fix: merge conflicts

packages/api/v1/implementation.ts

@@ -330,6 +330,7 @@ export const ApiContractV1Implementation = tsr.router(ApiContractV1, {
         userId: user.id,
         teamId: team?.id,
         formValues: body.formValues,
+        folderId: body.folderId,
         documentDataId: documentData.id,
         requestMetadata: metadata,
       });
@@ -736,6 +737,7 @@ export const ApiContractV1Implementation = tsr.router(ApiContractV1, {
           teamId: team?.id,
           recipients: body.recipients,
           prefillFields: body.prefillFields,
+          folderId: body.folderId,
           override: {
             title: body.title,
             ...body.meta,

packages/api/v1/schema.ts

@@ -136,6 +136,12 @@ export type TUploadDocumentSuccessfulSchema = z.infer<typeof ZUploadDocumentSucc
 export const ZCreateDocumentMutationSchema = z.object({
   title: z.string().min(1),
   externalId: z.string().nullish(),
+  folderId: z
+    .string()
+    .describe(
+      'The ID of the folder to create the document in. If not provided, the document will be created in the root folder.',
+    )
+    .optional(),
   recipients: z.array(
     z.object({
       name: z.string().min(1),
@@ -287,6 +293,12 @@ export type TCreateDocumentFromTemplateMutationResponseSchema = z.infer<
 export const ZGenerateDocumentFromTemplateMutationSchema = z.object({
   title: z.string().optional(),
   externalId: z.string().optional(),
+  folderId: z
+    .string()
+    .describe(
+      'The ID of the folder to create the document in. If not provided, the document will be created in the root folder.',
+    )
+    .optional(),
   recipients: z
     .array(
       z.object({

packages/auth/server/lib/utils/handle-oauth-callback-url.ts

@@ -92,7 +92,11 @@ export const handleOAuthCallbackUrl = async (options: HandleOAuthCallbackUrlOpti
       providerAccountId: sub,
     },
     include: {
-      user: true,
+      user: {
+        select: {
+          id: true,
+        },
+      },
     },
   });
 
@@ -107,6 +111,10 @@ export const handleOAuthCallbackUrl = async (options: HandleOAuthCallbackUrlOpti
     where: {
       email: email,
     },
+    select: {
+      id: true,
+      emailVerified: true,
+    },
   });
 
   // Handle existing user but no account.

packages/lib/jobs/definitions/emails/send-document-cancelled-emails.handler.ts

@@ -29,7 +29,13 @@ export const run = async ({
       id: documentId,
     },
     include: {
-      user: true,
+      user: {
+        select: {
+          id: true,
+          email: true,
+          name: true,
+        },
+      },
       documentMeta: true,
       recipients: true,
       team: {

packages/lib/jobs/definitions/emails/send-organisation-member-joined-email.handler.ts

@@ -39,7 +39,13 @@ export const run = async ({
           },
         },
         include: {
-          user: true,
+          user: {
+            select: {
+              id: true,
+              email: true,
+              name: true,
+            },
+          },
         },
       },
     },
@@ -51,7 +57,13 @@ export const run = async ({
       organisationId: payload.organisationId,
     },
     include: {
-      user: true,
+      user: {
+        select: {
+          id: true,
+          email: true,
+          name: true,
+        },
+      },
     },
   });
 

packages/lib/jobs/definitions/emails/send-organisation-member-left-email.handler.ts

@@ -39,7 +39,13 @@ export const run = async ({
           },
         },
         include: {
-          user: true,
+          user: {
+            select: {
+              id: true,
+              email: true,
+              name: true,
+            },
+          },
         },
       },
     },
@@ -49,6 +55,11 @@ export const run = async ({
     where: {
       id: payload.memberUserId,
     },
+    select: {
+      id: true,
+      email: true,
+      name: true,
+    },
   });
 
   const { branding, emailLanguage, senderEmail } = await getEmailContext({

packages/lib/jobs/definitions/emails/send-recipient-signed-email.handler.ts

@@ -38,7 +38,13 @@ export const run = async ({
           id: recipientId,
         },
       },
-      user: true,
+      user: {
+        select: {
+          id: true,
+          email: true,
+          name: true,
+        },
+      },
       documentMeta: true,
     },
   });

packages/lib/jobs/definitions/emails/send-rejection-emails.handler.ts

@@ -33,7 +33,13 @@ export const run = async ({
         id: documentId,
       },
       include: {
-        user: true,
+        user: {
+          select: {
+            id: true,
+            email: true,
+            name: true,
+          },
+        },
         documentMeta: true,
         team: {
           select: {

packages/lib/jobs/definitions/emails/send-signing-email.handler.ts

@@ -42,6 +42,11 @@ export const run = async ({
       where: {
         id: userId,
       },
+      select: {
+        id: true,
+        email: true,
+        name: true,
+      },
     }),
     prisma.document.findFirstOrThrow({
       where: {

packages/lib/package.json

@@ -33,6 +33,7 @@
     "@pdf-lib/fontkit": "^1.1.1",
     "@scure/base": "^1.1.3",
     "@sindresorhus/slugify": "^2.2.1",
+    "@team-plain/typescript-sdk": "^5.9.0",
     "@vvo/tzdb": "^6.117.0",
     "csv-parse": "^5.6.0",
     "inngest": "^3.19.13",

packages/lib/plain/client.ts

@@ -0,0 +1,7 @@
+import { PlainClient } from '@team-plain/typescript-sdk';
+
+import { env } from '@documenso/lib/utils/env';
+
+export const plainClient = new PlainClient({
+  apiKey: env('NEXT_PRIVATE_PLAIN_API_KEY') ?? '',
+});

packages/lib/server-only/admin/update-user.ts

@@ -10,13 +10,7 @@ export type UpdateUserOptions = {
 };
 
 export const updateUser = async ({ id, name, email, roles }: UpdateUserOptions) => {
-  await prisma.user.findFirstOrThrow({
-    where: {
-      id,
-    },
-  });
-
-  return await prisma.user.update({
+  await prisma.user.update({
     where: {
       id,
     },

packages/lib/server-only/document/create-document-v2.ts

@@ -1,6 +1,7 @@
 import type { DocumentVisibility, TemplateMeta } from '@prisma/client';
 import {
   DocumentSource,
+  FolderType,
   RecipientRole,
   SendStatus,
   SigningStatus,
@@ -14,7 +15,7 @@ import type { ApiRequestMetadata } from '@documenso/lib/universal/extract-reques
 import { nanoid, prefixedId } from '@documenso/lib/universal/id';
 import { createDocumentAuditLogData } from '@documenso/lib/utils/document-audit-logs';
 import { prisma } from '@documenso/prisma';
-import type { TCreateDocumentV2Request } from '@documenso/trpc/server/document-router/schema';
+import type { TCreateDocumentTemporaryRequest } from '@documenso/trpc/server/document-router/create-document-temporary.types';
 
 import type { TDocumentAccessAuthTypes, TDocumentActionAuthTypes } from '../../types/document-auth';
 import type { TDocumentFormValues } from '../../types/document-form-values';
@@ -45,7 +46,8 @@ export type CreateDocumentOptions = {
     globalAccessAuth?: TDocumentAccessAuthTypes[];
     globalActionAuth?: TDocumentActionAuthTypes[];
     formValues?: TDocumentFormValues;
-    recipients: TCreateDocumentV2Request['recipients'];
+    recipients: TCreateDocumentTemporaryRequest['recipients'];
+    folderId?: string;
     expiryAmount?: number;
     expiryUnit?: string;
   };
@@ -62,7 +64,7 @@ export const createDocumentV2 = async ({
   meta,
   requestMetadata,
 }: CreateDocumentOptions) => {
-  const { title, formValues } = data;
+  const { title, formValues, folderId } = data;
 
   const team = await prisma.team.findFirst({
     where: buildTeamWhereQuery({ teamId, userId }),
@@ -81,6 +83,22 @@ export const createDocumentV2 = async ({
     });
   }
 
+  if (folderId) {
+    const folder = await prisma.folder.findUnique({
+      where: {
+        id: folderId,
+        type: FolderType.DOCUMENT,
+        team: buildTeamWhereQuery({ teamId, userId }),
+      },
+    });
+
+    if (!folder) {
+      throw new AppError(AppErrorCode.NOT_FOUND, {
+        message: 'Folder not found',
+      });
+    }
+  }
+
   const settings = await getTeamSettings({
     userId,
     teamId,
@@ -167,6 +185,7 @@ export const createDocumentV2 = async ({
         teamId,
         authOptions,
         visibility,
+        folderId,
         formValues,
         source: DocumentSource.DOCUMENT,
         documentMeta: {

packages/lib/server-only/document/find-documents.ts

@@ -49,6 +49,11 @@ export const findDocuments = async ({
     where: {
       id: userId,
     },
+    select: {
+      id: true,
+      email: true,
+      name: true,
+    },
   });
 
   let team = null;
@@ -267,7 +272,7 @@ export const findDocuments = async ({
 
 const findDocumentsFilter = (
   status: ExtendedDocumentStatus,
-  user: User,
+  user: Pick<User, 'id' | 'email' | 'name'>,
   folderId?: string | null,
 ) => {
   return match<ExtendedDocumentStatus, Prisma.DocumentWhereInput>(status)

packages/lib/server-only/document/get-document-by-token.ts

@@ -73,7 +73,13 @@ export const getDocumentAndSenderByToken = async ({
       },
     },
     include: {
-      user: true,
+      user: {
+        select: {
+          id: true,
+          email: true,
+          name: true,
+        },
+      },
       documentData: true,
       documentMeta: true,
       recipients: {
@@ -90,9 +96,6 @@ export const getDocumentAndSenderByToken = async ({
     },
   });
 
-  // eslint-disable-next-line no-unused-vars, @typescript-eslint/no-unused-vars
-  const { password: _password, ...user } = result.user;
-
   const recipient = result.recipients[0];
 
   // Sanity check, should not be possible.
@@ -120,7 +123,11 @@ export const getDocumentAndSenderByToken = async ({
 
   return {
     ...result,
-    user,
+    user: {
+      id: result.user.id,
+      email: result.user.email,
+      name: result.user.name,
+    },
   };
 };
 

packages/lib/server-only/document/get-document-with-details-by-id.ts

@@ -7,14 +7,12 @@ export type GetDocumentWithDetailsByIdOptions = {
   documentId: number;
   userId: number;
   teamId: number;
-  folderId?: string;
 };
 
 export const getDocumentWithDetailsById = async ({
   documentId,
   userId,
   teamId,
-  folderId,
 }: GetDocumentWithDetailsByIdOptions) => {
   const { documentWhereInput } = await getDocumentWhereInput({
     documentId,
@@ -25,7 +23,6 @@ export const getDocumentWithDetailsById = async ({
   const document = await prisma.document.findFirst({
     where: {
       ...documentWhereInput,
-      folderId,
     },
     include: {
       documentData: true,

packages/lib/server-only/document/reject-document-with-token.ts

@@ -28,13 +28,7 @@ export async function rejectDocumentWithToken({
       documentId,
     },
     include: {
-      document: {
-        include: {
-          user: true,
-          recipients: true,
-          documentMeta: true,
-        },
-      },
+      document: true,
     },
   });
 

packages/lib/server-only/document/send-completed-email.ts

@@ -33,7 +33,13 @@ export const sendCompletedEmail = async ({ documentId, requestMetadata }: SendDo
       documentData: true,
       documentMeta: true,
       recipients: true,
-      user: true,
+      user: {
+        select: {
+          id: true,
+          email: true,
+          name: true,
+        },
+      },
       team: {
         select: {
           id: true,

packages/lib/server-only/document/send-delete-email.ts

@@ -24,7 +24,13 @@ export const sendDeleteEmail = async ({ documentId, reason }: SendDeleteEmailOpt
       id: documentId,
     },
     include: {
-      user: true,
+      user: {
+        select: {
+          id: true,
+          email: true,
+          name: true,
+        },
+      },
       documentMeta: true,
     },
   });

packages/lib/server-only/document/super-delete-document.ts

@@ -30,7 +30,13 @@ export const superDeleteDocument = async ({ id, requestMetadata }: SuperDeleteDo
     include: {
       recipients: true,
       documentMeta: true,
-      user: true,
+      user: {
+        select: {
+          id: true,
+          email: true,
+          name: true,
+        },
+      },
     },
   });
 

packages/lib/server-only/email/get-email-context.ts

@@ -1,3 +1,5 @@
+import { P, match } from 'ts-pattern';
+
 import type { BrandingSettings } from '@documenso/email/providers/branding';
 import { prisma } from '@documenso/prisma';
 import type {
@@ -104,7 +106,12 @@ export const getEmailContext = async (
   }
 
   const replyToEmail = meta?.emailReplyTo || emailContext.settings.emailReplyTo || undefined;
-  const senderEmailId = meta?.emailId === null ? null : emailContext.settings.emailId;
+
+  const senderEmailId = match(meta?.emailId)
+    .with(P.string, (emailId) => emailId) // Explicit string means to use the provided email ID.
+    .with(undefined, () => emailContext.settings.emailId) // Undefined means to use the inherited email ID.
+    .with(null, () => null) // Explicit null means to use the Documenso email.
+    .exhaustive();
 
   const foundSenderEmail = emailContext.allowedEmails.find((email) => email.id === senderEmailId);
 

packages/lib/server-only/pdf/add-rejection-stamp-to-pdf.ts

@@ -3,6 +3,7 @@ import type { PDFDocument } from 'pdf-lib';
 import { TextAlignment, rgb, setFontAndSize } from 'pdf-lib';
 
 import { NEXT_PUBLIC_WEBAPP_URL } from '../../constants/app';
+import { getPageSize } from './get-page-size';
 
