proto.io 0.0.227 → 0.0.229

package/dist/client.d.mts

@@ -0,0 +1,16 @@
+import { P as ProtoClient } from './internals/index-DwjvuRyl.mjs';
+export { c as classExtends } from './internals/index-DwjvuRyl.mjs';
+export { D as DeserializeOptions, S as SerializeOptions, e as TNumber, f as TSerializable, g as deserialize, s as serialize } from './internals/index-OwgXw07h.mjs';
+export { Decimal } from 'decimal.js';
+import '@o2ter/utils-js';
+import 'socket.io-client';
+import '@socket.io/component-emitter';
+import 'jsonwebtoken';
+import '@o2ter/server-js';
+import 'lodash';
+import 'node:stream';
+
+
+
+export { ProtoClient, ProtoClient as default };
+//# sourceMappingURL=client.d.mts.map

package/dist/client.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.mts","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;"}

package/dist/client.d.ts

@@ -1,6 +1,6 @@
-import { P as ProtoClient } from './internals/index-Cj45GkKv.js';
-export { c as classExtends } from './internals/index-Cj45GkKv.js';
-export { D as DeserializeOptions, S as SerializeOptions, e as TNumber, f as TSerializable, g as deserialize, s as serialize } from './internals/index-1ZK5N4yb.js';
+import { P as ProtoClient } from './internals/index-B710pfTH.js';
+export { c as classExtends } from './internals/index-B710pfTH.js';
+export { D as DeserializeOptions, S as SerializeOptions, e as TNumber, f as TSerializable, g as deserialize, s as serialize } from './internals/index-OwgXw07h.js';
 export { Decimal } from 'decimal.js';
 import '@o2ter/utils-js';
 import 'socket.io-client';

package/dist/client.js

@@ -2,7 +2,7 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
-var index = require('./internals/index-vOFh8pVc.js');
+var index = require('./internals/index-B0TO6h9r.js');
 var Decimal = require('decimal.js');
 require('@o2ter/utils-js');
 require('./internals/private-Ciddhure.js');

package/dist/client.mjs

@@ -1,5 +1,5 @@
-import { b as ProtoClient } from './internals/index-BWZIV3_T.mjs';
-export { c as classExtends, d as deserialize, s as serialize } from './internals/index-BWZIV3_T.mjs';
+import { b as ProtoClient } from './internals/index-DG2-4tQ1.mjs';
+export { c as classExtends, d as deserialize, s as serialize } from './internals/index-DG2-4tQ1.mjs';
 export { Decimal } from 'decimal.js';
 import '@o2ter/utils-js';
 import './internals/private-CNw40LZ7.mjs';

