@flink-app/generic-auth-plugin 0.11.19 → 0.12.1-alpha.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.flink/generatedHandlers.ts +1 -1
- package/.flink/generatedJobs.ts +1 -1
- package/.flink/generatedRepos.ts +1 -1
- package/.flink/schemas/schemas.json +2 -4
- package/.flink/schemas/schemas.ts +1 -1
- package/.flink/start.ts +1 -1
- package/dist/.flink/generatedHandlers.js +1 -1
- package/dist/.flink/generatedJobs.js +1 -1
- package/dist/.flink/generatedRepos.js +1 -1
- package/dist/.flink/schemas/schemas.json +2 -4
- package/dist/.flink/start.js +1 -1
- package/dist/src/coreFunctions.js +14 -14
- package/dist/src/handlers/Management/DeleteUserByUserid.js +21 -23
- package/dist/src/handlers/Management/GetSchema.js +12 -14
- package/dist/src/handlers/Management/GetUser.js +21 -23
- package/dist/src/handlers/Management/GetUserByUserid.js +22 -24
- package/dist/src/handlers/Management/GetUserViewByUserid.js +34 -36
- package/dist/src/handlers/Management/PutUserPasswordByUserid.js +46 -48
- package/dist/src/handlers/Management/PutUserProfileByUserid.js +24 -26
- package/dist/src/handlers/Management/PutUserProfileByUseridAppend.js +27 -29
- package/dist/src/handlers/Management/PutUserRolesByUserid.js +24 -26
- package/dist/src/handlers/Management/PutUserUsernameByUserid.js +33 -35
- package/dist/src/handlers/UserCreate.js +44 -46
- package/dist/src/handlers/UserLogin.js +23 -25
- package/dist/src/handlers/UserLoginByToken.js +23 -25
- package/dist/src/handlers/UserPasswordPut.js +21 -23
- package/dist/src/handlers/UserPasswordResetComplete.js +27 -29
- package/dist/src/handlers/UserPasswordResetForm.js +11 -11
- package/dist/src/handlers/UserPasswordResetStart.js +53 -55
- package/dist/src/handlers/UserProfileGet.js +21 -23
- package/dist/src/handlers/UserProfilePut.js +28 -30
- package/dist/src/handlers/UserPushRegisterToken.js +72 -74
- package/dist/src/handlers/UserPushRemoveToken.js +25 -27
- package/dist/src/handlers/UserToken.js +24 -26
- package/dist/src/index.js +7 -8
- package/dist/src/init.js +8 -4
- package/dist/src/management.js +5 -1
- package/dist/src/schemas/User.d.ts +1 -1
- package/dist/src/schemas/User.js +0 -1
- package/package.json +32 -32
- package/src/coreFunctions.ts +34 -59
- package/src/schemas/User.ts +8 -8
package/src/coreFunctions.ts
CHANGED
|
@@ -12,7 +12,7 @@ import { UserPasswordResetCompleteRes } from "./schemas/UserPasswordResetComplet
|
|
|
12
12
|
import jsonwebtoken from "jsonwebtoken";
|
|
13
13
|
import { GenericAuthsmsOptions } from "./genericAuthPluginOptions";
|
|
14
14
|
|
|
15
|
-
export function getJtwTokenPlugin(secret: string, rolePermissions?: { [role: string]: string[] }, passwordPolicy?: RegExp, tokenTTL
|
|
15
|
+
export function getJtwTokenPlugin(secret: string, rolePermissions?: { [role: string]: string[] }, passwordPolicy?: RegExp, tokenTTL?: number) {
|
|
16
16
|
if (passwordPolicy == undefined) {
|
|
17
17
|
passwordPolicy = /.{1,}$/;
|
|
18
18
|
}
|
|
@@ -36,7 +36,7 @@ export function getJtwTokenPlugin(secret: string, rolePermissions?: { [role: str
|
|
|
36
36
|
},
|
|
37
37
|
passwordPolicy,
|
|
38
38
|
rolePermissions,
|
|
39
|
-
tokenTTL
|
|
39
|
+
tokenTTL,
|
|
40
40
|
});
|
|
41
41
|
}
|
|
42
42
|
|
|
@@ -112,36 +112,23 @@ export async function createUser(
|
|
|
112
112
|
};
|
|
113
113
|
}
|
|
114
114
|
|
|
115
|
-
export async function loginByToken(
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
jwtSecret : string
|
|
121
|
-
|
|
122
|
-
): Promise<UserLoginRes> {
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
let payload : { type : string, userId : string};
|
|
126
|
-
try{
|
|
127
|
-
payload = jsonwebtoken.verify(token, jwtSecret + ":" + code) as { type : string, userId : string};
|
|
128
|
-
}catch(ex){
|
|
115
|
+
