powr-sdk-api 4.5.7 → 4.6.5

package/dist/logger/gcs.js

@@ -0,0 +1,78 @@
+"use strict";
+
+const winston = require('winston');
+const {
+  Storage
+} = require('@google-cloud/storage');
+
+// Create GCS client using environment variables for credentials
+const storage = new Storage({
+  projectId: process.env.GCS_PROJECT_ID,
+  credentials: {
+    client_email: process.env.GCS_CLIENT_EMAIL,
+    private_key: process.env.GCS_PRIVATE_KEY ? process.env.GCS_PRIVATE_KEY.replace(/\\n/g, '\n') : undefined
+  }
+});
+
+/**
+ * Custom Winston transport for logging to Google Cloud Storage
+ */
+class GCSTransport extends winston.Transport {
+  constructor(opts) {
+    super(opts);
+    this.bucket = opts.bucket;
+    this.prefix = opts.prefix || '';
+    this.buffer = [];
+    this.bufferSize = opts.bufferSize || 100;
+    this.flushInterval = opts.flushInterval || 5000;
+    this.setupFlushInterval();
+  }
+  setupFlushInterval() {
+    setInterval(() => {
+      this.flush();
+    }, this.flushInterval);
+  }
+  async flush() {
+    if (this.buffer.length === 0) return;
+    const logs = this.buffer.splice(0, this.buffer.length);
+    const date = new Date().toISOString().split('T')[0];
+    const filename = `${this.prefix}/${date}/${Date.now()}.json`;
+    try {
+      const bucket = storage.bucket(this.bucket);
+      const file = bucket.file(filename);
+      await file.save(JSON.stringify(logs), {
+        contentType: 'application/json',
+        metadata: {
+          contentType: 'application/json'
+        }
+      });
+    } catch (error) {
+      console.error('Failed to write logs to Google Cloud Storage:', {
+        error: error.message,
+        code: error.code,
+        bucket: this.bucket,
+        filename: filename,
+        projectId: process.env.GCS_PROJECT_ID,
+        stack: error.stack
+      });
+      // Put the logs back in the buffer
+      this.buffer.unshift(...logs);
+    }
+  }
+  log(info, callback) {
+    setImmediate(() => {
+      this.emit('logged', info);
+    });
+    this.buffer.push({
+      timestamp: new Date().toISOString(),
+      ...info
+    });
+    if (this.buffer.length >= this.bufferSize) {
+      this.flush();
+    }
+    callback();
+  }
+}
+module.exports = {
+  GCSTransport
+};

package/dist/logger/s3.js

@@ -0,0 +1,78 @@
+"use strict";
+
+const winston = require('winston');
+const {
+  S3Client,
+  PutObjectCommand
+} = require('@aws-sdk/client-s3');
+
+// Create S3 client
+const s3Client = new S3Client({
+  region: process.env.AWS_REGION,
+  credentials: {
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY
+  }
+});
+
+/**
+ * Custom Winston transport for logging to S3
+ */
+class S3Transport extends winston.Transport {
+  constructor(opts) {
+    super(opts);
+    this.bucket = opts.bucket;
+    this.prefix = opts.prefix || '';
+    this.buffer = [];
+    this.bufferSize = opts.bufferSize || 100;
+    this.flushInterval = opts.flushInterval || 5000;
+    this.setupFlushInterval();
+  }
+  setupFlushInterval() {
+    setInterval(() => {
+      this.flush();
+    }, this.flushInterval);
+  }
+  async flush() {
+    if (this.buffer.length === 0) return;
+    const logs = this.buffer.splice(0, this.buffer.length);
+    const date = new Date().toISOString().split('T')[0];
+    const key = `${this.prefix}/${date}/${Date.now()}.json`;
+    try {
+      const command = new PutObjectCommand({
+        Bucket: this.bucket,
+        Key: key,
+        Body: JSON.stringify(logs),
+        ContentType: 'application/json'
+      });
+      await s3Client.send(command);
+    } catch (error) {
+      console.error('Failed to write logs to S3:', {
+        error: error.message,
+        code: error.code,
+        bucket: this.bucket,
+        key: key,
+        region: process.env.AWS_REGION,
+        stack: error.stack
+      });
+      // Put the logs back in the buffer
+      this.buffer.unshift(...logs);
+    }
+  }
+  log(info, callback) {
+    setImmediate(() => {
+      this.emit('logged', info);
+    });
+    this.buffer.push({
+      timestamp: new Date().toISOString(),
+      ...info
+    });
+    if (this.buffer.length >= this.bufferSize) {
+      this.flush();
+    }
+    callback();
+  }
+}
+module.exports = {
+  S3Transport
+};

