chore(release): v1.3.0

close #211

squash merge please:)

Reviewed-on: #212

.drone.yml

@@ -1,163 +0,0 @@
----
-kind: pipeline
-name: tests:node_latest
-clone:
-  disable: true
-steps:
-  - name: checkout pr
-    image: alpine/git
-    commands:
-      - git clone $DRONE_REMOTE_URL .
-      - git checkout $DRONE_SOURCE_BRANCH
-  - name: run tests
-    image: node:latest
-    commands:
-      - yarn
-      - yarn test:ci
-trigger:
-  event:
-    - pull_request
-
----
-kind: pipeline
-type: docker
-name: build:dev
-clone:
-  disable: true
-
-steps:
-  - name: clone
-    image: alpine/git
-    commands:
-      - git clone $DRONE_REMOTE_URL .
-      - git checkout dev
-  - name: build dev
-    image: plugins/docker
-    depends_on: [clone]
-    settings:
-      username:
-        from_secret: DOCKER_REGISTRY_USER
-      password:
-        from_secret: DOCKER_REGISTRY_PASSWORD
-      repo: registry.odit.services/lfk/backend
-      tags:
-        - dev
-      registry: registry.odit.services
-  - name: run changelog export
-    depends_on: ["clone"]
-    image: node:latest
-    commands:
-      - npx auto-changelog --commit-limit false -p -u --hide-credit
-  - name: push new changelog to repo
-    depends_on: ["run changelog export"]
-    image: appleboy/drone-git-push
-    settings:
-      branch: dev
-      commit: true
-      commit_message: 🧾New changelog file version [CI SKIP] [skip ci]
-      author_email: bot@odit.services
-      remote: git@git.odit.services:lfk/backend.git
-      ssh_key:
-        from_secret: GITLAB_SSHKEY
-  - name: run full license export
-    depends_on: ["clone"]
-    image: node:14.15.1-alpine3.12
-    commands:
-      - yarn
-      - yarn licenses:export
-  - name: push new licenses file to repo
-    depends_on: ["run full license export"]
-    image: appleboy/drone-git-push
-    settings:
-      branch: dev
-      commit: true
-      commit_message: 📖New license file version [CI SKIP] [skip ci]
-      author_email: bot@odit.services
-      remote: git@git.odit.services:lfk/backend.git
-      skip_verify: true
-      ssh_key:
-        from_secret: GITLAB_SSHKEY
-
-
-trigger:
-  branch:
-    - dev
-  event:
-    - push
-
----
-kind: pipeline
-type: docker
-name: build:latest
-clone:
-  disable: true
-
-steps:
-  - name: clone
-    image: alpine/git
-    commands:
-      - git clone $DRONE_REMOTE_URL .
-      - git checkout dev
-      - git merge main
-      - git checkout main
-  - name: build latest
-    depends_on: ["clone"]
-    image: plugins/docker
-    settings:
-      username:
-        from_secret: DOCKER_REGISTRY_USER
-      password:
-        from_secret: DOCKER_REGISTRY_PASSWORD
-      repo: registry.odit.services/lfk/backend
-      tags:
-        - latest
-      registry: registry.odit.services
-  - name: push merge to repo
-    depends_on: ["clone"]
-    image: appleboy/drone-git-push
-    settings:
-      branch: dev
-      commit: false
-      remote: git@git.odit.services:lfk/backend.git
-      ssh_key:
-        from_secret: GITLAB_SSHKEY
-
-trigger:
-  branch:
-    - main
-  event:
-    - push
-
----
-kind: pipeline
-type: docker
-name: build:tags
-
-steps:
-  - name: build $DRONE_TAG
-    image: plugins/docker
-    depends_on: [clone]
-    settings:
-      username:
-        from_secret: DOCKER_REGISTRY_USER
-      password:
-        from_secret: DOCKER_REGISTRY_PASSWORD
-      repo: registry.odit.services/lfk/backend
-      tags:
-        - '${DRONE_TAG}'
-      registry: registry.odit.services
-  - name: trigger node lib build
-    image: idcooldi/drone-webhook
-    settings:
-      urls: https://ci.odit.services/api/repos/lfk/lfk-client-node/builds?SOURCE_TAG=${DRONE_TAG}
-      bearer:
-        from_secret: BOT_DRONE_KEY
-  - name: trigger js lib build
-    image: idcooldi/drone-webhook
-    settings:
-      urls: https://ci.odit.services/api/repos/lfk/lfk-client-js/builds?SOURCE_TAG=${DRONE_TAG}
-      bearer:
-        from_secret: BOT_DRONE_KEY
-trigger:
-  event:
-  - tag

.env.example

@@ -7,4 +7,5 @@ DB_PASSWORD=bla
 DB_NAME=./test.sqlite
 NODE_ENV=production
 POSTALCODE_COUNTRYCODE=DE
-SEED_TEST_DATA=false
+SEED_TEST_DATA=false
+SELFSERVICE_URL=bla

.gitea/workflows/release.yml

@@ -0,0 +1,33 @@
+name: Build release images
+on:
+  push:
+    tags:
+      - "*.*.*"
+
+jobs:
+  build-container:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 19
+      - run: npm i -g pnpm@8 && pnpm i
+      - run: pnpm licenses:export
+      - name: Login to registry
+        uses: docker/login-action@v3
+        with:
+          registry: registry.odit.services
+          username: ${{ vars.REGISTRY_USERNAME }}
+          password: ${{ secrets.REGISTRY_PASSWORD }}
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          tags: |
+            ${{ vars.REGISTRY }}/lfk/backend:${{ github.ref_name }}
+          platforms: linux/amd64,linux/arm64

.gitignore

@@ -135,4 +135,4 @@ build
 /docs
 lib
 /oss-attribution
-*.tmp
+*.tmp

CHANGELOG.md

@@ -2,12 +2,598 @@
 
 All notable changes to this project will be documented in this file. Dates are displayed in UTC.
 
