merge dev to main (#208)

Co-authored-by: Nicolai Ort <info@nicolai-ort.com>
Reviewed-on: #208
Co-authored-by: Philipp Dormann <philipp@philippdormann.de>
Co-committed-by: Philipp Dormann <philipp@philippdormann.de>

.drone.yml

@@ -1,6 +1,42 @@
+---
+kind: secret
+name: docker_username
+get:
+  path: odit-registry-builder
+  name: username
+
+---
+kind: secret
+name: docker_password
+get:
+  path: odit-registry-builder
+  name: password
+
+---
+kind: secret
+name: git_ssh
+get:
+  path: odit-git-bot
+  name: sshkey
+
+---
+kind: secret
+name: ci_token
+get:
+  path: odit-ci-bot
+  name: apikey
+
+---
+kind: secret
+name: npm_url
+get:
+  path: odit-npm-cache
+  name: url
+
 ---
 kind: pipeline
-name: tests:node_latest
+type: kubernetes
+name: tests:node
 clone:
   disable: true
 steps:
@@ -10,17 +46,21 @@ steps:
       - git clone $DRONE_REMOTE_URL .
       - git checkout $DRONE_SOURCE_BRANCH
   - name: run tests
-    image: node:latest
+    image: registry.odit.services/hub/library/node:19.5.0-alpine3.16
     commands:
-      - yarn
-      - yarn test:ci
+      - npm config set registry $NPM_REGISTRY_URL && npm i -g pnpm@8
+      - pnpm i
+      - pnpm test:ci
+    environment:
+      NPM_REGISTRY_URL:
+        from_secret: npm_url
 trigger:
   event:
     - pull_request
 
 ---
 kind: pipeline
-type: docker
+type: kubernetes
 name: build:dev
 clone:
   disable: true
@@ -32,52 +72,21 @@ steps:
       - git clone $DRONE_REMOTE_URL .
       - git checkout dev
   - name: build dev
-    image: plugins/docker
-    depends_on: [clone]
+    depends_on: ["clone"]
+    image: registry.odit.services/library/drone-kaniko
     settings:
       username:
-        from_secret: DOCKER_REGISTRY_USER
+        from_secret: docker_username
       password:
-        from_secret: DOCKER_REGISTRY_PASSWORD
-      repo: registry.odit.services/lfk/backend
+        from_secret: docker_password
+      build_args:
+        - NPM_REGISTRY_URL:
+          from_secret: npm_url
+      repo: lfk/backend
       tags:
         - dev
+      cache: true
       registry: registry.odit.services
-  - name: run changelog export
-    depends_on: ["clone"]
-    image: node:latest
-    commands:
-      - npx auto-changelog --commit-limit false -p -u --hide-credit
-  - name: push new changelog to repo
-    depends_on: ["run changelog export"]
-    image: appleboy/drone-git-push
-    settings:
-      branch: dev
-      commit: true
-      commit_message: 🧾New changelog file version [CI SKIP] [skip ci]
-      author_email: bot@odit.services
-      remote: git@git.odit.services:lfk/backend.git
-      ssh_key:
-        from_secret: GITLAB_SSHKEY
-  - name: run full license export
-    depends_on: ["clone"]
-    image: node:14.15.1-alpine3.12
-    commands:
-      - yarn
-      - yarn licenses:export
-  - name: push new licenses file to repo
-    depends_on: ["run full license export"]
-    image: appleboy/drone-git-push
-    settings:
-      branch: dev
-      commit: true
-      commit_message: 📖New license file version [CI SKIP] [skip ci]
-      author_email: bot@odit.services
-      remote: git@git.odit.services:lfk/backend.git
-      skip_verify: true
-      ssh_key:
-        from_secret: GITLAB_SSHKEY
-
 
 trigger:
   branch:
@@ -87,7 +96,7 @@ trigger:
 
 ---
 kind: pipeline
-type: docker
+type: kubernetes
 name: build:latest
 clone:
   disable: true
@@ -102,15 +111,19 @@ steps:
       - git checkout main
   - name: build latest
     depends_on: ["clone"]
-    image: plugins/docker
+    image: registry.odit.services/library/drone-kaniko
     settings:
       username:
-        from_secret: DOCKER_REGISTRY_USER
+        from_secret: docker_username
       password:
-        from_secret: DOCKER_REGISTRY_PASSWORD
-      repo: registry.odit.services/lfk/backend
+        from_secret: docker_password
+      build_args:
+        - NPM_REGISTRY_URL:
+          from_secret: npm_url
+      repo: lfk/backend
       tags:
         - latest
+      cache: true
       registry: registry.odit.services
   - name: push merge to repo
     depends_on: ["clone"]
@@ -120,7 +133,7 @@ steps:
       commit: false
       remote: git@git.odit.services:lfk/backend.git
       ssh_key:
-        from_secret: GITLAB_SSHKEY
+        from_secret: git_ssh
 
 trigger:
   branch:
@@ -130,34 +143,32 @@ trigger:
 
 ---
 kind: pipeline
-type: docker
+type: kubernetes
 name: build:tags
 
 steps:
   - name: build $DRONE_TAG
-    image: plugins/docker
-    depends_on: [clone]
+    depends_on: ["clone"]
+    image: registry.odit.services/library/drone-kaniko
     settings:
       username:
-        from_secret: DOCKER_REGISTRY_USER
+        from_secret: docker_username
       password:
-        from_secret: DOCKER_REGISTRY_PASSWORD
-      repo: registry.odit.services/lfk/backend
+        from_secret: docker_password
+      build_args:
+        - NPM_REGISTRY_URL:
+          from_secret: npm_url
+      repo: lfk/backend
       tags:
-        - '${DRONE_TAG}'
+        - "${DRONE_TAG}"
+      cache: true
       registry: registry.odit.services
-  - name: trigger node lib build
-    image: idcooldi/drone-webhook
-    settings:
-      urls: https://ci.odit.services/api/repos/lfk/lfk-client-node/builds?SOURCE_TAG=${DRONE_TAG}
-      bearer:
-        from_secret: BOT_DRONE_KEY
   - name: trigger js lib build
     image: idcooldi/drone-webhook
     settings:
       urls: https://ci.odit.services/api/repos/lfk/lfk-client-js/builds?SOURCE_TAG=${DRONE_TAG}
       bearer:
-        from_secret: BOT_DRONE_KEY
+        from_secret: ci_token
 trigger:
   event:
-  - tag
+    - tag

.gitignore

@@ -135,4 +135,4 @@ build
 /docs
 lib
 /oss-attribution
-*.tmp
+*.tmp

CHANGELOG.md

@@ -2,12 +2,654 @@
 
 All notable changes to this project will be documented in this file. Dates are displayed in UTC.
 
