feat!: Account linking (#670)

* account linking changes (#425)

* account linking changes

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/session/sessionClass.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/session/sessionFunctions.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* code review changes

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* code review changes

* code review changes

* code review changes

* code review changes

* code review changes

* Update lib/ts/recipe/session/sessionFunctions.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Recipe interface changes regarding account-linking (#439)

* EP recipe interface changes regarding account-linking

* Update lib/ts/recipe/emailpassword/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/emailpassword/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/emailpassword/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* Update lib/ts/recipe/emailpassword/api/implementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/emailpassword/api/implementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/emailpassword/api/implementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/emailpassword/api/implementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/emailpassword/api/implementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/emailpassword/api/implementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* Update lib/ts/recipe/emailpassword/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/thirdpartyemailpassword/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* thirdparty interface changes regarding account-linking (#443)

* thirdparty interface changes regarding account-linking

* Update lib/ts/recipe/thirdparty/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* code review changes

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* passwordless interface changes for account linking (#444)

* passwordless interface changes for account linking

* code review changes

* feat: Account linking interface update (#463)

* recipe interface changes for account linking

* user context update

* types update

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* feat: Account linking recipe implementation (#466)

* recipe interface changes for account linking

* account linking implementation

* user context update

* code udpate

* types update

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* return type update

* index file updated

* merge with account-linking interface

* Update lib/ts/recipe/accountlinking/recipeImplementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* Update lib/ts/recipe/accountlinking/recipeImplementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* code review changes

* code review changes

* code review changes

* review changes

* recipeImplementation types update

* merge with 13.0

* recipe implementation update

* changes to dashboard recipe types

* removes unnecessary functions exposed from account linking recipe

* adds a precautionary check

* small change

* Update lib/ts/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/index.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/supertokens.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/dashboard/api/usersGet.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/index.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/index.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/index.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* mark email as verify if it is already verified in either primary user or the current recipe user

* fixes and refactors

* account linking: fixes bugs and refactors (#498)

* fixes bugs and refactors

* small refactors and fixes

* small refactor

* small type changes

* review changes

* removes redundant check

* account linking: removes ANOTHER from canCreatePrimaryUserId status return type (#500)

* removes ANOTHER from canCreatePrimaryUserId status return type

* small change related to status change in primary user id creation

* change to canLinkAccounts

* Update lib/ts/recipe/accountlinking/recipeImplementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipeImplementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

---------

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* chore: Account linking general refactor (#541)

* Refactor status

* Refactor unlink accounts return type

* Move marking emails as verified logic to link accounts

* Refactor

* Rename ACCOUNT_INFO_ALREADY_LINKED_WITH_ANOTHER_PRIMARY_USER_ID_ERROR

* fixes review comments

---------

Co-authored-by: rishabhpoddar <rishabh.poddar@gmail.com>

* more review comment changes

* type changes

* feat: Emailpassword accountlinking (#501)

* recipe interface changes for account linking

* account linking implementation

* user context update

* code udpate

* types update

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* return type update

* index file updated

* merge with account-linking interface

* Update lib/ts/recipe/accountlinking/recipeImplementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* Update lib/ts/recipe/accountlinking/recipeImplementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* code review changes

* code review changes

* code review changes

* review changes

* sign-up post login updated

* sign-up post login updated

* sign-up API implementation update

* import update

* function import update

* changes in signup recipeimplementation

* recipeImplementation types update

* merge with 13.0

* merge with account-linking implementation

* recipe implementation update

* account linking claim

* changes to dashboard recipe types

* removes unnecessary functions exposed from account linking recipe

* adds a precautionary check

* small change

* Update lib/ts/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/index.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/supertokens.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/dashboard/api/usersGet.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/index.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/index.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/index.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* mark email as verify if it is already verified in either primary user or the current recipe user

* fixes and refactors

* account linking: fixes bugs and refactors (#498)

* fixes bugs and refactors

* small refactors and fixes

* small refactor

* small type changes

* review changes

* removes redundant check

* account linking: removes ANOTHER from canCreatePrimaryUserId status return type (#500)

* removes ANOTHER from canCreatePrimaryUserId status return type

* small change related to status change in primary user id creation

* change to canLinkAccounts

* Update lib/ts/recipe/accountlinking/recipeImplementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipeImplementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* review changes

* createdNewUser changes

* adds comments

* fixes

* review changes (#511)