package/dist/middleware/auth.js

@@ -0,0 +1,76 @@
+"use strict";
+
+const jwt = require("jsonwebtoken");
+const generateToken = user => {
+  return jwt.sign({
+    userId: user.userId
+  }, process.env.JWT_SECRET, {
+    expiresIn: process.env.JWT_EXPIRES_IN || '24h'
+  });
+};
+const validateToken = async (req, res, next) => {
+  try {
+    let token;
+
+    // Check if token exists in headers
+    if (req.headers.authorization && req.headers.authorization.startsWith("Bearer")) {
+      token = req.headers.authorization.split(" ")[1];
+    }
+    if (!token) {
+      return res.error("Not authorized to access this route", 401);
+    }
+    try {
+      // Verify token
+      const decoded = jwt.verify(token, process.env.JWT_SECRET);
+
+      // // Get user from token
+      // const user = await User.findByPk(decoded.userId);
+      // if (!user) {
+      //     return res.error('User not found', 401);
+      // }
+
+      // // Add user and userId to request object
+      // req.user = user;
+      req.userId = decoded.userId;
+      next();
+    } catch (error) {
+      return res.error("Not authorized to access this route", 401, error);
+    }
+  } catch (error) {
+    return res.error("Error authenticating user", 500, error);
+  }
+};
+const validateAuth = (options = {}) => {
+  const {
+    publicPaths = ["/auth", "/", "/status", "/swagger"],
+    publicMethods = ["OPTIONS"]
+  } = options;
+  return async (req, res, next) => {
+    // Skip auth validation for public paths
+    if (publicPaths.some(path => req.path.startsWith(path))) {
+      return next();
+    }
+
+    // Skip auth validation for public methods
+    if (publicMethods.includes(req.method)) {
+      return next();
+    }
+
+    // Use the original validateToken middleware for protected routes
+    return validateToken(req, res, next);
+  };
+};
+
+// exports.authorize = (...roles) => {
+//     return (req, res, next) => {
+//         if (!roles.includes(req.user.role)) {
+//             return res.error(`User role ${req.user.role} is not authorized to access this route`, 403);
+//         }
+//         next();
+//     };
+// };
+
+module.exports = {
+  validateAuth,
+  generateToken
+};

package/dist/middleware/jwtToken.js

@@ -10,9 +10,20 @@ const generateJWTToken = (user, profile = null) => {
     fullName: user.fullName,
     access: profile === null || profile === void 0 ? void 0 : profile.access
   }, config.jwtToken, {
-    expiresIn: '24h'
+    expiresIn: '7d'
   });
 };
+const generateRefreshToken = user => {
+  return jwt.sign({
+    userId: user._id,
+    type: 'refresh'
+  }, config.jwtToken, {
+    expiresIn: '30d'
+  });
+};
+const verifyRefreshToken = token => {
+  return jwt.verify(token, config.jwtToken);
+};
 
 // Verify JWT token middleware for APIs
 const verifyToken = async (req, res, next) => {
@@ -43,7 +54,7 @@ const verifyToken = async (req, res, next) => {
       fullName: decoded.fullName,
       access: decoded.access
     };
-    next();
+    return next();
   } catch (error) {
     console.error("Error in auth middleware:", error);
     return res.status(401).json({
@@ -54,5 +65,7 @@ const verifyToken = async (req, res, next) => {
 };
 module.exports = {
   generateJWTToken,
+  generateRefreshToken,
+  verifyRefreshToken,
   verifyToken
 };

