ts/reception/classes.registrationsession.ts

import * as plugins from '../plugins.js';

import { RegistrationSessionManager } from './classes.registrationsessionmanager.js';
import { logger } from './logging.js';
import { User } from './classes.user.js';

/**
 * a RegistrationSession persists a sign up flow across restarts
 */
@plugins.smartdata.Manager()
export class RegistrationSession extends plugins.smartdata.SmartDataDbDoc<
  RegistrationSession,
  plugins.idpInterfaces.data.IRegistrationSession,
  RegistrationSessionManager
> {
  public static hashToken(tokenArg: string) {
    return plugins.smarthash.sha256FromStringSync(tokenArg);
  }

  public static async createRegistrationSessionForEmail(
    emailArg: string
  ) {
    const newRegistrationSession = new RegistrationSession();
    newRegistrationSession.id = plugins.smartunique.shortId();
    newRegistrationSession.data.emailAddress = emailArg;
    newRegistrationSession.data.validUntil =
      Date.now() + plugins.smarttime.getMilliSecondsFromUnits({ minutes: 10 });
    newRegistrationSession.data.createdAt = Date.now();

    const emailValidationResult = await newRegistrationSession.validateEMailAddress().catch(() => {
      throw new plugins.typedrequest.TypedResponseError(
        'Error occured during email provider & dns validation'
      );
    });

    if (!emailValidationResult?.valid) {
      throw new plugins.typedrequest.TypedResponseError(
        'Email Address is not valid. Please use a correctly formated email address'
      );
    }
    if (emailValidationResult.disposable) {
      throw new plugins.typedrequest.TypedResponseError(
        'Email is disposable. Please use a non disposable email address.'
      );
    }

    const validationToken = await newRegistrationSession.sendTokenValidationEmail();
    newRegistrationSession.unhashedEmailToken = validationToken;
    return newRegistrationSession;
  }

  @plugins.smartdata.unI()
  public id: string;

  @plugins.smartdata.svDb()
  public data: plugins.idpInterfaces.data.IRegistrationSession['data'] = {
    emailAddress: '',
    hashedEmailToken: '',
    smsCodeHash: null,
    smsvalidationCounter: 0,
    status: 'announced',
    validUntil: 0,
    createdAt: 0,
    collectedData: {
      userData: {
        username: null,
        connectedOrgs: [],
        email: null,
        name: null,
        status: null,
        mobileNumber: null,
        password: null,
        passwordHash: null,
      },
    },
  };

  /**
   * only used during testing
   */
  public unhashedEmailToken?: string;

  public get emailAddress() {
    return this.data.emailAddress;
  }

  public get status() {
    return this.data.status;
  }

  public set status(statusArg: plugins.idpInterfaces.data.TRegistrationSessionStatus) {
    this.data.status = statusArg;
  }

  public get collectedData() {
    return this.data.collectedData;
  }

  public isExpired() {
    return this.data.validUntil < Date.now();
  }

  /**
   * validates a token by comparing its hash against the stored hashed token
   */
  public async validateEmailToken(tokenArg: string): Promise<boolean> {
    if (this.isExpired()) {
      await this.destroy();
      return false;
    }

    const result = this.data.hashedEmailToken === RegistrationSession.hashToken(tokenArg);
    if (result && this.data.status === 'announced') {
      this.data.status = 'emailValidated';
      this.data.collectedData.userData.email = this.data.emailAddress;
      await this.save();
    }
    if (!result && this.data.status === 'announced') {
      this.data.status = 'failed';
      await this.save();
    }
    return result;
  }

  /** validates the sms code */
  public async validateSmsCode(smsCodeArg: string) {
    this.data.smsvalidationCounter++;
    const result = this.data.smsCodeHash === RegistrationSession.hashToken(smsCodeArg);
    if (this.data.status === 'emailValidated' && result) {
      this.data.status = 'mobileVerified';
      await this.save();
      return result;
    }

    if (this.data.smsvalidationCounter >= 5) {
      await this.destroy();
      throw new plugins.typedrequest.TypedResponseError(
        'Registration cancelled due to repeated wrong verification code submission'
      );
    }

    await this.save();
    return false;
  }

  public async validateEMailAddress(): Promise<plugins.smartmail.IEmailValidationResult> {
    const result = await new plugins.smartmail.EmailAddressValidator().validate(this.data.emailAddress);
    return result;
  }

  public async sendTokenValidationEmail() {
    const uuidToSend = plugins.smartunique.uuid4();
    this.data.hashedEmailToken = RegistrationSession.hashToken(uuidToSend);
    await this.save();
    this.manager.receptionRef.receptionMailer.sendRegistrationEmail(this, uuidToSend);
    logger.log('info', `sent a validation email with a verification code to ${this.data.emailAddress}`);
    return uuidToSend;
  }

