chore(release): publish new version

- @standardnotes/auth-server@1.130.0 - @standardnotes/home-server@1.13.30
feat(auth): invalidate other sessions for user if the email or password are changed (#684 )
2026-05-25 06:08:29 -04:00 · 2023-08-07 08:32:08 +00:00 · 2023-08-07 10:02:47 +02:00 · 2023-08-03 13:38:37 +00:00 · 2023-08-03 15:05:59 +02:00 · 2023-08-03 10:34:26 +00:00
87 changed files with 1046 additions and 446 deletions
@@ -50,7 +50,7 @@ jobs:
      run: docker/is-available.sh http://localhost:3123 $(pwd)/logs

    - name: Run E2E Test Suite
-      run: yarn dlx mocha-headless-chrome --timeout 1200000 -f http://localhost:9001/mocha/test.html
+      run: yarn dlx mocha-headless-chrome --timeout 1800000 -f http://localhost:9001/mocha/test.html

    - name: Show logs on failure
      if: ${{ failure() }}
@@ -145,7 +145,7 @@ jobs:
      run: for i in {1..30}; do curl -s http://localhost:3123/healthcheck && break || sleep 1; done

    - name: Run E2E Test Suite
-      run: yarn dlx mocha-headless-chrome --timeout 1200000 -f http://localhost:9001/mocha/test.html
+      run: yarn dlx mocha-headless-chrome --timeout 1800000 -f http://localhost:9001/mocha/test.html

    - name: Show logs on failure
      if: ${{ failure() }}
@@ -5259,7 +5259,6 @@ const RAW_RUNTIME_STATE =
          ["@standardnotes/domain-events-infra", "workspace:packages/domain-events-infra"],\
          ["@standardnotes/responses", "npm:1.13.27"],\
          ["@standardnotes/security", "workspace:packages/security"],\
-          ["@standardnotes/utils", "npm:1.17.5"],\
          ["@types/cors", "npm:2.8.13"],\
          ["@types/express", "npm:4.17.17"],\
          ["@types/ioredis", "npm:5.0.0"],\
@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [2.25.8](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.25.7...@standardnotes/analytics@2.25.8) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/analytics
+
+## [2.25.7](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.25.6...@standardnotes/analytics@2.25.7) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/analytics
+
 ## [2.25.6](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.25.5...@standardnotes/analytics@2.25.6) (2023-07-27)

 **Note:** Version bump only for package @standardnotes/analytics
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/analytics",
-  "version": "2.25.6",
+  "version": "2.25.8",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.69.3](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.69.2...@standardnotes/api-gateway@1.69.3) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/api-gateway
+
+## [1.69.2](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.69.1...@standardnotes/api-gateway@1.69.2) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/api-gateway
+
 ## [1.69.1](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.69.0...@standardnotes/api-gateway@1.69.1) (2023-07-31)

 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/api-gateway",
-  "version": "1.69.1",
+  "version": "1.69.3",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -3,6 +3,28 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+# [1.130.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.129.0...@standardnotes/auth-server@1.130.0) (2023-08-07)
+
+### Features
+
+* **auth:** invalidate other sessions for user if the email or password are changed ([#684](https://github.com/standardnotes/server/issues/684)) ([f39d3ac](https://github.com/standardnotes/server/commit/f39d3aca5b7bb9e5f9c1c24cbe2359f30dea835c))
+
+# [1.129.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.128.1...@standardnotes/auth-server@1.129.0) (2023-08-03)
+
+### Features
+
+* **auth:** add handling payments account deleted events STA-1769 ([#682](https://github.com/standardnotes/server/issues/682)) ([8e35dfa](https://github.com/standardnotes/server/commit/8e35dfa4b77256f4c0a3294b296a5526fd1020ad))
+
+## [1.128.1](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.128.0...@standardnotes/auth-server@1.128.1) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/auth-server
+
+# [1.128.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.127.2...@standardnotes/auth-server@1.128.0) (2023-08-02)
+
+### Features
+
+* enable Write Ahead Log mode for SQLite ([#681](https://github.com/standardnotes/server/issues/681)) ([8cd7a13](https://github.com/standardnotes/server/commit/8cd7a138ab56f6a2b0d6c06ef6041ab9b85ae540))
+
 ## [1.127.2](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.127.1...@standardnotes/auth-server@1.127.2) (2023-08-01)

 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/auth-server",
-  "version": "1.127.2",
+  "version": "1.130.0",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -38,7 +38,7 @@ import { GetUserKeyParams } from '../Domain/UseCase/GetUserKeyParams/GetUserKeyP
 import { UpdateUser } from '../Domain/UseCase/UpdateUser'
 import { RedisEphemeralSessionRepository } from '../Infra/Redis/RedisEphemeralSessionRepository'
 import { GetActiveSessionsForUser } from '../Domain/UseCase/GetActiveSessionsForUser'
-import { DeletePreviousSessionsForUser } from '../Domain/UseCase/DeletePreviousSessionsForUser'
+import { DeleteOtherSessionsForUser } from '../Domain/UseCase/DeleteOtherSessionsForUser'
 import { DeleteSessionForUser } from '../Domain/UseCase/DeleteSessionForUser'
 import { Register } from '../Domain/UseCase/Register'
 import { LockRepository } from '../Infra/Redis/LockRepository'
@@ -252,6 +252,7 @@ import { BaseWebSocketsController } from '../Infra/InversifyExpressUtils/Base/Ba
 import { BaseSessionsController } from '../Infra/InversifyExpressUtils/Base/BaseSessionsController'
 import { Transform } from 'stream'
 import { ActivatePremiumFeatures } from '../Domain/UseCase/ActivatePremiumFeatures/ActivatePremiumFeatures'
+import { PaymentsAccountDeletedEventHandler } from '../Domain/Handler/PaymentsAccountDeletedEventHandler'

 export class ContainerConfigLoader {
  async load(configuration?: {
@@ -826,9 +827,7 @@ export class ContainerConfigLoader {
    container.bind<UpdateUser>(TYPES.Auth_UpdateUser).to(UpdateUser)
    container.bind<Register>(TYPES.Auth_Register).to(Register)
    container.bind<GetActiveSessionsForUser>(TYPES.Auth_GetActiveSessionsForUser).to(GetActiveSessionsForUser)
-    container
-      .bind<DeletePreviousSessionsForUser>(TYPES.Auth_DeletePreviousSessionsForUser)
-      .to(DeletePreviousSessionsForUser)
+    container.bind<DeleteOtherSessionsForUser>(TYPES.Auth_DeleteOtherSessionsForUser).to(DeleteOtherSessionsForUser)
    container.bind<DeleteSessionForUser>(TYPES.Auth_DeleteSessionForUser).to(DeleteSessionForUser)
    container.bind<ChangeCredentials>(TYPES.Auth_ChangeCredentials).to(ChangeCredentials)
    container.bind<GetSettings>(TYPES.Auth_GetSettings).to(GetSettings)
@@ -978,6 +977,14 @@ export class ContainerConfigLoader {
          container.get(TYPES.Auth_SettingService),
        ),
      )
+    container
+      .bind<PaymentsAccountDeletedEventHandler>(TYPES.Auth_PaymentsAccountDeletedEventHandler)
+      .toConstantValue(
+        new PaymentsAccountDeletedEventHandler(
+          container.get(TYPES.Auth_DeleteAccount),
+          container.get(TYPES.Auth_Logger),
+        ),
+      )

    const eventHandlers: Map<string, DomainEventHandlerInterface> = new Map([
      ['USER_REGISTERED', container.get(TYPES.Auth_UserRegisteredEventHandler)],
@@ -1005,6 +1012,7 @@ export class ContainerConfigLoader {
      ],
      ['PREDICATE_VERIFICATION_REQUESTED', container.get(TYPES.Auth_PredicateVerificationRequestedEventHandler)],
      ['EMAIL_SUBSCRIPTION_UNSUBSCRIBED', container.get(TYPES.Auth_EmailSubscriptionUnsubscribedEventHandler)],
+      ['PAYMENTS_ACCOUNT_DELETED', container.get(TYPES.Auth_PaymentsAccountDeletedEventHandler)],
    ])

    if (isConfiguredForHomeServer) {
@@ -1168,7 +1176,7 @@ export class ContainerConfigLoader {
        .toConstantValue(
          new BaseSessionController(
            container.get(TYPES.Auth_DeleteSessionForUser),
-            container.get(TYPES.Auth_DeletePreviousSessionsForUser),
+            container.get(TYPES.Auth_DeleteOtherSessionsForUser),
            container.get(TYPES.Auth_RefreshSessionToken),
            container.get(TYPES.Auth_ControllerContainer),
          ),
@@ -114,6 +114,8 @@ export class AppDataSource {
        ...commonDataSourceOptions,
        type: 'sqlite',
        database: this.env.get('DB_SQLITE_DATABASE_PATH'),
+        enableWAL: true,
+        busyErrorRetry: 2000,
      }

      this._dataSource = new DataSource(sqliteDataSourceOptions)
@@ -113,7 +113,7 @@ const TYPES = {
  Auth_UpdateUser: Symbol.for('Auth_UpdateUser'),
  Auth_Register: Symbol.for('Auth_Register'),
  Auth_GetActiveSessionsForUser: Symbol.for('Auth_GetActiveSessionsForUser'),
-  Auth_DeletePreviousSessionsForUser: Symbol.for('Auth_DeletePreviousSessionsForUser'),
+  Auth_DeleteOtherSessionsForUser: Symbol.for('Auth_DeleteOtherSessionsForUser'),
  Auth_DeleteSessionForUser: Symbol.for('Auth_DeleteSessionForUser'),
  Auth_ChangeCredentials: Symbol.for('Auth_ChangePassword'),
  Auth_GetSettings: Symbol.for('Auth_GetSettings'),
@@ -176,6 +176,7 @@ const TYPES = {
  ),
  Auth_PredicateVerificationRequestedEventHandler: Symbol.for('Auth_PredicateVerificationRequestedEventHandler'),
  Auth_EmailSubscriptionUnsubscribedEventHandler: Symbol.for('Auth_EmailSubscriptionUnsubscribedEventHandler'),
+  Auth_PaymentsAccountDeletedEventHandler: Symbol.for('Auth_PaymentsAccountDeletedEventHandler'),
  // Services
  Auth_DeviceDetector: Symbol.for('Auth_DeviceDetector'),
  Auth_SessionService: Symbol.for('Auth_SessionService'),
@@ -30,7 +30,7 @@ describe('AuthResponseFactory20161215', () => {
  })

  it('should create a 20161215 auth response', async () => {
-    const response = await createFactory().createResponse({
+    const result = await createFactory().createResponse({
      user,
      apiVersion: '20161215',
      userAgent: 'Google Chrome',
@@ -38,7 +38,7 @@ describe('AuthResponseFactory20161215', () => {
      readonlyAccess: false,
    })

-    expect(response).toEqual({
+    expect(result.response).toEqual({
      user: { foo: 'bar' },
      token: 'foobar',
    })
@@ -11,6 +11,7 @@ import { User } from '../User/User'
 import { AuthResponse20161215 } from './AuthResponse20161215'
 import { AuthResponse20200115 } from './AuthResponse20200115'
 import { AuthResponseFactoryInterface } from './AuthResponseFactoryInterface'
+import { Session } from '../Session/Session'

@injectable()
 export class AuthResponseFactory20161215 implements AuthResponseFactoryInterface {
@@ -26,7 +27,7 @@ export class AuthResponseFactory20161215 implements AuthResponseFactoryInterface
    userAgent: string
    ephemeralSession: boolean
    readonlyAccess: boolean
-  }): Promise<AuthResponse20161215 | AuthResponse20200115> {
+  }): Promise<{ response: AuthResponse20161215 | AuthResponse20200115; session?: Session }> {
    this.logger.debug(`Creating JWT auth response for user ${dto.user.uuid}`)

    const data: SessionTokenData = {
@@ -39,12 +40,14 @@ export class AuthResponseFactory20161215 implements AuthResponseFactoryInterface
    this.logger.debug(`Created JWT token for user ${dto.user.uuid}: ${token}`)

    return {
-      user: this.userProjector.projectSimple(dto.user) as {
-        uuid: string
-        email: string
-        protocolVersion: ProtocolVersion
+      response: {
+        user: this.userProjector.projectSimple(dto.user) as {
+          uuid: string
+          email: string
+          protocolVersion: ProtocolVersion
+        },
+        token,
      },
-      token,
    }
  }
 }
@@ -29,7 +29,7 @@ describe('AuthResponseFactory20190520', () => {
  })

  it('should create a 20161215 auth response', async () => {
-    const response = await createFactory().createResponse({
+    const result = await createFactory().createResponse({
      user,
      apiVersion: '20161215',
      userAgent: 'Google Chrome',
@@ -37,7 +37,7 @@ describe('AuthResponseFactory20190520', () => {
      readonlyAccess: false,
    })

-    expect(response).toEqual({
+    expect(result.response).toEqual({
      user: { foo: 'bar' },
      token: 'foobar',
    })
@@ -11,6 +11,7 @@ import { User } from '../User/User'
 import { AuthResponseFactory20200115 } from './AuthResponseFactory20200115'
 import { DomainEventPublisherInterface } from '@standardnotes/domain-events'
 import { DomainEventFactoryInterface } from '../Event/DomainEventFactoryInterface'
+import { Session } from '../Session/Session'

 describe('AuthResponseFactory20200115', () => {
  let sessionService: SessionServiceInterface
@@ -48,8 +49,12 @@ describe('AuthResponseFactory20200115', () => {
    }

    sessionService = {} as jest.Mocked<SessionServiceInterface>
-    sessionService.createNewSessionForUser = jest.fn().mockReturnValue(sessionPayload)
-    sessionService.createNewEphemeralSessionForUser = jest.fn().mockReturnValue(sessionPayload)
+    sessionService.createNewSessionForUser = jest
+      .fn()
+      .mockReturnValue({ sessionHttpRepresentation: sessionPayload, session: {} as jest.Mocked<Session> })
+    sessionService.createNewEphemeralSessionForUser = jest
+      .fn()
+      .mockReturnValue({ sessionHttpRepresentation: sessionPayload, session: {} as jest.Mocked<Session> })

    keyParamsFactory = {} as jest.Mocked<KeyParamsFactoryInterface>
    keyParamsFactory.create = jest.fn().mockReturnValue({
@@ -76,7 +81,7 @@ describe('AuthResponseFactory20200115', () => {
  it('should create a 20161215 auth response if user does not support sessions', async () => {
    user.supportsSessions = jest.fn().mockReturnValue(false)