+#### [v1.1.3](https://git.odit.services/lfk/backend/compare/v1.1.2...v1.1.3)
+
+- feat(orgs): Also resolve child-teams' distances and add them to org total [`8d94186`](https://git.odit.services/lfk/backend/commit/8d9418635d3e381c0f55a2521a3334ba497c169a)
+- fix(orgs): Removed unused log [`f2832a2`](https://git.odit.services/lfk/backend/commit/f2832a2daecc7bc7bbee4d4fceeab8db194730cf)
+
+#### [v1.1.2](https://git.odit.services/lfk/backend/compare/v1.1.1...v1.1.2)
+
+> 10 May 2023
+
+- 🚀Bumped version to v1.1.2 [`0d21596`](https://git.odit.services/lfk/backend/commit/0d21596e2b64a99258d4925ae2ad627d5cdbd984)
+- feat(groups): Resolve the total group distance on group get single (aka get org and get team) [`245827e`](https://git.odit.services/lfk/backend/commit/245827e9c659cf76183dc33ab253becc22ddf032)
+- chore(package): Formatting [`4608a36`](https://git.odit.services/lfk/backend/commit/4608a36df6b187520ca0c331b8dce615205257be)
+
+#### [v1.1.1](https://git.odit.services/lfk/backend/compare/v1.1.0...v1.1.1)
+
+> 19 April 2023
+
+- feat(donors): Resolve donations with donors via pagination [`12a9ae2`](https://git.odit.services/lfk/backend/commit/12a9ae24933117acb3ff9815a7d72abca5eea7a7)
+- 🚀Bumped version to v1.1.1 [`cb1305a`](https://git.odit.services/lfk/backend/commit/cb1305aa77c36aa9d7900f09e7413bc6d45f2c89)
+
+#### [v1.1.0](https://git.odit.services/lfk/backend/compare/v1.0.1...v1.1.0)
+
+> 19 April 2023
+
+- feat(stats): Added donation count and donor count to stats [`6f39ac4`](https://git.odit.services/lfk/backend/commit/6f39ac42dafc2a589bbb2256b0417f3e774ae174)
+- 🚀Bumped version to v1.1.0 [`b9fe9f1`](https://git.odit.services/lfk/backend/commit/b9fe9f1c24653b91255a6dbbdc32c30b1b411eeb)
+- Added average donation per distance to stats [`fe59e3a`](https://git.odit.services/lfk/backend/commit/fe59e3a557903cf555d4c50098e935c49ca1fac4)
+- Added hints [`b25b0db`](https://git.odit.services/lfk/backend/commit/b25b0db76071ef8d50cc60e950a399dc060a2a9f)
+- Added calls to controller [`6ee5328`](https://git.odit.services/lfk/backend/commit/6ee5328dbc404603d19db3a5173ae4def560a9c9)
+- Formatting [`42c23a5`](https://git.odit.services/lfk/backend/commit/42c23a5883dacda4e0147842d448b3ad35b197b1)
+
+#### [v1.0.1](https://git.odit.services/lfk/backend/compare/v1.0.0...v1.0.1)
+
+> 18 April 2023
+
+- fix(pagination) page=0 resulted in false thx JS [`fcee390`](https://git.odit.services/lfk/backend/commit/fcee3909f4c4664115cc7ecb94f30e0dd8e78ce0)
+- 🚀Bumped version to v1.0.1 [`301f334`](https://git.odit.services/lfk/backend/commit/301f33467489a8533bdac11fbd10efd1b791f5e3)
+
+### [v1.0.0](https://git.odit.services/lfk/backend/compare/v0.15.4...v1.0.0)
+
+> 18 April 2023
+
+- 🚀Bumped version to v1.0.0 [`f0e20e4`](https://git.odit.services/lfk/backend/commit/f0e20e413014fe446c97754d2765cdad92c2cc3b)
+- Merge pull request 'feature/205-pagination' (#206) from feature/205-pagination into dev [`80de188`](https://git.odit.services/lfk/backend/commit/80de188565523d642407612272432ef07672b890)
+- Added pagination for runner orgs [`538622a`](https://git.odit.services/lfk/backend/commit/538622aa1841e27256f304e15b4204c2f6d24d76)
+- RunnerTeam Pagination [`0fa663a`](https://git.odit.services/lfk/backend/commit/0fa663a34104d438dd8fc9ab02458fdf289329f8)
+- users pagination [`244da61`](https://git.odit.services/lfk/backend/commit/244da618926377f58bb12dbbd89b7bb39d84596e)
+- Track pagination [`2a72aea`](https://git.odit.services/lfk/backend/commit/2a72aea10ef940fbdd4a9e6137b22933fdec7734)
+- usergroup pagination [`513d7f6`](https://git.odit.services/lfk/backend/commit/513d7f6fbaebe39beab6ec95e6e42eb10c62296d)
+- statsclient pagination [`71ebce6`](https://git.odit.services/lfk/backend/commit/71ebce6f8eebf110bb973a53b91dd6a49e1def99)
+- scanstation pagination [`f60025b`](https://git.odit.services/lfk/backend/commit/f60025b6de79b0f5f89995bf59260194f5de9af0)
+- Get all pagination for permissions [`86a21db`](https://git.odit.services/lfk/backend/commit/86a21dbfa4b50d8e80c611ea6e3eabfc2b8ae365)
+- Pagination for group contacts [`1e9e24d`](https://git.odit.services/lfk/backend/commit/1e9e24d99d75ce6dc846ff662e62c886646ea974)
+- Added pagination for get all donors [`4493c0e`](https://git.odit.services/lfk/backend/commit/4493c0e3d9beebbf7f601b39e1a2579771b4d152)
+- Added pagination for donations [`f5d48fc`](https://git.odit.services/lfk/backend/commit/f5d48fc638080c9333efe474d86f131794c809af)
+- Added pagination for runnercards [`b35a2dd`](https://git.odit.services/lfk/backend/commit/b35a2dd2fab708253373b3326f11ab574be18371)
+- Added pagination for runners [`d873674`](https://git.odit.services/lfk/backend/commit/d873674819e6cb33cf89da4f8fdc30a0b41707e4)
+- Added pagination for get all scans [`37b2ac9`](https://git.odit.services/lfk/backend/commit/37b2ac974b2276efd13538c127ba5ddda2537fe3)
+- Updated test for attribute [`2f305e1`](https://git.odit.services/lfk/backend/commit/2f305e127c75e9e6ff8e9fc0cfc10cc3db44759d)
+- Formatting [`a28ffe0`](https://git.odit.services/lfk/backend/commit/a28ffe06e5f3f69e4af6fdf0c66c9a1dfda10cfa)
+
+#### [v0.15.4](https://git.odit.services/lfk/backend/compare/v0.15.3...v0.15.4)
+
+> 15 April 2023
+
+- Fixed possible null [`0f0c3c7`](https://git.odit.services/lfk/backend/commit/0f0c3c7214f357d991518aafd015ffc4d387ce59)
+- 🚀Bumped version to v0.15.4 [`81aed1d`](https://git.odit.services/lfk/backend/commit/81aed1de40166f4cefabdb478d7638017127b25c)
+
+#### [v0.15.3](https://git.odit.services/lfk/backend/compare/v0.15.2...v0.15.3)
+
+> 15 April 2023
+
+- Faster stats (not including donations) [`b2ac70e`](https://git.odit.services/lfk/backend/commit/b2ac70e0aec1064e54a5043a104e7892984b2338)
+- 🚀Bumped version to v0.15.3 [`3909ed3`](https://git.odit.services/lfk/backend/commit/3909ed34f739e9fee90828f16757c75da90bab0f)
+
+#### [v0.15.2](https://git.odit.services/lfk/backend/compare/v0.15.1...v0.15.2)
+
+> 15 April 2023
+
+- 🚀Bumped version to v0.15.2 [`5f17e7f`](https://git.odit.services/lfk/backend/commit/5f17e7f783a7e8e2efc8f7dbbf2c98bcd1d80240)
+- Don't resolve runner group and parten with get all card requests [`2d8f752`](https://git.odit.services/lfk/backend/commit/2d8f7528d98144832e7609f5aa6fac8de4723c4a)
+- Resolve groups again for card generation [`a5a56a2`](https://git.odit.services/lfk/backend/commit/a5a56a263a01dbd911a799ab57084166e17b80ac)
+
+#### [v0.15.1](https://git.odit.services/lfk/backend/compare/v0.15.0...v0.15.1)
+
+> 15 April 2023
+
+- 🚀Bumped version to v0.15.1 [`9581185`](https://git.odit.services/lfk/backend/commit/9581185b24039338e7f238ecdcc3881bb5203759)
+- Faster trackscan creation by only loading the latest scan [`e9914e3`](https://git.odit.services/lfk/backend/commit/e9914e317b7fd78863cfd8549bad65da9292b7ca)
+- Log batch time in mass scan script [`2905884`](https://git.odit.services/lfk/backend/commit/2905884c024d7f275b3ad2c2858a2f0911adb95b)
+- Dont load cards with get all runners request [`702070d`](https://git.odit.services/lfk/backend/commit/702070da669cc605b93e6f5b62d712c28f079dd0)
+
+#### [v0.15.0](https://git.odit.services/lfk/backend/compare/v0.14.6...v0.15.0)
+
+> 15 April 2023
+
+- Added test script for creating mass scans [`8007117`](https://git.odit.services/lfk/backend/commit/80071174342d87199fcbd981cd8c92300b0a51e4)
+- 🚀Bumped version to v0.15.0 [`cc89ba8`](https://git.odit.services/lfk/backend/commit/cc89ba8afb3120569613a889baf962555612e95a)
+- Get all scans speed improvement [`23fa78e`](https://git.odit.services/lfk/backend/commit/23fa78eb9dcc01ecc036347f6703aacc0d163d7d)
+- More scan request optimizations [`7c4ff42`](https://git.odit.services/lfk/backend/commit/7c4ff42a3b3e7b186e16c85a97d9ecc854a32cb0)
+
+#### [v0.14.6](https://git.odit.services/lfk/backend/compare/v0.14.5...v0.14.6)
+
+> 15 April 2023
+
+- 🚀Bumped version to v0.14.6 [`3b3e689`](https://git.odit.services/lfk/backend/commit/3b3e68900beca16cfff88dbef22540f77750d29b)
+- Missing orm file [`3ff666f`](https://git.odit.services/lfk/backend/commit/3ff666fd3e84ac8cf41b30e9e17082b10548d55b)
+
+#### [v0.14.5](https://git.odit.services/lfk/backend/compare/v0.14.4...v0.14.5)
+
+> 15 April 2023
+
+- 🚀Bumped version to v0.14.5 [`4e44350`](https://git.odit.services/lfk/backend/commit/4e4435010fd7095e3b9742e207cba1b68cd6da3b)
+- Entrypoint fix [`de9af5a`](https://git.odit.services/lfk/backend/commit/de9af5a90907dcfc9bfb1d5a56420eed8bb59922)
+- Fixed copy [`ac631f0`](https://git.odit.services/lfk/backend/commit/ac631f0af467446552478873b7b4802a9310f865)
+
+#### [v0.14.4](https://git.odit.services/lfk/backend/compare/v0.14.3...v0.14.4)
+
+> 15 April 2023
+
+- Switched ci over to pnpm + cache [`6275aaa`](https://git.odit.services/lfk/backend/commit/6275aaa326f1c02c8dd42aa31608978408c44ab7)
+- 🚀Bumped version to v0.14.4 [`6bbdd5b`](https://git.odit.services/lfk/backend/commit/6bbdd5bb04a1c38e4b3a150db24b76e9c96490dd)
+- Back to ean13 based codes [`a8fc755`](https://git.odit.services/lfk/backend/commit/a8fc7558408b97da4b2c469ae5e73ab502b4fda0)
+- install prod in first step [`d027439`](https://git.odit.services/lfk/backend/commit/d02743984dfea8057be3081bd3a32a8f67e610aa)
+- Switched dockerfile to pnpm 8 with cache [`93d43b7`](https://git.odit.services/lfk/backend/commit/93d43b76843d7cb411f37fd2066c6a5364c05415)
+- COPY by stage name [`a64f6c9`](https://git.odit.services/lfk/backend/commit/a64f6c9822af2b927e91b0b55f1f50176de30169)
+- pinned pnpm version [`2a94bfa`](https://git.odit.services/lfk/backend/commit/2a94bfa6227d14f635b5fc2789b59c36d490937e)
+- custom pnpm cache [`85dc344`](https://git.odit.services/lfk/backend/commit/85dc3444acc677ddd242f9f2543ce477fe427a7c)
+- added missing ci env [`734c826`](https://git.odit.services/lfk/backend/commit/734c826face58dd5c3bb2607bda6e7f6d051012e)
+- pinned pnpm to 8 [`27e74e8`](https://git.odit.services/lfk/backend/commit/27e74e824cd1e23d4d53c1a983a1668dd87f5d59)
+- coherent baseimage [`b5c0a28`](https://git.odit.services/lfk/backend/commit/b5c0a288ac3c020f5d753c558aee160fea0bae14)
+- bumped final pnpm version [`33b25c9`](https://git.odit.services/lfk/backend/commit/33b25c9743abb7cefb3538f08cc2f78a646905c8)
+
+#### [v0.14.3](https://git.odit.services/lfk/backend/compare/v0.14.2...v0.14.3)
+
+> 18 March 2023
+
+- 🚀Bumped version to v0.14.3 [`16ce0a8`](https://git.odit.services/lfk/backend/commit/16ce0a848050b74c4b6dd93f17e5a6e9024cdb7d)
+- Adjusted modulo for new fixed card length [`9a8d618`](https://git.odit.services/lfk/backend/commit/9a8d618ae4584640e8be1ce9fe4bddd2ef7a92ae)
+
+#### [v0.14.2](https://git.odit.services/lfk/backend/compare/v0.14.1...v0.14.2)
+
+> 18 March 2023
+
+- 🚀Bumped version to v0.14.2 [`38da2d3`](https://git.odit.services/lfk/backend/commit/38da2d33187f4b24eef878642e153663ecd95de1)
+- Back to modulo [`068deb4`](https://git.odit.services/lfk/backend/commit/068deb4960bd16decf99887ffbda7a7d3dd9ff0b)
+
+#### [v0.14.1](https://git.odit.services/lfk/backend/compare/v0.14.0...v0.14.1)
+
+> 18 March 2023
+
+- 🚀Bumped version to v0.14.1 [`13f093b`](https://git.odit.services/lfk/backend/commit/13f093bb6138a498f93a05ef6dd812ae92f2676a)
+- Switched from card prefix replacement via modulo to regex [`6289f30`](https://git.odit.services/lfk/backend/commit/6289f307400aacaa9cfe03f3024c1e0d5554d4f2)
+
+#### [v0.14.0](https://git.odit.services/lfk/backend/compare/v0.13.3...v0.14.0)
+
+> 15 March 2023
+
+- 🚀Bumped version to v0.14.0 [`6ff764b`](https://git.odit.services/lfk/backend/commit/6ff764bc340ca25b3bdd62c6892259e228723973)
+- Updated default length [`ea87cc7`](https://git.odit.services/lfk/backend/commit/ea87cc793b163bf0d4405a25bbe83fbc8e31c206)
+- breaking(runnercards): shorter runnercard codes (padding to 12 was a bit tooo ambitious) [`ffee887`](https://git.odit.services/lfk/backend/commit/ffee887ddf6a71102ee39533d7cd504d1fd6698f)
+- Removed sqlite journal [`92517e3`](https://git.odit.services/lfk/backend/commit/92517e365393f4baac3814f5668874b5752dc7c8)
+
+#### [v0.13.3](https://git.odit.services/lfk/backend/compare/v0.13.2...v0.13.3)
+
+> 15 February 2023
+
+- 🚀Bumped version to v0.13.3 [`3bac75e`](https://git.odit.services/lfk/backend/commit/3bac75e7ab9f16ecab1fbfa9915a7edb923883f6)
+- Merge pull request 'feature/201-no_citizen-deletion' (#202) from feature/201-no_citizen-deletion into dev [`d05eddc`](https://git.odit.services/lfk/backend/commit/d05eddcae198427ce9a334096563b3aadcff2b56)
+- Updated tests [`d5c689d`](https://git.odit.services/lfk/backend/commit/d5c689d6937288df7dca14ce26fbbd4f46a8752a)
+- Added delete check for citizen org [`8fedd4e`](https://git.odit.services/lfk/backend/commit/8fedd4ef3bdd48dc42abc1d53006eefc145175e3)
+
+#### [v0.13.2](https://git.odit.services/lfk/backend/compare/v0.13.1...v0.13.2)
+
+> 3 February 2023
+
+- 🚀Bumped version to v0.13.2 [`e8b2e6f`](https://git.odit.services/lfk/backend/commit/e8b2e6f26140a18c06b017e4461742d7e7942f08)
+- Merge pull request 'move selfservice magic link endpoint to 15min rate limit' (#200) from feature/runner-selfservice-login-link-rate-limit into dev [`39f3b0e`](https://git.odit.services/lfk/backend/commit/39f3b0e01f03bfbcfcb0ea08d697268ce068e63d)
+- move to 15min limit [`edaf255`](https://git.odit.services/lfk/backend/commit/edaf255e8f609185dcd6c2c0cd2e8b007b785e0c)
+- Merge pull request 'Releases 0.12.0 and 0.13.0' (#199) from dev into main [`41c4ed4`](https://git.odit.services/lfk/backend/commit/41c4ed4d0faaed382801bbe480f31dafa6f3912d)
+
+#### [v0.13.1](https://git.odit.services/lfk/backend/compare/v0.13.0...v0.13.1)
+
+> 2 February 2023
+
+- 🚀Bumped version to v0.13.1 [`f2bd88a`](https://git.odit.services/lfk/backend/commit/f2bd88aadfcb6ffa0485ea6afac8c7664a37f5f4)
+- Updated description [`67a3661`](https://git.odit.services/lfk/backend/commit/67a36614485b2ea83c2de41e0684708b95a05b32)
+
+#### [v0.13.0](https://git.odit.services/lfk/backend/compare/v0.12.0...v0.13.0)
+
+> 2 February 2023
+
+- Added faker for testing [`e184673`](https://git.odit.services/lfk/backend/commit/e1846739638905aab6ba7e059fd2cbf8ff467bf3)
+- 📖New license file version [CI SKIP] [skip ci] [`2b641fa`](https://git.odit.services/lfk/backend/commit/2b641faa29c47d95f69983770dc4ab37e674604f)
+- 🚀Bumped version to v0.13.0 [`0c763a2`](https://git.odit.services/lfk/backend/commit/0c763a2dfd39607b480d9aff7d3c883791f41700)
+- Updated selfservice tests to prevent email duplication [`9bc80aa`](https://git.odit.services/lfk/backend/commit/9bc80aac8aab9b4dedc26c9bc3ce705d7fe9c0bf)
+- Moved license and changelog export to releaseit hooks [`77c6303`](https://git.odit.services/lfk/backend/commit/77c6303014578edbbadeeaa790f7974bde2a9764)
+- Updated readme [`4cdba8b`](https://git.odit.services/lfk/backend/commit/4cdba8bc77ce543f6fb636711b8728bce794eac7)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`ae14d6c`](https://git.odit.services/lfk/backend/commit/ae14d6c74f9205440b41ca5fdbd052ca449148fc)
+- Added selfservice runner create check to prevent duplicate email [`68cd746`](https://git.odit.services/lfk/backend/commit/68cd746a9f3360b3630a9ba570213d2aa62497b4)
+- Updated tests for new login in selfservice [`39aa759`](https://git.odit.services/lfk/backend/commit/39aa7598b7cd0ecb0f077f50ebdd31c6e205f06d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`9fa8b93`](https://git.odit.services/lfk/backend/commit/9fa8b93c08ee52335b18e743f9d205b19e6095c6)
+- Moved changelog generation to package script [`a7297ff`](https://git.odit.services/lfk/backend/commit/a7297ff933ae1372a9d508cdae1a54d2ebbcc647)
+- Merge pull request 'feature/197-duplicate_runner_mail' (#198) from feature/197-duplicate_runner_mail into dev [`4b676bc`](https://git.odit.services/lfk/backend/commit/4b676bc85336c2d494e9e74823d38deec5cc0400)
+- Updated logo url [`4433ddb`](https://git.odit.services/lfk/backend/commit/4433ddb1e15a35481728670e22049200644bf337)
+- depends_on: ["clone"] [`9cc66ee`](https://git.odit.services/lfk/backend/commit/9cc66eebdfe8e7a2888bbc97197d1756ff44de30)
+- Fixed typo [`19a290c`](https://git.odit.services/lfk/backend/commit/19a290c3a931ead0d9ae9ebb0985bfbaac54df59)
+- Rename selfservice forgot to login [`69651d9`](https://git.odit.services/lfk/backend/commit/69651d9f6cd826b6d4720f164897a2a72a57c851)
+- 📖New license file version [CI SKIP] [skip ci] [`6fd246f`](https://git.odit.services/lfk/backend/commit/6fd246f43cb3f4d0ccb6e017ee699889ba17daac)
+- Add git for changelog fun [`2fa56b8`](https://git.odit.services/lfk/backend/commit/2fa56b82d1e082a1deae943e5fca5101f24e3ef5)
+
+#### [v0.12.0](https://git.odit.services/lfk/backend/compare/v0.11.1...v0.12.0)
+
+> 2 February 2023
+
+- Pinned versions [`a6d5693`](https://git.odit.services/lfk/backend/commit/a6d5693ccdeb25b15a09af8f7438142114268807)
+- Drone -> Kaniko based builds [`0e78951`](https://git.odit.services/lfk/backend/commit/0e789513008085d0db94fc3b2dd9e74a5e583049)
+- Drone images to odit registry [`6ad56b3`](https://git.odit.services/lfk/backend/commit/6ad56b31269bf19a740c1b6b1a303a8a9d7d59d0)
+- Bumped container base images [`d95c6d3`](https://git.odit.services/lfk/backend/commit/d95c6d33657f6aa977a8ebfefad7e199bb1cc9c3)
+- Enabled tag via release script [`9217421`](https://git.odit.services/lfk/backend/commit/92174212213f874e41c9472a927bcf87b963ac94)
+- Pinned pnpm for builds [`4570845`](https://git.odit.services/lfk/backend/commit/4570845b3e1bd00c228fe1b09b658c24e20aba7f)
+- 🚀Bumped version to v0.12.0 [`4c10e20`](https://git.odit.services/lfk/backend/commit/4c10e20b91a8101ee37b230373ceb3e024582b41)
+- Ignore pnpm lock [`1f2c8ab`](https://git.odit.services/lfk/backend/commit/1f2c8abb22f3ff1e61b7350b517bd699c3e315f6)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`31b258b`](https://git.odit.services/lfk/backend/commit/31b258b4ce82213144160a4233b7fd127e456776)
+
+#### [v0.11.1](https://git.odit.services/lfk/backend/compare/v0.11.0...v0.11.1)
+
+> 22 April 2021
+
+- Merge pull request 'Release 0.11.1' (#196) from dev into main [`f19f280`](https://git.odit.services/lfk/backend/commit/f19f2808d88414f1877c01f10996dac68b6f9617)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`2229cdf`](https://git.odit.services/lfk/backend/commit/2229cdf20db1a98f9f76a99fa9d3f463cdf6d804)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`348fe52`](https://git.odit.services/lfk/backend/commit/348fe52c42cfa32239b703041820f725e147154e)
+- Now prefixing runnercards with 2 [`8a82e05`](https://git.odit.services/lfk/backend/commit/8a82e059b74ceabf43c9cbfe9c9b89ef6ce15a28)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3b9cd2e`](https://git.odit.services/lfk/backend/commit/3b9cd2e1bbbe8e69c3883233a98f286d768c2b79)
+- Added fix for the appended 2 [`eb526fb`](https://git.odit.services/lfk/backend/commit/eb526fb57faf631fd6e84af99af738ab1b3481c7)
+- 🚀Bumped version to v0.11.1 [`95320ca`](https://git.odit.services/lfk/backend/commit/95320ca1bccc2886553accea6a428aadffda0a27)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`f2d127f`](https://git.odit.services/lfk/backend/commit/f2d127fc98d75ce658424624abd382c087737ca0)
+
+#### [v0.11.0](https://git.odit.services/lfk/backend/compare/v0.10.2...v0.11.0)
+
+> 14 April 2021
+
+- Merge pull request 'Release 0.11.0' (#195) from dev into main [`3220b19`](https://git.odit.services/lfk/backend/commit/3220b194d4c704835d6d106ec4d9d54a17a38b62)
+- Fixed spelling [`da266a8`](https://git.odit.services/lfk/backend/commit/da266a8dd68dbb575997ae343624982b690486ec)
+- Updated tests [`01ed514`](https://git.odit.services/lfk/backend/commit/01ed51489eb92fff907d46a930ecf0b0eb5cad2b)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`520608a`](https://git.odit.services/lfk/backend/commit/520608aef05b21f4daadf55cfc8caddba06b8f01)
+- Added payedDonationAmount to donor and responsedonor [`8ae4b85`](https://git.odit.services/lfk/backend/commit/8ae4b8582749332f4fb081eee0c520293347001f)
+- Responses now contain the donation status [`34dbaaa`](https://git.odit.services/lfk/backend/commit/34dbaaafe0422234848eabe3f52b26879c9e5a49)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`278c4a6`](https://git.odit.services/lfk/backend/commit/278c4a6a415434487a92ff66f8114bb2547aac48)
+- Marked payedAmount as optional during creation and/or update [`0636616`](https://git.odit.services/lfk/backend/commit/0636616dad5afb41ffe47a857d91ac75b4f2f20a)
+- Added payed amount fileld to donation class [`b8fbb72`](https://git.odit.services/lfk/backend/commit/b8fbb72fa0b659c9acc406c72a8a59c2174351b4)
+- Added status to tests [`30c6d3d`](https://git.odit.services/lfk/backend/commit/30c6d3d8db9fe37a51e596a73add8b87e8616e54)
+- Added payed amount to response class [`d64f470`](https://git.odit.services/lfk/backend/commit/d64f470b608b3f179ec77da0210de51c328ef3f2)
+- 📖New license file version [CI SKIP] [skip ci] [`a2f0d81`](https://git.odit.services/lfk/backend/commit/a2f0d814fc782ad440500e7d6ec779b6ab7f0ac6)
+- 🚀Bumped version to v0.11.0 [`3558e99`](https://git.odit.services/lfk/backend/commit/3558e9909088647bd4f1f4334f50c07a5ef00214)
+- Merge pull request 'Donation payment management feature/193-donation_payments' (#194) from feature/193-donation_payments into dev [`6df5f63`](https://git.odit.services/lfk/backend/commit/6df5f634f3123e04c015889573ccc5674a8bab27)
+- Added payed amount to crealte classes [`71542bc`](https://git.odit.services/lfk/backend/commit/71542bc3887b97c15436d03280e49f7b3f0fcb06)
+- Added donation status enum [`b4c31ee`](https://git.odit.services/lfk/backend/commit/b4c31ee9b5b35d6e11b07f50f3d30ca12e0f7728)
+- Added payed amount to update classes [`9930742`](https://git.odit.services/lfk/backend/commit/99307423c533f8cde847b59a80bffc2ff42c9769)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`0c61ff4`](https://git.odit.services/lfk/backend/commit/0c61ff457d02f750efa457dd75464187683b037a)
+- Added mssing check to tests [`6c14ed9`](https://git.odit.services/lfk/backend/commit/6c14ed9c89eadc1a10db8c912d8ea2711a518766)
+- No longer answering with null, but 0 [`49b174f`](https://git.odit.services/lfk/backend/commit/49b174f29f63e963e600d74b6923a20211d832eb)
+- Saved missing file [`8fe3243`](https://git.odit.services/lfk/backend/commit/8fe32436935d7cd6c17eae1e138383d3b714e1ba)
+
+#### [v0.10.2](https://git.odit.services/lfk/backend/compare/v0.10.1...v0.10.2)
+
+> 7 April 2021
+
+- Merge pull request 'Release 0.10.2' (#192) from dev into main [`1d82f65`](https://git.odit.services/lfk/backend/commit/1d82f65b0d3a32d10c1a10c991353c18696d58bf)
+- Added first selfservice test [`057ae0d`](https://git.odit.services/lfk/backend/commit/057ae0d79758cd627d6d128406a0d201b6b7ad9b)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`b7ad5d3`](https://git.odit.services/lfk/backend/commit/b7ad5d3a31b8b4f5960852d3ac38af133719ebcd)
+- First try of the laptime sort [`4471e57`](https://git.odit.services/lfk/backend/commit/4471e57438582d55ff846fd69c2cfcc26b40df2a)
+- Potential fix for all remaining errors [`377d5da`](https://git.odit.services/lfk/backend/commit/377d5dadb2a14cb2d70e0b2dc77026f51b3fb51c)
+- At least one fewer test should fail now [`87f444c`](https://git.odit.services/lfk/backend/commit/87f444c30d69d65a9f918c63631a859a389eeee3)
+- Tried workaround for no availdable stats [`8f0f795`](https://git.odit.services/lfk/backend/commit/8f0f795a709db216396998b68b8bbd64ff4d44ff)
+- Reverted temp bugfix [`4603a84`](https://git.odit.services/lfk/backend/commit/4603a84f16fb53a14d1792447100f5b470969dd0)
+- Fixed sorting algo [`988f17a`](https://git.odit.services/lfk/backend/commit/988f17a795bb2d867e9d1d8e78051dff1a14ec30)
+- Added runners stats tests [`7111068`](https://git.odit.services/lfk/backend/commit/7111068361e00cc1308664a3ae650a56e28c015c)
+- Added basic laptime endpoint [`cb71fcd`](https://git.odit.services/lfk/backend/commit/cb71fcd13bc61e6214e2fd7b70e72094749463d3)
+- Added orgs by donations stats tests [`d4a02e7`](https://git.odit.services/lfk/backend/commit/d4a02e7db2ff4976be21605e31aac2f3c82a49c0)
+- Added teams stats endpoint tests [`b9a7dc8`](https://git.odit.services/lfk/backend/commit/b9a7dc84f05441445453193974b2a793b5197fa5)
+- Now resolving all missing relations [`257f320`](https://git.odit.services/lfk/backend/commit/257f320ee3bf6429c4314c64023520366f9f730b)
+- Added min laptime to StatsRunner [`51daf96`](https://git.odit.services/lfk/backend/commit/51daf969cf74792b2c2f2f16ce4359d9fca47bc8)
+- Fixed sorting [`7b15c2d`](https://git.odit.services/lfk/backend/commit/7b15c2d88b14e7279aad97b0c950202ddb5acaaa)
+- Fixed top-ten bein top 9 [`a6a526d`](https://git.odit.services/lfk/backend/commit/a6a526dc5d8b1613ea34e82e477081349e764aec)
+- added new ci secret [`5633e85`](https://git.odit.services/lfk/backend/commit/5633e85f41cb69b10fd8a86f57f1bd2f50848f7b)
+- Added temp console log for test [`22cae39`](https://git.odit.services/lfk/backend/commit/22cae39bd351ca285880e50187ea0d46a7a26437)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`610988e`](https://git.odit.services/lfk/backend/commit/610988ec16b8df61cca61cf2252a469d30318d81)
+- Added temp console log for ci debugging [`4a73eab`](https://git.odit.services/lfk/backend/commit/4a73eab134c3a9f58771be996bc8811b62cf378e)
+- Temp disabled runners by donations test [`0b07a53`](https://git.odit.services/lfk/backend/commit/0b07a53ed209c6193ead3c4d199545e22333ab32)
+- Updated default docker-compose [`f8baca5`](https://git.odit.services/lfk/backend/commit/f8baca5ab2c56b906751bc7edd71477456ad91f3)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`dd6d799`](https://git.odit.services/lfk/backend/commit/dd6d799c847fc96aec1be8f2667ad371890076fb)
+- Resolved missing parentgroup relation [`23bd432`](https://git.odit.services/lfk/backend/commit/23bd432c5f33a0863217120d97e2e4ea52a08baf)
+- Removed console logs for now working tests [`71b33ab`](https://git.odit.services/lfk/backend/commit/71b33ab05b53b62c8b271bd2995c94b2fc212dfd)
+- Fixed typo in test [`cbcb829`](https://git.odit.services/lfk/backend/commit/cbcb829fbde3a4a5e7f94de5dcf24d854c5fc257)
+- Ptotential fix for stats failing [`dcdbdd1`](https://git.odit.services/lfk/backend/commit/dcdbdd15acfe6eef4220b7ed66db60d78107d1f9)
+- 🚀Bumped version to v0.10.2 [`6e236ed`](https://git.odit.services/lfk/backend/commit/6e236ede145e164ee84543fb62404b4776550973)
+- Merge pull request 'stats/runners/laptime feature/190-runners_laptime' (#191) from feature/190-runners_laptime into dev [`a694ad2`](https://git.odit.services/lfk/backend/commit/a694ad225c68fa23152402acba871c857433cc70)
+- Removed all useless console.logs [`95e1eec`](https://git.odit.services/lfk/backend/commit/95e1eec313a79458dd75307a9d0f8319af0d0904)
+- Pinned testing container tag to prod container tag [`10221b9`](https://git.odit.services/lfk/backend/commit/10221b9f2e4493080f3ff095d9772bcfd0ac50eb)
+- Now resolving all relations for orgs by distance [`4a294b1`](https://git.odit.services/lfk/backend/commit/4a294b1e17c44294274b06748ec8141812c2d217)
+- Added temp console log [`720774f`](https://git.odit.services/lfk/backend/commit/720774fcf47c38601ab88d5d74cfcd0e47b21acf)
+- Removed console log for passing tests [`132b48c`](https://git.odit.services/lfk/backend/commit/132b48cf2a9e990a5e830c744ed8244bd25e8b3a)
+- Removed console log [`1d8c8c8`](https://git.odit.services/lfk/backend/commit/1d8c8c8e9cefa58449f7abb2481d9396fe37ba20)
+- Temp test logging workaround [`bf686e8`](https://git.odit.services/lfk/backend/commit/bf686e89e02998ccc80c838ef890c736c252634c)
+- Temp test logging workaround [`6163f0a`](https://git.odit.services/lfk/backend/commit/6163f0a90b3721d3a1488f89cbb39ddff7152241)
+- Removed test for content type [`63964fb`](https://git.odit.services/lfk/backend/commit/63964fbf2c41d9b90f995f056e9db65ab07d54a8)
+
+#### [v0.10.1](https://git.odit.services/lfk/backend/compare/v0.10.0...v0.10.1)
+
+> 3 April 2021
+
+- Merge pull request 'Release 0.10.1' (#189) from dev into main [`e89e07d`](https://git.odit.services/lfk/backend/commit/e89e07d0fc99f14148b01204fb8ed39e2da77e38)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`69afd4d`](https://git.odit.services/lfk/backend/commit/69afd4d5877401eb46df430f43a7feb273abda1e)
+- 🚀Bumped version to v0.10.1 [`24d152f`](https://git.odit.services/lfk/backend/commit/24d152fdc8fe17fffa2f2a718d7145ba8a91d79c)
+- New class: ResponseSelfServiceDonor [`d70c5b1`](https://git.odit.services/lfk/backend/commit/d70c5b1bbc9f02782f8755b6929e2d3458e10221)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`4279e43`](https://git.odit.services/lfk/backend/commit/4279e4374304887e8db40eab77763b20bbce91a1)
+- Removed duplicate openapi statement [`4834a66`](https://git.odit.services/lfk/backend/commit/4834a6698b0958602421c1478a95fec7edda910b)
+- Switched selfservice donation.donor from string to object [`0767943`](https://git.odit.services/lfk/backend/commit/0767943721b6964d542f580c541e744f86444ac6)
+- Adjusted runner property names [`ca87774`](https://git.odit.services/lfk/backend/commit/ca87774767807a2c4bc869b0de95cc73832a8405)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`71e3d0e`](https://git.odit.services/lfk/backend/commit/71e3d0efe2cbde47aea0f26cb5a8b5cd3312707d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`c28843c`](https://git.odit.services/lfk/backend/commit/c28843c405dc4fd06a10f0fb85814acede15a769)
+- Merge pull request 'Selfservice donations reformatting feature/187-selfservice_donation' (#188) from feature/187-selfservice_donation into dev [`d837654`](https://git.odit.services/lfk/backend/commit/d837654617f7de5d055ffb06c65e2cd52f65c604)
+- Added new responsetype for new class [`f693f2c`](https://git.odit.services/lfk/backend/commit/f693f2cde9a04147155aea4de5d52e1d19d722ca)
+
+#### [v0.10.0](https://git.odit.services/lfk/backend/compare/v0.9.2...v0.10.0)
+
+> 1 April 2021
+
+- Merge pull request 'Release 0.10.0' (#186) from dev into main [`b517dff`](https://git.odit.services/lfk/backend/commit/b517dff8a82c960836d9f0be90fd89f3ba2fae7d)
+- 🚀Bumped version to v0.10.0 [`dc3071f`](https://git.odit.services/lfk/backend/commit/dc3071f7d2be298f0bb02d86ec67ed1125cd3b49)
+- Added locale to mail related runner endpoints [`7af883f`](https://git.odit.services/lfk/backend/commit/7af883f27198206af542bcaff4686221d3788e87)
+- Added locale to mail related runner endpoints [`f543307`](https://git.odit.services/lfk/backend/commit/f5433076b01c743ed9af085fccadb8f1edc26419)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`5fb355f`](https://git.odit.services/lfk/backend/commit/5fb355f450f19e96d3671b1a46e94d564495942b)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`114c246`](https://git.odit.services/lfk/backend/commit/114c246aceba566cc0dd6daab51a77b951b031cc)
+- Merge pull request 'Mail locales feature/184-mail_locales' (#185) from feature/184-mail_locales into dev [`33c13de`](https://git.odit.services/lfk/backend/commit/33c13de32c68a3d9e87e4fd9ad12a815ed8c9fde)
+- Added locale to mail related user endpoints [`1be073a`](https://git.odit.services/lfk/backend/commit/1be073a4fa39f0332a46f567ee6af10a9137844c)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`6aafe4a`](https://git.odit.services/lfk/backend/commit/6aafe4a6ae7d253ab39220e551c52ae067cc481a)
+
+#### [v0.9.2](https://git.odit.services/lfk/backend/compare/v0.9.1...v0.9.2)
+
+> 29 March 2021
+
+- Merge pull request 'Release 0.9.2' (#183) from dev into main [`bdeeb03`](https://git.odit.services/lfk/backend/commit/bdeeb036459c2a2131e843d8a5a6b338e0ba46ea)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`675c876`](https://git.odit.services/lfk/backend/commit/675c8762e8e4cf28d2f334d5ab2e1cb6b594e33c)
+- Fixed bug in return creation [`6c9b91d`](https://git.odit.services/lfk/backend/commit/6c9b91d75a0d08fc4ab0e72c7a09bd0133566368)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`8c00aef`](https://git.odit.services/lfk/backend/commit/8c00aefd6ce3723d9f83d1c94e6491d5d597391f)
+- 🚀Bumped version to v0.9.2 [`89e3924`](https://git.odit.services/lfk/backend/commit/89e392473c52a3f328545699a0f4df89be33ba89)
+
+#### [v0.9.1](https://git.odit.services/lfk/backend/compare/v0.9.0...v0.9.1)
+
+> 29 March 2021
+
+- Merge pull request 'Release v0.9.1' (#182) from dev into main [`3afd785`](https://git.odit.services/lfk/backend/commit/3afd785a54fac91c12af789af19b45e6124e0e39)
+- 🚀Bumped version to v0.9.1 [`a139554`](https://git.odit.services/lfk/backend/commit/a139554e059e9a10acb1733ce1a82b610cc99269)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`8099999`](https://git.odit.services/lfk/backend/commit/8099999e2cdfc8046f9ff4a90681281b671e402d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`0290b0e`](https://git.odit.services/lfk/backend/commit/0290b0e5f531364d37d8157e639614cf5a6b4189)
+- Merge pull request 'Return cards generated in bulk feature/180-blank_generation_return' (#181) from feature/180-blank_generation_return into dev [`0f7fa99`](https://git.odit.services/lfk/backend/commit/0f7fa990d473ce2dce032c47c39f79c1d0e8df90)
+- Added query param to return created runenrcards [`5a36c8d`](https://git.odit.services/lfk/backend/commit/5a36c8dcae3d79b3b05ffb30a7ebb0d31dc8183a)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`58f4d21`](https://git.odit.services/lfk/backend/commit/58f4d2151f459bc72692cc70e02a59b77abfb9f0)
+- Added test for returnCards=true array length [`1cb2dc9`](https://git.odit.services/lfk/backend/commit/1cb2dc9d53b530435f5798f9cdf7ee866eb7416e)
+- Added test for single card generation with returnCards=true [`6005b06`](https://git.odit.services/lfk/backend/commit/6005b0661f1d5c461bb102e243cc209a8adc21fa)
+- Fixed copy-paste oversight [`2f568c9`](https://git.odit.services/lfk/backend/commit/2f568c9cb8ae39ce40ec8df6d9acbaf0d5ae1a26)
+
+#### [v0.9.0](https://git.odit.services/lfk/backend/compare/v0.8.0...v0.9.0)
+
+> 26 March 2021
+
+- Merge pull request 'Release 0.9.0' (#179) from dev into main [`95135dd`](https://git.odit.services/lfk/backend/commit/95135ddc893dcf64be67b47b0ef2b0d9041253bd)
+- Reenabled user tests [`4c66650`](https://git.odit.services/lfk/backend/commit/4c6665062fe6717242e43b58e66c1f1d030c018d)
+- Moved to tmp files to better check for other problems [`7a64f23`](https://git.odit.services/lfk/backend/commit/7a64f2393783f97a9729356bc1dfd831927dd312)
+- Added user creation invalid tests [`888cab5`](https://git.odit.services/lfk/backend/commit/888cab5898caf9e552c421346934bf90f717a653)
+- Updated auth test to comply with the new pw requirements [`63f6526`](https://git.odit.services/lfk/backend/commit/63f6526e4f59621edbf1fad59fc569b4bd6acbf2)
+- Added user deletion tests [`e6a8ebc`](https://git.odit.services/lfk/backend/commit/e6a8ebcb5b4f430254da4afe159141b21d8da0ed)
+- Added user creation valid tests [`383a809`](https://git.odit.services/lfk/backend/commit/383a8095b8286d51fb2fb24ae2fd0156230e56ab)
+- 📖New license file version [CI SKIP] [skip ci] [`bd7b81e`](https://git.odit.services/lfk/backend/commit/bd7b81efe795c02512c87f3b5dd5eec796580144)
+- Added password errors [`24c38cc`](https://git.odit.services/lfk/backend/commit/24c38cce26da41ccf375e1ccf04afa1868aad8df)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`274a146`](https://git.odit.services/lfk/backend/commit/274a146b9bccfe5e1a879ca137ebb4f51eaa5d57)
+- Fixed test params [`070560e`](https://git.odit.services/lfk/backend/commit/070560e8632e833dd26505c02ccb2474462b63ac)
+- No longer using createuser in seeding process [`96ba25e`](https://git.odit.services/lfk/backend/commit/96ba25ec6c6c397cd2aa322afa79024395f658fe)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a7fe1e1`](https://git.odit.services/lfk/backend/commit/a7fe1e175918edd7a98983ece570b47075e85e9a)
+- 🚀Bumped version to v0.8.0 [`c23b4d9`](https://git.odit.services/lfk/backend/commit/c23b4d907f20ed7af37a6de6ea4c61433e30b29b)
+- 🚀Bumped version to v0.9.0 [`56a5f41`](https://git.odit.services/lfk/backend/commit/56a5f4168621263daeab5d2fda97b944cdc6ab31)
+- Merge pull request 'Password security feature/99-password_checks' (#177) from feature/99-password_checks into dev [`5a3fc5b`](https://git.odit.services/lfk/backend/commit/5a3fc5b2bd06b3e26177d017d3503f4f627be3f2)
+- Added pw errors to user controller [`b24e24f`](https://git.odit.services/lfk/backend/commit/b24e24ff7dd75d972cdab0fd1e2fe6c532ca2b2f)
+- Now checking password rules on user creation [`5daaa3a`](https://git.odit.services/lfk/backend/commit/5daaa3a73c4eca2817d67e226679d125928a3645)
+- Now checking password rules on user update [`48a87e8`](https://git.odit.services/lfk/backend/commit/48a87e8936e13c48f4baa3f4b10f781ad2f55a44)
+- Fixed pw not getting hashed currectly; [`cb3ea9b`](https://git.odit.services/lfk/backend/commit/cb3ea9b1ebb82c650abd83d4be8629cfe29a5b21)
+- Added pw errors to me controller [`9ce35d8`](https://git.odit.services/lfk/backend/commit/9ce35d8eb78a01f40af8c70e640eca3bcb142304)
+- Now forceing user deletion in tests [`8154e71`](https://git.odit.services/lfk/backend/commit/8154e715bbf18938bd5d1031656a88d39231fa81)
+- Added password checker dependency [`bd00f4f`](https://git.odit.services/lfk/backend/commit/bd00f4f8d585fb6878874810f7de0b8b9f3950d5)
+- Fixed empty object getting called [`5369000`](https://git.odit.services/lfk/backend/commit/536900091afd7366128f21058490d0d4f15c6c89)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`03d76e6`](https://git.odit.services/lfk/backend/commit/03d76e6d0bc5b4655f7f441232681c9462815526)
+- Formatting [`b8c28eb`](https://git.odit.services/lfk/backend/commit/b8c28ebb0808395218b5fb9031f477ae1d48e65e)
+
+#### [v0.8.0](https://git.odit.services/lfk/backend/compare/v0.7.1...v0.8.0)
+
+> 26 March 2021
+
+- Merge pull request 'Release 0.8.0' (#176) from dev into main [`3f8e8ce`](https://git.odit.services/lfk/backend/commit/3f8e8ce3a66a943801c0c8e17885e71feeee744f)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`c9bd6de`](https://git.odit.services/lfk/backend/commit/c9bd6de4762fec04e1e02cd3b667838d05ef39a7)
+- Merge pull request 'Selfservice deletion feature/174-selfservice_deletion' (#175) from feature/174-selfservice_deletion into dev [`e702118`](https://git.odit.services/lfk/backend/commit/e702118d4d80e362e41bb88c74343d50530d1338)
+- Added tests for the new endpoint [`20aeed8`](https://git.odit.services/lfk/backend/commit/20aeed87780247dc6401bba725801fc1874e50b5)
+- Removed param from test [`97159dd`](https://git.odit.services/lfk/backend/commit/97159dd9f81aed080c174a3eb8da9e66dfea9b10)
+- Added selfservice deletion endpoint [`dcb12b0`](https://git.odit.services/lfk/backend/commit/dcb12b0ac289f8df148ba10ae6389727c16f53fd)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`88844e1`](https://git.odit.services/lfk/backend/commit/88844e1a44d87a7dc253bf9aedf2fb3f6cdd1cfe)
+- Fixed response bug [`ccb7ae2`](https://git.odit.services/lfk/backend/commit/ccb7ae29a39387c0f2762861565dc22996a2493a)
+- Updated old hint [`dd12583`](https://git.odit.services/lfk/backend/commit/dd1258333ef67243f8a8df97c176ec5a054a5e3b)
+
+#### [v0.7.1](https://git.odit.services/lfk/backend/compare/v0.7.0...v0.7.1)
+
+> 26 March 2021
+
+- Merge pull request 'Release 0.7.1' (#173) from dev into main [`e76a9ce`](https://git.odit.services/lfk/backend/commit/e76a9cef956b00de7bbb11b6d863d4f33e3d5a34)
+- Revert "Set timeout even higher b/c sqlite just kills itself during these tests" [`f159252`](https://git.odit.services/lfk/backend/commit/f159252651942e442026dbcaae09b242e05d8204)
+- Set timeout even higher b/c sqlite just kills itself during these tests [`6ab6099`](https://git.odit.services/lfk/backend/commit/6ab60998d4f716aded93bb3b5d15594fc5e0434a)
+- Adjusted jest timeout to mitigate sqlite from invalidateing all tests⏱ [`30d220b`](https://git.odit.services/lfk/backend/commit/30d220bc36a28f224406e49ed27ff3f6b4f409e9)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`963253c`](https://git.odit.services/lfk/backend/commit/963253cbc84ed07af13ed0925952ec1b7dcc53ad)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3ef3a94`](https://git.odit.services/lfk/backend/commit/3ef3a94b20c1abf6fd2f19472e5f448b4c72bd7f)
+- 🚀Bumped version to v0.7.1 [`135852e`](https://git.odit.services/lfk/backend/commit/135852eb9a91010a4ab972ba9efc7b71dfe4d68f)
+- Merge pull request 'RESPONSERUNNERCARD fix bugfix/171-responserunnercards' (#172) from bugfix/171-responserunnercards into dev [`539a650`](https://git.odit.services/lfk/backend/commit/539a6509b17cfd373eef8e443eaa7d41168ac7a9)
+- Now resolveing runnercards [`24aff3b`](https://git.odit.services/lfk/backend/commit/24aff3bac458a9886ca40163484bc72733dc766a)
+- Tests now keep the group [`f3d73d5`](https://git.odit.services/lfk/backend/commit/f3d73d53467a4d00011d280c24e1e12fbb8e443d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`ce63043`](https://git.odit.services/lfk/backend/commit/ce63043887769e1f92a8c064d6647e0deb81b7fa)
+
+#### [v0.7.0](https://git.odit.services/lfk/backend/compare/v0.6.4...v0.7.0)
+
+> 23 March 2021
+
+- Merge pull request 'Release 0.7.0' (#170) from dev into main [`e40017a`](https://git.odit.services/lfk/backend/commit/e40017a6b88d83d5bfc57ff4603abeaca7a9a37b)
+- Added bulk card creation tests [`438ff0f`](https://git.odit.services/lfk/backend/commit/438ff0fc3f246f83b1fa04cb11828f4a61dfcd1e)
+- Added new "bulk" endpoint [`c1bbda5`](https://git.odit.services/lfk/backend/commit/c1bbda51f067cbd9ac1a9a5378ae3f5d7b9f4eca)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`7a49e7c`](https://git.odit.services/lfk/backend/commit/7a49e7c5c98eb23af1cd0d2084914641e9a1bf90)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`e843a46`](https://git.odit.services/lfk/backend/commit/e843a464e747c0d41280484cb54495cb2de2a9e8)
+- 🚀Bumped version to v0.7.0 [`d0ae50d`](https://git.odit.services/lfk/backend/commit/d0ae50d5579e969ad33d6b9cfd66dac7fa472223)
+- Merge pull request 'Bulk card creation feature/168-runnercards_bulk' (#169) from feature/168-runnercards_bulk into dev [`1dd6420`](https://git.odit.services/lfk/backend/commit/1dd64204cc63fb1a8a4a4aa503c21da42945eafd)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`4705a39`](https://git.odit.services/lfk/backend/commit/4705a39aabaad894d332a5062df03840c23c6bfa)
+
+#### [v0.6.4](https://git.odit.services/lfk/backend/compare/v0.6.3...v0.6.4)
+
+> 19 March 2021
+
+- Merge pull request 'Release 0.6.4' (#167) from dev into main [`4d721f6`](https://git.odit.services/lfk/backend/commit/4d721f62d9a5f6a1361ef2811a3a2ff63011b2ad)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`b0328ff`](https://git.odit.services/lfk/backend/commit/b0328ffdaffc8ef2e6e01e808c29748f58f42cac)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`cc6568c`](https://git.odit.services/lfk/backend/commit/cc6568c3810fed3ff2597df0db73a6ca9e072413)
+- 🚀Bumped version to v0.6.4 [`031cede`](https://git.odit.services/lfk/backend/commit/031cede5426742dc3c2b9dc6b049951d7c14871c)
+- Adjsuted endpoint [`3c69f8c`](https://git.odit.services/lfk/backend/commit/3c69f8c4a824e588977b06dbb45119cccb03c6bc)
+
+#### [v0.6.3](https://git.odit.services/lfk/backend/compare/v0.6.2...v0.6.3)
+
+> 18 March 2021
+
+- Merge pull request 'Release 0.6.3' (#165) from dev into main [`a3a1395`](https://git.odit.services/lfk/backend/commit/a3a1395a46d7970cff1b8cc2e84306a97791ed88)
+- The basic bugfix 🐞 [`fbdadbe`](https://git.odit.services/lfk/backend/commit/fbdadbef1f9eb835e1914e8d3770cca836b4c443)
+- The basic bugfix 🐞 [`c87c97c`](https://git.odit.services/lfk/backend/commit/c87c97c90f5e1229f92671b1f2ebe1fa0d2307cd)
+- Updated tests 🧪 [`f347b7a`](https://git.odit.services/lfk/backend/commit/f347b7ad4982ed3760117c08e11dca5c3f72d495)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3f9a704`](https://git.odit.services/lfk/backend/commit/3f9a7049e31a6948125a07e847233b804f27ba31)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`b08acc6`](https://git.odit.services/lfk/backend/commit/b08acc666035ed766cc6ccfa9a410a54db4d7321)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a6bca59`](https://git.odit.services/lfk/backend/commit/a6bca59ffe06a37f03af21500c442cebeaa74c7e)
+- 🚀Bumped version to v0.6.3 [`7a303c2`](https://git.odit.services/lfk/backend/commit/7a303c2b2c267d6dd566b1470649e65bc1c1b2ee)
+- Merge pull request 'TrackScan Update bug 🐞bugfix/163-trackscan_updates' (#164) from bugfix/163-trackscan_updates into dev [`6249419`](https://git.odit.services/lfk/backend/commit/6249419fae22e0203c046c1a3cd82c07f94f510c)
+
+#### [v0.6.2](https://git.odit.services/lfk/backend/compare/v0.6.1...v0.6.2)
+
+> 17 March 2021
+
+- Merge pull request 'Release 0.6.2' (#162) from dev into main [`732a1b8`](https://git.odit.services/lfk/backend/commit/732a1b88d916720ea82cd4b192fc696640ade2aa)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`fcb43f9`](https://git.odit.services/lfk/backend/commit/fcb43f92b0b7a8fa2ed3772357c3eab8e6564eef)
+- Fixed trackscan vaildation [`a8ea4fa`](https://git.odit.services/lfk/backend/commit/a8ea4fa659732ca2c922fc3c75d2238be2feb5c7)
+- Added comments✏ [`289f9e2`](https://git.odit.services/lfk/backend/commit/289f9e219692789f86c631f52c67b578216acb48)
+- Added comments✏ [`937a9fa`](https://git.odit.services/lfk/backend/commit/937a9fad4d8914b83fc6300f776c0720b756a9f4)
+- Removed duplicate openapi declarations 🗑 [`c8882ae`](https://git.odit.services/lfk/backend/commit/c8882ae6a18188a9c98a237dd594548ebac6f460)
+- Now defining security per endpoint 🔐 [`d709ee7`](https://git.odit.services/lfk/backend/commit/d709ee74795b785599cda50b4351bd566a0b8573)
+- Changed the method of getting a parameter from the headers🛠 [`1d38d30`](https://git.odit.services/lfk/backend/commit/1d38d308ad8ae00d67c2b807b584da4f00bd9a58)
+- Now auto-etting the station token🔥🔥🔥 [`aae042c`](https://git.odit.services/lfk/backend/commit/aae042c041e325626b89b146d005e900bd880453)
+- Marked station as optional (quality of life improvements incoming) [`1f32ed0`](https://git.odit.services/lfk/backend/commit/1f32ed0727cb1117e5d201b5530b2f2d7f0323d8)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`4c960fe`](https://git.odit.services/lfk/backend/commit/4c960feeb22f819d1c618ced73f5799a3c7e4f00)
+- Fixed missing renameing🛠 [`0ed7f78`](https://git.odit.services/lfk/backend/commit/0ed7f78b2c284909d47fa0533424c279adef0ba3)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`c1dd451`](https://git.odit.services/lfk/backend/commit/c1dd4518d128edd8b8e36981a513744471241a25)
+- 🚀Bumped version to v0.6.2 [`5ba8f1d`](https://git.odit.services/lfk/backend/commit/5ba8f1dd4451c1a1b38fdd36cf632c9e6efa829c)
+- Merge pull request 'Bugfixes for trackscans feature/160-responseTrackScan_total_distance' (#161) from feature/160-responseTrackScan_total_distance into dev [`3d3790c`](https://git.odit.services/lfk/backend/commit/3d3790c2eb6a92bb5b1d2c7e44c75aef4e1b015f)
+- Fixed wrong error type 👀👀 [`1fa3fa7`](https://git.odit.services/lfk/backend/commit/1fa3fa75ee447b9919585e02c7997e3f1de9c8a7)
+- Added missing discription [`673e896`](https://git.odit.services/lfk/backend/commit/673e896aa3dc853b301a2e560e785c464a449b6f)
+
+#### [v0.6.1](https://git.odit.services/lfk/backend/compare/v0.6.0...v0.6.1)
+
+> 17 March 2021
+
+#### [v0.6.0](https://git.odit.services/lfk/backend/compare/v0.5.0...v0.6.0)
+
+> 17 March 2021
+
+- Merge pull request 'Release v0.6.0' (#159) from dev into main [`bdc7bb6`](https://git.odit.services/lfk/backend/commit/bdc7bb67e7e21769d95a762c3b6dfbf82e7e38d0)
+- 📖New license file version [CI SKIP] [skip ci] [`5f5c8a0`](https://git.odit.services/lfk/backend/commit/5f5c8a061eb94361e4cd02e9a6469194a9092513)
+- As requested by @philpp [`2cb7ec7`](https://git.odit.services/lfk/backend/commit/2cb7ec7317d8a48364261506facb2c11c7cf895f)
+- Updated ci with new kubernetes secrets 🚀🚀🚀 [`5541ae6`](https://git.odit.services/lfk/backend/commit/5541ae6ebd7f36f4482ae752f358102a18b95de0)
+- Added selfservice forgott positive tests [`bf1ec97`](https://git.odit.services/lfk/backend/commit/bf1ec976e3732b6ac052a55a51ee2ee18a8b1d3d)
+- Added all "negative" tests [`d0a7e34`](https://git.odit.services/lfk/backend/commit/d0a7e34de8095fca282adefff01fa5f72e7cdba3)
+- Added mailer functions [`8376513`](https://git.odit.services/lfk/backend/commit/83765136ccacd82ba6a8f9fb43eed78191ee0aa5)
+- Added tests for the new endpoint [`757332e`](https://git.odit.services/lfk/backend/commit/757332ed2b3325d8730ef1b284ac6ba40356df93)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`e4ed20d`](https://git.odit.services/lfk/backend/commit/e4ed20da3e0a9e32a2e4664d50f316f9131564f0)
+- Added first selfservice forgotten test [`a95a9b4`](https://git.odit.services/lfk/backend/commit/a95a9b4ec4a3012a91f6f622cfb9f5bff3376344)
+- Created basic endpoint for user forgotten mails [`d709971`](https://git.odit.services/lfk/backend/commit/d7099717c2eee8aaf1b580345717cc5acc06dbd2)
+- Implemented the "real" errors [`e26b7d4`](https://git.odit.services/lfk/backend/commit/e26b7d4923777a3013368e29c122709de7e1d9da)
+- Runner controller now uses the Mailer functions [`a343747`](https://git.odit.services/lfk/backend/commit/a3437475caf6b435ae4bdf6d48aeb7da7d43b25f)
+- Added scanstation me endpoint [`c5178e0`](https://git.odit.services/lfk/backend/commit/c5178e01814cedaa4402773b10f24d186714c1d2)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`54988ba`](https://git.odit.services/lfk/backend/commit/54988ba0fe012ce87d44c9068f7546a9be73723c)
+- Added last reset requested timestamp to runners [`66d6023`](https://git.odit.services/lfk/backend/commit/66d6023335c7a9d1a145c4189b610940ef5a525a)
+- Scanauth return objects [`46b7ace`](https://git.odit.services/lfk/backend/commit/46b7aceb0b86b03688faf0ec6661e4c9fbc6115c)
+- Revert "Switched normal images to chached registry" [`ca6fa63`](https://git.odit.services/lfk/backend/commit/ca6fa633a156a265d8f643a5f23090b6ab32260d)
+- Switched normal images to chached registry [`cba4455`](https://git.odit.services/lfk/backend/commit/cba4455d53f9a39b6f9993c36b5abd281201dfa1)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a7958ee`](https://git.odit.services/lfk/backend/commit/a7958eecd65116ab937f640cbebcae1962cb86c8)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`076aa87`](https://git.odit.services/lfk/backend/commit/076aa87dba1d6fc544e76c16f99c64d37fc82ea0)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`486e450`](https://git.odit.services/lfk/backend/commit/486e450a58d3671dc867ae1a99d052d9fe814c1a)
+- Updated request timeout [`ffcd45e`](https://git.odit.services/lfk/backend/commit/ffcd45e5724fccdec9b1dbc48f1320525dcd7288)
+- Added testing env check [`3f37212`](https://git.odit.services/lfk/backend/commit/3f372123fd2e1fae467e9cb20985de1eeb9f6a57)
+- 🚀Bumped version to v0.6.1 [`ce3ca9f`](https://git.odit.services/lfk/backend/commit/ce3ca9f1c86a6fe72e4dd77e3a0d60bf1e1bf542)
+- 🚀Bumped version to v0.6.0 [`623b5a1`](https://git.odit.services/lfk/backend/commit/623b5a1873afa73a984251543995b7da1cfdb5c9)
+- Merge pull request 'Scanstation "me" endpoint feature/157-scanstation_me' (#158) from feature/157-scanstation_me into dev [`13e8399`](https://git.odit.services/lfk/backend/commit/13e839902c063057e902fdb52b403be081d1667e)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a1a94ec`](https://git.odit.services/lfk/backend/commit/a1a94ec9dafecd9b4c453cc8cfe32c2e90acccf5)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`d5930f7`](https://git.odit.services/lfk/backend/commit/d5930f7c46f4fc8ed56b6eeec9f784d435fd3b2b)
+- Changed ci pipeline type to kubernetes [`6c43872`](https://git.odit.services/lfk/backend/commit/6c43872198c3dba44b3af3a7cfc7b628d5b304a3)
+- Mailer now ignores mailing erros when env is set to test [`6bb3ae8`](https://git.odit.services/lfk/backend/commit/6bb3ae8ba992bd6c4d5809d75a264c710999cdcf)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`bf71e35`](https://git.odit.services/lfk/backend/commit/bf71e35ecd333d888d63213d69b04fc681a9d0bd)
+- Adjusted tests for the new testing env [`9292027`](https://git.odit.services/lfk/backend/commit/92920273bec409563d1e38ea27f4d30f893598e8)
+- Applied Docker MTU fix 🛠 [`f7af777`](https://git.odit.services/lfk/backend/commit/f7af77710421d7aae5efb048e0622cd067fc20eb)
+- Updated description [`94001a4`](https://git.odit.services/lfk/backend/commit/94001a48f1b314e91ea5ec982e5585124f9541b6)
+- Now adding station id to headers of request for scan auth [`8ba7ee1`](https://git.odit.services/lfk/backend/commit/8ba7ee1d481e44e686489e237980b21aaaf6071c)
+- Merge pull request 'selfservice forgotten mails feature/154-selfservice_forgotten' (#155) from feature/154-selfservice_forgotten into dev [`cb6e78f`](https://git.odit.services/lfk/backend/commit/cb6e78fc176ec9efe94311b64286020b3c5bf633)
+- Changed endpoint url to avoid conflicts [`e5dab34`](https://git.odit.services/lfk/backend/commit/e5dab3469c3cef6298fc8deb1192a38f7d18406b)
+- Added console logging when a testing env get's discovered [`c01233b`](https://git.odit.services/lfk/backend/commit/c01233b4d663aefece26dbb86f8b6bcd5c916325)
+- Added not found error logic [`e7f0cb4`](https://git.odit.services/lfk/backend/commit/e7f0cb45c9ac3aa06e2a57786aa1cc51c9d66598)
+- Updated to new responsetype [`08957d4`](https://git.odit.services/lfk/backend/commit/08957d4dc2951cfeec56a54680c2ae4ef1525ab2)
+- Added readme description for testing env [`cedc175`](https://git.odit.services/lfk/backend/commit/cedc1750c21ad256c3337f293f06e894e2c2ef9f)
+- Renamed test [`1d762f5`](https://git.odit.services/lfk/backend/commit/1d762f56628eff47f4e1a910c7152bd0158283bd)
+
+#### [v0.5.0](https://git.odit.services/lfk/backend/compare/v0.4.6...v0.5.0)
+
+> 4 March 2021
+
+- Merge pull request 'Alpha Release 0.5.0' (#153) from dev into main [`64da0ea`](https://git.odit.services/lfk/backend/commit/64da0eadb313f3bd3ae20a66bcaf4401528008d9)
+- Removed mail templates [`c2fdfee`](https://git.odit.services/lfk/backend/commit/c2fdfeed4f5fc454b02bc4b198965889c173bbaa)
+- Removed mail config [`0342757`](https://git.odit.services/lfk/backend/commit/0342757d929b12635c88e74f17495df656865b1a)
+- Added selfservice scan response class [`6074ac5`](https://git.odit.services/lfk/backend/commit/6074ac5b3a8e43fd98394c1fb70c6e1dea8fcd5e)
+- Removed old mailer code [`0fcc729`](https://git.odit.services/lfk/backend/commit/0fcc729b56430f0fdb56242857aa1d883d5a4866)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`5272829`](https://git.odit.services/lfk/backend/commit/52728290b477d3f90ee7c14e0d438c4c74415322)
+- Added the new mailer code [`1551a44`](https://git.odit.services/lfk/backend/commit/1551a444babc025cde6e894c66d2be2c84ab26da)
+- Removed (now useless) mail controller [`485c247`](https://git.odit.services/lfk/backend/commit/485c247cd3305c4c4422d5582b1d61cc7af84989)
+- Trackscans now have a laptime that get's calculated on creation [`aa83373`](https://git.odit.services/lfk/backend/commit/aa833736d32993b1656abeeb02a4f8b021ec6252)
+- Removed useless functions and updated comments [`ada6798`](https://git.odit.services/lfk/backend/commit/ada679823cda8bc31d45c0ff6905f3d270cfd729)
+- Added new selfservice scans endpoint [`771a205`](https://git.odit.services/lfk/backend/commit/771a205fe634fc5c07e794b3245c59483ff14bd8)
+- Updated mail errors [`f289afd`](https://git.odit.services/lfk/backend/commit/f289afd8bc47f6eae9f12f765322b2db974ba918)
+- Laptime is now a part of the response [`a2c97a1`](https://git.odit.services/lfk/backend/commit/a2c97a11a3dc82543076e3844f20d1218943bbf9)
+- Updated readme env section [`db58a28`](https://git.odit.services/lfk/backend/commit/db58a280b3792b768eb2b1c82a76d9a9836978b1)
+- Added locale to pw reset endpoint [`a5d2a6e`](https://git.odit.services/lfk/backend/commit/a5d2a6ecd31dc9c186d4201aef5c52e34cbef3b5)
+- Now using mailer as static funtion [`9a1678a`](https://git.odit.services/lfk/backend/commit/9a1678acf0929dab9f84bd2c6a961b52e36172ce)
+- Updated readme env section [`149f3a8`](https://git.odit.services/lfk/backend/commit/149f3a83b2e9d59bfbf36c7ea9e27bc7f514856d)
+- Now checking for mails being set [`bb9bad6`](https://git.odit.services/lfk/backend/commit/bb9bad6d90370e768d4baffaae23ec756cc8353b)
+- Updated auth reset test for new mailer [`ae7d617`](https://git.odit.services/lfk/backend/commit/ae7d6176902699f82ea127194908ee360233e7b4)
+- Added scans returns 200 test [`82c65b6`](https://git.odit.services/lfk/backend/commit/82c65b632cdf44165b083494702b836c74e46a41)
+- 🚀Bumped version to v0.4.7 [`f1d85cf`](https://git.odit.services/lfk/backend/commit/f1d85cfb855c2aae581ade69751b3969ce38f020)
+- Now generateing bs mailer config in test env [`bf6b701`](https://git.odit.services/lfk/backend/commit/bf6b70106eb735d9ad6f6ad89f09194680af5ae1)
+- Added new mailer settings to config [`ddea02d`](https://git.odit.services/lfk/backend/commit/ddea02db574cc348685558f3fa3ecc84adbd6b65)
+- 🚀Bumped version to v0.5.0 [`3f2a2d2`](https://git.odit.services/lfk/backend/commit/3f2a2d292979c7f8162d92465b60b220f2634e7a)
+- Merge pull request 'Features for the new selfservice feature/151-selfservice_scans_mails' (#152) from feature/151-selfservice_scans_mails into dev [`15356c1`](https://git.odit.services/lfk/backend/commit/15356c1030988d03e3739f3ffe770669789759f2)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`be397c8`](https://git.odit.services/lfk/backend/commit/be397c8899d5b4406c17e8f9951555c54f852901)
+- Promoted axios to dependency [`a9e06c9`](https://git.odit.services/lfk/backend/commit/a9e06c905537b6da24706389e304e825a33a28ad)
+- Removed nodemailer from backend [`5833f42`](https://git.odit.services/lfk/backend/commit/5833f4218f9a4c97b69021814df92470a1816917)
+- Added another resonse type [`030b225`](https://git.odit.services/lfk/backend/commit/030b2255d42aab21d8974fc3a7235285934d53b7)
+- Added new selfservice response type [`f7f6df4`](https://git.odit.services/lfk/backend/commit/f7f6df41ff74708482db3ea2db717ffb562131c0)
+
+#### [v0.4.6](https://git.odit.services/lfk/backend/compare/v0.4.5...v0.4.6)
+
+> 26 February 2021
+
+- Merge pull request 'Alpha Release 0.4.6' (#148) from dev into main [`dd3c927`](https://git.odit.services/lfk/backend/commit/dd3c9275d60cb5bb1a40fbe91f666f17a8e0c8d3)
+- Added tests for the new org selfservice endpoints [`28ef139`](https://git.odit.services/lfk/backend/commit/28ef139a70e0c063982b2eb9167b7abe41db1621)
+- Added selfservice org response model [`ba3b5ee`](https://git.odit.services/lfk/backend/commit/ba3b5eeefc45f9bd94aef24f9f509f6835f5ea7c)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`764b7ff`](https://git.odit.services/lfk/backend/commit/764b7ffe00086248e1f1cccb265ca920a568c0a0)
+- Merge pull request 'Fixed wrong body acceptance type' (#150) from bugfix/146-usergroup_update into dev [`d870b2f`](https://git.odit.services/lfk/backend/commit/d870b2fd01b11b1732fcbb6feecaf6a6155fa702)
+- Added selfservice team response model [`ba396e0`](https://git.odit.services/lfk/backend/commit/ba396e0eba15647b3004437a5a9949c7a69e828d)
+- 📖New license file version [CI SKIP] [skip ci] [`bce8811`](https://git.odit.services/lfk/backend/commit/bce8811925e7f77c64fc507d55335ac45b0e5572)
+- 📖New license file version [CI SKIP] [skip ci] [`b1fced7`](https://git.odit.services/lfk/backend/commit/b1fced77640b6c26438331474f368f2b0708b672)
+- Added selfservice org info endpoint [`656f63d`](https://git.odit.services/lfk/backend/commit/656f63dfd5fdbe13554fc98440e416be7e56d909)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`c0cafb4`](https://git.odit.services/lfk/backend/commit/c0cafb4d510116773fed12592cad1efc2ef09f38)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`09fe47b`](https://git.odit.services/lfk/backend/commit/09fe47b9aaac47b65d4e910ef89d558c47fd7364)
+- Fixed wrong body acceptance type [`aaec09d`](https://git.odit.services/lfk/backend/commit/aaec09d2ab08a76e9d367fdfefc01cea5588f1b9)
+- Pinned package version to avoid dependency conflicts 📌 [`39ebfbf`](https://git.odit.services/lfk/backend/commit/39ebfbf0b633ecc479a33fdf851cd6550616bfee)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3736b29`](https://git.odit.services/lfk/backend/commit/3736b29e5435abb05de03e5d99d9adb438cd7d7e)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`305fa00`](https://git.odit.services/lfk/backend/commit/305fa0078d44b39b0391e84ba67b048285cf77b9)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3afc207`](https://git.odit.services/lfk/backend/commit/3afc207903c9cf1e62e6f4a62601b4213f608192)
+- Quick bugfix [`5d6c8c9`](https://git.odit.services/lfk/backend/commit/5d6c8c957acd098a20e674ce5529f60cbc9f4151)
+- 🚀Bumped version to v0.4.6 [`b4acd15`](https://git.odit.services/lfk/backend/commit/b4acd157fc075154a60946c1ee8876ee5f5dfbee)
+- Merge pull request 'New org selfservice endpoint feature/146-more_selfservice_endpoints' (#147) from feature/146-more_selfservice_endpoints into dev [`45d61b4`](https://git.odit.services/lfk/backend/commit/45d61b487e8e6fdd8e00c184a08c9d6e34a1b6bf)
+- Added new response types [`3c11d88`](https://git.odit.services/lfk/backend/commit/3c11d88557a2612bf4320ff669323bc048634e94)
+
+#### [v0.4.5](https://git.odit.services/lfk/backend/compare/v0.4.4...v0.4.5)
+
+> 9 February 2021
+
+- Merge pull request 'Alpha release 0.4.5' (#145) from dev into main [`a46d142`](https://git.odit.services/lfk/backend/commit/a46d14278b9a084ca54f8f90e5e70b04739c2dd7)
+- 🚀Bumped version to v0.4.5 [`cc869f6`](https://git.odit.services/lfk/backend/commit/cc869f69add1f1a175ff94510d52888f81bccb69)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`680ae8e`](https://git.odit.services/lfk/backend/commit/680ae8ebbb39d103085fe1fe8781d71b3c3ed055)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`b9aac71`](https://git.odit.services/lfk/backend/commit/b9aac7167681ff0945e538dd177abd6f97771bf2)
+- Merge pull request 'usergroups/permissions endpoint feature/143-usergroup_permissions_endpoint' (#144) from feature/143-usergroup_permissions_endpoint into dev [`a30a342`](https://git.odit.services/lfk/backend/commit/a30a342e00ba944f8014044bba28141c0657a17f)
+- Implemented /groups/permissions endpoint [`0c9867d`](https://git.odit.services/lfk/backend/commit/0c9867d70616615c8f3c72bbec37a4441e4868ef)
+- Now all /usergroups endpoints return ResponseUserGroup [`bdcfce8`](https://git.odit.services/lfk/backend/commit/bdcfce88cbe069f9ba1925fcaac06367a109d2b7)
+- The ResponseUserGroup now returns their permisssions as a string array [`416f2a1`](https://git.odit.services/lfk/backend/commit/416f2a1366c570998011d022ebd7f5f44276b2c9)
+- The ResponseUserGroup now returns their permisssions as a string array [`5e353db`](https://git.odit.services/lfk/backend/commit/5e353db2061c30b4d10965c47f0dcbecb7f59fc5)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`8379c3e`](https://git.odit.services/lfk/backend/commit/8379c3e29c45f0d7c4c84bce1f3abc718158fa84)
+
+#### [v0.4.4](https://git.odit.services/lfk/backend/compare/v0.4.3...v0.4.4)
+
+> 9 February 2021
+
+- Merge pull request 'Alpha release 0.4.4' (#142) from dev into main [`c4edcca`](https://git.odit.services/lfk/backend/commit/c4edccace78765dd5caa0f0e79c52f07c8a3568e)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`ca3d093`](https://git.odit.services/lfk/backend/commit/ca3d093e54bfaaa77c97e96738a74eeb25aee440)
+- Now loading runner's group's parentgroup with every runner controller request [`701706c`](https://git.odit.services/lfk/backend/commit/701706c0289b357439608b4e2eaa66c617d16e9d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`74de655`](https://git.odit.services/lfk/backend/commit/74de6559d7c5e8c6d257d41dc91396b53bf0c071)
+- The group/runners endpoints now also deliver the runner's group's parentGroup [`906a1dc`](https://git.odit.services/lfk/backend/commit/906a1dc9e79ea4eb298a561cf98e6ae42b3ae4ec)
+- 🚀Bumped version to v0.4.4 [`a6f73c7`](https://git.odit.services/lfk/backend/commit/a6f73c733c8cfc8d84beb7e0bbd5bcd1313df9d0)
+- Merge pull request 'Expanded runner response feature/140-runner_group_parent' (#141) from feature/140-runner_group_parent into dev [`28cfbaa`](https://git.odit.services/lfk/backend/commit/28cfbaa6624d0bc65e2a9b72ffed17060e828735)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`09bbc70`](https://git.odit.services/lfk/backend/commit/09bbc70f5fd1f026148be07fe889a6907bc3f75a)
+- Adjusted test for the new response depth [`90e1ad7`](https://git.odit.services/lfk/backend/commit/90e1ad7db72732d13002c87461c33560b74befa6)
+- Adjusted test for the new response depth [`5872c63`](https://git.odit.services/lfk/backend/commit/5872c6335be573d849cdc3746b261c6cf476c3de)
+
+#### [v0.4.3](https://git.odit.services/lfk/backend/compare/v0.4.2...v0.4.3)
+
+> 7 February 2021
+
+- Merge pull request 'Alpha Release 0.4.3' (#139) from dev into main [`dd9cb6d`](https://git.odit.services/lfk/backend/commit/dd9cb6d3ef60cb118391abc2ba17fd0f83db0b1c)
+- 🚀Bumped version to v0.4.3 [`656d564`](https://git.odit.services/lfk/backend/commit/656d564baa8c8bf1f63523b0301ad9ff23e08aa4)
+- Bugfix for @lfk/frontend/#43 [`8f0a396`](https://git.odit.services/lfk/backend/commit/8f0a396dd07937fb7ccfb345d1acbac86eb5d9bb)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`f3f5cb4`](https://git.odit.services/lfk/backend/commit/f3f5cb462e4ecf932ad55eb519815222b4e5dd17)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`23c732b`](https://git.odit.services/lfk/backend/commit/23c732b6905cc9f6479a53a7744b72d01e345ecb)
+- Merge pull request 'Bugfix for @lfk/frontend/#43' (#138) from bugfix/118-encode_jwt_in_mail into dev [`9959172`](https://git.odit.services/lfk/backend/commit/9959172f2ae11cbb7a2b8e97bad432956fc70a80)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a18d4d3`](https://git.odit.services/lfk/backend/commit/a18d4d3cee58f8eb9dc428b051a2394bd3ece5c2)
+
 #### [v0.4.2](https://git.odit.services/lfk/backend/compare/v0.4.1...v0.4.2)
 
