@brightchain/brightchain-api-lib 0.18.2 → 0.21.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +8 -3
- package/src/index.d.ts +0 -1
- package/src/index.d.ts.map +1 -1
- package/src/index.js +0 -1
- package/src/index.js.map +1 -1
- package/src/lib/application.d.ts +12 -3
- package/src/lib/application.d.ts.map +1 -1
- package/src/lib/application.js +153 -7
- package/src/lib/application.js.map +1 -1
- package/src/lib/availability/gossipService.d.ts +59 -1
- package/src/lib/availability/gossipService.d.ts.map +1 -1
- package/src/lib/availability/gossipService.js +125 -1
- package/src/lib/availability/gossipService.js.map +1 -1
- package/src/lib/availability/index.d.ts +1 -0
- package/src/lib/availability/index.d.ts.map +1 -1
- package/src/lib/availability/index.js +1 -0
- package/src/lib/availability/index.js.map +1 -1
- package/src/lib/availability/quorumGossipHandler.d.ts +126 -0
- package/src/lib/availability/quorumGossipHandler.d.ts.map +1 -0
- package/src/lib/availability/quorumGossipHandler.js +246 -0
- package/src/lib/availability/quorumGossipHandler.js.map +1 -0
- package/src/lib/constants.d.ts.map +1 -1
- package/src/lib/constants.js +4 -0
- package/src/lib/constants.js.map +1 -1
- package/src/lib/controllers/api/quorum.d.ts +110 -2
- package/src/lib/controllers/api/quorum.d.ts.map +1 -1
- package/src/lib/controllers/api/quorum.js +389 -0
- package/src/lib/controllers/api/quorum.js.map +1 -1
- package/src/lib/controllers/api/user.d.ts +12 -15
- package/src/lib/controllers/api/user.d.ts.map +1 -1
- package/src/lib/controllers/api/user.js +312 -94
- package/src/lib/controllers/api/user.js.map +1 -1
- package/src/lib/databaseInit.d.ts +3 -2
- package/src/lib/databaseInit.d.ts.map +1 -1
- package/src/lib/databaseInit.js +24 -12
- package/src/lib/databaseInit.js.map +1 -1
- package/src/lib/datastore/index.d.ts +0 -1
- package/src/lib/datastore/index.d.ts.map +1 -1
- package/src/lib/datastore/index.js +0 -1
- package/src/lib/datastore/index.js.map +1 -1
- package/src/lib/environment.d.ts +6 -0
- package/src/lib/environment.d.ts.map +1 -1
- package/src/lib/environment.js +14 -0
- package/src/lib/environment.js.map +1 -1
- package/src/lib/hydration/energyAccountHydration.d.ts +17 -0
- package/src/lib/hydration/energyAccountHydration.d.ts.map +1 -0
- package/src/lib/hydration/energyAccountHydration.js +24 -0
- package/src/lib/hydration/energyAccountHydration.js.map +1 -0
- package/src/lib/hydration/index.d.ts +13 -0
- package/src/lib/hydration/index.d.ts.map +1 -0
- package/src/lib/hydration/index.js +21 -0
- package/src/lib/hydration/index.js.map +1 -0
- package/src/lib/hydration/rbacHydration.d.ts +28 -0
- package/src/lib/hydration/rbacHydration.d.ts.map +1 -0
- package/src/lib/hydration/rbacHydration.js +56 -0
- package/src/lib/hydration/rbacHydration.js.map +1 -0
- package/src/lib/interfaces/environment.d.ts +7 -1
- package/src/lib/interfaces/environment.d.ts.map +1 -1
- package/src/lib/interfaces/responses/api-backup-codes-response.d.ts +1 -1
- package/src/lib/interfaces/responses/api-code-count-response.d.ts +1 -1
- package/src/lib/interfaces/responses/api-password-change-response.d.ts +9 -0
- package/src/lib/interfaces/responses/api-password-change-response.d.ts.map +1 -0
- package/src/lib/interfaces/responses/api-password-change-response.js +3 -0
- package/src/lib/interfaces/responses/api-password-change-response.js.map +1 -0
- package/src/lib/interfaces/responses/api-recovery-response.d.ts +9 -0
- package/src/lib/interfaces/responses/api-recovery-response.d.ts.map +1 -0
- package/src/lib/interfaces/responses/api-recovery-response.js +3 -0
- package/src/lib/interfaces/responses/api-recovery-response.js.map +1 -0
- package/src/lib/interfaces/responses/index.d.ts +2 -0
- package/src/lib/interfaces/responses/index.d.ts.map +1 -1
- package/src/lib/interfaces/storage/client-session.d.ts +1 -1
- package/src/lib/interfaces/storage/client-session.d.ts.map +1 -1
- package/src/lib/interfaces/storage/collection.d.ts +1 -1
- package/src/lib/interfaces/storage/collection.d.ts.map +1 -1
- package/src/lib/interfaces/storage/database-lifecycle-hooks.d.ts +1 -1
- package/src/lib/interfaces/storage/database-lifecycle-hooks.d.ts.map +1 -1
- package/src/lib/interfaces/storage/database.d.ts +1 -1
- package/src/lib/interfaces/storage/database.d.ts.map +1 -1
- package/src/lib/interfaces/storage/document-types.d.ts +1 -1
- package/src/lib/interfaces/storage/document-types.d.ts.map +1 -1
- package/src/lib/interfaces/storage/index.d.ts +1 -0
- package/src/lib/interfaces/storage/index.d.ts.map +1 -1
- package/src/lib/interfaces/storage/index.js.map +1 -1
- package/src/lib/interfaces/storage/storedDocumentTypes.d.ts +73 -0
- package/src/lib/interfaces/storage/storedDocumentTypes.d.ts.map +1 -0
- package/src/lib/interfaces/storage/storedDocumentTypes.js +15 -0
- package/src/lib/interfaces/storage/storedDocumentTypes.js.map +1 -0
- package/src/lib/plugins/brightchain-database-plugin.d.ts +31 -21
- package/src/lib/plugins/brightchain-database-plugin.d.ts.map +1 -1
- package/src/lib/plugins/brightchain-database-plugin.js +103 -53
- package/src/lib/plugins/brightchain-database-plugin.js.map +1 -1
- package/src/lib/plugins/configure-brightchain-app.d.ts.map +1 -1
- package/src/lib/plugins/configure-brightchain-app.js +5 -0
- package/src/lib/plugins/configure-brightchain-app.js.map +1 -1
- package/src/lib/services/auth.d.ts +6 -2
- package/src/lib/services/auth.d.ts.map +1 -1
- package/src/lib/services/auth.js +43 -7
- package/src/lib/services/auth.js.map +1 -1
- package/src/lib/services/backupCodeService.d.ts +35 -0
- package/src/lib/services/backupCodeService.d.ts.map +1 -0
- package/src/lib/services/backupCodeService.js +109 -0
- package/src/lib/services/backupCodeService.js.map +1 -0
- package/src/lib/services/brightchain-authentication-provider.d.ts.map +1 -1
- package/src/lib/services/brightchain-authentication-provider.js +28 -9
- package/src/lib/services/brightchain-authentication-provider.js.map +1 -1
- package/src/lib/services/brightchain-member-init.service.d.ts +39 -20
- package/src/lib/services/brightchain-member-init.service.d.ts.map +1 -1
- package/src/lib/services/brightchain-member-init.service.js +139 -53
- package/src/lib/services/brightchain-member-init.service.js.map +1 -1
- package/src/lib/services/cliOperatorPrompt.d.ts +81 -0
- package/src/lib/services/cliOperatorPrompt.d.ts.map +1 -0
- package/src/lib/services/cliOperatorPrompt.js +177 -0
- package/src/lib/services/cliOperatorPrompt.js.map +1 -0
- package/src/lib/services/contentAwareBlocksService.d.ts +92 -0
- package/src/lib/services/contentAwareBlocksService.d.ts.map +1 -0
- package/src/lib/services/contentAwareBlocksService.js +102 -0
- package/src/lib/services/contentAwareBlocksService.js.map +1 -0
- package/src/lib/services/contentIngestionService.d.ts +68 -0
- package/src/lib/services/contentIngestionService.d.ts.map +1 -0
- package/src/lib/services/contentIngestionService.js +139 -0
- package/src/lib/services/contentIngestionService.js.map +1 -0
- package/src/lib/services/identityExpirationScheduler.d.ts +77 -0
- package/src/lib/services/identityExpirationScheduler.d.ts.map +1 -0
- package/src/lib/services/identityExpirationScheduler.js +157 -0
- package/src/lib/services/identityExpirationScheduler.js.map +1 -0
