DEV Community: Alireza Behnam Shiva The latest articles on DEV Community by Alireza Behnam Shiva (@alireza_behnamshiva_bdeb). https://dev.to/alireza_behnamshiva_bdeb https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3638463%2F305a2910-1f5f-4a9b-b229-d97ffc180387.jpg DEV Community: Alireza Behnam Shiva https://dev.to/alireza_behnamshiva_bdeb en TrustedCloud Documentation Alireza Behnam Shiva Mon, 01 Dec 2025 10:47:20 +0000 https://dev.to/alireza_behnamshiva_bdeb/trustedcloud-backend-documentation-4nd4 https://dev.to/alireza_behnamshiva_bdeb/trustedcloud-backend-documentation-4nd4 <p><strong>Table Of Contents</strong></p> <ol> <li>Introduction</li> <li>System Overview <ol> <li>Technology Stack</li> <li>Database</li> <li>Authentication</li> <li>Authorization</li> <li>Back-end Flows Structure <ul> <li>Entry points : uibuilder integration</li> <li>Action Dispatching With Switch Nodes</li> <li>Internal Feature Workflows (Tabs)</li> <li>Role-Based Authorization Flows</li> <li>Database Operations Layer</li> <li>Response Routing Back to UI</li> </ul> </li> </ol> </li> <li>Workflows <ol> <li>Main </li> <li>Sign-up </li> <li>Login </li> <li>Forget Password</li> <li>User Dashboard Data <ul> <li>How Users Get their Dashboard Data ?</li> <li>Applicant Dashboard Data</li> <li>Applicant &amp; Auditor Dashboard Data</li> <li>Applicant &amp; Approver Dashboard Data</li> <li>Get User’s Dashboard Data using API</li> </ul> </li> <li>Dashboard Requests <ul> <li>How Dashboard Requests Are Handled ?</li> <li>Create Draft</li> <li>Update Draft</li> <li>Get Draft</li> <li>Delete Draft</li> <li>Create request</li> <li>Edit Request</li> <li>Archive Request</li> <li>Audit Request</li> <li>Approve Request</li> <li>Set Role</li> <li>Edit Profile</li> <li>Update Avatar</li> <li>Logout</li> </ul> </li> </ol> </li> <li>Database <ol> <li>Collections</li> <li>Documents</li> <li>TTL Index</li> <li>Index</li> </ol> </li> </ol> <h1> Introduction </h1> <p>Trusted Cloud is a role‑based onboarding system that helps users register, submit onboarding requests, and go through auditing and approval steps. Each user gets access to a dashboard and features that match their role, so the system stays both secure and easy to use.</p> <p>Users can have one or more of these roles:</p> <ul> <li>Applicant</li> <li>Applicant &amp; Auditor</li> <li>Applicant &amp; Approver</li> <li>Admin</li> </ul> <p>Based on their role, They have a dashboard which displays the onboarding requests in their panel.</p> <p>Each role controls what the user can see and do:</p> <ol> <li>Applicants can create requests, save drafts, and view only their own data.</li> <li>Auditors can see every request in the system and perform audits.</li> <li>Approvers can view audited requests and make final decisions.</li> <li>Admins have full access, including role management and complete visibility over users and requests.</li> </ol> <p>Every onboarding request goes through a simple lifecycle:</p> <ul> <li>Pending</li> <li>Audited</li> <li>Approved</li> <li>Rejected</li> </ul> <p>Applicants submit requests, Auditors review them, and Approvers finalize the outcome.</p> <p>Alongside the request workflow, Trusted Cloud includes essential account features:</p> <ul> <li>Email‑verified sign‑up</li> <li>Login with token‑based sessions</li> <li>Reset password by email code</li> <li>Profile and avatar editing</li> <li>Draft saving and editing for multi‑step forms</li> <li>Logout and token cleanup</li> </ul> <h1> System Overview </h1> <h2> Technology Stack </h2> <p>Trusted Cloud is built using a combination of Node‑RED’s built‑in capabilities and carefully selected third‑party nodes. JavaScript serves as the core language for both backend logic and custom function nodes. The following technologies form the foundation of the platform:</p> <ol> <li> <p>Node‑RED</p> <p>Used extensively for authentication, authorization, request handling, routing, and internal operations. Built‑in nodes, along with custom Function nodes, define the majority of the application’s logic.</p> </li> <li> <p>MongoDB</p> <p>Acts as the primary database for persisting user profiles, requests, drafts, and system data. The platform uses the node‑red‑contrib‑mongodb4 module, which provides a shared MongoDB client for reliable and secure connections via configured credentials.</p> </li> <li> <p>Bcrypt</p> <p>The node‑red‑contrib‑bcrypt module is used for hashing and verifying user passwords. It ensures secure password storage and follows industry‑standard cryptographic practices.</p> </li> <li> <p>UIBUILDER</p> <p>The main frontend integration layer. All incoming client requests pass through the node‑red‑contrib‑uibuilder nodes, and all backend responses are routed back through the same channel. It acts as the bridge between UI actions and backend workflows.</p> </li> <li> <p>Email</p> <p>Trusted Cloud uses the node‑red‑node‑email module to send transactional emails, including account verification and password‑reset notifications. It ensures reliable communication with users during key account lifecycle events.</p> </li> </ol> <h2> Database </h2> <p>Trusted Cloud communicates directly with MongoDB, using it as the primary storage layer for all user data, onboarding requests, and system‑generated records. Backend flows perform essential CRUD operations through Node‑RED’s MongoDB nodes, and most frontend actions require direct interaction with these database operations.</p> <p>Trusted Cloud uses the following five collections to organize and persist data:</p> <ol> <li> <p>Users</p> <p>Stores user accounts, authentication tokens, roles, and profile information. This collection holds all core identity and authorization data for the platform.</p> </li> <li> <p>Requests</p> <p>Contains all onboarding requests created by Applicants. It also stores review information from Auditors and Approvers, including decisions, comments, and status updates throughout the request lifecycle.</p> </li> <li> <p>Drafts</p> <p>Maintains partially completed or unsubmitted onboarding requests. This allows Applicants to save progress and continue their request at a later time.</p> </li> <li> <p>ResetPasswordCodes</p> <p>Temporarily stores verification codes sent to users who initiate the password reset process. These codes are short‑lived and cleared after use or expiration.</p> </li> <li> <p>EmailVerificationCodes</p> <p>Temporarily stores email verification codes used during the account creation (sign‑up) process. These entries ensure that only verified email addresses can be used to create an account.</p> </li> </ol> <h2> Authentication </h2> <p>Trusted Cloud uses a token‑based authentication mechanism to manage both user identity and access control. When a user provides valid login credentials, the system generates a fresh access token and returns it to the frontend. The frontend stores this token in a cookie.</p> <p>For every subsequent dashboard request, the frontend automatically sends this token back to the backend. Backend flows validate the token on each request to ensure that:</p> <ul> <li>the token exists</li> <li>the token belongs to a valid user</li> <li>the token has not expired</li> </ul> <p>Only after these checks are passed does the backend allow access to protected routes such as dashboard actions, request creation, auditing, and approval operations. If the token is missing, invalid, or expired, the user is considered unauthenticated and is redirected to the login process.</p> <h2> Authorization </h2> <p>All backend routes in Trusted Cloud are protected and require a valid access token before they can be executed. Every request coming from the frontend passes through a uibuilder entry point. As soon as the request reaches the backend, the authorization process begins.</p> <p>The system performs two initial checks:</p> <ol> <li> <p>Token Validity</p> <p>Ensures the provided token exists and belongs to a registered user.</p> </li> <li> <p>Token Expiry</p> <p>Verifies that the token has not expired and is still within its valid timeframe.</p> </li> </ol> <p>If any of these checks fail, the user is immediately treated as unauthorized and is redirected to the login process.</p> <p>If the token is valid and active, the request continues to the appropriate flow responsible for the specific action—whether it is accessing the dashboard, creating a request, auditing, approving, or managing drafts.</p> <p>This ensures that only authenticated and authorized users can interact with protected backend workflows.</p> <h2> Back-End Flows Structure </h2> <p>Trusted Cloud’s backend is organized into a large set of interconnected flows. Each flow represents a specific backend capability—such as authentication, request management, dashboard data retrieval, or profile updates. The goal of the architecture is to keep every feature isolated, easy to follow, and consistent with a unified message-routing pattern.</p> <p>The flows are grouped into multiple tabs that together form the entire Trusted Cloud backend. While each tab focuses on a particular domain, the overall structure can be understood through three layers: <strong>entry points, internal workflows, and response routing</strong>.</p> <h3> 1. Entry Points: UIBUILDER Nodes </h3> <p>Every backend operation begins when the frontend sends a message through a uibuilder node. Trusted Cloud uses two major uibuilder nodes:</p> <ul> <li> <strong>login uibuilder</strong> (for sign-up, login, and password-reset actions)</li> <li> <strong>dashboard uibuilder</strong> (for authenticated dashboards, role-based panels, request actions, profile updates)</li> </ul> <p>These uibuilder nodes receive the message from the frontend and immediately pass it into the Node‑RED flow system. Each incoming message includes:</p> <ul> <li>the request type (msg.type)</li> <li>the user’s access token (if authenticated)</li> <li>the request body data</li> </ul> <p>The system uses these values to determine which backend workflow must be executed next.</p> <h3> 2. Identifying Action (Request type) With Switch Nodes </h3> <p>Directly after entering through uibuilder and authorization step, each inbound message flows into a <strong>central router</strong>— A switch node that checks the <code>msg.type</code> value.</p> <p>The TC-Main tab contains 2 switch nodes with multiple outputs, routing actions with a specific request type (msg.type).</p> <p>Each output of the Switch node connects to a dedicated <strong>link out</strong> node.</p> <p>Each of these link-out nodes then forwards the message into the dedicated workflow for that feature using corresponding <strong>link in</strong> nodes on other tabs.</p> <p>This structure ensures that:</p> <ul> <li>a single uibuilder entry point can serve many features</li> <li>each feature remains isolated and clean</li> <li>new actions can be added easily without changing existing flows</li> </ul> <h3> 3. Internal Feature Workflows (Tabs) </h3> <p>Trusted Cloud back-end structure uses multiple tabs, each implementing one complete backend feature and dividing flows into logical sections.</p> <p>Examples include:</p> <ul> <li>TC-Main : Entry point of the app. Receives front-end requests and routes the incoming msg.</li> <li>TC-Signup (multi-step email verification + user creation)</li> <li>TC-Login (token creation and verifying user credentials)</li> <li>TC-ForgetPassword (send code, verify code, set new password)</li> <li>TC-GetDashboard (generate dashboard data based on user’s role)</li> <li>TC-RequestHandling (handles incoming request from dashboard like: request submission, audition , approval and …)</li> <li>TC-EditProfile ( handles updating user profile and avatar)</li> <li>TC-API ( provides 2 endpoints for authentication and getting user’s dashboard data)</li> </ul> <p>Each of these tabs includes a fully contained workflow that begins with a <strong>link in</strong> node and ends with a response back to the correct uibuilder using a <strong>link out</strong> node.</p> <h3> 4. Role-Based Authorization Flows </h3> <p>During authentication flow, The user’s role is detected and once the user is authenticated, all getting dashboard data requests are routed through a role-checking step. The backend extracts the user’s role from the token and determines whether the user is an:</p> <ul> <li>Applicant</li> <li>Applicant &amp; Auditor</li> <li>Applicant &amp; Approver</li> <li>Admin</li> </ul> <p>Based on this, the request is forwarded to the correct dashboard data flow for handling.</p> <p>This role-routing is implemented through “Find Roles” function nodes and multiple Switch nodes wired to the respective flows.</p> <h3> 5. Database Operations Layer </h3> <p>Almost every workflow interacts with MongoDB using the <code>node-red-contrib-mongodb4</code> nodes. The typical operations include:</p> <ul> <li>finding user profiles</li> <li>checking/resetting verification codes</li> <li>creating requests</li> <li>updating request status</li> <li>saving drafts</li> <li>updating profile/avatars</li> <li>modifying tokens on login/logout</li> </ul> <p>Most operations follow a consistent pattern:</p> <ol> <li>Build query in a Function node</li> <li>Send to MongoDB node</li> <li>Process result</li> <li>Route success or failure back to frontend</li> </ol> <h3> 6. Response Routing Back to UI </h3> <p>Every workflow ends with a <strong>link out</strong> node such as:</p> <p>Each of these connects back to a matching <strong>link in</strong> node attached to the correct uibuilder node.</p> <p>This ensures that the response returns to the exact uibuilder node that triggered the flow.</p> <h1> WorkFlows </h1> <h2> a. Main Workflow </h2> <p>Main Workflow is the entry point of the application. TC-Main tab contains 2 uibuilder nodes with following URLs:</p> <ol> <li>login</li> <li>dashboard</li> </ol> <p>Most of the requests(msg) coming from these 2 uibuilder contain:</p> <ul> <li>msg.type(dashboard requests) or msg.auth.type(login request): for routing and checking request type</li> <li>msg.auth : for authentication and authorization</li> <li>msg.payload : the data coming from front-end. it comes with different name such as : msg.userId , msg.companyDetails and etc.</li> </ul> <h3> a.1. Login uibuilder </h3> <p>This node contains the front-end source code for login and sign-up page. Each incoming request related to user sign-up, login and forget password comes from this node. The URL of this node is “login”.</p> <h3> a.2. Dashboard Uibuilder </h3> <p>This node contains the dashboard source code . All the requests coming from dashboard are sent from this node.