-- 📖New license file version [CI SKIP] [skip ci] [`74791df`](https://git.odit.services/lfk/backend/commit/74791df68b40355e1d1a1f7f5ae4f64422571dc9)
+> 2 February 2021
+
+- Merge pull request 'Alpha Release 0.4.2' (#137) from dev into main [`390b36d`](https://git.odit.services/lfk/backend/commit/390b36dfd46cf8829126581bd62dd3d4ce8558fa)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3b718f3`](https://git.odit.services/lfk/backend/commit/3b718f3ce58f12007b6068e5db00a00dbe1c5398)
 - 🧾New changelog file version [CI SKIP] [skip ci] [`f7a0ec7`](https://git.odit.services/lfk/backend/commit/f7a0ec7174521b1863a4bc58c7ff2b86cafdee66)
 - 🚀Bumped version to v0.4.2 [`321b20b`](https://git.odit.services/lfk/backend/commit/321b20b073b6debd605a92544779d0dfc0449f10)
 - Merge pull request 'Imprint&Privacy Links feature/135-imprint_and_privacy' (#136) from feature/135-imprint_and_privacy into dev [`110a847`](https://git.odit.services/lfk/backend/commit/110a84783e023407cbcf81506deb7cc204db9659)
+- 📖New license file version [CI SKIP] [skip ci] [`74791df`](https://git.odit.services/lfk/backend/commit/74791df68b40355e1d1a1f7f5ae4f64422571dc9)
 - 🧾New changelog file version [CI SKIP] [skip ci] [`8425043`](https://git.odit.services/lfk/backend/commit/84250430996920ada15af23b68756daba8f99257)
 - Added new url env vars to config [`bcad691`](https://git.odit.services/lfk/backend/commit/bcad691045d00c9630bedb0936c123610b655946)
 - fixed license-exporter call [`74b982a`](https://git.odit.services/lfk/backend/commit/74b982afba3ec82a038c4748420920732fe32a51)

Dockerfile

@@ -1,16 +1,23 @@
 # Typescript Build
-FROM node:14.15.1-alpine3.12
+FROM registry.odit.services/hub/library/node:21.1.0-alpine3.18 as build
+ARG NPM_REGISTRY_URL=https://registry.npmjs.org
 WORKDIR /app
+
 COPY package.json ./
-RUN npm i -g pnpm
-RUN pnpm i
+RUN npm config set registry $NPM_REGISTRY_URL && npm i -g pnpm@8
+RUN mkdir /pnpm && pnpm config set store-dir /pnpm && pnpm i
+
 COPY tsconfig.json ormconfig.js ./
 COPY src ./src
-RUN pnpm run build
+RUN pnpm run build \
+    && rm -rf /app/node_modules \
+    && pnpm i --production --prefer-offline
+
 # final image
-FROM node:14.15.1-alpine3.12
-COPY package.json ormconfig.js ./
-RUN npm i -g pnpm
-RUN pnpm i --prod
-COPY --from=0 /app/dist dist
-ENTRYPOINT ["node", "dist/app.js"]
+FROM registry.odit.services/hub/library/node:21.1.0-alpine3.18 as final
+WORKDIR /app
+COPY --from=build /app/package.json /app/package.json
+COPY --from=build /app/ormconfig.js /app/ormconfig.js
+COPY --from=build /app/dist /app/dist
+COPY --from=build /app/node_modules /app/node_modules
+ENTRYPOINT ["node", "/app/dist/app.js"]

README.md

@@ -15,24 +15,24 @@ Backend Server
 
 1. Rename the .env.example file to .env (you can adjust app port and other settings, if needed)
 2. Install Dependencies
-   ```bash
-   yarn
-   ```
+```bash
+pnpm i
+```
 3. Start the server
-   ```bash
-   yarn dev
-   ```
+```bash
+pnpm dev
+```
 
 ### Run Tests
 ```bash
 # Run tests once (server has to run)
-yarn test
+pnpm test
 
 # Run test in watch mode (reruns on change)
-yarn test:watch
+pnpm test:watch
 
 # Run test in ci mode (automaticly starts the dev server)
-yarn test:ci
+pnpm test:ci
 ```
 
 ### Use your own mail templates
@@ -44,33 +44,30 @@ Currently the following templates exist:
 
 ### Generate Docs
 ```bash
-yarn docs
+pnpm docs
 ```
 
 ## ENV Vars
 > You can provide them via .env file or docker env vars.
-> You can use the `test:ci:generate_env` package script to generate a example env (uses [ethereal.email](https://ethereal.email) as the mailserver).
+> You can use the `test:ci:generate_env` package script to generate a example env (uses bs data as test server and ignores the errors).
 
-| Name | Type | Default | Description
-| - | - | - | -
-| APP_PORT | Number | 4010 | The port the backend server listens on. Is optional.
-| DB_TYPE | String | N/A | The type of the db u want to use. It has to be supported by typeorm. Possible: `sqlite`, `mysql`, `postgresql`
-| DB_HOST | String | N/A | The db's host's ip-address/fqdn or file path for sqlite
-| DB_PORT | String | N/A | The db's port
-| DB_USER | String | N/A | The user for accessing the db
-| DB_PASSWORD | String | N/A | The user's password for accessing the db
-| DB_NAME | String | N/A | The db's name
-| NODE_ENV | String | dev | The apps env - influences debug info.
-| POSTALCODE_COUNTRYCODE | String/CountryCode | N/A | The countrycode used to validate address's postal codes
-| PHONE_COUNTRYCODE | String/CountryCode | null (international) | The countrycode used to validate phone numers
-| SEED_TEST_DATA | Boolean | False | If you want the app to seed some example data set this to true
-| MAIL_SERVER | String | N/A | The smtp server's ip-address/fqdn
-| MAIL_PORT | String | N/A | The smtp server's port
-| MAIL_USER | String | N/A | The username for sending mails
-| MAIL_PASSWORD | String | N/A | The user's password for sending mails
-| MAIL_FROM | String | N/A | The from-address for sending mails
-| IMPRINT_URL | String(Url) | /imprint | The link to a imprint page for the system (Defaults to the frontend's imprint)
-| PRIVACY_URL | String(Url) | /privacy | The link to a privacy page for the system (Defaults to the frontend's privacy page)
+| Name                   | Type               | Default              | Description                                                                                                    |
+| ---------------------- | ------------------ | -------------------- | -------------------------------------------------------------------------------------------------------------- |
+| APP_PORT               | Number             | 4010                 | The port the backend server listens on. Is optional.                                                           |
+| DB_TYPE                | String             | N/A                  | The type of the db u want to use. It has to be supported by typeorm. Possible: `sqlite`, `mysql`, `postgresql` |
+| DB_HOST                | String             | N/A                  | The db's host's ip-address/fqdn or file path for sqlite                                                        |
+| DB_PORT                | String             | N/A                  | The db's port                                                                                                  |
+| DB_USER                | String             | N/A                  | The user for accessing the db                                                                                  |
+| DB_PASSWORD            | String             | N/A                  | The user's password for accessing the db                                                                       |
+| DB_NAME                | String             | N/A                  | The db's name                                                                                                  |
+| NODE_ENV               | String             | dev                  | The apps env - influences debug info. Also when the env is set to "test", mailing errors get ignored.          |
+| POSTALCODE_COUNTRYCODE | String/CountryCode | N/A                  | The countrycode used to validate address's postal codes                                                        |
+| PHONE_COUNTRYCODE      | String/CountryCode | null (international) | The countrycode used to validate phone numers                                                                  |
+| SEED_TEST_DATA         | Boolean            | False                | If you want the app to seed some example data set this to true                                                 |
+| MAILER_URL             | String(Url)        | N/A                  | The mailer's base url (no trailing slash)                                                                      |
+| MAILER_KEY             | String             | N/A                  | The mailer's api key.                                                                                          |
+| IMPRINT_URL            | String(Url)        | /imprint             | The link to a imprint page for the system (Defaults to the frontend's imprint)                                 |
+| PRIVACY_URL            | String(Url)        | /privacy             | The link to a privacy page for the system (Defaults to the frontend's privacy page)                            |
 
 
 ## Recommended Editor
@@ -88,10 +85,10 @@ yarn docs
    * A new release tag automaticly triggers the release ci pipeline
 * main: Protected "release" branch
    * The latest tag of the docker image get's build from this
-   * New releases get created as tags from this   
 * dev: Current dev branch for merging the different feature branches and bugfixes
+   * New releases get created as tags from this   
    * The dev tag of the docker image get's build from this
    * Only push minor changes to this branch!
    * To merge a feature branch into this please create a pull request
-* feature/xyz: Feature branches - nameing scheme: `feature/issueid-title`
-* bugfix/xyz: Branches for bugfixes - nameing scheme:`bugfix/issueid-title`
+* feature/xyz: Feature branches - naming scheme: `feature/issueid-title`
+* bugfix/xyz: Branches for bugfixes - naming scheme:`bugfix/issueid-title`

docker-compose.yml

@@ -11,8 +11,12 @@ services:
       DB_PORT: bla
       DB_USER: bla
       DB_PASSWORD: bla
-      DB_NAME: dev.sqlite
+      DB_NAME: ./db.sqlite
       NODE_ENV: production
+      POSTALCODE_COUNTRYCODE: DE
+      SEED_TEST_DATA: "false"
+      MAILER_URL: https://dev.lauf-fuer-kaya.de/mailer
+      MAILER_KEY: asdasd
       # APP_PORT: 4010
       # DB_TYPE: postgres
       # DB_HOST: backend_db

licenses.md

@@ -57,6 +57,33 @@ SOFTWARE.
 
  
 
+# axios
+**Author**: Matt Zabriskie
+**Repo**: [object Object]
+**License**: MIT
+**Description**: Promise based HTTP client for the browser and node.js
+## License Text
+Copyright (c) 2014-present Matt Zabriskie
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+ 
+
 # body-parser
 **Author**: undefined
 **Repo**: expressjs/body-parser
@@ -88,6 +115,35 @@ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  
 
+# check-password-strength
+**Author**: deanilvincent
+**Repo**: [object Object]
+**License**: MIT
+**Description**: A NPM Password strength checker based from Javascript RegExp. Check passphrase if it's "Weak", "Medium" or "Strong"
+## License Text
+MIT License
+
+Copyright (c) 2020 Mark Deanil Vicente
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+ 
+
 # class-transformer
 **Author**: [object Object]
 **Repo**: [object Object]
@@ -388,30 +444,25 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 **License**: MIT
 **Description**: A node.js driver for mysql. It is written in JavaScript, does not require compiling, and is 100% MIT licensed.
 ## License Text
- 
+Copyright (c) 2012 Felix Geisendörfer (felix@debuggable.com) and contributors
 
-# nodemailer
-**Author**: Andris Reinman
-**Repo**: [object Object]
-**License**: MIT
-**Description**: Easy as cake e-mail sending from your Node.js applications
-## License Text
-Copyright (c) 2011-2019 Andris Reinman
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
 
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ THE SOFTWARE.
  
 
 # pg
@@ -664,6 +715,75 @@ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  
 
+# @faker-js/faker
+**Author**: undefined
+**Repo**: [object Object]
+**License**: MIT
+**Description**: Generate massive amounts of fake contextual data
+## License Text
+Faker - Copyright (c) 2022
+
+This software consists of voluntary contributions made by many individuals.
+For exact contribution history, see the revision history
+available at https://github.com/faker-js/faker
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+===
+
+From: https://github.com/faker-js/faker/commit/a9f98046c7d5eeaabe12fc587024c06d683800b8
+To: https://github.com/faker-js/faker/commit/29234378807c4141588861f69421bf20b5ac635e
+
+Based on faker.js, copyright Marak Squires and contributor, what follows below is the original license.
+
+===
+
+faker.js - Copyright (c) 2020
+Marak Squires
+http://github.com/marak/faker.js/
+
+faker.js was inspired by and has used data definitions from:
+
+ * https://github.com/stympy/faker/ - Copyright (c) 2007-2010 Benjamin Curtis
+ * http://search.cpan.org/~jasonk/Data-Faker-0.07/ - Copyright 2004-2005 by Jason Kohles
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ 
+
 # @odit/license-exporter
 **Author**: ODIT.Services
 **Repo**: [object Object]
@@ -865,35 +985,6 @@ OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
     SOFTWARE
  
 
-# @types/nodemailer
-**Author**: undefined
-**Repo**: [object Object]
-**License**: MIT
-**Description**: TypeScript definitions for Nodemailer
-## License Text
-    MIT License
-
-    Copyright (c) Microsoft Corporation. All rights reserved.
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE
- 
-
 # @types/uuid
 **Author**: undefined
 **Repo**: [object Object]
@@ -923,13 +1014,15 @@ OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
     SOFTWARE
  
 
-# axios
-**Author**: Matt Zabriskie
+# auto-changelog
+**Author**: Pete Cook <pete@cookpete.com> (https://github.com/cookpete)
 **Repo**: [object Object]
 **License**: MIT
-**Description**: Promise based HTTP client for the browser and node.js
+**Description**: Command line tool for generating a changelog from git tags and commit history
 ## License Text
-Copyright (c) 2014-present Matt Zabriskie
+The MIT License
+
+Copyright (c) 2017 Pete Cook https://cookpete.com
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package.json

@@ -1,107 +1,117 @@
-{
-  "name": "@odit/lfk-backend",
-  "version": "0.4.2",
-  "main": "src/app.ts",
-  "repository": "https://git.odit.services/lfk/backend",
-  "author": {
-    "name": "ODIT.Services",
-    "email": "info@odit.services",
-    "url": "https://odit.services"
-  },
-  "contributors": [
-    {
-      "name": "Philipp Dormann",
-      "email": "philipp@philippdormann.de",
-      "url": "https://philippdormann.de"
-    },
-    {
-      "name": "Nicolai Ort",
-      "email": "info@nicolai-ort.com",
-      "url": "https://nicolai-ort.com"
-    }
-  ],
-  "license": "CC-BY-NC-SA-4.0",
-  "dependencies": {
-    "@odit/class-validator-jsonschema": "2.1.1",
-    "argon2": "^0.27.1",
-    "body-parser": "^1.19.0",
-    "class-transformer": "0.3.1",
-    "class-validator": "^0.13.1",
-    "consola": "^2.15.0",
-    "cookie": "^0.4.1",
-    "cookie-parser": "^1.4.5",
-    "cors": "^2.8.5",
-    "csvtojson": "^2.0.10",
-    "dotenv": "^8.2.0",
-    "express": "^4.17.1",
-    "jsonwebtoken": "^8.5.1",
-    "libphonenumber-js": "^1.9.9",
-    "mysql": "^2.18.1",
-    "nodemailer": "^6.4.17",
-    "pg": "^8.5.1",
-    "reflect-metadata": "^0.1.13",
-    "routing-controllers": "^0.9.0-alpha.6",
-    "routing-controllers-openapi": "^2.2.0",
-    "sqlite3": "5.0.0",
-    "typeorm": "^0.2.30",
-    "typeorm-routing-controllers-extensions": "^0.2.0",
-    "typeorm-seeding": "^1.6.1",
-    "uuid": "^8.3.2",
-    "validator": "^13.5.2"
-  },
-  "devDependencies": {
-    "@odit/license-exporter": "^0.0.9",
-    "@types/cors": "^2.8.9",
-    "@types/csvtojson": "^1.1.5",
-    "@types/express": "^4.17.11",
-    "@types/jest": "^26.0.20",
-    "@types/jsonwebtoken": "^8.5.0",
-    "@types/node": "^14.14.22",
-    "@types/nodemailer": "^6.4.0",
-    "@types/uuid": "^8.3.0",
-    "axios": "^0.21.1",
-    "cp-cli": "^2.0.0",
-    "jest": "^26.6.3",
-    "nodemon": "^2.0.7",
-    "release-it": "^14.2.2",
-    "rimraf": "^3.0.2",
-    "start-server-and-test": "^1.11.7",
-    "ts-jest": "^26.5.0",
-    "ts-node": "^9.1.1",
-    "typedoc": "^0.20.19",
-    "typescript": "^4.1.3"
-  },
-  "scripts": {
-    "dev": "nodemon src/app.ts",
-    "build": "rimraf ./dist && tsc && cp-cli ./src/static ./dist/static",
-    "docs": "typedoc --out docs src",
-    "test": "jest",
-    "test:watch": "jest --watchAll",
-    "test:ci:generate_env": "ts-node scripts/create_testenv.ts",
-    "test:ci:run": "start-server-and-test dev http://localhost:4010/api/docs/openapi.json test",
-    "test:ci": "npm run test:ci:generate_env && npm run test:ci:run",
-    "seed": "ts-node ./node_modules/typeorm/cli.js schema:sync && ts-node ./node_modules/typeorm-seeding/dist/cli.js seed",
-    "openapi:export": "ts-node scripts/openapi_export.ts",
-    "licenses:export": "license-exporter --markdown",
-    "release": "release-it --only-version"
-  },
-  "release-it": {
-    "git": {
-      "commit": true,
-      "requireCleanWorkingDir": false,
-      "commitMessage": "🚀Bumped version to v${version}",
-      "requireBranch": "dev",
-      "push": false,
-      "tag": false
-    },
-    "npm": {
-      "publish": false
-    }
-  },
-  "nodemonConfig": {
-    "ignore": [
-      "src/tests/*",
-      "docs/*"
-    ]
-  }
-}
+{
+  "name": "@odit/lfk-backend",
+  "version": "1.1.3",
+  "main": "src/app.ts",
+  "repository": "https://git.odit.services/lfk/backend",
+  "engines": {
+    "pnpm": "8"
+  },
+  "author": {
+    "name": "ODIT.Services",
+    "email": "info@odit.services",
+    "url": "https://odit.services"
+  },
+  "contributors": [
+    {
+      "name": "Philipp Dormann",
+      "email": "philipp@philippdormann.de",
+      "url": "https://philippdormann.de"
+    },
+    {
+      "name": "Nicolai Ort",
+      "email": "info@nicolai-ort.com",
+      "url": "https://nicolai-ort.com"
+    }
+  ],
+  "license": "CC-BY-NC-SA-4.0",
+  "dependencies": {
+    "@odit/class-validator-jsonschema": "2.1.1",
+    "argon2": "0.27.1",
+    "axios": "0.21.1",
+    "body-parser": "1.19.0",
+    "check-password-strength": "2.0.2",
+    "class-transformer": "0.3.1",
+    "class-validator": "0.13.1",
+    "consola": "2.15.0",
+    "cookie": "0.4.1",
+    "cookie-parser": "1.4.5",
+    "cors": "2.8.5",
+    "csvtojson": "2.0.10",
+    "dotenv": "8.2.0",
+    "express": "4.17.1",
+    "jsonwebtoken": "8.5.1",
+    "libphonenumber-js": "1.9.9",
+    "mysql": "2.18.1",
+    "pg": "8.5.1",
+    "reflect-metadata": "0.1.13",
+    "routing-controllers": "0.9.0-alpha.6",
+    "routing-controllers-openapi": "2.2.0",
+    "sqlite3": "5.0.0",
+    "typeorm": "0.2.30",
+    "typeorm-routing-controllers-extensions": "0.2.0",
+    "typeorm-seeding": "1.6.1",
+    "uuid": "8.3.2",
+    "validator": "13.5.2"
+  },
+  "devDependencies": {
+    "@faker-js/faker": "7.6.0",
+    "@odit/license-exporter": "0.0.9",
+    "@types/cors": "2.8.9",
+    "@types/csvtojson": "1.1.5",
+    "@types/express": "4.17.11",
+    "@types/jest": "26.0.20",
+    "@types/jsonwebtoken": "8.5.0",
+    "@types/node": "14.14.22",
+    "@types/uuid": "8.3.0",
+    "auto-changelog": "2.4.0",
+    "cp-cli": "2.0.0",
+    "jest": "26.6.3",
+    "nodemon": "2.0.7",
+    "release-it": "14.2.2",
+    "rimraf": "3.0.2",
+    "start-server-and-test": "1.11.7",
+    "ts-jest": "26.5.0",
+    "ts-node": "9.1.1",
+    "typedoc": "0.20.19",
+    "typescript": "4.1.3"
+  },
+  "scripts": {
+    "dev": "nodemon src/app.ts",
+    "build": "rimraf ./dist && tsc && cp-cli ./src/static ./dist/static",
+    "docs": "typedoc --out docs src",
+    "test": "jest",
+    "test:watch": "jest --watchAll",
+    "test:ci:generate_env": "ts-node scripts/create_testenv.ts",
+    "test:ci:run": "start-server-and-test dev http://localhost:4010/api/docs/openapi.json test",
+    "test:ci": "npm run test:ci:generate_env && npm run test:ci:run",
+    "seed": "ts-node ./node_modules/typeorm/cli.js schema:sync && ts-node ./node_modules/typeorm-seeding/dist/cli.js seed",
+    "openapi:export": "ts-node scripts/openapi_export.ts",
+    "licenses:export": "license-exporter --markdown",
+    "changelog:export": "auto-changelog --commit-limit false -p -u --hide-credit",
+    "release": "release-it --only-version"
+  },
+  "release-it": {
+    "git": {
+      "commit": true,
+      "requireCleanWorkingDir": false,
+      "commitMessage": "🚀Bumped version to v${version}",
+      "requireBranch": "dev",
+      "push": true,
+      "tag": true,
+      "tagName": "v${version}",
+      "tagAnnotation": "v${version}"
+    },
+    "npm": {
+      "publish": false
+    },
+    "hooks": {
+      "after:bump": "npm run changelog:export && npm run licenses:export && git add CHANGELOG.md && git add licenses.md"
+    }
+  },
+  "nodemonConfig": {
+    "ignore": [
+      "src/tests/*",
+      "docs/*"
+    ]
+  }
+}

scripts/create_testenv.ts

@@ -1,15 +1,8 @@
 import consola from "consola";
 import fs from "fs";
-import nodemailer from "nodemailer";
 
