powr-sdk-api 2.2.2 → 2.3.1

package/dist/index.js

@@ -23,6 +23,10 @@ const {
 const {
   createPowrRoutes
 } = require("./routes");
+const {
+  generateJWTToken,
+  verifyToken
+} = require("./middleware/jwtToken");
 module.exports = {
   errorCatcher,
   errorHandler,
@@ -32,5 +36,7 @@ module.exports = {
   generateToken,
   validateAuth,
   notFoundHandler,
-  createPowrRoutes
+  createPowrRoutes,
+  generateJWTToken,
+  verifyToken
 };

package/dist/middleware/error.js

@@ -15,8 +15,24 @@ const errorHandler = (err, req, res, next) => {
   const message = err.message || 'Internal Server Error';
   const statusCode = err.statusCode || 500;
 
-  // Pass error details to res.error
-  return res.error(message, statusCode, err);
+  // Check if res.error is available (from requestHandler)
+  if (res.error) {
+    return res.error(message, statusCode, err);
+  }
+
+  // Fallback error handling if res.error is not available
+  console.error('Error:', err);
+  const response = {
+    success: false,
+    message: message,
+    requestId: req.requestId || 'unknown'
+  };
+
+  // Include error details in development
+  if (process.env.NODE_ENV === 'development') {
+    response.error = err.stack;
+  }
+  return res.status(statusCode).json(response);
 };
 module.exports = {
   errorCatcher,

package/dist/middleware/jwtToken.js

@@ -1,18 +1,59 @@
 "use strict";
 
 const jwt = require('jsonwebtoken');
+const {
+  ObjectId
+} = require('mongodb');
 const {
   config
 } = require('../config');
 const generateJWTToken = user => {
   return jwt.sign({
-    userId: user._id,
-    username: user.username,
-    name: user.name
+    userId: user._id
   }, config.jwtToken, {
     expiresIn: '24h'
   });
 };
+
+// Verify JWT token middleware for APIs
+const verifyToken = async (req, res, next) => {
+  try {
+    // Get token from Authorization header
+    const authHeader = req.headers.authorization;
+    if (!authHeader) {
+      return res.status(401).json({
+        success: false,
+        message: "No authorization token provided."
+      });
+    }
+
+    // Extract token (remove 'Bearer ' if present)
+    const token = authHeader.startsWith("Bearer ") ? authHeader.slice(7) : authHeader;
+
+    // Verify JWT token
+    const decoded = jwt.verify(token, config.jwtToken);
+    console.log("JWT Decoded user data:", JSON.stringify(decoded, null, 2));
+
+    // Attach user info to request object
+    req.user = {
+      powrId: new ObjectId(decoded.userId),
+      // powr-base user ID
+      access: 1 // Default access level for API users
+    };
+    console.log("Authenticated user:", {
+      powrId: req.user.powrId,
+      access: req.user.access
+    });
+    next();
+  } catch (error) {
+    console.error("Error in auth middleware:", error);
+    return res.status(401).json({
+      success: false,
+      message: "Invalid token."
+    });
+  }
+};
 module.exports = {
-  generateJWTToken
+  generateJWTToken,
+  verifyToken
 };

package/dist/middleware/notfound.js

@@ -10,8 +10,19 @@ const notFoundHandler = (req, res) => {
     userAgent: req.headers['user-agent']
   });
 
-  // Return a consistent JSON response
-  return res.error('The requested resource was not found', 404, `${req.method} ${req.path}`);
+  // Check if res.error is available (from requestHandler)
+  if (res.error) {
+    return res.error('The requested resource was not found', 404, `${req.method} ${req.path}`);
+  }
+
+  // Fallback 404 handling if res.error is not available
+  const response = {
+    success: false,
+    message: 'The requested resource was not found',
+    requestId: req.requestId || 'unknown',
+    path: `${req.method} ${req.path}`
+  };
+  return res.status(404).json(response);
 };
 module.exports = {
   notFoundHandler

