_logger();
+    try {
+        const { searchParams } = new URL(request.url);
+        const token = searchParams.get("token");
+        // Validate input
+        if (!token) {
+            logger.warn("password_reset_token_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: "Token is required",
+            });
+            return NextResponse.json({ success: false, error: "Token is required" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Validate token using the password reset service
+        const result = await validate_password_reset_token(hazoConnect, {
+            token,
+        });
+        if (!result.success) {
+            logger.warn("password_reset_token_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: result.error,
+            });
+            return NextResponse.json({
+                success: false,
+                error: result.error || "Invalid or expired reset token",
+            }, { status: 400 });
+        }
+        return NextResponse.json({
+            success: true,
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        logger.error("password_reset_token_validation_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error: error_message,
+        });
+        return NextResponse.json({
+            success: false,
+            error: "An error occurred while validating the reset token",
+        }, { status: 500 });
+    }
+}

package/dist/app/api/hazo_auth/verify_email/route.d.ts

@@ -0,0 +1,11 @@
+import { NextRequest, NextResponse } from "next/server";
+export declare const dynamic = "force-dynamic";
+export declare function GET(request: NextRequest): Promise<NextResponse<{
+    error: string;
+}> | NextResponse<{
+    success: boolean;
+    message: string;
+    user_id: string | undefined;
+    email: string | undefined;
+}>>;
+//# sourceMappingURL=route.d.ts.map

package/dist/app/api/hazo_auth/verify_email/route.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"route.d.ts","sourceRoot":"","sources":["../../../../../src/app/api/hazo_auth/verify_email/route.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAOxD,eAAO,MAAM,OAAO,kBAAkB,CAAC;AAGvC,wBAAsB,GAAG,CAAC,OAAO,EAAE,WAAW;;;;;;;IA0E7C"}

package/dist/app/api/hazo_auth/verify_email/route.js

@@ -0,0 +1,63 @@
+// file_description: API route for email verification using hazo_connect
+// section: imports
+import { NextResponse } from "next/server";
+import { get_hazo_connect_instance } from "../../../../lib/hazo_connect_instance.server";
+import { create_app_logger } from "../../../../lib/app_logger";
+import { verify_email_token } from "../../../../lib/services/email_verification_service";
+import { get_filename, get_line_number } from "../../../../lib/utils/api_route_helpers";
+// section: route_config
+export const dynamic = 'force-dynamic';
+// section: api_handler
+export async function GET(request) {
+    const logger = create_app_logger();
+    try {
+        const { searchParams } = new URL(request.url);
+        const token = searchParams.get("token");
+        // Validate input
+        if (!token) {
+            logger.warn("email_verification_validation_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                has_token: false,
+            });
+            return NextResponse.json({ error: "Verification token is required" }, { status: 400 });
+        }
+        // Get singleton hazo_connect instance (reuses same connection across all routes)
+        const hazoConnect = get_hazo_connect_instance();
+        // Verify email token using the email verification service
+        const result = await verify_email_token(hazoConnect, {
+            token,
+        });
+        if (!result.success) {
+            logger.warn("email_verification_failed", {
+                filename: get_filename(),
+                line_number: get_line_number(),
+                error: result.error,
+            });
+            return NextResponse.json({ error: result.error || "Email verification failed" }, { status: 400 });
+        }
+        logger.info("email_verification_successful", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            user_id: result.user_id,
+            email: result.email,
+        });
+        return NextResponse.json({
+            success: true,
+            message: "Email verified successfully",
+            user_id: result.user_id,
+            email: result.email,
+        }, { status: 200 });
+    }
+    catch (error) {
+        const error_message = error instanceof Error ? error.message : "Unknown error";
+        const error_stack = error instanceof Error ? error.stack : undefined;
+        logger.error("email_verification_error", {
+            filename: get_filename(),
+            line_number: get_line_number(),
+            error_message,
+            error_stack,
+        });
+        return NextResponse.json({ error: "Email verification failed. Please try again." }, { status: 500 });
+    }
+}

package/dist/cli/generate.d.ts

@@ -0,0 +1,7 @@
+export type GenerateOptions = {
+    dir?: string;
+    pages?: boolean;
+    all?: boolean;
+};
+export declare function generate_routes(options?: GenerateOptions): void;
+//# sourceMappingURL=generate.d.ts.map

package/dist/cli/generate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate.d.ts","sourceRoot":"","sources":["../../src/cli/generate.ts"],"names":[],"mappings":"AAqBA,MAAM,MAAM,eAAe,GAAG;IAC5B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,GAAG,CAAC,EAAE,OAAO,CAAC;CACf,CAAC;AAwJF,wBAAgB,eAAe,CAAC,OAAO,GAAE,eAAoB,GAAG,IAAI,CA8DnE"}