package/dist/index.d.mts

@@ -0,0 +1,151 @@
+import * as socket_io from 'socket.io';
+import { Router } from 'express';
+import { Server } from '@o2ter/server-js';
+import { P as ProtoService, a as ProtoServiceOptions, b as ProtoServiceKeyOptions, T as TSchema, c as TValueWithoutObject } from './internals/index-OwgXw07h.mjs';
+export { D as DeserializeOptions, S as SerializeOptions, d as TFileStorage, e as TNumber, f as TSerializable, g as deserialize, s as serialize } from './internals/index-OwgXw07h.mjs';
+import Decimal from 'decimal.js';
+export { Decimal } from 'decimal.js';
+export { P as ProtoClient, c as classExtends } from './internals/index-DwjvuRyl.mjs';
+import '@o2ter/utils-js';
+import 'jsonwebtoken';
+import 'lodash';
+import 'node:stream';
+import 'socket.io-client';
+import '@socket.io/component-emitter';
+
+/**
+ * Schema definition utility functions.
+ */
+declare const schema: ((x: Record<string, TSchema>) => Record<string, TSchema>) & {
+    /**
+     * Defines a boolean schema.
+     * @param defaultValue - The default value for the boolean.
+     * @returns The boolean schema.
+     */
+    boolean: (defaultValue?: boolean) => {
+        readonly type: "boolean";
+        readonly default: boolean | undefined;
+    };
+    /**
+     * Defines a number schema.
+     * @param defaultValue - The default value for the number.
+     * @returns The number schema.
+     */
+    number: (defaultValue?: number) => {
+        readonly type: "number";
+        readonly default: number | undefined;
+    };
+    /**
+     * Defines a decimal schema.
+     * @param defaultValue - The default value for the decimal.
+     * @returns The decimal schema.
+     */
+    decimal: (defaultValue?: Decimal) => {
+        readonly type: "decimal";
+        readonly default: Decimal | undefined;
+    };
+    /**
+     * Defines a string schema.
+     * @param defaultValue - The default value for the string.
+     * @returns The string schema.
+     */
+    string: (defaultValue?: string) => {
+        readonly type: "string";
+        readonly default: string | undefined;
+    };
+    /**
+     * Defines a string array schema.
+     * @param defaultValue - The default value for the string array.
+     * @returns The string array schema.
+     */
+    stringArray: (defaultValue?: string[]) => {
+        readonly type: "string[]";
+        readonly default: string[] | undefined;
+    };
+    /**
+     * Defines a date schema.
+     * @param defaultValue - The default value for the date.
+     * @returns The date schema.
+     */
+    date: (defaultValue?: Date) => {
+        readonly type: "date";
+        readonly default: Date | undefined;
+    };
+    /**
+     * Defines an object schema.
+     * @param defaultValue - The default value for the object.
+     * @returns The object schema.
+     */
+    object: <T extends Record<string, TValueWithoutObject>>(defaultValue?: T) => {
+        readonly type: "object";
+        readonly default: T | undefined;
+    };
+    /**
+     * Defines an array schema.
+     * @param defaultValue - The default value for the array.
+     * @returns The array schema.
+     */
+    array: <T extends TValueWithoutObject[]>(defaultValue?: T) => {
+        readonly type: "array";
+        readonly default: T | undefined;
+    };
+    /**
+     * Defines a vector schema.
+     * @param dimension - The dimension of the vector.
+     * @param defaultValue - The default value for the vector.
+     * @returns The vector schema.
+     */
+    vector: (dimension: number, defaultValue?: number[]) => {
+        readonly type: "vector";
+        readonly dimension: number;
+        readonly default: number[] | undefined;
+    };
+    /**
+     * Defines a shape schema.
+     * @param shape - The shape definition.
+     * @returns The shape schema.
+     */
+    shape: (shape: Record<string, TSchema.DataType>) => {
+        readonly type: "shape";
+        readonly shape: Record<string, TSchema.DataType>;
+    };
+    /**
+     * Defines a pointer schema.
+     * @param target - The target of the pointer.
+     * @returns The pointer schema.
+     */
+    pointer: (target: string) => {
+        readonly type: "pointer";
+        readonly target: string;
+    };
+    /**
+     * Defines a relation schema.
+     * @param target - The target of the relation.
+     * @param foreignField - The foreign field of the relation.
+     * @returns The relation schema.
+     */
+    relation: (target: string, foreignField?: string) => {
+        readonly type: "relation";
+        readonly target: string;
+        readonly foreignField: string | undefined;
+    };
+};
+/**
+ * Creates a ProtoRoute.
+ * @param options - The options for the ProtoRoute.
+ * @returns A promise that resolves to a Router.
+ */
+declare const ProtoRoute: <E>(options: {
+    proto: ProtoService<E> | (ProtoServiceOptions<E> & ProtoServiceKeyOptions);
+}) => Promise<Router>;
+/**
+ * Registers a ProtoSocket.
+ * @param proto - The ProtoService instance.
+ * @param server - The server instance.
+ * @param endpoint - The optional endpoint.
+ * @returns The socket.io instance.
+ */
+declare const registerProtoSocket: <E>(proto: ProtoService<E>, server: Server, endpoint?: string) => socket_io.Server<socket_io.DefaultEventsMap, socket_io.DefaultEventsMap, socket_io.DefaultEventsMap, any> | socket_io.Namespace<socket_io.DefaultEventsMap, socket_io.DefaultEventsMap, socket_io.DefaultEventsMap, any>;
+
+export { ProtoRoute, ProtoService, ProtoRoute as default, registerProtoSocket, schema };
+//# sourceMappingURL=index.d.mts.map

