nitro-web 0.0.183 → 0.0.184

package/client/app.tsx

@@ -319,8 +319,8 @@ async function beforeApp(config: Config) {
 
 export const middleware = {
   // Default middleware that can referenced from component routes
-  isAdmin: (route: unknown, store: { user?: { type?: string, isAdmin?: boolean } }) => {
-    if (store.user?.type?.match(/admin/) || store.user?.isAdmin) return
+  isAdmin: (route: unknown, store: { user?: { isAdmin?: boolean } }) => {
+    if (store.user?.isAdmin) return
     else if (store.user) return { redirect: '/signin?unauth' }
     else return { redirect: '/signin?signin' }
   },
@@ -328,7 +328,7 @@ export const middleware = {
     if (store.user?.company?.currentSubscription) return
     else return { redirect: '/plans/subscribe' }
   },
-  isUser: (route: unknown, store: { user?: { type?: string } }) => {
+  isUser: (route: unknown, store: { user?: { isAdmin?: boolean } }) => {
     if (store.user) return
     else return { redirect: '/signin?signin' }
   },

package/client/index.ts

@@ -16,6 +16,7 @@ export { createStore, exposedStoreData, preloadedStoreData, setStoreWrapper } fr
 export { Signin } from '../components/auth/signin'
 export { Signup } from '../components/auth/signup'
 export { ResetInstructions, ResetPassword } from '../components/auth/reset'
+export { InviteConfirm } from '../components/auth/inviteConfirm'
 export { Dashboard } from '../components/dashboard/dashboard'
 export { NotFound } from '../components/partials/not-found'
 export { Styleguide } from '../components/partials/styleguide'

package/components/auth/auth.api.js

@@ -4,50 +4,46 @@ import bcrypt from 'bcrypt'
 import passport from 'passport'
 import passportLocal from 'passport-local'
 import { Strategy as JwtStrategy, ExtractJwt } from 'passport-jwt'
-import db from 'monastery'
+import db, { isId } from 'monastery'
 import jsonwebtoken from 'jsonwebtoken'
 import { sendEmail } from 'nitro-web/server'
 import { isArray, pick, ucFirst, fullNameSplit } from 'nitro-web/util'
+// Todo: detect if the user is already invited to the company, instead of token error
 
-let authConfig = null
 const JWT_SECRET = process.env.JWT_SECRET || 'replace_this_with_secure_env_secret'
+let authConfig = null
+let auth = {
+  userFindFromProvider, userSigninGetStore, getStore,
+  userCreate, passwordValidate, tokenCreate, tokenParse, tokenSend,
+  tokenConfirmForReset, tokenConfirmForSingleTenant, tokenConfirmForMultiTenant,
+}
 
 export const routes = {
   // Routes
   'get     /api/store': [store],
   'get     /api/signout': [signout],
-  'post    /api/signin': [signin],
-  'post    /api/signup': [signup],
+  'post    /api/signin': [signin], // [todo: route gaurd basic limiter]
+  'post    /api/signup': [signup], // [todo: route gaurd Altcha]
   'post    /api/reset-instructions': [resetInstructions],
-  'post    /api/reset-password': [resetConfirm],
+  'post    /api/reset-confirm': [resetConfirm], // was reset-password
   'post    /api/invite-instructions': [inviteInstructions],
-  'post    /api/invite-accept': [inviteConfirm],
+  'post    /api/invite-confirm': [inviteConfirm], // was invite-accept
   'delete  /api/account/:uid': [remove],
-
-  // todo: 
-  //   We dont need all of these overridable, just signinAndGetStore, findUserFromProvider, 
-  //   and getStore. So we will allow just these two to be passed around.
-  //   userCreate not needed, they can just create their own signup function.
-  ///  Maybe we can pass these into setup?
-
-  // Overridable helpers
+  // Setup (called automatically when express starts)
   setup: setup,
-  findUserFromProvider: findUserFromProvider,
-  getStore: getStore,
-  signinAndGetStore: signinAndGetStore,
-  tokenCreate: tokenCreate,
-  tokenParse: tokenParse,
-  userCreate: userCreate,
-  validatePassword: validatePassword,
-  sendToken: sendToken,
-  inviteOrResetConfirm: inviteOrResetConfirm,
 }
 
-function setup(middleware, _config) {
-  // routes.setup is called automatically when express starts
-  // Set config values
-  const configKeys = ['baseUrl', 'emailFrom', 'env', 'name', 'mailgunDomain', 'mailgunKey', 'masterPassword', 'isNotMultiTenant']
+function setup(middleware, _config, helpers = {}) {
+  // Tip: you can pass in your own helpers to override the default helpers, `this` context contains all helpers.
+  // E.g. setup: (middleware, config, helpers) => authRoutes.setup(middleware, config, { getStore, ... })
+  const configKeys = ['baseUrl', 'emailFrom', 'env', 'name', 'mailgunDomain', 'mailgunKey', 'masterPassword', 'isNotMultiTenant', 
+    'confirmInvites']
   authConfig = pick(_config, configKeys)
+  auth = { ...auth, ...helpers }
+  // Bind all the functions to the auth object (so the can be individually overridden and reference other helpers)
+  for (const key of Object.keys(auth)) {
+    if (typeof auth[key] === 'function') auth[key] = auth[key].bind(auth)
+  }
   for (const key of ['baseUrl', 'emailFrom', 'env', 'name']) {
     if (!authConfig[key]) throw new Error(`Missing config value for: config.${key}`)
   }
@@ -57,7 +53,7 @@ function setup(middleware, _config) {
       { usernameField: 'email' },
       async (email, password, next) => {
         try {
-          const user = await this.findUserFromProvider({ email }, password)
+          const user = await auth.userFindFromProvider({ email }, password)
           next(null, user)
         } catch (err) {
           next(err.message)
@@ -74,7 +70,7 @@ function setup(middleware, _config) {
       },
       async (payload, done) => {
         try {
-          const user = await this.findUserFromProvider({ _id: payload._id })
+          const user = await auth.userFindFromProvider({ _id: payload._id })
           if (!user) return done(null, false)
           return done(null, user)
         } catch (err) {
@@ -109,19 +105,14 @@ function setup(middleware, _config) {
 }
 