package/dist/middleware/logger.js

@@ -0,0 +1,45 @@
+"use strict";
+
+/**
+ * Logging middleware for Express applications
+ */
+
+const logger = (req, res, next) => {
+  const startTime = Date.now();
+
+  // Log request with redacted sensitive information
+  try {
+    const logBody = {
+      ...req.body
+    };
+    if (logBody.password) logBody.password = "[REDACTED]";
+    if (logBody.token) logBody.token = "[REDACTED]";
+    console.log('Request:', {
+      timestamp: new Date().toISOString(),
+      method: req.method,
+      url: req.originalUrl,
+      ip: req.ip,
+      userAgent: req.get('user-agent'),
+      body: logBody,
+      query: req.query
+    });
+  } catch (error) {
+    console.error("Error logging request:", error);
+  }
+
+  // Log response with timing information
+  res.on('finish', () => {
+    const responseTime = Date.now() - startTime;
+    console.log('Response:', {
+      timestamp: new Date().toISOString(),
+      method: req.method,
+      url: req.originalUrl,
+      statusCode: res.statusCode,
+      responseTime: `${responseTime}ms`,
+      userAgent: req.get('user-agent'),
+      ip: req.ip
+    });
+  });
+  next();
+};
+module.exports = logger;

package/dist/middleware/response.js

@@ -0,0 +1,53 @@
+"use strict";
+
+const logger = require('../services/logger');
+const responseFormatter = (req, res, next) => {
+  // Add success method to response object
+  res.success = function (message = 'Success', statusCode = 200, data = null) {
+    const response = {
+      success: true,
+      message
+    };
+
+    // Only include data if it's not null
+    if (data !== null) {
+      response.data = data;
+    }
+    return this.status(statusCode).json(response);
+  };
+
+  // Add error method to response object
+  res.error = function (message = 'Error', statusCode = 500, error = null) {
+    const response = {
+      success: false,
+      message
+    };
+
+    // Only include details if they're not null
+    if (error !== null) {
+      response.error = error;
+    }
+    return this.status(statusCode).json(response);
+  };
+  next();
+};
+const responseLogger = (req, res, next) => {
+  const startTime = Date.now();
+  res.on('finish', () => {
+    const responseTime = Date.now() - startTime;
+    logger.info('API Response', {
+      method: req.method,
+      url: req.originalUrl,
+      statusCode: res.statusCode,
+      responseTime: `${responseTime}ms`,
+      userAgent: req.get('user-agent'),
+      ip: req.ip,
+      response: res.locals.responseBody || '[not captured]'
+    });
+  });
+  next();
+};
+module.exports = {
+  responseFormatter,
+  responseLogger
+};

package/dist/routes/auth.js

@@ -10,7 +10,9 @@ const {
 } = require("mongodb");
 const bcrypt = require("bcrypt");
 const {
-  generateJWTToken
+  generateJWTToken,
+  generateRefreshToken,
+  verifyRefreshToken
 } = require("../middleware/jwtToken");
 const {
   config
@@ -178,6 +180,14 @@ router.post("/login", async (req, res) => {
       }
     }
     const token = generateJWTToken(user, profile);
+    const refreshToken = generateRefreshToken(user);
+    await db.collection("users").updateOne({
+      _id: user._id
+    }, {
+      $set: {
+        refreshToken
+      }
+    });
     const {
       password: _,
       _id,
@@ -205,7 +215,8 @@ router.post("/login", async (req, res) => {
       success: true,
       message: "Login successful",
       user: mergedUser,
-      token: token
+      token,
+      refreshToken
     });
   } catch (error) {
     console.error("Error logging in:", error);
@@ -215,6 +226,66 @@ router.post("/login", async (req, res) => {
     });
   }
 });
+router.post("/refresh-token", async (req, res) => {
+  const {
+    refreshToken
+  } = req.body;
+  const projectId = req.projectId;
+  try {
+    var _decoded, _decoded2;
+    if (!refreshToken) {
+      return res.status(400).json({
+        success: false,
+        message: "Refresh token is required"
+      });
+    }
+    let decoded;
+    try {
+      decoded = verifyRefreshToken(refreshToken);
+    } catch (error) {
+      return res.status(401).json({
+        success: false,
+        message: "Invalid or expired refresh token"
+      });
+    }
+    if (!((_decoded = decoded) !== null && _decoded !== void 0 && _decoded.userId) || ((_decoded2 = decoded) === null || _decoded2 === void 0 ? void 0 : _decoded2.type) !== "refresh") {
+      return res.status(401).json({
+        success: false,
+        message: "Invalid refresh token payload"
+      });
+    }
+    const db = await getDb();
+    const user = await db.collection("users").findOne({
+      _id: new ObjectId(decoded.userId),
+      refreshToken
+    });
+    if (!user) {
+      return res.status(401).json({
+        success: false,
+        message: "Refresh token is no longer valid"
+      });
+    }
+    let profile = null;
+    if (projectId) {
+      profile = await db.collection("profiles").findOne({
+        userId: user._id,
+        projectId: projectId
+      });
+    }
+    const token = generateJWTToken(user, profile);
+    return res.status(200).json({
+      success: true,
+      message: "Token refreshed successfully",
+      token
+    });
+  } catch (error) {
+    console.error("Error refreshing token:", error);
+    return res.status(500).json({
+      success: false,
+      message: "Failed to refresh token."
+    });
+  }
+});
 
