npm - vr-commons - Versions diffs - 1.0.99 → 1.0.100 - Mend

vr-commons 1.0.99 → 1.0.100

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/middlewares/admin/auth.admin.middlewares.d.ts +3 -0
package/dist/middlewares/admin/auth.admin.middlewares.js +60 -0
package/dist/middlewares/admin/index.d.ts +1 -0
package/dist/middlewares/admin/index.js +5 -0
package/dist/middlewares/index.d.ts +3 -2
package/dist/middlewares/index.js +17 -8
package/dist/middlewares/shared/account.shared.middlewares.d.ts +4 -0
package/dist/middlewares/shared/account.shared.middlewares.js +64 -0
package/dist/middlewares/shared/index.d.ts +1 -0
package/dist/middlewares/shared/index.js +7 -0
package/dist/middlewares/users/auth.users.middlewares.d.ts +4 -0
package/dist/middlewares/users/auth.users.middlewares.js +131 -0
package/dist/middlewares/users/index.d.ts +1 -0
package/dist/middlewares/users/index.js +5 -0
package/package.json +1 -1

package/dist/middlewares/admin/auth.admin.middlewares.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { Request, Response, NextFunction } from "express";
+import { UserRole } from "vr-models";
+export declare const checkAdminAuthentication: (allowedRoles: UserRole[]) => (req: Request, res: Response, next: NextFunction) => Promise<void>;

package/dist/middlewares/admin/auth.admin.middlewares.js ADDED Viewed

@@ -0,0 +1,60 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkAdminAuthentication = void 0;
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const vr_models_1 = require("vr-models");
+const response_utils_1 = require("../../utils/response.utils");
+const checkAdminAuthentication = (allowedRoles) => async (req, res, next) => {
+    try {
+        const token = req.cookies?.access_token;
+        if (!token) {
+            return (0, response_utils_1.sendErrorResponse)(res, "Authentication required", 401);
+        }
+        let payload;
+        try {
+            payload = jsonwebtoken_1.default.verify(token, process.env.JWT_SECRET);
+        }
+        catch (error) {
+            if (error instanceof jsonwebtoken_1.default.TokenExpiredError) {
+                return (0, response_utils_1.sendErrorResponse)(res, "Session expired. Please login again.", 401);
+            }
+            return (0, response_utils_1.sendErrorResponse)(res, "Invalid session", 401);
+        }
+        const user = await vr_models_1.User.findOne({
+            where: { id: payload.userId },
+            include: [
+                {
+                    model: vr_models_1.SecurityClearance,
+                    as: "securityClearance",
+                },
+            ],
+        });
+        if (!user || !user.securityClearance) {
+            return (0, response_utils_1.sendErrorResponse)(res, "User not found", 400);
+        }
+        // 🔐 Token versioning
+        if (user.tokenVersion !== payload.tokenVersion) {
+            return (0, response_utils_1.sendErrorResponse)(res, "Session expired", 401);
+        }
+        // 🧱 Role enforcement
+        if (!allowedRoles.includes(user.securityClearance.role)) {
+            return (0, response_utils_1.sendErrorResponse)(res, "Access denied", 403);
+        }
+        // Attach user to request (same as before)
+        req.userId = user.id;
+        req.firstName = user.firstName;
+        req.lastName = user.lastName;
+        req.scRole = user.securityClearance.role;
+        req.scLevel = user.securityClearance.level;
+        req.tokenVersion = user.tokenVersion;
+        next();
+    }
+    catch (error) {
+        console.error("Authentication error:", error);
+        next(error);
+    }
+};
+exports.checkAdminAuthentication = checkAdminAuthentication;

package/dist/middlewares/admin/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { checkAdminAuthentication } from "./auth.admin.middlewares";

package/dist/middlewares/admin/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkAdminAuthentication = void 0;
+var auth_admin_middlewares_1 = require("./auth.admin.middlewares");
+Object.defineProperty(exports, "checkAdminAuthentication", { enumerable: true, get: function () { return auth_admin_middlewares_1.checkAdminAuthentication; } });