* more changes

* small changes

* small changes

* small changes

* Update lib/ts/recipe/emailpassword/api/implementation.ts

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* more fixes - ts still not compiling

* fixes all ts issues

---------

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* merges with latest (#559)

* Emailverification accountlinking (#528)

* email verification recipe changes for account linking

* email verification recipe changes for account linking

* email verification recipe changes for account linking

* recipe interface changes for account linking

* account linking implementation

* user context update

* code udpate

* types update

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/types.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* return type update

* index file updated

* merge with account-linking interface

* Update lib/ts/recipe/accountlinking/recipeImplementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* Update lib/ts/recipe/accountlinking/recipeImplementation.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* Update lib/ts/recipe/accountlinking/recipe.ts

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* code review changes

* code review changes

* code review changes

* code review changes

* review changes

* sign-up post login updated

* sign-up post login updated

* sign-up API implementation update

* updating email verification api implementation

* import update

* function import update

* changes in signup recipeimplementation

* email verify get changes

* recipeImplementation types update

* merge with 13.0

* merge with account-linking implementation

* merge with 13.0

* recipe implementation update

* account linking claim

* session claim update

* session claim update

* merges with latest

* more changes

* more changes

* removes account linking claim post linkAccounts or createPrimaryUser function call

* refactor

* small change

* small change

* exposes help functions in account linking recipe

* refactor and works on generate email verification token API

* completes generate email verification token API

* adds todos

* more changes

* refactor

* removes unnecessary function from recipes

* resolves a few todos

* fixes dashboard api for email verification

* fixes an issue where we tried linking account even in email verify get API

* adds account linking in very email recipe function

---------

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* merges (#560)

* merges

* rebuilds docs

* builds pretty

* Account linking test fixes (#566)

* gets tests to run

* resets account linking between tests

* fixes a test

* adds mocking for a few APIs

* more fixes

* fixes more bugs

* fixes a test

* fixes more tests

* fixes a small bug

* enforces normlised checks when comparing account info in logic

* fixes a test

* fixes a few more tests

* fixes more tests

* fixes more tests

* fixes more tests

* more test fixes

* more test fixes

* more change

* fixes more tests

* more changes

* adds id and recipeId to email verification sendEmail function

* test fix

* fixes more tests

* fixes more tests

* fixes more tests

* more test fixes

* fixes more tests

* fixes more tests

* fixes more tests

* more test fixes

* fixes more tests

* more test fixes

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* small change to a test

* fixes more tests

* fixes more tests

* some type changes

* fixes cyclic dependency test

* edits github acount to allow mocking

* Account linking recipe primary user id types (#568)

* WIP - fixes a few bugs, and adds adds the concept of a recipeUserId type

* gets everything to compile

* modifies tests

* fixes tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes a test

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests and adds a toJson function in the user object to convert recipe user id object type to a string in the json response

* fixes more tests

* fixes issue with allowing emial password sign up for a primary email

* renames an API function name

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* Account linking tests (#572)

* removes unnecessary recipe functions

* adds primary user creation test'

* adds test todos

* adds test todos

* adds more tests

* adds more tests

* adds more tests

* more tests

* more tests

* more tests

* adds more tests

* more mocking

* more tests

* more tests

* adds more tests

* removes normalisedInputMap structure

* more tests

* adds more tests

* changes impl of does email exist

* more tests

* adds more tests

* adds more tests

* more changes

* adds auto marking of email verification based on linking

* adds more tests

* more tests

* remove a todo

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* fixes a bug + adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* changes path of API

* small changes to dashboard related APIs

* fixes a bug and adds more tests

* adds more tests

* adds more tests

* more tests

* more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests and adds recipe user id to password reset email send email function

* moves check for isSignUpAllowed to api layer

* renames a variable

* adds more checks to allowSignUp function

* modifies update email or password function

* more tests

* more tests

* adds comments

* adds more tests

* adds more tests

* adds comments

* adds test cases skeleton

* adds one test for password reset

* adds more tests

* adds more tests

* adds more tests

* more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* enhances tests

* starts working on session tests

* fixes a test

* adds more tests

* adds more tests

* renames a function

* adds more tests

* more tests

* adds more tests

* adds more tests

* adds a TODO

* adds more tests

* removes unnecessary call to a function in email verification recipe

* adds more tests

* add new tests

* add new tests

* adds more tests

* adds more tests

* adds more tests

* removes use of account linking claim (#577)