 async function store(req, res) {
-  res.json(await this.getStore(req.user))
+  res.json(await auth.getStore(req.user))
 }
 
 async function signup(req, res) {
   try {
     const desktop = req.query.desktop
-    let user = await this.userCreate(req.body)
-    sendEmail({
-      config: authConfig,
-      template: 'welcome',
-      to: `${ucFirst(user.firstName)}<${user.email}>`,
-    }).catch(console.error)
-    res.send(await this.signinAndGetStore(user, desktop, this.getStore))
+    const user = await auth.userCreate(req.body)
+    res.send(await auth.userSigninGetStore(user, desktop))
   } catch (err) {
     res.error(err)
   }
@@ -136,7 +127,7 @@ function signin(req, res) {
     if (err) return res.error(err)
     if (!user && info) return res.error('email', info.message)
     try {
-      const response = await this.signinAndGetStore(user, desktop, this.getStore)
+      const response = await auth.userSigninGetStore(user, desktop)
       res.send(response)
     } catch (err) {
       res.error(err)
@@ -167,18 +158,102 @@ async function remove(req, res) {
     // }
     await db.user.remove({ query: { _id: uid }})
     // Logout now so that an error doesn't throw when naviating to /signout
-    req.logout()
+    await new Promise((resolve, reject) => req.logout(err => err ? reject(err) : resolve()))
     res.send(`User: '${uid}' removed successfully`)
   } catch (err) {
     res.error(err)
   }
 }
 
+export async function resetInstructions(req, res) {
+  try {
+    // const desktop = req.query.hasOwnProperty('desktop') ? '?desktop' : '' // see sendToken for future usage
+    let email = (req.body.email || '').trim().toLowerCase()
+    if (!email) throw { title: 'email', detail: 'The email you entered is incorrect.' }
+
+    let user = await db.user.findOne({ query: { email }, _privateData: true })
+    if (!user) throw { title: 'email', detail: 'The email you entered is incorrect.' }
+
+    // Send reset password email
+    await auth.tokenSend({ _id: user._id, email: user.email, firstName: user.firstName })
+    res.json({})
+  } catch (err) {
+    res.error(err)
+  }
+}
+
+export async function inviteInstructions(req, res) {
+  // Single-tenant: 
+  //.  - no user found: error (not supported, must be pre-created)
+  //   - user pre-created: update user with token, and send them the token
+  // Multi-tenant:
+  //   - user exists and confirmInvites=false: auto-add user to company.users
+  //   - user exists and confirmInvites=true: add user to company.invites, and send them the token
+  //.  - no user found: add user to company.invites and send them the token
+  try {
+    if (authConfig.isNotMultiTenant) {
+      const user = await db.user.findOne({ query: { _id: req.body._id }, _privateData: true })
+      if (!user) throw new Error('Please pre-create the user first, no user id found.')
+      await auth.tokenSend({ type: 'invite', _id: user._id, email: user.email, firstName: user.firstName })
+      res.json({})
+
+    } else {
+      const companyId = req.body.companyId
+      if (!req.user.isAdmin && (!companyId || req.user?.company?._id?.toString() !== companyId.toString())) {
+        throw new Error('You do not have permission to invite users to this company.')
+      }
+      const existingUser = await db.user.findOne({ query: { email: req.body.email } })
+      if (existingUser && !authConfig.confirmInvites) {
+        await db.company.update({
+          query: db.id(companyId),
+          $push: { users: { _id: existingUser._id, role: req.body.role, status: 'active' } },
+        })
+      } else {
+        await auth.tokenSend({
+          type: 'companyInvite', _id: companyId,
+          email: req.body.email,
+          firstName: existingUser?.firstName || req.body.firstName,
+        })
+      }
+      res.json({})
+    }
+  } catch (err) {
+    res.error(err)
+  }
+}
+
+export async function resetConfirm(req, res) {
+  try {
+    res.send(await auth.tokenConfirmForReset(req))
+  } catch (err) {
+    res.error(err)
+  }
+}
+
+export async function inviteConfirm(req, res) {
+  // single tenant:
+  //   - user pre-created: update user with new password (and any other inviteConfirm.tsx form fields)
+  //.  - no user found: error (not supported, must be pre-created)
+  // multi tenant:
+  //   - user exists and confirmInvites=false: no-op (i.e no token, user already added)
+  //   - user exists and confirmInvites=true: update company (invite.tsx should display 'Invite Accepted' and redirect to home)
+  //   - no user found: create new user with new password (and any other inviteConfirm.tsx form fields)
+  try {
+    const result = authConfig.isNotMultiTenant
+      ? await auth.tokenConfirmForSingleTenant(req)
+      : await auth.tokenConfirmForMultiTenant(req)
+    res.send(result)
+  } catch (err) {
+    res.error(err)
+  }
+}
+
 /* ---- Overridable helpers ------------------ */
 
-export async function findUserFromProvider(query, passwordToCheck) {
+export async function userFindFromProvider(query, passwordToCheck) {
   /**
-   * Find user for state (and verify password if signing in with email)
+   * Find user for state (and verify password if signing in with email).
+   * NOTE: the application needs to set user.company to the active company (if multi tenant)
    * @param {object} query - e.g. { email: 'test@test.com' }
    * @param {string} <passwordToCheck> - password to test
    */
@@ -219,6 +294,15 @@ export async function findUserFromProvider(query, passwordToCheck) {
   }
 }
 
+export async function userSigninGetStore(user, isDesktop) {
+  if (user.loginActive === false) throw { title: 'error', detail: 'This user is not available.' }
+  user.desktop = isDesktop
+
+  const jwt = jsonwebtoken.sign({ _id: user._id }, JWT_SECRET, { expiresIn: '30d' })
+  const store = await this.getStore(user)
+  return { ...store, jwt }
+}
+
 export async function getStore(user) {
   // Initial store
   return {
@@ -226,45 +310,43 @@ export async function getStore(user) {
   }
 }
 
-export async function signinAndGetStore(user, isDesktop, getStore) {
-  if (user.loginActive === false) throw 'This user is not available.'
-  if (!getStore) throw new Error('Please provide a getStore function')
-  user.desktop = isDesktop
+/* ---- Helpers (not easily overridable) ----- */
 