package/dist/middlewares/index.d.ts CHANGED Viewed

@@ -1,2 +1,3 @@
-export { checkUserAuthentication, checkAdminAuthentication, } from "./auth.middlewares";
-export { checkUserAccountStatus, checkIsUserBanned, checkIsUserSuspended, } from "./account.middlewares";
+export * from "./admin";
+export * from "./shared";
+export * from "./users";

package/dist/middlewares/index.js CHANGED Viewed

@@ -1,10 +1,19 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.checkIsUserSuspended = exports.checkIsUserBanned = exports.checkUserAccountStatus = exports.checkAdminAuthentication = exports.checkUserAuthentication = void 0;
-var auth_middlewares_1 = require("./auth.middlewares");
-Object.defineProperty(exports, "checkUserAuthentication", { enumerable: true, get: function () { return auth_middlewares_1.checkUserAuthentication; } });
-Object.defineProperty(exports, "checkAdminAuthentication", { enumerable: true, get: function () { return auth_middlewares_1.checkAdminAuthentication; } });
-var account_middlewares_1 = require("./account.middlewares");
-Object.defineProperty(exports, "checkUserAccountStatus", { enumerable: true, get: function () { return account_middlewares_1.checkUserAccountStatus; } });
-Object.defineProperty(exports, "checkIsUserBanned", { enumerable: true, get: function () { return account_middlewares_1.checkIsUserBanned; } });
-Object.defineProperty(exports, "checkIsUserSuspended", { enumerable: true, get: function () { return account_middlewares_1.checkIsUserSuspended; } });
+__exportStar(require("./admin"), exports);
+__exportStar(require("./shared"), exports);
+__exportStar(require("./users"), exports);

package/dist/middlewares/shared/account.shared.middlewares.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import { Request, Response, NextFunction } from "express";
+export declare function checkIsUserBanned(req: Request, res: Response, next: NextFunction): Promise<void>;
+export declare function checkIsUserSuspended(req: Request, res: Response, next: NextFunction): Promise<void>;
+export declare function checkUserAccountStatus(req: Request, res: Response, next: NextFunction): Promise<void>;

package/dist/middlewares/shared/account.shared.middlewares.js ADDED Viewed

@@ -0,0 +1,64 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkIsUserBanned = checkIsUserBanned;
+exports.checkIsUserSuspended = checkIsUserSuspended;
+exports.checkUserAccountStatus = checkUserAccountStatus;
+const account_utils_1 = require("../../utils/account.utils");
+const response_utils_1 = require("../../utils/response.utils");
+// Check if user is banned
+async function checkIsUserBanned(req, res, next) {
+    try {
+        const userId = req.userId;
+        if (!userId) {
+            return next();
+        }
+        const { isBanned, banDetails } = await (0, account_utils_1.checkBanStatus)(userId);
+        if (isBanned && banDetails && !banDetails.revokedAt) {
+            const message = banDetails.isPermanent
+                ? "Your account has been permanently banned"
+                : `Your account was banned at: ${banDetails.bannedAt.toISOString()}`;
+            return (0, response_utils_1.sendErrorResponse)(res, message, 403, banDetails);
+        }
+        next();
+    }
+    catch (error) {
+        next(error);
+    }
+}
+// Check if user is suspended
+async function checkIsUserSuspended(req, res, next) {
+    try {
+        const userId = req.userId;
+        if (!userId) {
+            return next();
+        }
+        const { isSuspended, suspensionDetails } = await (0, account_utils_1.checkSuspensionStatus)(userId);
+        if (isSuspended && suspensionDetails) {
+            const daysRemaining = Math.ceil((new Date(suspensionDetails.endsAt).getTime() - new Date().getTime()) /
+                (1000 * 60 * 60 * 24));
+            const message = `Your account is suspended for ${daysRemaining} more day(s) until ${suspensionDetails.endsAt.toISOString()}`;
+            return (0, response_utils_1.sendErrorResponse)(res, message, 403, suspensionDetails);
+        }
+        next();
+    }
+    catch (error) {
+        next(error);
+    }
+}
+// Combined check for both ban and suspension
+async function checkUserAccountStatus(req, res, next) {
+    try {
+        const userId = req.userId;
+        if (!userId) {
+            return next();
+        }
+        const result = await (0, account_utils_1.checkIsUserBannedOrSuspended)(userId);
+        if (result.isRestricted) {
+            return (0, response_utils_1.sendErrorResponse)(res, result.message, 403, result.details);
+        }
+        next();
+    }
+    catch (error) {
+        next(error);
+    }
+}