 /**
  * Adds a rejection stamp to each page of a PDF document.
@@ -27,7 +28,7 @@ export async function addRejectionStampToPdf(
 
   for (let i = 0; i < pages.length; i++) {
     const page = pages[i];
-    const { width, height } = page.getSize();
+    const { width, height } = getPageSize(page);
 
     // Draw the "REJECTED" text
     const rejectedTitleText = 'DOCUMENT REJECTED';

packages/lib/server-only/pdf/get-page-size.ts

@@ -0,0 +1,18 @@
+import type { PDFPage } from 'pdf-lib';
+
+/**
+ * Gets the effective page size for PDF operations.
+ *
+ * Uses CropBox by default to handle rare cases where MediaBox is larger than CropBox.
+ * Falls back to MediaBox when it's smaller than CropBox, following typical PDF reader behavior.
+ */
+export const getPageSize = (page: PDFPage) => {
+  const cropBox = page.getCropBox();
+  const mediaBox = page.getMediaBox();
+
+  if (mediaBox.width < cropBox.width || mediaBox.height < cropBox.height) {
+    return mediaBox;
+  }
+
+  return cropBox;
+};

packages/lib/server-only/pdf/insert-field-in-pdf.ts

@@ -33,6 +33,7 @@ import {
   ZRadioFieldMeta,
   ZTextFieldMeta,
 } from '../../types/field-meta';
+import { getPageSize } from './get-page-size';
 
 export const insertFieldInPDF = async (pdf: PDFDocument, field: FieldWithSignature) => {
   const [fontCaveat, fontNoto] = await Promise.all([
@@ -77,7 +78,7 @@ export const insertFieldInPDF = async (pdf: PDFDocument, field: FieldWithSignatu
 
   const isPageRotatedToLandscape = pageRotationInDegrees === 90 || pageRotationInDegrees === 270;
 
-  let { width: pageWidth, height: pageHeight } = page.getSize();
+  let { width: pageWidth, height: pageHeight } = getPageSize(page);
 
   // PDFs can have pages that are rotated, which are correctly rendered in the frontend.
   // However when we load the PDF in the backend, the rotation is applied.

packages/lib/server-only/pdf/legacy-insert-field-in-pdf.ts

@@ -26,6 +26,7 @@ import {
   ZRadioFieldMeta,
   ZTextFieldMeta,
 } from '../../types/field-meta';
+import { getPageSize } from './get-page-size';
 
 export const legacy_insertFieldInPDF = async (pdf: PDFDocument, field: FieldWithSignature) => {
   const [fontCaveat, fontNoto] = await Promise.all([
@@ -63,7 +64,7 @@ export const legacy_insertFieldInPDF = async (pdf: PDFDocument, field: FieldWith
 
   const isPageRotatedToLandscape = pageRotationInDegrees === 90 || pageRotationInDegrees === 270;
 
-  let { width: pageWidth, height: pageHeight } = page.getSize();
+  let { width: pageWidth, height: pageHeight } = getPageSize(page);
 
   // PDFs can have pages that are rotated, which are correctly rendered in the frontend.
   // However when we load the PDF in the backend, the rotation is applied.

packages/lib/server-only/public-api/delete-api-token-by-id.ts

@@ -25,7 +25,7 @@ export const deleteTokenById = async ({ id, userId, teamId }: DeleteTokenByIdOpt
     });
   }
 
-  return await prisma.apiToken.delete({
+  await prisma.apiToken.delete({
     where: {
       id,
       teamId,

packages/lib/server-only/template/create-document-from-direct-template.ts

@@ -105,7 +105,13 @@ export const createDocumentFromDirectTemplate = async ({
       directLink: true,
       templateDocumentData: true,
       templateMeta: true,
-      user: true,
+      user: {
+        select: {
+          id: true,
+          email: true,
+          name: true,
+        },
+      },
     },
   });
 

packages/lib/server-only/template/create-document-from-template.ts

@@ -2,6 +2,7 @@ import type { DocumentDistributionMethod, DocumentSigningOrder } from '@prisma/c
 import {
   DocumentSource,
   type Field,
+  FolderType,
   type Recipient,
   RecipientRole,
   SendStatus,
@@ -70,6 +71,7 @@ export type CreateDocumentFromTemplateOptions = {
     email: string;
     signingOrder?: number | null;
   }[];
+  folderId?: string;
   prefillFields?: TFieldMetaPrefillFieldsSchema[];
   customDocumentDataId?: string;
 
@@ -277,6 +279,7 @@ export const createDocumentFromTemplate = async ({
   customDocumentDataId,
   override,
   requestMetadata,
+  folderId,
   prefillFields,
 }: CreateDocumentFromTemplateOptions) => {
   const template = await prisma.template.findUnique({
@@ -301,6 +304,22 @@ export const createDocumentFromTemplate = async ({
     });
   }
 
+  if (folderId) {
+    const folder = await prisma.folder.findUnique({
+      where: {
+        id: folderId,
+        type: FolderType.DOCUMENT,
+        team: buildTeamWhereQuery({ teamId, userId }),
+      },
+    });
+
+    if (!folder) {
+      throw new AppError(AppErrorCode.NOT_FOUND, {
+        message: 'Folder not found',
+      });
+    }
+  }
+
   const settings = await getTeamSettings({
     userId,
     teamId,
@@ -371,6 +390,7 @@ export const createDocumentFromTemplate = async ({
         externalId: externalId || template.externalId,
         templateId: template.id,
         userId,
+        folderId,
         teamId: template.teamId,
         title: override?.title || template.title,
         documentDataId: documentData.id,

packages/lib/server-only/user/get-user-by-id.ts

@@ -1,13 +1,31 @@
 import { prisma } from '@documenso/prisma';
 
+import { AppError, AppErrorCode } from '../../errors/app-error';
+
 export interface GetUserByIdOptions {
   id: number;
 }
 
 export const getUserById = async ({ id }: GetUserByIdOptions) => {
-  return await prisma.user.findFirstOrThrow({
+  const user = await prisma.user.findFirst({
     where: {
       id,
     },
+    select: {
+      id: true,
+      name: true,
+      email: true,
+      emailVerified: true,
+      roles: true,
+      disabled: true,
+      twoFactorEnabled: true,
+      signature: true,
+    },
   });
+
+  if (!user) {
+    throw new AppError(AppErrorCode.NOT_FOUND);
+  }
+
+  return user;
 };

packages/lib/server-only/user/reset-password.ts

@@ -24,7 +24,14 @@ export const resetPassword = async ({ token, password, requestMetadata }: ResetP
       token,
     },
     include: {
-      user: true,
+      user: {
+        select: {
+          id: true,
+          email: true,
+          name: true,
+          password: true,
+        },
+      },
     },
   });
 

packages/lib/server-only/user/submit-support-ticket.ts

@@ -0,0 +1,72 @@
+import { plainClient } from '@documenso/lib/plain/client';
+import { prisma } from '@documenso/prisma';
+
+import { AppError, AppErrorCode } from '../../errors/app-error';
+import { buildOrganisationWhereQuery } from '../../utils/organisations';
+import { getTeamById } from '../team/get-team';
+
+type SubmitSupportTicketOptions = {
+  subject: string;
+  message: string;
+  userId: number;
+  organisationId: string;
+  teamId?: number | null;
+};
+
+export const submitSupportTicket = async ({
+  subject,
+  message,
+  userId,
+  organisationId,
+  teamId,
+}: SubmitSupportTicketOptions) => {
+  const user = await prisma.user.findFirst({
+    where: {
+      id: userId,
+    },
+  });
+
+  if (!user) {
+    throw new AppError(AppErrorCode.NOT_FOUND, {
+      message: 'User not found',
+    });
+  }
+
+  const organisation = await prisma.organisation.findFirst({
+    where: buildOrganisationWhereQuery({
+      organisationId,
+      userId,
+    }),
+  });
+
+  if (!organisation) {
+    throw new AppError(AppErrorCode.NOT_FOUND, {
+      message: 'Organisation not found',
+    });
+  }
+
+  const team = teamId
+    ? await getTeamById({
+        userId,
+        teamId,
+      })
+    : null;
+
+  const customMessage = `
+Organisation: ${organisation.name} (${organisation.id})
+Team: ${team ? `${team.name} (${team.id})` : 'No team provided'}
+
+${message}`;
+
+  const res = await plainClient.createThread({
+    title: subject,
+    customerIdentifier: { emailAddress: user.email },
+    components: [{ componentText: { text: customMessage } }],
+  });
+
+  if (res.error) {
+    throw new Error(res.error.message);
+  }
+
+  return res;
+};

packages/lib/server-only/user/update-profile.ts

@@ -24,7 +24,7 @@ export const updateProfile = async ({
     },
   });
 
-  return await prisma.$transaction(async (tx) => {
+  await prisma.$transaction(async (tx) => {
     await tx.userSecurityAuditLog.create({
       data: {
         userId,
@@ -34,7 +34,7 @@ export const updateProfile = async ({
       },
     });
 
-    return await tx.user.update({
+    await tx.user.update({
       where: {
         id: userId,
       },

packages/lib/server-only/user/verify-email.ts

@@ -12,7 +12,13 @@ export type VerifyEmailProps = {
 export const verifyEmail = async ({ token }: VerifyEmailProps) => {
   const verificationToken = await prisma.verificationToken.findFirst({
     include: {
-      user: true,
+      user: {
+        select: {
+          id: true,
+          email: true,
+          name: true,
+        },
+      },
     },
     where: {
       token,

packages/lib/utils/mask-recipient-tokens-for-document.ts

@@ -4,7 +4,7 @@ import type { DocumentWithRecipients } from '@documenso/prisma/types/document-wi
 
 export type MaskRecipientTokensForDocumentOptions<T extends DocumentWithRecipients> = {
   document: T;
-  user?: User;
+  user?: Pick<User, 'id' | 'email' | 'name'>;
   token?: string;
 };
 

packages/trpc/server/admin-router/delete-document.ts

@@ -0,0 +1,28 @@
+import { sendDeleteEmail } from '@documenso/lib/server-only/document/send-delete-email';
+import { superDeleteDocument } from '@documenso/lib/server-only/document/super-delete-document';
+
+import { adminProcedure } from '../trpc';
+import {
+  ZDeleteDocumentRequestSchema,
+  ZDeleteDocumentResponseSchema,
+} from './delete-document.types';
+
+export const deleteDocumentRoute = adminProcedure
+  .input(ZDeleteDocumentRequestSchema)
+  .output(ZDeleteDocumentResponseSchema)
+  .mutation(async ({ ctx, input }) => {
+    const { id, reason } = input;
+
+    ctx.logger.info({
+      input: {
+        id,
+      },
+    });
+
+    await sendDeleteEmail({ documentId: id, reason });
+
+    await superDeleteDocument({
+      id,
+      requestMetadata: ctx.metadata.requestMetadata,
+    });
+  });

packages/trpc/server/admin-router/delete-document.types.ts

@@ -0,0 +1,11 @@
+import { z } from 'zod';
+
+export const ZDeleteDocumentRequestSchema = z.object({
+  id: z.number().min(1),
+  reason: z.string(),
+});
+
+export const ZDeleteDocumentResponseSchema = z.void();
+
+export type TDeleteDocumentRequest = z.infer<typeof ZDeleteDocumentRequestSchema>;
+export type TDeleteDocumentResponse = z.infer<typeof ZDeleteDocumentResponseSchema>;

packages/trpc/server/admin-router/delete-user.ts

@@ -0,0 +1,19 @@
+import { deleteUser } from '@documenso/lib/server-only/user/delete-user';
+
+import { adminProcedure } from '../trpc';
+import { ZDeleteUserRequestSchema, ZDeleteUserResponseSchema } from './delete-user.types';
+
+export const deleteUserRoute = adminProcedure
+  .input(ZDeleteUserRequestSchema)
+  .output(ZDeleteUserResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { id } = input;
+
+    ctx.logger.info({
+      input: {
+        id,
+      },
+    });
+
+    await deleteUser({ id });
+  });