-  const jwt = jsonwebtoken.sign({ _id: user._id }, JWT_SECRET, { expiresIn: '30d' })
-  const store = await getStore(user)
-  return { ...store, jwt }
-}
-
-export async function userCreate({ business, password, ...userDataProp }) {
+/**
+ * Creates a new user and company (if multi tenant and `user.company` is not an id)
+ * @param {object} userData - user data
+ * @param {string} [userData.password] - optional
+ * @param {string} [userData.password2] - optional, to confirm the password
+ * @param {string} [userData.company] - if multi tenant and `user.company` is not an id, create a new company
+ * @param {boolean} [skipSendEmail=false] - whether to skip sending the welcome email
+ * @returns {Promise<object>} - the created user
+ */
+export async function userCreate({ password, password2, company, ...userDataProp }, skipSendEmail) {
   try {
-    if (!this.findUserFromProvider) {
-      throw new Error('this.findUserFromProvider doesn\'t exist, make sure the context is available when calling this function')
-    }
-
-    const options = { blacklist: ['-_id'] }
-    const isMultiTenant = !authConfig.isNotMultiTenant
     const userId = db.id()
-    const companyData = isMultiTenant && {
-      _id: db.id(), 
-      ...(business ? { business } : {}),
+    const options = { blacklist: ['-_id'] }
+    const companyIsId = !authConfig.isNotMultiTenant && isId(company)
+
+    // Define new company data if applicable
+    const companyData = !authConfig.isNotMultiTenant && !companyIsId && {
+      _id: db.id(),
       users: [{ _id: userId, role: 'owner', status: 'active' }],
+      ...(company ? company : {}), // removed
     }
+
+    // Define user data
     const userData = {
       ...userDataProp,
       _id: userId,
-      ...(userDataProp.name ? { 
-        firstName: fullNameSplit(userDataProp.name)[0],
-        lastName: fullNameSplit(userDataProp.name)[1],
-      } : {}),
       password: password ? await bcrypt.hash(password, 10) : undefined,
-      ...(isMultiTenant ? { company: companyData._id } : {}),
+      ...(companyIsId ? { company: company } : (companyData ? { company: companyData._id } : {})), // AKA "active company"
+      ...(userDataProp.name ? { firstName: fullNameSplit(userDataProp.name)[0], lastName: fullNameSplit(userDataProp.name)[1] } : {}),
     }
     // First validate the data so we don't have to create a transaction
     const results = await Promise.allSettled([
       db.user.validate(userData, options),
-      ...(isMultiTenant ? [db.company.validate(companyData, options)] : []),
-      typeof password === 'undefined' ? Promise.resolve() : validatePassword(password),
+      typeof password === 'undefined' ? Promise.resolve() : this.passwordValidate(password, password2),
+      ...(companyData ? [db.company.validate(companyData, options)] : []),
     ])
 
     // Throw all the errors from at once
@@ -277,10 +359,19 @@ export async function userCreate({ business, password, ...userDataProp }) {
 
     // Insert company & user
     await db.user.insert({ data: userData, ...options })
-    if (isMultiTenant) await db.company.insert({ data: companyData, ...options })
+    if (companyData) await db.company.insert({ data: companyData, ...options })
+
+    // Send welcome email
+    if (!skipSendEmail) {
+      sendEmail({
+        config: authConfig,
+        template: 'welcome',
+        to: `${ucFirst(userData.firstName)}<${userData.email}>`,
+      }).catch(console.error)
+    }
 
     // Return the user
-    return await findUserFromProvider({ _id: userId })
+    return await this.userFindFromProvider({ _id: userId })
 
   } catch (err) {
     if (!isArray(err)) throw err
@@ -288,30 +379,7 @@ export async function userCreate({ business, password, ...userDataProp }) {
   }
 }
 
-export function tokenCreate(id) {
-  return new Promise((resolve) => {
-    crypto.randomBytes(16, (err, buff) => {
-      let hash = buff.toString('hex') // 32 chars
-      resolve(`${hash}${id || ''}:${Date.now()}`)
-    })
-  })
-}
-
-export function tokenParse(token) {
-  let split = (token  ||  '').split(':')
-  let hash = split[0].slice(0, 32)
-  let userId = split[0].slice(32)
-  let time = split[1]
-  if (!hash || !userId || !time) {
-    throw { title: 'error', detail: 'Sorry your code is invalid.' }
-  } else if (parseFloat(time) + 1000 * 60 * 60 * 24 < Date.now()) {
-    throw { title: 'error', detail: 'Sorry your code has timed out.' }
-  } else {
-    return userId
-  }
-}
-
-export async function validatePassword(password='', password2) {
+export async function passwordValidate(password='', password2) {
   // let hasLowerChar = password.match(/[a-z]/)
   // let hasUpperChar = password.match(/[A-Z]/)
   // let hasNumber = password.match(/\d/)
@@ -330,117 +398,125 @@ export async function validatePassword(password='', password2) {
   }
 }
 
-
-
-
-/* ---- Controllers -------------------------- */
-
-export async function resetInstructions(req, res) {
-  try {
-    // const desktop = req.query.hasOwnProperty('desktop') ? '?desktop' : '' // see sendToken for future usage
-    let email = (req.body.email || '').trim().toLowerCase()
-    if (!email) throw { title: 'email', detail: 'The email you entered is incorrect.' }
-
-    let user = await db.user.findOne({ query: { email }, _privateData: true })
-    if (!user) throw { title: 'email', detail: 'The email you entered is incorrect.' }
-
-    // Send reset password email
-    await sendToken({ type: 'reset', user: user })
-    res.json({})
-  } catch (err) {
-    res.error(err)
-  }
-}
-
-export async function inviteInstructions(req, res) {
-  try {
-    // const desktop = req.query.hasOwnProperty('desktop') ? '?desktop' : '' // see sendToken for future usage
-    let user = await db.user.findOne({ query: { _id: req.params._id }, _privateData: true })
-    if (!user) throw new Error('Invalid user id')
-    // Send invite instructions email
-    await sendToken({ type: 'invite', user: user })
-    res.json({})
-  } catch (err) {
-    res.error(err)
-  }
+export function tokenCreate(modelName, id) {
+  return new Promise((resolve) => {
+    crypto.randomBytes(16, (err, buff) => {
+      let hash = buff.toString('hex') // 32 chars
+      resolve(`${hash}:${modelName}:${id || ''}:${Date.now()}`)
+    })
+  })
 }
 