+#### [1.3.0](https://git.odit.services/lfk/backend/compare/1.2.1...1.3.0)
+
+- feat: created_via for tracking how runners got into the system [`#212`](https://git.odit.services/lfk/backend/pull/212)
+- feat: created_via for tracking how runners got into the system (#212) [`#211`](https://git.odit.services/lfk/backend/issues/211)
+- ci: move to gitea workflows [`ebde8c6`](https://git.odit.services/lfk/backend/commit/ebde8c6ffd8b17c6752da8c4d8eb3095105f6132)
+- build: docker "AS" casing [`0a43f1b`](https://git.odit.services/lfk/backend/commit/0a43f1bb5b26d3acb0d4d91648473f0dc55e8637)
+- refactor(RunnerController.remove): only load necessary relations [`8c6fdb2`](https://git.odit.services/lfk/backend/commit/8c6fdb22390218e385780fadb3bdaf32148ac054)
+- refactor(RunnerTeamController.remove): only load necessary relations [`c0d5af5`](https://git.odit.services/lfk/backend/commit/c0d5af5d7ab44cfdf19014e0d774fb560d08f6d7)
+- fix: add .created_via to ResponseParticipant constructor [`2e271bc`](https://git.odit.services/lfk/backend/commit/2e271bcd52f02ab7449cd15916b0afc86e8b0a90)
+
+#### [1.2.1](https://git.odit.services/lfk/backend/compare/1.2.0...1.2.1)
+
+> 11 December 2024
+
+- refactor: allow selfservice link every 30s [`07bf28b`](https://git.odit.services/lfk/backend/commit/07bf28b14458849930748ce041fb65e572759482)
+- chore(release): 1.2.1 [`4008a5e`](https://git.odit.services/lfk/backend/commit/4008a5ee720b212bac9cba64417058bf4526060b)
+
+#### [1.2.0](https://git.odit.services/lfk/backend/compare/v1.1.4...1.2.0)
+
+> 11 December 2024
+
+- refactor: move to new mailer [`0f4c8b2`](https://git.odit.services/lfk/backend/commit/0f4c8b2051cae17fbdd7e02017ad5b41c61e210c)
+- refactor(ci): Switch to new woodpecker [`b3a73b2`](https://git.odit.services/lfk/backend/commit/b3a73b25e80a0466ff83e43481271fc0cd499a0d)
+- feat: middlename [`6eff243`](https://git.odit.services/lfk/backend/commit/6eff2438035b368eb45931fad9402a6cb942b350)
+- SELFSERVICE_URL [`765ef84`](https://git.odit.services/lfk/backend/commit/765ef849035ca4f8b2253bb76d15be8e9a3e6763)
+- FRONTEND_URL env [`296ba8d`](https://git.odit.services/lfk/backend/commit/296ba8ddab1dba46f8201829d9a7e5fc1c88c0f8)
+- chore: update readme [`d842c14`](https://git.odit.services/lfk/backend/commit/d842c14240fb4a7f70c66143bbe877f8168ef6d4)
+- chore(release): 1.2.0 [`6764bf8`](https://git.odit.services/lfk/backend/commit/6764bf80eac832d186e688319d8a959543a1495f)
+- Merge pull request 'refactor: move to new mailer' (#209) from refactor/new-mailer into dev [`bda1f97`](https://git.odit.services/lfk/backend/commit/bda1f971d1a14ea403439533c7ae31280c7df167)
+
+#### [v1.1.4](https://git.odit.services/lfk/backend/compare/v1.1.3...v1.1.4)
+
+> 20 November 2024
+
+- build: package lock [`50dd703`](https://git.odit.services/lfk/backend/commit/50dd703a1bd276a607cc10a087c7e90fd880847a)
+- fix(deps): Bump sqlite3 [`cd3cd81`](https://git.odit.services/lfk/backend/commit/cd3cd81360777e8bc4d78e861354e58c8da79cc7)
+- feat(ci)!: Switch to woodpecker [`3192365`](https://git.odit.services/lfk/backend/commit/3192365793fae59f2b89e3231db298654f0a28e9)
+- fix(deps): Bumped argon2 to latest version for arm support [`cf48c00`](https://git.odit.services/lfk/backend/commit/cf48c00ddb2ac33263549876928db50ae152c12d)
+- fix: updated README for pnpm, typos [`5082b1b`](https://git.odit.services/lfk/backend/commit/5082b1b8b1c0ae9e8ffa9c71c4d7923fd9223c87)
+- 🚀Bumped version to v1.1.4 [`a54cb28`](https://git.odit.services/lfk/backend/commit/a54cb287a4323ac8de77f51711cc6c52ec290859)
+- ci: drop lfk-client-node [`075d484`](https://git.odit.services/lfk/backend/commit/075d484f1169bfc5c5b68cb9712116b0e270b471)
+- fix(dependencies): Switch back to previous class-validator version to produce a working build [`74d334f`](https://git.odit.services/lfk/backend/commit/74d334f9b747a77115bd9b97729ef1120822e128)
+
+#### [v1.1.3](https://git.odit.services/lfk/backend/compare/v1.1.2...v1.1.3)
+
+> 10 May 2023
+
+- 🚀Bumped version to v1.1.3 [`057a8ee`](https://git.odit.services/lfk/backend/commit/057a8ee699d08c0e4a80cb50a8820f819569c9ac)
+- feat(orgs): Also resolve child-teams' distances and add them to org total [`8d94186`](https://git.odit.services/lfk/backend/commit/8d9418635d3e381c0f55a2521a3334ba497c169a)
+- fix(orgs): Removed unused log [`f2832a2`](https://git.odit.services/lfk/backend/commit/f2832a2daecc7bc7bbee4d4fceeab8db194730cf)
+
+#### [v1.1.2](https://git.odit.services/lfk/backend/compare/v1.1.1...v1.1.2)
+
+> 10 May 2023
+
+- 🚀Bumped version to v1.1.2 [`0d21596`](https://git.odit.services/lfk/backend/commit/0d21596e2b64a99258d4925ae2ad627d5cdbd984)
+- feat(groups): Resolve the total group distance on group get single (aka get org and get team) [`245827e`](https://git.odit.services/lfk/backend/commit/245827e9c659cf76183dc33ab253becc22ddf032)
+- chore(package): Formatting [`4608a36`](https://git.odit.services/lfk/backend/commit/4608a36df6b187520ca0c331b8dce615205257be)
+
+#### [v1.1.1](https://git.odit.services/lfk/backend/compare/v1.1.0...v1.1.1)
+
+> 19 April 2023
+
+- feat(donors): Resolve donations with donors via pagination [`12a9ae2`](https://git.odit.services/lfk/backend/commit/12a9ae24933117acb3ff9815a7d72abca5eea7a7)
+- 🚀Bumped version to v1.1.1 [`cb1305a`](https://git.odit.services/lfk/backend/commit/cb1305aa77c36aa9d7900f09e7413bc6d45f2c89)
+
+#### [v1.1.0](https://git.odit.services/lfk/backend/compare/v1.0.1...v1.1.0)
+
+> 19 April 2023
+
+- feat(stats): Added donation count and donor count to stats [`6f39ac4`](https://git.odit.services/lfk/backend/commit/6f39ac42dafc2a589bbb2256b0417f3e774ae174)
+- 🚀Bumped version to v1.1.0 [`b9fe9f1`](https://git.odit.services/lfk/backend/commit/b9fe9f1c24653b91255a6dbbdc32c30b1b411eeb)
+- Added average donation per distance to stats [`fe59e3a`](https://git.odit.services/lfk/backend/commit/fe59e3a557903cf555d4c50098e935c49ca1fac4)
+- Added hints [`b25b0db`](https://git.odit.services/lfk/backend/commit/b25b0db76071ef8d50cc60e950a399dc060a2a9f)
+- Added calls to controller [`6ee5328`](https://git.odit.services/lfk/backend/commit/6ee5328dbc404603d19db3a5173ae4def560a9c9)
+- Formatting [`42c23a5`](https://git.odit.services/lfk/backend/commit/42c23a5883dacda4e0147842d448b3ad35b197b1)
+
+#### [v1.0.1](https://git.odit.services/lfk/backend/compare/v1.0.0...v1.0.1)
+
+> 18 April 2023
+
+- fix(pagination) page=0 resulted in false thx JS [`fcee390`](https://git.odit.services/lfk/backend/commit/fcee3909f4c4664115cc7ecb94f30e0dd8e78ce0)
+- 🚀Bumped version to v1.0.1 [`301f334`](https://git.odit.services/lfk/backend/commit/301f33467489a8533bdac11fbd10efd1b791f5e3)
+
+### [v1.0.0](https://git.odit.services/lfk/backend/compare/v0.15.4...v1.0.0)
+
+> 18 April 2023
+
+- 🚀Bumped version to v1.0.0 [`f0e20e4`](https://git.odit.services/lfk/backend/commit/f0e20e413014fe446c97754d2765cdad92c2cc3b)
+- Merge pull request 'feature/205-pagination' (#206) from feature/205-pagination into dev [`80de188`](https://git.odit.services/lfk/backend/commit/80de188565523d642407612272432ef07672b890)
+- Added pagination for runner orgs [`538622a`](https://git.odit.services/lfk/backend/commit/538622aa1841e27256f304e15b4204c2f6d24d76)
+- RunnerTeam Pagination [`0fa663a`](https://git.odit.services/lfk/backend/commit/0fa663a34104d438dd8fc9ab02458fdf289329f8)
+- users pagination [`244da61`](https://git.odit.services/lfk/backend/commit/244da618926377f58bb12dbbd89b7bb39d84596e)
+- Track pagination [`2a72aea`](https://git.odit.services/lfk/backend/commit/2a72aea10ef940fbdd4a9e6137b22933fdec7734)
+- usergroup pagination [`513d7f6`](https://git.odit.services/lfk/backend/commit/513d7f6fbaebe39beab6ec95e6e42eb10c62296d)
+- statsclient pagination [`71ebce6`](https://git.odit.services/lfk/backend/commit/71ebce6f8eebf110bb973a53b91dd6a49e1def99)
+- scanstation pagination [`f60025b`](https://git.odit.services/lfk/backend/commit/f60025b6de79b0f5f89995bf59260194f5de9af0)
+- Get all pagination for permissions [`86a21db`](https://git.odit.services/lfk/backend/commit/86a21dbfa4b50d8e80c611ea6e3eabfc2b8ae365)
+- Pagination for group contacts [`1e9e24d`](https://git.odit.services/lfk/backend/commit/1e9e24d99d75ce6dc846ff662e62c886646ea974)
+- Added pagination for get all donors [`4493c0e`](https://git.odit.services/lfk/backend/commit/4493c0e3d9beebbf7f601b39e1a2579771b4d152)
+- Added pagination for donations [`f5d48fc`](https://git.odit.services/lfk/backend/commit/f5d48fc638080c9333efe474d86f131794c809af)
+- Added pagination for runnercards [`b35a2dd`](https://git.odit.services/lfk/backend/commit/b35a2dd2fab708253373b3326f11ab574be18371)
+- Added pagination for runners [`d873674`](https://git.odit.services/lfk/backend/commit/d873674819e6cb33cf89da4f8fdc30a0b41707e4)
+- Added pagination for get all scans [`37b2ac9`](https://git.odit.services/lfk/backend/commit/37b2ac974b2276efd13538c127ba5ddda2537fe3)
+- Updated test for attribute [`2f305e1`](https://git.odit.services/lfk/backend/commit/2f305e127c75e9e6ff8e9fc0cfc10cc3db44759d)
+- Formatting [`a28ffe0`](https://git.odit.services/lfk/backend/commit/a28ffe06e5f3f69e4af6fdf0c66c9a1dfda10cfa)
+
+#### [v0.15.4](https://git.odit.services/lfk/backend/compare/v0.15.3...v0.15.4)
+
+> 15 April 2023
+
+- Fixed possible null [`0f0c3c7`](https://git.odit.services/lfk/backend/commit/0f0c3c7214f357d991518aafd015ffc4d387ce59)
+- 🚀Bumped version to v0.15.4 [`81aed1d`](https://git.odit.services/lfk/backend/commit/81aed1de40166f4cefabdb478d7638017127b25c)
+
+#### [v0.15.3](https://git.odit.services/lfk/backend/compare/v0.15.2...v0.15.3)
+
+> 15 April 2023
+
+- Faster stats (not including donations) [`b2ac70e`](https://git.odit.services/lfk/backend/commit/b2ac70e0aec1064e54a5043a104e7892984b2338)
+- 🚀Bumped version to v0.15.3 [`3909ed3`](https://git.odit.services/lfk/backend/commit/3909ed34f739e9fee90828f16757c75da90bab0f)
+
+#### [v0.15.2](https://git.odit.services/lfk/backend/compare/v0.15.1...v0.15.2)
+
+> 15 April 2023
+
+- 🚀Bumped version to v0.15.2 [`5f17e7f`](https://git.odit.services/lfk/backend/commit/5f17e7f783a7e8e2efc8f7dbbf2c98bcd1d80240)
+- Don't resolve runner group and parten with get all card requests [`2d8f752`](https://git.odit.services/lfk/backend/commit/2d8f7528d98144832e7609f5aa6fac8de4723c4a)
+- Resolve groups again for card generation [`a5a56a2`](https://git.odit.services/lfk/backend/commit/a5a56a263a01dbd911a799ab57084166e17b80ac)
+
+#### [v0.15.1](https://git.odit.services/lfk/backend/compare/v0.15.0...v0.15.1)
+
+> 15 April 2023
+
+- 🚀Bumped version to v0.15.1 [`9581185`](https://git.odit.services/lfk/backend/commit/9581185b24039338e7f238ecdcc3881bb5203759)
+- Faster trackscan creation by only loading the latest scan [`e9914e3`](https://git.odit.services/lfk/backend/commit/e9914e317b7fd78863cfd8549bad65da9292b7ca)
+- Log batch time in mass scan script [`2905884`](https://git.odit.services/lfk/backend/commit/2905884c024d7f275b3ad2c2858a2f0911adb95b)
+- Dont load cards with get all runners request [`702070d`](https://git.odit.services/lfk/backend/commit/702070da669cc605b93e6f5b62d712c28f079dd0)
+
+#### [v0.15.0](https://git.odit.services/lfk/backend/compare/v0.14.6...v0.15.0)
+
+> 15 April 2023
+
+- Added test script for creating mass scans [`8007117`](https://git.odit.services/lfk/backend/commit/80071174342d87199fcbd981cd8c92300b0a51e4)
+- 🚀Bumped version to v0.15.0 [`cc89ba8`](https://git.odit.services/lfk/backend/commit/cc89ba8afb3120569613a889baf962555612e95a)
+- Get all scans speed improvement [`23fa78e`](https://git.odit.services/lfk/backend/commit/23fa78eb9dcc01ecc036347f6703aacc0d163d7d)
+- More scan request optimizations [`7c4ff42`](https://git.odit.services/lfk/backend/commit/7c4ff42a3b3e7b186e16c85a97d9ecc854a32cb0)
+
+#### [v0.14.6](https://git.odit.services/lfk/backend/compare/v0.14.5...v0.14.6)
+
+> 15 April 2023
+
+- 🚀Bumped version to v0.14.6 [`3b3e689`](https://git.odit.services/lfk/backend/commit/3b3e68900beca16cfff88dbef22540f77750d29b)
+- Missing orm file [`3ff666f`](https://git.odit.services/lfk/backend/commit/3ff666fd3e84ac8cf41b30e9e17082b10548d55b)
+
+#### [v0.14.5](https://git.odit.services/lfk/backend/compare/v0.14.4...v0.14.5)
+
+> 15 April 2023
+
+- 🚀Bumped version to v0.14.5 [`4e44350`](https://git.odit.services/lfk/backend/commit/4e4435010fd7095e3b9742e207cba1b68cd6da3b)
+- Entrypoint fix [`de9af5a`](https://git.odit.services/lfk/backend/commit/de9af5a90907dcfc9bfb1d5a56420eed8bb59922)
+- Fixed copy [`ac631f0`](https://git.odit.services/lfk/backend/commit/ac631f0af467446552478873b7b4802a9310f865)
+
+#### [v0.14.4](https://git.odit.services/lfk/backend/compare/v0.14.3...v0.14.4)
+
+> 15 April 2023
+
+- Switched ci over to pnpm + cache [`6275aaa`](https://git.odit.services/lfk/backend/commit/6275aaa326f1c02c8dd42aa31608978408c44ab7)
+- 🚀Bumped version to v0.14.4 [`6bbdd5b`](https://git.odit.services/lfk/backend/commit/6bbdd5bb04a1c38e4b3a150db24b76e9c96490dd)
+- Back to ean13 based codes [`a8fc755`](https://git.odit.services/lfk/backend/commit/a8fc7558408b97da4b2c469ae5e73ab502b4fda0)
+- install prod in first step [`d027439`](https://git.odit.services/lfk/backend/commit/d02743984dfea8057be3081bd3a32a8f67e610aa)
+- Switched dockerfile to pnpm 8 with cache [`93d43b7`](https://git.odit.services/lfk/backend/commit/93d43b76843d7cb411f37fd2066c6a5364c05415)
+- COPY by stage name [`a64f6c9`](https://git.odit.services/lfk/backend/commit/a64f6c9822af2b927e91b0b55f1f50176de30169)
+- pinned pnpm version [`2a94bfa`](https://git.odit.services/lfk/backend/commit/2a94bfa6227d14f635b5fc2789b59c36d490937e)
+- custom pnpm cache [`85dc344`](https://git.odit.services/lfk/backend/commit/85dc3444acc677ddd242f9f2543ce477fe427a7c)
+- added missing ci env [`734c826`](https://git.odit.services/lfk/backend/commit/734c826face58dd5c3bb2607bda6e7f6d051012e)
+- pinned pnpm to 8 [`27e74e8`](https://git.odit.services/lfk/backend/commit/27e74e824cd1e23d4d53c1a983a1668dd87f5d59)
+- coherent baseimage [`b5c0a28`](https://git.odit.services/lfk/backend/commit/b5c0a288ac3c020f5d753c558aee160fea0bae14)
+- bumped final pnpm version [`33b25c9`](https://git.odit.services/lfk/backend/commit/33b25c9743abb7cefb3538f08cc2f78a646905c8)
+
+#### [v0.14.3](https://git.odit.services/lfk/backend/compare/v0.14.2...v0.14.3)
+
+> 18 March 2023
+
+- 🚀Bumped version to v0.14.3 [`16ce0a8`](https://git.odit.services/lfk/backend/commit/16ce0a848050b74c4b6dd93f17e5a6e9024cdb7d)
+- Adjusted modulo for new fixed card length [`9a8d618`](https://git.odit.services/lfk/backend/commit/9a8d618ae4584640e8be1ce9fe4bddd2ef7a92ae)
+
+#### [v0.14.2](https://git.odit.services/lfk/backend/compare/v0.14.1...v0.14.2)
+
+> 18 March 2023
+
+- 🚀Bumped version to v0.14.2 [`38da2d3`](https://git.odit.services/lfk/backend/commit/38da2d33187f4b24eef878642e153663ecd95de1)
+- Back to modulo [`068deb4`](https://git.odit.services/lfk/backend/commit/068deb4960bd16decf99887ffbda7a7d3dd9ff0b)
+
+#### [v0.14.1](https://git.odit.services/lfk/backend/compare/v0.14.0...v0.14.1)
+
+> 18 March 2023
+
+- 🚀Bumped version to v0.14.1 [`13f093b`](https://git.odit.services/lfk/backend/commit/13f093bb6138a498f93a05ef6dd812ae92f2676a)
+- Switched from card prefix replacement via modulo to regex [`6289f30`](https://git.odit.services/lfk/backend/commit/6289f307400aacaa9cfe03f3024c1e0d5554d4f2)
+
+#### [v0.14.0](https://git.odit.services/lfk/backend/compare/v0.13.3...v0.14.0)
+
+> 15 March 2023
+
+- 🚀Bumped version to v0.14.0 [`6ff764b`](https://git.odit.services/lfk/backend/commit/6ff764bc340ca25b3bdd62c6892259e228723973)
+- Updated default length [`ea87cc7`](https://git.odit.services/lfk/backend/commit/ea87cc793b163bf0d4405a25bbe83fbc8e31c206)
+- breaking(runnercards): shorter runnercard codes (padding to 12 was a bit tooo ambitious) [`ffee887`](https://git.odit.services/lfk/backend/commit/ffee887ddf6a71102ee39533d7cd504d1fd6698f)
+- Removed sqlite journal [`92517e3`](https://git.odit.services/lfk/backend/commit/92517e365393f4baac3814f5668874b5752dc7c8)
+
+#### [v0.13.3](https://git.odit.services/lfk/backend/compare/v0.13.2...v0.13.3)
+
+> 15 February 2023
+
+- 🚀Bumped version to v0.13.3 [`3bac75e`](https://git.odit.services/lfk/backend/commit/3bac75e7ab9f16ecab1fbfa9915a7edb923883f6)
+- Merge pull request 'feature/201-no_citizen-deletion' (#202) from feature/201-no_citizen-deletion into dev [`d05eddc`](https://git.odit.services/lfk/backend/commit/d05eddcae198427ce9a334096563b3aadcff2b56)
+- Updated tests [`d5c689d`](https://git.odit.services/lfk/backend/commit/d5c689d6937288df7dca14ce26fbbd4f46a8752a)
+- Added delete check for citizen org [`8fedd4e`](https://git.odit.services/lfk/backend/commit/8fedd4ef3bdd48dc42abc1d53006eefc145175e3)
+
+#### [v0.13.2](https://git.odit.services/lfk/backend/compare/v0.13.1...v0.13.2)
+
+> 3 February 2023
+
+- 🚀Bumped version to v0.13.2 [`e8b2e6f`](https://git.odit.services/lfk/backend/commit/e8b2e6f26140a18c06b017e4461742d7e7942f08)
+- Merge pull request 'move selfservice magic link endpoint to 15min rate limit' (#200) from feature/runner-selfservice-login-link-rate-limit into dev [`39f3b0e`](https://git.odit.services/lfk/backend/commit/39f3b0e01f03bfbcfcb0ea08d697268ce068e63d)
+- move to 15min limit [`edaf255`](https://git.odit.services/lfk/backend/commit/edaf255e8f609185dcd6c2c0cd2e8b007b785e0c)
+- Merge pull request 'Releases 0.12.0 and 0.13.0' (#199) from dev into main [`41c4ed4`](https://git.odit.services/lfk/backend/commit/41c4ed4d0faaed382801bbe480f31dafa6f3912d)
+
+#### [v0.13.1](https://git.odit.services/lfk/backend/compare/v0.13.0...v0.13.1)
+
+> 2 February 2023
+
+- 🚀Bumped version to v0.13.1 [`f2bd88a`](https://git.odit.services/lfk/backend/commit/f2bd88aadfcb6ffa0485ea6afac8c7664a37f5f4)
+- Updated description [`67a3661`](https://git.odit.services/lfk/backend/commit/67a36614485b2ea83c2de41e0684708b95a05b32)
+
+#### [v0.13.0](https://git.odit.services/lfk/backend/compare/v0.12.0...v0.13.0)
+
+> 2 February 2023
+
+- Added faker for testing [`e184673`](https://git.odit.services/lfk/backend/commit/e1846739638905aab6ba7e059fd2cbf8ff467bf3)
+- 📖New license file version [CI SKIP] [skip ci] [`2b641fa`](https://git.odit.services/lfk/backend/commit/2b641faa29c47d95f69983770dc4ab37e674604f)
+- 🚀Bumped version to v0.13.0 [`0c763a2`](https://git.odit.services/lfk/backend/commit/0c763a2dfd39607b480d9aff7d3c883791f41700)
+- Updated selfservice tests to prevent email duplication [`9bc80aa`](https://git.odit.services/lfk/backend/commit/9bc80aac8aab9b4dedc26c9bc3ce705d7fe9c0bf)
+- Moved license and changelog export to releaseit hooks [`77c6303`](https://git.odit.services/lfk/backend/commit/77c6303014578edbbadeeaa790f7974bde2a9764)
+- Updated readme [`4cdba8b`](https://git.odit.services/lfk/backend/commit/4cdba8bc77ce543f6fb636711b8728bce794eac7)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`ae14d6c`](https://git.odit.services/lfk/backend/commit/ae14d6c74f9205440b41ca5fdbd052ca449148fc)
+- Added selfservice runner create check to prevent duplicate email [`68cd746`](https://git.odit.services/lfk/backend/commit/68cd746a9f3360b3630a9ba570213d2aa62497b4)
+- Updated tests for new login in selfservice [`39aa759`](https://git.odit.services/lfk/backend/commit/39aa7598b7cd0ecb0f077f50ebdd31c6e205f06d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`9fa8b93`](https://git.odit.services/lfk/backend/commit/9fa8b93c08ee52335b18e743f9d205b19e6095c6)
+- Moved changelog generation to package script [`a7297ff`](https://git.odit.services/lfk/backend/commit/a7297ff933ae1372a9d508cdae1a54d2ebbcc647)
+- Merge pull request 'feature/197-duplicate_runner_mail' (#198) from feature/197-duplicate_runner_mail into dev [`4b676bc`](https://git.odit.services/lfk/backend/commit/4b676bc85336c2d494e9e74823d38deec5cc0400)
+- Updated logo url [`4433ddb`](https://git.odit.services/lfk/backend/commit/4433ddb1e15a35481728670e22049200644bf337)
+- depends_on: ["clone"] [`9cc66ee`](https://git.odit.services/lfk/backend/commit/9cc66eebdfe8e7a2888bbc97197d1756ff44de30)
+- Fixed typo [`19a290c`](https://git.odit.services/lfk/backend/commit/19a290c3a931ead0d9ae9ebb0985bfbaac54df59)
+- Rename selfservice forgot to login [`69651d9`](https://git.odit.services/lfk/backend/commit/69651d9f6cd826b6d4720f164897a2a72a57c851)
+- 📖New license file version [CI SKIP] [skip ci] [`6fd246f`](https://git.odit.services/lfk/backend/commit/6fd246f43cb3f4d0ccb6e017ee699889ba17daac)
+- Add git for changelog fun [`2fa56b8`](https://git.odit.services/lfk/backend/commit/2fa56b82d1e082a1deae943e5fca5101f24e3ef5)
+
+#### [v0.12.0](https://git.odit.services/lfk/backend/compare/v0.11.1...v0.12.0)
+
+> 2 February 2023
+
+- Pinned versions [`a6d5693`](https://git.odit.services/lfk/backend/commit/a6d5693ccdeb25b15a09af8f7438142114268807)
+- Drone -> Kaniko based builds [`0e78951`](https://git.odit.services/lfk/backend/commit/0e789513008085d0db94fc3b2dd9e74a5e583049)
+- Drone images to odit registry [`6ad56b3`](https://git.odit.services/lfk/backend/commit/6ad56b31269bf19a740c1b6b1a303a8a9d7d59d0)
+- Bumped container base images [`d95c6d3`](https://git.odit.services/lfk/backend/commit/d95c6d33657f6aa977a8ebfefad7e199bb1cc9c3)
+- Enabled tag via release script [`9217421`](https://git.odit.services/lfk/backend/commit/92174212213f874e41c9472a927bcf87b963ac94)
+- Pinned pnpm for builds [`4570845`](https://git.odit.services/lfk/backend/commit/4570845b3e1bd00c228fe1b09b658c24e20aba7f)
+- 🚀Bumped version to v0.12.0 [`4c10e20`](https://git.odit.services/lfk/backend/commit/4c10e20b91a8101ee37b230373ceb3e024582b41)
+- Ignore pnpm lock [`1f2c8ab`](https://git.odit.services/lfk/backend/commit/1f2c8abb22f3ff1e61b7350b517bd699c3e315f6)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`31b258b`](https://git.odit.services/lfk/backend/commit/31b258b4ce82213144160a4233b7fd127e456776)
+
+#### [v0.11.1](https://git.odit.services/lfk/backend/compare/v0.11.0...v0.11.1)
+
+> 22 April 2021
+
+- Merge pull request 'Release 0.11.1' (#196) from dev into main [`f19f280`](https://git.odit.services/lfk/backend/commit/f19f2808d88414f1877c01f10996dac68b6f9617)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`2229cdf`](https://git.odit.services/lfk/backend/commit/2229cdf20db1a98f9f76a99fa9d3f463cdf6d804)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`348fe52`](https://git.odit.services/lfk/backend/commit/348fe52c42cfa32239b703041820f725e147154e)
+- Now prefixing runnercards with 2 [`8a82e05`](https://git.odit.services/lfk/backend/commit/8a82e059b74ceabf43c9cbfe9c9b89ef6ce15a28)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3b9cd2e`](https://git.odit.services/lfk/backend/commit/3b9cd2e1bbbe8e69c3883233a98f286d768c2b79)
+- Added fix for the appended 2 [`eb526fb`](https://git.odit.services/lfk/backend/commit/eb526fb57faf631fd6e84af99af738ab1b3481c7)
+- 🚀Bumped version to v0.11.1 [`95320ca`](https://git.odit.services/lfk/backend/commit/95320ca1bccc2886553accea6a428aadffda0a27)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`f2d127f`](https://git.odit.services/lfk/backend/commit/f2d127fc98d75ce658424624abd382c087737ca0)
+
+#### [v0.11.0](https://git.odit.services/lfk/backend/compare/v0.10.2...v0.11.0)
+
+> 14 April 2021
+
+- Merge pull request 'Release 0.11.0' (#195) from dev into main [`3220b19`](https://git.odit.services/lfk/backend/commit/3220b194d4c704835d6d106ec4d9d54a17a38b62)
+- Fixed spelling [`da266a8`](https://git.odit.services/lfk/backend/commit/da266a8dd68dbb575997ae343624982b690486ec)
+- Updated tests [`01ed514`](https://git.odit.services/lfk/backend/commit/01ed51489eb92fff907d46a930ecf0b0eb5cad2b)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`520608a`](https://git.odit.services/lfk/backend/commit/520608aef05b21f4daadf55cfc8caddba06b8f01)
+- Added payedDonationAmount to donor and responsedonor [`8ae4b85`](https://git.odit.services/lfk/backend/commit/8ae4b8582749332f4fb081eee0c520293347001f)
+- Responses now contain the donation status [`34dbaaa`](https://git.odit.services/lfk/backend/commit/34dbaaafe0422234848eabe3f52b26879c9e5a49)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`278c4a6`](https://git.odit.services/lfk/backend/commit/278c4a6a415434487a92ff66f8114bb2547aac48)
+- Marked payedAmount as optional during creation and/or update [`0636616`](https://git.odit.services/lfk/backend/commit/0636616dad5afb41ffe47a857d91ac75b4f2f20a)
+- Added payed amount fileld to donation class [`b8fbb72`](https://git.odit.services/lfk/backend/commit/b8fbb72fa0b659c9acc406c72a8a59c2174351b4)
+- Added status to tests [`30c6d3d`](https://git.odit.services/lfk/backend/commit/30c6d3d8db9fe37a51e596a73add8b87e8616e54)
+- Added payed amount to response class [`d64f470`](https://git.odit.services/lfk/backend/commit/d64f470b608b3f179ec77da0210de51c328ef3f2)
+- 📖New license file version [CI SKIP] [skip ci] [`a2f0d81`](https://git.odit.services/lfk/backend/commit/a2f0d814fc782ad440500e7d6ec779b6ab7f0ac6)
+- 🚀Bumped version to v0.11.0 [`3558e99`](https://git.odit.services/lfk/backend/commit/3558e9909088647bd4f1f4334f50c07a5ef00214)
+- Merge pull request 'Donation payment management feature/193-donation_payments' (#194) from feature/193-donation_payments into dev [`6df5f63`](https://git.odit.services/lfk/backend/commit/6df5f634f3123e04c015889573ccc5674a8bab27)
+- Added payed amount to crealte classes [`71542bc`](https://git.odit.services/lfk/backend/commit/71542bc3887b97c15436d03280e49f7b3f0fcb06)
+- Added donation status enum [`b4c31ee`](https://git.odit.services/lfk/backend/commit/b4c31ee9b5b35d6e11b07f50f3d30ca12e0f7728)
+- Added payed amount to update classes [`9930742`](https://git.odit.services/lfk/backend/commit/99307423c533f8cde847b59a80bffc2ff42c9769)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`0c61ff4`](https://git.odit.services/lfk/backend/commit/0c61ff457d02f750efa457dd75464187683b037a)
+- Added mssing check to tests [`6c14ed9`](https://git.odit.services/lfk/backend/commit/6c14ed9c89eadc1a10db8c912d8ea2711a518766)
+- No longer answering with null, but 0 [`49b174f`](https://git.odit.services/lfk/backend/commit/49b174f29f63e963e600d74b6923a20211d832eb)
+- Saved missing file [`8fe3243`](https://git.odit.services/lfk/backend/commit/8fe32436935d7cd6c17eae1e138383d3b714e1ba)
+
+#### [v0.10.2](https://git.odit.services/lfk/backend/compare/v0.10.1...v0.10.2)
+
+> 7 April 2021
+
+- Merge pull request 'Release 0.10.2' (#192) from dev into main [`1d82f65`](https://git.odit.services/lfk/backend/commit/1d82f65b0d3a32d10c1a10c991353c18696d58bf)
+- Added first selfservice test [`057ae0d`](https://git.odit.services/lfk/backend/commit/057ae0d79758cd627d6d128406a0d201b6b7ad9b)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`b7ad5d3`](https://git.odit.services/lfk/backend/commit/b7ad5d3a31b8b4f5960852d3ac38af133719ebcd)
+- First try of the laptime sort [`4471e57`](https://git.odit.services/lfk/backend/commit/4471e57438582d55ff846fd69c2cfcc26b40df2a)
+- Potential fix for all remaining errors [`377d5da`](https://git.odit.services/lfk/backend/commit/377d5dadb2a14cb2d70e0b2dc77026f51b3fb51c)
+- At least one fewer test should fail now [`87f444c`](https://git.odit.services/lfk/backend/commit/87f444c30d69d65a9f918c63631a859a389eeee3)
+- Tried workaround for no availdable stats [`8f0f795`](https://git.odit.services/lfk/backend/commit/8f0f795a709db216396998b68b8bbd64ff4d44ff)
+- Reverted temp bugfix [`4603a84`](https://git.odit.services/lfk/backend/commit/4603a84f16fb53a14d1792447100f5b470969dd0)
+- Fixed sorting algo [`988f17a`](https://git.odit.services/lfk/backend/commit/988f17a795bb2d867e9d1d8e78051dff1a14ec30)
+- Added runners stats tests [`7111068`](https://git.odit.services/lfk/backend/commit/7111068361e00cc1308664a3ae650a56e28c015c)
+- Added basic laptime endpoint [`cb71fcd`](https://git.odit.services/lfk/backend/commit/cb71fcd13bc61e6214e2fd7b70e72094749463d3)
+- Added orgs by donations stats tests [`d4a02e7`](https://git.odit.services/lfk/backend/commit/d4a02e7db2ff4976be21605e31aac2f3c82a49c0)
+- Added teams stats endpoint tests [`b9a7dc8`](https://git.odit.services/lfk/backend/commit/b9a7dc84f05441445453193974b2a793b5197fa5)
+- Now resolving all missing relations [`257f320`](https://git.odit.services/lfk/backend/commit/257f320ee3bf6429c4314c64023520366f9f730b)
+- Added min laptime to StatsRunner [`51daf96`](https://git.odit.services/lfk/backend/commit/51daf969cf74792b2c2f2f16ce4359d9fca47bc8)
+- Fixed sorting [`7b15c2d`](https://git.odit.services/lfk/backend/commit/7b15c2d88b14e7279aad97b0c950202ddb5acaaa)
+- Fixed top-ten bein top 9 [`a6a526d`](https://git.odit.services/lfk/backend/commit/a6a526dc5d8b1613ea34e82e477081349e764aec)
+- added new ci secret [`5633e85`](https://git.odit.services/lfk/backend/commit/5633e85f41cb69b10fd8a86f57f1bd2f50848f7b)
+- Added temp console log for test [`22cae39`](https://git.odit.services/lfk/backend/commit/22cae39bd351ca285880e50187ea0d46a7a26437)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`610988e`](https://git.odit.services/lfk/backend/commit/610988ec16b8df61cca61cf2252a469d30318d81)
+- Added temp console log for ci debugging [`4a73eab`](https://git.odit.services/lfk/backend/commit/4a73eab134c3a9f58771be996bc8811b62cf378e)
+- Temp disabled runners by donations test [`0b07a53`](https://git.odit.services/lfk/backend/commit/0b07a53ed209c6193ead3c4d199545e22333ab32)
+- Updated default docker-compose [`f8baca5`](https://git.odit.services/lfk/backend/commit/f8baca5ab2c56b906751bc7edd71477456ad91f3)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`dd6d799`](https://git.odit.services/lfk/backend/commit/dd6d799c847fc96aec1be8f2667ad371890076fb)
+- Resolved missing parentgroup relation [`23bd432`](https://git.odit.services/lfk/backend/commit/23bd432c5f33a0863217120d97e2e4ea52a08baf)
+- Removed console logs for now working tests [`71b33ab`](https://git.odit.services/lfk/backend/commit/71b33ab05b53b62c8b271bd2995c94b2fc212dfd)
+- Fixed typo in test [`cbcb829`](https://git.odit.services/lfk/backend/commit/cbcb829fbde3a4a5e7f94de5dcf24d854c5fc257)
+- Ptotential fix for stats failing [`dcdbdd1`](https://git.odit.services/lfk/backend/commit/dcdbdd15acfe6eef4220b7ed66db60d78107d1f9)
+- 🚀Bumped version to v0.10.2 [`6e236ed`](https://git.odit.services/lfk/backend/commit/6e236ede145e164ee84543fb62404b4776550973)
+- Merge pull request 'stats/runners/laptime feature/190-runners_laptime' (#191) from feature/190-runners_laptime into dev [`a694ad2`](https://git.odit.services/lfk/backend/commit/a694ad225c68fa23152402acba871c857433cc70)
+- Removed all useless console.logs [`95e1eec`](https://git.odit.services/lfk/backend/commit/95e1eec313a79458dd75307a9d0f8319af0d0904)
+- Pinned testing container tag to prod container tag [`10221b9`](https://git.odit.services/lfk/backend/commit/10221b9f2e4493080f3ff095d9772bcfd0ac50eb)
+- Now resolving all relations for orgs by distance [`4a294b1`](https://git.odit.services/lfk/backend/commit/4a294b1e17c44294274b06748ec8141812c2d217)
+- Added temp console log [`720774f`](https://git.odit.services/lfk/backend/commit/720774fcf47c38601ab88d5d74cfcd0e47b21acf)
+- Removed console log for passing tests [`132b48c`](https://git.odit.services/lfk/backend/commit/132b48cf2a9e990a5e830c744ed8244bd25e8b3a)
+- Removed console log [`1d8c8c8`](https://git.odit.services/lfk/backend/commit/1d8c8c8e9cefa58449f7abb2481d9396fe37ba20)
+- Temp test logging workaround [`bf686e8`](https://git.odit.services/lfk/backend/commit/bf686e89e02998ccc80c838ef890c736c252634c)
+- Temp test logging workaround [`6163f0a`](https://git.odit.services/lfk/backend/commit/6163f0a90b3721d3a1488f89cbb39ddff7152241)
+- Removed test for content type [`63964fb`](https://git.odit.services/lfk/backend/commit/63964fbf2c41d9b90f995f056e9db65ab07d54a8)
+
+#### [v0.10.1](https://git.odit.services/lfk/backend/compare/v0.10.0...v0.10.1)
+
+> 3 April 2021
+
+- Merge pull request 'Release 0.10.1' (#189) from dev into main [`e89e07d`](https://git.odit.services/lfk/backend/commit/e89e07d0fc99f14148b01204fb8ed39e2da77e38)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`69afd4d`](https://git.odit.services/lfk/backend/commit/69afd4d5877401eb46df430f43a7feb273abda1e)
+- 🚀Bumped version to v0.10.1 [`24d152f`](https://git.odit.services/lfk/backend/commit/24d152fdc8fe17fffa2f2a718d7145ba8a91d79c)
+- New class: ResponseSelfServiceDonor [`d70c5b1`](https://git.odit.services/lfk/backend/commit/d70c5b1bbc9f02782f8755b6929e2d3458e10221)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`4279e43`](https://git.odit.services/lfk/backend/commit/4279e4374304887e8db40eab77763b20bbce91a1)
+- Removed duplicate openapi statement [`4834a66`](https://git.odit.services/lfk/backend/commit/4834a6698b0958602421c1478a95fec7edda910b)
+- Switched selfservice donation.donor from string to object [`0767943`](https://git.odit.services/lfk/backend/commit/0767943721b6964d542f580c541e744f86444ac6)
+- Adjusted runner property names [`ca87774`](https://git.odit.services/lfk/backend/commit/ca87774767807a2c4bc869b0de95cc73832a8405)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`71e3d0e`](https://git.odit.services/lfk/backend/commit/71e3d0efe2cbde47aea0f26cb5a8b5cd3312707d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`c28843c`](https://git.odit.services/lfk/backend/commit/c28843c405dc4fd06a10f0fb85814acede15a769)
+- Merge pull request 'Selfservice donations reformatting feature/187-selfservice_donation' (#188) from feature/187-selfservice_donation into dev [`d837654`](https://git.odit.services/lfk/backend/commit/d837654617f7de5d055ffb06c65e2cd52f65c604)
+- Added new responsetype for new class [`f693f2c`](https://git.odit.services/lfk/backend/commit/f693f2cde9a04147155aea4de5d52e1d19d722ca)
+
+#### [v0.10.0](https://git.odit.services/lfk/backend/compare/v0.9.2...v0.10.0)
+
+> 1 April 2021
+
+- Merge pull request 'Release 0.10.0' (#186) from dev into main [`b517dff`](https://git.odit.services/lfk/backend/commit/b517dff8a82c960836d9f0be90fd89f3ba2fae7d)
+- 🚀Bumped version to v0.10.0 [`dc3071f`](https://git.odit.services/lfk/backend/commit/dc3071f7d2be298f0bb02d86ec67ed1125cd3b49)
+- Added locale to mail related runner endpoints [`7af883f`](https://git.odit.services/lfk/backend/commit/7af883f27198206af542bcaff4686221d3788e87)
+- Added locale to mail related runner endpoints [`f543307`](https://git.odit.services/lfk/backend/commit/f5433076b01c743ed9af085fccadb8f1edc26419)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`5fb355f`](https://git.odit.services/lfk/backend/commit/5fb355f450f19e96d3671b1a46e94d564495942b)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`114c246`](https://git.odit.services/lfk/backend/commit/114c246aceba566cc0dd6daab51a77b951b031cc)
+- Merge pull request 'Mail locales feature/184-mail_locales' (#185) from feature/184-mail_locales into dev [`33c13de`](https://git.odit.services/lfk/backend/commit/33c13de32c68a3d9e87e4fd9ad12a815ed8c9fde)
+- Added locale to mail related user endpoints [`1be073a`](https://git.odit.services/lfk/backend/commit/1be073a4fa39f0332a46f567ee6af10a9137844c)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`6aafe4a`](https://git.odit.services/lfk/backend/commit/6aafe4a6ae7d253ab39220e551c52ae067cc481a)
+
+#### [v0.9.2](https://git.odit.services/lfk/backend/compare/v0.9.1...v0.9.2)
+
+> 29 March 2021
+
+- Merge pull request 'Release 0.9.2' (#183) from dev into main [`bdeeb03`](https://git.odit.services/lfk/backend/commit/bdeeb036459c2a2131e843d8a5a6b338e0ba46ea)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`675c876`](https://git.odit.services/lfk/backend/commit/675c8762e8e4cf28d2f334d5ab2e1cb6b594e33c)
+- Fixed bug in return creation [`6c9b91d`](https://git.odit.services/lfk/backend/commit/6c9b91d75a0d08fc4ab0e72c7a09bd0133566368)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`8c00aef`](https://git.odit.services/lfk/backend/commit/8c00aefd6ce3723d9f83d1c94e6491d5d597391f)
+- 🚀Bumped version to v0.9.2 [`89e3924`](https://git.odit.services/lfk/backend/commit/89e392473c52a3f328545699a0f4df89be33ba89)
+
+#### [v0.9.1](https://git.odit.services/lfk/backend/compare/v0.9.0...v0.9.1)
+
+> 29 March 2021
+
+- Merge pull request 'Release v0.9.1' (#182) from dev into main [`3afd785`](https://git.odit.services/lfk/backend/commit/3afd785a54fac91c12af789af19b45e6124e0e39)
+- 🚀Bumped version to v0.9.1 [`a139554`](https://git.odit.services/lfk/backend/commit/a139554e059e9a10acb1733ce1a82b610cc99269)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`8099999`](https://git.odit.services/lfk/backend/commit/8099999e2cdfc8046f9ff4a90681281b671e402d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`0290b0e`](https://git.odit.services/lfk/backend/commit/0290b0e5f531364d37d8157e639614cf5a6b4189)
+- Merge pull request 'Return cards generated in bulk feature/180-blank_generation_return' (#181) from feature/180-blank_generation_return into dev [`0f7fa99`](https://git.odit.services/lfk/backend/commit/0f7fa990d473ce2dce032c47c39f79c1d0e8df90)
+- Added query param to return created runenrcards [`5a36c8d`](https://git.odit.services/lfk/backend/commit/5a36c8dcae3d79b3b05ffb30a7ebb0d31dc8183a)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`58f4d21`](https://git.odit.services/lfk/backend/commit/58f4d2151f459bc72692cc70e02a59b77abfb9f0)
+- Added test for returnCards=true array length [`1cb2dc9`](https://git.odit.services/lfk/backend/commit/1cb2dc9d53b530435f5798f9cdf7ee866eb7416e)
+- Added test for single card generation with returnCards=true [`6005b06`](https://git.odit.services/lfk/backend/commit/6005b0661f1d5c461bb102e243cc209a8adc21fa)
+- Fixed copy-paste oversight [`2f568c9`](https://git.odit.services/lfk/backend/commit/2f568c9cb8ae39ce40ec8df6d9acbaf0d5ae1a26)
+
+#### [v0.9.0](https://git.odit.services/lfk/backend/compare/v0.8.0...v0.9.0)
+
+> 26 March 2021
+
+- Merge pull request 'Release 0.9.0' (#179) from dev into main [`95135dd`](https://git.odit.services/lfk/backend/commit/95135ddc893dcf64be67b47b0ef2b0d9041253bd)
+- Reenabled user tests [`4c66650`](https://git.odit.services/lfk/backend/commit/4c6665062fe6717242e43b58e66c1f1d030c018d)
+- Moved to tmp files to better check for other problems [`7a64f23`](https://git.odit.services/lfk/backend/commit/7a64f2393783f97a9729356bc1dfd831927dd312)
+- Added user creation invalid tests [`888cab5`](https://git.odit.services/lfk/backend/commit/888cab5898caf9e552c421346934bf90f717a653)
+- Updated auth test to comply with the new pw requirements [`63f6526`](https://git.odit.services/lfk/backend/commit/63f6526e4f59621edbf1fad59fc569b4bd6acbf2)
+- Added user deletion tests [`e6a8ebc`](https://git.odit.services/lfk/backend/commit/e6a8ebcb5b4f430254da4afe159141b21d8da0ed)
+- Added user creation valid tests [`383a809`](https://git.odit.services/lfk/backend/commit/383a8095b8286d51fb2fb24ae2fd0156230e56ab)
+- 📖New license file version [CI SKIP] [skip ci] [`bd7b81e`](https://git.odit.services/lfk/backend/commit/bd7b81efe795c02512c87f3b5dd5eec796580144)
+- Added password errors [`24c38cc`](https://git.odit.services/lfk/backend/commit/24c38cce26da41ccf375e1ccf04afa1868aad8df)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`274a146`](https://git.odit.services/lfk/backend/commit/274a146b9bccfe5e1a879ca137ebb4f51eaa5d57)
+- Fixed test params [`070560e`](https://git.odit.services/lfk/backend/commit/070560e8632e833dd26505c02ccb2474462b63ac)
+- No longer using createuser in seeding process [`96ba25e`](https://git.odit.services/lfk/backend/commit/96ba25ec6c6c397cd2aa322afa79024395f658fe)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a7fe1e1`](https://git.odit.services/lfk/backend/commit/a7fe1e175918edd7a98983ece570b47075e85e9a)
+- 🚀Bumped version to v0.8.0 [`c23b4d9`](https://git.odit.services/lfk/backend/commit/c23b4d907f20ed7af37a6de6ea4c61433e30b29b)
+- 🚀Bumped version to v0.9.0 [`56a5f41`](https://git.odit.services/lfk/backend/commit/56a5f4168621263daeab5d2fda97b944cdc6ab31)
+- Merge pull request 'Password security feature/99-password_checks' (#177) from feature/99-password_checks into dev [`5a3fc5b`](https://git.odit.services/lfk/backend/commit/5a3fc5b2bd06b3e26177d017d3503f4f627be3f2)
+- Added pw errors to user controller [`b24e24f`](https://git.odit.services/lfk/backend/commit/b24e24ff7dd75d972cdab0fd1e2fe6c532ca2b2f)
+- Now checking password rules on user creation [`5daaa3a`](https://git.odit.services/lfk/backend/commit/5daaa3a73c4eca2817d67e226679d125928a3645)
+- Now checking password rules on user update [`48a87e8`](https://git.odit.services/lfk/backend/commit/48a87e8936e13c48f4baa3f4b10f781ad2f55a44)
+- Fixed pw not getting hashed currectly; [`cb3ea9b`](https://git.odit.services/lfk/backend/commit/cb3ea9b1ebb82c650abd83d4be8629cfe29a5b21)
+- Added pw errors to me controller [`9ce35d8`](https://git.odit.services/lfk/backend/commit/9ce35d8eb78a01f40af8c70e640eca3bcb142304)
+- Now forceing user deletion in tests [`8154e71`](https://git.odit.services/lfk/backend/commit/8154e715bbf18938bd5d1031656a88d39231fa81)
+- Added password checker dependency [`bd00f4f`](https://git.odit.services/lfk/backend/commit/bd00f4f8d585fb6878874810f7de0b8b9f3950d5)
+- Fixed empty object getting called [`5369000`](https://git.odit.services/lfk/backend/commit/536900091afd7366128f21058490d0d4f15c6c89)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`03d76e6`](https://git.odit.services/lfk/backend/commit/03d76e6d0bc5b4655f7f441232681c9462815526)
+- Formatting [`b8c28eb`](https://git.odit.services/lfk/backend/commit/b8c28ebb0808395218b5fb9031f477ae1d48e65e)
+
+#### [v0.8.0](https://git.odit.services/lfk/backend/compare/v0.7.1...v0.8.0)
+
+> 26 March 2021
+
+- Merge pull request 'Release 0.8.0' (#176) from dev into main [`3f8e8ce`](https://git.odit.services/lfk/backend/commit/3f8e8ce3a66a943801c0c8e17885e71feeee744f)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`c9bd6de`](https://git.odit.services/lfk/backend/commit/c9bd6de4762fec04e1e02cd3b667838d05ef39a7)
+- Merge pull request 'Selfservice deletion feature/174-selfservice_deletion' (#175) from feature/174-selfservice_deletion into dev [`e702118`](https://git.odit.services/lfk/backend/commit/e702118d4d80e362e41bb88c74343d50530d1338)
+- Added tests for the new endpoint [`20aeed8`](https://git.odit.services/lfk/backend/commit/20aeed87780247dc6401bba725801fc1874e50b5)
+- Removed param from test [`97159dd`](https://git.odit.services/lfk/backend/commit/97159dd9f81aed080c174a3eb8da9e66dfea9b10)
+- Added selfservice deletion endpoint [`dcb12b0`](https://git.odit.services/lfk/backend/commit/dcb12b0ac289f8df148ba10ae6389727c16f53fd)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`88844e1`](https://git.odit.services/lfk/backend/commit/88844e1a44d87a7dc253bf9aedf2fb3f6cdd1cfe)
+- Fixed response bug [`ccb7ae2`](https://git.odit.services/lfk/backend/commit/ccb7ae29a39387c0f2762861565dc22996a2493a)
+- Updated old hint [`dd12583`](https://git.odit.services/lfk/backend/commit/dd1258333ef67243f8a8df97c176ec5a054a5e3b)
+
+#### [v0.7.1](https://git.odit.services/lfk/backend/compare/v0.7.0...v0.7.1)
+
+> 26 March 2021
+
+- Merge pull request 'Release 0.7.1' (#173) from dev into main [`e76a9ce`](https://git.odit.services/lfk/backend/commit/e76a9cef956b00de7bbb11b6d863d4f33e3d5a34)
+- Revert "Set timeout even higher b/c sqlite just kills itself during these tests" [`f159252`](https://git.odit.services/lfk/backend/commit/f159252651942e442026dbcaae09b242e05d8204)
+- Set timeout even higher b/c sqlite just kills itself during these tests [`6ab6099`](https://git.odit.services/lfk/backend/commit/6ab60998d4f716aded93bb3b5d15594fc5e0434a)
+- Adjusted jest timeout to mitigate sqlite from invalidateing all tests⏱ [`30d220b`](https://git.odit.services/lfk/backend/commit/30d220bc36a28f224406e49ed27ff3f6b4f409e9)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`963253c`](https://git.odit.services/lfk/backend/commit/963253cbc84ed07af13ed0925952ec1b7dcc53ad)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3ef3a94`](https://git.odit.services/lfk/backend/commit/3ef3a94b20c1abf6fd2f19472e5f448b4c72bd7f)
+- 🚀Bumped version to v0.7.1 [`135852e`](https://git.odit.services/lfk/backend/commit/135852eb9a91010a4ab972ba9efc7b71dfe4d68f)
+- Merge pull request 'RESPONSERUNNERCARD fix bugfix/171-responserunnercards' (#172) from bugfix/171-responserunnercards into dev [`539a650`](https://git.odit.services/lfk/backend/commit/539a6509b17cfd373eef8e443eaa7d41168ac7a9)
+- Now resolveing runnercards [`24aff3b`](https://git.odit.services/lfk/backend/commit/24aff3bac458a9886ca40163484bc72733dc766a)
+- Tests now keep the group [`f3d73d5`](https://git.odit.services/lfk/backend/commit/f3d73d53467a4d00011d280c24e1e12fbb8e443d)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`ce63043`](https://git.odit.services/lfk/backend/commit/ce63043887769e1f92a8c064d6647e0deb81b7fa)
+
+#### [v0.7.0](https://git.odit.services/lfk/backend/compare/v0.6.4...v0.7.0)
+
+> 23 March 2021
+
+- Merge pull request 'Release 0.7.0' (#170) from dev into main [`e40017a`](https://git.odit.services/lfk/backend/commit/e40017a6b88d83d5bfc57ff4603abeaca7a9a37b)
+- Added bulk card creation tests [`438ff0f`](https://git.odit.services/lfk/backend/commit/438ff0fc3f246f83b1fa04cb11828f4a61dfcd1e)
+- Added new "bulk" endpoint [`c1bbda5`](https://git.odit.services/lfk/backend/commit/c1bbda51f067cbd9ac1a9a5378ae3f5d7b9f4eca)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`7a49e7c`](https://git.odit.services/lfk/backend/commit/7a49e7c5c98eb23af1cd0d2084914641e9a1bf90)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`e843a46`](https://git.odit.services/lfk/backend/commit/e843a464e747c0d41280484cb54495cb2de2a9e8)
+- 🚀Bumped version to v0.7.0 [`d0ae50d`](https://git.odit.services/lfk/backend/commit/d0ae50d5579e969ad33d6b9cfd66dac7fa472223)
+- Merge pull request 'Bulk card creation feature/168-runnercards_bulk' (#169) from feature/168-runnercards_bulk into dev [`1dd6420`](https://git.odit.services/lfk/backend/commit/1dd64204cc63fb1a8a4a4aa503c21da42945eafd)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`4705a39`](https://git.odit.services/lfk/backend/commit/4705a39aabaad894d332a5062df03840c23c6bfa)
+
+#### [v0.6.4](https://git.odit.services/lfk/backend/compare/v0.6.3...v0.6.4)
+
+> 19 March 2021
+
+- Merge pull request 'Release 0.6.4' (#167) from dev into main [`4d721f6`](https://git.odit.services/lfk/backend/commit/4d721f62d9a5f6a1361ef2811a3a2ff63011b2ad)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`b0328ff`](https://git.odit.services/lfk/backend/commit/b0328ffdaffc8ef2e6e01e808c29748f58f42cac)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`cc6568c`](https://git.odit.services/lfk/backend/commit/cc6568c3810fed3ff2597df0db73a6ca9e072413)
+- 🚀Bumped version to v0.6.4 [`031cede`](https://git.odit.services/lfk/backend/commit/031cede5426742dc3c2b9dc6b049951d7c14871c)
+- Adjsuted endpoint [`3c69f8c`](https://git.odit.services/lfk/backend/commit/3c69f8c4a824e588977b06dbb45119cccb03c6bc)
+
+#### [v0.6.3](https://git.odit.services/lfk/backend/compare/v0.6.2...v0.6.3)
+
+> 18 March 2021
+
+- Merge pull request 'Release 0.6.3' (#165) from dev into main [`a3a1395`](https://git.odit.services/lfk/backend/commit/a3a1395a46d7970cff1b8cc2e84306a97791ed88)
+- The basic bugfix 🐞 [`fbdadbe`](https://git.odit.services/lfk/backend/commit/fbdadbef1f9eb835e1914e8d3770cca836b4c443)
+- The basic bugfix 🐞 [`c87c97c`](https://git.odit.services/lfk/backend/commit/c87c97c90f5e1229f92671b1f2ebe1fa0d2307cd)
+- Updated tests 🧪 [`f347b7a`](https://git.odit.services/lfk/backend/commit/f347b7ad4982ed3760117c08e11dca5c3f72d495)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`3f9a704`](https://git.odit.services/lfk/backend/commit/3f9a7049e31a6948125a07e847233b804f27ba31)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`b08acc6`](https://git.odit.services/lfk/backend/commit/b08acc666035ed766cc6ccfa9a410a54db4d7321)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a6bca59`](https://git.odit.services/lfk/backend/commit/a6bca59ffe06a37f03af21500c442cebeaa74c7e)
+- 🚀Bumped version to v0.6.3 [`7a303c2`](https://git.odit.services/lfk/backend/commit/7a303c2b2c267d6dd566b1470649e65bc1c1b2ee)
+- Merge pull request 'TrackScan Update bug 🐞bugfix/163-trackscan_updates' (#164) from bugfix/163-trackscan_updates into dev [`6249419`](https://git.odit.services/lfk/backend/commit/6249419fae22e0203c046c1a3cd82c07f94f510c)
+
+#### [v0.6.2](https://git.odit.services/lfk/backend/compare/v0.6.1...v0.6.2)
+
+> 17 March 2021
+
+- Merge pull request 'Release 0.6.2' (#162) from dev into main [`732a1b8`](https://git.odit.services/lfk/backend/commit/732a1b88d916720ea82cd4b192fc696640ade2aa)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`fcb43f9`](https://git.odit.services/lfk/backend/commit/fcb43f92b0b7a8fa2ed3772357c3eab8e6564eef)
+- Fixed trackscan vaildation [`a8ea4fa`](https://git.odit.services/lfk/backend/commit/a8ea4fa659732ca2c922fc3c75d2238be2feb5c7)
+- Added comments✏ [`289f9e2`](https://git.odit.services/lfk/backend/commit/289f9e219692789f86c631f52c67b578216acb48)
+- Added comments✏ [`937a9fa`](https://git.odit.services/lfk/backend/commit/937a9fad4d8914b83fc6300f776c0720b756a9f4)
+- Removed duplicate openapi declarations 🗑 [`c8882ae`](https://git.odit.services/lfk/backend/commit/c8882ae6a18188a9c98a237dd594548ebac6f460)
+- Now defining security per endpoint 🔐 [`d709ee7`](https://git.odit.services/lfk/backend/commit/d709ee74795b785599cda50b4351bd566a0b8573)
+- Changed the method of getting a parameter from the headers🛠 [`1d38d30`](https://git.odit.services/lfk/backend/commit/1d38d308ad8ae00d67c2b807b584da4f00bd9a58)
+- Now auto-etting the station token🔥🔥🔥 [`aae042c`](https://git.odit.services/lfk/backend/commit/aae042c041e325626b89b146d005e900bd880453)
+- Marked station as optional (quality of life improvements incoming) [`1f32ed0`](https://git.odit.services/lfk/backend/commit/1f32ed0727cb1117e5d201b5530b2f2d7f0323d8)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`4c960fe`](https://git.odit.services/lfk/backend/commit/4c960feeb22f819d1c618ced73f5799a3c7e4f00)
+- Fixed missing renameing🛠 [`0ed7f78`](https://git.odit.services/lfk/backend/commit/0ed7f78b2c284909d47fa0533424c279adef0ba3)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`c1dd451`](https://git.odit.services/lfk/backend/commit/c1dd4518d128edd8b8e36981a513744471241a25)
+- 🚀Bumped version to v0.6.2 [`5ba8f1d`](https://git.odit.services/lfk/backend/commit/5ba8f1dd4451c1a1b38fdd36cf632c9e6efa829c)
+- Merge pull request 'Bugfixes for trackscans feature/160-responseTrackScan_total_distance' (#161) from feature/160-responseTrackScan_total_distance into dev [`3d3790c`](https://git.odit.services/lfk/backend/commit/3d3790c2eb6a92bb5b1d2c7e44c75aef4e1b015f)
+- Fixed wrong error type 👀👀 [`1fa3fa7`](https://git.odit.services/lfk/backend/commit/1fa3fa75ee447b9919585e02c7997e3f1de9c8a7)
+- Added missing discription [`673e896`](https://git.odit.services/lfk/backend/commit/673e896aa3dc853b301a2e560e785c464a449b6f)
+
+#### [v0.6.1](https://git.odit.services/lfk/backend/compare/v0.6.0...v0.6.1)
+
+> 17 March 2021
+
+#### [v0.6.0](https://git.odit.services/lfk/backend/compare/v0.5.0...v0.6.0)
+
+> 17 March 2021
+
+- Merge pull request 'Release v0.6.0' (#159) from dev into main [`bdc7bb6`](https://git.odit.services/lfk/backend/commit/bdc7bb67e7e21769d95a762c3b6dfbf82e7e38d0)
+- 📖New license file version [CI SKIP] [skip ci] [`5f5c8a0`](https://git.odit.services/lfk/backend/commit/5f5c8a061eb94361e4cd02e9a6469194a9092513)
+- As requested by @philpp [`2cb7ec7`](https://git.odit.services/lfk/backend/commit/2cb7ec7317d8a48364261506facb2c11c7cf895f)
+- Updated ci with new kubernetes secrets 🚀🚀🚀 [`5541ae6`](https://git.odit.services/lfk/backend/commit/5541ae6ebd7f36f4482ae752f358102a18b95de0)
+- Added selfservice forgott positive tests [`bf1ec97`](https://git.odit.services/lfk/backend/commit/bf1ec976e3732b6ac052a55a51ee2ee18a8b1d3d)
+- Added all "negative" tests [`d0a7e34`](https://git.odit.services/lfk/backend/commit/d0a7e34de8095fca282adefff01fa5f72e7cdba3)
+- Added mailer functions [`8376513`](https://git.odit.services/lfk/backend/commit/83765136ccacd82ba6a8f9fb43eed78191ee0aa5)
+- Added tests for the new endpoint [`757332e`](https://git.odit.services/lfk/backend/commit/757332ed2b3325d8730ef1b284ac6ba40356df93)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`e4ed20d`](https://git.odit.services/lfk/backend/commit/e4ed20da3e0a9e32a2e4664d50f316f9131564f0)
+- Added first selfservice forgotten test [`a95a9b4`](https://git.odit.services/lfk/backend/commit/a95a9b4ec4a3012a91f6f622cfb9f5bff3376344)
+- Created basic endpoint for user forgotten mails [`d709971`](https://git.odit.services/lfk/backend/commit/d7099717c2eee8aaf1b580345717cc5acc06dbd2)
+- Implemented the "real" errors [`e26b7d4`](https://git.odit.services/lfk/backend/commit/e26b7d4923777a3013368e29c122709de7e1d9da)
+- Runner controller now uses the Mailer functions [`a343747`](https://git.odit.services/lfk/backend/commit/a3437475caf6b435ae4bdf6d48aeb7da7d43b25f)
+- Added scanstation me endpoint [`c5178e0`](https://git.odit.services/lfk/backend/commit/c5178e01814cedaa4402773b10f24d186714c1d2)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`54988ba`](https://git.odit.services/lfk/backend/commit/54988ba0fe012ce87d44c9068f7546a9be73723c)
+- Added last reset requested timestamp to runners [`66d6023`](https://git.odit.services/lfk/backend/commit/66d6023335c7a9d1a145c4189b610940ef5a525a)
+- Scanauth return objects [`46b7ace`](https://git.odit.services/lfk/backend/commit/46b7aceb0b86b03688faf0ec6661e4c9fbc6115c)
+- Revert "Switched normal images to chached registry" [`ca6fa63`](https://git.odit.services/lfk/backend/commit/ca6fa633a156a265d8f643a5f23090b6ab32260d)
+- Switched normal images to chached registry [`cba4455`](https://git.odit.services/lfk/backend/commit/cba4455d53f9a39b6f9993c36b5abd281201dfa1)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a7958ee`](https://git.odit.services/lfk/backend/commit/a7958eecd65116ab937f640cbebcae1962cb86c8)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`076aa87`](https://git.odit.services/lfk/backend/commit/076aa87dba1d6fc544e76c16f99c64d37fc82ea0)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`486e450`](https://git.odit.services/lfk/backend/commit/486e450a58d3671dc867ae1a99d052d9fe814c1a)
+- Updated request timeout [`ffcd45e`](https://git.odit.services/lfk/backend/commit/ffcd45e5724fccdec9b1dbc48f1320525dcd7288)
+- Added testing env check [`3f37212`](https://git.odit.services/lfk/backend/commit/3f372123fd2e1fae467e9cb20985de1eeb9f6a57)
+- 🚀Bumped version to v0.6.1 [`ce3ca9f`](https://git.odit.services/lfk/backend/commit/ce3ca9f1c86a6fe72e4dd77e3a0d60bf1e1bf542)
+- 🚀Bumped version to v0.6.0 [`623b5a1`](https://git.odit.services/lfk/backend/commit/623b5a1873afa73a984251543995b7da1cfdb5c9)
+- Merge pull request 'Scanstation "me" endpoint feature/157-scanstation_me' (#158) from feature/157-scanstation_me into dev [`13e8399`](https://git.odit.services/lfk/backend/commit/13e839902c063057e902fdb52b403be081d1667e)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`a1a94ec`](https://git.odit.services/lfk/backend/commit/a1a94ec9dafecd9b4c453cc8cfe32c2e90acccf5)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`d5930f7`](https://git.odit.services/lfk/backend/commit/d5930f7c46f4fc8ed56b6eeec9f784d435fd3b2b)
+- Changed ci pipeline type to kubernetes [`6c43872`](https://git.odit.services/lfk/backend/commit/6c43872198c3dba44b3af3a7cfc7b628d5b304a3)
+- Mailer now ignores mailing erros when env is set to test [`6bb3ae8`](https://git.odit.services/lfk/backend/commit/6bb3ae8ba992bd6c4d5809d75a264c710999cdcf)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`bf71e35`](https://git.odit.services/lfk/backend/commit/bf71e35ecd333d888d63213d69b04fc681a9d0bd)
+- Adjusted tests for the new testing env [`9292027`](https://git.odit.services/lfk/backend/commit/92920273bec409563d1e38ea27f4d30f893598e8)
+- Applied Docker MTU fix 🛠 [`f7af777`](https://git.odit.services/lfk/backend/commit/f7af77710421d7aae5efb048e0622cd067fc20eb)
+- Updated description [`94001a4`](https://git.odit.services/lfk/backend/commit/94001a48f1b314e91ea5ec982e5585124f9541b6)
+- Now adding station id to headers of request for scan auth [`8ba7ee1`](https://git.odit.services/lfk/backend/commit/8ba7ee1d481e44e686489e237980b21aaaf6071c)
+- Merge pull request 'selfservice forgotten mails feature/154-selfservice_forgotten' (#155) from feature/154-selfservice_forgotten into dev [`cb6e78f`](https://git.odit.services/lfk/backend/commit/cb6e78fc176ec9efe94311b64286020b3c5bf633)
+- Changed endpoint url to avoid conflicts [`e5dab34`](https://git.odit.services/lfk/backend/commit/e5dab3469c3cef6298fc8deb1192a38f7d18406b)
+- Added console logging when a testing env get's discovered [`c01233b`](https://git.odit.services/lfk/backend/commit/c01233b4d663aefece26dbb86f8b6bcd5c916325)
+- Added not found error logic [`e7f0cb4`](https://git.odit.services/lfk/backend/commit/e7f0cb45c9ac3aa06e2a57786aa1cc51c9d66598)
+- Updated to new responsetype [`08957d4`](https://git.odit.services/lfk/backend/commit/08957d4dc2951cfeec56a54680c2ae4ef1525ab2)
+- Added readme description for testing env [`cedc175`](https://git.odit.services/lfk/backend/commit/cedc1750c21ad256c3337f293f06e894e2c2ef9f)
+- Renamed test [`1d762f5`](https://git.odit.services/lfk/backend/commit/1d762f56628eff47f4e1a910c7152bd0158283bd)
+
 #### [v0.5.0](https://git.odit.services/lfk/backend/compare/v0.4.6...v0.5.0)
 