packages/trpc/server/admin-router/delete-user.types.ts

@@ -0,0 +1,10 @@
+import { z } from 'zod';
+
+export const ZDeleteUserRequestSchema = z.object({
+  id: z.number().min(1),
+});
+
+export const ZDeleteUserResponseSchema = z.void();
+
+export type TDeleteUserRequest = z.infer<typeof ZDeleteUserRequestSchema>;
+export type TDeleteUserResponse = z.infer<typeof ZDeleteUserResponseSchema>;

packages/trpc/server/admin-router/disable-user.ts

@@ -0,0 +1,29 @@
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
+import { disableUser } from '@documenso/lib/server-only/user/disable-user';
+import { getUserById } from '@documenso/lib/server-only/user/get-user-by-id';
+
+import { adminProcedure } from '../trpc';
+import { ZDisableUserRequestSchema, ZDisableUserResponseSchema } from './disable-user.types';
+
+export const disableUserRoute = adminProcedure
+  .input(ZDisableUserRequestSchema)
+  .output(ZDisableUserResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { id } = input;
+
+    ctx.logger.info({
+      input: {
+        id,
+      },
+    });
+
+    const user = await getUserById({ id }).catch(() => null);
+
+    if (!user) {
+      throw new AppError(AppErrorCode.NOT_FOUND, {
+        message: 'User not found',
+      });
+    }
+
+    await disableUser({ id });
+  });

packages/trpc/server/admin-router/disable-user.types.ts

@@ -0,0 +1,10 @@
+import { z } from 'zod';
+
+export const ZDisableUserRequestSchema = z.object({
+  id: z.number().min(1),
+});
+
+export const ZDisableUserResponseSchema = z.void();
+
+export type TDisableUserRequest = z.infer<typeof ZDisableUserRequestSchema>;
+export type TDisableUserResponse = z.infer<typeof ZDisableUserResponseSchema>;

packages/trpc/server/admin-router/enable-user.ts

@@ -0,0 +1,29 @@
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
+import { enableUser } from '@documenso/lib/server-only/user/enable-user';
+import { getUserById } from '@documenso/lib/server-only/user/get-user-by-id';
+
+import { adminProcedure } from '../trpc';
+import { ZEnableUserRequestSchema, ZEnableUserResponseSchema } from './enable-user.types';
+
+export const enableUserRoute = adminProcedure
+  .input(ZEnableUserRequestSchema)
+  .output(ZEnableUserResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { id } = input;
+
+    ctx.logger.info({
+      input: {
+        id,
+      },
+    });
+
+    const user = await getUserById({ id }).catch(() => null);
+
+    if (!user) {
+      throw new AppError(AppErrorCode.NOT_FOUND, {
+        message: 'User not found',
+      });
+    }
+
+    await enableUser({ id });
+  });

packages/trpc/server/admin-router/enable-user.types.ts

@@ -0,0 +1,10 @@
+import { z } from 'zod';
+
+export const ZEnableUserRequestSchema = z.object({
+  id: z.number().min(1),
+});
+
+export const ZEnableUserResponseSchema = z.void();
+
+export type TEnableUserRequest = z.infer<typeof ZEnableUserRequestSchema>;
+export type TEnableUserResponse = z.infer<typeof ZEnableUserResponseSchema>;

packages/trpc/server/admin-router/find-documents.ts

@@ -0,0 +1,13 @@
+import { findDocuments } from '@documenso/lib/server-only/admin/get-all-documents';
+
+import { adminProcedure } from '../trpc';
+import { ZFindDocumentsRequestSchema, ZFindDocumentsResponseSchema } from './find-documents.types';
+
+export const findDocumentsRoute = adminProcedure
+  .input(ZFindDocumentsRequestSchema)
+  .output(ZFindDocumentsResponseSchema)
+  .query(async ({ input }) => {
+    const { query, page, perPage } = input;
+
+    return await findDocuments({ query, page, perPage });
+  });

packages/trpc/server/admin-router/find-documents.types.ts

@@ -0,0 +1,17 @@
+import { z } from 'zod';
+
+import { ZDocumentManySchema } from '@documenso/lib/types/document';
+import { ZFindResultResponse, ZFindSearchParamsSchema } from '@documenso/lib/types/search-params';
+
+export const ZFindDocumentsRequestSchema = ZFindSearchParamsSchema.extend({
+  perPage: z.number().optional().default(20),
+});
+
+export const ZFindDocumentsResponseSchema = ZFindResultResponse.extend({
+  data: ZDocumentManySchema.omit({
+    team: true,
+  }).array(),
+});
+
+export type TFindDocumentsRequest = z.infer<typeof ZFindDocumentsRequestSchema>;
+export type TFindDocumentsResponse = z.infer<typeof ZFindDocumentsResponseSchema>;

packages/trpc/server/admin-router/get-user.ts

@@ -0,0 +1,19 @@
+import { getUserById } from '@documenso/lib/server-only/user/get-user-by-id';
+
+import { adminProcedure } from '../trpc';
+import { ZGetUserRequestSchema, ZGetUserResponseSchema } from './get-user.types';
+
+export const getUserRoute = adminProcedure
+  .input(ZGetUserRequestSchema)
+  .output(ZGetUserResponseSchema)
+  .query(async ({ input, ctx }) => {
+    const { id } = input;
+
+    ctx.logger.info({
+      input: {
+        id,
+      },
+    });
+
+    return await getUserById({ id });
+  });

packages/trpc/server/admin-router/get-user.types.ts

@@ -0,0 +1,21 @@
+import { z } from 'zod';
+
+import UserSchema from '@documenso/prisma/generated/zod/modelSchema/UserSchema';
+
+export const ZGetUserRequestSchema = z.object({
+  id: z.number().min(1),
+});
+
+export const ZGetUserResponseSchema = UserSchema.pick({
+  id: true,
+  name: true,
+  email: true,
+  emailVerified: true,
+  roles: true,
+  disabled: true,
+  twoFactorEnabled: true,
+  signature: true,
+});
+
+export type TGetUserRequest = z.infer<typeof ZGetUserRequestSchema>;
+export type TGetUserResponse = z.infer<typeof ZGetUserResponseSchema>;

packages/trpc/server/admin-router/reseal-document.ts

@@ -0,0 +1,28 @@
+import { getEntireDocument } from '@documenso/lib/server-only/admin/get-entire-document';
+import { sealDocument } from '@documenso/lib/server-only/document/seal-document';
+import { isDocumentCompleted } from '@documenso/lib/utils/document';
+
+import { adminProcedure } from '../trpc';
+import {
+  ZResealDocumentRequestSchema,
+  ZResealDocumentResponseSchema,
+} from './reseal-document.types';
+
+export const resealDocumentRoute = adminProcedure
+  .input(ZResealDocumentRequestSchema)
+  .output(ZResealDocumentResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { id } = input;
+
+    ctx.logger.info({
+      input: {
+        id,
+      },
+    });
+
+    const document = await getEntireDocument({ id });
+
+    const isResealing = isDocumentCompleted(document.status);
+
+    await sealDocument({ documentId: id, isResealing });
+  });

packages/trpc/server/admin-router/reseal-document.types.ts

@@ -0,0 +1,10 @@
+import { z } from 'zod';
+
+export const ZResealDocumentRequestSchema = z.object({
+  id: z.number().min(1),
+});
+
+export const ZResealDocumentResponseSchema = z.void();
+
+export type TResealDocumentRequest = z.infer<typeof ZResealDocumentRequestSchema>;
+export type TResealDocumentResponse = z.infer<typeof ZResealDocumentResponseSchema>;

packages/trpc/server/admin-router/reset-two-factor-authentication.ts

@@ -0,0 +1,50 @@
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
+import { prisma } from '@documenso/prisma';
+
+import { adminProcedure } from '../trpc';
+import {
+  ZResetTwoFactorRequestSchema,
+  ZResetTwoFactorResponseSchema,
+} from './reset-two-factor-authentication.types';
+
+export const resetTwoFactorRoute = adminProcedure
+  .input(ZResetTwoFactorRequestSchema)
+  .output(ZResetTwoFactorResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { userId } = input;
+
+    ctx.logger.info({
+      input: {
+        userId,
+      },
+    });
+
+    return await resetTwoFactor({ userId });
+  });
+
+export type ResetTwoFactorOptions = {
+  userId: number;
+};
+
+export const resetTwoFactor = async ({ userId }: ResetTwoFactorOptions) => {
+  const user = await prisma.user.findFirst({
+    where: {
+      id: userId,
+    },
+  });
+
+  if (!user) {
+    throw new AppError(AppErrorCode.NOT_FOUND, { message: 'User not found' });
+  }
+
+  await prisma.user.update({
+    where: {
+      id: user.id,
+    },
+    data: {
+      twoFactorEnabled: false,
+      twoFactorBackupCodes: null,
+      twoFactorSecret: null,
+    },
+  });
+};

packages/trpc/server/admin-router/reset-two-factor-authentication.types.ts

@@ -0,0 +1,10 @@
+import { z } from 'zod';
+
+export const ZResetTwoFactorRequestSchema = z.object({
+  userId: z.number(),
+});
+
+export const ZResetTwoFactorResponseSchema = z.void();
+
+export type TResetTwoFactorRequest = z.infer<typeof ZResetTwoFactorRequestSchema>;
+export type TResetTwoFactorResponse = z.infer<typeof ZResetTwoFactorResponseSchema>;

packages/trpc/server/admin-router/router.ts

@@ -1,39 +1,24 @@
-import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
-import { findDocuments } from '@documenso/lib/server-only/admin/get-all-documents';
-import { getEntireDocument } from '@documenso/lib/server-only/admin/get-entire-document';
-import { updateRecipient } from '@documenso/lib/server-only/admin/update-recipient';
-import { updateUser } from '@documenso/lib/server-only/admin/update-user';
-import { sealDocument } from '@documenso/lib/server-only/document/seal-document';
-import { sendDeleteEmail } from '@documenso/lib/server-only/document/send-delete-email';
-import { superDeleteDocument } from '@documenso/lib/server-only/document/super-delete-document';
-import { upsertSiteSetting } from '@documenso/lib/server-only/site-settings/upsert-site-setting';
-import { deleteUser } from '@documenso/lib/server-only/user/delete-user';
-import { disableUser } from '@documenso/lib/server-only/user/disable-user';
-import { enableUser } from '@documenso/lib/server-only/user/enable-user';
-import { getUserById } from '@documenso/lib/server-only/user/get-user-by-id';
-import { isDocumentCompleted } from '@documenso/lib/utils/document';
-
-import { adminProcedure, router } from '../trpc';
+import { router } from '../trpc';
 import { createAdminOrganisationRoute } from './create-admin-organisation';
 import { createStripeCustomerRoute } from './create-stripe-customer';
 import { createSubscriptionClaimRoute } from './create-subscription-claim';
+import { deleteDocumentRoute } from './delete-document';
 import { deleteSubscriptionClaimRoute } from './delete-subscription-claim';
+import { deleteUserRoute } from './delete-user';
+import { disableUserRoute } from './disable-user';
+import { enableUserRoute } from './enable-user';
 import { findAdminOrganisationsRoute } from './find-admin-organisations';
+import { findDocumentsRoute } from './find-documents';
 import { findSubscriptionClaimsRoute } from './find-subscription-claims';
 import { getAdminOrganisationRoute } from './get-admin-organisation';
-import {
-  ZAdminDeleteDocumentMutationSchema,
-  ZAdminDeleteUserMutationSchema,
-  ZAdminDisableUserMutationSchema,
-  ZAdminEnableUserMutationSchema,
-  ZAdminFindDocumentsQuerySchema,
-  ZAdminResealDocumentMutationSchema,
-  ZAdminUpdateProfileMutationSchema,
-  ZAdminUpdateRecipientMutationSchema,
-  ZAdminUpdateSiteSettingMutationSchema,
-} from './schema';
+import { getUserRoute } from './get-user';
+import { resealDocumentRoute } from './reseal-document';
+import { resetTwoFactorRoute } from './reset-two-factor-authentication';
 import { updateAdminOrganisationRoute } from './update-admin-organisation';
+import { updateRecipientRoute } from './update-recipient';
+import { updateSiteSettingRoute } from './update-site-setting';
 import { updateSubscriptionClaimRoute } from './update-subscription-claim';
+import { updateUserRoute } from './update-user';
 
