servcraft 0.1.0 → 0.1.1

package/dist/index.d.cts

@@ -1,7 +1,7 @@
 import { FastifyInstance, FastifyReply, FastifyRequest } from 'fastify';
 import pino, { Logger } from 'pino';
 export { Logger } from 'pino';
-import { z, ZodTypeAny } from 'zod';
+import { z, ZodSchema } from 'zod';
 
 interface LoggerConfig {
     level: string;
@@ -50,11 +50,6 @@ declare const envSchema: z.ZodObject<{
     SMTP_PASS: z.ZodOptional<z.ZodString>;
     SMTP_FROM: z.ZodOptional<z.ZodString>;
     REDIS_URL: z.ZodOptional<z.ZodString>;
-    SWAGGER_ENABLED: z.ZodEffects<z.ZodDefault<z.ZodUnion<[z.ZodLiteral<"true">, z.ZodLiteral<"false">]>>, boolean, "true" | "false" | undefined>;
-    SWAGGER_ROUTE: z.ZodDefault<z.ZodString>;
-    SWAGGER_TITLE: z.ZodDefault<z.ZodString>;
-    SWAGGER_DESCRIPTION: z.ZodDefault<z.ZodString>;
-    SWAGGER_VERSION: z.ZodDefault<z.ZodString>;
     LOG_LEVEL: z.ZodDefault<z.ZodEnum<["fatal", "error", "warn", "info", "debug", "trace"]>>;
 }, "strip", z.ZodTypeAny, {
     NODE_ENV: "development" | "staging" | "production" | "test";
@@ -65,11 +60,6 @@ declare const envSchema: z.ZodObject<{
     CORS_ORIGIN: string;
     RATE_LIMIT_MAX: number;
     RATE_LIMIT_WINDOW_MS: number;
-    SWAGGER_ENABLED: boolean;
-    SWAGGER_ROUTE: string;
-    SWAGGER_TITLE: string;
-    SWAGGER_DESCRIPTION: string;
-    SWAGGER_VERSION: string;
     LOG_LEVEL: "fatal" | "error" | "warn" | "info" | "debug" | "trace";
     DATABASE_URL?: string | undefined;
     JWT_SECRET?: string | undefined;
@@ -96,11 +86,6 @@ declare const envSchema: z.ZodObject<{
     SMTP_PASS?: string | undefined;
     SMTP_FROM?: string | undefined;
     REDIS_URL?: string | undefined;
-    SWAGGER_ENABLED?: "true" | "false" | undefined;
-    SWAGGER_ROUTE?: string | undefined;
-    SWAGGER_TITLE?: string | undefined;
-    SWAGGER_DESCRIPTION?: string | undefined;
-    SWAGGER_VERSION?: string | undefined;
     LOG_LEVEL?: "fatal" | "error" | "warn" | "info" | "debug" | "trace" | undefined;
 }>;
 type Env = z.infer<typeof envSchema>;
@@ -113,11 +98,6 @@ declare const env: {
     CORS_ORIGIN: string;
     RATE_LIMIT_MAX: number;
     RATE_LIMIT_WINDOW_MS: number;
-    SWAGGER_ENABLED: boolean;
-    SWAGGER_ROUTE: string;
-    SWAGGER_TITLE: string;
-    SWAGGER_DESCRIPTION: string;
-    SWAGGER_VERSION: string;
     LOG_LEVEL: "fatal" | "error" | "warn" | "info" | "debug" | "trace";
     DATABASE_URL?: string | undefined;
     JWT_SECRET?: string | undefined;
@@ -164,13 +144,6 @@ interface AppConfig {
     redis: {
         url?: string;
     };
-    swagger: {
-        enabled: boolean;
-        route: string;
-        title: string;
-        description: string;
-        version: string;
-    };
 }
 declare function createConfig(): AppConfig;
 declare const config: AppConfig;
@@ -343,16 +316,43 @@ declare module '@fastify/jwt' {
 declare class AuthService {
     private app;
     private readonly SALT_ROUNDS;
-    constructor(app: FastifyInstance);
+    private redis;
+    private readonly BLACKLIST_PREFIX;
+    private readonly BLACKLIST_TTL;
+    constructor(app: FastifyInstance, redisUrl?: string);
     hashPassword(password: string): Promise<string>;
     verifyPassword(password: string, hash: string): Promise<boolean>;
     generateTokenPair(user: AuthUser): TokenPair;
     private parseExpiration;
     verifyAccessToken(token: string): Promise<JwtPayload>;
     verifyRefreshToken(token: string): Promise<JwtPayload>;
-    blacklistToken(token: string): void;
-    isTokenBlacklisted(token: string): boolean;
-    cleanupBlacklist(): void;
+    /**
+     * Blacklist a token (JWT revocation)
+     * Uses Redis if available, falls back to in-memory Set
+     */
+    blacklistToken(token: string): Promise<void>;
+    /**
+     * Check if a token is blacklisted
+     * Uses Redis if available, falls back to always returning false
+     */
+    isTokenBlacklisted(token: string): Promise<boolean>;
+    /**
+     * Get count of blacklisted tokens (Redis only)
+     */
+    getBlacklistCount(): Promise<number>;
+    /**
+     * Close Redis connection
+     */
+    close(): Promise<void>;
+    findUserByEmail(_email: string): Promise<AuthUser | null>;
+    createUserFromOAuth(data: {
+        email: string;
+        name?: string;
+        picture?: string;
+        emailVerified?: boolean;
+    }): Promise<AuthUser>;
+    generateTokensForUser(userId: string): Promise<TokenPair>;
+    verifyPasswordById(userId: string, _password: string): Promise<boolean>;
 }
 declare function createAuthService(app: FastifyInstance): AuthService;
 
