build(user): update supertokens-node to 15.0.4

packages/firebase/package.json

@@ -49,7 +49,7 @@
     "mercurius": "12.2.0",
     "prettier": "2.8.8",
     "slonik": "37.2.0",
-    "supertokens-node": "14.1.3",
+    "supertokens-node": "15.0.4",
     "tsconfig": "0.64.0",
     "typescript": "4.9.5",
     "vite": "4.3.9",
@@ -64,7 +64,7 @@
     "firebase-admin": "12.0.0",
     "mercurius": "12.2.0",
     "slonik": ">=37.2.0",
-    "supertokens-node": ">=14.1.3",
+    "supertokens-node": ">=15.0.4",
     "zod": ">=3.21.4"
   },
   "engines": {

packages/multi-tenant/package.json

@@ -55,7 +55,7 @@
     "mercurius": "12.2.0",
     "prettier": "2.8.8",
     "slonik": "37.2.0",
-    "supertokens-node": "14.1.3",
+    "supertokens-node": "15.0.4",
     "tsconfig": "0.64.0",
     "typescript": "4.9.5",
     "vite": "4.3.9",
@@ -72,7 +72,7 @@
     "fastify-plugin": ">=4.3.0",
     "mercurius": ">=12.2.0",
     "slonik": ">=37.2.0",
-    "supertokens-node": ">=14.1.3",
+    "supertokens-node": ">=15.0.4",
     "zod": ">=3.21.4"
   },
   "engines": {

packages/multi-tenant/src/lib/updateContext.ts

@@ -1,3 +1,4 @@
+import { TENANT_ID } from "@dzangolab/fastify-user";
 import { wrapResponse } from "supertokens-node/framework/fastify";
 import Session from "supertokens-node/recipe/session";
 import UserRoles from "supertokens-node/recipe/userroles";
@@ -39,7 +40,7 @@ const updateContext = async (
       throw new Error("Unable to find user");
     }
 
-    const { roles } = await UserRoles.getRolesForUser(userId);
+    const { roles } = await UserRoles.getRolesForUser(TENANT_ID, userId);
 
     context.user = user;
     context.roles = roles;

packages/multi-tenant/src/model/tenants/handlers/all.ts

@@ -1,3 +1,4 @@
+import { TENANT_ID } from "@dzangolab/fastify-user";
 import UserRoles from "supertokens-node/recipe/userroles";
 
 import { ROLE_TENANT_OWNER } from "../../../constants";
@@ -24,7 +25,7 @@ const all = async (request: SessionRequest, reply: FastifyReply) => {
 
   const service = new Service(request.config, request.slonik, request.dbSchema);
 
-  const { roles } = await UserRoles.getRolesForUser(userId);
+  const { roles } = await UserRoles.getRolesForUser(TENANT_ID, userId);
 
   // [DU 2024-JAN-15] TODO: address the scenario in which a user possesses
   // both roles: ADMIN and TENANT_OWNER

packages/multi-tenant/src/model/tenants/handlers/tenant.ts

@@ -1,3 +1,4 @@
+import { TENANT_ID } from "@dzangolab/fastify-user";
 import UserRoles from "supertokens-node/recipe/userroles";
 
 import { ROLE_TENANT_OWNER } from "../../../constants";
@@ -24,7 +25,7 @@ const tenant = async (request: SessionRequest, reply: FastifyReply) => {
 
   const service = new Service(request.config, request.slonik, request.dbSchema);
 
-  const { roles } = await UserRoles.getRolesForUser(userId);
+  const { roles } = await UserRoles.getRolesForUser(TENANT_ID, userId);
 