 export const adminRouter = router({
   organisation: {
@@ -51,154 +36,21 @@ export const adminRouter = router({
   stripe: {
     createCustomer: createStripeCustomerRoute,
   },
-
-  // Todo: migrate old routes
-  findDocuments: adminProcedure.input(ZAdminFindDocumentsQuerySchema).query(async ({ input }) => {
-    const { query, page, perPage } = input;
-
-    return await findDocuments({ query, page, perPage });
-  }),
-
-  updateUser: adminProcedure
-    .input(ZAdminUpdateProfileMutationSchema)
-    .mutation(async ({ input, ctx }) => {
-      const { id, name, email, roles } = input;
-
-      ctx.logger.info({
-        input: {
-          id,
-          roles,
-        },
-      });
-
-      return await updateUser({ id, name, email, roles });
-    }),
-
-  updateRecipient: adminProcedure
-    .input(ZAdminUpdateRecipientMutationSchema)
-    .mutation(async ({ input, ctx }) => {
-      const { id, name, email } = input;
-
-      ctx.logger.info({
-        input: {
-          id,
-        },
-      });
-
-      return await updateRecipient({ id, name, email });
-    }),
-
-  updateSiteSetting: adminProcedure
-    .input(ZAdminUpdateSiteSettingMutationSchema)
-    .mutation(async ({ ctx, input }) => {
-      const { id, enabled, data } = input;
-
-      ctx.logger.info({
-        input: {
-          id,
-        },
-      });
-
-      return await upsertSiteSetting({
-        id,
-        enabled,
-        data,
-        userId: ctx.user.id,
-      });
-    }),
-
-  resealDocument: adminProcedure
-    .input(ZAdminResealDocumentMutationSchema)
-    .mutation(async ({ input, ctx }) => {
-      const { id } = input;
-
-      ctx.logger.info({
-        input: {
-          id,
-        },
-      });
-
-      const document = await getEntireDocument({ id });
-
-      const isResealing = isDocumentCompleted(document.status);
-
-      return await sealDocument({ documentId: id, isResealing });
-    }),
-
-  enableUser: adminProcedure
-    .input(ZAdminEnableUserMutationSchema)
-    .mutation(async ({ input, ctx }) => {
-      const { id } = input;
-
-      ctx.logger.info({
-        input: {
-          id,
-        },
-      });
-
-      const user = await getUserById({ id }).catch(() => null);
-
-      if (!user) {
-        throw new AppError(AppErrorCode.NOT_FOUND, {
-          message: 'User not found',
-        });
-      }
-
-      return await enableUser({ id });
-    }),
-
-  disableUser: adminProcedure
-    .input(ZAdminDisableUserMutationSchema)
-    .mutation(async ({ input, ctx }) => {
-      const { id } = input;
-
-      ctx.logger.info({
-        input: {
-          id,
-        },
-      });
-
-      const user = await getUserById({ id }).catch(() => null);
-
-      if (!user) {
-        throw new AppError(AppErrorCode.NOT_FOUND, {
-          message: 'User not found',
-        });
-      }
-
-      return await disableUser({ id });
-    }),
-
-  deleteUser: adminProcedure
-    .input(ZAdminDeleteUserMutationSchema)
-    .mutation(async ({ input, ctx }) => {
-      const { id } = input;
-
-      ctx.logger.info({
-        input: {
-          id,
-        },
-      });
-
-      return await deleteUser({ id });
-    }),
-
-  deleteDocument: adminProcedure
-    .input(ZAdminDeleteDocumentMutationSchema)
-    .mutation(async ({ ctx, input }) => {
-      const { id, reason } = input;
-
-      ctx.logger.info({
-        input: {
-          id,
-        },
-      });
-
-      await sendDeleteEmail({ documentId: id, reason });
-
-      return await superDeleteDocument({
-        id,
-        requestMetadata: ctx.metadata.requestMetadata,
-      });
-    }),
+  user: {
+    get: getUserRoute,
+    update: updateUserRoute,
+    delete: deleteUserRoute,
+    enable: enableUserRoute,
+    disable: disableUserRoute,
+    resetTwoFactor: resetTwoFactorRoute,
+  },
+  document: {
+    find: findDocumentsRoute,
+    delete: deleteDocumentRoute,
+    reseal: resealDocumentRoute,
+  },
+  recipient: {
+    update: updateRecipientRoute,
+  },
+  updateSiteSetting: updateSiteSettingRoute,
 });

packages/trpc/server/admin-router/schema.ts

@@ -1,67 +0,0 @@
-import { Role } from '@prisma/client';
-import z from 'zod';
-
-import { ZSiteSettingSchema } from '@documenso/lib/server-only/site-settings/schema';
-import { ZFindSearchParamsSchema } from '@documenso/lib/types/search-params';
-
-export const ZAdminFindDocumentsQuerySchema = ZFindSearchParamsSchema.extend({
-  perPage: z.number().optional().default(20),
-});
-
-export type TAdminFindDocumentsQuerySchema = z.infer<typeof ZAdminFindDocumentsQuerySchema>;
-
-export const ZAdminUpdateProfileMutationSchema = z.object({
-  id: z.number().min(1),
-  name: z.string().nullish(),
-  email: z.string().email().optional(),
-  roles: z.array(z.nativeEnum(Role)).optional(),
-});
-
-export type TAdminUpdateProfileMutationSchema = z.infer<typeof ZAdminUpdateProfileMutationSchema>;
-
-export const ZAdminUpdateRecipientMutationSchema = z.object({
-  id: z.number().min(1),
-  name: z.string().optional(),
-  email: z.string().email().optional(),
-});
-
-export type TAdminUpdateRecipientMutationSchema = z.infer<
-  typeof ZAdminUpdateRecipientMutationSchema
->;
-
-export const ZAdminUpdateSiteSettingMutationSchema = ZSiteSettingSchema;
-
-export type TAdminUpdateSiteSettingMutationSchema = z.infer<
-  typeof ZAdminUpdateSiteSettingMutationSchema
->;
-
-export const ZAdminResealDocumentMutationSchema = z.object({
-  id: z.number().min(1),
-});
-
-export type TAdminResealDocumentMutationSchema = z.infer<typeof ZAdminResealDocumentMutationSchema>;
-
-export const ZAdminDeleteUserMutationSchema = z.object({
-  id: z.number().min(1),
-});
-
-export type TAdminDeleteUserMutationSchema = z.infer<typeof ZAdminDeleteUserMutationSchema>;
-
-export const ZAdminEnableUserMutationSchema = z.object({
-  id: z.number().min(1),
-});
-
-export type TAdminEnableUserMutationSchema = z.infer<typeof ZAdminEnableUserMutationSchema>;
-
-export const ZAdminDisableUserMutationSchema = z.object({
-  id: z.number().min(1),
-});
-
-export type TAdminDisableUserMutationSchema = z.infer<typeof ZAdminDisableUserMutationSchema>;
-
-export const ZAdminDeleteDocumentMutationSchema = z.object({
-  id: z.number().min(1),
-  reason: z.string(),
-});
-
-export type TAdminDeleteDocomentMutationSchema = z.infer<typeof ZAdminDeleteDocumentMutationSchema>;

packages/trpc/server/admin-router/update-recipient.ts

@@ -0,0 +1,22 @@
+import { updateRecipient } from '@documenso/lib/server-only/admin/update-recipient';
+
+import { adminProcedure } from '../trpc';
+import {
+  ZUpdateRecipientRequestSchema,
+  ZUpdateRecipientResponseSchema,
+} from './update-recipient.types';
+
+export const updateRecipientRoute = adminProcedure
+  .input(ZUpdateRecipientRequestSchema)
+  .output(ZUpdateRecipientResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { id, name, email } = input;
+
+    ctx.logger.info({
+      input: {
+        id,
+      },
+    });
+
+    await updateRecipient({ id, name, email });
+  });

packages/trpc/server/admin-router/update-recipient.types.ts

@@ -0,0 +1,12 @@
+import { z } from 'zod';
+
+export const ZUpdateRecipientRequestSchema = z.object({
+  id: z.number().min(1),
+  name: z.string().optional(),
+  email: z.string().email().optional(),
+});
+
+export const ZUpdateRecipientResponseSchema = z.void();
+
+export type TUpdateRecipientRequest = z.infer<typeof ZUpdateRecipientRequestSchema>;
+export type TUpdateRecipientResponse = z.infer<typeof ZUpdateRecipientResponseSchema>;

packages/trpc/server/admin-router/update-site-setting.ts

@@ -0,0 +1,27 @@
+import { upsertSiteSetting } from '@documenso/lib/server-only/site-settings/upsert-site-setting';
+
+import { adminProcedure } from '../trpc';
+import {
+  ZUpdateSiteSettingRequestSchema,
+  ZUpdateSiteSettingResponseSchema,
+} from './update-site-setting.types';
+
+export const updateSiteSettingRoute = adminProcedure
+  .input(ZUpdateSiteSettingRequestSchema)
+  .output(ZUpdateSiteSettingResponseSchema)
+  .mutation(async ({ ctx, input }) => {
+    const { id, enabled, data } = input;
+
+    ctx.logger.info({
+      input: {
+        id,
+      },
+    });
+
+    await upsertSiteSetting({
+      id,
+      enabled,
+      data,
+      userId: ctx.user.id,
+    });
+  });

packages/trpc/server/admin-router/update-site-setting.types.ts

@@ -0,0 +1,10 @@
+import { z } from 'zod';
+
+import { ZSiteSettingSchema } from '@documenso/lib/server-only/site-settings/schema';
+
+export const ZUpdateSiteSettingRequestSchema = ZSiteSettingSchema;
+
+export const ZUpdateSiteSettingResponseSchema = z.void();
+
+export type TUpdateSiteSettingRequest = z.infer<typeof ZUpdateSiteSettingRequestSchema>;
+export type TUpdateSiteSettingResponse = z.infer<typeof ZUpdateSiteSettingResponseSchema>;

packages/trpc/server/admin-router/update-user.ts

@@ -0,0 +1,20 @@
+import { updateUser } from '@documenso/lib/server-only/admin/update-user';
+
+import { adminProcedure } from '../trpc';
+import { ZUpdateUserRequestSchema, ZUpdateUserResponseSchema } from './update-user.types';
+
+export const updateUserRoute = adminProcedure
+  .input(ZUpdateUserRequestSchema)
+  .output(ZUpdateUserResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { id, name, email, roles } = input;
+
+    ctx.logger.info({
+      input: {
+        id,
+        roles,
+      },
+    });
+
+    await updateUser({ id, name, email, roles });
+  });

packages/trpc/server/admin-router/update-user.types.ts

@@ -0,0 +1,14 @@
+import { Role } from '@prisma/client';
+import { z } from 'zod';
+
+export const ZUpdateUserRequestSchema = z.object({
+  id: z.number().min(1),
+  name: z.string().nullish(),
+  email: z.string().email().optional(),
+  roles: z.array(z.nativeEnum(Role)).optional(),
+});
+
+export const ZUpdateUserResponseSchema = z.void();
+
+export type TUpdateUserRequest = z.infer<typeof ZUpdateUserRequestSchema>;
+export type TUpdateUserResponse = z.infer<typeof ZUpdateUserResponseSchema>;

packages/trpc/server/api-token-router/create-api-token.ts

@@ -0,0 +1,27 @@
+import { createApiToken } from '@documenso/lib/server-only/public-api/create-api-token';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZCreateApiTokenRequestSchema,
+  ZCreateApiTokenResponseSchema,
+} from './create-api-token.types';
+
+export const createApiTokenRoute = authenticatedProcedure
+  .input(ZCreateApiTokenRequestSchema)
+  .output(ZCreateApiTokenResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { tokenName, teamId, expirationDate } = input;
+
+    ctx.logger.info({
+      input: {
+        teamId,
+      },
+    });
+
+    return await createApiToken({
+      userId: ctx.user.id,
+      teamId,
+      tokenName,
+      expiresIn: expirationDate,
+    });
+  });

packages/trpc/server/api-token-router/create-api-token.types.ts

@@ -0,0 +1,12 @@
+import { z } from 'zod';
+
+export const ZCreateApiTokenRequestSchema = z.object({
+  teamId: z.number(),
+  tokenName: z.string().min(3, { message: 'The token name should be 3 characters or longer' }),
+  expirationDate: z.string().nullable(),
+});
+
+export const ZCreateApiTokenResponseSchema = z.object({
+  id: z.number(),
+  token: z.string(),
+});

packages/trpc/server/api-token-router/delete-api-token.ts

@@ -0,0 +1,27 @@
+import { deleteTokenById } from '@documenso/lib/server-only/public-api/delete-api-token-by-id';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZDeleteApiTokenRequestSchema,
+  ZDeleteApiTokenResponseSchema,
+} from './delete-api-token.types';
+
+export const deleteApiTokenRoute = authenticatedProcedure
+  .input(ZDeleteApiTokenRequestSchema)
+  .output(ZDeleteApiTokenResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { id, teamId } = input;
+
+    ctx.logger.info({
+      input: {
+        id,
+        teamId,
+      },
+    });
+
+    await deleteTokenById({
+      id,
+      teamId,
+      userId: ctx.user.id,
+    });
+  });

