npm - hazo_auth - Versions diffs - 4.2.0 → 4.3.0 - Mend

hazo_auth 4.2.0 → 4.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

package/bin/hazo_auth.mjs +35 -0
package/cli-src/assets/images/forgot_password_default.jpg +0 -0
package/cli-src/assets/images/login_default.jpg +0 -0
package/cli-src/assets/images/register_default.jpg +0 -0
package/cli-src/assets/images/reset_password_default.jpg +0 -0
package/cli-src/assets/images/verify_email_default.jpg +0 -0
package/cli-src/cli/generate.ts +276 -0
package/cli-src/cli/index.ts +207 -0
package/cli-src/cli/init.ts +254 -0
package/cli-src/cli/init_users.ts +376 -0
package/cli-src/cli/validate.ts +581 -0
package/cli-src/lib/already_logged_in_config.server.ts +46 -0
package/cli-src/lib/app_logger.ts +24 -0
package/cli-src/lib/auth/auth_cache.ts +220 -0
package/cli-src/lib/auth/auth_rate_limiter.ts +121 -0
package/cli-src/lib/auth/auth_types.ts +110 -0
package/cli-src/lib/auth/auth_utils.server.ts +196 -0
package/cli-src/lib/auth/hazo_get_auth.server.ts +512 -0
package/cli-src/lib/auth/index.ts +23 -0
package/cli-src/lib/auth/nextauth_config.ts +227 -0
package/cli-src/lib/auth/scope_cache.ts +233 -0
package/cli-src/lib/auth/server_auth.ts +88 -0
package/cli-src/lib/auth/session_token_validator.edge.ts +91 -0
package/cli-src/lib/auth_utility_config.server.ts +136 -0
package/cli-src/lib/config/config_loader.server.ts +164 -0
package/cli-src/lib/config/default_config.ts +199 -0
package/cli-src/lib/email_verification_config.server.ts +63 -0
package/cli-src/lib/file_types_config.server.ts +25 -0
package/cli-src/lib/forgot_password_config.server.ts +63 -0
package/cli-src/lib/hazo_connect_instance.server.ts +101 -0
package/cli-src/lib/hazo_connect_setup.server.ts +194 -0
package/cli-src/lib/hazo_connect_setup.ts +54 -0
package/cli-src/lib/index.ts +46 -0
package/cli-src/lib/login_config.server.ts +106 -0
package/cli-src/lib/messages_config.server.ts +45 -0
package/cli-src/lib/migrations/apply_migration.ts +105 -0
package/cli-src/lib/my_settings_config.server.ts +135 -0
package/cli-src/lib/oauth_config.server.ts +87 -0
package/cli-src/lib/password_requirements_config.server.ts +40 -0
package/cli-src/lib/profile_pic_menu_config.server.ts +138 -0
package/cli-src/lib/profile_picture_config.server.ts +56 -0
package/cli-src/lib/register_config.server.ts +101 -0
package/cli-src/lib/reset_password_config.server.ts +103 -0
package/cli-src/lib/scope_hierarchy_config.server.ts +151 -0
package/cli-src/lib/services/email_service.ts +587 -0
package/cli-src/lib/services/email_verification_service.ts +270 -0
package/cli-src/lib/services/index.ts +16 -0
package/cli-src/lib/services/login_service.ts +150 -0
package/cli-src/lib/services/oauth_service.ts +494 -0
package/cli-src/lib/services/password_change_service.ts +154 -0
package/cli-src/lib/services/password_reset_service.ts +418 -0
package/cli-src/lib/services/profile_picture_remove_service.ts +120 -0
package/cli-src/lib/services/profile_picture_service.ts +451 -0
package/cli-src/lib/services/profile_picture_source_mapper.ts +62 -0
package/cli-src/lib/services/registration_service.ts +185 -0
package/cli-src/lib/services/scope_labels_service.ts +348 -0
package/cli-src/lib/services/scope_service.ts +778 -0
package/cli-src/lib/services/session_token_service.ts +177 -0
package/cli-src/lib/services/token_service.ts +240 -0
package/cli-src/lib/services/user_profiles_cache.ts +189 -0
package/cli-src/lib/services/user_profiles_service.ts +264 -0
package/cli-src/lib/services/user_scope_service.ts +554 -0
package/cli-src/lib/services/user_update_service.ts +141 -0
package/cli-src/lib/ui_shell_config.server.ts +73 -0
package/cli-src/lib/ui_sizes_config.server.ts +37 -0
package/cli-src/lib/user_fields_config.server.ts +31 -0
package/cli-src/lib/user_management_config.server.ts +39 -0
package/cli-src/lib/user_profiles_config.server.ts +55 -0
package/cli-src/lib/utils/api_route_helpers.ts +60 -0
package/cli-src/lib/utils/error_sanitizer.ts +75 -0
package/cli-src/lib/utils/password_validator.ts +65 -0
package/cli-src/lib/utils.ts +11 -0
package/cli-src/server/logging/logger_service.ts +56 -0
package/dist/cli/index.js +18 -0
package/dist/cli/init_users.d.ts +17 -0
package/dist/cli/init_users.d.ts.map +1 -0
package/dist/cli/init_users.js +307 -0
package/dist/components/layouts/shared/config/layout_customization.d.ts +2 -7
package/dist/components/layouts/shared/config/layout_customization.d.ts.map +1 -1
package/dist/lib/utils/password_validator.d.ts +7 -1
package/dist/lib/utils/password_validator.d.ts.map +1 -1
