propro-utils 1.5.76 → 1.5.77

package/middlewares/account_info.js

@@ -109,105 +109,193 @@ const DEFAULT_THEME = {
 };
 
 /**
- * Checks if a user exists based on the given account ID.
- * If the user does not exist, creates a new user with the given account ID.
- * If the user exists but doesn't have global styles, creates them.
+ * Checks and initializes a user account with all required associated data.
+ * Handles user creation, global styles, folders, and themes in an optimized way.
  *
- * @param {string} accountId - The account ID of the user to check/create.
- * @returns {Promise<Object>} A promise that resolves to the user object.
- * @throws {Error} If there's an issue with database operations.
+ * @param {string} accountId - The account ID of the user to check/create
+ * @returns {Promise<Object>} A promise that resolves to the complete user object
+ * @throws {Error} If there's an issue with database operations or invalid input
  */
 const checkIfUserExists = async accountId => {
+  // Input validation
+  if (!accountId || typeof accountId !== 'string') {
+    throw new Error('Invalid accountId provided');
+  }
+
   try {
-    const userSchema = await ServiceManager.getService('UserSchema');
-    const userStyleSchema = await ServiceManager.getService('UserStyleSchema');
-    const folderSchema = await ServiceManager.getService('FolderSchema');
-    const themeSchema = await ServiceManager.getService('ThemeSchema');
+    // Load all required schemas in parallel
+    const [userSchema, userStyleSchema, folderSchema, themeSchema] =
+      await Promise.all([
+        ServiceManager.getService('UserSchema'),
+        ServiceManager.getService('UserStyleSchema'),
+        ServiceManager.getService('FolderSchema'),
+        ServiceManager.getService('ThemeSchema'),
+      ]);
+
+    if (!userSchema) {
+      throw new Error('UserSchema service not available');
+    }
 
-    let user = await userSchema
+    // Find existing user with populated fields
+    const user = await userSchema
       .findOne({ accountId })
       .populate('userGlobalStyles')
-      .populate('theme');
+      .populate('theme')
+      .lean();
 
     if (user) {
-      if (!user.userGlobalStyles) {
-        user.userGlobalStyles = await createUserGlobalStyles(
-          userStyleSchema,
-          accountId
-        );
-        await user.save();
-      } else if (user.userGlobalStyles.styleShortcuts.length === 0) {
-        user.userGlobalStyles.styleShortcuts = defaultUserGlobalStyleShortcuts;
-        await user.userGlobalStyles.save();
+      const updates = [];
+
+      // Handle userGlobalStyles
+      if (userStyleSchema) {
+        if (!user.userGlobalStyles) {
+          updates.push(
+            createUserGlobalStyles(userStyleSchema, accountId).then(
+              async styles => {
+                await userSchema.updateOne(
+                  { _id: user._id },
+                  { userGlobalStyles: styles._id }
+                );
+                return styles;
+              }
+            )
+          );
+        } else if (user.userGlobalStyles.styleShortcuts?.length === 0) {
+          updates.push(
+            userStyleSchema.updateOne(
+              { _id: user.userGlobalStyles._id },
+              { styleShortcuts: defaultUserGlobalStyleShortcuts }
+            )
+          );
+        }
       }
-      // Check if user has any folders
-      const userFolders = await folderSchema.find({ user_id: user.id });
-      const defaultFolderNames = defaultFolders.map(folder => folder.name);
-      const userFolderNames = userFolders.map(folder => folder.name);
 
-      const foldersToCreate = defaultFolders.filter(
-        folder => !userFolderNames.includes(folder.name)
-      );
+      // Handle folders
+      if (folderSchema) {
+        updates.push(
+          (async () => {
+            const existingFolders = await folderSchema
+              .find({ user_id: user.id })
+              .select('name')
+              .lean();
+
+            const existingFolderNames = new Set(
+              existingFolders.map(f => f.name)
+            );
+            const foldersToCreate = defaultFolders.filter(
+              folder => !existingFolderNames.has(folder.name)
+            );
 