@@ -403,17 +403,80 @@ interface Role {
 }
 declare const DEFAULT_ROLE_PERMISSIONS: Record<UserRole, string[]>;
 
+/**
+ * User Repository - Prisma Implementation
+ * Manages user data persistence using Prisma ORM
+ */
 declare class UserRepository {
+    /**
+     * Find user by ID
+     */
     findById(id: string): Promise<User | null>;
+    /**
+     * Find user by email (case-insensitive)
+     */
     findByEmail(email: string): Promise<User | null>;
+    /**
+     * Find multiple users with pagination and filters
+     */
     findMany(params: PaginationParams, filters?: UserFilters): Promise<PaginatedResult<User>>;
+    /**
+     * Create a new user
+     */
     create(data: CreateUserData): Promise<User>;
+    /**
+     * Update user data
+     */
     update(id: string, data: UpdateUserData): Promise<User | null>;
+    /**
+     * Update user password
+     */
     updatePassword(id: string, password: string): Promise<User | null>;
+    /**
+     * Update last login timestamp
+     */
     updateLastLogin(id: string): Promise<User | null>;
+    /**
+     * Delete user by ID
+     */
     delete(id: string): Promise<boolean>;
+    /**
+     * Count users with optional filters
+     */
     count(filters?: UserFilters): Promise<number>;
+    /**
+     * Helper to clear all users (for testing only)
+     * WARNING: This deletes all users from the database
+     */
     clear(): Promise<void>;
+    /**
+     * Build Prisma where clause from filters
+     */
+    private buildWhereClause;
+    /**
+     * Build Prisma orderBy clause from pagination params
+     */
+    private buildOrderBy;
+    /**
+     * Map Prisma User to application User type
+     */
+    private mapPrismaUserToUser;
+    /**
+     * Map application role to Prisma enum
+     */
+    private mapRoleToEnum;
+    /**
+     * Map Prisma enum to application role
+     */
+    private mapEnumToRole;
+    /**
+     * Map application status to Prisma enum
+     */
+    private mapStatusToEnum;
+    /**
+     * Map Prisma enum to application status
+     */
+    private mapEnumToStatus;
 }
 declare function createUserRepository(): UserRepository;
 
@@ -451,9 +514,9 @@ declare class AuthController {
 }
 declare function createAuthController(authService: AuthService, userService: UserService): AuthController;
 