 // Forgot Password
 router.post("/forgot-password", async (req, res) => {

package/dist/services/logger.js

@@ -0,0 +1,35 @@
+"use strict";
+
+const winston = require('winston');
+const {
+  S3Transport
+} = require('../utils/s3');
+
+// Custom format for logs
+const logFormat = winston.format.combine(winston.format.timestamp(), winston.format.errors({
+  stack: true
+}), winston.format.json());
+
+// Create base transports array with console transport
+const transports = [new winston.transports.Console()];
+
+// Add S3 transport only in production
+if (process.env.NODE_ENV === 'production') {
+  transports.push(new S3Transport({
+    bucket: process.env.AWS_LOG_BUCKET_NAME,
+    prefix: 'logs',
+    bufferSize: 100,
+    flushInterval: 5000
+  }));
+}
+
+// Create the logger
+const logger = winston.createLogger({
+  level: process.env.LOG_LEVEL || 'info',
+  format: logFormat,
+  defaultMeta: {
+    service: process.env.LOG_SERVICE_NAME
+  },
+  transports
+});
+module.exports = logger;

package/dist/utils/auth.js

@@ -0,0 +1,19 @@
+"use strict";
+
+const jwt = require('jsonwebtoken');
+
+/**
+ * Generates a JWT token for a user
+ * @param {Object} user - The user object
+ * @returns {string} - The generated JWT token
+ */
+const generateToken = user => {
+  return jwt.sign({
+    userId: user.userId
+  }, process.env.JWT_SECRET, {
+    expiresIn: process.env.JWT_EXPIRES_IN || '24h'
+  });
+};
+module.exports = {
+  generateToken
+};

package/dist/utils/logger.js

@@ -0,0 +1,57 @@
+"use strict";
+
+/**
+ * Logger utility for Express applications
+ */
+
+const winston = require('winston');
+const S3Transport = require('./s3-transport');
+
+/**
+ * Creates a Winston logger instance with configured transports
+ * @param {Object} options - Logger configuration options
+ * @param {string} options.service - Service name for logging
+ * @param {string} options.level - Log level (default: 'info')
+ * @param {Object} options.s3 - S3 transport configuration
+ * @param {string} options.s3.bucket - S3 bucket name
+ * @param {string} options.s3.prefix - S3 key prefix
+ * @param {number} options.s3.bufferSize - Buffer size for S3 uploads
+ * @param {number} options.s3.flushInterval - Flush interval in milliseconds
+ * @returns {winston.Logger} Configured Winston logger instance
+ */
+const createLogger = (options = {}) => {
+  const {
+    service = 'api',
+    level = process.env.LOG_LEVEL || 'info',
+    s3 = null
+  } = options;
+
+  // Custom format for logs
+  const logFormat = winston.format.combine(winston.format.timestamp(), winston.format.errors({
+    stack: true
+  }), winston.format.json());
+
+  // Create base transports array with console transport
+  const transports = [new winston.transports.Console()];
+
+  // Add S3 transport if configured
+  if (s3 && process.env.NODE_ENV === 'production') {
+    transports.push(new S3Transport({
+      bucket: s3.bucket,
+      prefix: s3.prefix || 'logs',
+      bufferSize: s3.bufferSize || 100,
+      flushInterval: s3.flushInterval || 5000
+    }));
+  }
+
+  // Create and return the logger
+  return winston.createLogger({
+    level,
+    format: logFormat,
+    defaultMeta: {
+      service
+    },
+    transports
+  });
+};
+module.exports = createLogger;

