chore(release): publish new version

- @standardnotes/auth-server@1.127.2
 - @standardnotes/files-server@1.19.16
 - @standardnotes/home-server@1.13.22
 - @standardnotes/revisions-server@1.25.7
 - @standardnotes/syncing-server@1.73.1
 - @standardnotes/websockets-server@1.10.9

.github/workflows/common-e2e.yml

@@ -52,12 +52,28 @@ jobs:
     - name: Run E2E Test Suite
       run: yarn dlx mocha-headless-chrome --timeout 1200000 -f http://localhost:9001/mocha/test.html
 
+    - name: Show logs on failure
+      if: ${{ failure() }}
+      run: |
+        echo "# Errors:"
+        tail -n 100 logs/*.err
+        echo "# Logs:"
+        tail -n 100 logs/*.log
+
   e2e-home-server:
     name: (Home Server) E2E Test Suite
     strategy:
+      fail-fast: false
       matrix:
         db_type: [mysql, sqlite]
         cache_type: [redis, memory]
+        include:
+          - cache_type: redis
+            db_type: mysql
+            redis_port: 6380
+          - cache_type: redis
+            db_type: sqlite
+            redis_port: 6381
 
     runs-on: ubuntu-latest
 
@@ -69,14 +85,14 @@ jobs:
       cache:
         image: redis
         ports:
-          - 6379:6379
+          - ${{ matrix.redis_port }}:6379
       db:
         image: mysql
         ports:
-          - 3306:3306
+          - 3307:3306
         env:
           MYSQL_ROOT_PASSWORD: root
-          MYSQL_DATABASE: standardnotes
+          MYSQL_DATABASE: standardnotes_${{ matrix.cache_type }}
           MYSQL_USER: standardnotes
           MYSQL_PASSWORD: standardnotes
 
@@ -106,18 +122,22 @@ jobs:
         sed -i "s/PSEUDO_KEY_PARAMS_KEY=/PSEUDO_KEY_PARAMS_KEY=$(openssl rand -hex 32)/g" packages/home-server/.env
         sed -i "s/VALET_TOKEN_SECRET=/VALET_TOKEN_SECRET=$(openssl rand -hex 32)/g" packages/home-server/.env
         echo "ACCESS_TOKEN_AGE=4" >> packages/home-server/.env
-        echo "REFRESH_TOKEN_AGE=7" >> packages/home-server/.env
+        echo "REFRESH_TOKEN_AGE=10" >> packages/home-server/.env
         echo "REVISIONS_FREQUENCY=5" >> packages/home-server/.env
-        echo "DB_HOST=db" >> packages/home-server/.env
-        echo "DB_PORT=3306" >> packages/home-server/.env
+        echo "DB_HOST=localhost" >> packages/home-server/.env
+        echo "DB_PORT=3307" >> packages/home-server/.env
+        echo "DB_DATABASE=standardnotes_${{ matrix.cache_type }}" >> packages/home-server/.env
+        echo "DB_SQLITE_DATABASE_PATH=sqlite_${{ matrix.cache_type }}.db" >> packages/home-server/.env
         echo "DB_USERNAME=standardnotes" >> packages/home-server/.env
         echo "DB_PASSWORD=standardnotes" >> packages/home-server/.env
         echo "DB_TYPE=${{ matrix.db_type }}" >> packages/home-server/.env
-        echo "REDIS_URL=redis://cache" >> packages/home-server/.env
+        echo "REDIS_URL=redis://localhost:${{ matrix.redis_port }}" >> packages/home-server/.env
         echo "CACHE_TYPE=${{ matrix.cache_type }}" >> packages/home-server/.env
+        echo "FILES_SERVER_URL=http://localhost:3123" >> packages/home-server/.env
+        echo "E2E_TESTING=true" >> packages/home-server/.env
 
     - name: Run Server
-      run: nohup yarn workspace @standardnotes/home-server start &
+      run: nohup yarn workspace @standardnotes/home-server start > logs/output.log 2>&1 &
       env:
         PORT: 3123
 
@@ -125,4 +145,8 @@ jobs:
       run: for i in {1..30}; do curl -s http://localhost:3123/healthcheck && break || sleep 1; done
 
     - name: Run E2E Test Suite
-      run: yarn dlx mocha-headless-chrome --timeout 1200000 -f http://localhost:9001/mocha/test.html?skip_paid_features=true
+      run: yarn dlx mocha-headless-chrome --timeout 1200000 -f http://localhost:9001/mocha/test.html
+
+    - name: Show logs on failure
+      if: ${{ failure() }}
+      run: tail -n 500 logs/output.log

.pnp.cjs

@@ -4560,16 +4560,16 @@ const RAW_RUNTIME_STATE =
       }]\
     ]],\
     ["@standardnotes/api", [\
-      ["npm:1.26.25", {\
-        "packageLocation": "./.yarn/cache/@standardnotes-api-npm-1.26.25-fbb86eb9b7-68a820bd36.zip/node_modules/@standardnotes/api/",\
+      ["npm:1.26.26", {\
+        "packageLocation": "./.yarn/cache/@standardnotes-api-npm-1.26.26-4338a5fe92-db41aedfa3.zip/node_modules/@standardnotes/api/",\
         "packageDependencies": [\
-          ["@standardnotes/api", "npm:1.26.25"],\
+          ["@standardnotes/api", "npm:1.26.26"],\
           ["@standardnotes/common", "workspace:packages/common"],\
           ["@standardnotes/domain-core", "workspace:packages/domain-core"],\
-          ["@standardnotes/models", "npm:1.46.7"],\
-          ["@standardnotes/responses", "npm:1.13.26"],\
+          ["@standardnotes/models", "npm:1.46.8"],\
+          ["@standardnotes/responses", "npm:1.13.27"],\
           ["@standardnotes/security", "workspace:packages/security"],\
-          ["@standardnotes/utils", "npm:1.17.4"],\
+          ["@standardnotes/utils", "npm:1.17.5"],\
           ["reflect-metadata", "npm:0.1.13"]\
         ],\
         "linkType": "HARD"\
@@ -4634,17 +4634,17 @@ const RAW_RUNTIME_STATE =
           ["@newrelic/winston-enricher", "virtual:c66bf20e88479ada0172094776519a9f51acc4731d22079b60a295bcec7ea42d5545cbce58a77a50d932bf953298799135e99707486e343da6d99ba1d167bdbd#npm:4.0.1"],\
           ["@simplewebauthn/server", "npm:7.2.0"],\
           ["@simplewebauthn/typescript-types", "npm:7.0.0"],\
-          ["@standardnotes/api", "npm:1.26.25"],\
+          ["@standardnotes/api", "npm:1.26.26"],\
           ["@standardnotes/common", "workspace:packages/common"],\
           ["@standardnotes/domain-core", "workspace:packages/domain-core"],\
           ["@standardnotes/domain-events", "workspace:packages/domain-events"],\
           ["@standardnotes/domain-events-infra", "workspace:packages/domain-events-infra"],\
-          ["@standardnotes/features", "npm:1.59.5"],\
+          ["@standardnotes/features", "npm:1.59.7"],\
           ["@standardnotes/predicates", "workspace:packages/predicates"],\
-          ["@standardnotes/responses", "npm:1.13.24"],\
+          ["@standardnotes/responses", "npm:1.13.27"],\
           ["@standardnotes/security", "workspace:packages/security"],\
           ["@standardnotes/settings", "workspace:packages/settings"],\
-          ["@standardnotes/sncrypto-common", "npm:1.13.3"],\
+          ["@standardnotes/sncrypto-common", "npm:1.13.4"],\
           ["@standardnotes/sncrypto-node", "workspace:packages/sncrypto-node"],\
           ["@standardnotes/time", "workspace:packages/time"],\
           ["@types/bcryptjs", "npm:2.4.2"],\
@@ -4815,21 +4815,10 @@ const RAW_RUNTIME_STATE =
       }]\
     ]],\
     ["@standardnotes/features", [\
-      ["npm:1.59.5", {\
-        "packageLocation": "./.yarn/cache/@standardnotes-features-npm-1.59.5-83c83acde9-173b1f5d52.zip/node_modules/@standardnotes/features/",\
+      ["npm:1.59.7", {\
+        "packageLocation": "./.yarn/cache/@standardnotes-features-npm-1.59.7-27c3e5296e-1632d64cc1.zip/node_modules/@standardnotes/features/",\
         "packageDependencies": [\
-          ["@standardnotes/features", "npm:1.59.5"],\
-          ["@standardnotes/common", "workspace:packages/common"],\
-          ["@standardnotes/domain-core", "workspace:packages/domain-core"],\
-          ["@standardnotes/security", "workspace:packages/security"],\
-          ["reflect-metadata", "npm:0.1.13"]\
-        ],\
-        "linkType": "HARD"\
-      }],\
-      ["npm:1.59.6", {\
-        "packageLocation": "./.yarn/cache/@standardnotes-features-npm-1.59.6-2bcea0cc35-2c855396f7.zip/node_modules/@standardnotes/features/",\
-        "packageDependencies": [\
-          ["@standardnotes/features", "npm:1.59.6"],\
+          ["@standardnotes/features", "npm:1.59.7"],\
           ["@standardnotes/common", "workspace:packages/common"],\
           ["@standardnotes/domain-core", "workspace:packages/domain-core"],\
           ["@standardnotes/security", "workspace:packages/security"],\
@@ -4850,7 +4839,7 @@ const RAW_RUNTIME_STATE =
           ["@standardnotes/domain-events", "workspace:packages/domain-events"],\
           ["@standardnotes/domain-events-infra", "workspace:packages/domain-events-infra"],\
           ["@standardnotes/security", "workspace:packages/security"],\
-          ["@standardnotes/sncrypto-common", "npm:1.13.3"],\
+          ["@standardnotes/sncrypto-common", "npm:1.13.4"],\
           ["@standardnotes/sncrypto-node", "workspace:packages/sncrypto-node"],\
           ["@standardnotes/time", "workspace:packages/time"],\
           ["@types/connect-busboy", "npm:1.0.0"],\
@@ -4930,15 +4919,16 @@ const RAW_RUNTIME_STATE =
       }]\
     ]],\
     ["@standardnotes/models", [\
-      ["npm:1.46.7", {\
-        "packageLocation": "./.yarn/cache/@standardnotes-models-npm-1.46.7-ef9a3fc3ad-50589454f1.zip/node_modules/@standardnotes/models/",\
+      ["npm:1.46.8", {\
+        "packageLocation": "./.yarn/cache/@standardnotes-models-npm-1.46.8-bc0390832e-8404340f27.zip/node_modules/@standardnotes/models/",\
         "packageDependencies": [\
-          ["@standardnotes/models", "npm:1.46.7"],\
+          ["@standardnotes/models", "npm:1.46.8"],\
           ["@standardnotes/common", "workspace:packages/common"],\
-          ["@standardnotes/features", "npm:1.59.6"],\
-          ["@standardnotes/responses", "npm:1.13.26"],\
+          ["@standardnotes/domain-core", "workspace:packages/domain-core"],\
+          ["@standardnotes/features", "npm:1.59.7"],\
+          ["@standardnotes/responses", "npm:1.13.27"],\
           ["@standardnotes/sncrypto-common", "npm:1.13.4"],\
-          ["@standardnotes/utils", "npm:1.17.4"],\
+          ["@standardnotes/utils", "npm:1.17.5"],\
           ["lodash", "npm:4.17.21"]\
         ],\
         "linkType": "HARD"\
@@ -4963,23 +4953,12 @@ const RAW_RUNTIME_STATE =
       }]\
     ]],\
     ["@standardnotes/responses", [\
-      ["npm:1.13.24", {\
-        "packageLocation": "./.yarn/cache/@standardnotes-responses-npm-1.13.24-3b4167c7ea-3bcfee90f0.zip/node_modules/@standardnotes/responses/",\
+      ["npm:1.13.27", {\
+        "packageLocation": "./.yarn/cache/@standardnotes-responses-npm-1.13.27-829dec3e6e-9bf55e5f02.zip/node_modules/@standardnotes/responses/",\
         "packageDependencies": [\
-          ["@standardnotes/responses", "npm:1.13.24"],\
+          ["@standardnotes/responses", "npm:1.13.27"],\
           ["@standardnotes/common", "workspace:packages/common"],\
-          ["@standardnotes/features", "npm:1.59.5"],\
-          ["@standardnotes/security", "workspace:packages/security"],\
-          ["reflect-metadata", "npm:0.1.13"]\
-        ],\
-        "linkType": "HARD"\
-      }],\
-      ["npm:1.13.26", {\
-        "packageLocation": "./.yarn/cache/@standardnotes-responses-npm-1.13.26-cd12940788-6c5e3bf896.zip/node_modules/@standardnotes/responses/",\
-        "packageDependencies": [\
-          ["@standardnotes/responses", "npm:1.13.26"],\
-          ["@standardnotes/common", "workspace:packages/common"],\
-          ["@standardnotes/features", "npm:1.59.6"],\
+          ["@standardnotes/features", "npm:1.59.7"],\
           ["@standardnotes/security", "workspace:packages/security"],\
           ["reflect-metadata", "npm:0.1.13"]\
         ],\
@@ -4994,12 +4973,12 @@ const RAW_RUNTIME_STATE =
           ["@aws-sdk/client-s3", "npm:3.342.0"],\
           ["@aws-sdk/client-sqs", "npm:3.342.0"],\
           ["@newrelic/winston-enricher", "virtual:c66bf20e88479ada0172094776519a9f51acc4731d22079b60a295bcec7ea42d5545cbce58a77a50d932bf953298799135e99707486e343da6d99ba1d167bdbd#npm:4.0.1"],\
-          ["@standardnotes/api", "npm:1.26.25"],\
+          ["@standardnotes/api", "npm:1.26.26"],\
           ["@standardnotes/common", "workspace:packages/common"],\
           ["@standardnotes/domain-core", "workspace:packages/domain-core"],\
           ["@standardnotes/domain-events", "workspace:packages/domain-events"],\
           ["@standardnotes/domain-events-infra", "workspace:packages/domain-events-infra"],\
-          ["@standardnotes/responses", "npm:1.13.24"],\
+          ["@standardnotes/responses", "npm:1.13.27"],\
           ["@standardnotes/security", "workspace:packages/security"],\
           ["@standardnotes/time", "workspace:packages/time"],\
           ["@types/cors", "npm:2.8.13"],\
@@ -5136,14 +5115,6 @@ const RAW_RUNTIME_STATE =
       }]\
     ]],\
     ["@standardnotes/sncrypto-common", [\
-      ["npm:1.13.3", {\
-        "packageLocation": "./.yarn/cache/@standardnotes-sncrypto-common-npm-1.13.3-97ef3850ce-a73af90962.zip/node_modules/@standardnotes/sncrypto-common/",\
-        "packageDependencies": [\
-          ["@standardnotes/sncrypto-common", "npm:1.13.3"],\
-          ["reflect-metadata", "npm:0.1.13"]\
-        ],\
-        "linkType": "HARD"\
-      }],\
       ["npm:1.13.4", {\
         "packageLocation": "./.yarn/cache/@standardnotes-sncrypto-common-npm-1.13.4-3186513fa6-48e0e207f2.zip/node_modules/@standardnotes/sncrypto-common/",\
         "packageDependencies": [\
@@ -5158,7 +5129,7 @@ const RAW_RUNTIME_STATE =
         "packageLocation": "./packages/sncrypto-node/",\
         "packageDependencies": [\
           ["@standardnotes/sncrypto-node", "workspace:packages/sncrypto-node"],\
-          ["@standardnotes/sncrypto-common", "npm:1.13.3"],\
+          ["@standardnotes/sncrypto-common", "npm:1.13.4"],\
           ["@types/jest", "npm:29.5.2"],\
           ["@types/node", "npm:20.2.5"],\
           ["@typescript-eslint/eslint-plugin", "virtual:fd909b174d079e30b336c4ce72c38a88c1e447767b1a8dd7655e07719a1e31b97807f0931368724fc78897ff15e6a6d00b83316c0f76d11f85111f342e08bb79#npm:5.59.8"],\
@@ -5186,12 +5157,12 @@ const RAW_RUNTIME_STATE =
           ["@aws-sdk/client-sns", "npm:3.342.0"],\
           ["@aws-sdk/client-sqs", "npm:3.342.0"],\
           ["@newrelic/winston-enricher", "virtual:c66bf20e88479ada0172094776519a9f51acc4731d22079b60a295bcec7ea42d5545cbce58a77a50d932bf953298799135e99707486e343da6d99ba1d167bdbd#npm:4.0.1"],\
-          ["@standardnotes/api", "npm:1.26.25"],\
+          ["@standardnotes/api", "npm:1.26.26"],\
           ["@standardnotes/common", "workspace:packages/common"],\
           ["@standardnotes/domain-core", "workspace:packages/domain-core"],\
           ["@standardnotes/domain-events", "workspace:packages/domain-events"],\
           ["@standardnotes/domain-events-infra", "workspace:packages/domain-events-infra"],\
-          ["@standardnotes/responses", "npm:1.13.24"],\
+          ["@standardnotes/responses", "npm:1.13.27"],\
           ["@standardnotes/security", "workspace:packages/security"],\
           ["@standardnotes/settings", "workspace:packages/settings"],\
           ["@standardnotes/sncrypto-node", "workspace:packages/sncrypto-node"],\
@@ -5262,21 +5233,10 @@ const RAW_RUNTIME_STATE =
       }]\
     ]],\
     ["@standardnotes/utils", [\
-      ["npm:1.16.5", {\
-        "packageLocation": "./.yarn/cache/@standardnotes-utils-npm-1.16.5-47f537f49f-d5caa7181f.zip/node_modules/@standardnotes/utils/",\
+      ["npm:1.17.5", {\
+        "packageLocation": "./.yarn/cache/@standardnotes-utils-npm-1.17.5-210b60222d-47e8520174.zip/node_modules/@standardnotes/utils/",\
         "packageDependencies": [\
-          ["@standardnotes/utils", "npm:1.16.5"],\
-          ["@standardnotes/common", "workspace:packages/common"],\
-          ["dompurify", "npm:2.4.5"],\
-          ["lodash", "npm:4.17.21"],\
-          ["reflect-metadata", "npm:0.1.13"]\
-        ],\
-        "linkType": "HARD"\
-      }],\
-      ["npm:1.17.4", {\
-        "packageLocation": "./.yarn/cache/@standardnotes-utils-npm-1.17.4-e5908cc204-7cb3fc838d.zip/node_modules/@standardnotes/utils/",\
-        "packageDependencies": [\
-          ["@standardnotes/utils", "npm:1.17.4"],\
+          ["@standardnotes/utils", "npm:1.17.5"],\
           ["@standardnotes/common", "workspace:packages/common"],\
           ["dompurify", "npm:2.4.5"],\
           ["lodash", "npm:4.17.21"],\
@@ -5292,14 +5252,14 @@ const RAW_RUNTIME_STATE =
           ["@standardnotes/websockets-server", "workspace:packages/websockets"],\
           ["@aws-sdk/client-sqs", "npm:3.342.0"],\
           ["@newrelic/winston-enricher", "virtual:c66bf20e88479ada0172094776519a9f51acc4731d22079b60a295bcec7ea42d5545cbce58a77a50d932bf953298799135e99707486e343da6d99ba1d167bdbd#npm:4.0.1"],\
-          ["@standardnotes/api", "npm:1.26.25"],\
+          ["@standardnotes/api", "npm:1.26.26"],\
           ["@standardnotes/common", "workspace:packages/common"],\
           ["@standardnotes/domain-core", "workspace:packages/domain-core"],\
           ["@standardnotes/domain-events", "workspace:packages/domain-events"],\
           ["@standardnotes/domain-events-infra", "workspace:packages/domain-events-infra"],\
-          ["@standardnotes/responses", "npm:1.13.24"],\
+          ["@standardnotes/responses", "npm:1.13.27"],\
           ["@standardnotes/security", "workspace:packages/security"],\
-          ["@standardnotes/utils", "npm:1.16.5"],\
+          ["@standardnotes/utils", "npm:1.17.5"],\
           ["@types/cors", "npm:2.8.13"],\
           ["@types/express", "npm:4.17.17"],\
           ["@types/ioredis", "npm:5.0.0"],\

docker-compose.example.yml

@@ -3,6 +3,7 @@ services:
     image: standardnotes/server
     env_file: .env
     container_name: server_self_hosted
+    restart: unless-stopped
     ports:
       - 3000:3000
       - 3125:3104

package.json

@@ -12,12 +12,14 @@
   },
   "scripts": {
     "lint": "yarn workspaces foreach -p -j 10 --verbose run lint",
+    "lint:fix": "yarn workspaces foreach -p -j 10 --verbose run lint:fix",
     "clean": "yarn workspaces foreach -p --verbose run clean",
     "setup:env": "cp .env.sample .env && yarn workspaces foreach -p --verbose run setup:env",
     "release": "lerna version --conventional-graduate --conventional-commits --yes -m \"chore(release): publish new version\"",
     "publish": "lerna publish from-git --yes --no-verify-access --loglevel verbose",
     "postversion": "./scripts/push-tags-one-by-one.sh",
-    "upgrade:snjs": "yarn workspaces foreach --verbose run upgrade:snjs"
+    "upgrade:snjs": "yarn workspaces foreach --verbose run upgrade:snjs",
+    "e2e": "yarn build packages/home-server && PORT=3123 yarn workspace @standardnotes/home-server start"
   },
   "devDependencies": {
     "@commitlint/cli": "^17.0.2",

packages/analytics/CHANGELOG.md

@@ -3,6 +3,36 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [2.25.6](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.25.5...@standardnotes/analytics@2.25.6) (2023-07-27)
+
+**Note:** Version bump only for package @standardnotes/analytics
+
+## [2.25.5](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.25.4...@standardnotes/analytics@2.25.5) (2023-07-26)
+
+**Note:** Version bump only for package @standardnotes/analytics
+
+## [2.25.4](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.25.3...@standardnotes/analytics@2.25.4) (2023-07-26)
+
+**Note:** Version bump only for package @standardnotes/analytics
+
+## [2.25.3](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.25.2...@standardnotes/analytics@2.25.3) (2023-07-21)
+
+**Note:** Version bump only for package @standardnotes/analytics
+
+## [2.25.2](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.25.1...@standardnotes/analytics@2.25.2) (2023-07-21)
+
+**Note:** Version bump only for package @standardnotes/analytics
+
+## [2.25.1](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.25.0...@standardnotes/analytics@2.25.1) (2023-07-19)
+
+**Note:** Version bump only for package @standardnotes/analytics
+
+# [2.25.0](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.24.9...@standardnotes/analytics@2.25.0) (2023-07-17)
+
+### Features
+
+* **syncing-server:** refactor syncing to decouple getting and saving items ([#659](https://github.com/standardnotes/server/issues/659)) ([cb74b23](https://github.com/standardnotes/server/commit/cb74b23e45b207136e299ce8a3db2c04dc87e21e))
+
 ## [2.24.9](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.24.8...@standardnotes/analytics@2.24.9) (2023-07-12)
 