   // [DU 2024-JAN-15] TODO: address the scenario in which a user possesses
   // both roles: ADMIN and TENANT_OWNER

packages/multi-tenant/src/model/tenants/handlers/tenants.ts

@@ -1,3 +1,4 @@
+import { TENANT_ID } from "@dzangolab/fastify-user";
 import UserRoles from "supertokens-node/recipe/userroles";
 
 import { ROLE_TENANT_OWNER } from "../../../constants";
@@ -24,7 +25,7 @@ const tenants = async (request: SessionRequest, reply: FastifyReply) => {
 
   const service = new Service(request.config, request.slonik, request.dbSchema);
 
-  const { roles } = await UserRoles.getRolesForUser(userId);
+  const { roles } = await UserRoles.getRolesForUser(TENANT_ID, userId);
 
   // [DU 2024-JAN-15] TODO: address the scenario in which a user possesses
   // both roles: ADMIN and TENANT_OWNER

packages/multi-tenant/src/model/tenants/resolver.ts

@@ -1,3 +1,4 @@
+import { TENANT_ID } from "@dzangolab/fastify-user";
 import mercurius from "mercurius";
 import UserRoles from "supertokens-node/recipe/userroles";
 
@@ -99,7 +100,7 @@ const Query = {
       context.dbSchema
     );
 
-    const { roles } = await UserRoles.getRolesForUser(userId);
+    const { roles } = await UserRoles.getRolesForUser(TENANT_ID, userId);
 
     // [DU 2024-JAN-15] TODO: address the scenario in which a user possesses
     // both roles: ADMIN and TENANT_OWNER
@@ -138,7 +139,7 @@ const Query = {
       context.dbSchema
     );
 
-    const { roles } = await UserRoles.getRolesForUser(userId);
+    const { roles } = await UserRoles.getRolesForUser(TENANT_ID, userId);
 
     // [DU 2024-JAN-15] TODO: address the scenario in which a user possesses
     // both roles: ADMIN and TENANT_OWNER
@@ -182,7 +183,7 @@ const Query = {
       context.dbSchema
     );
 
-    const { roles } = await UserRoles.getRolesForUser(userId);
+    const { roles } = await UserRoles.getRolesForUser(TENANT_ID, userId);
 
     // [DU 2024-JAN-15] TODO: address the scenario in which a user possesses
     // both roles: ADMIN and TENANT_OWNER

packages/multi-tenant/src/supertokens/recipes/third-party-email-password/emailPasswordSignUp.ts

@@ -1,4 +1,9 @@
-import { areRolesExist, sendEmail, verifyEmail } from "@dzangolab/fastify-user";
+import {
+  TENANT_ID,
+  areRolesExist,
+  sendEmail,
+  verifyEmail,
+} from "@dzangolab/fastify-user";
 import { deleteUser } from "supertokens-node";
 import EmailVerification from "supertokens-node/recipe/emailverification";
 import UserRoles from "supertokens-node/recipe/userroles";
@@ -82,6 +87,7 @@ const emailPasswordSignUp = (
 
       for (const role of roles) {
         const rolesResponse = await UserRoles.addRoleToUser(
+          TENANT_ID,
           originalResponse.user.id,
           role
         );
@@ -100,13 +106,15 @@ const emailPasswordSignUp = (
             // send email verification
             const tokenResponse =
               await EmailVerification.createEmailVerificationToken(
+                TENANT_ID,
                 originalResponse.user.id
               );
 
             if (tokenResponse.status === "OK") {
               // [DU 2023-SEP-4] We need to provide all the arguments.
               // emailVerifyLink is same as what would supertokens create.
               await EmailVerification.sendEmail({
+                tenantId: TENANT_ID,
                 type: "EMAIL_VERIFICATION",
                 user: {
                   id: originalResponse.user.id,

packages/multi-tenant/src/supertokens/recipes/third-party-email-password/thirdPartySignInUp.ts