-export async function inviteConfirm(req, res) {
-  try {
-    res.send(await this.inviteOrResetConfirm('invite', req))
-  } catch (err) {
-    res.error(err)
+export function tokenParse(token, modelName, maxAgeMs = 1000 * 60 * 60 * 24) {
+  let [hash, modelNameParsed, id, time] = (token || '').split(':')
+  if (!hash || !id || !time) {
+    throw { title: 'error', detail: 'Sorry your code is invalid.' }
+  } else if (modelNameParsed !== modelName) {
+    throw { title: 'error', detail: 'Sorry we are detecting a token mismatch.' }
+  } else if (parseFloat(time) + maxAgeMs < Date.now()) {
+    throw { title: 'error', detail: 'Sorry your code has timed out.' }
+  } else {
+    return id
   }
 }
 
-export async function resetConfirm(req, res) {
-  try {
-    res.send(await this.inviteOrResetConfirm('reset', req))
-  } catch (err) {
-    res.error(err)
-  }
+export async function tokenConfirmForReset(req) {
+  return await this.tokenConfirmForSingleTenant(req, true)
 }
 
-/* ---- Helpers ------------------------------ */
-
-export async function inviteOrResetConfirm(type, req) {
-  const { token, password, password2 } = req.body
-  const name = type === 'invite' ? 'inviteToken' : 'resetToken'
+export async function tokenConfirmForSingleTenant(req, isReset) {
+  const { token, password, password2, ...userData } = req.body
+  const tokenName = isReset ? 'resetToken' : 'inviteToken'
   const desktop = req.query.desktop
-  const id = tokenParse(token)
-  await validatePassword(password, password2)
+  const id = this.tokenParse(token, 'user')
+  await this.passwordValidate(password, password2)
 
-  let user = await db.user.findOne({ query: id, blacklist: ['-' + name], _privateData: true })
-  if (!user || user[name] !== token) throw new Error('Sorry your token is invalid or has already been used.')
+  const user = await db.user.findOne({ query: id, blacklist: ['-' + tokenName], _privateData: true })
+  if (!user || user[tokenName] !== token) throw new Error('Sorry your token is invalid or has already been used.')
 
   await db.user.update({
     query: user._id,
     data: {
       password: await bcrypt.hash(password, 10),
-      [name]: '', // remove token
+      [tokenName]: '', // remove token
+      ...userData,
     },
-    blacklist: ['-' + name, '-password'],
+    blacklist: ['-' + tokenName, '-password'],
   })
-  const store = await this.signinAndGetStore({ ...user, [name]: undefined }, desktop, this.getStore)
-  return store
+  return await this.userSigninGetStore({ ...user, [tokenName]: undefined }, desktop)
+}
+
+export async function tokenConfirmForMultiTenant(req) {
+  const { token, ...userData } = req.body
+  const desktop = req.query.desktop
+  const companyId = db.id(this.tokenParse(token, 'company'))
+
+  // Find the invite from the token (company.invites[] entry)
+  const company = await db.company.findOne({ query: { _id: companyId, 'invites.inviteToken': token }, _privateData: true })
+  if (!company) throw new Error('Sorry your token is invalid or has already been used.')
+  const invite = company.invites.find(inv => inv.inviteToken === token)
+
+  // Has the user already been added to the company (company.users[] entry)?
+  const existingUser = await db.user.findOne({ query: { email: userData.email }, _privateData: true })
+  if (existingUser && company.users.some(u => u._id.toString() === existingUser._id.toString())) {
+    throw new Error('This user has already been added to the company.')
+  }
+
+  // Find or create new user
+  const user = existingUser || await this.userCreate({ ...userData, company: companyId }, true) // AKA "active company"
+  
+  // Add the user to the company
+  await db.company.update({
+    query: companyId,
+    $push: { users: { _id: user._id, role: invite.role, status: 'active' } }, // add user to company
+    $pull: { invites: { inviteToken: token } }, // remove invite
+  })
+
+  // Signin
+  return await this.userSigninGetStore(user, desktop)
 }
 
 /**
- * Checks if the user exists, updates the user with the invite token and sends the invite email
+ * Creates and sends a reset or invite token to a user or company
  * @param {object} options
- * @param {'reset' | 'invite'} options.type -  The type of token to send (default: 'reset')
- * @param {{_id: string, email: string, firstName: string}} options.user -  The user to send the invite email to
- * @param {function} [options.beforeUpdate] - callback hook to run before updating the user
- * @param {function} [options.beforeSendEmail] -  callback hook to run before sending the email
+ * @param {'reset' | 'invite' | 'companyInvite'} options.type - token type (default: 'reset')
+ * @param {string} options._id - user or company id
+ * @param {string} options.email - recipient email
+ * @param {string} options.firstName - recipient first name
+ * @param {function} [options.beforeUpdate] - runs before updating the model with the token, return null to skip update
+ * @param {function} [options.beforeSendEmail] - runs before sending the email, receives (options, token)
  * @returns {Promise<{token: string, mailgunPromise: Promise<unknown>}>}
  */
-export async function sendToken({ type = 'reset', user, beforeUpdate, beforeSendEmail }) {
-  if (!user?._id) throw new Error('user is required')
-  if (!user?.email) throw new Error('user.email is required')
-  if (!user?.firstName) throw new Error('user.firstName is required')
-  const token = await tokenCreate(user._id)
-
-  // get the data
-  const data = beforeUpdate ? beforeUpdate({ [type + 'Token']: token }) : { [type + 'Token']: token }
-  if (type === 'invite') data.isInvited = true
-
-  // Update the user with the token
-  const result = await db.user.update({
-    query: { _id: user._id },
-    data: data,
-    blacklist: ['-' + type + 'Token'],
-  })
-
-  if (!result._output.matchedCount) {
-    throw new Error('Invalid user id to send the token to')
+export async function tokenSend({ type = 'reset', _id, email, firstName, beforeUpdate, beforeSendEmail }) {
+  if (!_id) throw new Error(`${type === 'companyInvite' ? 'company' : 'user'} id is required`)
+  if (!email) throw new Error('email is required')
+  if (!firstName) throw new Error('firstName is required')
+
+  const tokenName = type === 'companyInvite' ? 'inviteToken' : type + 'Token'
+  const modelName = type === 'companyInvite' ? 'company' : 'user'
+  const token = await this.tokenCreate(modelName, _id)
+  const _beforeUpdate = beforeUpdate || (o => o)
+
+  if (modelName === 'company') {
+    // For companies, add the token to company.invites[].inviteToken
+    await db.company.update({ query: db.id(_id), $pull: { invites: { email } } })
+    const result = await db.company.update({ query: db.id(_id), $push: { invites: _beforeUpdate({ email: email, inviteToken: token }) }})
+    if (!result._output.matchedCount) throw new Error('Invalid company id to update the token for')
+  } else {
+    // For users, add the token to user.inviteToken|resetToken
+    const result = await db[modelName].update({
+      query: db.id(_id),
+      $set: _beforeUpdate({ [tokenName]: token, isInvited: type === 'invite' ? true : undefined }),
+    })
+    if (!result._output.matchedCount) throw new Error('Invalid ' + modelName + ' id to update the token for')
   }
 