-    const response = await createFactory().createResponse({
+    const result = await createFactory().createResponse({
      user,
      apiVersion: '20161215',
      userAgent: 'Google Chrome',
@@ -84,7 +89,7 @@ describe('AuthResponseFactory20200115', () => {
      readonlyAccess: false,
    })

-    expect(response).toEqual({
+    expect(result.response).toEqual({
      user: { foo: 'bar' },
      token: expect.any(String),
    })
@@ -93,7 +98,7 @@ describe('AuthResponseFactory20200115', () => {
  it('should create a 20200115 auth response', async () => {
    user.supportsSessions = jest.fn().mockReturnValue(true)

-    const response = await createFactory().createResponse({
+    const result = await createFactory().createResponse({
      user,
      apiVersion: '20200115',
      userAgent: 'Google Chrome',
@@ -101,7 +106,7 @@ describe('AuthResponseFactory20200115', () => {
      readonlyAccess: false,
    })

-    expect(response).toEqual({
+    expect(result.response).toEqual({
      key_params: {
        key1: 'value1',
        key2: 'value2',
@@ -124,7 +129,7 @@ describe('AuthResponseFactory20200115', () => {
    domainEventPublisher.publish = jest.fn().mockRejectedValue(new Error('test'))
    user.supportsSessions = jest.fn().mockReturnValue(true)

-    const response = await createFactory().createResponse({
+    const result = await createFactory().createResponse({
      user,
      apiVersion: '20200115',
      userAgent: 'Google Chrome',
@@ -132,7 +137,7 @@ describe('AuthResponseFactory20200115', () => {
      readonlyAccess: false,
    })

-    expect(response).toEqual({
+    expect(result.response).toEqual({
      key_params: {
        key1: 'value1',
        key2: 'value2',
@@ -153,7 +158,7 @@ describe('AuthResponseFactory20200115', () => {
  it('should create a 20200115 auth response with an ephemeral session', async () => {
    user.supportsSessions = jest.fn().mockReturnValue(true)

-    const response = await createFactory().createResponse({
+    const result = await createFactory().createResponse({
      user,
      apiVersion: '20200115',
      userAgent: 'Google Chrome',
@@ -161,7 +166,7 @@ describe('AuthResponseFactory20200115', () => {
      readonlyAccess: false,
    })

-    expect(response).toEqual({
+    expect(result.response).toEqual({
      key_params: {
        key1: 'value1',
        key2: 'value2',
@@ -183,11 +188,14 @@ describe('AuthResponseFactory20200115', () => {
    user.supportsSessions = jest.fn().mockReturnValue(true)

    sessionService.createNewSessionForUser = jest.fn().mockReturnValue({
-      ...sessionPayload,
-      readonly_access: true,
+      sessionHttpRepresentation: {
+        ...sessionPayload,
+        readonly_access: true,
+      },
+      session: {} as jest.Mocked<Session>,
    })

-    const response = await createFactory().createResponse({
+    const result = await createFactory().createResponse({
      user,
      apiVersion: '20200115',
      userAgent: 'Google Chrome',
@@ -195,7 +203,7 @@ describe('AuthResponseFactory20200115', () => {
      readonlyAccess: true,
    })

-    expect(response).toEqual({
+    expect(result.response).toEqual({
      key_params: {
        key1: 'value1',
        key2: 'value2',
@@ -19,6 +19,7 @@ import { DomainEventFactoryInterface } from '../Event/DomainEventFactoryInterfac

 import { AuthResponse20161215 } from './AuthResponse20161215'
 import { AuthResponse20200115 } from './AuthResponse20200115'
+import { Session } from '../Session/Session'

@injectable()
 export class AuthResponseFactory20200115 extends AuthResponseFactory20190520 {
@@ -40,21 +41,28 @@ export class AuthResponseFactory20200115 extends AuthResponseFactory20190520 {
    userAgent: string
    ephemeralSession: boolean
    readonlyAccess: boolean
-  }): Promise<AuthResponse20161215 | AuthResponse20200115> {
+  }): Promise<{ response: AuthResponse20161215 | AuthResponse20200115; session?: Session }> {
    if (!dto.user.supportsSessions()) {
      this.logger.debug(`User ${dto.user.uuid} does not support sessions. Falling back to JWT auth response`)

      return super.createResponse(dto)
    }

-    const sessionPayload = await this.createSession(dto)
+    const sessionCreationResult = await this.createSession(dto)

-    this.logger.debug('Created session payload for user %s: %O', dto.user.uuid, sessionPayload)
+    this.logger.debug(
+      'Created session payload for user %s: %O',
+      dto.user.uuid,
+      sessionCreationResult.sessionHttpRepresentation,
+    )

    return {
-      session: sessionPayload,
-      key_params: this.keyParamsFactory.create(dto.user, true),
-      user: this.userProjector.projectSimple(dto.user) as SimpleUserProjection,
+      response: {
+        session: sessionCreationResult.sessionHttpRepresentation,
+        key_params: this.keyParamsFactory.create(dto.user, true),
+        user: this.userProjector.projectSimple(dto.user) as SimpleUserProjection,
+      },
+      session: sessionCreationResult.session,
    }
  }

@@ -64,12 +72,12 @@ export class AuthResponseFactory20200115 extends AuthResponseFactory20190520 {
    userAgent: string
    ephemeralSession: boolean
    readonlyAccess: boolean
-  }): Promise<SessionBody> {
+  }): Promise<{ sessionHttpRepresentation: SessionBody; session: Session }> {
    if (dto.ephemeralSession) {
      return this.sessionService.createNewEphemeralSessionForUser(dto)
    }

-    const session = this.sessionService.createNewSessionForUser(dto)
+    const sessionCreationResult = await this.sessionService.createNewSessionForUser(dto)

    try {
      await this.domainEventPublisher.publish(
@@ -79,6 +87,6 @@ export class AuthResponseFactory20200115 extends AuthResponseFactory20190520 {
      this.logger.error(`Failed to publish session created event: ${(error as Error).message}`)
    }

-    return session
+    return sessionCreationResult
  }
 }
@@ -1,3 +1,4 @@
+import { Session } from '../Session/Session'
 import { User } from '../User/User'
 import { AuthResponse20161215 } from './AuthResponse20161215'
 import { AuthResponse20200115 } from './AuthResponse20200115'
@@ -9,5 +10,5 @@ export interface AuthResponseFactoryInterface {
    userAgent: string
    ephemeralSession: boolean
    readonlyAccess: boolean
-  }): Promise<AuthResponse20161215 | AuthResponse20200115>
+  }): Promise<{ response: AuthResponse20161215 | AuthResponse20200115; session?: Session }>
 }
@@ -0,0 +1,48 @@
+import { Logger } from 'winston'
+import { Result } from '@standardnotes/domain-core'
+import { PaymentsAccountDeletedEvent } from '@standardnotes/domain-events'
+
+import { DeleteAccount } from '../UseCase/DeleteAccount/DeleteAccount'
+import { PaymentsAccountDeletedEventHandler } from './PaymentsAccountDeletedEventHandler'
+
+describe('PaymentsAccountDeletedEventHandler', () => {
+  let deleteAccountUseCase: DeleteAccount
+  let logger: Logger
+  let event: PaymentsAccountDeletedEvent
+
+  const createHandler = () => new PaymentsAccountDeletedEventHandler(deleteAccountUseCase, logger)
+
+  beforeEach(() => {
+    deleteAccountUseCase = {} as jest.Mocked<DeleteAccount>
+    deleteAccountUseCase.execute = jest.fn().mockResolvedValue(Result.ok('success'))
+
+    logger = {} as jest.Mocked<Logger>
+    logger.error = jest.fn()
+
+    event = {
+      payload: {
+        username: 'username',
+      },
+    } as jest.Mocked<PaymentsAccountDeletedEvent>
+  })
+
+  it('should delete account', async () => {
+    const handler = createHandler()
+
+    await handler.handle(event)
+
+    expect(deleteAccountUseCase.execute).toHaveBeenCalledWith({
+      username: 'username',
+    })
+  })
+
+  it('should log error if delete account fails', async () => {
+    const handler = createHandler()
+
+    deleteAccountUseCase.execute = jest.fn().mockResolvedValue(Result.fail('error'))
+
+    await handler.handle(event)
+
+    expect(logger.error).toHaveBeenCalledWith('Failed to delete account for user username: error')
+  })
+})
@@ -0,0 +1,18 @@
+import { DomainEventHandlerInterface, PaymentsAccountDeletedEvent } from '@standardnotes/domain-events'
+import { Logger } from 'winston'
+
+import { DeleteAccount } from '../UseCase/DeleteAccount/DeleteAccount'
+
+export class PaymentsAccountDeletedEventHandler implements DomainEventHandlerInterface {
+  constructor(private deleteAccountUseCase: DeleteAccount, private logger: Logger) {}
+
+  async handle(event: PaymentsAccountDeletedEvent): Promise<void> {
+    const result = await this.deleteAccountUseCase.execute({
+      username: event.payload.username,
+    })
+
+    if (result.isFailed()) {
+      this.logger.error(`Failed to delete account for user ${event.payload.username}: ${result.getError()}`)
+    }
+  }
+}
@@ -1,3 +1,5 @@
+import { Uuid } from '@standardnotes/domain-core'
+
 import { Session } from './Session'

 export interface SessionRepositoryInterface {
@@ -5,7 +7,7 @@ export interface SessionRepositoryInterface {
  findOneByUuidAndUserUuid(uuid: string, userUuid: string): Promise<Session | null>
  findAllByRefreshExpirationAndUserUuid(userUuid: string): Promise<Array<Session>>
  findAllByUserUuid(userUuid: string): Promise<Array<Session>>
-  deleteAllByUserUuid(userUuid: string, currentSessionUuid: string): Promise<void>
+  deleteAllByUserUuidExceptOne(dto: { userUuid: Uuid; currentSessionUuid: Uuid }): Promise<void>
  deleteOneByUuid(uuid: string): Promise<void>
  updateHashedTokens(uuid: string, hashedAccessToken: string, hashedRefreshToken: string): Promise<void>
  updatedTokenExpirationDates(uuid: string, accessExpiration: Date, refreshExpiration: Date): Promise<void>
@@ -154,7 +154,7 @@ describe('SessionService', () => {
    const user = {} as jest.Mocked<User>
    user.uuid = '123'

-    const sessionPayload = await createService().createNewSessionForUser({
+    const result = await createService().createNewSessionForUser({
      user,
      apiVersion: '003',
      userAgent: 'Google Chrome',
@@ -176,7 +176,7 @@ describe('SessionService', () => {
      readonlyAccess: false,
    })

-    expect(sessionPayload).toEqual({
+    expect(result.sessionHttpRepresentation).toEqual({
      access_expiration: 123,
      access_token: expect.any(String),
      refresh_expiration: 123,
@@ -190,7 +190,7 @@ describe('SessionService', () => {
    user.email = 'demo@standardnotes.com'
    user.uuid = '123'

-    const sessionPayload = await createService().createNewSessionForUser({
+    const result = await createService().createNewSessionForUser({
      user,
      apiVersion: '003',
      userAgent: 'Google Chrome',
@@ -212,7 +212,7 @@ describe('SessionService', () => {
      readonlyAccess: true,
    })

-    expect(sessionPayload).toEqual({
+    expect(result.sessionHttpRepresentation).toEqual({
      access_expiration: 123,
      access_token: expect.any(String),
      refresh_expiration: 123,
@@ -229,7 +229,7 @@ describe('SessionService', () => {
      value: LogSessionUserAgentOption.Disabled,
    } as jest.Mocked<Setting>)

-    const sessionPayload = await createService().createNewSessionForUser({
+    const result = await createService().createNewSessionForUser({
      user,
      apiVersion: '003',
      userAgent: 'Google Chrome',
@@ -250,7 +250,7 @@ describe('SessionService', () => {
      readonlyAccess: false,
    })

-    expect(sessionPayload).toEqual({
+    expect(result.sessionHttpRepresentation).toEqual({
      access_expiration: 123,
      access_token: expect.any(String),
      refresh_expiration: 123,
@@ -305,7 +305,7 @@ describe('SessionService', () => {
    user.uuid = '123'
    user.email = 'test@test.te'

-    const sessionPayload = await createService().createNewSessionForUser({
+    const result = await createService().createNewSessionForUser({
      user,
      apiVersion: '003',
      userAgent: 'Google Chrome',
@@ -317,7 +317,7 @@ describe('SessionService', () => {
      username: 'test@test.te',
      subscriptionPlanName: null,
    })
-    expect(sessionPayload).toEqual({
+    expect(result.sessionHttpRepresentation).toEqual({
      access_expiration: 123,
      access_token: expect.any(String),
      refresh_expiration: 123,
@@ -333,7 +333,7 @@ describe('SessionService', () => {
    user.uuid = '123'
    user.email = 'test@test.te'

-    const sessionPayload = await createService().createNewSessionForUser({
+    const result = await createService().createNewSessionForUser({
      user,
      apiVersion: '003',
      userAgent: 'Google Chrome',
@@ -345,7 +345,7 @@ describe('SessionService', () => {
      username: 'test@test.te',
      subscriptionPlanName: null,
    })
-    expect(sessionPayload).toEqual({
+    expect(result.sessionHttpRepresentation).toEqual({
      access_expiration: 123,
      access_token: expect.any(String),
      refresh_expiration: 123,
@@ -361,7 +361,7 @@ describe('SessionService', () => {
    user.uuid = '123'
    user.email = 'test@test.te'

-    const sessionPayload = await createService().createNewSessionForUser({
+    const result = await createService().createNewSessionForUser({
      user,
      apiVersion: '003',
      userAgent: 'Google Chrome',
@@ -373,7 +373,7 @@ describe('SessionService', () => {
      username: 'test@test.te',
      subscriptionPlanName: null,
    })
-    expect(sessionPayload).toEqual({
+    expect(result.sessionHttpRepresentation).toEqual({
      access_expiration: 123,
      access_token: expect.any(String),
      refresh_expiration: 123,
@@ -386,7 +386,7 @@ describe('SessionService', () => {
    const user = {} as jest.Mocked<User>
    user.uuid = '123'