package/dist/index.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.mts","sources":["../src/index.ts"],"sourcesContent":["//\n//  index.ts\n//\n//  The MIT License\n//  Copyright (c) 2021 - 2025 O2ter Limited. All rights reserved.\n//\n//  Permission is hereby granted, free of charge, to any person obtaining a copy\n//  of this software and associated documentation files (the \"Software\"), to deal\n//  in the Software without restriction, including without limitation the rights\n//  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n//  copies of the Software, and to permit persons to whom the Software is\n//  furnished to do so, subject to the following conditions:\n//\n//  The above copyright notice and this permission notice shall be included in\n//  all copies or substantial portions of the Software.\n//\n//  THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n//  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n//  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n//  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n//  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n//  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN\n//  THE SOFTWARE.\n//\n\nimport _ from 'lodash';\nimport { Router } from 'express';\nimport { Server } from '@o2ter/server-js';\nimport { ProtoService } from './server/proto';\nimport { ProtoServiceKeyOptions, ProtoServiceOptions } from './server/proto/types';\nimport authHandler from './server/auth';\nimport classesRoute from './server/routes/classes';\nimport functionRoute from './server/routes/function';\nimport jobRoute from './server/routes/job';\nimport filesRoute from './server/routes/files';\nimport userRoute from './server/routes/user';\nimport notifyRoute from './server/routes/notify';\nimport schemaRoute from './server/routes/schema';\nimport configRoute from './server/routes/config';\nimport { TSchema } from './internals/schema';\nimport { PVK } from './internals/private';\nimport { TValueWithoutObject } from './internals/types';\nimport Decimal from 'decimal.js';\nimport { response } from './server/routes/common';\nimport { QuerySelector } from './server/query/dispatcher/parser';\nimport { serialize } from './internals/codec';\n\nexport * from './internals/codec';\nexport { classExtends } from './internals/utils';\nexport { TFileStorage } from './server/file';\nexport { ProtoService } from './server/proto';\nexport { ProtoClient } from './client';\n\n/**\n * Schema definition utility functions.\n */\nexport const schema = _.assign((x: Record<string, TSchema>) => x, {\n  /**\n   * Defines a boolean schema.\n   * @param defaultValue - The default value for the boolean.\n   * @returns The boolean schema.\n   */\n  boolean: (defaultValue?: boolean) => ({ type: 'boolean', default: defaultValue }) as const,\n\n  /**\n   * Defines a number schema.\n   * @param defaultValue - The default value for the number.\n   * @returns The number schema.\n   */\n  number: (defaultValue?: number) => ({ type: 'number', default: defaultValue }) as const,\n\n  /**\n   * Defines a decimal schema.\n   * @param defaultValue - The default value for the decimal.\n   * @returns The decimal schema.\n   */\n  decimal: (defaultValue?: Decimal) => ({ type: 'decimal', default: defaultValue }) as const,\n\n  /**\n   * Defines a string schema.\n   * @param defaultValue - The default value for the string.\n   * @returns The string schema.\n   */\n  string: (defaultValue?: string) => ({ type: 'string', default: defaultValue }) as const,\n\n  /**\n   * Defines a string array schema.\n   * @param defaultValue - The default value for the string array.\n   * @returns The string array schema.\n   */\n  stringArray: (defaultValue?: string[]) => ({ type: 'string[]', default: defaultValue }) as const,\n\n  /**\n   * Defines a date schema.\n   * @param defaultValue - The default value for the date.\n   * @returns The date schema.\n   */\n  date: (defaultValue?: Date) => ({ type: 'date', default: defaultValue }) as const,\n\n  /**\n   * Defines an object schema.\n   * @param defaultValue - The default value for the object.\n   * @returns The object schema.\n   */\n  object: <T extends Record<string, TValueWithoutObject>>(defaultValue?: T) => ({ type: 'object', default: defaultValue }) as const,\n\n  /**\n   * Defines an array schema.\n   * @param defaultValue - The default value for the array.\n   * @returns The array schema.\n   */\n  array: <T extends TValueWithoutObject[]>(defaultValue?: T) => ({ type: 'array', default: defaultValue }) as const,\n\n  /**\n   * Defines a vector schema.\n   * @param dimension - The dimension of the vector.\n   * @param defaultValue - The default value for the vector.\n   * @returns The vector schema.\n   */\n  vector: (dimension: number, defaultValue?: number[]) => ({ type: 'vector', dimension, default: defaultValue }) as const,\n\n  /**\n   * Defines a shape schema.\n   * @param shape - The shape definition.\n   * @returns The shape schema.\n   */\n  shape: (shape: Record<string, TSchema.DataType>) => ({ type: 'shape', shape }) as const,\n\n  /**\n   * Defines a pointer schema.\n   * @param target - The target of the pointer.\n   * @returns The pointer schema.