- package/src/lib/services/index.d.ts +7 -0
- package/src/lib/services/index.d.ts.map +1 -1
- package/src/lib/services/index.js +7 -0
- package/src/lib/services/index.js.map +1 -1
- package/src/lib/services/quorumDatabaseAdapter.d.ts +60 -0
- package/src/lib/services/quorumDatabaseAdapter.d.ts.map +1 -0
- package/src/lib/services/quorumDatabaseAdapter.js +652 -0
- package/src/lib/services/quorumDatabaseAdapter.js.map +1 -0
- package/src/lib/services/secureKeyStorage.js +3 -3
- package/src/lib/services/secureKeyStorage.js.map +1 -1
- package/src/lib/services/sessionAdapter.d.ts +62 -0
- package/src/lib/services/sessionAdapter.d.ts.map +1 -0
- package/src/lib/services/sessionAdapter.js +105 -0
- package/src/lib/services/sessionAdapter.js.map +1 -0
- package/src/lib/utils/rehydration.d.ts +31 -0
- package/src/lib/utils/rehydration.d.ts.map +1 -0
- package/src/lib/utils/rehydration.js +111 -0
- package/src/lib/utils/rehydration.js.map +1 -0
- package/src/lib/utils/serialization.d.ts +21 -0
- package/src/lib/utils/serialization.d.ts.map +1 -0
- package/src/lib/utils/serialization.js +41 -0
- package/src/lib/utils/serialization.js.map +1 -0
- package/src/lib/validation/userValidation.d.ts +17 -0
- package/src/lib/validation/userValidation.d.ts.map +1 -1
- package/src/lib/validation/userValidation.js +77 -0
- package/src/lib/validation/userValidation.js.map +1 -1
- package/src/lib/adapters/brightChainDbDocumentStoreAdapter.d.ts +0 -24
- package/src/lib/adapters/brightChainDbDocumentStoreAdapter.d.ts.map +0 -1
- package/src/lib/adapters/brightChainDbDocumentStoreAdapter.js +0 -53
- package/src/lib/adapters/brightChainDbDocumentStoreAdapter.js.map +0 -1
- package/src/lib/datastore/document-model-adapter.d.ts +0 -48
- package/src/lib/datastore/document-model-adapter.d.ts.map +0 -1
- package/src/lib/datastore/document-model-adapter.js +0 -178
- package/src/lib/datastore/document-model-adapter.js.map +0 -1
- /package/{brightchain-api-lib/README.md → README.md} +0 -0
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,kBAAkB,EAClB,WAAW,EAEZ,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAG7D,OAAO,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAIvC,qBAAa,WAAW,CACtB,GAAG,SAAS,UAAU,GAAG,oBAAoB,CAC7C,SAAQ,WAAW,CAAC,GAAG,CAAC;IACxB,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,WAAW,CAAqB;IACxC,OAAO,CAAC,YAAY,CAAoB;IACxC,OAAO,CAAC,SAAS,CAAS;
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,kBAAkB,EAClB,iBAAiB,EACjB,WAAW,EAEZ,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAG7D,OAAO,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACrC,OAAO,EAAE,iCAAiC,EAAE,MAAM,uCAAuC,CAAC;AAC1F,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAIvC,qBAAa,WAAW,CACtB,GAAG,SAAS,UAAU,GAAG,oBAAoB,CAC7C,SAAQ,WAAW,CAAC,GAAG,CAAC;IACxB,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,WAAW,CAAqB;IACxC,OAAO,CAAC,YAAY,CAAoB;IACxC,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,YAAY,CAAC,CAAyC;gBAG5D,WAAW,EAAE,uBAAuB,CAAC,GAAG,CAAC,EACzC,WAAW,EAAE,WAAW,EACxB,WAAW,EAAE,kBAAkB,EAC/B,YAAY,EAAE,YAAY,CAAC,GAAG,CAAC,EAC/B,SAAS,EAAE,MAAM,EACjB,YAAY,CAAC,EAAE,iCAAiC,CAAC,GAAG,CAAC;IAUjD,QAAQ,CACZ,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,YAAY,EACtB,SAAS,CAAC,EAAE,YAAY,GACvB,OAAO,CAAC,UAAU,CAAC;IA2ChB,KAAK,CAAC,WAAW,EAAE,gBAAgB,GAAG,OAAO,CAAC,UAAU,CAAC;IA6C/D,SAAS,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,GAAG,MAAM;IAYjE,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IASlD,iBAAiB,CAAC,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IASpE,eAAe,CAAC,QAAQ,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;IAStD,cAAc,CAClB,QAAQ,EAAE,UAAU,EACpB,eAAe,EAAE,MAAM,EACvB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,IAAI,CAAC;IAUV,mBAAmB,CACvB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,YAAY,EACtB,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;YA+BvB,gBAAgB;CA2B/B"}
|
package/src/lib/services/auth.js
CHANGED
|
@@ -9,12 +9,13 @@ const jwt = tslib_1.__importStar(require("jsonwebtoken"));
|
|
|
9
9
|
const base_1 = require("./base");
|
|
10
10
|
const BCRYPT_ROUNDS = 12;
|
|
11
11
|
class AuthService extends base_1.BaseService {
|
|
12
|
-
constructor(application, memberStore, energyStore, emailService, jwtSecret) {
|
|
12
|
+
constructor(application, memberStore, energyStore, emailService, jwtSecret, authProvider) {
|
|
13
13
|
super(application);
|
|
14
14
|
this.memberStore = memberStore;
|
|
15
15
|
this.energyStore = energyStore;
|
|
16
16
|
this.emailService = emailService;
|
|
17
17
|
this.jwtSecret = jwtSecret;
|
|
18
|
+
this.authProvider = authProvider;
|
|
18
19
|
}
|
|
19
20
|
async register(username, email, password, _mnemonic) {
|
|
20
21
|
// Check for duplicate email
|
|
@@ -33,9 +34,11 @@ class AuthService extends base_1.BaseService {
|
|
|
33
34
|
name: username,
|
|
34
35
|
contactEmail: new brightchain_lib_1.EmailString(email),
|
|
35
36
|
});
|
|
36
|
-
|
|
37
|
-
const
|
|
38
|
-
const
|
|
37
|
+
// Use idProvider for proper serialization round-trip
|
|
38
|
+
const sp = brightchain_lib_1.ServiceProvider.getInstance();
|
|
39
|
+
const memberId = sp.idProvider.idToString(reference.id);
|
|
40
|
+
const idRawBytes = sp.idProvider.toBytes(reference.id);
|
|
41
|
+
const memberChecksum = sp.checksumService.calculateChecksum(idRawBytes);
|
|
39
42
|
// Store password hash in member's private profile
|
|
40
43
|
await this.storePasswordHash(reference.id, passwordHash);
|
|
41
44
|
const energyAccount = brightchain_lib_1.EnergyAccount.createWithTrialCredits(memberChecksum);
|
|
@@ -68,9 +71,11 @@ class AuthService extends base_1.BaseService {
|
|
|
68
71
|
if (!isValid) {
|
|
69
72
|
throw new Error('Invalid credentials');
|
|
70
73
|
}
|
|
71
|
-
|
|
72
|
-
const
|
|
73
|
-
const
|
|
74
|
+
// Use idProvider for proper serialization round-trip
|
|
75
|
+
const sp = brightchain_lib_1.ServiceProvider.getInstance();
|
|
76
|
+
const memberId = sp.idProvider.idToString(reference.id);
|
|
77
|
+
const idRawBytes = sp.idProvider.toBytes(reference.id);
|
|
78
|
+
const memberChecksum = sp.checksumService.calculateChecksum(idRawBytes);
|
|
74
79
|
const energyAccount = await this.energyStore.getOrCreate(memberChecksum);
|
|
75
80
|
const token = this.signToken(memberId, credentials.username, reference.type);
|
|
76
81
|
return {
|
|
@@ -114,6 +119,37 @@ class AuthService extends base_1.BaseService {
|
|
|
114
119
|
}
|
|
115
120
|
return passwordHash;
|
|
116
121
|
}
|
|
122
|
+
async changePassword(memberId, currentPassword, newPassword) {
|
|
123
|
+
const storedHash = await this.getPasswordHash(memberId);
|
|
124
|
+
const isValid = await bcrypt.compare(currentPassword, storedHash);
|
|
125
|
+
if (!isValid) {
|
|
126
|
+
throw new Error('Invalid credentials');
|
|
127
|
+
}
|
|
128
|
+
const newHash = await bcrypt.hash(newPassword, BCRYPT_ROUNDS);
|
|
129
|
+
await this.storePasswordHash(memberId, newHash);
|
|
130
|
+
}
|
|
131
|
+
async recoverWithMnemonic(email, mnemonic, newPassword) {
|
|
132
|
+
if (!this.authProvider) {
|
|
133
|
+
throw new Error('Authentication provider not configured');
|
|
134
|
+
}
|
|
135
|
+
// Authenticate via mnemonic — throws "Invalid credentials" on
|
|
136
|
+
// unknown email or invalid mnemonic (no email enumeration).
