"use strict"; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); const express_1 = __importDefault(require("express")); const zod_1 = require("zod"); const express_rate_limit_1 = __importDefault(require("express-rate-limit")); const auth_service_1 = require("../services/auth.service"); const auth_middleware_1 = require("../middleware/auth.middleware"); const logger_1 = require("../lib/logger"); const router = express_1.default.Router(); const authService = new auth_service_1.AuthService(); const authLimiter = (0, express_rate_limit_1.default)({ windowMs: 15 * 60 * 1000, max: 5, message: { success: false, error: 'Too many authentication attempts', message: 'Please try again later' }, standardHeaders: true, legacyHeaders: false, }); const registerLimiter = (0, express_rate_limit_1.default)({ windowMs: 60 * 60 * 1000, max: 3, message: { success: false, error: 'Too many registration attempts', message: 'Please try again later' }, }); const loginSchema = zod_1.z.object({ email: zod_1.z.string().email('Invalid email address'), password: zod_1.z.string().min(8, 'Password must be at least 8 characters'), }); const registerSchema = zod_1.z.object({ email: zod_1.z.string().email('Invalid email address'), name: zod_1.z.string().min(2, 'Name must be at least 2 characters'), password: zod_1.z.string().min(8, 'Password must be at least 8 characters'), organizationName: zod_1.z.string().min(2, 'Organization name must be at least 2 characters').optional(), }); router.post('/login', authLimiter, async (req, res) => { try { const validatedData = loginSchema.parse(req.body); const { user, token } = await authService.login(validatedData); res.cookie('auth_token', token, { httpOnly: true, secure: process.env.NODE_ENV === 'production', sameSite: 'strict', maxAge: 7 * 24 * 60 * 60 * 1000, path: '/', }); logger_1.logger.info(`Successful login: ${user.email}`); res.json({ success: true, status: 200, data: { user, token, }, message: 'Login successful' }); } catch (error) { logger_1.logger.warn('Login failed:', error); if (error instanceof zod_1.z.ZodError) { return res.status(400).json({ success: false, error: 'Validation error', message: error.errors[0]?.message || 'Invalid input', details: error.errors }); } res.status(400).json({ success: false, error: 'Login failed', message: error instanceof Error ? error.message : 'Invalid credentials' }); } }); router.post('/register', registerLimiter, async (req, res) => { try { const validatedData = registerSchema.parse(req.body); const user = await authService.register(validatedData); logger_1.logger.info(`New user registered: ${user.email}`); res.status(201).json({ success: true, status: 201, data: { user }, message: 'Registration successful' }); } catch (error) { logger_1.logger.warn('Registration failed:', error); if (error instanceof zod_1.z.ZodError) { return res.status(400).json({ success: false, error: 'Validation error', message: error.errors[0]?.message || 'Invalid input', details: error.errors }); } const statusCode = error instanceof Error && error.message === 'User already exists' ? 409 : 400; res.status(statusCode).json({ success: false, error: 'Registration failed', message: error instanceof Error ? error.message : 'Registration failed' }); } }); router.post('/logout', (req, res) => { res.clearCookie('auth_token', { httpOnly: true, secure: process.env.NODE_ENV === 'production', sameSite: 'strict', path: '/', }); logger_1.logger.info('User logged out'); res.json({ success: true, status: 200, message: 'Logout successful' }); }); router.get('/me', auth_middleware_1.requireAuth, (req, res) => { res.json({ success: true, status: 200, data: { user: req.user } }); }); router.put('/me', auth_middleware_1.requireAuth, async (req, res) => { try { const updateSchema = zod_1.z.object({ name: zod_1.z.string().min(2).optional(), email: zod_1.z.string().email().optional(), }); const validatedData = updateSchema.parse(req.body); logger_1.logger.info(`Profile update requested by user: ${req.user.email}`); res.json({ success: true, status: 200, data: { user: req.user }, message: 'Profile update will be implemented in a future phase' }); } catch (error) { if (error instanceof zod_1.z.ZodError) { return res.status(400).json({ success: false, error: 'Validation error', message: error.errors[0]?.message || 'Invalid input', details: error.errors }); } res.status(500).json({ success: false, error: 'Update failed', message: 'Failed to update profile' }); } }); router.post('/refresh', auth_middleware_1.requireAuth, (req, res) => { try { const token = authService.generateToken(req.user.id, req.user.email); res.cookie('auth_token', token, { httpOnly: true, secure: process.env.NODE_ENV === 'production', sameSite: 'strict', maxAge: 7 * 24 * 60 * 60 * 1000, path: '/', }); res.json({ success: true, status: 200, data: { token }, message: 'Token refreshed successfully' }); } catch (error) { logger_1.logger.error('Token refresh failed:', error); res.status(500).json({ success: false, error: 'Refresh failed', message: 'Failed to refresh token' }); } }); exports.default = router; //# sourceMappingURL=auth.routes.js.map