  public async sendValidationSms() {
    const smsCode =
      await this.manager.receptionRef.szPlatformClient.smsConnector.sendSmsVerifcation({
        fromName: this.manager.receptionRef.options.name,
        toNumber: parseInt(this.data.collectedData.userData.mobileNumber),
      });
    this.data.smsCodeHash = RegistrationSession.hashToken(smsCode);
    await this.save();
    return smsCode;
  }

  public async manifestUserWithAccountData(): Promise<User> {
    if (this.data.status !== 'mobileVerified') {
      throw new plugins.typedrequest.TypedResponseError(
        'You can only manifest user that have a validated email Address and Mobile Number'
      );
    }
    if (!this.data.collectedData) {
      throw new Error('You have to set the accountdata first');
    }
    const manifestedUser = await this.manager.receptionRef.userManager.CUser.createNewUserForUserData(
      this.data.collectedData.userData as plugins.idpInterfaces.data.IUser['data']
    );
    this.data.status = 'registered';
    await this.save();
    return manifestedUser;
  }

  public async destroy() {
    await this.delete();
  }
}
fix(core): Corrected typos and added missing keywords. 2024-10-01 13:49:18 +02:00			`import * as plugins from '../plugins.js';`
initial 2024-09-29 13:56:38 +02:00
			`import { RegistrationSessionManager } from './classes.registrationsessionmanager.js';`
			`import { logger } from './logging.js';`
			`import { User } from './classes.user.js';`

			`/**`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`* a RegistrationSession persists a sign up flow across restarts`
initial 2024-09-29 13:56:38 +02:00			`*/`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`@plugins.smartdata.Manager()`
			`export class RegistrationSession extends plugins.smartdata.SmartDataDbDoc<`
			`RegistrationSession,`
			`plugins.idpInterfaces.data.IRegistrationSession,`
			`RegistrationSessionManager`
			`> {`
			`public static hashToken(tokenArg: string) {`
			`return plugins.smarthash.sha256FromStringSync(tokenArg);`
			`}`

initial 2024-09-29 13:56:38 +02:00			`public static async createRegistrationSessionForEmail(`
			`emailArg: string`
			`) {`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`const newRegistrationSession = new RegistrationSession();`
			`newRegistrationSession.id = plugins.smartunique.shortId();`
			`newRegistrationSession.data.emailAddress = emailArg;`
			`newRegistrationSession.data.validUntil =`
			`Date.now() + plugins.smarttime.getMilliSecondsFromUnits({ minutes: 10 });`
			`newRegistrationSession.data.createdAt = Date.now();`

			`const emailValidationResult = await newRegistrationSession.validateEMailAddress().catch(() => {`
			`throw new plugins.typedrequest.TypedResponseError(`
			`'Error occured during email provider & dns validation'`
			`);`
			`});`

initial 2024-09-29 13:56:38 +02:00			`if (!emailValidationResult?.valid) {`
			`throw new plugins.typedrequest.TypedResponseError(`
			`'Email Address is not valid. Please use a correctly formated email address'`
			`);`
			`}`
			`if (emailValidationResult.disposable) {`
			`throw new plugins.typedrequest.TypedResponseError(`
			`'Email is disposable. Please use a non disposable email address.'`
			`);`
			`}`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00
			`const validationToken = await newRegistrationSession.sendTokenValidationEmail();`
			`newRegistrationSession.unhashedEmailToken = validationToken;`
initial 2024-09-29 13:56:38 +02:00			`return newRegistrationSession;`
			`}`

feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`@plugins.smartdata.unI()`
			`public id: string;`

			`@plugins.smartdata.svDb()`
			`public data: plugins.idpInterfaces.data.IRegistrationSession['data'] = {`
			`emailAddress: '',`
			`hashedEmailToken: '',`
			`smsCodeHash: null,`
			`smsvalidationCounter: 0,`
			`status: 'announced',`
			`validUntil: 0,`
			`createdAt: 0,`
			`collectedData: {`
			`userData: {`
			`username: null,`
			`connectedOrgs: [],`
			`email: null,`
			`name: null,`
			`status: null,`
			`mobileNumber: null,`
			`password: null,`
			`passwordHash: null,`
			`},`
			`},`
			`};`
initial 2024-09-29 13:56:38 +02:00
			`/**`
			`* only used during testing`
			`*/`
			`public unhashedEmailToken?: string;`

feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`public get emailAddress() {`
			`return this.data.emailAddress;`
			`}`
initial 2024-09-29 13:56:38 +02:00
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`public get status() {`
			`return this.data.status;`
			`}`