-declare function createAuthMiddleware(authService: AuthService): (request: FastifyRequest, reply: FastifyReply) => Promise<void>;
+declare function createAuthMiddleware(authService: AuthService): (request: FastifyRequest, _reply: FastifyReply) => Promise<void>;
 declare function createRoleMiddleware(allowedRoles: string[]): (request: FastifyRequest, _reply: FastifyReply) => Promise<void>;
-declare function createPermissionMiddleware(requiredPermissions: string[]): (request: FastifyRequest, _reply: FastifyReply) => Promise<void>;
+declare function createPermissionMiddleware(_requiredPermissions: string[]): (request: FastifyRequest, _reply: FastifyReply) => Promise<void>;
 declare function createOptionalAuthMiddleware(authService: AuthService): (request: FastifyRequest, _reply: FastifyReply) => Promise<void>;
 
 declare const loginSchema: z.ZodObject<{
@@ -520,7 +583,7 @@ type PasswordResetRequestInput = z.infer<typeof passwordResetRequestSchema>;
 type PasswordResetConfirmInput = z.infer<typeof passwordResetConfirmSchema>;
 type ChangePasswordInput = z.infer<typeof changePasswordSchema>;
 
-declare function registerAuthModule(app: FastifyInstance): Promise<AuthService>;
+declare function registerAuthModule(app: FastifyInstance): Promise<void>;
 
 declare class UserController {
     private userService;
@@ -570,8 +633,8 @@ declare const createUserSchema: z.ZodObject<{
     role: z.ZodDefault<z.ZodOptional<z.ZodEnum<["user", "admin", "moderator", "super_admin"]>>>;
 }, "strip", z.ZodTypeAny, {
     email: string;
-    password: string;
     role: "user" | "admin" | "moderator" | "super_admin";
+    password: string;
     name?: string | undefined;
 }, {
     email: string;
@@ -712,10 +775,10 @@ declare function createEmailService(config?: Partial<EmailConfig>): EmailService
 declare function renderTemplate(templateName: string, data: Record<string, unknown>): string;
 declare function renderCustomTemplate(htmlTemplate: string, data: Record<string, unknown>): string;
 
-declare function validateBody<T extends ZodTypeAny>(schema: T, data: unknown): z.infer<T>;
-declare function validateQuery<T extends ZodTypeAny>(schema: T, data: unknown): z.infer<T>;
-declare function validateParams<T extends ZodTypeAny>(schema: T, data: unknown): z.infer<T>;
-declare function validate<T extends ZodTypeAny>(schema: T, data: unknown): z.infer<T>;
+declare function validateBody<T>(schema: ZodSchema<T>, data: unknown): T;
+declare function validateQuery<T extends z.ZodTypeAny>(schema: T, data: unknown): z.infer<T>;
+declare function validateParams<T>(schema: ZodSchema<T>, data: unknown): T;
+declare function validate<T>(schema: ZodSchema<T>, data: unknown): T;
 declare const idParamSchema: z.ZodObject<{
     id: z.ZodString;
 }, "strip", z.ZodTypeAny, {
@@ -782,20 +845,18 @@ interface AuditLogQuery {
     limit?: number;
 }
 
+interface AuditLogRecord extends AuditLogEntry {
+    id: string;
+    createdAt: Date;
+}
+
 declare class AuditService {
+    private repository;
+    constructor();
     log(entry: AuditLogEntry): Promise<void>;
-    query(params: AuditLogQuery): Promise<PaginatedResult<AuditLogEntry & {
-        id: string;
-        createdAt: Date;
-    }>>;
-    findByUser(userId: string, limit?: number): Promise<(AuditLogEntry & {
-        id: string;
-        createdAt: Date;
-    })[]>;
-    findByResource(resource: string, resourceId: string, limit?: number): Promise<(AuditLogEntry & {
-        id: string;
-        createdAt: Date;
-    })[]>;
+    query(params: AuditLogQuery): Promise<PaginatedResult<AuditLogRecord>>;
+    findByUser(userId: string, limit?: number): Promise<AuditLogRecord[]>;
+    findByResource(resource: string, resourceId: string, limit?: number): Promise<AuditLogRecord[]>;
     logCreate(resource: string, resourceId: string, userId?: string, newValue?: Record<string, unknown>, meta?: {
         ipAddress?: string;
         userAgent?: string;
@@ -820,6 +881,7 @@ declare class AuditService {
         ipAddress?: string;
         userAgent?: string;
     }): Promise<void>;
+    cleanupOldLogs(retentionDays: number): Promise<number>;
     clear(): Promise<void>;
 }
 declare function getAuditService(): AuditService;