export async function loginByToken(repo: FlinkRepo<any, User>, auth: JwtAuthPlugin, token: string, code: string, jwtSecret: string): Promise<UserLoginRes> {
|
|
116
|
+
let payload: { type: string; userId: string };
|
|
117
|
+
try {
|
|
118
|
+
payload = jsonwebtoken.verify(token, jwtSecret + ":" + code) as { type: string; userId: string };
|
|
119
|
+
} catch (ex) {
|
|
129
120
|
return { status: "failed" };
|
|
130
121
|
}
|
|
131
|
-
|
|
132
122
|
|
|
133
|
-
if(payload.type != "smsLogin"){
|
|
123
|
+
if (payload.type != "smsLogin") {
|
|
134
124
|
return { status: "failed" };
|
|
135
125
|
}
|
|
136
126
|
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
const user = await repo.getById(payload.userId)
|
|
127
|
+
const user = await repo.getById(payload.userId);
|
|
140
128
|
if (user == null) {
|
|
141
129
|
return { status: "failed" };
|
|
142
130
|
}
|
|
143
131
|
|
|
144
|
-
|
|
145
132
|
const authToken = await auth.createToken({ username: user.username.toLowerCase(), _id: user._id }, user.roles);
|
|
146
133
|
|
|
147
134
|
return {
|
|
@@ -149,14 +136,12 @@ export async function loginByToken(
|
|
|
149
136
|
user: {
|
|
150
137
|
_id: user._id,
|
|
151
138
|
username: user.username,
|
|
152
|
-
token
|
|
139
|
+
token: authToken,
|
|
153
140
|
profile: user.profile,
|
|
154
141
|
},
|
|
155
|
-
};
|
|
156
|
-
|
|
142
|
+
};
|
|
157
143
|
}
|
|
158
144
|
|
|
159
|
-
|
|
160
145
|
export async function loginUser(
|
|
161
146
|
repo: FlinkRepo<any, User>,
|
|
162
147
|
auth: JwtAuthPlugin,
|
|
@@ -165,12 +150,11 @@ export async function loginUser(
|
|
|
165
150
|
validatePasswordMethod?: {
|
|
166
151
|
(password: string, hash: string, salt: string): Promise<boolean>;
|
|
167
152
|
},
|
|
168
|
-
smsOptions
|
|
153
|
+
smsOptions?: GenericAuthsmsOptions,
|
|
169
154
|
onSuccessfulLogin?: {
|
|
170
|
-
(user:User): Promise<void
|
|
171
|
-
}
|
|
155
|
+
(user: User): Promise<void>;
|
|
156
|
+
}
|
|
172
157
|
): Promise<UserLoginRes> {
|
|
173
|
-
|
|
174
158
|
const user = await repo.getOne({ username: username.toLowerCase() });
|
|
175
159
|
if (user == null) {
|
|
176
160
|
return { status: "failed" };
|
|
@@ -195,34 +179,31 @@ export async function loginUser(
|
|
|
195
179
|
}
|
|
196
180
|
}
|
|
197
181
|
if (user.authentificationMethod == "sms") {
|
|
198
|
-
if(!smsOptions) throw "SMS options must be specified to use SMS login"
|
|
182
|
+
if (!smsOptions) throw "SMS options must be specified to use SMS login";
|
|
199
183
|
let code = smsOptions.codeType == "numeric" ? generate(smsOptions.codeLength) : generateString(smsOptions.codeLength);
|
|
200
184
|
smsOptions.smsClient.send({
|
|
201
|
-
to
|
|
202
|
-
from
|
|
203
|
-
message
|
|
204
|
-
})
|
|
185
|
+
to: [user.username],
|
|
186
|
+
from: smsOptions.smsFrom,
|
|
187
|
+
message: smsOptions.smsMessage.replace("{{code}}", code),
|
|
188
|
+
});
|
|
205
189
|
|
|
206
190
|
const payload = {
|
|
207
191
|
type: "smsLogin",
|
|
208
192
|
userId: user._id,
|
|
209
193
|
};
|
|
210
|
-
|
|
194
|
+
|
|
211
195
|
const secret = smsOptions.jwtToken + ":" + code;
|
|
212
|
-
|
|
196
|
+
|
|
213
197
|
const options: jsonwebtoken.SignOptions = {
|
|
214
198
|
expiresIn: "1h",
|
|
215
199
|
};
|
|
216
|
-
|
|
200
|
+
|
|
217
201
|
const token = jsonwebtoken.sign(payload, secret, options);
|
|
218
202
|
|
|
219
203
|
return {
|
|
220
204
|
status: "success",
|
|
221
|
-
validationToken
|
|
205
|
+
validationToken: token,
|
|
222
206
|
};
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
207
|
}
|
|
227
208
|
|
|
228
209
|
if (valid) {
|
|
@@ -304,11 +285,11 @@ export async function passwordResetStart(
|
|
|
304
285
|
const fakeToken = jsonwebtoken.sign(fakepayload, "fake_payload", { expiresIn: lifeTime });
|
|
305
286
|
|
|
306
287
|
if (user == null) {
|
|
307
|
-