 
-nodemailer.createTestAccount((err, account) => {
-    if (err) {
-        console.error('Failed to create a testing account. ' + err.message);
-        return process.exit(1);
-    }
-
-    const env = `
+const env = `
 APP_PORT=4010
 DB_TYPE=sqlite
 DB_HOST=bla
@@ -17,21 +10,15 @@ DB_PORT=bla
 DB_USER=bla
 DB_PASSWORD=bla
 DB_NAME=./test.sqlite
-NODE_ENV=dev
+NODE_ENV=test
 POSTALCODE_COUNTRYCODE=DE
 SEED_TEST_DATA=true
-MAIL_SERVER=${account.smtp.host}
-MAIL_PORT=${account.smtp.port}
-MAIL_USER=${account.user}
-MAIL_PASSWORD=${account.pass}
-MAIL_FROM=${account.user}`
-
-    try {
-        fs.writeFileSync("./.env", env, { encoding: "utf-8" });
-        consola.success("Exported ci env to .env");
-    } catch (error) {
-        consola.error("Couldn't export the ci env");
-    }
-
-});
+MAILER_URL=https://dev.lauf-fuer-kaya.de/mailer
+MAILER_KEY=asdasd`;
 
+try {
+    fs.writeFileSync("./.env", env, { encoding: "utf-8" });
+    consola.success("Exported ci env to .env");
+} catch (error) {
+    consola.error("Couldn't export the ci env");
+}

src/app.ts

@@ -20,6 +20,9 @@ const app = createExpressServer({
 
 async function main() {
   await loaders(app);
+  if (config.testing) {
+    consola.info("🛠[config]: Discovered testing env. Mailing errors will get ignored!")
+  }
   app.listen(config.internal_port, () => {
     consola.success(
       `⚡️[server]: Server is running at http://localhost:${config.internal_port}`

src/config.ts

@@ -6,19 +6,17 @@ configDotenv();
 export const config = {
     internal_port: parseInt(process.env.APP_PORT) || 4010,
     development: process.env.NODE_ENV === "production",
+    testing: process.env.NODE_ENV === "test",
     jwt_secret: process.env.JWT_SECRET || "secretjwtsecret",
     phone_validation_countrycode: getPhoneCodeLocale(),
     postalcode_validation_countrycode: getPostalCodeLocale(),
     version: process.env.VERSION || require('../package.json').version,
     seedTestData: getDataSeeding(),
-    app_url: process.env.APP_URL || "http://localhost:4010",
-    mail_server: process.env.MAIL_SERVER,
-    mail_port: Number(process.env.MAIL_PORT) || 25,
-    mail_user: process.env.MAIL_USER,
-    mail_password: process.env.MAIL_PASSWORD,
-    mail_from: process.env.MAIL_FROM,
+    app_url: process.env.APP_URL || "http://localhost:8080",
     privacy_url: process.env.PRIVACY_URL || "/privacy",
-    imprint_url: process.env.IMPRINT_URL || "/imprint"
+    imprint_url: process.env.IMPRINT_URL || "/imprint",
+    mailer_url: process.env.MAILER_URL || "",
+    mailer_key: process.env.MAILER_KEY || ""
 }
 let errors = 0
 if (typeof config.internal_port !== "number") {
@@ -27,6 +25,9 @@ if (typeof config.internal_port !== "number") {
 if (typeof config.development !== "boolean") {
     errors++
 }
+if (config.mailer_url == "" || config.mailer_key == "") {
+    errors++;
+}
 function getPhoneCodeLocale(): CountryCode {
     return (process.env.PHONE_COUNTRYCODE as CountryCode);
 }

src/controllers/AuthController.ts

@@ -1,110 +1,106 @@
-import { Body, CookieParam, JsonController, Param, Post, Req, Res } from 'routing-controllers';
-import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { IllegalJWTError, InvalidCredentialsError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UsernameOrEmailNeededError } from '../errors/AuthError';
-import { UserNotFoundError } from '../errors/UserErrors';
-import { Mailer } from '../mailer';
-import { CreateAuth } from '../models/actions/create/CreateAuth';
-import { CreateResetToken } from '../models/actions/create/CreateResetToken';
-import { HandleLogout } from '../models/actions/HandleLogout';
-import { RefreshAuth } from '../models/actions/RefreshAuth';
-import { ResetPassword } from '../models/actions/ResetPassword';
-import { ResponseAuth } from '../models/responses/ResponseAuth';
-import { ResponseEmpty } from '../models/responses/ResponseEmpty';
-import { Logout } from '../models/responses/ResponseLogout';
-
-@JsonController('/auth')
-export class AuthController {
-
-	private mailer: Mailer;
-
-	constructor() {
-		this.mailer = new Mailer();
-	}
-
-	@Post("/login")
-	@ResponseSchema(ResponseAuth)
-	@ResponseSchema(InvalidCredentialsError)
-	@ResponseSchema(UserNotFoundError)
-	@ResponseSchema(UsernameOrEmailNeededError)
-	@ResponseSchema(PasswordNeededError)
-	@ResponseSchema(InvalidCredentialsError)
-	@OpenAPI({ description: 'Login with your username/email and password. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)' })
-	async login(@Body({ validate: true }) createAuth: CreateAuth, @Res() response: any) {
-		let auth;
-		try {
-			auth = await createAuth.toAuth();
-			response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
-			response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
-			return response.send(auth)
-		} catch (error) {
-			throw error;
-		}
-	}
-
-	@Post("/logout")
-	@ResponseSchema(Logout)
-	@ResponseSchema(InvalidCredentialsError)
-	@ResponseSchema(UserNotFoundError)
-	@ResponseSchema(UsernameOrEmailNeededError)
-	@ResponseSchema(PasswordNeededError)
-	@ResponseSchema(InvalidCredentialsError)
-	@OpenAPI({ description: 'Logout using your refresh token. <br> This instantly invalidates all your access and refresh tokens.', security: [{ "RefreshTokenCookie": [] }] })
-	async logout(@Body({ validate: true }) handleLogout: HandleLogout, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any) {
-		if (refresh_token && refresh_token.length != 0 && handleLogout.token == undefined) {
-			handleLogout.token = refresh_token;
-		}
-
-		let logout;
-		try {
-			logout = await handleLogout.logout()
-			await response.cookie('lfk_backend__refresh_token', "expired", { expires: new Date(Date.now()), httpOnly: true });
-			response.cookie('lfk_backend__refresh_token_expires_at', "expired", { expires: new Date(Date.now()), httpOnly: true });
-		} catch (error) {
-			throw error;
-		}
-		return response.send(logout)
-	}
-
-	@Post("/refresh")
-	@ResponseSchema(ResponseAuth)
-	@ResponseSchema(JwtNotProvidedError)
-	@ResponseSchema(IllegalJWTError)
-	@ResponseSchema(UserNotFoundError)
-	@ResponseSchema(RefreshTokenCountInvalidError)
-	@OpenAPI({ description: 'Refresh your access and refresh tokens using a valid refresh token. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)', security: [{ "RefreshTokenCookie": [] }] })
-	async refresh(@Body({ validate: true }) refreshAuth: RefreshAuth, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any, @Req() req: any) {
-		if (refresh_token && refresh_token.length != 0 && refreshAuth.token == undefined) {
-			refreshAuth.token = refresh_token;
-		}
-		let auth;
-		try {
-			auth = await refreshAuth.toAuth();
-			response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
-			response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
-		} catch (error) {
-			throw error;
-		}
-		return response.send(auth)
-	}
-
-	@Post("/reset")
-	@ResponseSchema(ResponseEmpty, { statusCode: 200 })
-	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
-	@ResponseSchema(UsernameOrEmailNeededError, { statusCode: 406 })
-	@OpenAPI({ description: "Request a password reset token. <br> This will provide you with a reset token that you can use by posting to /api/auth/reset/{token}." })
-	async getResetToken(@Body({ validate: true }) passwordReset: CreateResetToken) {
-		const reset_token: String = await passwordReset.toResetToken();
-		await this.mailer.sendResetMail(passwordReset.email, reset_token);
-		return new ResponseEmpty();
-	}
-
-	@Post("/reset/:token")
-	@ResponseSchema(ResponseAuth)
-	@ResponseSchema(UserNotFoundError)
-	@ResponseSchema(UsernameOrEmailNeededError)
-	@OpenAPI({ description: "Reset a user's utilising a valid password reset token. <br> This will set the user's password to the one you provided in the body. <br> To get a reset token post to /api/auth/reset with your username." })
-	async resetPassword(@Param("token") token: string, @Body({ validate: true }) passwordReset: ResetPassword) {
-		passwordReset.resetToken = token;
-		return await passwordReset.resetPassword();
-	}
-}
+import { Body, CookieParam, JsonController, Param, Post, QueryParam, Req, Res } from 'routing-controllers';
+import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
+import { IllegalJWTError, InvalidCredentialsError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UsernameOrEmailNeededError } from '../errors/AuthError';
+import { MailSendingError } from '../errors/MailErrors';
+import { UserNotFoundError } from '../errors/UserErrors';
+import { Mailer } from '../mailer';
+import { CreateAuth } from '../models/actions/create/CreateAuth';
+import { CreateResetToken } from '../models/actions/create/CreateResetToken';
+import { HandleLogout } from '../models/actions/HandleLogout';
+import { RefreshAuth } from '../models/actions/RefreshAuth';
+import { ResetPassword } from '../models/actions/ResetPassword';
+import { ResponseAuth } from '../models/responses/ResponseAuth';
+import { ResponseEmpty } from '../models/responses/ResponseEmpty';
+import { Logout } from '../models/responses/ResponseLogout';
+
+@JsonController('/auth')
+export class AuthController {
+
+	@Post("/login")
+	@ResponseSchema(ResponseAuth)
+	@ResponseSchema(InvalidCredentialsError)
+	@ResponseSchema(UserNotFoundError)
+	@ResponseSchema(UsernameOrEmailNeededError)
+	@ResponseSchema(PasswordNeededError)
+	@ResponseSchema(InvalidCredentialsError)
+	@OpenAPI({ description: 'Login with your username/email and password. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)' })
+	async login(@Body({ validate: true }) createAuth: CreateAuth, @Res() response: any) {
+		let auth;
+		try {
+			auth = await createAuth.toAuth();
+			response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
+			response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
+			return response.send(auth)
+		} catch (error) {
+			throw error;
+		}
+	}
+
+	@Post("/logout")
+	@ResponseSchema(Logout)
+	@ResponseSchema(InvalidCredentialsError)
+	@ResponseSchema(UserNotFoundError)
+	@ResponseSchema(UsernameOrEmailNeededError)
+	@ResponseSchema(PasswordNeededError)
+	@ResponseSchema(InvalidCredentialsError)
+	@OpenAPI({ description: 'Logout using your refresh token. <br> This instantly invalidates all your access and refresh tokens.', security: [{ "RefreshTokenCookie": [] }] })
+	async logout(@Body({ validate: true }) handleLogout: HandleLogout, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any) {
+		if (refresh_token && refresh_token.length != 0 && handleLogout.token == undefined) {
+			handleLogout.token = refresh_token;
+		}
+
+		let logout;
+		try {
+			logout = await handleLogout.logout()
+			await response.cookie('lfk_backend__refresh_token', "expired", { expires: new Date(Date.now()), httpOnly: true });
+			response.cookie('lfk_backend__refresh_token_expires_at', "expired", { expires: new Date(Date.now()), httpOnly: true });
+		} catch (error) {
+			throw error;
+		}
+		return response.send(logout)
+	}
+
+	@Post("/refresh")
+	@ResponseSchema(ResponseAuth)
+	@ResponseSchema(JwtNotProvidedError)
+	@ResponseSchema(IllegalJWTError)
+	@ResponseSchema(UserNotFoundError)
+	@ResponseSchema(RefreshTokenCountInvalidError)
+	@OpenAPI({ description: 'Refresh your access and refresh tokens using a valid refresh token. <br> You will receive: \n * access token (use it as a bearer token) \n * refresh token (will also be sent as a cookie)', security: [{ "RefreshTokenCookie": [] }] })
+	async refresh(@Body({ validate: true }) refreshAuth: RefreshAuth, @CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any, @Req() req: any) {
+		if (refresh_token && refresh_token.length != 0 && refreshAuth.token == undefined) {
+			refreshAuth.token = refresh_token;
+		}
+		let auth;
+		try {
+			auth = await refreshAuth.toAuth();
+			response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
+			response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
+		} catch (error) {
+			throw error;
+		}
+		return response.send(auth)
+	}
+
+	@Post("/reset")
+	@ResponseSchema(ResponseEmpty, { statusCode: 200 })
+	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
+	@ResponseSchema(UsernameOrEmailNeededError, { statusCode: 406 })
+	@ResponseSchema(MailSendingError, { statusCode: 500 })
+	@OpenAPI({ description: "Request a password reset token. <br> This will provide you with a reset token that you can use by posting to /api/auth/reset/{token}." })
+	async getResetToken(@Body({ validate: true }) passwordReset: CreateResetToken, @QueryParam("locale") locale: string = "en") {
+		const reset_token: string = await passwordReset.toResetToken();
+		await Mailer.sendResetMail(passwordReset.email, reset_token, locale);
+		return new ResponseEmpty();
+	}
+
+	@Post("/reset/:token")
+	@ResponseSchema(ResponseAuth)
+	@ResponseSchema(UserNotFoundError)
+	@ResponseSchema(UsernameOrEmailNeededError)
+	@OpenAPI({ description: "Reset a user's utilising a valid password reset token. <br> This will set the user's password to the one you provided in the body. <br> To get a reset token post to /api/auth/reset with your username." })
+	async resetPassword(@Param("token") token: string, @Body({ validate: true }) passwordReset: ResetPassword) {
+		passwordReset.resetToken = token;
+		return await passwordReset.resetPassword();
+	}
+}

src/controllers/DonationController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { DonationIdsNotMatchingError, DonationNotFoundError } from '../errors/DonationErrors';
 import { DonorNotFoundError } from '../errors/DonorErrors';
 import { RunnerNotFoundError } from '../errors/RunnerErrors';
@@ -36,9 +36,16 @@ export class DonationController {
 	@ResponseSchema(ResponseDonation, { isArray: true })
 	@ResponseSchema(ResponseDistanceDonation, { isArray: true })
 	@OpenAPI({ description: 'Lists all donations (fixed or distance based) from all donors. <br> This includes the donations\'s runner\'s distance ran(if distance donation).' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseDonations: ResponseDonation[] = new Array<ResponseDonation>();
-		const donations = await this.donationRepository.find({ relations: ['runner', 'donor', 'runner.scans', 'runner.scans.track'] });
+		let donations: Array<Donation>;
+
+		if (page != undefined) {
+			donations = await this.donationRepository.find({ relations: ['runner', 'donor', 'runner.scans', 'runner.scans.track'], skip: page * page_size, take: page_size });
+		} else {
+			donations = await this.donationRepository.find({ relations: ['runner', 'donor', 'runner.scans', 'runner.scans.track'] });
+		}
+
 		donations.forEach(donation => {
 			responseDonations.push(donation.toResponse());
 		});

src/controllers/DonorController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { DonorHasDonationsError, DonorIdsNotMatchingError, DonorNotFoundError } from '../errors/DonorErrors';
 import { CreateDonor } from '../models/actions/create/CreateDonor';
 import { UpdateDonor } from '../models/actions/update/UpdateDonor';
@@ -25,9 +25,16 @@ export class DonorController {
 	@Authorized("DONOR:GET")
 	@ResponseSchema(ResponseDonor, { isArray: true })
 	@OpenAPI({ description: 'Lists all donor. <br> This includes the donor\'s current donation amount.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseDonors: ResponseDonor[] = new Array<ResponseDonor>();
-		const donors = await this.donorRepository.find({ relations: ['donations', 'donations.runner', 'donations.runner.scans', 'donations.runner.scans.track'] });
+		let donors: Array<Donor>;
+
+		if (page != undefined) {
+			donors = await this.donorRepository.find({ relations: ['donations', 'donations.runner', 'donations.runner.scans', 'donations.runner.scans.track'], skip: page * page_size, take: page_size });
+		} else {
+			donors = await this.donorRepository.find({ relations: ['donations', 'donations.runner', 'donations.runner.scans', 'donations.runner.scans.track'] });
+		}
+
 		donors.forEach(donor => {
 			responseDonors.push(new ResponseDonor(donor));
 		});

src/controllers/GroupContactController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnection, getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnection, getConnectionManager } from 'typeorm';
 import { GroupContactIdsNotMatchingError, GroupContactNotFoundError } from '../errors/GroupContactErrors';
 import { RunnerGroupNotFoundError } from '../errors/RunnerGroupErrors';
 import { CreateGroupContact } from '../models/actions/create/CreateGroupContact';
@@ -26,9 +26,16 @@ export class GroupContactController {
 	@Authorized("CONTACT:GET")
 	@ResponseSchema(ResponseGroupContact, { isArray: true })
 	@OpenAPI({ description: 'Lists all contacts. <br> This includes the contact\'s associated groups.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseContacts: ResponseGroupContact[] = new Array<ResponseGroupContact>();
-		const contacts = await this.contactRepository.find({ relations: ['groups', 'groups.parentGroup'] });
+		let contacts: Array<GroupContact>;
+
+		if (page != undefined) {
+			contacts = await this.contactRepository.find({ relations: ['groups', 'groups.parentGroup'], skip: page * page_size, take: page_size });
+		} else {
+			contacts = await this.contactRepository.find({ relations: ['groups', 'groups.parentGroup'] });
+		}
+
 		contacts.forEach(contact => {
 			responseContacts.push(contact.toResponse());
 		});

src/controllers/MailController.ts

@@ -1,26 +0,0 @@
-import { Authorized, JsonController, Post } from 'routing-controllers';
-import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { config } from '../config';
-import { Mailer } from '../mailer';
-import { ResponseEmpty } from '../models/responses/ResponseEmpty';
-
-
-@JsonController('/mails')
-@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
-export class MailController {
-
-	private mailer: Mailer;
-
-	constructor() {
-		this.mailer = new Mailer();
-	}
-
-	@Post('/test')
-	@Authorized(["MAIL:CREATE"])
-	@ResponseSchema(ResponseEmpty, { statusCode: 200 })
-	@OpenAPI({ description: 'Sends a test email to the configured from-address.' })
-	async get() {
-		await this.mailer.sendTestMail(config.mail_from);
-		return new ResponseEmpty();
-	}
-}

src/controllers/MeController.ts

@@ -1,7 +1,7 @@
 import { Body, CurrentUser, Delete, Get, JsonController, OnUndefined, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
 import { getConnectionManager, Repository } from 'typeorm';
-import { UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
 import { UpdateUser } from '../models/actions/update/UpdateUser';
 import { User } from '../models/entities/User';
 import { ResponseUser } from '../models/responses/ResponseUser';
@@ -32,7 +32,7 @@ export class MeController {
 		return new ResponseUser(user);
 	}
 
-	@Get('/')
+	@Get('/permissions')
 	@ResponseSchema(ResponseUserPermissions)
 	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
 	@OnUndefined(UserNotFoundError)
@@ -48,6 +48,10 @@ export class MeController {
 	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UserIdsNotMatchingError, { statusCode: 406 })
 	@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainUppercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainLowercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainNumberError, { statusCode: 406 })
+	@ResponseSchema(PasswordTooShortError, { statusCode: 406 })
 	@OpenAPI({ description: "Update the yourself. <br> You can't edit your own permissions or group memberships here - Please use the /api/users/:id enpoint instead. <br> Please remember that ids can't be changed." })
 	async put(@CurrentUser() currentUser: User, @Body({ validate: true }) updateUser: UpdateUser) {
 		let oldUser = await this.userRepository.findOne({ id: currentUser.id }, { relations: ['groups'] });

src/controllers/PermissionController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { PermissionIdsNotMatchingError, PermissionNeedsPrincipalError, PermissionNotFoundError } from '../errors/PermissionErrors';
 import { PrincipalNotFoundError } from '../errors/PrincipalErrors';
 import { CreatePermission } from '../models/actions/create/CreatePermission';
@@ -27,9 +27,16 @@ export class PermissionController {
     @Authorized("PERMISSION:GET")
     @ResponseSchema(ResponsePermission, { isArray: true })
     @OpenAPI({ description: 'Lists all permissions for all users and groups.' })
-    async getAll() {
+    async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
         let responsePermissions: ResponsePermission[] = new Array<ResponsePermission>();
-        const permissions = await this.permissionRepository.find({ relations: ['principal'] });
+        let permissions: Array<Permission>;
+
+        if (page != undefined) {
+            permissions = await this.permissionRepository.find({ relations: ['principal'], skip: page * page_size, take: page_size });
+        } else {
+            permissions = await this.permissionRepository.find({ relations: ['principal'] });
+        }
+
         permissions.forEach(permission => {
             responsePermissions.push(new ResponsePermission(permission));
         });

src/controllers/RunnerCardController.ts

@@ -1,106 +1,138 @@
-import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
-import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
-import { RunnerCardHasScansError, RunnerCardIdsNotMatchingError, RunnerCardNotFoundError } from '../errors/RunnerCardErrors';
-import { RunnerNotFoundError } from '../errors/RunnerErrors';
-import { CreateRunnerCard } from '../models/actions/create/CreateRunnerCard';
-import { UpdateRunnerCard } from '../models/actions/update/UpdateRunnerCard';
-import { RunnerCard } from '../models/entities/RunnerCard';
-import { ResponseEmpty } from '../models/responses/ResponseEmpty';
-import { ResponseRunnerCard } from '../models/responses/ResponseRunnerCard';
-import { ScanController } from './ScanController';
-
-@JsonController('/cards')
-@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
-export class RunnerCardController {
-	private cardRepository: Repository<RunnerCard>;
-
-	/**
-	 * Gets the repository of this controller's model/entity.
-	 */
-	constructor() {
-		this.cardRepository = getConnectionManager().get().getRepository(RunnerCard);
-	}
-
-	@Get()
-	@Authorized("CARD:GET")
-	@ResponseSchema(ResponseRunnerCard, { isArray: true })
-	@OpenAPI({ description: 'Lists all card.' })
-	async getAll() {
-		let responseCards: ResponseRunnerCard[] = new Array<ResponseRunnerCard>();
-		const cards = await this.cardRepository.find({ relations: ['runner'] });
-		cards.forEach(card => {
-			responseCards.push(new ResponseRunnerCard(card));
-		});
-		return responseCards;
-	}
-
-	@Get('/:id')
-	@Authorized("CARD:GET")
-	@ResponseSchema(ResponseRunnerCard)
-	@ResponseSchema(RunnerCardNotFoundError, { statusCode: 404 })
-	@OnUndefined(RunnerCardNotFoundError)
-	@OpenAPI({ description: "Lists all information about the card whose id got provided." })
-	async getOne(@Param('id') id: number) {
-		let card = await this.cardRepository.findOne({ id: id }, { relations: ['runner'] });
-		if (!card) { throw new RunnerCardNotFoundError(); }
-		return card.toResponse();
-	}
-
-	@Post()
-	@Authorized("CARD:CREATE")
-	@ResponseSchema(ResponseRunnerCard)
-	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: "Create a new card. <br> You can provide a associated runner by id but you don't have to." })
-	async post(@Body({ validate: true }) createCard: CreateRunnerCard) {
-		let card = await createCard.toEntity();
-		card = await this.cardRepository.save(card);
-		return (await this.cardRepository.findOne({ id: card.id }, { relations: ['runner'] })).toResponse();
-	}
-
-	@Put('/:id')
-	@Authorized("CARD:UPDATE")
-	@ResponseSchema(ResponseRunnerCard)
-	@ResponseSchema(RunnerCardNotFoundError, { statusCode: 404 })
-	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@ResponseSchema(RunnerCardIdsNotMatchingError, { statusCode: 406 })
-	@OpenAPI({ description: "Update the card whose id you provided. <br> Scans created via this card will still be associated with the old runner. <br> Please remember that ids can't be changed." })
-	async put(@Param('id') id: number, @Body({ validate: true }) card: UpdateRunnerCard) {
-		let oldCard = await this.cardRepository.findOne({ id: id });
-
-		if (!oldCard) {
-			throw new RunnerCardNotFoundError();
-		}
-
-		if (oldCard.id != card.id) {
-			throw new RunnerCardIdsNotMatchingError();
-		}
-
-		await this.cardRepository.save(await card.update(oldCard));
-		return (await this.cardRepository.findOne({ id: id }, { relations: ['runner'] })).toResponse();
-	}
-
-	@Delete('/:id')
-	@Authorized("CARD:DELETE")
-	@ResponseSchema(ResponseRunnerCard)
-	@ResponseSchema(ResponseEmpty, { statusCode: 204 })
-	@ResponseSchema(RunnerCardHasScansError, { statusCode: 406 })
-	@OnUndefined(204)
-	@OpenAPI({ description: "Delete the card whose id you provided. <br> If no card with this id exists it will just return 204(no content). <br> If the card still has scans associated you have to provide the force=true query param (warning: this deletes all scans associated with by this card - please disable it instead or just remove the runner association)." })
-	async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
-		let card = await this.cardRepository.findOne({ id: id });
-		if (!card) { return null; }
-
-		const cardScans = (await this.cardRepository.findOne({ id: id }, { relations: ["scans"] })).scans;
-		if (cardScans.length != 0 && !force) {
-			throw new RunnerCardHasScansError();
-		}
-		const scanController = new ScanController;
-		for (let scan of cardScans) {
-			await scanController.remove(scan.id, force);
-		}
-
-		await this.cardRepository.delete(card);
-		return card.toResponse();
-	}
+import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
+import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
+import { Repository, getConnectionManager } from 'typeorm';
+import { RunnerCardHasScansError, RunnerCardIdsNotMatchingError, RunnerCardNotFoundError } from '../errors/RunnerCardErrors';
+import { RunnerNotFoundError } from '../errors/RunnerErrors';
+import { CreateRunnerCard } from '../models/actions/create/CreateRunnerCard';
+import { UpdateRunnerCard } from '../models/actions/update/UpdateRunnerCard';
+import { RunnerCard } from '../models/entities/RunnerCard';
+import { ResponseEmpty } from '../models/responses/ResponseEmpty';
+import { ResponseRunnerCard } from '../models/responses/ResponseRunnerCard';
+import { ScanController } from './ScanController';
+
+@JsonController('/cards')
+@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
+export class RunnerCardController {
+	private cardRepository: Repository<RunnerCard>;
+
+	/**
+	 * Gets the repository of this controller's model/entity.
+	 */
+	constructor() {
+		this.cardRepository = getConnectionManager().get().getRepository(RunnerCard);
+	}
+
+	@Get()
+	@Authorized("CARD:GET")
+	@ResponseSchema(ResponseRunnerCard, { isArray: true })
+	@OpenAPI({ description: 'Lists all card.' })
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
+		let responseCards: ResponseRunnerCard[] = new Array<ResponseRunnerCard>();
+		let cards: Array<RunnerCard>;
+
+		if (page != undefined) {
+			cards = await this.cardRepository.find({ relations: ['runner', 'runner.group', 'runner.group.parentGroup'], skip: page * page_size, take: page_size });
+		} else {
+			cards = await this.cardRepository.find({ relations: ['runner', 'runner.group', 'runner.group.parentGroup'] });
+		}
+
+		cards.forEach(card => {
+			responseCards.push(new ResponseRunnerCard(card));
+		});
+		return responseCards;
+	}
+
+	@Get('/:id')
+	@Authorized("CARD:GET")
+	@ResponseSchema(ResponseRunnerCard)
+	@ResponseSchema(RunnerCardNotFoundError, { statusCode: 404 })
+	@OnUndefined(RunnerCardNotFoundError)
+	@OpenAPI({ description: "Lists all information about the card whose id got provided." })
+	async getOne(@Param('id') id: number) {
+		let card = await this.cardRepository.findOne({ id: id }, { relations: ['runner', 'runner.group', 'runner.group.parentGroup'] });
+		if (!card) { throw new RunnerCardNotFoundError(); }
+		return card.toResponse();
+	}
+
+	@Post('/bulk')
+	@Authorized("CARD:CREATE")
+	@ResponseSchema(ResponseEmpty, { statusCode: 200 })
+	@OpenAPI({ description: "Create blank cards in bulk. <br> Just provide the count as a query param and wait for the 200 response. <br> You can provide the 'returnCards' query param if you want to receive the RESPONSERUNNERCARD objects in the response." })
+	async postBlancoBulk(@QueryParam("count") count: number, @QueryParam("returnCards") returnCards: boolean = false) {
+		let createPromises = new Array<any>();
+		for (let index = 0; index < count; index++) {
+			createPromises.push(this.cardRepository.save({ runner: null, enabled: true }))
+		}
+
+		const cards = await Promise.all(createPromises);
+
+		if (returnCards) {
+			let responseCards: ResponseRunnerCard[] = new Array<ResponseRunnerCard>();
+			for await (let card of cards) {
+				let dbCard = await this.cardRepository.findOne({ id: card.id });
+				responseCards.push(new ResponseRunnerCard(dbCard));
+			}
+			return responseCards;
+		}
+		let response = new ResponseEmpty();
+		response.response = `Created ${count} new blanco cards.`
+		return response;
+	}
+
+	@Post()
+	@Authorized("CARD:CREATE")
+	@ResponseSchema(ResponseRunnerCard)
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OpenAPI({ description: "Create a new card. <br> You can provide a associated runner by id but you don't have to." })
+	async post(@Body({ validate: true }) createCard: CreateRunnerCard) {
+		let card = await createCard.toEntity();
+		card = await this.cardRepository.save(card);
+		return (await this.cardRepository.findOne({ id: card.id }, { relations: ['runner', 'runner.group', 'runner.group.parentGroup'] })).toResponse();
+	}
+
+	@Put('/:id')
+	@Authorized("CARD:UPDATE")
+	@ResponseSchema(ResponseRunnerCard)
+	@ResponseSchema(RunnerCardNotFoundError, { statusCode: 404 })
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@ResponseSchema(RunnerCardIdsNotMatchingError, { statusCode: 406 })
+	@OpenAPI({ description: "Update the card whose id you provided. <br> Scans created via this card will still be associated with the old runner. <br> Please remember that ids can't be changed." })
+	async put(@Param('id') id: number, @Body({ validate: true }) card: UpdateRunnerCard) {
+		let oldCard = await this.cardRepository.findOne({ id: id });
+
+		if (!oldCard) {
+			throw new RunnerCardNotFoundError();
+		}
+
+		if (oldCard.id != card.id) {
+			throw new RunnerCardIdsNotMatchingError();
+		}
+
+		await this.cardRepository.save(await card.update(oldCard));
+		return (await this.cardRepository.findOne({ id: id }, { relations: ['runner', 'runner.group', 'runner.group.parentGroup'] })).toResponse();
+	}
+
+	@Delete('/:id')
+	@Authorized("CARD:DELETE")
+	@ResponseSchema(ResponseRunnerCard)
+	@ResponseSchema(ResponseEmpty, { statusCode: 204 })
+	@ResponseSchema(RunnerCardHasScansError, { statusCode: 406 })
+	@OnUndefined(204)
+	@OpenAPI({ description: "Delete the card whose id you provided. <br> If no card with this id exists it will just return 204(no content). <br> If the card still has scans associated you have to provide the force=true query param (warning: this deletes all scans associated with by this card - please disable it instead or just remove the runner association)." })
+	async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
+		let card = await this.cardRepository.findOne({ id: id });
+		if (!card) { return null; }
+
+		const cardScans = (await this.cardRepository.findOne({ id: id }, { relations: ["scans"] })).scans;
+		if (cardScans.length != 0 && !force) {
+			throw new RunnerCardHasScansError();
+		}
+		const scanController = new ScanController;
+		for (let scan of cardScans) {
+			await scanController.remove(scan.id, force);
+		}
+
+		await this.cardRepository.delete(card);
+		return card.toResponse();
+	}
 }

src/controllers/RunnerController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { RunnerGroupNeededError, RunnerHasDistanceDonationsError, RunnerIdsNotMatchingError, RunnerNotFoundError } from '../errors/RunnerErrors';
 import { RunnerGroupNotFoundError } from '../errors/RunnerGroupErrors';
 import { CreateRunner } from '../models/actions/create/CreateRunner';
@@ -30,9 +30,16 @@ export class RunnerController {
 	@Authorized("RUNNER:GET")
 	@ResponseSchema(ResponseRunner, { isArray: true })
 	@OpenAPI({ description: 'Lists all runners from all teams/orgs. <br> This includes the runner\'s group and distance ran.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseRunners: ResponseRunner[] = new Array<ResponseRunner>();
-		const runners = await this.runnerRepository.find({ relations: ['scans', 'group', 'scans.track', 'cards'] });
+		let runners: Array<Runner>;
+
+		if (page != undefined) {
+			runners = await this.runnerRepository.find({ relations: ['scans', 'group', 'group.parentGroup', 'scans.track'], skip: page * page_size, take: page_size });
+		} else {
+			runners = await this.runnerRepository.find({ relations: ['scans', 'group', 'group.parentGroup', 'scans.track'] });
+		}
+
 		runners.forEach(runner => {
 			responseRunners.push(new ResponseRunner(runner));
 		});
@@ -46,7 +53,7 @@ export class RunnerController {
 	@OnUndefined(RunnerNotFoundError)
 	@OpenAPI({ description: 'Lists all information about the runner whose id got provided.' })
 	async getOne(@Param('id') id: number) {
-		let runner = await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'scans.track', 'cards'] })
+		let runner = await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] })
 		if (!runner) { throw new RunnerNotFoundError(); }
 		return new ResponseRunner(runner);
 	}
@@ -91,7 +98,7 @@ export class RunnerController {
 		}
 
 		runner = await this.runnerRepository.save(runner)
-		return new ResponseRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'scans.track', 'cards'] }));
+		return new ResponseRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] }));
 	}
 
 	@Put('/:id')
@@ -112,7 +119,7 @@ export class RunnerController {
 		}
 
 		await this.runnerRepository.save(await runner.update(oldRunner));
-		return new ResponseRunner(await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'scans.track', 'cards'] }));
+		return new ResponseRunner(await this.runnerRepository.findOne({ id: id }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] }));
 	}
 
 	@Delete('/:id')
@@ -125,7 +132,7 @@ export class RunnerController {
 	async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
 		let runner = await this.runnerRepository.findOne({ id: id });
 		if (!runner) { return null; }
-		const responseRunner = await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'scans.track', 'cards'] });
+		const responseRunner = await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] });
 
 		if (!runner) {
 			throw new RunnerNotFoundError();

src/controllers/RunnerOrganizationController.ts

@@ -1,6 +1,6 @@
-import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
+import { Authorized, BadRequestError, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { RunnerOrganizationHasRunnersError, RunnerOrganizationHasTeamsError, RunnerOrganizationIdsNotMatchingError, RunnerOrganizationNotFoundError } from '../errors/RunnerOrganizationErrors';
 import { CreateRunnerOrganization } from '../models/actions/create/CreateRunnerOrganization';
 import { UpdateRunnerOrganization } from '../models/actions/update/UpdateRunnerOrganization';
@@ -29,13 +29,20 @@ export class RunnerOrganizationController {
 	@Authorized("ORGANIZATION:GET")
 	@ResponseSchema(ResponseRunnerOrganization, { isArray: true })
 	@OpenAPI({ description: 'Lists all organizations. <br> This includes their address, contact and teams (if existing/associated).' })
-	async getAll() {
-		let responseTeams: ResponseRunnerOrganization[] = new Array<ResponseRunnerOrganization>();
-		const runners = await this.runnerOrganizationRepository.find({ relations: ['contact', 'teams'] });
-		runners.forEach(runner => {
-			responseTeams.push(new ResponseRunnerOrganization(runner));
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
+		let responseOrgs: ResponseRunnerOrganization[] = new Array<ResponseRunnerOrganization>();
+		let orgs: Array<RunnerOrganization>;
+
+		if (page != undefined) {
+			orgs = await this.runnerOrganizationRepository.find({ relations: ['contact', 'teams'], skip: page * page_size, take: page_size });
+		} else {
+			orgs = await this.runnerOrganizationRepository.find({ relations: ['contact', 'teams'] });
+		}
+
+		orgs.forEach(org => {
+			responseOrgs.push(new ResponseRunnerOrganization(org));
 		});
-		return responseTeams;
+		return responseOrgs;
 	}
 