* removes use of account linking claim

* starts working on modifying tests

* changes output of one API

* changes output of an API

* modifies tests

* fixes tests

* fixes tests

* fixes tests

* fixes more tests

* adds mock reset to make tests pass

* account linking third party (#579)

* starts working on type changes

* makes more progress

* refactors a lot of code

* gets everything to compile

* starts fixing tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* fixes more tests

* removes unnecessary code

* fixes more tests

* fixes more tests

* fixes more tests

* more tests

* adds more checks

* more tests

* adds more tests

* more tests

* removes unnecessary code

* adds more tests

* changes status type to make it more clear

* adds new param to listUsersByAccountInfo

* more changes

* adds more tests

* fixes an issue

* adds more comments

* more changes

* more changes

* more changes

* more changes

* fixes a test

* changes

* changes

* changes

* adds comments and tests

* adds more tests

* renames a var

* modifies API spec a bit

* adds more tests

* adds more tests

* removes post sessison account linking API but keeps the function

* adds a few more checks

* fixes a few bugs

* fixes tests

* removes unneeded check

* changes to sign in flow for third party and email password to check for email verification (#584)

* adds missing checks

* more changes

* adds function for isSignInAllowed

* adds isEmailVerified function

* more refactor

* adds a TODO

* more changes

* completes more todos

* finishes more todos

* adds account linking during sign in as well

* more refactors

* changes a comment

* small changes

* fixes a cyclic dependency issue

* fixes a test

* fixes tests

* fixes a bug

* more test fixes

* more changes

* fixes tests

* fixes more tests

* more changes

* fixes tests

* adds a new test

* bug fixes

* fixes cyclic dependency issues

* more fixes

* adds more tests

* adds more tests

* adds a comment

* adds more tests

* more tests

* more changes

* more tests

* adds tests and fixes a bug

* adds more tests

* adds more tests

* adds more tests

* adds more tests

* more tests

* adds more tests

* fixes a test

* removes unnecessary console log

* fixes a bug

* a few fixes and edge cases

* small bug fix

* removes unused function

* small changes

* feat: smaller test&test based fixes for merge issues

* feat: implement passwordless in account-linking  (#664)

* feat(account-linking): modify passwordless to support account-linking

* refactor: move email verification into recipe impl + extend tests

* feat: smaller test&test based fixes

* feat: integrate with CDI 4.0 (#665)

* feat(account-linking): modify passwordless to support account-linking

* refactor: move email verification into recipe impl + extend tests

* feat: smaller test&test based fixes

* feat: removed account-to-link table related functions/props

* fix: cleanup & test fixing

* feat: fix core integration

* test: update tests to match interface after account-linking

* fix: minor fix for getsession api in dashboard recipe (#666)

* minor fix for getsession api in dashboard recipe

* build again to remove logs

* fix: add missing serialization in userDetailsGET

* feat: fixing checklist items (#669)

* feat(account-linking): modify passwordless to support account-linking

* refactor: move email verification into recipe impl + extend tests

* feat: smaller test&test based fixes

* feat: removed account-to-link table related functions/props

* fix: cleanup & test fixing

* feat: fix core integration

* test: update tests to match interface after account-linking

* feat: removed unused session parameter from shouldDoAccountLinkingResponse

* feat: add the linked user to the linkAccounts results

* feat: make userContext normalization more consistent

* test: check that passwordless.consumeCode marks the email as verified

* feat: make updatePasswordlessUser condition consistent with updateEmailOrPassword

* test: add test to check that rsub is present in the front-token

* feat: update unlinkAccount return type

* feat: remove all mockCore files

* feat: extend pwless testing, re-add missing changes

* feat: checklist progress + updated/extended tests

* test: extended account linking tests based on the checklist

* feat: add some error codes to messages including contact support

* feat: Account unlink endpoint for dashboard (#674)

* unlink api for dashboard

* run build

* added removed tests back

* minor typo fix

* changed usage for recipeUserId

* feat(account_linkig): optimize to have less core calls/update interfaces (#675)