 **Note:** Version bump only for package @standardnotes/analytics

packages/analytics/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@standardnotes/analytics",
-  "version": "2.24.9",
+  "version": "2.25.6",
   "engines": {
     "node": ">=18.0.0 <21.0.0"
   },

packages/analytics/src/Domain/Statistics/StatisticMeasure.ts

@@ -3,10 +3,6 @@ import { Result, Entity, UniqueEntityId } from '@standardnotes/domain-core'
 import { StatisticMeasureProps } from './StatisticMeasureProps'
 
 export class StatisticMeasure extends Entity<StatisticMeasureProps> {
-  get id(): UniqueEntityId {
-    return this._id
-  }
-
   get name(): string {
     return this.props.name.value
   }

packages/analytics/src/Domain/Subscription/Subscription.ts

@@ -3,10 +3,6 @@ import { Entity, Result, UniqueEntityId } from '@standardnotes/domain-core'
 import { SubscriptionProps } from './SubscriptionProps'
 
 export class Subscription extends Entity<SubscriptionProps> {
-  get id(): UniqueEntityId {
-    return this._id
-  }
-
   private constructor(props: SubscriptionProps, id?: UniqueEntityId) {
     super(props, id)
   }

packages/analytics/src/Domain/User/User.ts

@@ -3,10 +3,6 @@ import { Entity, Result, UniqueEntityId } from '@standardnotes/domain-core'
 import { UserProps } from './UserProps'
 
 export class User extends Entity<UserProps> {
-  get id(): UniqueEntityId {
-    return this._id
-  }
-
   private constructor(props: UserProps, id?: UniqueEntityId) {
     super(props, id)
   }

packages/api-gateway/CHANGELOG.md

@@ -3,6 +3,66 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.69.1](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.69.0...@standardnotes/api-gateway@1.69.1) (2023-07-31)
+
+### Bug Fixes
+
+* **api-gateway:** remove duplicating req/res objects on return raw response from payments ([79d71ca](https://github.com/standardnotes/api-gateway/commit/79d71ca161cc18135fcd1a83b021662e189b3ddb))
+
+# [1.69.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.68.1...@standardnotes/api-gateway@1.69.0) (2023-07-31)
+
+### Features
+
+* refactor deleting account ([#676](https://github.com/standardnotes/api-gateway/issues/676)) ([0d5dcdd](https://github.com/standardnotes/api-gateway/commit/0d5dcdd8ec2336e41e7604c4157f79a89163ed29))
+
+## [1.68.1](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.68.0...@standardnotes/api-gateway@1.68.1) (2023-07-27)
+
+**Note:** Version bump only for package @standardnotes/api-gateway
+
+# [1.68.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.67.4...@standardnotes/api-gateway@1.68.0) (2023-07-27)
+
+### Features
+
+* **syncing-server:** add deleting outbound messages ([e8ba49e](https://github.com/standardnotes/api-gateway/commit/e8ba49ecca38ab10c0ea0e1f4cf4db9fb17366db))
+
+## [1.67.4](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.67.3...@standardnotes/api-gateway@1.67.4) (2023-07-26)
+
+**Note:** Version bump only for package @standardnotes/api-gateway
+
+## [1.67.3](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.67.2...@standardnotes/api-gateway@1.67.3) (2023-07-26)
+
+**Note:** Version bump only for package @standardnotes/api-gateway
+
+## [1.67.2](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.67.1...@standardnotes/api-gateway@1.67.2) (2023-07-21)
+
+**Note:** Version bump only for package @standardnotes/api-gateway
+
+## [1.67.1](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.67.0...@standardnotes/api-gateway@1.67.1) (2023-07-21)
+
+**Note:** Version bump only for package @standardnotes/api-gateway
+
+# [1.67.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.66.1...@standardnotes/api-gateway@1.67.0) (2023-07-20)
+
+### Features
+
+* **syncing-server:** add shared vaults, invites, messages and notifications to sync response ([#665](https://github.com/standardnotes/api-gateway/issues/665)) ([efa4d7f](https://github.com/standardnotes/api-gateway/commit/efa4d7fc6007ef668e3de3b04853ac11b2d13c30))
+
+## [1.66.1](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.66.0...@standardnotes/api-gateway@1.66.1) (2023-07-19)
+
+### Bug Fixes
+
+* add missing imports and exports for controllers ([#664](https://github.com/standardnotes/api-gateway/issues/664)) ([aee6e60](https://github.com/standardnotes/api-gateway/commit/aee6e6058359e2b5231cc13387656f837699300f))
+
+# [1.66.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.65.7...@standardnotes/api-gateway@1.66.0) (2023-07-19)
+
+### Features
+
+* **syncing-server:** add persistence of shared vaults with users and invites + controllers ([#662](https://github.com/standardnotes/api-gateway/issues/662)) ([3f21a35](https://github.com/standardnotes/api-gateway/commit/3f21a358d24d70daf541aa62dc86cd9e29500e62))
+
+## [1.65.7](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.65.6...@standardnotes/api-gateway@1.65.7) (2023-07-17)
+
+**Note:** Version bump only for package @standardnotes/api-gateway
+
 ## [1.65.6](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.65.5...@standardnotes/api-gateway@1.65.6) (2023-07-12)
 
 **Note:** Version bump only for package @standardnotes/api-gateway

packages/api-gateway/bin/server.ts

@@ -16,8 +16,10 @@ import '../src/Controller/v1/OfflineController'
 import '../src/Controller/v1/FilesController'
 import '../src/Controller/v1/SubscriptionInvitesController'
 import '../src/Controller/v1/AuthenticatorsController'
-import '../src/Controller/v1/AsymmetricMessagesController'
+import '../src/Controller/v1/MessagesController'
 import '../src/Controller/v1/SharedVaultsController'
+import '../src/Controller/v1/SharedVaultInvitesController'
+import '../src/Controller/v1/SharedVaultUsersController'
 
 import '../src/Controller/v2/PaymentsControllerV2'
 import '../src/Controller/v2/ActionsControllerV2'
@@ -44,7 +46,7 @@ void container.load().then((container) => {
 
   server.setConfig((app) => {
     app.use((_request: Request, response: Response, next: NextFunction) => {
-      response.setHeader('X-API-Gateway-Version', container.get(TYPES.VERSION))
+      response.setHeader('X-API-Gateway-Version', container.get(TYPES.ApiGateway_VERSION))
       next()
     })
     app.use(
@@ -85,7 +87,7 @@ void container.load().then((container) => {
     )
   })
 
-  const logger: winston.Logger = container.get(TYPES.Logger)
+  const logger: winston.Logger = container.get(TYPES.ApiGateway_Logger)
 
   server.setErrorConfig((app) => {
     app.use((error: Record<string, unknown>, _request: Request, response: Response, _next: NextFunction) => {

packages/api-gateway/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@standardnotes/api-gateway",
-  "version": "1.65.6",
+  "version": "1.69.1",
   "engines": {
     "node": ">=18.0.0 <21.0.0"
   },
@@ -21,6 +21,7 @@
     "clean": "rm -fr dist",
     "build": "tsc --build",
     "lint": "eslint . --ext .ts",
+    "lint:fix": "eslint . --fix --ext .ts",
     "setup:env": "cp .env.sample .env",
     "start": "yarn node dist/bin/server.js",
     "upgrade:snjs": "yarn ncu -u '@standardnotes/*'"

packages/api-gateway/src/Bootstrap/Container.ts

@@ -57,7 +57,7 @@ export class ContainerConfigLoader {
         defaultMeta: { service: 'api-gateway' },
       })
     }
-    container.bind<winston.Logger>(TYPES.Logger).toConstantValue(logger)
+    container.bind<winston.Logger>(TYPES.ApiGateway_Logger).toConstantValue(logger)
 
     if (!isConfiguredForInMemoryCache) {
       const redisUrl = env.get('REDIS_URL')
@@ -68,36 +68,39 @@ export class ContainerConfigLoader {
       } else {
         redis = new Redis(redisUrl)
       }
-      container.bind(TYPES.Redis).toConstantValue(redis)
+      container.bind(TYPES.ApiGateway_Redis).toConstantValue(redis)
     }
 
-    container.bind<AxiosInstance>(TYPES.HTTPClient).toConstantValue(axios.create())
+    container.bind<AxiosInstance>(TYPES.ApiGateway_HTTPClient).toConstantValue(axios.create())
 
     // env vars
-    container.bind(TYPES.SYNCING_SERVER_JS_URL).toConstantValue(env.get('SYNCING_SERVER_JS_URL', true))
-    container.bind(TYPES.AUTH_SERVER_URL).toConstantValue(env.get('AUTH_SERVER_URL', true))
-    container.bind(TYPES.REVISIONS_SERVER_URL).toConstantValue(env.get('REVISIONS_SERVER_URL', true))
-    container.bind(TYPES.EMAIL_SERVER_URL).toConstantValue(env.get('EMAIL_SERVER_URL', true))
-    container.bind(TYPES.PAYMENTS_SERVER_URL).toConstantValue(env.get('PAYMENTS_SERVER_URL', true))
-    container.bind(TYPES.FILES_SERVER_URL).toConstantValue(env.get('FILES_SERVER_URL', true))
-    container.bind(TYPES.WEB_SOCKET_SERVER_URL).toConstantValue(env.get('WEB_SOCKET_SERVER_URL', true))
-    container.bind(TYPES.AUTH_JWT_SECRET).toConstantValue(env.get('AUTH_JWT_SECRET'))
+    container.bind(TYPES.ApiGateway_SYNCING_SERVER_JS_URL).toConstantValue(env.get('SYNCING_SERVER_JS_URL', true))
+    container.bind(TYPES.ApiGateway_AUTH_SERVER_URL).toConstantValue(env.get('AUTH_SERVER_URL', true))
+    container.bind(TYPES.ApiGateway_REVISIONS_SERVER_URL).toConstantValue(env.get('REVISIONS_SERVER_URL', true))
+    container.bind(TYPES.ApiGateway_EMAIL_SERVER_URL).toConstantValue(env.get('EMAIL_SERVER_URL', true))
+    container.bind(TYPES.ApiGateway_PAYMENTS_SERVER_URL).toConstantValue(env.get('PAYMENTS_SERVER_URL', true))
+    container.bind(TYPES.ApiGateway_FILES_SERVER_URL).toConstantValue(env.get('FILES_SERVER_URL', true))
+    container.bind(TYPES.ApiGateway_WEB_SOCKET_SERVER_URL).toConstantValue(env.get('WEB_SOCKET_SERVER_URL', true))
+    container.bind(TYPES.ApiGateway_AUTH_JWT_SECRET).toConstantValue(env.get('AUTH_JWT_SECRET'))
     container
-      .bind(TYPES.HTTP_CALL_TIMEOUT)
+      .bind(TYPES.ApiGateway_HTTP_CALL_TIMEOUT)
       .toConstantValue(env.get('HTTP_CALL_TIMEOUT', true) ? +env.get('HTTP_CALL_TIMEOUT', true) : 60_000)
-    container.bind(TYPES.VERSION).toConstantValue(env.get('VERSION', true) ?? 'development')
-    container.bind(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL).toConstantValue(+env.get('CROSS_SERVICE_TOKEN_CACHE_TTL', true))
+    container.bind(TYPES.ApiGateway_VERSION).toConstantValue(env.get('VERSION', true) ?? 'development')
+    container
+      .bind(TYPES.ApiGateway_CROSS_SERVICE_TOKEN_CACHE_TTL)
+      .toConstantValue(+env.get('CROSS_SERVICE_TOKEN_CACHE_TTL', true))
+    container.bind(TYPES.ApiGateway_IS_CONFIGURED_FOR_HOME_SERVER).toConstantValue(isConfiguredForHomeServer)
 
     // Middleware
     container
-      .bind<RequiredCrossServiceTokenMiddleware>(TYPES.RequiredCrossServiceTokenMiddleware)
+      .bind<RequiredCrossServiceTokenMiddleware>(TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
       .to(RequiredCrossServiceTokenMiddleware)
     container
-      .bind<OptionalCrossServiceTokenMiddleware>(TYPES.OptionalCrossServiceTokenMiddleware)
+      .bind<OptionalCrossServiceTokenMiddleware>(TYPES.ApiGateway_OptionalCrossServiceTokenMiddleware)
       .to(OptionalCrossServiceTokenMiddleware)
-    container.bind<WebSocketAuthMiddleware>(TYPES.WebSocketAuthMiddleware).to(WebSocketAuthMiddleware)
+    container.bind<WebSocketAuthMiddleware>(TYPES.ApiGateway_WebSocketAuthMiddleware).to(WebSocketAuthMiddleware)
     container
-      .bind<SubscriptionTokenAuthMiddleware>(TYPES.SubscriptionTokenAuthMiddleware)
+      .bind<SubscriptionTokenAuthMiddleware>(TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
       .to(SubscriptionTokenAuthMiddleware)
 
     // Services
@@ -106,24 +109,26 @@ export class ContainerConfigLoader {
         throw new Error('Service container is required when configured for home server')
       }
       container
-        .bind<ServiceProxyInterface>(TYPES.ServiceProxy)
+        .bind<ServiceProxyInterface>(TYPES.ApiGateway_ServiceProxy)
         .toConstantValue(
-          new DirectCallServiceProxy(configuration.serviceContainer, container.get(TYPES.FILES_SERVER_URL)),
+          new DirectCallServiceProxy(configuration.serviceContainer, container.get(TYPES.ApiGateway_FILES_SERVER_URL)),
         )
     } else {
-      container.bind<ServiceProxyInterface>(TYPES.ServiceProxy).to(HttpServiceProxy)
+      container.bind<ServiceProxyInterface>(TYPES.ApiGateway_ServiceProxy).to(HttpServiceProxy)
     }
-    container.bind<TimerInterface>(TYPES.Timer).toConstantValue(new Timer())
+    container.bind<TimerInterface>(TYPES.ApiGateway_Timer).toConstantValue(new Timer())
 
     if (isConfiguredForHomeServer) {
       container
-        .bind<CrossServiceTokenCacheInterface>(TYPES.CrossServiceTokenCache)
-        .toConstantValue(new InMemoryCrossServiceTokenCache(container.get(TYPES.Timer)))
+        .bind<CrossServiceTokenCacheInterface>(TYPES.ApiGateway_CrossServiceTokenCache)
+        .toConstantValue(new InMemoryCrossServiceTokenCache(container.get(TYPES.ApiGateway_Timer)))
     } else {
-      container.bind<CrossServiceTokenCacheInterface>(TYPES.CrossServiceTokenCache).to(RedisCrossServiceTokenCache)
+      container
+        .bind<CrossServiceTokenCacheInterface>(TYPES.ApiGateway_CrossServiceTokenCache)
+        .to(RedisCrossServiceTokenCache)
     }
     container
-      .bind<EndpointResolverInterface>(TYPES.EndpointResolver)
+      .bind<EndpointResolverInterface>(TYPES.ApiGateway_EndpointResolver)
       .toConstantValue(new EndpointResolver(isConfiguredForHomeServer))
 
     logger.debug('Configuration complete')

packages/api-gateway/src/Bootstrap/Types.ts

@@ -1,29 +1,28 @@
 export const TYPES = {
-  Logger: Symbol.for('Logger'),
-  Redis: Symbol.for('Redis'),
-  HTTPClient: Symbol.for('HTTPClient'),
+  ApiGateway_Logger: Symbol.for('ApiGateway_Logger'),
+  ApiGateway_Redis: Symbol.for('ApiGateway_Redis'),
+  ApiGateway_HTTPClient: Symbol.for('ApiGateway_HTTPClient'),
   // env vars
-  SYNCING_SERVER_JS_URL: Symbol.for('SYNCING_SERVER_JS_URL'),
-  AUTH_SERVER_URL: Symbol.for('AUTH_SERVER_URL'),
-  PAYMENTS_SERVER_URL: Symbol.for('PAYMENTS_SERVER_URL'),
-  FILES_SERVER_URL: Symbol.for('FILES_SERVER_URL'),
-  REVISIONS_SERVER_URL: Symbol.for('REVISIONS_SERVER_URL'),
-  EMAIL_SERVER_URL: Symbol.for('EMAIL_SERVER_URL'),
-  WEB_SOCKET_SERVER_URL: Symbol.for('WEB_SOCKET_SERVER_URL'),
-  AUTH_JWT_SECRET: Symbol.for('AUTH_JWT_SECRET'),
-  HTTP_CALL_TIMEOUT: Symbol.for('HTTP_CALL_TIMEOUT'),
-  VERSION: Symbol.for('VERSION'),
-  CROSS_SERVICE_TOKEN_CACHE_TTL: Symbol.for('CROSS_SERVICE_TOKEN_CACHE_TTL'),
+  ApiGateway_SYNCING_SERVER_JS_URL: Symbol.for('ApiGateway_SYNCING_SERVER_JS_URL'),
+  ApiGateway_AUTH_SERVER_URL: Symbol.for('ApiGateway_AUTH_SERVER_URL'),
+  ApiGateway_PAYMENTS_SERVER_URL: Symbol.for('ApiGateway_PAYMENTS_SERVER_URL'),
+  ApiGateway_FILES_SERVER_URL: Symbol.for('ApiGateway_FILES_SERVER_URL'),
+  ApiGateway_REVISIONS_SERVER_URL: Symbol.for('ApiGateway_REVISIONS_SERVER_URL'),
+  ApiGateway_EMAIL_SERVER_URL: Symbol.for('ApiGateway_EMAIL_SERVER_URL'),
+  ApiGateway_WEB_SOCKET_SERVER_URL: Symbol.for('ApiGateway_WEB_SOCKET_SERVER_URL'),
+  ApiGateway_AUTH_JWT_SECRET: Symbol.for('ApiGateway_AUTH_JWT_SECRET'),
+  ApiGateway_HTTP_CALL_TIMEOUT: Symbol.for('ApiGateway_HTTP_CALL_TIMEOUT'),
+  ApiGateway_VERSION: Symbol.for('ApiGateway_VERSION'),
+  ApiGateway_CROSS_SERVICE_TOKEN_CACHE_TTL: Symbol.for('ApiGateway_CROSS_SERVICE_TOKEN_CACHE_TTL'),
+  ApiGateway_IS_CONFIGURED_FOR_HOME_SERVER: Symbol.for('ApiGateway_IS_CONFIGURED_FOR_HOME_SERVER'),
   // Middleware
-  RequiredCrossServiceTokenMiddleware: Symbol.for('RequiredCrossServiceTokenMiddleware'),
-  OptionalCrossServiceTokenMiddleware: Symbol.for('OptionalCrossServiceTokenMiddleware'),
-  WebSocketAuthMiddleware: Symbol.for('WebSocketAuthMiddleware'),
-  SubscriptionTokenAuthMiddleware: Symbol.for('SubscriptionTokenAuthMiddleware'),
+  ApiGateway_RequiredCrossServiceTokenMiddleware: Symbol.for('ApiGateway_RequiredCrossServiceTokenMiddleware'),
+  ApiGateway_OptionalCrossServiceTokenMiddleware: Symbol.for('ApiGateway_OptionalCrossServiceTokenMiddleware'),
+  ApiGateway_WebSocketAuthMiddleware: Symbol.for('ApiGateway_WebSocketAuthMiddleware'),
+  ApiGateway_SubscriptionTokenAuthMiddleware: Symbol.for('ApiGateway_SubscriptionTokenAuthMiddleware'),
   // Services
-  ServiceProxy: Symbol.for('ServiceProxy'),
-  CrossServiceTokenCache: Symbol.for('CrossServiceTokenCache'),
-  Timer: Symbol.for('Timer'),
-  EndpointResolver: Symbol.for('EndpointResolver'),
+  ApiGateway_ServiceProxy: Symbol.for('ApiGateway_ServiceProxy'),
+  ApiGateway_CrossServiceTokenCache: Symbol.for('ApiGateway_CrossServiceTokenCache'),
+  ApiGateway_Timer: Symbol.for('ApiGateway_Timer'),
+  ApiGateway_EndpointResolver: Symbol.for('ApiGateway_EndpointResolver'),
 }
-
-// export default TYPES

packages/api-gateway/src/Controller/LegacyController.ts

@@ -9,7 +9,7 @@ export class LegacyController extends BaseHttpController {
   private AUTH_ROUTES: Map<string, string>
   private PARAMETRIZED_AUTH_ROUTES: Map<string, string>
 