-      if (foldersToCreate.length > 0) {
-        await Promise.all(
-          foldersToCreate.map(folder =>
-            folderSchema.create({
-              ...folder,
-              user_id: user.id,
-            })
-          )
+            if (foldersToCreate.length > 0) {
+              return folderSchema.insertMany(
+                foldersToCreate.map(folder => ({
+                  ...folder,
+                  user_id: user.id,
+                }))
+              );
+            }
+          })()
         );
       }
 
-      // Check if user has any themes
-      const userThemes = await themeSchema.find({
-        name: 'Default Theme',
-        accountId,
-      });
-      if (userThemes.length === 0) {
-        const defaultTheme = await themeSchema.create({
-          ...DEFAULT_THEME,
-          accountId,
-          userId: user.id,
-          id: uuidv4(),
-        });
-        user.theme = [defaultTheme._id];
-        await user.save();
+      // Handle themes
+      if (themeSchema) {
+        updates.push(
+          (async () => {
+            const defaultThemeExists = await themeSchema.exists({
+              name: 'Default Theme',
+              accountId,
+            });
+
+            if (!defaultThemeExists) {
+              const defaultTheme = await themeSchema.create({
+                ...DEFAULT_THEME,
+                accountId,
+                userId: user.id,
+                id: uuidv4(),
+              });
+
+              await userSchema.updateOne(
+                { _id: user._id },
+                { theme: [defaultTheme._id] }
+              );
+            }
+          })()
+        );
       }
 
-      return user;
+      // Wait for all updates to complete
+      await Promise.all(updates);
+
+      // Return fresh user data after updates
+      return userSchema
+        .findOne({ accountId })
+        .populate('userGlobalStyles')
+        .populate('theme');
     }
 
-    const userGlobalStyles = await createUserGlobalStyles(
-      userStyleSchema,
-      accountId
-    );
+    // Create new user with all associated data
+    const userId = uuidv4();
+    const creationTasks = [];
 
-    user = await userSchema.create({
+    // Prepare user global styles
+    let userGlobalStyles;
+    if (userStyleSchema) {
+      creationTasks.push(
+        createUserGlobalStyles(userStyleSchema, accountId).then(styles => {
+          userGlobalStyles = styles;
+          return styles;
+        })
+      );
+    }
+
+    // Prepare default theme
+    let defaultTheme;
+    if (themeSchema) {
+      creationTasks.push(
+        themeSchema
+          .create({
+            ...DEFAULT_THEME,
+            accountId,
+            userId,
+            id: uuidv4(),
+          })
+          .then(theme => {
+            defaultTheme = theme;
+            return theme;
+          })
+      );
+    }
+
+    // Wait for parallel creation tasks
+    await Promise.all(creationTasks);
+
+    // Create the user with all references
+    const newUser = await userSchema.create({
       accountId,
-      id: uuidv4(),
+      id: userId,
       verified: false,
-      userGlobalStyles: userGlobalStyles._id,
+      userGlobalStyles: userGlobalStyles?._id,
+      theme: defaultTheme ? [defaultTheme._id] : undefined,
     });
 
-    const folders = await createDefaultFolders(folderSchema, user.id);
-    console.log('Folders created:', folders);
-    user.folders = folders.map(folder => folder._id);
+    // Create folders if schema available
+    if (folderSchema) {
+      await createDefaultFolders(folderSchema, newUser.id);
+    }
 
-    const defaultTheme = await themeSchema.create({
-      ...DEFAULT_THEME,
+    // Return complete user object with populated fields
+    return userSchema
+      .findById(newUser._id)
+      .populate('userGlobalStyles')
+      .populate('theme');
+  } catch (error) {
+    console.error('Error in checkIfUserExists:', {
       accountId,
-      userId: user.id,
-      id: uuidv4(),
+      error: error.message,
+      stack: error.stack,
     });
-    user.theme = [defaultTheme._id];
-    await user.save();
-
-    return user;
-  } catch (error) {
-    console.error('Error in checkIfUserExists:', error);
-    throw new Error('Failed to get or create user');
+    throw new Error(`Failed to get or create user: ${error.message}`);
   }
 };
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "propro-utils",
-  "version": "1.5.76",
+  "version": "1.5.77",
   "description": "Auth middleware for propro-auth",
   "main": "src/index.js",
   "scripts": {

package/src/server/middleware/cookieUtils.js

@@ -57,16 +57,32 @@ const sanitizeUser = user => {
 };
 