 	@Get('/:id')
@@ -45,7 +52,7 @@ export class RunnerOrganizationController {
 	@OnUndefined(RunnerOrganizationNotFoundError)
 	@OpenAPI({ description: 'Lists all information about the organization whose id got provided.' })
 	async getOne(@Param('id') id: number) {
-		let runnerOrg = await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['contact', 'teams'] });
+		let runnerOrg = await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['contact', 'teams', 'teams.runners', 'teams.runners.scans', 'teams.runners.scans.track', 'runners', 'runners.scans', 'runners.scans.track'] });
 		if (!runnerOrg) { throw new RunnerOrganizationNotFoundError(); }
 		return new ResponseRunnerOrganization(runnerOrg);
 	}
@@ -58,8 +65,8 @@ export class RunnerOrganizationController {
 	async getRunners(@Param('id') id: number, @QueryParam('onlyDirect') onlyDirect: boolean) {
 		let responseRunners: ResponseRunner[] = new Array<ResponseRunner>();
 		let runners: Runner[];
-		if (!onlyDirect) { runners = (await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.scans', 'runners.scans.track', 'teams', 'teams.runners', 'teams.runners.group', 'teams.runners.scans', 'teams.runners.scans.track'] })).allRunners; }
-		else { runners = (await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.scans', 'runners.scans.track'] })).runners; }
+		if (!onlyDirect) { runners = (await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.group.parentGroup', 'runners.scans', 'runners.scans.track', 'teams', 'teams.runners', 'teams.runners.group', 'teams.runners.group.parentGroup', 'teams.runners.scans', 'teams.runners.scans.track'] })).allRunners; }
+		else { runners = (await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.group.parentGroup', 'runners.scans', 'runners.scans.track'] })).runners; }
 		runners.forEach(runner => {
 			responseRunners.push(new ResponseRunner(runner));
 		});
@@ -114,6 +121,10 @@ export class RunnerOrganizationController {
 	@OnUndefined(204)
 	@OpenAPI({ description: 'Delete the organsisation whose id you provided. <br> If the organization still has runners and/or teams associated this will fail. <br> To delete the organization with all associated runners and teams set the force QueryParam to true (cascading deletion might take a while). <br> This won\'t delete the associated contact. <br> If no organization with this id exists it will just return 204(no content).' })
 	async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
+		if (id == 1) {
+			throw new BadRequestError("You can't delete the citizen runner org.");
+		}
+
 		let organization = await this.runnerOrganizationRepository.findOne({ id: id });
 		if (!organization) { return null; }
 		let runnerOrganization = await this.runnerOrganizationRepository.findOne(organization, { relations: ['contact', 'runners', 'teams'] });

src/controllers/RunnerSelfServiceController.ts

@@ -1,98 +1,244 @@
-import * as jwt from "jsonwebtoken";
-import { Body, Get, JsonController, OnUndefined, Param, Post } from 'routing-controllers';
-import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
-import { config } from '../config';
-import { InvalidCredentialsError, JwtNotProvidedError } from '../errors/AuthError';
-import { RunnerEmailNeededError, RunnerNotFoundError } from '../errors/RunnerErrors';
-import { RunnerOrganizationNotFoundError } from '../errors/RunnerOrganizationErrors';
-import { JwtCreator } from '../jwtcreator';
-import { CreateSelfServiceCitizenRunner } from '../models/actions/create/CreateSelfServiceCitizenRunner';
-import { CreateSelfServiceRunner } from '../models/actions/create/CreateSelfServiceRunner';
-import { Runner } from '../models/entities/Runner';
-import { RunnerGroup } from '../models/entities/RunnerGroup';
-import { RunnerOrganization } from '../models/entities/RunnerOrganization';
-import { ResponseSelfServiceRunner } from '../models/responses/ResponseSelfServiceRunner';
-
-
-@JsonController('/runners')
-export class RunnerSelfServiceController {
-	private runnerRepository: Repository<Runner>;
-	private orgRepository: Repository<RunnerOrganization>;
-
-	/**
-	 * Gets the repository of this controller's model/entity.
-	 */
-	constructor() {
-		this.runnerRepository = getConnectionManager().get().getRepository(Runner);
-		this.orgRepository = getConnectionManager().get().getRepository(RunnerOrganization);
-	}
-
-	@Get('/me/:jwt')
-	@ResponseSchema(ResponseSelfServiceRunner)
-	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OnUndefined(RunnerNotFoundError)
-	@OpenAPI({ description: 'Lists all information about yourself. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please contact support.' })
-	async get(@Param('jwt') token: string) {
-		return (new ResponseSelfServiceRunner(await this.getRunner(token)));
-	}
-
-	@Post('/register')
-	@ResponseSchema(ResponseSelfServiceRunner)
-	@ResponseSchema(RunnerEmailNeededError, { statusCode: 406 })
-	@OpenAPI({ description: 'Create a new selfservice runner in the citizen org. <br> This endpoint shoud be used to allow "everyday citizen" to register themselves. <br> You have to provide a mail address, b/c the future we\'ll implement email verification.' })
-	async registerRunner(@Body({ validate: true }) createRunner: CreateSelfServiceCitizenRunner) {
-		let runner = await createRunner.toEntity();
-
-		runner = await this.runnerRepository.save(runner);
-		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
-		response.token = JwtCreator.createSelfService(runner);
-		return response;
-	}
-
-	@Post('/register/:token')
-	@ResponseSchema(ResponseSelfServiceRunner)
-	@ResponseSchema(RunnerOrganizationNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: 'Create a new selfservice runner in a provided org. <br> The orgs get provided and authorized via api tokens that can be optained via the /organizations endpoint.' })
-	async registerOrganizationRunner(@Param('token') token: string, @Body({ validate: true }) createRunner: CreateSelfServiceRunner) {
-		const org = await this.getOrgansisation(token);
-
-		let runner = await createRunner.toEntity(org);
-		runner = await this.runnerRepository.save(runner);
-
-		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
-		response.token = JwtCreator.createSelfService(runner);
-		return response;
-	}
-
-	/**
-	 * Get's a runner by a provided jwt token.
-	 * @param token The runner jwt provided by the runner to identitfy themselves.
-	 */
-	private async getRunner(token: string): Promise<Runner> {
-		if (token == "") { throw new JwtNotProvidedError(); }
-		let jwtPayload = undefined
-		try {
-			jwtPayload = <any>jwt.verify(token, config.jwt_secret);
-		} catch (error) {
-			throw new InvalidCredentialsError();
-		}
-
-		const runner = await this.runnerRepository.findOne({ id: jwtPayload["id"] }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] });
-		if (!runner) { throw new RunnerNotFoundError() }
-		return runner;
-	}
-
-	/**
-	 * Get's a runner org by a provided registration api key.
-	 * @param token The organization's registration api token.
-	 */
-	private async getOrgansisation(token: string): Promise<RunnerGroup> {
-		token = Buffer.from(token, 'base64').toString('utf8');
-
-		const organization = await this.orgRepository.findOne({ key: token });
-		if (!organization) { throw new RunnerOrganizationNotFoundError; }
-
-		return organization;
-	}
+import { Request } from "express";
+import * as jwt from "jsonwebtoken";
+import { BadRequestError, Body, Delete, Get, JsonController, OnUndefined, Param, Post, QueryParam, Req, UseBefore } from 'routing-controllers';
+import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
+import { getConnectionManager, Repository } from 'typeorm';
+import { config } from '../config';
+import { InvalidCredentialsError, JwtNotProvidedError } from '../errors/AuthError';
+import { MailSendingError } from '../errors/MailErrors';
+import { RunnerEmailNeededError, RunnerHasDistanceDonationsError, RunnerNotFoundError, RunnerSelfserviceTimeoutError } from '../errors/RunnerErrors';
+import { RunnerOrganizationNotFoundError } from '../errors/RunnerOrganizationErrors';
+import { ScanStationNotFoundError } from '../errors/ScanStationErrors';
+import { JwtCreator } from '../jwtcreator';
+import { Mailer } from '../mailer';
+import ScanAuth from '../middlewares/ScanAuth';
+import { CreateSelfServiceCitizenRunner } from '../models/actions/create/CreateSelfServiceCitizenRunner';
+import { CreateSelfServiceRunner } from '../models/actions/create/CreateSelfServiceRunner';
+import { Runner } from '../models/entities/Runner';
+import { RunnerGroup } from '../models/entities/RunnerGroup';
+import { RunnerOrganization } from '../models/entities/RunnerOrganization';
+import { ScanStation } from '../models/entities/ScanStation';
+import { ResponseEmpty } from '../models/responses/ResponseEmpty';
+import { ResponseScanStation } from '../models/responses/ResponseScanStation';
+import { ResponseSelfServiceOrganisation } from '../models/responses/ResponseSelfServiceOrganisation';
+import { ResponseSelfServiceRunner } from '../models/responses/ResponseSelfServiceRunner';
+import { ResponseSelfServiceScan } from '../models/responses/ResponseSelfServiceScan';
+import { DonationController } from './DonationController';
+import { RunnerCardController } from './RunnerCardController';
+import { ScanController } from './ScanController';
+
+@JsonController()
+export class RunnerSelfServiceController {
+	private runnerRepository: Repository<Runner>;
+	private orgRepository: Repository<RunnerOrganization>;
+	private stationRepository: Repository<ScanStation>;
+
+	/**
+	 * Gets the repository of this controller's model/entity.
+	 */
+	constructor() {
+		this.runnerRepository = getConnectionManager().get().getRepository(Runner);
+		this.orgRepository = getConnectionManager().get().getRepository(RunnerOrganization);
+		this.stationRepository = getConnectionManager().get().getRepository(ScanStation);
+	}
+
+	@Get('/runners/me/:jwt')
+	@ResponseSchema(ResponseSelfServiceRunner)
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OnUndefined(RunnerNotFoundError)
+	@OpenAPI({ description: 'Lists all information about yourself. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please use the forgot endpoint.' })
+	async get(@Param('jwt') token: string) {
+		return (new ResponseSelfServiceRunner(await this.getRunner(token)));
+	}
+
+	@Delete('/runners/me/:jwt')
+	@ResponseSchema(ResponseSelfServiceRunner)
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OnUndefined(RunnerNotFoundError)
+	@OpenAPI({ description: 'Deletes all information about yourself. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please use the forgot endpoint.' })
+	async remove(@Param('jwt') token: string, @QueryParam("force") force: boolean) {
+		const responseRunner = await this.getRunner(token);
+		let runner = await this.runnerRepository.findOne({ id: responseRunner.id });
+
+		if (!runner) { return null; }
+		if (!runner) {
+			throw new RunnerNotFoundError();
+		}
+
+		const runnerDonations = (await this.runnerRepository.findOne({ id: runner.id }, { relations: ["distanceDonations"] })).distanceDonations;
+		if (runnerDonations.length > 0 && !force) {
+			throw new RunnerHasDistanceDonationsError();
+		}
+		const donationController = new DonationController();
+		for (let donation of runnerDonations) {
+			await donationController.remove(donation.id, force);
+		}
+
+		const runnerCards = (await this.runnerRepository.findOne({ id: runner.id }, { relations: ["cards"] })).cards;
+		const cardController = new RunnerCardController;
+		for (let card of runnerCards) {
+			await cardController.remove(card.id, force);
+		}
+
+		const runnerScans = (await this.runnerRepository.findOne({ id: runner.id }, { relations: ["scans"] })).scans;
+		const scanController = new ScanController;
+		for (let scan of runnerScans) {
+			await scanController.remove(scan.id, force);
+		}
+
+		await this.runnerRepository.delete(runner);
+		return new ResponseSelfServiceRunner(responseRunner);
+	}
+
+	@Get('/runners/me/:jwt/scans')
+	@ResponseSchema(ResponseSelfServiceScan, { isArray: true })
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OnUndefined(RunnerNotFoundError)
+	@OpenAPI({ description: 'Lists all your (runner) scans. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please contact support.' })
+	async getScans(@Param('jwt') token: string) {
+		const scans = (await this.getRunner(token)).scans;
+		let responseScans = new Array<ResponseSelfServiceScan>()
+		for (let scan of scans) {
+			responseScans.push(new ResponseSelfServiceScan(scan));
+		}
+		return responseScans;
+	}
+
+	@Get('/stations/me')
+	@UseBefore(ScanAuth)
+	@ResponseSchema(ResponseScanStation)
+	@ResponseSchema(ScanStationNotFoundError, { statusCode: 404 })
+	@OnUndefined(ScanStationNotFoundError)
+	@OpenAPI({ description: 'Lists basic information about the station whose token got provided. <br> This includes it\'s associated track.', security: [{ "StationApiToken": [] }] })
+	async getStationMe(@Req() req: Request) {
+		let scan = await this.stationRepository.findOne({ id: parseInt(req.headers["station_id"].toString()) }, { relations: ['track'] })
+		if (!scan) { throw new ScanStationNotFoundError(); }
+		return scan.toResponse();
+	}
+
+	@Post('/runners/login')
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OnUndefined(ResponseEmpty)
+	@OpenAPI({ description: 'Use this endpoint to reuqest a new selfservice magic-login-link to be sent to your mail address (rate limited to one mail every 15mins).' })
+	async requestNewToken(@QueryParam('mail') mail: string, @QueryParam("locale") locale: string = "en") {
+		if (!mail) {
+			throw new RunnerNotFoundError();
+		}
+		const runner = await this.runnerRepository.findOne({ email: mail });
+		if (!runner) { throw new RunnerNotFoundError(); }
+
+		if (runner.resetRequestedTimestamp > (Math.floor(Date.now() / 1000) - 60 * 15)) { throw new RunnerSelfserviceTimeoutError(); }
+		const token = JwtCreator.createSelfService(runner);
+
+		try {
+			await Mailer.sendSelfserviceForgottenMail(runner.email, token, locale)
+		} catch (error) {
+			throw new MailSendingError();
+		}
+
+		runner.resetRequestedTimestamp = Math.floor(Date.now() / 1000);
+		await this.runnerRepository.save(runner);
+
+		return { token };
+	}
+
+	@Post('/runners/register')
+	@ResponseSchema(ResponseSelfServiceRunner)
+	@ResponseSchema(RunnerEmailNeededError, { statusCode: 406 })
+	@OpenAPI({ description: 'Create a new selfservice runner in the citizen org. <br> This endpoint shoud be used to allow "everyday citizen" to register themselves. <br> You have to provide a mail address, b/c the future we\'ll implement email verification.' })
+	async registerRunner(@Body({ validate: true }) createRunner: CreateSelfServiceCitizenRunner, @QueryParam("locale") locale: string = "en") {
+		let runner = await createRunner.toEntity();
+		if (await this.getRunnerExistsByMail(runner.email)) {
+			throw new BadRequestError("E-Mail already registered")
+		}
+		runner = await this.runnerRepository.save(runner);
+
+		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
+		response.token = JwtCreator.createSelfService(runner);
+
+		try {
+			await Mailer.sendSelfserviceWelcomeMail(runner.email, response.token, locale)
+		} catch (error) {
+			throw new MailSendingError();
+		}
+
+		return response;
+	}
+
+	@Post('/runners/register/:token')
+	@ResponseSchema(ResponseSelfServiceRunner)
+	@ResponseSchema(RunnerOrganizationNotFoundError, { statusCode: 404 })
+	@OpenAPI({ description: 'Create a new selfservice runner in a provided org. <br> The orgs get provided and authorized via api tokens that can be optained via the /organizations endpoint.' })
+	async registerOrganizationRunner(@Param('token') token: string, @Body({ validate: true }) createRunner: CreateSelfServiceRunner, @QueryParam("locale") locale: string = "en") {
+		const org = await this.getOrgansisation(token);
+
+		let runner = await createRunner.toEntity(org);
+		if (await this.getRunnerExistsByMail(runner.email)) {
+			throw new BadRequestError("E-Mail already registered")
+		}
+		runner = await this.runnerRepository.save(runner);
+
+		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
+		response.token = JwtCreator.createSelfService(runner);
+
+		try {
+			await Mailer.sendSelfserviceWelcomeMail(runner.email, response.token, locale)
+		} catch (error) {
+			throw new MailSendingError();
+		}
+
+		return response;
+	}
+
+	@Get('/organizations/selfservice/:token')
+	@ResponseSchema(ResponseSelfServiceOrganisation, { isArray: false })
+	@ResponseSchema(RunnerOrganizationNotFoundError, { statusCode: 404 })
+	@OpenAPI({ description: 'Get the basic info and teams for a org.' })
+	async getSelfserviceOrg(@Param('token') token: string) {
+		const orgid = (await this.getOrgansisation(token)).id;
+		const org = await this.orgRepository.findOne({ id: orgid }, { relations: ['teams'] })
+
+		return new ResponseSelfServiceOrganisation(<RunnerOrganization>org);
+	}
+
+	/**
+	 * Get's a runner by a provided jwt token.
+	 * @param token The runner jwt provided by the runner to identitfy themselves.
+	 */
+	private async getRunner(token: string): Promise<Runner> {
+		if (token == "") { throw new JwtNotProvidedError(); }
+		let jwtPayload = undefined
+		try {
+			jwtPayload = <any>jwt.verify(token, config.jwt_secret);
+		} catch (error) {
+			throw new InvalidCredentialsError();
+		}
+
+		const runner = await this.runnerRepository.findOne({ id: jwtPayload["id"] }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] });
+		if (!runner) { throw new RunnerNotFoundError() }
+		return runner;
+	}
+
+	/**
+	 * Get's a runner org by a provided registration api key.
+	 * @param token The organization's registration api token.
+	 */
+	private async getOrgansisation(token: string): Promise<RunnerGroup> {
+		token = Buffer.from(token, 'base64').toString('utf8');
+
+		const organization = await this.orgRepository.findOne({ key: token });
+		if (!organization) { throw new RunnerOrganizationNotFoundError; }
+
+		return organization;
+	}
+
+	/**
+	 * Checks if a runner already exists
+	 * @param email The runner's email address
+	 * @returns Boolean (true if exists, false if not)
+	 */
+	private async getRunnerExistsByMail(email: string): Promise<boolean> {
+		const runner = await this.runnerRepository.findOne({ email });
+		return runner != undefined
+	}
 }

src/controllers/RunnerTeamController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { RunnerTeamHasRunnersError, RunnerTeamIdsNotMatchingError, RunnerTeamNotFoundError } from '../errors/RunnerTeamErrors';
 import { CreateRunnerTeam } from '../models/actions/create/CreateRunnerTeam';
 import { UpdateRunnerTeam } from '../models/actions/update/UpdateRunnerTeam';
@@ -27,11 +27,18 @@ export class RunnerTeamController {
 	@Authorized("TEAM:GET")
 	@ResponseSchema(ResponseRunnerTeam, { isArray: true })
 	@OpenAPI({ description: 'Lists all teams. <br> This includes their parent organization and contact (if existing/associated).' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseTeams: ResponseRunnerTeam[] = new Array<ResponseRunnerTeam>();
-		const runners = await this.runnerTeamRepository.find({ relations: ['parentGroup', 'contact'] });
-		runners.forEach(runner => {
-			responseTeams.push(new ResponseRunnerTeam(runner));
+		let teams: Array<RunnerTeam>;
+
+		if (page != undefined) {
+			teams = await this.runnerTeamRepository.find({ relations: ['parentGroup', 'contact'], skip: page * page_size, take: page_size });
+		} else {
+			teams = await this.runnerTeamRepository.find({ relations: ['parentGroup', 'contact'] });
+		}
+
+		teams.forEach(team => {
+			responseTeams.push(new ResponseRunnerTeam(team));
 		});
 		return responseTeams;
 	}
@@ -43,7 +50,7 @@ export class RunnerTeamController {
 	@OnUndefined(RunnerTeamNotFoundError)
 	@OpenAPI({ description: 'Lists all information about the team whose id got provided.' })
 	async getOne(@Param('id') id: number) {
-		let runnerTeam = await this.runnerTeamRepository.findOne({ id: id }, { relations: ['parentGroup', 'contact'] });
+		let runnerTeam = await this.runnerTeamRepository.findOne({ id: id }, { relations: ['parentGroup', 'contact', 'runners', 'runners.scans', 'runners.scans.track'] });
 		if (!runnerTeam) { throw new RunnerTeamNotFoundError(); }
 		return new ResponseRunnerTeam(runnerTeam);
 	}
@@ -55,7 +62,7 @@ export class RunnerTeamController {
 	@OpenAPI({ description: 'Lists all runners from this team. <br> This includes the runner\'s group and distance ran.' })
 	async getRunners(@Param('id') id: number) {
 		let responseRunners: ResponseRunner[] = new Array<ResponseRunner>();
-		const runners = (await this.runnerTeamRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.scans', 'runners.scans.track'] })).runners;
+		const runners = (await this.runnerTeamRepository.findOne({ id: id }, { relations: ['runners', 'runners.group', 'runners.group.parentGroup', 'runners.scans', 'runners.scans.track'] })).runners;
 		runners.forEach(runner => {
 			responseRunners.push(new ResponseRunner(runner));
 		});

src/controllers/ScanController.ts

@@ -1,6 +1,7 @@
-import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam, UseBefore } from 'routing-controllers';
+import { Request } from "express";
+import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam, Req, UseBefore } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { RunnerNotFoundError } from '../errors/RunnerErrors';
 import { ScanIdsNotMatchingError, ScanNotFoundError } from '../errors/ScanErrors';
 import { ScanStationNotFoundError } from '../errors/ScanStationErrors';
@@ -14,7 +15,6 @@ import { TrackScan } from '../models/entities/TrackScan';
 import { ResponseEmpty } from '../models/responses/ResponseEmpty';
 import { ResponseScan } from '../models/responses/ResponseScan';
 import { ResponseTrackScan } from '../models/responses/ResponseTrackScan';
-
 @JsonController('/scans')
 @OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
 export class ScanController {
@@ -34,9 +34,16 @@ export class ScanController {
 	@ResponseSchema(ResponseScan, { isArray: true })
 	@ResponseSchema(ResponseTrackScan, { isArray: true })
 	@OpenAPI({ description: 'Lists all scans (normal or track) from all runners. <br> This includes the scan\'s runner\'s distance ran.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseScans: ResponseScan[] = new Array<ResponseScan>();
-		const scans = await this.scanRepository.find({ relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] });
+		let scans: Array<Scan>;
+
+		if (page != undefined) {
+			scans = await this.scanRepository.find({ relations: ['runner', 'track'], skip: page * page_size, take: page_size });
+		} else {
+			scans = await this.scanRepository.find({ relations: ['runner', 'track'] });
+		}
+
 		scans.forEach(scan => {
 			responseScans.push(scan.toResponse());
 		});
@@ -51,7 +58,7 @@ export class ScanController {
 	@OnUndefined(ScanNotFoundError)
 	@OpenAPI({ description: 'Lists all information about the scan whose id got provided. This includes the scan\'s runner\'s distance ran.' })
 	async getOne(@Param('id') id: number) {
-		let scan = await this.scanRepository.findOne({ id: id }, { relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] })
+		let scan = await this.scanRepository.findOne({ id: id }, { relations: ['runner', 'track', 'runner.group', 'card', 'station'] })
 		if (!scan) { throw new ScanNotFoundError(); }
 		return scan.toResponse();
 	}
@@ -60,7 +67,7 @@ export class ScanController {
 	@UseBefore(ScanAuth)
 	@ResponseSchema(ResponseScan)
 	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: 'Create a new scan (not track scan - use /scans/trackscans instead). <br> Please rmemember to provide the scan\'s runner\'s id and distance.', security: [{ "ScanApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
+	@OpenAPI({ description: 'Create a new scan (not track scan - use /scans/trackscans instead). <br> Please rmemember to provide the scan\'s runner\'s id and distance.', security: [{ "StationApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
 	async post(@Body({ validate: true }) createScan: CreateScan) {
 		let scan = await createScan.toEntity();
 		scan = await this.scanRepository.save(scan);
@@ -71,8 +78,12 @@ export class ScanController {
 	@UseBefore(ScanAuth)
 	@ResponseSchema(ResponseTrackScan)
 	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: 'Create a new track scan (for "normal" scans use /scans instead). <br> Please remember that to provide the scan\'s card\'s station\'s id.', security: [{ "ScanApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
-	async postTrackScans(@Body({ validate: true }) createScan: CreateTrackScan) {
+	@OpenAPI({ description: 'Create a new track scan (for "normal" scans use /scans instead). <br> Please remember that to provide the scan\'s card\'s station\'s id.', security: [{ "StationApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
+	async postTrackScans(@Body({ validate: true }) createScan: CreateTrackScan, @Req() req: Request) {
+		const station_id = req.headers["station_id"];
+		if (station_id) {
+			createScan.station = parseInt(station_id.toString());
+		}
 		let scan = await createScan.toEntity();
 		scan = await this.trackScanRepository.save(scan);
 		return (await this.scanRepository.findOne({ id: scan.id }, { relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] })).toResponse();

src/controllers/ScanStationController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { ScanStationHasScansError, ScanStationIdsNotMatchingError, ScanStationNotFoundError } from '../errors/ScanStationErrors';
 import { TrackNotFoundError } from '../errors/TrackErrors';
 import { CreateScanStation } from '../models/actions/create/CreateScanStation';
@@ -26,9 +26,16 @@ export class ScanStationController {
 	@Authorized("STATION:GET")
 	@ResponseSchema(ResponseScanStation, { isArray: true })
 	@OpenAPI({ description: 'Lists all stations. <br> This includes their associated tracks.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseStations: ResponseScanStation[] = new Array<ResponseScanStation>();
-		const stations = await this.stationRepository.find({ relations: ['track'] });
+		let stations: Array<ScanStation>;
+
+		if (page != undefined) {
+			stations = await this.stationRepository.find({ relations: ['track'], skip: page * page_size, take: page_size });
+		} else {
+			stations = await this.stationRepository.find({ relations: ['track'] });
+		}
+
 		stations.forEach(station => {
 			responseStations.push(station.toResponse());
 		});

src/controllers/StatsClientController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { StatsClientNotFoundError } from '../errors/StatsClientErrors';
 import { TrackNotFoundError } from "../errors/TrackErrors";
 import { CreateStatsClient } from '../models/actions/create/CreateStatsClient';
@@ -24,9 +24,16 @@ export class StatsClientController {
 	@Authorized("STATSCLIENT:GET")
 	@ResponseSchema(ResponseStatsClient, { isArray: true })
 	@OpenAPI({ description: 'Lists all stats clients. Please remember that the key can only be viewed on creation.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseClients: ResponseStatsClient[] = new Array<ResponseStatsClient>();
-		const clients = await this.clientRepository.find();
+		let clients: Array<StatsClient>;
+
+		if (page != undefined) {
+			clients = await this.clientRepository.find({ skip: page * page_size, take: page_size });
+		} else {
+			clients = await this.clientRepository.find();
+		}
+
 		clients.forEach(clients => {
 			responseClients.push(new ResponseStatsClient(clients));
 		});

src/controllers/StatsController.ts

@@ -1,12 +1,14 @@
-import { Get, JsonController, UseBefore } from 'routing-controllers';
+import { Get, JsonController, QueryParam, UseBefore } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
 import { getConnection } from 'typeorm';
 import StatsAuth from '../middlewares/StatsAuth';
 import { Donation } from '../models/entities/Donation';
+import { Donor } from '../models/entities/Donor';
 import { Runner } from '../models/entities/Runner';
 import { RunnerOrganization } from '../models/entities/RunnerOrganization';
 import { RunnerTeam } from '../models/entities/RunnerTeam';
 import { Scan } from '../models/entities/Scan';
+import { TrackScan } from '../models/entities/TrackScan';
 import { User } from '../models/entities/User';
 import { ResponseStats } from '../models/responses/ResponseStats';
 import { ResponseStatsOrgnisation } from '../models/responses/ResponseStatsOrganization';
@@ -20,14 +22,26 @@ export class StatsController {
     @ResponseSchema(ResponseStats)
     @OpenAPI({ description: "A very basic stats endpoint providing basic counters for a dashboard or simmilar" })
     async get() {
-        let connection = getConnection();
-        let runners = await connection.getRepository(Runner).find({ relations: ['scans', 'scans.track'] });
-        let teams = await connection.getRepository(RunnerTeam).find();
-        let orgs = await connection.getRepository(RunnerOrganization).find();
-        let users = await connection.getRepository(User).find();
-        let scans = await connection.getRepository(Scan).find();
+        const connection = getConnection();
+        const runners = await connection.getRepository(Runner).count();
+        const teams = await connection.getRepository(RunnerTeam).count();
+        const orgs = await connection.getRepository(RunnerOrganization).count();
+        const users = await connection.getRepository(User).count();
+        const scans = await connection.getRepository(Scan).count({ where: { valid: true } });
+
+        const distance_query = await connection.getRepository(Scan).createQueryBuilder('scan')
+            .leftJoinAndSelect("scan.track", "track").where("scan.valid = TRUE")
+            .select("SUM(track.distance)", "sum_track").addSelect("SUM(_distance)", "sum_distance")
+            .getRawOne();
+        let distace = parseInt(distance_query.sum_track)
+        if (distance_query.sum_distance) {
+            distace += parseInt(distance_query.sum_distance)
+        }
+
         let donations = await connection.getRepository(Donation).find({ relations: ['runner', 'runner.scans', 'runner.scans.track'] });
-        return new ResponseStats(runners, teams, orgs, users, scans, donations)
+        const donors = await connection.getRepository(Donor).count();
+
+        return new ResponseStats(runners, teams, orgs, users, scans, donations, distace, donors)
     }
 
     @Get("/runners/distance")
@@ -36,7 +50,10 @@ export class StatsController {
     @OpenAPI({ description: "Returns the top ten runners by distance.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopRunnersByDistance() {
         let runners = await getConnection().getRepository(Runner).find({ relations: ['scans', 'group', 'distanceDonations', 'scans.track'] });
-        let topRunners = runners.sort((runner1, runner2) => runner1.distance - runner2.distance).slice(0, 9);
+        if (!runners || runners.length == 0) {
+            return [];
+        }
+        let topRunners = runners.sort((runner1, runner2) => runner2.distance - runner1.distance).slice(0, 10);
         let responseRunners: ResponseStatsRunner[] = new Array<ResponseStatsRunner>();
         topRunners.forEach(runner => {
             responseRunners.push(new ResponseStatsRunner(runner));
@@ -49,8 +66,11 @@ export class StatsController {
     @ResponseSchema(ResponseStatsRunner, { isArray: true })
     @OpenAPI({ description: "Returns the top ten runners by donations.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopRunnersByDonations() {
-        let runners = await getConnection().getRepository(Runner).find({ relations: ['scans', 'group', 'distanceDonations', 'scans.track'] });
-        let topRunners = runners.sort((runner1, runner2) => runner1.distanceDonationAmount - runner2.distanceDonationAmount).slice(0, 9);
+        let runners = await getConnection().getRepository(Runner).find({ relations: ['group', 'distanceDonations', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] });
+        if (!runners || runners.length == 0) {
+            return [];
+        }
+        let topRunners = runners.sort((runner1, runner2) => runner2.distanceDonationAmount - runner1.distanceDonationAmount).slice(0, 10);
         let responseRunners: ResponseStatsRunner[] = new Array<ResponseStatsRunner>();
         topRunners.forEach(runner => {
             responseRunners.push(new ResponseStatsRunner(runner));
@@ -58,6 +78,34 @@ export class StatsController {
         return responseRunners;
     }
 