-  constructor(@inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface) {
+  constructor(@inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface) {
     super()
 
     this.AUTH_ROUTES = new Map([
@@ -29,17 +29,17 @@ export class LegacyController extends BaseHttpController {
     ])
   }
 
-  @httpPost('/items/sync', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPost('/items/sync', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async legacyItemsSync(request: Request, response: Response): Promise<void> {
     await this.httpService.callLegacySyncingServer(request, response, request.path.substring(1), request.body)
   }
 
-  @httpGet('/items/:item_id/revisions', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/items/:item_id/revisions', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async legacyGetRevisions(request: Request, response: Response): Promise<void> {
     await this.httpService.callLegacySyncingServer(request, response, request.path.substring(1), request.body)
   }
 
-  @httpGet('/items/:item_id/revisions/:id', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/items/:item_id/revisions/:id', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async legacyGetRevision(request: Request, response: Response): Promise<void> {
     await this.httpService.callLegacySyncingServer(request, response, request.path.substring(1), request.body)
   }

packages/api-gateway/src/Controller/OptionalCrossServiceTokenMiddleware.ts

@@ -11,12 +11,12 @@ import { AuthMiddleware } from './AuthMiddleware'
 @injectable()
 export class OptionalCrossServiceTokenMiddleware extends AuthMiddleware {
   constructor(
-    @inject(TYPES.ServiceProxy) serviceProxy: ServiceProxyInterface,
-    @inject(TYPES.AUTH_JWT_SECRET) jwtSecret: string,
-    @inject(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL) crossServiceTokenCacheTTL: number,
-    @inject(TYPES.CrossServiceTokenCache) crossServiceTokenCache: CrossServiceTokenCacheInterface,
-    @inject(TYPES.Timer) timer: TimerInterface,
-    @inject(TYPES.Logger) logger: Logger,
+    @inject(TYPES.ApiGateway_ServiceProxy) serviceProxy: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_AUTH_JWT_SECRET) jwtSecret: string,
+    @inject(TYPES.ApiGateway_CROSS_SERVICE_TOKEN_CACHE_TTL) crossServiceTokenCacheTTL: number,
+    @inject(TYPES.ApiGateway_CrossServiceTokenCache) crossServiceTokenCache: CrossServiceTokenCacheInterface,
+    @inject(TYPES.ApiGateway_Timer) timer: TimerInterface,
+    @inject(TYPES.ApiGateway_Logger) logger: Logger,
   ) {
     super(serviceProxy, jwtSecret, crossServiceTokenCacheTTL, crossServiceTokenCache, timer, logger)
   }

packages/api-gateway/src/Controller/RequiredCrossServiceTokenMiddleware.ts

@@ -11,12 +11,12 @@ import { AuthMiddleware } from './AuthMiddleware'
 @injectable()
 export class RequiredCrossServiceTokenMiddleware extends AuthMiddleware {
   constructor(
-    @inject(TYPES.ServiceProxy) serviceProxy: ServiceProxyInterface,
-    @inject(TYPES.AUTH_JWT_SECRET) jwtSecret: string,
-    @inject(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL) crossServiceTokenCacheTTL: number,
-    @inject(TYPES.CrossServiceTokenCache) crossServiceTokenCache: CrossServiceTokenCacheInterface,
-    @inject(TYPES.Timer) timer: TimerInterface,
-    @inject(TYPES.Logger) logger: Logger,
+    @inject(TYPES.ApiGateway_ServiceProxy) serviceProxy: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_AUTH_JWT_SECRET) jwtSecret: string,
+    @inject(TYPES.ApiGateway_CROSS_SERVICE_TOKEN_CACHE_TTL) crossServiceTokenCacheTTL: number,
+    @inject(TYPES.ApiGateway_CrossServiceTokenCache) crossServiceTokenCache: CrossServiceTokenCacheInterface,
+    @inject(TYPES.ApiGateway_Timer) timer: TimerInterface,
+    @inject(TYPES.ApiGateway_Logger) logger: Logger,
   ) {
     super(serviceProxy, jwtSecret, crossServiceTokenCacheTTL, crossServiceTokenCache, timer, logger)
   }

packages/api-gateway/src/Controller/SubscriptionTokenAuthMiddleware.ts

@@ -11,10 +11,10 @@ import { TokenAuthenticationMethod } from './TokenAuthenticationMethod'
 @injectable()
 export class SubscriptionTokenAuthMiddleware extends BaseMiddleware {
   constructor(
-    @inject(TYPES.HTTPClient) private httpClient: AxiosInstance,
-    @inject(TYPES.AUTH_SERVER_URL) private authServerUrl: string,
-    @inject(TYPES.AUTH_JWT_SECRET) private jwtSecret: string,
-    @inject(TYPES.Logger) private logger: Logger,
+    @inject(TYPES.ApiGateway_HTTPClient) private httpClient: AxiosInstance,
+    @inject(TYPES.ApiGateway_AUTH_SERVER_URL) private authServerUrl: string,
+    @inject(TYPES.ApiGateway_AUTH_JWT_SECRET) private jwtSecret: string,
+    @inject(TYPES.ApiGateway_Logger) private logger: Logger,
   ) {
     super()
   }

packages/api-gateway/src/Controller/WebSocketAuthMiddleware.ts

@@ -12,10 +12,10 @@ import { TYPES } from '../Bootstrap/Types'
 @injectable()
 export class WebSocketAuthMiddleware extends BaseMiddleware {
   constructor(
-    @inject(TYPES.HTTPClient) private httpClient: AxiosInstance,
-    @inject(TYPES.AUTH_SERVER_URL) private authServerUrl: string,
-    @inject(TYPES.AUTH_JWT_SECRET) private jwtSecret: string,
-    @inject(TYPES.Logger) private logger: Logger,
+    @inject(TYPES.ApiGateway_HTTPClient) private httpClient: AxiosInstance,
+    @inject(TYPES.ApiGateway_AUTH_SERVER_URL) private authServerUrl: string,
+    @inject(TYPES.ApiGateway_AUTH_JWT_SECRET) private jwtSecret: string,
+    @inject(TYPES.ApiGateway_Logger) private logger: Logger,
   ) {
     super()
   }

packages/api-gateway/src/Controller/index.ts

@@ -4,7 +4,7 @@ export * from './SubscriptionTokenAuthMiddleware'
 export * from './TokenAuthenticationMethod'
 export * from './WebSocketAuthMiddleware'
 export * from './v1/ActionsController'
-export * from './v1/AsymmetricMessagesController'
+export * from './v1/MessagesController'
 export * from './v1/AuthenticatorsController'
 export * from './v1/FilesController'
 export * from './v1/InvoicesController'
@@ -13,6 +13,8 @@ export * from './v1/OfflineController'
 export * from './v1/PaymentsController'
 export * from './v1/RevisionsController'
 export * from './v1/SessionsController'
+export * from './v1/SharedVaultInvitesController'
+export * from './v1/SharedVaultUsersController'
 export * from './v1/SharedVaultsController'
 export * from './v1/SubscriptionInvitesController'
 export * from './v1/TokensController'

packages/api-gateway/src/Controller/v1/ActionsController.ts

@@ -8,8 +8,8 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
 @controller('/v1')
 export class ActionsController extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private serviceProxy: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_ServiceProxy) private serviceProxy: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
   ) {
     super()
   }
@@ -24,7 +24,7 @@ export class ActionsController extends BaseHttpController {
     )
   }
 
-  @httpGet('/login-params', TYPES.OptionalCrossServiceTokenMiddleware)
+  @httpGet('/login-params', TYPES.ApiGateway_OptionalCrossServiceTokenMiddleware)
   async loginParams(request: Request, response: Response): Promise<void> {
     await this.serviceProxy.callAuthServer(
       request,
@@ -34,7 +34,7 @@ export class ActionsController extends BaseHttpController {
     )
   }
 
-  @httpPost('/logout', TYPES.OptionalCrossServiceTokenMiddleware)
+  @httpPost('/logout', TYPES.ApiGateway_OptionalCrossServiceTokenMiddleware)
   async logout(request: Request, response: Response): Promise<void> {
     await this.serviceProxy.callAuthServer(
       request,
@@ -54,7 +54,7 @@ export class ActionsController extends BaseHttpController {
     )
   }
 
-  @httpPost('/recovery/codes', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPost('/recovery/codes', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async recoveryCodes(request: Request, response: Response): Promise<void> {
     await this.serviceProxy.callAuthServer(
       request,

packages/api-gateway/src/Controller/v1/AsymmetricMessagesController.ts

@@ -1,17 +0,0 @@
-import { Request, Response } from 'express'
-import { inject } from 'inversify'
-import { BaseHttpController, controller, all } from 'inversify-express-utils'
-import { TYPES } from '../../Bootstrap/Types'
-import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
-
-@controller('/v1/asymmetric-messages')
-export class AsymmetricMessagesController extends BaseHttpController {
-  constructor(@inject(TYPES.ServiceProxy) private serviceProxy: ServiceProxyInterface) {
-    super()
-  }
-
-  @all('*', TYPES.RequiredCrossServiceTokenMiddleware)
-  async subscriptions(request: Request, response: Response): Promise<void> {
-    await this.serviceProxy.callSyncingServer(request, response, request.path.replace('/v1/', ''), request.body)
-  }
-}

packages/api-gateway/src/Controller/v1/AuthenticatorsController.ts

@@ -9,13 +9,13 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
 @controller('/v1/authenticators')
 export class AuthenticatorsController extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
   ) {
     super()
   }
 
-  @httpDelete('/:authenticatorId', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpDelete('/:authenticatorId', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async delete(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -29,7 +29,7 @@ export class AuthenticatorsController extends BaseHttpController {
     )
   }
 
-  @httpGet('/', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async list(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -39,7 +39,7 @@ export class AuthenticatorsController extends BaseHttpController {
     )
   }
 
-  @httpGet('/generate-registration-options', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/generate-registration-options', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async generateRegistrationOptions(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -59,7 +59,7 @@ export class AuthenticatorsController extends BaseHttpController {
     )
   }
 
-  @httpPost('/verify-registration', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPost('/verify-registration', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async verifyRegistration(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,

packages/api-gateway/src/Controller/v1/FilesController.ts

@@ -9,13 +9,13 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
 @controller('/v1/files')
 export class FilesController extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
   ) {
     super()
   }
 
-  @httpPost('/valet-tokens', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPost('/valet-tokens', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async createToken(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,

packages/api-gateway/src/Controller/v1/InvoicesController.ts

@@ -6,11 +6,11 @@ import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
 
 @controller('/v1')
 export class InvoicesController extends BaseHttpController {
-  constructor(@inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface) {
+  constructor(@inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface) {
     super()
   }
 
-  @httpPost('/invoices/send-latest', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpPost('/invoices/send-latest', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async sendLatestInvoice(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(request, response, 'api/pro_users/send-invoice', request.body)
   }

packages/api-gateway/src/Controller/v1/ItemsController.ts

@@ -5,11 +5,11 @@ import { TYPES } from '../../Bootstrap/Types'
 import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
 import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolverInterface'
 
-@controller('/v1/items', TYPES.RequiredCrossServiceTokenMiddleware)
+@controller('/v1/items', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
 export class ItemsController extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private serviceProxy: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_ServiceProxy) private serviceProxy: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
   ) {
     super()
   }

packages/api-gateway/src/Controller/v1/MessagesController.ts

@@ -0,0 +1,70 @@
+import { Request, Response } from 'express'
+import { inject } from 'inversify'
+import { BaseHttpController, controller, httpDelete, httpGet, httpPost } from 'inversify-express-utils'
+import { TYPES } from '../../Bootstrap/Types'
+import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
+import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolverInterface'
+
+@controller('/v1/messages', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
+export class MessagesController extends BaseHttpController {
+  constructor(
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
+  ) {
+    super()
+  }
+
+  @httpGet('/')
+  async getMessages(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('GET', 'messages/'),
+      request.body,
+    )
+  }
+
+  @httpGet('/outbound')
+  async getMessagesSent(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('GET', 'messages/outbound'),
+      request.body,
+    )
+  }
+
+  @httpPost('/')
+  async sendMessage(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('POST', 'messages/'),
+      request.body,
+    )
+  }
+
+  @httpDelete('/inbound')
+  async deleteMessagesSentToUser(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('DELETE', 'messages/inbound'),
+      request.body,
+    )
+  }
+
+  @httpDelete('/:messageUuid')
+  async deleteMessage(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'DELETE',
+        'messages/:messageUuid',
+        request.params.messageUuid,
+      ),
+      request.body,
+    )
+  }
+}

packages/api-gateway/src/Controller/v1/OfflineController.ts

@@ -9,8 +9,8 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
 @controller('/v1/offline')
 export class OfflineController extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
   ) {
     super()
   }

packages/api-gateway/src/Controller/v1/PaymentsController.ts

@@ -6,7 +6,7 @@ import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
 
 @controller('/v1')
 export class PaymentsController extends BaseHttpController {
-  constructor(@inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface) {
+  constructor(@inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface) {
     super()
   }
 
@@ -40,12 +40,12 @@ export class PaymentsController extends BaseHttpController {
     await this.httpService.callPaymentsServer(request, response, 'api/extensions', request.body)
   }
 
-  @httpPost('/subscriptions/tiered', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpPost('/subscriptions/tiered', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async createTieredSubscription(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(request, response, 'api/subscriptions/tiered', request.body)
   }
 
-  @httpPost('/subscriptions/apple_iap_confirm', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpPost('/subscriptions/apple_iap_confirm', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async appleIAPConfirm(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(request, response, 'api/subscriptions/apple_iap_confirm', request.body)
   }
@@ -140,7 +140,7 @@ export class PaymentsController extends BaseHttpController {
     )
   }
 
-  @httpPost('/payments/stripe-setup-intent', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpPost('/payments/stripe-setup-intent', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async createStripeSetupIntent(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(request, response, 'api/pro_users/stripe-setup-intent', request.body)
   }

packages/api-gateway/src/Controller/v1/RevisionsController.ts

@@ -1,7 +1,7 @@
 import { BaseHttpController, controller, httpDelete, httpGet, results } from 'inversify-express-utils'
 import { TYPES } from '../../Bootstrap/Types'
 
-@controller('/v1/items/:item_id/revisions', TYPES.RequiredCrossServiceTokenMiddleware)
+@controller('/v1/items/:item_id/revisions', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
 export class RevisionsController extends BaseHttpController {
   @httpGet('/')
   async getRevisions(): Promise<results.JsonResult> {

packages/api-gateway/src/Controller/v1/SessionsController.ts

@@ -8,13 +8,13 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
 @controller('/v1/sessions')
 export class SessionsController extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
   ) {
     super()
   }
 
-  @httpGet('/', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async getSessions(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -23,7 +23,7 @@ export class SessionsController extends BaseHttpController {
     )
   }
 
-  @httpDelete('/:uuid', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpDelete('/:uuid', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async deleteSession(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -35,7 +35,7 @@ export class SessionsController extends BaseHttpController {
     )
   }
 
-  @httpDelete('/', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpDelete('/', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async deleteSessions(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,

packages/api-gateway/src/Controller/v1/SharedVaultInvitesController.ts

@@ -0,0 +1,158 @@
+import { Request, Response } from 'express'
+import { inject } from 'inversify'
+import { BaseHttpController, controller, httpDelete, httpGet, httpPatch, httpPost } from 'inversify-express-utils'
+import { TYPES } from '../../Bootstrap/Types'
+import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
+import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolverInterface'
+
+@controller('/v1/shared-vaults', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
+export class SharedVaultInvitesController extends BaseHttpController {
+  constructor(
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
+  ) {
+    super()
+  }
+
+  @httpPost('/:sharedVaultUuid/invites')
+  async createSharedVaultInvite(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'POST',
+        'shared-vaults/:sharedVaultUuid/invites',
+        request.params.sharedVaultUuid,
+      ),
+      request.body,
+    )
+  }
+
+  @httpPatch('/:sharedVaultUuid/invites/:inviteUuid')
+  async updateSharedVaultInvite(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'PATCH',
+        'shared-vaults/:sharedVaultUuid/invites/:inviteUuid',
+        request.params.sharedVaultUuid,
+        request.params.inviteUuid,
+      ),
+      request.body,
+    )
+  }
+
+  @httpPost('/:sharedVaultUuid/invites/:inviteUuid/accept')
+  async acceptSharedVaultInvite(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'POST',
+        'shared-vaults/:sharedVaultUuid/invites/:inviteUuid/accept',
+        request.params.sharedVaultUuid,
+        request.params.inviteUuid,
+      ),
+      request.body,
+    )
+  }
+
+  @httpPost('/:sharedVaultUuid/invites/:inviteUuid/decline')
+  async declineSharedVaultInvite(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'POST',
+        'shared-vaults/:sharedVaultUuid/invites/:inviteUuid/decline',
+        request.params.sharedVaultUuid,
+        request.params.inviteUuid,
+      ),
+      request.body,
+    )
+  }
+
+  @httpDelete('/invites/inbound')
+  async deleteInboundUserInvites(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('DELETE', 'shared-vaults/invites/inbound'),
+      request.body,
+    )
+  }
+
+  @httpDelete('/invites/outbound')
+  async deleteOutboundUserInvites(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('DELETE', 'shared-vaults/invites/outbound'),
+      request.body,
+    )
+  }
+
+  @httpGet('/invites/outbound')
+  async getOutboundUserInvites(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('GET', 'shared-vaults/invites/outbound'),
+      request.body,
+    )
+  }
+
+  @httpGet('/invites')
+  async getUserInvites(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('GET', 'shared-vaults/invites'),
+      request.body,
+    )
+  }
+
+  @httpGet('/:sharedVaultUuid/invites')
+  async getSharedVaultInvites(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'GET',
+        'shared-vaults/:sharedVaultUuid/invites',
+        request.params.sharedVaultUuid,
+      ),
+      request.body,
+    )
+  }
+
+  @httpDelete('/:sharedVaultUuid/invites/:inviteUuid')
+  async deleteSharedVaultInvite(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'DELETE',
+        'shared-vaults/:sharedVaultUuid/invites/:inviteUuid',
+        request.params.sharedVaultUuid,
+        request.params.inviteUuid,
+      ),
+      request.body,
+    )
+  }
+
+  @httpDelete('/:sharedVaultUuid/invites')
+  async deleteAllSharedVaultInvites(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'DELETE',
+        'shared-vaults/:sharedVaultUuid/invites',
+        request.params.sharedVaultUuid,
+      ),
+      request.body,
+    )
+  }
+}

packages/api-gateway/src/Controller/v1/SharedVaultUsersController.ts

@@ -0,0 +1,45 @@
+import { Request, Response } from 'express'
+import { inject } from 'inversify'
+import { BaseHttpController, controller, httpDelete, httpGet } from 'inversify-express-utils'
+import { TYPES } from '../../Bootstrap/Types'
+import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
+import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolverInterface'
+
+@controller('/v1/shared-vaults/:sharedVaultUuid/users', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
+export class SharedVaultUsersController extends BaseHttpController {
+  constructor(
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
+  ) {
+    super()
+  }
+
+  @httpGet('/')
+  async getSharedVaultUsers(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'GET',
+        'shared-vaults/:sharedVaultUuid/users',
+        request.params.sharedVaultUuid,
+      ),
+      request.body,
+    )
+  }
+
+  @httpDelete('/:userUuid')
+  async removeUserFromSharedVault(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'DELETE',
+        'shared-vaults/:sharedVaultUuid/users/:userUuid',
+        request.params.sharedVaultUuid,
+        request.params.userUuid,
+      ),
+      request.body,
+    )
+  }
+}

packages/api-gateway/src/Controller/v1/SharedVaultsController.ts

@@ -1,17 +1,64 @@
 import { Request, Response } from 'express'
 import { inject } from 'inversify'
-import { BaseHttpController, controller, all } from 'inversify-express-utils'
+import { BaseHttpController, controller, httpDelete, httpGet, httpPost } from 'inversify-express-utils'
 import { TYPES } from '../../Bootstrap/Types'
 import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
+import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolverInterface'
 