package/dist/utils/s3-transport.js

@@ -0,0 +1,61 @@
+"use strict";
+
+/**
+ * S3 Transport for Winston logger
+ */
+
+const winston = require('winston');
+const {
+  S3Client,
+  PutObjectCommand
+} = require('@aws-sdk/client-s3');
+
+/**
+ * Custom Winston transport for logging to S3
+ */
+class S3Transport extends winston.Transport {
+  constructor(opts) {
+    super(opts);
+    this.bucket = opts.bucket;
+    this.prefix = opts.prefix || '';
+    this.buffer = [];
+    this.bufferSize = opts.bufferSize || 100;
+    this.flushInterval = opts.flushInterval || 5000;
+    this.setupFlushInterval();
+  }
+  setupFlushInterval() {
+    setInterval(() => {
+      this.flush();
+    }, this.flushInterval);
+  }
+  async flush() {
+    if (this.buffer.length === 0) return;
+    const logs = this.buffer.splice(0, this.buffer.length);
+    const date = new Date().toISOString().split('T')[0];
+    const key = `${this.prefix}/${date}/${Date.now()}.json`;
+    try {
+      const command = new PutObjectCommand({
+        Bucket: this.bucket,
+        Key: key,
+        Body: JSON.stringify(logs),
+        ContentType: 'application/json'
+      });
+      await this.s3Client.send(command);
+    } catch (error) {
+      console.error('Error flushing logs to S3:', error);
+      // Put logs back in buffer
+      this.buffer.unshift(...logs);
+    }
+  }
+  log(info, callback) {
+    setImmediate(() => {
+      this.emit('logged', info);
+    });
+    this.buffer.push(info);
+    if (this.buffer.length >= this.bufferSize) {
+      this.flush();
+    }
+    callback();
+  }
+}
+module.exports = S3Transport;

package/dist/utils/s3.js

@@ -0,0 +1,78 @@
+"use strict";
+
+const winston = require('winston');
+const {
+  S3Client,
+  PutObjectCommand
+} = require('@aws-sdk/client-s3');
+
+// Create S3 client
+const s3Client = new S3Client({
+  region: process.env.AWS_REGION,
+  credentials: {
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY
+  }
+});
+
+/**
+ * Custom Winston transport for logging to S3
+ */
+class S3Transport extends winston.Transport {
+  constructor(opts) {
+    super(opts);
+    this.bucket = opts.bucket;
+    this.prefix = opts.prefix || '';
+    this.buffer = [];
+    this.bufferSize = opts.bufferSize || 100;
+    this.flushInterval = opts.flushInterval || 5000;
+    this.setupFlushInterval();
+  }
+  setupFlushInterval() {
+    setInterval(() => {
+      this.flush();
+    }, this.flushInterval);
+  }
+  async flush() {
+    if (this.buffer.length === 0) return;
+    const logs = this.buffer.splice(0, this.buffer.length);
+    const date = new Date().toISOString().split('T')[0];
+    const key = `${this.prefix}/${date}/${Date.now()}.json`;
+    try {
+      const command = new PutObjectCommand({
+        Bucket: this.bucket,
+        Key: key,
+        Body: JSON.stringify(logs),
+        ContentType: 'application/json'
+      });
+      await s3Client.send(command);
+    } catch (error) {
+      console.error('Failed to write logs to S3:', {
+        error: error.message,
+        code: error.code,
+        bucket: this.bucket,
+        key: key,
+        region: process.env.AWS_REGION,
+        stack: error.stack
+      });
+      // Put the logs back in the buffer
+      this.buffer.unshift(...logs);
+    }
+  }
+  log(info, callback) {
+    setImmediate(() => {
+      this.emit('logged', info);
+    });
+    this.buffer.push({
+      timestamp: new Date().toISOString(),
+      ...info
+    });
+    if (this.buffer.length >= this.bufferSize) {
+      this.flush();
+    }
+    callback();
+  }
+}
+module.exports = {
+  S3Transport
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "powr-sdk-api",
-  "version": "4.5.7",
+  "version": "4.6.5",
   "description": "Shared API core library for PowrStack projects. Zero dependencies - works with Express, Next.js API routes, and other frameworks. All features are optional and install only what you need.",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",