@@ -1,4 +1,4 @@
-import { areRolesExist } from "@dzangolab/fastify-user";
+import { TENANT_ID, areRolesExist } from "@dzangolab/fastify-user";
 import { deleteUser } from "supertokens-node";
 import { getUserByThirdPartyInfo } from "supertokens-node/recipe/thirdpartyemailpassword";
 import UserRoles from "supertokens-node/recipe/userroles";
@@ -26,6 +26,7 @@ const thirdPartySignInUp = (
     }
 
     const thirdPartyUser = await getUserByThirdPartyInfo(
+      input.tenantId,
       input.thirdPartyId,
       input.thirdPartyUserId,
       input.userContext
@@ -58,6 +59,7 @@ const thirdPartySignInUp = (
 
       for (const role of roles) {
         const rolesResponse = await UserRoles.addRoleToUser(
+          TENANT_ID,
           originalResponse.user.id,
           role
         );

packages/multi-tenant/src/supertokens/recipes/third-party-email-password/thirdPartySignInUpPost.ts

@@ -123,14 +123,11 @@ const thirdPartySignInUpPOST = (
           });
       }
       return {
-        status: "OK",
-        createdNewUser: originalResponse.createdNewUser,
+        ...originalResponse,
         user: {
           ...originalResponse.user,
           ...user,
         },
-        session: originalResponse.session,
-        authCodeResponse: originalResponse.authCodeResponse,
       };
     }
 

packages/user/package.json

@@ -56,7 +56,7 @@
     "mercurius-auth": "4.0.0",
     "prettier": "2.8.8",
     "slonik": "37.2.0",
-    "supertokens-node": "14.1.3",
+    "supertokens-node": "15.0.4",
     "tsconfig": "0.64.0",
     "typescript": "4.9.5",
     "vite": "4.3.9",
@@ -74,7 +74,7 @@
     "mercurius": ">=12.2.0",
     "mercurius-auth": ">=4.0.0",
     "slonik": ">=37.2.0",
-    "supertokens-node": ">=14.1.3"
+    "supertokens-node": ">=15.0.4"
   },
   "engines": {
     "node": ">=16",

packages/user/src/constants.ts

@@ -42,6 +42,9 @@ const PERMISSIONS_USERS_DISABLE = "users:disable";
 const PERMISSIONS_USERS_ENABLE = "users:enable";
 const PERMISSIONS_USERS_LIST = "users:enable";
 
+// Supertokens
+const TENANT_ID = "public";
+
 export {
   EMAIL_VERIFICATION_MODE,
   EMAIL_VERIFICATION_PATH,
@@ -53,6 +56,7 @@ export {
   PERMISSIONS_USERS_DISABLE,
   PERMISSIONS_USERS_ENABLE,
   PERMISSIONS_USERS_LIST,
+  TENANT_ID,
   RESET_PASSWORD_PATH,
   ROLE_ADMIN,
   ROLE_SUPER_ADMIN,

packages/user/src/lib/hasUserPermission.ts

@@ -1,6 +1,6 @@
 import UserRoles from "supertokens-node/recipe/userroles";
 
-import { ROLE_SUPER_ADMIN } from "../constants";
+import { ROLE_SUPER_ADMIN, TENANT_ID } from "../constants";
 
 import type { FastifyInstance } from "fastify";
 
@@ -30,7 +30,7 @@ const hasUserPermission = async (
     return true;
   }
 
-  const { roles } = await UserRoles.getRolesForUser(userId);
+  const { roles } = await UserRoles.getRolesForUser(TENANT_ID, userId);
 
   // Allow if user has super admin role
   if (roles && roles.includes(ROLE_SUPER_ADMIN)) {

packages/user/src/lib/verifyEmail.ts

@@ -1,15 +1,21 @@
 import EmailVerification from "supertokens-node/recipe/emailverification";
 