|
|
137
|
+
const result = await this.authProvider.authenticateWithMnemonic(email, mnemonic);
|
|
138
|
+
const memberId = result.userId;
|
|
139
|
+
const member = result.userMember;
|
|
140
|
+
// Sign a JWT for the recovered session
|
|
141
|
+
const token = this.signToken(memberId, member.name, member.type);
|
|
142
|
+
// If a new password was provided, hash and persist it
|
|
143
|
+
if (newPassword) {
|
|
144
|
+
const newHash = await bcrypt.hash(newPassword, BCRYPT_ROUNDS);
|
|
145
|
+
await this.storePasswordHash(member.id, newHash);
|
|
146
|
+
}
|
|
147
|
+
return {
|
|
148
|
+
token,
|
|
149
|
+
memberId,
|
|
150
|
+
passwordReset: !!newPassword,
|
|
151
|
+
};
|
|
152
|
+
}
|
|
117
153
|
async sendWelcomeEmail(email, username) {
|
|
118
154
|
if (!this.emailService) {
|
|
119
155
|
console.log(`[EmailService disabled] Would send welcome email to ${email}`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/auth.ts"],"names":[],"mappings":";;;;AAAA,
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/auth.ts"],"names":[],"mappings":";;;;AAAA,kEAOsC;AACtC,0DAAsE;AAEtE,uDAAiC;AACjC,0DAAoC;AAMpC,iCAAqC;AAIrC,MAAM,aAAa,GAAG,EAAE,CAAC;AAEzB,MAAa,WAEX,SAAQ,kBAAgB;IAOxB,YACE,WAAyC,EACzC,WAAwB,EACxB,WAA+B,EAC/B,YAA+B,EAC/B,SAAiB,EACjB,YAAqD;QAErD,KAAK,CAAC,WAAW,CAAC,CAAC;QACnB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IACnC,CAAC;IAED,KAAK,CAAC,QAAQ,CACZ,QAAgB,EAChB,KAAa,EACb,QAAsB,EACtB,SAAwB;QAExB,4BAA4B;QAC5B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;QAC9D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAC9C,CAAC;QAED,uCAAuC;QACvC,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC;QACrC,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QACD,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;QAErE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC;YACxD,IAAI,EAAE,sBAAU,CAAC,IAAI;YACrB,IAAI,EAAE,QAAQ;YACd,YAAY,EAAE,IAAI,6BAAW,CAAC,KAAK,CAAC;SACrC,CAAC,CAAC;QAEH,qDAAqD;QACrD,MAAM,EAAE,GAAG,iCAAe,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACxD,MAAM,UAAU,GAAG,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACvD,MAAM,cAAc,GAAG,EAAE,CAAC,eAAe,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;QAExE,kDAAkD;QAClD,MAAM,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;QAEzD,MAAM,aAAa,GAAG,+BAAa,CAAC,sBAAsB,CAAC,cAAc,CAAC,CAAC;QAC3E,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;QAE1D,MAAM,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QAE7C,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;QAEjE,OAAO;YACL,KAAK;YACL,QAAQ;YACR,aAAa,EAAE,aAAa,CAAC,OAAO;SACrC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,WAA6B;QACvC,6BAA6B;QAC7B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC;YAChD,IAAI,EAAE,WAAW,CAAC,QAAQ;YAC1B,KAAK,EAAE,CAAC;SACT,CAAC,CAAC;QAEH,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE7B,2CAA2C;QAC3C,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAC5D,MAAM,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC;QACjD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;QAChE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,qDAAqD;QACrD,MAAM,EAAE,GAAG,iCAAe,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,QAAQ,GAAG,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACxD,MAAM,UAAU,GAAG,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACvD,MAAM,cAAc,GAAG,EAAE,CAAC,eAAe,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;QAExE,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAEzE,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAC1B,QAAQ,EACR,WAAW,CAAC,QAAQ,EACpB,SAAS,CAAC,IAAI,CACf,CAAC;QAEF,OAAO;YACL,KAAK;YACL,QAAQ;YACR,aAAa,EAAE,aAAa,CAAC,OAAO;SACrC,CAAC;IACJ,CAAC;IAED,SAAS,CAAC,QAAgB,EAAE,QAAgB,EAAE,IAAgB;QAC5D,MAAM,OAAO,GAAuC;YAClD,QAAQ;YACR,QAAQ;YACR,IAAI;SACL,CAAC;QAEF,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,EAAE;YACvC,SAAS,EAAE,IAAI;SAChB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAa;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAkB,CAAC;YACnE,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,QAAoB,EAAE,IAAY;QACxD,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,QAAQ,EAAE;YAC5C,EAAE,EAAE,QAAQ;YACZ,cAAc,EAAE;gBACd,YAAY,EAAE,IAAI;aACnB;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,QAAoB;QACxC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAClE,MAAM,YAAY,GAAG,OAAO,CAAC,cAAc,EAAE,YAAY,CAAC;QAC1D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACvD,CAAC;QACD,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,QAAoB,EACpB,eAAuB,EACvB,WAAmB;QAEnB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACxD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAClE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;QAC9D,MAAM,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,mBAAmB,CACvB,KAAa,EACb,QAAsB,EACtB,WAAoB;QAEpB,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QAED,8DAA8D;QAC9D,4DAA4D;QAC5D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,wBAAwB,CAC7D,KAAK,EACL,QAAQ,CACT,CAAC;QAEF,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC;QAC/B,MAAM,MAAM,GAAG,MAAM,CAAC,UAAU,CAAC;QAEjC,uCAAuC;QACvC,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;QAEjE,sDAAsD;QACtD,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;YAC9D,MAAM,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAgB,EAAE,OAAO,CAAC,CAAC;QACjE,CAAC;QAED,OAAO;YACL,KAAK;YACL,QAAQ;YACR,aAAa,EAAE,CAAC,CAAC,WAAW;SAC7B,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAC5B,KAAa,EACb,QAAgB;QAEhB,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CACT,uDAAuD,KAAK,EAAE,CAC/D,CAAC;YACF,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,wBAAwB,CAAC;QACzC,MAAM,IAAI,GAAG,WAAW,QAAQ,+IAA+I,CAAC;QAChL,MAAM,IAAI,GAAG;;cAEH,QAAQ;;;;KAIjB,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QAChE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,+BAA+B,EAAE,KAAK,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;CACF;AAzOD,kCAyOC"}
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
import { MemberStore } from '@brightchain/brightchain-lib';
|
|
2
|
+
/**
|
|
3
|
+
* Service for generating, validating, and managing one-time-use backup codes.