\n   */\n  pointer: (target: string) => ({ type: 'pointer', target }) as const,\n\n  /**\n   * Defines a relation schema.\n   * @param target - The target of the relation.\n   * @param foreignField - The foreign field of the relation.\n   * @returns The relation schema.\n   */\n  relation: (target: string, foreignField?: string) => ({ type: 'relation', target, foreignField }) as const,\n});\n\n/**\n * Creates a ProtoRoute.\n * @param options - The options for the ProtoRoute.\n * @returns A promise that resolves to a Router.\n */\nexport const ProtoRoute = async <E>(options: {\n  proto: ProtoService<E> | (ProtoServiceOptions<E> & ProtoServiceKeyOptions);\n}): Promise<Router> => {\n\n  const proto = options.proto instanceof ProtoService ? options.proto : new ProtoService(options.proto);\n  await proto[PVK].prepare();\n\n  const router = Server.Router().use(\n    authHandler(proto),\n    (req, res, next) => {\n      const payload = proto.connect(req);\n      if (!payload.isInvalidMasterToken) return next();\n      res.status(400).json({ message: 'Invalid token' });\n    },\n  );\n\n  router.get('/health', (req, res) => { res.sendStatus(200); });\n  router.get('/sessionInfo', async (req, res) => {\n    await response(res, () => proto.connect(req).sessionInfo());\n  });\n\n  classesRoute(router, proto);\n  functionRoute(router, proto);\n  jobRoute(router, proto);\n  filesRoute(router, proto);\n  userRoute(router, proto);\n  notifyRoute(router, proto);\n  schemaRoute(router, proto);\n  configRoute(router, proto);\n\n  return router;\n}\n\n/**\n * Registers a ProtoSocket.\n * @param proto - The ProtoService instance.\n * @param server - The server instance.\n * @param endpoint - The optional endpoint.\n * @returns The socket.io instance.\n */\nexport const registerProtoSocket = <E>(\n  proto: ProtoService<E>,\n  server: Server,\n  endpoint?: string,\n) => {\n  const io = endpoint ? server.socket().of(endpoint) : server.socket();\n\n  io.on('connection', async (socket) => {\n\n    let { token } = socket.handshake.auth;\n    const service = await proto.connectWithSessionToken(token);\n\n    socket.on('auth', (t) => {\n      token = t;\n      service.connectWithSessionToken(t);\n    });\n\n    type QueryOpts = {\n      event: string;\n      className: string;\n      filter: QuerySelector | boolean;\n    };\n\n    let events: Record<string, QuerySelector | boolean> = {};\n    let queries: Record<string, QueryOpts> = {};\n\n    const { remove: remove_basic } = service.listen(data => {\n      const ids = _.keys(_.pickBy(events, v => v instanceof QuerySelector ? v.eval(data) : v));\n      const payload = JSON.parse(serialize(data));\n      if (!_.isEmpty(ids)) socket.emit('ON_EV_NOTIFY', { ids, data: payload });\n    });\n\n    const { remove: remove_livequery } = service[PVK]._liveQuery(service, (ev, objs) => {\n      const ids: Record<string, string[]> = {};\n      for (const obj of objs) {\n        ids[obj.id!] = _.keys(_.pickBy(queries, v => {\n          if (v.event !== ev || v.className !== obj.className) return false;\n          return v.filter instanceof QuerySelector ? v.filter.eval(obj) : v.filter;\n        }));\n      }\n      if (_.isEmpty(ids)) return;\n      const payload = JSON.parse(serialize(_.filter(objs, obj => !_.isEmpty(ids[obj.id!]))));\n      socket.emit('ON_EV_LIVEQUERY', { ids, data: payload });\n    });\n\n    socket.on('disconnect', () => {\n      remove_basic();\n      remove_livequery();\n    });\n\n    socket.on('EV_NOTIFY', (payload) => {\n      events = _.mapValues(payload, v => {\n        if (_.isBoolean(v)) return true;\n        try {\n          return QuerySelector.decode(v);\n        } catch (error) {\n          proto.logger.error(error);\n          return false;\n        }\n      });\n    });\n\n    socket.on('EV_LIVEQUERY', (payload) => {\n      queries = _.mapValues(payload, v => {\n        const { event = '', className = '', filter } = v ?? {};\n        if (_.isBoolean(v)) return { event, className, filter: true };\n        try {\n          return { event, className, filter: QuerySelector.decode(filter) };\n        } catch (error) {\n          proto.logger.error(error);\n          return { event, className, filter: false };\n        }\n      });\n    });\n  });\n\n  return io;\n}\n\nexport default ProtoRoute;"],"names":[],"mappings":";;;;;;;;;;;;;;;AAYA;AACA;AACA;AACO,cAAA,MAAA,OAAA,MAAA,SAAA,OAAA,MAAA,MAAA,SAAA,OAAA;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,6BAAA,OAAA;AACA;AACA,0BAAA,OAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,0BAAA,IAAA;AACA;AACA,0BAAA,IAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,uBAAA,MAAA,SAAA,mBAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAA,mBAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,mBAAA,MAAA,SAAA,OAAA,CAAA,QAAA;AACA;AACA,wBAAA,MAAA,SAAA,OAAA,CAAA,QAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,cAAA,UAAA;AACP,WAAA,YAAA,OAAA,mBAAA,MAAA,sBAAA;AACA,MAAA,OAAA,CAAA,MAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,cAAA,mBAAA,aAAA,YAAA,aAAA,MAAA,wBAAqG,SAAmB,CAAA,MAAA,CAAQ,SAAmB,CAAA,gBAAA,EAAmB,SAAmB,CAAA,gBAAA,EAAmB,SAAmB,CAAA,gBAAA,SAA0B,SAAmB,CAAA,SAAA,CAAW,SAAmB,CAAA,gBAAA,EAAmB,SAAmB,mBAAmB,SAAmB,CAAA,gBAAA;;;;"}