return { status: "userNotFound", passwordResetToken
|
|
288
|
+
return { status: "userNotFound", passwordResetToken: fakeToken };
|
|
308
289
|
}
|
|
309
290
|
|
|
310
291
|
if (user.authentificationMethod != "password") {
|
|
311
|
-
return { status: "userNotFound", passwordResetToken
|
|
292
|
+
return { status: "userNotFound", passwordResetToken: fakeToken };
|
|
312
293
|
}
|
|
313
294
|
|
|
314
295
|
if (numberOfDigits == null) numberOfDigits = 6;
|
|
@@ -322,7 +303,7 @@ export async function passwordResetStart(
|
|
|
322
303
|
|
|
323
304
|
const pwdResetStartedAt = new Date().toISOString();
|
|
324
305
|
let secret;
|
|
325
|
-
if(passwordResetReusableTokens) {
|
|
306
|
+
if (passwordResetReusableTokens) {
|
|
326
307
|
secret = jwtSecret + ":" + code;
|
|
327
308
|
} else {
|
|
328
309
|
secret = jwtSecret + ":" + code + ":" + pwdResetStartedAt;
|
|
@@ -355,11 +336,9 @@ export async function passwordResetComplete(
|
|
|
355
336
|
},
|
|
356
337
|
passwordResetReusableTokens: boolean = true
|
|
357
338
|
): Promise<UserPasswordResetCompleteRes> {
|
|
339
|
+
const payload = <{ username: string }>jsonwebtoken.decode(passwordResetToken);
|
|
358
340
|
|
|
359
|
-
|
|
360
|
-
|
|
361
|
-
if(!payload || !payload.username)
|
|
362
|
-
return { status: "invalidCode" };
|
|
341
|
+
if (!payload || !payload.username) return { status: "invalidCode" };
|
|
363
342
|
|
|
364
343
|
const user = await repo.getOne({ username: payload.username });
|
|
365
344
|
|
|
@@ -383,7 +362,6 @@ export async function passwordResetComplete(
|
|
|
383
362
|
return { status: "invalidCode" };
|
|
384
363
|
}
|
|
385
364
|
|
|
386
|
-
|
|
387
365
|
let passwordAndSalt = null;
|
|
388
366
|
|
|
389
367
|
if (createPasswordHashAndSaltMethod == null) {
|
|
@@ -401,7 +379,7 @@ export async function passwordResetComplete(
|
|
|
401
379
|
await repo.updateOne(user._id, {
|
|
402
380
|
password: passwordAndSalt.hash,
|
|
403
381
|
salt: passwordAndSalt.salt,
|
|
404
|
-
pwdResetStartedAt: null
|
|
382
|
+
pwdResetStartedAt: null,
|
|
405
383
|
});
|
|
406
384
|
|
|
407
385
|
return { status: "success" };
|
|
@@ -422,16 +400,13 @@ function generate(n: number): string {
|
|
|
422
400
|
return ("" + number).substring(add);
|
|
423
401
|
}
|
|
424
402
|
|
|
425
|
-
|
|
426
|
-
|
|
427
|
-
|
|
428
|
-
function generateString(length : number) {
|
|
429
|
-
const characters ='ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
|
|
430
|
-
let result = ' ';
|
|
403
|
+
function generateString(length: number) {
|
|
404
|
+
const characters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
|
|
405
|
+
let result = " ";
|
|
431
406
|
const charactersLength = characters.length;
|
|
432
|
-
for (
|
|
407
|
+
for (let i = 0; i < length; i++) {
|
|
433
408
|
result += characters.charAt(Math.floor(Math.random() * charactersLength));
|
|
434
409
|
}
|
|
435
410
|
|
|
436
411
|
return result;
|
|
437
|
-
}
|
|
412
|
+
}
|
package/src/schemas/User.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { PushNotificationToken} from "./PushNotificationToken";
|
|
1
|
+
import { PushNotificationToken } from "./PushNotificationToken";
|
|
2
2
|
import { UserProfile } from "./UserProfile";
|
|
3
3
|
|
|
4
4
|
export interface User {
|
|
@@ -6,12 +6,12 @@ export interface User {
|
|
|
6
6
|
username: string;
|
|
7
7
|
|
|
8
8
|
password?: string;
|
|
9
|
-
salt
|
|
9
|
+
salt?: string;
|
|
10
10
|
|
|
11
|
-
pwdResetStartedAt?: string;
|
|
11
|
+
pwdResetStartedAt?: string | null;
|
|
12
12
|
roles: string[];
|
|
13
|
-
|
|
14
|
-
authentificationMethod
|
|
15
|
-
profile
|
|
16
|
-
pushNotificationTokens
|
|
17
|
-
}
|
|
13
|
+
|
|
14
|
+
authentificationMethod: "password" | "sms";
|
|
15
|
+
profile: UserProfile;
|
|
16
|
+
pushNotificationTokens: Array<PushNotificationToken>;
|
|
17
|
+
}
|