package/package.json +5 -2

package/cli-src/lib/services/scope_labels_service.ts ADDED Viewed

@@ -0,0 +1,348 @@
+// file_description: service for managing HRBAC scope labels using hazo_connect
+// section: imports
+import type { HazoConnectAdapter } from "hazo_connect";
+import { createCrudService } from "hazo_connect/server";
+import { randomUUID } from "crypto";
+import { create_app_logger } from "../app_logger";
+import { sanitize_error_for_user } from "../utils/error_sanitizer";
+import type { ScopeLevel } from "./scope_service";
+import { SCOPE_LEVELS } from "./scope_service";
+// section: types
+export type ScopeLabel = {
+  id: string;
+  org: string;
+  scope_type: ScopeLevel;
+  label: string;
+  created_at: string;
+  changed_at: string;
+};
+export type ScopeLabelResult = {
+  success: boolean;
+  label?: ScopeLabel;
+  labels?: ScopeLabel[];
+  error?: string;
+};
+// section: constants
+export const DEFAULT_SCOPE_LABELS: Record<ScopeLevel, string> = {
+  hazo_scopes_l1: "Level 1",
+  hazo_scopes_l2: "Level 2",
+  hazo_scopes_l3: "Level 3",
+  hazo_scopes_l4: "Level 4",
+  hazo_scopes_l5: "Level 5",
+  hazo_scopes_l6: "Level 6",
+  hazo_scopes_l7: "Level 7",
+};
+// section: helpers
+/**
+ * Gets all scope labels for an organization
+ */
+export async function get_scope_labels(
+  adapter: HazoConnectAdapter,
+  org: string,
+): Promise<ScopeLabelResult> {
+  try {
+    const label_service = createCrudService(adapter, "hazo_scope_labels");
+    const labels = await label_service.findBy({ org });
+    return {
+      success: true,
+      labels: Array.isArray(labels) ? (labels as ScopeLabel[]) : [],
+    };
+  } catch (error) {
+    const logger = create_app_logger();
+    const error_message = sanitize_error_for_user(error, {
+      logToConsole: true,
+      logToLogger: true,
+      logger,
+      context: {
+        filename: "scope_labels_service.ts",
+        line_number: 0,
+        operation: "get_scope_labels",
+        org,
+      },
+    });
+    return {
+      success: false,
+      error: error_message,
+    };
+  }
+}
+/**
+ * Gets all scope labels for an organization, with defaults filled in for missing levels
+ */
+export async function get_scope_labels_with_defaults(
+  adapter: HazoConnectAdapter,
+  org: string,
+  custom_defaults?: Record<ScopeLevel, string>,
+): Promise<ScopeLabelResult> {
+  try {
+    const result = await get_scope_labels(adapter, org);
+    if (!result.success) {
+      return result;
+    }
+    const existing_labels = result.labels || [];
+    const labels_map = new Map<ScopeLevel, ScopeLabel>();
+    // Add existing labels to map
+    for (const label of existing_labels) {
+      labels_map.set(label.scope_type, label);
+    }
+    // Create synthetic entries for missing levels (with default labels)
+    const defaults = custom_defaults || DEFAULT_SCOPE_LABELS;
+    const all_labels: ScopeLabel[] = [];
+    for (const level of SCOPE_LEVELS) {
+      if (labels_map.has(level)) {
+        all_labels.push(labels_map.get(level)!);
+      } else {
+        // Create a synthetic label entry (not persisted)
+        all_labels.push({
+          id: "", // Empty ID indicates this is a default, not from DB
+          org,
+          scope_type: level,
+          label: defaults[level],
+          created_at: "",
+          changed_at: "",
+        });
+      }
+    }
+    return {
+      success: true,
+      labels: all_labels,
+    };
+  } catch (error) {
+    const logger = create_app_logger();
+    const error_message = sanitize_error_for_user(error, {
+      logToConsole: true,
+      logToLogger: true,
+      logger,
+      context: {
+        filename: "scope_labels_service.ts",
+        line_number: 0,
+        operation: "get_scope_labels_with_defaults",
+        org,
+      },
+    });
+    return {
+      success: false,
+      error: error_message,
+    };
+  }
+}
+/**
+ * Gets the label for a specific scope level
+ * Returns the custom label if set, otherwise returns the default
+ */
+export async function get_label_for_level(
+  adapter: HazoConnectAdapter,
+  org: string,
+  scope_type: ScopeLevel,
+  custom_default?: string,
+): Promise<string> {
+  try {
+    const label_service = createCrudService(adapter, "hazo_scope_labels");
+    const labels = await label_service.findBy({ org, scope_type });
+    if (Array.isArray(labels) && labels.length > 0) {
+      return (labels[0] as ScopeLabel).label;
+    }
+    return custom_default || DEFAULT_SCOPE_LABELS[scope_type];
+  } catch {
+    // Return default on any error