   // Send email
   const options = {
     config: authConfig,
-    template: type === 'reset' ? 'reset-password' : 'invite-user',
-    to: `${ucFirst(user.firstName)}<${user.email}>`,
-    data: { token: token }, // + (req.query.hasOwnProperty('desktop') ? '?desktop' : '')
+    template: type === 'reset' ? 'reset-instructions' : 'invite-instructions',
+    to: `${ucFirst(firstName)}<${email}>`,
+    data: { token: token },
   }
   const mailgunPromise = sendEmail(beforeSendEmail ? beforeSendEmail(options, token) : options).catch(err => {
     console.error('sendEmail(..) mailgun error', err)

package/components/auth/inviteConfirm.tsx

@@ -0,0 +1,106 @@
+import { Topbar, Field, FormError, Button, request, onChange, getResponseErrors, showError } from 'nitro-web'
+import { Errors } from 'nitro-web/types'
+import { Fragment, useEffect } from 'react'
+
+type InviteConfirmProps = {
+  className?: string,
+  elements?: { Button?: typeof Button },
+  redirectTo?: string,
+}
+
+export function InviteConfirm({ className, elements, redirectTo }: InviteConfirmProps) {
+  const navigate = useNavigate()
+  const params = useParams()
+  const [store, setStore] = useTracked()
+  const [isLoading, setIsLoading] = useState(false)
+  const [accepted, setAccepted] = useState(false)
+  const [state, setState] = useState(() => ({
+    firstName: '',
+    lastName: '',
+    password: '',
+    password2: '',
+    token: params.token,
+    errors: [] as Errors,
+  }))
+
+  const Elements = {
+    Button: elements?.Button || Button,
+  }
+
+  // Auto-confirm on mount for already signed-in users
+  useEffect(() => {
+    if (store.user) submit({ token: params.token })
+  }, [])
+
+  async function submit(data: object, event?: React.FormEvent<HTMLFormElement>) {
+    try {
+      if (isLoading) return
+      const result = await request('post /api/invite-confirm', data, event, setIsLoading, setState)
+      setStore((s) => ({ ...s, ...result }))
+      setAccepted(true)
+      setTimeout(() => navigate(redirectTo || '/'), 5000)
+    } catch (e) {
+      showError(setStore, e)
+      setState((s) => ({ ...s, errors: getResponseErrors(e) }))
+    }
+  }
+
+  if (store.user) {
+    return (
+      <div className={className}>
+        <div class="py-12 text-center">
+          {accepted ? (
+            <Fragment>
+              <p class="text-lg font-semibold">Your invite has been accepted.</p>
+              <p class="text-sm text-gray-500 mt-1">You&apos;ll be redirected back to the <Link to="/">home page</Link> shortly...</p>
+            </Fragment>
+          ) : isLoading ? (
+            <Fragment>
+              <p class="text-lg font-semibold">Accepting your invite...</p>
+              <p class="text-sm text-gray-500 mt-1">Please wait while we confirm your invite.</p>
+            </Fragment>
+          ) : (
+            <Fragment>
+              <p class="text-lg font-semibold mb-2">Oops! Something went wrong.</p>
+              <span class="text-sm text-red-500 bg-red-50 p-1 rounded-md mt-1">{state.errors.map((error) => error.detail).join(', ')}</span>
+            </Fragment>
+          )}
+        </div>
+      </div>
+    )
+  }
+
+  return (
+    <div className={className}>
+      <Topbar title={<Fragment>Accept Your Invite</Fragment>} />
+
+      <form onSubmit={(e) => submit(state, e)} class="mb-0">
+        <div class="grid grid-cols-2 gap-6">  
+          <div>
+            <label for="firstName">First Name</label>
+            <Field name="firstName" type="text" state={state} onChange={(e) => onChange(e, setState)} placeholder="Your first name..." />
+          </div>
+          <div>
+            <label for="lastName">Last Name</label>
+            <Field name="lastName" type="text" state={state} onChange={(e) => onChange(e, setState)} placeholder="Your last name..." />
+          </div>
+        </div>
+        <div>
+          <label for="password">Choose a Password</label>
+          <Field name="password" type="password" state={state} onChange={(e) => onChange(e, setState)} />
+        </div>
+        <div>
+          <label for="password2">Repeat Your Password</label>
+          <Field name="password2" type="password" state={state} onChange={(e) => onChange(e, setState)} />
+        </div>
+
+        <div class="mb-14">
+          Already have an account? <Link to="/signin" class="underline2 is-active">Sign in here</Link> first then revisit this link.
+          <FormError state={state} className="pt-2" />
+        </div>
+
+        <Elements.Button class="w-full" isLoading={isLoading} type="submit">Accept Invite & Create Account</Elements.Button>
+      </form>
+    </div>
+  )
+}