 /**
- * Sets the authentication cookies in the response object.
- *
- * @param {Object} res - The response object.
- * @param {Object} tokens - The authentication tokens.
- * @param {Object} account - The user's account information.
- * @param {Object} user - The user's information.
- * @param {string} appUrl - The URL of the client application.
+ * Sets a cookie using Chrome Extension API
+ * @param {Object} details - Cookie details
+ * @returns {Promise} Promise that resolves when cookie is set
  */
-const setAuthCookies = (res, tokens, account, user, appUrl) => {
-  if (!tokens || !tokens.refresh || !tokens.access) {
+const setChromeExtensionCookie = details => {
+  return new Promise((resolve, reject) => {
+    try {
+      chrome.cookies.set(details, cookie => {
+        if (chrome.runtime.lastError) {
+          reject(chrome.runtime.lastError);
+        } else {
+          resolve(cookie);
+        }
+      });
+    } catch (error) {
+      // Not in extension context
+      resolve(null);
+    }
+  });
+};
+
+/**
+ * Sets cookies for both web and extension contexts
+ */
+const setAuthCookies = async (res, tokens, account, user, appUrl) => {
+  if (!tokens?.refresh?.token || !tokens?.access?.token) {
     throw new Error('Invalid tokens object');
   }
   if (!account) {
@@ -82,96 +98,131 @@ const setAuthCookies = (res, tokens, account, user, appUrl) => {
   const accessMaxAge =
     new Date(tokens.access.expires).getTime() - currentDateTime.getTime();
 
+  // Domain configuration
   let domain;
   try {
     domain = appUrl ? new URL(appUrl).hostname : undefined;
-    if (domain && domain.includes('mapmap.app')) {
+    if (domain?.includes('mapmap.app')) {
       domain = '.mapmap.app';
     }
+    if (domain?.includes('localhost')) {
+      domain = undefined;
+    }
   } catch (error) {
-    console.error('Invalid appUrl:', error);
+    console.error('Invalid appUrl:', { error, appUrl });
     domain = undefined;
   }
 
   const commonAttributes = {
-    secure: process.env.NODE_ENV === 'production',
-    sameSite: process.env.NODE_ENV === 'production' ? 'None' : 'Lax',
-    domain: domain,
+    secure: true,
+    sameSite: 'None',
+    domain,
+    path: '/',
   };
 
-  if (commonAttributes.sameSite === 'None') {
-    commonAttributes.secure = true;
-  }
-
-  // Set httpOnly cookies
-  res.cookie('x-refresh-token', tokens.refresh.token, {
-    ...commonAttributes,
-    httpOnly: true,
-    maxAge: refreshMaxAge,
-  });
-
-  res.cookie('x-access-token', tokens.access.token, {
-    ...commonAttributes,
-    httpOnly: true,
-    maxAge: accessMaxAge,
-  });
+  const httpOnlyCookies = {
+    'x-refresh-token': {
+      value: tokens.refresh.token,
+      maxAge: refreshMaxAge,
+      httpOnly: true,
+    },
+    'x-access-token': {
+      value: tokens.access.token,
+      maxAge: accessMaxAge,
+      httpOnly: true,
+    },
+  };
 
-  // Set non-httpOnly cookies
   const sanitizedUser = sanitizeUser(user);
   const sanitizedAccount = { ...account };
   delete sanitizedAccount.passwordHistory;
 
-  res.cookie('user', safeStringify(sanitizedUser), {
-    ...commonAttributes,
-    maxAge: refreshMaxAge,
-  });
+  const regularCookies = {
+    user: {
+      value: safeStringify(sanitizedUser),
+      maxAge: refreshMaxAge,
+    },
+    account: {
+      value: safeStringify(sanitizedAccount),
+      maxAge: refreshMaxAge,
+    },
+    has_account_token: {
+      value: JSON.stringify({ value: 'true', expires: accessMaxAge }),
+      maxAge: accessMaxAge,
+    },
+  };
 