+> 4 March 2021
+
+- Merge pull request 'Alpha Release 0.5.0' (#153) from dev into main [`64da0ea`](https://git.odit.services/lfk/backend/commit/64da0eadb313f3bd3ae20a66bcaf4401528008d9)
 - Removed mail templates [`c2fdfee`](https://git.odit.services/lfk/backend/commit/c2fdfeed4f5fc454b02bc4b198965889c173bbaa)
 - Removed mail config [`0342757`](https://git.odit.services/lfk/backend/commit/0342757d929b12635c88e74f17495df656865b1a)
 - Added selfservice scan response class [`6074ac5`](https://git.odit.services/lfk/backend/commit/6074ac5b3a8e43fd98394c1fb70c6e1dea8fcd5e)
 - Removed old mailer code [`0fcc729`](https://git.odit.services/lfk/backend/commit/0fcc729b56430f0fdb56242857aa1d883d5a4866)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`5272829`](https://git.odit.services/lfk/backend/commit/52728290b477d3f90ee7c14e0d438c4c74415322)
 - Added the new mailer code [`1551a44`](https://git.odit.services/lfk/backend/commit/1551a444babc025cde6e894c66d2be2c84ab26da)
 - Removed (now useless) mail controller [`485c247`](https://git.odit.services/lfk/backend/commit/485c247cd3305c4c4422d5582b1d61cc7af84989)
 - Trackscans now have a laptime that get's calculated on creation [`aa83373`](https://git.odit.services/lfk/backend/commit/aa833736d32993b1656abeeb02a4f8b021ec6252)
@@ -23,11 +609,11 @@ All notable changes to this project will be documented in this file. Dates are d
 - Updated auth reset test for new mailer [`ae7d617`](https://git.odit.services/lfk/backend/commit/ae7d6176902699f82ea127194908ee360233e7b4)
 - Added scans returns 200 test [`82c65b6`](https://git.odit.services/lfk/backend/commit/82c65b632cdf44165b083494702b836c74e46a41)
 - 🚀Bumped version to v0.4.7 [`f1d85cf`](https://git.odit.services/lfk/backend/commit/f1d85cfb855c2aae581ade69751b3969ce38f020)
+- Now generateing bs mailer config in test env [`bf6b701`](https://git.odit.services/lfk/backend/commit/bf6b70106eb735d9ad6f6ad89f09194680af5ae1)
 - Added new mailer settings to config [`ddea02d`](https://git.odit.services/lfk/backend/commit/ddea02db574cc348685558f3fa3ecc84adbd6b65)
-- 🧾New changelog file version [CI SKIP] [skip ci] [`be397c8`](https://git.odit.services/lfk/backend/commit/be397c8899d5b4406c17e8f9951555c54f852901)
 - 🚀Bumped version to v0.5.0 [`3f2a2d2`](https://git.odit.services/lfk/backend/commit/3f2a2d292979c7f8162d92465b60b220f2634e7a)
 - Merge pull request 'Features for the new selfservice feature/151-selfservice_scans_mails' (#152) from feature/151-selfservice_scans_mails into dev [`15356c1`](https://git.odit.services/lfk/backend/commit/15356c1030988d03e3739f3ffe770669789759f2)
-- Now generateing bs mailer config in test env [`bf6b701`](https://git.odit.services/lfk/backend/commit/bf6b70106eb735d9ad6f6ad89f09194680af5ae1)
+- 🧾New changelog file version [CI SKIP] [skip ci] [`be397c8`](https://git.odit.services/lfk/backend/commit/be397c8899d5b4406c17e8f9951555c54f852901)
 - Promoted axios to dependency [`a9e06c9`](https://git.odit.services/lfk/backend/commit/a9e06c905537b6da24706389e304e825a33a28ad)
 - Removed nodemailer from backend [`5833f42`](https://git.odit.services/lfk/backend/commit/5833f4218f9a4c97b69021814df92470a1816917)
 - Added another resonse type [`030b225`](https://git.odit.services/lfk/backend/commit/030b2255d42aab21d8974fc3a7235285934d53b7)

Dockerfile

@@ -1,16 +1,23 @@
 # Typescript Build
-FROM node:14.15.1-alpine3.12
+FROM registry.odit.services/hub/library/node:21.1.0-alpine3.18 AS build
+ARG NPM_REGISTRY_URL=https://registry.npmjs.org
 WORKDIR /app
+
 COPY package.json ./
-RUN npm i -g pnpm
-RUN pnpm i
+RUN npm config set registry $NPM_REGISTRY_URL && npm i -g pnpm@8
+RUN mkdir /pnpm && pnpm config set store-dir /pnpm && pnpm i
+
 COPY tsconfig.json ormconfig.js ./
 COPY src ./src
-RUN pnpm run build
+RUN pnpm run build \
+    && rm -rf /app/node_modules \
+    && pnpm i --production --prefer-offline
+
 # final image
-FROM node:14.15.1-alpine3.12
-COPY package.json ormconfig.js ./
-RUN npm i -g pnpm
-RUN pnpm i --prod
-COPY --from=0 /app/dist dist
-ENTRYPOINT ["node", "dist/app.js"]
+FROM registry.odit.services/hub/library/node:21.1.0-alpine3.18 AS final
+WORKDIR /app
+COPY --from=build /app/package.json /app/package.json
+COPY --from=build /app/ormconfig.js /app/ormconfig.js
+COPY --from=build /app/dist /app/dist
+COPY --from=build /app/node_modules /app/node_modules
+ENTRYPOINT ["node", "/app/dist/app.js"]

README.md

@@ -15,59 +15,53 @@ Backend Server
 
 1. Rename the .env.example file to .env (you can adjust app port and other settings, if needed)
 2. Install Dependencies
-   ```bash
-   yarn
-   ```
+```bash
+pnpm i
+```
 3. Start the server
-   ```bash
-   yarn dev
-   ```
+```bash
+pnpm dev
+```
 
 ### Run Tests
 ```bash
 # Run tests once (server has to run)
-yarn test
+pnpm test
 
 # Run test in watch mode (reruns on change)
-yarn test:watch
+pnpm test:watch
 
 # Run test in ci mode (automaticly starts the dev server)
-yarn test:ci
+pnpm test:ci
 ```
 
-### Use your own mail templates
-> You use your own mail templates by replacing the default ones we provided (either in-code or by mounting them into the /app/static/mail_templates folder).
-
-The mail templates always come in a .html and a .txt variant to provide compatability with legacy mail clients.
-Currently the following templates exist:
-* pw-reset.(html/txt)
-
 ### Generate Docs
 ```bash
-yarn docs
+pnpm docs
 ```
 
 ## ENV Vars
 > You can provide them via .env file or docker env vars.
 > You can use the `test:ci:generate_env` package script to generate a example env (uses bs data as test server and ignores the errors).
 