package/components/auth/signup.tsx

@@ -15,7 +15,7 @@ export function Signup({ className, elements, redirectTo }: signupProps) {
   const [state, setState] = useState({
     email: injectedConfig.env === 'development' ? (injectedConfig.placeholderEmail || '') : '',
     name: injectedConfig.env === 'development' ? 'Bruce Wayne' : '',
-    business: { name: injectedConfig.env === 'development' ? 'Wayne Enterprises' : '' },
+    company: { business: { name: injectedConfig.env === 'development' ? 'Wayne Enterprises' : '' } },
     password: injectedConfig.env === 'development' ? '' : '',
     errors: [] as Errors,
   })
@@ -49,8 +49,11 @@ export function Signup({ className, elements, redirectTo }: signupProps) {
             />
           </div>
           <div>
-            <label for="business.name">Company Name</label>
-            <Field name="business.name" placeholder="E.g. Wayne Enterprises" state={state} onChange={(e) => onChange(e, setState)} />
+            <label for="company.business.name">Company Name</label>
+            <Field name="company.business.name" placeholder="E.g. Wayne Enterprises" state={state} 
+              onChange={(e) => onChange(e, setState)}
+              errorTitle={/business\.name/}
+            />
           </div>
         </div>
         <div>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nitro-web",
-  "version": "0.0.183",
+  "version": "0.0.184",
   "repository": "github:boycce/nitro-web",
   "homepage": "https://boycce.github.io/nitro-web/",
   "description": "Nitro is a battle-tested, modular base project to turbocharge your projects, styled using Tailwind 🚀",

package/server/models/company.js

@@ -13,17 +13,20 @@ export default {
       phone: { type: 'string' },
       website: { type: 'string', isURL: true },
     },
-    status: { type: 'string', default: 'active', enum: ['active', 'unpaid', 'deleted'] },
+    status: { type: 'string', default: 'active', enum: ['active', 'unpaid', 'deleted'], required: true },
     users: [{
-      _id: { model: 'user' },
-      role: { type: 'string', enum: ['owner', 'manager', 'accountant'] },
-      status: { type: 'string', required: true, enum: ['invited', 'active', 'deleted'] },
-      inviteEmail: { type: 'string' },
-      inviteToken: { type: 'string' },
+      _id: { model: 'user', required: true },
+      role: { type: 'string', enum: ['owner', 'manager', 'accountant'], required: true },
+      status: { type: 'string', default: 'active', enum: ['active', 'deleted'], required: true },
+    }],
+    invites: [{
+      email: { type: 'email', required: true },
+      role: { type: 'string', enum: ['owner', 'manager', 'accountant'], required: true },
+      inviteToken: { type: 'string', required: true },
     }],
   },
 
-  findBL: ['users.inviteToken'],
+  findBL: ['invites.token'],
   updateBL: ['status', 'users'],
 
   afterFind: [
@@ -34,8 +37,6 @@ export default {
         for (let i=data.users.length; i--;) {
           const user = data.users[i]
           const userExpanded = data.usersExpanded.find(o => String(o._id) == String(user._id))
-          // console.log(userExpanded)
-          if (user.inviteEmail) user.email = user.inviteEmail
           if (userExpanded) Object.assign(user, { ...userExpanded, name: fullName(userExpanded) })
         }
         delete data.usersExpanded

package/server/models/user.js

@@ -5,8 +5,9 @@ export default {
 
   fields: {
     avatar: { type: 'image' },
-    company: { model: 'company', required: true },
+    company: { model: 'company', required: true }, // AKA "active company"
     email: { type: 'email', required: true, index: 'unique' },
+    isAdmin: { type: 'boolean', default: false },
     isInvited: { type: 'boolean' },
     firstName: { type: 'string', required: true },
     lastName: { type: 'string', required: true },
@@ -14,7 +15,6 @@ export default {
     stripeCustomer: { type: 'any' },
     stripeSubscription: { type: 'any' },
     stripeIntents: { type: 'any' },
-    type: { type: 'string', default: 'user', enum: ['user', 'admin'] },
     usedFreeTrial: { type: 'boolean', default: false },
     // hidden fields
     password: { type: 'string', minLength: 6 },
@@ -23,7 +23,7 @@ export default {
   },
 
   findBL: ['password', 'inviteToken', 'resetToken'],
-  updateBL: ['password', 'inviteToken', 'resetToken', 'company', 'status', 'stripeSubscription', 'type', 'usedFreeTrial'],
+  updateBL: ['password', 'inviteToken', 'resetToken', 'company', 'status', 'stripeSubscription', 'isAdmin', 'usedFreeTrial'],
 
   messages: {
     lastName: {

package/server/router.js

@@ -404,7 +404,7 @@ export const middleware = {
 }
 
 export function isAdminUser(req) {
-  return (req.user?.type?.match(/admin/) || req.user?.isAdmin) ? true : false
+  return req.user?.isAdmin ? true : false
 }
 
 export function isValidUserOrRespond(req, res) {
@@ -424,7 +424,7 @@ export function isValidUserOrRespond(req, res) {
 function isValidParamCompanyUserOrRespond(req, res, checkIsOwner = false) {
   const _company = req.user?.company?._id?.toString() == req.params.cid ? req.user.company : false
   const company = _company || req.user?.companies?.find((o) => o._id.toString() == req.params.cid)
-  const isCompanyOwner = company?.users?.find((o) => o._id.toString() == req.user?._id?.toString() && o.type === 'owner')
+  const isCompanyOwner = company?.users?.find((o) => o._id.toString() == req.user?._id?.toString() && o.role === 'owner')
   if (!isValidUserOrRespond(req, res)) return
   else if (!isAdminUser(req) && !company) res.unauthorized('You are not authorised to make this request.')
   else if (!isAdminUser(req) && checkIsOwner && !isCompanyOwner) res.unauthorized('Only owners can make this request.')