-    const sessionPayload = await createService().createNewEphemeralSessionForUser({
+    const result = await createService().createNewEphemeralSessionForUser({
      user,
      apiVersion: '003',
      userAgent: 'Google Chrome',
@@ -408,7 +408,7 @@ describe('SessionService', () => {
      readonlyAccess: false,
    })

-    expect(sessionPayload).toEqual({
+    expect(result.sessionHttpRepresentation).toEqual({
      access_expiration: 123,
      access_token: expect.any(String),
      refresh_expiration: 123,
@@ -49,7 +49,7 @@ export class SessionService implements SessionServiceInterface {
    apiVersion: string
    userAgent: string
    readonlyAccess: boolean
-  }): Promise<SessionBody> {
+  }): Promise<{ sessionHttpRepresentation: SessionBody; session: Session }> {
    const session = await this.createSession({
      ephemeral: false,
      ...dto,
@@ -73,7 +73,10 @@ export class SessionService implements SessionServiceInterface {
      this.logger.error(`Could not trace session while creating cross service token.: ${(error as Error).message}`)
    }

-    return sessionPayload
+    return {
+      sessionHttpRepresentation: sessionPayload,
+      session,
+    }
  }

  async createNewEphemeralSessionForUser(dto: {
@@ -81,7 +84,7 @@ export class SessionService implements SessionServiceInterface {
    apiVersion: string
    userAgent: string
    readonlyAccess: boolean
-  }): Promise<SessionBody> {
+  }): Promise<{ sessionHttpRepresentation: SessionBody; session: Session }> {
    const ephemeralSession = await this.createSession({
      ephemeral: true,
      ...dto,
@@ -91,7 +94,10 @@ export class SessionService implements SessionServiceInterface {

    await this.ephemeralSessionRepository.save(ephemeralSession)

-    return sessionPayload
+    return {
+      sessionHttpRepresentation: sessionPayload,
+      session: ephemeralSession,
+    }
  }

  async refreshTokens(session: Session): Promise<SessionBody> {
@@ -9,13 +9,13 @@ export interface SessionServiceInterface {
    apiVersion: string
    userAgent: string
    readonlyAccess: boolean
-  }): Promise<SessionBody>
+  }): Promise<{ sessionHttpRepresentation: SessionBody; session: Session }>
  createNewEphemeralSessionForUser(dto: {
    user: User
    apiVersion: string
    userAgent: string
    readonlyAccess: boolean
-  }): Promise<SessionBody>
+  }): Promise<{ sessionHttpRepresentation: SessionBody; session: Session }>
  refreshTokens(session: Session): Promise<SessionBody>
  getSessionFromToken(token: string): Promise<Session | undefined>
  getRevokedSessionFromToken(token: string): Promise<RevokedSession | null>
@@ -11,7 +11,10 @@ import { User } from '../../User/User'
 import { UserRepositoryInterface } from '../../User/UserRepositoryInterface'

 import { ChangeCredentials } from './ChangeCredentials'
-import { Username } from '@standardnotes/domain-core'
+import { Result, Username } from '@standardnotes/domain-core'
+import { DeleteOtherSessionsForUser } from '../DeleteOtherSessionsForUser'
+import { ApiVersion } from '../../Api/ApiVersion'
+import { Session } from '../../Session/Session'

 describe('ChangeCredentials', () => {
  let userRepository: UserRepositoryInterface
@@ -21,13 +24,23 @@ describe('ChangeCredentials', () => {
  let domainEventFactory: DomainEventFactoryInterface
  let timer: TimerInterface
  let user: User
+  let deleteOtherSessionsForUser: DeleteOtherSessionsForUser

  const createUseCase = () =>
-    new ChangeCredentials(userRepository, authResponseFactoryResolver, domainEventPublisher, domainEventFactory, timer)
+    new ChangeCredentials(
+      userRepository,
+      authResponseFactoryResolver,
+      domainEventPublisher,
+      domainEventFactory,
+      timer,
+      deleteOtherSessionsForUser,
+    )

  beforeEach(() => {
    authResponseFactory = {} as jest.Mocked<AuthResponseFactoryInterface>
-    authResponseFactory.createResponse = jest.fn().mockReturnValue({ foo: 'bar' })
+    authResponseFactory.createResponse = jest
+      .fn()
+      .mockReturnValue({ response: { foo: 'bar' }, session: { uuid: '1-2-3' } as jest.Mocked<Session> })

    authResponseFactoryResolver = {} as jest.Mocked<AuthResponseFactoryResolverInterface>
    authResponseFactoryResolver.resolveAuthResponseFactoryVersion = jest.fn().mockReturnValue(authResponseFactory)
@@ -49,27 +62,25 @@ describe('ChangeCredentials', () => {

    timer = {} as jest.Mocked<TimerInterface>
    timer.getUTCDate = jest.fn().mockReturnValue(new Date(1))
+
+    deleteOtherSessionsForUser = {} as jest.Mocked<DeleteOtherSessionsForUser>
+    deleteOtherSessionsForUser.execute = jest.fn().mockReturnValue(Result.ok())
  })

  it('should change password', async () => {
-    expect(
-      await createUseCase().execute({
-        username: Username.create('test@test.te').getValue(),
-        apiVersion: '20190520',
-        currentPassword: 'qweqwe123123',
-        newPassword: 'test234',
-        pwNonce: 'asdzxc',
-        updatedWithUserAgent: 'Google Chrome',
-        kpCreated: '123',
-        kpOrigination: 'password-change',
-      }),
-    ).toEqual({
-      success: true,
-      authResponse: {
-        foo: 'bar',
-      },
+    const result = await createUseCase().execute({
+      username: Username.create('test@test.te').getValue(),
+      apiVersion: ApiVersion.v20200115,
+      currentPassword: 'qweqwe123123',
+      newPassword: 'test234',
+      pwNonce: 'asdzxc',
+      updatedWithUserAgent: 'Google Chrome',
+      kpCreated: '123',
+      kpOrigination: 'password-change',
    })

+    expect(result.isFailed()).toBeFalsy()
+
    expect(userRepository.save).toHaveBeenCalledWith({
      encryptedPassword: expect.any(String),
      pwNonce: 'asdzxc',
@@ -81,29 +92,24 @@ describe('ChangeCredentials', () => {
    })
    expect(domainEventPublisher.publish).not.toHaveBeenCalled()
    expect(domainEventFactory.createUserEmailChangedEvent).not.toHaveBeenCalled()
+    expect(deleteOtherSessionsForUser.execute).toHaveBeenCalled()
  })

  it('should change email', async () => {
    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValueOnce(user).mockReturnValueOnce(null)

-    expect(
-      await createUseCase().execute({
-        username: Username.create('test@test.te').getValue(),
-        apiVersion: '20190520',
-        currentPassword: 'qweqwe123123',
-        newPassword: 'test234',
-        newEmail: 'new@test.te',
-        pwNonce: 'asdzxc',
-        updatedWithUserAgent: 'Google Chrome',
-        kpCreated: '123',
-        kpOrigination: 'password-change',
-      }),
-    ).toEqual({
-      success: true,
-      authResponse: {
-        foo: 'bar',
-      },
+    const result = await createUseCase().execute({
+      username: Username.create('test@test.te').getValue(),
+      apiVersion: ApiVersion.v20200115,
+      currentPassword: 'qweqwe123123',
+      newPassword: 'test234',
+      newEmail: 'new@test.te',
+      pwNonce: 'asdzxc',
+      updatedWithUserAgent: 'Google Chrome',
+      kpCreated: '123',
+      kpOrigination: 'password-change',
    })
+    expect(result.isFailed()).toBeFalsy()

    expect(userRepository.save).toHaveBeenCalledWith({
      encryptedPassword: expect.any(String),
@@ -116,6 +122,7 @@ describe('ChangeCredentials', () => {
    })
    expect(domainEventFactory.createUserEmailChangedEvent).toHaveBeenCalledWith('1-2-3', 'test@test.te', 'new@test.te')
    expect(domainEventPublisher.publish).toHaveBeenCalled()
+    expect(deleteOtherSessionsForUser.execute).toHaveBeenCalled()
  })

  it('should not change email if already taken', async () => {
@@ -124,22 +131,19 @@ describe('ChangeCredentials', () => {
      .mockReturnValueOnce(user)
      .mockReturnValueOnce({} as jest.Mocked<User>)

-    expect(
-      await createUseCase().execute({
-        username: Username.create('test@test.te').getValue(),
-        apiVersion: '20190520',
-        currentPassword: 'qweqwe123123',
-        newPassword: 'test234',
-        newEmail: 'new@test.te',
-        pwNonce: 'asdzxc',
-        updatedWithUserAgent: 'Google Chrome',
-        kpCreated: '123',
-        kpOrigination: 'password-change',
-      }),
-    ).toEqual({
-      success: false,
-      errorMessage: 'The email you entered is already taken. Please try again.',
+    const result = await createUseCase().execute({
+      username: Username.create('test@test.te').getValue(),
+      apiVersion: ApiVersion.v20200115,
+      currentPassword: 'qweqwe123123',
+      newPassword: 'test234',
+      newEmail: 'new@test.te',
+      pwNonce: 'asdzxc',
+      updatedWithUserAgent: 'Google Chrome',
+      kpCreated: '123',
+      kpOrigination: 'password-change',
    })
+    expect(result.isFailed()).toBeTruthy()
+    expect(result.getError()).toEqual('The email you entered is already taken. Please try again.')

    expect(userRepository.save).not.toHaveBeenCalled()
    expect(domainEventFactory.createUserEmailChangedEvent).not.toHaveBeenCalled()
@@ -147,22 +151,19 @@ describe('ChangeCredentials', () => {
  })

  it('should not change email if the new email is invalid', async () => {
-    expect(
-      await createUseCase().execute({
-        username: Username.create('test@test.te').getValue(),
-        apiVersion: '20190520',
-        currentPassword: 'qweqwe123123',
-        newPassword: 'test234',
-        newEmail: '',
-        pwNonce: 'asdzxc',
-        updatedWithUserAgent: 'Google Chrome',
-        kpCreated: '123',
-        kpOrigination: 'password-change',
-      }),
-    ).toEqual({
-      success: false,
-      errorMessage: 'Username cannot be empty',
+    const result = await createUseCase().execute({
+      username: Username.create('test@test.te').getValue(),
+      apiVersion: ApiVersion.v20200115,
+      currentPassword: 'qweqwe123123',
+      newPassword: 'test234',
+      newEmail: '',
+      pwNonce: 'asdzxc',
+      updatedWithUserAgent: 'Google Chrome',
+      kpCreated: '123',
+      kpOrigination: 'password-change',
    })
+    expect(result.isFailed()).toBeTruthy()
+    expect(result.getError()).toEqual('Username cannot be empty')

    expect(userRepository.save).not.toHaveBeenCalled()
    expect(domainEventFactory.createUserEmailChangedEvent).not.toHaveBeenCalled()
@@ -172,63 +173,52 @@ describe('ChangeCredentials', () => {
  it('should not change email if the user is not found', async () => {
    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(null)

-    expect(
-      await createUseCase().execute({
-        username: Username.create('test@test.te').getValue(),
-        apiVersion: '20190520',
-        currentPassword: 'qweqwe123123',
-        newPassword: 'test234',
-        newEmail: '',
-        pwNonce: 'asdzxc',
-        updatedWithUserAgent: 'Google Chrome',
-        kpCreated: '123',
-        kpOrigination: 'password-change',
-      }),
-    ).toEqual({
-      success: false,
-      errorMessage: 'User not found.',
+    const result = await createUseCase().execute({
+      username: Username.create('test@test.te').getValue(),
+      apiVersion: ApiVersion.v20200115,
+      currentPassword: 'qweqwe123123',
+      newPassword: 'test234',
+      newEmail: '',
+      pwNonce: 'asdzxc',
+      updatedWithUserAgent: 'Google Chrome',
+      kpCreated: '123',
+      kpOrigination: 'password-change',
    })

+    expect(result.isFailed()).toBeTruthy()
+    expect(result.getError()).toEqual('User not found.')
+
    expect(userRepository.save).not.toHaveBeenCalled()
    expect(domainEventFactory.createUserEmailChangedEvent).not.toHaveBeenCalled()
    expect(domainEventPublisher.publish).not.toHaveBeenCalled()
  })

  it('should not change password if current password is incorrect', async () => {
-    expect(
-      await createUseCase().execute({
-        username: Username.create('test@test.te').getValue(),
-        apiVersion: '20190520',
-        currentPassword: 'test123',
-        newPassword: 'test234',
-        pwNonce: 'asdzxc',
-        updatedWithUserAgent: 'Google Chrome',
-      }),
-    ).toEqual({
-      success: false,
-      errorMessage: 'The current password you entered is incorrect. Please try again.',
+    const result = await createUseCase().execute({
+      username: Username.create('test@test.te').getValue(),
+      apiVersion: ApiVersion.v20200115,
+      currentPassword: 'test123',
+      newPassword: 'test234',
+      pwNonce: 'asdzxc',
+      updatedWithUserAgent: 'Google Chrome',
    })
+    expect(result.isFailed()).toBeTruthy()
+    expect(result.getError()).toEqual('The current password you entered is incorrect. Please try again.')

