packages/trpc/server/auth-router/schema.ts

import { z } from 'zod';

import { ZFindSearchParamsSchema } from '@documenso/lib/types/search-params';
import { ZRegistrationResponseJSONSchema } from '@documenso/lib/types/webauthn';

export const ZCurrentPasswordSchema = z
  .string()
  .min(6, { message: 'Must be at least 6 characters in length' })
  .max(72);

export const ZPasswordSchema = z
  .string()
  .min(8, { message: 'Must be at least 8 characters in length' })
  .max(72, { message: 'Cannot be more than 72 characters in length' })
  .refine((value) => value.length > 25 || /[A-Z]/.test(value), {
    message: 'One uppercase character',
  })
  .refine((value) => value.length > 25 || /[a-z]/.test(value), {
    message: 'One lowercase character',
  })
  .refine((value) => value.length > 25 || /\d/.test(value), {
    message: 'One number',
  })
  .refine((value) => value.length > 25 || /[`~<>?,./!@#$%^&*()\-_"'+=|{}[\];:\\]/.test(value), {
    message: 'One special character is required',
  });

export const ZSignUpMutationSchema = z.object({
  name: z.string().min(1),
  email: z.string().email(),
  password: ZPasswordSchema,
  signature: z.string().nullish(),
  url: z
    .string()
    .trim()
    .toLowerCase()
    .min(1)
    .regex(/^[a-z0-9-]+$/, {
      message: 'Username can only container alphanumeric characters and dashes.',
    })
    .optional(),
});

export const ZCreatePasskeyMutationSchema = z.object({
  passkeyName: z.string().trim().min(1),
  verificationResponse: ZRegistrationResponseJSONSchema,
});

export const ZCreatePasskeyAuthenticationOptionsMutationSchema = z
  .object({
    preferredPasskeyId: z.string().optional(),
  })
  .optional();

export const ZDeletePasskeyMutationSchema = z.object({
  passkeyId: z.string().trim().min(1),
});

export const ZUpdatePasskeyMutationSchema = z.object({
  passkeyId: z.string().trim().min(1),
  name: z.string().trim().min(1),
});

export const ZFindPasskeysQuerySchema = ZFindSearchParamsSchema.extend({
  orderBy: z
    .object({
      column: z.enum(['createdAt', 'updatedAt', 'name']),
      direction: z.enum(['asc', 'desc']),
    })
    .optional(),
});

export type TSignUpMutationSchema = z.infer<typeof ZSignUpMutationSchema>;

export const ZVerifyPasswordMutationSchema = ZSignUpMutationSchema.pick({ password: true });
wip: refresh design 2023-06-09 18:21:18 +10:00			`import { z } from 'zod';`

fix: refactor search routes (#1529) Refactor find endpoints to be consistent in terms of input and output. 2024-12-11 19:39:50 +09:00			`import { ZFindSearchParamsSchema } from '@documenso/lib/types/search-params';`
feat: add passkeys (#989) ## Description Add support to login with passkeys. Passkeys can be added via the user security settings page. Note: Currently left out adding the type of authentication method for the 'user security audit logs' because we're using the `signIn` next-auth event which doesn't appear to provide the context. Will look into it at another time. ## Changes Made - Add passkeys to login - Add passkeys feature flag - Add page to manage passkeys - Add audit logs relating to passkeys - Updated prisma schema to support passkeys & anonymous verification tokens ## Testing Performed To be done. MacOS: - Safari ✅ - Chrome ✅ - Firefox ✅ Windows: - Chrome [Untested] - Firefox [Untested] Linux: - Chrome [Untested] - Firefox [Untested] iOS: - Safari ✅ ## Checklist <!--- Please check the boxes that apply to this pull request. --> <!--- You can add or remove items as needed. --> - [X] I have tested these changes locally and they work as expected. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced Passkey authentication, including creation, sign-in, and management of passkeys. - Added a Passkeys section in Security Settings for managing user passkeys. - Implemented UI updates for Passkey authentication, including a new dialog for creating passkeys and a data table for managing them. - Enhanced security settings with server-side feature flags to conditionally display new security features. - Bug Fixes - Improved UI consistency in the Settings Security Activity Page. - Updated button styling in the 2FA Recovery Codes component for better visibility. - Refactor - Streamlined authentication options to include WebAuthn credentials provider. - Chores - Updated database schema to support passkeys and related functionality. - Added new audit log types for passkey-related activities. - Enhanced server-only authentication utilities for passkey registration and management. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2024-03-26 21:11:59 +08:00			`import { ZRegistrationResponseJSONSchema } from '@documenso/lib/types/webauthn';`

feat: added password validation (#469) This PR Fixes #464 2024-01-30 06:12:52 +05:30			`export const ZCurrentPasswordSchema = z`
			`.string()`
			`.min(6, { message: 'Must be at least 6 characters in length' })`
			`.max(72);`