package/types/components/auth/auth.api.d.ts

@@ -1,37 +1,48 @@
-export function findUserFromProvider(query: any, passwordToCheck: any, ...args: any[]): Promise<any>;
-export function getStore(user: any): Promise<{
-    user: any;
-}>;
-export function signinAndGetStore(user: any, isDesktop: any, getStore: any): Promise<any>;
-export function userCreate({ business, password, ...userDataProp }: {
-    [x: string]: any;
-    business: any;
-    password: any;
-}): Promise<any>;
-export function tokenCreate(id: any): Promise<any>;
-export function tokenParse(token: any): any;
-export function validatePassword(password: string, password2: any): Promise<void>;
 export function resetInstructions(req: any, res: any): Promise<void>;
 export function inviteInstructions(req: any, res: any): Promise<void>;
-export function inviteConfirm(req: any, res: any): Promise<void>;
 export function resetConfirm(req: any, res: any): Promise<void>;
-export function inviteOrResetConfirm(type: any, req: any): Promise<any>;
+export function inviteConfirm(req: any, res: any): Promise<void>;
+export function userFindFromProvider(query: any, passwordToCheck: any, ...args: any[]): Promise<any>;
+export function userSigninGetStore(user: any, isDesktop: any): Promise<any>;
+export function getStore(user: any): Promise<{
+    user: any;
+}>;
+/**
+ * Creates a new user and company (if multi tenant and `user.company` is not an id)
+ * @param {object} userData - user data
+ * @param {string} [userData.password] - optional
+ * @param {string} [userData.password2] - optional, to confirm the password
+ * @param {string} [userData.company] - if multi tenant and `user.company` is not an id, create a new company
+ * @param {boolean} [skipSendEmail=false] - whether to skip sending the welcome email
+ * @returns {Promise<object>} - the created user
+ */
+export function userCreate({ password, password2, company, ...userDataProp }: {
+    password?: string;
+    password2?: string;
+    company?: string;
+}, skipSendEmail?: boolean): Promise<object>;
+export function passwordValidate(password: string, password2: any): Promise<void>;
+export function tokenCreate(modelName: any, id: any): Promise<any>;
+export function tokenParse(token: any, modelName: any, maxAgeMs?: number): any;
+export function tokenConfirmForReset(req: any): Promise<any>;
+export function tokenConfirmForSingleTenant(req: any, isReset: any): Promise<any>;
+export function tokenConfirmForMultiTenant(req: any): Promise<any>;
 /**
- * Checks if the user exists, updates the user with the invite token and sends the invite email
+ * Creates and sends a reset or invite token to a user or company
  * @param {object} options
- * @param {'reset' | 'invite'} options.type -  The type of token to send (default: 'reset')
- * @param {{_id: string, email: string, firstName: string}} options.user -  The user to send the invite email to
- * @param {function} [options.beforeUpdate] - callback hook to run before updating the user
- * @param {function} [options.beforeSendEmail] -  callback hook to run before sending the email
+ * @param {'reset' | 'invite' | 'companyInvite'} options.type - token type (default: 'reset')
+ * @param {string} options._id - user or company id
+ * @param {string} options.email - recipient email
+ * @param {string} options.firstName - recipient first name
+ * @param {function} [options.beforeUpdate] - runs before updating the model with the token, return null to skip update
+ * @param {function} [options.beforeSendEmail] - runs before sending the email, receives (options, token)
  * @returns {Promise<{token: string, mailgunPromise: Promise<unknown>}>}
  */
-export function sendToken({ type, user, beforeUpdate, beforeSendEmail }: {
-    type: "reset" | "invite";
-    user: {
-        _id: string;
-        email: string;
-        firstName: string;
-    };
+export function tokenSend({ type, _id, email, firstName, beforeUpdate, beforeSendEmail }: {
+    type: "reset" | "invite" | "companyInvite";
+    _id: string;
+    email: string;
+    firstName: string;
     beforeUpdate?: Function;
     beforeSendEmail?: Function;
 }): Promise<{
@@ -44,26 +55,17 @@ export const routes: {
     'post    /api/signin': (typeof signin)[];
     'post    /api/signup': (typeof signup)[];
     'post    /api/reset-instructions': (typeof resetInstructions)[];
-    'post    /api/reset-password': (typeof resetConfirm)[];
+    'post    /api/reset-confirm': (typeof resetConfirm)[];
     'post    /api/invite-instructions': (typeof inviteInstructions)[];
-    'post    /api/invite-accept': (typeof inviteConfirm)[];
+    'post    /api/invite-confirm': (typeof inviteConfirm)[];
     'delete  /api/account/:uid': (typeof remove)[];
     setup: typeof setup;
-    findUserFromProvider: typeof findUserFromProvider;
-    getStore: typeof getStore;
-    signinAndGetStore: typeof signinAndGetStore;
-    tokenCreate: typeof tokenCreate;
-    tokenParse: typeof tokenParse;
-    userCreate: typeof userCreate;
-    validatePassword: typeof validatePassword;
-    sendToken: typeof sendToken;
-    inviteOrResetConfirm: typeof inviteOrResetConfirm;
 };
 declare function store(req: any, res: any): Promise<void>;
 declare function signout(req: any, res: any): void;
 declare function signin(req: any, res: any): any;
 declare function signup(req: any, res: any): Promise<void>;
 declare function remove(req: any, res: any): Promise<void>;
-declare function setup(middleware: any, _config: any): void;
+declare function setup(middleware: any, _config: any, helpers?: {}): void;
 export {};
 //# sourceMappingURL=auth.api.d.ts.map

