@flink-app/generic-auth-plugin 0.2.0-beta.7 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.flink/generatedHandlers.ts +2 -1
- package/.flink/generatedRepos.ts +1 -1
- package/.flink/schemas/schemas.json +12 -12
- package/.flink/schemas/schemas.ts +13 -13
- package/.flink/start.ts +1 -1
- package/dist/.flink/generatedHandlers.js +1 -1
- package/dist/.flink/generatedRepos.js +1 -1
- package/dist/.flink/schemas/schemas.d.ts +12 -12
- package/dist/.flink/schemas/schemas.json +12 -12
- package/dist/.flink/start.js +1 -1
- package/dist/src/coreFunctions.js +32 -21
- package/dist/src/handlers/Management/DeleteUserByUserid.d.ts +1 -1
- package/dist/src/handlers/Management/DeleteUserByUserid.js +2 -2
- package/dist/src/handlers/Management/GetSchema.d.ts +1 -1
- package/dist/src/handlers/Management/GetSchema.js +2 -2
- package/dist/src/handlers/Management/GetUser.d.ts +1 -1
- package/dist/src/handlers/Management/GetUser.js +2 -2
- package/dist/src/handlers/Management/GetUserByUserid.d.ts +1 -1
- package/dist/src/handlers/Management/GetUserByUserid.js +4 -4
- package/dist/src/handlers/Management/PutUserPasswordByUserid.d.ts +1 -1
- package/dist/src/handlers/Management/PutUserPasswordByUserid.js +3 -3
- package/dist/src/handlers/Management/PutUserProfileByUserid.d.ts +1 -1
- package/dist/src/handlers/Management/PutUserProfileByUserid.js +4 -4
- package/dist/src/handlers/Management/PutUserProfileByUseridAppend.d.ts +1 -1
- package/dist/src/handlers/Management/PutUserProfileByUseridAppend.js +4 -4
- package/dist/src/handlers/Management/PutUserRolesByUserid.d.ts +1 -1
- package/dist/src/handlers/Management/PutUserRolesByUserid.js +4 -4
- package/dist/src/handlers/Management/PutUserUsernameByUserid.d.ts +1 -1
- package/dist/src/handlers/Management/PutUserUsernameByUserid.js +7 -5
- package/dist/src/handlers/UserCreate.d.ts +1 -1
- package/dist/src/handlers/UserCreate.js +2 -2
- package/dist/src/handlers/UserLogin.d.ts +1 -1
- package/dist/src/handlers/UserLogin.js +3 -3
- package/dist/src/handlers/UserPasswordPut.d.ts +1 -1
- package/dist/src/handlers/UserPasswordPut.js +2 -2
- package/dist/src/handlers/UserPasswordResetComplete.d.ts +2 -3
- package/dist/src/handlers/UserPasswordResetComplete.js +7 -12
- package/dist/src/handlers/UserPasswordResetForm.d.ts +6 -0
- package/dist/src/handlers/UserPasswordResetForm.js +96 -0
- package/dist/src/handlers/UserPasswordResetStart.d.ts +1 -1
- package/dist/src/handlers/UserPasswordResetStart.js +3 -2
- package/dist/src/handlers/UserProfileGet.d.ts +1 -1
- package/dist/src/handlers/UserProfileGet.js +3 -3
- package/dist/src/handlers/UserProfilePut.d.ts +1 -1
- package/dist/src/handlers/UserProfilePut.js +4 -4
- package/dist/src/handlers/UserPushRegisterToken.d.ts +1 -1
- package/dist/src/handlers/UserPushRegisterToken.js +3 -3
- package/dist/src/handlers/UserPushRemoveToken.d.ts +1 -1
- package/dist/src/handlers/UserPushRemoveToken.js +3 -3
- package/dist/src/handlers/UserToken.d.ts +1 -1
- package/dist/src/handlers/UserToken.js +3 -3
- package/dist/src/init.js +11 -0
- package/dist/src/schemas/UserPasswordResetSettings.d.ts +2 -0
- package/package.json +6 -6
- package/src/coreFunctions.ts +190 -175
- package/src/handlers/Management/GetUserByUserid.ts +21 -15
- package/src/handlers/Management/PutUserPasswordByUserid.ts +1 -1
- package/src/handlers/Management/PutUserProfileByUserid.ts +22 -16
- package/src/handlers/Management/PutUserProfileByUseridAppend.ts +26 -20
- package/src/handlers/Management/PutUserRolesByUserid.ts +22 -17
- package/src/handlers/Management/PutUserUsernameByUserid.ts +28 -19
- package/src/handlers/UserPasswordResetComplete.ts +2 -10
- package/src/handlers/UserPasswordResetForm.ts +144 -0
- package/src/handlers/UserPasswordResetStart.ts +1 -0
- package/src/handlers/UserProfileGet.ts +1 -1
- package/src/handlers/UserProfilePut.ts +2 -2
- package/src/handlers/UserPushRegisterToken.ts +1 -1