-| Name | Type | Default | Description
-| - | - | - | -
-| APP_PORT | Number | 4010 | The port the backend server listens on. Is optional.
-| DB_TYPE | String | N/A | The type of the db u want to use. It has to be supported by typeorm. Possible: `sqlite`, `mysql`, `postgresql`
-| DB_HOST | String | N/A | The db's host's ip-address/fqdn or file path for sqlite
-| DB_PORT | String | N/A | The db's port
-| DB_USER | String | N/A | The user for accessing the db
-| DB_PASSWORD | String | N/A | The user's password for accessing the db
-| DB_NAME | String | N/A | The db's name
-| NODE_ENV | String | dev | The apps env - influences debug info.
-| POSTALCODE_COUNTRYCODE | String/CountryCode | N/A | The countrycode used to validate address's postal codes
-| PHONE_COUNTRYCODE | String/CountryCode | null (international) | The countrycode used to validate phone numers
-| SEED_TEST_DATA | Boolean | False | If you want the app to seed some example data set this to true
-| MAILER_URL | String(Url) | N/A | The mailer's base url (no trailing slash)
-| MAILER_KEY | String | N/A | The mailer's api key.
-| IMPRINT_URL | String(Url) | /imprint | The link to a imprint page for the system (Defaults to the frontend's imprint)
-| PRIVACY_URL | String(Url) | /privacy | The link to a privacy page for the system (Defaults to the frontend's privacy page)
+| Name                   | Type               | Default              | Description                                                                                                    |
+| ---------------------- | ------------------ | -------------------- | -------------------------------------------------------------------------------------------------------------- |
+| APP_PORT               | Number             | 4010                 | The port the backend server listens on. Is optional.                                                           |
+| DB_TYPE                | String             | N/A                  | The type of the db u want to use. It has to be supported by typeorm. Possible: `sqlite`, `mysql`, `postgresql` |
+| DB_HOST                | String             | N/A                  | The db's host's ip-address/fqdn or file path for sqlite                                                        |
+| DB_PORT                | String             | N/A                  | The db's port                                                                                                  |
+| DB_USER                | String             | N/A                  | The user for accessing the db                                                                                  |
+| DB_PASSWORD            | String             | N/A                  | The user's password for accessing the db                                                                       |
+| DB_NAME                | String             | N/A                  | The db's name                                                                                                  |
+| NODE_ENV               | String             | dev                  | The apps env - influences debug info. Also when the env is set to "test", mailing errors get ignored.          |
+| POSTALCODE_COUNTRYCODE | String/CountryCode | N/A                  | The countrycode used to validate address's postal codes                                                        |
+| PHONE_COUNTRYCODE      | String/CountryCode | null (international) | The countrycode used to validate phone numers                                                                  |
+| SEED_TEST_DATA         | Boolean            | False                | If you want the app to seed some example data set this to true                                                 |
+| MAILER_URL             | String(Url)        | N/A                  | The mailer's base url (no trailing slash)                                                                      |
+| MAILER_KEY             | String             | N/A                  | The mailer's api key.                                                                                          |
+| SELFSERVICE_URL        | String(Url)        | N/A                  | The link to selfservice (no trailing slash)                                                                    |
+| IMPRINT_URL            | String(Url)        | /imprint             | The link to a imprint page for the system (Defaults to the frontend's imprint)                                 |
+| PRIVACY_URL            | String(Url)        | /privacy             | The link to a privacy page for the system (Defaults to the frontend's privacy page)                            |
 
 
 ## Recommended Editor
@@ -85,10 +79,10 @@ yarn docs
    * A new release tag automaticly triggers the release ci pipeline
 * main: Protected "release" branch
    * The latest tag of the docker image get's build from this
-   * New releases get created as tags from this   
 * dev: Current dev branch for merging the different feature branches and bugfixes
+   * New releases get created as tags from this   
    * The dev tag of the docker image get's build from this
    * Only push minor changes to this branch!
    * To merge a feature branch into this please create a pull request
-* feature/xyz: Feature branches - nameing scheme: `feature/issueid-title`
-* bugfix/xyz: Branches for bugfixes - nameing scheme:`bugfix/issueid-title`
+* feature/xyz: Feature branches - naming scheme: `feature/issueid-title`
+* bugfix/xyz: Branches for bugfixes - naming scheme:`bugfix/issueid-title`

docker-compose.yml

@@ -11,8 +11,12 @@ services:
       DB_PORT: bla
       DB_USER: bla
       DB_PASSWORD: bla
-      DB_NAME: dev.sqlite
+      DB_NAME: ./db.sqlite
       NODE_ENV: production
+      POSTALCODE_COUNTRYCODE: DE
+      SEED_TEST_DATA: "false"
+      MAILER_URL: https://dev.lauf-fuer-kaya.de/mailer
+      MAILER_KEY: asdasd
       # APP_PORT: 4010
       # DB_TYPE: postgres
       # DB_HOST: backend_db

licenses.md

@@ -57,6 +57,33 @@ SOFTWARE.
 
  
 
+# axios
+**Author**: Matt Zabriskie
+**Repo**: [object Object]
+**License**: MIT
+**Description**: Promise based HTTP client for the browser and node.js
+## License Text
+Copyright (c) 2014-present Matt Zabriskie
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+ 
+
 # body-parser
 **Author**: undefined
 **Repo**: expressjs/body-parser
@@ -88,6 +115,35 @@ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  
 
+# check-password-strength
+**Author**: deanilvincent
+**Repo**: [object Object]
+**License**: MIT
+**Description**: A NPM Password strength checker based from Javascript RegExp. Check passphrase if it's "Weak", "Medium" or "Strong"
+## License Text
+MIT License
+
+Copyright (c) 2020 Mark Deanil Vicente
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+ 
+
 # class-transformer
 **Author**: [object Object]
 **Repo**: [object Object]
@@ -388,30 +444,25 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 **License**: MIT
 **Description**: A node.js driver for mysql. It is written in JavaScript, does not require compiling, and is 100% MIT licensed.
 ## License Text
- 
+Copyright (c) 2012 Felix Geisendörfer (felix@debuggable.com) and contributors
 
-# nodemailer
-**Author**: Andris Reinman
-**Repo**: [object Object]
-**License**: MIT
-**Description**: Easy as cake e-mail sending from your Node.js applications
-## License Text
-Copyright (c) 2011-2019 Andris Reinman
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
 
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ THE SOFTWARE.
  
 
 # pg
@@ -664,6 +715,75 @@ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  
 
+# @faker-js/faker
+**Author**: undefined
+**Repo**: [object Object]
+**License**: MIT
+**Description**: Generate massive amounts of fake contextual data
+## License Text
+Faker - Copyright (c) 2022
+
+This software consists of voluntary contributions made by many individuals.
+For exact contribution history, see the revision history
+available at https://github.com/faker-js/faker
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+===
+
+From: https://github.com/faker-js/faker/commit/a9f98046c7d5eeaabe12fc587024c06d683800b8
+To: https://github.com/faker-js/faker/commit/29234378807c4141588861f69421bf20b5ac635e
+
+Based on faker.js, copyright Marak Squires and contributor, what follows below is the original license.
+
+===
+
+faker.js - Copyright (c) 2020
+Marak Squires
+http://github.com/marak/faker.js/
+
+faker.js was inspired by and has used data definitions from:
+
+ * https://github.com/stympy/faker/ - Copyright (c) 2007-2010 Benjamin Curtis
+ * http://search.cpan.org/~jasonk/Data-Faker-0.07/ - Copyright 2004-2005 by Jason Kohles
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ 
+
 # @odit/license-exporter
 **Author**: ODIT.Services
 **Repo**: [object Object]
@@ -865,35 +985,6 @@ OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
     SOFTWARE
  
 
-# @types/nodemailer
-**Author**: undefined
-**Repo**: [object Object]
-**License**: MIT
-**Description**: TypeScript definitions for Nodemailer
-## License Text
-    MIT License
-
-    Copyright (c) Microsoft Corporation. All rights reserved.
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE
- 
-
 # @types/uuid
 **Author**: undefined
 **Repo**: [object Object]
@@ -923,13 +1014,15 @@ OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
     SOFTWARE
  
 
-# axios
-**Author**: Matt Zabriskie
+# auto-changelog
+**Author**: Pete Cook <pete@cookpete.com> (https://github.com/cookpete)
 **Repo**: [object Object]
 **License**: MIT
-**Description**: Promise based HTTP client for the browser and node.js
+**Description**: Command line tool for generating a changelog from git tags and commit history
 ## License Text
-Copyright (c) 2014-present Matt Zabriskie
+The MIT License
+
+Copyright (c) 2017 Pete Cook https://cookpete.com
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package.json

@@ -1,105 +1,117 @@
-{
-  "name": "@odit/lfk-backend",
-  "version": "0.5.0",
-  "main": "src/app.ts",
-  "repository": "https://git.odit.services/lfk/backend",
-  "author": {
-    "name": "ODIT.Services",
-    "email": "info@odit.services",
-    "url": "https://odit.services"
-  },
-  "contributors": [
-    {
-      "name": "Philipp Dormann",
-      "email": "philipp@philippdormann.de",
-      "url": "https://philippdormann.de"
-    },
-    {
-      "name": "Nicolai Ort",
-      "email": "info@nicolai-ort.com",
-      "url": "https://nicolai-ort.com"
-    }
-  ],
-  "license": "CC-BY-NC-SA-4.0",
-  "dependencies": {
-    "@odit/class-validator-jsonschema": "2.1.1",
-    "argon2": "^0.27.1",
-    "axios": "^0.21.1",
-    "body-parser": "^1.19.0",
-    "class-transformer": "0.3.1",
-    "class-validator": "^0.13.1",
-    "consola": "^2.15.0",
-    "cookie": "^0.4.1",
-    "cookie-parser": "^1.4.5",
-    "cors": "^2.8.5",
-    "csvtojson": "^2.0.10",
-    "dotenv": "^8.2.0",
-    "express": "^4.17.1",
-    "jsonwebtoken": "^8.5.1",
-    "libphonenumber-js": "^1.9.9",
-    "mysql": "^2.18.1",
-    "pg": "^8.5.1",
-    "reflect-metadata": "^0.1.13",
-    "routing-controllers": "0.9.0-alpha.6",
-    "routing-controllers-openapi": "^2.2.0",
-    "sqlite3": "5.0.0",
-    "typeorm": "^0.2.30",
-    "typeorm-routing-controllers-extensions": "^0.2.0",
-    "typeorm-seeding": "^1.6.1",
-    "uuid": "^8.3.2",
-    "validator": "^13.5.2"
-  },
-  "devDependencies": {
-    "@odit/license-exporter": "^0.0.9",
-    "@types/cors": "^2.8.9",
-    "@types/csvtojson": "^1.1.5",
-    "@types/express": "^4.17.11",
-    "@types/jest": "^26.0.20",
-    "@types/jsonwebtoken": "^8.5.0",
-    "@types/node": "^14.14.22",
-    "@types/uuid": "^8.3.0",
-    "cp-cli": "^2.0.0",
-    "jest": "^26.6.3",
-    "nodemon": "^2.0.7",
-    "release-it": "^14.2.2",
-    "rimraf": "^3.0.2",
-    "start-server-and-test": "^1.11.7",
-    "ts-jest": "^26.5.0",
-    "ts-node": "^9.1.1",
-    "typedoc": "^0.20.19",
-    "typescript": "^4.1.3"
-  },
-  "scripts": {
-    "dev": "nodemon src/app.ts",
-    "build": "rimraf ./dist && tsc && cp-cli ./src/static ./dist/static",
-    "docs": "typedoc --out docs src",
-    "test": "jest",
-    "test:watch": "jest --watchAll",
-    "test:ci:generate_env": "ts-node scripts/create_testenv.ts",
-    "test:ci:run": "start-server-and-test dev http://localhost:4010/api/docs/openapi.json test",
-    "test:ci": "npm run test:ci:generate_env && npm run test:ci:run",
-    "seed": "ts-node ./node_modules/typeorm/cli.js schema:sync && ts-node ./node_modules/typeorm-seeding/dist/cli.js seed",
-    "openapi:export": "ts-node scripts/openapi_export.ts",
-    "licenses:export": "license-exporter --markdown",
-    "release": "release-it --only-version"
-  },
-  "release-it": {
-    "git": {
-      "commit": true,
-      "requireCleanWorkingDir": false,
-      "commitMessage": "🚀Bumped version to v${version}",
-      "requireBranch": "dev",
-      "push": false,
-      "tag": false
-    },
-    "npm": {
-      "publish": false
-    }
-  },
-  "nodemonConfig": {
-    "ignore": [
-      "src/tests/*",
-      "docs/*"
-    ]
-  }
-}
+{
+  "name": "@odit/lfk-backend",
+  "version": "1.3.0",
+  "main": "src/app.ts",
+  "repository": "https://git.odit.services/lfk/backend",
+  "engines": {
+    "pnpm": "8"
+  },
+  "author": {
+    "name": "ODIT.Services",
+    "email": "info@odit.services",
+    "url": "https://odit.services"
+  },
+  "contributors": [
+    {
+      "name": "Philipp Dormann",
+      "email": "philipp@philippdormann.de",
+      "url": "https://philippdormann.de"
+    },
+    {
+      "name": "Nicolai Ort",
+      "email": "info@nicolai-ort.com",
+      "url": "https://nicolai-ort.com"
+    }
+  ],
+  "license": "CC-BY-NC-SA-4.0",
+  "dependencies": {
+    "@odit/class-validator-jsonschema": "2.1.1",
+    "argon2": "0.31.2",
+    "axios": "0.21.1",
+    "body-parser": "1.19.0",
+    "check-password-strength": "2.0.2",
+    "class-transformer": "0.3.1",
+    "class-validator": "0.13.0",
+    "consola": "2.15.0",
+    "cookie": "0.4.1",
+    "cookie-parser": "1.4.5",
+    "cors": "2.8.5",
+    "csvtojson": "2.0.10",
+    "dotenv": "8.2.0",
+    "express": "4.17.1",
+    "jsonwebtoken": "8.5.1",
+    "libphonenumber-js": "1.9.9",
+    "mysql": "2.18.1",
+    "pg": "8.5.1",
+    "reflect-metadata": "0.1.13",
+    "routing-controllers": "0.9.0-alpha.6",
+    "routing-controllers-openapi": "2.2.0",
+    "sqlite3": "5.1.6",
+    "typeorm": "0.2.30",
+    "typeorm-routing-controllers-extensions": "0.2.0",
+    "typeorm-seeding": "1.6.1",
+    "uuid": "8.3.2",
+    "validator": "13.5.2"
+  },
+  "devDependencies": {
+    "@faker-js/faker": "7.6.0",
+    "@odit/license-exporter": "0.0.9",
+    "@types/cors": "2.8.9",
+    "@types/csvtojson": "1.1.5",
+    "@types/express": "4.17.11",
+    "@types/jest": "26.0.20",
+    "@types/jsonwebtoken": "8.5.0",
+    "@types/node": "14.14.22",
+    "@types/uuid": "8.3.0",
+    "auto-changelog": "2.4.0",
+    "cp-cli": "2.0.0",
+    "jest": "26.6.3",
+    "nodemon": "2.0.7",
+    "release-it": "14.2.2",
+    "rimraf": "3.0.2",
+    "start-server-and-test": "1.11.7",
+    "ts-jest": "26.5.0",
+    "ts-node": "9.1.1",
+    "typedoc": "0.20.19",
+    "typescript": "4.1.3"
+  },
+  "scripts": {
+    "dev": "nodemon src/app.ts",
+    "build": "rimraf ./dist && tsc && cp-cli ./src/static ./dist/static",
+    "docs": "typedoc --out docs src",
+    "test": "jest",
+    "test:watch": "jest --watchAll",
+    "test:ci:generate_env": "ts-node scripts/create_testenv.ts",
+    "test:ci:run": "start-server-and-test dev http://localhost:4010/api/docs/openapi.json test",
+    "test:ci": "npm run test:ci:generate_env && npm run test:ci:run",
+    "seed": "ts-node ./node_modules/typeorm/cli.js schema:sync && ts-node ./node_modules/typeorm-seeding/dist/cli.js seed",
+    "openapi:export": "ts-node scripts/openapi_export.ts",
+    "licenses:export": "license-exporter --markdown",
+    "changelog:export": "auto-changelog --commit-limit false -p -u --hide-credit",
+    "release": "release-it --only-version"
+  },
+  "release-it": {
+    "git": {
+      "commit": true,
+      "requireCleanWorkingDir": false,
+      "commitMessage": "chore(release): v${version}",
+      "requireBranch": "dev",
+      "push": true,
+      "tag": true,
+      "tagName": "v${version}",
+      "tagAnnotation": "v${version}"
+    },
+    "npm": {
+      "publish": false
+    },
+    "hooks": {
+      "after:bump": "npm run changelog:export && npm run licenses:export && git add CHANGELOG.md && git add licenses.md"
+    }
+  },
+  "nodemonConfig": {
+    "ignore": [
+      "src/tests/*",
+      "docs/*"
+    ]
+  }
+}

scripts/create_testenv.ts

@@ -10,7 +10,7 @@ DB_PORT=bla
 DB_USER=bla
 DB_PASSWORD=bla
 DB_NAME=./test.sqlite
-NODE_ENV=dev
+NODE_ENV=test
 POSTALCODE_COUNTRYCODE=DE
 SEED_TEST_DATA=true
 MAILER_URL=https://dev.lauf-fuer-kaya.de/mailer

src/app.ts

@@ -20,6 +20,9 @@ const app = createExpressServer({
 
 async function main() {
   await loaders(app);
+  if (config.testing) {
+    consola.info("🛠[config]: Discovered testing env. Mailing errors will get ignored!")
+  }
   app.listen(config.internal_port, () => {
     consola.success(
       `⚡️[server]: Server is running at http://localhost:${config.internal_port}`

src/config.ts

@@ -6,6 +6,7 @@ configDotenv();
 export const config = {
     internal_port: parseInt(process.env.APP_PORT) || 4010,
     development: process.env.NODE_ENV === "production",
+    testing: process.env.NODE_ENV === "test",
     jwt_secret: process.env.JWT_SECRET || "secretjwtsecret",
     phone_validation_countrycode: getPhoneCodeLocale(),
     postalcode_validation_countrycode: getPostalCodeLocale(),

src/controllers/DonationController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { DonationIdsNotMatchingError, DonationNotFoundError } from '../errors/DonationErrors';
 import { DonorNotFoundError } from '../errors/DonorErrors';
 import { RunnerNotFoundError } from '../errors/RunnerErrors';
@@ -36,9 +36,16 @@ export class DonationController {
 	@ResponseSchema(ResponseDonation, { isArray: true })
 	@ResponseSchema(ResponseDistanceDonation, { isArray: true })
 	@OpenAPI({ description: 'Lists all donations (fixed or distance based) from all donors. <br> This includes the donations\'s runner\'s distance ran(if distance donation).' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseDonations: ResponseDonation[] = new Array<ResponseDonation>();
-		const donations = await this.donationRepository.find({ relations: ['runner', 'donor', 'runner.scans', 'runner.scans.track'] });
+		let donations: Array<Donation>;
+
+		if (page != undefined) {
+			donations = await this.donationRepository.find({ relations: ['runner', 'donor', 'runner.scans', 'runner.scans.track'], skip: page * page_size, take: page_size });
+		} else {
+			donations = await this.donationRepository.find({ relations: ['runner', 'donor', 'runner.scans', 'runner.scans.track'] });
+		}
+
 		donations.forEach(donation => {
 			responseDonations.push(donation.toResponse());
 		});

src/controllers/DonorController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { DonorHasDonationsError, DonorIdsNotMatchingError, DonorNotFoundError } from '../errors/DonorErrors';
 import { CreateDonor } from '../models/actions/create/CreateDonor';
 import { UpdateDonor } from '../models/actions/update/UpdateDonor';
@@ -25,9 +25,16 @@ export class DonorController {
 	@Authorized("DONOR:GET")
 	@ResponseSchema(ResponseDonor, { isArray: true })
 	@OpenAPI({ description: 'Lists all donor. <br> This includes the donor\'s current donation amount.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseDonors: ResponseDonor[] = new Array<ResponseDonor>();
-		const donors = await this.donorRepository.find({ relations: ['donations', 'donations.runner', 'donations.runner.scans', 'donations.runner.scans.track'] });
+		let donors: Array<Donor>;
+
+		if (page != undefined) {
+			donors = await this.donorRepository.find({ relations: ['donations', 'donations.runner', 'donations.runner.scans', 'donations.runner.scans.track'], skip: page * page_size, take: page_size });
+		} else {
+			donors = await this.donorRepository.find({ relations: ['donations', 'donations.runner', 'donations.runner.scans', 'donations.runner.scans.track'] });
+		}
+
 		donors.forEach(donor => {
 			responseDonors.push(new ResponseDonor(donor));
 		});

src/controllers/GroupContactController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnection, getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnection, getConnectionManager } from 'typeorm';
 import { GroupContactIdsNotMatchingError, GroupContactNotFoundError } from '../errors/GroupContactErrors';
 import { RunnerGroupNotFoundError } from '../errors/RunnerGroupErrors';
 import { CreateGroupContact } from '../models/actions/create/CreateGroupContact';
@@ -26,9 +26,16 @@ export class GroupContactController {
 	@Authorized("CONTACT:GET")
 	@ResponseSchema(ResponseGroupContact, { isArray: true })
 	@OpenAPI({ description: 'Lists all contacts. <br> This includes the contact\'s associated groups.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseContacts: ResponseGroupContact[] = new Array<ResponseGroupContact>();
-		const contacts = await this.contactRepository.find({ relations: ['groups', 'groups.parentGroup'] });
+		let contacts: Array<GroupContact>;
+
+		if (page != undefined) {
+			contacts = await this.contactRepository.find({ relations: ['groups', 'groups.parentGroup'], skip: page * page_size, take: page_size });
+		} else {
+			contacts = await this.contactRepository.find({ relations: ['groups', 'groups.parentGroup'] });
+		}
+
 		contacts.forEach(contact => {
 			responseContacts.push(contact.toResponse());
 		});

src/controllers/MeController.ts

@@ -1,7 +1,7 @@
 import { Body, CurrentUser, Delete, Get, JsonController, OnUndefined, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
 import { getConnectionManager, Repository } from 'typeorm';
-import { UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
 import { UpdateUser } from '../models/actions/update/UpdateUser';
 import { User } from '../models/entities/User';
 import { ResponseUser } from '../models/responses/ResponseUser';
@@ -32,7 +32,7 @@ export class MeController {
 		return new ResponseUser(user);
 	}
 
-	@Get('/')
+	@Get('/permissions')
 	@ResponseSchema(ResponseUserPermissions)
 	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
 	@OnUndefined(UserNotFoundError)
@@ -48,6 +48,10 @@ export class MeController {
 	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UserIdsNotMatchingError, { statusCode: 406 })
 	@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainUppercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainLowercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainNumberError, { statusCode: 406 })
+	@ResponseSchema(PasswordTooShortError, { statusCode: 406 })
 	@OpenAPI({ description: "Update the yourself. <br> You can't edit your own permissions or group memberships here - Please use the /api/users/:id enpoint instead. <br> Please remember that ids can't be changed." })
 	async put(@CurrentUser() currentUser: User, @Body({ validate: true }) updateUser: UpdateUser) {
 		let oldUser = await this.userRepository.findOne({ id: currentUser.id }, { relations: ['groups'] });

src/controllers/PermissionController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { PermissionIdsNotMatchingError, PermissionNeedsPrincipalError, PermissionNotFoundError } from '../errors/PermissionErrors';
 import { PrincipalNotFoundError } from '../errors/PrincipalErrors';
 import { CreatePermission } from '../models/actions/create/CreatePermission';
@@ -27,9 +27,16 @@ export class PermissionController {
     @Authorized("PERMISSION:GET")
     @ResponseSchema(ResponsePermission, { isArray: true })
     @OpenAPI({ description: 'Lists all permissions for all users and groups.' })
-    async getAll() {
+    async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
         let responsePermissions: ResponsePermission[] = new Array<ResponsePermission>();
-        const permissions = await this.permissionRepository.find({ relations: ['principal'] });
+        let permissions: Array<Permission>;
+
+        if (page != undefined) {
+            permissions = await this.permissionRepository.find({ relations: ['principal'], skip: page * page_size, take: page_size });
+        } else {
+            permissions = await this.permissionRepository.find({ relations: ['principal'] });
+        }
+
         permissions.forEach(permission => {
             responsePermissions.push(new ResponsePermission(permission));
         });

src/controllers/RunnerCardController.ts

@@ -1,106 +1,138 @@
-import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
-import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
-import { RunnerCardHasScansError, RunnerCardIdsNotMatchingError, RunnerCardNotFoundError } from '../errors/RunnerCardErrors';
-import { RunnerNotFoundError } from '../errors/RunnerErrors';
-import { CreateRunnerCard } from '../models/actions/create/CreateRunnerCard';
-import { UpdateRunnerCard } from '../models/actions/update/UpdateRunnerCard';
-import { RunnerCard } from '../models/entities/RunnerCard';
-import { ResponseEmpty } from '../models/responses/ResponseEmpty';
-import { ResponseRunnerCard } from '../models/responses/ResponseRunnerCard';
-import { ScanController } from './ScanController';
-
-@JsonController('/cards')
-@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
-export class RunnerCardController {
-	private cardRepository: Repository<RunnerCard>;
-
-	/**
-	 * Gets the repository of this controller's model/entity.
-	 */
-	constructor() {
-		this.cardRepository = getConnectionManager().get().getRepository(RunnerCard);
-	}
-
-	@Get()
-	@Authorized("CARD:GET")
-	@ResponseSchema(ResponseRunnerCard, { isArray: true })
-	@OpenAPI({ description: 'Lists all card.' })
-	async getAll() {
-		let responseCards: ResponseRunnerCard[] = new Array<ResponseRunnerCard>();
-		const cards = await this.cardRepository.find({ relations: ['runner'] });
-		cards.forEach(card => {
-			responseCards.push(new ResponseRunnerCard(card));
-		});
-		return responseCards;
-	}
-
-	@Get('/:id')
-	@Authorized("CARD:GET")
-	@ResponseSchema(ResponseRunnerCard)
-	@ResponseSchema(RunnerCardNotFoundError, { statusCode: 404 })
-	@OnUndefined(RunnerCardNotFoundError)
-	@OpenAPI({ description: "Lists all information about the card whose id got provided." })
-	async getOne(@Param('id') id: number) {
-		let card = await this.cardRepository.findOne({ id: id }, { relations: ['runner'] });
-		if (!card) { throw new RunnerCardNotFoundError(); }
-		return card.toResponse();
-	}
-
-	@Post()
-	@Authorized("CARD:CREATE")
-	@ResponseSchema(ResponseRunnerCard)
-	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: "Create a new card. <br> You can provide a associated runner by id but you don't have to." })
-	async post(@Body({ validate: true }) createCard: CreateRunnerCard) {
-		let card = await createCard.toEntity();
-		card = await this.cardRepository.save(card);
-		return (await this.cardRepository.findOne({ id: card.id }, { relations: ['runner'] })).toResponse();
-	}
-
-	@Put('/:id')
-	@Authorized("CARD:UPDATE")
-	@ResponseSchema(ResponseRunnerCard)
-	@ResponseSchema(RunnerCardNotFoundError, { statusCode: 404 })
-	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@ResponseSchema(RunnerCardIdsNotMatchingError, { statusCode: 406 })
-	@OpenAPI({ description: "Update the card whose id you provided. <br> Scans created via this card will still be associated with the old runner. <br> Please remember that ids can't be changed." })
-	async put(@Param('id') id: number, @Body({ validate: true }) card: UpdateRunnerCard) {
-		let oldCard = await this.cardRepository.findOne({ id: id });
-
-		if (!oldCard) {
-			throw new RunnerCardNotFoundError();
-		}
-
-		if (oldCard.id != card.id) {
-			throw new RunnerCardIdsNotMatchingError();
-		}
-
-		await this.cardRepository.save(await card.update(oldCard));
-		return (await this.cardRepository.findOne({ id: id }, { relations: ['runner'] })).toResponse();
-	}
-
-	@Delete('/:id')
-	@Authorized("CARD:DELETE")
-	@ResponseSchema(ResponseRunnerCard)
-	@ResponseSchema(ResponseEmpty, { statusCode: 204 })
-	@ResponseSchema(RunnerCardHasScansError, { statusCode: 406 })
-	@OnUndefined(204)
-	@OpenAPI({ description: "Delete the card whose id you provided. <br> If no card with this id exists it will just return 204(no content). <br> If the card still has scans associated you have to provide the force=true query param (warning: this deletes all scans associated with by this card - please disable it instead or just remove the runner association)." })
-	async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
-		let card = await this.cardRepository.findOne({ id: id });
-		if (!card) { return null; }
-
-		const cardScans = (await this.cardRepository.findOne({ id: id }, { relations: ["scans"] })).scans;
-		if (cardScans.length != 0 && !force) {
-			throw new RunnerCardHasScansError();
-		}
-		const scanController = new ScanController;
-		for (let scan of cardScans) {
-			await scanController.remove(scan.id, force);
-		}
-
-		await this.cardRepository.delete(card);
-		return card.toResponse();
-	}
+import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
+import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
+import { Repository, getConnectionManager } from 'typeorm';
+import { RunnerCardHasScansError, RunnerCardIdsNotMatchingError, RunnerCardNotFoundError } from '../errors/RunnerCardErrors';
+import { RunnerNotFoundError } from '../errors/RunnerErrors';
+import { CreateRunnerCard } from '../models/actions/create/CreateRunnerCard';
+import { UpdateRunnerCard } from '../models/actions/update/UpdateRunnerCard';
+import { RunnerCard } from '../models/entities/RunnerCard';
+import { ResponseEmpty } from '../models/responses/ResponseEmpty';
+import { ResponseRunnerCard } from '../models/responses/ResponseRunnerCard';
+import { ScanController } from './ScanController';
+
+@JsonController('/cards')
+@OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
+export class RunnerCardController {
+	private cardRepository: Repository<RunnerCard>;
+
+	/**
+	 * Gets the repository of this controller's model/entity.
+	 */
+	constructor() {
+		this.cardRepository = getConnectionManager().get().getRepository(RunnerCard);
+	}
+
+	@Get()
+	@Authorized("CARD:GET")
+	@ResponseSchema(ResponseRunnerCard, { isArray: true })
+	@OpenAPI({ description: 'Lists all card.' })
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
+		let responseCards: ResponseRunnerCard[] = new Array<ResponseRunnerCard>();
+		let cards: Array<RunnerCard>;
+
+		if (page != undefined) {
+			cards = await this.cardRepository.find({ relations: ['runner', 'runner.group', 'runner.group.parentGroup'], skip: page * page_size, take: page_size });
+		} else {
+			cards = await this.cardRepository.find({ relations: ['runner', 'runner.group', 'runner.group.parentGroup'] });
+		}
+
+		cards.forEach(card => {
+			responseCards.push(new ResponseRunnerCard(card));
+		});
+		return responseCards;
+	}
+
+	@Get('/:id')
+	@Authorized("CARD:GET")
+	@ResponseSchema(ResponseRunnerCard)
+	@ResponseSchema(RunnerCardNotFoundError, { statusCode: 404 })
+	@OnUndefined(RunnerCardNotFoundError)
+	@OpenAPI({ description: "Lists all information about the card whose id got provided." })
+	async getOne(@Param('id') id: number) {
+		let card = await this.cardRepository.findOne({ id: id }, { relations: ['runner', 'runner.group', 'runner.group.parentGroup'] });
+		if (!card) { throw new RunnerCardNotFoundError(); }
+		return card.toResponse();
+	}
+
+	@Post('/bulk')
+	@Authorized("CARD:CREATE")
+	@ResponseSchema(ResponseEmpty, { statusCode: 200 })
+	@OpenAPI({ description: "Create blank cards in bulk. <br> Just provide the count as a query param and wait for the 200 response. <br> You can provide the 'returnCards' query param if you want to receive the RESPONSERUNNERCARD objects in the response." })
+	async postBlancoBulk(@QueryParam("count") count: number, @QueryParam("returnCards") returnCards: boolean = false) {
+		let createPromises = new Array<any>();
+		for (let index = 0; index < count; index++) {
+			createPromises.push(this.cardRepository.save({ runner: null, enabled: true }))
+		}
+
+		const cards = await Promise.all(createPromises);
+
+		if (returnCards) {
+			let responseCards: ResponseRunnerCard[] = new Array<ResponseRunnerCard>();
+			for await (let card of cards) {
+				let dbCard = await this.cardRepository.findOne({ id: card.id });
+				responseCards.push(new ResponseRunnerCard(dbCard));
+			}
+			return responseCards;
+		}
+		let response = new ResponseEmpty();
+		response.response = `Created ${count} new blanco cards.`
+		return response;
+	}
+
+	@Post()
+	@Authorized("CARD:CREATE")
+	@ResponseSchema(ResponseRunnerCard)
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OpenAPI({ description: "Create a new card. <br> You can provide a associated runner by id but you don't have to." })
+	async post(@Body({ validate: true }) createCard: CreateRunnerCard) {
+		let card = await createCard.toEntity();
+		card = await this.cardRepository.save(card);
+		return (await this.cardRepository.findOne({ id: card.id }, { relations: ['runner', 'runner.group', 'runner.group.parentGroup'] })).toResponse();
+	}
+
+	@Put('/:id')
+	@Authorized("CARD:UPDATE")
+	@ResponseSchema(ResponseRunnerCard)
+	@ResponseSchema(RunnerCardNotFoundError, { statusCode: 404 })
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@ResponseSchema(RunnerCardIdsNotMatchingError, { statusCode: 406 })
+	@OpenAPI({ description: "Update the card whose id you provided. <br> Scans created via this card will still be associated with the old runner. <br> Please remember that ids can't be changed." })
+	async put(@Param('id') id: number, @Body({ validate: true }) card: UpdateRunnerCard) {
+		let oldCard = await this.cardRepository.findOne({ id: id });
+
+		if (!oldCard) {
+			throw new RunnerCardNotFoundError();
+		}
+
+		if (oldCard.id != card.id) {
+			throw new RunnerCardIdsNotMatchingError();
+		}
+
+		await this.cardRepository.save(await card.update(oldCard));
+		return (await this.cardRepository.findOne({ id: id }, { relations: ['runner', 'runner.group', 'runner.group.parentGroup'] })).toResponse();
+	}
+
+	@Delete('/:id')
+	@Authorized("CARD:DELETE")
+	@ResponseSchema(ResponseRunnerCard)
+	@ResponseSchema(ResponseEmpty, { statusCode: 204 })
+	@ResponseSchema(RunnerCardHasScansError, { statusCode: 406 })
+	@OnUndefined(204)
+	@OpenAPI({ description: "Delete the card whose id you provided. <br> If no card with this id exists it will just return 204(no content). <br> If the card still has scans associated you have to provide the force=true query param (warning: this deletes all scans associated with by this card - please disable it instead or just remove the runner association)." })
+	async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
+		let card = await this.cardRepository.findOne({ id: id });
+		if (!card) { return null; }
+
+		const cardScans = (await this.cardRepository.findOne({ id: id }, { relations: ["scans"] })).scans;
+		if (cardScans.length != 0 && !force) {
+			throw new RunnerCardHasScansError();
+		}
+		const scanController = new ScanController;
+		for (let scan of cardScans) {
+			await scanController.remove(scan.id, force);
+		}
+
+		await this.cardRepository.delete(card);
+		return card.toResponse();
+	}
 }