			`export const ZPasswordSchema = z`
			`.string()`
			`.min(8, { message: 'Must be at least 8 characters in length' })`
feat: additional valid password (#1456) 2024-12-27 06:02:45 +01:00			`.max(72, { message: 'Cannot be more than 72 characters in length' })`
			`.refine((value) => value.length > 25 \|\| /[A-Z]/.test(value), {`
			`message: 'One uppercase character',`
			`})`
			`.refine((value) => value.length > 25 \|\| /[a-z]/.test(value), {`
			`message: 'One lowercase character',`
			`})`
			`.refine((value) => value.length > 25 \|\| /\d/.test(value), {`
			`message: 'One number',`
			`})`
			.refine((value) => value.length > 25 \|\| /[`~<>?,./!@#$%^&*()\-_"'+=\|{}[\];:\\]/.test(value), {
			`message: 'One special character is required',`
			`});`
feat: added password validation (#469) This PR Fixes #464 2024-01-30 06:12:52 +05:30
wip: refresh design 2023-06-09 18:21:18 +10:00			`export const ZSignUpMutationSchema = z.object({`
			`name: z.string().min(1),`
			`email: z.string().email(),`
feat: added password validation (#469) This PR Fixes #464 2024-01-30 06:12:52 +05:30			`password: ZPasswordSchema,`
feat: add cta on complete page (#1028) ![CleanShot 2024-03-18 at 11 45 40](https://github.com/documenso/documenso/assets/25515812/ae3b88de-359d-4019-866a-a76097bbb0fe) ![CleanShot 2024-03-18 at 11 46 25](https://github.com/documenso/documenso/assets/25515812/b5ff7078-623e-476c-8800-17d14bc8efa9) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced a "Claim Account" feature allowing new users to sign up by providing their name, email, and password. - Enhanced user experience for both logged-in and non-logged-in users with improved UI/UX and additional functionality. - Enhancements - Implemented form validation and error handling for a smoother sign-up process. - Integrated analytics to track user actions during account claiming. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Lucas Smith <me@lucasjamessmith.me> Co-authored-by: David Nguyen <davidngu28@gmail.com> 2024-04-11 10:09:04 +03:00			`signature: z.string().nullish(),`
fix: update signup mutation schema 2024-02-29 14:13:37 +11:00			`url: z`
			`.string()`
			`.trim()`
			`.toLowerCase()`
			`.min(1)`
			`.regex(/^[a-z0-9-]+$/, {`
			`message: 'Username can only container alphanumeric characters and dashes.',`
			`})`
			`.optional(),`
wip: refresh design 2023-06-09 18:21:18 +10:00			`});`

feat: add passkeys (#989) ## Description Add support to login with passkeys. Passkeys can be added via the user security settings page. Note: Currently left out adding the type of authentication method for the 'user security audit logs' because we're using the `signIn` next-auth event which doesn't appear to provide the context. Will look into it at another time. ## Changes Made - Add passkeys to login - Add passkeys feature flag - Add page to manage passkeys - Add audit logs relating to passkeys - Updated prisma schema to support passkeys & anonymous verification tokens ## Testing Performed To be done. MacOS: - Safari ✅ - Chrome ✅ - Firefox ✅ Windows: - Chrome [Untested] - Firefox [Untested] Linux: - Chrome [Untested] - Firefox [Untested] iOS: - Safari ✅ ## Checklist <!--- Please check the boxes that apply to this pull request. --> <!--- You can add or remove items as needed. --> - [X] I have tested these changes locally and they work as expected. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced Passkey authentication, including creation, sign-in, and management of passkeys. - Added a Passkeys section in Security Settings for managing user passkeys. - Implemented UI updates for Passkey authentication, including a new dialog for creating passkeys and a data table for managing them. - Enhanced security settings with server-side feature flags to conditionally display new security features. - Bug Fixes - Improved UI consistency in the Settings Security Activity Page. - Updated button styling in the 2FA Recovery Codes component for better visibility. - Refactor - Streamlined authentication options to include WebAuthn credentials provider. - Chores - Updated database schema to support passkeys and related functionality. - Added new audit log types for passkey-related activities. - Enhanced server-only authentication utilities for passkey registration and management. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2024-03-26 21:11:59 +08:00			`export const ZCreatePasskeyMutationSchema = z.object({`
			`passkeyName: z.string().trim().min(1),`
			`verificationResponse: ZRegistrationResponseJSONSchema,`
			`});`

feat: add passkey and 2FA document action auth options (#1065) ## Description Add the following document action auth options: - 2FA - Passkey If the user does not have the required auth setup, we onboard them directly. ## Changes made Note: Added secondaryId to the VerificationToken schema ## Testing Performed Tested locally, pending preview tests ## Checklist - [X] I have tested these changes locally and they work as expected. - [X] I have added/updated tests that prove the effectiveness of these changes. - [X] I have followed the project's coding style guidelines. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced components for 2FA, account, and passkey authentication during document signing. - Added "Require passkey" option to document settings and signer authentication settings. - Enhanced form submission and loading states for improved user experience. - Refactor - Optimized authentication components to efficiently support multiple authentication methods. - Chores - Updated and renamed functions and components for clarity and consistency across the authentication system. - Refined sorting options and database schema to support new authentication features. - Bug Fixes - Adjusted SignInForm to verify browser support for WebAuthn before proceeding. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2024-03-31 15:49:12 +08:00			`export const ZCreatePasskeyAuthenticationOptionsMutationSchema = z`
			`.object({`
			`preferredPasskeyId: z.string().optional(),`
			`})`
			`.optional();`