</p> <p>Note : Before each uibuilder node, there is a specific link-in node which receive the response from other flows and after each of them , there is debug node which displays the incoming request from uibuilder.</p> <h3> a.3. Auth Flow for login </h3> <p>Right after each uibuilder node , there is a Auth flow which does authentication and authorization. It checks msg.auth.userToken to verify user’s token.</p> <p>Example Request :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"auth"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"userToken"</span><span class="p">:</span><span class="w"> </span><span class="s2">"mipu8povvawyrs6t"</span><span class="p">,</span><span class="w"> </span><span class="nl">"clientId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"n0FLDra1km8sKx7hMCw9j"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"_socketId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"C97hCGuZSGTqqRFAAA_W"</span><span class="p">,</span><span class="w"> </span><span class="nl">"_msgid"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1bae240438dd8954"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Checking msg.auth.userToken is done by a flow which sits between uibuilder node and switch node the unction nodes of this flow. Table below represents the flow for validating user token :</p> <ul> <li>Initial token check ⇒ check if userToken has a value or not : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">//</span><span class="w"> </span><span class="err">Normalize</span><span class="w"> </span><span class="err">so</span><span class="w"> </span><span class="err">msg.auth</span><span class="w"> </span><span class="err">always</span><span class="w"> </span><span class="err">exists</span><span class="w"> </span><span class="err">msg.auth</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.auth</span><span class="w"> </span><span class="err">||</span><span class="w"> </span><span class="err">msg.payload?.auth</span><span class="w"> </span><span class="err">||</span><span class="w"> </span><span class="p">{}</span><span class="err">;</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">(msg.auth.userToken)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"hasToken"</span><span class="err">;</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">else</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"hasNotToken"</span><span class="err">;</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>Then switch on payload to check if userToken has a value</li> <li>Check token match : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.collection</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"Users"</span><span class="w"> </span><span class="err">msg.operation</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"findOne"</span><span class="w"> </span><span class="err">msg.auth</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.auth</span><span class="w"> </span><span class="err">||</span><span class="w"> </span><span class="err">msg.payload?.auth</span><span class="w"> </span><span class="err">||</span><span class="w"> </span><span class="p">{}</span><span class="err">;</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">token:</span><span class="w"> </span><span class="err">msg.auth.userToken</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>switch to payload and check if it it null or not</li> <li>if null : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"state"</span><span class="p">:</span><span class="w"> </span><span class="s2">"notLoggedIn"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>if not null ( token exists ) : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">const</span><span class="w"> </span><span class="err">now</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">Date.now();</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">milliseconds</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">expiryMs</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">new</span><span class="w"> </span><span class="err">Date(msg.payload.expiresAt).getTime();</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">convert</span><span class="w"> </span><span class="err">DB</span><span class="w"> </span><span class="err">date</span><span class="w"> </span><span class="err">to</span><span class="w"> </span><span class="err">ms</span><span class="w"> </span><span class="err">msg.userData</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.payload;</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">(now</span><span class="w"> </span><span class="err">&lt;=</span><span class="w"> </span><span class="err">expiryMs)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">msg.payload.isNotExpired</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="kc">true</span><span class="err">;</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">still</span><span class="w"> </span><span class="err">valid</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">else</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">msg.payload.isNotExpired</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="kc">false</span><span class="err">;</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">expired</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>if token expired : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"state"</span><span class="p">:</span><span class="w"> </span><span class="s2">"notLoggedIn"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>if token isn’t expired the request will be routed to check request type switch</li> </ul> <p>So when the request enters this workflow:</p> <ol> <li>The flow checks if msg.auth.userToken has a value , exists in Users collection, not expired.</li> <li>Saves user data.</li> <li>** routes request to the check request type switch node if token has no value.</li> <li>returns a no token response if token is empty, invalid or expired</li> <li>returns a redirect response to uibuilder node if token is valid.</li> </ol> <ul> <li>No Token Response </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"state"</span><span class="p">:</span><span class="w"> </span><span class="s2">"notLoggedIn"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Valid Token Response </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="s2">"payload"</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="w"> </span><span class="s2">"login"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"redirect"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"User Already Logged In"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> a.4. Auth Flow for dashboard </h3> <p>Authentication and Authorization for dashboard is pretty same as login flow and it has all same nodes but with a minor difference:</p> <p>when the request enters this workflow:</p> <ol> <li>The flow checks if msg.auth.userToken has a value , exists in Users collection, not expired.</li> <li>Saves user data.</li> <li>** routes request to the check request type switch node if token is valid **</li> <li>returns a no token response if token is empty, invalid or expired</li> </ol> <h3> a.5. Check request type </h3> <p>In TC-Main tab There 2 swith nodes which check request type using msg.auth.type field which comes with almost every request. After auth flow, the incoming request is routed to this node to check which type of operation must be executed.</p> <h3> a.5.1 Check request for Login page </h3> <p>The switch node for login uibuilder request check the below types:</p> <ul> <li>signup-validateInputs</li> <li>signup-verifyEmail&amp;createUser</li> <li>signup-resendEmailVerifyCode</li> <li>signup-cancelEmailVerification</li> <li>login</li> <li>resetPassword</li> <li>resendResetPassword</li> <li>sendResetCode</li> <li>setNewPassword</li> <li>cancelResetPassword</li> </ul> <p>The output of each type is connected to a link-out node which routes the message to it’s specific flow.</p> <h3> a.5.2 Check request for Dashboard </h3> <p>The switch node for login uibuilder request check the below types:</p> <ul> <li>getDashboard</li> <li>createRequest</li> <li>archiveRequest</li> <li>auditRequest</li> <li>approveRequest</li> <li>editCompanyDetails</li> <li>editProfile</li> <li>updateAvatar</li> <li>createDraft</li> <li>updateDraft</li> <li>getDrafts</li> <li>setRole</li> <li>deleteDraft</li> <li>logOut</li> </ul> <p>The getDashboard output is connected to a function which find the role of the user and after that routes the message to correct dashboard data flow.</p> <h2> b. Sign-up Workflow </h2> <p>Sign-up Workflow is responsible for creating new user accounts. It is located inside TC-Signup tab which has 3 flows to handle sign-up logic. Below here are the request types which are routed to this tab :</p> <ul> <li>signup-validateInputs</li> <li>signup-verifyEmail&amp;createUser</li> <li>signup-resendEmailVerifyCode</li> <li>signup-cancelEmailVerification</li> </ul> <p>so if msg.type matches one these types inside check request type switch node , it is routed to this workflow.</p> <p>Below here is the step by step sign-up logic of 3 the flows, each flow explaining its own functionality :</p> <h3> a.1. First Flow </h3> <p>This flow is responsible for checking email uniqueness, inputs and verification code generation. This flow is activated when users clicks on sign-up button. The flow receives the following request and implements the step by step logic listed below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"auth"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"clientId"</span><span class="p">:</span><span class="s2">"n0FLDra1km8sKx7hMCw9j"</span><span class="p">,</span><span class="w"> </span><span class="nl">"fullName"</span><span class="p">:</span><span class="s2">"Hossein Rafieekhah"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="s2">"hosseinrafieekhah@gmail.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"password"</span><span class="p">:</span><span class="s2">"111111"</span><span class="p">,</span><span class="w"> </span><span class="nl">"confirmPassword"</span><span class="p">:</span><span class="s2">"111111"</span><span class="p">,</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="s2">"signup-validateInputs"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"_socketId"</span><span class="p">:</span><span class="s2">"M5v_T-zD9ctkUW-1ABIR"</span><span class="p">,</span><span class="w"> </span><span class="nl">"_msgid"</span><span class="p">:</span><span class="s2">"d5cd744bbc0f1187"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Then the flow : </p> <ul> <li>Checks if user doesn’t already exists in Users collection using his email</li> <li>Send failed response if user already exists : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"payload"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="s2">"register"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="s2">"failed"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="s2">"User With This Email Already Exists"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Check if user inputs are not empty</li> <li>Send failed response if empty : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="w"> </span><span class="s2">"register"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"failed"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Invalid Inputs"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Delete user’s old verification codes from EmailVerificationCodes collection if there is any</li> <li>Generate a 6-digit verification code with 2 minute expiry and prepare email topic and payload</li> <li>Send email with email node</li> <li>insert email into EmailVerificationCodes collection : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.collection</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"EmailVerificationCodes"</span><span class="err">;</span><span class="w"> </span><span class="err">msg.operation</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"insertOne"</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">expiryUTC</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">new</span><span class="w"> </span><span class="err">Date(Date.now()</span><span class="w"> </span><span class="err">+</span><span class="w"> </span><span class="mi">2</span><span class="w"> </span><span class="err">*</span><span class="w"> </span><span class="mi">60</span><span class="w"> </span><span class="err">*</span><span class="w"> </span><span class="mi">1000</span><span class="err">);</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="mi">2</span><span class="w"> </span><span class="err">minutes</span><span class="w"> </span><span class="err">from</span><span class="w"> </span><span class="err">now</span><span class="w"> </span><span class="err">(UTC)</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">email:</span><span class="w"> </span><span class="err">msg.auth.email</span><span class="p">,</span><span class="w"> </span><span class="err">verifyCode:</span><span class="w"> </span><span class="err">msg.emailVerifyCode</span><span class="p">,</span><span class="w"> </span><span class="err">expiry:</span><span class="w"> </span><span class="err">expiryUTC</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>send a success response to notify front-end email has been sent : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"payload"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="s2">"signup"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="s2">"success"</span><span class="p">,</span><span class="w"> </span><span class="nl">"state"</span><span class="p">:</span><span class="s2">"validInputs"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Note : The resend code option with (msg.auth.type = signup-resendEmailVerifyCode) in linked to the delete users verification codes node not at the beginning of the flow.</p> <h3> a.2. Second Flow </h3> <p>This flow handles code verification for sign-up user account creation. The flow receives the following request and implements the step by step logic listed below:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"auth"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"clientId"</span><span class="p">:</span><span class="s2">"n0FLDra1km8sKx7hMCw9j"</span><span class="p">,</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="s2">"signup-verifyEmail&amp;createUser"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="s2">"alirezabsh.apps@gmail.