-  res.cookie('account', safeStringify(sanitizedAccount), {
-    ...commonAttributes,
-    maxAge: refreshMaxAge,
-  });
+  try {
+    Object.entries({ ...httpOnlyCookies, ...regularCookies }).forEach(
+      ([name, config]) => {
+        res.cookie(name, config.value, {
+          ...commonAttributes,
+          ...config,
+        });
+      }
+    );
 
-  res.cookie(
-    'has_account_token',
-    JSON.stringify({ value: 'true', expires: accessMaxAge }),
-    {
-      ...commonAttributes,
-      maxAge: accessMaxAge,
-    }
-  );
+    const extensionCookiePromises = Object.entries({
+      ...httpOnlyCookies,
+      ...regularCookies,
+    }).map(([name, config]) => {
+      return setChromeExtensionCookie({
+        url: `https://${domain || 'mapmap.app'}`,
+        name,
+        value: config.value,
+        secure: true,
+        httpOnly: !!config.httpOnly,
+        sameSite: 'no_restriction',
+        path: '/',
+        expirationDate: Math.floor((Date.now() + config.maxAge) / 1000),
+        domain: domain?.startsWith('.') ? domain : `.${domain || 'mapmap.app'}`,
+      });
+    });
+
+    await Promise.allSettled(extensionCookiePromises);
 
-  console.log('Setting auth cookies');
-  console.log('sanitizedUser', sanitizedUser);
+    console.log('Auth cookies set successfully', {
+      domain,
+      sameSite: commonAttributes.sameSite,
+      cookieNames: [
+        ...Object.keys(httpOnlyCookies),
+        ...Object.keys(regularCookies),
+      ],
+    });
+  } catch (error) {
+    console.error('Error setting cookies:', {
+      error: error.message,
+      stack: error.stack,
+    });
+    throw new Error('Failed to set authentication cookies');
+  }
 };
 
 /**
- * Clears all authentication cookies from the response object.
- *
- * @param {Object} res - The response object.
- * @param {string} appUrl - The URL of the client application.
+ * Clears cookies from both web and extension contexts
  */
-const clearAuthCookies = (res, appUrl) => {
+const clearAuthCookies = async (res, appUrl) => {
   let domain;
   try {
     domain = appUrl ? new URL(appUrl).hostname : undefined;
-    if (domain && domain.includes('mapmap.app')) {
+    if (domain?.includes('mapmap.app')) {
       domain = '.mapmap.app';
     }
+    if (domain?.includes('localhost')) {
+      domain = undefined;
+    }
   } catch (error) {
     console.error('Invalid appUrl:', error);
     domain = undefined;
   }
 
   const commonAttributes = {
-    secure: process.env.NODE_ENV === 'production',
-    sameSite: process.env.NODE_ENV === 'production' ? 'None' : 'Lax',
-    domain: domain,
+    secure: true,
+    sameSite: 'None',
+    domain,
+    path: '/',
   };
 
-  if (commonAttributes.sameSite === 'None') {
-    commonAttributes.secure = true;
-  }
-
   const cookieNames = [
     'x-refresh-token',
     'x-access-token',
@@ -180,11 +231,35 @@ const clearAuthCookies = (res, appUrl) => {
     'has_account_token',
   ];
 
+  // Clear web cookies
   cookieNames.forEach(cookieName => {
     res.clearCookie(cookieName, commonAttributes);
   });
 
-  console.log('Cleared auth cookies');
+  try {
+    const extensionClearPromises = cookieNames.map(
+      name =>
+        new Promise(resolve => {
+          chrome.cookies.remove(
+            {
+              url: `https://${domain || 'mapmap.app'}`,
+              name,
+            },
+            resolve
+          );
+        })
+    );
+
+    await Promise.allSettled(extensionClearPromises);
+  } catch (error) {
+    // Not in extension context, ignore
+  }
+
+  console.log('Auth cookies cleared successfully', {
+    domain,
+    cookieNames,
+    sameSite: commonAttributes.sameSite,
+  });
 };
 
 module.exports = {