    expect(userRepository.save).not.toHaveBeenCalled()
  })

  it('should update protocol version while changing password', async () => {
-    expect(
-      await createUseCase().execute({
-        username: Username.create('test@test.te').getValue(),
-        apiVersion: '20190520',
-        currentPassword: 'qweqwe123123',
-        newPassword: 'test234',
-        pwNonce: 'asdzxc',
-        updatedWithUserAgent: 'Google Chrome',
-        protocolVersion: '004',
-      }),
-    ).toEqual({
-      success: true,
-      authResponse: {
-        foo: 'bar',
-      },
+    const result = await createUseCase().execute({
+      username: Username.create('test@test.te').getValue(),
+      apiVersion: ApiVersion.v20200115,
+      currentPassword: 'qweqwe123123',
+      newPassword: 'test234',
+      pwNonce: 'asdzxc',
+      updatedWithUserAgent: 'Google Chrome',
+      protocolVersion: '004',
    })
+    expect(result.isFailed()).toBeFalsy()

    expect(userRepository.save).toHaveBeenCalledWith({
      encryptedPassword: expect.any(String),
@@ -239,4 +229,63 @@ describe('ChangeCredentials', () => {
      updatedAt: new Date(1),
    })
  })
+
+  it('should not delete other sessions for user if neither passoword nor email are changed', async () => {
+    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValueOnce(user)
+
+    const result = await createUseCase().execute({
+      username: Username.create('test@test.te').getValue(),
+      apiVersion: ApiVersion.v20200115,
+      currentPassword: 'qweqwe123123',
+      newPassword: 'qweqwe123123',
+      newEmail: undefined,
+      pwNonce: 'asdzxc',
+      updatedWithUserAgent: 'Google Chrome',
+      kpCreated: '123',
+      kpOrigination: 'password-change',
+    })
+    expect(result.isFailed()).toBeFalsy()
+
+    expect(userRepository.save).toHaveBeenCalledWith({
+      encryptedPassword: expect.any(String),
+      email: 'test@test.te',
+      uuid: '1-2-3',
+      pwNonce: 'asdzxc',
+      kpCreated: '123',
+      kpOrigination: 'password-change',
+      updatedAt: new Date(1),
+    })
+    expect(domainEventFactory.createUserEmailChangedEvent).not.toHaveBeenCalled()
+    expect(domainEventPublisher.publish).not.toHaveBeenCalled()
+    expect(deleteOtherSessionsForUser.execute).not.toHaveBeenCalled()
+  })
+
+  it('should not delete other sessions for user if the caller does not support sessions', async () => {
+    authResponseFactory.createResponse = jest.fn().mockReturnValue({ response: { foo: 'bar' } })
+
+    const result = await createUseCase().execute({
+      username: Username.create('test@test.te').getValue(),
+      apiVersion: ApiVersion.v20200115,
+      currentPassword: 'qweqwe123123',
+      newPassword: 'test234',
+      pwNonce: 'asdzxc',
+      updatedWithUserAgent: 'Google Chrome',
+      kpCreated: '123',
+      kpOrigination: 'password-change',
+    })
+
+    expect(result.isFailed()).toBeFalsy()
+
+    expect(userRepository.save).toHaveBeenCalledWith({
+      encryptedPassword: expect.any(String),
+      pwNonce: 'asdzxc',
+      kpCreated: '123',
+      email: 'test@test.te',
+      uuid: '1-2-3',
+      kpOrigination: 'password-change',
+      updatedAt: new Date(1),
+    })
+
+    expect(deleteOtherSessionsForUser.execute).not.toHaveBeenCalled()
+  })
 })
@@ -1,20 +1,22 @@
 import * as bcrypt from 'bcryptjs'
 import { inject, injectable } from 'inversify'
+import { DomainEventPublisherInterface, UserEmailChangedEvent } from '@standardnotes/domain-events'
+import { TimerInterface } from '@standardnotes/time'
+import { Result, UseCaseInterface, Username } from '@standardnotes/domain-core'
+
 import TYPES from '../../../Bootstrap/Types'
 import { AuthResponseFactoryResolverInterface } from '../../Auth/AuthResponseFactoryResolverInterface'
-
 import { User } from '../../User/User'
 import { UserRepositoryInterface } from '../../User/UserRepositoryInterface'
 import { ChangeCredentialsDTO } from './ChangeCredentialsDTO'
-import { ChangeCredentialsResponse } from './ChangeCredentialsResponse'
-import { UseCaseInterface } from '../UseCaseInterface'
 import { DomainEventFactoryInterface } from '../../Event/DomainEventFactoryInterface'
-import { DomainEventPublisherInterface, UserEmailChangedEvent } from '@standardnotes/domain-events'
-import { TimerInterface } from '@standardnotes/time'
-import { Username } from '@standardnotes/domain-core'
+import { DeleteOtherSessionsForUser } from '../DeleteOtherSessionsForUser'
+import { AuthResponse20161215 } from '../../Auth/AuthResponse20161215'
+import { AuthResponse20200115 } from '../../Auth/AuthResponse20200115'
+import { Session } from '../../Session/Session'

@injectable()
-export class ChangeCredentials implements UseCaseInterface {
+export class ChangeCredentials implements UseCaseInterface<AuthResponse20161215 | AuthResponse20200115> {
  constructor(
    @inject(TYPES.Auth_UserRepository) private userRepository: UserRepositoryInterface,
    @inject(TYPES.Auth_AuthResponseFactoryResolver)
@@ -22,22 +24,18 @@ export class ChangeCredentials implements UseCaseInterface {
    @inject(TYPES.Auth_DomainEventPublisher) private domainEventPublisher: DomainEventPublisherInterface,
    @inject(TYPES.Auth_DomainEventFactory) private domainEventFactory: DomainEventFactoryInterface,
    @inject(TYPES.Auth_Timer) private timer: TimerInterface,
+    @inject(TYPES.Auth_DeleteOtherSessionsForUser)
+    private deleteOtherSessionsForUserUseCase: DeleteOtherSessionsForUser,
  ) {}

-  async execute(dto: ChangeCredentialsDTO): Promise<ChangeCredentialsResponse> {
+  async execute(dto: ChangeCredentialsDTO): Promise<Result<AuthResponse20161215 | AuthResponse20200115>> {
    const user = await this.userRepository.findOneByUsernameOrEmail(dto.username)
    if (!user) {
-      return {
-        success: false,
-        errorMessage: 'User not found.',
-      }
+      return Result.fail('User not found.')
    }

    if (!(await bcrypt.compare(dto.currentPassword, user.encryptedPassword))) {
-      return {
-        success: false,
-        errorMessage: 'The current password you entered is incorrect. Please try again.',
-      }
+      return Result.fail('The current password you entered is incorrect. Please try again.')
    }

    user.encryptedPassword = await bcrypt.hash(dto.newPassword, User.PASSWORD_HASH_COST)
@@ -46,19 +44,13 @@ export class ChangeCredentials implements UseCaseInterface {
    if (dto.newEmail !== undefined) {
      const newUsernameOrError = Username.create(dto.newEmail)
      if (newUsernameOrError.isFailed()) {
-        return {
-          success: false,
-          errorMessage: newUsernameOrError.getError(),
-        }
+        return Result.fail(newUsernameOrError.getError())
      }
      const newUsername = newUsernameOrError.getValue()

      const existingUser = await this.userRepository.findOneByUsernameOrEmail(newUsername)
      if (existingUser !== null) {
-        return {
-          success: false,
-          errorMessage: 'The email you entered is already taken. Please try again.',
-        }
+        return Result.fail('The email you entered is already taken. Please try again.')
      }

      userEmailChangedEvent = this.domainEventFactory.createUserEmailChangedEvent(
@@ -90,15 +82,35 @@ export class ChangeCredentials implements UseCaseInterface {

    const authResponseFactory = this.authResponseFactoryResolver.resolveAuthResponseFactoryVersion(dto.apiVersion)

-    return {
-      success: true,
-      authResponse: await authResponseFactory.createResponse({
-        user: updatedUser,
-        apiVersion: dto.apiVersion,
-        userAgent: dto.updatedWithUserAgent,
-        ephemeralSession: false,
-        readonlyAccess: false,
-      }),
+    const authResponse = await authResponseFactory.createResponse({
+      user: updatedUser,
+      apiVersion: dto.apiVersion,
+      userAgent: dto.updatedWithUserAgent,
+      ephemeralSession: false,
+      readonlyAccess: false,
+    })
+
+    if (authResponse.session) {
+      await this.deleteOtherSessionsForUserIfNeeded(user.uuid, authResponse.session, dto)
+    }
+
+    return Result.ok(authResponse.response)
+  }
+
+  private async deleteOtherSessionsForUserIfNeeded(
+    userUuid: string,
+    session: Session,
+    dto: ChangeCredentialsDTO,
+  ): Promise<void> {
+    const passwordHasChanged = dto.newPassword !== dto.currentPassword
+    const userEmailChanged = dto.newEmail !== undefined
+
+    if (passwordHasChanged || userEmailChanged) {
+      await this.deleteOtherSessionsForUserUseCase.execute({
+        userUuid,
+        currentSessionUuid: session.uuid,
+        markAsRevoked: false,
+      })
    }
  }
 }
@@ -1,8 +0,0 @@
-import { AuthResponse20161215 } from '../../Auth/AuthResponse20161215'
-import { AuthResponse20200115 } from '../../Auth/AuthResponse20200115'
-
-export type ChangeCredentialsResponse = {
-  success: boolean
-  authResponse?: AuthResponse20161215 | AuthResponse20200115
-  errorMessage?: string
-}
@@ -35,6 +35,7 @@ describe('DeleteAccount', () => {

    userRepository = {} as jest.Mocked<UserRepositoryInterface>
    userRepository.findOneByUuid = jest.fn().mockReturnValue(user)
+    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(user)

    userSubscriptionService = {} as jest.Mocked<UserSubscriptionServiceInterface>
    userSubscriptionService.findRegularSubscriptionForUserUuid = jest
@@ -53,65 +54,124 @@ describe('DeleteAccount', () => {
    timer.convertDateToMicroseconds = jest.fn().mockReturnValue(1)
  })

-  it('should trigger account deletion - no subscription', async () => {
-    userSubscriptionService.findRegularSubscriptionForUserUuid = jest
-      .fn()
-      .mockReturnValue({ regularSubscription: null, sharedSubscription: null })
+  describe('when user uuid is provided', () => {
+    it('should trigger account deletion - no subscription', async () => {
+      userSubscriptionService.findRegularSubscriptionForUserUuid = jest
+        .fn()
+        .mockReturnValue({ regularSubscription: null, sharedSubscription: null })

-    expect(await createUseCase().execute({ userUuid: '00000000-0000-0000-0000-000000000000' })).toEqual({
-      message: 'Successfully deleted user',
-      responseCode: 200,
-      success: true,
+      const result = await createUseCase().execute({ userUuid: '00000000-0000-0000-0000-000000000000' })
+
+      expect(result.isFailed()).toBeFalsy()
+      expect(domainEventPublisher.publish).toHaveBeenCalledTimes(1)
+      expect(domainEventFactory.createAccountDeletionRequestedEvent).toHaveBeenLastCalledWith({
+        userUuid: '1-2-3',
+        userCreatedAtTimestamp: 1,
+        regularSubscriptionUuid: undefined,
+      })
    })

-    expect(domainEventPublisher.publish).toHaveBeenCalledTimes(1)
-    expect(domainEventFactory.createAccountDeletionRequestedEvent).toHaveBeenLastCalledWith({
-      userUuid: '1-2-3',
-      userCreatedAtTimestamp: 1,
-      regularSubscriptionUuid: undefined,
+    it('should trigger account deletion - subscription present', async () => {
+      userSubscriptionService.findRegularSubscriptionForUserUuid = jest
+        .fn()
+        .mockReturnValue({ regularSubscription, sharedSubscription: null })
+
+      const result = await createUseCase().execute({ userUuid: '00000000-0000-0000-0000-000000000000' })
+
+      expect(result.isFailed()).toBeFalsy()
+
+      expect(domainEventPublisher.publish).toHaveBeenCalledTimes(1)
+      expect(domainEventFactory.createAccountDeletionRequestedEvent).toHaveBeenLastCalledWith({
+        userUuid: '1-2-3',
+        userCreatedAtTimestamp: 1,
+        regularSubscriptionUuid: '1-2-3',
+      })
+    })
+
+    it('should not trigger account deletion if user is not found', async () => {
+      userRepository.findOneByUuid = jest.fn().mockReturnValue(null)
+
+      const result = await createUseCase().execute({ userUuid: '00000000-0000-0000-0000-000000000000' })
+
+      expect(result.isFailed()).toBeFalsy()
+
+      expect(domainEventPublisher.publish).not.toHaveBeenCalled()
+      expect(domainEventFactory.createAccountDeletionRequestedEvent).not.toHaveBeenCalled()
+    })
+
+    it('should not trigger account deletion if user uuid is invalid', async () => {
+      const result = await createUseCase().execute({ userUuid: 'invalid' })
+
+      expect(result.isFailed()).toBeTruthy()
+
+      expect(domainEventPublisher.publish).not.toHaveBeenCalled()
+      expect(domainEventFactory.createAccountDeletionRequestedEvent).not.toHaveBeenCalled()
    })
  })

-  it('should trigger account deletion - subscription present', async () => {
-    userSubscriptionService.findRegularSubscriptionForUserUuid = jest
-      .fn()
-      .mockReturnValue({ regularSubscription, sharedSubscription: null })
+  describe('when username is provided', () => {
+    it('should trigger account deletion - no subscription', async () => {
+      userSubscriptionService.findRegularSubscriptionForUserUuid = jest
+        .fn()
+        .mockReturnValue({ regularSubscription: null, sharedSubscription: null })

-    expect(await createUseCase().execute({ userUuid: '00000000-0000-0000-0000-000000000000' })).toEqual({
-      message: 'Successfully deleted user',
-      responseCode: 200,
-      success: true,
+      const result = await createUseCase().execute({ username: 'test@test.te' })
+
+      expect(result.isFailed()).toBeFalsy()
+      expect(domainEventPublisher.publish).toHaveBeenCalledTimes(1)
+      expect(domainEventFactory.createAccountDeletionRequestedEvent).toHaveBeenLastCalledWith({
+        userUuid: '1-2-3',
+        userCreatedAtTimestamp: 1,
+        regularSubscriptionUuid: undefined,
+      })
    })

-    expect(domainEventPublisher.publish).toHaveBeenCalledTimes(1)
-    expect(domainEventFactory.createAccountDeletionRequestedEvent).toHaveBeenLastCalledWith({
-      userUuid: '1-2-3',
-      userCreatedAtTimestamp: 1,
-      regularSubscriptionUuid: '1-2-3',
+    it('should trigger account deletion - subscription present', async () => {
+      userSubscriptionService.findRegularSubscriptionForUserUuid = jest
+        .fn()
+        .mockReturnValue({ regularSubscription, sharedSubscription: null })
+
+      const result = await createUseCase().execute({ username: 'test@test.te' })
+
+      expect(result.isFailed()).toBeFalsy()
+
+      expect(domainEventPublisher.publish).toHaveBeenCalledTimes(1)
+      expect(domainEventFactory.createAccountDeletionRequestedEvent).toHaveBeenLastCalledWith({
+        userUuid: '1-2-3',
+        userCreatedAtTimestamp: 1,
+        regularSubscriptionUuid: '1-2-3',
+      })
+    })
+
+    it('should not trigger account deletion if user is not found', async () => {
+      userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(null)
+
+      const result = await createUseCase().execute({ username: 'test@test.te' })
+
+      expect(result.isFailed()).toBeFalsy()
+
+      expect(domainEventPublisher.publish).not.toHaveBeenCalled()
+      expect(domainEventFactory.createAccountDeletionRequestedEvent).not.toHaveBeenCalled()
+    })
+
+    it('should not trigger account deletion if username is invalid', async () => {
+      const result = await createUseCase().execute({ username: '' })
+
+      expect(result.isFailed()).toBeTruthy()
+
+      expect(domainEventPublisher.publish).not.toHaveBeenCalled()
+      expect(domainEventFactory.createAccountDeletionRequestedEvent).not.toHaveBeenCalled()
    })
  })