* feat: added tenantId to accountlinking callbacks

* WIP

* feat: export the RecipeUserId class

* feat: add tenantId to listUsersByAccountInfo

* feat: rename createdNewUser to createdNewRecipeUser in the node interfaces

* feat: optimize account linking operations by reusing user objects

* feat: further optimizations& renames

* feat: self review fixes

* chore: add changelog

* feat: further optimization

* feat: remove/reorder tenantId params in account linking

* feat: remove unnecessary tenantId param from pwless updateUser

* feat: add compatibility with older FDI + review comments

* docs: expand with-typescript to use AccountLinking functions

* chore: update changelog and version

* feat: re-user verified info from user object in isSignInAllowed

* test: add account linking-multitenancy interaction tests

* fix: fix typo

* fix: undo createNewRecipe rename on the CDI

* test: extend dashboard tests w/ possible bug reports

* feat: added an extra check for empty string when getting userId from querystring in dashboard APIs

* feat: remove unnecessary code and update tests & types

---------

Co-authored-by: Mihaly Lengyel <mihaly@lengyel.tech>

* test: test util improvements

* docs: moved account-linking example app to auth-react

* feat: update error codes

* fix: emailExistsGET should check if the login method has the right email

* feat: allow sign-in in more cases

* feat: remove EMAIL_ALREADY_USED_IN_ANOTHER_ACCOUNT

* feat: update types based on CDI changes

* feat: ignore protected props in createNewSession* (#690)

* feat: update return type of update user in pwless

* feat: add separate error codes for sign in/up not allowed in EP

* fix: make connection refused detection in querier a bit more general

* feat: remove tenantId from isEmailChangeAllowed inputs

* feat: make user (dis)association fns take recipeUserId instead of userId

* test: update tests for new behaviour + some cleanup

* fix: fix returning SIGN_UP_NOT_ALLOWED to the client

* fix: update the error message for ERR_CODE_007

* feat: remove DISASSOCIATION_NOT_ALLOWED_ERROR

* chore: update changelog

* feat: update param name to match CDI

* chore: bump dashboard version

* fix: update types based on the CDI

* test: update tests

* test: update auth-react-server for tests

* test: update test server to better handle in-memory tests

* chore: extended changelog

* test: update integration test server

* test: add an extended test checking if protected props are ignored in createNewSession

* fix: return FIELD_ERROR even if AL is on if there is a conflicting EP user in EP sign up

* Apply suggestions from code review

Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>

* docs: extended changelog & implemented review comments

* docs: make migration guide more consistent

* Update .github/PULL_REQUEST_TEMPLATE.md

---------

Co-authored-by: Bhumil Sarvaiya <sarvaiyabhumil@gmail.com>
Co-authored-by: Rishabh Poddar <rishabh.poddar@gmail.com>
Co-authored-by: Nemi Shah <nemishah1212@gmail.com>
Co-authored-by: Iresh Sharma <32684272+iresharma@users.noreply.github.com>