package/dist/index.d.ts

@@ -1,11 +1,11 @@
 import * as socket_io from 'socket.io';
 import { Router } from 'express';
 import { Server } from '@o2ter/server-js';
-import { P as ProtoService, a as ProtoServiceOptions, b as ProtoServiceKeyOptions, T as TSchema, c as TValueWithoutObject } from './internals/index-1ZK5N4yb.js';
-export { D as DeserializeOptions, S as SerializeOptions, d as TFileStorage, e as TNumber, f as TSerializable, g as deserialize, s as serialize } from './internals/index-1ZK5N4yb.js';
+import { P as ProtoService, a as ProtoServiceOptions, b as ProtoServiceKeyOptions, T as TSchema, c as TValueWithoutObject } from './internals/index-OwgXw07h.js';
+export { D as DeserializeOptions, S as SerializeOptions, d as TFileStorage, e as TNumber, f as TSerializable, g as deserialize, s as serialize } from './internals/index-OwgXw07h.js';
 import Decimal from 'decimal.js';
 export { Decimal } from 'decimal.js';
-export { P as ProtoClient, c as classExtends } from './internals/index-Cj45GkKv.js';
+export { P as ProtoClient, c as classExtends } from './internals/index-B710pfTH.js';
 import '@o2ter/utils-js';
 import 'jsonwebtoken';
 import 'lodash';