packages/trpc/server/api-token-router/delete-api-token.types.ts

@@ -0,0 +1,8 @@
+import { z } from 'zod';
+
+export const ZDeleteApiTokenRequestSchema = z.object({
+  id: z.number().min(1),
+  teamId: z.number(),
+});
+
+export const ZDeleteApiTokenResponseSchema = z.void();

packages/trpc/server/api-token-router/get-api-tokens.ts

@@ -0,0 +1,19 @@
+import { getApiTokens } from '@documenso/lib/server-only/public-api/get-api-tokens';
+
+import { authenticatedProcedure } from '../trpc';
+import { ZGetApiTokensRequestSchema, ZGetApiTokensResponseSchema } from './get-api-tokens.types';
+
+export const getApiTokensRoute = authenticatedProcedure
+  .input(ZGetApiTokensRequestSchema)
+  .output(ZGetApiTokensResponseSchema)
+  .query(async ({ ctx }) => {
+    const { teamId } = ctx;
+
+    ctx.logger.info({
+      input: {
+        teamId,
+      },
+    });
+
+    return await getApiTokens({ userId: ctx.user.id, teamId });
+  });

packages/trpc/server/api-token-router/get-api-tokens.types.ts

@@ -0,0 +1,16 @@
+import { z } from 'zod';
+
+import ApiTokenSchema from '@documenso/prisma/generated/zod/modelSchema/ApiTokenSchema';
+
+export const ZGetApiTokensRequestSchema = z.void();
+
+export const ZGetApiTokensResponseSchema = z.array(
+  ApiTokenSchema.pick({
+    id: true,
+    name: true,
+    createdAt: true,
+    expires: true,
+  }),
+);
+
+export type TGetApiTokensResponse = z.infer<typeof ZGetApiTokensResponseSchema>;

packages/trpc/server/api-token-router/router.ts

@@ -1,50 +1,10 @@
-import { createApiToken } from '@documenso/lib/server-only/public-api/create-api-token';
-import { deleteTokenById } from '@documenso/lib/server-only/public-api/delete-api-token-by-id';
-import { getApiTokens } from '@documenso/lib/server-only/public-api/get-api-tokens';
-
-import { authenticatedProcedure, router } from '../trpc';
-import { ZCreateTokenMutationSchema, ZDeleteTokenByIdMutationSchema } from './schema';
+import { router } from '../trpc';
+import { createApiTokenRoute } from './create-api-token';
+import { deleteApiTokenRoute } from './delete-api-token';
+import { getApiTokensRoute } from './get-api-tokens';
 
 export const apiTokenRouter = router({
-  getTokens: authenticatedProcedure.query(async ({ ctx }) => {
-    return await getApiTokens({ userId: ctx.user.id, teamId: ctx.teamId });
-  }),
-
-  createToken: authenticatedProcedure
-    .input(ZCreateTokenMutationSchema)
-    .mutation(async ({ input, ctx }) => {
-      const { tokenName, teamId, expirationDate } = input;
-
-      ctx.logger.info({
-        input: {
-          teamId,
-        },
-      });
-
-      return await createApiToken({
-        userId: ctx.user.id,
-        teamId,
-        tokenName,
-        expiresIn: expirationDate,
-      });
-    }),
-
-  deleteTokenById: authenticatedProcedure
-    .input(ZDeleteTokenByIdMutationSchema)
-    .mutation(async ({ input, ctx }) => {
-      const { id, teamId } = input;
-
-      ctx.logger.info({
-        input: {
-          id,
-          teamId,
-        },
-      });
-
-      return await deleteTokenById({
-        id,
-        teamId,
-        userId: ctx.user.id,
-      });
-    }),
+  create: createApiTokenRoute,
+  getMany: getApiTokensRoute,
+  delete: deleteApiTokenRoute,
 });

packages/trpc/server/api-token-router/schema.ts

@@ -1,16 +0,0 @@
-import { z } from 'zod';
-
-export const ZCreateTokenMutationSchema = z.object({
-  teamId: z.number(),
-  tokenName: z.string().min(3, { message: 'The token name should be 3 characters or longer' }),
-  expirationDate: z.string().nullable(),
-});
-
-export type TCreateTokenMutationSchema = z.infer<typeof ZCreateTokenMutationSchema>;
-
-export const ZDeleteTokenByIdMutationSchema = z.object({
-  id: z.number().min(1),
-  teamId: z.number(),
-});
-
-export type TDeleteTokenByIdMutationSchema = z.infer<typeof ZDeleteTokenByIdMutationSchema>;

packages/trpc/server/auth-router/create-passkey-authentication-options.ts

@@ -0,0 +1,17 @@
+import { createPasskeyAuthenticationOptions } from '@documenso/lib/server-only/auth/create-passkey-authentication-options';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZCreatePasskeyAuthenticationOptionsRequestSchema,
+  ZCreatePasskeyAuthenticationOptionsResponseSchema,
+} from './create-passkey-authentication-options.types';
+
+export const createPasskeyAuthenticationOptionsRoute = authenticatedProcedure
+  .input(ZCreatePasskeyAuthenticationOptionsRequestSchema)
+  .output(ZCreatePasskeyAuthenticationOptionsResponseSchema)
+  .mutation(async ({ ctx, input }) => {
+    return await createPasskeyAuthenticationOptions({
+      userId: ctx.user.id,
+      preferredPasskeyId: input?.preferredPasskeyId,
+    });
+  });

packages/trpc/server/auth-router/create-passkey-authentication-options.types.ts

@@ -0,0 +1,19 @@
+import { z } from 'zod';
+
+export const ZCreatePasskeyAuthenticationOptionsRequestSchema = z
+  .object({
+    preferredPasskeyId: z.string().optional(),
+  })
+  .optional();
+
+export const ZCreatePasskeyAuthenticationOptionsResponseSchema = z.object({
+  tokenReference: z.string(),
+  options: z.any(), // PublicKeyCredentialRequestOptions type
+});
+
+export type TCreatePasskeyAuthenticationOptionsRequest = z.infer<
+  typeof ZCreatePasskeyAuthenticationOptionsRequestSchema
+>;
+export type TCreatePasskeyAuthenticationOptionsResponse = z.infer<
+  typeof ZCreatePasskeyAuthenticationOptionsResponseSchema
+>;

packages/trpc/server/auth-router/create-passkey-registration-options.ts

@@ -0,0 +1,16 @@
+import { createPasskeyRegistrationOptions } from '@documenso/lib/server-only/auth/create-passkey-registration-options';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZCreatePasskeyRegistrationOptionsRequestSchema,
+  ZCreatePasskeyRegistrationOptionsResponseSchema,
+} from './create-passkey-registration-options.types';
+
+export const createPasskeyRegistrationOptionsRoute = authenticatedProcedure
+  .input(ZCreatePasskeyRegistrationOptionsRequestSchema)
+  .output(ZCreatePasskeyRegistrationOptionsResponseSchema)
+  .mutation(async ({ ctx }) => {
+    return await createPasskeyRegistrationOptions({
+      userId: ctx.user.id,
+    });
+  });

packages/trpc/server/auth-router/create-passkey-registration-options.types.ts

@@ -0,0 +1,12 @@
+import { z } from 'zod';
+
+export const ZCreatePasskeyRegistrationOptionsRequestSchema = z.void();
+
+export const ZCreatePasskeyRegistrationOptionsResponseSchema = z.any(); // PublicKeyCredentialCreationOptions type
+
+export type TCreatePasskeyRegistrationOptionsRequest = z.infer<
+  typeof ZCreatePasskeyRegistrationOptionsRequestSchema
+>;
+export type TCreatePasskeyRegistrationOptionsResponse = z.infer<
+  typeof ZCreatePasskeyRegistrationOptionsResponseSchema
+>;

packages/trpc/server/auth-router/create-passkey-signin-options.ts

@@ -0,0 +1,24 @@
+import { createPasskeySigninOptions } from '@documenso/lib/server-only/auth/create-passkey-signin-options';
+import { nanoid } from '@documenso/lib/universal/id';
+
+import { procedure } from '../trpc';
+import {
+  ZCreatePasskeySigninOptionsRequestSchema,
+  ZCreatePasskeySigninOptionsResponseSchema,
+} from './create-passkey-signin-options.types';
+
+export const createPasskeySigninOptionsRoute = procedure
+  .input(ZCreatePasskeySigninOptionsRequestSchema)
+  .output(ZCreatePasskeySigninOptionsResponseSchema)
+  .mutation(async () => {
+    const sessionIdToken = nanoid(16);
+
+    const [sessionId] = decodeURI(sessionIdToken).split('|');
+
+    const options = await createPasskeySigninOptions({ sessionId });
+
+    return {
+      options,
+      sessionId,
+    };
+  });

packages/trpc/server/auth-router/create-passkey-signin-options.types.ts

@@ -0,0 +1,15 @@
+import { z } from 'zod';
+
+export const ZCreatePasskeySigninOptionsRequestSchema = z.void();
+
+export const ZCreatePasskeySigninOptionsResponseSchema = z.object({
+  options: z.any(), // PublicKeyCredentialRequestOptions type
+  sessionId: z.string(),
+});
+
+export type TCreatePasskeySigninOptionsRequest = z.infer<
+  typeof ZCreatePasskeySigninOptionsRequestSchema
+>;
+export type TCreatePasskeySigninOptionsResponse = z.infer<
+  typeof ZCreatePasskeySigninOptionsResponseSchema
+>;

packages/trpc/server/auth-router/create-passkey.ts

@@ -0,0 +1,21 @@
+import type { RegistrationResponseJSON } from '@simplewebauthn/types';
+
+import { createPasskey } from '@documenso/lib/server-only/auth/create-passkey';
+
+import { authenticatedProcedure } from '../trpc';
+import { ZCreatePasskeyRequestSchema, ZCreatePasskeyResponseSchema } from './create-passkey.types';
+
+export const createPasskeyRoute = authenticatedProcedure
+  .input(ZCreatePasskeyRequestSchema)
+  .output(ZCreatePasskeyResponseSchema)
+  .mutation(async ({ ctx, input }) => {
+    // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
+    const verificationResponse = input.verificationResponse as RegistrationResponseJSON;
+
+    return await createPasskey({
+      userId: ctx.user.id,
+      verificationResponse,
+      passkeyName: input.passkeyName,
+      requestMetadata: ctx.metadata.requestMetadata,
+    });
+  });

packages/trpc/server/auth-router/create-passkey.types.ts

@@ -0,0 +1,13 @@
+import { z } from 'zod';
+
+import { ZRegistrationResponseJSONSchema } from '@documenso/lib/types/webauthn';
+
+export const ZCreatePasskeyRequestSchema = z.object({
+  passkeyName: z.string().trim().min(1),
+  verificationResponse: ZRegistrationResponseJSONSchema,
+});
+
+export const ZCreatePasskeyResponseSchema = z.void();
+
+export type TCreatePasskeyRequest = z.infer<typeof ZCreatePasskeyRequestSchema>;
+export type TCreatePasskeyResponse = z.infer<typeof ZCreatePasskeyResponseSchema>;

packages/trpc/server/auth-router/delete-passkey.ts

@@ -0,0 +1,23 @@
+import { deletePasskey } from '@documenso/lib/server-only/auth/delete-passkey';
+
+import { authenticatedProcedure } from '../trpc';
+import { ZDeletePasskeyRequestSchema, ZDeletePasskeyResponseSchema } from './delete-passkey.types';
+
+export const deletePasskeyRoute = authenticatedProcedure
+  .input(ZDeletePasskeyRequestSchema)
+  .output(ZDeletePasskeyResponseSchema)
+  .mutation(async ({ ctx, input }) => {
+    const { passkeyId } = input;
+
+    ctx.logger.info({
+      input: {
+        passkeyId,
+      },
+    });
+
+    await deletePasskey({
+      userId: ctx.user.id,
+      passkeyId,
+      requestMetadata: ctx.metadata.requestMetadata,
+    });
+  });

packages/trpc/server/auth-router/delete-passkey.types.ts

@@ -0,0 +1,10 @@
+import { z } from 'zod';
+
+export const ZDeletePasskeyRequestSchema = z.object({
+  passkeyId: z.string().trim().min(1),
+});
+
+export const ZDeletePasskeyResponseSchema = z.void();
+
+export type TDeletePasskeyRequest = z.infer<typeof ZDeletePasskeyRequestSchema>;
+export type TDeletePasskeyResponse = z.infer<typeof ZDeletePasskeyResponseSchema>;

packages/trpc/server/auth-router/find-passkeys.ts

@@ -0,0 +1,18 @@
+import { findPasskeys } from '@documenso/lib/server-only/auth/find-passkeys';
+
+import { authenticatedProcedure } from '../trpc';
+import { ZFindPasskeysRequestSchema, ZFindPasskeysResponseSchema } from './find-passkeys.types';
+
+export const findPasskeysRoute = authenticatedProcedure
+  .input(ZFindPasskeysRequestSchema)
+  .output(ZFindPasskeysResponseSchema)
+  .query(async ({ input, ctx }) => {
+    const { page, perPage, orderBy } = input;
+
+    return await findPasskeys({
+      page,
+      perPage,
+      orderBy,
+      userId: ctx.user.id,
+    });
+  });