package/dist/middlewares/shared/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { checkIsUserBanned, checkIsUserSuspended, checkUserAccountStatus, } from "./account.shared.middlewares";

package/dist/middlewares/shared/index.js ADDED Viewed

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkUserAccountStatus = exports.checkIsUserSuspended = exports.checkIsUserBanned = void 0;
+var account_shared_middlewares_1 = require("./account.shared.middlewares");
+Object.defineProperty(exports, "checkIsUserBanned", { enumerable: true, get: function () { return account_shared_middlewares_1.checkIsUserBanned; } });
+Object.defineProperty(exports, "checkIsUserSuspended", { enumerable: true, get: function () { return account_shared_middlewares_1.checkIsUserSuspended; } });
+Object.defineProperty(exports, "checkUserAccountStatus", { enumerable: true, get: function () { return account_shared_middlewares_1.checkUserAccountStatus; } });

package/dist/middlewares/users/auth.users.middlewares.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import { Request, Response, NextFunction } from "express";
+import { UserRole } from "vr-models";
+export declare const checkUserAuthentication: (allowedRoles: UserRole[]) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
+export declare const checkAdminAuthentication: (allowedRoles: UserRole[]) => (req: Request, res: Response, next: NextFunction) => Promise<void>;

package/dist/middlewares/users/auth.users.middlewares.js ADDED Viewed

@@ -0,0 +1,131 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkAdminAuthentication = exports.checkUserAuthentication = void 0;
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const vr_models_1 = require("vr-models");
+const response_utils_1 = require("../../utils/response.utils");
+const authTokens_utils_1 = require("../../utils/authTokens.utils");
+const checkUserAuthentication = (allowedRoles) => async (req, res, next) => {
+    try {
+        const authHeader = req.headers.authorization;
+        if (!authHeader || !authHeader.startsWith("Bearer ")) {
+            return (0, response_utils_1.sendErrorResponse)(res, "Missing or invalid token", 401);
+        }
+        const token = authHeader.split(" ")[1];
+        let payload;
+        try {
+            payload = jsonwebtoken_1.default.verify(token, process.env.JWT_SECRET);
+        }
+        catch (error) {
+            if (error instanceof jsonwebtoken_1.default.TokenExpiredError) {
+                return (0, response_utils_1.sendErrorResponse)(res, "Token expired. Please re-verify your phone.", 401);
+            }
+            return (0, response_utils_1.sendErrorResponse)(res, "Token invalid", 401);
+        }
+        const user = await vr_models_1.User.findOne({
+            where: { id: payload.userId },
+            include: [
+                {
+                    model: vr_models_1.SecurityClearance,
+                    as: "securityClearance",
+                },
+            ],
+        });
+        // Check if user exists
+        if (!user || !user.securityClearance) {
+            return (0, response_utils_1.sendErrorResponse)(res, "User not found", 400);
+        }
+        // 🔐 Token versioning (logout all devices)
+        if (user.tokenVersion !== payload.tokenVersion) {
+            return (0, response_utils_1.sendErrorResponse)(res, "Session expired. Please re-verify your phone.", 401);
+        }
+        // 🧱 Role enforcement
+        if (!allowedRoles.includes(user.securityClearance.role)) {
+            return (0, response_utils_1.sendErrorResponse)(res, "Access denied", 403);
+        }
+        // ✅ Extend req with user info
+        req.userId = user.id;
+        req.firstName = user.firstName;
+        req.lastName = user.lastName;
+        req.scRole = user.securityClearance.role;
+        req.scLevel = user.securityClearance.level;
+        req.tokenVersion = user.tokenVersion;