package/dist/index.js

@@ -4,10 +4,10 @@ Object.defineProperty(exports, '__esModule', { value: true });
 
 var _ = require('lodash');
 var serverJs = require('@o2ter/server-js');
-var validator = require('./internals/validator-Bc1jRJfA.js');
+var validator = require('./internals/validator-CFlx3oyq.js');
 var _private = require('./internals/private-Ciddhure.js');
 var utilsJs = require('@o2ter/utils-js');
-var index = require('./internals/index-vOFh8pVc.js');
+var index = require('./internals/index-B0TO6h9r.js');
 var index$1 = require('./internals/index-CLKTEIj0.js');
 var jwt = require('jsonwebtoken');
 var node_buffer = require('node:buffer');
@@ -116,6 +116,16 @@ const dispatcher = (proto, options) => {
                 throw Error('No permission');
             return proto.storage.find(decoded);
         },
+        async groupFind(query, accumulators) {
+            validator.QueryValidator.recursiveCheck(query);
+            const _validator = await validator$1();
+            const decoded = _validator.decodeQuery(normalize(query), 'read');
+            const isGet = _validator.isGetMethod(decoded.filter);
+            if (!_validator.validateCLPs(query.className, isGet ? 'get' : 'find'))
+                throw Error('No permission');
+            const acc = _.mapValues(accumulators, x => validator.QueryAccumulator.decode(x).simplify());
+            return proto.storage.groupFind(decoded, acc);
+        },
         async nonrefs(query) {
             validator.QueryValidator.recursiveCheck(query);
             const _validator = await validator$1();
@@ -312,6 +322,9 @@ class _ProtoQuery extends index.TQuery {
                 yield self._objectMethods(object);
         });
     }
+    groupFind(accumulators, options) {
+        return this._dispatcher(options).groupFind(this._queryOptions, accumulators);
+    }
     nonrefs(options) {
         const self = this;
         return utilsJs.asyncStream(async function* () {
@@ -526,6 +539,8 @@ const defaultSchema = {
     'User': {
         fields: {
             password: 'object',
+            password_history: 'array',
+            password_changed_at: 'date',
         },
         classLevelPermissions: {
             find: [],
@@ -535,7 +550,7 @@ const defaultSchema = {
         fieldLevelPermissions: {
             _expired_at: { create: [], update: [] },
         },
-        secureFields: ['password'],
+        secureFields: ['password', 'password_history', 'password_changed_at'],
     },
     'Role': {
         fields: {
@@ -704,7 +719,7 @@ const passwordHash = async (alg, password, options) => {
         ...options
     };
 };
-const varifyPassword = async (alg, password, options) => {
+const verifyPassword = async (alg, password, options) => {
     if (!_.isString(options.salt))
         return false;
     if (!_.isString(options.derivedKey))
@@ -901,7 +916,7 @@ class ProtoInternal {
         }
         return callback(proxy(payload ?? proto));
     }
-    async varifyPassword(proto, user, password, options) {
+    async verifyPassword(proto, user, password, options) {
         if (!user.id)
             throw Error('Invalid user object');
         const _user = await proto.InsecureQuery('User')
@@ -909,20 +924,46 @@ class ProtoInternal {
             .includes('_id', 'password')
             .first(options);
         const { alg, ...opts } = _user?.get('password') ?? {};
-        return varifyPassword(alg, password, opts);
+        return verifyPassword(alg, password, opts);
     }
     async setPassword(proto, user, password, options) {
         if (!user.id)
             throw Error('Invalid user object');
         if (_.isEmpty(password))
             throw Error('Invalid password');
+        const { maxPasswordHistory, validatorCallback, } = this.options.passwordPolicy || {};
+        if (validatorCallback) {
+            const isValid = await validatorCallback(password, user);
+            if (!isValid)
+                throw Error('Password does not meet the policy requirements');
+        }
         const { alg, ...opts } = this.options.passwordHashOptions;
         const hashed = await passwordHash(alg, password, opts);
+        let history = [];
+        if (maxPasswordHistory && maxPasswordHistory > 0) {