-  it('should not trigger account deletion if user is not found', async () => {
-    userRepository.findOneByUuid = jest.fn().mockReturnValue(null)
+  describe('when neither user uuid nor username is provided', () => {
+    it('should not trigger account deletion', async () => {
+      const result = await createUseCase().execute({})

-    expect(await createUseCase().execute({ userUuid: '00000000-0000-0000-0000-000000000000' })).toEqual({
-      message: 'User not found',
-      responseCode: 404,
-      success: false,
+      expect(result.isFailed()).toBeTruthy()
+
+      expect(domainEventPublisher.publish).not.toHaveBeenCalled()
+      expect(domainEventFactory.createAccountDeletionRequestedEvent).not.toHaveBeenCalled()
    })
-
-    expect(domainEventPublisher.publish).not.toHaveBeenCalled()
-    expect(domainEventFactory.createAccountDeletionRequestedEvent).not.toHaveBeenCalled()
-  })
-
-  it('should not trigger account deletion if user uuid is invalid', async () => {
-    expect(await createUseCase().execute({ userUuid: '' })).toEqual({
-      message: 'Given value is not a valid uuid: ',
-      responseCode: 400,
-      success: false,
-    })
-
-    expect(domainEventPublisher.publish).not.toHaveBeenCalled()
-    expect(domainEventFactory.createAccountDeletionRequestedEvent).not.toHaveBeenCalled()
  })
 })
@@ -1,4 +1,4 @@
-import { Uuid } from '@standardnotes/domain-core'
+import { Result, UseCaseInterface, Username, Uuid } from '@standardnotes/domain-core'
 import { DomainEventPublisherInterface } from '@standardnotes/domain-events'
 import { TimerInterface } from '@standardnotes/time'
 import { inject, injectable } from 'inversify'
@@ -7,13 +7,12 @@ import TYPES from '../../../Bootstrap/Types'
 import { DomainEventFactoryInterface } from '../../Event/DomainEventFactoryInterface'
 import { UserSubscriptionServiceInterface } from '../../Subscription/UserSubscriptionServiceInterface'
 import { UserRepositoryInterface } from '../../User/UserRepositoryInterface'
-import { UseCaseInterface } from '../UseCaseInterface'

 import { DeleteAccountDTO } from './DeleteAccountDTO'
-import { DeleteAccountResponse } from './DeleteAccountResponse'
+import { User } from '../../User/User'

@injectable()
-export class DeleteAccount implements UseCaseInterface {
+export class DeleteAccount implements UseCaseInterface<string> {
  constructor(
    @inject(TYPES.Auth_UserRepository) private userRepository: UserRepositoryInterface,
    @inject(TYPES.Auth_UserSubscriptionService) private userSubscriptionService: UserSubscriptionServiceInterface,
@@ -22,25 +21,30 @@ export class DeleteAccount implements UseCaseInterface {
    @inject(TYPES.Auth_Timer) private timer: TimerInterface,
  ) {}

-  async execute(dto: DeleteAccountDTO): Promise<DeleteAccountResponse> {
-    const uuidOrError = Uuid.create(dto.userUuid)
-    if (uuidOrError.isFailed()) {
-      return {
-        success: false,
-        responseCode: 400,
-        message: uuidOrError.getError(),
+  async execute(dto: DeleteAccountDTO): Promise<Result<string>> {
+    let user: User | null = null
+    if (dto.userUuid !== undefined) {
+      const uuidOrError = Uuid.create(dto.userUuid)
+      if (uuidOrError.isFailed()) {
+        return Result.fail(uuidOrError.getError())
      }
-    }
-    const uuid = uuidOrError.getValue()
+      const uuid = uuidOrError.getValue()

-    const user = await this.userRepository.findOneByUuid(uuid)
+      user = await this.userRepository.findOneByUuid(uuid)
+    } else if (dto.username !== undefined) {
+      const usernameOrError = Username.create(dto.username)
+      if (usernameOrError.isFailed()) {
+        return Result.fail(usernameOrError.getError())
+      }
+      const username = usernameOrError.getValue()
+
+      user = await this.userRepository.findOneByUsernameOrEmail(username)
+    } else {
+      return Result.fail('Either userUuid or username must be provided.')
+    }

    if (user === null) {
-      return {
-        success: false,
-        responseCode: 404,
-        message: 'User not found',
-      }
+      return Result.ok('User already deleted.')
    }

    let regularSubscriptionUuid = undefined
@@ -57,10 +61,6 @@ export class DeleteAccount implements UseCaseInterface {
      }),
    )

-    return {
-      success: true,
-      message: 'Successfully deleted user',
-      responseCode: 200,
-    }
+    return Result.ok('Successfully deleted account.')
  }
 }
@@ -1,3 +1,4 @@
 export type DeleteAccountDTO = {
-  userUuid: string
+  userUuid?: string
+  username?: string
 }
@@ -1,5 +0,0 @@
-export type DeleteAccountResponse = {
-  success: boolean
-  responseCode: number
-  message: string
-}
@@ -0,0 +1,82 @@
+import 'reflect-metadata'
+
+import { Session } from '../Session/Session'
+import { SessionRepositoryInterface } from '../Session/SessionRepositoryInterface'
+import { SessionServiceInterface } from '../Session/SessionServiceInterface'
+
+import { DeleteOtherSessionsForUser } from './DeleteOtherSessionsForUser'
+
+describe('DeleteOtherSessionsForUser', () => {
+  let sessionRepository: SessionRepositoryInterface
+  let sessionService: SessionServiceInterface
+  let session: Session
+  let currentSession: Session
+
+  const createUseCase = () => new DeleteOtherSessionsForUser(sessionRepository, sessionService)
+
+  beforeEach(() => {
+    session = {} as jest.Mocked<Session>
+    session.uuid = '00000000-0000-0000-0000-000000000000'
+
+    currentSession = {} as jest.Mocked<Session>
+    currentSession.uuid = '00000000-0000-0000-0000-000000000001'
+
+    sessionRepository = {} as jest.Mocked<SessionRepositoryInterface>
+    sessionRepository.deleteAllByUserUuidExceptOne = jest.fn()
+    sessionRepository.findAllByUserUuid = jest.fn().mockReturnValue([session, currentSession])
+
+    sessionService = {} as jest.Mocked<SessionServiceInterface>
+    sessionService.createRevokedSession = jest.fn()
+  })
+
+  it('should delete all sessions except current for a given user', async () => {
+    const result = await createUseCase().execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      currentSessionUuid: '00000000-0000-0000-0000-000000000001',
+      markAsRevoked: true,
+    })
+    expect(result.isFailed()).toBeFalsy()
+
+    expect(sessionRepository.deleteAllByUserUuidExceptOne).toHaveBeenCalled()
+
+    expect(sessionService.createRevokedSession).toHaveBeenCalledWith(session)
+    expect(sessionService.createRevokedSession).not.toHaveBeenCalledWith(currentSession)
+  })
+
+  it('should delete all sessions except current for a given user without marking as revoked', async () => {
+    const result = await createUseCase().execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      currentSessionUuid: '00000000-0000-0000-0000-000000000001',
+      markAsRevoked: false,
+    })
+    expect(result.isFailed()).toBeFalsy()
+
+    expect(sessionRepository.deleteAllByUserUuidExceptOne).toHaveBeenCalled()
+
+    expect(sessionService.createRevokedSession).not.toHaveBeenCalled()
+  })
+
+  it('should not delete any sessions if the user uuid is invalid', async () => {
+    const result = await createUseCase().execute({
+      userUuid: 'invalid',
+      currentSessionUuid: '00000000-0000-0000-0000-000000000001',
+      markAsRevoked: true,
+    })
+    expect(result.isFailed()).toBeTruthy()
+
+    expect(sessionRepository.deleteAllByUserUuidExceptOne).not.toHaveBeenCalled()
+    expect(sessionService.createRevokedSession).not.toHaveBeenCalled()
+  })
+
+  it('should not delete any sessions if the current session uuid is invalid', async () => {
+    const result = await createUseCase().execute({
+      userUuid: '00000000-0000-0000-0000-000000000000',
+      currentSessionUuid: 'invalid',
+      markAsRevoked: true,
+    })
+    expect(result.isFailed()).toBeTruthy()
+
+    expect(sessionRepository.deleteAllByUserUuidExceptOne).not.toHaveBeenCalled()
+    expect(sessionService.createRevokedSession).not.toHaveBeenCalled()
+  })
+})
@@ -0,0 +1,46 @@
+import { inject, injectable } from 'inversify'
+import { Result, UseCaseInterface, Uuid } from '@standardnotes/domain-core'
+
+import TYPES from '../../Bootstrap/Types'
+import { Session } from '../Session/Session'
+import { SessionRepositoryInterface } from '../Session/SessionRepositoryInterface'
+import { SessionServiceInterface } from '../Session/SessionServiceInterface'
+import { DeleteOtherSessionsForUserDTO } from './DeleteOtherSessionsForUserDTO'
+
+@injectable()
+export class DeleteOtherSessionsForUser implements UseCaseInterface<void> {
+  constructor(
+    @inject(TYPES.Auth_SessionRepository) private sessionRepository: SessionRepositoryInterface,
+    @inject(TYPES.Auth_SessionService) private sessionService: SessionServiceInterface,
+  ) {}
+
+  async execute(dto: DeleteOtherSessionsForUserDTO): Promise<Result<void>> {
+    const userUuidOrError = Uuid.create(dto.userUuid)
+    if (userUuidOrError.isFailed()) {
+      return Result.fail(userUuidOrError.getError())
+    }
+    const userUuid = userUuidOrError.getValue()
+
+    const currentSessionUuidOrError = Uuid.create(dto.currentSessionUuid)
+    if (currentSessionUuidOrError.isFailed()) {
+      return Result.fail(currentSessionUuidOrError.getError())
+    }
+    const currentSessionUuid = currentSessionUuidOrError.getValue()
+
+    const sessions = await this.sessionRepository.findAllByUserUuid(dto.userUuid)
+
+    if (dto.markAsRevoked) {
+      await Promise.all(
+        sessions.map(async (session: Session) => {
+          if (session.uuid !== currentSessionUuid.value) {
+            await this.sessionService.createRevokedSession(session)
+          }
+        }),
+      )
+    }
+
+    await this.sessionRepository.deleteAllByUserUuidExceptOne({ userUuid, currentSessionUuid })
+
+    return Result.ok()
+  }
+}
@@ -0,0 +1,5 @@
+export type DeleteOtherSessionsForUserDTO = {
+  userUuid: string
+  currentSessionUuid: string
+  markAsRevoked: boolean
+}
@@ -1,39 +0,0 @@
-import 'reflect-metadata'
-import { Session } from '../Session/Session'
-import { SessionRepositoryInterface } from '../Session/SessionRepositoryInterface'
-import { SessionServiceInterface } from '../Session/SessionServiceInterface'
-
-import { DeletePreviousSessionsForUser } from './DeletePreviousSessionsForUser'
-
-describe('DeletePreviousSessionsForUser', () => {
-  let sessionRepository: SessionRepositoryInterface
-  let sessionService: SessionServiceInterface
-  let session: Session
-  let currentSession: Session
-
-  const createUseCase = () => new DeletePreviousSessionsForUser(sessionRepository, sessionService)
-
-  beforeEach(() => {
-    session = {} as jest.Mocked<Session>
-    session.uuid = '1-2-3'
-
-    currentSession = {} as jest.Mocked<Session>
-    currentSession.uuid = '2-3-4'
-
-    sessionRepository = {} as jest.Mocked<SessionRepositoryInterface>
-    sessionRepository.deleteAllByUserUuid = jest.fn()
-    sessionRepository.findAllByUserUuid = jest.fn().mockReturnValue([session, currentSession])
-
-    sessionService = {} as jest.Mocked<SessionServiceInterface>
-    sessionService.createRevokedSession = jest.fn()
-  })
-
-  it('should delete all sessions except current for a given user', async () => {
-    expect(await createUseCase().execute({ userUuid: '1-2-3', currentSessionUuid: '2-3-4' })).toEqual({ success: true })
-
-    expect(sessionRepository.deleteAllByUserUuid).toHaveBeenCalledWith('1-2-3', '2-3-4')
-
-    expect(sessionService.createRevokedSession).toHaveBeenCalledWith(session)
-    expect(sessionService.createRevokedSession).not.toHaveBeenCalledWith(currentSession)
-  })
-})
@@ -1,32 +0,0 @@
-import { inject, injectable } from 'inversify'
-import TYPES from '../../Bootstrap/Types'
-import { Session } from '../Session/Session'
-import { SessionRepositoryInterface } from '../Session/SessionRepositoryInterface'
-import { SessionServiceInterface } from '../Session/SessionServiceInterface'
-import { DeletePreviousSessionsForUserDTO } from './DeletePreviousSessionsForUserDTO'
-import { DeletePreviousSessionsForUserResponse } from './DeletePreviousSessionsForUserResponse'
-import { UseCaseInterface } from './UseCaseInterface'
-
-@injectable()
-export class DeletePreviousSessionsForUser implements UseCaseInterface {
-  constructor(
-    @inject(TYPES.Auth_SessionRepository) private sessionRepository: SessionRepositoryInterface,
-    @inject(TYPES.Auth_SessionService) private sessionService: SessionServiceInterface,
-  ) {}
-
-  async execute(dto: DeletePreviousSessionsForUserDTO): Promise<DeletePreviousSessionsForUserResponse> {
-    const sessions = await this.sessionRepository.findAllByUserUuid(dto.userUuid)
-
-    await Promise.all(
-      sessions.map(async (session: Session) => {
-        if (session.uuid !== dto.currentSessionUuid) {
-          await this.sessionService.createRevokedSession(session)
-        }
-      }),
-    )
-
-    await this.sessionRepository.deleteAllByUserUuid(dto.userUuid, dto.currentSessionUuid)
-
-    return { success: true }
-  }
-}
@@ -1,4 +0,0 @@
-export type DeletePreviousSessionsForUserDTO = {
-  userUuid: string
-  currentSessionUuid: string
-}
@@ -1,3 +0,0 @@
-export type DeletePreviousSessionsForUserResponse = {
-  success: boolean
-}
@@ -10,6 +10,7 @@ import { UserRepositoryInterface } from '../User/UserRepositoryInterface'
 import { Register } from './Register'
 import { SettingServiceInterface } from '../Setting/SettingServiceInterface'
 import { AuthResponseFactory20200115 } from '../Auth/AuthResponseFactory20200115'
+import { Session } from '../Session/Session'

 describe('Register', () => {
  let userRepository: UserRepositoryInterface
@@ -32,7 +33,9 @@ describe('Register', () => {
    roleRepository.findOneByName = jest.fn().mockReturnValue(null)

    authResponseFactory = {} as jest.Mocked<AuthResponseFactory20200115>
-    authResponseFactory.createResponse = jest.fn().mockReturnValue({ foo: 'bar' })
+    authResponseFactory.createResponse = jest
+      .fn()
+      .mockReturnValue({ response: { foo: 'bar' }, session: {} as jest.Mocked<Session> })

    crypter = {} as jest.Mocked<CrypterInterface>
    crypter.generateEncryptedUserServerKey = jest.fn().mockReturnValue('test')
@@ -83,15 +83,17 @@ export class Register implements UseCaseInterface {

    await this.settingService.applyDefaultSettingsUponRegistration(user)