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"fullName"</span><span class="p">:</span><span class="s2">"alireza"</span><span class="p">,</span><span class="w"> </span><span class="nl">"password"</span><span class="p">:</span><span class="s2">"111111"</span><span class="p">,</span><span class="w"> </span><span class="nl">"confirmPassword"</span><span class="p">:</span><span class="s2">"111111"</span><span class="p">,</span><span class="w"> </span><span class="nl">"code"</span><span class="p">:</span><span class="s2">"111111"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"_socketId"</span><span class="p">:</span><span class="s2">"M5v_T-zD9ctkUW-1ABIR"</span><span class="p">,</span><span class="w"> </span><span class="nl">"topic"</span><span class="p">:</span><span class="s2">"Verify Your Email Address – TrustedCloud "</span><span class="p">,</span><span class="w"> </span><span class="nl">"_msgid"</span><span class="p">:</span><span class="s2">"ef5cc28575fbbfa3"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Then the flow :</p> <ul> <li>Check if the user’s code exists in DB</li> <li>Check code expiry and save it</li> <li>Send response if code is expired </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"payload"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="s2">"verifyEmail"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="s2">"expiredCode"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="s2">"The verification Code Is Expired. Please choose resend code option to get a new code."</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Send response if code is invalid </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"payload"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="s2">"verifyEmail"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="s2">"invalidCode"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="s2">"The verification Code Is Invalid."</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Find last user with highest userId</li> <li>Add 1 to it and save it</li> <li>Hash users password</li> <li>Create user (insert user document )</li> <li>Send success response </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">//</span><span class="w"> </span><span class="err">###</span><span class="w"> </span><span class="err">Response</span><span class="w"> </span><span class="err">-</span><span class="w"> </span><span class="err">ValidEmail</span><span class="w"> </span><span class="err">###</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"payload"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="s2">"register"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="s2">"success"</span><span class="p">,</span><span class="w"> </span><span class="nl">"state"</span><span class="p">:</span><span class="s2">"verifiedEmail"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="s2">"user created successfully"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Delete the verificatoon code from DB</li> </ul> <h3> a.3. Third Flow </h3> <p>This flow handles the cancelation of code verification . When user clicks on ❌ icon in code verification pop-up. A request with (msg.auth.type=signup-cancelEmailVerification) is sent to this flow. It uses the email to delete sent verification code.</p> <p>Example Request<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"auth"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="s2">"alirezabsh.apps@gmail.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="s2">"signup-cancelEmailVerification"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"_socketId"</span><span class="p">:</span><span class="s2">"M5v_T-zD9ctkUW-1ABIR"</span><span class="p">,</span><span class="w"> </span><span class="nl">"topic"</span><span class="p">:</span><span class="s2">"Verify Your Email Address – TrustedCloud "</span><span class="p">,</span><span class="w"> </span><span class="nl">"_msgid"</span><span class="p">:</span><span class="s2">"3d50d44f359b2af0"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> c. Login Workflow </h2> <p>Login flows is located inside TC-Login tab. A single flow is responsible for handling login logic. </p> <p>It checks user credentials, generate a new fresh random access token and redirect user to dashboard. The msg.auth.type with value of “login” is routed to this flow. This flow receives the following request :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"auth"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"clientId"</span><span class="p">:</span><span class="s2">"n0FLDra1km8sKx7hMCw9j"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="s2">"alirezabsh.apps@gmail.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"password"</span><span class="p">:</span><span class="s2">"111111"</span><span class="p">,</span><span class="w"> </span><span class="nl">"rememberMe"</span><span class="p">:</span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="s2">"login"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"_socketId"</span><span class="p">:</span><span class="s2">"qpav191Nuyx1GVY8ABKi"</span><span class="p">,</span><span class="w"> </span><span class="nl">"_msgid"</span><span class="p">:</span><span class="s2">"bad7f6719cb0b974"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Then the flow :</p> <ul> <li>Checks if incoming email exists in DB (Users collection)</li> <li>Sends Invalid Credentials error if email not found : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="w"> </span><span class="s2">"login"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Invalid Credentials"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Invalid email or password"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Compares passwords</li> <li>Sends Invalid Credentials error if password do not match : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="w"> </span><span class="s2">"login"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Invalid Credentials"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Invalid email or password"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>If email and password are valid , a random 16-character token is generated with its 7-day expiry and the clientId is updated : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">//</span><span class="w"> </span><span class="err">generate</span><span class="w"> </span><span class="err">a</span><span class="w"> </span><span class="err">radnom</span><span class="w"> </span><span class="mi">16</span><span class="err">-char</span><span class="w"> </span><span class="err">access</span><span class="w"> </span><span class="err">token</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">token</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">Date.now().toString(</span><span class="mi">36</span><span class="err">)</span><span class="w"> </span><span class="err">+</span><span class="w"> </span><span class="err">Math.random().toString(</span><span class="mi">36</span><span class="err">).substring(</span><span class="mi">2</span><span class="err">,</span><span class="w"> </span><span class="mi">10</span><span class="err">);</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">set</span><span class="w"> </span><span class="mi">7</span><span class="err">-day</span><span class="w"> </span><span class="err">expiry</span><span class="w"> </span><span class="err">for</span><span class="w"> </span><span class="err">token</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">expiresAt</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">new</span><span class="w"> </span><span class="err">Date(Date.now()</span><span class="w"> </span><span class="err">+</span><span class="w"> </span><span class="mi">604800000</span><span class="err">);</span><span class="w"> </span><span class="err">msg.auth.userToken</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">token;</span><span class="w"> </span><span class="err">msg.auth.expiresAt</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">expiresAt;</span><span class="w"> </span><span class="err">msg.collection</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"Users"</span><span class="w"> </span><span class="err">msg.operation</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"updateOne"</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">email:</span><span class="w"> </span><span class="err">msg.auth.email</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">$set:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">token:</span><span class="w"> </span><span class="err">token</span><span class="p">,</span><span class="w"> </span><span class="err">expiresAt:</span><span class="w"> </span><span class="err">expiresAt</span><span class="p">,</span><span class="w"> </span><span class="err">clientId:</span><span class="w"> </span><span class="err">msg.auth.clientId</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">upsert:</span><span class="w"> </span><span class="kc">false</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="err">;</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>A success login response is sent to browser along with token, and token is set inside user’s cookie ( front-end code handles setting cookie) : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"payload"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="s2">"login"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="s2">"success"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="s2">"logged in successfully"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"auth"</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"userToken"</span><span class="p">:</span><span class="w"> </span><span class="s2">"16-char-token"</span><span class="p">,</span><span class="w"> </span><span class="nl">"expiresAt"</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="s2">"expiryDate"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Note : Each time user logs in, a new access token is generated so the old will be replaced by the new one.</p> <h2> d. Forget Password Workflow </h2> <p>Forget Password handles resetting user’s password by providing a 6-digit code which is sent user’s email after verifying their email. After checking the code, users are able to reset their password. This workflow has 4 flow to handle this functionality which are located inside TC-ForgetPassword tab. </p> <p>Below here are the request types which are routed to this workflow :</p> <ul> <li>resetPassword</li> <li>resendResetPassword</li> <li>sendResetCode</li> <li>setNewPassword</li> <li>cancelResetPassword</li> </ul> <p>Here the logic behind each flow is explained by order which makes it easy to understand the step by step implementation of resetting user’s password:</p> <h3> d.1. First flow </h3> <p>The first flow verifies user’s email , delete old 6-digit verification codes in ResetPasswordCodes collection if there is any , prepare email body and code , send email and save code with its 2 minutes expiry along users email. This flow receive the request below :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"auth"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="s2">"resetPassword"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="s2">"alirezabsh.app@gmail.com"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"_socketId"</span><span class="p">:</span><span class="s2">"fLbns1iB2ABwrfu_ABIs"</span><span class="p">,</span><span class="w"> </span><span class="nl">"_msgid"</span><span class="p">:</span><span class="s2">"5756a599021d711e"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Then : </p> <ol> <li>Checks if incoming email exists in DB.</li> <li>Send response if email exists : </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"payload"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="s2">"resetPassword"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="s2">"validEmail"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="s2">"valid email"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ol> <li>Send response if email doesn’t exist : </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"payload"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="s2">"resetPassword"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="s2">"invalidEmail"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="s2">"Invalid email"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Delete all old 6-digit generated codes from ResetPasswordCodes collection</li> <li>prepare email topic , body and generate a 6 digit code</li> <li>Send email using email node</li> <li>save 6-digit code with its 2 minute expiry and user’s email inside ResetPasswordCodes collection : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.collection</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"ResetPasswordCodes"</span><span class="err">;</span><span class="w"> </span><span class="err">msg.operation</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"insertOne"</span><span class="err">;</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">codeExpiry</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">new</span><span class="w"> </span><span class="err">Date(Date.now()</span><span class="w"> </span><span class="err">+</span><span class="w"> </span><span class="mi">2</span><span class="w"> </span><span class="err">*</span><span class="w"> </span><span class="mi">60</span><span class="w"> </span><span class="err">*</span><span class="w"> </span><span class="mi">1000</span><span class="err">);</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="mi">2</span><span class="w"> </span><span class="err">minutes</span><span class="w"> </span><span class="err">from</span><span class="w"> </span><span class="err">now</span><span class="w"> </span><span class="err">(UTC)</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">email:</span><span class="w"> </span><span class="err">msg.auth.email</span><span class="p">,</span><span class="w"> </span><span class="err">code:</span><span class="w"> </span><span class="err">msg.resetCode</span><span class="p">,</span><span class="w"> </span><span class="err">expiry:</span><span class="w"> </span><span class="err">codeExpiry</span><span class="p">,</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <p>Note : resend option is routed directly to the beginning of step 4; because user’s email has already been checked. </p> <h3> d.2. Second flow </h3> <p>The second flow verifies input code, check expiry send response and deletes the code from DB. This flow receives the request below :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"auth"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="s2">"sendResetCode"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="s2">"alirezabsh.apps@gmail.