src/controllers/RunnerController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { RunnerGroupNeededError, RunnerHasDistanceDonationsError, RunnerIdsNotMatchingError, RunnerNotFoundError } from '../errors/RunnerErrors';
 import { RunnerGroupNotFoundError } from '../errors/RunnerGroupErrors';
 import { CreateRunner } from '../models/actions/create/CreateRunner';
@@ -30,9 +30,16 @@ export class RunnerController {
 	@Authorized("RUNNER:GET")
 	@ResponseSchema(ResponseRunner, { isArray: true })
 	@OpenAPI({ description: 'Lists all runners from all teams/orgs. <br> This includes the runner\'s group and distance ran.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseRunners: ResponseRunner[] = new Array<ResponseRunner>();
-		const runners = await this.runnerRepository.find({ relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] });
+		let runners: Array<Runner>;
+
+		if (page != undefined) {
+			runners = await this.runnerRepository.find({ relations: ['scans', 'group', 'group.parentGroup', 'scans.track'], skip: page * page_size, take: page_size });
+		} else {
+			runners = await this.runnerRepository.find({ relations: ['scans', 'group', 'group.parentGroup', 'scans.track'] });
+		}
+
 		runners.forEach(runner => {
 			responseRunners.push(new ResponseRunner(runner));
 		});
@@ -125,7 +132,7 @@ export class RunnerController {
 	async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
 		let runner = await this.runnerRepository.findOne({ id: id });
 		if (!runner) { return null; }
-		const responseRunner = await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards'] });
+		const responseRunner = await this.runnerRepository.findOne(runner);
 
 		if (!runner) {
 			throw new RunnerNotFoundError();

src/controllers/RunnerOrganizationController.ts

@@ -1,6 +1,6 @@
-import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
+import { Authorized, BadRequestError, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { RunnerOrganizationHasRunnersError, RunnerOrganizationHasTeamsError, RunnerOrganizationIdsNotMatchingError, RunnerOrganizationNotFoundError } from '../errors/RunnerOrganizationErrors';
 import { CreateRunnerOrganization } from '../models/actions/create/CreateRunnerOrganization';
 import { UpdateRunnerOrganization } from '../models/actions/update/UpdateRunnerOrganization';
@@ -29,13 +29,20 @@ export class RunnerOrganizationController {
 	@Authorized("ORGANIZATION:GET")
 	@ResponseSchema(ResponseRunnerOrganization, { isArray: true })
 	@OpenAPI({ description: 'Lists all organizations. <br> This includes their address, contact and teams (if existing/associated).' })
-	async getAll() {
-		let responseTeams: ResponseRunnerOrganization[] = new Array<ResponseRunnerOrganization>();
-		const runners = await this.runnerOrganizationRepository.find({ relations: ['contact', 'teams'] });
-		runners.forEach(runner => {
-			responseTeams.push(new ResponseRunnerOrganization(runner));
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
+		let responseOrgs: ResponseRunnerOrganization[] = new Array<ResponseRunnerOrganization>();
+		let orgs: Array<RunnerOrganization>;
+
+		if (page != undefined) {
+			orgs = await this.runnerOrganizationRepository.find({ relations: ['contact', 'teams'], skip: page * page_size, take: page_size });
+		} else {
+			orgs = await this.runnerOrganizationRepository.find({ relations: ['contact', 'teams'] });
+		}
+
+		orgs.forEach(org => {
+			responseOrgs.push(new ResponseRunnerOrganization(org));
 		});
-		return responseTeams;
+		return responseOrgs;
 	}
 
 	@Get('/:id')
@@ -45,7 +52,7 @@ export class RunnerOrganizationController {
 	@OnUndefined(RunnerOrganizationNotFoundError)
 	@OpenAPI({ description: 'Lists all information about the organization whose id got provided.' })
 	async getOne(@Param('id') id: number) {
-		let runnerOrg = await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['contact', 'teams'] });
+		let runnerOrg = await this.runnerOrganizationRepository.findOne({ id: id }, { relations: ['contact', 'teams', 'teams.runners', 'teams.runners.scans', 'teams.runners.scans.track', 'runners', 'runners.scans', 'runners.scans.track'] });
 		if (!runnerOrg) { throw new RunnerOrganizationNotFoundError(); }
 		return new ResponseRunnerOrganization(runnerOrg);
 	}
@@ -114,6 +121,10 @@ export class RunnerOrganizationController {
 	@OnUndefined(204)
 	@OpenAPI({ description: 'Delete the organsisation whose id you provided. <br> If the organization still has runners and/or teams associated this will fail. <br> To delete the organization with all associated runners and teams set the force QueryParam to true (cascading deletion might take a while). <br> This won\'t delete the associated contact. <br> If no organization with this id exists it will just return 204(no content).' })
 	async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
+		if (id == 1) {
+			throw new BadRequestError("You can't delete the citizen runner org.");
+		}
+
 		let organization = await this.runnerOrganizationRepository.findOne({ id: id });
 		if (!organization) { return null; }
 		let runnerOrganization = await this.runnerOrganizationRepository.findOne(organization, { relations: ['contact', 'runners', 'teams'] });

src/controllers/RunnerSelfServiceController.ts

@@ -1,125 +1,244 @@
-import * as jwt from "jsonwebtoken";
-import { Body, Get, JsonController, OnUndefined, Param, Post } from 'routing-controllers';
-import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
-import { config } from '../config';
-import { InvalidCredentialsError, JwtNotProvidedError } from '../errors/AuthError';
-import { RunnerEmailNeededError, RunnerNotFoundError } from '../errors/RunnerErrors';
-import { RunnerOrganizationNotFoundError } from '../errors/RunnerOrganizationErrors';
-import { JwtCreator } from '../jwtcreator';
-import { CreateSelfServiceCitizenRunner } from '../models/actions/create/CreateSelfServiceCitizenRunner';
-import { CreateSelfServiceRunner } from '../models/actions/create/CreateSelfServiceRunner';
-import { Runner } from '../models/entities/Runner';
-import { RunnerGroup } from '../models/entities/RunnerGroup';
-import { RunnerOrganization } from '../models/entities/RunnerOrganization';
-import { ResponseSelfServiceOrganisation } from '../models/responses/ResponseSelfServiceOrganisation';
-import { ResponseSelfServiceRunner } from '../models/responses/ResponseSelfServiceRunner';
-import { ResponseSelfServiceScan } from '../models/responses/ResponseSelfServiceScan';
-
-
-@JsonController()
-export class RunnerSelfServiceController {
-	private runnerRepository: Repository<Runner>;
-	private orgRepository: Repository<RunnerOrganization>;
-
-	/**
-	 * Gets the repository of this controller's model/entity.
-	 */
-	constructor() {
-		this.runnerRepository = getConnectionManager().get().getRepository(Runner);
-		this.orgRepository = getConnectionManager().get().getRepository(RunnerOrganization);
-	}
-
-	@Get('/runners/me/:jwt')
-	@ResponseSchema(ResponseSelfServiceRunner)
-	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OnUndefined(RunnerNotFoundError)
-	@OpenAPI({ description: 'Lists all information about yourself. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please contact support.' })
-	async get(@Param('jwt') token: string) {
-		return (new ResponseSelfServiceRunner(await this.getRunner(token)));
-	}
-
-	@Get('/runners/me/:jwt/scans')
-	@ResponseSchema(ResponseSelfServiceScan, { isArray: true })
-	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OnUndefined(RunnerNotFoundError)
-	@OpenAPI({ description: 'Lists all your (runner) scans. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please contact support.' })
-	async getScans(@Param('jwt') token: string) {
-		const scans = (await this.getRunner(token)).scans;
-		let responseScans = new Array<ResponseSelfServiceScan>()
-		for (let scan of scans) {
-			responseScans.push(new ResponseSelfServiceScan(scan));
-		}
-		return responseScans;
-	}
-
-	@Post('/runners/register')
-	@ResponseSchema(ResponseSelfServiceRunner)
-	@ResponseSchema(RunnerEmailNeededError, { statusCode: 406 })
-	@OpenAPI({ description: 'Create a new selfservice runner in the citizen org. <br> This endpoint shoud be used to allow "everyday citizen" to register themselves. <br> You have to provide a mail address, b/c the future we\'ll implement email verification.' })
-	async registerRunner(@Body({ validate: true }) createRunner: CreateSelfServiceCitizenRunner) {
-		let runner = await createRunner.toEntity();
-
-		runner = await this.runnerRepository.save(runner);
-		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
-		response.token = JwtCreator.createSelfService(runner);
-		return response;
-	}
-
-	@Post('/runners/register/:token')
-	@ResponseSchema(ResponseSelfServiceRunner)
-	@ResponseSchema(RunnerOrganizationNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: 'Create a new selfservice runner in a provided org. <br> The orgs get provided and authorized via api tokens that can be optained via the /organizations endpoint.' })
-	async registerOrganizationRunner(@Param('token') token: string, @Body({ validate: true }) createRunner: CreateSelfServiceRunner) {
-		const org = await this.getOrgansisation(token);
-
-		let runner = await createRunner.toEntity(org);
-		runner = await this.runnerRepository.save(runner);
-
-		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
-		response.token = JwtCreator.createSelfService(runner);
-		return response;
-	}
-
-	@Get('/organizations/selfservice/:token')
-	@ResponseSchema(ResponseSelfServiceOrganisation, { isArray: false })
-	@ResponseSchema(RunnerOrganizationNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: 'Get the basic info and teams for a org.' })
-	async getSelfserviceOrg(@Param('token') token: string) {
-		const orgid = (await this.getOrgansisation(token)).id;
-		const org = await this.orgRepository.findOne({ id: orgid }, { relations: ['teams'] })
-
-		return new ResponseSelfServiceOrganisation(<RunnerOrganization>org);
-	}
-
-	/**
-	 * Get's a runner by a provided jwt token.
-	 * @param token The runner jwt provided by the runner to identitfy themselves.
-	 */
-	private async getRunner(token: string): Promise<Runner> {
-		if (token == "") { throw new JwtNotProvidedError(); }
-		let jwtPayload = undefined
-		try {
-			jwtPayload = <any>jwt.verify(token, config.jwt_secret);
-		} catch (error) {
-			throw new InvalidCredentialsError();
-		}
-
-		const runner = await this.runnerRepository.findOne({ id: jwtPayload["id"] }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] });
-		if (!runner) { throw new RunnerNotFoundError() }
-		return runner;
-	}
-
-	/**
-	 * Get's a runner org by a provided registration api key.
-	 * @param token The organization's registration api token.
-	 */
-	private async getOrgansisation(token: string): Promise<RunnerGroup> {
-		token = Buffer.from(token, 'base64').toString('utf8');
-
-		const organization = await this.orgRepository.findOne({ key: token });
-		if (!organization) { throw new RunnerOrganizationNotFoundError; }
-
-		return organization;
-	}
+import { Request } from "express";
+import * as jwt from "jsonwebtoken";
+import { BadRequestError, Body, Delete, Get, JsonController, OnUndefined, Param, Post, QueryParam, Req, UseBefore } from 'routing-controllers';
+import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
+import { getConnectionManager, Repository } from 'typeorm';
+import { config } from '../config';
+import { InvalidCredentialsError, JwtNotProvidedError } from '../errors/AuthError';
+import { MailSendingError } from '../errors/MailErrors';
+import { RunnerEmailNeededError, RunnerHasDistanceDonationsError, RunnerNotFoundError, RunnerSelfserviceTimeoutError } from '../errors/RunnerErrors';
+import { RunnerOrganizationNotFoundError } from '../errors/RunnerOrganizationErrors';
+import { ScanStationNotFoundError } from '../errors/ScanStationErrors';
+import { JwtCreator } from '../jwtcreator';
+import { Mailer } from '../mailer';
+import ScanAuth from '../middlewares/ScanAuth';
+import { CreateSelfServiceCitizenRunner } from '../models/actions/create/CreateSelfServiceCitizenRunner';
+import { CreateSelfServiceRunner } from '../models/actions/create/CreateSelfServiceRunner';
+import { Runner } from '../models/entities/Runner';
+import { RunnerGroup } from '../models/entities/RunnerGroup';
+import { RunnerOrganization } from '../models/entities/RunnerOrganization';
+import { ScanStation } from '../models/entities/ScanStation';
+import { ResponseEmpty } from '../models/responses/ResponseEmpty';
+import { ResponseScanStation } from '../models/responses/ResponseScanStation';
+import { ResponseSelfServiceOrganisation } from '../models/responses/ResponseSelfServiceOrganisation';
+import { ResponseSelfServiceRunner } from '../models/responses/ResponseSelfServiceRunner';
+import { ResponseSelfServiceScan } from '../models/responses/ResponseSelfServiceScan';
+import { DonationController } from './DonationController';
+import { RunnerCardController } from './RunnerCardController';
+import { ScanController } from './ScanController';
+
+@JsonController()
+export class RunnerSelfServiceController {
+	private runnerRepository: Repository<Runner>;
+	private orgRepository: Repository<RunnerOrganization>;
+	private stationRepository: Repository<ScanStation>;
+
+	/**
+	 * Gets the repository of this controller's model/entity.
+	 */
+	constructor() {
+		this.runnerRepository = getConnectionManager().get().getRepository(Runner);
+		this.orgRepository = getConnectionManager().get().getRepository(RunnerOrganization);
+		this.stationRepository = getConnectionManager().get().getRepository(ScanStation);
+	}
+
+	@Get('/runners/me/:jwt')
+	@ResponseSchema(ResponseSelfServiceRunner)
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OnUndefined(RunnerNotFoundError)
+	@OpenAPI({ description: 'Lists all information about yourself. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please use the forgot endpoint.' })
+	async get(@Param('jwt') token: string) {
+		return (new ResponseSelfServiceRunner(await this.getRunner(token)));
+	}
+
+	@Delete('/runners/me/:jwt')
+	@ResponseSchema(ResponseSelfServiceRunner)
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OnUndefined(RunnerNotFoundError)
+	@OpenAPI({ description: 'Deletes all information about yourself. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please use the forgot endpoint.' })
+	async remove(@Param('jwt') token: string, @QueryParam("force") force: boolean) {
+		const responseRunner = await this.getRunner(token);
+		let runner = await this.runnerRepository.findOne({ id: responseRunner.id });
+
+		if (!runner) { return null; }
+		if (!runner) {
+			throw new RunnerNotFoundError();
+		}
+
+		const runnerDonations = (await this.runnerRepository.findOne({ id: runner.id }, { relations: ["distanceDonations"] })).distanceDonations;
+		if (runnerDonations.length > 0 && !force) {
+			throw new RunnerHasDistanceDonationsError();
+		}
+		const donationController = new DonationController();
+		for (let donation of runnerDonations) {
+			await donationController.remove(donation.id, force);
+		}
+
+		const runnerCards = (await this.runnerRepository.findOne({ id: runner.id }, { relations: ["cards"] })).cards;
+		const cardController = new RunnerCardController;
+		for (let card of runnerCards) {
+			await cardController.remove(card.id, force);
+		}
+
+		const runnerScans = (await this.runnerRepository.findOne({ id: runner.id }, { relations: ["scans"] })).scans;
+		const scanController = new ScanController;
+		for (let scan of runnerScans) {
+			await scanController.remove(scan.id, force);
+		}
+
+		await this.runnerRepository.delete(runner);
+		return new ResponseSelfServiceRunner(responseRunner);
+	}
+
+	@Get('/runners/me/:jwt/scans')
+	@ResponseSchema(ResponseSelfServiceScan, { isArray: true })
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OnUndefined(RunnerNotFoundError)
+	@OpenAPI({ description: 'Lists all your (runner) scans. <br> Please provide your runner jwt(that code we gave you during registration) for auth. <br> If you lost your jwt/personalized link please contact support.' })
+	async getScans(@Param('jwt') token: string) {
+		const scans = (await this.getRunner(token)).scans;
+		let responseScans = new Array<ResponseSelfServiceScan>()
+		for (let scan of scans) {
+			responseScans.push(new ResponseSelfServiceScan(scan));
+		}
+		return responseScans;
+	}
+
+	@Get('/stations/me')
+	@UseBefore(ScanAuth)
+	@ResponseSchema(ResponseScanStation)
+	@ResponseSchema(ScanStationNotFoundError, { statusCode: 404 })
+	@OnUndefined(ScanStationNotFoundError)
+	@OpenAPI({ description: 'Lists basic information about the station whose token got provided. <br> This includes it\'s associated track.', security: [{ "StationApiToken": [] }] })
+	async getStationMe(@Req() req: Request) {
+		let scan = await this.stationRepository.findOne({ id: parseInt(req.headers["station_id"].toString()) }, { relations: ['track'] })
+		if (!scan) { throw new ScanStationNotFoundError(); }
+		return scan.toResponse();
+	}
+
+	@Post('/runners/login')
+	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
+	@OnUndefined(ResponseEmpty)
+	@OpenAPI({ description: 'Use this endpoint to reuqest a new selfservice magic-login-link to be sent to your mail address (rate limited to one mail every 15mins).' })
+	async requestNewToken(@QueryParam('mail') mail: string, @QueryParam("locale") locale: string = "en") {
+		if (!mail) {
+			throw new RunnerNotFoundError();
+		}
+		const runner = await this.runnerRepository.findOne({ email: mail });
+		if (!runner) { throw new RunnerNotFoundError(); }
+
+		if (runner.resetRequestedTimestamp > (Math.floor(Date.now() / 1000) - 30)) { throw new RunnerSelfserviceTimeoutError(); }
+		const token = JwtCreator.createSelfService(runner);
+
+		try {
+			await Mailer.sendSelfserviceForgottenMail(runner.email, runner.id, runner.firstname, runner.middlename, runner.lastname, token, locale)
+		} catch (error) {
+			throw new MailSendingError();
+		}
+
+		runner.resetRequestedTimestamp = Math.floor(Date.now() / 1000);
+		await this.runnerRepository.save(runner);
+
+		return { token };
+	}
+
+	@Post('/runners/register')
+	@ResponseSchema(ResponseSelfServiceRunner)
+	@ResponseSchema(RunnerEmailNeededError, { statusCode: 406 })
+	@OpenAPI({ description: 'Create a new selfservice runner in the citizen org. <br> This endpoint shoud be used to allow "everyday citizen" to register themselves. <br> You have to provide a mail address, b/c the future we\'ll implement email verification.' })
+	async registerRunner(@Body({ validate: true }) createRunner: CreateSelfServiceCitizenRunner, @QueryParam("locale") locale: string = "en") {
+		let runner = await createRunner.toEntity();
+		if (await this.getRunnerExistsByMail(runner.email)) {
+			throw new BadRequestError("E-Mail already registered")
+		}
+		runner = await this.runnerRepository.save(runner);
+
+		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
+		response.token = JwtCreator.createSelfService(runner);
+
+		try {
+			await Mailer.sendSelfserviceWelcomeMail(runner.email, runner.id, runner.firstname, runner.middlename, runner.lastname, response.token, locale)
+		} catch (error) {
+			throw new MailSendingError();
+		}
+
+		return response;
+	}
+
+	@Post('/runners/register/:token')
+	@ResponseSchema(ResponseSelfServiceRunner)
+	@ResponseSchema(RunnerOrganizationNotFoundError, { statusCode: 404 })
+	@OpenAPI({ description: 'Create a new selfservice runner in a provided org. <br> The orgs get provided and authorized via api tokens that can be optained via the /organizations endpoint.' })
+	async registerOrganizationRunner(@Param('token') token: string, @Body({ validate: true }) createRunner: CreateSelfServiceRunner, @QueryParam("locale") locale: string = "en") {
+		const org = await this.getOrgansisation(token);
+
+		let runner = await createRunner.toEntity(org);
+		if (await this.getRunnerExistsByMail(runner.email)) {
+			throw new BadRequestError("E-Mail already registered")
+		}
+		runner = await this.runnerRepository.save(runner);
+
+		let response = new ResponseSelfServiceRunner(await this.runnerRepository.findOne(runner, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] }));
+		response.token = JwtCreator.createSelfService(runner);
+
+		try {
+			await Mailer.sendSelfserviceWelcomeMail(runner.email, runner.id, runner.firstname, runner.middlename, runner.lastname, response.token, locale)
+		} catch (error) {
+			throw new MailSendingError();
+		}
+
+		return response;
+	}
+
+	@Get('/organizations/selfservice/:token')
+	@ResponseSchema(ResponseSelfServiceOrganisation, { isArray: false })
+	@ResponseSchema(RunnerOrganizationNotFoundError, { statusCode: 404 })
+	@OpenAPI({ description: 'Get the basic info and teams for a org.' })
+	async getSelfserviceOrg(@Param('token') token: string) {
+		const orgid = (await this.getOrgansisation(token)).id;
+		const org = await this.orgRepository.findOne({ id: orgid }, { relations: ['teams'] })
+
+		return new ResponseSelfServiceOrganisation(<RunnerOrganization>org);
+	}
+
+	/**
+	 * Get's a runner by a provided jwt token.
+	 * @param token The runner jwt provided by the runner to identitfy themselves.
+	 */
+	private async getRunner(token: string): Promise<Runner> {
+		if (token == "") { throw new JwtNotProvidedError(); }
+		let jwtPayload = undefined
+		try {
+			jwtPayload = <any>jwt.verify(token, config.jwt_secret);
+		} catch (error) {
+			throw new InvalidCredentialsError();
+		}
+
+		const runner = await this.runnerRepository.findOne({ id: jwtPayload["id"] }, { relations: ['scans', 'group', 'group.parentGroup', 'scans.track', 'cards', 'distanceDonations', 'distanceDonations.donor', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] });
+		if (!runner) { throw new RunnerNotFoundError() }
+		return runner;
+	}
+
+	/**
+	 * Get's a runner org by a provided registration api key.
+	 * @param token The organization's registration api token.
+	 */
+	private async getOrgansisation(token: string): Promise<RunnerGroup> {
+		token = Buffer.from(token, 'base64').toString('utf8');
+
+		const organization = await this.orgRepository.findOne({ key: token });
+		if (!organization) { throw new RunnerOrganizationNotFoundError; }
+
+		return organization;
+	}
+
+	/**
+	 * Checks if a runner already exists
+	 * @param email The runner's email address
+	 * @returns Boolean (true if exists, false if not)
+	 */
+	private async getRunnerExistsByMail(email: string): Promise<boolean> {
+		const runner = await this.runnerRepository.findOne({ email });
+		return runner != undefined
+	}
 }