+    const result = await this.authResponseFactory20200115.createResponse({
+      user,
+      apiVersion,
+      userAgent: dto.updatedWithUserAgent,
+      ephemeralSession,
+      readonlyAccess: false,
+    })
+
    return {
      success: true,
-      authResponse: (await this.authResponseFactory20200115.createResponse({
-        user,
-        apiVersion,
-        userAgent: dto.updatedWithUserAgent,
-        ephemeralSession,
-        readonlyAccess: false,
-      })) as AuthResponse20200115,
+      authResponse: result.response as AuthResponse20200115,
    }
  }
 }
@@ -13,6 +13,7 @@ import { SignIn } from './SignIn'
 import { PKCERepositoryInterface } from '../User/PKCERepositoryInterface'
 import { CrypterInterface } from '../Encryption/CrypterInterface'
 import { ProtocolVersion } from '@standardnotes/common'
+import { Session } from '../Session/Session'

 describe('SignIn', () => {
  let user: User
@@ -50,7 +51,9 @@ describe('SignIn', () => {
    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(user)

    authResponseFactory = {} as jest.Mocked<AuthResponseFactoryInterface>
-    authResponseFactory.createResponse = jest.fn().mockReturnValue({ foo: 'bar' })
+    authResponseFactory.createResponse = jest
+      .fn()
+      .mockReturnValue({ response: { foo: 'bar' }, session: {} as jest.Mocked<Session> })

    authResponseFactoryResolver = {} as jest.Mocked<AuthResponseFactoryResolverInterface>
    authResponseFactoryResolver.resolveAuthResponseFactoryVersion = jest.fn().mockReturnValue(authResponseFactory)
@@ -95,15 +95,17 @@ export class SignIn implements UseCaseInterface {

    await this.sendSignInEmailNotification(user, dto.userAgent)

+    const result = await authResponseFactory.createResponse({
+      user,
+      apiVersion: dto.apiVersion,
+      userAgent: dto.userAgent,
+      ephemeralSession: dto.ephemeralSession,
+      readonlyAccess: false,
+    })
+
    return {
      success: true,
-      authResponse: await authResponseFactory.createResponse({
-        user,
-        apiVersion: dto.apiVersion,
-        userAgent: dto.userAgent,
-        ephemeralSession: dto.ephemeralSession,
-        readonlyAccess: false,
-      }),
+      authResponse: result.response,
    }
  }

@@ -124,7 +124,7 @@ export class SignInWithRecoveryCodes implements UseCaseInterface<AuthResponse202

    await this.clearLoginAttempts.execute({ email: username.value })

-    return Result.ok(authResponse as AuthResponse20200115)
+    return Result.ok(authResponse.response as AuthResponse20200115)
  }

  private async validateCodeVerifier(codeVerifier: string): Promise<boolean> {
@@ -8,6 +8,7 @@ import { AuthResponseFactoryInterface } from '../Auth/AuthResponseFactoryInterfa
 import { AuthResponseFactoryResolverInterface } from '../Auth/AuthResponseFactoryResolverInterface'

 import { UpdateUser } from './UpdateUser'
+import { Session } from '../Session/Session'

 describe('UpdateUser', () => {
  let userRepository: UserRepositoryInterface
@@ -24,7 +25,9 @@ describe('UpdateUser', () => {
    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(undefined)

    authResponseFactory = {} as jest.Mocked<AuthResponseFactoryInterface>
-    authResponseFactory.createResponse = jest.fn().mockReturnValue({ foo: 'bar' })
+    authResponseFactory.createResponse = jest
+      .fn()
+      .mockReturnValue({ response: { foo: 'bar' }, session: {} as jest.Mocked<Session> })

    authResponseFactoryResolver = {} as jest.Mocked<AuthResponseFactoryResolverInterface>
    authResponseFactoryResolver.resolveAuthResponseFactoryVersion = jest.fn().mockReturnValue(authResponseFactory)
@@ -23,15 +23,17 @@ export class UpdateUser implements UseCaseInterface {

    const authResponseFactory = this.authResponseFactoryResolver.resolveAuthResponseFactoryVersion(dto.apiVersion)

+    const result = await authResponseFactory.createResponse({
+      user: updatedUser,
+      apiVersion: dto.apiVersion,
+      userAgent: dto.updatedWithUserAgent,
+      ephemeralSession: false,
+      readonlyAccess: false,
+    })
+
    return {
      success: true,
-      authResponse: await authResponseFactory.createResponse({
-        user: updatedUser,
-        apiVersion: dto.apiVersion,
-        userAgent: dto.updatedWithUserAgent,
-        ephemeralSession: false,
-        readonlyAccess: false,
-      }),
+      authResponse: result.response,
    }
  }
 }
@@ -4,26 +4,26 @@ import * as express from 'express'

 import { AnnotatedSessionController } from './AnnotatedSessionController'
 import { results } from 'inversify-express-utils'
-import { DeletePreviousSessionsForUser } from '../../Domain/UseCase/DeletePreviousSessionsForUser'
+import { DeleteOtherSessionsForUser } from '../../Domain/UseCase/DeleteOtherSessionsForUser'
 import { DeleteSessionForUser } from '../../Domain/UseCase/DeleteSessionForUser'
 import { RefreshSessionToken } from '../../Domain/UseCase/RefreshSessionToken'

 describe('AnnotatedSessionController', () => {
  let deleteSessionForUser: DeleteSessionForUser
-  let deletePreviousSessionsForUser: DeletePreviousSessionsForUser
+  let deleteOtherSessionsForUser: DeleteOtherSessionsForUser
  let refreshSessionToken: RefreshSessionToken
  let request: express.Request
  let response: express.Response

  const createController = () =>
-    new AnnotatedSessionController(deleteSessionForUser, deletePreviousSessionsForUser, refreshSessionToken)
+    new AnnotatedSessionController(deleteSessionForUser, deleteOtherSessionsForUser, refreshSessionToken)

  beforeEach(() => {
    deleteSessionForUser = {} as jest.Mocked<DeleteSessionForUser>
    deleteSessionForUser.execute = jest.fn().mockReturnValue({ success: true })

-    deletePreviousSessionsForUser = {} as jest.Mocked<DeletePreviousSessionsForUser>
-    deletePreviousSessionsForUser.execute = jest.fn()
+    deleteOtherSessionsForUser = {} as jest.Mocked<DeleteOtherSessionsForUser>
+    deleteOtherSessionsForUser.execute = jest.fn()

    refreshSessionToken = {} as jest.Mocked<RefreshSessionToken>
    refreshSessionToken.execute = jest.fn()
@@ -196,9 +196,10 @@ describe('AnnotatedSessionController', () => {
    const httpResult = <results.JsonResult>await createController().deleteAllSessions(request, response)
    const result = await httpResult.executeAsync()

-    expect(deletePreviousSessionsForUser.execute).toHaveBeenCalledWith({
+    expect(deleteOtherSessionsForUser.execute).toHaveBeenCalledWith({
      userUuid: '123',
      currentSessionUuid: '234',
+      markAsRevoked: true,
    })

    expect(result.statusCode).toEqual(204)
@@ -218,7 +219,7 @@ describe('AnnotatedSessionController', () => {
    const httpResponse = <results.JsonResult>await createController().deleteAllSessions(request, response)
    const result = await httpResponse.executeAsync()

-    expect(deletePreviousSessionsForUser.execute).not.toHaveBeenCalled()
+    expect(deleteOtherSessionsForUser.execute).not.toHaveBeenCalled()

    expect(result.statusCode).toEqual(401)
  })
@@ -8,7 +8,7 @@ import {
  results,
 } from 'inversify-express-utils'
 import TYPES from '../../Bootstrap/Types'
-import { DeletePreviousSessionsForUser } from '../../Domain/UseCase/DeletePreviousSessionsForUser'
+import { DeleteOtherSessionsForUser } from '../../Domain/UseCase/DeleteOtherSessionsForUser'
 import { DeleteSessionForUser } from '../../Domain/UseCase/DeleteSessionForUser'
 import { RefreshSessionToken } from '../../Domain/UseCase/RefreshSessionToken'
 import { BaseSessionController } from './Base/BaseSessionController'
@@ -17,11 +17,11 @@ import { BaseSessionController } from './Base/BaseSessionController'
 export class AnnotatedSessionController extends BaseSessionController {
  constructor(
    @inject(TYPES.Auth_DeleteSessionForUser) override deleteSessionForUser: DeleteSessionForUser,
-    @inject(TYPES.Auth_DeletePreviousSessionsForUser)
-    override deletePreviousSessionsForUser: DeletePreviousSessionsForUser,
+    @inject(TYPES.Auth_DeleteOtherSessionsForUser)
+    override deleteOtherSessionsForUser: DeleteOtherSessionsForUser,
    @inject(TYPES.Auth_RefreshSessionToken) override refreshSessionToken: RefreshSessionToken,
  ) {
-    super(deleteSessionForUser, deletePreviousSessionsForUser, refreshSessionToken)
+    super(deleteSessionForUser, deleteOtherSessionsForUser, refreshSessionToken)
  }

  @httpDelete('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware, TYPES.Auth_SessionMiddleware)
@@ -4,7 +4,7 @@ import * as express from 'express'

 import { AnnotatedUsersController } from './AnnotatedUsersController'
 import { results } from 'inversify-express-utils'
-import { Username } from '@standardnotes/domain-core'
+import { Result, Username } from '@standardnotes/domain-core'
 import { DeleteAccount } from '../../Domain/UseCase/DeleteAccount/DeleteAccount'
 import { ChangeCredentials } from '../../Domain/UseCase/ChangeCredentials/ChangeCredentials'
 import { ClearLoginAttempts } from '../../Domain/UseCase/ClearLoginAttempts'
@@ -45,7 +45,7 @@ describe('AnnotatedUsersController', () => {
    updateUser.execute = jest.fn()

    deleteAccount = {} as jest.Mocked<DeleteAccount>
-    deleteAccount.execute = jest.fn().mockReturnValue({ success: true, message: 'A OK', responseCode: 200 })
+    deleteAccount.execute = jest.fn().mockReturnValue(Result.ok('success'))

    user = {} as jest.Mocked<User>
    user.uuid = '123'
@@ -181,7 +181,22 @@ describe('AnnotatedUsersController', () => {
    expect(deleteAccount.execute).toHaveBeenCalledWith({ userUuid: '1-2-3' })

    expect(result.statusCode).toEqual(200)
-    expect(await result.content.readAsStringAsync()).toEqual('{"message":"A OK"}')
+  })
+
+  it('should indicate failure when deleting user', async () => {
+    request.params.userUuid = '1-2-3'
+    response.locals.user = {
+      uuid: '1-2-3',
+    }
+
+    deleteAccount.execute = jest.fn().mockReturnValue(Result.fail('Something bad happened'))
+
+    const httpResponse = <results.JsonResult>await createController().deleteAccount(request, response)
+    const result = await httpResponse.executeAsync()
+
+    expect(deleteAccount.execute).toHaveBeenCalledWith({ userUuid: '1-2-3' })
+
+    expect(result.statusCode).toEqual(400)
  })

  it('should not delete user if user uuid is different than the one in the session', async () => {
@@ -317,7 +332,7 @@ describe('AnnotatedUsersController', () => {
    request.headers['user-agent'] = 'Google Chrome'
    response.locals.user = user

-    changeCredentials.execute = jest.fn().mockReturnValue({ success: true, authResponse: { foo: 'bar' } })
+    changeCredentials.execute = jest.fn().mockReturnValue(Result.ok({ foo: 'bar' }))

    const httpResponse = <results.JsonResult>await createController().changeCredentials(request, response)
    const result = await httpResponse.executeAsync()
@@ -331,6 +346,7 @@ describe('AnnotatedUsersController', () => {
      kpOrigination: 'change-password',
      pwNonce: 'asdzxc',
      protocolVersion: '004',
+      newEmail: undefined,
      username: Username.create('test@test.te').getValue(),
    })

@@ -370,7 +386,7 @@ describe('AnnotatedUsersController', () => {
    request.headers['user-agent'] = 'Google Chrome'
    response.locals.user = user

-    changeCredentials.execute = jest.fn().mockReturnValue({ success: false, errorMessage: 'Something bad happened' })
+    changeCredentials.execute = jest.fn().mockReturnValue(Result.fail('Something bad happened'))

    const httpResponse = <results.JsonResult>await createController().changeCredentials(request, response)
    const result = await httpResponse.executeAsync()
@@ -3,14 +3,14 @@ import { Request, Response } from 'express'
 import { BaseHttpController, results } from 'inversify-express-utils'
 import { ErrorTag } from '@standardnotes/responses'