+    @Get("/runners/laptime")
+    @UseBefore(StatsAuth)
+    @ResponseSchema(ResponseStatsRunner, { isArray: true })
+    @OpenAPI({ description: "Returns the top ten runners by fastest laptime on your selected track (track by id).", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
+    async getTopRunnersByLaptime(@QueryParam("track") track: number) {
+        let scans = await getConnection().getRepository(TrackScan).find({ relations: ['track', 'runner', 'runner.group', 'runner.scans', 'runner.scans.track', 'runner.distanceDonations'] });
+        if (!scans || scans.length == 0) {
+            return [];
+        }
+        scans = scans.filter((s) => { return s.track.id == track && s.valid == true && s.lapTime != 0 }).sort((scan1, scan2) => scan1.lapTime - scan2.lapTime);
+
+        let topScans = new Array<TrackScan>();
+        let knownRunners = new Array<number>();
+        for (let i = 0; i < scans.length && topScans.length < 10; i++) {
+            const element = scans[i];
+            if (!knownRunners.includes(element.runner.id)) {
+                topScans.push(element);
+                knownRunners.push(element.runner.id);
+            }
+        }
+
+        let responseRunners: ResponseStatsRunner[] = new Array<ResponseStatsRunner>();
+        topScans.forEach(scan => {
+            responseRunners.push(new ResponseStatsRunner(scan.runner, scan.lapTime));
+        });
+        return responseRunners;
+    }
+
     @Get("/scans")
     @UseBefore(StatsAuth)
     @ResponseSchema(ResponseStatsRunner, { isArray: true })
@@ -71,8 +119,11 @@ export class StatsController {
     @ResponseSchema(ResponseStatsTeam, { isArray: true })
     @OpenAPI({ description: "Returns the top ten teams by distance.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopTeamsByDistance() {
-        let teams = await getConnection().getRepository(RunnerTeam).find({ relations: ['runners', 'runners.scans', 'runners.distanceDonations', 'runners.scans.track'] });
-        let topTeams = teams.sort((team1, team2) => team1.distance - team2.distance).slice(0, 9);
+        let teams = await getConnection().getRepository(RunnerTeam).find({ relations: ['parentGroup', 'runners', 'runners.scans', 'runners.scans.track'] });
+        if (!teams || teams.length == 0) {
+            return [];
+        }
+        let topTeams = teams.sort((team1, team2) => team2.distance - team1.distance).slice(0, 10);
         let responseTeams: ResponseStatsTeam[] = new Array<ResponseStatsTeam>();
         topTeams.forEach(team => {
             responseTeams.push(new ResponseStatsTeam(team));
@@ -85,8 +136,11 @@ export class StatsController {
     @ResponseSchema(ResponseStatsTeam, { isArray: true })
     @OpenAPI({ description: "Returns the top ten teams by donations.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopTeamsByDonations() {
-        let teams = await getConnection().getRepository(RunnerTeam).find({ relations: ['runners', 'runners.scans', 'runners.distanceDonations', 'runners.scans.track'] });
-        let topTeams = teams.sort((team1, team2) => team1.distanceDonationAmount - team2.distanceDonationAmount).slice(0, 9);
+        let teams = await getConnection().getRepository(RunnerTeam).find({ relations: ['parentGroup', 'runners', 'runners.scans', 'runners.distanceDonations', 'runners.scans.track'] });
+        if (!teams || teams.length == 0) {
+            return [];
+        }
+        let topTeams = teams.sort((team1, team2) => team2.distanceDonationAmount - team1.distanceDonationAmount).slice(0, 10);
         let responseTeams: ResponseStatsTeam[] = new Array<ResponseStatsTeam>();
         topTeams.forEach(team => {
             responseTeams.push(new ResponseStatsTeam(team));
@@ -100,7 +154,10 @@ export class StatsController {
     @OpenAPI({ description: "Returns the top ten organizations by distance.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopOrgsByDistance() {
         let orgs = await getConnection().getRepository(RunnerOrganization).find({ relations: ['runners', 'runners.scans', 'runners.distanceDonations', 'runners.scans.track', 'teams', 'teams.runners', 'teams.runners.scans', 'teams.runners.distanceDonations', 'teams.runners.scans.track'] });
-        let topOrgs = orgs.sort((org1, org2) => org1.distance - org2.distance).slice(0, 9);
+        if (!orgs || orgs.length == 0) {
+            return [];
+        }
+        let topOrgs = orgs.sort((org1, org2) => org2.distance - org1.distance).slice(0, 10);
         let responseOrgs: ResponseStatsOrgnisation[] = new Array<ResponseStatsOrgnisation>();
         topOrgs.forEach(org => {
             responseOrgs.push(new ResponseStatsOrgnisation(org));
@@ -113,8 +170,11 @@ export class StatsController {
     @ResponseSchema(ResponseStatsOrgnisation, { isArray: true })
     @OpenAPI({ description: "Returns the top ten organizations by donations.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopOrgsByDonations() {
-        let orgs = await getConnection().getRepository(RunnerOrganization).find({ relations: ['runners', 'runners.scans', 'runners.distanceDonations', 'runners.scans.track', 'teams', 'teams.runners', 'teams.runners.scans', 'teams.runners.distanceDonations', 'teams.runners.scans.track'] });
-        let topOrgs = orgs.sort((org1, org2) => org1.distanceDonationAmount - org2.distanceDonationAmount).slice(0, 9);
+        let orgs = await getConnection().getRepository(RunnerOrganization).find({ relations: ['runners', 'runners.distanceDonations', 'runners.distanceDonations.runner', 'runners.distanceDonations.runner.scans', 'runners.distanceDonations.runner.scans.track', 'teams', 'teams.runners', 'teams.runners.distanceDonations', 'teams.runners.distanceDonations.runner', 'teams.runners.distanceDonations.runner.scans', 'teams.runners.distanceDonations.runner.scans.track'] });
+        if (!orgs || orgs.length == 0) {
+            return [];
+        }
+        let topOrgs = orgs.sort((org1, org2) => org2.distanceDonationAmount - org1.distanceDonationAmount).slice(0, 10);
         let responseOrgs: ResponseStatsOrgnisation[] = new Array<ResponseStatsOrgnisation>();
         topOrgs.forEach(org => {
             responseOrgs.push(new ResponseStatsOrgnisation(org));

src/controllers/TrackController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { TrackHasScanStationsError, TrackIdsNotMatchingError, TrackLapTimeCantBeNegativeError, TrackNotFoundError } from "../errors/TrackErrors";
 import { CreateTrack } from '../models/actions/create/CreateTrack';
 import { UpdateTrack } from '../models/actions/update/UpdateTrack';
@@ -25,9 +25,17 @@ export class TrackController {
 	@Authorized("TRACK:GET")
 	@ResponseSchema(ResponseTrack, { isArray: true })
 	@OpenAPI({ description: 'Lists all tracks.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseTracks: ResponseTrack[] = new Array<ResponseTrack>();
-		const tracks = await this.trackRepository.find();
+		let tracks: Array<Track>;
+
+		if (page != undefined) {
+			tracks = await this.trackRepository.find({ skip: page * page_size, take: page_size });
+		}
+		else {
+			tracks = await this.trackRepository.find();
+		}
+
 		tracks.forEach(track => {
 			responseTracks.push(new ResponseTrack(track));
 		});

src/controllers/UserController.ts

@@ -1,7 +1,7 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
-import { UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
+import { Repository, getConnectionManager } from 'typeorm';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserDeletionNotConfirmedError, UserIdsNotMatchingError, UserNotFoundError, UsernameContainsIllegalCharacterError } from '../errors/UserErrors';
 import { UserGroupNotFoundError } from '../errors/UserGroupErrors';
 import { CreateUser } from '../models/actions/create/CreateUser';
 import { UpdateUser } from '../models/actions/update/UpdateUser';
@@ -28,9 +28,17 @@ export class UserController {
 	@Authorized("USER:GET")
 	@ResponseSchema(ResponseUser, { isArray: true })
 	@OpenAPI({ description: 'Lists all users. <br> This includes their groups and permissions granted to them.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseUsers: ResponseUser[] = new Array<ResponseUser>();
-		const users = await this.userRepository.find({ relations: ['permissions', 'groups', 'groups.permissions'] });
+		let users: Array<User>;
+
+		if (page != undefined) {
+			users = await this.userRepository.find({ relations: ['permissions', 'groups', 'groups.permissions'], skip: page * page_size, take: page_size });
+		}
+		else {
+			users = await this.userRepository.find({ relations: ['permissions', 'groups', 'groups.permissions'] });
+		}
+
 		users.forEach(user => {
 			responseUsers.push(new ResponseUser(user));
 		});
@@ -66,6 +74,10 @@ export class UserController {
 	@ResponseSchema(ResponseUser)
 	@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainUppercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainLowercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainNumberError, { statusCode: 406 })
+	@ResponseSchema(PasswordTooShortError, { statusCode: 406 })
 	@OpenAPI({ description: 'Create a new user. <br> If you want to grant permissions to the user you have to create them seperately by posting to /api/permissions after creating the user.' })
 	async post(@Body({ validate: true }) createUser: CreateUser) {
 		let user;
@@ -85,6 +97,10 @@ export class UserController {
 	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UserIdsNotMatchingError, { statusCode: 406 })
 	@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainUppercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainLowercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainNumberError, { statusCode: 406 })
+	@ResponseSchema(PasswordTooShortError, { statusCode: 406 })
 	@OpenAPI({ description: "Update the user whose id you provided. <br> To change the permissions directly granted to the user please use /api/permissions instead. <br> Please remember that ids can't be changed." })
 	async put(@Param('id') id: number, @Body({ validate: true }) updateUser: UpdateUser) {
 		let oldUser = await this.userRepository.findOne({ id: id });

src/controllers/UserGroupController.ts

@@ -1,13 +1,13 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
-import { EntityFromBody } from 'typeorm-routing-controllers-extensions';
+import { Repository, getConnectionManager } from 'typeorm';
 import { UserGroupIdsNotMatchingError, UserGroupNotFoundError } from '../errors/UserGroupErrors';
 import { CreateUserGroup } from '../models/actions/create/CreateUserGroup';
 import { UpdateUserGroup } from '../models/actions/update/UpdateUserGroup';
 import { UserGroup } from '../models/entities/UserGroup';
 import { ResponseEmpty } from '../models/responses/ResponseEmpty';
 import { ResponseUserGroup } from '../models/responses/ResponseUserGroup';
+import { ResponseUserGroupPermissions } from '../models/responses/ResponseUserGroupPermissions';
 import { PermissionController } from './PermissionController';
 
 
@@ -25,20 +25,44 @@ export class UserGroupController {
 
 	@Get()
 	@Authorized("USERGROUP:GET")
-	@ResponseSchema(UserGroup, { isArray: true })
+	@ResponseSchema(ResponseUserGroup, { isArray: true })
 	@OpenAPI({ description: 'Lists all groups. <br> The information provided might change while the project continues to evolve.' })
-	getAll() {
-		return this.userGroupsRepository.find({ relations: ["permissions"] });
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
+		let responseGroups: ResponseUserGroup[] = new Array<ResponseUserGroup>();
+		let groups: Array<UserGroup>;
+
+		if (page != undefined) {
+			groups = await this.userGroupsRepository.find({ relations: ['permissions'], skip: page * page_size, take: page_size });
+		} else {
+			groups = await this.userGroupsRepository.find({ relations: ['permissions'] });
+		}
+
+		groups.forEach(group => {
+			responseGroups.push(group.toResponse());
+		});
+		return responseGroups;
 	}
 
 	@Get('/:id')
 	@Authorized("USERGROUP:GET")
-	@ResponseSchema(UserGroup)
+	@ResponseSchema(ResponseUserGroup)
 	@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
 	@OnUndefined(UserGroupNotFoundError)
 	@OpenAPI({ description: 'Lists all information about the group whose id got provided. <br> The information provided might change while the project continues to evolve.' })
-	getOne(@Param('id') id: number) {
-		return this.userGroupsRepository.findOne({ id: id }, { relations: ["permissions"] });
+	async getOne(@Param('id') id: number) {
+		return await (await (this.userGroupsRepository.findOne({ id: id }, { relations: ["permissions"] }))).toResponse();
+	}
+
+	@Get('/:id/permissions')
+	@Authorized("USERGROUP:GET")
+	@ResponseSchema(ResponseUserGroupPermissions)
+	@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
+	@OnUndefined(UserGroupNotFoundError)
+	@OpenAPI({ description: 'Lists all permissions granted to the group as permission response objects.' })
+	async getPermissions(@Param('id') id: number) {
+		let group = await this.userGroupsRepository.findOne({ id: id }, { relations: ['permissions', 'permissions.principal'] })
+		if (!group) { throw new UserGroupNotFoundError(); }
+		return new ResponseUserGroupPermissions(group);
 	}
 
 	@Post()
@@ -54,7 +78,8 @@ export class UserGroupController {
 			throw error;
 		}
 
-		return this.userGroupsRepository.save(userGroup);
+		userGroup = await this.userGroupsRepository.save(userGroup);
+		return (await (this.userGroupsRepository.findOne({ id: userGroup.id }, { relations: ["permissions"] }))).toResponse();
 	}
 
 	@Put('/:id')
@@ -63,7 +88,7 @@ export class UserGroupController {
 	@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UserGroupIdsNotMatchingError, { statusCode: 406 })
 	@OpenAPI({ description: "Update the group whose id you provided. <br> To change the permissions granted to the group please use /api/permissions instead. <br> Please remember that ids can't be changed." })
-	async put(@Param('id') id: number, @EntityFromBody() updateGroup: UpdateUserGroup) {
+	async put(@Param('id') id: number, @Body({ validate: true }) updateGroup: UpdateUserGroup) {
 		let oldGroup = await this.userGroupsRepository.findOne({ id: id });
 
 		if (!oldGroup) {
@@ -75,7 +100,7 @@ export class UserGroupController {
 		}
 		await this.userGroupsRepository.save(await updateGroup.update(oldGroup));
 
-		return (await this.userGroupsRepository.findOne({ id: id }, { relations: ['permissions', 'groups'] })).toResponse();
+		return (await this.userGroupsRepository.findOne({ id: id }, { relations: ['permissions'] })).toResponse();
 	}
 
 	@Delete('/:id')
@@ -85,7 +110,7 @@ export class UserGroupController {
 	@OnUndefined(204)
 	@OpenAPI({ description: 'Delete the group whose id you provided. <br> If there are any permissions directly granted to the group they will get deleted as well. <br> Users associated with this group won\'t get deleted - just deassociated. <br> If no group with this id exists it will just return 204(no content).' })
 	async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
-		let group = await this.userGroupsRepository.findOne({ id: id }, { relations: ["permissions"] });
+		let group = await this.userGroupsRepository.findOne({ id: id });
 		if (!group) { return null; }
 		const responseGroup = await this.userGroupsRepository.findOne({ id: id }, { relations: ['permissions'] });
 

src/errors/MailErrors.ts

@@ -1,12 +1,17 @@
-import { IsString } from 'class-validator'
+import { IsString } from 'class-validator';
+import { InternalServerError } from 'routing-controllers';
 
 /**
  * Error to throw when a permission couldn't be found.
  */
-export class MailServerConfigError extends Error {
+export class MailSendingError extends InternalServerError {
     @IsString()
-    name = "MailServerConfigError"
+    name = "MailSendingError"
 
     @IsString()
-    message = "The SMTP server you provided couldn't be reached!"
+    message = "We had a problem sending the mail!"
+
+    constructor() {
+        super("We had a problem sending the mail!");
+    }
 }

src/errors/RunnerErrors.ts

@@ -46,6 +46,17 @@ export class RunnerEmailNeededError extends NotAcceptableError {
 	message = "Citizenrunners have to provide an email address for verification and contacting."
 }
 
+/**
+ * Error to throw when a runner already requested a new selfservice link in the last 24hrs.
+ */
+export class RunnerSelfserviceTimeoutError extends NotAcceptableError {
+	@IsString()
+	name = "RunnerSelfserviceTimeoutError"
+
+	@IsString()
+	message = "You can only reqest a new token every 24hrs."
+}
+
 /**
 * Error to throw when a runner still has distance donations associated.
 */

src/errors/UserErrors.ts

@@ -71,4 +71,33 @@ export class UserDeletionNotConfirmedError extends NotAcceptableError {
 
 	@IsString()
 	message = "You are trying to delete a user! \n If you're sure about doing this: provide the ?force=true query param."
+}
+
+export class PasswordMustContainUppercaseLetterError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordMustContainUppercaseLetterError"
+
+	@IsString()
+	message = "Passwords must contain at least one uppercase letter."
+}
+export class PasswordMustContainLowercaseLetterError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordMustContainLowercaseLetterError"
+
+	@IsString()
+	message = "Passwords must contain at least one lowercase letter."
+}
+export class PasswordMustContainNumberError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordMustContainNumberError"
+
+	@IsString()
+	message = "Passwords must contain at least one number."
+}
+export class PasswordTooShortError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordTooShortError"
+
+	@IsString()
+	message = "Passwords must be at least ten characters long."
 }

src/mailer.ts

@@ -1,79 +1,64 @@
-import fs from "fs";
-import nodemailer from 'nodemailer';
-import { MailOptions } from 'nodemailer/lib/json-transport';
-import Mail from 'nodemailer/lib/mailer';
+import axios from 'axios';
 import { config } from './config';
-import { MailServerConfigError } from './errors/MailErrors';
+import { MailSendingError } from './errors/MailErrors';
 
 /**
  * This class is responsible for all things mail sending.
- * This uses the mail emplates from src/static/mail_templates
+ * This uses axios to communicate with the mailer api (https://git.odit.services/lfk/mailer).
  */
 export class Mailer {
-    private transport: Mail;
+    public static base: string = config.mailer_url;
+    public static key: string = config.mailer_key;
+    public static testing: boolean = config.testing;
 
     /**
-     * The class's default constructor.
-     * Creates the transporter and tests the connection.
-     */
-    constructor() {
-        this.transport = nodemailer.createTransport({
-            host: config.mail_server,
-            port: config.mail_port,
-            auth: {
-                user: config.mail_user,
-                pass: config.mail_password
-            }
-        });
-
-        this.transport.verify(function (error, success) {
-            if (error) {
-                throw new MailServerConfigError();
-            }
-        });
-    }
-
-    /**
-     * Function for sending a test mail from the test mail template.
+     * Function for sending a password reset mail.
      * @param to_address The address the mail will be sent to. Should always get pulled from a user object.
      * @param token The requested password reset token - will be combined with the app_url to generate a password reset link.
      */
-    public async sendResetMail(to_address: string, token: String) {
-        const reset_link = `${config.app_url}/reset/${token}`
-        const body_html = fs.readFileSync(__dirname + '/static/mail_templates/pw-reset.html', { encoding: 'utf8' }).replace("{{reset_link}}", reset_link).replace("{{recipient_mail}}", to_address).replace("{{copyright_owner}}", "LfK!").replace("{{link_imprint}}", `${config.app_url}/imprint`).replace("{{link_privacy}}", `${config.app_url}/privacy`);
-        const body_txt = fs.readFileSync(__dirname + '/static/mail_templates/pw-reset.html', { encoding: 'utf8' }).replace("{{reset_link}}", reset_link).replace("{{recipient_mail}}", to_address).replace("{{copyright_owner}}", "LfK!").replace("{{link_imprint}}", `${config.app_url}/imprint`).replace("{{link_privacy}}", `${config.app_url}/privacy`);
-
-        const mail: MailOptions = {
-            to: to_address,
-            subject: "LfK! Password Reset",
-            text: body_txt,
-            html: body_html
-        };
-        await this.sendMail(mail);
+    public static async sendResetMail(to_address: string, token: string, locale: string = "en") {
+        try {
+            await axios.post(`${Mailer.base}/reset?locale=${locale}&key=${Mailer.key}`, {
+                address: to_address,
+                resetKey: token
+            });
+        } catch (error) {
+            if (Mailer.testing) { return true; }
+            throw new MailSendingError();
+        }
     }
 
     /**
-     * Function for sending a test mail from the test mail template.
-     * @param to_address The address the test mail will be sent to - this is the configured from-address by default.
+     * Function for sending a runner selfservice welcome mail.
+     * @param to_address The address the mail will be sent to. Should always get pulled from a runner object.
+     * @param token The requested selfservice token - will be combined with the app_url to generate a selfservice profile link.
      */
-    public async sendTestMail(to_address: string = config.mail_from) {
-        const body_html = fs.readFileSync(__dirname + '/static/mail_templates/test.html', { encoding: 'utf8' }).replace("{{recipient_mail}}", to_address).replace("{{copyright_owner}}", "LfK!").replace("{{link_imprint}}", `${config.app_url}/imprint`).replace("{{link_privacy}}", `${config.app_url}/privacy`);
-        const body_txt = fs.readFileSync(__dirname + '/static/mail_templates/test.txt', { encoding: 'utf8' }).replace("{{recipient_mail}}", to_address).replace("{{copyright_owner}}", "LfK!").replace("{{link_imprint}}", `${config.app_url}/imprint`).replace("{{link_privacy}}", `${config.app_url}/privacy`);
-        const mail: MailOptions = {
-            to: to_address,
-            subject: "LfK! Test Mail",
-            text: body_txt,
-            html: body_html
-        };
-        await this.sendMail(mail);
+    public static async sendSelfserviceWelcomeMail(to_address: string, token: string, locale: string = "en") {
+        try {
+            await axios.post(`${Mailer.base}/registration?locale=${locale}&key=${Mailer.key}`, {
+                address: to_address,
+                selfserviceToken: token
+            });
+        } catch (error) {
+            if (Mailer.testing) { return true; }
+            throw new MailSendingError();
+        }
     }
 
     /**
-     * Wrapper function for sending a mail via this object's transporter.
-     * @param mail MailOptions object containing the 
+     * Function for sending a runner selfservice link forgotten mail.
+     * @param to_address The address the mail will be sent to. Should always get pulled from a runner object.
+     * @param token The requested selfservice token - will be combined with the app_url to generate a selfservice profile link.
      */
-    public async sendMail(mail: MailOptions) {
-        mail.from = config.mail_from;
-        await this.transport.sendMail(mail);
+    public static async sendSelfserviceForgottenMail(to_address: string, token: string, locale: string = "en") {
+        try {
+            await axios.post(`${Mailer.base}/registration_forgot?locale=${locale}&key=${Mailer.key}`, {
+                address: to_address,
+                selfserviceToken: token
+            });
+        } catch (error) {
+            if (Mailer.testing) { return true; }
+            throw new MailSendingError();
+        }
     }
 }

src/middlewares/ScanAuth.ts

@@ -15,14 +15,14 @@ import authchecker from './authchecker';
 const ScanAuth = async (req: Request, res: Response, next: () => void) => {
     let provided_token: string = req.headers["authorization"];
     if (provided_token == "" || provided_token === undefined || provided_token === null) {
-        res.status(401).send("No api token provided.");
+        res.status(401).send({ http_code: 401, short: "no_token", message: "No api token provided." });
         return;
     }
 
     try {
         provided_token = provided_token.replace("Bearer ", "");
     } catch (error) {
-        res.status(401).send("No valid jwt or api token provided.");
+        res.status(401).send({ http_code: 401, short: "no_token", message: "No valid jwt or api token provided." });
         return;
     }
 
@@ -32,7 +32,7 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => {
     }
     finally {
         if (prefix == "" || prefix == undefined || prefix == null) {
-            res.status(401).send("Api token non-existent or invalid syntax.");
+            res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." });
             return;
         }
     }
@@ -46,7 +46,7 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => {
         }
         finally {
             if (user_authorized == false) {
-                res.status(401).send("Api token non-existent or invalid syntax.");
+                res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." });
                 return;
             }
             else {
@@ -56,13 +56,13 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => {
     }
     else {
         if (station.enabled == false) {
-            res.status(401).send("Station disabled.");
+            res.status(401).send({ http_code: 401, short: "station_disabled", message: "Station is disabled." });
         }
         if (!(await argon2.verify(station.key, provided_token))) {
-            res.status(401).send("Api token invalid.");
+            res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." });
             return;
         }
-
+        req.headers["station_id"] = station.id.toString();
         next();
     }
 }

src/models/actions/create/CreateDistanceDonation.ts

@@ -33,6 +33,7 @@ export class CreateDistanceDonation extends CreateDonation {
         let newDonation = new DistanceDonation;
 
         newDonation.amountPerDistance = this.amountPerDistance;
+        newDonation.paidAmount = this.paidAmount;
         newDonation.donor = await this.getDonor();
         newDonation.runner = await this.getRunner();
 

src/models/actions/create/CreateDonation.ts

@@ -1,4 +1,4 @@
-import { IsInt, IsPositive } from 'class-validator';
+import { IsInt, IsOptional, IsPositive } from 'class-validator';
 import { getConnection } from 'typeorm';
 import { DonorNotFoundError } from '../../../errors/DonorErrors';
 import { Donation } from '../../entities/Donation';
@@ -16,6 +16,13 @@ export abstract class CreateDonation {
     @IsPositive()
     donor: number;
 
+    /**
+     * The donation's paid amount in the smalles unit of your currency (default: euro cent).
+     */
+    @IsInt()
+    @IsOptional()
+    paidAmount?: number;
+
     /**
      * Creates a new Donation entity from this.
      */

src/models/actions/create/CreateFixedDonation.ts

@@ -21,6 +21,7 @@ export class CreateFixedDonation extends CreateDonation {
         let newDonation = new FixedDonation;
 
         newDonation.amount = this.amount;
+        newDonation.paidAmount = this.paidAmount;
         newDonation.donor = await this.getDonor();
 
         return newDonation;

src/models/actions/create/CreateResetToken.ts

@@ -23,7 +23,7 @@ export class CreateResetToken {
     /**
      * Create a password reset token based on this.
      */
-    public async toResetToken(): Promise<any> {
+    public async toResetToken(): Promise<string> {
         if (!this.email) {
             throw new UserEmailNeededError();
         }
@@ -37,7 +37,7 @@ export class CreateResetToken {
         await getConnectionManager().get().getRepository(User).save(found_user);
 
         //Create the reset token
-        let reset_token = JwtCreator.createReset(found_user);
+        let reset_token: string = JwtCreator.createReset(found_user);
 
         return reset_token;
     }

src/models/actions/create/CreateTrackScan.ts

@@ -1,4 +1,5 @@
-import { IsInt, IsPositive } from 'class-validator';
+import { IsInt, IsOptional, IsPositive } from 'class-validator';
+import { BadRequestError } from 'routing-controllers';
 import { getConnection } from 'typeorm';
 import { RunnerCardNotFoundError } from '../../../errors/RunnerCardErrors';
 import { RunnerNotFoundError } from '../../../errors/RunnerErrors';
@@ -22,10 +23,12 @@ export class CreateTrackScan {
     /**
      * The scanning station's id that created the scan.
      * Mainly used for logging and traceing back scans (or errors).
+     * You don't have to provide the station if you're authenticateing via a scanstation token (The server takes care of it for you).
      */
     @IsInt()
     @IsPositive()
-    station: number;
+    @IsOptional()
+    station?: number;
 
     /**
      * Creates a new Track entity from this.
@@ -44,20 +47,32 @@ export class CreateTrackScan {
         }
 
         newScan.timestamp = Math.round(new Date().getTime() / 1000);
-        newScan.valid = await this.validateScan(newScan);
+        newScan = await this.validateScan(newScan);
 
         return newScan;
     }
 
+    /**
+     * Get's a runnerCard entity via the provided id.
+     * @returns The runnerCard whom's id you provided.
+     */
     public async getCard(): Promise<RunnerCard> {
-        const track = await getConnection().getRepository(RunnerCard).findOne({ id: this.card }, { relations: ["runner"] });
-        if (!track) {
+        const id = this.card % 200000000000;
+        const runnerCard = await getConnection().getRepository(RunnerCard).findOne({ id: id }, { relations: ["runner"] });
+        if (!runnerCard) {
             throw new RunnerCardNotFoundError();
         }
-        return track;
+        return runnerCard;
     }
 
+    /**
+     * Get's a scanstation entity via the provided id.
+     * @returns The scanstation whom's id you provided.
+     */
     public async getStation(): Promise<ScanStation> {
+        if (!this.station) {
+            throw new BadRequestError("You are missing the station's id!")
+        }
         const station = await getConnection().getRepository(ScanStation).findOne({ id: this.station }, { relations: ["track"] });
         if (!station) {
             throw new ScanStationNotFoundError();
@@ -65,15 +80,21 @@ export class CreateTrackScan {
         return station;
     }
 
-    public async validateScan(scan: TrackScan): Promise<boolean> {
-        const scans = await getConnection().getRepository(TrackScan).find({ where: { runner: scan.runner, valid: true }, relations: ["track"] });
-        if (scans.length == 0) { return true; }
-
-        const newestScan = scans[scans.length - 1];
-        if ((scan.timestamp - newestScan.timestamp) > scan.track.minimumLapTime) {
-            return true;
+    /**
+     * Validates the scan and sets it's lap time;
+     * @param scan The scan you want to validate
+     * @returns The validated scan with it's laptime set.
+     */
+    public async validateScan(scan: TrackScan): Promise<TrackScan> {
+        const latestScan = await getConnection().getRepository(TrackScan).findOne({ where: { runner: scan.runner, valid: true }, relations: ["track"], order: { id: 'DESC' } });
+        if (!latestScan) {
+            scan.lapTime = 0;
+            scan.valid = true;
         }
-
-        return false;
+        else {
+            scan.lapTime = scan.timestamp - latestScan.timestamp;
+            scan.valid = (scan.lapTime > scan.track.minimumLapTime);
+        }
+        return scan;
     }
 }

src/models/actions/create/CreateUser.ts

@@ -1,9 +1,10 @@
 import * as argon2 from "argon2";
+import { passwordStrength } from "check-password-strength";
 import { IsBoolean, IsEmail, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator';
 import { getConnectionManager } from 'typeorm';
 import * as uuid from 'uuid';
 import { config } from '../../../config';
-import { UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
 import { UserGroupNotFoundError } from '../../../errors/UserGroupErrors';
 import { User } from '../../entities/User';
 import { UserGroup } from '../../entities/UserGroup';
@@ -94,7 +95,13 @@ export class CreateUser {
         if (!this.email) {
             throw new UserEmailNeededError();
         }
-        if (this.username.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
+        if (this.username?.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
+
+        let password_strength = passwordStrength(this.password);
+        if (!password_strength.contains.includes("uppercase")) { throw new PasswordMustContainUppercaseLetterError(); }
+        if (!password_strength.contains.includes("lowercase")) { throw new PasswordMustContainLowercaseLetterError(); }
+        if (!password_strength.contains.includes("number")) { throw new PasswordMustContainNumberError(); }
+        if (!(password_strength.length > 9)) { throw new PasswordTooShortError(); }
 
         newUser.email = this.email
         newUser.username = this.username
@@ -107,7 +114,7 @@ export class CreateUser {
         newUser.groups = await this.getGroups();
         newUser.enabled = this.enabled;
 
-        if (!this.profilePic) { newUser.profilePic = `https://dev.lauf-fuer-kaya.de/lfk-logo.png`; }
+        if (!this.profilePic) { newUser.profilePic = `https://lauf-fuer-kaya.de/lfk-logo.png`; }
         else { newUser.profilePic = this.profilePic; }
 
         return newUser;

src/models/actions/update/UpdateDistanceDonation.ts

@@ -32,6 +32,7 @@ export class UpdateDistanceDonation extends UpdateDonation {
      */
     public async update(donation: DistanceDonation): Promise<DistanceDonation> {
         donation.amountPerDistance = this.amountPerDistance;
+        donation.paidAmount = this.paidAmount;
         donation.donor = await this.getDonor();
         donation.runner = await this.getRunner();
 

src/models/actions/update/UpdateDonation.ts

@@ -1,4 +1,4 @@
-import { IsInt, IsPositive } from 'class-validator';
+import { IsInt, IsOptional, IsPositive } from 'class-validator';
 import { getConnection } from 'typeorm';
 import { DonorNotFoundError } from '../../../errors/DonorErrors';
 import { Donation } from '../../entities/Donation';
@@ -23,6 +23,13 @@ export abstract class UpdateDonation {
     @IsPositive()
     donor: number;
 
+    /**
+     * The donation's paid amount in the smalles unit of your currency (default: euro cent).
+     */
+    @IsInt()
+    @IsOptional()
+    paidAmount?: number;
+
     /**
      * Creates a new Donation entity from this.
      */

src/models/actions/update/UpdateFixedDonation.ts

@@ -20,6 +20,7 @@ export class UpdateFixedDonation extends UpdateDonation {
      */
     public async update(donation: FixedDonation): Promise<FixedDonation> {
         donation.amount = this.amount;
+        donation.paidAmount = this.paidAmount;
         donation.donor = await this.getDonor();
 
         return donation;

src/models/actions/update/UpdateTrackScan.ts

@@ -1,9 +1,9 @@
 import { IsBoolean, IsInt, IsOptional, IsPositive } from 'class-validator';
 import { getConnection } from 'typeorm';
 import { RunnerNotFoundError } from '../../../errors/RunnerErrors';
-import { ScanStationNotFoundError } from '../../../errors/ScanStationErrors';
+import { TrackNotFoundError } from '../../../errors/TrackErrors';
 import { Runner } from '../../entities/Runner';
-import { ScanStation } from '../../entities/ScanStation';
+import { Track } from '../../entities/Track';
 import { TrackScan } from '../../entities/TrackScan';
 
 /**
@@ -38,7 +38,7 @@ export abstract class UpdateTrackScan {
      */
     @IsInt()
     @IsPositive()
-    public station: number;
+    public track: number;
 
     /**
      * Update a TrackScan entity based on this.
@@ -47,8 +47,7 @@ export abstract class UpdateTrackScan {
     public async update(scan: TrackScan): Promise<TrackScan> {
         scan.valid = this.valid;
         scan.runner = await this.getRunner();
-        scan.station = await this.getStation();
-        scan.track = scan.station.track;
+        scan.track = await this.getTrack();
 
         return scan;
     }
@@ -67,11 +66,11 @@ export abstract class UpdateTrackScan {
     /**
      * Gets a runner based on the runner id provided via this.runner.
      */
-    public async getStation(): Promise<ScanStation> {
-        const station = await getConnection().getRepository(ScanStation).findOne({ id: this.station }, { relations: ['track'] });
-        if (!station) {
-            throw new ScanStationNotFoundError();
+    public async getTrack(): Promise<Track> {
+        const track = await getConnection().getRepository(Track).findOne({ id: this.track });
+        if (!track) {
+            throw new TrackNotFoundError();
         }
-        return station;
+        return track;
     }
 }

src/models/actions/update/UpdateUser.ts

@@ -1,12 +1,14 @@
 import * as argon2 from "argon2";
+import { passwordStrength } from "check-password-strength";
 import { IsBoolean, IsEmail, IsInt, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator';
 import { getConnectionManager } from 'typeorm';
 import { config } from '../../../config';
-import { UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
 import { UserGroupNotFoundError } from '../../../errors/UserGroupErrors';
 import { User } from '../../entities/User';
 import { UserGroup } from '../../entities/UserGroup';
 
+
 /**
  * This class is used to update a User entity (via put request).
  */
@@ -104,6 +106,11 @@ export class UpdateUser {
         if (this.username.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
 
         if (this.password) {
+            let password_strength = passwordStrength(this.password);
+            if (!password_strength.contains.includes("uppercase")) { throw new PasswordMustContainUppercaseLetterError(); }
+            if (!password_strength.contains.includes("lowercase")) { throw new PasswordMustContainLowercaseLetterError(); }
+            if (!password_strength.contains.includes("number")) { throw new PasswordMustContainNumberError(); }
+            if (!(password_strength.length > 9)) { throw new PasswordTooShortError(); }
             user.password = await argon2.hash(this.password + user.uuid);
             user.refreshTokenCount = user.refreshTokenCount + 1;
         }
@@ -117,7 +124,7 @@ export class UpdateUser {
         user.phone = this.phone;
         user.groups = await this.getGroups();
 
-        if (!this.profilePic) { user.profilePic = `https://dev.lauf-fuer-kaya.de/lfk-logo.png`; }
+        if (!this.profilePic) { user.profilePic = `https://lauf-fuer-kaya.de/lfk-logo.png`; }
         else { user.profilePic = this.profilePic; }
 
         return user;

src/models/entities/Donation.ts

@@ -2,7 +2,7 @@ import {
   IsInt,
   IsNotEmpty
 } from "class-validator";
-import { Entity, ManyToOne, PrimaryGeneratedColumn, TableInheritance } from "typeorm";
+import { Column, Entity, ManyToOne, PrimaryGeneratedColumn, TableInheritance } from "typeorm";
 import { ResponseDonation } from '../responses/ResponseDonation';
 import { Donor } from './Donor';
 
@@ -34,6 +34,13 @@ export abstract class Donation {
    */
   public abstract get amount(): number;
 
+  /**
+   * The donation's paid amount in cents (or whatever your currency's smallest unit is.).
+   * Used to mark donations as paid.
+   */
+  @Column({ nullable: true })
+  @IsInt()
+  paidAmount: number;
 
   /**
    * Turns this entity into it's response class.

src/models/entities/Donor.ts

@@ -33,6 +33,15 @@ export class Donor extends Participant {
     return this.donations.reduce((sum, current) => sum + current.amount, 0);
   }
 
+  /**
+   * Returns the total paid donations of a donor based on his linked donations.
+  */
+  @IsInt()
+  public get paidDonationAmount(): number {
+    if (!this.donations) { return 0; }
+    return this.donations.reduce((sum, current) => sum + current.paidAmount, 0);
+  }
+
   /**
    * Turns this entity into it's response class.
    */

src/models/entities/Runner.ts

@@ -1,5 +1,5 @@
-import { IsInt, IsNotEmpty } from "class-validator";
-import { ChildEntity, ManyToOne, OneToMany } from "typeorm";
+import { IsInt, IsNotEmpty, IsOptional, IsString } from "class-validator";
+import { ChildEntity, Column, ManyToOne, OneToMany } from "typeorm";
 import { ResponseRunner } from '../responses/ResponseRunner';
 import { DistanceDonation } from "./DistanceDonation";
 import { Participant } from "./Participant";
@@ -43,6 +43,15 @@ export class Runner extends Participant {
   @OneToMany(() => Scan, scan => scan.runner, { nullable: true })
   scans: Scan[];
 
+  /**
+  * The last time the runner requested a selfservice link.
+  * Used to prevent spamming of the selfservice link forgotten route.
+  */
+  @Column({ nullable: true, unique: false })
+  @IsString()
+  @IsOptional()
+  resetRequestedTimestamp?: number;
+
   /**
    * Returns all valid scans associated with this runner.
    * This is implemented here to avoid duplicate code in other files.

src/models/entities/RunnerCard.ts

@@ -52,13 +52,7 @@ export class RunnerCard {
    * Generates a ean-13 compliant string for barcode generation.
    */
   public get code(): string {
-    const multiply = [1, 3];
-    let total = 0;
-    this.paddedId.split('').forEach((letter, index) => {
-      total += parseInt(letter, 10) * multiply[index % 2];
-    });
-    const checkSum = (Math.ceil(total / 10) * 10) - total;
-    return this.paddedId + checkSum.toString();
+    return this.paddedId
   }
 
   /**
@@ -67,10 +61,11 @@ export class RunnerCard {
   private get paddedId(): string {
     let id: string = this.id.toString();
 
-    if (id.length > 12) {
+    if (id.length > 11) {
       throw new RunnerCardIdOutOfRangeError();
     }
-    while (id.length < 12) { id = '0' + id; }
+    while (id.length < 11) { id = '0' + id; }
+    id = '2' + id;
 
     return id;
   }

src/models/entities/RunnerGroup.ts

@@ -51,6 +51,9 @@ export abstract class RunnerGroup {
   */
   @IsInt()
   public get distance(): number {
+    if (!this.runners || this.runners.length == 0) {
+      return 0;
+    }
     return this.runners.reduce((sum, current) => sum + current.distance, 0);
   }
 

src/models/entities/TrackScan.ts

@@ -2,6 +2,8 @@ import {
   IsInt,
   IsNotEmpty,
 
+  IsNumber,
+
   IsPositive
 } from "class-validator";
 import { ChildEntity, Column, ManyToOne } from "typeorm";
@@ -59,6 +61,14 @@ export class TrackScan extends Scan {
   @IsInt()
   timestamp: number;
 