- package/src/handlers/UserPushRemoveToken.ts +1 -1
- package/src/handlers/UserToken.ts +1 -1
- package/src/init.ts +12 -0
- package/src/schemas/UserPasswordResetCompleteReq.ts +5 -5
- package/src/schemas/UserPasswordResetSettings.ts +14 -12
- package/src/schemas/UserPasswordResetStartRes.ts +5 -5
|
@@ -36,7 +36,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
36
36
|
}
|
|
37
37
|
};
|
|
38
38
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
39
|
-
exports.__schemas = exports.__file = exports.__assumedHttpMethod = void 0;
|
|
39
|
+
exports.__schemas = exports.__params = exports.__query = exports.__file = exports.__assumedHttpMethod = void 0;
|
|
40
40
|
var flink_1 = require("@flink-app/flink");
|
|
41
41
|
var getUserTokenHandler = function (_a) {
|
|
42
42
|
var ctx = _a.ctx, req = _a.req, origin = _a.origin;
|
|
@@ -47,7 +47,7 @@ var getUserTokenHandler = function (_a) {
|
|
|
47
47
|
case 0:
|
|
48
48
|
pluginName = origin || "genericAuthPlugin";
|
|
49
49
|
repo = ctx.repos[ctx.plugins[pluginName].repoName];
|
|
50
|
-
return [4 /*yield*/, repo.
|
|
50
|
+
return [4 /*yield*/, repo.getById(req.user._id)];
|
|
51
51
|
case 1:
|
|
52
52
|
user = _b.sent();
|
|
53
53
|
if (user == null) {
|
|
@@ -65,5 +65,5 @@ var getUserTokenHandler = function (_a) {
|
|
|
65
65
|
});
|
|
66
66
|
};
|
|
67
67
|
exports.default = getUserTokenHandler;
|
|
68
|
-
exports.__assumedHttpMethod = "", exports.__file = "UserToken.ts";
|
|
68
|
+
exports.__assumedHttpMethod = "", exports.__file = "UserToken.ts", exports.__query = [], exports.__params = [];
|
|
69
69
|
exports.__schemas = { reqSchema: { "type": "object", "additionalProperties": false, "properties": { "token": { "type": "string" } }, "required": ["token"] }, resSchema: undefined };
|
package/dist/src/init.js
CHANGED
|
@@ -31,7 +31,9 @@ var postPasswordResetCompleteHandler = __importStar(require("./handlers/UserPass
|
|
|
31
31
|
var postUserPushRegisterTokenHandler = __importStar(require("./handlers/UserPushRegisterToken"));
|
|
32
32
|
var postUserRemoveTokenHandler = __importStar(require("./handlers/UserPushRemoveToken"));
|
|
33
33
|
var getUserTokenHandler = __importStar(require("./handlers/UserToken"));
|
|
34
|
+
var UserPasswordResetForm_1 = require("./handlers/UserPasswordResetForm");
|
|
34
35
|
function init(app, options) {
|
|
36
|
+
var _a, _b;
|
|
35
37
|
if (options.enableUserCreation == null)
|
|
36
38
|
options.enableUserCreation = true;
|
|
37
39
|
if (options.enableProfileUpdate == null)
|
|
@@ -100,6 +102,15 @@ function init(app, options) {
|
|
|
100
102
|
docs: "Completes a password reset for a user",
|
|
101
103
|
origin: options.pluginId,
|
|
102
104
|
});
|
|
105
|
+
if ((_a = options.passwordResetSettings) === null || _a === void 0 ? void 0 : _a.enablePasswordResetForm) {
|
|
106
|
+
(_b = app.expressApp) === null || _b === void 0 ? void 0 : _b.get(options.baseUrl + "/password/reset/form", function (req, res) {
|
|
107
|
+
var _a;
|
|
108
|
+
return UserPasswordResetForm_1.handleUserPasswordResetForm(req, res, {
|
|
109
|
+
templateFile: (_a = options.passwordResetSettings) === null || _a === void 0 ? void 0 : _a.passwordResetForm,
|
|
110
|
+
completeUrl: options.baseUrl + "/password/reset/complete",
|
|
111
|
+
});
|
|
112
|
+
});
|
|
113
|
+
}
|
|
103
114
|
}
|
|
104
115
|
if (options.enablePushNotificationTokens) {
|
|
105
116
|
app.addHandler(postUserPushRegisterTokenHandler, {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@flink-app/generic-auth-plugin",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.3.1",
|
|
4
4
|
"description": "Flink plugin that provides a generic user authentification solution.",
|
|
5
5
|
"scripts": {
|
|
6
6
|
"test": "echo \"Error: no test specified\"",
|
|
@@ -16,18 +16,18 @@
|
|
|
16
16
|
"types": "dist/src/index.d.ts",
|
|
17
17
|
"main": "dist/src/index.js",
|
|
18
18
|
"dependencies": {
|
|
19
|
-
"@flink-app/email-plugin": "^0.