|
|
4
|
+
*
|
|
5
|
+
* Backup codes are bcrypt-hashed for storage — plaintext codes are returned
|
|
6
|
+
* once at generation time and never persisted.
|
|
7
|
+
*/
|
|
8
|
+
export declare class BackupCodeService {
|
|
9
|
+
private readonly memberStore;
|
|
10
|
+
private readonly bcryptRounds;
|
|
11
|
+
constructor(memberStore: MemberStore, bcryptRounds?: number);
|
|
12
|
+
/**
|
|
13
|
+
* Generate 10 backup codes, bcrypt-hash each, store hashes in the member's
|
|
14
|
+
* private profile, and return the plaintext codes (one-time display).
|
|
15
|
+
*/
|
|
16
|
+
generateCodes(memberId: Uint8Array): Promise<string[]>;
|
|
17
|
+
/**
|
|
18
|
+
* Return the count of unused backup codes for the given member.
|
|
19
|
+
*/
|
|
20
|
+
getCodeCount(memberId: Uint8Array): Promise<number>;
|
|
21
|
+
/**
|
|
22
|
+
* Validate a submitted backup code against stored hashes.
|
|
23
|
+
* If a match is found, mark it as used and persist the update.
|
|
24
|
+
*/
|
|
25
|
+
validateCode(memberId: Uint8Array, code: string): Promise<boolean>;
|
|
26
|
+
/**
|
|
27
|
+
* Invalidate all existing codes and generate a fresh set.
|
|
28
|
+
*/
|
|
29
|
+
regenerateCodes(memberId: Uint8Array): Promise<string[]>;
|
|
30
|
+
/**
|
|
31
|
+
* Retrieve stored backup codes from the member's private profile.
|
|
32
|
+
*/
|
|
33
|
+
private getStoredCodes;
|
|
34
|
+
}
|
|
35
|
+
//# sourceMappingURL=backupCodeService.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"backupCodeService.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/backupCodeService.ts"],"names":[],"mappings":"AAAA,OAAO,EAAqB,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAgB9E;;;;;GAKG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;IAC1C,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;gBAE1B,WAAW,EAAE,WAAW,EAAE,YAAY,CAAC,EAAE,MAAM;IAK3D;;;OAGG;IACG,aAAa,CAAC,QAAQ,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAwB5D;;OAEG;IACG,YAAY,CAAC,QAAQ,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;IAKzD;;;OAGG;IACG,YAAY,CAAC,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA8BxE;;OAEG;IACG,eAAe,CAAC,QAAQ,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAY9D;;OAEG;YACW,cAAc;CAS7B"}
|
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.BackupCodeService = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const bcrypt = tslib_1.__importStar(require("bcrypt"));
|
|
6
|
+
const crypto = tslib_1.__importStar(require("crypto"));
|
|
7
|
+
const DEFAULT_BCRYPT_ROUNDS = 12;
|
|
8
|
+
const BACKUP_CODE_COUNT = 10;
|
|
9
|
+
const BACKUP_CODE_BYTES = 8;
|
|
10
|
+
/**
|
|
11
|
+
* Formats a 8-byte buffer as XXXX-XXXX-XXXX-XXXX hex groups.
|
|
12
|
+
*/
|
|
13
|
+
function formatBackupCode(buf) {
|
|
14
|
+
const hex = buf.toString('hex'); // 16 hex chars from 8 bytes
|
|
15
|
+
return `${hex.slice(0, 4)}-${hex.slice(4, 8)}-${hex.slice(8, 12)}-${hex.slice(12, 16)}`;
|
|
16
|
+
}
|
|
17
|
+
/**
|
|
18
|
+
* Service for generating, validating, and managing one-time-use backup codes.
|
|
19
|
+
*
|
|
20
|
+
* Backup codes are bcrypt-hashed for storage — plaintext codes are returned
|
|
21
|
+
* once at generation time and never persisted.
|
|
22
|
+
*/
|
|
23
|
+
class BackupCodeService {
|
|
24
|
+
constructor(memberStore, bcryptRounds) {
|
|
25
|
+
this.memberStore = memberStore;
|
|
26
|
+
this.bcryptRounds = bcryptRounds ?? DEFAULT_BCRYPT_ROUNDS;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Generate 10 backup codes, bcrypt-hash each, store hashes in the member's
|
|
30
|
+
* private profile, and return the plaintext codes (one-time display).
|
|
31
|
+
*/
|
|
32
|
+
async generateCodes(memberId) {
|
|
33
|
+
const plaintextCodes = [];
|
|
34
|
+
const storedCodes = [];
|
|
35
|
+
const now = Date.now();
|
|
36
|
+
for (let i = 0; i < BACKUP_CODE_COUNT; i++) {
|
|
37
|
+
const buf = crypto.randomBytes(BACKUP_CODE_BYTES);
|
|
38
|
+
const code = formatBackupCode(buf);
|
|
39
|
+
plaintextCodes.push(code);
|
|
40
|
+
const hash = await bcrypt.hash(code, this.bcryptRounds);
|
|
41
|
+
storedCodes.push({ hash, used: false, createdAt: now });
|
|
42
|
+
}
|
|
43
|
+
await this.memberStore.updateMember(memberId, {
|
|
44
|
+
id: memberId,
|
|
45
|
+
privateChanges: {
|
|
46
|
+
backupCodes: storedCodes,
|
|
47
|
+
},
|
|
48
|
+
});
|
|
49
|
+
return plaintextCodes;
|
|
50
|
+
}
|
|
51
|
+
/**
|
|
52
|
+
* Return the count of unused backup codes for the given member.
|
|
53
|
+
*/
|
|
54
|
+
async getCodeCount(memberId) {
|
|
55
|
+
const codes = await this.getStoredCodes(memberId);
|
|
56
|
+
return codes.filter((c) => !c.used).length;
|
|
57
|
+
}
|
|
58
|
+
/**
|
|
59
|
+
* Validate a submitted backup code against stored hashes.
|
|
60
|
+
* If a match is found, mark it as used and persist the update.
|
|
61
|
+
*/
|
|
62
|
+
async validateCode(memberId, code) {
|
|
63
|
+
const codes = await this.getStoredCodes(memberId);
|
|
64
|
+
for (let i = 0; i < codes.length; i++) {
|
|
65
|
+
const entry = codes[i];
|
|
66
|
+
if (entry.used) {
|
|
67
|
+
continue;
|
|
68
|
+
}
|
|
69
|
+
const isMatch = await bcrypt.compare(code, entry.hash);
|
|
70
|
+
if (isMatch) {
|
|
71
|
+
// Mark as used and persist
|
|
72
|
+
const updatedCodes = codes.map((c, idx) => idx === i ? { ...c, used: true } : c);
|
|
73
|
+
await this.memberStore.updateMember(memberId, {
|
|
74
|
+
id: memberId,
|
|
75
|
+
privateChanges: {
|
|
76
|
+
backupCodes: updatedCodes,
|
|
77
|
+
},
|
|
78
|
+
});
|
|
79
|
+
return true;
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
return false;
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* Invalidate all existing codes and generate a fresh set.
|
|
86
|
+
*/
|
|
87
|
+
async regenerateCodes(memberId) {
|
|
88
|
+
// Clear existing codes first
|
|
89
|
+
await this.memberStore.updateMember(memberId, {
|
|
90
|
+
id: memberId,
|
|
91
|
+
privateChanges: {
|
|
92
|
+
backupCodes: [],
|
|
93
|
+
},
|
|
94
|
+
});
|
|
95
|
+
return this.generateCodes(memberId);
|
|
96
|
+
}
|
|
97
|
+
/**
|
|
98
|
+
* Retrieve stored backup codes from the member's private profile.