-@controller('/v1/shared-vaults')
+@controller('/v1/shared-vaults', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
 export class SharedVaultsController extends BaseHttpController {
-  constructor(@inject(TYPES.ServiceProxy) private serviceProxy: ServiceProxyInterface) {
+  constructor(
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
+  ) {
     super()
   }
 
-  @all('*', TYPES.RequiredCrossServiceTokenMiddleware)
-  async subscriptions(request: Request, response: Response): Promise<void> {
-    await this.serviceProxy.callSyncingServer(request, response, request.path.replace('/v1/', ''), request.body)
+  @httpGet('/')
+  async getSharedVaults(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('GET', 'shared-vaults/'),
+      request.body,
+    )
+  }
+
+  @httpPost('/')
+  async createSharedVault(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('POST', 'shared-vaults/'),
+      request.body,
+    )
+  }
+
+  @httpDelete('/:sharedVaultUuid')
+  async deleteSharedVault(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'DELETE',
+        'shared-vaults/:sharedVaultUuid',
+        request.params.sharedVaultUuid,
+      ),
+      request.body,
+    )
+  }
+
+  @httpPost('/:sharedVaultUuid/valet-tokens')
+  async createValetTokenForSharedVaultFile(request: Request, response: Response): Promise<void> {
+    await this.httpService.callSyncingServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier(
+        'POST',
+        'shared-vaults/:sharedVaultUuid/valet-tokens',
+        request.params.sharedVaultUuid,
+      ),
+      request.body,
+    )
   }
 }

packages/api-gateway/src/Controller/v1/SubscriptionInvitesController.ts

@@ -9,13 +9,13 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
 @controller('/v1/subscription-invites')
 export class SubscriptionInvitesController extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
   ) {
     super()
   }
 
-  @httpPost('/', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPost('/', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async inviteToSubscriptionSharing(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -25,7 +25,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
     )
   }
 
-  @httpGet('/', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async listInvites(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -35,7 +35,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
     )
   }
 
-  @httpDelete('/:inviteUuid', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpDelete('/:inviteUuid', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async cancelSubscriptionSharing(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -48,7 +48,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
     )
   }
 
-  @httpPost('/:inviteUuid/accept', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPost('/:inviteUuid/accept', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async acceptInvite(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,

packages/api-gateway/src/Controller/v1/TokensController.ts

@@ -9,13 +9,13 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
 @controller('/v1/subscription-tokens')
 export class TokensController extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
   ) {
     super()
   }
 
-  @httpPost('/', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPost('/', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async createToken(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,

packages/api-gateway/src/Controller/v1/UsersController.ts

@@ -20,9 +20,10 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
 @controller('/v1/users')
 export class UsersController extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
-    @inject(TYPES.Logger) private logger: Logger,
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_Logger) private logger: Logger,
+    @inject(TYPES.ApiGateway_IS_CONFIGURED_FOR_HOME_SERVER) private isConfiguredForHomeServer: boolean,
   ) {
     super()
   }
@@ -32,12 +33,12 @@ export class UsersController extends BaseHttpController {
     await this.httpService.callPaymentsServer(request, response, 'api/pro_users/claim-account', request.body)
   }
 
-  @httpPost('/send-activation-code', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpPost('/send-activation-code', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async sendActivationCode(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(request, response, 'api/pro_users/send-activation-code', request.body)
   }
 
-  @httpPatch('/:userId', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPatch('/:userId', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async updateUser(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -47,7 +48,7 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpPut('/:userUuid/password', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPut('/:userUuid/password', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async changePassword(request: Request, response: Response): Promise<void> {
     this.logger.debug(
       '[DEPRECATED] use endpoint /v1/users/:userUuid/attributes/credentials instead of /v1/users/:userUuid/password',
@@ -65,7 +66,7 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpPut('/:userUuid/attributes/credentials', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPut('/:userUuid/attributes/credentials', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async changeCredentials(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -79,7 +80,7 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpGet('/:userId/params', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/:userId/params', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async getKeyParams(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -88,12 +89,12 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @all('/:userId/mfa', TYPES.RequiredCrossServiceTokenMiddleware)
+  @all('/:userId/mfa', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async blockMFA(): Promise<results.StatusCodeResult> {
     return this.statusCode(401)
   }
 
-  @httpPost('/:userUuid/integrations/listed', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPost('/:userUuid/integrations/listed', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async createListedAccount(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -113,7 +114,7 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpGet('/:userUuid/settings', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/:userUuid/settings', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async listSettings(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -126,7 +127,7 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpPut('/:userUuid/settings', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPut('/:userUuid/settings', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async putSetting(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -140,7 +141,7 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpGet('/:userUuid/settings/:settingName', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/:userUuid/settings/:settingName', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async getSetting(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -154,7 +155,7 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpDelete('/:userUuid/settings/:settingName', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpDelete('/:userUuid/settings/:settingName', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async deleteSetting(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -169,7 +170,10 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpGet('/:userUuid/subscription-settings/:subscriptionSettingName', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet(
+    '/:userUuid/subscription-settings/:subscriptionSettingName',
+    TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware,
+  )
   async getSubscriptionSetting(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -183,7 +187,7 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpGet('/:userUuid/features', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/:userUuid/features', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async getFeatures(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -196,7 +200,7 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpGet('/:userUuid/subscription', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpGet('/:userUuid/subscription', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async getSubscription(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,
@@ -209,7 +213,7 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpGet('/subscription', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpGet('/subscription', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async getSubscriptionBySubscriptionToken(request: Request, response: Response): Promise<void> {
     if (response.locals.tokenAuthenticationMethod === TokenAuthenticationMethod.OfflineSubscriptionToken) {
       await this.httpService.callAuthServer(
@@ -232,12 +236,20 @@ export class UsersController extends BaseHttpController {
     )
   }
 
-  @httpDelete('/:userUuid', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpDelete('/:userUuid', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async deleteUser(request: Request, response: Response): Promise<void> {
-    await this.httpService.callPaymentsServer(request, response, 'api/account', request.body)
+    if (!this.isConfiguredForHomeServer) {
+      await this.httpService.callPaymentsServer(request, response, 'api/account', request.body, true)
+    }
+
+    await this.httpService.callAuthServer(
+      request,
+      response,
+      this.endpointResolver.resolveEndpointOrMethodIdentifier('DELETE', 'users/:userUuid', request.params.userUuid),
+    )
   }
 
-  @httpPost('/:userUuid/requests', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPost('/:userUuid/requests', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async submitRequest(request: Request, response: Response): Promise<void> {
     await this.httpService.callAuthServer(
       request,

packages/api-gateway/src/Controller/v1/WebSocketsController.ts

@@ -10,14 +10,14 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
 @controller('/v1/sockets')
 export class WebSocketsController extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
-    @inject(TYPES.Logger) private logger: Logger,
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_Logger) private logger: Logger,
   ) {
     super()
   }
 
-  @httpPost('/tokens', TYPES.RequiredCrossServiceTokenMiddleware)
+  @httpPost('/tokens', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
   async createWebSocketConnectionToken(request: Request, response: Response): Promise<void> {
     await this.httpService.callWebSocketServer(
       request,
@@ -27,7 +27,7 @@ export class WebSocketsController extends BaseHttpController {
     )
   }
 
-  @httpPost('/connections', TYPES.WebSocketAuthMiddleware)
+  @httpPost('/connections', TYPES.ApiGateway_WebSocketAuthMiddleware)
   async createWebSocketConnection(request: Request, response: Response): Promise<void> {
     if (!request.headers.connectionid) {
       this.logger.error('Could not create a websocket connection. Missing connection id header.')

packages/api-gateway/src/Controller/v2/ActionsControllerV2.ts

@@ -9,8 +9,8 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
 @controller('/v2')
 export class ActionsControllerV2 extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private serviceProxy: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_ServiceProxy) private serviceProxy: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
   ) {
     super()
   }
@@ -25,7 +25,7 @@ export class ActionsControllerV2 extends BaseHttpController {
     )
   }
 
-  @httpPost('/login-params', TYPES.OptionalCrossServiceTokenMiddleware)
+  @httpPost('/login-params', TYPES.ApiGateway_OptionalCrossServiceTokenMiddleware)
   async loginParams(request: Request, response: Response): Promise<void> {
     await this.serviceProxy.callAuthServer(
       request,

packages/api-gateway/src/Controller/v2/PaymentsControllerV2.ts

@@ -6,7 +6,7 @@ import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
 
 @controller('/v2')
 export class PaymentsControllerV2 extends BaseHttpController {
-  constructor(@inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface) {
+  constructor(@inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface) {
     super()
   }
 
@@ -15,22 +15,22 @@ export class PaymentsControllerV2 extends BaseHttpController {
     await this.httpService.callPaymentsServer(request, response, 'api/subscriptions/features', request.body)
   }
 
-  @httpGet('/subscriptions/tailored', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpGet('/subscriptions/tailored', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async getTailoredSubscriptionsWithFeatures(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(request, response, 'api/subscriptions/features', request.body)
   }
 
-  @httpGet('/subscriptions/deltas', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpGet('/subscriptions/deltas', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async getSubscriptionDeltasForChangingPlan(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(request, response, 'api/subscriptions/deltas', request.body)
   }
 
-  @httpPost('/subscriptions/deltas/apply', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpPost('/subscriptions/deltas/apply', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async applySubscriptionDelta(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(request, response, 'api/subscriptions/deltas/apply', request.body)
   }
 
-  @httpPost('/subscriptions/change-payment-method', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpPost('/subscriptions/change-payment-method', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async changePaymentMethod(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(
       request,
@@ -40,7 +40,7 @@ export class PaymentsControllerV2 extends BaseHttpController {
     )
   }
 
-  @httpGet('/subscriptions/:subscriptionId', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpGet('/subscriptions/:subscriptionId', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async getSubscription(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(
       request,
@@ -50,7 +50,7 @@ export class PaymentsControllerV2 extends BaseHttpController {
     )
   }
 
-  @httpDelete('/subscriptions/:subscriptionId', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpDelete('/subscriptions/:subscriptionId', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async cancelSubscription(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(
       request,
@@ -60,7 +60,7 @@ export class PaymentsControllerV2 extends BaseHttpController {
     )
   }
 
-  @httpPatch('/subscriptions/:subscriptionId', TYPES.SubscriptionTokenAuthMiddleware)
+  @httpPatch('/subscriptions/:subscriptionId', TYPES.ApiGateway_SubscriptionTokenAuthMiddleware)
   async updateSubscription(request: Request, response: Response): Promise<void> {
     await this.httpService.callPaymentsServer(
       request,

packages/api-gateway/src/Controller/v2/RevisionsControllerV2.ts

@@ -6,11 +6,11 @@ import { TYPES } from '../../Bootstrap/Types'
 import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
 import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolverInterface'
 
-@controller('/v2/items/:itemUuid/revisions', TYPES.RequiredCrossServiceTokenMiddleware)
+@controller('/v2/items/:itemUuid/revisions', TYPES.ApiGateway_RequiredCrossServiceTokenMiddleware)
 export class RevisionsControllerV2 extends BaseHttpController {
   constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
-    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
+    @inject(TYPES.ApiGateway_ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ApiGateway_EndpointResolver) private endpointResolver: EndpointResolverInterface,
   ) {
     super()
   }

packages/api-gateway/src/Infra/Redis/RedisCrossServiceTokenCache.ts

@@ -9,7 +9,7 @@ export class RedisCrossServiceTokenCache implements CrossServiceTokenCacheInterf
   private readonly PREFIX = 'cst'
   private readonly USER_CST_PREFIX = 'user-cst'
 
-  constructor(@inject(TYPES.Redis) private redisClient: IORedis.Redis) {}
+  constructor(@inject(TYPES.ApiGateway_Redis) private redisClient: IORedis.Redis) {}
 
   async set(dto: {
     authorizationHeaderValue: string

packages/api-gateway/src/Service/Http/HttpServiceProxy.ts

@@ -11,17 +11,17 @@ import { ServiceProxyInterface } from './ServiceProxyInterface'
 @injectable()
 export class HttpServiceProxy implements ServiceProxyInterface {
   constructor(
-    @inject(TYPES.HTTPClient) private httpClient: AxiosInstance,
-    @inject(TYPES.AUTH_SERVER_URL) private authServerUrl: string,
-    @inject(TYPES.SYNCING_SERVER_JS_URL) private syncingServerJsUrl: string,
-    @inject(TYPES.PAYMENTS_SERVER_URL) private paymentsServerUrl: string,
-    @inject(TYPES.FILES_SERVER_URL) private filesServerUrl: string,
-    @inject(TYPES.WEB_SOCKET_SERVER_URL) private webSocketServerUrl: string,
-    @inject(TYPES.REVISIONS_SERVER_URL) private revisionsServerUrl: string,
-    @inject(TYPES.EMAIL_SERVER_URL) private emailServerUrl: string,
-    @inject(TYPES.HTTP_CALL_TIMEOUT) private httpCallTimeout: number,
-    @inject(TYPES.CrossServiceTokenCache) private crossServiceTokenCache: CrossServiceTokenCacheInterface,
-    @inject(TYPES.Logger) private logger: Logger,
+    @inject(TYPES.ApiGateway_HTTPClient) private httpClient: AxiosInstance,
+    @inject(TYPES.ApiGateway_AUTH_SERVER_URL) private authServerUrl: string,
+    @inject(TYPES.ApiGateway_SYNCING_SERVER_JS_URL) private syncingServerJsUrl: string,
+    @inject(TYPES.ApiGateway_PAYMENTS_SERVER_URL) private paymentsServerUrl: string,
+    @inject(TYPES.ApiGateway_FILES_SERVER_URL) private filesServerUrl: string,
+    @inject(TYPES.ApiGateway_WEB_SOCKET_SERVER_URL) private webSocketServerUrl: string,
+    @inject(TYPES.ApiGateway_REVISIONS_SERVER_URL) private revisionsServerUrl: string,
+    @inject(TYPES.ApiGateway_EMAIL_SERVER_URL) private emailServerUrl: string,
+    @inject(TYPES.ApiGateway_HTTP_CALL_TIMEOUT) private httpCallTimeout: number,
+    @inject(TYPES.ApiGateway_CrossServiceTokenCache) private crossServiceTokenCache: CrossServiceTokenCacheInterface,
+    @inject(TYPES.ApiGateway_Logger) private logger: Logger,
   ) {}
 
   async validateSession(
@@ -130,19 +130,26 @@ export class HttpServiceProxy implements ServiceProxyInterface {
     response: Response,
     endpointOrMethodIdentifier: string,
     payload?: Record<string, unknown> | string,
-  ): Promise<void> {
+    returnRawResponse?: boolean,
+  ): Promise<void | Response<unknown, Record<string, unknown>>> {
     if (!this.paymentsServerUrl) {
       this.logger.debug('Payments Server URL not defined. Skipped request to Payments API.')
 
       return
     }
-    await this.callServerWithLegacyFormat(
+
+    const rawResponse = await this.callServerWithLegacyFormat(
       this.paymentsServerUrl,
       request,
       response,
       endpointOrMethodIdentifier,
       payload,
+      returnRawResponse,
     )
+
+    if (returnRawResponse) {
+      return rawResponse
+    }
   }
 
   async callAuthServerWithLegacyFormat(
@@ -279,7 +286,8 @@ export class HttpServiceProxy implements ServiceProxyInterface {
     response: Response,
     endpointOrMethodIdentifier: string,
     payload?: Record<string, unknown> | string,
-  ): Promise<void> {
+    returnRawResponse?: boolean,
+  ): Promise<void | Response<unknown, Record<string, unknown>>> {
     const serviceResponse = await this.getServerResponse(
       serverUrl,
       request,
@@ -295,9 +303,21 @@ export class HttpServiceProxy implements ServiceProxyInterface {
     this.applyResponseHeaders(serviceResponse, response)
 
     if (serviceResponse.request._redirectable._redirectCount > 0) {
-      response.status(302).redirect(serviceResponse.request.res.responseUrl)
+      response.status(302)
+
+      if (returnRawResponse) {
+        return response
+      }
+
+      response.redirect(serviceResponse.request.res.responseUrl)
     } else {
-      response.status(serviceResponse.status).send(serviceResponse.data)
+      response.status(serviceResponse.status)
+
+      if (returnRawResponse) {
+        return response
+      }
+
+      response.send(serviceResponse.data)
     }
   }
 

packages/api-gateway/src/Service/Http/ServiceProxyInterface.ts

@@ -42,7 +42,8 @@ export interface ServiceProxyInterface {
     response: Response,
     endpointOrMethodIdentifier: string,
     payload?: Record<string, unknown> | string,
-  ): Promise<void>
+    returnRawResponse?: boolean,
+  ): Promise<void | Response<unknown, Record<string, unknown>>>
   callWebSocketServer(
     request: Request,
     response: Response,

packages/api-gateway/src/Service/Resolver/EndpointResolver.ts

@@ -43,6 +43,7 @@ export class EndpointResolver implements EndpointResolverInterface {
     ['[PATCH]:users/:userId', 'auth.users.update'],
     ['[PUT]:users/:userUuid/attributes/credentials', 'auth.users.updateCredentials'],
     ['[PUT]:auth/params', 'auth.users.getKeyParams'],
+    ['[DELETE]:users/:userUuid', 'auth.users.delete'],
     ['[POST]:listed', 'auth.users.createListedAccount'],
     ['[POST]:auth', 'auth.users.register'],
     ['[GET]:users/:userUuid/settings', 'auth.users.getSettings'],
@@ -62,6 +63,32 @@ export class EndpointResolver implements EndpointResolverInterface {
     ['[GET]:items/:itemUuid/revisions', 'revisions.revisions.getRevisions'],
     ['[GET]:items/:itemUuid/revisions/:id', 'revisions.revisions.getRevision'],
     ['[DELETE]:items/:itemUuid/revisions/:id', 'revisions.revisions.deleteRevision'],
+    // Messages Controller
+    ['[GET]:messages/', 'sync.messages.get-received'],
+    ['[GET]:messages/outbound', 'sync.messages.get-sent'],
+    ['[POST]:messages/', 'sync.messages.send'],
+    ['[DELETE]:messages/inbound', 'sync.messages.delete-all'],
+    ['[DELETE]:messages/:messageUuid', 'sync.messages.delete'],
+    // Shared Vaults Controller
+    ['[GET]:shared-vaults/', 'sync.shared-vaults.get-vaults'],
+    ['[POST]:shared-vaults/', 'sync.shared-vaults.create-vault'],
+    ['[DELETE]:shared-vaults/:sharedVaultUuid', 'sync.shared-vaults.delete-vault'],
+    ['[POST]:shared-vaults/:sharedVaultUuid/valet-tokens', 'sync.shared-vaults.create-file-valet-token'],
+    // Shared Vault Invites Controller
+    ['[POST]:shared-vaults/:sharedVaultUuid/invites', 'sync.shared-vault-invites.create'],
+    ['[PATCH]:shared-vaults/:sharedVaultUuid/invites/:inviteUuid', 'sync.shared-vault-invites.update'],
+    ['[POST]:shared-vaults/:sharedVaultUuid/invites/:inviteUuid/accept', 'sync.shared-vault-invites.accept'],
+    ['[POST]:shared-vaults/:sharedVaultUuid/invites/:inviteUuid/decline', 'sync.shared-vault-invites.decline'],
+    ['[DELETE]:shared-vaults/invites/inbound', 'sync.shared-vault-invites.delete-inbound'],
+    ['[DELETE]:shared-vaults/invites/outbound', 'sync.shared-vault-invites.delete-outbound'],
+    ['[GET]:shared-vaults/invites/outbound', 'sync.shared-vault-invites.get-outbound'],
+    ['[GET]:shared-vaults/invites', 'sync.shared-vault-invites.get-user-invites'],
+    ['[GET]:shared-vaults/:sharedVaultUuid/invites', 'sync.shared-vault-invites.get-vault-invites'],
+    ['[DELETE]:shared-vaults/:sharedVaultUuid/invites/:inviteUuid', 'sync.shared-vault-invites.delete-invite'],
+    ['[DELETE]:shared-vaults/:sharedVaultUuid/invites', 'sync.shared-vault-invites.delete-all'],
+    // Shared Vault Users Controller
+    ['[GET]:shared-vaults/:sharedVaultUuid/users', 'sync.shared-vault-users.get-users'],
+    ['[DELETE]:shared-vaults/:sharedVaultUuid/users/:userUuid', 'sync.shared-vault-users.remove-user'],
   ])
 