package/types/components/auth/auth.api.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.api.d.ts","sourceRoot":"","sources":["../../../components/auth/auth.api.js"],"names":[],"mappings":"AAkLA,qGAyCC;AAED;;GAKC;AAED,0FAQC;AAED;;;;iBAkDC;AAED,mDAOC;AAED,4CAYC;AAED,kFAiBC;AAOD,qEAeC;AAED,sEAWC;AAED,iEAMC;AAED,gEAMC;AAID,wEAoBC;AAED;;;;;;;;GAQG;AACH,yEANG;IAAoC,IAAI,EAAhC,OAAO,GAAG,QAAQ;IACuC,IAAI,EAA7D;QAAC,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAC;IAC5B,YAAY;IACZ,eAAe;CAC1C,GAAU,OAAO,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,OAAO,CAAC,OAAO,CAAC,CAAA;CAAC,CAAC,CAoCtE;AApbD;;;;;;;;;;;;;;;;;;;;EA6BC;AAmED,0DAEC;AAkCD,mDAEC;AAnBD,iDAeC;AA9BD,2DAaC;AAuBD,2DAwBC;AAjID,4DA+DC"}
+{"version":3,"file":"auth.api.d.ts","sourceRoot":"","sources":["../../../components/auth/auth.api.js"],"names":[],"mappings":"AAuKA,qEAeC;AAED,sEAsCC;AAED,gEAMC;AAED,iEAgBC;AAID,qGA0CC;AAED,4EAOC;AAED;;GAKC;AAID;;;;;;;;GAQG;AACH,8EANG;IAA0B,QAAQ,GAA1B,MAAM;IACY,SAAS,GAA3B,MAAM;IACY,OAAO,GAAzB,MAAM;CACd,kBAAQ,OAAO,GACL,OAAO,CAAC,MAAM,CAAC,CA0D3B;AAED,kFAiBC;AAED,mEAOC;AAED,+EAWC;AAED,6DAEC;AAED,kFAoBC;AAED,mEA4BC;AAED;;;;;;;;;;GAUG;AACH,0FARG;IAAsD,IAAI,EAAlD,OAAO,GAAG,QAAQ,GAAG,eAAe;IACpB,GAAG,EAAnB,MAAM;IACU,KAAK,EAArB,MAAM;IACU,SAAS,EAAzB,MAAM;IACa,YAAY;IACZ,eAAe;CAC1C,GAAU,OAAO,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,OAAO,CAAC,OAAO,CAAC,CAAA;CAAC,CAAC,CAuCtE;AA1fD;;;;;;;;;;;EAaC;AAyED,0DAEC;AA6BD,mDAEC;AAnBD,iDAeC;AAzBD,2DAQC;AAuBD,2DAwBC;AAlID,0EAqEC"}

package/types/server/models/company.d.ts

@@ -90,25 +90,39 @@ declare namespace _default {
             export { _default_2 as default };
             let _enum: string[];
             export { _enum as enum };
+            let required_3: boolean;
+            export { required_3 as required };
         }
         let users: {
             _id: {
                 model: string;
+                required: boolean;
             };
             role: {
                 type: string;
                 enum: string[];
+                required: boolean;
             };
             status: {
                 type: string;
-                required: boolean;
+                default: string;
                 enum: string[];
+                required: boolean;
+            };
+        }[];
+        let invites: {
+            email: {
+                type: string;
+                required: boolean;
             };
-            inviteEmail: {
+            role: {
                 type: string;
+                enum: string[];
+                required: boolean;
             };
             inviteToken: {
                 type: string;
+                required: boolean;
             };
         }[];
     }

package/types/server/models/company.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"company.d.ts","sourceRoot":"","sources":["../../../server/models/company.js"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QA8CgB,sCAEX;QACc;;;;;;;;;;;;;;;;;;;;;;;YAyBd"}
+{"version":3,"file":"company.d.ts","sourceRoot":"","sources":["../../../server/models/company.js"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QA+CgB,sCAEX;QACc;;;;;;;;;;;;;;;;;;;;;;;YAyBd"}

package/types/server/models/user.d.ts

@@ -1,83 +1,80 @@
 declare namespace _default {
     namespace fields {
-        export namespace avatar {
+        namespace avatar {
             let type: string;
         }
-        export namespace company {
+        namespace company {
             let model: string;
             let required: boolean;
         }
-        export namespace email {
+        namespace email {
             let type_1: string;
             export { type_1 as type };
             let required_1: boolean;
             export { required_1 as required };
             export let index: string;
         }
-        export namespace isInvited {
+        namespace isAdmin {
             let type_2: string;
             export { type_2 as type };
+            let _default: boolean;
+            export { _default as default };
         }
-        export namespace firstName {
+        namespace isInvited {
             let type_3: string;
             export { type_3 as type };
-            let required_2: boolean;
-            export { required_2 as required };
         }
-        export namespace lastName {
+        namespace firstName {
             let type_4: string;
             export { type_4 as type };
-            let required_3: boolean;
-            export { required_3 as required };
+            let required_2: boolean;
+            export { required_2 as required };
         }
-        export namespace status {
+        namespace lastName {
             let type_5: string;
             export { type_5 as type };
-            let _default: string;
-            export { _default as default };
-            let _enum: string[];
-            export { _enum as enum };
+            let required_3: boolean;
+            export { required_3 as required };
         }
-        export namespace stripeCustomer {
+        namespace status {
             let type_6: string;
             export { type_6 as type };
+            let _default_1: string;
+            export { _default_1 as default };
+            let _enum: string[];
+            export { _enum as enum };
         }
-        export namespace stripeSubscription {
+        namespace stripeCustomer {
             let type_7: string;
             export { type_7 as type };
         }
-        export namespace stripeIntents {
+        namespace stripeSubscription {
             let type_8: string;
             export { type_8 as type };
         }
-        export namespace type_9 {
+        namespace stripeIntents {
+            let type_9: string;
+            export { type_9 as type };
+        }
+        namespace usedFreeTrial {
             let type_10: string;
             export { type_10 as type };
-            let _default_1: string;
-            export { _default_1 as default };
-            let _enum_1: string[];
-            export { _enum_1 as enum };
+            let _default_2: boolean;
+            export { _default_2 as default };
         }
-        export { type_9 as type };
-        export namespace usedFreeTrial {
+        namespace password {
             let type_11: string;
             export { type_11 as type };
-            let _default_2: boolean;
-            export { _default_2 as default };
+            export let minLength: number;
         }
-        export namespace password {
+        namespace inviteToken {
             let type_12: string;
             export { type_12 as type };
-            export let minLength: number;
         }
-        export namespace inviteToken {
+        namespace resetToken {
             let type_13: string;
             export { type_13 as type };
         }
-        export namespace resetToken {
-            let type_14: string;
-            export { type_14 as type };
-        }
     }
     let findBL: string[];
     let updateBL: string[];

package/types/server/models/user.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../../server/models/user.js"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAiDmB,gCAEd"}
+{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../../server/models/user.js"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAiDmB,gCAEd"}

package/types.ts

@@ -24,13 +24,13 @@ export type Config = InjectedConfig & {
 
 export type User = {
   _id?: string
+  email?: string
   firstName?: string
   lastName?: string
   name?: string
   avatar?: MonasteryImage
   isAdmin?: boolean
   isInvited?: boolean
-  type?: string
 }
 
 export type Error = { title: string, detail: string }