|
|
99
|
+
*/
|
|
100
|
+
async getStoredCodes(memberId) {
|
|
101
|
+
const profile = await this.memberStore.getMemberProfile(memberId);
|
|
102
|
+
if (!profile.privateProfile) {
|
|
103
|
+
throw new Error('Member not found');
|
|
104
|
+
}
|
|
105
|
+
return profile.privateProfile.backupCodes ?? [];
|
|
106
|
+
}
|
|
107
|
+
}
|
|
108
|
+
exports.BackupCodeService = BackupCodeService;
|
|
109
|
+
//# sourceMappingURL=backupCodeService.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"backupCodeService.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/backupCodeService.ts"],"names":[],"mappings":";;;;AACA,uDAAiC;AACjC,uDAAiC;AAEjC,MAAM,qBAAqB,GAAG,EAAE,CAAC;AACjC,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAC7B,MAAM,iBAAiB,GAAG,CAAC,CAAC;AAE5B;;GAEG;AACH,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,4BAA4B;IAC7D,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;AAC1F,CAAC;AAED;;;;;GAKG;AACH,MAAa,iBAAiB;IAI5B,YAAY,WAAwB,EAAE,YAAqB;QACzD,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,YAAY,GAAG,YAAY,IAAI,qBAAqB,CAAC;IAC5D,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa,CAAC,QAAoB;QACtC,MAAM,cAAc,GAAa,EAAE,CAAC;QACpC,MAAM,WAAW,GAAwB,EAAE,CAAC;QAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,iBAAiB,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,MAAM,GAAG,GAAG,MAAM,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC;YAClD,MAAM,IAAI,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACnC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAE1B,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;YACxD,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,QAAQ,EAAE;YAC5C,EAAE,EAAE,QAAQ;YACZ,cAAc,EAAE;gBACd,WAAW,EAAE,WAAW;aACzB;SACF,CAAC,CAAC;QAEH,OAAO,cAAc,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,QAAoB;QACrC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QAClD,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;IAC7C,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY,CAAC,QAAoB,EAAE,IAAY;QACnD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QAElD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;gBACf,SAAS;YACX,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YACvD,IAAI,OAAO,EAAE,CAAC;gBACZ,2BAA2B;gBAC3B,MAAM,YAAY,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,CACxC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CACrC,CAAC;gBAEF,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,QAAQ,EAAE;oBAC5C,EAAE,EAAE,QAAQ;oBACZ,cAAc,EAAE;wBACd,WAAW,EAAE,YAAY;qBAC1B;iBACF,CAAC,CAAC;gBAEH,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,QAAoB;QACxC,6BAA6B;QAC7B,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,QAAQ,EAAE;YAC5C,EAAE,EAAE,QAAQ;YACZ,cAAc,EAAE;gBACd,WAAW,EAAE,EAAE;aAChB;SACF,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;IACtC,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc,CAC1B,QAAoB;QAEpB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAClE,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACtC,CAAC;QACD,OAAO,OAAO,CAAC,cAAc,CAAC,WAAW,IAAI,EAAE,CAAC;IAClD,CAAC;CACF;AA1GD,8CA0GC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"brightchain-authentication-provider.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/brightchain-authentication-provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;
|
|
1
|
+
{"version":3,"file":"brightchain-authentication-provider.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/brightchain-authentication-provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAOH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAE/D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAElE,OAAO,KAAK,EACV,kBAAkB,EAClB,uBAAuB,EACvB,iBAAiB,EAClB,MAAM,qCAAqC,CAAC;AAC7C,OAAO,KAAK,EAEV,eAAe,EAEf,UAAU,EACX,MAAM,iCAAiC,CAAC;AAGzC,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AAsDxD;;;;GAIG;AACH,qBAAa,iCAAiC,CAC5C,GAAG,SAAS,UAAU,GAAG,MAAM,EAC/B,SAAS,SAAS,MAAM,GAAG,MAAM,CACjC,YAAW,uBAAuB,CAAC,GAAG,EAAE,SAAS,CAAC;IACtC,OAAO,CAAC,QAAQ,CAAC,WAAW;gBAAX,WAAW,EAAE,uBAAuB,CAAC,GAAG,CAAC;IAEtE,sDAAsD;IACtD,OAAO,CAAC,cAAc;IAIhB,YAAY,CAChB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,kBAAkB,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;IA+B1C,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC;IAuCpE,WAAW,CAAC,UAAU,SAAS,UAAU,GAAG,UAAU,EAC1D,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAiBvB,wBAAwB,CAC5B,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,YAAY,GACrB,OAAO,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAwC5B,wBAAwB,CAC5B,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;CAqCnC"}
|
|
@@ -80,10 +80,12 @@ class BrightChainAuthenticationProvider {
|
|
|
80
80
|
}
|
|
81
81
|
async findUserById(userId) {
|
|
82
82
|
const memberStore = this.getMemberStore();
|
|
83
|
-
|
|
83
|
+
// Deserialize the GUID string back to a typed ID (round-trips with idToString)
|
|
84
|
+
const idProvider = brightchain_lib_1.ServiceProvider.getInstance().idProvider;
|
|
85
|
+
const id = idProvider.idFromString(userId);
|
|
84
86
|
try {
|
|
85
|
-
const member = await memberStore.getMember(
|
|
86
|
-
const { publicProfile, privateProfile } = await memberStore.getMemberProfile(
|
|
87
|
+
const member = await memberStore.getMember(id);
|
|
88
|
+
const { publicProfile, privateProfile } = await memberStore.getMemberProfile(id);
|
|
87
89
|
const accountStatus = publicProfile
|
|
88
90
|
? memberStatusToAccountStatus(publicProfile.status)
|
|
89
91
|
: 'Active';
|
|
@@ -104,10 +106,12 @@ class BrightChainAuthenticationProvider {
|
|
|
104
106
|
}
|
|
105
107
|
async buildRequestUserDTO(userId) {
|
|
106
108
|
const memberStore = this.getMemberStore();
|
|
107
|
-
|
|
109
|
+
// Deserialize the GUID string back to a typed ID (round-trips with idToString)
|
|
110
|
+
const idProvider = brightchain_lib_1.ServiceProvider.getInstance().idProvider;
|
|
111
|
+
const id = idProvider.idFromString(userId);
|
|
108
112
|
try {
|
|
109
|
-
const member = await memberStore.getMember(
|
|
110
|
-
const { publicProfile, privateProfile } = await memberStore.getMemberProfile(
|
|
113
|
+
const member = await memberStore.getMember(id);
|
|
114
|
+
const { publicProfile, privateProfile } = await memberStore.getMemberProfile(id);
|
|
111
115
|
if (publicProfile && publicProfile.status !== brightchain_lib_1.MemberStatusType.Active) {
|
|
112
116
|
return null;
|
|
113
117
|
}
|
|
@@ -158,12 +162,23 @@ class BrightChainAuthenticationProvider {
|
|
|
158
162
|
// Hydrate the full member, then load the wallet from the mnemonic
|
|
159
163
|
// to make the private key available.
|
|
160
164
|
const member = (await memberStore.getMember(reference.id));
|
|
161
|
-
|
|
165
|
+
try {
|
|
166
|
+
member.loadWallet(mnemonic);
|
|
167
|
+
}
|
|
168
|
+
catch {
|
|
169
|
+
// loadWallet throws MemberError("Invalid wallet mnemonic.") when the
|
|
170
|
+
// mnemonic is valid BIP39 but derives a different key, or a plain Error
|
|
171
|
+
// for invalid BIP39. Normalise to a consistent message.