+    return custom_default || DEFAULT_SCOPE_LABELS[scope_type];
+  }
+}
+/**
+ * Creates or updates a scope label for an organization
+ * Uses upsert pattern - creates if not exists, updates if exists
+ */
+export async function upsert_scope_label(
+  adapter: HazoConnectAdapter,
+  org: string,
+  scope_type: ScopeLevel,
+  label: string,
+): Promise<ScopeLabelResult> {
+  try {
+    const label_service = createCrudService(adapter, "hazo_scope_labels");
+    const now = new Date().toISOString();
+    // Check if label already exists for this org + scope_type
+    const existing = await label_service.findBy({ org, scope_type });
+    if (Array.isArray(existing) && existing.length > 0) {
+      // Update existing
+      const existing_label = existing[0] as ScopeLabel;
+      const updated = await label_service.updateById(existing_label.id, {
+        label,
+        changed_at: now,
+      });
+      if (!Array.isArray(updated) || updated.length === 0) {
+        return {
+          success: false,
+          error: "Failed to update scope label",
+        };
+      }
+      return {
+        success: true,
+        label: updated[0] as ScopeLabel,
+      };
+    } else {
+      // Create new
+      const inserted = await label_service.insert({
+        id: randomUUID(),
+        org,
+        scope_type,
+        label,
+        created_at: now,
+        changed_at: now,
+      });
+      if (!Array.isArray(inserted) || inserted.length === 0) {
+        return {
+          success: false,
+          error: "Failed to create scope label",
+        };
+      }
+      return {
+        success: true,
+        label: inserted[0] as ScopeLabel,
+      };
+    }
+  } catch (error) {
+    const logger = create_app_logger();
+    const error_message = sanitize_error_for_user(error, {
+      logToConsole: true,
+      logToLogger: true,
+      logger,
+      context: {
+        filename: "scope_labels_service.ts",
+        line_number: 0,
+        operation: "upsert_scope_label",
+        org,
+        scope_type,
+        label,
+      },
+    });
+    return {
+      success: false,
+      error: error_message,
+    };
+  }
+}
+/**
+ * Batch upsert scope labels for an organization
+ * Useful for saving all labels at once from the UI
+ */
+export async function batch_upsert_scope_labels(
+  adapter: HazoConnectAdapter,
+  org: string,
+  labels: Array<{ scope_type: ScopeLevel; label: string }>,
+): Promise<ScopeLabelResult> {
+  try {
+    const results: ScopeLabel[] = [];
+    for (const { scope_type, label } of labels) {
+      const result = await upsert_scope_label(adapter, org, scope_type, label);
+      if (!result.success) {
+        return {
+          success: false,
+          error: `Failed to save label for ${scope_type}: ${result.error}`,
+        };
+      }
+      if (result.label) {
+        results.push(result.label);
+      }
+    }
+    return {
+      success: true,
+      labels: results,
+    };
+  } catch (error) {
+    const logger = create_app_logger();
+    const error_message = sanitize_error_for_user(error, {
+      logToConsole: true,
+      logToLogger: true,
+      logger,
+      context: {
+        filename: "scope_labels_service.ts",
+        line_number: 0,
+        operation: "batch_upsert_scope_labels",
+        org,
+      },
+    });
+    return {
+      success: false,
+      error: error_message,
+    };
+  }
+}
+/**
+ * Deletes a scope label, reverting to default
+ */
+export async function delete_scope_label(
+  adapter: HazoConnectAdapter,
+  org: string,
+  scope_type: ScopeLevel,
+): Promise<ScopeLabelResult> {
+  try {
+    const label_service = createCrudService(adapter, "hazo_scope_labels");
+    // Find the label
+    const existing = await label_service.findBy({ org, scope_type });
+    if (!Array.isArray(existing) || existing.length === 0) {
+      return {
+        success: true, // Already doesn't exist
+      };
+    }
+    const existing_label = existing[0] as ScopeLabel;
+    await label_service.deleteById(existing_label.id);
+    return {
+      success: true,
+      label: existing_label,
+    };
+  } catch (error) {
+    const logger = create_app_logger();
+    const error_message = sanitize_error_for_user(error, {
+      logToConsole: true,
+      logToLogger: true,
+      logger,
+      context: {
+        filename: "scope_labels_service.ts",
+        line_number: 0,
+        operation: "delete_scope_label",
+        org,
+        scope_type,
+      },
+    });
+    return {
+      success: false,
+      error: error_message,
+    };
+  }
+}