CHANGELOG.md

@@ -7,6 +7,239 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [16.0.0] - 2023-08-XX
+
+### Overview
+
+#### Introducing account-linking
+
+With this release, we are introducing a new AccountLinking recipe, this will let you:
+
+-   link accounts automatically,
+-   implement manual account linking flows.
+
+Check our [guide](https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/account-linking/overview) for more information.
+
+To use this you'll need compatible versions:
+
+-   Core>=7.0.0
+-   supertokens-node>=16.0.0 (support is pending in other backend SDKs)
+-   supertokens-website>=17.0.3
+-   supertokens-web-js>=0.8.0
+-   supertokens-auth-react>=0.35.0
+
+#### The new User object and primary vs non-primary users
+
+In this release, we've removed the recipes specific user types and instead introduced a new `User` class to support the "Primary user" concept introduced by account linking
+
+-   The new `User` class now provides the same interface for all recipes.
+-   It contains an `isPrimary` field that you can use to differentiate between primary and recipe users
+-   The `loginMethods` array contains objects that covers all props of the old (recipe specific) user types, with the exception of the id. Please check the migration section below to get the exact mapping between old and new props.
+-   Non-primary users:
+    -   The `loginMethods` array should contain exactly 1 element.
+    -   `user.id` will be the same as `user.loginMethods[0].recipeUserId.getAsString()`.
+    -   `user.id` will change if it is linked to another user.
+    -   They can become a primary user if, and only if there are no other primary users with the same email, third party info or phone number as this user across all the tenants that this user is a part of.
+-   Primary users
+    -   The `loginMethods` array can have 1 or more elements, each corresponding to a single recipe user.
+    -   `user.id` will not change even if other users are linked to it.
+    -   Other non-primary users can be linked to it. The user ID of the linked accounts will now be the primary users ID.
+-   Check [here](https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/account-linking/overview#primary-user-vs-non-primary-user) for more information about differences between primary and recipe users.
+
+#### Primary vs RecipeUserId
+
+Because of account linking we've introduced a new Primary user concept (see above). In most cases, you should only use the primary user id (`user.id` or `session.getUserId()`) if you are associating data to users. Still, in some cases you need to specifically refer to a login method, which is covered by the new `RecipeUserId` class:
+
+-   You can get it:
+    -   From a session by: `session.getRecipeUserId()`.
+    -   By finding the appropriate entry in the `loginMethods` array of a `User` object (see above): `user.loginMethods[0].recipeUserId`.
+-   It wraps a simple string value that you can get by calling `recipeUserId.getAsString()`.
+-   We've introduced it to differentiate between primary and recipe user ids in our APIs on a type level.
+-   Check [here](https://supertokens.com/docs/thirdpartyemailpassword/user-object#primary-vs-recipe-user-id) for more information.
+
+### Breaking changes
+
+-   Now only supporting CDI 4.0. Compatible with core version >= 7.0
+-   Now supporting FDI 1.18
+-   Removed the recipe specific `User` type, now all functions are using the new generic `User` type.
+    -   Check [here](https://supertokens.com/docs/thirdpartyemailpassword/user-object) for more information.
+-   The `build` function and the `fetchValue` callback of session claims now take a new `recipeUserId` param.
+    -   This affects built-in claims: `EmailVerificationClaim`, `UserRoleClaim`, `PermissionClaim`, `AllowedDomainsClaim`.
+    -   This will affect all custom claims as well built on our base classes.
+-   Now ignoring protected props in the payload in `createNewSession` and `createNewSessionWithoutRequestResponse`
+-   `createdNewUser` has been renamed to `createdNewRecipeUser` in sign up related APIs and functions
+
+-   EmailPassword:
+    -   removed `getUserById`, `getUserByEmail`. You should use `supertokens.getUser`, and `supertokens. listUsersByAccountInfo` instead
+    -   added `consumePasswordResetToken`. This function allows the consumption of the reset password token without changing the password. It will return OK if the token was valid.
+    -   added an overrideable `createNewRecipeUser` function that is called during sign up and password reset flow (in case a new email password user is being created on the fly). This is mostly for internal use.