package/dist/index.d.ts

@@ -1,7 +1,7 @@
 import { FastifyInstance, FastifyReply, FastifyRequest } from 'fastify';
 import pino, { Logger } from 'pino';
 export { Logger } from 'pino';
-import { z, ZodTypeAny } from 'zod';
+import { z, ZodSchema } from 'zod';
 
 interface LoggerConfig {
     level: string;
@@ -50,11 +50,6 @@ declare const envSchema: z.ZodObject<{
     SMTP_PASS: z.ZodOptional<z.ZodString>;
     SMTP_FROM: z.ZodOptional<z.ZodString>;
     REDIS_URL: z.ZodOptional<z.ZodString>;
-    SWAGGER_ENABLED: z.ZodEffects<z.ZodDefault<z.ZodUnion<[z.ZodLiteral<"true">, z.ZodLiteral<"false">]>>, boolean, "true" | "false" | undefined>;
-    SWAGGER_ROUTE: z.ZodDefault<z.ZodString>;
-    SWAGGER_TITLE: z.ZodDefault<z.ZodString>;
-    SWAGGER_DESCRIPTION: z.ZodDefault<z.ZodString>;
-    SWAGGER_VERSION: z.ZodDefault<z.ZodString>;
     LOG_LEVEL: z.ZodDefault<z.ZodEnum<["fatal", "error", "warn", "info", "debug", "trace"]>>;
 }, "strip", z.ZodTypeAny, {
     NODE_ENV: "development" | "staging" | "production" | "test";
@@ -65,11 +60,6 @@ declare const envSchema: z.ZodObject<{
     CORS_ORIGIN: string;
     RATE_LIMIT_MAX: number;
     RATE_LIMIT_WINDOW_MS: number;
-    SWAGGER_ENABLED: boolean;
-    SWAGGER_ROUTE: string;
-    SWAGGER_TITLE: string;
-    SWAGGER_DESCRIPTION: string;
-    SWAGGER_VERSION: string;
     LOG_LEVEL: "fatal" | "error" | "warn" | "info" | "debug" | "trace";
     DATABASE_URL?: string | undefined;
     JWT_SECRET?: string | undefined;
@@ -96,11 +86,6 @@ declare const envSchema: z.ZodObject<{
     SMTP_PASS?: string | undefined;
     SMTP_FROM?: string | undefined;
     REDIS_URL?: string | undefined;
-    SWAGGER_ENABLED?: "true" | "false" | undefined;
-    SWAGGER_ROUTE?: string | undefined;
-    SWAGGER_TITLE?: string | undefined;
-    SWAGGER_DESCRIPTION?: string | undefined;
-    SWAGGER_VERSION?: string | undefined;
     LOG_LEVEL?: "fatal" | "error" | "warn" | "info" | "debug" | "trace" | undefined;
 }>;
 type Env = z.infer<typeof envSchema>;
@@ -113,11 +98,6 @@ declare const env: {
     CORS_ORIGIN: string;
     RATE_LIMIT_MAX: number;
     RATE_LIMIT_WINDOW_MS: number;
-    SWAGGER_ENABLED: boolean;
-    SWAGGER_ROUTE: string;
-    SWAGGER_TITLE: string;
-    SWAGGER_DESCRIPTION: string;
-    SWAGGER_VERSION: string;
     LOG_LEVEL: "fatal" | "error" | "warn" | "info" | "debug" | "trace";
     DATABASE_URL?: string | undefined;
     JWT_SECRET?: string | undefined;
@@ -164,13 +144,6 @@ interface AppConfig {
     redis: {
         url?: string;
     };
-    swagger: {
-        enabled: boolean;
-        route: string;
-        title: string;
-        description: string;
-        version: string;
-    };
 }
 declare function createConfig(): AppConfig;
 declare const config: AppConfig;
@@ -343,16 +316,43 @@ declare module '@fastify/jwt' {
 declare class AuthService {
     private app;
     private readonly SALT_ROUNDS;
-    constructor(app: FastifyInstance);
+    private redis;
+    private readonly BLACKLIST_PREFIX;
+    private readonly BLACKLIST_TTL;
+    constructor(app: FastifyInstance, redisUrl?: string);
     hashPassword(password: string): Promise<string>;
     verifyPassword(password: string, hash: string): Promise<boolean>;
     generateTokenPair(user: AuthUser): TokenPair;
     private parseExpiration;
     verifyAccessToken(token: string): Promise<JwtPayload>;
     verifyRefreshToken(token: string): Promise<JwtPayload>;
-    blacklistToken(token: string): void;
-    isTokenBlacklisted(token: string): boolean;
-    cleanupBlacklist(): void;
+    /**
+     * Blacklist a token (JWT revocation)
+     * Uses Redis if available, falls back to in-memory Set
+     */
+    blacklistToken(token: string): Promise<void>;
+    /**
+     * Check if a token is blacklisted
+     * Uses Redis if available, falls back to always returning false
+     */
+    isTokenBlacklisted(token: string): Promise<boolean>;
+    /**
+     * Get count of blacklisted tokens (Redis only)
+     */
+    getBlacklistCount(): Promise<number>;
+    /**
+     * Close Redis connection
+     */
+    close(): Promise<void>;
+    findUserByEmail(_email: string): Promise<AuthUser | null>;
+    createUserFromOAuth(data: {
+        email: string;
+        name?: string;
+        picture?: string;
+        emailVerified?: boolean;
+    }): Promise<AuthUser>;
+    generateTokensForUser(userId: string): Promise<TokenPair>;
+    verifyPasswordById(userId: string, _password: string): Promise<boolean>;
 }
 declare function createAuthService(app: FastifyInstance): AuthService;
 