|
|
172
|
+
throw new Error('Invalid mnemonic');
|
|
173
|
+
}
|
|
162
174
|
if (!member.hasPrivateKey) {
|
|
163
175
|
throw new Error('Invalid mnemonic');
|
|
164
176
|
}
|
|
177
|
+
// Use idToString for proper UUID round-trip (pairs with idFromString)
|
|
178
|
+
const idProvider = brightchain_lib_1.ServiceProvider.getInstance().idProvider;
|
|
179
|
+
const userId = idProvider.idToString(reference.id);
|
|
165
180
|
return {
|
|
166
|
-
userId
|
|
181
|
+
userId,
|
|
167
182
|
userMember: member,
|
|
168
183
|
};
|
|
169
184
|
}
|
|
@@ -186,8 +201,12 @@ class BrightChainAuthenticationProvider {
|
|
|
186
201
|
throw new Error('Invalid credentials');
|
|
187
202
|
}
|
|
188
203
|
const member = (await memberStore.getMember(reference.id));
|
|
204
|
+
// The hydrated member is an ecies-lib Member which lacks getIdString().
|
|
205
|
+
// Convert the raw ID bytes to a hex string directly.
|
|
206
|
+
const idBytes = member.idBytes ?? member.id;
|
|
207
|
+
const userId = Buffer.from(idBytes).toString('hex');
|
|
189
208
|
return {
|
|
190
|
-
userId
|
|
209
|
+
userId,
|
|
191
210
|
userMember: member,
|
|
192
211
|
};
|
|
193
212
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"brightchain-authentication-provider.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/brightchain-authentication-provider.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;;;AAEH,
|
|
1
|
+
{"version":3,"file":"brightchain-authentication-provider.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/brightchain-authentication-provider.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;;;AAEH,kEAIsC;AAEtC,0DAAwD;AAcxD,uDAAiC;AACjC,+CAAsC;AAItC,wEAAwE;AAExE;;GAEG;AACH,SAAS,2BAA2B,CAAC,MAAwB;IAC3D,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,kCAAgB,CAAC,MAAM;YAC1B,OAAO,QAAQ,CAAC;QAClB,KAAK,kCAAgB,CAAC,SAAS;YAC7B,OAAO,WAAW,CAAC;QACrB,KAAK,kCAAgB,CAAC,QAAQ,CAAC;QAC/B;YACE,OAAO,0BAA0B,CAAC;IACtC,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAS,0BAA0B,CAAC,IAAgB;IAClD,OAAO;QACL,KAAK,EAAE,IAAI,KAAK,sBAAU,CAAC,KAAK;QAChC,MAAM,EAAE,IAAI,KAAK,sBAAU,CAAC,IAAI;QAChC,KAAK,EAAE,KAAK;QACZ,MAAM,EAAE,IAAI,KAAK,sBAAU,CAAC,MAAM;KACnC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,IAAgB,EAAE,QAAgB;IAC7D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACrC,OAAO;QACL,GAAG,EAAE,QAAQ,QAAQ,EAAE;QACvB,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;QACrB,KAAK,EAAE,IAAI,KAAK,sBAAU,CAAC,KAAK;QAChC,MAAM,EAAE,IAAI,KAAK,sBAAU,CAAC,IAAI;QAChC,KAAK,EAAE,KAAK;QACZ,MAAM,EAAE,IAAI,KAAK,sBAAU,CAAC,MAAM;QAClC,SAAS,EAAE,GAAG;QACd,SAAS,EAAE,GAAG;QACd,SAAS,EAAE,QAAQ;QACnB,SAAS,EAAE,QAAQ;KACpB,CAAC;AACJ,CAAC;AAED,wEAAwE;AAExE;;;;GAIG;AACH,MAAa,iCAAiC;IAI5C,YAA6B,WAAyC;QAAzC,gBAAW,GAAX,WAAW,CAA8B;IAAG,CAAC;IAE1E,sDAAsD;IAC9C,cAAc;QACpB,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAqB,CAAC;IAC1E,CAAC;IAED,KAAK,CAAC,YAAY,CAChB,MAAc;QAEd,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,+EAA+E;QAC/E,MAAM,UAAU,GAAG,iCAAe,CAAC,WAAW,EAAO,CAAC,UAAU,CAAC;QACjE,MAAM,EAAE,GAAG,UAAU,CAAC,YAAY,CAAC,MAAM,CAAmB,CAAC;QAE7D,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;YAC/C,MAAM,EAAE,aAAa,EAAE,cAAc,EAAE,GACrC,MAAM,WAAW,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;YAEzC,MAAM,aAAa,GAAG,aAAa;gBACjC,CAAC,CAAC,2BAA2B,CAAC,aAAa,CAAC,MAAM,CAAC;gBACnD,CAAC,CAAC,QAAQ,CAAC;YAEb,MAAM,QAAQ,GAAG,cAAc,EAAE,QAAQ,IAAI,EAAE,CAAC;YAEhD,OAAO;gBACL,EAAE,EAAE,MAAM;gBACV,aAAa;gBACb,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE;gBAC9B,YAAY,EAAE,QAAQ,CAAC,cAAc,CAA0B;gBAC/D,QAAQ,EAAG,QAAQ,CAAC,UAAU,CAAY,IAAI,KAAK;gBACnD,SAAS,EAAE,aAAa,EAAE,UAAU,EAAE,WAAW,EAAE;aACpD,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,4CAA4C;YAC5C,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,MAAc;QACtC,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,+EAA+E;QAC/E,MAAM,UAAU,GAAG,iCAAe,CAAC,WAAW,EAAO,CAAC,UAAU,CAAC;QACjE,MAAM,EAAE,GAAG,UAAU,CAAC,YAAY,CAAC,MAAM,CAAmB,CAAC;QAE7D,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;YAC/C,MAAM,EAAE,aAAa,EAAE,cAAc,EAAE,GACrC,MAAM,WAAW,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;YAEzC,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,KAAK,kCAAgB,CAAC,MAAM,EAAE,CAAC;gBACtE,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,CAAC;YACxB,MAAM,cAAc,GAAG,0BAA0B,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC/D,MAAM,OAAO,GAAG,mBAAmB,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YAC3D,MAAM,QAAQ,GAAG,cAAc,EAAE,QAAQ,IAAI,EAAE,CAAC;YAEhD,OAAO;gBACL,EAAE,EAAE,QAAQ;gBACZ,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE;gBAC9B,QAAQ,EAAE,MAAM,CAAC,IAAI;gBACrB,KAAK,EAAE,CAAC,OAAO,CAAC;gBAChB,cAAc;gBACd,aAAa,EAAE,IAAI,EAAE,+CAA+C;gBACpE,QAAQ,EAAG,QAAQ,CAAC,UAAU,CAAY,IAAI,KAAK;gBACnD,YAAY,EAAG,QAAQ,CAAC,cAAc,CAAY,IAAI,IAAI;gBAC1D,QAAQ,EAAG,QAAQ,CAAC,UAAU,CAAa,IAAI,KAAK;gBACpD,QAAQ,EAAG,QAAQ,CAAC,UAAU,CAAY,IAAI,KAAK;gBACnD,eAAe,EAAG,QAAQ,CAAC,iBAAiB,CAAa,IAAI,KAAK;gBAClE,SAAS,EAAE,aAAa,EAAE,UAAU,EAAE,WAAW,EAAE;aACpD,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CACf,KAAa;QAEb,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAA,qBAAM,EACpB,KAAK,EACL,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,SAAS,CACtB,CAAC;YAEnB,8DAA8D;YAC9D,OAAO;gBACL,MAAM,EAAE,OAAO,CAAC,QAAQ;gBACxB,KAAK,EAAE,EAAyB;aACL,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,wBAAwB,CAC5B,KAAa,EACb,QAAsB;QAEtB,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAE1C,0BAA0B;QAC1B,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QAClE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE7B,kEAAkE;QAClE,qCAAqC;QACrC,MAAM,MAAM,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CACzC,SAAS,CAAC,EAAE,CACb,CAA2B,CAAC;QAE7B,IAAI,CAAC;YACH,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QAAC,MAAM,CAAC;YACP,qEAAqE;YACrE,wEAAwE;YACxE,wDAAwD;YACxD,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACtC,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACtC,CAAC;QAED,sEAAsE;QACtE,MAAM,UAAU,GAAG,iCAAe,CAAC,WAAW,EAAO,CAAC,UAAU,CAAC;QACjE,MAAM,MAAM,GAAG,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAEnD,OAAO;YACL,MAAM;YACN,UAAU,EAAE,MAAM;SACnB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,wBAAwB,CAC5B,KAAa,EACb,QAAgB;QAEhB,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAE1C,0BAA0B;QAC1B,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QAClE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE7B,qDAAqD;QACrD,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAC5E,MAAM,UAAU,GAAG,cAAc,EAAE,YAAY,CAAC;QAChD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAC3D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,MAAM,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CACzC,SAAS,CAAC,EAAE,CACb,CAA2B,CAAC;QAE7B,wEAAwE;QACxE,qDAAqD;QACrD,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAK,MAAM,CAAC,EAAiB,CAAC;QAC5D,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAEpD,OAAO;YACL,MAAM;YACN,UAAU,EAAE,MAAM;SACnB,CAAC;IACJ,CAAC;CACF;AAzLD,8EAyLC"}