feat: add passkeys (#989) ## Description Add support to login with passkeys. Passkeys can be added via the user security settings page. Note: Currently left out adding the type of authentication method for the 'user security audit logs' because we're using the `signIn` next-auth event which doesn't appear to provide the context. Will look into it at another time. ## Changes Made - Add passkeys to login - Add passkeys feature flag - Add page to manage passkeys - Add audit logs relating to passkeys - Updated prisma schema to support passkeys & anonymous verification tokens ## Testing Performed To be done. MacOS: - Safari ✅ - Chrome ✅ - Firefox ✅ Windows: - Chrome [Untested] - Firefox [Untested] Linux: - Chrome [Untested] - Firefox [Untested] iOS: - Safari ✅ ## Checklist <!--- Please check the boxes that apply to this pull request. --> <!--- You can add or remove items as needed. --> - [X] I have tested these changes locally and they work as expected. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced Passkey authentication, including creation, sign-in, and management of passkeys. - Added a Passkeys section in Security Settings for managing user passkeys. - Implemented UI updates for Passkey authentication, including a new dialog for creating passkeys and a data table for managing them. - Enhanced security settings with server-side feature flags to conditionally display new security features. - Bug Fixes - Improved UI consistency in the Settings Security Activity Page. - Updated button styling in the 2FA Recovery Codes component for better visibility. - Refactor - Streamlined authentication options to include WebAuthn credentials provider. - Chores - Updated database schema to support passkeys and related functionality. - Added new audit log types for passkey-related activities. - Enhanced server-only authentication utilities for passkey registration and management. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2024-03-26 21:11:59 +08:00			`export const ZDeletePasskeyMutationSchema = z.object({`
			`passkeyId: z.string().trim().min(1),`
			`});`

			`export const ZUpdatePasskeyMutationSchema = z.object({`
			`passkeyId: z.string().trim().min(1),`
			`name: z.string().trim().min(1),`
			`});`

fix: refactor search routes (#1529) Refactor find endpoints to be consistent in terms of input and output. 2024-12-11 19:39:50 +09:00			`export const ZFindPasskeysQuerySchema = ZFindSearchParamsSchema.extend({`
feat: add passkeys (#989) ## Description Add support to login with passkeys. Passkeys can be added via the user security settings page. Note: Currently left out adding the type of authentication method for the 'user security audit logs' because we're using the `signIn` next-auth event which doesn't appear to provide the context. Will look into it at another time. ## Changes Made - Add passkeys to login - Add passkeys feature flag - Add page to manage passkeys - Add audit logs relating to passkeys - Updated prisma schema to support passkeys & anonymous verification tokens ## Testing Performed To be done. MacOS: - Safari ✅ - Chrome ✅ - Firefox ✅ Windows: - Chrome [Untested] - Firefox [Untested] Linux: - Chrome [Untested] - Firefox [Untested] iOS: - Safari ✅ ## Checklist <!--- Please check the boxes that apply to this pull request. --> <!--- You can add or remove items as needed. --> - [X] I have tested these changes locally and they work as expected. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced Passkey authentication, including creation, sign-in, and management of passkeys. - Added a Passkeys section in Security Settings for managing user passkeys. - Implemented UI updates for Passkey authentication, including a new dialog for creating passkeys and a data table for managing them. - Enhanced security settings with server-side feature flags to conditionally display new security features. - Bug Fixes - Improved UI consistency in the Settings Security Activity Page. - Updated button styling in the 2FA Recovery Codes component for better visibility. - Refactor - Streamlined authentication options to include WebAuthn credentials provider. - Chores - Updated database schema to support passkeys and related functionality. - Added new audit log types for passkey-related activities. - Enhanced server-only authentication utilities for passkey registration and management. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2024-03-26 21:11:59 +08:00			`orderBy: z`
			`.object({`
			`column: z.enum(['createdAt', 'updatedAt', 'name']),`
			`direction: z.enum(['asc', 'desc']),`
			`})`
			`.optional(),`
			`});`

wip: refresh design 2023-06-09 18:21:18 +10:00			`export type TSignUpMutationSchema = z.infer<typeof ZSignUpMutationSchema>;`
feat: add two factor auth (#643) Add two factor authentication for users who wish to enhance the security of their accounts. 2023-12-01 05:52:16 +05:30
			`export const ZVerifyPasswordMutationSchema = ZSignUpMutationSchema.pick({ password: true });`