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"code"</span><span class="p">:</span><span class="s2">"111111"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"_socketId"</span><span class="p">:</span><span class="s2">"fLbns1iB2ABwrfu_ABIs"</span><span class="p">,</span><span class="w"> </span><span class="nl">"topic"</span><span class="p">:</span><span class="s2">"uibuilder"</span><span class="p">,</span><span class="w"> </span><span class="nl">"_msgid"</span><span class="p">:</span><span class="s2">"bcc225611f1f48c8"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Then the flow :</p> <ol> <li>Checks if user’s email exists in ResetPasswordCodes collection; because each code is saved with user’s email</li> <li>If exists, it means the code is not expired. If doesn’t exist. it means the code is expired. ( we use TTL index in this collection on expiry field which automatically deletes documents after 2 minute based expiry field</li> <li> <p>Send expired code response if email could not found :<br> </p> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="w"> </span><span class="s2">"resetPassword"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"expired"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"The reset Code Is Expired. Please request a new password reset to continue."</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </li> <li> <p>Send invalid reset code response if codes do not match<br> </p> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="w"> </span><span class="s2">"resetPassword"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"invalidCode"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"The Reset Password Code Is Invalid."</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </li> <li> <p>Send valid reset code response if codes match<br> </p> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"validCode"</span><span class="p">,</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="w"> </span><span class="s2">"resetPassword"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </li> <li><p>Finally , delete the code from DB ( not needed after validation)</p></li> </ol> <h3> d.3. Third flow </h3> <p>This flow simply receives users new password, hashes it and save it into user’s document in Users collection. It receives the request below :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"auth"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="s2">"setNewPassword"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="s2">"alirezabsh.apps@gmail.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"password"</span><span class="p">:</span><span class="s2">"212121"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"_socketId"</span><span class="p">:</span><span class="s2">"fLbns1iB2ABwrfu_ABIs"</span><span class="p">,</span><span class="w"> </span><span class="nl">"topic"</span><span class="p">:</span><span class="s2">"uibuilder"</span><span class="p">,</span><span class="w"> </span><span class="nl">"_msgid"</span><span class="p">:</span><span class="s2">"38d780d25ed51112"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Then :</p> <ol> <li>Hash user’s password with bcrypt node</li> <li>Save new password into his document </li> <li>Sends success response : </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"success"</span><span class="p">,</span><span class="w"> </span><span class="nl">"action"</span><span class="p">:</span><span class="w"> </span><span class="s2">"setNewPassword"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> d.4. Fourth flow </h3> <p>This flow handles reset password cancelation. When user clicks on ❌ icon on pop-up, he requests to cancel password reset . The flow receives the request below :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"auth"</span><span class="p">:{</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="s2">"alirezabsh.apps@gmail.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="s2">"cancelResetPassword"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"_socketId"</span><span class="p">:</span><span class="s2">"fLbns1iB2ABwrfu_ABIs"</span><span class="p">,</span><span class="w"> </span><span class="nl">"topic"</span><span class="p">:</span><span class="s2">"uibuilder"</span><span class="p">,</span><span class="w"> </span><span class="nl">"_msgid"</span><span class="p">:</span><span class="s2">"aefc019258a8b760"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Then :</p> <ol> <li>Use user’s email to delete user’s 6-digit code from DB</li> </ol> <h2> e. Dashboard Data </h2> <h3> e.1. How Users Get Their dashboard data ? </h3> <p>TrustedCloud system is designed to handle 4 roles, each capable of specific actions :</p> <ul> <li> <p><strong>Applicant</strong> :</p> <ul> <li>The default role assigned to all users</li> <li>Can only see his own requests</li> <li>Has only one dashboard panel for applicant role</li> <li>Can create onboarding request and fill out the form, import a JSON to fill out the form or export the filled out fields</li> <li>Can create draft requests, complete and submit later</li> <li>Can edit their request if it has Pending or Rejected status</li> <li>Can see the decision of multiple auditors and approvers</li> <li>A decision includes : date, comment and status</li> </ul> </li> <li> <p><strong>Applicant &amp; Auditor</strong> :</p> <ul> <li>As an applicant, has all the applicant’s capabilities</li> <li>Has 2 dashboard panels, one for applicant role and one for auditor role.</li> <li>As an auditor : <ul> <li>Can see all the requests in system with different status</li> <li>Can’t see drafts made by applicant!</li> <li>Can audit ( approve or reject ) Applicant’s request with status Pending, Provide date, comment and status</li> <li>Can audit his own request</li> <li>Can reaudit the request if approver hasn’t finalized yet</li> <li>Can reaudit the request which is audited by other auditors</li> </ul> </li> </ul> </li> <li> <p>Applicant &amp; Approver</p> <ul> <li>As an applicant, has all the applicant’s capabilities</li> <li>Has 2 dashboard panels, one for applicant role and one for auditor role.</li> <li>Can see only the audited requests (approved by an auditor) , approved and rejected requests (by an approve</li> <li>Can see his own approved requests</li> <li>Can approve or reject the requests he sees; Also provide date, comment and status</li> <li>Can reapprove or reject all the requests he sees again</li> </ul> </li> <li> <p>Admin</p> <ul> <li>Monitors requests and users in system</li> <li>Can see all requests and users</li> <li>Can change user role</li> </ul> </li> </ul> <p>Based on these four roles, the system generate 4 dashboard data when the user enters the dashboard. </p> <p>Users get their dashboard data when the request below is sent :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"getDashboard"</span><span class="p">,</span><span class="w"> </span><span class="nl">"auth"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"userToken"</span><span class="p">:</span><span class="w"> </span><span class="s2">"miu845yw02qo42ur"</span><span class="p">,</span><span class="w"> </span><span class="nl">"clientId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"iom60cMlTJrYya6kEa2zD"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"_socketId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"YW57AYq2V1EScTkPAFzN"</span><span class="p">,</span><span class="w"> </span><span class="nl">"_msgid"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1ac478c7d0baf42f"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>This request is sent each time the user switches between panels, refreshes the page or redirect into dashboard from login page.</p> <p>As we said, In dashboard auth flow the msg.auth.userToken is always validated. when the token from browser is being checked, we save user’s document fields inside msg.userData to have access to the user who is requesting to get his dashboard data :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">const</span><span class="w"> </span><span class="err">now</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">Date.now();</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">expiryMs</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">new</span><span class="w"> </span><span class="err">Date(msg.payload.expiresAt).getTime();</span><span class="w"> </span><span class="err">msg.userData</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.payload;</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">Here</span><span class="w"> </span><span class="err">we</span><span class="w"> </span><span class="err">save</span><span class="w"> </span><span class="err">the</span><span class="w"> </span><span class="err">result</span><span class="w"> </span><span class="err">of</span><span class="w"> </span><span class="err">findOne</span><span class="w"> </span><span class="err">query</span><span class="w"> </span><span class="err">=&gt;</span><span class="w"> </span><span class="err">used</span><span class="w"> </span><span class="err">msg.auth.userToken</span><span class="w"> </span><span class="err">for</span><span class="w"> </span><span class="err">the</span><span class="w"> </span><span class="err">query</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">(now</span><span class="w"> </span><span class="err">&lt;=</span><span class="w"> </span><span class="err">expiryMs)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">msg.payload.isNotExpired</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="kc">true</span><span class="err">;</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">else</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">msg.payload.isNotExpired</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="kc">false</span><span class="err">;</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <p>Therefore we have roles field inside msg.userData which helps to route the request to one of the four get dashboard data flows. </p> <p>When the requests arrives at check request type switch node, The msg.type matches “getDashboard” output which then routes the request (msg) to a function that extracts user role or roles :<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">Get</span><span class="w"> </span><span class="err">array</span><span class="w"> </span><span class="err">of</span><span class="w"> </span><span class="err">roles</span><span class="w"> </span><span class="err">from</span><span class="w"> </span><span class="err">userData</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">roles</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.userData.roles</span><span class="w"> </span><span class="err">||</span><span class="w"> </span><span class="p">[]</span><span class="err">;</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">Flags</span><span class="w"> </span><span class="err">for</span><span class="w"> </span><span class="err">each</span><span class="w"> </span><span class="err">role</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">isApplicant</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">roles.includes(</span><span class="s2">"Applicant"</span><span class="err">);</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">isAuditor</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">roles.includes(</span><span class="s2">"Auditor"</span><span class="err">);</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">isApprover</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">roles.includes(</span><span class="s2">"Approver"</span><span class="err">);</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">isAdmin</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">roles.includes(</span><span class="s2">"Admin"</span><span class="err">);</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">Decide</span><span class="w"> </span><span class="err">outcome</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">(isApplicant</span><span class="w"> </span><span class="err">&amp;&amp;</span><span class="w"> </span><span class="err">!isAuditor</span><span class="w"> </span><span class="err">&amp;&amp;</span><span class="w"> </span><span class="err">!isApprover)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"isApplicant"</span><span class="err">;</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">else</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">(isApplicant</span><span class="w"> </span><span class="err">&amp;&amp;</span><span class="w"> </span><span class="err">isAuditor</span><span class="w"> </span><span class="err">&amp;&amp;</span><span class="w"> </span><span class="err">!isApprover)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"isApplicantAndAuditor"</span><span class="err">;</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">else</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">(isApplicant</span><span class="w"> </span><span class="err">&amp;&amp;</span><span class="w"> </span><span class="err">isApprover</span><span class="w"> </span><span class="err">&amp;&amp;</span><span class="w"> </span><span class="err">!isAuditor)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"isApplicantAndApprover"</span><span class="err">;</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">else</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">(!isApplicant</span><span class="w"> </span><span class="err">&amp;&amp;</span><span class="w"> </span><span class="err">!isApprover</span><span class="w"> </span><span class="err">&amp;&amp;</span><span class="w"> </span><span class="err">!isAuditor</span><span class="w"> </span><span class="err">&amp;&amp;</span><span class="w"> </span><span class="err">isAdmin)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"isAdmin"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <p>After this node , there is switch which routes the request to one of the 4 flows inside TC-GetDashboard tab; each responsible for handing dashboard data of one of the roles.</p> <p>Note : for dashboard data flows , the msg.userData is used all the time becuase it has access to user’s email , profile and etc.