-import { DeletePreviousSessionsForUser } from '../../../Domain/UseCase/DeletePreviousSessionsForUser'
+import { DeleteOtherSessionsForUser } from '../../../Domain/UseCase/DeleteOtherSessionsForUser'
 import { DeleteSessionForUser } from '../../../Domain/UseCase/DeleteSessionForUser'
 import { RefreshSessionToken } from '../../../Domain/UseCase/RefreshSessionToken'

 export class BaseSessionController extends BaseHttpController {
  constructor(
    protected deleteSessionForUser: DeleteSessionForUser,
-    protected deletePreviousSessionsForUser: DeletePreviousSessionsForUser,
+    protected deleteOtherSessionsForUser: DeleteOtherSessionsForUser,
    protected refreshSessionToken: RefreshSessionToken,
    private controllerContainer?: ControllerContainerInterface,
  ) {
@@ -106,9 +106,10 @@ export class BaseSessionController extends BaseHttpController {
      )
    }

-    await this.deletePreviousSessionsForUser.execute({
+    await this.deleteOtherSessionsForUser.execute({
      userUuid: response.locals.user.uuid,
      currentSessionUuid: response.locals.session.uuid,
+      markAsRevoked: true,
    })

    response.setHeader('x-invalidate-cache', response.locals.user.uuid)
@@ -119,7 +119,18 @@ export class BaseUsersController extends BaseHttpController {
      userUuid: request.params.userUuid,
    })

-    return this.json({ message: result.message }, result.responseCode)
+    if (result.isFailed()) {
+      return this.json(
+        {
+          error: {
+            message: result.getError(),
+          },
+        },
+        400,
+      )
+    }
+
+    return this.json({ message: result.getValue() }, 200)
  }

  async getSubscription(request: Request, response: Response): Promise<results.JsonResult> {
@@ -217,13 +228,13 @@ export class BaseUsersController extends BaseHttpController {
      protocolVersion: request.body.version,
    })

-    if (!changeCredentialsResult.success) {
+    if (changeCredentialsResult.isFailed()) {
      await this.increaseLoginAttempts.execute({ email: response.locals.user.email })

      return this.json(
        {
          error: {
-            message: changeCredentialsResult.errorMessage,
+            message: changeCredentialsResult.getError(),
          },
        },
        401,
@@ -234,6 +245,6 @@ export class BaseUsersController extends BaseHttpController {

    response.setHeader('x-invalidate-cache', response.locals.user.uuid)

-    return this.json(changeCredentialsResult.authResponse)
+    return this.json(changeCredentialsResult.getValue())
  }
 }
@@ -7,6 +7,7 @@ import TYPES from '../../Bootstrap/Types'

 import { Session } from '../../Domain/Session/Session'
 import { SessionRepositoryInterface } from '../../Domain/Session/SessionRepositoryInterface'
+import { Uuid } from '@standardnotes/domain-core'

@injectable()
 export class TypeORMSessionRepository implements SessionRepositoryInterface {
@@ -100,13 +101,13 @@ export class TypeORMSessionRepository implements SessionRepositoryInterface {
      .getMany()
  }

-  async deleteAllByUserUuid(userUuid: string, currentSessionUuid: string): Promise<void> {
+  async deleteAllByUserUuidExceptOne(dto: { userUuid: Uuid; currentSessionUuid: Uuid }): Promise<void> {
    await this.ormRepository
      .createQueryBuilder('session')
      .delete()
      .where('user_uuid = :user_uuid AND uuid != :current_session_uuid', {
-        user_uuid: userUuid,
-        current_session_uuid: currentSessionUuid,
+        user_uuid: dto.userUuid.value,
+        current_session_uuid: dto.currentSessionUuid.value,
      })
      .execute()
  }
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.24.2](https://github.com/standardnotes/server/compare/@standardnotes/domain-core@1.24.1...@standardnotes/domain-core@1.24.2) (2023-08-02)
+
+### Bug Fixes
+
+* **domain-core:** remove unused content types ([71624f1](https://github.com/standardnotes/server/commit/71624f18979ed9254fafeeced733e598cd66cbeb))
+
 ## [1.24.1](https://github.com/standardnotes/server/compare/@standardnotes/domain-core@1.24.0...@standardnotes/domain-core@1.24.1) (2023-07-27)

 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/domain-core",
-  "version": "1.24.1",
+  "version": "1.24.2",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -31,9 +31,9 @@ describe('ContentType', () => {
  })

  it('should fallback to the value if the display name is not found', () => {
-    const valueOrError = ContentType.create(ContentType.TYPES.Unknown)
+    const valueOrError = ContentType.create(ContentType.TYPES.EncryptedStorage)

    expect(valueOrError.isFailed()).toBeFalsy()
-    expect(valueOrError.getValue().getDisplayName()).toEqual('Unknown')
+    expect(valueOrError.getValue().getDisplayName()).toEqual('SN|EncryptedStorage')
  })
 })
@@ -14,7 +14,6 @@ export class ContentType extends ValueObject<ContentTypeProps> {
    RootKey: 'SN|RootKey|NoSync',
    ItemsKey: 'SN|ItemsKey',
    EncryptedStorage: 'SN|EncryptedStorage',
-    Privileges: 'SN|Privileges',
    Note: 'Note',
    Tag: 'Tag',
    SmartView: 'SN|SmartTag',
@@ -29,7 +28,6 @@ export class ContentType extends ValueObject<ContentTypeProps> {
    FilesafeFileMetadata: 'SN|FileSafe|FileMetadata',
    FilesafeIntegration: 'SN|FileSafe|Integration',
    ExtensionRepo: 'SN|ExtensionRepo',
-    Unknown: 'Unknown',
  }

  private readonly displayNamesMap: Partial<Record<string, string>> = {
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.12.10](https://github.com/standardnotes/server/compare/@standardnotes/domain-events-infra@1.12.9...@standardnotes/domain-events-infra@1.12.10) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/domain-events-infra
+
 ## [1.12.9](https://github.com/standardnotes/server/compare/@standardnotes/domain-events-infra@1.12.8...@standardnotes/domain-events-infra@1.12.9) (2023-07-07)

 **Note:** Version bump only for package @standardnotes/domain-events-infra
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/domain-events-infra",
-  "version": "1.12.9",
+  "version": "1.12.10",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+# [2.114.0](https://github.com/standardnotes/server/compare/@standardnotes/domain-events@2.113.1...@standardnotes/domain-events@2.114.0) (2023-08-03)
+
+### Features
+
+* **auth:** add handling payments account deleted events STA-1769 ([#682](https://github.com/standardnotes/server/issues/682)) ([8e35dfa](https://github.com/standardnotes/server/commit/8e35dfa4b77256f4c0a3294b296a5526fd1020ad))
+
 ## [2.113.1](https://github.com/standardnotes/server/compare/@standardnotes/domain-events@2.113.0...@standardnotes/domain-events@2.113.1) (2023-07-07)

 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/domain-events",
-  "version": "2.113.1",
+  "version": "2.114.0",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -0,0 +1,8 @@
+import { DomainEventInterface } from './DomainEventInterface'
+
+import { PaymentsAccountDeletedEventPayload } from './PaymentsAccountDeletedEventPayload'
+
+export interface PaymentsAccountDeletedEvent extends DomainEventInterface {
+  type: 'PAYMENTS_ACCOUNT_DELETED'
+  payload: PaymentsAccountDeletedEventPayload
+}
@@ -0,0 +1,3 @@
+export interface PaymentsAccountDeletedEventPayload {
+  username: string
+}
@@ -44,6 +44,8 @@ export * from './Event/MuteEmailsSettingChangedEvent'
 export * from './Event/MuteEmailsSettingChangedEventPayload'
 export * from './Event/PaymentFailedEvent'
 export * from './Event/PaymentFailedEventPayload'
+export * from './Event/PaymentsAccountDeletedEvent'
+export * from './Event/PaymentsAccountDeletedEventPayload'
 export * from './Event/PaymentSuccessEvent'
 export * from './Event/PaymentSuccessEventPayload'
 export * from './Event/PredicateVerificationRequestedEvent'
@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.11.15](https://github.com/standardnotes/server/compare/@standardnotes/event-store@1.11.14...@standardnotes/event-store@1.11.15) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/event-store
+
+## [1.11.14](https://github.com/standardnotes/server/compare/@standardnotes/event-store@1.11.13...@standardnotes/event-store@1.11.14) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/event-store
+
 ## [1.11.13](https://github.com/standardnotes/server/compare/@standardnotes/event-store@1.11.12...@standardnotes/event-store@1.11.13) (2023-07-27)

 **Note:** Version bump only for package @standardnotes/event-store
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/event-store",
-  "version": "1.11.13",
+  "version": "1.11.15",
  "description": "Event Store Service",
  "private": true,
  "main": "dist/src/index.js",
@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.19.18](https://github.com/standardnotes/files/compare/@standardnotes/files-server@1.19.17...@standardnotes/files-server@1.19.18) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/files-server
+
+## [1.19.17](https://github.com/standardnotes/files/compare/@standardnotes/files-server@1.19.16...@standardnotes/files-server@1.19.17) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/files-server
+
 ## [1.19.16](https://github.com/standardnotes/files/compare/@standardnotes/files-server@1.19.15...@standardnotes/files-server@1.19.16) (2023-08-01)

 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/files-server",
-  "version": "1.19.16",
+  "version": "1.19.18",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -3,6 +3,38 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.13.30](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.13.29...@standardnotes/home-server@1.13.30) (2023-08-07)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.13.29](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.13.28...@standardnotes/home-server@1.13.29) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.13.28](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.13.27...@standardnotes/home-server@1.13.28) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.13.27](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.13.26...@standardnotes/home-server@1.13.27) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.13.26](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.13.25...@standardnotes/home-server@1.13.26) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.13.25](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.13.24...@standardnotes/home-server@1.13.25) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.13.24](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.13.23...@standardnotes/home-server@1.13.24) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.13.23](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.13.22...@standardnotes/home-server@1.13.23) (2023-08-01)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
 ## [1.13.22](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.13.21...@standardnotes/home-server@1.13.22) (2023-08-01)

 **Note:** Version bump only for package @standardnotes/home-server
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/home-server",
-  "version": "1.13.22",
+  "version": "1.13.30",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -3,6 +3,20 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.26.2](https://github.com/standardnotes/server/compare/@standardnotes/revisions-server@1.26.1...@standardnotes/revisions-server@1.26.2) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/revisions-server
+
+## [1.26.1](https://github.com/standardnotes/server/compare/@standardnotes/revisions-server@1.26.0...@standardnotes/revisions-server@1.26.1) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/revisions-server
+
+# [1.26.0](https://github.com/standardnotes/server/compare/@standardnotes/revisions-server@1.25.7...@standardnotes/revisions-server@1.26.0) (2023-08-02)
+
+### Features
+
+* enable Write Ahead Log mode for SQLite ([#681](https://github.com/standardnotes/server/issues/681)) ([8cd7a13](https://github.com/standardnotes/server/commit/8cd7a138ab56f6a2b0d6c06ef6041ab9b85ae540))
+
 ## [1.25.7](https://github.com/standardnotes/server/compare/@standardnotes/revisions-server@1.25.6...@standardnotes/revisions-server@1.25.7) (2023-08-01)

 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/revisions-server",
-  "version": "1.25.7",
+  "version": "1.26.2",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -80,6 +80,8 @@ export class AppDataSource {
        ...commonDataSourceOptions,
        type: 'sqlite',
        database: this.env.get('DB_SQLITE_DATABASE_PATH'),
+        enableWAL: true,
+        busyErrorRetry: 2000,
      }

      this.dataSource = new DataSource(sqliteDataSourceOptions)
@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.20.17](https://github.com/standardnotes/server/compare/@standardnotes/scheduler-server@1.20.16...@standardnotes/scheduler-server@1.20.17) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/scheduler-server
+
+## [1.20.16](https://github.com/standardnotes/server/compare/@standardnotes/scheduler-server@1.20.15...@standardnotes/scheduler-server@1.20.16) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/scheduler-server
+
 ## [1.20.15](https://github.com/standardnotes/server/compare/@standardnotes/scheduler-server@1.20.14...@standardnotes/scheduler-server@1.20.15) (2023-07-27)

 **Note:** Version bump only for package @standardnotes/scheduler-server
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/scheduler-server",
-  "version": "1.20.15",
+  "version": "1.20.17",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.21.21](https://github.com/standardnotes/server/compare/@standardnotes/settings@1.21.20...@standardnotes/settings@1.21.21) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/settings
+
 ## [1.21.20](https://github.com/standardnotes/server/compare/@standardnotes/settings@1.21.19...@standardnotes/settings@1.21.20) (2023-07-27)

 **Note:** Version bump only for package @standardnotes/settings
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/settings",
-  "version": "1.21.20",
+  "version": "1.21.21",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -3,6 +3,44 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.75.4](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.75.3...@standardnotes/syncing-server@1.75.4) (2023-08-03)
+
+### Bug Fixes
+
+* **syncing-server:** skip retrieval of items with invalid uuids ([#683](https://github.com/standardnotes/syncing-server-js/issues/683)) ([0036d52](https://github.com/standardnotes/syncing-server-js/commit/0036d527bd31cd81eda59e918b5f897f24cfa340))
+
+## [1.75.3](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.75.2...@standardnotes/syncing-server@1.75.3) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/syncing-server
+
+## [1.75.2](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.75.1...@standardnotes/syncing-server@1.75.2) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/syncing-server
+
+## [1.75.1](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.75.0...@standardnotes/syncing-server@1.75.1) (2023-08-02)
+
+### Bug Fixes
+
+* **syncing-server:** update unknown content type on items migration ([6aad7cd](https://github.com/standardnotes/syncing-server-js/commit/6aad7cd207dcacd4ee372e7a6e6ebc60a75cea2a))
+
+# [1.75.0](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.74.1...@standardnotes/syncing-server@1.75.0) (2023-08-02)
+
+### Features
+
+* enable Write Ahead Log mode for SQLite ([#681](https://github.com/standardnotes/syncing-server-js/issues/681)) ([8cd7a13](https://github.com/standardnotes/syncing-server-js/commit/8cd7a138ab56f6a2b0d6c06ef6041ab9b85ae540))
+
+## [1.74.1](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.74.0...@standardnotes/syncing-server@1.74.1) (2023-08-02)
+
+### Bug Fixes
+
+* **syncing-server:** encapsulate delete queries into transactions ([2ca649c](https://github.com/standardnotes/syncing-server-js/commit/2ca649cf314617f01107f8479928df1581c924db))
+
+# [1.74.0](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.73.1...@standardnotes/syncing-server@1.74.0) (2023-08-01)
+
+### Features
+
+* **syncing-server:** remove legacy privileges items ([#679](https://github.com/standardnotes/syncing-server-js/issues/679)) ([e9bba6f](https://github.com/standardnotes/syncing-server-js/commit/e9bba6fd3acfde62c3063160ba3ec3aa83c45b31))
+
 ## [1.73.1](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.73.0...@standardnotes/syncing-server@1.73.1) (2023-08-01)