+            const _user = await proto.InsecureQuery('User')
+                .equalTo('_id', user.id)
+                .includes('_id', 'password_history')
+                .first(options);
+            history = _.slice(_user?.get('password_history') ?? [], 0, maxPasswordHistory);
+            for (const entry of history) {
+                const { alg, ...opts } = entry;
+                if (await verifyPassword(alg, password, opts)) {
+                    throw Error('Cannot reuse previous passwords');
+                }
+            }
+        }
         await proto.InsecureQuery('User')
             .equalTo('_id', user.id)
             .includes('_id')
             .updateOne({
             password: { $set: hashed },
+            password_history: {
+                $set: maxPasswordHistory && maxPasswordHistory > 0
+                    ? _.slice([{ ...hashed, password }, ...history], 0, maxPasswordHistory)
+                    : [],
+            },
+            password_changed_at: { $set: new Date() },
         }, options);
     }
     async unsetPassword(proto, user, options) {
@@ -933,6 +974,7 @@ class ProtoInternal {
             .includes('_id')
             .updateOne({
             password: { $set: {} },
+            password_changed_at: { $set: new Date() },
         }, options);
     }
     async updateFile(proto, object, options) {
@@ -950,8 +992,8 @@ class ProtoInternal {
         }
         return object;
     }
-    varifyUploadToken(proto, token, isMaster) {
-        const { nonce, attributes, maxUploadSize, } = (_.isString(token) ? this.jwtVarify(token, 'upload') ?? {} : {});
+    verifyUploadToken(proto, token, isMaster) {
+        const { nonce, attributes, maxUploadSize, } = (_.isString(token) ? this.jwtVerify(token, 'upload') ?? {} : {});
         if (!isMaster && !nonce)
             throw Error('Upload token is required');
         return {
@@ -964,7 +1006,7 @@ class ProtoInternal {
         const data = object[_private.PVK].extra.data;
         if (_.isNil(data))
             throw Error('Invalid file object');
-        const { nonce, attributes = {}, maxUploadSize = this.options.maxUploadSize, } = options?.uploadToken ? this.varifyUploadToken(proto, options.uploadToken, options.master) : {};
+        const { nonce, attributes = {}, maxUploadSize = this.options.maxUploadSize, } = options?.uploadToken ? this.verifyUploadToken(proto, options.uploadToken, options.master) : {};
         if (nonce) {
             const found = await proto.Query('File').equalTo('nonce', nonce).first({ master: true });
             if (found)
@@ -1071,7 +1113,7 @@ class ProtoInternal {
         })();
         return jwt.sign(payload, this.options.jwtToken, opts);
     }
-    jwtVarify(token, options = {}) {
+    jwtVerify(token, options = {}) {
         try {
             const opts = (() => {
                 switch (options) {
@@ -1207,7 +1249,7 @@ class ProtoInternal {
         obj.set('data', params);
         obj.set('user', user);
         await obj.save({ master: true });
-        this.jobRunner.excuteJob(proto);
+        this.jobRunner.executeJob(proto);
         return obj;
     }
 }
@@ -1269,7 +1311,7 @@ class JobRunner {
         job.set('completedAt', new Date());
         await job.save({ master: true });
     }
-    async excuteJob(proto) {
+    async executeJob(proto) {
         if (this._running || this._stopped)
             return;
         this._running = true;
@@ -1299,7 +1341,7 @@ class JobRunner {
                 finally {
                     clearInterval(timer);
                 }
-                this.excuteJob(proto);
+                this.executeJob(proto);
             })();
         }
         this._running = false;
@@ -1333,7 +1375,7 @@ class JobRunner {
 const _sessionWithToken = async (proto, token) => {
     if (_.isEmpty(token))
         return;
-    const payload = proto[_private.PVK].jwtVarify(token, 'login') ?? {};
+    const payload = proto[_private.PVK].jwtVerify(token, 'login') ?? {};
     if (!_.isString(payload.sessionId) || _.isEmpty(payload.sessionId))
         return;
     const session = await proto.Query('_Session')
@@ -1492,8 +1534,8 @@ const scheduleOp = {
     expireDocument: async (proto) => {
         await proto.gc();