package/dist/routes/auth.js

@@ -4,13 +4,14 @@ const express = require("express");
 const router = express.Router();
 const {
   getDb
-} = require("../services/mongo");
+} = require("../services/dbService");
 const {
   ObjectId
 } = require("mongodb");
 const bcrypt = require("bcrypt");
 const {
-  generateJWTToken
+  generateJWTToken,
+  verifyToken
 } = require("../middleware/jwtToken");
 const {
   config
@@ -21,18 +22,39 @@ router.post("/register", async (req, res) => {
   const {
     fullName,
     username,
+    phoneOrEmail,
     password
   } = req.body;
   try {
-    if (!fullName || !username || !password) {
+    if (!(username || phoneOrEmail)) {
       return res.status(400).json({
         success: false,
-        message: "Full name, username and password are required"
+        message: "Username or phone number or email is required"
       });
     }
-    const existingUser = await getDb().collection("users").findOne({
+    if (!password) {
+      return res.status(400).json({
+        success: false,
+        message: "Password is required"
+      });
+    }
+    if (!fullName) {
+      return res.status(400).json({
+        success: false,
+        message: "Full name is required"
+      });
+    }
+    let q = username ? {
       username: username
-    });
+    } : {
+      $or: [{
+        phoneNumber: phoneOrEmail
+      }, {
+        email: phoneOrEmail
+      }]
+    };
+    console.log(q);
+    const existingUser = await getDb().collection("users").findOne(q);
     if (existingUser) {
       return res.status(400).json({
         success: false,
@@ -43,6 +65,8 @@ router.post("/register", async (req, res) => {
     const hashedPassword = await bcrypt.hash(password, saltRounds);
     const newUser = {
       fullName,
+      email: phoneOrEmail,
+      phoneNumber: phoneOrEmail,
       username,
       password: hashedPassword,
       createdAt: new Date()
@@ -66,22 +90,38 @@ router.post("/register", async (req, res) => {
 router.post("/login", async (req, res) => {
   const {
     username,
+    phoneOrEmail,
     password
   } = req.body;
   try {
-    if (!username || !password) {
+    if (!(username || phoneOrEmail)) {
       return res.status(400).json({
         success: false,
-        message: "Username and password are required"
+        message: "Username or phone number or email is required"
       });
     }
-    const user = await getDb().collection("users").findOne({
+    if (!password) {
+      return res.status(400).json({
+        success: false,
+        message: "Password is required"
+      });
+    }
+    let q = username ? {
       username: username
-    });
+    } : {
+      $or: [{
+        phoneNumber: phoneOrEmail
+      }, {
+        email: phoneOrEmail
+      }]
+    };
+    console.log(q);
+    const user = await getDb().collection("users").findOne(q);
+    console.log(user);
     if (!user) {
       return res.status(401).json({
         success: false,
-        message: "Invalid username or password."
+        message: "User not found."
       });
     }
     const isPasswordValid = await bcrypt.compare(password, user.password);

package/dist/routes/index.js

@@ -18,16 +18,24 @@ const blogsRoutes = require('./blogs');
 const slidesRoutes = require('./slides');
 const notificationsRoutes = require('./notifications');
 const createPowrRoutes = () => {
-  // Get config from environment variables
-  const {
-    getConfig
-  } = require('../config');
-  const config = getConfig();
   const router = express.Router();
 
   // Middleware to inject projectId into all requests
   router.use((req, res, next) => {
-    req.projectId = config.projectId;
+    try {
+      const {
+        getConfig
+      } = require('../config');
+      const config = getConfig();
+      req.projectId = config.projectId;
+    } catch (error) {
+      console.error('❌ Config error:', error.message);
+      return res.status(500).json({
+        success: false,
+        message: 'Configuration error',
+        error: error.message
+      });
+    }
     next();
   });
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "powr-sdk-api",
-  "version": "2.2.2",
+  "version": "2.3.1",
   "description": "Shared API core library for PowrStack projects",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",