   resolveEndpointOrMethodIdentifier(method: string, endpoint: string, ...params: string[]): string {
@@ -75,7 +102,7 @@ export class EndpointResolver implements EndpointResolverInterface {
     const identifier = this.endpointToIdentifierMap.get(`[${method}]:${endpoint}`)
 
     if (!identifier) {
-      throw new Error(`Endpoint ${endpoint} not found`)
+      throw new Error(`Endpoint [${method}]:${endpoint} not found`)
     }
 
     return identifier

packages/auth/CHANGELOG.md

@@ -3,6 +3,86 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.127.2](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.127.1...@standardnotes/auth-server@1.127.2) (2023-08-01)
+
+### Bug Fixes
+
+* controller naming ([#678](https://github.com/standardnotes/server/issues/678)) ([56f0aef](https://github.com/standardnotes/server/commit/56f0aef21d3fcec7ac7e968cb1c1b071becbbe26))
+
+## [1.127.1](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.127.0...@standardnotes/auth-server@1.127.1) (2023-07-31)
+
+### Bug Fixes
+
+* **auth:** auth middleware on delete account ([318af57](https://github.com/standardnotes/server/commit/318af5757d6c42f580157647b22112a9936765e7))
+
+# [1.127.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.126.5...@standardnotes/auth-server@1.127.0) (2023-07-31)
+
+### Features
+
+* refactor deleting account ([#676](https://github.com/standardnotes/server/issues/676)) ([0d5dcdd](https://github.com/standardnotes/server/commit/0d5dcdd8ec2336e41e7604c4157f79a89163ed29))
+
+## [1.126.5](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.126.4...@standardnotes/auth-server@1.126.5) (2023-07-27)
+
+**Note:** Version bump only for package @standardnotes/auth-server
+
+## [1.126.4](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.126.3...@standardnotes/auth-server@1.126.4) (2023-07-26)
+
+**Note:** Version bump only for package @standardnotes/auth-server
+
+## [1.126.3](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.126.2...@standardnotes/auth-server@1.126.3) (2023-07-26)
+
+**Note:** Version bump only for package @standardnotes/auth-server
+
+## [1.126.2](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.126.1...@standardnotes/auth-server@1.126.2) (2023-07-21)
+
+**Note:** Version bump only for package @standardnotes/auth-server
+
+## [1.126.1](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.126.0...@standardnotes/auth-server@1.126.1) (2023-07-21)
+
+**Note:** Version bump only for package @standardnotes/auth-server
+
+# [1.126.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.125.1...@standardnotes/auth-server@1.126.0) (2023-07-20)
+
+### Features
+
+* **syncing-server:** add shared vaults, invites, messages and notifications to sync response ([#665](https://github.com/standardnotes/server/issues/665)) ([efa4d7f](https://github.com/standardnotes/server/commit/efa4d7fc6007ef668e3de3b04853ac11b2d13c30))
+
+## [1.125.1](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.125.0...@standardnotes/auth-server@1.125.1) (2023-07-19)
+
+**Note:** Version bump only for package @standardnotes/auth-server
+
+# [1.125.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.124.2...@standardnotes/auth-server@1.125.0) (2023-07-17)
+
+### Features
+
+* **syncing-server:** refactor syncing to decouple getting and saving items ([#659](https://github.com/standardnotes/server/issues/659)) ([cb74b23](https://github.com/standardnotes/server/commit/cb74b23e45b207136e299ce8a3db2c04dc87e21e))
+
+## [1.124.2](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.124.1...@standardnotes/auth-server@1.124.2) (2023-07-14)
+
+### Bug Fixes
+
+* **home-server:** allow custom atributtes for activating premium features ([f7190c0](https://github.com/standardnotes/server/commit/f7190c0c9c2d105f97d1cf980ce6a4f0dae34805))
+
+## [1.124.1](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.124.0...@standardnotes/auth-server@1.124.1) (2023-07-13)
+
+### Bug Fixes
+
+* **files:** handling unlimited storage quota on home server ([9be3517](https://github.com/standardnotes/server/commit/9be3517093f8dd7bbdd7507c1e2ff059e6c9a889))
+
+# [1.124.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.123.2...@standardnotes/auth-server@1.124.0) (2023-07-13)
+
+### Features
+
+* **auth:** add overriding subscription settings on home server ([#656](https://github.com/standardnotes/server/issues/656)) ([0b82794](https://github.com/standardnotes/server/commit/0b82794e9c7ed82cfc08a92eafc016fbde5c4fcc))
+
+## [1.123.2](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.123.1...@standardnotes/auth-server@1.123.2) (2023-07-12)
+
+**Note:** Version bump only for package @standardnotes/auth-server
+
+## [1.123.1](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.123.0...@standardnotes/auth-server@1.123.1) (2023-07-12)
+
+**Note:** Version bump only for package @standardnotes/auth-server
+
 # [1.123.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.122.2...@standardnotes/auth-server@1.123.0) (2023-07-12)
 
 ### Features

packages/auth/bin/server.ts

@@ -1,23 +1,23 @@
 import 'reflect-metadata'
 
-import '../src/Infra/InversifyExpressUtils/InversifyExpressAuthController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressAuthenticatorsController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressSessionsController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressSubscriptionInvitesController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressUserRequestsController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressWebSocketsController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressUsersController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressValetTokenController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressAdminController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressSubscriptionTokensController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressSubscriptionSettingsController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressSettingsController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressSessionController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressOfflineController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressListedController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressInternalController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressHealthCheckController'
-import '../src/Infra/InversifyExpressUtils/InversifyExpressFeaturesController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedAuthController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedAuthenticatorsController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedSessionsController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedSubscriptionInvitesController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedUserRequestsController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedWebSocketsController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedUsersController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedValetTokenController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedAdminController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedSubscriptionTokensController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedSubscriptionSettingsController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedSettingsController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedSessionController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedOfflineController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedListedController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedInternalController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedHealthCheckController'
+import '../src/Infra/InversifyExpressUtils/AnnotatedFeaturesController'
 
 import * as cors from 'cors'
 import { urlencoded, json, Request, Response, NextFunction } from 'express'

packages/auth/migrations/mysql/1688540448427-add-notifications.ts

@@ -1,16 +0,0 @@
-import { MigrationInterface, QueryRunner } from 'typeorm'
-
-export class AddNotifications1688540448427 implements MigrationInterface {
-  name = 'AddNotifications1688540448427'
-
-  public async up(queryRunner: QueryRunner): Promise<void> {
-    await queryRunner.query(
-      'CREATE TABLE `notifications` (`uuid` varchar(36) NOT NULL, `user_uuid` varchar(36) NOT NULL, `type` varchar(36) NOT NULL, `payload` text NOT NULL, `created_at_timestamp` bigint NOT NULL, `updated_at_timestamp` bigint NOT NULL, INDEX `index_notifications_on_user_uuid` (`user_uuid`), PRIMARY KEY (`uuid`)) ENGINE=InnoDB',
-    )
-  }
-
-  public async down(queryRunner: QueryRunner): Promise<void> {
-    await queryRunner.query('DROP INDEX `index_notifications_on_user_uuid` ON `notifications`')
-    await queryRunner.query('DROP TABLE `notifications`')
-  }
-}

packages/auth/migrations/mysql/1688540448428-remove-notifications.ts

@@ -1,16 +0,0 @@
-import { MigrationInterface, QueryRunner } from 'typeorm'
-
-export class RemoveNotifications1688540448428 implements MigrationInterface {
-  name = 'RemoveNotifications1688540448428'
-
-  public async up(queryRunner: QueryRunner): Promise<void> {
-    await queryRunner.query('DROP INDEX `index_notifications_on_user_uuid` ON `notifications`')
-    await queryRunner.query('DROP TABLE `notifications`')
-  }
-
-  public async down(queryRunner: QueryRunner): Promise<void> {
-    await queryRunner.query(
-      'CREATE TABLE `notifications` (`uuid` varchar(36) NOT NULL, `user_uuid` varchar(36) NOT NULL, `type` varchar(36) NOT NULL, `payload` text NOT NULL, `created_at_timestamp` bigint NOT NULL, `updated_at_timestamp` bigint NOT NULL, INDEX `index_notifications_on_user_uuid` (`user_uuid`), PRIMARY KEY (`uuid`)) ENGINE=InnoDB',
-    )
-  }
-}

packages/auth/migrations/sqlite/1688540623272-add-notifications.ts

@@ -1,17 +0,0 @@
-import { MigrationInterface, QueryRunner } from 'typeorm'
-
-export class AddNotifications1688540623272 implements MigrationInterface {
-  name = 'AddNotifications1688540623272'
-
-  public async up(queryRunner: QueryRunner): Promise<void> {
-    await queryRunner.query(
-      'CREATE TABLE "notifications" ("uuid" varchar PRIMARY KEY NOT NULL, "user_uuid" varchar(36) NOT NULL, "type" varchar(36) NOT NULL, "payload" text NOT NULL, "created_at_timestamp" bigint NOT NULL, "updated_at_timestamp" bigint NOT NULL)',
-    )
-    await queryRunner.query('CREATE INDEX "index_notifications_on_user_uuid" ON "notifications" ("user_uuid") ')
-  }
-
-  public async down(queryRunner: QueryRunner): Promise<void> {
-    await queryRunner.query('DROP INDEX "index_notifications_on_user_uuid"')
-    await queryRunner.query('DROP TABLE "notifications"')
-  }
-}

packages/auth/migrations/sqlite/1688540623273-remove-notifications.ts

@@ -1,17 +0,0 @@
-import { MigrationInterface, QueryRunner } from 'typeorm'
-
-export class RemoveNotifications1688540623273 implements MigrationInterface {
-  name = 'RemoveNotifications1688540623273'
-
-  public async up(queryRunner: QueryRunner): Promise<void> {
-    await queryRunner.query('DROP INDEX "index_notifications_on_user_uuid"')
-    await queryRunner.query('DROP TABLE "notifications"')
-  }
-
-  public async down(queryRunner: QueryRunner): Promise<void> {
-    await queryRunner.query(
-      'CREATE TABLE "notifications" ("uuid" varchar PRIMARY KEY NOT NULL, "user_uuid" varchar(36) NOT NULL, "type" varchar(36) NOT NULL, "payload" text NOT NULL, "created_at_timestamp" bigint NOT NULL, "updated_at_timestamp" bigint NOT NULL)',
-    )
-    await queryRunner.query('CREATE INDEX "index_notifications_on_user_uuid" ON "notifications" ("user_uuid") ')
-  }
-}

packages/auth/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@standardnotes/auth-server",
-  "version": "1.123.0",
+  "version": "1.127.2",
   "engines": {
     "node": ">=18.0.0 <21.0.0"
   },
@@ -42,17 +42,17 @@
     "@cbor-extract/cbor-extract-linux-x64": "^2.1.1",
     "@simplewebauthn/server": "^7.2.0",
     "@simplewebauthn/typescript-types": "^7.0.0",
-    "@standardnotes/api": "^1.26.25",
+    "@standardnotes/api": "^1.26.26",
     "@standardnotes/common": "workspace:*",
     "@standardnotes/domain-core": "workspace:^",
     "@standardnotes/domain-events": "workspace:*",
     "@standardnotes/domain-events-infra": "workspace:*",
-    "@standardnotes/features": "^1.58.12",
+    "@standardnotes/features": "^1.59.7",
     "@standardnotes/predicates": "workspace:*",
-    "@standardnotes/responses": "^1.13.9",
+    "@standardnotes/responses": "^1.13.27",
     "@standardnotes/security": "workspace:*",
     "@standardnotes/settings": "workspace:*",
-    "@standardnotes/sncrypto-common": "^1.9.0",
+    "@standardnotes/sncrypto-common": "^1.13.4",
     "@standardnotes/sncrypto-node": "workspace:*",
     "@standardnotes/time": "workspace:*",
     "axios": "^1.1.3",

packages/auth/src/Bootstrap/AuthServiceInterface.ts

@@ -1,5 +1,9 @@
 import { Result, ServiceInterface } from '@standardnotes/domain-core'
 
 export interface AuthServiceInterface extends ServiceInterface {
-  activatePremiumFeatures(username: string): Promise<Result<string>>
+  activatePremiumFeatures(dto: {
+    username: string
+    subscriptionPlanName?: string
+    endsAt?: Date
+  }): Promise<Result<string>>
 }

packages/auth/src/Bootstrap/Container.ts

@@ -234,22 +234,22 @@ import { OfflineUserAuthMiddleware } from '../Infra/InversifyExpressUtils/Middle
 import { LockMiddleware } from '../Infra/InversifyExpressUtils/Middleware/LockMiddleware'
 import { RequiredCrossServiceTokenMiddleware } from '../Infra/InversifyExpressUtils/Middleware/RequiredCrossServiceTokenMiddleware'
 import { OptionalCrossServiceTokenMiddleware } from '../Infra/InversifyExpressUtils/Middleware/OptionalCrossServiceTokenMiddleware'
-import { HomeServerSettingsController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerSettingsController'
-import { HomeServerAdminController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerAdminController'
-import { HomeServerAuthController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerAuthController'
-import { HomeServerAuthenticatorsController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerAuthenticatorsController'
-import { HomeServerFeaturesController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerFeaturesController'
-import { HomeServerListedController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerListedController'
-import { HomeServerOfflineController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerOfflineController'
-import { HomeServerSessionController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerSessionController'
-import { HomeServerSubscriptionInvitesController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerSubscriptionInvitesController'
-import { HomeServerSubscriptionSettingsController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerSubscriptionSettingsController'
-import { HomeServerSubscriptionTokensController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerSubscriptionTokensController'
-import { HomeServerUserRequestsController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerUserRequestsController'
-import { HomeServerUsersController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerUsersController'
-import { HomeServerValetTokenController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerValetTokenController'
-import { HomeServerWebSocketsController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerWebSocketsController'
-import { HomeServerSessionsController } from '../Infra/InversifyExpressUtils/HomeServer/HomeServerSessionsController'
+import { BaseSettingsController } from '../Infra/InversifyExpressUtils/Base/BaseSettingsController'
+import { BaseAdminController } from '../Infra/InversifyExpressUtils/Base/BaseAdminController'
+import { BaseAuthController } from '../Infra/InversifyExpressUtils/Base/BaseAuthController'
+import { BaseAuthenticatorsController } from '../Infra/InversifyExpressUtils/Base/BaseAuthenticatorsController'
+import { BaseFeaturesController } from '../Infra/InversifyExpressUtils/Base/BaseFeaturesController'
+import { BaseListedController } from '../Infra/InversifyExpressUtils/Base/BaseListedController'
+import { BaseOfflineController } from '../Infra/InversifyExpressUtils/Base/BaseOfflineController'
+import { BaseSessionController } from '../Infra/InversifyExpressUtils/Base/BaseSessionController'
+import { BaseSubscriptionInvitesController } from '../Infra/InversifyExpressUtils/Base/BaseSubscriptionInvitesController'
+import { BaseSubscriptionSettingsController } from '../Infra/InversifyExpressUtils/Base/BaseSubscriptionSettingsController'
+import { BaseSubscriptionTokensController } from '../Infra/InversifyExpressUtils/Base/BaseSubscriptionTokensController'
+import { BaseUserRequestsController } from '../Infra/InversifyExpressUtils/Base/BaseUserRequestsController'
+import { BaseUsersController } from '../Infra/InversifyExpressUtils/Base/BaseUsersController'
+import { BaseValetTokenController } from '../Infra/InversifyExpressUtils/Base/BaseValetTokenController'
+import { BaseWebSocketsController } from '../Infra/InversifyExpressUtils/Base/BaseWebSocketsController'
+import { BaseSessionsController } from '../Infra/InversifyExpressUtils/Base/BaseSessionsController'
 import { Transform } from 'stream'
 import { ActivatePremiumFeatures } from '../Domain/UseCase/ActivatePremiumFeatures/ActivatePremiumFeatures'
 
@@ -793,6 +793,7 @@ export class ContainerConfigLoader {
         new ActivatePremiumFeatures(
           container.get(TYPES.Auth_UserRepository),
           container.get(TYPES.Auth_UserSubscriptionRepository),
+          container.get(TYPES.Auth_SubscriptionSettingService),
           container.get(TYPES.Auth_RoleService),
           container.get(TYPES.Auth_Timer),
         ),
@@ -1036,9 +1037,9 @@ export class ContainerConfigLoader {
     }
 