			`public set status(statusArg: plugins.idpInterfaces.data.TRegistrationSessionStatus) {`
			`this.data.status = statusArg;`
			`}`
initial 2024-09-29 13:56:38 +02:00
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`public get collectedData() {`
			`return this.data.collectedData;`
			`}`

			`public isExpired() {`
			`return this.data.validUntil < Date.now();`
initial 2024-09-29 13:56:38 +02:00			`}`

			`/**`
			`* validates a token by comparing its hash against the stored hashed token`
			`*/`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`public async validateEmailToken(tokenArg: string): Promise<boolean> {`
			`if (this.isExpired()) {`
			`await this.destroy();`
			`return false;`
initial 2024-09-29 13:56:38 +02:00			`}`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00
			`const result = this.data.hashedEmailToken === RegistrationSession.hashToken(tokenArg);`
			`if (result && this.data.status === 'announced') {`
			`this.data.status = 'emailValidated';`
			`this.data.collectedData.userData.email = this.data.emailAddress;`
			`await this.save();`
			`}`
			`if (!result && this.data.status === 'announced') {`
			`this.data.status = 'failed';`
			`await this.save();`
initial 2024-09-29 13:56:38 +02:00			`}`
			`return result;`
			`}`

			`/** validates the sms code */`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`public async validateSmsCode(smsCodeArg: string) {`
			`this.data.smsvalidationCounter++;`
			`const result = this.data.smsCodeHash === RegistrationSession.hashToken(smsCodeArg);`
			`if (this.data.status === 'emailValidated' && result) {`
			`this.data.status = 'mobileVerified';`
			`await this.save();`
initial 2024-09-29 13:56:38 +02:00			`return result;`
			`}`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00
			`if (this.data.smsvalidationCounter >= 5) {`
			`await this.destroy();`
			`throw new plugins.typedrequest.TypedResponseError(`
			`'Registration cancelled due to repeated wrong verification code submission'`
			`);`
			`}`

			`await this.save();`
			`return false;`
initial 2024-09-29 13:56:38 +02:00			`}`

			`public async validateEMailAddress(): Promise<plugins.smartmail.IEmailValidationResult> {`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`const result = await new plugins.smartmail.EmailAddressValidator().validate(this.data.emailAddress);`
initial 2024-09-29 13:56:38 +02:00			`return result;`
			`}`

			`public async sendTokenValidationEmail() {`
			`const uuidToSend = plugins.smartunique.uuid4();`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`this.data.hashedEmailToken = RegistrationSession.hashToken(uuidToSend);`
			`await this.save();`
			`this.manager.receptionRef.receptionMailer.sendRegistrationEmail(this, uuidToSend);`
			logger.log('info', `sent a validation email with a verification code to ${this.data.emailAddress}`);
			`return uuidToSend;`
initial 2024-09-29 13:56:38 +02:00			`}`

			`public async sendValidationSms() {`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`const smsCode =`
			`await this.manager.receptionRef.szPlatformClient.smsConnector.sendSmsVerifcation({`
			`fromName: this.manager.receptionRef.options.name,`
			`toNumber: parseInt(this.data.collectedData.userData.mobileNumber),`
			`});`
			`this.data.smsCodeHash = RegistrationSession.hashToken(smsCode);`
			`await this.save();`
			`return smsCode;`
initial 2024-09-29 13:56:38 +02:00			`}`

			`public async manifestUserWithAccountData(): Promise<User> {`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`if (this.data.status !== 'mobileVerified') {`
initial 2024-09-29 13:56:38 +02:00			`throw new plugins.typedrequest.TypedResponseError(`
			`'You can only manifest user that have a validated email Address and Mobile Number'`
			`);`
			`}`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`if (!this.data.collectedData) {`
initial 2024-09-29 13:56:38 +02:00			`throw new Error('You have to set the accountdata first');`
			`}`
feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`const manifestedUser = await this.manager.receptionRef.userManager.CUser.createNewUserForUserData(`
			`this.data.collectedData.userData as plugins.idpInterfaces.data.IUser['data']`
			`);`
			`this.data.status = 'registered';`
			`await this.save();`
initial 2024-09-29 13:56:38 +02:00			`return manifestedUser;`
			`}`

feat(reception): persist email action tokens and registration sessions for authentication and signup flows 2026-04-20 08:27:35 +00:00			`public async destroy() {`
			`await this.delete();`
initial 2024-09-29 13:56:38 +02:00			`}`
			`}`