+  /**
+   * The scan's lap time.
+   * This simply get's calculated from the last lap time;
+   */
+  @Column()
+  @IsNumber()
+  lapTime: number;
+
   /**
    * Turns this entity into it's response class.
    */

src/models/enums/DonationStatus.ts

@@ -0,0 +1,7 @@
+/**
+ * This enum contains all status a donation can inherit regarding it's payment status.
+ */
+export enum DonationStatus {
+    OPEN = 'OPEN',
+    PAID = 'PAID'
+}

src/models/enums/ResponseObjectType.ts

@@ -21,6 +21,10 @@ export enum ResponseObjectType {
     SCANSTATION = 'SCANSTATION',
     SELFSERVICEDONATION = 'SELFSERVICEDONATION',
     SELFSERVICERUNNER = 'SELFSERVICRUNNER',
+    SELFSERVICESCAN = 'SELFSERVICESCAN',
+    SELFSERVICETRACKSCAN = 'SELFSERVICETRACKSCAN',
+    SELFSERVICETEAM = 'SELFSERVICETEAM',
+    SELFSERVICEORGANIZATION = 'SELFSERVICEORGANIZATION',
     STATS = 'STATS',
     STATSCLIENT = 'STATSCLIENT',
     STATSORGANIZATION = 'STATSORGANIZATION',
@@ -31,4 +35,5 @@ export enum ResponseObjectType {
     USER = 'USER',
     USERGROUP = 'USERGROUP',
     USERPERMISSIONS = 'USERPERMISSIONS',
+    SELFSERVICEDONOR = 'SELFSERVICEDONOR'
 }

src/models/responses/ResponseDonation.ts

@@ -1,5 +1,6 @@
 import { IsInt, IsNotEmpty, IsPositive } from "class-validator";
 import { Donation } from '../entities/Donation';
+import { DonationStatus } from '../enums/DonationStatus';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
 import { ResponseDonor } from './ResponseDonor';
@@ -15,6 +16,12 @@ export class ResponseDonation implements IResponse {
     */
     responseType: ResponseObjectType = ResponseObjectType.DONATION;
 
+    /**
+    * The donation's payment status.
+    * Provides you with a quick indicator of it's payment status.
+    */
+    status: DonationStatus;
+
     /**
      * The donation's id.
      */
@@ -34,13 +41,28 @@ export class ResponseDonation implements IResponse {
     @IsInt()
     amount: number;
 
+    /**
+     * The donation's paid amount in the smalles unit of your currency (default: euro cent).
+     */
+    @IsInt()
+    paidAmount: number;
+
     /**
      * Creates a ResponseDonation object from a scan.
      * @param donation The donation the response shall be build for.
      */
     public constructor(donation: Donation) {
         this.id = donation.id;
-        this.donor = donation.donor.toResponse();
+        if (donation.donor) {
+            this.donor = donation.donor.toResponse();
+        }
         this.amount = donation.amount;
+        this.paidAmount = donation.paidAmount || 0;
+        if (this.paidAmount < this.amount) {
+            this.status = DonationStatus.OPEN;
+        }
+        else {
+            this.status = DonationStatus.PAID;
+        }
     }
 }

src/models/responses/ResponseDonor.ts

@@ -4,6 +4,7 @@ import {
 import { Donor } from '../entities/Donor';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
+import { ResponseDonation } from './ResponseDonation';
 import { ResponseParticipant } from './ResponseParticipant';
 
 /**
@@ -28,6 +29,14 @@ export class ResponseDonor extends ResponseParticipant implements IResponse {
     @IsInt()
     donationAmount: number;
 
+    /**
+    * Returns the total paid donations of a donor based on his linked donations.
+    */
+    @IsInt()
+    paidDonationAmount: number;
+
+    donations: Array<ResponseDonation>;
+
     /**
      * Creates a ResponseRunner object from a runner.
      * @param runner The user the response shall be build for.
@@ -36,5 +45,12 @@ export class ResponseDonor extends ResponseParticipant implements IResponse {
         super(donor);
         this.receiptNeeded = donor.receiptNeeded;
         this.donationAmount = donor.donationAmount;
+        this.paidDonationAmount = donor.paidDonationAmount;
+        this.donations = new Array<ResponseDonation>();
+        if (donor.donations?.length > 0) {
+            for (const donation of donor.donations) {
+                this.donations.push(donation.toResponse())
+            }
+        }
     }
 }

src/models/responses/ResponseRunnerGroup.ts

@@ -1,4 +1,4 @@
-import { IsInt, IsNotEmpty, IsObject, IsOptional, IsString } from "class-validator";
+import { IsInt, IsNotEmpty, IsNumber, IsObject, IsOptional, IsString } from "class-validator";
 import { RunnerGroup } from '../entities/RunnerGroup';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
@@ -36,6 +36,10 @@ export abstract class ResponseRunnerGroup implements IResponse {
     @IsOptional()
     contact?: ResponseGroupContact;
 
+    @IsOptional()
+    @IsNumber()
+    total_distance: number
+
     /**
      * Creates a ResponseRunnerGroup object from a runnerGroup.
      * @param group The runnerGroup the response shall be build for.
@@ -44,5 +48,6 @@ export abstract class ResponseRunnerGroup implements IResponse {
         this.id = group.id;
         this.name = group.name;
         if (group.contact) { this.contact = group.contact.toResponse(); };
+        if (group.runners) { this.total_distance = group.runners.reduce((p, c) => p + c.distance, 0) }
     }
 }

src/models/responses/ResponseRunnerOrganization.ts

@@ -67,6 +67,9 @@ export class ResponseRunnerOrganization extends ResponseRunnerGroup implements I
             for (let team of org.teams) {
                 this.teams.push(team.toResponse());
             }
+            for (const team of this.teams) {
+                this.total_distance += team.total_distance;
+            }
         }
 
         if (!org.key) { this.registrationEnabled = false; }

src/models/responses/ResponseSelfServiceDonation.ts

@@ -2,6 +2,7 @@ import { IsInt, IsNotEmpty, IsPositive } from 'class-validator';
 import { DistanceDonation } from '../entities/DistanceDonation';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
+import { ResponseSelfServiceDonor } from './ResponseSelfServiceDonor';
 
 /**
  * Defines the runner selfservice donation response.
@@ -18,7 +19,7 @@ export class ResponseSelfServiceDonation implements IResponse {
      * The donation's donor.
      */
     @IsNotEmpty()
-    donor: string;
+    donor: ResponseSelfServiceDonor;
 
     /**
      * The donation's amount in the smalles unit of your currency (default: euro cent).
@@ -35,9 +36,7 @@ export class ResponseSelfServiceDonation implements IResponse {
     amountPerDistance: number;
 
     public constructor(donation: DistanceDonation) {
-        if (!donation.donor.middlename) { this.donor = donation.donor.firstname + " " + donation.donor.lastname; }
-        else { this.donor = donation.donor.firstname + " " + donation.donor.middlename + " " + donation.donor.lastname; }
-
+        this.donor = new ResponseSelfServiceDonor(donation.donor);
         this.amountPerDistance = donation.amountPerDistance;
         this.amount = donation.amount;
     }

src/models/responses/ResponseSelfServiceDonor.ts

@@ -0,0 +1,51 @@
+import { IsInt, IsString } from "class-validator";
+import { Donor } from '../entities/Donor';
+import { ResponseObjectType } from '../enums/ResponseObjectType';
+import { IResponse } from './IResponse';
+
+/**
+ * Defines the donor selfservice response.
+ * Why? B/C runner's are not allowed to view all information available to admin users.
+*/
+export class ResponseSelfServiceDonor implements IResponse {
+    /**
+    * The responseType.
+    * This contains the type of class/entity this response contains.
+    */
+    responseType: ResponseObjectType = ResponseObjectType.SELFSERVICEDONOR;
+
+    /**
+     * The participant's id.
+     */
+    @IsInt()
+    id: number;
+
+    /**
+     * The participant's first name.
+     */
+    @IsString()
+    firstname: string;
+
+    /**
+     * The participant's middle name.
+     */
+    @IsString()
+    middlename?: string;
+
+    /**
+     * The participant's last name.
+     */
+    @IsString()
+    lastname: string;
+
+    /**
+     * Creates a ResponseSelfServiceDonor object from a runner.
+     * @param donor The donor the response shall be build for.
+     */
+    public constructor(donor: Donor) {
+        this.id = donor.id;
+        this.firstname = donor.firstname;
+        this.middlename = donor.middlename;
+        this.lastname = donor.lastname;
+    }
+}

src/models/responses/ResponseSelfServiceOrganisation.ts

@@ -0,0 +1,38 @@
+import { IsArray, IsNotEmpty, IsString } from 'class-validator';
+import { RunnerOrganization } from '../entities/RunnerOrganization';
+import { ResponseObjectType } from '../enums/ResponseObjectType';
+import { IResponse } from './IResponse';
+import { ResponseSelfServiceTeam } from './ResponseSelfServiceTeam';
+
+/**
+ * Defines the runner selfservice organization response.
+ * Why? B/C runner's are not allowed to view all information available to admin users.
+*/
+export class ResponseSelfServiceOrganisation implements IResponse {
+    /**
+    * The responseType.
+    * This contains the type of class/entity this response contains.
+    */
+    responseType: ResponseObjectType = ResponseObjectType.SELFSERVICEORGANIZATION;
+
+    /**
+     * The org's name.
+     */
+    @IsNotEmpty()
+    @IsString()
+    name: string;
+
+    /**
+     * The org's teams (just containing name and id).
+     */
+    @IsArray()
+    teams: ResponseSelfServiceTeam[];
+
+    public constructor(org: RunnerOrganization) {
+        this.name = org.name;
+        this.teams = new Array<ResponseSelfServiceTeam>();
+        for (let team of org.teams) {
+            this.teams.push(new ResponseSelfServiceTeam(team));
+        }
+    }
+}

src/models/responses/ResponseSelfServiceRunner.ts

@@ -38,10 +38,10 @@ export class ResponseSelfServiceRunner extends ResponseParticipant implements IR
     group: string;
 
     /**
-     * The runner's associated donations.
+     * The runner's associated distance donations.
      */
     @IsString()
-    donations: ResponseSelfServiceDonation[]
+    distanceDonations: ResponseSelfServiceDonation[]
 
     /**
      * The runner's self-service jwt for auth.
@@ -60,7 +60,7 @@ export class ResponseSelfServiceRunner extends ResponseParticipant implements IR
         this.distance = runner.distance;
         this.donationAmount = runner.distanceDonationAmount;
         this.group = this.getTeamString(runner.group);
-        this.donations = this.getDonations(runner.distanceDonations);
+        this.distanceDonations = this.getDonations(runner.distanceDonations);
     }
 
     /**

src/models/responses/ResponseSelfServiceScan.ts

@@ -0,0 +1,57 @@
+import { IsBoolean, IsInt, IsNotEmpty, IsPositive } from "class-validator";
+import { Scan } from '../entities/Scan';
+import { TrackScan } from '../entities/TrackScan';
+import { ResponseObjectType } from '../enums/ResponseObjectType';
+import { IResponse } from './IResponse';
+
+/**
+ * Defines the scan selfservice response.
+*/
+export class ResponseSelfServiceScan implements IResponse {
+    /**
+    * The responseType.
+    * This contains the type of class/entity this response contains.
+    */
+    responseType: ResponseObjectType = ResponseObjectType.SELFSERVICESCAN;
+
+    /**
+     * The scans's id (for sorting).
+     */
+    @IsInt()
+    id: number;
+
+    /**
+     * Is the scan valid (for fraud reasons).
+     * The determination of validity will work differently for every child class.
+     */
+    @IsBoolean()
+    valid: boolean = true;
+
+    /**
+     * The scans's length/distance in meters.
+     */
+    @IsInt()
+    @IsPositive()
+    distance: number;
+
+    /**
+     * The scans's lap time (0 if non is availdable).
+     */
+    @IsInt()
+    @IsNotEmpty()
+    lapTime: number = 0;
+
+    /**
+     * Creates a ResponseScan object from a scan.
+     * @param scan The scan the response shall be build for.
+     */
+    public constructor(scan: Scan | TrackScan) {
+        this.id = scan.id;
+        this.distance = scan.distance;
+        this.valid = scan.valid;
+        if (scan instanceof TrackScan) {
+            this.lapTime = scan.lapTime;
+            this.responseType = ResponseObjectType.SELFSERVICETRACKSCAN;
+        }
+    }
+}

src/models/responses/ResponseSelfServiceTeam.ts

@@ -0,0 +1,36 @@
+import { IsInt, IsNotEmpty, IsPositive, IsString } from 'class-validator';
+import { RunnerTeam } from '../entities/RunnerTeam';
+import { ResponseObjectType } from '../enums/ResponseObjectType';
+import { IResponse } from './IResponse';
+
+/**
+ * Defines the runner selfservice team response.
+ * Why? B/C runner's are not allowed to view all information available to admin users.
+*/
+export class ResponseSelfServiceTeam implements IResponse {
+    /**
+    * The responseType.
+    * This contains the type of class/entity this response contains.
+    */
+    responseType: ResponseObjectType = ResponseObjectType.SELFSERVICETEAM;
+
+    /**
+     * The team's name.
+     */
+    @IsNotEmpty()
+    @IsString()
+    name: string;
+
+    /**
+     * The team's id.
+     * Will be used to insert runners it into that team.
+     */
+    @IsInt()
+    @IsPositive()
+    id: number;
+
+    public constructor(team: RunnerTeam) {
+        this.name = team.name;
+        this.id = team.id;
+    }
+}

src/models/responses/ResponseStats.ts

@@ -2,11 +2,6 @@ import {
     IsInt
 } from "class-validator";
 import { Donation } from '../entities/Donation';
-import { Runner } from '../entities/Runner';
-import { RunnerOrganization } from '../entities/RunnerOrganization';
-import { RunnerTeam } from '../entities/RunnerTeam';
-import { Scan } from '../entities/Scan';
-import { User } from '../entities/User';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
 
@@ -63,12 +58,30 @@ export class ResponseStats implements IResponse {
     @IsInt()
     total_donation: number;
 
+    /**
+     * The total donation count (cent).
+     */
+    @IsInt()
+    total_donations: number;
+
+    /**
+     * The total donor count.
+     */
+    @IsInt()
+    total_donors: number;
+
     /**
      * The average distance ran per runner.
      */
     @IsInt()
     average_distance: number;
 
+    /**
+     * The average donation per distance (cent).
+     */
+    @IsInt()
+    average_donation: number;
+
     /**
      * Creates a new stats response containing some basic statistics for a dashboard or public display.
      * @param runners Array containing all runners - the following relations have to be resolved: scans, scans.track
@@ -78,14 +91,17 @@ export class ResponseStats implements IResponse {
      * @param scans Array containing all scans - no relations have to be resolved.
      * @param donations Array containing all donations - the following relations have to be resolved: runner, runner.scans, runner.scans.track
      */
-    public constructor(runners: Runner[], teams: RunnerTeam[], orgs: RunnerOrganization[], users: User[], scans: Scan[], donations: Donation[]) {
-        this.total_runners = runners.length;
-        this.total_teams = teams.length;
-        this.total_orgs = orgs.length;
-        this.total_users = users.length;
-        this.total_scans = scans.filter(scan => { scan.valid === true }).length;
-        this.total_distance = runners.reduce((sum, current) => sum + current.distance, 0);
+    public constructor(runners: number, teams: number, orgs: number, users: number, scans: number, donations: Donation[], distance: number, donors: number) {
+        this.total_runners = runners;
+        this.total_teams = teams;
+        this.total_orgs = orgs;
+        this.total_users = users;
+        this.total_scans = scans;
+        this.total_distance = distance;
         this.total_donation = donations.reduce((sum, current) => sum + current.amount, 0);
+        this.total_donations = donations.length;
+        this.average_donation = this.total_donation / this.total_donations
+        this.total_donors = donors;
         this.average_distance = this.total_distance / this.total_runners;
     }
 }

src/models/responses/ResponseStatsOrganization.ts

@@ -49,7 +49,15 @@ export class ResponseStatsOrgnisation implements IResponse {
     public constructor(org: RunnerOrganization) {
         this.name = org.name;
         this.id = org.id;
-        this.distance = org.distance;
-        this.donationAmount = org.distanceDonationAmount;
+        try {
+            this.distance = org.distance;
+        } catch {
+            this.distance = -1;
+        }
+        try {
+            this.donationAmount = org.distanceDonationAmount;
+        } catch {
+            this.donationAmount = -1;
+        }
     }
 }

src/models/responses/ResponseStatsRunner.ts

@@ -1,6 +1,7 @@
 import {
     IsInt,
     IsObject,
+    IsOptional,
     IsString
 } from "class-validator";
 import { Runner } from '../entities/Runner';
@@ -55,6 +56,13 @@ export class ResponseStatsRunner implements IResponse {
     @IsInt()
     donationAmount: number;
 
+    /**
+     * The runner's fastest laptime in seconds.
+     */
+    @IsInt()
+    @IsOptional()
+    minLaptime?: number;
+
     /**
      * The runner's group.
      */
@@ -65,13 +73,28 @@ export class ResponseStatsRunner implements IResponse {
      * Creates a new runner stats response from a runner
      * @param runner The runner whoes response shall be generated - the following relations have to be resolved: scans, group, distanceDonations, scans.track
      */
-    public constructor(runner: Runner) {
+    public constructor(runner: Runner, laptime?: number) {
         this.id = runner.id;
         this.firstname = runner.firstname;
-        this.middlename = runner.middlename;
+        if (runner.firstname) {
+            this.middlename = runner.middlename;
+        }
         this.lastname = runner.lastname;
-        this.distance = runner.distance;
-        this.donationAmount = runner.distanceDonationAmount;
+        try {
+            this.distance = runner.distance;
+        }
+        catch {
+            this.distance = -1;
+        }
+        try {
+            this.donationAmount = runner.distanceDonationAmount;
+        }
+        catch {
+            this.donationAmount = -1;
+        }
+        if (laptime) {
+            this.minLaptime = laptime;
+        }
         this.group = runner.group.toResponse();
     }
 }

src/models/responses/ResponseStatsTeam.ts

@@ -57,7 +57,15 @@ export class ResponseStatsTeam implements IResponse {
         this.name = team.name;
         this.id = team.id;
         this.parent = team.parentGroup.toResponse();
-        this.distance = team.distance;
-        this.donationAmount = team.distanceDonationAmount;
+        try {
+            this.distance = team.distance;
+        } catch {
+            this.distance = -1;
+        }
+        try {
+            this.donationAmount = team.distanceDonationAmount;
+        } catch {
+            this.donationAmount = -1;
+        }
     }
 }

src/models/responses/ResponseTrackScan.ts

@@ -1,4 +1,4 @@
-import { IsDateString, IsNotEmpty } from "class-validator";
+import { IsDateString, IsNotEmpty, IsNumber } from "class-validator";
 import { TrackScan } from '../entities/TrackScan';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
@@ -42,6 +42,13 @@ export class ResponseTrackScan extends ResponseScan implements IResponse {
     @IsNotEmpty()
     timestamp: number;
 
+    /**
+   * The scan's lap time.
+   * This simply get's calculated from the last lap time;
+   */
+    @IsNumber()
+    lapTime: number;
+
     /**
      * Creates a ResponseTrackScan object from a scan.
      * @param scan The trackSscan the response shall be build for.
@@ -53,5 +60,6 @@ export class ResponseTrackScan extends ResponseScan implements IResponse {
         if (scan.station) { scan.station.toResponse(); }
         this.timestamp = scan.timestamp;
         this.distance = scan.distance;
+        this.lapTime = scan.lapTime;
     }
 }

src/models/responses/ResponseUserGroup.ts

@@ -2,7 +2,6 @@ import { IsArray, IsNotEmpty, IsOptional, IsString } from "class-validator";
 import { UserGroup } from '../entities/UserGroup';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
-import { ResponsePermission } from './ResponsePermission';
 import { ResponsePrincipal } from './ResponsePrincipal';
 
 /**
@@ -34,7 +33,7 @@ export class ResponseUserGroup extends ResponsePrincipal implements IResponse {
      */
     @IsArray()
     @IsOptional()
-    permissions: ResponsePermission[];
+    permissions: string[] = new Array<string>();
 
     /**
      * Creates a ResponseUserGroup object from a userGroup.
@@ -46,7 +45,7 @@ export class ResponseUserGroup extends ResponsePrincipal implements IResponse {
         this.description = group.description;
         if (group.permissions) {
             for (let permission of group.permissions) {
-                this.permissions.push(permission.toResponse());
+                this.permissions.push(permission.toString());
             }
         }
     }

src/models/responses/ResponseUserGroupPermissions.ts

@@ -0,0 +1,43 @@
+import {
+    IsArray,
+    IsOptional
+} from "class-validator";
+import { UserGroup } from '../entities/UserGroup';
+import { ResponseObjectType } from '../enums/ResponseObjectType';
+import { IResponse } from './IResponse';
+import { ResponsePermission } from './ResponsePermission';
+
+/**
+ * Defines the group permission response (get /api/groups/:id/permissions).
+*/
+export class ResponseUserGroupPermissions implements IResponse {
+    /**
+    * The responseType.
+    * This contains the type of class/entity this response contains.
+    */
+    responseType: ResponseObjectType = ResponseObjectType.USERPERMISSIONS;
+
+    /**
+     * The permissions directly granted to the group.
+     */
+    @IsArray()
+    @IsOptional()
+    directlyGranted: ResponsePermission[] = new Array<ResponsePermission>();
+
+    /**
+     * Is just here for compatability.
+     */
+    @IsArray()
+    @IsOptional()
+    inherited: ResponsePermission[] = new Array<ResponsePermission>();
+
+    /**
+     * Creates a ResponseUserPermissions object from a group.
+     * @param group The group the response shall be build for.
+     */
+    public constructor(group: UserGroup) {
+        for (let permission of group.permissions) {
+            this.directlyGranted.push(permission.toResponse());
+        }
+    }
+}

src/seeds/SeedUsers.ts

@@ -1,22 +1,22 @@
+import * as argon2 from "argon2";
 import { Connection } from 'typeorm';
 import { Factory, Seeder } from 'typeorm-seeding';
+import * as uuid from 'uuid';
 import { CreatePermission } from '../models/actions/create/CreatePermission';
-import { CreateUser } from '../models/actions/create/CreateUser';
 import { CreateUserGroup } from '../models/actions/create/CreateUserGroup';
 import { Permission } from '../models/entities/Permission';
 import { User } from '../models/entities/User';
 import { UserGroup } from '../models/entities/UserGroup';
 import { PermissionAction } from '../models/enums/PermissionAction';
 import { PermissionTarget } from '../models/enums/PermissionTargets';
-
 /**
  * Seeds a admin group with a demo user into the database for initial setup and auto recovery.
- * We know that the nameing isn't perfectly fitting. Feel free to change it.
+ * We know that the naming isn't perfectly fitting. Feel free to change it.
  */
 export default class SeedUsers implements Seeder {
     public async run(factory: Factory, connection: Connection): Promise<any> {
         let adminGroup: UserGroup = await this.createAdminGroup(connection);
-        await this.createUser(connection, adminGroup.id);
+        await this.createUser(connection, adminGroup);
         await this.createPermissions(connection, adminGroup.id);
     }
 
@@ -27,15 +27,16 @@ export default class SeedUsers implements Seeder {
         return await connection.getRepository(UserGroup).save(await adminGroup.toEntity());
     }
 
-    public async createUser(connection: Connection, group: number) {
-        let initialUser = new CreateUser();
+    public async createUser(connection: Connection, group: UserGroup) {
+        let initialUser = new User();
         initialUser.firstname = "demo";
         initialUser.lastname = "demo";
         initialUser.username = "demo";
-        initialUser.password = "demo";
+        initialUser.uuid = uuid.v4();
+        initialUser.password = await argon2.hash("demo" + initialUser.uuid);
         initialUser.email = "demo@dev.lauf-fuer-kaya.de"
-        initialUser.groups = group;
-        return await connection.getRepository(User).save(await initialUser.toEntity());
+        initialUser.groups = [group];
+        return await connection.getRepository(User).save(initialUser);
     }
 
     public async createPermissions(connection: Connection, principal: number) {

src/static/mail_templates/pw-reset.html

@@ -1,384 +0,0 @@
-
-<!DOCTYPE html>
-<html lang="de" xmlns="http://www.w3.org/1999/xhtml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:v="urn:schemas-microsoft-com:vml">
-<head>
-    <title>LfK! - Passwort zurücksetzen</title> <!-- The title tag shows in email notifications, like Android 4.4. -->
-    <meta charset="utf-8"> <!-- utf-8 works for most cases -->
-    <meta http-equiv="Content-Type" content="text/html charset=UTF-8" />
-    <meta name="viewport" content="width=device-width"> <!-- Forcing initial-scale shouldn't be necessary -->
-    <meta http-equiv="X-UA-Compatible" content="IE=edge"> <!-- Use the latest (edge) version of IE rendering engine -->
-    <meta name="x-apple-disable-message-reformatting"> <!-- Disable auto-scale in iOS 10 Mail entirely -->
-    <meta name="format-detection" content="telephone=no,address=no,email=no,date=no,url=no"> <!-- Tell iOS not to automatically link certain text strings. -->
-
-    <!-- CSS Reset : BEGIN -->
-    <style>
-        /* What it does: Remove spaces around the email design added by some email clients. */
-        /* Beware: It can remove the padding / margin and add a background color to the compose a reply window. */
-        html,
-        body {
-            margin: 0 auto !important;
-            padding: 0 !important;
-            height: 100% !important;
-            width: 100% !important;
-        }
-
-        /* What it does: Stops email clients resizing small text. */
-        * {
-            -ms-text-size-adjust: 100%;
-            -webkit-text-size-adjust: 100%;
-        }
-
-        /* What it does: Centers email on Android 4.4 */
-        div[style*="margin: 16px 0"] {
-            margin:0 !important;
-        }
-
-        /* What it does: Stops Outlook from adding extra spacing to tables. */
-        table,
-        td {
-            mso-table-lspace: 0pt !important;
-            mso-table-rspace: 0pt !important;
-        }
-
-        /* What it does: Fixes webkit padding issue. */
-        table {
-            border: 0;
-            border-spacing: 0;
-            border-collapse: collapse
-        }
-
-        /* What it does: Forces Samsung Android mail clients to use the entire viewport. */
-        #MessageViewBody,
-        #MessageWebViewDiv{
-            width: 100% !important;
-        }
-
-        /* What it does: Uses a better rendering method when resizing images in IE. */
-        img {
-            -ms-interpolation-mode:bicubic;
-        }
-
-        /* What it does: Prevents Windows 10 Mail from underlining links despite inline CSS. Styles for underlined links should be inline. */
-        a {
-            text-decoration: none;
-        }
-
-        /* What it does: A work-around for email clients automatically linking certain text strings. */
-        /* iOS */
-        a[x-apple-data-detectors],
-        .unstyle-auto-detected-links a,
-        .aBn {
-            border-bottom: 0 !important;
-            cursor: default !important;
-            color: inherit !important;
-            text-decoration: none !important;
-            font-size: inherit !important;
-            font-family: inherit !important;
-            font-weight: inherit !important;
-            line-height: inherit !important;
-        }
-        u + #body a,        /* Gmail */
-        #MessageViewBody a  /* Samsung Mail */
-        {
-           color: inherit;
-           text-decoration: none;
-           font-size: inherit;
-           font-family: inherit;
-           font-weight: inherit;
-           line-height: inherit;
-        }
-
-        /* What it does: Prevents Gmail from changing the text color in conversation threads. */
-        .im {
-            color: inherit !important;
-        }
-
-        /* What it does: Prevents Gmail from displaying an download button on large, non-linked images. */
-        .a6S {
-            display: none !important;
-            opacity: 0.01 !important;
-        }
-        /* If the above doesn't work, add a .g-img class to any image in question. */
-        img.g-img + div {
-            display:none !important;
-        }
-
-        /* What it does: Removes right gutter in Gmail iOS app: https://github.com/TedGoas/Cerberus/issues/89  */
-        /* Create one of these media queries for each additional viewport size you'd like to fix */
-
-        /* iPhone 4, 4S, 5, 5S, 5C, and 5SE */
-        @media only screen and (min-device-width: 320px) and (max-device-width: 374px) {
-            u ~ div .email-container {
-                min-width: 320px !important;
-            }
-        }
-        /* iPhone 6, 6S, 7, 8, and X */
-        @media only screen and (min-device-width: 375px) and (max-device-width: 413px) {
-            u ~ div .email-container {
-                min-width: 375px !important;
-            }
-        }
-        /* iPhone 6+, 7+, and 8+ */
-        @media only screen and (min-device-width: 414px) {
-            u ~ div .email-container {
-                min-width: 414px !important;
-            }
-        }
-    </style>
-    <!-- What it does: Helps DPI scaling in Outlook 2007-2013 -->
-    <!--[if gte mso 9]>
-    <xml>
-        <o:OfficeDocumentSettings>
-            <o:AllowPNG/>
-            <o:PixelsPerInch>96</o:PixelsPerInch>
-        </o:OfficeDocumentSettings>
-        </xml>
-    <![endif]-->
-
-    <!-- CSS Reset : END -->
-
-    <!-- Progressive Enhancements : BEGIN -->
-    <style>
-        /* What it does: Hover styles for buttons and tags */
-        .s-btn__primary:hover {
-            background: #0077CC !important;
-            border-color: #0077CC !important;
-        }
-        .s-btn__white:hover {
-            background: #EFF0F1 !important;
-            border-color: #EFF0F1 !important;
-        }
-        .s-btn__outlined:hover {
-            background: rgba(0,119,204,.05) !important;
-            color: #005999 !important;
-        }
-        .s-tag:hover,
-        .post-tag:hover {
-            border-color: #cee0ed !important;
-            background: #cee0ed !important;
-        }
-
-        /* What it does: Styles markdown links that we can't write inline CSS for. */
-        .has-markdown a,
-        .has-markdown a:visited {
-            color: #0077CC !important;
-            text-decoration: none !important;
-        }
-
-        /* What it does: Styles markdown code blocks that we can't write inline CSS for. */
-        code {
-            padding: 1px 5px;
-            background-color: #EFF0F1;
-            color: #242729;
-            font-size: 13px;
-            line-height: inherit;
-            font-family: Consolas, Menlo, Monaco, Lucida Console, Liberation Mono, DejaVu Sans Mono, Bitstream Vera Sans Mono, Courier New, monospace, sans-serif;
-        }
-        pre {
-            margin: 0 0 15px;
-            line-height: 17px;
-            background-color: #EFF0F1;
-            padding: 4px 8px;
-            border-radius: 3px;
-            overflow-x: auto;
-        }
-        pre code {
-            margin: 0 0 15px;
-            padding: 0;
-            line-height: 17px;
-            background-color: none;
-        }
-
-        /* What it does: Styles markdown blockquotes that we can't write inline CSS for. */
-        blockquote {
-            margin: 0 0 15px;
-            padding: 4px 10px;
-            background-color: #FFF8DC;
-            border-left: 2px solid #ffeb8e;
-        }
-        blockquote p {
-            padding: 4px 0;
-            margin: 0;
-            overflow-wrap: break-word;
-        }
-
-        /* What it does: Rounds corners in email clients that support it */
-        .bar {
-            border-radius: 5px;
-        }
-        .btr {
-            border-top-left-radius: 5px;
-            border-top-right-radius: 5px;
-        }
-        .bbr {
-            border-bottom-left-radius: 5px;
-            border-bottom-right-radius: 5px;
-        }
-
-        @media screen and (max-width: 680px) {
-            /* What it does: Forces table cells into full-width rows. */
-            .stack-column,
-            .stack-column-center {
-                display: block !important;
-                width: 100% !important;
-                max-width: 100% !important;
-                direction: ltr !important;
-            }
-            /* And center justify these ones. */
-            .stack-column-center {
-                text-align: center !important;
-            }
-
-            /* Hides things in small viewports. */
-            .hide-on-mobile {
-                display: none !important;
-                max-height: 0 !important;
-                overflow: hidden !important;
-                visibility: hidden !important;
-            }
-
-            /* What it does: Utility classes to reduce spacing for smaller viewports. */
-            .sm-p-none  {padding: 0 !important;}
-            .sm-pt-none {padding-top: 0 !important;}
-            .sm-pb-none {padding-bottom: 0 !important;}
-            .sm-pr-none {padding-right: 0 !important;}
-            .sm-pl-none {padding-left: 0 !important;}
-            .sm-px-none {padding-left: 0 !important; padding-right: 0 !important;}
-            .sm-py-none {padding-top: 0 !important; padding-bottom: 0 !important;}
-
-            .sm-p   {padding: 20px !important;}
-            .sm-pt  {padding-top: 20px !important;}
-            .sm-pb  {padding-bottom: 20px !important;}
-            .sm-pr  {padding-right: 20px !important;}
-            .sm-pl  {padding-left: 20px !important;}
-            .sm-px  {padding-left: 20px !important; padding-right: 20px !important;}
-            .sm-py  {padding-top: 20px !important; padding-bottom: 20px !important;}
-            .sm-mb  {margin-bottom: 20px !important;}
-
-            /* What it does: Utility classes to kill border radius for smaller viewports. Used mainly on the email's main container(s). */
-            .bar,
-            .btr,
-            .bbr {
-                border-top-left-radius: 0;
-                border-top-right-radius: 0;
-                border-bottom-left-radius: 0;
-                border-bottom-right-radius: 0;
-            }
-        }
-    </style>
-    <!-- Progressive Enhancements : END -->
-</head>
-
-<!--
-    The email background color is defined in three places, just below. If you change one, remember to change the others.
-    1. body tag: for most email clients
-    2. center tag: for Gmail and Inbox mobile apps and web versions of Gmail, GSuite, Inbox, Yahoo, AOL, Libero, Comcast, freenet, Mail.ru, Orange.fr
-    3. mso conditional: For Windows 10 Mail
--->
-<body width="100%" style="margin: 0; padding: 0 !important; background: #f3f3f5; mso-line-height-rule: exactly;">
-    <center style="width: 100%; background: #f3f3f5;">
-    <!--[if mso | IE]>
-    <table role="presentation" border="0" cellpadding="0" cellspacing="0" width="100%" style="background-color: #f3f3f5;">
-    <tr>
-    <td>
-    <![endif]-->
-
-        <!-- Visually Hidden Preview Text : BEGIN -->
-        <div style="display: none; font-size: 1px; line-height: 1px; max-height: 0px; max-width: 0px; opacity: 0; overflow: hidden; mso-hide: all; font-family: sans-serif;">
-            LfK! - Password reset
-        </div>
-        <!-- Visually Hidden Preview Text : END -->
-
-        <div class="email-container" style="max-width: 680px; margin: 0 auto;">
-            <!--[if mso]>
-            <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="680" align="center">
-            <tr>
-            <td>
-            <![endif]-->
-            <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="max-width: 680px; width:100%">
-                <tr>
-                    <td style="padding: 30px; background-color: #ffffff;" class="sm-p bar">
-                        <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;">
-                            <tr>
-                                <td style="padding-bottom: 15px; font-family: arial, sans-serif; font-size: 15px; line-height: 21px; color: #3C3F44; text-align: left;">
-                                    <h1 style="font-weight: bold; font-size: 27px; line-height: 27px; color: #0C0D0E; margin: 0 0 15px 0;">LfK!</h1>
-                                </td>
-                            </tr>
-                            <tr>
-                                <td style="padding-bottom: 15px; font-family: arial, sans-serif; font-size: 15px; line-height: 21px; color: #3C3F44; text-align: left;">
-                                    <h1 style="font-weight: bold; font-size: 21px; line-height: 21px; color: #0C0D0E; margin: 0 0 15px 0;">Password reset</h1>
-                                    <p style="margin: 0 0 15px;" class="has-markdown">A password reset for your account got requested.<br><b>If you didn't request the reset please ignore this mail.</b><br>Your password won't be changed until you click the reset link below and set a new one.</p>
-                                </td>
-                            </tr>
-                            <!-- Button Row : BEGIN -->
-                            <tr>
-                                <td>
-                                    <!-- Button : BEGIN -->
-                                    <table align="left" border="0" cellpadding="0" cellspacing="0" role="presentation">
-                                        <tr>
-                                            <td class="s-btn s-btn__primary" style="border-radius: 4px; background: #0095ff;">
-                                                <a class="s-btn s-btn__primary" href="{{reset_link}}" target="_parent" style="background: #0095FF; border: 1px solid #0077cc; box-shadow: inset 0 1px 0 0 rgba(102,191,255,.75); font-family: arial, sans-serif; font-size: 17px; line-height: 17px; color: #ffffff; text-align: center; text-decoration: none; padding: 13px 17px; display: block; border-radius: 4px; white-space: nowrap;">Reset password</a>
-                                            </td>
-                                        </tr>
-                                    </table>
-                                    <!-- Button : END -->
-                                </td>
-                            </tr>
-                            <!-- Button Row : END -->
-                        </table>
-                    </td>
-                </tr>
-
-                <!-----------------------------
-
-                    EMAIL BODY : END
-
-                ------------------------------>
-
-                <!-- Footer : BEGIN -->
-                <tr>
-                    <td style="padding: 30px;" class="sm-p">
-                        <table align="left" border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%">
-                            <!-- Subscription Info : BEGIN -->
-                            <tr>
-                                <td style="padding-bottom: 10px; font-size: 12px; line-height: 15px; font-family: arial, sans-serif; color: #9199A1; text-align: left;">
-                                    Copyright © {{copyright_owner}}. All rights reserved.
-                                </td>
-                            </tr>
-                            <tr>
-                                <td style="font-size: 12px; line-height: 15px; font-family: arial, sans-serif; color: #9199A1; text-align: left;">
-                                    <a href="{{link_imprint}}"
-                                    style="color: #9199A1; text-decoration: underline;">Imprint</a>&nbsp;&nbsp;&nbsp;&nbsp;
-                                    <a href="{{link_privacy}}" style="color: #9199A1; text-decoration: underline;">Privacy</a>
-                                </td>
-                            </tr>
-                            <!-- Subscription Info : BEGIN -->
-                            <!-- HR line : BEGIN -->
-                            <tr>
-                                <td style="padding: 30px 0;" width="100%" class="sm-py">
-                                    <table aria-hidden="true" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%">
-                                        <tr>
-                                            <td height="1" width="100%" style="font-size: 0; line-height: 0; border-top: 1px solid #D6D8DB;">&nbsp;</td>
-                                        </tr>
-                                    </table>
-                                </td>
-                            </tr>
-                            <!-- HR line : END -->
-                            <tr>
-                                <td style="padding-bottom: 5px; font-size: 12px; line-height: 15px; font-family: arial, sans-serif; color: #9199A1; text-align: left;">This mail was sent to <strong>{{recipient_mail}}</strong> because someone request a password reset for a account linked to the mail address.</td>
-                            </tr>
-                            <!-- Sender Info : END -->
-                        </table>
-                    </td>
-                </tr>
-                <!-- Footer : END -->
-            </table>
-        </div>
-    <!--[if mso | IE]>
-    </td>
-    </tr>
-    </table>
-    <![endif]-->
-    </center>
-</body>
-</html>

src/static/mail_templates/pw-reset.txt

@@ -1,12 +0,0 @@
-LfK! - Password reset.
-
-A password reset for your account got requested
-If you didn't request the reset please ignore this mail
-Your password won't be changed until you click the reset link below and set a new one.
-
-Reset: {{reset_link}}
-
-
-Copyright © {{copyright_owner}}. All rights reserved.
-Imprint: {{link_imprint}} | Privacy: {{link_privacy}}
-This mail was sent to {{recipient_mail}} because someone request a password reset for a account linked to the mail address.