     container
-      .bind<HomeServerAuthController>(TYPES.Auth_HomeServerAuthController)
+      .bind<BaseAuthController>(TYPES.Auth_BaseAuthController)
       .toConstantValue(
-        new HomeServerAuthController(
+        new BaseAuthController(
           container.get(TYPES.Auth_VerifyMFA),
           container.get(TYPES.Auth_SignIn),
           container.get(TYPES.Auth_GetUserKeyParams),
@@ -1053,42 +1054,42 @@ export class ContainerConfigLoader {
     // Inversify Controllers
     if (isConfiguredForHomeServer) {
       container
-        .bind<HomeServerAuthenticatorsController>(TYPES.Auth_HomeServerAuthenticatorsController)
+        .bind<BaseAuthenticatorsController>(TYPES.Auth_BaseAuthenticatorsController)
         .toConstantValue(
-          new HomeServerAuthenticatorsController(
+          new BaseAuthenticatorsController(
             container.get(TYPES.Auth_AuthenticatorsController),
             container.get(TYPES.Auth_ControllerContainer),
           ),
         )
       container
-        .bind<HomeServerSubscriptionInvitesController>(TYPES.Auth_HomeServerSubscriptionInvitesController)
+        .bind<BaseSubscriptionInvitesController>(TYPES.Auth_BaseSubscriptionInvitesController)
         .toConstantValue(
-          new HomeServerSubscriptionInvitesController(
+          new BaseSubscriptionInvitesController(
             container.get(TYPES.Auth_SubscriptionInvitesController),
             container.get(TYPES.Auth_ControllerContainer),
           ),
         )
       container
-        .bind<HomeServerUserRequestsController>(TYPES.Auth_HomeServerUserRequestsController)
+        .bind<BaseUserRequestsController>(TYPES.Auth_BaseUserRequestsController)
         .toConstantValue(
-          new HomeServerUserRequestsController(
+          new BaseUserRequestsController(
             container.get(TYPES.Auth_UserRequestsController),
             container.get(TYPES.Auth_ControllerContainer),
           ),
         )
       container
-        .bind<HomeServerWebSocketsController>(TYPES.Auth_HomeServerWebSocketsController)
+        .bind<BaseWebSocketsController>(TYPES.Auth_BaseWebSocketsController)
         .toConstantValue(
-          new HomeServerWebSocketsController(
+          new BaseWebSocketsController(
             container.get(TYPES.Auth_CreateCrossServiceToken),
             container.get(TYPES.Auth_WebSocketConnectionTokenDecoder),
             container.get(TYPES.Auth_ControllerContainer),
           ),
         )
       container
-        .bind<HomeServerSessionsController>(TYPES.Auth_HomeServerSessionsController)
+        .bind<BaseSessionsController>(TYPES.Auth_BaseSessionsController)
         .toConstantValue(
-          new HomeServerSessionsController(
+          new BaseSessionsController(
             container.get(TYPES.Auth_GetActiveSessionsForUser),
             container.get(TYPES.Auth_AuthenticateRequest),
             container.get(TYPES.Auth_SessionProjector),
@@ -1097,17 +1098,17 @@ export class ContainerConfigLoader {
           ),
         )
       container
-        .bind<HomeServerValetTokenController>(TYPES.Auth_HomeServerValetTokenController)
+        .bind<BaseValetTokenController>(TYPES.Auth_BaseValetTokenController)
         .toConstantValue(
-          new HomeServerValetTokenController(
+          new BaseValetTokenController(
             container.get(TYPES.Auth_CreateValetToken),
             container.get(TYPES.Auth_ControllerContainer),
           ),
         )
       container
-        .bind<HomeServerUsersController>(TYPES.Auth_HomeServerUsersController)
+        .bind<BaseUsersController>(TYPES.Auth_BaseUsersController)
         .toConstantValue(
-          new HomeServerUsersController(
+          new BaseUsersController(
             container.get(TYPES.Auth_UpdateUser),
             container.get(TYPES.Auth_GetUserKeyParams),
             container.get(TYPES.Auth_DeleteAccount),
@@ -1119,9 +1120,9 @@ export class ContainerConfigLoader {
           ),
         )
       container
-        .bind<HomeServerAdminController>(TYPES.Auth_HomeServerAdminController)
+        .bind<BaseAdminController>(TYPES.Auth_BaseAdminController)
         .toConstantValue(
-          new HomeServerAdminController(
+          new BaseAdminController(
             container.get(TYPES.Auth_DeleteSetting),
             container.get(TYPES.Auth_UserRepository),
             container.get(TYPES.Auth_CreateSubscriptionToken),
@@ -1130,9 +1131,9 @@ export class ContainerConfigLoader {
           ),
         )
       container
-        .bind<HomeServerSubscriptionTokensController>(TYPES.Auth_HomeServerSubscriptionTokensController)
+        .bind<BaseSubscriptionTokensController>(TYPES.Auth_BaseSubscriptionTokensController)
         .toConstantValue(
-          new HomeServerSubscriptionTokensController(
+          new BaseSubscriptionTokensController(
             container.get(TYPES.Auth_CreateSubscriptionToken),
             container.get(TYPES.Auth_AuthenticateSubscriptionToken),
             container.get(TYPES.Auth_SettingService),
@@ -1144,17 +1145,17 @@ export class ContainerConfigLoader {
           ),
         )
       container
-        .bind<HomeServerSubscriptionSettingsController>(TYPES.Auth_HomeServerSubscriptionSettingsController)
+        .bind<BaseSubscriptionSettingsController>(TYPES.Auth_BaseSubscriptionSettingsController)
         .toConstantValue(
-          new HomeServerSubscriptionSettingsController(
+          new BaseSubscriptionSettingsController(
             container.get(TYPES.Auth_GetSetting),
             container.get(TYPES.Auth_ControllerContainer),
           ),
         )
       container
-        .bind<HomeServerSettingsController>(TYPES.Auth_HomeServerSettingsController)
+        .bind<BaseSettingsController>(TYPES.Auth_BaseSettingsController)
         .toConstantValue(
-          new HomeServerSettingsController(
+          new BaseSettingsController(
             container.get(TYPES.Auth_GetSettings),
             container.get(TYPES.Auth_GetSetting),
             container.get(TYPES.Auth_UpdateSetting),
@@ -1163,9 +1164,9 @@ export class ContainerConfigLoader {
           ),
         )
       container
-        .bind<HomeServerSessionController>(TYPES.Auth_HomeServerSessionController)
+        .bind<BaseSessionController>(TYPES.Auth_BaseSessionController)
         .toConstantValue(
-          new HomeServerSessionController(
+          new BaseSessionController(
             container.get(TYPES.Auth_DeleteSessionForUser),
             container.get(TYPES.Auth_DeletePreviousSessionsForUser),
             container.get(TYPES.Auth_RefreshSessionToken),
@@ -1173,9 +1174,9 @@ export class ContainerConfigLoader {
           ),
         )
       container
-        .bind<HomeServerOfflineController>(TYPES.Auth_HomeServerOfflineController)
+        .bind<BaseOfflineController>(TYPES.Auth_BaseOfflineController)
         .toConstantValue(
-          new HomeServerOfflineController(
+          new BaseOfflineController(
             container.get(TYPES.Auth_GetUserFeatures),
             container.get(TYPES.Auth_GetUserOfflineSubscription),
             container.get(TYPES.Auth_CreateOfflineSubscriptionToken),
@@ -1187,17 +1188,17 @@ export class ContainerConfigLoader {
           ),
         )
       container
-        .bind<HomeServerListedController>(TYPES.Auth_HomeServerListedController)
+        .bind<BaseListedController>(TYPES.Auth_BaseListedController)
         .toConstantValue(
-          new HomeServerListedController(
+          new BaseListedController(
             container.get(TYPES.Auth_CreateListedAccount),
             container.get(TYPES.Auth_ControllerContainer),
           ),
         )
       container
-        .bind<HomeServerFeaturesController>(TYPES.Auth_HomeServerFeaturesController)
+        .bind<BaseFeaturesController>(TYPES.Auth_BaseFeaturesController)
         .toConstantValue(
-          new HomeServerFeaturesController(
+          new BaseFeaturesController(
             container.get(TYPES.Auth_GetUserFeatures),
             container.get(TYPES.Auth_ControllerContainer),
           ),

packages/auth/src/Bootstrap/Service.ts

@@ -24,14 +24,18 @@ export class Service implements AuthServiceInterface {
     this.serviceContainer.register(this.getId(), this)
   }
 
-  async activatePremiumFeatures(username: string): Promise<Result<string>> {
+  async activatePremiumFeatures(dto: {
+    username: string
+    subscriptionPlanName?: string
+    endsAt?: Date
+  }): Promise<Result<string>> {
     if (!this.container) {
       return Result.fail('Container not initialized')
     }
 
     const activatePremiumFeatures = this.container.get(TYPES.Auth_ActivatePremiumFeatures) as ActivatePremiumFeatures
 
-    return activatePremiumFeatures.execute({ username })
+    return activatePremiumFeatures.execute(dto)
   }
 
   async handleRequest(request: never, response: never, endpointOrMethodIdentifier: string): Promise<unknown> {

packages/auth/src/Bootstrap/Types.ts

@@ -217,22 +217,22 @@ const TYPES = {
   Auth_ProtocolVersionSelector: Symbol.for('Auth_ProtocolVersionSelector'),
   Auth_BooleanSelector: Symbol.for('Auth_BooleanSelector'),
   Auth_UserSubscriptionService: Symbol.for('Auth_UserSubscriptionService'),
-  Auth_HomeServerAuthController: Symbol.for('Auth_HomeServerAuthController'),
-  Auth_HomeServerAuthenticatorsController: Symbol.for('Auth_HomeServerAuthenticatorsController'),
-  Auth_HomeServerSubscriptionInvitesController: Symbol.for('Auth_HomeServerSubscriptionInvitesController'),
-  Auth_HomeServerUserRequestsController: Symbol.for('Auth_HomeServerUserRequestsController'),
-  Auth_HomeServerWebSocketsController: Symbol.for('Auth_HomeServerWebSocketsController'),
-  Auth_HomeServerSessionsController: Symbol.for('Auth_HomeServerSessionsController'),
-  Auth_HomeServerValetTokenController: Symbol.for('Auth_HomeServerValetTokenController'),
-  Auth_HomeServerUsersController: Symbol.for('Auth_HomeServerUsersController'),
-  Auth_HomeServerAdminController: Symbol.for('Auth_HomeServerAdminController'),
-  Auth_HomeServerSubscriptionTokensController: Symbol.for('Auth_HomeServerSubscriptionTokensController'),
-  Auth_HomeServerSubscriptionSettingsController: Symbol.for('Auth_HomeServerSubscriptionSettingsController'),
-  Auth_HomeServerSettingsController: Symbol.for('Auth_HomeServerSettingsController'),
-  Auth_HomeServerSessionController: Symbol.for('Auth_HomeServerSessionController'),
-  Auth_HomeServerOfflineController: Symbol.for('Auth_HomeServerOfflineController'),
-  Auth_HomeServerListedController: Symbol.for('Auth_HomeServerListedController'),
-  Auth_HomeServerFeaturesController: Symbol.for('Auth_HomeServerFeaturesController'),
+  Auth_BaseAuthController: Symbol.for('Auth_BaseAuthController'),
+  Auth_BaseAuthenticatorsController: Symbol.for('Auth_BaseAuthenticatorsController'),
+  Auth_BaseSubscriptionInvitesController: Symbol.for('Auth_BaseSubscriptionInvitesController'),
+  Auth_BaseUserRequestsController: Symbol.for('Auth_BaseUserRequestsController'),
+  Auth_BaseWebSocketsController: Symbol.for('Auth_BaseWebSocketsController'),
+  Auth_BaseSessionsController: Symbol.for('Auth_BaseSessionsController'),
+  Auth_BaseValetTokenController: Symbol.for('Auth_BaseValetTokenController'),
+  Auth_BaseUsersController: Symbol.for('Auth_BaseUsersController'),
+  Auth_BaseAdminController: Symbol.for('Auth_BaseAdminController'),
+  Auth_BaseSubscriptionTokensController: Symbol.for('Auth_BaseSubscriptionTokensController'),
+  Auth_BaseSubscriptionSettingsController: Symbol.for('Auth_BaseSubscriptionSettingsController'),
+  Auth_BaseSettingsController: Symbol.for('Auth_BaseSettingsController'),
+  Auth_BaseSessionController: Symbol.for('Auth_BaseSessionController'),
+  Auth_BaseOfflineController: Symbol.for('Auth_BaseOfflineController'),
+  Auth_BaseListedController: Symbol.for('Auth_BaseListedController'),
+  Auth_BaseFeaturesController: Symbol.for('Auth_BaseFeaturesController'),
 }
 
 export default TYPES

packages/auth/src/Domain/Auth/AuthenticationMethodResolver.spec.ts

@@ -30,7 +30,9 @@ describe('AuthenticationMethodResolver', () => {
 
     user = {} as jest.Mocked<User>
 
-    session = {} as jest.Mocked<Session>
+    session = {
+      userUuid: '00000000-0000-0000-0000-000000000000',
+    } as jest.Mocked<Session>
 
     revokedSession = {} as jest.Mocked<RevokedSession>
 
@@ -50,17 +52,23 @@ describe('AuthenticationMethodResolver', () => {
   })
 
   it('should resolve jwt authentication method', async () => {
-    sessionTokenDecoder.decodeToken = jest.fn().mockReturnValue({ user_uuid: '123' })
+    sessionTokenDecoder.decodeToken = jest.fn().mockReturnValue({ user_uuid: '00000000-0000-0000-0000-000000000000' })
 
     expect(await createResolver().resolve('test')).toEqual({
       claims: {
-        user_uuid: '123',
+        user_uuid: '00000000-0000-0000-0000-000000000000',
       },
       type: 'jwt',
       user,
     })
   })
 
+  it('should not resolve jwt authentication method with invalid user uuid', async () => {
+    sessionTokenDecoder.decodeToken = jest.fn().mockReturnValue({ user_uuid: 'invalid' })
+
+    expect(await createResolver().resolve('test')).toBeUndefined
+  })
+
   it('should resolve session authentication method', async () => {
     sessionService.getSessionFromToken = jest.fn().mockReturnValue(session)
 
@@ -71,6 +79,12 @@ describe('AuthenticationMethodResolver', () => {
     })
   })
 
+  it('should not resolve session authentication method with invalid user uuid on session', async () => {
+    sessionService.getSessionFromToken = jest.fn().mockReturnValue({ userUuid: 'invalid' })
+
+    expect(await createResolver().resolve('test')).toBeUndefined
+  })
+
   it('should resolve archvied session authentication method', async () => {
     sessionService.getRevokedSessionFromToken = jest.fn().mockReturnValue(revokedSession)
 

packages/auth/src/Domain/Auth/AuthenticationMethodResolver.ts

@@ -6,6 +6,7 @@ import { UserRepositoryInterface } from '../User/UserRepositoryInterface'
 import { AuthenticationMethod } from './AuthenticationMethod'
 import { AuthenticationMethodResolverInterface } from './AuthenticationMethodResolverInterface'
 import { Logger } from 'winston'
+import { Uuid } from '@standardnotes/domain-core'
 
 @injectable()
 export class AuthenticationMethodResolver implements AuthenticationMethodResolverInterface {
@@ -29,9 +30,15 @@ export class AuthenticationMethodResolver implements AuthenticationMethodResolve
     if (decodedToken) {
       this.logger.debug('Token decoded successfully. User found.')
 
+      const userUuidOrError = Uuid.create(decodedToken.user_uuid as string)
+      if (userUuidOrError.isFailed()) {
+        return undefined
+      }
+      const userUuid = userUuidOrError.getValue()
+
       return {
         type: 'jwt',
-        user: await this.userRepository.findOneByUuid(<string>decodedToken.user_uuid),
+        user: await this.userRepository.findOneByUuid(userUuid),
         claims: decodedToken,
       }
     }
@@ -40,9 +47,15 @@ export class AuthenticationMethodResolver implements AuthenticationMethodResolve
     if (session) {
       this.logger.debug('Token decoded successfully. Session found.')
 
+      const userUuidOrError = Uuid.create(session.userUuid)
+      if (userUuidOrError.isFailed()) {
+        return undefined
+      }
+      const userUuid = userUuidOrError.getValue()
+
       return {
         type: 'session_token',
-        user: await this.userRepository.findOneByUuid(session.userUuid),
+        user: await this.userRepository.findOneByUuid(userUuid),
         session: session,
       }
     }

packages/auth/src/Domain/Authenticator/Authenticator.ts

@@ -3,10 +3,6 @@ import { Entity, Result, UniqueEntityId } from '@standardnotes/domain-core'
 import { AuthenticatorProps } from './AuthenticatorProps'
 
 export class Authenticator extends Entity<AuthenticatorProps> {
-  get id(): UniqueEntityId {
-    return this._id
-  }
-
   private constructor(props: AuthenticatorProps, id?: UniqueEntityId) {
     super(props, id)
   }

packages/auth/src/Domain/Authenticator/AuthenticatorChallenge.ts

@@ -3,10 +3,6 @@ import { Entity, Result, UniqueEntityId } from '@standardnotes/domain-core'
 import { AuthenticatorChallengeProps } from './AuthenticatorChallengeProps'
 
 export class AuthenticatorChallenge extends Entity<AuthenticatorChallengeProps> {
-  get id(): UniqueEntityId {
-    return this._id
-  }
-
   private constructor(props: AuthenticatorChallengeProps, id?: UniqueEntityId) {
     super(props, id)
   }

packages/auth/src/Domain/EmergencyAccess/EmergencyAccessInvitation.ts

@@ -3,10 +3,6 @@ import { Entity, Result, UniqueEntityId } from '@standardnotes/domain-core'
 import { EmergencyAccessInvitationProps } from './EmergencyAccessInvitationProps'
 
 export class EmergencyAccessInvitation extends Entity<EmergencyAccessInvitationProps> {
-  get id(): UniqueEntityId {
-    return this._id
-  }
-
   private constructor(props: EmergencyAccessInvitationProps, id?: UniqueEntityId) {
     super(props, id)
   }

packages/auth/src/Domain/Handler/AccountDeletionRequestedEventHandler.spec.ts

@@ -50,7 +50,7 @@ describe('AccountDeletionRequestedEventHandler', () => {
 
     ephemeralSession = {
       uuid: '2-3-4',
-      userUuid: '1-2-3',
+      userUuid: '00000000-0000-0000-0000-000000000000',
     } as jest.Mocked<EphemeralSession>
 
     ephemeralSessionRepository = {} as jest.Mocked<EphemeralSessionRepositoryInterface>
@@ -68,7 +68,7 @@ describe('AccountDeletionRequestedEventHandler', () => {
     event = {} as jest.Mocked<AccountDeletionRequestedEvent>
     event.createdAt = new Date(1)
     event.payload = {
-      userUuid: '1-2-3',
+      userUuid: '00000000-0000-0000-0000-000000000000',
       userCreatedAtTimestamp: 1,
       regularSubscriptionUuid: '2-3-4',
     }
@@ -84,6 +84,14 @@ describe('AccountDeletionRequestedEventHandler', () => {
     expect(userRepository.remove).toHaveBeenCalledWith(user)
   })
 
+  it('should not remove a user with invalid uuid', async () => {
+    event.payload.userUuid = 'invalid'
+
+    await createHandler().handle(event)
+
+    expect(userRepository.remove).not.toHaveBeenCalled()
+  })
+
   it('should not remove a user if one does not exist', async () => {
     userRepository.findOneByUuid = jest.fn().mockReturnValue(null)
 
@@ -100,6 +108,6 @@ describe('AccountDeletionRequestedEventHandler', () => {
 
     expect(sessionRepository.remove).toHaveBeenCalledWith(session)
     expect(revokedSessionRepository.remove).toHaveBeenCalledWith(revokedSession)
-    expect(ephemeralSessionRepository.deleteOne).toHaveBeenCalledWith('2-3-4', '1-2-3')
+    expect(ephemeralSessionRepository.deleteOne).toHaveBeenCalledWith('2-3-4', '00000000-0000-0000-0000-000000000000')
   })
 })

packages/auth/src/Domain/Handler/AccountDeletionRequestedEventHandler.ts

@@ -6,6 +6,7 @@ import { EphemeralSessionRepositoryInterface } from '../Session/EphemeralSession
 import { RevokedSessionRepositoryInterface } from '../Session/RevokedSessionRepositoryInterface'
 import { SessionRepositoryInterface } from '../Session/SessionRepositoryInterface'
 import { UserRepositoryInterface } from '../User/UserRepositoryInterface'
+import { Uuid } from '@standardnotes/domain-core'
 
 @injectable()
 export class AccountDeletionRequestedEventHandler implements DomainEventHandlerInterface {
@@ -19,19 +20,27 @@ export class AccountDeletionRequestedEventHandler implements DomainEventHandlerI
   ) {}
 
   async handle(event: AccountDeletionRequestedEvent): Promise<void> {
-    const user = await this.userRepository.findOneByUuid(event.payload.userUuid)
-
-    if (user === null) {
+    const userUuidOrError = Uuid.create(event.payload.userUuid)
+    if (userUuidOrError.isFailed()) {
       this.logger.warn(`Could not find user with uuid: ${event.payload.userUuid}`)
 
       return
     }
+    const userUuid = userUuidOrError.getValue()
 
-    await this.removeSessions(event.payload.userUuid)
+    const user = await this.userRepository.findOneByUuid(userUuid)
+
+    if (user === null) {
+      this.logger.warn(`Could not find user with uuid: ${userUuid.value}`)
+
+      return
+    }
+
+    await this.removeSessions(userUuid.value)
 
     await this.userRepository.remove(user)
 
-    this.logger.info(`Finished account cleanup for user: ${event.payload.userUuid}`)
+    this.logger.info(`Finished account cleanup for user: ${userUuid.value}`)
   }
 
   private async removeSessions(userUuid: string): Promise<void> {

packages/auth/src/Domain/Handler/FileRemovedEventHandler.spec.ts

@@ -13,7 +13,8 @@ import { UserSubscriptionServiceInterface } from '../Subscription/UserSubscripti
 describe('FileRemovedEventHandler', () => {
   let userSubscriptionService: UserSubscriptionServiceInterface
   let logger: Logger
-  let user: User
+  let regularUser: User
+  let sharedUser: User
   let event: FileRemovedEvent
   let subscriptionSettingService: SubscriptionSettingServiceInterface
   let regularSubscription: UserSubscription
@@ -22,20 +23,24 @@ describe('FileRemovedEventHandler', () => {
   const createHandler = () => new FileRemovedEventHandler(userSubscriptionService, subscriptionSettingService, logger)
 
   beforeEach(() => {
-    user = {
+    regularUser = {
       uuid: '123',
     } as jest.Mocked<User>
 
+    sharedUser = {
+      uuid: '234',
+    } as jest.Mocked<User>
+
     regularSubscription = {
       uuid: '1-2-3',
       subscriptionType: UserSubscriptionType.Regular,
-      user: Promise.resolve(user),
+      user: Promise.resolve(regularUser),
     } as jest.Mocked<UserSubscription>
 
     sharedSubscription = {
       uuid: '2-3-4',
       subscriptionType: UserSubscriptionType.Shared,
-      user: Promise.resolve(user),
+      user: Promise.resolve(sharedUser),
     } as jest.Mocked<UserSubscription>
 
     userSubscriptionService = {} as jest.Mocked<UserSubscriptionServiceInterface>
@@ -93,10 +98,11 @@ describe('FileRemovedEventHandler', () => {
         unencryptedValue: '222',
         serverEncryptionVersion: 0,
       },
+      user: regularUser,
       userSubscription: {
         uuid: '1-2-3',
         subscriptionType: 'regular',
-        user: Promise.resolve(user),
+        user: Promise.resolve(regularUser),
       },
     })
   })
@@ -118,10 +124,11 @@ describe('FileRemovedEventHandler', () => {
         unencryptedValue: '222',
         serverEncryptionVersion: 0,
       },
+      user: regularUser,
       userSubscription: {
         uuid: '1-2-3',
         subscriptionType: 'regular',
-        user: Promise.resolve(user),
+        user: Promise.resolve(regularUser),
       },
     })
 