src/controllers/RunnerTeamController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { RunnerTeamHasRunnersError, RunnerTeamIdsNotMatchingError, RunnerTeamNotFoundError } from '../errors/RunnerTeamErrors';
 import { CreateRunnerTeam } from '../models/actions/create/CreateRunnerTeam';
 import { UpdateRunnerTeam } from '../models/actions/update/UpdateRunnerTeam';
@@ -27,11 +27,18 @@ export class RunnerTeamController {
 	@Authorized("TEAM:GET")
 	@ResponseSchema(ResponseRunnerTeam, { isArray: true })
 	@OpenAPI({ description: 'Lists all teams. <br> This includes their parent organization and contact (if existing/associated).' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseTeams: ResponseRunnerTeam[] = new Array<ResponseRunnerTeam>();
-		const runners = await this.runnerTeamRepository.find({ relations: ['parentGroup', 'contact'] });
-		runners.forEach(runner => {
-			responseTeams.push(new ResponseRunnerTeam(runner));
+		let teams: Array<RunnerTeam>;
+
+		if (page != undefined) {
+			teams = await this.runnerTeamRepository.find({ relations: ['parentGroup', 'contact'], skip: page * page_size, take: page_size });
+		} else {
+			teams = await this.runnerTeamRepository.find({ relations: ['parentGroup', 'contact'] });
+		}
+
+		teams.forEach(team => {
+			responseTeams.push(new ResponseRunnerTeam(team));
 		});
 		return responseTeams;
 	}
@@ -43,7 +50,7 @@ export class RunnerTeamController {
 	@OnUndefined(RunnerTeamNotFoundError)
 	@OpenAPI({ description: 'Lists all information about the team whose id got provided.' })
 	async getOne(@Param('id') id: number) {
-		let runnerTeam = await this.runnerTeamRepository.findOne({ id: id }, { relations: ['parentGroup', 'contact'] });
+		let runnerTeam = await this.runnerTeamRepository.findOne({ id: id }, { relations: ['parentGroup', 'contact', 'runners', 'runners.scans', 'runners.scans.track'] });
 		if (!runnerTeam) { throw new RunnerTeamNotFoundError(); }
 		return new ResponseRunnerTeam(runnerTeam);
 	}
@@ -112,7 +119,7 @@ export class RunnerTeamController {
 	async remove(@Param("id") id: number, @QueryParam("force") force: boolean) {
 		let team = await this.runnerTeamRepository.findOne({ id: id });
 		if (!team) { return null; }
-		let runnerTeam = await this.runnerTeamRepository.findOne(team, { relations: ['parentGroup', 'contact', 'runners'] });
+		let runnerTeam = await this.runnerTeamRepository.findOne(team, { relations: ['runners'] });
 
 		if (!force) {
 			if (runnerTeam.runners.length != 0) {

src/controllers/ScanController.ts

@@ -1,6 +1,7 @@
-import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam, UseBefore } from 'routing-controllers';
+import { Request } from "express";
+import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam, Req, UseBefore } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { RunnerNotFoundError } from '../errors/RunnerErrors';
 import { ScanIdsNotMatchingError, ScanNotFoundError } from '../errors/ScanErrors';
 import { ScanStationNotFoundError } from '../errors/ScanStationErrors';
@@ -14,7 +15,6 @@ import { TrackScan } from '../models/entities/TrackScan';
 import { ResponseEmpty } from '../models/responses/ResponseEmpty';
 import { ResponseScan } from '../models/responses/ResponseScan';
 import { ResponseTrackScan } from '../models/responses/ResponseTrackScan';
-
 @JsonController('/scans')
 @OpenAPI({ security: [{ "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
 export class ScanController {
@@ -34,9 +34,16 @@ export class ScanController {
 	@ResponseSchema(ResponseScan, { isArray: true })
 	@ResponseSchema(ResponseTrackScan, { isArray: true })
 	@OpenAPI({ description: 'Lists all scans (normal or track) from all runners. <br> This includes the scan\'s runner\'s distance ran.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseScans: ResponseScan[] = new Array<ResponseScan>();
-		const scans = await this.scanRepository.find({ relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] });
+		let scans: Array<Scan>;
+
+		if (page != undefined) {
+			scans = await this.scanRepository.find({ relations: ['runner', 'track'], skip: page * page_size, take: page_size });
+		} else {
+			scans = await this.scanRepository.find({ relations: ['runner', 'track'] });
+		}
+
 		scans.forEach(scan => {
 			responseScans.push(scan.toResponse());
 		});
@@ -51,7 +58,7 @@ export class ScanController {
 	@OnUndefined(ScanNotFoundError)
 	@OpenAPI({ description: 'Lists all information about the scan whose id got provided. This includes the scan\'s runner\'s distance ran.' })
 	async getOne(@Param('id') id: number) {
-		let scan = await this.scanRepository.findOne({ id: id }, { relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] })
+		let scan = await this.scanRepository.findOne({ id: id }, { relations: ['runner', 'track', 'runner.group', 'card', 'station'] })
 		if (!scan) { throw new ScanNotFoundError(); }
 		return scan.toResponse();
 	}
@@ -60,7 +67,7 @@ export class ScanController {
 	@UseBefore(ScanAuth)
 	@ResponseSchema(ResponseScan)
 	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: 'Create a new scan (not track scan - use /scans/trackscans instead). <br> Please rmemember to provide the scan\'s runner\'s id and distance.', security: [{ "ScanApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
+	@OpenAPI({ description: 'Create a new scan (not track scan - use /scans/trackscans instead). <br> Please rmemember to provide the scan\'s runner\'s id and distance.', security: [{ "StationApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
 	async post(@Body({ validate: true }) createScan: CreateScan) {
 		let scan = await createScan.toEntity();
 		scan = await this.scanRepository.save(scan);
@@ -71,8 +78,12 @@ export class ScanController {
 	@UseBefore(ScanAuth)
 	@ResponseSchema(ResponseTrackScan)
 	@ResponseSchema(RunnerNotFoundError, { statusCode: 404 })
-	@OpenAPI({ description: 'Create a new track scan (for "normal" scans use /scans instead). <br> Please remember that to provide the scan\'s card\'s station\'s id.', security: [{ "ScanApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
-	async postTrackScans(@Body({ validate: true }) createScan: CreateTrackScan) {
+	@OpenAPI({ description: 'Create a new track scan (for "normal" scans use /scans instead). <br> Please remember that to provide the scan\'s card\'s station\'s id.', security: [{ "StationApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
+	async postTrackScans(@Body({ validate: true }) createScan: CreateTrackScan, @Req() req: Request) {
+		const station_id = req.headers["station_id"];
+		if (station_id) {
+			createScan.station = parseInt(station_id.toString());
+		}
 		let scan = await createScan.toEntity();
 		scan = await this.trackScanRepository.save(scan);
 		return (await this.scanRepository.findOne({ id: scan.id }, { relations: ['runner', 'track', 'runner.scans', 'runner.group', 'runner.scans.track', 'card', 'station'] })).toResponse();

src/controllers/ScanStationController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { ScanStationHasScansError, ScanStationIdsNotMatchingError, ScanStationNotFoundError } from '../errors/ScanStationErrors';
 import { TrackNotFoundError } from '../errors/TrackErrors';
 import { CreateScanStation } from '../models/actions/create/CreateScanStation';
@@ -26,9 +26,16 @@ export class ScanStationController {
 	@Authorized("STATION:GET")
 	@ResponseSchema(ResponseScanStation, { isArray: true })
 	@OpenAPI({ description: 'Lists all stations. <br> This includes their associated tracks.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseStations: ResponseScanStation[] = new Array<ResponseScanStation>();
-		const stations = await this.stationRepository.find({ relations: ['track'] });
+		let stations: Array<ScanStation>;
+
+		if (page != undefined) {
+			stations = await this.stationRepository.find({ relations: ['track'], skip: page * page_size, take: page_size });
+		} else {
+			stations = await this.stationRepository.find({ relations: ['track'] });
+		}
+
 		stations.forEach(station => {
 			responseStations.push(station.toResponse());
 		});

src/controllers/StatsClientController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { StatsClientNotFoundError } from '../errors/StatsClientErrors';
 import { TrackNotFoundError } from "../errors/TrackErrors";
 import { CreateStatsClient } from '../models/actions/create/CreateStatsClient';
@@ -24,9 +24,16 @@ export class StatsClientController {
 	@Authorized("STATSCLIENT:GET")
 	@ResponseSchema(ResponseStatsClient, { isArray: true })
 	@OpenAPI({ description: 'Lists all stats clients. Please remember that the key can only be viewed on creation.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseClients: ResponseStatsClient[] = new Array<ResponseStatsClient>();
-		const clients = await this.clientRepository.find();
+		let clients: Array<StatsClient>;
+
+		if (page != undefined) {
+			clients = await this.clientRepository.find({ skip: page * page_size, take: page_size });
+		} else {
+			clients = await this.clientRepository.find();
+		}
+
 		clients.forEach(clients => {
 			responseClients.push(new ResponseStatsClient(clients));
 		});

src/controllers/StatsController.ts

@@ -1,12 +1,14 @@
-import { Get, JsonController, UseBefore } from 'routing-controllers';
+import { Get, JsonController, QueryParam, UseBefore } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
 import { getConnection } from 'typeorm';
 import StatsAuth from '../middlewares/StatsAuth';
 import { Donation } from '../models/entities/Donation';
+import { Donor } from '../models/entities/Donor';
 import { Runner } from '../models/entities/Runner';
 import { RunnerOrganization } from '../models/entities/RunnerOrganization';
 import { RunnerTeam } from '../models/entities/RunnerTeam';
 import { Scan } from '../models/entities/Scan';
+import { TrackScan } from '../models/entities/TrackScan';
 import { User } from '../models/entities/User';
 import { ResponseStats } from '../models/responses/ResponseStats';
 import { ResponseStatsOrgnisation } from '../models/responses/ResponseStatsOrganization';
@@ -20,14 +22,26 @@ export class StatsController {
     @ResponseSchema(ResponseStats)
     @OpenAPI({ description: "A very basic stats endpoint providing basic counters for a dashboard or simmilar" })
     async get() {
-        let connection = getConnection();
-        let runners = await connection.getRepository(Runner).find({ relations: ['scans', 'scans.track'] });
-        let teams = await connection.getRepository(RunnerTeam).find();
-        let orgs = await connection.getRepository(RunnerOrganization).find();
-        let users = await connection.getRepository(User).find();
-        let scans = await connection.getRepository(Scan).find();
+        const connection = getConnection();
+        const runners = await connection.getRepository(Runner).count();
+        const teams = await connection.getRepository(RunnerTeam).count();
+        const orgs = await connection.getRepository(RunnerOrganization).count();
+        const users = await connection.getRepository(User).count();
+        const scans = await connection.getRepository(Scan).count({ where: { valid: true } });
+
+        const distance_query = await connection.getRepository(Scan).createQueryBuilder('scan')
+            .leftJoinAndSelect("scan.track", "track").where("scan.valid = TRUE")
+            .select("SUM(track.distance)", "sum_track").addSelect("SUM(_distance)", "sum_distance")
+            .getRawOne();
+        let distace = parseInt(distance_query.sum_track)
+        if (distance_query.sum_distance) {
+            distace += parseInt(distance_query.sum_distance)
+        }
+
         let donations = await connection.getRepository(Donation).find({ relations: ['runner', 'runner.scans', 'runner.scans.track'] });
-        return new ResponseStats(runners, teams, orgs, users, scans, donations)
+        const donors = await connection.getRepository(Donor).count();
+
+        return new ResponseStats(runners, teams, orgs, users, scans, donations, distace, donors)
     }
 
     @Get("/runners/distance")
@@ -36,7 +50,10 @@ export class StatsController {
     @OpenAPI({ description: "Returns the top ten runners by distance.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopRunnersByDistance() {
         let runners = await getConnection().getRepository(Runner).find({ relations: ['scans', 'group', 'distanceDonations', 'scans.track'] });
-        let topRunners = runners.sort((runner1, runner2) => runner1.distance - runner2.distance).slice(0, 9);
+        if (!runners || runners.length == 0) {
+            return [];
+        }
+        let topRunners = runners.sort((runner1, runner2) => runner2.distance - runner1.distance).slice(0, 10);
         let responseRunners: ResponseStatsRunner[] = new Array<ResponseStatsRunner>();
         topRunners.forEach(runner => {
             responseRunners.push(new ResponseStatsRunner(runner));
@@ -49,8 +66,11 @@ export class StatsController {
     @ResponseSchema(ResponseStatsRunner, { isArray: true })
     @OpenAPI({ description: "Returns the top ten runners by donations.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopRunnersByDonations() {
-        let runners = await getConnection().getRepository(Runner).find({ relations: ['scans', 'group', 'distanceDonations', 'scans.track'] });
-        let topRunners = runners.sort((runner1, runner2) => runner1.distanceDonationAmount - runner2.distanceDonationAmount).slice(0, 9);
+        let runners = await getConnection().getRepository(Runner).find({ relations: ['group', 'distanceDonations', 'distanceDonations.runner', 'distanceDonations.runner.scans', 'distanceDonations.runner.scans.track'] });
+        if (!runners || runners.length == 0) {
+            return [];
+        }
+        let topRunners = runners.sort((runner1, runner2) => runner2.distanceDonationAmount - runner1.distanceDonationAmount).slice(0, 10);
         let responseRunners: ResponseStatsRunner[] = new Array<ResponseStatsRunner>();
         topRunners.forEach(runner => {
             responseRunners.push(new ResponseStatsRunner(runner));
@@ -58,6 +78,34 @@ export class StatsController {
         return responseRunners;
     }
 
+    @Get("/runners/laptime")
+    @UseBefore(StatsAuth)
+    @ResponseSchema(ResponseStatsRunner, { isArray: true })
+    @OpenAPI({ description: "Returns the top ten runners by fastest laptime on your selected track (track by id).", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
+    async getTopRunnersByLaptime(@QueryParam("track") track: number) {
+        let scans = await getConnection().getRepository(TrackScan).find({ relations: ['track', 'runner', 'runner.group', 'runner.scans', 'runner.scans.track', 'runner.distanceDonations'] });
+        if (!scans || scans.length == 0) {
+            return [];
+        }
+        scans = scans.filter((s) => { return s.track.id == track && s.valid == true && s.lapTime != 0 }).sort((scan1, scan2) => scan1.lapTime - scan2.lapTime);
+
+        let topScans = new Array<TrackScan>();
+        let knownRunners = new Array<number>();
+        for (let i = 0; i < scans.length && topScans.length < 10; i++) {
+            const element = scans[i];
+            if (!knownRunners.includes(element.runner.id)) {
+                topScans.push(element);
+                knownRunners.push(element.runner.id);
+            }
+        }
+
+        let responseRunners: ResponseStatsRunner[] = new Array<ResponseStatsRunner>();
+        topScans.forEach(scan => {
+            responseRunners.push(new ResponseStatsRunner(scan.runner, scan.lapTime));
+        });
+        return responseRunners;
+    }
+
     @Get("/scans")
     @UseBefore(StatsAuth)
     @ResponseSchema(ResponseStatsRunner, { isArray: true })
@@ -71,8 +119,11 @@ export class StatsController {
     @ResponseSchema(ResponseStatsTeam, { isArray: true })
     @OpenAPI({ description: "Returns the top ten teams by distance.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopTeamsByDistance() {
-        let teams = await getConnection().getRepository(RunnerTeam).find({ relations: ['runners', 'runners.scans', 'runners.distanceDonations', 'runners.scans.track'] });
-        let topTeams = teams.sort((team1, team2) => team1.distance - team2.distance).slice(0, 9);
+        let teams = await getConnection().getRepository(RunnerTeam).find({ relations: ['parentGroup', 'runners', 'runners.scans', 'runners.scans.track'] });
+        if (!teams || teams.length == 0) {
+            return [];
+        }
+        let topTeams = teams.sort((team1, team2) => team2.distance - team1.distance).slice(0, 10);
         let responseTeams: ResponseStatsTeam[] = new Array<ResponseStatsTeam>();
         topTeams.forEach(team => {
             responseTeams.push(new ResponseStatsTeam(team));
@@ -85,8 +136,11 @@ export class StatsController {
     @ResponseSchema(ResponseStatsTeam, { isArray: true })
     @OpenAPI({ description: "Returns the top ten teams by donations.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopTeamsByDonations() {
-        let teams = await getConnection().getRepository(RunnerTeam).find({ relations: ['runners', 'runners.scans', 'runners.distanceDonations', 'runners.scans.track'] });
-        let topTeams = teams.sort((team1, team2) => team1.distanceDonationAmount - team2.distanceDonationAmount).slice(0, 9);
+        let teams = await getConnection().getRepository(RunnerTeam).find({ relations: ['parentGroup', 'runners', 'runners.scans', 'runners.distanceDonations', 'runners.scans.track'] });
+        if (!teams || teams.length == 0) {
+            return [];
+        }
+        let topTeams = teams.sort((team1, team2) => team2.distanceDonationAmount - team1.distanceDonationAmount).slice(0, 10);
         let responseTeams: ResponseStatsTeam[] = new Array<ResponseStatsTeam>();
         topTeams.forEach(team => {
             responseTeams.push(new ResponseStatsTeam(team));
@@ -100,7 +154,10 @@ export class StatsController {
     @OpenAPI({ description: "Returns the top ten organizations by distance.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopOrgsByDistance() {
         let orgs = await getConnection().getRepository(RunnerOrganization).find({ relations: ['runners', 'runners.scans', 'runners.distanceDonations', 'runners.scans.track', 'teams', 'teams.runners', 'teams.runners.scans', 'teams.runners.distanceDonations', 'teams.runners.scans.track'] });
-        let topOrgs = orgs.sort((org1, org2) => org1.distance - org2.distance).slice(0, 9);
+        if (!orgs || orgs.length == 0) {
+            return [];
+        }
+        let topOrgs = orgs.sort((org1, org2) => org2.distance - org1.distance).slice(0, 10);
         let responseOrgs: ResponseStatsOrgnisation[] = new Array<ResponseStatsOrgnisation>();
         topOrgs.forEach(org => {
             responseOrgs.push(new ResponseStatsOrgnisation(org));
@@ -113,8 +170,11 @@ export class StatsController {
     @ResponseSchema(ResponseStatsOrgnisation, { isArray: true })
     @OpenAPI({ description: "Returns the top ten organizations by donations.", security: [{ "StatsApiToken": [] }, { "AuthToken": [] }, { "RefreshTokenCookie": [] }] })
     async getTopOrgsByDonations() {
-        let orgs = await getConnection().getRepository(RunnerOrganization).find({ relations: ['runners', 'runners.scans', 'runners.distanceDonations', 'runners.scans.track', 'teams', 'teams.runners', 'teams.runners.scans', 'teams.runners.distanceDonations', 'teams.runners.scans.track'] });
-        let topOrgs = orgs.sort((org1, org2) => org1.distanceDonationAmount - org2.distanceDonationAmount).slice(0, 9);
+        let orgs = await getConnection().getRepository(RunnerOrganization).find({ relations: ['runners', 'runners.distanceDonations', 'runners.distanceDonations.runner', 'runners.distanceDonations.runner.scans', 'runners.distanceDonations.runner.scans.track', 'teams', 'teams.runners', 'teams.runners.distanceDonations', 'teams.runners.distanceDonations.runner', 'teams.runners.distanceDonations.runner.scans', 'teams.runners.distanceDonations.runner.scans.track'] });
+        if (!orgs || orgs.length == 0) {
+            return [];
+        }
+        let topOrgs = orgs.sort((org1, org2) => org2.distanceDonationAmount - org1.distanceDonationAmount).slice(0, 10);
         let responseOrgs: ResponseStatsOrgnisation[] = new Array<ResponseStatsOrgnisation>();
         topOrgs.forEach(org => {
             responseOrgs.push(new ResponseStatsOrgnisation(org));

src/controllers/TrackController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { TrackHasScanStationsError, TrackIdsNotMatchingError, TrackLapTimeCantBeNegativeError, TrackNotFoundError } from "../errors/TrackErrors";
 import { CreateTrack } from '../models/actions/create/CreateTrack';
 import { UpdateTrack } from '../models/actions/update/UpdateTrack';
@@ -25,9 +25,17 @@ export class TrackController {
 	@Authorized("TRACK:GET")
 	@ResponseSchema(ResponseTrack, { isArray: true })
 	@OpenAPI({ description: 'Lists all tracks.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseTracks: ResponseTrack[] = new Array<ResponseTrack>();
-		const tracks = await this.trackRepository.find();
+		let tracks: Array<Track>;
+
+		if (page != undefined) {
+			tracks = await this.trackRepository.find({ skip: page * page_size, take: page_size });
+		}
+		else {
+			tracks = await this.trackRepository.find();
+		}
+
 		tracks.forEach(track => {
 			responseTracks.push(new ResponseTrack(track));
 		});

src/controllers/UserController.ts

@@ -1,7 +1,7 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
-import { UserDeletionNotConfirmedError, UserIdsNotMatchingError, UsernameContainsIllegalCharacterError, UserNotFoundError } from '../errors/UserErrors';
+import { Repository, getConnectionManager } from 'typeorm';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserDeletionNotConfirmedError, UserIdsNotMatchingError, UserNotFoundError, UsernameContainsIllegalCharacterError } from '../errors/UserErrors';
 import { UserGroupNotFoundError } from '../errors/UserGroupErrors';
 import { CreateUser } from '../models/actions/create/CreateUser';
 import { UpdateUser } from '../models/actions/update/UpdateUser';
@@ -28,9 +28,17 @@ export class UserController {
 	@Authorized("USER:GET")
 	@ResponseSchema(ResponseUser, { isArray: true })
 	@OpenAPI({ description: 'Lists all users. <br> This includes their groups and permissions granted to them.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseUsers: ResponseUser[] = new Array<ResponseUser>();
-		const users = await this.userRepository.find({ relations: ['permissions', 'groups', 'groups.permissions'] });
+		let users: Array<User>;
+
+		if (page != undefined) {
+			users = await this.userRepository.find({ relations: ['permissions', 'groups', 'groups.permissions'], skip: page * page_size, take: page_size });
+		}
+		else {
+			users = await this.userRepository.find({ relations: ['permissions', 'groups', 'groups.permissions'] });
+		}
+
 		users.forEach(user => {
 			responseUsers.push(new ResponseUser(user));
 		});
@@ -66,6 +74,10 @@ export class UserController {
 	@ResponseSchema(ResponseUser)
 	@ResponseSchema(UserGroupNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainUppercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainLowercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainNumberError, { statusCode: 406 })
+	@ResponseSchema(PasswordTooShortError, { statusCode: 406 })
 	@OpenAPI({ description: 'Create a new user. <br> If you want to grant permissions to the user you have to create them seperately by posting to /api/permissions after creating the user.' })
 	async post(@Body({ validate: true }) createUser: CreateUser) {
 		let user;
@@ -85,6 +97,10 @@ export class UserController {
 	@ResponseSchema(UserNotFoundError, { statusCode: 404 })
 	@ResponseSchema(UserIdsNotMatchingError, { statusCode: 406 })
 	@ResponseSchema(UsernameContainsIllegalCharacterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainUppercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainLowercaseLetterError, { statusCode: 406 })
+	@ResponseSchema(PasswordMustContainNumberError, { statusCode: 406 })
+	@ResponseSchema(PasswordTooShortError, { statusCode: 406 })
 	@OpenAPI({ description: "Update the user whose id you provided. <br> To change the permissions directly granted to the user please use /api/permissions instead. <br> Please remember that ids can't be changed." })
 	async put(@Param('id') id: number, @Body({ validate: true }) updateUser: UpdateUser) {
 		let oldUser = await this.userRepository.findOne({ id: id });

src/controllers/UserGroupController.ts

@@ -1,6 +1,6 @@
 import { Authorized, Body, Delete, Get, JsonController, OnUndefined, Param, Post, Put, QueryParam } from 'routing-controllers';
 import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
-import { getConnectionManager, Repository } from 'typeorm';
+import { Repository, getConnectionManager } from 'typeorm';
 import { UserGroupIdsNotMatchingError, UserGroupNotFoundError } from '../errors/UserGroupErrors';
 import { CreateUserGroup } from '../models/actions/create/CreateUserGroup';
 import { UpdateUserGroup } from '../models/actions/update/UpdateUserGroup';
@@ -27,9 +27,16 @@ export class UserGroupController {
 	@Authorized("USERGROUP:GET")
 	@ResponseSchema(ResponseUserGroup, { isArray: true })
 	@OpenAPI({ description: 'Lists all groups. <br> The information provided might change while the project continues to evolve.' })
-	async getAll() {
+	async getAll(@QueryParam("page", { required: false }) page: number, @QueryParam("page_size", { required: false }) page_size: number = 100) {
 		let responseGroups: ResponseUserGroup[] = new Array<ResponseUserGroup>();
-		const groups = await this.userGroupsRepository.find({ relations: ['permissions'] });
+		let groups: Array<UserGroup>;
+
+		if (page != undefined) {
+			groups = await this.userGroupsRepository.find({ relations: ['permissions'], skip: page * page_size, take: page_size });
+		} else {
+			groups = await this.userGroupsRepository.find({ relations: ['permissions'] });
+		}
+
 		groups.forEach(group => {
 			responseGroups.push(group.toResponse());
 		});

src/errors/RunnerErrors.ts

@@ -46,6 +46,17 @@ export class RunnerEmailNeededError extends NotAcceptableError {
 	message = "Citizenrunners have to provide an email address for verification and contacting."
 }
 
+/**
+ * Error to throw when a runner already requested a new selfservice link in the last 30s.
+ */
+export class RunnerSelfserviceTimeoutError extends NotAcceptableError {
+	@IsString()
+	name = "RunnerSelfserviceTimeoutError"
+
+	@IsString()
+	message = "You can only reqest a new token every 30s."
+}
+
 /**
 * Error to throw when a runner still has distance donations associated.
 */

src/errors/UserErrors.ts

@@ -71,4 +71,33 @@ export class UserDeletionNotConfirmedError extends NotAcceptableError {
 
 	@IsString()
 	message = "You are trying to delete a user! \n If you're sure about doing this: provide the ?force=true query param."
+}
+
+export class PasswordMustContainUppercaseLetterError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordMustContainUppercaseLetterError"
+
+	@IsString()
+	message = "Passwords must contain at least one uppercase letter."
+}
+export class PasswordMustContainLowercaseLetterError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordMustContainLowercaseLetterError"
+
+	@IsString()
+	message = "Passwords must contain at least one lowercase letter."
+}
+export class PasswordMustContainNumberError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordMustContainNumberError"
+
+	@IsString()
+	message = "Passwords must contain at least one number."
+}
+export class PasswordTooShortError extends NotAcceptableError {
+	@IsString()
+	name = "PasswordTooShortError"
+
+	@IsString()
+	message = "Passwords must be at least ten characters long."
 }

src/mailer.ts

@@ -9,6 +9,7 @@ import { MailSendingError } from './errors/MailErrors';
 export class Mailer {
     public static base: string = config.mailer_url;
     public static key: string = config.mailer_key;
+    public static testing: boolean = config.testing;
 