@@ -403,17 +403,80 @@ interface Role {
 }
 declare const DEFAULT_ROLE_PERMISSIONS: Record<UserRole, string[]>;
 
+/**
+ * User Repository - Prisma Implementation
+ * Manages user data persistence using Prisma ORM
+ */
 declare class UserRepository {
+    /**
+     * Find user by ID
+     */
     findById(id: string): Promise<User | null>;
+    /**
+     * Find user by email (case-insensitive)
+     */
     findByEmail(email: string): Promise<User | null>;
+    /**
+     * Find multiple users with pagination and filters
+     */
     findMany(params: PaginationParams, filters?: UserFilters): Promise<PaginatedResult<User>>;
+    /**
+     * Create a new user
+     */
     create(data: CreateUserData): Promise<User>;
+    /**
+     * Update user data
+     */
     update(id: string, data: UpdateUserData): Promise<User | null>;
+    /**
+     * Update user password
+     */
     updatePassword(id: string, password: string): Promise<User | null>;
+    /**
+     * Update last login timestamp
+     */
     updateLastLogin(id: string): Promise<User | null>;
+    /**
+     * Delete user by ID
+     */
     delete(id: string): Promise<boolean>;
+    /**
+     * Count users with optional filters
+     */
     count(filters?: UserFilters): Promise<number>;
+    /**
+     * Helper to clear all users (for testing only)
+     * WARNING: This deletes all users from the database
+     */
     clear(): Promise<void>;
+    /**
+     * Build Prisma where clause from filters
+     */
+    private buildWhereClause;
+    /**
+     * Build Prisma orderBy clause from pagination params
+     */
+    private buildOrderBy;
+    /**
+     * Map Prisma User to application User type
+     */
+    private mapPrismaUserToUser;
+    /**
+     * Map application role to Prisma enum
+     */
+    private mapRoleToEnum;
+    /**
+     * Map Prisma enum to application role
+     */
+    private mapEnumToRole;
+    /**
+     * Map application status to Prisma enum
+     */
+    private mapStatusToEnum;
+    /**
+     * Map Prisma enum to application status
+     */
+    private mapEnumToStatus;
 }
 declare function createUserRepository(): UserRepository;
 
@@ -451,9 +514,9 @@ declare class AuthController {
 }
 declare function createAuthController(authService: AuthService, userService: UserService): AuthController;
 