packages/trpc/server/auth-router/find-passkeys.types.ts

@@ -0,0 +1,33 @@
+import { z } from 'zod';
+
+import { ZFindResultResponse, ZFindSearchParamsSchema } from '@documenso/lib/types/search-params';
+import PasskeySchema from '@documenso/prisma/generated/zod/modelSchema/PasskeySchema';
+
+export const ZFindPasskeysRequestSchema = ZFindSearchParamsSchema.extend({
+  orderBy: z
+    .object({
+      column: z.enum(['createdAt', 'updatedAt', 'name']),
+      direction: z.enum(['asc', 'desc']),
+    })
+    .optional(),
+});
+
+export const ZFindPasskeysResponseSchema = ZFindResultResponse.extend({
+  data: z.array(
+    PasskeySchema.pick({
+      id: true,
+      userId: true,
+      name: true,
+      createdAt: true,
+      updatedAt: true,
+      lastUsedAt: true,
+      counter: true,
+      credentialDeviceType: true,
+      credentialBackedUp: true,
+      transports: true,
+    }),
+  ),
+});
+
+export type TFindPasskeysRequest = z.infer<typeof ZFindPasskeysRequestSchema>;
+export type TFindPasskeysResponse = z.infer<typeof ZFindPasskeysResponseSchema>;

packages/trpc/server/auth-router/router.ts

@@ -1,113 +1,20 @@
-import type { RegistrationResponseJSON } from '@simplewebauthn/types';
-
-import { createPasskey } from '@documenso/lib/server-only/auth/create-passkey';
-import { createPasskeyAuthenticationOptions } from '@documenso/lib/server-only/auth/create-passkey-authentication-options';
-import { createPasskeyRegistrationOptions } from '@documenso/lib/server-only/auth/create-passkey-registration-options';
-import { createPasskeySigninOptions } from '@documenso/lib/server-only/auth/create-passkey-signin-options';
-import { deletePasskey } from '@documenso/lib/server-only/auth/delete-passkey';
-import { findPasskeys } from '@documenso/lib/server-only/auth/find-passkeys';
-import { updatePasskey } from '@documenso/lib/server-only/auth/update-passkey';
-import { nanoid } from '@documenso/lib/universal/id';
-
-import { authenticatedProcedure, procedure, router } from '../trpc';
-import {
-  ZCreatePasskeyAuthenticationOptionsMutationSchema,
-  ZCreatePasskeyMutationSchema,
-  ZDeletePasskeyMutationSchema,
-  ZFindPasskeysQuerySchema,
-  ZUpdatePasskeyMutationSchema,
-} from './schema';
+import { router } from '../trpc';
+import { createPasskeyRoute } from './create-passkey';
+import { createPasskeyAuthenticationOptionsRoute } from './create-passkey-authentication-options';
+import { createPasskeyRegistrationOptionsRoute } from './create-passkey-registration-options';
+import { createPasskeySigninOptionsRoute } from './create-passkey-signin-options';
+import { deletePasskeyRoute } from './delete-passkey';
+import { findPasskeysRoute } from './find-passkeys';
+import { updatePasskeyRoute } from './update-passkey';
 
 export const authRouter = router({
-  createPasskey: authenticatedProcedure
-    .input(ZCreatePasskeyMutationSchema)
-    .mutation(async ({ ctx, input }) => {
-      // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
-      const verificationResponse = input.verificationResponse as RegistrationResponseJSON;
-
-      return await createPasskey({
-        userId: ctx.user.id,
-        verificationResponse,
-        passkeyName: input.passkeyName,
-        requestMetadata: ctx.metadata.requestMetadata,
-      });
-    }),
-
-  createPasskeyAuthenticationOptions: authenticatedProcedure
-    .input(ZCreatePasskeyAuthenticationOptionsMutationSchema)
-    .mutation(async ({ ctx, input }) => {
-      return await createPasskeyAuthenticationOptions({
-        userId: ctx.user.id,
-        preferredPasskeyId: input?.preferredPasskeyId,
-      });
-    }),
-
-  createPasskeyRegistrationOptions: authenticatedProcedure.mutation(async ({ ctx }) => {
-    return await createPasskeyRegistrationOptions({
-      userId: ctx.user.id,
-    });
+  passkey: router({
+    create: createPasskeyRoute,
+    createAuthenticationOptions: createPasskeyAuthenticationOptionsRoute,
+    createRegistrationOptions: createPasskeyRegistrationOptionsRoute,
+    createSigninOptions: createPasskeySigninOptionsRoute,
+    delete: deletePasskeyRoute,
+    find: findPasskeysRoute,
+    update: updatePasskeyRoute,
   }),
-
-  createPasskeySigninOptions: procedure.mutation(async () => {
-    const sessionIdToken = nanoid(16);
-
-    const [sessionId] = decodeURI(sessionIdToken).split('|');
-
-    const options = await createPasskeySigninOptions({ sessionId });
-
-    return {
-      options,
-      sessionId,
-    };
-  }),
-
-  deletePasskey: authenticatedProcedure
-    .input(ZDeletePasskeyMutationSchema)
-    .mutation(async ({ ctx, input }) => {
-      const { passkeyId } = input;
-
-      ctx.logger.info({
-        input: {
-          passkeyId,
-        },
-      });
-
-      await deletePasskey({
-        userId: ctx.user.id,
-        passkeyId,
-        requestMetadata: ctx.metadata.requestMetadata,
-      });
-    }),
-
-  findPasskeys: authenticatedProcedure
-    .input(ZFindPasskeysQuerySchema)
-    .query(async ({ input, ctx }) => {
-      const { page, perPage, orderBy } = input;
-
-      return await findPasskeys({
-        page,
-        perPage,
-        orderBy,
-        userId: ctx.user.id,
-      });
-    }),
-
-  updatePasskey: authenticatedProcedure
-    .input(ZUpdatePasskeyMutationSchema)
-    .mutation(async ({ ctx, input }) => {
-      const { passkeyId, name } = input;
-
-      ctx.logger.info({
-        input: {
-          passkeyId,
-        },
-      });
-
-      await updatePasskey({
-        userId: ctx.user.id,
-        passkeyId,
-        name,
-        requestMetadata: ctx.metadata.requestMetadata,
-      });
-    }),
 });

packages/trpc/server/auth-router/schema.ts

@@ -1,8 +1,5 @@
 import { z } from 'zod';
 
-import { ZFindSearchParamsSchema } from '@documenso/lib/types/search-params';
-import { ZRegistrationResponseJSONSchema } from '@documenso/lib/types/webauthn';
-
 export const ZCurrentPasswordSchema = z
   .string()
   .min(6, { message: 'Must be at least 6 characters in length' })
@@ -24,50 +21,3 @@ export const ZPasswordSchema = z
   .refine((value) => value.length > 25 || /[`~<>?,./!@#$%^&*()\-_"'+=|{}[\];:\\]/.test(value), {
     message: 'One special character is required',
   });
-
-export const ZSignUpMutationSchema = z.object({
-  name: z.string().min(1),
-  email: z.string().email(),
-  password: ZPasswordSchema,
-  signature: z.string().nullish(),
-  url: z
-    .string()
-    .trim()
-    .toLowerCase()
-    .min(1)
-    .regex(/^[a-z0-9-]+$/, {
-      message: 'Username can only container alphanumeric characters and dashes.',
-    })
-    .optional(),
-});
-
-export const ZCreatePasskeyMutationSchema = z.object({
-  passkeyName: z.string().trim().min(1),
-  verificationResponse: ZRegistrationResponseJSONSchema,
-});
-
-export const ZCreatePasskeyAuthenticationOptionsMutationSchema = z
-  .object({
-    preferredPasskeyId: z.string().optional(),
-  })
-  .optional();
-
-export const ZDeletePasskeyMutationSchema = z.object({
-  passkeyId: z.string().trim().min(1),
-});
-
-export const ZUpdatePasskeyMutationSchema = z.object({
-  passkeyId: z.string().trim().min(1),
-  name: z.string().trim().min(1),
-});
-
-export const ZFindPasskeysQuerySchema = ZFindSearchParamsSchema.extend({
-  orderBy: z
-    .object({
-      column: z.enum(['createdAt', 'updatedAt', 'name']),
-      direction: z.enum(['asc', 'desc']),
-    })
-    .optional(),
-});
-
-export type TSignUpMutationSchema = z.infer<typeof ZSignUpMutationSchema>;

packages/trpc/server/auth-router/update-passkey.ts

@@ -0,0 +1,24 @@
+import { updatePasskey } from '@documenso/lib/server-only/auth/update-passkey';
+
+import { authenticatedProcedure } from '../trpc';
+import { ZUpdatePasskeyRequestSchema, ZUpdatePasskeyResponseSchema } from './update-passkey.types';
+
+export const updatePasskeyRoute = authenticatedProcedure
+  .input(ZUpdatePasskeyRequestSchema)
+  .output(ZUpdatePasskeyResponseSchema)
+  .mutation(async ({ ctx, input }) => {
+    const { passkeyId, name } = input;
+
+    ctx.logger.info({
+      input: {
+        passkeyId,
+      },
+    });
+
+    await updatePasskey({
+      userId: ctx.user.id,
+      passkeyId,
+      name,
+      requestMetadata: ctx.metadata.requestMetadata,
+    });
+  });

packages/trpc/server/auth-router/update-passkey.types.ts

@@ -0,0 +1,11 @@
+import { z } from 'zod';
+
+export const ZUpdatePasskeyRequestSchema = z.object({
+  passkeyId: z.string().trim().min(1),
+  name: z.string().trim().min(1),
+});
+
+export const ZUpdatePasskeyResponseSchema = z.void();
+
+export type TUpdatePasskeyRequest = z.infer<typeof ZUpdatePasskeyRequestSchema>;
+export type TUpdatePasskeyResponse = z.infer<typeof ZUpdatePasskeyResponseSchema>;

packages/trpc/server/document-router/create-document-temporary.ts

@@ -0,0 +1,92 @@
+import { DocumentDataType } from '@prisma/client';
+
+import { getServerLimits } from '@documenso/ee/server-only/limits/server';
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
+import { createDocumentData } from '@documenso/lib/server-only/document-data/create-document-data';
+import { createDocumentV2 } from '@documenso/lib/server-only/document/create-document-v2';
+import { getPresignPostUrl } from '@documenso/lib/universal/upload/server-actions';
+import { isValidExpirySettings } from '@documenso/lib/utils/expiry';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZCreateDocumentTemporaryRequestSchema,
+  ZCreateDocumentTemporaryResponseSchema,
+  createDocumentTemporaryMeta,
+} from './create-document-temporary.types';
+
+/**
+ * Temporariy endpoint for V2 Beta until we allow passthrough documents on create.
+ *
+ * @public
+ * @deprecated
+ */
+export const createDocumentTemporaryRoute = authenticatedProcedure
+  .meta(createDocumentTemporaryMeta)
+  .input(ZCreateDocumentTemporaryRequestSchema)
+  .output(ZCreateDocumentTemporaryResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { teamId, user } = ctx;
+
+    const {
+      title,
+      externalId,
+      visibility,
+      globalAccessAuth,
+      globalActionAuth,
+      recipients,
+      meta,
+      folderId,
+      expiryAmount,
+      expiryUnit,
+    } = input;
+
+    // Validate expiry settings
+    if ((expiryAmount || expiryUnit) && !isValidExpirySettings(expiryAmount, expiryUnit)) {
+      throw new AppError(AppErrorCode.INVALID_REQUEST, {
+        message: 'Invalid expiry settings. Please check your expiry configuration.',
+      });
+    }
+
+    const { remaining } = await getServerLimits({ userId: user.id, teamId });
+
+    if (remaining.documents <= 0) {
+      throw new AppError(AppErrorCode.LIMIT_EXCEEDED, {
+        message: 'You have reached your document limit for this month. Please upgrade your plan.',
+        statusCode: 400,
+      });
+    }
+
+    const fileName = title.endsWith('.pdf') ? title : `${title}.pdf`;
+
+    const { url, key } = await getPresignPostUrl(fileName, 'application/pdf');
+
+    const documentData = await createDocumentData({
+      data: key,
+      type: DocumentDataType.S3_PATH,
+    });
+
+    const createdDocument = await createDocumentV2({
+      userId: ctx.user.id,
+      teamId,
+      documentDataId: documentData.id,
+      normalizePdf: false, // Not normalizing because of presigned URL.
+      data: {
+        title,
+        externalId,
+        visibility,
+        globalAccessAuth,
+        globalActionAuth,
+        recipients,
+        folderId,
+        expiryAmount,
+        expiryUnit,
+      },
+      meta,
+      requestMetadata: ctx.metadata,
+    });
+
+    return {
+      document: createdDocument,
+      uploadUrl: url,
+    };
+  });