|
|
@@ -11,7 +11,7 @@
|
|
|
11
11
|
import type { IBrightChainRbacInitInput, IBrightChainServerInitResult, IBrightChainUserCredentials } from '@brightchain/brightchain-lib';
|
|
12
12
|
import { IBrightChainBaseInitResult, IBrightChainInitResult, IBrightChainMemberInitInput } from '@brightchain/brightchain-lib';
|
|
13
13
|
import { BrightChainDb, CBLIndex } from '@brightchain/db';
|
|
14
|
-
import {
|
|
14
|
+
import { PlatformID } from '@digitaldefiance/node-ecies-lib';
|
|
15
15
|
import { IBrightChainMemberInitConfig } from '../interfaces/member-init-config';
|
|
16
16
|
export type { IBrightChainMemberInitConfig } from '../interfaces/member-init-config';
|
|
17
17
|
/**
|
|
@@ -21,7 +21,7 @@ export type { IBrightChainMemberInitConfig } from '../interfaces/member-init-con
|
|
|
21
21
|
* The service is idempotent: calling initialize() multiple times with the same
|
|
22
22
|
* users will not create duplicate entries.
|
|
23
23
|
*/
|
|
24
|
-
export declare class BrightChainMemberInitService {
|
|
24
|
+
export declare class BrightChainMemberInitService<TID extends PlatformID> {
|
|
25
25
|
private _db;
|
|
26
26
|
private _memberCblIndex;
|
|
27
27
|
/**
|
|
@@ -40,14 +40,23 @@ export declare class BrightChainMemberInitService {
|
|
|
40
40
|
*
|
|
41
41
|
* Steps:
|
|
42
42
|
* 1. Build the appropriate block store (disk or memory)
|
|
43
|
-
* 2. Create
|
|
43
|
+
* 2. Create BrightChainDb with an isolated HeadRegistry
|
|
44
44
|
* 3. Create CBLIndex for the member pool
|
|
45
45
|
* 4. Build candidate IMemberIndexDocument entries
|
|
46
46
|
* 5. Validate all candidates against MEMBER_INDEX_SCHEMA (pre-transaction)
|
|
47
47
|
* 6. Check which candidates are already present (idempotency)
|
|
48
48
|
* 7. Insert missing entries in a single withTransaction call
|
|
49
49
|
*/
|
|
50
|
-
initialize(config: IBrightChainMemberInitConfig, input: IBrightChainMemberInitInput<
|
|
50
|
+
initialize(config: IBrightChainMemberInitConfig, input: IBrightChainMemberInitInput<TID>): Promise<IBrightChainBaseInitResult<BrightChainDb, TID>>;
|
|
51
|
+
/**
|
|
52
|
+
* Register typed Models for all RBAC collections on the given BrightChainDb.
|
|
53
|
+
*
|
|
54
|
+
* After this call, `db.model('roles')`, `db.model('users')`, etc. return
|
|
55
|
+
* Model instances that auto-serialize on writes and auto-rehydrate on reads.
|
|
56
|
+
*
|
|
57
|
+
* Idempotent — skips registration if models are already present.
|
|
58
|
+
*/
|
|
59
|
+
private registerRbacModels;
|
|
51
60
|
/**
|
|
52
61
|
* Build a role document for insertion into the roles collection.
|
|
53
62
|
* Returns a plain data object satisfying IRoleBase — no Document wrapper needed.
|
|
@@ -70,11 +79,13 @@ export declare class BrightChainMemberInitService {
|
|
|
70
79
|
private static buildMnemonicDocument;
|
|
71
80
|
/**
|
|
72
81
|
* Serialize a typed RBAC document for storage/validation.
|
|
73
|
-
*
|
|
74
|
-
*
|
|
75
|
-
*
|
|
82
|
+
* Delegates to the standalone serializeForStorage utility.
|
|
83
|
+
*
|
|
84
|
+
* @template T - The input typed document (e.g. IRoleBase<TID, Date, string>)
|
|
85
|
+
* @template TStored - The expected stored output type (e.g. IStoredRole).
|
|
86
|
+
* When omitted, returns a generic Record.
|
|
76
87
|
*/
|
|
77
|
-
|
|
88
|
+
static serializeForStorage<T extends object, TStored extends Record<string, unknown> = Record<string, unknown>>(doc: T): TStored;
|
|
78
89
|
/**
|
|
79
90
|
* Validate a document against a schema, returning field errors (if any).
|
|
80
91
|
*
|
|
@@ -82,6 +93,8 @@ export declare class BrightChainMemberInitService {
|
|
|
82
93
|
* (IRoleBase, IUserBase, etc.) without needing an index signature.
|
|
83
94
|
* Serializes the document before validation so GuidV4Buffer and Date
|
|
84
95
|
* values are converted to the string types the schemas expect.
|
|
96
|
+
*
|
|
97
|
+
* @deprecated Prefer using Model.validate() which handles dehydration internally.
|
|
85
98
|
*/
|
|
86
99
|
private static validateRbacDocument;
|
|
87
100
|
/**
|
|
@@ -101,7 +114,7 @@ export declare class BrightChainMemberInitService {
|
|
|
101
114
|
* 9. Idempotency check for RBAC collections
|
|
102
115
|
* 10. Insert missing RBAC documents in a single transaction
|
|
103
116
|
*/
|
|
104
|
-
initializeWithRbac(config: IBrightChainMemberInitConfig, input: IBrightChainRbacInitInput<
|
|
117
|
+
initializeWithRbac(config: IBrightChainMemberInitConfig, input: IBrightChainRbacInitInput<TID>): Promise<IBrightChainInitResult<TID, BrightChainDb>>;
|
|
105
118
|
/**
|
|
106
119
|
* Map an IBrightChainUserInitEntry to an IBrightChainUserCredentials bundle.
|
|
107
120
|
* Plaintext fields default to empty string / empty array when absent.
|
|
@@ -119,31 +132,37 @@ export declare class BrightChainMemberInitService {
|
|
|
119
132
|
* Print a formatted summary of the BrightChain server init results,
|
|
120
133
|
* including full credentials for each user.
|
|
121
134
|
*/
|
|
122
|
-
static printServerInitResults(result: IBrightChainServerInitResult<
|
|
135
|
+
static printServerInitResults<TID extends PlatformID>(result: IBrightChainServerInitResult<TID, BrightChainDb>, config: IBrightChainMemberInitConfig): void;
|
|
136
|
+
/**
|
|
137
|
+
* Print a formatted summary of the BrightChain member init results.
|
|
138
|
+
* Kept for backward compatibility — delegates to printServerInitResults
|
|
139
|
+
* when a full result is available, otherwise prints minimal info.