+    -   `recipeUserId` is added to the input of `getContent` of the email delivery config
+    -   `email` was added to the input of `createResetPasswordToken` , `sendResetPasswordEmail`, `createResetPasswordLink`
+    -   `updateEmailOrPassword` :
+        -   now takes `recipeUserId` instead of `userId`
+        -   can return the new `EMAIL_CHANGE_NOT_ALLOWED_ERROR` status
+    -   `signIn`:
+        -   returns new `recipeUserId` prop in the `status: OK` case
+    -   `signUp`:
+        -   returns new `recipeUserId` prop in the `status: OK` case
+    -   `signInPOST`:
+        -   can return status `SIGN_IN_NOT_ALLOWED`
+    -   `signUpPOST`:
+        -   can return status `SIGN_UP_NOT_ALLOWED`
+    -   `generatePasswordResetTokenPOST`:
+        -   can now return `PASSWORD_RESET_NOT_ALLOWED`
+    -   `passwordResetPOST`:
+        -   now returns the `user` and the `email` whose password was reset
+        -   can now return `PASSWORD_POLICY_VIOLATED_ERROR`
+-   EmailVerification:
+    -   `createEmailVerificationToken`, `createEmailVerificationLink`, `isEmailVerified`, `revokeEmailVerificationTokens` , `unverifyEmail`:
+        -   now takes `recipeUserId` instead of `userId`
+    -   `sendEmailVerificationEmail` :
+        -   now takes an additional `recipeUserId` parameter
+    -   `verifyEmailUsingToken`:
+        -   now takes a new `attemptAccountLinking` parameter
+        -   returns the `recipeUserId` instead of `id`
+    -   `sendEmail` now requires a new `recipeUserId` as part of the user info
+    -   `getEmailForUserId` config option was renamed to `getEmailForRecipeUserId`
+    -   `verifyEmailPOST`, `generateEmailVerifyTokenPOST`: returns an optional `newSession` in case the current user session needs to be updated
+-   Passwordless:
+    -   removed `getUserById`, `getUserByEmail`, `getUserByPhoneNumber`
+    -   `updateUser` :
+        -   now takes `recipeUserId` instead of `userId`
+        -   can return `"EMAIL_CHANGE_NOT_ALLOWED_ERROR` and `PHONE_NUMBER_CHANGE_NOT_ALLOWED_ERROR` statuses
+    -   `createCodePOST` and `consumeCodePOST` can now return `SIGN_IN_UP_NOT_ALLOWED`
+-   Session:
+    -   access tokens and session objects now contain the recipe user id
+    -   Support for new access token version
+    -   `recipeUserId` is now added to the payload of the `TOKEN_THEFT_DETECTED` error
+    -   `createNewSession`: now takes `recipeUserId` instead of `userId`
+    -   Removed `validateClaimsInJWTPayload`
+    -   `revokeAllSessionsForUser` now takes an optional `revokeSessionsForLinkedAccounts` param
+    -   `getAllSessionHandlesForUser` now takes an optional `fetchSessionsForAllLinkedAccounts` param
+    -   `regenerateAccessToken` return value now includes `recipeUserId`
+    -   `getGlobalClaimValidators` and `validateClaims` now get a new `recipeUserId` param
+    -   Added `getRecipeUserId` to the session class
+-   ThirdParty:
+    -   The `signInUp` override:
+        -   gets a new `isVerified` param
+        -   can return new status: `SIGN_IN_UP_NOT_ALLOWED`
+    -   `manuallyCreateOrUpdateUser`:
+        -   gets a new `isVerified` param
+        -   can return new statuses: `EMAIL_CHANGE_NOT_ALLOWED_ERROR`, `SIGN_IN_UP_NOT_ALLOWED`
+    -   Removed `getUserByThirdPartyInfo`, `getUsersByEmail`, `getUserById`
+    -   `signInUpPOST` can now return `SIGN_IN_UP_NOT_ALLOWED`
+-   ThirdPartyEmailPassword:
+    -   Removed `getUserByThirdPartyInfo`, `getUsersByEmail`, `getUserById`
+    -   `thirdPartyManuallyCreateOrUpdateUser`:
+        -   now get a new `isVerified` param
+        -   can return new statuses: `EMAIL_CHANGE_NOT_ALLOWED_ERROR`, `SIGN_IN_UP_NOT_ALLOWED`
+    -   The `thirdPartySignInUp` override:
+        -   now get a new `isVerified` param
+        -   can return new status: `SIGN_IN_UP_NOT_ALLOWED`
+    -   `email` was added to the input of `createResetPasswordToken` , `sendResetPasswordEmail`, `createResetPasswordLink`
+    -   added an overrideable `createNewEmailPasswordRecipeUser` function that is called during email password sign up and in the “invitation link” flow
+    -   added `consumePasswordResetToken`
+    -   `updateEmailOrPassword` :
+        -   now takes `recipeUserId` instead of `userId`
+        -   can return the new `EMAIL_CHANGE_NOT_ALLOWED_ERROR` status
+    -   added an overrideable `createNewEmailPasswordRecipeUser` function that is called during sign up and in the “invitation link” flow
+    -   `emailPasswordSignIn`:
+        -   returns new `recipeUserId` prop in the `status: OK` case
+    -   `emailPasswordSignUp`:
+        -   returns new `recipeUserId` prop in the `status: OK` case
+    -   `emailPasswordSignInPOST`:
+        -   can return status `SIGN_IN_NOT_ALLOWED`
+    -   `emailPasswordSignUpPOST`:
+        -   can return status `SIGN_UP_NOT_ALLOWED`
+    -   `generatePasswordResetTokenPOST`:
+        -   can now return `PASSWORD_RESET_NOT_ALLOWED`
+    -   `passwordResetPOST`:
+        -   now returns the `user` and the `email` whose password was reset
+        -   can now return `PASSWORD_POLICY_VIOLATED_ERROR`
+    -   `thirdPartySignInUpPOST` can now return `SIGN_IN_UP_NOT_ALLOWED`
+-   ThirdPartyPasswordless:
+    -   Removed `getUserByThirdPartyInfo`, `getUsersByEmail`, `getUserByPhoneNumber`, `getUserById`
+    -   `thirdPartyManuallyCreateOrUpdateUser`:
+        -   gets a new `isVerified` param
+        -   can return new statuses: `EMAIL_CHANGE_NOT_ALLOWED_ERROR`, `SIGN_IN_UP_NOT_ALLOWED`
+    -   The `thirdPartySignInUp` override:
+        -   gets a new `isVerified` param
+        -   can return new status: `SIGN_IN_UP_NOT_ALLOWED`
+    -   `updatePasswordlessUser`:
+        -   now takes `recipeUserId` instead of `userId`
+        -   can return `"EMAIL_CHANGE_NOT_ALLOWED_ERROR` and `PHONE_NUMBER_CHANGE_NOT_ALLOWED_ERROR` statuses
+    -   `thirdPartySignInUpPOST` can now return `SIGN_IN_UP_NOT_ALLOWED`
+    -   `createCodePOST` and `consumeCodePOST` can now return `SIGN_IN_UP_NOT_ALLOWED`
+-   Multitenancy:
+    -   `associateUserToTenant` can now return `ASSOCIATION_NOT_ALLOWED_ERROR`
+    -   `associateUserToTenant` and `disassociateUserFromTenant` now take `RecipeUserId` instead of a string user id
+
+### Changes
+
+-   Added `RecipeUserId` and a generic `User` class
+-   Added `getUser`, `listUsersByAccountInfo`, `convertToRecipeUserId` to the main exports
+-   Updated compilation target of typescript to ES2017 to make debugging easier.
+-   Added account-linking recipe
+
+### Migration guide
+
+#### New User structure
+
+We've added a generic `User` class instead of the old recipe specific ones. The mapping of old props to new in case you are not using account-linking:
+
+-   `user.id` stays `user.id` (or `user.loginMethods[0].recipeUserId` in case you need `RecipeUserId`)
+-   `user.email` becomes `user.emails[0]`
+-   `user.phoneNumber` becomes `user.phoneNumbers[0]`
+-   `user.thirdParty` becomes `user.thirdParty[0]`
+-   `user.timeJoined` is still `user.timeJoined`
+-   `user.tenantIds` is still `user.tenantIds`
+
+#### RecipeUserId
+
+Some functions now require you to pass a `RecipeUserId` instead of a string user id. If you are using our auth recipes, you can find the recipeUserId as: `user.loginMethods[0].recipeUserId` (you'll need to worry about selecting the right login method after enabling account linking). Alternatively, if you already have a string user id you can convert it to a `RecipeUserId` using `supertokens.convertToRecipeUserId(userIdString)`
+
+#### Checking if a user signed up or signed in
+
+-   In the passwordless consumeCode / social login signinup APIs, you can check if a user signed up by:
+
+```
+    // Here res refers to the result the function/api functions mentioned above.
+    const isNewUser = res.createdNewRecipeUser && res.user.loginMethods.length === 1;
+```
+
+-   In the emailpassword sign up API, you can check if a user signed up by:
+
+```
+    const isNewUser = res.user.loginMethods.length === 1;
+```
+
+#### Changing user emails
+
+-   We recommend that you check if the email change of a user is allowed, before calling the update function
+    -   Check [here](https://supertokens.com/docs/thirdpartyemailpassword/common-customizations/change-email-post-login) for more information
+
+```
+import {isEmailChangeAllowed} from "supertokens-node/recipe/accountlinking";
+/// ...
+app.post("/change-email", verifySession(), async (req: SessionRequest, res: express.Response) => {
+    let session = req.session!;
+    let email = req.body.email;
+
+    // ...
+    if (!(await isEmailChangeAllowed(session.getRecipeUserId(), email, false))) {
+        // this can come here if you have enabled the account linking feature, and
+        // if there is a security risk in changing this user's email.
+    }
+
+    // Update the email
+    let resp = await ThirdPartyEmailPassword.updateEmailOrPassword({
+        recipeUserId: session.getRecipeUserId(),
+        email: email,
+    });
+    // ...
+});
+```
+
 ## [15.2.0] - 2023-09-11
 
 ### Added

coreDriverInterfaceSupported.json

@@ -1,4 +1,4 @@
 {
     "_comment": "contains a list of core-driver interfaces branch names that this core supports",
-    "versions": ["3.0"]
+    "versions": ["4.0"]
 }