 ### Bug Fixes
@@ -0,0 +1,23 @@
+import { MigrationInterface, QueryRunner } from 'typeorm'
+
+export class DeletePrivileges1690900526061 implements MigrationInterface {
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    const itemsWithPrivilegesContentTypeQueryResult = await queryRunner.manager.query(
+      'SELECT COUNT(*) as count FROM items i WHERE i.content_type = "SN|Privileges"',
+    )
+    const itemsWithPrivilegesContentTypeCount = +itemsWithPrivilegesContentTypeQueryResult[0].count
+
+    const batchSize = 1_000
+    const batchCount = Math.ceil(itemsWithPrivilegesContentTypeCount / batchSize)
+
+    for (let batchIndex = 0; batchIndex < batchCount; batchIndex++) {
+      await queryRunner.startTransaction()
+      await queryRunner.manager.query(`DELETE FROM items WHERE content_type = "SN|Privileges" LIMIT ${batchSize}`)
+      await queryRunner.commitTransaction()
+    }
+  }
+
+  public async down(): Promise<void> {
+    return
+  }
+}
@@ -0,0 +1,11 @@
+import { MigrationInterface, QueryRunner } from 'typeorm'
+
+export class UpdateUnknownContent1690975361562 implements MigrationInterface {
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.manager.query('UPDATE items SET content_type = "Note" WHERE content_type = "Unknown"')
+  }
+
+  public async down(): Promise<void> {
+    return
+  }
+}
@@ -0,0 +1,23 @@
+import { MigrationInterface, QueryRunner } from 'typeorm'
+
+export class DeletePrivileges1690901030484 implements MigrationInterface {
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    const itemsWithPrivilegesContentTypeQueryResult = await queryRunner.manager.query(
+      'SELECT COUNT(*) as count FROM items i WHERE i.content_type = "SN|Privileges"',
+    )
+    const itemsWithPrivilegesContentTypeCount = +itemsWithPrivilegesContentTypeQueryResult[0].count
+
+    const batchSize = 1_000
+    const batchCount = Math.ceil(itemsWithPrivilegesContentTypeCount / batchSize)
+
+    for (let batchIndex = 0; batchIndex < batchCount; batchIndex++) {
+      await queryRunner.startTransaction()
+      await queryRunner.manager.query(`DELETE FROM items WHERE content_type = "SN|Privileges" LIMIT ${batchSize}`)
+      await queryRunner.commitTransaction()
+    }
+  }
+
+  public async down(): Promise<void> {
+    return
+  }
+}
@@ -0,0 +1,11 @@
+import { MigrationInterface, QueryRunner } from 'typeorm'
+
+export class UpdateUnknownContent1690975207883 implements MigrationInterface {
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.manager.query('UPDATE items SET content_type = "Note" WHERE content_type = "Unknown"')
+  }
+
+  public async down(): Promise<void> {
+    return
+  }
+}
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/syncing-server",
-  "version": "1.73.1",
+  "version": "1.75.4",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -402,6 +402,7 @@ export class ContainerConfigLoader {
          container.get(TYPES.Sync_ItemPersistenceMapper),
          container.get(TYPES.Sync_KeySystemAssociationRepository),
          container.get(TYPES.Sync_SharedVaultAssociationRepository),
+          container.get(TYPES.Sync_Logger),
        ),
      )
    container
@@ -98,6 +98,8 @@ export class AppDataSource {
        ...commonDataSourceOptions,
        type: 'sqlite',
        database: this.env.get('DB_SQLITE_DATABASE_PATH'),
+        enableWAL: true,
+        busyErrorRetry: 2000,
      }

      this._dataSource = new DataSource(sqliteDataSourceOptions)
@@ -1,6 +1,7 @@
 import { ReadStream } from 'fs'
 import { Repository, SelectQueryBuilder, Brackets } from 'typeorm'
 import { Change, MapperInterface, Uuid } from '@standardnotes/domain-core'
+import { Logger } from 'winston'

 import { Item } from '../../Domain/Item/Item'
 import { ItemQuery } from '../../Domain/Item/ItemQuery'
@@ -19,6 +20,7 @@ export class TypeORMItemRepository implements ItemRepositoryInterface {
    private mapper: MapperInterface<Item, TypeORMItem>,
    private keySystemAssociationRepository: KeySystemAssociationRepositoryInterface,
    private sharedVaultAssociationRepository: SharedVaultAssociationRepositoryInterface,
+    private logger: Logger,
  ) {}

  async save(item: Item): Promise<void> {
@@ -87,11 +89,17 @@ export class TypeORMItemRepository implements ItemRepositoryInterface {
      return null
    }

-    const item = this.mapper.toDomain(persistence)
+    try {
+      const item = this.mapper.toDomain(persistence)

-    await this.decorateItemWithAssociations(item)
+      await this.decorateItemWithAssociations(item)

-    return item
+      return item
+    } catch (error) {
+      this.logger.error(`Failed to find item ${uuid.value} by uuid: ${(error as Error).message}`)
+
+      return null
+    }
  }

  async findDatesForComputingIntegrityHash(userUuid: string): Promise<Array<{ updated_at_timestamp: number }>> {
@@ -131,17 +139,30 @@ export class TypeORMItemRepository implements ItemRepositoryInterface {
      return null
    }

-    const item = this.mapper.toDomain(persistence)
+    try {
+      const item = this.mapper.toDomain(persistence)

-    await this.decorateItemWithAssociations(item)
+      await this.decorateItemWithAssociations(item)

-    return item
+      return item
+    } catch (error) {
+      this.logger.error(`Failed to find item ${uuid} by uuid and userUuid: ${(error as Error).message}`)
+
+      return null
+    }
  }

  async findAll(query: ItemQuery): Promise<Item[]> {
    const persistence = await this.createFindAllQueryBuilder(query).getMany()

-    const domainItems = persistence.map((p) => this.mapper.toDomain(p))
+    const domainItems: Item[] = []
+    for (const persistencItem of persistence) {
+      try {
+        domainItems.push(this.mapper.toDomain(persistencItem))
+      } catch (error) {
+        this.logger.error(`Failed to map item ${persistencItem.uuid} to domain: ${(error as Error).message}`)
+      }
+    }

    await Promise.all(domainItems.map((item) => this.decorateItemWithAssociations(item)))

@@ -6,6 +6,12 @@ import { TypeORMItem } from '../../Infra/TypeORM/TypeORMItem'

 export class ItemPersistenceMapper implements MapperInterface<Item, TypeORMItem> {
  toDomain(projection: TypeORMItem): Item {
+    const uuidOrError = Uuid.create(projection.uuid)
+    if (uuidOrError.isFailed()) {
+      throw new Error(`Failed to create item from projection: ${uuidOrError.getError()}`)
+    }
+    const uuid = uuidOrError.getValue()
+
    let duplicateOf = null
    if (projection.duplicateOf) {
      const duplicateOfOrError = Uuid.create(projection.duplicateOf)
@@ -63,7 +69,7 @@ export class ItemPersistenceMapper implements MapperInterface<Item, TypeORMItem>
        timestamps,
        updatedWithSession,
      },
-      new UniqueEntityId(projection.uuid),
+      new UniqueEntityId(uuid.value),
    )
    if (itemOrError.isFailed()) {
      throw new Error(`Failed to create item from projection: ${itemOrError.getError()}`)
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.10.12](https://github.com/standardnotes/server/compare/@standardnotes/websockets-server@1.10.11...@standardnotes/websockets-server@1.10.12) (2023-08-03)
+
+**Note:** Version bump only for package @standardnotes/websockets-server
+
+## [1.10.11](https://github.com/standardnotes/server/compare/@standardnotes/websockets-server@1.10.10...@standardnotes/websockets-server@1.10.11) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/websockets-server
+
+## [1.10.10](https://github.com/standardnotes/server/compare/@standardnotes/websockets-server@1.10.9...@standardnotes/websockets-server@1.10.10) (2023-08-02)
+
+**Note:** Version bump only for package @standardnotes/websockets-server
+
 ## [1.10.9](https://github.com/standardnotes/server/compare/@standardnotes/websockets-server@1.10.8...@standardnotes/websockets-server@1.10.9) (2023-08-01)

 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/websockets-server",
-  "version": "1.10.9",
+  "version": "1.10.12",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -30,7 +30,6 @@
    "@standardnotes/domain-events-infra": "workspace:^",
    "@standardnotes/responses": "^1.13.27",
    "@standardnotes/security": "workspace:^",
-    "@standardnotes/utils": "^1.17.5",
    "axios": "^1.1.3",
    "cors": "2.8.5",
    "dotenv": "^16.0.1",
@@ -4171,7 +4171,6 @@ __metadata:
    "@standardnotes/domain-events-infra": "workspace:^"
    "@standardnotes/responses": "npm:^1.13.27"
    "@standardnotes/security": "workspace:^"
-    "@standardnotes/utils": "npm:^1.17.5"
    "@types/cors": "npm:^2.8.9"
    "@types/express": "npm:^4.17.14"
    "@types/ioredis": "npm:^5.0.0"
Author	SHA1	Message	Date
standardci	67311cc002	chore(release): publish new version - @standardnotes/auth-server@1.130.0 - @standardnotes/home-server@1.13.30	2023-08-07 08:32:08 +00:00
Karol Sójko	f39d3aca5b	feat(auth): invalidate other sessions for user if the email or password are changed (#684 ) * feat(auth): invalidate other sessions for user if the email or password are changed * fix(auth): handling credentials change in a legacy protocol scenario * fix(auth): leave only the newly created session when changing credentials	2023-08-07 10:02:47 +02:00
standardci	8e47491e3c	chore(release): publish new version - @standardnotes/home-server@1.13.29 - @standardnotes/syncing-server@1.75.4	2023-08-03 13:38:37 +00:00
Karol Sójko	0036d527bd	fix(syncing-server): skip retrieval of items with invalid uuids (#683 )	2023-08-03 15:05:59 +02:00
standardci	f565f1d950	chore(release): publish new version - @standardnotes/analytics@2.25.8 - @standardnotes/api-gateway@1.69.3 - @standardnotes/auth-server@1.129.0 - @standardnotes/domain-events-infra@1.12.10 - @standardnotes/domain-events@2.114.0 - @standardnotes/event-store@1.11.15 - @standardnotes/files-server@1.19.18 - @standardnotes/home-server@1.13.28 - @standardnotes/revisions-server@1.26.2 - @standardnotes/scheduler-server@1.20.17 - @standardnotes/syncing-server@1.75.3 - @standardnotes/websockets-server@1.10.12	2023-08-03 10:34:26 +00:00
Karol Sójko	8e35dfa4b7	feat(auth): add handling payments account deleted events STA-1769 (#682 ) * feat(auth): add handling payments account deleted events * fix(auth): result type for accounts already deleted --------- Co-authored-by: Karol Sójko <karolsojko@proton.me>	2023-08-03 12:01:42 +02:00
standardci	f911473be9	chore(release): publish new version - @standardnotes/analytics@2.25.7 - @standardnotes/api-gateway@1.69.2 - @standardnotes/auth-server@1.128.1 - @standardnotes/domain-core@1.24.2 - @standardnotes/event-store@1.11.14 - @standardnotes/files-server@1.19.17 - @standardnotes/home-server@1.13.27 - @standardnotes/revisions-server@1.26.1 - @standardnotes/scheduler-server@1.20.16 - @standardnotes/settings@1.21.21 - @standardnotes/syncing-server@1.75.2 - @standardnotes/websockets-server@1.10.11	2023-08-02 15:51:56 +00:00
Karol Sójko	71624f1897	fix(domain-core): remove unused content types	2023-08-02 17:34:40 +02:00
standardci	17de6ea7e1	chore(release): publish new version - @standardnotes/home-server@1.13.26 - @standardnotes/syncing-server@1.75.1	2023-08-02 11:41:20 +00:00
Karol Sójko	6aad7cd207	fix(syncing-server): update unknown content type on items migration	2023-08-02 13:24:14 +02:00
standardci	63af335877	chore(release): publish new version - @standardnotes/auth-server@1.128.0 - @standardnotes/home-server@1.13.25 - @standardnotes/revisions-server@1.26.0 - @standardnotes/syncing-server@1.75.0	2023-08-02 08:09:24 +00:00
Karol Sójko	8cd7a138ab	feat: enable Write Ahead Log mode for SQLite (#681 ) Co-authored-by: Karol Sójko <karolsojko@proton.me>	2023-08-02 09:47:37 +02:00
standardci	f69cdc7b03	chore(release): publish new version - @standardnotes/home-server@1.13.24 - @standardnotes/syncing-server@1.74.1 - @standardnotes/websockets-server@1.10.10	2023-08-02 07:35:12 +00:00
Karol Sójko	2ca649cf31	fix(syncing-server): encapsulate delete queries into transactions	2023-08-02 08:35:19 +02:00
Mo	f2ada08201	chore: remove unused package (#680 )	2023-08-02 07:46:10 +02:00
Mo	54ba1f69e5	chore: bump mocha timeout	2023-08-01 16:46:19 -05:00
standardci	f13a99f5fd	chore(release): publish new version - @standardnotes/home-server@1.13.23 - @standardnotes/syncing-server@1.74.0	2023-08-01 16:32:29 +00:00
Karol Sójko	e9bba6fd3a	feat(syncing-server): remove legacy privileges items (#679 ) Co-authored-by: Karol Sójko <karolsojko@proton.me>	2023-08-01 18:15:16 +02:00