src/static/mail_templates/test.html

@@ -1,369 +0,0 @@
-
-<!DOCTYPE html>
-<html lang="de" xmlns="http://www.w3.org/1999/xhtml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:v="urn:schemas-microsoft-com:vml">
-<head>
-    <title>LfK! - Mail test</title> <!-- The title tag shows in email notifications, like Android 4.4. -->
-    <meta charset="utf-8"> <!-- utf-8 works for most cases -->
-    <meta http-equiv="Content-Type" content="text/html charset=UTF-8" />
-    <meta name="viewport" content="width=device-width"> <!-- Forcing initial-scale shouldn't be necessary -->
-    <meta http-equiv="X-UA-Compatible" content="IE=edge"> <!-- Use the latest (edge) version of IE rendering engine -->
-    <meta name="x-apple-disable-message-reformatting"> <!-- Disable auto-scale in iOS 10 Mail entirely -->
-    <meta name="format-detection" content="telephone=no,address=no,email=no,date=no,url=no"> <!-- Tell iOS not to automatically link certain text strings. -->
-
-    <!-- CSS Reset : BEGIN -->
-    <style>
-        /* What it does: Remove spaces around the email design added by some email clients. */
-        /* Beware: It can remove the padding / margin and add a background color to the compose a reply window. */
-        html,
-        body {
-            margin: 0 auto !important;
-            padding: 0 !important;
-            height: 100% !important;
-            width: 100% !important;
-        }
-
-        /* What it does: Stops email clients resizing small text. */
-        * {
-            -ms-text-size-adjust: 100%;
-            -webkit-text-size-adjust: 100%;
-        }
-
-        /* What it does: Centers email on Android 4.4 */
-        div[style*="margin: 16px 0"] {
-            margin:0 !important;
-        }
-
-        /* What it does: Stops Outlook from adding extra spacing to tables. */
-        table,
-        td {
-            mso-table-lspace: 0pt !important;
-            mso-table-rspace: 0pt !important;
-        }
-
-        /* What it does: Fixes webkit padding issue. */
-        table {
-            border: 0;
-            border-spacing: 0;
-            border-collapse: collapse
-        }
-
-        /* What it does: Forces Samsung Android mail clients to use the entire viewport. */
-        #MessageViewBody,
-        #MessageWebViewDiv{
-            width: 100% !important;
-        }
-
-        /* What it does: Uses a better rendering method when resizing images in IE. */
-        img {
-            -ms-interpolation-mode:bicubic;
-        }
-
-        /* What it does: Prevents Windows 10 Mail from underlining links despite inline CSS. Styles for underlined links should be inline. */
-        a {
-            text-decoration: none;
-        }
-
-        /* What it does: A work-around for email clients automatically linking certain text strings. */
-        /* iOS */
-        a[x-apple-data-detectors],
-        .unstyle-auto-detected-links a,
-        .aBn {
-            border-bottom: 0 !important;
-            cursor: default !important;
-            color: inherit !important;
-            text-decoration: none !important;
-            font-size: inherit !important;
-            font-family: inherit !important;
-            font-weight: inherit !important;
-            line-height: inherit !important;
-        }
-        u + #body a,        /* Gmail */
-        #MessageViewBody a  /* Samsung Mail */
-        {
-           color: inherit;
-           text-decoration: none;
-           font-size: inherit;
-           font-family: inherit;
-           font-weight: inherit;
-           line-height: inherit;
-        }
-
-        /* What it does: Prevents Gmail from changing the text color in conversation threads. */
-        .im {
-            color: inherit !important;
-        }
-
-        /* What it does: Prevents Gmail from displaying an download button on large, non-linked images. */
-        .a6S {
-            display: none !important;
-            opacity: 0.01 !important;
-        }
-        /* If the above doesn't work, add a .g-img class to any image in question. */
-        img.g-img + div {
-            display:none !important;
-        }
-
-        /* What it does: Removes right gutter in Gmail iOS app: https://github.com/TedGoas/Cerberus/issues/89  */
-        /* Create one of these media queries for each additional viewport size you'd like to fix */
-
-        /* iPhone 4, 4S, 5, 5S, 5C, and 5SE */
-        @media only screen and (min-device-width: 320px) and (max-device-width: 374px) {
-            u ~ div .email-container {
-                min-width: 320px !important;
-            }
-        }
-        /* iPhone 6, 6S, 7, 8, and X */
-        @media only screen and (min-device-width: 375px) and (max-device-width: 413px) {
-            u ~ div .email-container {
-                min-width: 375px !important;
-            }
-        }
-        /* iPhone 6+, 7+, and 8+ */
-        @media only screen and (min-device-width: 414px) {
-            u ~ div .email-container {
-                min-width: 414px !important;
-            }
-        }
-    </style>
-    <!-- What it does: Helps DPI scaling in Outlook 2007-2013 -->
-    <!--[if gte mso 9]>
-    <xml>
-        <o:OfficeDocumentSettings>
-            <o:AllowPNG/>
-            <o:PixelsPerInch>96</o:PixelsPerInch>
-        </o:OfficeDocumentSettings>
-        </xml>
-    <![endif]-->
-
-    <!-- CSS Reset : END -->
-
-    <!-- Progressive Enhancements : BEGIN -->
-    <style>
-        /* What it does: Hover styles for buttons and tags */
-        .s-btn__primary:hover {
-            background: #0077CC !important;
-            border-color: #0077CC !important;
-        }
-        .s-btn__white:hover {
-            background: #EFF0F1 !important;
-            border-color: #EFF0F1 !important;
-        }
-        .s-btn__outlined:hover {
-            background: rgba(0,119,204,.05) !important;
-            color: #005999 !important;
-        }
-        .s-tag:hover,
-        .post-tag:hover {
-            border-color: #cee0ed !important;
-            background: #cee0ed !important;
-        }
-
-        /* What it does: Styles markdown links that we can't write inline CSS for. */
-        .has-markdown a,
-        .has-markdown a:visited {
-            color: #0077CC !important;
-            text-decoration: none !important;
-        }
-
-        /* What it does: Styles markdown code blocks that we can't write inline CSS for. */
-        code {
-            padding: 1px 5px;
-            background-color: #EFF0F1;
-            color: #242729;
-            font-size: 13px;
-            line-height: inherit;
-            font-family: Consolas, Menlo, Monaco, Lucida Console, Liberation Mono, DejaVu Sans Mono, Bitstream Vera Sans Mono, Courier New, monospace, sans-serif;
-        }
-        pre {
-            margin: 0 0 15px;
-            line-height: 17px;
-            background-color: #EFF0F1;
-            padding: 4px 8px;
-            border-radius: 3px;
-            overflow-x: auto;
-        }
-        pre code {
-            margin: 0 0 15px;
-            padding: 0;
-            line-height: 17px;
-            background-color: none;
-        }
-
-        /* What it does: Styles markdown blockquotes that we can't write inline CSS for. */
-        blockquote {
-            margin: 0 0 15px;
-            padding: 4px 10px;
-            background-color: #FFF8DC;
-            border-left: 2px solid #ffeb8e;
-        }
-        blockquote p {
-            padding: 4px 0;
-            margin: 0;
-            overflow-wrap: break-word;
-        }
-
-        /* What it does: Rounds corners in email clients that support it */
-        .bar {
-            border-radius: 5px;
-        }
-        .btr {
-            border-top-left-radius: 5px;
-            border-top-right-radius: 5px;
-        }
-        .bbr {
-            border-bottom-left-radius: 5px;
-            border-bottom-right-radius: 5px;
-        }
-
-        @media screen and (max-width: 680px) {
-            /* What it does: Forces table cells into full-width rows. */
-            .stack-column,
-            .stack-column-center {
-                display: block !important;
-                width: 100% !important;
-                max-width: 100% !important;
-                direction: ltr !important;
-            }
-            /* And center justify these ones. */
-            .stack-column-center {
-                text-align: center !important;
-            }
-
-            /* Hides things in small viewports. */
-            .hide-on-mobile {
-                display: none !important;
-                max-height: 0 !important;
-                overflow: hidden !important;
-                visibility: hidden !important;
-            }
-
-            /* What it does: Utility classes to reduce spacing for smaller viewports. */
-            .sm-p-none  {padding: 0 !important;}
-            .sm-pt-none {padding-top: 0 !important;}
-            .sm-pb-none {padding-bottom: 0 !important;}
-            .sm-pr-none {padding-right: 0 !important;}
-            .sm-pl-none {padding-left: 0 !important;}
-            .sm-px-none {padding-left: 0 !important; padding-right: 0 !important;}
-            .sm-py-none {padding-top: 0 !important; padding-bottom: 0 !important;}
-
-            .sm-p   {padding: 20px !important;}
-            .sm-pt  {padding-top: 20px !important;}
-            .sm-pb  {padding-bottom: 20px !important;}
-            .sm-pr  {padding-right: 20px !important;}
-            .sm-pl  {padding-left: 20px !important;}
-            .sm-px  {padding-left: 20px !important; padding-right: 20px !important;}
-            .sm-py  {padding-top: 20px !important; padding-bottom: 20px !important;}
-            .sm-mb  {margin-bottom: 20px !important;}
-
-            /* What it does: Utility classes to kill border radius for smaller viewports. Used mainly on the email's main container(s). */
-            .bar,
-            .btr,
-            .bbr {
-                border-top-left-radius: 0;
-                border-top-right-radius: 0;
-                border-bottom-left-radius: 0;
-                border-bottom-right-radius: 0;
-            }
-        }
-    </style>
-    <!-- Progressive Enhancements : END -->
-</head>
-
-<!--
-    The email background color is defined in three places, just below. If you change one, remember to change the others.
-    1. body tag: for most email clients
-    2. center tag: for Gmail and Inbox mobile apps and web versions of Gmail, GSuite, Inbox, Yahoo, AOL, Libero, Comcast, freenet, Mail.ru, Orange.fr
-    3. mso conditional: For Windows 10 Mail
--->
-<body width="100%" style="margin: 0; padding: 0 !important; background: #f3f3f5; mso-line-height-rule: exactly;">
-    <center style="width: 100%; background: #f3f3f5;">
-    <!--[if mso | IE]>
-    <table role="presentation" border="0" cellpadding="0" cellspacing="0" width="100%" style="background-color: #f3f3f5;">
-    <tr>
-    <td>
-    <![endif]-->
-
-        <!-- Visually Hidden Preview Text : BEGIN -->
-        <div style="display: none; font-size: 1px; line-height: 1px; max-height: 0px; max-width: 0px; opacity: 0; overflow: hidden; mso-hide: all; font-family: sans-serif;">
-            LfK! - Mail test
-        </div>
-        <!-- Visually Hidden Preview Text : END -->
-
-        <div class="email-container" style="max-width: 680px; margin: 0 auto;">
-            <!--[if mso]>
-            <table role="presentation" cellspacing="0" cellpadding="0" border="0" width="680" align="center">
-            <tr>
-            <td>
-            <![endif]-->
-            <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="max-width: 680px; width:100%">
-                <tr>
-                    <td style="padding: 30px; background-color: #ffffff;" class="sm-p bar">
-                        <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;">
-                            <tr>
-                                <td style="padding-bottom: 15px; font-family: arial, sans-serif; font-size: 15px; line-height: 21px; color: #3C3F44; text-align: left;">
-                                    <h1 style="font-weight: bold; font-size: 27px; line-height: 27px; color: #0C0D0E; margin: 0 0 15px 0;">LfK!</h1>
-                                </td>
-                            </tr>
-                            <tr>
-                                <td style="padding-bottom: 15px; font-family: arial, sans-serif; font-size: 15px; line-height: 21px; color: #3C3F44; text-align: left;">
-                                    <h1 style="font-weight: bold; font-size: 21px; line-height: 21px; color: #0C0D0E; margin: 0 0 15px 0;">Test mail</h1>
-                                    <p style="margin: 0 0 15px;" class="has-markdown">This is a test mail triggered by an admin in the LfK! backend.</p>
-                                </td>
-                            </tr>
-                        </table>
-                    </td>
-                </tr>
-
-                <!-----------------------------
-
-                    EMAIL BODY : END
-
-                ------------------------------>
-
-                <!-- Footer : BEGIN -->
-                <tr>
-                    <td style="padding: 30px;" class="sm-p">
-                        <table align="left" border="0" cellpadding="0" cellspacing="0" role="presentation" width="100%">
-                            <!-- Subscription Info : BEGIN -->
-                            <tr>
-                                <td style="padding-bottom: 10px; font-size: 12px; line-height: 15px; font-family: arial, sans-serif; color: #9199A1; text-align: left;">
-                                    Copyright © {{copyright_owner}}. All rights reserved.
-                                </td>
-                            </tr>
-                            <tr>
-                                <td style="font-size: 12px; line-height: 15px; font-family: arial, sans-serif; color: #9199A1; text-align: left;">
-                                    <a href="{{link_imprint}}"
-                                    style="color: #9199A1; text-decoration: underline;">Imprint</a>&nbsp;&nbsp;&nbsp;&nbsp;
-                                    <a href="{{link_privacy}}" style="color: #9199A1; text-decoration: underline;">Privacy</a>
-                                </td>
-                            </tr>
-                            <!-- Subscription Info : BEGIN -->
-                            <!-- HR line : BEGIN -->
-                            <tr>
-                                <td style="padding: 30px 0;" width="100%" class="sm-py">
-                                    <table aria-hidden="true" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%">
-                                        <tr>
-                                            <td height="1" width="100%" style="font-size: 0; line-height: 0; border-top: 1px solid #D6D8DB;">&nbsp;</td>
-                                        </tr>
-                                    </table>
-                                </td>
-                            </tr>
-                            <!-- HR line : END -->
-                            <tr>
-                                <td style="padding-bottom: 5px; font-size: 12px; line-height: 15px; font-family: arial, sans-serif; color: #9199A1; text-align: left;">This mail was sent to <strong>{{recipient_mail}}</strong> because someone request a mail test for this mail address.</td>
-                            </tr>
-                            <!-- Sender Info : END -->
-                        </table>
-                    </td>
-                </tr>
-                <!-- Footer : END -->
-            </table>
-        </div>
-    <!--[if mso | IE]>
-    </td>
-    </tr>
-    </table>
-    <![endif]-->
-    </center>
-</body>
-</html>

src/static/mail_templates/test.txt

@@ -1,8 +0,0 @@
-LfK! - Mail test.
-
-This is a test mail triggered by an admin in the LfK! backend.
-
-
-Copyright © {{copyright_owner}}. All rights reserved.
-Imprint: {{link_imprint}} | Privacy: {{link_privacy}}
-This mail was sent to {{recipient_mail}} because someone requested a mail test for this mail address.

src/tests/auth/auth_login.spec.ts

@@ -5,6 +5,7 @@ const base = "http://localhost:" + config.internal_port
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     axios_config = {
         validateStatus: undefined
     };

src/tests/auth/auth_logout.spec.ts

@@ -8,14 +8,15 @@ const axios_config = {
 };;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res_login = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_logout",
-        "middlename": "demo_logout",
-        "lastname": "demo_logout",
-        "username": "demo_logout",
-        "password": "demo_logout",
-        "email": "demo_logout@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_logoutASD123",
+        "middlename": "demo_logoutASD123",
+        "lastname": "demo_logoutASD123",
+        "username": "demo_logoutASD123",
+        "password": "demo_logoutASD123",
+        "email": "demo_logoutASD123@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
@@ -25,7 +26,7 @@ beforeAll(async () => {
 describe('POST /api/auth/logout valid', () => {
     let refresh_coookie;
     it('valid logout with token in cookie should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logout", password: "demo_logout" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logoutASD123", password: "demo_logoutASD123" });
         refresh_coookie = res_login.headers["set-cookie"];
         const res = await axios.post(base + '/api/auth/logout', null, {
             headers: { "Cookie": refresh_coookie },
@@ -34,7 +35,7 @@ describe('POST /api/auth/logout valid', () => {
         expect(res.status).toEqual(200);
     });
     it('valid logout with token in body should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logout", password: "demo_logout" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logoutASD123", password: "demo_logoutASD123" });
         const res = await axios.post(base + '/api/auth/logout', { token: res_login.data["refresh_token"] }, axios_config);
         expect(res.status).toEqual(200);
     });

src/tests/auth/auth_refresh.spec.ts

@@ -8,14 +8,15 @@ const axios_config = {
 };;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res_login = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_refresh",
-        "middlename": "demo_refresh",
-        "lastname": "demo_refresh",
-        "username": "demo_refresh",
-        "password": "demo_refresh",
-        "email": "demo_refresh@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_refreshASD312",
+        "middlename": "demo_refreshASD312",
+        "lastname": "demo_refreshASD312",
+        "username": "demo_refreshASD312",
+        "password": "demo_refreshASD312",
+        "email": "demo_refreshASD312@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
@@ -24,7 +25,7 @@ beforeAll(async () => {
 
 describe('POST /api/auth/refresh valid', () => {
     it('valid refresh with token in cookie should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refresh", password: "demo_refresh" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refreshASD312", password: "demo_refreshASD312" });
         const res = await axios.post(base + '/api/auth/refresh', null, {
             headers: { "Cookie": res_login.headers["set-cookie"] },
             validateStatus: undefined
@@ -32,7 +33,7 @@ describe('POST /api/auth/refresh valid', () => {
         expect(res.status).toEqual(200);
     });
     it('valid refresh with token in body should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refresh", password: "demo_refresh" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refreshASD312", password: "demo_refreshASD312" });
         const res = await axios.post(base + '/api/auth/refresh', { token: res_login.data["refresh_token"] }, axios_config);
         expect(res.status).toEqual(200);
     });

src/tests/auth/auth_reset.spec.ts

@@ -8,25 +8,26 @@ const axios_config = {
 };;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res_login = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_reset",
-        "middlename": "demo_reset",
-        "lastname": "demo_reset",
-        "username": "demo_reset",
-        "password": "demo_reset",
-        "email": "demo_reset1@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_resetASD312",
+        "middlename": "demo_resetASD312",
+        "lastname": "demo_resetASD312",
+        "username": "demo_resetASD312",
+        "password": "demo_resetASD312",
+        "email": "demo_resetASD3121@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
     });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_reset2",
-        "middlename": "demo_reset2",
-        "lastname": "demo_reset2",
-        "username": "demo_reset2",
-        "password": "demo_reset2",
-        "email": "demo_reset2@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_resetASD3122",
+        "middlename": "demo_resetASD3122",
+        "lastname": "demo_resetASD3122",
+        "username": "demo_resetASD3122",
+        "password": "demo_resetASD3122",
+        "email": "demo_resetASD3122@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
@@ -35,8 +36,8 @@ beforeAll(async () => {
 
 describe('POST /api/auth/reset valid', () => {
     let reset_token;
-    it('valid reset token request should return 200', async () => {
-        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_reset1@dev.lauf-fuer-kaya.de" });
+    it('valid reset token request should return 200 (500 w/o correct auth)', async () => {
+        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_resetASD3121@dev.lauf-fuer-kaya.de" }, axios_config);
         reset_token = res1.data.resetToken;
         expect(res1.status).toEqual(200);
     });
@@ -44,8 +45,8 @@ describe('POST /api/auth/reset valid', () => {
 // ---------------
 describe('POST /api/auth/reset invalid requests', () => {
     it('request another password reset before the timeout should return 406', async () => {
-        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_reset2@dev.lauf-fuer-kaya.de" }, axios_config);
-        const res2 = await axios.post(base + '/api/auth/reset', { email: "demo_reset2@dev.lauf-fuer-kaya.de" }, axios_config);
+        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_resetASD3122@dev.lauf-fuer-kaya.de" }, axios_config);
+        const res2 = await axios.post(base + '/api/auth/reset', { email: "demo_resetASD3122@dev.lauf-fuer-kaya.de" }, axios_config);
         expect(res2.status).toEqual(406);
     });
 });

src/tests/cards/cards_add.spec.ts

@@ -1,151 +1,186 @@
-import axios from 'axios';
-import { config } from '../../config';
-const base = "http://localhost:" + config.internal_port
-
-let access_token;
-let axios_config;
-
-beforeAll(async () => {
-	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
-	access_token = res.data["access_token"];
-	axios_config = {
-		headers: { "authorization": "Bearer " + access_token },
-		validateStatus: undefined
-	};
-});
-
-
-describe('POST /api/cards illegally', () => {
-	it('non-existant runner input should return 404', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"runner": 999999999999999999999999
-		}, axios_config);
-		expect(res.status).toEqual(404);
-		expect(res.headers['content-type']).toContain("application/json")
-	});
-});
-// ---------------
-describe('POST /api/cards successfully (without runner)', () => {
-	it('creating a card with the minimum amount of parameters should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', null, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": null,
-			"enabled": true,
-			"responseType": "RUNNERCARD"
-		});
-	});
-	it('creating a disabled card should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"enabled": false
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": null,
-			"enabled": false,
-			"responseType": "RUNNERCARD"
-		});
-	});
-	it('creating a enabled card should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"enabled": true
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": null,
-			"enabled": true,
-			"responseType": "RUNNERCARD"
-		});
-	});
-});
-// ---------------
-describe('POST /api/cards successfully (with runner)', () => {
-	let added_org;
-	let added_runner;
-	it('creating a new org with just a name should return 200', async () => {
-		const res1 = await axios.post(base + '/api/organizations', {
-			"name": "test123"
-		}, axios_config);
-		added_org = res1.data
-		expect(res1.status).toEqual(200);
-		expect(res1.headers['content-type']).toContain("application/json")
-	});
-	it('creating a new runner with only needed params should return 200', async () => {
-		const res2 = await axios.post(base + '/api/runners', {
-			"firstname": "first",
-			"lastname": "last",
-			"group": added_org.id
-		}, axios_config);
-		delete res2.data.group;
-		added_runner = res2.data;
-		expect(res2.status).toEqual(200);
-		expect(res2.headers['content-type']).toContain("application/json")
-	});
-	it('creating a card with the minimum amount of parameters should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"runner": added_runner.id
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": added_runner,
-			"enabled": true,
-			"responseType": "RUNNERCARD"
-		});
-	});
-	it('creating a card with runner (no optional params) should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"runner": added_runner.id
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": added_runner,
-			"enabled": true,
-			"responseType": "RUNNERCARD"
-		});
-	});
-	it('creating a enabled card with runner should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"runner": added_runner.id,
-			"enabled": true
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": added_runner,
-			"enabled": true,
-			"responseType": "RUNNERCARD"
-		});
-	});
-	it('creating a disabled card with runner should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"runner": added_runner.id,
-			"enabled": false
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": added_runner,
-			"enabled": false,
-			"responseType": "RUNNERCARD"
-		});
-	});
+import axios from 'axios';
+import { config } from '../../config';
+const base = "http://localhost:" + config.internal_port
+
+let access_token;
+let axios_config;
+
+beforeAll(async () => {
+	jest.setTimeout(20000);
+	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
+	access_token = res.data["access_token"];
+	axios_config = {
+		headers: { "authorization": "Bearer " + access_token },
+		validateStatus: undefined
+	};
+});
+
+
+describe('POST /api/cards illegally', () => {
+	it('non-existant runner input should return 404', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"runner": 999999999999999999999999
+		}, axios_config);
+		expect(res.status).toEqual(404);
+		expect(res.headers['content-type']).toContain("application/json")
+	});
+});
+// ---------------
+describe('POST /api/cards successfully (without runner)', () => {
+	it('creating a card with the minimum amount of parameters should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', null, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": null,
+			"enabled": true,
+			"responseType": "RUNNERCARD"
+		});
+	});
+	it('creating a disabled card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"enabled": false
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": null,
+			"enabled": false,
+			"responseType": "RUNNERCARD"
+		});
+	});
+	it('creating a enabled card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"enabled": true
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": null,
+			"enabled": true,
+			"responseType": "RUNNERCARD"
+		});
+	});
+});
+// ---------------
+describe('POST /api/cards successfully (with runner)', () => {
+	let added_org;
+	let added_runner;
+	it('creating a new org with just a name should return 200', async () => {
+		const res1 = await axios.post(base + '/api/organizations', {
+			"name": "test123"
+		}, axios_config);
+		added_org = res1.data
+		expect(res1.status).toEqual(200);
+		expect(res1.headers['content-type']).toContain("application/json")
+	});
+	it('creating a new runner with only needed params should return 200', async () => {
+		const res2 = await axios.post(base + '/api/runners', {
+			"firstname": "first",
+			"lastname": "last",
+			"group": added_org.id
+		}, axios_config);
+		added_runner = res2.data;
+		expect(res2.status).toEqual(200);
+		expect(res2.headers['content-type']).toContain("application/json")
+	});
+	it('creating a card with the minimum amount of parameters should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"runner": added_runner.id
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": added_runner,
+			"enabled": true,
+			"responseType": "RUNNERCARD"
+		});
+	});
+	it('creating a card with runner (no optional params) should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"runner": added_runner.id
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": added_runner,
+			"enabled": true,
+			"responseType": "RUNNERCARD"
+		});
+	});
+	it('creating a enabled card with runner should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"runner": added_runner.id,
+			"enabled": true
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": added_runner,
+			"enabled": true,
+			"responseType": "RUNNERCARD"
+		});
+	});
+	it('creating a disabled card with runner should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"runner": added_runner.id,
+			"enabled": false
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": added_runner,
+			"enabled": false,
+			"responseType": "RUNNERCARD"
+		});
+	});
+});
+// ---------------
+describe('POST /api/cards/bulk successfully', () => {
+	it('creating a single new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=1', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
+	it('creating a single new bulk card and letting the system return it should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=1&returnCards=true', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data[0].id).toBeDefined();
+	});
+	it('creating 50 new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=50', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
+	it('creating 50 new bulk cards and letting the system return it should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=50&returnCards=true', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data.length).toEqual(50);
+	});
+	it('creating 250 new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=250', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
+	it('creating 2000 new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=2000', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
 });

src/tests/cards/cards_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/cards/cards_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/cards/cards_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {
@@ -63,7 +64,6 @@ describe('adding + updating card.runner successfully', () => {
 			"lastname": "last",
 			"group": added_org.id
 		}, axios_config);
-		delete res2.data.group;
 		added_runner = res2.data;
 		expect(res2.status).toEqual(200);
 		expect(res2.headers['content-type']).toContain("application/json")
@@ -74,7 +74,6 @@ describe('adding + updating card.runner successfully', () => {
 			"lastname": "last",
 			"group": added_org.id
 		}, axios_config);
-		delete res2.data.group;
 		added_runner2 = res2.data;
 		expect(res2.status).toEqual(200);
 		expect(res2.headers['content-type']).toContain("application/json")

src/tests/contacts/contact_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/contacts/contact_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/contacts/contact_get.spec.ts

@@ -5,6 +5,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/contacts/contact_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/create_mass_scans.ts

@@ -0,0 +1,19 @@
+import axios from 'axios';
+
+async function main() {
+    console.time("batches")
+    for (let i = 0; i < 100; i++) {
+        const batch = [];
+        for (let i = 0; i < 6; i++) {
+            batch.push(axios.post('http://localhost:4010/api/scans/trackscans', { card: 200000000001, station: 2 }, {
+                headers: {
+                    Authorization: 'Bearer 10F2E64.BB4F6CC5-2148-4CCF-88B5-0AA85D0508A9'
+                }
+            }))
+        }
+        await Promise.all(batch)
+        console.timeLog("batches", `Finished batch ${i}`)
+    }
+    console.timeEnd("batches")
+}
+main();

src/tests/donations/donations_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {
@@ -169,7 +170,7 @@ describe('POST /api/donations/fixed successfully', () => {
 		expect(res.status).toEqual(200);
 		expect(res.headers['content-type']).toContain("application/json")
 	});
-	it('creating a new fixed donation should return 200', async () => {
+	it('creating a new fixed donation with more params should return 200', async () => {
 		const res = await axios.post(base + '/api/donations/fixed', {
 			"donor": added_donor.id,
 			"amount": 1000
@@ -180,6 +181,25 @@ describe('POST /api/donations/fixed successfully', () => {
 		expect(res.data).toEqual({
 			"donor": added_donor,
 			"amount": 1000,
+			"paidAmount": 0,
+			"status": "OPEN",
+			"responseType": "DONATION"
+		});
+	});
+	it('creating a new fixed donation with all params should return 200', async () => {
+		const res = await axios.post(base + '/api/donations/fixed', {
+			"donor": added_donor.id,
+			"amount": 1000,
+			"paidAmount": 1000
+		}, axios_config);
+		delete res.data.id;
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data).toEqual({
+			"donor": added_donor,
+			"amount": 1000,
+			"paidAmount": 1000,
+			"status": "PAID",
 			"responseType": "DONATION"
 		});
 	});
@@ -218,7 +238,7 @@ describe('POST /api/donations/distance successfully', () => {
 		expect(res.status).toEqual(200);
 		expect(res.headers['content-type']).toContain("application/json")
 	});
-	it('creating a new fixed donation should return 200', async () => {
+	it('creating a new distance donation with most params should return 200', async () => {
 		const res = await axios.post(base + '/api/donations/distance', {
 			"runner": added_runner.id,
 			"amountPerDistance": 100,
@@ -232,6 +252,28 @@ describe('POST /api/donations/distance successfully', () => {
 			"amountPerDistance": 100,
 			"runner": added_runner,
 			"amount": 0,
+			"paidAmount": 0,
+			"status": "PAID",
+			"responseType": "DISTANCEDONATION"
+		})
+	});
+	it('creating a new distance donation with all params should return 200', async () => {
+		const res = await axios.post(base + '/api/donations/distance', {
+			"runner": added_runner.id,
+			"amountPerDistance": 100,
+			"donor": added_donor.id,
+			"paidAmount": 1000
+		}, axios_config);
+		delete res.data.id;
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data).toEqual({
+			"donor": added_donor,
+			"amountPerDistance": 100,
+			"runner": added_runner,
+			"amount": 0,
+			"paidAmount": 1000,
+			"status": "PAID",
 			"responseType": "DISTANCEDONATION"
 		})
 	});

src/tests/donations/donations_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/donations/donations_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/donations/donations_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {
@@ -212,6 +213,17 @@ describe('adding + updating fixed donation valid', () => {
 		expect(res.headers['content-type']).toContain("application/json");
 		expect(res.data.amount).toEqual(42);
 	});
+	it('updating paidAmount should return 200', async () => {
+		const res = await axios.put(base + '/api/donations/fixed/' + added_donation.id, {
+			"id": added_donation.id,
+			"donor": added_donor.id,
+			"amount": 42,
+			"paidAmount": 10
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data.paidAmount).toEqual(10);
+	});
 	it('updating donor should return 200', async () => {
 		const res = await axios.put(base + '/api/donations/fixed/' + added_donation.id, {
 			"id": added_donation.id,
@@ -316,6 +328,19 @@ describe('adding + updating distance donation valid', () => {
 		expect(res.headers['content-type']).toContain("application/json");
 		expect(res.data.amountPerDistance).toEqual(69);
 	});
+	it('updating paidAmount should return 200', async () => {
+		const res = await axios.put(base + '/api/donations/distance/' + added_donation.id, {
+			"id": added_donation.id,
+			"runner": added_runner.id,
+			"amountPerDistance": 69,
+			"donor": added_donor.id,
+			"paidAmount": 10
+		}, axios_config);
+		delete res.data.donor.donationAmount;
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data.paidAmount).toEqual(10);
+	});
 	it('updating runner should return 200', async () => {
 		const res = await axios.put(base + '/api/donations/distance/' + added_donation.id, {
 			"id": added_donation.id,

src/tests/donors/donor_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/donors/donor_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/donors/donor_get.spec.ts

@@ -5,6 +5,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/donors/donor_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/mails/mail_test.spec.ts

@@ -1,22 +0,0 @@
-import axios from 'axios';
-import { config } from '../../config';
-
-const base = "http://localhost:" + config.internal_port
-
-let access_token;
-let axios_config;
-
-beforeAll(async () => {
-    const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
-    access_token = res.data["access_token"];
-    axios_config = {
-        headers: { "authorization": "Bearer " + access_token },
-        validateStatus: undefined
-    };
-});
-
-describe('POST /mails/test valid', () => {
-    it('test mail request should return 200', async () => {
-        const res1 = await axios.post(base + '/api/mails/test', null, axios_config);
-    });
-});