-declare function createAuthMiddleware(authService: AuthService): (request: FastifyRequest, reply: FastifyReply) => Promise<void>;
+declare function createAuthMiddleware(authService: AuthService): (request: FastifyRequest, _reply: FastifyReply) => Promise<void>;
 declare function createRoleMiddleware(allowedRoles: string[]): (request: FastifyRequest, _reply: FastifyReply) => Promise<void>;
-declare function createPermissionMiddleware(requiredPermissions: string[]): (request: FastifyRequest, _reply: FastifyReply) => Promise<void>;
+declare function createPermissionMiddleware(_requiredPermissions: string[]): (request: FastifyRequest, _reply: FastifyReply) => Promise<void>;
 declare function createOptionalAuthMiddleware(authService: AuthService): (request: FastifyRequest, _reply: FastifyReply) => Promise<void>;
 
 declare const loginSchema: z.ZodObject<{
@@ -520,7 +583,7 @@ type PasswordResetRequestInput = z.infer<typeof passwordResetRequestSchema>;
 type PasswordResetConfirmInput = z.infer<typeof passwordResetConfirmSchema>;
 type ChangePasswordInput = z.infer<typeof changePasswordSchema>;
 
-declare function registerAuthModule(app: FastifyInstance): Promise<AuthService>;
+declare function registerAuthModule(app: FastifyInstance): Promise<void>;
 
 declare class UserController {
     private userService;
@@ -570,8 +633,8 @@ declare const createUserSchema: z.ZodObject<{
     role: z.ZodDefault<z.ZodOptional<z.ZodEnum<["user", "admin", "moderator", "super_admin"]>>>;
 }, "strip", z.ZodTypeAny, {
     email: string;
-    password: string;
     role: "user" | "admin" | "moderator" | "super_admin";
+    password: string;
     name?: string | undefined;
 }, {
     email: string;
@@ -712,10 +775,10 @@ declare function createEmailService(config?: Partial<EmailConfig>): EmailService
 declare function renderTemplate(templateName: string, data: Record<string, unknown>): string;
 declare function renderCustomTemplate(htmlTemplate: string, data: Record<string, unknown>): string;
 
-declare function validateBody<T extends ZodTypeAny>(schema: T, data: unknown): z.infer<T>;
-declare function validateQuery<T extends ZodTypeAny>(schema: T, data: unknown): z.infer<T>;
-declare function validateParams<T extends ZodTypeAny>(schema: T, data: unknown): z.infer<T>;
-declare function validate<T extends ZodTypeAny>(schema: T, data: unknown): z.infer<T>;
+declare function validateBody<T>(schema: ZodSchema<T>, data: unknown): T;
+declare function validateQuery<T extends z.ZodTypeAny>(schema: T, data: unknown): z.infer<T>;
+declare function validateParams<T>(schema: ZodSchema<T>, data: unknown): T;
+declare function validate<T>(schema: ZodSchema<T>, data: unknown): T;
 declare const idParamSchema: z.ZodObject<{
     id: z.ZodString;
 }, "strip", z.ZodTypeAny, {
@@ -782,20 +845,18 @@ interface AuditLogQuery {
     limit?: number;
 }
 
+interface AuditLogRecord extends AuditLogEntry {
+    id: string;
+    createdAt: Date;
+}
+
 declare class AuditService {
+    private repository;
+    constructor();
     log(entry: AuditLogEntry): Promise<void>;
-    query(params: AuditLogQuery): Promise<PaginatedResult<AuditLogEntry & {
-        id: string;
-        createdAt: Date;
-    }>>;
-    findByUser(userId: string, limit?: number): Promise<(AuditLogEntry & {
-        id: string;
-        createdAt: Date;
-    })[]>;
-    findByResource(resource: string, resourceId: string, limit?: number): Promise<(AuditLogEntry & {
-        id: string;
-        createdAt: Date;
-    })[]>;
+    query(params: AuditLogQuery): Promise<PaginatedResult<AuditLogRecord>>;
+    findByUser(userId: string, limit?: number): Promise<AuditLogRecord[]>;
+    findByResource(resource: string, resourceId: string, limit?: number): Promise<AuditLogRecord[]>;
     logCreate(resource: string, resourceId: string, userId?: string, newValue?: Record<string, unknown>, meta?: {
         ipAddress?: string;
         userAgent?: string;
@@ -820,6 +881,7 @@ declare class AuditService {
         ipAddress?: string;
         userAgent?: string;
     }): Promise<void>;
+    cleanupOldLogs(retentionDays: number): Promise<number>;
     clear(): Promise<void>;
 }
 declare function getAuditService(): AuditService;