     },
-    excuteJob: async (proto) => {
-        proto[_private.PVK].jobRunner.excuteJob(proto);
+    executeJob: async (proto) => {
+        proto[_private.PVK].jobRunner.executeJob(proto);
     },
 };
 const schedule = (proto) => {
@@ -1702,8 +1744,8 @@ class ProtoService extends index.ProtoType {
         if (req.res)
             await signUser(this, req.res, undefined, options);
     }
-    varifyPassword(user, password, options) {
-        return this[_private.PVK].varifyPassword(this, user, password, options);
+    verifyPassword(user, password, options) {
+        return this[_private.PVK].verifyPassword(this, user, password, options);
     }
     setPassword(user, password, options) {
         return this[_private.PVK].setPassword(this, user, password, options);
@@ -1790,8 +1832,8 @@ class ProtoService extends index.ProtoType {
     jwtSign(payload, options) {
         return this[_private.PVK].jwtSign(payload, options);
     }
-    jwtVarify(token, options = {}) {
-        return this[_private.PVK].jwtVarify(token, options);
+    jwtVerify(token, options = {}) {
+        return this[_private.PVK].jwtVerify(token, options);
     }
     notify(data) {
         return this[_private.PVK].notify(this, data);
@@ -1977,7 +2019,7 @@ const verifyRelatedBy = (relatedBy) => {
 var classesRoute = (router, proto) => {
     const defaultHandler = async (req) => {
         const { name } = req.params;
-        const { operation, random, attributes, update, setOnInsert, relatedBy, silent, ...options } = index.deserialize(req.body);
+        const { operation, accumulators, random, attributes, update, setOnInsert, relatedBy, silent, ...options } = index.deserialize(req.body);
         verifyRelatedBy(relatedBy);
         const payload = proto.connect(req);
         const query = relatedBy ? payload.Relation(payload.Object(relatedBy.className, relatedBy.id), relatedBy.key) : payload.Query(name);
@@ -1998,15 +2040,16 @@ var classesRoute = (router, proto) => {
                     query[_private.PVK].options.limit = query[_private.PVK].options.limit ?? maxFetchLimit;
                     if (query[_private.PVK].options.limit > maxFetchLimit)
                         throw Error('Query over limit');
-                    return await query.find(opts);
+                    return query.find(opts);
                 }
+            case 'groupFind': return query.groupFind(accumulators, opts);
             case 'random':
                 {
                     const maxFetchLimit = payload[_private.PVK].options.maxFetchLimit;
                     query[_private.PVK].options.limit = query[_private.PVK].options.limit ?? maxFetchLimit;
                     if (query[_private.PVK].options.limit > maxFetchLimit)
                         throw Error('Query over limit');
-                    return await query.random(random, opts);
+                    return query.random(random, opts);
                 }
             case 'nonrefs':
                 {
@@ -2014,7 +2057,7 @@ var classesRoute = (router, proto) => {
                     query[_private.PVK].options.limit = query[_private.PVK].options.limit ?? maxFetchLimit;
                     if (query[_private.PVK].options.limit > maxFetchLimit)
                         throw Error('Query over limit');
-                    return await query.nonrefs(opts);
+                    return query.nonrefs(opts);
                 }
             case 'insert': return query.insert(attributes, opts);
             case 'insertMany': return query.insertMany(attributes, opts);
@@ -2284,7 +2327,7 @@ var filesRoute = (router, proto) => {
         await response(res, async () => {
             const payload = proto.connect(req);
             const uploadToken = req.header(_const.UPLOAD_TOKEN_HEADER_NAME);
-            const { maxUploadSize } = payload[_private.PVK].varifyUploadToken(payload, uploadToken, payload.isMaster);
+            const { maxUploadSize } = payload[_private.PVK].verifyUploadToken(payload, uploadToken, payload.isMaster);
             const { attributes, file } = await decodeFormStream(req, (file, info) => proto.fileStorage.create(proto, file, info, maxUploadSize));
             try {
                 const obj = payload.Object('File');