</p> <h3> e.2. Applicant Dashboard Data </h3> <p>In previous section , We the role of request sender is determined . Now in this section we explain the flow for getting applicant dashboard data ( role ). It is located inside TC-GetDashboard tab. Here is the step by step logic to handle this request :</p> <ul> <li>A user can have multiple draft requests which are not submitted yet. The flow gets all draft requests of the user in Drafts Collection: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.collection</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"Drafts"</span><span class="err">;</span><span class="w"> </span><span class="err">msg.operation</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"find"</span><span class="err">;</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">email:</span><span class="w"> </span><span class="err">msg.userData.email</span><span class="w"> </span><span class="p">}</span><span class="err">;</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>Saves draft requests</li> <li> <p>Gets user’s onboarding requests from request collection :<br> </p> <pre class="highlight json"><code><span class="err">msg.collection</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"Requests"</span><span class="w"> </span><span class="err">msg.operation</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"find"</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"createdBy.userId"</span><span class="p">:</span><span class="w"> </span><span class="err">msg.userData.userId</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </li> <li><p>Format the requests and save them :<br> </p></li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">//</span><span class="w"> </span><span class="err">Helper</span><span class="w"> </span><span class="err">function</span><span class="w"> </span><span class="err">to</span><span class="w"> </span><span class="err">capitalize</span><span class="w"> </span><span class="err">first</span><span class="w"> </span><span class="err">letter</span><span class="w"> </span><span class="err">safely</span><span class="w"> </span><span class="err">function</span><span class="w"> </span><span class="err">capitalize(str)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">(!str</span><span class="w"> </span><span class="err">||</span><span class="w"> </span><span class="err">typeof</span><span class="w"> </span><span class="err">str</span><span class="w"> </span><span class="err">!==</span><span class="w"> </span><span class="err">'string')</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">'';</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">str.charAt(</span><span class="mi">0</span><span class="err">).toUpperCase()</span><span class="w"> </span><span class="err">+</span><span class="w"> </span><span class="err">str.slice(</span><span class="mi">1</span><span class="err">).toLowerCase();</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.payload.map(item</span><span class="w"> </span><span class="err">=&gt;</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">id:</span><span class="w"> </span><span class="err">item.requestId</span><span class="p">,</span><span class="w"> </span><span class="err">timeEstimation:</span><span class="w"> </span><span class="err">item.timeEstimation</span><span class="p">,</span><span class="w"> </span><span class="err">status:</span><span class="w"> </span><span class="err">capitalize(item.status)</span><span class="p">,</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">Capitalized</span><span class="w"> </span><span class="err">auditInfo:</span><span class="w"> </span><span class="err">item.auditInfo</span><span class="p">,</span><span class="w"> </span><span class="err">approveInfo:</span><span class="w"> </span><span class="err">item.approveInfo</span><span class="p">,</span><span class="w"> </span><span class="err">decisionHistory:</span><span class="w"> </span><span class="err">item.decisionHistory</span><span class="p">,</span><span class="w"> </span><span class="err">companyDetails:</span><span class="w"> </span><span class="err">item.companyDetails</span><span class="w"> </span><span class="p">}</span><span class="err">;</span><span class="w"> </span><span class="p">}</span><span class="err">);</span><span class="w"> </span><span class="err">msg.applicantRequests</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.payload;</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">all</span><span class="w"> </span><span class="err">requests</span><span class="w"> </span><span class="err">for</span><span class="w"> </span><span class="err">applicant</span><span class="w"> </span><span class="err">dashboard</span><span class="w"> </span><span class="err">panel</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>Prepare applicant dashboard data (response) : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">type:</span><span class="w"> </span><span class="s2">"getDashboard"</span><span class="p">,</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">the</span><span class="w"> </span><span class="err">type</span><span class="w"> </span><span class="err">must</span><span class="w"> </span><span class="err">be</span><span class="w"> </span><span class="err">sent</span><span class="w"> </span><span class="err">back</span><span class="w"> </span><span class="err">to</span><span class="w"> </span><span class="err">the</span><span class="w"> </span><span class="err">front-end</span><span class="w"> </span><span class="err">applicantRequests:</span><span class="w"> </span><span class="err">msg.applicantRequests</span><span class="p">,</span><span class="w"> </span><span class="err">draftRequests:</span><span class="w"> </span><span class="err">msg.drafts</span><span class="p">,</span><span class="w"> </span><span class="err">profile</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">userId:</span><span class="w"> </span><span class="err">msg.userData.userId</span><span class="p">,</span><span class="w"> </span><span class="err">email:</span><span class="w"> </span><span class="err">msg.userData.email</span><span class="p">,</span><span class="w"> </span><span class="err">roles:</span><span class="w"> </span><span class="err">msg.userData.roles</span><span class="p">,</span><span class="w"> </span><span class="err">avatarUrl:</span><span class="w"> </span><span class="err">msg.userData.profile.avatarUrl</span><span class="p">,</span><span class="w"> </span><span class="err">firstName:</span><span class="w"> </span><span class="err">msg.userData.profile.firstName</span><span class="p">,</span><span class="w"> </span><span class="err">lastName:</span><span class="w"> </span><span class="err">msg.userData.profile.lastName</span><span class="p">,</span><span class="w"> </span><span class="err">contactNumber:</span><span class="w"> </span><span class="err">msg.userData.profile.contactNumber</span><span class="p">,</span><span class="w"> </span><span class="err">address:</span><span class="w"> </span><span class="err">msg.userData.profile.address</span><span class="p">,</span><span class="w"> </span><span class="err">country:</span><span class="w"> </span><span class="err">msg.userData.profile.country</span><span class="p">,</span><span class="w"> </span><span class="err">stateOrProvince:</span><span class="w"> </span><span class="err">msg.userData.profile.stateOrProvince</span><span class="p">,</span><span class="w"> </span><span class="err">postalCode:</span><span class="w"> </span><span class="err">msg.userData.profile.postalCode</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">useless</span><span class="w"> </span><span class="err">properties</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.collection;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.operation;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.userData;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.applicantRequests;</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <h3> e.3. Applicant &amp; Auditor Dashboard Data </h3> <p>Preparing dashboard data for this role is same as the previous one except for auditor role :</p> <ul> <li>Get user draft request (same as applicant role )</li> <li>Save draft requests ( same as applicant role )</li> <li>Get user onboarding request ( same as applicant role)</li> <li>Format the applicant requests and save them ( same as applicant role )</li> <li>Get user auditor dashboard data : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.collection</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"Requests"</span><span class="w"> </span><span class="err">msg.operation</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"find"</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">status:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">$in:</span><span class="w"> </span><span class="p">[</span><span class="s2">"Audited"</span><span class="p">,</span><span class="w"> </span><span class="s2">"Approved"</span><span class="p">,</span><span class="s2">"Pending"</span><span class="p">,</span><span class="w"> </span><span class="s2">"Rejected"</span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">}</span><span class="err">;</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>Format the auditor dashboard requests and save them : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">//</span><span class="w"> </span><span class="err">Helper</span><span class="w"> </span><span class="err">function</span><span class="w"> </span><span class="err">to</span><span class="w"> </span><span class="err">capitalize</span><span class="w"> </span><span class="err">first</span><span class="w"> </span><span class="err">letter</span><span class="w"> </span><span class="err">safely</span><span class="w"> </span><span class="err">function</span><span class="w"> </span><span class="err">capitalize(str)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">(!str</span><span class="w"> </span><span class="err">||</span><span class="w"> </span><span class="err">typeof</span><span class="w"> </span><span class="err">str</span><span class="w"> </span><span class="err">!==</span><span class="w"> </span><span class="err">'string')</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">'';</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">str.charAt(</span><span class="mi">0</span><span class="err">).toUpperCase()</span><span class="w"> </span><span class="err">+</span><span class="w"> </span><span class="err">str.slice(</span><span class="mi">1</span><span class="err">).toLowerCase();</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.payload.map(item</span><span class="w"> </span><span class="err">=&gt;</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">id:</span><span class="w"> </span><span class="err">item.requestId</span><span class="p">,</span><span class="w"> </span><span class="err">user:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">name:</span><span class="w"> </span><span class="err">item.createdBy.fullName</span><span class="p">,</span><span class="w"> </span><span class="err">email:</span><span class="w"> </span><span class="err">item.createdBy.email</span><span class="p">,</span><span class="w"> </span><span class="err">avatar:</span><span class="w"> </span><span class="err">item.createdBy.avatarUrl</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="err">registrationDate:</span><span class="w"> </span><span class="err">item.companyDetails.registrationDate</span><span class="p">,</span><span class="w"> </span><span class="err">priority:</span><span class="w"> </span><span class="s2">"low"</span><span class="p">,</span><span class="w"> </span><span class="err">status:</span><span class="w"> </span><span class="err">capitalize(item.status)</span><span class="p">,</span><span class="w"> </span><span class="err">archive:</span><span class="w"> </span><span class="err">item.archive</span><span class="w"> </span><span class="err">||</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="err">auditInfo:</span><span class="w"> </span><span class="err">item.auditInfo</span><span class="p">,</span><span class="w"> </span><span class="err">approveInfo:</span><span class="w"> </span><span class="err">item.approveInfo</span><span class="p">,</span><span class="w"> </span><span class="err">decisionHistory:</span><span class="w"> </span><span class="err">item.decisionHistory</span><span class="p">,</span><span class="w"> </span><span class="err">companyDetails:</span><span class="w"> </span><span class="err">item.companyDetails</span><span class="w"> </span><span class="p">}</span><span class="err">;</span><span class="w"> </span><span class="p">}</span><span class="err">);</span><span class="w"> </span><span class="err">msg.auditorRequests</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.payload;</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">all</span><span class="w"> </span><span class="err">request</span><span class="w"> </span><span class="err">for</span><span class="w"> </span><span class="err">auditor</span><span class="w"> </span><span class="err">dashboard</span><span class="w"> </span><span class="err">panel</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>Send Applicant &amp; Auditor Dashboard Response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">type:</span><span class="w"> </span><span class="s2">"getDashboard"</span><span class="p">,</span><span class="w"> </span><span class="err">applicantRequests:</span><span class="w"> </span><span class="err">msg.applicantRequests</span><span class="p">,</span><span class="w"> </span><span class="err">auditorRequests:</span><span class="w"> </span><span class="err">msg.auditorRequests</span><span class="p">,</span><span class="w"> </span><span class="err">draftRequests:</span><span class="w"> </span><span class="err">msg.drafts</span><span class="p">,</span><span class="w"> </span><span class="err">profile</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">userId:</span><span class="w"> </span><span class="err">msg.userData.userId</span><span class="p">,</span><span class="w"> </span><span class="err">email:</span><span class="w"> </span><span class="err">msg.userData.email</span><span class="p">,</span><span class="w"> </span><span class="err">roles:</span><span class="w"> </span><span class="err">msg.userData.roles</span><span class="p">,</span><span class="w"> </span><span class="err">avatarUrl:</span><span class="w"> </span><span class="err">msg.userData.profile.avatarUrl</span><span class="p">,</span><span class="w"> </span><span class="err">firstName:</span><span class="w"> </span><span class="err">msg.userData.profile.firstName</span><span class="p">,</span><span class="w"> </span><span