packages/trpc/server/document-router/create-document-temporary.types.ts

@@ -0,0 +1,124 @@
+import { DocumentSigningOrder } from '@prisma/client';
+import { z } from 'zod';
+
+import { ZDocumentSchema } from '@documenso/lib/types/document';
+import {
+  ZDocumentAccessAuthTypesSchema,
+  ZDocumentActionAuthTypesSchema,
+} from '@documenso/lib/types/document-auth';
+import { ZDocumentEmailSettingsSchema } from '@documenso/lib/types/document-email';
+import { ZDocumentFormValuesSchema } from '@documenso/lib/types/document-form-values';
+import {
+  ZFieldHeightSchema,
+  ZFieldPageNumberSchema,
+  ZFieldPageXSchema,
+  ZFieldPageYSchema,
+  ZFieldWidthSchema,
+} from '@documenso/lib/types/field';
+import { ZFieldAndMetaSchema } from '@documenso/lib/types/field-meta';
+
+import { ZCreateRecipientSchema } from '../recipient-router/schema';
+import type { TrpcRouteMeta } from '../trpc';
+import {
+  ZDocumentExpiryAmountSchema,
+  ZDocumentExpiryUnitSchema,
+  ZDocumentExternalIdSchema,
+  ZDocumentMetaDateFormatSchema,
+  ZDocumentMetaDistributionMethodSchema,
+  ZDocumentMetaDrawSignatureEnabledSchema,
+  ZDocumentMetaLanguageSchema,
+  ZDocumentMetaMessageSchema,
+  ZDocumentMetaRedirectUrlSchema,
+  ZDocumentMetaSubjectSchema,
+  ZDocumentMetaTimezoneSchema,
+  ZDocumentMetaTypedSignatureEnabledSchema,
+  ZDocumentMetaUploadSignatureEnabledSchema,
+  ZDocumentTitleSchema,
+  ZDocumentVisibilitySchema,
+} from './schema';
+
+/**
+ * Temporariy endpoint for V2 Beta until we allow passthrough documents on create.
+ */
+export const createDocumentTemporaryMeta: TrpcRouteMeta = {
+  openapi: {
+    method: 'POST',
+    path: '/document/create/beta',
+    summary: 'Create document',
+    description:
+      'You will need to upload the PDF to the provided URL returned. Note: Once V2 API is released, this will be removed since we will allow direct uploads, instead of using an upload URL.',
+    tags: ['Document'],
+  },
+};
+
+export const ZCreateDocumentTemporaryRequestSchema = z.object({
+  title: ZDocumentTitleSchema,
+  externalId: ZDocumentExternalIdSchema.optional(),
+  visibility: ZDocumentVisibilitySchema.optional(),
+  globalAccessAuth: z.array(ZDocumentAccessAuthTypesSchema).optional(),
+  globalActionAuth: z.array(ZDocumentActionAuthTypesSchema).optional(),
+  formValues: ZDocumentFormValuesSchema.optional(),
+  folderId: z
+    .string()
+    .describe(
+      'The ID of the folder to create the document in. If not provided, the document will be created in the root folder.',
+    )
+    .optional(),
+  expiryAmount: ZDocumentExpiryAmountSchema.optional(),
+  expiryUnit: ZDocumentExpiryUnitSchema.optional(),
+  recipients: z
+    .array(
+      ZCreateRecipientSchema.extend({
+        fields: ZFieldAndMetaSchema.and(
+          z.object({
+            pageNumber: ZFieldPageNumberSchema,
+            pageX: ZFieldPageXSchema,
+            pageY: ZFieldPageYSchema,
+            width: ZFieldWidthSchema,
+            height: ZFieldHeightSchema,
+          }),
+        )
+          .array()
+          .optional(),
+      }),
+    )
+    .refine(
+      (recipients) => {
+        const emails = recipients.map((recipient) => recipient.email);
+
+        return new Set(emails).size === emails.length;
+      },
+      { message: 'Recipients must have unique emails' },
+    )
+    .optional(),
+  meta: z
+    .object({
+      subject: ZDocumentMetaSubjectSchema.optional(),
+      message: ZDocumentMetaMessageSchema.optional(),
+      timezone: ZDocumentMetaTimezoneSchema.optional(),
+      dateFormat: ZDocumentMetaDateFormatSchema.optional(),
+      distributionMethod: ZDocumentMetaDistributionMethodSchema.optional(),
+      signingOrder: z.nativeEnum(DocumentSigningOrder).optional(),
+      redirectUrl: ZDocumentMetaRedirectUrlSchema.optional(),
+      language: ZDocumentMetaLanguageSchema.optional(),
+      typedSignatureEnabled: ZDocumentMetaTypedSignatureEnabledSchema.optional(),
+      drawSignatureEnabled: ZDocumentMetaDrawSignatureEnabledSchema.optional(),
+      uploadSignatureEnabled: ZDocumentMetaUploadSignatureEnabledSchema.optional(),
+      emailSettings: ZDocumentEmailSettingsSchema.optional(),
+    })
+    .optional(),
+});
+
+export const ZCreateDocumentTemporaryResponseSchema = z.object({
+  document: ZDocumentSchema,
+  uploadUrl: z
+    .string()
+    .describe(
+      'The URL to upload the document PDF to. Use a PUT request with the file via form-data',
+    ),
+});
+
+export type TCreateDocumentTemporaryRequest = z.infer<typeof ZCreateDocumentTemporaryRequestSchema>;
+export type TCreateDocumentTemporaryResponse = z.infer<
+  typeof ZCreateDocumentTemporaryResponseSchema
+>;

packages/trpc/server/document-router/create-document.ts

@@ -0,0 +1,57 @@
+import { getServerLimits } from '@documenso/ee/server-only/limits/server';
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
+import { createDocument } from '@documenso/lib/server-only/document/create-document';
+import { isValidExpirySettings } from '@documenso/lib/utils/expiry';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZCreateDocumentRequestSchema,
+  ZCreateDocumentResponseSchema,
+} from './create-document.types';
+
+export const createDocumentRoute = authenticatedProcedure
+  .input(ZCreateDocumentRequestSchema)
+  .output(ZCreateDocumentResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { user, teamId } = ctx;
+    const { title, documentDataId, timezone, folderId, expiryAmount, expiryUnit } = input;
+
+    // Validate expiry settings
+    if ((expiryAmount || expiryUnit) && !isValidExpirySettings(expiryAmount, expiryUnit)) {
+      throw new AppError(AppErrorCode.INVALID_REQUEST, {
+        message: 'Invalid expiry settings. Please check your expiry configuration.',
+      });
+    }
+
+    ctx.logger.info({
+      input: {
+        folderId,
+      },
+    });
+
+    const { remaining } = await getServerLimits({ userId: user.id, teamId });
+
+    if (remaining.documents <= 0) {
+      throw new AppError(AppErrorCode.LIMIT_EXCEEDED, {
+        message: 'You have reached your document limit for this month. Please upgrade your plan.',
+        statusCode: 400,
+      });
+    }
+
+    const document = await createDocument({
+      userId: user.id,
+      teamId,
+      title,
+      documentDataId,
+      normalizePdf: true,
+      userTimezone: timezone,
+      requestMetadata: ctx.metadata,
+      folderId,
+      expiryAmount,
+      expiryUnit,
+    });
+
+    return {
+      id: document.id,
+    };
+  });

packages/trpc/server/document-router/create-document.types.ts

@@ -0,0 +1,34 @@
+import { z } from 'zod';
+
+import {
+  ZDocumentExpiryAmountSchema,
+  ZDocumentExpiryUnitSchema,
+  ZDocumentMetaTimezoneSchema,
+  ZDocumentTitleSchema,
+} from './schema';
+
+// Currently not in use until we allow passthrough documents on create.
+// export const createDocumentMeta: TrpcRouteMeta = {
+//   openapi: {
+//     method: 'POST',
+//     path: '/document/create',
+//     summary: 'Create document',
+//     tags: ['Document'],
+//   },
+// };
+
+export const ZCreateDocumentRequestSchema = z.object({
+  title: ZDocumentTitleSchema,
+  documentDataId: z.string().min(1),
+  timezone: ZDocumentMetaTimezoneSchema.optional(),
+  folderId: z.string().describe('The ID of the folder to create the document in').optional(),
+  expiryAmount: ZDocumentExpiryAmountSchema.optional(),
+  expiryUnit: ZDocumentExpiryUnitSchema.optional(),
+});
+
+export const ZCreateDocumentResponseSchema = z.object({
+  id: z.number(),
+});
+
+export type TCreateDocumentRequest = z.infer<typeof ZCreateDocumentRequestSchema>;
+export type TCreateDocumentResponse = z.infer<typeof ZCreateDocumentResponseSchema>;

packages/trpc/server/document-router/delete-document.ts

@@ -0,0 +1,35 @@
+import { deleteDocument } from '@documenso/lib/server-only/document/delete-document';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZDeleteDocumentRequestSchema,
+  ZDeleteDocumentResponseSchema,
+  deleteDocumentMeta,
+} from './delete-document.types';
+import { ZGenericSuccessResponse } from './schema';
+
+export const deleteDocumentRoute = authenticatedProcedure
+  .meta(deleteDocumentMeta)
+  .input(ZDeleteDocumentRequestSchema)
+  .output(ZDeleteDocumentResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { teamId } = ctx;
+    const { documentId } = input;
+
+    ctx.logger.info({
+      input: {
+        documentId,
+      },
+    });
+
+    const userId = ctx.user.id;
+
+    await deleteDocument({
+      id: documentId,
+      userId,
+      teamId,
+      requestMetadata: ctx.metadata,
+    });
+
+    return ZGenericSuccessResponse;
+  });

packages/trpc/server/document-router/delete-document.types.ts

@@ -0,0 +1,22 @@
+import { z } from 'zod';
+
+import type { TrpcRouteMeta } from '../trpc';
+import { ZSuccessResponseSchema } from './schema';
+
+export const deleteDocumentMeta: TrpcRouteMeta = {
+  openapi: {
+    method: 'POST',
+    path: '/document/delete',
+    summary: 'Delete document',
+    tags: ['Document'],
+  },
+};
+
+export const ZDeleteDocumentRequestSchema = z.object({
+  documentId: z.number(),
+});
+
+export const ZDeleteDocumentResponseSchema = ZSuccessResponseSchema;
+
+export type TDeleteDocumentRequest = z.infer<typeof ZDeleteDocumentRequestSchema>;
+export type TDeleteDocumentResponse = z.infer<typeof ZDeleteDocumentResponseSchema>;

packages/trpc/server/document-router/distribute-document.ts

@@ -0,0 +1,50 @@
+import { upsertDocumentMeta } from '@documenso/lib/server-only/document-meta/upsert-document-meta';
+import { sendDocument } from '@documenso/lib/server-only/document/send-document';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZDistributeDocumentRequestSchema,
+  ZDistributeDocumentResponseSchema,
+  distributeDocumentMeta,
+} from './distribute-document.types';
+
+export const distributeDocumentRoute = authenticatedProcedure
+  .meta(distributeDocumentMeta)
+  .input(ZDistributeDocumentRequestSchema)
+  .output(ZDistributeDocumentResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { teamId } = ctx;
+    const { documentId, meta = {} } = input;
+
+    ctx.logger.info({
+      input: {
+        documentId,
+      },
+    });
+
+    if (Object.values(meta).length > 0) {
+      await upsertDocumentMeta({
+        userId: ctx.user.id,
+        teamId,
+        documentId,
+        subject: meta.subject,
+        message: meta.message,
+        dateFormat: meta.dateFormat,
+        timezone: meta.timezone,
+        redirectUrl: meta.redirectUrl,
+        distributionMethod: meta.distributionMethod,
+        emailSettings: meta.emailSettings,
+        language: meta.language,
+        emailId: meta.emailId,
+        emailReplyTo: meta.emailReplyTo,
+        requestMetadata: ctx.metadata,
+      });
+    }
+
+    return await sendDocument({
+      userId: ctx.user.id,
+      documentId,
+      teamId,
+      requestMetadata: ctx.metadata,
+    });
+  });