@@ -132,10 +139,11 @@ describe('FileRemovedEventHandler', () => {
         unencryptedValue: '222',
         serverEncryptionVersion: 0,
       },
+      user: sharedUser,
       userSubscription: {
         uuid: '2-3-4',
         subscriptionType: 'shared',
-        user: Promise.resolve(user),
+        user: Promise.resolve(sharedUser),
       },
     })
   })

packages/auth/src/Domain/Handler/FileRemovedEventHandler.ts

@@ -51,6 +51,7 @@ export class FileRemovedEventHandler implements DomainEventHandlerInterface {
 
     await this.subscriptionSettingService.createOrReplace({
       userSubscription: subscription,
+      user,
       props: {
         name: SettingName.NAMES.FileUploadBytesUsed,
         unencryptedValue: (+bytesUsed - byteSize).toString(),

packages/auth/src/Domain/Handler/FileUploadedEventHandler.spec.ts

@@ -33,7 +33,7 @@ describe('FileUploadedEventHandler', () => {
     userRepository.findOneByUuid = jest.fn().mockReturnValue(user)
 
     regularSubscription = {
-      uuid: '1-2-3',
+      uuid: '00000000-0000-0000-0000-000000000000',
       subscriptionType: UserSubscriptionType.Regular,
       user: Promise.resolve(user),
     } as jest.Mocked<UserSubscription>
@@ -56,9 +56,9 @@ describe('FileUploadedEventHandler', () => {
     event = {} as jest.Mocked<FileUploadedEvent>
     event.createdAt = new Date(1)
     event.payload = {
-      userUuid: '1-2-3',
+      userUuid: '00000000-0000-0000-0000-000000000000',
       fileByteSize: 123,
-      filePath: '1-2-3/2-3-4',
+      filePath: '00000000-0000-0000-0000-000000000000/2-3-4',
       fileName: '2-3-4',
     }
 
@@ -76,14 +76,23 @@ describe('FileUploadedEventHandler', () => {
         unencryptedValue: '123',
         serverEncryptionVersion: 0,
       },
+      user,
       userSubscription: {
-        uuid: '1-2-3',
+        uuid: '00000000-0000-0000-0000-000000000000',
         subscriptionType: 'regular',
         user: Promise.resolve(user),
       },
     })
   })
 
+  it('should not do anything if a user uuid is invalid', async () => {
+    event.payload.userUuid = 'invalid'
+
+    await createHandler().handle(event)
+
+    expect(subscriptionSettingService.createOrReplace).not.toHaveBeenCalled()
+  })
+
   it('should not do anything if a user is not found', async () => {
     userRepository.findOneByUuid = jest.fn().mockReturnValue(null)
 
@@ -118,8 +127,9 @@ describe('FileUploadedEventHandler', () => {
         unencryptedValue: '468',
         serverEncryptionVersion: 0,
       },
+      user,
       userSubscription: {
-        uuid: '1-2-3',
+        uuid: '00000000-0000-0000-0000-000000000000',
         subscriptionType: 'regular',
         user: Promise.resolve(user),
       },
@@ -143,8 +153,9 @@ describe('FileUploadedEventHandler', () => {
         unencryptedValue: '468',
         serverEncryptionVersion: 0,
       },
+      user,
       userSubscription: {
-        uuid: '1-2-3',
+        uuid: '00000000-0000-0000-0000-000000000000',
         subscriptionType: 'regular',
         user: Promise.resolve(user),
       },
@@ -157,6 +168,7 @@ describe('FileUploadedEventHandler', () => {
         unencryptedValue: '468',
         serverEncryptionVersion: 0,
       },
+      user,
       userSubscription: {
         uuid: '2-3-4',
         subscriptionType: 'shared',

packages/auth/src/Domain/Handler/FileUploadedEventHandler.ts

@@ -9,6 +9,8 @@ import { SubscriptionSettingServiceInterface } from '../Setting/SubscriptionSett
 import { UserSubscription } from '../Subscription/UserSubscription'
 import { UserSubscriptionServiceInterface } from '../Subscription/UserSubscriptionServiceInterface'
 import { UserRepositoryInterface } from '../User/UserRepositoryInterface'
+import { User } from '../User/User'
+import { Uuid } from '@standardnotes/domain-core'
 
 @injectable()
 export class FileUploadedEventHandler implements DomainEventHandlerInterface {
@@ -21,29 +23,41 @@ export class FileUploadedEventHandler implements DomainEventHandlerInterface {
   ) {}
 
   async handle(event: FileUploadedEvent): Promise<void> {
-    const user = await this.userRepository.findOneByUuid(event.payload.userUuid)
+    const userUuidOrError = Uuid.create(event.payload.userUuid)
+    if (userUuidOrError.isFailed()) {
+      this.logger.warn(userUuidOrError.getError())
+
+      return
+    }
+    const userUuid = userUuidOrError.getValue()
+
+    const user = await this.userRepository.findOneByUuid(userUuid)
     if (user === null) {
-      this.logger.warn(`Could not find user with uuid: ${event.payload.userUuid}`)
+      this.logger.warn(`Could not find user with uuid: ${userUuid.value}`)
 
       return
     }
 
     const { regularSubscription, sharedSubscription } =
-      await this.userSubscriptionService.findRegularSubscriptionForUserUuid(event.payload.userUuid)
+      await this.userSubscriptionService.findRegularSubscriptionForUserUuid(userUuid.value)
     if (regularSubscription === null) {
-      this.logger.warn(`Could not find regular user subscription for user with uuid: ${event.payload.userUuid}`)
+      this.logger.warn(`Could not find regular user subscription for user with uuid: ${userUuid.value}`)
 
       return
     }
 
-    await this.updateUploadBytesUsedSetting(regularSubscription, event.payload.fileByteSize)
+    await this.updateUploadBytesUsedSetting(regularSubscription, user, event.payload.fileByteSize)
 
     if (sharedSubscription !== null) {
-      await this.updateUploadBytesUsedSetting(sharedSubscription, event.payload.fileByteSize)
+      await this.updateUploadBytesUsedSetting(sharedSubscription, user, event.payload.fileByteSize)
     }
   }
 
-  private async updateUploadBytesUsedSetting(subscription: UserSubscription, byteSize: number): Promise<void> {
+  private async updateUploadBytesUsedSetting(
+    subscription: UserSubscription,
+    user: User,
+    byteSize: number,
+  ): Promise<void> {
     let bytesUsed = '0'
     const bytesUsedSetting = await this.subscriptionSettingService.findSubscriptionSettingWithDecryptedValue({
       userUuid: (await subscription.user).uuid,
@@ -56,6 +70,7 @@ export class FileUploadedEventHandler implements DomainEventHandlerInterface {
 
     await this.subscriptionSettingService.createOrReplace({
       userSubscription: subscription,
+      user,
       props: {
         name: SettingName.NAMES.FileUploadBytesUsed,
         unencryptedValue: (+bytesUsed + byteSize).toString(),

packages/auth/src/Domain/Handler/SubscriptionPurchasedEventHandler.spec.ts

@@ -114,8 +114,6 @@ describe('SubscriptionPurchasedEventHandler', () => {
 
     expect(subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription).toHaveBeenCalledWith(
       subscription,
-      SubscriptionName.ProPlan,
-      '123',
     )
   })
 

packages/auth/src/Domain/Handler/SubscriptionPurchasedEventHandler.ts

@@ -66,11 +66,7 @@ export class SubscriptionPurchasedEventHandler implements DomainEventHandlerInte
 
     await this.addUserRole(user, event.payload.subscriptionName)
 
-    await this.subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription(
-      userSubscription,
-      event.payload.subscriptionName,
-      user.uuid,
-    )
+    await this.subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription(userSubscription)
   }
 
   private async addUserRole(user: User, subscriptionName: string): Promise<void> {

packages/auth/src/Domain/Handler/SubscriptionReassignedEventHandler.spec.ts

@@ -94,8 +94,6 @@ describe('SubscriptionReassignedEventHandler', () => {
 
     expect(subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription).toHaveBeenCalledWith(
       subscription,
-      SubscriptionName.ProPlan,
-      '123',
     )
   })
 

packages/auth/src/Domain/Handler/SubscriptionReassignedEventHandler.ts

@@ -63,11 +63,7 @@ export class SubscriptionReassignedEventHandler implements DomainEventHandlerInt
       },
     })
 
-    await this.subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription(
-      userSubscription,
-      event.payload.subscriptionName,
-      user.uuid,
-    )
+    await this.subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription(userSubscription)
   }
 
   private async addUserRole(user: User, subscriptionName: string): Promise<void> {

packages/auth/src/Domain/Handler/SubscriptionSyncRequestedEventHandler.spec.ts

@@ -129,8 +129,6 @@ describe('SubscriptionSyncRequestedEventHandler', () => {
 
     expect(subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription).toHaveBeenCalledWith(
       subscription,
-      SubscriptionName.ProPlan,
-      '123',
     )
 
     expect(settingService.createOrReplace).toHaveBeenCalledWith({

packages/auth/src/Domain/Handler/SubscriptionSyncRequestedEventHandler.ts

@@ -95,11 +95,7 @@ export class SubscriptionSyncRequestedEventHandler implements DomainEventHandler
 
     await this.roleService.addUserRole(user, event.payload.subscriptionName)
 
-    await this.subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription(
-      userSubscription,
-      event.payload.subscriptionName,
-      user.uuid,
-    )
+    await this.subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription(userSubscription)
 
     await this.settingService.createOrReplace({
       user,

packages/auth/src/Domain/Role/RoleService.spec.ts

@@ -214,13 +214,25 @@ describe('RoleService', () => {
     })
 
     it('should indicate if a user has given permission', async () => {
-      const userHasPermission = await createService().userHasPermission('1-2-3', PermissionName.DailyEmailBackup)
+      const userHasPermission = await createService().userHasPermission(
+        '00000000-0000-0000-0000-000000000000',
+        PermissionName.DailyEmailBackup,
+      )
 
       expect(userHasPermission).toBeTruthy()
     })
 
+    it('should not indiciate if a user has permission if the user uuid is invalid', async () => {
+      const userHasPermission = await createService().userHasPermission('invalid', PermissionName.DailyEmailBackup)
+
+      expect(userHasPermission).toBeFalsy()
+    })
+
     it('should indicate if a user does not have a given permission', async () => {
-      const userHasPermission = await createService().userHasPermission('1-2-3', PermissionName.MarkdownProEditor)
+      const userHasPermission = await createService().userHasPermission(
+        '00000000-0000-0000-0000-000000000000',
+        PermissionName.MarkdownProEditor,
+      )
 
       expect(userHasPermission).toBeFalsy()
     })
@@ -228,7 +240,10 @@ describe('RoleService', () => {
     it('should indicate user does not have a permission if user could not be found', async () => {
       userRepository.findOneByUuid = jest.fn().mockReturnValue(null)
 
-      const userHasPermission = await createService().userHasPermission('1-2-3', PermissionName.MarkdownProEditor)
+      const userHasPermission = await createService().userHasPermission(
+        '00000000-0000-0000-0000-000000000000',
+        PermissionName.MarkdownProEditor,
+      )
 
       expect(userHasPermission).toBeFalsy()
     })

packages/auth/src/Domain/Role/RoleService.ts

@@ -13,6 +13,7 @@ import { RoleToSubscriptionMapInterface } from './RoleToSubscriptionMapInterface
 import { OfflineUserSubscriptionRepositoryInterface } from '../Subscription/OfflineUserSubscriptionRepositoryInterface'
 import { Role } from './Role'
 import { OfflineUserSubscription } from '../Subscription/OfflineUserSubscription'
+import { Uuid } from '@standardnotes/domain-core'
 
 @injectable()
 export class RoleService implements RoleServiceInterface {
@@ -26,10 +27,16 @@ export class RoleService implements RoleServiceInterface {
     @inject(TYPES.Auth_Logger) private logger: Logger,
   ) {}
 
-  async userHasPermission(userUuid: string, permissionName: PermissionName): Promise<boolean> {
+  async userHasPermission(userUuidString: string, permissionName: PermissionName): Promise<boolean> {
+    const userUuidOrError = Uuid.create(userUuidString)
+    if (userUuidOrError.isFailed()) {
+      return false
+    }
+    const userUuid = userUuidOrError.getValue()
+
     const user = await this.userRepository.findOneByUuid(userUuid)
     if (user === null) {
-      this.logger.warn(`Could not find user with uuid ${userUuid} for permissions check`)
+      this.logger.warn(`Could not find user with uuid ${userUuid.value} for permissions check`)
 
       return false
     }

packages/auth/src/Domain/Session/SessionTrace.ts

@@ -3,10 +3,6 @@ import { Entity, Result, UniqueEntityId } from '@standardnotes/domain-core'
 import { SessionTraceProps } from './SessionTraceProps'
 
 export class SessionTrace extends Entity<SessionTraceProps> {
-  get id(): UniqueEntityId {
-    return this._id
-  }
-
   private constructor(props: SessionTraceProps, id?: UniqueEntityId) {
     super(props, id)
   }

packages/auth/src/Domain/Setting/CreateOrReplaceSubscriptionSettingDTO.ts

@@ -1,7 +1,9 @@
 import { UserSubscription } from '../Subscription/UserSubscription'
+import { User } from '../User/User'
 import { SubscriptionSettingProps } from './SubscriptionSettingProps'
 
 export type CreateOrReplaceSubscriptionSettingDTO = {
   userSubscription: UserSubscription
+  user: User
   props: SubscriptionSettingProps
 }

packages/auth/src/Domain/Setting/SettingDecrypter.spec.ts

@@ -32,7 +32,9 @@ describe('SettingDecrypter', () => {
       serverEncryptionVersion: EncryptionVersion.Default,
     } as jest.Mocked<Setting>
 
-    expect(await createDecrypter().decryptSettingValue(setting, '1-2-3')).toEqual('decrypted')
+    expect(await createDecrypter().decryptSettingValue(setting, '00000000-0000-0000-0000-000000000000')).toEqual(
+      'decrypted',
+    )
   })
 
   it('should return null if the setting value is null', async () => {
@@ -41,7 +43,7 @@ describe('SettingDecrypter', () => {
       serverEncryptionVersion: EncryptionVersion.Default,
     } as jest.Mocked<Setting>
 
-    expect(await createDecrypter().decryptSettingValue(setting, '1-2-3')).toBeNull()
+    expect(await createDecrypter().decryptSettingValue(setting, '00000000-0000-0000-0000-000000000000')).toBeNull()
   })
 
   it('should return unencrypted value if the setting value is unencrypted', async () => {
@@ -50,7 +52,7 @@ describe('SettingDecrypter', () => {
       serverEncryptionVersion: EncryptionVersion.Unencrypted,
     } as jest.Mocked<Setting>
 
-    expect(await createDecrypter().decryptSettingValue(setting, '1-2-3')).toEqual('test')
+    expect(await createDecrypter().decryptSettingValue(setting, '00000000-0000-0000-0000-000000000000')).toEqual('test')
   })
 
   it('should throw if the user could not be found', async () => {
@@ -62,7 +64,23 @@ describe('SettingDecrypter', () => {
 
     let caughtError = null
     try {
-      await createDecrypter().decryptSettingValue(setting, '1-2-3')
+      await createDecrypter().decryptSettingValue(setting, '00000000-0000-0000-0000-000000000000')
+    } catch (error) {
+      caughtError = error
+    }
+
+    expect(caughtError).not.toBeNull()
+  })
+
+  it('should throw if the user uuid is invalid', async () => {
+    const setting = {
+      value: 'encrypted',
+      serverEncryptionVersion: EncryptionVersion.Default,
+    } as jest.Mocked<Setting>
+
+    let caughtError = null
+    try {
+      await createDecrypter().decryptSettingValue(setting, 'invalid')
     } catch (error) {
       caughtError = error
     }

packages/auth/src/Domain/Setting/SettingDecrypter.ts

@@ -6,6 +6,7 @@ import { UserRepositoryInterface } from '../User/UserRepositoryInterface'
 import { Setting } from './Setting'
 import { SettingDecrypterInterface } from './SettingDecrypterInterface'
 import { SubscriptionSetting } from './SubscriptionSetting'
+import { Uuid } from '@standardnotes/domain-core'
 
 @injectable()
 export class SettingDecrypter implements SettingDecrypterInterface {
@@ -14,12 +15,18 @@ export class SettingDecrypter implements SettingDecrypterInterface {
     @inject(TYPES.Auth_Crypter) private crypter: CrypterInterface,
   ) {}
 
-  async decryptSettingValue(setting: Setting | SubscriptionSetting, userUuid: string): Promise<string | null> {
+  async decryptSettingValue(setting: Setting | SubscriptionSetting, userUuidString: string): Promise<string | null> {
     if (setting.value !== null && setting.serverEncryptionVersion === EncryptionVersion.Default) {
+      const userUuidOrError = Uuid.create(userUuidString)
+      if (userUuidOrError.isFailed()) {
+        throw new Error(userUuidOrError.getError())
+      }
+      const userUuid = userUuidOrError.getValue()
+
       const user = await this.userRepository.findOneByUuid(userUuid)
 
       if (user === null) {
-        throw new Error(`Could not find user with uuid: ${userUuid}`)
+        throw new Error(`Could not find user with uuid: ${userUuid.value}`)
       }
 
       return this.crypter.decryptForUser(setting.value, user)

packages/auth/src/Domain/Setting/SubscriptionSettingService.spec.ts

@@ -45,6 +45,7 @@ describe('SubscriptionSettingService', () => {
     userSubscription = {
       uuid: '1-2-3',
       user: Promise.resolve(user),
+      planName: SubscriptionName.PlusPlan,
     } as jest.Mocked<UserSubscription>
 
     setting = {
@@ -97,15 +98,70 @@ describe('SubscriptionSettingService', () => {
   })
 
   it('should create default settings for a subscription', async () => {
-    await createService().applyDefaultSubscriptionSettingsForSubscription(
-      userSubscription,
-      SubscriptionName.PlusPlan,
-      '1-2-3',
-    )
+    await createService().applyDefaultSubscriptionSettingsForSubscription(userSubscription)
 
     expect(subscriptionSettingRepository.save).toHaveBeenCalledWith(setting)
   })
 
+  it('should create default settings for a subscription with overrides', async () => {
+    subscriptionSettingsAssociationService.getDefaultSettingsAndValuesForSubscriptionName = jest.fn().mockReturnValue(
+      new Map([
+        [
+          SettingName.NAMES.FileUploadBytesUsed,
+          {
+            value: '0',
+            sensitive: 0,
+            serverEncryptionVersion: EncryptionVersion.Unencrypted,
+            replaceable: false,
+          },
+        ],
+        [
+          SettingName.NAMES.FileUploadBytesLimit,
+          {
+            value: '345',
+            sensitive: 0,
+            serverEncryptionVersion: EncryptionVersion.Unencrypted,
+            replaceable: true,
+          },
+        ],
+      ]),
+    )
+
+    await createService().applyDefaultSubscriptionSettingsForSubscription(
+      userSubscription,
+      new Map([[SettingName.NAMES.FileUploadBytesLimit, '123']]),
+    )
+
+    expect(factory.createSubscriptionSetting).toHaveBeenNthCalledWith(
+      1,
+      {
+        name: SettingName.NAMES.FileUploadBytesUsed,
+        sensitive: 0,
+        serverEncryptionVersion: EncryptionVersion.Unencrypted,
+        unencryptedValue: '0',
+      },
+      {
+        planName: SubscriptionName.PlusPlan,
+        user: Promise.resolve(user),
+        uuid: '1-2-3',
+      },
+    )
+    expect(factory.createSubscriptionSetting).toHaveBeenNthCalledWith(
+      2,
+      {
+        name: SettingName.NAMES.FileUploadBytesLimit,
+        sensitive: 0,
+        serverEncryptionVersion: EncryptionVersion.Unencrypted,
+        unencryptedValue: '123',
+      },
+      {
+        planName: SubscriptionName.PlusPlan,
+        user: Promise.resolve(user),
+        uuid: '1-2-3',
+      },
+    )
+  })
+
   it('should throw error if subscription setting is invalid', async () => {
     subscriptionSettingsAssociationService.getDefaultSettingsAndValuesForSubscriptionName = jest.fn().mockReturnValue(
       new Map([
@@ -121,13 +177,7 @@ describe('SubscriptionSettingService', () => {
       ]),
     )
 
-    await expect(
-      createService().applyDefaultSubscriptionSettingsForSubscription(
-        userSubscription,
-        SubscriptionName.PlusPlan,
-        '1-2-3',
-      ),
-    ).rejects.toThrow()
+    await expect(createService().applyDefaultSubscriptionSettingsForSubscription(userSubscription)).rejects.toThrow()
   })
 
   it('should throw error if setting name is not a subscription setting when applying defaults', async () => {
@@ -145,13 +195,7 @@ describe('SubscriptionSettingService', () => {
       ]),
     )
 
-    await expect(
-      createService().applyDefaultSubscriptionSettingsForSubscription(
-        userSubscription,
-        SubscriptionName.PlusPlan,
-        '1-2-3',
-      ),
-    ).rejects.toThrow()
+    await expect(createService().applyDefaultSubscriptionSettingsForSubscription(userSubscription)).rejects.toThrow()
   })
 
   it('should reassign existing default settings for a subscription if it is not replaceable', async () => {
@@ -170,11 +214,7 @@ describe('SubscriptionSettingService', () => {
     )
     subscriptionSettingRepository.findLastByNameAndUserSubscriptionUuid = jest.fn().mockReturnValue(setting)
 