class="err">lastName:</span><span class="w"> </span><span class="err">msg.userData.profile.lastName</span><span class="p">,</span><span class="w"> </span><span class="err">contactNumber:</span><span class="w"> </span><span class="err">msg.userData.profile.contactNumber</span><span class="p">,</span><span class="w"> </span><span class="err">address:</span><span class="w"> </span><span class="err">msg.userData.profile.address</span><span class="p">,</span><span class="w"> </span><span class="err">country:</span><span class="w"> </span><span class="err">msg.userData.profile.country</span><span class="p">,</span><span class="w"> </span><span class="err">stateOrProvince:</span><span class="w"> </span><span class="err">msg.userData.profile.stateOrProvince</span><span class="p">,</span><span class="w"> </span><span class="err">postalCode:</span><span class="w"> </span><span class="err">msg.userData.profile.postalCode</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.collection;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.operation;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.userData;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.applicantRequests;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.auditorRequests;</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <h3> e.4. Applicant &amp; Approver Dashboard Data </h3> <p>Preparing dashboard data for this role is same as the previous one except for approver role :</p> <ul> <li>Get user draft request (same as applicant role )</li> <li>Save draft requests ( same as applicant role )</li> <li>Get user onboarding request ( same as applicant role)</li> <li>Format the applicant requests and save them ( same as applicant role )</li> <li>Get user approver dashboard data : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.collection</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"Requests"</span><span class="err">;</span><span class="w"> </span><span class="err">msg.operation</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"find"</span><span class="err">;</span><span class="w"> </span><span class="err">let</span><span class="w"> </span><span class="err">query</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">status:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">$in:</span><span class="w"> </span><span class="p">[</span><span class="s2">"Audited"</span><span class="p">,</span><span class="w"> </span><span class="s2">"Approved"</span><span class="p">,</span><span class="w"> </span><span class="s2">"Rejected"</span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"auditInfo.decision"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">$ne:</span><span class="w"> </span><span class="s2">"Rejected"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">exclue</span><span class="w"> </span><span class="err">request</span><span class="w"> </span><span class="err">which</span><span class="w"> </span><span class="err">auditor</span><span class="w"> </span><span class="err">rejected</span><span class="w"> </span><span class="p">}</span><span class="err">;</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">query</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>Format the approver dashboard requests and save them : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">//</span><span class="w"> </span><span class="err">Helper</span><span class="w"> </span><span class="err">function</span><span class="w"> </span><span class="err">to</span><span class="w"> </span><span class="err">capitalize</span><span class="w"> </span><span class="err">first</span><span class="w"> </span><span class="err">letter</span><span class="w"> </span><span class="err">safely</span><span class="w"> </span><span class="err">function</span><span class="w"> </span><span class="err">capitalize(str)</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">if</span><span class="w"> </span><span class="err">(!str</span><span class="w"> </span><span class="err">||</span><span class="w"> </span><span class="err">typeof</span><span class="w"> </span><span class="err">str</span><span class="w"> </span><span class="err">!==</span><span class="w"> </span><span class="err">'string')</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">'';</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">str.charAt(</span><span class="mi">0</span><span class="err">).toUpperCase()</span><span class="w"> </span><span class="err">+</span><span class="w"> </span><span class="err">str.slice(</span><span class="mi">1</span><span class="err">).toLowerCase();</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.payload.map(item</span><span class="w"> </span><span class="err">=&gt;</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">id:</span><span class="w"> </span><span class="err">item.requestId</span><span class="p">,</span><span class="w"> </span><span class="err">user:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">name:</span><span class="w"> </span><span class="err">item.createdBy.fullName</span><span class="p">,</span><span class="w"> </span><span class="err">email:</span><span class="w"> </span><span class="err">item.createdBy.email</span><span class="p">,</span><span class="w"> </span><span class="err">avatar:</span><span class="w"> </span><span class="err">item.createdBy.avatarUrl</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="err">registrationDate:</span><span class="w"> </span><span class="err">item.companyDetails.registrationDate</span><span class="p">,</span><span class="w"> </span><span class="err">priority:</span><span class="w"> </span><span class="s2">"low"</span><span class="p">,</span><span class="w"> </span><span class="err">status:</span><span class="w"> </span><span class="err">capitalize(item.status)</span><span class="p">,</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">Capitalized</span><span class="w"> </span><span class="err">archive:</span><span class="w"> </span><span class="err">item.archive</span><span class="w"> </span><span class="err">||</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"> </span><span class="err">auditInfo:</span><span class="w"> </span><span class="err">item.auditInfo</span><span class="p">,</span><span class="w"> </span><span class="err">approveInfo:</span><span class="w"> </span><span class="err">item.approveInfo</span><span class="p">,</span><span class="w"> </span><span class="err">decisionHistory:</span><span class="w"> </span><span class="err">item.decisionHistory</span><span class="p">,</span><span class="w"> </span><span class="err">companyDetails:</span><span class="w"> </span><span class="err">item.companyDetails</span><span class="w"> </span><span class="p">}</span><span class="err">;</span><span class="w"> </span><span class="p">}</span><span class="err">);</span><span class="w"> </span><span class="err">msg.approverRequests</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="err">msg.payload;</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>Send Applicant &amp; Approver Dashboard Response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">type:</span><span class="w"> </span><span class="s2">"getDashboard"</span><span class="p">,</span><span class="w"> </span><span class="err">applicantRequests:</span><span class="w"> </span><span class="err">msg.applicantRequests</span><span class="p">,</span><span class="w"> </span><span class="err">approverRequests:</span><span class="w"> </span><span class="err">msg.approverRequests</span><span class="p">,</span><span class="w"> </span><span class="err">draftRequests:</span><span class="w"> </span><span class="err">msg.drafts</span><span class="p">,</span><span class="w"> </span><span class="err">profile</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">userId:</span><span class="w"> </span><span class="err">msg.userData.userId</span><span class="p">,</span><span class="w"> </span><span class="err">email:</span><span class="w"> </span><span class="err">msg.userData.email</span><span class="p">,</span><span class="w"> </span><span class="err">roles:</span><span class="w"> </span><span class="err">msg.userData.roles</span><span class="p">,</span><span class="w"> </span><span class="err">avatarUrl:</span><span class="w"> </span><span class="err">msg.userData.profile.avatarUrl</span><span class="p">,</span><span class="w"> </span><span class="err">firstName:</span><span class="w"> </span><span class="err">msg.userData.profile.firstName</span><span class="p">,</span><span class="w"> </span><span class="err">lastName:</span><span class="w"> </span><span class="err">msg.userData.profile.lastName</span><span class="p">,</span><span class="w"> </span><span class="err">contactNumber:</span><span class="w"> </span><span class="err">msg.userData.profile.contactNumber</span><span class="p">,</span><span class="w"> </span><span class="err">address:</span><span class="w"> </span><span class="err">msg.userData.profile.address</span><span class="p">,</span><span class="w"> </span><span class="err">country:</span><span class="w"> </span><span class="err">msg.userData.profile.country</span><span class="p">,</span><span class="w"> </span><span class="err">stateOrProvince:</span><span class="w"> </span><span class="err">msg.userData.profile.stateOrProvince</span><span class="p">,</span><span class="w"> </span><span class="err">postalCode:</span><span class="w"> </span><span class="err">msg.userData.profile.postalCode</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.collection;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.operation;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.userData;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.applicantRequests;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.auditorRequests;</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <h3> e.5. Applicant &amp; Approver Dashboard Data </h3> <p>The admin can see all the requests and user in system. Here is the flow which handles this logic :</p> <ul> <li>Get all users from Users collection except admin, exclude some fields : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.collection</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"Users"</span><span class="err">;</span><span class="w"> </span><span class="err">msg.operation</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="s2">"find"</span><span class="err">;</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">find</span><span class="w"> </span><span class="err">query</span><span class="w"> </span><span class="err">argument</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">query</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">roles:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">$ne:</span><span class="w"> </span><span class="s2">"Admin"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="err">;</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">find</span><span class="w"> </span><span class="err">option</span><span class="w"> </span><span class="err">argument</span><span class="w"> </span><span class="err">const</span><span class="w"> </span><span class="err">options</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">projection:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">_id:</span><span class="w"> </span><span class="mi">0</span><span class="p">,</span><span class="w"> </span><span class="err">clientId:</span><span class="w"> </span><span class="mi">0</span><span class="p">,</span><span class="w"> </span><span class="err">password:</span><span class="w"> </span><span class="mi">0</span><span class="p">,</span><span class="w"> </span><span class="err">expiresAt:</span><span class="w"> </span><span class="mi">0</span><span class="p">,</span><span class="w"> </span><span class="err">token:</span><span class="w"> </span><span class="mi">0</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="err">;</span><span class="w"> </span><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">[</span><span class="err">query</span><span class="p">,</span><span class="w"> </span><span class="err">options</span><span class="p">]</span><span class="err">;</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <ul> <li>Save them</li> <li>Get all requests from request collection</li> <li>Send admin dashboard response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">msg.payload</span><span class="w"> </span><span class="err">=</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">type:</span><span class="w"> </span><span class="s2">"getDashboard"</span><span class="p">,</span><span class="w"> </span><span class="err">requests:</span><span class="w"> </span><span class="err">msg.payload</span><span class="p">,</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">all</span><span class="w"> </span><span class="err">requests</span><span class="w"> </span><span class="err">in</span><span class="w"> </span><span class="err">requests</span><span class="w"> </span><span class="err">collection</span><span class="w"> </span><span class="err">usersList:</span><span class="w"> </span><span class="err">msg.listOfUsers</span><span class="p">,</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">all</span><span class="w"> </span><span class="err">users</span><span class="w"> </span><span class="err">profile:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="err">//</span><span class="w"> </span><span class="err">admin</span><span class="w"> </span><span class="err">profile</span><span class="w"> </span><span class="err">userId:</span><span class="w"> </span><span class="err">msg.userData.userId</span><span class="p">,</span><span class="w"> </span><span class="err">email:</span><span class="w"> </span><span class="err">msg.userData.email</span><span class="p">,</span><span class="w"> </span><span class="err">roles:</span><span class="w"> </span><span class="err">msg.userData.roles</span><span class="p">,</span><span class="w"> </span><span class="err">avatarUrl:</span><span class="w"> </span><span class="err">msg.userData.profile.avatarUrl</span><span class="p">,</span><span class="w"> </span><span class="err">firstName:</span><span class="w"> </span><span class="err">msg.userData.profile.firstName</span><span class="p">,</span><span class="w"> </span><span class="err">lastName:</span><span class="w"> </span><span class="err">msg.userData.profile.lastName</span><span class="p">,</span><span class="w"> </span><span class="err">contactNumber:</span><span class="w"> </span><span class="err">msg.userData.profile.contactNumber</span><span