     /**
      * Function for sending a password reset mail.
@@ -17,11 +18,84 @@ export class Mailer {
      */
     public static async sendResetMail(to_address: string, token: string, locale: string = "en") {
         try {
-            await axios.post(`${Mailer.base}/reset?locale=${locale}&key=${Mailer.key}`, {
-                address: to_address,
-                resetKey: token
+            await axios.request({
+                method: 'POST',
+                url: `${Mailer.base}/api/v1/email`,
+                headers: {
+                    authorization: `Bearer ${Mailer.key}`,
+                    'content-type': 'application/json'
+                },
+                data: {
+                    to: to_address,
+                    templateName: 'password-reset',
+                    language: locale,
+                    data: { token: token }
+                }
             });
         } catch (error) {
+            if (Mailer.testing) { return true; }
+            throw new MailSendingError();
+        }
+    }
+
+    /**
+     * Function for sending a runner selfservice welcome mail.
+     * @param to_address The address the mail will be sent to. Should always get pulled from a runner object.
+     * @param token The requested selfservice token - will be combined with the app_url to generate a selfservice profile link.
+    */
+    public static async sendSelfserviceWelcomeMail(to_address: string, runner_id: number, firstname: string, middlename: string, lastname: string, token: string, locale: string = "en") {
+        try {
+            await axios.request({
+                method: 'POST',
+                url: `${Mailer.base}/api/v1/email`,
+                headers: {
+                    authorization: `Bearer ${Mailer.key}`,
+                    'content-type': 'application/json'
+                },
+                data: {
+                    to: to_address,
+                    templateName: 'welcome',
+                    language: locale,
+                    data: {
+                        name: `${firstname} ${middlename} ${lastname}`,
+                        barcode_content: `${runner_id}`,
+                        link: `${process.env.SELFSERVICE_URL}/profile/${token}`
+                    }
+                }
+            });
+        } catch (error) {
+            if (Mailer.testing) { return true; }
+            throw new MailSendingError();
+        }
+    }
+
+    /**
+     * Function for sending a runner selfservice link forgotten mail.
+     * @param to_address The address the mail will be sent to. Should always get pulled from a runner object.
+     * @param token The requested selfservice token - will be combined with the app_url to generate a selfservice profile link.
+    */
+    public static async sendSelfserviceForgottenMail(to_address: string, runner_id: number, firstname: string, middlename: string, lastname: string, token: string, locale: string = "en") {
+        try {
+            await axios.request({
+                method: 'POST',
+                url: `${Mailer.base}/api/v1/email`,
+                headers: {
+                    authorization: `Bearer ${Mailer.key}`,
+                    'content-type': 'application/json'
+                },
+                data: {
+                    to: to_address,
+                    templateName: 'welcome',
+                    language: locale,
+                    data: {
+                        name: `${firstname} ${middlename} ${lastname}`,
+                        barcode_content: `${runner_id}`,
+                        link: `${process.env.SELFSERVICE_URL}/profile/${token}`
+                    }
+                }
+            });
+        } catch (error) {
+            if (Mailer.testing) { return true; }
             throw new MailSendingError();
         }
     }

src/middlewares/ScanAuth.ts

@@ -15,14 +15,14 @@ import authchecker from './authchecker';
 const ScanAuth = async (req: Request, res: Response, next: () => void) => {
     let provided_token: string = req.headers["authorization"];
     if (provided_token == "" || provided_token === undefined || provided_token === null) {
-        res.status(401).send("No api token provided.");
+        res.status(401).send({ http_code: 401, short: "no_token", message: "No api token provided." });
         return;
     }
 
     try {
         provided_token = provided_token.replace("Bearer ", "");
     } catch (error) {
-        res.status(401).send("No valid jwt or api token provided.");
+        res.status(401).send({ http_code: 401, short: "no_token", message: "No valid jwt or api token provided." });
         return;
     }
 
@@ -32,7 +32,7 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => {
     }
     finally {
         if (prefix == "" || prefix == undefined || prefix == null) {
-            res.status(401).send("Api token non-existent or invalid syntax.");
+            res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." });
             return;
         }
     }
@@ -46,7 +46,7 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => {
         }
         finally {
             if (user_authorized == false) {
-                res.status(401).send("Api token non-existent or invalid syntax.");
+                res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." });
                 return;
             }
             else {
@@ -56,13 +56,13 @@ const ScanAuth = async (req: Request, res: Response, next: () => void) => {
     }
     else {
         if (station.enabled == false) {
-            res.status(401).send("Station disabled.");
+            res.status(401).send({ http_code: 401, short: "station_disabled", message: "Station is disabled." });
         }
         if (!(await argon2.verify(station.key, provided_token))) {
-            res.status(401).send("Api token invalid.");
+            res.status(401).send({ http_code: 401, short: "invalid_token", message: "Api token non-existent or invalid syntax." });
             return;
         }
-
+        req.headers["station_id"] = station.id.toString();
         next();
     }
 }

src/models/actions/create/CreateDistanceDonation.ts

@@ -33,6 +33,7 @@ export class CreateDistanceDonation extends CreateDonation {
         let newDonation = new DistanceDonation;
 
         newDonation.amountPerDistance = this.amountPerDistance;
+        newDonation.paidAmount = this.paidAmount;
         newDonation.donor = await this.getDonor();
         newDonation.runner = await this.getRunner();
 

src/models/actions/create/CreateDonation.ts

@@ -1,4 +1,4 @@
-import { IsInt, IsPositive } from 'class-validator';
+import { IsInt, IsOptional, IsPositive } from 'class-validator';
 import { getConnection } from 'typeorm';
 import { DonorNotFoundError } from '../../../errors/DonorErrors';
 import { Donation } from '../../entities/Donation';
@@ -16,6 +16,13 @@ export abstract class CreateDonation {
     @IsPositive()
     donor: number;
 
+    /**
+     * The donation's paid amount in the smalles unit of your currency (default: euro cent).
+     */
+    @IsInt()
+    @IsOptional()
+    paidAmount?: number;
+
     /**
      * Creates a new Donation entity from this.
      */

src/models/actions/create/CreateFixedDonation.ts

@@ -21,6 +21,7 @@ export class CreateFixedDonation extends CreateDonation {
         let newDonation = new FixedDonation;
 
         newDonation.amount = this.amount;
+        newDonation.paidAmount = this.paidAmount;
         newDonation.donor = await this.getDonor();
 
         return newDonation;

src/models/actions/create/CreateSelfServiceCitizenRunner.ts

@@ -26,6 +26,7 @@ export class CreateSelfServiceCitizenRunner extends CreateParticipant {
     public async toEntity(): Promise<Runner> {
         let newRunner: Runner = new Runner();
 
+        newRunner.created_via = "selfservice";
         newRunner.firstname = this.firstname;
         newRunner.middlename = this.middlename;
         newRunner.lastname = this.lastname;

src/models/actions/create/CreateSelfServiceRunner.ts

@@ -28,6 +28,7 @@ export class CreateSelfServiceRunner extends CreateParticipant {
     public async toEntity(group: RunnerGroup): Promise<Runner> {
         let newRunner: Runner = new Runner();
 
+        newRunner.created_via = "selfservice";
         newRunner.firstname = this.firstname;
         newRunner.middlename = this.middlename;
         newRunner.lastname = this.lastname;

src/models/actions/create/CreateTrackScan.ts

@@ -1,4 +1,5 @@
-import { IsInt, IsPositive } from 'class-validator';
+import { IsInt, IsOptional, IsPositive } from 'class-validator';
+import { BadRequestError } from 'routing-controllers';
 import { getConnection } from 'typeorm';
 import { RunnerCardNotFoundError } from '../../../errors/RunnerCardErrors';
 import { RunnerNotFoundError } from '../../../errors/RunnerErrors';
@@ -22,10 +23,12 @@ export class CreateTrackScan {
     /**
      * The scanning station's id that created the scan.
      * Mainly used for logging and traceing back scans (or errors).
+     * You don't have to provide the station if you're authenticateing via a scanstation token (The server takes care of it for you).
      */
     @IsInt()
     @IsPositive()
-    station: number;
+    @IsOptional()
+    station?: number;
 
     /**
      * Creates a new Track entity from this.
@@ -44,21 +47,32 @@ export class CreateTrackScan {
         }
 
         newScan.timestamp = Math.round(new Date().getTime() / 1000);
-        newScan.lapTime = await this.getLaptime(newScan)
-        newScan.valid = await this.validateScan(newScan);
+        newScan = await this.validateScan(newScan);
 
         return newScan;
     }
 
+    /**
+     * Get's a runnerCard entity via the provided id.
+     * @returns The runnerCard whom's id you provided.
+     */
     public async getCard(): Promise<RunnerCard> {
-        const track = await getConnection().getRepository(RunnerCard).findOne({ id: this.card }, { relations: ["runner"] });
-        if (!track) {
+        const id = this.card % 200000000000;
+        const runnerCard = await getConnection().getRepository(RunnerCard).findOne({ id: id }, { relations: ["runner"] });
+        if (!runnerCard) {
             throw new RunnerCardNotFoundError();
         }
-        return track;
+        return runnerCard;
     }
 
+    /**
+     * Get's a scanstation entity via the provided id.
+     * @returns The scanstation whom's id you provided.
+     */
     public async getStation(): Promise<ScanStation> {
+        if (!this.station) {
+            throw new BadRequestError("You are missing the station's id!")
+        }
         const station = await getConnection().getRepository(ScanStation).findOne({ id: this.station }, { relations: ["track"] });
         if (!station) {
             throw new ScanStationNotFoundError();
@@ -66,15 +80,21 @@ export class CreateTrackScan {
         return station;
     }
 
-    public validateScan(scan: TrackScan): boolean {
-        return (scan.lapTime > scan.track.minimumLapTime);
-    }
-
-    public async getLaptime(scan: TrackScan): Promise<number> {
-        const scans = await getConnection().getRepository(TrackScan).find({ where: { runner: scan.runner, valid: true }, relations: ["track"] });
-        if (scans.length == 0) { return 0; }
-
-        const newestScan = scans[scans.length - 1];
-        return (scan.timestamp - newestScan.timestamp);
+    /**
+     * Validates the scan and sets it's lap time;
+     * @param scan The scan you want to validate
+     * @returns The validated scan with it's laptime set.
+     */
+    public async validateScan(scan: TrackScan): Promise<TrackScan> {
+        const latestScan = await getConnection().getRepository(TrackScan).findOne({ where: { runner: scan.runner, valid: true }, relations: ["track"], order: { id: 'DESC' } });
+        if (!latestScan) {
+            scan.lapTime = 0;
+            scan.valid = true;
+        }
+        else {
+            scan.lapTime = scan.timestamp - latestScan.timestamp;
+            scan.valid = (scan.lapTime > scan.track.minimumLapTime);
+        }
+        return scan;
     }
 }

src/models/actions/create/CreateUser.ts

@@ -1,9 +1,10 @@
 import * as argon2 from "argon2";
+import { passwordStrength } from "check-password-strength";
 import { IsBoolean, IsEmail, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator';
 import { getConnectionManager } from 'typeorm';
 import * as uuid from 'uuid';
 import { config } from '../../../config';
-import { UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
 import { UserGroupNotFoundError } from '../../../errors/UserGroupErrors';
 import { User } from '../../entities/User';
 import { UserGroup } from '../../entities/UserGroup';
@@ -94,7 +95,13 @@ export class CreateUser {
         if (!this.email) {
             throw new UserEmailNeededError();
         }
-        if (this.username.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
+        if (this.username?.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
+
+        let password_strength = passwordStrength(this.password);
+        if (!password_strength.contains.includes("uppercase")) { throw new PasswordMustContainUppercaseLetterError(); }
+        if (!password_strength.contains.includes("lowercase")) { throw new PasswordMustContainLowercaseLetterError(); }
+        if (!password_strength.contains.includes("number")) { throw new PasswordMustContainNumberError(); }
+        if (!(password_strength.length > 9)) { throw new PasswordTooShortError(); }
 
         newUser.email = this.email
         newUser.username = this.username
@@ -107,7 +114,7 @@ export class CreateUser {
         newUser.groups = await this.getGroups();
         newUser.enabled = this.enabled;
 
-        if (!this.profilePic) { newUser.profilePic = `https://dev.lauf-fuer-kaya.de/lfk-logo.png`; }
+        if (!this.profilePic) { newUser.profilePic = `https://lauf-fuer-kaya.de/lfk-logo.png`; }
         else { newUser.profilePic = this.profilePic; }
 
         return newUser;

src/models/actions/update/UpdateDistanceDonation.ts

@@ -32,6 +32,7 @@ export class UpdateDistanceDonation extends UpdateDonation {
      */
     public async update(donation: DistanceDonation): Promise<DistanceDonation> {
         donation.amountPerDistance = this.amountPerDistance;
+        donation.paidAmount = this.paidAmount;
         donation.donor = await this.getDonor();
         donation.runner = await this.getRunner();
 

src/models/actions/update/UpdateDonation.ts

@@ -1,4 +1,4 @@
-import { IsInt, IsPositive } from 'class-validator';
+import { IsInt, IsOptional, IsPositive } from 'class-validator';
 import { getConnection } from 'typeorm';
 import { DonorNotFoundError } from '../../../errors/DonorErrors';
 import { Donation } from '../../entities/Donation';
@@ -23,6 +23,13 @@ export abstract class UpdateDonation {
     @IsPositive()
     donor: number;
 
+    /**
+     * The donation's paid amount in the smalles unit of your currency (default: euro cent).
+     */
+    @IsInt()
+    @IsOptional()
+    paidAmount?: number;
+
     /**
      * Creates a new Donation entity from this.
      */

src/models/actions/update/UpdateFixedDonation.ts

@@ -20,6 +20,7 @@ export class UpdateFixedDonation extends UpdateDonation {
      */
     public async update(donation: FixedDonation): Promise<FixedDonation> {
         donation.amount = this.amount;
+        donation.paidAmount = this.paidAmount;
         donation.donor = await this.getDonor();
 
         return donation;

src/models/actions/update/UpdateTrackScan.ts

@@ -1,9 +1,9 @@
 import { IsBoolean, IsInt, IsOptional, IsPositive } from 'class-validator';
 import { getConnection } from 'typeorm';
 import { RunnerNotFoundError } from '../../../errors/RunnerErrors';
-import { ScanStationNotFoundError } from '../../../errors/ScanStationErrors';
+import { TrackNotFoundError } from '../../../errors/TrackErrors';
 import { Runner } from '../../entities/Runner';
-import { ScanStation } from '../../entities/ScanStation';
+import { Track } from '../../entities/Track';
 import { TrackScan } from '../../entities/TrackScan';
 
 /**
@@ -38,7 +38,7 @@ export abstract class UpdateTrackScan {
      */
     @IsInt()
     @IsPositive()
-    public station: number;
+    public track: number;
 
     /**
      * Update a TrackScan entity based on this.
@@ -47,8 +47,7 @@ export abstract class UpdateTrackScan {
     public async update(scan: TrackScan): Promise<TrackScan> {
         scan.valid = this.valid;
         scan.runner = await this.getRunner();
-        scan.station = await this.getStation();
-        scan.track = scan.station.track;
+        scan.track = await this.getTrack();
 
         return scan;
     }
@@ -67,11 +66,11 @@ export abstract class UpdateTrackScan {
     /**
      * Gets a runner based on the runner id provided via this.runner.
      */
-    public async getStation(): Promise<ScanStation> {
-        const station = await getConnection().getRepository(ScanStation).findOne({ id: this.station }, { relations: ['track'] });
-        if (!station) {
-            throw new ScanStationNotFoundError();
+    public async getTrack(): Promise<Track> {
+        const track = await getConnection().getRepository(Track).findOne({ id: this.track });
+        if (!track) {
+            throw new TrackNotFoundError();
         }
-        return station;
+        return track;
     }
 }

src/models/actions/update/UpdateUser.ts

@@ -1,12 +1,14 @@
 import * as argon2 from "argon2";
+import { passwordStrength } from "check-password-strength";
 import { IsBoolean, IsEmail, IsInt, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator';
 import { getConnectionManager } from 'typeorm';
 import { config } from '../../../config';
-import { UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
+import { PasswordMustContainLowercaseLetterError, PasswordMustContainNumberError, PasswordMustContainUppercaseLetterError, PasswordTooShortError, UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
 import { UserGroupNotFoundError } from '../../../errors/UserGroupErrors';
 import { User } from '../../entities/User';
 import { UserGroup } from '../../entities/UserGroup';
 
+
 /**
  * This class is used to update a User entity (via put request).
  */
@@ -104,6 +106,11 @@ export class UpdateUser {
         if (this.username.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
 
         if (this.password) {
+            let password_strength = passwordStrength(this.password);
+            if (!password_strength.contains.includes("uppercase")) { throw new PasswordMustContainUppercaseLetterError(); }
+            if (!password_strength.contains.includes("lowercase")) { throw new PasswordMustContainLowercaseLetterError(); }
+            if (!password_strength.contains.includes("number")) { throw new PasswordMustContainNumberError(); }
+            if (!(password_strength.length > 9)) { throw new PasswordTooShortError(); }
             user.password = await argon2.hash(this.password + user.uuid);
             user.refreshTokenCount = user.refreshTokenCount + 1;
         }
@@ -117,7 +124,7 @@ export class UpdateUser {
         user.phone = this.phone;
         user.groups = await this.getGroups();
 
-        if (!this.profilePic) { user.profilePic = `https://dev.lauf-fuer-kaya.de/lfk-logo.png`; }
+        if (!this.profilePic) { user.profilePic = `https://lauf-fuer-kaya.de/lfk-logo.png`; }
         else { user.profilePic = this.profilePic; }
 
         return user;

src/models/entities/Donation.ts

@@ -2,7 +2,7 @@ import {
   IsInt,
   IsNotEmpty
 } from "class-validator";
-import { Entity, ManyToOne, PrimaryGeneratedColumn, TableInheritance } from "typeorm";
+import { Column, Entity, ManyToOne, PrimaryGeneratedColumn, TableInheritance } from "typeorm";
 import { ResponseDonation } from '../responses/ResponseDonation';
 import { Donor } from './Donor';
 
@@ -34,6 +34,13 @@ export abstract class Donation {
    */
   public abstract get amount(): number;
 
+  /**
+   * The donation's paid amount in cents (or whatever your currency's smallest unit is.).
+   * Used to mark donations as paid.
+   */
+  @Column({ nullable: true })
+  @IsInt()
+  paidAmount: number;
 
   /**
    * Turns this entity into it's response class.

src/models/entities/Donor.ts

@@ -33,6 +33,15 @@ export class Donor extends Participant {
     return this.donations.reduce((sum, current) => sum + current.amount, 0);
   }
 
+  /**
+   * Returns the total paid donations of a donor based on his linked donations.
+  */
+  @IsInt()
+  public get paidDonationAmount(): number {
+    if (!this.donations) { return 0; }
+    return this.donations.reduce((sum, current) => sum + current.paidAmount, 0);
+  }
+
   /**
    * Turns this entity into it's response class.
    */

src/models/entities/Participant.ts

@@ -75,6 +75,14 @@ export abstract class Participant {
   @IsEmail()
   email?: string;
 
+  /**
+   * how the participant got into the system
+   */
+  @Column({ nullable: true, default: "backend" })
+  @IsOptional()
+  @IsEmail()
+  created_via?: string;
+
   /**
    * Turns this entity into it's response class.
    */

src/models/entities/Runner.ts

@@ -1,5 +1,5 @@
-import { IsInt, IsNotEmpty } from "class-validator";
-import { ChildEntity, ManyToOne, OneToMany } from "typeorm";
+import { IsInt, IsNotEmpty, IsOptional, IsString } from "class-validator";
+import { ChildEntity, Column, ManyToOne, OneToMany } from "typeorm";
 import { ResponseRunner } from '../responses/ResponseRunner';
 import { DistanceDonation } from "./DistanceDonation";
 import { Participant } from "./Participant";
@@ -43,6 +43,15 @@ export class Runner extends Participant {
   @OneToMany(() => Scan, scan => scan.runner, { nullable: true })
   scans: Scan[];
 
+  /**
+  * The last time the runner requested a selfservice link.
+  * Used to prevent spamming of the selfservice link forgotten route.
+  */
+  @Column({ nullable: true, unique: false })
+  @IsString()
+  @IsOptional()
+  resetRequestedTimestamp?: number;
+
   /**
    * Returns all valid scans associated with this runner.
    * This is implemented here to avoid duplicate code in other files.

src/models/entities/RunnerCard.ts

@@ -52,13 +52,7 @@ export class RunnerCard {
    * Generates a ean-13 compliant string for barcode generation.
    */
   public get code(): string {
-    const multiply = [1, 3];
-    let total = 0;
-    this.paddedId.split('').forEach((letter, index) => {
-      total += parseInt(letter, 10) * multiply[index % 2];
-    });
-    const checkSum = (Math.ceil(total / 10) * 10) - total;
-    return this.paddedId + checkSum.toString();
+    return this.paddedId
   }
 
   /**
@@ -67,10 +61,11 @@ export class RunnerCard {
   private get paddedId(): string {
     let id: string = this.id.toString();
 
-    if (id.length > 12) {
+    if (id.length > 11) {
       throw new RunnerCardIdOutOfRangeError();
     }
-    while (id.length < 12) { id = '0' + id; }
+    while (id.length < 11) { id = '0' + id; }
+    id = '2' + id;
 
     return id;
   }

src/models/entities/RunnerGroup.ts

@@ -51,6 +51,9 @@ export abstract class RunnerGroup {
   */
   @IsInt()
   public get distance(): number {
+    if (!this.runners || this.runners.length == 0) {
+      return 0;
+    }
     return this.runners.reduce((sum, current) => sum + current.distance, 0);
   }
 

src/models/enums/DonationStatus.ts

@@ -0,0 +1,7 @@
+/**
+ * This enum contains all status a donation can inherit regarding it's payment status.
+ */
+export enum DonationStatus {
+    OPEN = 'OPEN',
+    PAID = 'PAID'
+}

src/models/enums/ResponseObjectType.ts

@@ -35,4 +35,5 @@ export enum ResponseObjectType {
     USER = 'USER',
     USERGROUP = 'USERGROUP',
     USERPERMISSIONS = 'USERPERMISSIONS',
+    SELFSERVICEDONOR = 'SELFSERVICEDONOR'
 }

src/models/responses/ResponseDonation.ts

@@ -1,5 +1,6 @@
 import { IsInt, IsNotEmpty, IsPositive } from "class-validator";
 import { Donation } from '../entities/Donation';
+import { DonationStatus } from '../enums/DonationStatus';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
 import { ResponseDonor } from './ResponseDonor';
@@ -15,6 +16,12 @@ export class ResponseDonation implements IResponse {
     */
     responseType: ResponseObjectType = ResponseObjectType.DONATION;
 
+    /**
+    * The donation's payment status.
+    * Provides you with a quick indicator of it's payment status.
+    */
+    status: DonationStatus;
+
     /**
      * The donation's id.
      */
@@ -34,13 +41,28 @@ export class ResponseDonation implements IResponse {
     @IsInt()
     amount: number;
 
+    /**
+     * The donation's paid amount in the smalles unit of your currency (default: euro cent).
+     */
+    @IsInt()
+    paidAmount: number;
+
     /**
      * Creates a ResponseDonation object from a scan.
      * @param donation The donation the response shall be build for.
      */
     public constructor(donation: Donation) {
         this.id = donation.id;
-        this.donor = donation.donor.toResponse();
+        if (donation.donor) {
+            this.donor = donation.donor.toResponse();
+        }
         this.amount = donation.amount;
+        this.paidAmount = donation.paidAmount || 0;
+        if (this.paidAmount < this.amount) {
+            this.status = DonationStatus.OPEN;
+        }
+        else {
+            this.status = DonationStatus.PAID;
+        }
     }
 }

src/models/responses/ResponseDonor.ts

@@ -4,6 +4,7 @@ import {
 import { Donor } from '../entities/Donor';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
+import { ResponseDonation } from './ResponseDonation';
 import { ResponseParticipant } from './ResponseParticipant';
 
 /**
@@ -28,6 +29,14 @@ export class ResponseDonor extends ResponseParticipant implements IResponse {
     @IsInt()
     donationAmount: number;
 
+    /**
+    * Returns the total paid donations of a donor based on his linked donations.
+    */
+    @IsInt()
+    paidDonationAmount: number;
+
+    donations: Array<ResponseDonation>;
+
     /**
      * Creates a ResponseRunner object from a runner.
      * @param runner The user the response shall be build for.
@@ -36,5 +45,12 @@ export class ResponseDonor extends ResponseParticipant implements IResponse {
         super(donor);
         this.receiptNeeded = donor.receiptNeeded;
         this.donationAmount = donor.donationAmount;
+        this.paidDonationAmount = donor.paidDonationAmount;
+        this.donations = new Array<ResponseDonation>();
+        if (donor.donations?.length > 0) {
+            for (const donation of donor.donations) {
+                this.donations.push(donation.toResponse())
+            }
+        }
     }
 }

src/models/responses/ResponseParticipant.ts

@@ -50,6 +50,12 @@ export abstract class ResponseParticipant implements IResponse {
     @IsString()
     email?: string;
 
+    /**
+     * how the participant got into the system
+     */
+    @IsString()
+    created_via?: string;
+
     /**
      * The participant's address.
      */
@@ -64,6 +70,7 @@ export abstract class ResponseParticipant implements IResponse {
     public constructor(participant: Participant) {
         this.id = participant.id;
         this.firstname = participant.firstname;
+        this.created_via = participant.created_via;
         this.middlename = participant.middlename;
         this.lastname = participant.lastname;
         this.phone = participant.phone;

src/models/responses/ResponseRunnerGroup.ts

@@ -1,4 +1,4 @@
-import { IsInt, IsNotEmpty, IsObject, IsOptional, IsString } from "class-validator";
+import { IsInt, IsNotEmpty, IsNumber, IsObject, IsOptional, IsString } from "class-validator";
 import { RunnerGroup } from '../entities/RunnerGroup';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
@@ -36,6 +36,10 @@ export abstract class ResponseRunnerGroup implements IResponse {
     @IsOptional()
     contact?: ResponseGroupContact;
 
+    @IsOptional()
+    @IsNumber()
+    total_distance: number
+
     /**
      * Creates a ResponseRunnerGroup object from a runnerGroup.
      * @param group The runnerGroup the response shall be build for.
@@ -44,5 +48,6 @@ export abstract class ResponseRunnerGroup implements IResponse {
         this.id = group.id;
         this.name = group.name;
         if (group.contact) { this.contact = group.contact.toResponse(); };
+        if (group.runners) { this.total_distance = group.runners.reduce((p, c) => p + c.distance, 0) }
     }
 }

src/models/responses/ResponseRunnerOrganization.ts

@@ -67,6 +67,9 @@ export class ResponseRunnerOrganization extends ResponseRunnerGroup implements I
             for (let team of org.teams) {
                 this.teams.push(team.toResponse());
             }
+            for (const team of this.teams) {
+                this.total_distance += team.total_distance;
+            }
         }
 
         if (!org.key) { this.registrationEnabled = false; }

src/models/responses/ResponseSelfServiceDonation.ts

@@ -2,6 +2,7 @@ import { IsInt, IsNotEmpty, IsPositive } from 'class-validator';
 import { DistanceDonation } from '../entities/DistanceDonation';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
+import { ResponseSelfServiceDonor } from './ResponseSelfServiceDonor';
 
 /**
  * Defines the runner selfservice donation response.
@@ -18,7 +19,7 @@ export class ResponseSelfServiceDonation implements IResponse {
      * The donation's donor.
      */
     @IsNotEmpty()
-    donor: string;
+    donor: ResponseSelfServiceDonor;
 
     /**
      * The donation's amount in the smalles unit of your currency (default: euro cent).
@@ -35,9 +36,7 @@ export class ResponseSelfServiceDonation implements IResponse {
     amountPerDistance: number;
 
     public constructor(donation: DistanceDonation) {
-        if (!donation.donor.middlename) { this.donor = donation.donor.firstname + " " + donation.donor.lastname; }
-        else { this.donor = donation.donor.firstname + " " + donation.donor.middlename + " " + donation.donor.lastname; }
-
+        this.donor = new ResponseSelfServiceDonor(donation.donor);
         this.amountPerDistance = donation.amountPerDistance;
         this.amount = donation.amount;
     }

src/models/responses/ResponseSelfServiceDonor.ts

@@ -0,0 +1,51 @@
+import { IsInt, IsString } from "class-validator";
+import { Donor } from '../entities/Donor';
+import { ResponseObjectType } from '../enums/ResponseObjectType';
+import { IResponse } from './IResponse';
+
+/**
+ * Defines the donor selfservice response.
+ * Why? B/C runner's are not allowed to view all information available to admin users.
+*/
+export class ResponseSelfServiceDonor implements IResponse {
+    /**
+    * The responseType.
+    * This contains the type of class/entity this response contains.
+    */
+    responseType: ResponseObjectType = ResponseObjectType.SELFSERVICEDONOR;
+
+    /**
+     * The participant's id.
+     */
+    @IsInt()
+    id: number;
+
+    /**
+     * The participant's first name.
+     */
+    @IsString()
+    firstname: string;
+
+    /**
+     * The participant's middle name.
+     */
+    @IsString()
+    middlename?: string;
+
+    /**
+     * The participant's last name.
+     */
+    @IsString()
+    lastname: string;
+
+    /**
+     * Creates a ResponseSelfServiceDonor object from a runner.
+     * @param donor The donor the response shall be build for.
+     */
+    public constructor(donor: Donor) {
+        this.id = donor.id;
+        this.firstname = donor.firstname;
+        this.middlename = donor.middlename;
+        this.lastname = donor.lastname;
+    }
+}

src/models/responses/ResponseSelfServiceRunner.ts

@@ -38,10 +38,10 @@ export class ResponseSelfServiceRunner extends ResponseParticipant implements IR
     group: string;
 