packages/trpc/server/document-router/distribute-document.types.ts

@@ -0,0 +1,48 @@
+import { z } from 'zod';
+
+import { ZDocumentLiteSchema } from '@documenso/lib/types/document';
+import { ZDocumentEmailSettingsSchema } from '@documenso/lib/types/document-email';
+
+import type { TrpcRouteMeta } from '../trpc';
+import {
+  ZDocumentMetaDateFormatSchema,
+  ZDocumentMetaDistributionMethodSchema,
+  ZDocumentMetaLanguageSchema,
+  ZDocumentMetaMessageSchema,
+  ZDocumentMetaRedirectUrlSchema,
+  ZDocumentMetaSubjectSchema,
+  ZDocumentMetaTimezoneSchema,
+} from './schema';
+
+export const distributeDocumentMeta: TrpcRouteMeta = {
+  openapi: {
+    method: 'POST',
+    path: '/document/distribute',
+    summary: 'Distribute document',
+    description: 'Send the document out to recipients based on your distribution method',
+    tags: ['Document'],
+  },
+};
+
+export const ZDistributeDocumentRequestSchema = z.object({
+  documentId: z.number().describe('The ID of the document to send.'),
+  meta: z
+    .object({
+      subject: ZDocumentMetaSubjectSchema.optional(),
+      message: ZDocumentMetaMessageSchema.optional(),
+      timezone: ZDocumentMetaTimezoneSchema.optional(),
+      dateFormat: ZDocumentMetaDateFormatSchema.optional(),
+      distributionMethod: ZDocumentMetaDistributionMethodSchema.optional(),
+      redirectUrl: ZDocumentMetaRedirectUrlSchema.optional(),
+      language: ZDocumentMetaLanguageSchema.optional(),
+      emailId: z.string().nullish(),
+      emailReplyTo: z.string().email().nullish(),
+      emailSettings: ZDocumentEmailSettingsSchema.optional(),
+    })
+    .optional(),
+});
+
+export const ZDistributeDocumentResponseSchema = ZDocumentLiteSchema;
+
+export type TDistributeDocumentRequest = z.infer<typeof ZDistributeDocumentRequestSchema>;
+export type TDistributeDocumentResponse = z.infer<typeof ZDistributeDocumentResponseSchema>;

packages/trpc/server/document-router/download-document-audit-logs.ts

@@ -0,0 +1,47 @@
+import { DateTime } from 'luxon';
+
+import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
+import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
+import { encryptSecondaryData } from '@documenso/lib/server-only/crypto/encrypt';
+import { getDocumentById } from '@documenso/lib/server-only/document/get-document-by-id';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZDownloadDocumentAuditLogsRequestSchema,
+  ZDownloadDocumentAuditLogsResponseSchema,
+} from './download-document-audit-logs.types';
+
+export const downloadDocumentAuditLogsRoute = authenticatedProcedure
+  .input(ZDownloadDocumentAuditLogsRequestSchema)
+  .output(ZDownloadDocumentAuditLogsResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { teamId } = ctx;
+    const { documentId } = input;
+
+    ctx.logger.info({
+      input: {
+        documentId,
+      },
+    });
+
+    const document = await getDocumentById({
+      documentId,
+      userId: ctx.user.id,
+      teamId,
+    }).catch(() => null);
+
+    if (!document || (teamId && document.teamId !== teamId)) {
+      throw new AppError(AppErrorCode.UNAUTHORIZED, {
+        message: 'You do not have access to this document.',
+      });
+    }
+
+    const encrypted = encryptSecondaryData({
+      data: document.id.toString(),
+      expiresAt: DateTime.now().plus({ minutes: 5 }).toJSDate().valueOf(),
+    });
+
+    return {
+      url: `${NEXT_PUBLIC_WEBAPP_URL()}/__htmltopdf/audit-log?d=${encrypted}`,
+    };
+  });

packages/trpc/server/document-router/download-document-audit-logs.types.ts

@@ -0,0 +1,16 @@
+import { z } from 'zod';
+
+export const ZDownloadDocumentAuditLogsRequestSchema = z.object({
+  documentId: z.number(),
+});
+
+export const ZDownloadDocumentAuditLogsResponseSchema = z.object({
+  url: z.string(),
+});
+
+export type TDownloadDocumentAuditLogsRequest = z.infer<
+  typeof ZDownloadDocumentAuditLogsRequestSchema
+>;
+export type TDownloadDocumentAuditLogsResponse = z.infer<
+  typeof ZDownloadDocumentAuditLogsResponseSchema
+>;

packages/trpc/server/document-router/download-document-certificate.ts

@@ -0,0 +1,46 @@
+import { DateTime } from 'luxon';
+
+import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
+import { AppError } from '@documenso/lib/errors/app-error';
+import { encryptSecondaryData } from '@documenso/lib/server-only/crypto/encrypt';
+import { getDocumentById } from '@documenso/lib/server-only/document/get-document-by-id';
+import { isDocumentCompleted } from '@documenso/lib/utils/document';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZDownloadDocumentCertificateRequestSchema,
+  ZDownloadDocumentCertificateResponseSchema,
+} from './download-document-certificate.types';
+
+export const downloadDocumentCertificateRoute = authenticatedProcedure
+  .input(ZDownloadDocumentCertificateRequestSchema)
+  .output(ZDownloadDocumentCertificateResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { teamId } = ctx;
+    const { documentId } = input;
+
+    ctx.logger.info({
+      input: {
+        documentId,
+      },
+    });
+
+    const document = await getDocumentById({
+      documentId,
+      userId: ctx.user.id,
+      teamId,
+    });
+
+    if (!isDocumentCompleted(document.status)) {
+      throw new AppError('DOCUMENT_NOT_COMPLETE');
+    }
+
+    const encrypted = encryptSecondaryData({
+      data: document.id.toString(),
+      expiresAt: DateTime.now().plus({ minutes: 5 }).toJSDate().valueOf(),
+    });
+
+    return {
+      url: `${NEXT_PUBLIC_WEBAPP_URL()}/__htmltopdf/certificate?d=${encrypted}`,
+    };
+  });

packages/trpc/server/document-router/download-document-certificate.types.ts

@@ -0,0 +1,16 @@
+import { z } from 'zod';
+
+export const ZDownloadDocumentCertificateRequestSchema = z.object({
+  documentId: z.number(),
+});
+
+export const ZDownloadDocumentCertificateResponseSchema = z.object({
+  url: z.string(),
+});
+
+export type TDownloadDocumentCertificateRequest = z.infer<
+  typeof ZDownloadDocumentCertificateRequestSchema
+>;
+export type TDownloadDocumentCertificateResponse = z.infer<
+  typeof ZDownloadDocumentCertificateResponseSchema
+>;

packages/trpc/server/document-router/download-document.ts

@@ -6,18 +6,14 @@ import { getPresignGetUrl } from '@documenso/lib/universal/upload/server-actions
 import { isDocumentCompleted } from '@documenso/lib/utils/document';
 
 import { authenticatedProcedure } from '../trpc';
-import { ZDownloadDocumentRequestSchema, ZDownloadDocumentResponseSchema } from './schema';
+import {
+  ZDownloadDocumentRequestSchema,
+  ZDownloadDocumentResponseSchema,
+  downloadDocumentMeta,
+} from './download-document.types';
 
 export const downloadDocumentRoute = authenticatedProcedure
-  .meta({
-    openapi: {
-      method: 'GET',
-      path: '/document/{documentId}/download-beta',
-      summary: 'Download document (beta)',
-      description: 'Get a pre-signed download URL for the original or signed version of a document',
-      tags: ['Document'],
-    },
-  })
+  .meta(downloadDocumentMeta)
   .input(ZDownloadDocumentRequestSchema)
   .output(ZDownloadDocumentResponseSchema)
   .query(async ({ input, ctx }) => {

packages/trpc/server/document-router/download-document.types.ts

@@ -0,0 +1,32 @@
+import { z } from 'zod';
+
+import type { TrpcRouteMeta } from '../trpc';
+
+export const downloadDocumentMeta: TrpcRouteMeta = {
+  openapi: {
+    method: 'GET',
+    path: '/document/{documentId}/download-beta',
+    summary: 'Download document (beta)',
+    description: 'Get a pre-signed download URL for the original or signed version of a document',
+    tags: ['Document'],
+  },
+};
+
+export const ZDownloadDocumentRequestSchema = z.object({
+  documentId: z.number().describe('The ID of the document to download.'),
+  version: z
+    .enum(['original', 'signed'])
+    .describe(
+      'The version of the document to download. "signed" returns the completed document with signatures, "original" returns the original uploaded document.',
+    )
+    .default('signed'),
+});
+
+export const ZDownloadDocumentResponseSchema = z.object({
+  downloadUrl: z.string().describe('Pre-signed URL for downloading the PDF file'),
+  filename: z.string().describe('The filename of the PDF file'),
+  contentType: z.string().describe('MIME type of the file'),
+});
+
+export type TDownloadDocumentRequest = z.infer<typeof ZDownloadDocumentRequestSchema>;
+export type TDownloadDocumentResponse = z.infer<typeof ZDownloadDocumentResponseSchema>;

packages/trpc/server/document-router/duplicate-document.ts

@@ -0,0 +1,29 @@
+import { duplicateDocument } from '@documenso/lib/server-only/document/duplicate-document-by-id';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZDuplicateDocumentRequestSchema,
+  ZDuplicateDocumentResponseSchema,
+  duplicateDocumentMeta,
+} from './duplicate-document.types';
+
+export const duplicateDocumentRoute = authenticatedProcedure
+  .meta(duplicateDocumentMeta)
+  .input(ZDuplicateDocumentRequestSchema)
+  .output(ZDuplicateDocumentResponseSchema)
+  .mutation(async ({ input, ctx }) => {
+    const { teamId, user } = ctx;
+    const { documentId } = input;
+
+    ctx.logger.info({
+      input: {
+        documentId,
+      },
+    });
+
+    return await duplicateDocument({
+      userId: user.id,
+      teamId,
+      documentId,
+    });
+  });

packages/trpc/server/document-router/duplicate-document.types.ts

@@ -0,0 +1,23 @@
+import { z } from 'zod';
+
+import type { TrpcRouteMeta } from '../trpc';
+
+export const duplicateDocumentMeta: TrpcRouteMeta = {
+  openapi: {
+    method: 'POST',
+    path: '/document/duplicate',
+    summary: 'Duplicate document',
+    tags: ['Document'],
+  },
+};
+
+export const ZDuplicateDocumentRequestSchema = z.object({
+  documentId: z.number(),
+});
+
+export const ZDuplicateDocumentResponseSchema = z.object({
+  documentId: z.number(),
+});
+
+export type TDuplicateDocumentRequest = z.infer<typeof ZDuplicateDocumentRequestSchema>;
+export type TDuplicateDocumentResponse = z.infer<typeof ZDuplicateDocumentResponseSchema>;

packages/trpc/server/document-router/find-document-audit-logs.ts

@@ -0,0 +1,41 @@
+import { findDocumentAuditLogs } from '@documenso/lib/server-only/document/find-document-audit-logs';
+
+import { authenticatedProcedure } from '../trpc';
+import {
+  ZFindDocumentAuditLogsRequestSchema,
+  ZFindDocumentAuditLogsResponseSchema,
+} from './find-document-audit-logs.types';
+
+export const findDocumentAuditLogsRoute = authenticatedProcedure
+  .input(ZFindDocumentAuditLogsRequestSchema)
+  .output(ZFindDocumentAuditLogsResponseSchema)
+  .query(async ({ input, ctx }) => {
+    const { teamId } = ctx;
+
+    const {
+      page,
+      perPage,
+      documentId,
+      cursor,
+      filterForRecentActivity,
+      orderByColumn,
+      orderByDirection,
+    } = input;
+
+    ctx.logger.info({
+      input: {
+        documentId,
+      },
+    });
+
+    return await findDocumentAuditLogs({
+      userId: ctx.user.id,
+      teamId,
+      page,
+      perPage,
+      documentId,
+      cursor,
+      filterForRecentActivity,
+      orderBy: orderByColumn ? { column: orderByColumn, direction: orderByDirection } : undefined,
+    });
+  });

packages/trpc/server/document-router/find-document-audit-logs.types.ts

@@ -0,0 +1,20 @@
+import { z } from 'zod';
+
+import { ZDocumentAuditLogSchema } from '@documenso/lib/types/document-audit-logs';
+import { ZFindResultResponse, ZFindSearchParamsSchema } from '@documenso/lib/types/search-params';
+
+export const ZFindDocumentAuditLogsRequestSchema = ZFindSearchParamsSchema.extend({
+  documentId: z.number().min(1),
+  cursor: z.string().optional(),
+  filterForRecentActivity: z.boolean().optional(),
+  orderByColumn: z.enum(['createdAt', 'type']).optional(),
+  orderByDirection: z.enum(['asc', 'desc']).default('desc'),
+});
+
+export const ZFindDocumentAuditLogsResponseSchema = ZFindResultResponse.extend({
+  data: ZDocumentAuditLogSchema.array(),
+  nextCursor: z.string().optional(),
+});
+
+export type TFindDocumentAuditLogsRequest = z.infer<typeof ZFindDocumentAuditLogsRequestSchema>;
+export type TFindDocumentAuditLogsResponse = z.infer<typeof ZFindDocumentAuditLogsResponseSchema>;