|
|
20
|
-
"@flink-app/jwt-auth-plugin": "^0.
|
|
21
|
-
"@flink-app/management-api-plugin": "^0.
|
|
19
|
+
"@flink-app/email-plugin": "^0.3.0",
|
|
20
|
+
"@flink-app/jwt-auth-plugin": "^0.3.0",
|
|
21
|
+
"@flink-app/management-api-plugin": "^0.3.0",
|
|
22
22
|
"handlebars": "^4.7.7",
|
|
23
23
|
"jsonwebtoken": "^8.5.1"
|
|
24
24
|
},
|
|
25
25
|
"devDependencies": {
|
|
26
|
-
"@flink-app/flink": "^0.
|
|
26
|
+
"@flink-app/flink": "^0.3.0",
|
|
27
27
|
"@types/jsonwebtoken": "^8.5.2",
|
|
28
28
|
"@types/node": "^15.6.2",
|
|
29
29
|
"ts-node": "^9.1.1",
|
|
30
30
|
"typescript": "^4.2.4"
|
|
31
31
|
},
|
|
32
|
-
"gitHead": "
|
|
32
|
+
"gitHead": "95140d0eaa2c17a8f6214c44fe5dda057585af82"
|
|
33
33
|
}
|
package/src/coreFunctions.ts
CHANGED
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
|
|
2
1
|
import { FlinkRepo, FlinkAuthUser, log } from "@flink-app/flink";
|
|
3
2
|
import { JwtAuthPlugin, jwtAuthPlugin } from "@flink-app/jwt-auth-plugin";
|
|
4
3
|
|
|
@@ -7,70 +6,78 @@ import { UserCreateRes } from "./schemas/UserCreateRes";
|
|
|
7
6
|
import { UserLoginRes } from "./schemas/UserLoginRes";
|
|
8
7
|
import { UserProfile } from "./schemas/UserProfile";
|
|
9
8
|
import { UserPasswordChangeRes } from "./schemas/UserPasswordChangeRes";
|
|
10
|
-
import { UserPasswordResetStartRes} from "./schemas/UserPasswordResetStartRes";
|
|
9
|
+
import { UserPasswordResetStartRes } from "./schemas/UserPasswordResetStartRes";
|
|
11
10
|
import { UserPasswordResetCompleteRes } from "./schemas/UserPasswordResetCompleteRes";
|
|
12
11
|
|
|
13
12
|
import jsonwebtoken from "jsonwebtoken";
|
|
14
13
|
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
export function getJtwTokenPlugin(secret : string, rolePermissions? : { [role: string]: string[]; }, passwordPolicy? : RegExp){
|
|
18
|
-
if(passwordPolicy == undefined){
|
|
14
|
+
export function getJtwTokenPlugin(secret: string, rolePermissions?: { [role: string]: string[] }, passwordPolicy?: RegExp) {
|
|
15
|
+
if (passwordPolicy == undefined) {
|
|
19
16
|
passwordPolicy = /.{1,}$/;
|
|
20
17
|
}
|
|
21
|
-
if(rolePermissions == undefined){
|
|
22
|
-
rolePermissions = {
|
|
18
|
+
if (rolePermissions == undefined) {
|
|
19
|
+
rolePermissions = {};
|
|
23
20
|
}
|
|
24
|
-
if(rolePermissions["user"] == null){
|
|
21
|
+
if (rolePermissions["user"] == null) {
|
|
25
22
|
rolePermissions["user"] = [];
|
|
26
23
|
}
|
|
27
|
-
if(!rolePermissions["user"].includes("authenticated")) rolePermissions["user"].push("authenticated");
|
|
24
|
+
if (!rolePermissions["user"].includes("authenticated")) rolePermissions["user"].push("authenticated");
|
|
28
25
|
|
|
29
26
|
return jwtAuthPlugin({
|
|
30
|
-
secret,
|
|
31
|
-
getUser
|
|
27
|
+
secret,
|
|
28
|
+
getUser: (tokenData: any) => {
|
|
32
29
|
return new Promise<FlinkAuthUser>((res) => {
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
})
|
|
30
|
+
res({
|
|
31
|
+
username: tokenData.username,
|
|
32
|
+
_id: tokenData._id,
|
|
33
|
+
});
|
|
34
|
+
});
|
|
38
35
|
},
|
|
39
36
|
passwordPolicy,
|
|
40
|
-
rolePermissions
|
|
41
|
-
})
|
|