     /**
-     * The runner's associated donations.
+     * The runner's associated distance donations.
      */
     @IsString()
-    donations: ResponseSelfServiceDonation[]
+    distanceDonations: ResponseSelfServiceDonation[]
 
     /**
      * The runner's self-service jwt for auth.
@@ -60,7 +60,7 @@ export class ResponseSelfServiceRunner extends ResponseParticipant implements IR
         this.distance = runner.distance;
         this.donationAmount = runner.distanceDonationAmount;
         this.group = this.getTeamString(runner.group);
-        this.donations = this.getDonations(runner.distanceDonations);
+        this.distanceDonations = this.getDonations(runner.distanceDonations);
     }
 
     /**

src/models/responses/ResponseStats.ts

@@ -2,11 +2,6 @@ import {
     IsInt
 } from "class-validator";
 import { Donation } from '../entities/Donation';
-import { Runner } from '../entities/Runner';
-import { RunnerOrganization } from '../entities/RunnerOrganization';
-import { RunnerTeam } from '../entities/RunnerTeam';
-import { Scan } from '../entities/Scan';
-import { User } from '../entities/User';
 import { ResponseObjectType } from '../enums/ResponseObjectType';
 import { IResponse } from './IResponse';
 
@@ -63,12 +58,30 @@ export class ResponseStats implements IResponse {
     @IsInt()
     total_donation: number;
 
+    /**
+     * The total donation count (cent).
+     */
+    @IsInt()
+    total_donations: number;
+
+    /**
+     * The total donor count.
+     */
+    @IsInt()
+    total_donors: number;
+
     /**
      * The average distance ran per runner.
      */
     @IsInt()
     average_distance: number;
 
+    /**
+     * The average donation per distance (cent).
+     */
+    @IsInt()
+    average_donation: number;
+
     /**
      * Creates a new stats response containing some basic statistics for a dashboard or public display.
      * @param runners Array containing all runners - the following relations have to be resolved: scans, scans.track
@@ -78,14 +91,17 @@ export class ResponseStats implements IResponse {
      * @param scans Array containing all scans - no relations have to be resolved.
      * @param donations Array containing all donations - the following relations have to be resolved: runner, runner.scans, runner.scans.track
      */
-    public constructor(runners: Runner[], teams: RunnerTeam[], orgs: RunnerOrganization[], users: User[], scans: Scan[], donations: Donation[]) {
-        this.total_runners = runners.length;
-        this.total_teams = teams.length;
-        this.total_orgs = orgs.length;
-        this.total_users = users.length;
-        this.total_scans = scans.filter(scan => { scan.valid === true }).length;
-        this.total_distance = runners.reduce((sum, current) => sum + current.distance, 0);
+    public constructor(runners: number, teams: number, orgs: number, users: number, scans: number, donations: Donation[], distance: number, donors: number) {
+        this.total_runners = runners;
+        this.total_teams = teams;
+        this.total_orgs = orgs;
+        this.total_users = users;
+        this.total_scans = scans;
+        this.total_distance = distance;
         this.total_donation = donations.reduce((sum, current) => sum + current.amount, 0);
+        this.total_donations = donations.length;
+        this.average_donation = this.total_donation / this.total_donations
+        this.total_donors = donors;
         this.average_distance = this.total_distance / this.total_runners;
     }
 }

src/models/responses/ResponseStatsOrganization.ts

@@ -49,7 +49,15 @@ export class ResponseStatsOrgnisation implements IResponse {
     public constructor(org: RunnerOrganization) {
         this.name = org.name;
         this.id = org.id;
-        this.distance = org.distance;
-        this.donationAmount = org.distanceDonationAmount;
+        try {
+            this.distance = org.distance;
+        } catch {
+            this.distance = -1;
+        }
+        try {
+            this.donationAmount = org.distanceDonationAmount;
+        } catch {
+            this.donationAmount = -1;
+        }
     }
 }

src/models/responses/ResponseStatsRunner.ts

@@ -1,6 +1,7 @@
 import {
     IsInt,
     IsObject,
+    IsOptional,
     IsString
 } from "class-validator";
 import { Runner } from '../entities/Runner';
@@ -55,6 +56,13 @@ export class ResponseStatsRunner implements IResponse {
     @IsInt()
     donationAmount: number;
 
+    /**
+     * The runner's fastest laptime in seconds.
+     */
+    @IsInt()
+    @IsOptional()
+    minLaptime?: number;
+
     /**
      * The runner's group.
      */
@@ -65,13 +73,28 @@ export class ResponseStatsRunner implements IResponse {
      * Creates a new runner stats response from a runner
      * @param runner The runner whoes response shall be generated - the following relations have to be resolved: scans, group, distanceDonations, scans.track
      */
-    public constructor(runner: Runner) {
+    public constructor(runner: Runner, laptime?: number) {
         this.id = runner.id;
         this.firstname = runner.firstname;
-        this.middlename = runner.middlename;
+        if (runner.firstname) {
+            this.middlename = runner.middlename;
+        }
         this.lastname = runner.lastname;
-        this.distance = runner.distance;
-        this.donationAmount = runner.distanceDonationAmount;
+        try {
+            this.distance = runner.distance;
+        }
+        catch {
+            this.distance = -1;
+        }
+        try {
+            this.donationAmount = runner.distanceDonationAmount;
+        }
+        catch {
+            this.donationAmount = -1;
+        }
+        if (laptime) {
+            this.minLaptime = laptime;
+        }
         this.group = runner.group.toResponse();
     }
 }

src/models/responses/ResponseStatsTeam.ts

@@ -57,7 +57,15 @@ export class ResponseStatsTeam implements IResponse {
         this.name = team.name;
         this.id = team.id;
         this.parent = team.parentGroup.toResponse();
-        this.distance = team.distance;
-        this.donationAmount = team.distanceDonationAmount;
+        try {
+            this.distance = team.distance;
+        } catch {
+            this.distance = -1;
+        }
+        try {
+            this.donationAmount = team.distanceDonationAmount;
+        } catch {
+            this.donationAmount = -1;
+        }
     }
 }

src/seeds/SeedUsers.ts

@@ -1,22 +1,22 @@
+import * as argon2 from "argon2";
 import { Connection } from 'typeorm';
 import { Factory, Seeder } from 'typeorm-seeding';
+import * as uuid from 'uuid';
 import { CreatePermission } from '../models/actions/create/CreatePermission';
-import { CreateUser } from '../models/actions/create/CreateUser';
 import { CreateUserGroup } from '../models/actions/create/CreateUserGroup';
 import { Permission } from '../models/entities/Permission';
 import { User } from '../models/entities/User';
 import { UserGroup } from '../models/entities/UserGroup';
 import { PermissionAction } from '../models/enums/PermissionAction';
 import { PermissionTarget } from '../models/enums/PermissionTargets';
-
 /**
  * Seeds a admin group with a demo user into the database for initial setup and auto recovery.
- * We know that the nameing isn't perfectly fitting. Feel free to change it.
+ * We know that the naming isn't perfectly fitting. Feel free to change it.
  */
 export default class SeedUsers implements Seeder {
     public async run(factory: Factory, connection: Connection): Promise<any> {
         let adminGroup: UserGroup = await this.createAdminGroup(connection);
-        await this.createUser(connection, adminGroup.id);
+        await this.createUser(connection, adminGroup);
         await this.createPermissions(connection, adminGroup.id);
     }
 
@@ -27,15 +27,16 @@ export default class SeedUsers implements Seeder {
         return await connection.getRepository(UserGroup).save(await adminGroup.toEntity());
     }
 
-    public async createUser(connection: Connection, group: number) {
-        let initialUser = new CreateUser();
+    public async createUser(connection: Connection, group: UserGroup) {
+        let initialUser = new User();
         initialUser.firstname = "demo";
         initialUser.lastname = "demo";
         initialUser.username = "demo";
-        initialUser.password = "demo";
+        initialUser.uuid = uuid.v4();
+        initialUser.password = await argon2.hash("demo" + initialUser.uuid);
         initialUser.email = "demo@dev.lauf-fuer-kaya.de"
-        initialUser.groups = group;
-        return await connection.getRepository(User).save(await initialUser.toEntity());
+        initialUser.groups = [group];
+        return await connection.getRepository(User).save(initialUser);
     }
 
     public async createPermissions(connection: Connection, principal: number) {

src/tests/auth/auth_login.spec.ts

@@ -5,6 +5,7 @@ const base = "http://localhost:" + config.internal_port
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     axios_config = {
         validateStatus: undefined
     };

src/tests/auth/auth_logout.spec.ts

@@ -8,14 +8,15 @@ const axios_config = {
 };;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res_login = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_logout",
-        "middlename": "demo_logout",
-        "lastname": "demo_logout",
-        "username": "demo_logout",
-        "password": "demo_logout",
-        "email": "demo_logout@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_logoutASD123",
+        "middlename": "demo_logoutASD123",
+        "lastname": "demo_logoutASD123",
+        "username": "demo_logoutASD123",
+        "password": "demo_logoutASD123",
+        "email": "demo_logoutASD123@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
@@ -25,7 +26,7 @@ beforeAll(async () => {
 describe('POST /api/auth/logout valid', () => {
     let refresh_coookie;
     it('valid logout with token in cookie should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logout", password: "demo_logout" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logoutASD123", password: "demo_logoutASD123" });
         refresh_coookie = res_login.headers["set-cookie"];
         const res = await axios.post(base + '/api/auth/logout', null, {
             headers: { "Cookie": refresh_coookie },
@@ -34,7 +35,7 @@ describe('POST /api/auth/logout valid', () => {
         expect(res.status).toEqual(200);
     });
     it('valid logout with token in body should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logout", password: "demo_logout" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_logoutASD123", password: "demo_logoutASD123" });
         const res = await axios.post(base + '/api/auth/logout', { token: res_login.data["refresh_token"] }, axios_config);
         expect(res.status).toEqual(200);
     });

src/tests/auth/auth_refresh.spec.ts

@@ -8,14 +8,15 @@ const axios_config = {
 };;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res_login = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_refresh",
-        "middlename": "demo_refresh",
-        "lastname": "demo_refresh",
-        "username": "demo_refresh",
-        "password": "demo_refresh",
-        "email": "demo_refresh@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_refreshASD312",
+        "middlename": "demo_refreshASD312",
+        "lastname": "demo_refreshASD312",
+        "username": "demo_refreshASD312",
+        "password": "demo_refreshASD312",
+        "email": "demo_refreshASD312@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
@@ -24,7 +25,7 @@ beforeAll(async () => {
 
 describe('POST /api/auth/refresh valid', () => {
     it('valid refresh with token in cookie should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refresh", password: "demo_refresh" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refreshASD312", password: "demo_refreshASD312" });
         const res = await axios.post(base + '/api/auth/refresh', null, {
             headers: { "Cookie": res_login.headers["set-cookie"] },
             validateStatus: undefined
@@ -32,7 +33,7 @@ describe('POST /api/auth/refresh valid', () => {
         expect(res.status).toEqual(200);
     });
     it('valid refresh with token in body should return 200', async () => {
-        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refresh", password: "demo_refresh" });
+        const res_login = await axios.post(base + '/api/auth/login', { username: "demo_refreshASD312", password: "demo_refreshASD312" });
         const res = await axios.post(base + '/api/auth/refresh', { token: res_login.data["refresh_token"] }, axios_config);
         expect(res.status).toEqual(200);
     });

src/tests/auth/auth_reset.spec.ts

@@ -8,25 +8,26 @@ const axios_config = {
 };;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res_login = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_reset",
-        "middlename": "demo_reset",
-        "lastname": "demo_reset",
-        "username": "demo_reset",
-        "password": "demo_reset",
-        "email": "demo_reset1@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_resetASD312",
+        "middlename": "demo_resetASD312",
+        "lastname": "demo_resetASD312",
+        "username": "demo_resetASD312",
+        "password": "demo_resetASD312",
+        "email": "demo_resetASD3121@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
     });
     await axios.post(base + '/api/users', {
-        "firstname": "demo_reset2",
-        "middlename": "demo_reset2",
-        "lastname": "demo_reset2",
-        "username": "demo_reset2",
-        "password": "demo_reset2",
-        "email": "demo_reset2@dev.lauf-fuer-kaya.de"
+        "firstname": "demo_resetASD3122",
+        "middlename": "demo_resetASD3122",
+        "lastname": "demo_resetASD3122",
+        "username": "demo_resetASD3122",
+        "password": "demo_resetASD3122",
+        "email": "demo_resetASD3122@dev.lauf-fuer-kaya.de"
     }, {
         headers: { "authorization": "Bearer " + res_login.data["access_token"] },
         validateStatus: undefined
@@ -36,16 +37,16 @@ beforeAll(async () => {
 describe('POST /api/auth/reset valid', () => {
     let reset_token;
     it('valid reset token request should return 200 (500 w/o correct auth)', async () => {
-        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_reset1@dev.lauf-fuer-kaya.de" }, axios_config);
+        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_resetASD3121@dev.lauf-fuer-kaya.de" }, axios_config);
         reset_token = res1.data.resetToken;
-        expect(res1.status).toEqual(500);
+        expect(res1.status).toEqual(200);
     });
 });
 // ---------------
 describe('POST /api/auth/reset invalid requests', () => {
     it('request another password reset before the timeout should return 406', async () => {
-        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_reset2@dev.lauf-fuer-kaya.de" }, axios_config);
-        const res2 = await axios.post(base + '/api/auth/reset', { email: "demo_reset2@dev.lauf-fuer-kaya.de" }, axios_config);
+        const res1 = await axios.post(base + '/api/auth/reset', { email: "demo_resetASD3122@dev.lauf-fuer-kaya.de" }, axios_config);
+        const res2 = await axios.post(base + '/api/auth/reset', { email: "demo_resetASD3122@dev.lauf-fuer-kaya.de" }, axios_config);
         expect(res2.status).toEqual(406);
     });
 });

src/tests/cards/cards_add.spec.ts

@@ -1,151 +1,186 @@
-import axios from 'axios';
-import { config } from '../../config';
-const base = "http://localhost:" + config.internal_port
-
-let access_token;
-let axios_config;
-
-beforeAll(async () => {
-	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
-	access_token = res.data["access_token"];
-	axios_config = {
-		headers: { "authorization": "Bearer " + access_token },
-		validateStatus: undefined
-	};
-});
-
-
-describe('POST /api/cards illegally', () => {
-	it('non-existant runner input should return 404', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"runner": 999999999999999999999999
-		}, axios_config);
-		expect(res.status).toEqual(404);
-		expect(res.headers['content-type']).toContain("application/json")
-	});
-});
-// ---------------
-describe('POST /api/cards successfully (without runner)', () => {
-	it('creating a card with the minimum amount of parameters should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', null, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": null,
-			"enabled": true,
-			"responseType": "RUNNERCARD"
-		});
-	});
-	it('creating a disabled card should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"enabled": false
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": null,
-			"enabled": false,
-			"responseType": "RUNNERCARD"
-		});
-	});
-	it('creating a enabled card should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"enabled": true
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": null,
-			"enabled": true,
-			"responseType": "RUNNERCARD"
-		});
-	});
-});
-// ---------------
-describe('POST /api/cards successfully (with runner)', () => {
-	let added_org;
-	let added_runner;
-	it('creating a new org with just a name should return 200', async () => {
-		const res1 = await axios.post(base + '/api/organizations', {
-			"name": "test123"
-		}, axios_config);
-		added_org = res1.data
-		expect(res1.status).toEqual(200);
-		expect(res1.headers['content-type']).toContain("application/json")
-	});
-	it('creating a new runner with only needed params should return 200', async () => {
-		const res2 = await axios.post(base + '/api/runners', {
-			"firstname": "first",
-			"lastname": "last",
-			"group": added_org.id
-		}, axios_config);
-		delete res2.data.group;
-		added_runner = res2.data;
-		expect(res2.status).toEqual(200);
-		expect(res2.headers['content-type']).toContain("application/json")
-	});
-	it('creating a card with the minimum amount of parameters should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"runner": added_runner.id
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": added_runner,
-			"enabled": true,
-			"responseType": "RUNNERCARD"
-		});
-	});
-	it('creating a card with runner (no optional params) should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"runner": added_runner.id
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": added_runner,
-			"enabled": true,
-			"responseType": "RUNNERCARD"
-		});
-	});
-	it('creating a enabled card with runner should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"runner": added_runner.id,
-			"enabled": true
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": added_runner,
-			"enabled": true,
-			"responseType": "RUNNERCARD"
-		});
-	});
-	it('creating a disabled card with runner should return 200', async () => {
-		const res = await axios.post(base + '/api/cards', {
-			"runner": added_runner.id,
-			"enabled": false
-		}, axios_config);
-		expect(res.status).toEqual(200);
-		expect(res.headers['content-type']).toContain("application/json");
-		delete res.data.id;
-		delete res.data.code;
-		expect(res.data).toEqual({
-			"runner": added_runner,
-			"enabled": false,
-			"responseType": "RUNNERCARD"
-		});
-	});
+import axios from 'axios';
+import { config } from '../../config';
+const base = "http://localhost:" + config.internal_port
+
+let access_token;
+let axios_config;
+
+beforeAll(async () => {
+	jest.setTimeout(20000);
+	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
+	access_token = res.data["access_token"];
+	axios_config = {
+		headers: { "authorization": "Bearer " + access_token },
+		validateStatus: undefined
+	};
+});
+
+
+describe('POST /api/cards illegally', () => {
+	it('non-existant runner input should return 404', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"runner": 999999999999999999999999
+		}, axios_config);
+		expect(res.status).toEqual(404);
+		expect(res.headers['content-type']).toContain("application/json")
+	});
+});
+// ---------------
+describe('POST /api/cards successfully (without runner)', () => {
+	it('creating a card with the minimum amount of parameters should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', null, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": null,
+			"enabled": true,
+			"responseType": "RUNNERCARD"
+		});
+	});
+	it('creating a disabled card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"enabled": false
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": null,
+			"enabled": false,
+			"responseType": "RUNNERCARD"
+		});
+	});
+	it('creating a enabled card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"enabled": true
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": null,
+			"enabled": true,
+			"responseType": "RUNNERCARD"
+		});
+	});
+});
+// ---------------
+describe('POST /api/cards successfully (with runner)', () => {
+	let added_org;
+	let added_runner;
+	it('creating a new org with just a name should return 200', async () => {
+		const res1 = await axios.post(base + '/api/organizations', {
+			"name": "test123"
+		}, axios_config);
+		added_org = res1.data
+		expect(res1.status).toEqual(200);
+		expect(res1.headers['content-type']).toContain("application/json")
+	});
+	it('creating a new runner with only needed params should return 200', async () => {
+		const res2 = await axios.post(base + '/api/runners', {
+			"firstname": "first",
+			"lastname": "last",
+			"group": added_org.id
+		}, axios_config);
+		added_runner = res2.data;
+		expect(res2.status).toEqual(200);
+		expect(res2.headers['content-type']).toContain("application/json")
+	});
+	it('creating a card with the minimum amount of parameters should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"runner": added_runner.id
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": added_runner,
+			"enabled": true,
+			"responseType": "RUNNERCARD"
+		});
+	});
+	it('creating a card with runner (no optional params) should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"runner": added_runner.id
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": added_runner,
+			"enabled": true,
+			"responseType": "RUNNERCARD"
+		});
+	});
+	it('creating a enabled card with runner should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"runner": added_runner.id,
+			"enabled": true
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": added_runner,
+			"enabled": true,
+			"responseType": "RUNNERCARD"
+		});
+	});
+	it('creating a disabled card with runner should return 200', async () => {
+		const res = await axios.post(base + '/api/cards', {
+			"runner": added_runner.id,
+			"enabled": false
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		delete res.data.id;
+		delete res.data.code;
+		expect(res.data).toEqual({
+			"runner": added_runner,
+			"enabled": false,
+			"responseType": "RUNNERCARD"
+		});
+	});
+});
+// ---------------
+describe('POST /api/cards/bulk successfully', () => {
+	it('creating a single new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=1', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
+	it('creating a single new bulk card and letting the system return it should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=1&returnCards=true', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data[0].id).toBeDefined();
+	});
+	it('creating 50 new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=50', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
+	it('creating 50 new bulk cards and letting the system return it should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=50&returnCards=true', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data.length).toEqual(50);
+	});
+	it('creating 250 new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=250', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
+	it('creating 2000 new bulk card should return 200', async () => {
+		const res = await axios.post(base + '/api/cards/bulk?count=2000', {}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+	});
 });

src/tests/cards/cards_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/cards/cards_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/cards/cards_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {
@@ -63,7 +64,6 @@ describe('adding + updating card.runner successfully', () => {
 			"lastname": "last",
 			"group": added_org.id
 		}, axios_config);
-		delete res2.data.group;
 		added_runner = res2.data;
 		expect(res2.status).toEqual(200);
 		expect(res2.headers['content-type']).toContain("application/json")
@@ -74,7 +74,6 @@ describe('adding + updating card.runner successfully', () => {
 			"lastname": "last",
 			"group": added_org.id
 		}, axios_config);
-		delete res2.data.group;
 		added_runner2 = res2.data;
 		expect(res2.status).toEqual(200);
 		expect(res2.headers['content-type']).toContain("application/json")

src/tests/contacts/contact_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/contacts/contact_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/contacts/contact_get.spec.ts

@@ -5,6 +5,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/contacts/contact_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/create_mass_scans.ts

@@ -0,0 +1,19 @@
+import axios from 'axios';
+
+async function main() {
+    console.time("batches")
+    for (let i = 0; i < 100; i++) {
+        const batch = [];
+        for (let i = 0; i < 6; i++) {
+            batch.push(axios.post('http://localhost:4010/api/scans/trackscans', { card: 200000000001, station: 2 }, {
+                headers: {
+                    Authorization: 'Bearer 10F2E64.BB4F6CC5-2148-4CCF-88B5-0AA85D0508A9'
+                }
+            }))
+        }
+        await Promise.all(batch)
+        console.timeLog("batches", `Finished batch ${i}`)
+    }
+    console.timeEnd("batches")
+}
+main();

src/tests/donations/donations_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {
@@ -169,7 +170,7 @@ describe('POST /api/donations/fixed successfully', () => {
 		expect(res.status).toEqual(200);
 		expect(res.headers['content-type']).toContain("application/json")
 	});
-	it('creating a new fixed donation should return 200', async () => {
+	it('creating a new fixed donation with more params should return 200', async () => {
 		const res = await axios.post(base + '/api/donations/fixed', {
 			"donor": added_donor.id,
 			"amount": 1000
@@ -180,6 +181,25 @@ describe('POST /api/donations/fixed successfully', () => {
 		expect(res.data).toEqual({
 			"donor": added_donor,
 			"amount": 1000,
+			"paidAmount": 0,
+			"status": "OPEN",
+			"responseType": "DONATION"
+		});
+	});
+	it('creating a new fixed donation with all params should return 200', async () => {
+		const res = await axios.post(base + '/api/donations/fixed', {
+			"donor": added_donor.id,
+			"amount": 1000,
+			"paidAmount": 1000
+		}, axios_config);
+		delete res.data.id;
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data).toEqual({
+			"donor": added_donor,
+			"amount": 1000,
+			"paidAmount": 1000,
+			"status": "PAID",
 			"responseType": "DONATION"
 		});
 	});
@@ -218,7 +238,7 @@ describe('POST /api/donations/distance successfully', () => {
 		expect(res.status).toEqual(200);
 		expect(res.headers['content-type']).toContain("application/json")
 	});
-	it('creating a new fixed donation should return 200', async () => {
+	it('creating a new distance donation with most params should return 200', async () => {
 		const res = await axios.post(base + '/api/donations/distance', {
 			"runner": added_runner.id,
 			"amountPerDistance": 100,
@@ -232,6 +252,28 @@ describe('POST /api/donations/distance successfully', () => {
 			"amountPerDistance": 100,
 			"runner": added_runner,
 			"amount": 0,
+			"paidAmount": 0,
+			"status": "PAID",
+			"responseType": "DISTANCEDONATION"
+		})
+	});
+	it('creating a new distance donation with all params should return 200', async () => {
+		const res = await axios.post(base + '/api/donations/distance', {
+			"runner": added_runner.id,
+			"amountPerDistance": 100,
+			"donor": added_donor.id,
+			"paidAmount": 1000
+		}, axios_config);
+		delete res.data.id;
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data).toEqual({
+			"donor": added_donor,
+			"amountPerDistance": 100,
+			"runner": added_runner,
+			"amount": 0,
+			"paidAmount": 1000,
+			"status": "PAID",
 			"responseType": "DISTANCEDONATION"
 		})
 	});

src/tests/donations/donations_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/donations/donations_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {

src/tests/donations/donations_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+	jest.setTimeout(20000);
 	const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
 	access_token = res.data["access_token"];
 	axios_config = {
@@ -212,6 +213,17 @@ describe('adding + updating fixed donation valid', () => {
 		expect(res.headers['content-type']).toContain("application/json");
 		expect(res.data.amount).toEqual(42);
 	});
+	it('updating paidAmount should return 200', async () => {
+		const res = await axios.put(base + '/api/donations/fixed/' + added_donation.id, {
+			"id": added_donation.id,
+			"donor": added_donor.id,
+			"amount": 42,
+			"paidAmount": 10
+		}, axios_config);
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data.paidAmount).toEqual(10);
+	});
 	it('updating donor should return 200', async () => {
 		const res = await axios.put(base + '/api/donations/fixed/' + added_donation.id, {
 			"id": added_donation.id,
@@ -316,6 +328,19 @@ describe('adding + updating distance donation valid', () => {
 		expect(res.headers['content-type']).toContain("application/json");
 		expect(res.data.amountPerDistance).toEqual(69);
 	});
+	it('updating paidAmount should return 200', async () => {
+		const res = await axios.put(base + '/api/donations/distance/' + added_donation.id, {
+			"id": added_donation.id,
+			"runner": added_runner.id,
+			"amountPerDistance": 69,
+			"donor": added_donor.id,
+			"paidAmount": 10
+		}, axios_config);
+		delete res.data.donor.donationAmount;
+		expect(res.status).toEqual(200);
+		expect(res.headers['content-type']).toContain("application/json");
+		expect(res.data.paidAmount).toEqual(10);
+	});
 	it('updating runner should return 200', async () => {
 		const res = await axios.put(base + '/api/donations/distance/' + added_donation.id, {
 			"id": added_donation.id,

src/tests/donors/donor_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/donors/donor_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/donors/donor_get.spec.ts

@@ -5,6 +5,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/donors/donor_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerOrgs/org_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerOrgs/org_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {
@@ -15,12 +16,18 @@ beforeAll(async () => {
 });
 
 // ---------------
-describe('adding + deletion (non-existant)', () => {
+describe('deletion (non-existant)', () => {
     it('delete', async () => {
         const res2 = await axios.delete(base + '/api/organizations/0', axios_config);
         expect(res2.status).toEqual(204);
     });
 });
+describe('deletion of citizen sould fail', () => {
+    it('delete', async () => {
+        const res3 = await axios.delete(base + '/api/organizations/1', axios_config);
+        expect(res3.status).toEqual(400);
+    });
+});
 // ---------------
 describe('adding + deletion (successfull)', () => {
     let added_org_id

src/tests/runnerOrgs/org_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerOrgs/org_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerTeams/team_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerTeams/team_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerTeams/team_get.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runnerTeams/team_update.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runners/runner_add.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runners/runner_delete.spec.ts

@@ -6,6 +6,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {

src/tests/runners/runner_get.spec.ts

@@ -5,6 +5,7 @@ let access_token;
 let axios_config;
 
 beforeAll(async () => {
+    jest.setTimeout(20000);
     const res = await axios.post(base + '/api/auth/login', { username: "demo", password: "demo" });
     access_token = res.data["access_token"];
     axios_config = {