-    await createService().applyDefaultSubscriptionSettingsForSubscription(
-      userSubscription,
-      SubscriptionName.PlusPlan,
-      '1-2-3',
-    )
+    await createService().applyDefaultSubscriptionSettingsForSubscription(userSubscription)
 
     expect(subscriptionSettingRepository.save).toHaveBeenCalled()
   })
@@ -195,11 +235,7 @@ describe('SubscriptionSettingService', () => {
     )
     subscriptionSettingRepository.findLastByNameAndUserSubscriptionUuid = jest.fn().mockReturnValue(null)
 
-    await createService().applyDefaultSubscriptionSettingsForSubscription(
-      userSubscription,
-      SubscriptionName.PlusPlan,
-      '1-2-3',
-    )
+    await createService().applyDefaultSubscriptionSettingsForSubscription(userSubscription)
 
     expect(subscriptionSettingRepository.save).toHaveBeenCalledWith(setting)
   })
@@ -225,11 +261,7 @@ describe('SubscriptionSettingService', () => {
       } as jest.Mocked<UserSubscription>,
     ])
 
-    await createService().applyDefaultSubscriptionSettingsForSubscription(
-      userSubscription,
-      SubscriptionName.PlusPlan,
-      '1-2-3',
-    )
+    await createService().applyDefaultSubscriptionSettingsForSubscription(userSubscription)
 
     expect(subscriptionSettingRepository.save).toHaveBeenCalledWith(setting)
   })
@@ -239,11 +271,7 @@ describe('SubscriptionSettingService', () => {
       .fn()
       .mockReturnValue(undefined)
 
-    await createService().applyDefaultSubscriptionSettingsForSubscription(
-      userSubscription,
-      SubscriptionName.PlusPlan,
-      '1-2-3',
-    )
+    await createService().applyDefaultSubscriptionSettingsForSubscription(userSubscription)
 
     expect(subscriptionSettingRepository.save).not.toHaveBeenCalled()
   })
@@ -251,6 +279,7 @@ describe('SubscriptionSettingService', () => {
   it("should create setting if it doesn't exist", async () => {
     const result = await createService().createOrReplace({
       userSubscription,
+      user,
       props: {
         name: SettingName.NAMES.FileUploadBytesLimit,
         unencryptedValue: 'value',
@@ -266,6 +295,7 @@ describe('SubscriptionSettingService', () => {
     await expect(
       createService().createOrReplace({
         userSubscription,
+        user,
         props: {
           name: 'invalid',
           unencryptedValue: 'value',
@@ -280,6 +310,7 @@ describe('SubscriptionSettingService', () => {
     await expect(
       createService().createOrReplace({
         userSubscription,
+        user,
         props: {
           name: SettingName.NAMES.DropboxBackupFrequency,
           unencryptedValue: 'value',
@@ -295,6 +326,7 @@ describe('SubscriptionSettingService', () => {
 
     const result = await createService().createOrReplace({
       userSubscription,
+      user,
       props: {
         uuid: '1-2-3',
         name: SettingName.NAMES.FileUploadBytesLimit,
@@ -312,6 +344,7 @@ describe('SubscriptionSettingService', () => {
 
     const result = await createService().createOrReplace({
       userSubscription,
+      user,
       props: {
         ...setting,
         unencryptedValue: 'value',
@@ -327,6 +360,7 @@ describe('SubscriptionSettingService', () => {
 
     const result = await createService().createOrReplace({
       userSubscription,
+      user,
       props: {
         ...setting,
         uuid: '1-2-3',

packages/auth/src/Domain/Setting/SubscriptionSettingService.ts

@@ -1,4 +1,3 @@
-import { SubscriptionName } from '@standardnotes/common'
 import { inject, injectable } from 'inversify'
 import { Logger } from 'winston'
 
@@ -36,17 +35,20 @@ export class SubscriptionSettingService implements SubscriptionSettingServiceInt
 
   async applyDefaultSubscriptionSettingsForSubscription(
     userSubscription: UserSubscription,
-    subscriptionName: SubscriptionName,
-    userUuid: string,
+    overrides?: Map<string, string>,
   ): Promise<void> {
     const defaultSettingsWithValues =
-      await this.subscriptionSettingAssociationService.getDefaultSettingsAndValuesForSubscriptionName(subscriptionName)
+      await this.subscriptionSettingAssociationService.getDefaultSettingsAndValuesForSubscriptionName(
+        userSubscription.planName,
+      )
     if (defaultSettingsWithValues === undefined) {
-      this.logger.warn(`Could not find settings for subscription: ${subscriptionName}`)
+      this.logger.warn(`Could not find settings for subscription: ${userSubscription.planName}`)
 
       return
     }
 
+    const user = await userSubscription.user
+
     for (const settingNameString of defaultSettingsWithValues.keys()) {
       const settingNameOrError = SettingName.create(settingNameString)
       if (settingNameOrError.isFailed()) {
@@ -59,7 +61,11 @@ export class SubscriptionSettingService implements SubscriptionSettingServiceInt
 
       const setting = defaultSettingsWithValues.get(settingName.value) as SettingDescription
       if (!setting.replaceable) {
-        const existingSetting = await this.findPreviousSubscriptionSetting(settingName, userSubscription.uuid, userUuid)
+        const existingSetting = await this.findPreviousSubscriptionSetting(
+          settingName,
+          userSubscription.uuid,
+          user.uuid,
+        )
         if (existingSetting !== null) {
           existingSetting.userSubscription = Promise.resolve(userSubscription)
           await this.subscriptionSettingRepository.save(existingSetting)
@@ -68,11 +74,17 @@ export class SubscriptionSettingService implements SubscriptionSettingServiceInt
         }
       }
 
+      let unencryptedValue = setting.value
+      if (overrides && overrides.has(settingName.value)) {
+        unencryptedValue = overrides.get(settingName.value) as string
+      }
+
       await this.createOrReplace({
         userSubscription,
+        user,
         props: {
           name: settingName.value,
-          unencryptedValue: setting.value,
+          unencryptedValue,
           serverEncryptionVersion: setting.serverEncryptionVersion,
           sensitive: setting.sensitive,
         },
@@ -109,7 +121,7 @@ export class SubscriptionSettingService implements SubscriptionSettingServiceInt
   async createOrReplace(
     dto: CreateOrReplaceSubscriptionSettingDTO,
   ): Promise<CreateOrReplaceSubscriptionSettingResponse> {
-    const { userSubscription, props } = dto
+    const { userSubscription, user, props } = dto
 
     const settingNameOrError = SettingName.create(props.name)
     if (settingNameOrError.isFailed()) {
@@ -121,7 +133,6 @@ export class SubscriptionSettingService implements SubscriptionSettingServiceInt
       throw new Error(`Setting ${settingName.value} is not a subscription setting`)
     }
 
-    const user = await userSubscription.user
     const existing = await this.findSubscriptionSettingWithDecryptedValue({
       userUuid: user.uuid,
       userSubscriptionUuid: userSubscription.uuid,

packages/auth/src/Domain/Setting/SubscriptionSettingServiceInterface.ts

@@ -8,8 +8,7 @@ import { SubscriptionSetting } from './SubscriptionSetting'
 export interface SubscriptionSettingServiceInterface {
   applyDefaultSubscriptionSettingsForSubscription(
     userSubscription: UserSubscription,
-    subscriptionName: string,
-    userUuid: string,
+    overrides?: Map<string, string>,
   ): Promise<void>
   createOrReplace(dto: CreateOrReplaceSubscriptionSettingDTO): Promise<CreateOrReplaceSubscriptionSettingResponse>
   findSubscriptionSettingWithDecryptedValue(dto: FindSubscriptionSettingDTO): Promise<SubscriptionSetting | null>

packages/auth/src/Domain/Setting/SubscriptionSettingsAssociationServiceInterface.ts

@@ -4,7 +4,7 @@ import { SettingDescription } from './SettingDescription'
 
 export interface SubscriptionSettingsAssociationServiceInterface {
   getDefaultSettingsAndValuesForSubscriptionName(
-    subscriptionName: SubscriptionName,
+    subscriptionName: string,
   ): Promise<Map<string, SettingDescription> | undefined>
   getFileUploadLimit(subscriptionName: SubscriptionName): Promise<number>
 }

packages/auth/src/Domain/UseCase/AcceptSharedSubscriptionInvitation/AcceptSharedSubscriptionInvitation.spec.ts

@@ -106,8 +106,6 @@ describe('AcceptSharedSubscriptionInvitation', () => {
     expect(roleService.addUserRole).toHaveBeenCalledWith(invitee, 'PLUS_PLAN')
     expect(subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription).toHaveBeenCalledWith(
       inviteeSubscription,
-      'PLUS_PLAN',
-      '123',
     )
   })
 
@@ -148,8 +146,6 @@ describe('AcceptSharedSubscriptionInvitation', () => {
     expect(roleService.addUserRole).toHaveBeenCalledWith(invitee, 'PLUS_PLAN')
     expect(subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription).toHaveBeenCalledWith(
       inviteeSubscription,
-      'PLUS_PLAN',
-      '123',
     )
   })
 

packages/auth/src/Domain/UseCase/AcceptSharedSubscriptionInvitation/AcceptSharedSubscriptionInvitation.ts

@@ -92,11 +92,7 @@ export class AcceptSharedSubscriptionInvitation implements UseCaseInterface {
 
     await this.addUserRole(invitee, inviterUserSubscription.planName as SubscriptionName)
 
-    await this.subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription(
-      inviteeSubscription,
-      inviteeSubscription.planName as SubscriptionName,
-      invitee.uuid,
-    )
+    await this.subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription(inviteeSubscription)
 
     return {
       success: true,

packages/auth/src/Domain/UseCase/ActivatePremiumFeatures/ActivatePremiumFeatures.spec.ts

@@ -5,16 +5,24 @@ import { UserRepositoryInterface } from '../../User/UserRepositoryInterface'
 
 import { ActivatePremiumFeatures } from './ActivatePremiumFeatures'
 import { User } from '../../User/User'
+import { SubscriptionSettingServiceInterface } from '../../Setting/SubscriptionSettingServiceInterface'
 
 describe('ActivatePremiumFeatures', () => {
   let userRepository: UserRepositoryInterface
   let userSubscriptionRepository: UserSubscriptionRepositoryInterface
+  let subscriptionSettingsService: SubscriptionSettingServiceInterface
   let roleService: RoleServiceInterface
   let timer: TimerInterface
   let user: User
 
   const createUseCase = () =>
-    new ActivatePremiumFeatures(userRepository, userSubscriptionRepository, roleService, timer)
+    new ActivatePremiumFeatures(
+      userRepository,
+      userSubscriptionRepository,
+      subscriptionSettingsService,
+      roleService,
+      timer,
+    )
 
   beforeEach(() => {
     user = {} as jest.Mocked<User>
@@ -32,6 +40,9 @@ describe('ActivatePremiumFeatures', () => {
     timer.getTimestampInMicroseconds = jest.fn().mockReturnValue(123456789)
     timer.convertDateToMicroseconds = jest.fn().mockReturnValue(123456789)
     timer.getUTCDateNDaysAhead = jest.fn().mockReturnValue(new Date('2024-01-01T00:00:00.000Z'))
+
+    subscriptionSettingsService = {} as jest.Mocked<SubscriptionSettingServiceInterface>
+    subscriptionSettingsService.applyDefaultSubscriptionSettingsForSubscription = jest.fn()
   })
 
   it('should return error when username is invalid', async () => {
@@ -64,4 +75,28 @@ describe('ActivatePremiumFeatures', () => {
     expect(userSubscriptionRepository.save).toHaveBeenCalled()
     expect(roleService.addUserRole).toHaveBeenCalled()
   })
+
+  it('should save a subscription with custom plan name and endsAt', async () => {
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      username: 'test@test.te',
+      subscriptionPlanName: 'PRO_PLAN',
+      endsAt: new Date('2024-01-01T00:00:00.000Z'),
+    })
+
+    expect(result.isFailed()).toBe(false)
+  })
+
+  it('should fail when subscription plan name is invalid', async () => {
+    const useCase = createUseCase()
+
+    const result = await useCase.execute({
+      username: 'test@test.te',
+      subscriptionPlanName: 'some invalid plan name',
+      endsAt: new Date('2024-01-01T00:00:00.000Z'),
+    })
+
+    expect(result.isFailed()).toBe(true)
+  })
 })

packages/auth/src/Domain/UseCase/ActivatePremiumFeatures/ActivatePremiumFeatures.ts

@@ -7,11 +7,14 @@ import { UserRepositoryInterface } from '../../User/UserRepositoryInterface'
 import { UserSubscription } from '../../Subscription/UserSubscription'
 import { UserSubscriptionType } from '../../Subscription/UserSubscriptionType'
 import { ActivatePremiumFeaturesDTO } from './ActivatePremiumFeaturesDTO'
+import { SubscriptionSettingServiceInterface } from '../../Setting/SubscriptionSettingServiceInterface'
+import { SettingName } from '@standardnotes/settings'
 
 export class ActivatePremiumFeatures implements UseCaseInterface<string> {
   constructor(
     private userRepository: UserRepositoryInterface,
     private userSubscriptionRepository: UserSubscriptionRepositoryInterface,
+    private subscriptionSettingService: SubscriptionSettingServiceInterface,
     private roleService: RoleServiceInterface,
     private timer: TimerInterface,
   ) {}
@@ -27,22 +30,35 @@ export class ActivatePremiumFeatures implements UseCaseInterface<string> {
     if (user === null) {
       return Result.fail(`User not found with username: ${username.value}`)
     }
+    const subscriptionPlanNameString = dto.subscriptionPlanName ?? SubscriptionPlanName.NAMES.ProPlan
+    const subscriptionPlanNameOrError = SubscriptionPlanName.create(subscriptionPlanNameString)
+    if (subscriptionPlanNameOrError.isFailed()) {
+      return Result.fail(subscriptionPlanNameOrError.getError())
+    }
+    const subscriptionPlanName = subscriptionPlanNameOrError.getValue()
 
     const timestamp = this.timer.getTimestampInMicroseconds()
 
+    const endsAt = dto.endsAt ?? this.timer.getUTCDateNDaysAhead(365)
+
     const subscription = new UserSubscription()
-    subscription.planName = SubscriptionPlanName.NAMES.ProPlan
+    subscription.planName = subscriptionPlanName.value
     subscription.user = Promise.resolve(user)
     subscription.createdAt = timestamp
     subscription.updatedAt = timestamp
-    subscription.endsAt = this.timer.convertDateToMicroseconds(this.timer.getUTCDateNDaysAhead(365))
+    subscription.endsAt = this.timer.convertDateToMicroseconds(endsAt)
     subscription.cancelled = false
     subscription.subscriptionId = 1
     subscription.subscriptionType = UserSubscriptionType.Regular
 
     await this.userSubscriptionRepository.save(subscription)
 
-    await this.roleService.addUserRole(user, SubscriptionPlanName.NAMES.ProPlan)
+    await this.roleService.addUserRole(user, subscriptionPlanName.value)
+
+    await this.subscriptionSettingService.applyDefaultSubscriptionSettingsForSubscription(
+      subscription,
+      new Map([[SettingName.NAMES.FileUploadBytesLimit, '-1']]),
+    )
 
     return Result.ok('Premium features activated.')
   }

packages/auth/src/Domain/UseCase/ActivatePremiumFeatures/ActivatePremiumFeaturesDTO.ts

@@ -1,3 +1,5 @@
 export interface ActivatePremiumFeaturesDTO {
   username: string
+  subscriptionPlanName?: string
+  endsAt?: Date
 }

packages/auth/src/Domain/UseCase/AuthenticateSubscriptionToken/AuthenticateSubscriptionToken.spec.ts

@@ -17,7 +17,7 @@ describe('AuthenticateSubscriptionToken', () => {
 
   beforeEach(() => {
     subscriptionTokenRepository = {} as jest.Mocked<SubscriptionTokenRepositoryInterface>
-    subscriptionTokenRepository.getUserUuidByToken = jest.fn().mockReturnValue('1-2-3')
+    subscriptionTokenRepository.getUserUuidByToken = jest.fn().mockReturnValue('00000000-0000-0000-0000-000000000000')
 
     user = {
       roles: Promise.resolve([{ name: RoleName.NAMES.CoreUser }]),
@@ -30,8 +30,6 @@ describe('AuthenticateSubscriptionToken', () => {
   it('should authenticate an subscription token', async () => {
     const response = await createUseCase().execute({ token: 'test' })
 
-    expect(userRepository.findOneByUuid).toHaveBeenCalledWith('1-2-3')
-
     expect(response.success).toBeTruthy()
 
     expect(response.user).toEqual(user)

packages/auth/src/Domain/UseCase/AuthenticateSubscriptionToken/AuthenticateSubscriptionToken.ts

@@ -6,6 +6,7 @@ import { UserRepositoryInterface } from '../../User/UserRepositoryInterface'
 import { UseCaseInterface } from '../UseCaseInterface'
 import { AuthenticateSubscriptionTokenDTO } from './AuthenticateSubscriptionTokenDTO'
 import { AuthenticateSubscriptionTokenResponse } from './AuthenticateSubscriptionTokenResponse'
+import { Uuid } from '@standardnotes/domain-core'
 
 @injectable()
 export class AuthenticateSubscriptionToken implements UseCaseInterface {
@@ -16,12 +17,14 @@ export class AuthenticateSubscriptionToken implements UseCaseInterface {
   ) {}
 
   async execute(dto: AuthenticateSubscriptionTokenDTO): Promise<AuthenticateSubscriptionTokenResponse> {
-    const userUuid = await this.subscriptionTokenRepository.getUserUuidByToken(dto.token)
-    if (userUuid === undefined) {
+    const userUuidString = await this.subscriptionTokenRepository.getUserUuidByToken(dto.token)
+    const userUuidOrError = Uuid.create(userUuidString as string)
+    if (userUuidOrError.isFailed()) {
       return {
         success: false,
       }
     }
+    const userUuid = userUuidOrError.getValue()
 
     const user = await this.userRepository.findOneByUuid(userUuid)
     if (user === null) {

packages/auth/src/Domain/UseCase/CreateCrossServiceToken/CreateCrossServiceToken.spec.ts

@@ -28,13 +28,15 @@ describe('CreateCrossServiceToken', () => {
     session = {} as jest.Mocked<Session>
 
     user = {
-      uuid: '1-2-3',
+      uuid: '00000000-0000-0000-0000-000000000000',
       email: 'test@test.te',
     } as jest.Mocked<User>
     user.roles = Promise.resolve([role])
 
     userProjector = {} as jest.Mocked<ProjectorInterface<User>>
-    userProjector.projectSimple = jest.fn().mockReturnValue({ uuid: '1-2-3', email: 'test@test.te' })
+    userProjector.projectSimple = jest
+      .fn()
+      .mockReturnValue({ uuid: '00000000-0000-0000-0000-000000000000', email: 'test@test.te' })
 
     roleProjector = {} as jest.Mocked<ProjectorInterface<Role>>
     roleProjector.projectSimple = jest.fn().mockReturnValue({ name: 'role1', uuid: '1-3-4' })
@@ -69,7 +71,7 @@ describe('CreateCrossServiceToken', () => {
         },
         user: {
           email: 'test@test.te',
-          uuid: '1-2-3',
+          uuid: '00000000-0000-0000-0000-000000000000',
         },
       },
       60,
@@ -91,7 +93,7 @@ describe('CreateCrossServiceToken', () => {
         ],
         user: {
           email: 'test@test.te',
-          uuid: '1-2-3',
+          uuid: '00000000-0000-0000-0000-000000000000',
         },
       },
       60,
@@ -100,7 +102,7 @@ describe('CreateCrossServiceToken', () => {
 
   it('should create a cross service token for user by user uuid', async () => {
     await createUseCase().execute({
-      userUuid: '1-2-3',
+      userUuid: '00000000-0000-0000-0000-000000000000',
     })
 
     expect(tokenEncoder.encodeExpirableToken).toHaveBeenCalledWith(
@@ -113,7 +115,7 @@ describe('CreateCrossServiceToken', () => {
         ],
         user: {
           email: 'test@test.te',
-          uuid: '1-2-3',
+          uuid: '00000000-0000-0000-0000-000000000000',
         },
       },
       60,
@@ -126,7 +128,20 @@ describe('CreateCrossServiceToken', () => {
     let caughtError = null
     try {
       await createUseCase().execute({
-        userUuid: '1-2-3',
+        userUuid: '00000000-0000-0000-0000-000000000000',
+      })
+    } catch (error) {
+      caughtError = error
+    }
+
+    expect(caughtError).not.toBeNull()
+  })
+
+  it('should throw an error if user uuid is invalid', async () => {
+    let caughtError = null
+    try {
+      await createUseCase().execute({
+        userUuid: 'invalid',
       })
     } catch (error) {
       caughtError = error