|
|
140
|
+
*/
|
|
141
|
+
static printBaseInitResults<TID extends PlatformID>(input: IBrightChainMemberInitInput<TID>, result: IBrightChainBaseInitResult<BrightChainDb, TID>, config: IBrightChainMemberInitConfig): void;
|
|
123
142
|
/**
|
|
124
143
|
* Print a formatted summary of the BrightChain member init results.
|
|
125
144
|
* Kept for backward compatibility — delegates to printServerInitResults
|
|
126
145
|
* when a full result is available, otherwise prints minimal info.
|
|
127
146
|
*/
|
|
128
|
-
static printInitResults(input: IBrightChainMemberInitInput<
|
|
147
|
+
static printInitResults<TID extends PlatformID>(input: IBrightChainMemberInitInput<TID>, result: IBrightChainInitResult<TID, BrightChainDb>, config: IBrightChainMemberInitConfig): void;
|
|
129
148
|
/**
|
|
130
149
|
* Combine a basic init result with user credentials to produce the full
|
|
131
150
|
* IBrightChainServerInitResult. This keeps the initialize() method lean
|
|
132
151
|
* while allowing callers to enrich the result with environment credentials.
|
|
133
152
|
*/
|
|
134
|
-
static buildServerInitResult(baseResult: IBrightChainInitResult<
|
|
135
|
-
system: IBrightChainUserCredentials<
|
|
136
|
-
admin: IBrightChainUserCredentials<
|
|
137
|
-
member: IBrightChainUserCredentials<
|
|
138
|
-
}): IBrightChainServerInitResult<
|
|
153
|
+
static buildServerInitResult<TID extends PlatformID>(baseResult: IBrightChainInitResult<TID, BrightChainDb>, credentials: {
|
|
154
|
+
system: IBrightChainUserCredentials<TID>;
|
|
155
|
+
admin: IBrightChainUserCredentials<TID>;
|
|
156
|
+
member: IBrightChainUserCredentials<TID>;
|
|
157
|
+
}): IBrightChainServerInitResult<TID, BrightChainDb>;
|
|
139
158
|
/**
|
|
140
159
|
* Format the full server init result as .env variable lines.
|
|
141
160
|
* Outputs all credential fields matching the .env.example layout.
|
|
142
161
|
*/
|
|
143
|
-
static formatDotEnv(credentials: {
|
|
144
|
-
system: IBrightChainUserCredentials<
|
|
145
|
-
admin: IBrightChainUserCredentials<
|
|
146
|
-
member: IBrightChainUserCredentials<
|
|
162
|
+
static formatDotEnv<TID extends PlatformID>(credentials: {
|
|
163
|
+
system: IBrightChainUserCredentials<TID>;
|
|
164
|
+
admin: IBrightChainUserCredentials<TID>;
|
|
165
|
+
member: IBrightChainUserCredentials<TID>;
|
|
147
166
|
}): string;
|
|
148
167
|
}
|
|
149
168
|
//# sourceMappingURL=brightchain-member-init.service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"brightchain-member-init.service.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/brightchain-member-init.service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAGV,yBAAyB,EACzB,4BAA4B,EAC5B,2BAA2B,EAG5B,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAEL,0BAA0B,EAC1B,sBAAsB,EACtB,2BAA2B,EAI5B,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,aAAa,EACb,QAAQ,
|
|
1
|
+
{"version":3,"file":"brightchain-member-init.service.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/brightchain-member-init.service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAGV,yBAAyB,EACzB,4BAA4B,EAC5B,2BAA2B,EAG5B,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAEL,0BAA0B,EAC1B,sBAAsB,EACtB,2BAA2B,EAI5B,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,aAAa,EACb,QAAQ,EAIT,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EAEL,UAAU,EACX,MAAM,iCAAiC,CAAC;AAgBzC,OAAO,EAAE,4BAA4B,EAAE,MAAM,kCAAkC,CAAC;AA2BhF,YAAY,EAAE,4BAA4B,EAAE,MAAM,kCAAkC,CAAC;AA0DrF;;;;;;GAMG;AACH,qBAAa,4BAA4B,CAAC,GAAG,SAAS,UAAU;IAC9D,OAAO,CAAC,GAAG,CAA4B;IACvC,OAAO,CAAC,eAAe,CAAuB;IAE9C;;;OAGG;IACH,IAAI,EAAE,IAAI,aAAa,CAOtB;IAED;;;OAGG;IACH,IAAI,cAAc,IAAI,QAAQ,CAO7B;IAED;;;;;;;;;;;;OAYG;IACG,UAAU,CACd,MAAM,EAAE,4BAA4B,EACpC,KAAK,EAAE,2BAA2B,CAAC,GAAG,CAAC,GACtC,OAAO,CAAC,0BAA0B,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;IA0E1D;;;;;;;OAOG;IACH,OAAO,CAAC,kBAAkB;IAqC1B;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,iBAAiB;IAmBhC;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,iBAAiB;IA4BhC;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,qBAAqB;IAgBpC;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,qBAAqB;IASpC;;;;;;;OAOG;IACH,MAAM,CAAC,mBAAmB,CACxB,CAAC,SAAS,MAAM,EAChB,OAAO,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjE,GAAG,EAAE,CAAC,GAAG,OAAO;IAIlB;;;;;;;;;OASG;IACH,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAoBnC;;;;;;;;;;;;;;;;OAgBG;IACG,kBAAkB,CACtB,MAAM,EAAE,4BAA4B,EACpC,KAAK,EAAE,yBAAyB,CAAC,GAAG,CAAC,GACpC,OAAO,CAAC,sBAAsB,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;IAmMtD;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAoBnC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,eAAe;IAW9B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAyBnC;;;OAGG;IACH,MAAM,CAAC,sBAAsB,CAAC,GAAG,SAAS,UAAU,EAClD,MAAM,EAAE,4BAA4B,CAAC,GAAG,EAAE,aAAa,CAAC,EACxD,MAAM,EAAE,4BAA4B,GACnC,IAAI;IAuBP;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,GAAG,SAAS,UAAU,EAChD,KAAK,EAAE,2BAA2B,CAAC,GAAG,CAAC,EACvC,MAAM,EAAE,0BAA0B,CAAC,aAAa,EAAE,GAAG,CAAC,EACtD,MAAM,EAAE,4BAA4B,GACnC,IAAI;IAkCP;;;;OAIG;IACH,MAAM,CAAC,gBAAgB,CAAC,GAAG,SAAS,UAAU,EAC5C,KAAK,EAAE,2BAA2B,CAAC,GAAG,CAAC,EACvC,MAAM,EAAE,sBAAsB,CAAC,GAAG,EAAE,aAAa,CAAC,EAClD,MAAM,EAAE,4BAA4B,GACnC,IAAI;IAkCP;;;;OAIG;IACH,MAAM,CAAC,qBAAqB,CAAC,GAAG,SAAS,UAAU,EACjD,UAAU,EAAE,sBAAsB,CAAC,GAAG,EAAE,aAAa,CAAC,EACtD,WAAW,EAAE;QACX,MAAM,EAAE,2BAA2B,CAAC,GAAG,CAAC,CAAC;QACzC,KAAK,EAAE,2BAA2B,CAAC,GAAG,CAAC,CAAC;QACxC,MAAM,EAAE,2BAA2B,CAAC,GAAG,CAAC,CAAC;KAC1C,GACA,4BAA4B,CAAC,GAAG,EAAE,aAAa,CAAC;IASnD;;;OAGG;IACH,MAAM,CAAC,YAAY,CAAC,GAAG,SAAS,UAAU,EAAE,WAAW,EAAE;QACvD,MAAM,EAAE,2BAA2B,CAAC,GAAG,CAAC,CAAC;QACzC,KAAK,EAAE,2BAA2B,CAAC,GAAG,CAAC,CAAC;QACxC,MAAM,EAAE,2BAA2B,CAAC,GAAG,CAAC,CAAC;KAC1C,GAAG,MAAM;CAyBX"}
|