+        // Optional: Add sessionId if present in payload (for backward compatibility)
+        if (payload.sessionId) {
+            req.sessionId = payload.sessionId;
+        }
+        // 🔄 Auto-refresh token if it's about to expire (within 5 days)
+        if ((0, authTokens_utils_1.shouldRefreshToken)(token)) {
+            const newToken = (0, authTokens_utils_1.generateToken)(user.id, user.securityClearance.role, user.securityClearance.level, user.tokenVersion, payload.sessionId, // Preserve sessionId if exists
+            user.securityClearance.role === "ADMIN"
+                ? "ADMIN"
+                : user.securityClearance.role === "RIDER"
+                    ? "RIDER"
+                    : "PASSENGER");
+            // Set new token in response header for client to update
+            res.setHeader("X-New-Token", newToken);
+            res.setHeader("X-Token-Refreshed", "true");
+            console.log(`🔄 Auto-refreshed token for user ${user.id}`);
+        }
+        next();
+    }
+    catch (error) {
+        console.error("Authentication error:", error);
+        next(error);
+    }
+};
+exports.checkUserAuthentication = checkUserAuthentication;
+const checkAdminAuthentication = (allowedRoles) => async (req, res, next) => {
+    try {
+        const token = req.cookies?.access_token;
+        if (!token) {
+            return (0, response_utils_1.sendErrorResponse)(res, "Authentication required", 401);
+        }
+        let payload;
+        try {
+            payload = jsonwebtoken_1.default.verify(token, process.env.JWT_SECRET);
+        }
+        catch (error) {
+            if (error instanceof jsonwebtoken_1.default.TokenExpiredError) {
+                return (0, response_utils_1.sendErrorResponse)(res, "Session expired. Please login again.", 401);
+            }
+            return (0, response_utils_1.sendErrorResponse)(res, "Invalid session", 401);
+        }
+        const user = await vr_models_1.User.findOne({
+            where: { id: payload.userId },
+            include: [
+                {
+                    model: vr_models_1.SecurityClearance,
+                    as: "securityClearance",
+                },
+            ],
+        });
+        if (!user || !user.securityClearance) {
+            return (0, response_utils_1.sendErrorResponse)(res, "User not found", 400);
+        }
+        // 🔐 Token versioning
+        if (user.tokenVersion !== payload.tokenVersion) {
+            return (0, response_utils_1.sendErrorResponse)(res, "Session expired", 401);
+        }
+        // 🧱 Role enforcement
+        if (!allowedRoles.includes(user.securityClearance.role)) {
+            return (0, response_utils_1.sendErrorResponse)(res, "Access denied", 403);
+        }
+        // Attach user to request (same as before)
+        req.userId = user.id;
+        req.firstName = user.firstName;
+        req.lastName = user.lastName;
+        req.scRole = user.securityClearance.role;
+        req.scLevel = user.securityClearance.level;
+        req.tokenVersion = user.tokenVersion;
+        next();
+    }
+    catch (error) {
+        console.error("Authentication error:", error);
+        next(error);
+    }
+};
+exports.checkAdminAuthentication = checkAdminAuthentication;

package/dist/middlewares/users/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { checkUserAuthentication } from "./auth.users.middlewares";

package/dist/middlewares/users/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkUserAuthentication = void 0;
+var auth_users_middlewares_1 = require("./auth.users.middlewares");
+Object.defineProperty(exports, "checkUserAuthentication", { enumerable: true, get: function () { return auth_users_middlewares_1.checkUserAuthentication; } });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "vr-commons",
-  "version": "1.0.99",
+  "version": "1.0.100",
   "description": "Shared functions package",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",