+import { TENANT_ID } from "../constants";
+
 /**
  * Auto verify user email.
  */
 const verifyEmail = async (userId: string) => {
   const tokenResponse = await EmailVerification.createEmailVerificationToken(
+    TENANT_ID,
     userId
   );
 
   if (tokenResponse.status === "OK") {
-    await EmailVerification.verifyEmailUsingToken(tokenResponse.token);
+    await EmailVerification.verifyEmailUsingToken(
+      TENANT_ID,
+      tokenResponse.token
+    );
   }
 };
 

packages/user/src/model/invitations/handlers/acceptInvitation.ts

@@ -2,6 +2,7 @@ import { formatDate } from "@dzangolab/fastify-slonik";
 import { createNewSession } from "supertokens-node/recipe/session";
 import { emailPasswordSignUp } from "supertokens-node/recipe/thirdpartyemailpassword";
 
+import { TENANT_ID } from "../../../constants";
 import getInvitationService from "../../../lib/getInvitationService";
 import isInvitationValid from "../../../lib/isInvitationValid";
 import validateEmail from "../../../validator/email";
@@ -70,10 +71,15 @@ const acceptInvitation = async (
     }
 
     // signup
-    const signUpResponse = await emailPasswordSignUp(email, password, {
-      roles: [invitation.role],
-      autoVerifyEmail: true,
-    });
+    const signUpResponse = await emailPasswordSignUp(
+      TENANT_ID,
+      email,
+      password,
+      {
+        roles: [invitation.role],
+        autoVerifyEmail: true,
+      }
+    );
 
     if (signUpResponse.status !== "OK") {
       return reply.send(signUpResponse);
@@ -96,7 +102,7 @@ const acceptInvitation = async (
     }
 
     // create new session so the user be logged in on signup
-    await createNewSession(request, reply, signUpResponse.user.id);
+    await createNewSession(request, reply, TENANT_ID, signUpResponse.user.id);
 
     reply.send({
       ...signUpResponse,

packages/user/src/model/invitations/resolver.ts

@@ -3,7 +3,7 @@ import mercurius from "mercurius";
 import { createNewSession } from "supertokens-node/recipe/session";
 import { emailPasswordSignUp } from "supertokens-node/recipe/thirdpartyemailpassword";
 
-import { ROLE_USER } from "../../constants";
+import { ROLE_USER, TENANT_ID } from "../../constants";
 import computeInvitationExpiresAt from "../../lib/computeInvitationExpiresAt";
 import getInvitationService from "../../lib/getInvitationService";
 import isInvitationValid from "../../lib/isInvitationValid";
@@ -80,10 +80,15 @@ const Mutation = {
       }
 
       // signup
-      const signUpResponse = await emailPasswordSignUp(email, password, {
-        roles: [invitation.role],
-        autoVerifyEmail: true,
-      });
+      const signUpResponse = await emailPasswordSignUp(
+        TENANT_ID,
+        email,
+        password,
+        {
+          roles: [invitation.role],
+          autoVerifyEmail: true,
+        }
+      );
 
       if (signUpResponse.status !== "OK") {
         return signUpResponse;
@@ -106,7 +111,12 @@ const Mutation = {
       }
 
       // create new session so the user be logged in on signup
-      await createNewSession(reply.request, reply, signUpResponse.user.id);
+      await createNewSession(
+        reply.request,
+        reply,
+        TENANT_ID,
+        signUpResponse.user.id
+      );
 
       return {
         ...signUpResponse,

packages/user/src/model/roles/service.ts

@@ -1,5 +1,6 @@
 import UserRoles from "supertokens-node/recipe/userroles";
 
+import { TENANT_ID } from "../../constants";
 import CustomApiError from "../../customApiError";
 
 class RoleService {
@@ -15,7 +16,7 @@ class RoleService {
   deleteRole = async (
     role: string
   ): Promise<{ status: "OK"; didRoleExist: boolean }> => {
-    const response = await UserRoles.getUsersThatHaveRole(role);
+    const response = await UserRoles.getUsersThatHaveRole(TENANT_ID, role);
 
     if (response.status === "UNKNOWN_ROLE_ERROR") {
       throw new CustomApiError({