class="p">,</span><span class="w"> </span><span class="err">address:</span><span class="w"> </span><span class="err">msg.userData.profile.address</span><span class="p">,</span><span class="w"> </span><span class="err">country:</span><span class="w"> </span><span class="err">msg.userData.profile.country</span><span class="p">,</span><span class="w"> </span><span class="err">stateOrProvince:</span><span class="w"> </span><span class="err">msg.userData.profile.stateOrProvince</span><span class="p">,</span><span class="w"> </span><span class="err">postalCode:</span><span class="w"> </span><span class="err">msg.userData.profile.postalCode</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.collection;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.operation;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.userData;</span><span class="w"> </span><span class="err">delete</span><span class="w"> </span><span class="err">msg.listOfUsers;</span><span class="w"> </span><span class="err">return</span><span class="w"> </span><span class="err">msg;</span><span class="w"> </span></code></pre> </div> <h3> e.6. Get User’s Dashboard Data Using API </h3> <p>A user can also send an https request to get dashboard data in json. By providing his credentials ( email and password), He gets a access token which he can use to get his dashboard data . The TC-API tab includes two separate flows responsible for user authentication and getting user’s dashboard data. Below here is the step by step approach to get user’s dashboard data :</p> <ul> <li> <p>Authentication :</p> <ul> <li>Endpoint : <a href="https://tc.facis.cloud/service/api/login" rel="noopener noreferrer">https://tc.facis.cloud/service/api/login</a> </li> <li>Method : POST</li> <li>Body : JSON</li> <li>Format : </li> </ul> <pre class="highlight plaintext"><code>{ "email": "admin@eco.de", "password": "trustedcloud" } </code></pre> </li> <li> <p>After the request is sent, the flow :</p> <ul> <li>Validates Credentials : </li> </ul> <pre class="highlight plaintext"><code>msg.collection = "Users" msg.operation = "findOne" msg.payload = { email : msg.req.body.email } return msg; </code></pre> <ul> <li>Invalid Credentials Response ( wrong email ) </li> </ul> <pre class="highlight plaintext"><code>{ "action": "Login", "status": "Invalid Credentials", "message": "Invalid email or password" } </code></pre> <ul> <li>Compares passwords if email is correct</li> <li>Invalid Credentials Response ( wrong password ) </li> </ul> <pre class="highlight plaintext"><code>{ "action": "Login", "status": "Invalid Credentials", "message": "Invalid email or password" } </code></pre> <ul> <li>After validating credentials the API access token is created with its expiry : </li> </ul> <pre class="highlight plaintext"><code>const token = Date.now().toString(36) + Math.random().toString(36).substring(2, 10); const expiresAt = new Date(Date.now() + 604800000); msg.token = token; msg.collection = "Users" msg.operation = "updateOne" msg.payload = [ { email: msg.req.body.email }, { $set: { apiToken: token } }, { upsert: false } ]; return msg; </code></pre> <ul> <li>The response (token) is sent at the end : </li> </ul> <pre class="highlight plaintext"><code>msg.payload = { action: "Login", status: "Valid Credentials", token: msg.token } return msg; </code></pre> </li> <li> <p>Getting Dashboard Data :</p> <ul> <li>The user send an http request to <a href="https://tc.facis.cloud/service/api/dashboard" rel="noopener noreferrer">https://tc.facis.cloud/service/api/dashboard</a> endpoint</li> <li>User provides the token received from login api in header ⇒ token = “received token”</li> <li>The flow validates token : </li> </ul> <pre class="highlight plaintext"><code>msg.collection = "Users" msg.operation = "findOne" msg.payload = { apiToken: msg.req.headers.token } return msg; </code></pre> <ul> <li>the query result which is user data is saved to extract user’s role : </li> </ul> <pre class="highlight plaintext"><code>msg.userData = msg.payload; return msg; </code></pre> <ul> <li>Then a linked node is used at the end to route msg (request) to TC-Main , find roles function which then routes request to one of the 4 data dashboard flows inside TC-GetDashboard</li> </ul> </li> </ul> <h2> f. Dashboard Requests </h2> <p>The user interaction with his dashboard panel and profile tab involves multiple operations which include handling drafts, creating and reviewing onboarding requests and updating user profile . </p> <p>Below is the list of the requests coming with their type from dashboard :</p> <ul> <li>Create a draft : msg.type = “createDraft”</li> <li>Update a draft : msg.type = “updateDraft”</li> <li>Get drafts : msg.type = “getDrafts”</li> <li>Delete a draft : msg.type = “deleteDraft”</li> <li>Create a request : msg.type = “createRequest”</li> <li>Archive a request : msg.type = “archiveRequest”</li> <li>Edit a request : msg.type = “editCompanyDetails”</li> <li>Audit a request : msg.type = “auditRequest”</li> <li>Approve a request : msg.type = “approveRequest”</li> <li>Set user role : msg.type = “setRole”</li> <li>Update user avatar : msg.type = “updateAvatar”</li> <li>Update user profile : msg.tyoe = “editProfile”</li> <li>Logout : msg.type = “logOut”</li> </ul> <h3> f.1. How Dashboard Requests Are Handled ? </h3> <p>Each request, after validating access token , is routed to the TC-RequestHandling tab which contains the flows that handles requests above. The each output of check request type switch is wired to a link-out node that is connected a link-in node inside TC-RequestHandling tab . There for the incoming request is routed the correct flow .</p> <h3> f.2. Create Draft </h3> <p>Each request has the initials state of draft until submitted. When user clicks on create onboarding request button, a draft of the request with request id and user’s email is inserted inside Drafts collection. It helps to save all the changes and allow user to fill out the form later by keeping filled data.</p> <p>Below is flow which handles this request :</p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> { "type":"createDraft", "auth":{ "userToken":"mh9068y3sn0ehnao", "clientId":"nfTazIf_wXWRudFTF0_m2" }, "companyDetails":{all the fields in wizard}, "_socketId":"b1bbN-z4FWFcploIAH3z", "topic":"uibuilder", "_msgid":"3977bf9dcc6bb534" } </code></pre> </div> <ul> <li>Creates request draft : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>const randomId = Math.floor(100000 + Math.random() * 900000); // generate a random request id msg.collection = "Drafts"; msg.operation = "insertOne"; msg.payload = { requestId: randomId, email: msg.userData.email, companyDetails: msg.companyDetails // the wizard fields } msg.response = msg.payload; return msg; </code></pre> </div> <ul> <li>Sends request id (draft id) as response to the dashboard uibuilder : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// send requestId as response msg.payload = { id : msg.response.requestId, }; return msg; </code></pre> </div> <h3> f.3. Update Draft </h3> <p>To save real-time changes in wizard , every 3 second a request with new company details is sent with id . we use the id to update the draft inside Drafts collection :</p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> { "type":"updateDraft", "auth":{ "userToken":"mh9068y3sn0ehnao", "clientId":"nfTazIf_wXWRudFTF0_m2" }, "companyDetails":{ all the fields in wizard }, "requestID": 12233 "_socketId":"b1bbN-z4FWFcploIAH3z", "topic":"uibuilder", "_msgid":"3977bf9dcc6bb534" } </code></pre> </div> <ul> <li>Update company details </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Drafts"; msg.operation = "updateOne"; msg.payload = [ {requestId: msg.requestID}, {$set: {companyDetails: msg.companyDetails}} ] return msg; </code></pre> </div> <ul> <li>No Response</li> </ul> <h3> f.4. Get Drafts </h3> <p>When applicant clicks on ❌ icon to close the wizard , a request is sent to get all user drafts :</p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> { "type":"getDrafts", "auth":{ "userToken":"mh9068y3sn0ehnao", "clientId":"nfTazIf_wXWRudFTF0_m2" }, "_socketId":"b1bbN-z4FWFcploIAH3z", "topic":"uibuilder", "_msgid":"3977bf9dcc6bb534" } </code></pre> </div> <ul> <li>Get applicant’s drafts : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Drafts"; msg.operation = "find"; msg.payload = { email: msg.userData.email }; return msg; </code></pre> </div> <ul> <li>Send applicant drafts as response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type": "getDrafts", "payload": [user's draft requests] } </code></pre> </div> <h3> f.5. Delete Draft </h3> <p>Applicant can delete his drafts :</p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type":"deleteDraft", "auth":{ "userToken":"miu845yw02qo42ur", "clientId":"iom60cMlTJrYya6kEa2zD" }, "draftId":628078, "_socketId":"nLTy7CV2-7-JWCblAF3e", "topic":"uibuilder", "_msgid":"e37e96a56b7c2323" } </code></pre> </div> <ul> <li>Delete draft : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Drafts"; msg.operation = "deleteOne"; msg.payload = { requestId: msg.draftId // delete draft using id }; return msg; </code></pre> </div> <ul> <li>Send response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// send deleted draft request id as response msg.payload = { draftId: msg.draftId }; return msg; </code></pre> </div> <h3> f.6. Create Request </h3> <p>Users can fill out the forms in the wizard and submit the request . Here is the step by step logic behind creating a new request . </p> <ul> <li>When user clicks on submit button ⇒ Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type":"createRequest", "auth":{ "userToken":"mibf46czatedxkia", "clientId":"vC-whXYcY5anJIHrt_WOa" }, "companyDetails": {}, "draftID":183808, "_socketId":"ixLzeRDQJhz947JkAEcM", "topic":"uibuilder", "_msgid":"402e83deb25604e2" } </code></pre> </div> <ul> <li>Because the request has a draft instance initially, the flow deletes it first : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Drafts"; msg.operation = "deleteOne"; msg.payload = { requestId: msg.draftID } return msg; </code></pre> </div> <ul> <li>Then get all user’s draft requests and save it: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Drafts"; msg.operation = "find"; msg.payload = { email: msg.userData.email }; return msg; </code></pre> </div> <ul> <li>then get last user’s userId : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// Find query const query = {}; // empty = all docs // Find options (sort userId descending) const options = { sort: { requestId: -1 }, limit: 1 }; msg.collection = "Requests"; msg.operation = "find"; msg.payload = [query, options]; return msg; </code></pre> </div> <ul> <li>Then create the request (insert into DB): </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// add 1 to last user userId const lastRequest = (Array.isArray(msg.payload) &amp;&amp; msg.payload.length &gt; 0) ? msg.payload[0] : null; let nextId; if (!lastRequest) { nextId = 1; } else { nextId = (lastRequest.requestId || 0) + 1; } // insert request into DB msg.collection = "Requests" msg.operation = "insertOne" msg.payload = { requestId: nextId, createdBy: { userId: msg.userData.userId, fullName: msg.userData.fullName, email: msg.userData.email, avatarUrl: msg.userData.profile.avatarUrl }, companyDetails: msg.companyDetails, priority: "low", status: "Pending", archive: false, timeEstimation: "10 business day", auditInfo: [], approveInfo: [], createdAt: new Date(), decisionHistory: [] } msg.request = msg.payload; return msg; </code></pre> </div> <ul> <li>Send Response (payload and response fields are both needed) : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// send request document fields, companyDetails and user draft requests msg.payload = { archive: msg.request.archive, auditDate: msg.request.auditInfo.date, auditorComment: msg.request.auditInfo.comment, companyDetails: msg.request.companyDetails, id: msg.request.requestId, status: msg.request.status, timeEstimation: msg.request.timeEstimation, title: msg.request.companyDetails.companyName, draftRequests: msg.draftRequests, createdAt: msg.request.createdAt } msg.response = { status: "success", action: "createRequest", message: "Request Created Successfully" } // remove useless fields delete msg.auth; delete msg.companyDetails; delete msg.collection; delete msg.operation; delete msg.userData; delete msg.request; return msg; </code></pre> </div> <h3> f.7. Edit Request </h3> <p>Applicants can edit their request when the status is Pending or Rejected :</p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type":"editCompanyDetails", "auth":{ "userToken":"mhunlv5sr22g99ed", "clientId":"z8QDDMrSqr84FjT4wYXF8" }, "requestID":32, "companyDetails":{ all the fields in wizard }, "_socketId":"O7ELWx_woqymqJ_-ABTC", "topic":"uibuilder", "_msgid":"2666a59d3f19718c" } </code></pre> </div> <ul> <li>The flow checks msg.status</li> <li>If Pending, only updates new company details: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Requests"; msg.operation = "updateOne"; msg.payload = [ { requestId: msg.requestID }, { $set: { companyDetails: msg.companyDetails} } ]; return msg; </code></pre> </div> <ul> <li>If Rejected, updates company details along status : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Requests"; msg.operation = "updateOne"; msg.payload = [ { requestId: msg.requestID }, { $set: { companyDetails: msg.companyDetails, status: "Pending"} } ]; return msg; </code></pre> </div> <ul> <li>Response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.response = { status: "success", action: "editCompanyDetails", message: "Company details edited successfully" }; delete msg.auth; delete msg.collection; delete msg.operation; delete msg.userData; return msg; </code></pre> </div> <h3> f.8. Archive Request </h3> <p>Applicant , auditor and approver can archive a request which puts request into archive tab :</p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type":"archiveRequest", "auth":{ "userToken":"mhulornneiazg6qq", "clientId":"z8QDDMrSqr84FjT4wYXF8" }, "requestID":28, "_socketId":"sNOGZS6_IaOeQNITABOR", "topic":"uibuilder", "_msgid":"29ac7ba9a5639b8d" } </code></pre> </div> <ul> <li>Find the request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Requests" msg.operation = "findOne" msg.payload = { requestId: msg.requestID } return msg; </code></pre> </div> <ul> <li>Archive it : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>let currentArchive = msg.payload.archive === true; // make sure it's boolean let newArchive = !currentArchive; // toggle msg.collection = "Requests"; msg.operation = "updateOne"; msg.payload = [ { requestId: msg.requestID }, { $set: { archive: newArchive } } ]; return msg; </code></pre> </div> <ul> <li>Response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.payload = { status: "success", action: "archiveRequest", message: "Request Archived Successfully" } delete msg.auth; delete msg.collection; delete msg.operation; delete msg.userData; delete msg.response; return msg; </code></pre> </div> <h3> f.9. Audit Request </h3> <p>The auditor audits the request (approves or rejects) by providing his decision :</p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type":"auditRequest", "auth":{ "userToken":"miu845yw02qo42ur", "clientId":"iom60cMlTJrYya6kEa2zD" }, "userId":3, "requestId":4, "auditDecision":{ "status":"Audited", "date":"2025-12-09", "comment":"dfg", "profile":{ "userId":3, "email":"alireza@gmail.com", "roles":[ "Applicant", "Auditor" ], "avatarUrl":"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBxITEhUSExMVFhUXFxcVGBcVGBUVFxgXGBcXGBcXFRUYHSggGBolGxUVITEhJSkrLi4uFx8zODMsNygtLisBCgoKDg0OGxAQGy0lHyUtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLf/AABEIAPsAyQMBEQACEQEDEQH/xAAbAAADAQEBAQEAAAAAAAAAAAADBAUCBgEAB//EAEEQAAEDAgMFBgQDBwMCBwAAAAEAAgMRIQQSMQVBUWFxBhMigZGhMrHB8EJS0RQjYnKC4fEkM6IVQzRTY5Kz0uL/xAAbAQACAwEBAQAAAAAAAAAAAAACBAEDBQAGB//EADARAAICAQQBAwMDAgcBAAAAAAABAgMRBBIhMQUTIkEyUWEGFHFCgSMkM5GhsdHB/9oADAMBAAIRAxEAPwCfEF2D0+RuNcTkMCuYXB7mQNgpngcqmwuAlUOQ0aaociG0NRhAVobiC5dksMArYlbYWMq4CXQwwKRaTN5VBU2byoCqTBzIX0LyEZEDKmfRlVsAZjKFHBw5FkLJ6ChDQWNiJIIYYxWrglm8pXHYMvUgsUmkXECveqNwPB+ewyJo9G2ORvXA7wweobJ3mHvQM5Pk+Y5UyYaYeNBkLIwxQwWNMKkLAy0rkcEqrUC0grCjTAkhqJ29EKzQXVRkXZvchKpAZ0LKJCD9UDK2ZY5VMrCskUYODNcpJQxEiSLEORNRIIZY1GEe0XHC8x1XEMmYp6hgiPeKsg4CN6cybzHoCpyQxpoUEYMvChlkVg8jKXsRakNxFVhYGmhcgMBQiRYFa6ilEGzIjR2UEZIiQEhqJ6sXItKLYCbbcEbsrpADw1RODXZdDxt01uSKLcUwgHMOV1W4sSnpbc42mJcQziu2Mp/ZWv4FZFXJYFLKpQ+pAXKp9FLR4...", "firstName":"alireza", "lastName":"behnam shivaa", "contactNumber":"", "address":"Tehran", "country":"", "stateOrProvince":"", "postalCode":"" }, "role":"Auditor" }, "_socketId":"l8pE-iDIAHbVcyr3AF3w", "topic":"uibuilder", "_msgid":"f8998cd108dafb2b" } </code></pre> </div> <ul> <li>Audit (approve or reject) the request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Requests" msg.operation = "updateOne" msg.payload = [ { requestId: msg.requestId }, { $set: { status: msg.auditDecision.status }, $push: { auditInfo: msg.auditDecision, decisionHistory: msg.auditDecision } } ] return msg; </code></pre> </div> <ul> <li>Response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.response = { status: "success", action: "auditRequest", message: "Request Audited Successfully" } delete msg.auth; delete msg.collection; delete msg.operation; delete msg.userData; return msg; </code></pre> </div> <h3> f.10. Approve Request </h3> <p>Approve approves or rejects the audited requests that are approved by the auditor :</p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type":"approveRequest", "auth":{ "userToken":"miu845yw02qo42ur", "clientId":"iom60cMlTJrYya6kEa2zD" }, "userId":3, "requestId":4, "approverDecision":{ "status":"Approved", "date":"2025-12-15", "comment":"good", "profile":{ "userId":3, "email":"alireza@gmail.com", "roles":[ "Applicant", "Approver" ], "avatarUrl":"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBxITEhUSExMVFhUXFxcVGBcVGBUVFxgXGBcXGBcXFRUYHSggGBolGxUVITEhJSkrLi4uFx8zODMsNygtLisBCgoKDg0OGxAQGy0lHyUtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLf/AABEIAPsAyQMBEQACEQEDEQH/xAAbAAADAQEBAQEAAAAAAAAAAAADBAUCBgEAB//EAEEQAAEDAgMFBgQDBwMCBwAAAAEAAgMRIQQSMQVBUWFxBhMigZGhMrHB8EJS0RQjYnKC4fEkM6IVQzRTY5Kz0uL/xAAbAQACAwEBAQAAAAAAAAAAAAACBAEDBQAGB//EADARAAICAQQBAwMDAgcBAAAAAAABAgMRBBIhMQUTIkEyUWEGFHFCgSMkM5GhsdHB/9oADAMBAAIRAxEAPwCfEF2D0+RuNcTkMCuYXB7mQNgpngcqmwuAlUOQ0aaociG0NRhAVobiC5dksMArYlbYWMq4CXQwwKRaTN5VBU2byoCqTBzIX0LyEZEDKmfRlVsAZjKFHBw5FkLJ6ChDQWNiJIIYYxWrglm8pXHYMvUgsUmkXECveqNwPB+ewyJo9G2ORvXA7wweobJ3mHvQM5Pk+Y5UyYaYeNBkLIwxQwWNMKkLAy0rkcEqrUC0grCjTAkhqJ29EKzQXVRkXZvchKpAZ0LKJCD9UDK2ZY5VMrCskUYODNcpJQxEiSLEORNRIIZY1GEe0XHC8x1XEMmYp6hgiPeKsg4CN6cybzHoCpyQxpoUEYMvChlkVg8jKXsRakNxFVhYGmhcgMBQiRYFa6ilEGzIjR2UEZIiQEhqJ6sXItKLYCbbcEbsrpADw1RODXZdDxt01uSKLcUwgHMOV1W4sSnpbc42mJcQziu2Mp/ZWv4FZFXJYFLKpQ+pAXKp9FLR4...", "firstName":"alireza", "lastName":"behnam shivaa", "contactNumber":"", "address":"Tehran", "country":"", "stateOrProvince":"", "postalCode":"" }, "role":"Approver" }, "_socketId":"0-8VfLQiiw3VKklbAF36", "topic":"uibuilder", "_msgid":"c26956511cae17f2" } </code></pre> </div> <ul> <li>Approve or reject the request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Requests" msg.operation = "updateOne" msg.payload = [ { requestId: msg.requestId }, { $set: { status: msg.approverDecision.status }, $push: { approveInfo: msg.approverDecision, decisionHistory: msg.approverDecision } } ] return msg; </code></pre> </div> <ul> <li>Response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.response = { status: "success", action: "approveRequest", message: "Request Approved Successfully" } delete msg.auth; delete msg.collection; delete msg.operation; delete msg.userData; return msg; </code></pre> </div> <h3> f.11. Set Role </h3> <p>Admin can set or change user roles in his dashboard : </p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type":"setRole", "auth":{ "userToken":"mibemj786j5uo2us", "clientId":"vC-whXYcY5anJIHrt_WOa" }, "editAdmin":{ "userId":28, "isAuditor":true }, "_socketId":"Mu7fSfuQQIsWovEjAEaz", "topic":"uibuilder", "_msgid":"5025c1435b706710" } </code></pre> </div> <ul> <li>Update user’s role : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>const edit = msg.editAdmin; const { userId } = edit; const flagToRole = { isApplicant: "Applicant", isApprover: "Approver", isAuditor: "Auditor" }; let op = {}; let set = { updatedAt: new Date() }; for (const flag in flagToRole) { if (flag in edit) { const role = flagToRole[flag]; const val = edit[flag]; const isTrue = val === true || String(val).toLowerCase() === "true"; const isFalse = val === false || String(val).toLowerCase() === "false"; if (isTrue) { if (!op.$addToSet) op.$addToSet = { roles: { $each: [] } }; op.$addToSet.roles.$each.push(role); } else if (isFalse) { if (!op.$pull) op.$pull = { roles: { $in: [] } }; op.$pull.roles.$in.push(role); } } } op.$set = set; msg.collection = "Users"; msg.operation = "updateOne"; msg.payload = [ { userId: userId }, op, { upsert: false } ]; return msg; </code></pre> </div> <ul> <li>Response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// Send User Roles and UserId As Response msg.collection = "Users"; msg.operation = "findOne"; msg.payload = [ {userId: msg.editAdmin.userId}, {projection: { roles: 1, userId: 1, _id: 0}} ]; return msg; </code></pre> </div> <h3> f.12. Edit Profile </h3> <p>Inside dashboard , user can update his profile : </p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type":"editProfile", "auth":{ "userToken":"miu845yw02qo42ur", "clientId":"iom60cMlTJrYya6kEa2zD" }, "profile":{ "userId":3, "email":"alireza@gmail.com", "roles":[ "Applicant", "Approver" ], "avatarUrl":"data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAkGBxITEhUSExMVFhUXFxcVGBcVGBUVFxgXGBcXGBcXFRUYHSggGBolGxUVITEhJSkrLi4uFx8zODMsNygtLisBCgoKDg0OGxAQGy0lHyUtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLf/AABEIAPsAyQMBEQACEQEDEQH/xAAbAAADAQEBAQEAAAAAAAAAAAADBAUCBgEAB//EAEEQAAEDAgMFBgQDBwMCBwAAAAEAAgMRIQQSMQVBUWFxBhMigZGhMrHB8EJS0RQjYnKC4fEkM6IVQzRTY5Kz0uL/xAAbAQACAwEBAQAAAAAAAAAAAAACBAEDBQAGB//EADARAAICAQQBAwMDAgcBAAAAAAABAgMRBBIhMQUTIkEyUWEGFHFCgSMkM5GhsdHB/9oADAMBAAIRAxEAPwCfEF2D0+RuNcTkMCuYXB7mQNgpngcqmwuAlUOQ0aaociG0NRhAVobiC5dksMArYlbYWMq4CXQwwKRaTN5VBU2byoCqTBzIX0LyEZEDKmfRlVsAZjKFHBw5FkLJ6ChDQWNiJIIYYxWrglm8pXHYMvUgsUmkXECveqNwPB+ewyJo9G2ORvXA7wweobJ3mHvQM5Pk+Y5UyYaYeNBkLIwxQwWNMKkLAy0rkcEqrUC0grCjTAkhqJ29EKzQXVRkXZvchKpAZ0LKJCD9UDK2ZY5VMrCskUYODNcpJQxEiSLEORNRIIZY1GEe0XHC8x1XEMmYp6hgiPeKsg4CN6cybzHoCpyQxpoUEYMvChlkVg8jKXsRakNxFVhYGmhcgMBQiRYFa6ilEGzIjR2UEZIiQEhqJ6sXItKLYCbbcEbsrpADw1RODXZdDxt01uSKLcUwgHMOV1W4sSnpbc42mJcQziu2Mp/ZWv4FZFXJYFLKpQ+pAXKp9FLR4...", "firstName":"alireza", "lastName":"behnam shivaa", "contactNumber":"093612121212", "address":"Tehran", "country":"", "stateOrProvince":"", "postalCode":"" }, "userId":3, "_socketId":"0-8VfLQiiw3VKklbAF36", "topic":"uibuilder", "_msgid":"e68ebc025e72bac2" } </code></pre> </div> <ul> <li>Update user’s profile : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// Extract full profile object from incoming payload let incomingProfile = { ...msg.profile }; // Extract email from the profile let incomingEmail = incomingProfile.email; // Remove email from the profile object delete incomingProfile.email; delete incomingProfile.userId, delete incomingProfile.roles, msg.collection = "Users"; msg.operation = "updateOne"; msg.payload = [ { userId: msg.userId }, { $set: { fullName: incomingProfile.firstName + " " + incomingProfile.lastName, profile: incomingProfile, email: incomingEmail } }, ]; return msg; </code></pre> </div> <ul> <li>Response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.response = { status: "success", action: "editProfile", message: "Profile Edited Successfully" } return msg; </code></pre> </div> <h3> f.13. Update Avatar </h3> <p>User can choose an avatar for his profile .</p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type":"updateAvatar", "auth":{ "userToken":"mhupsks27wni63rj", "clientId":"z8QDDMrSqr84FjT4wYXF8" }, "userId":3, "avatarBase64":"base64", "_socketId":"ktiYPapIW7VSqRg_ABUl", "topic":"uibuilder", "_msgid":"ef18831dc149fa03" } </code></pre> </div> <ul> <li>Update user’s avatar : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Users"; msg.operation = "updateOne"; msg.payload = [ { userId: msg.userId }, { $set: { "profile.avatarUrl": msg.avatarBase64 } } ]; return msg; </code></pre> </div> <ul> <li>Update requests avatar ⇒ each request hold the creator avatar : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Requests"; msg.operation = "updateMany"; msg.payload = [ { "createdBy.userId": msg.userId }, { $set: { "createdBy.avatarUrl": msg.avatarBase64 } }, { upsert: false } ]; return msg; </code></pre> </div> <ul> <li>Response : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "status": "success", "action": "uploadAvatar", "message": "Avatar Uploaded Successfully" } </code></pre> </div> <h3> f.14. Logout </h3> <p>Users can click on log out button and move to login page :</p> <ul> <li>Request : </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>{ "type":"logOut", "auth":{ "userToken":"mhupsks27wni63rj", "clientId":"z8QDDMrSqr84FjT4wYXF8" }, "_socketId":"ktiYPapIW7VSqRg_ABUl", "topic":"uibuilder", "_msgid":"94699ce606f7b1e8" } </code></pre> </div> <ul> <li>logout user : the user’s token is removed when he logs out </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>msg.collection = "Users" msg.operation = "updateOne" msg.payload = [ { token: msg.auth.userToken }, { $unset: { token: "", expiresAt: "" } }, { upsert: false } ]; return msg; </code></pre> </div> <h2> Database </h2> <p>Mongodb is the primary DB to store and fetch data . node-red-contrib-mongodb4 node is used to connect the flows to remote mongodb cluster . </p> <h3> Collections </h3> <p>For trusted cloud database we use 5 collections :</p> <ol> <li> <p>Users</p> <p>Stores user accounts, authentication tokens, roles, and profile information. This collection holds all core identity and authorization data for the platform.</p> </li> <li> <p>Requests</p> <p>Contains all onboarding requests created by Applicants. It also stores review information from Auditors and Approvers, including decisions, comments, and status updates throughout the request lifecycle.</p> </li> <li> <p>Drafts</p> <p>Maintains partially completed or unsubmitted onboarding requests. This allows Applicants to save progress and continue their request at a later time.</p> </li> <li> <p>ResetPasswordCodes</p> <p>Temporarily stores verification codes sent to users who initiate the password reset process. These codes are short‑lived and cleared after use or expiration.</p> </li> <li> <p>EmailVerificationCodes</p> <p>Temporarily stores email verification codes used during the account creation (sign‑up) process. These entries ensure that only verified email addresses can be used to create an account.</p> <h3> Documents : </h3> <p>There is not any strict schema for our 3 entities :</p> </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>- User - Request - Draft But the list below contains a document sample for each entity : - User Document : </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>``` { "clientId": "Dk8lxo_zsPDSWQXPaHIPb", "fullName": "Alireza", "email": "alirezabsh.apps@gmail.com", "password": "$2a$10$cT597OKUwbSPwRUgxxiUZOm9B4NUbj5iOcwMd83dBrh1HdtN4bGgm", "roles": [ "Admin" ], "userId": 28, "profile": { "avatarUrl": "./images/user-avatar.png", "firstName": "Alireza", "lastName": "", "contactNumber": "", "address": "", "country": "", "stateOrProvince": "", "postalCode": "" }, "createdAt": { "$date": "2025-11-27T09:14:02.872Z" }, "apiToken": "min4qva8th8v57se", "expiresAt": { "$date": "2025-12-14T06:07:36.465Z" }, "token": "mivbm87ltlqrgokc" } ``` </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>- Request Document : </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>``` { "_id": objectId('692ee990bd184710aa45faa5'), "requestId": 4, "createdBy": obj, "companyDetails": obj, "priority": "low", "status": "Approved", "archive": true, "timeEstimation": "10 business day", "auditInfo": Array, "approveInfo": Array, "createdAt": Date(), "decisionHistory" : Array } ``` </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>- Draft Document : </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>``` { "_id": objectId('692ee990bd184710aa45faa5'), "requestId": 254634, "email" : "applicant@gmail.com", companyDetails : obj } ``` </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>### TTL Index : We use A TTL Index on expiry field inside EmailVerificationCodes and ResetPasswordCodes collections which deletes the document automatically after 2 minutes. ### Index : A index is used for the fields which are most used by queries - Users Collection ⇒ index on ⇒ token - userId - email fields - Requests Collection ⇒ index on ⇒ createdBy.userId - requestId fields - Drafts Collection ⇒ index on ⇒ email , requestId fields - EmailVerificationCodes &amp; ResetPasswordCodes collections ⇒ index on ⇒ email field </code></pre> </div> backend architecture mongodb node