37
|
+
rolePermissions,
|
|
38
|
+
});
|
|
42
39
|
}
|
|
43
40
|
|
|
44
|
-
export async function createUser(
|
|
45
|
-
|
|
46
|
-
|
|
41
|
+
export async function createUser(
|
|
42
|
+
repo: FlinkRepo<any, User>,
|
|
43
|
+
auth: JwtAuthPlugin,
|
|
44
|
+
username: string,
|
|
45
|
+
password: string,
|
|
46
|
+
authentificationMethod: "password" | "sms",
|
|
47
|
+
roles: string[],
|
|
48
|
+
profile: UserProfile,
|
|
49
|
+
createPasswordHashAndSaltMethod?: {
|
|
50
|
+
(password: string): Promise<{ hash: string; salt: string } | null>;
|
|
51
|
+
}
|
|
52
|
+
): Promise<UserCreateRes> {
|
|
53
|
+
if (!roles.includes("user")) roles.push("user");
|
|
47
54
|
|
|
48
|
-
const existingUser = await repo.getOne({ username
|
|
49
|
-
if(existingUser != null){
|
|
55
|
+
const existingUser = await repo.getOne({ username: username.toLowerCase() });
|
|
56
|
+
if (existingUser != null) {
|
|
50
57
|
return {
|
|
51
|
-
status
|
|
52
|
-
}
|
|
58
|
+
status: "userExists",
|
|
59
|
+
};
|
|
53
60
|
}
|
|
54
|
-
let userData
|
|
55
|
-
username,
|
|
61
|
+
let userData: Omit<User, "_id"> = {
|
|
62
|
+
username: username.toLowerCase(),
|
|
56
63
|
roles,
|
|
57
64
|
profile,
|
|
58
65
|
authentificationMethod,
|
|
59
|
-
pushNotificationTokens
|
|
60
|
-
}
|
|
66
|
+
pushNotificationTokens: [],
|
|
67
|
+
};
|
|
61
68
|
|
|
62
|
-
if(authentificationMethod == "password"){
|
|
69
|
+
if (authentificationMethod == "password") {
|
|
63
70
|
let passwordAndSalt = null;
|
|
64
|
-
if(createPasswordHashAndSaltMethod != null){
|
|
71
|
+
if (createPasswordHashAndSaltMethod != null) {
|
|
65
72
|
passwordAndSalt = await createPasswordHashAndSaltMethod(password);
|
|
66
|
-
}else{
|
|
73
|
+
} else {
|
|
67
74
|
passwordAndSalt = await auth.createPasswordHashAndSalt(password);
|
|
68
75
|
}
|
|
69
|
-
|
|
70
|
-
if(passwordAndSalt == null){
|
|
76
|
+
|
|
77
|
+
if (passwordAndSalt == null) {
|
|
71
78
|
return {
|
|
72
|
-
status
|
|
73
|
-
}
|
|
79
|
+
status: "passwordError",
|
|
80
|
+
};
|
|
74
81
|
}
|
|
75
82
|
userData.password = passwordAndSalt.hash;
|
|
76
83
|
userData.salt = passwordAndSalt.salt;
|
|
@@ -78,207 +85,215 @@ export async function createUser( repo : FlinkRepo<any, User>, auth : JwtAuthPlu
|
|
|
78
85
|
|
|
79
86
|
const user = await repo.create(userData);
|
|
80
87
|
|
|
81
|
-
const token = await auth.createToken({ username
|
|
88
|
+
const token = await auth.createToken({ username: username.toLowerCase(), _id: user._id }, roles);
|
|
82
89
|
|
|
83
90
|
return {
|
|
84
|
-
status
|
|
85
|
-
user
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
username
|
|
89
|
-
}
|
|
90
|
-
}
|
|
91
|
-
|
|
92
|
-
}
|
|
91
|
+
status: "success",
|
|
92
|
+
user: {
|
|
93
|
+
_id: user._id,
|
|
94
|
+
token: token,
|
|
95
|
+
username: username.toLowerCase(),
|
|
96
|
+
},
|
|
97
|
+
};
|
|
98
|
+
}
|
|
93
99
|
|
|
94
|
-
export async function loginUser(
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
100
|
+
export async function loginUser(
|
|
101
|
+
repo: FlinkRepo<any, User>,
|
|
102
|
+
auth: JwtAuthPlugin,
|
|
103
|
+
username: string,
|
|
104
|
+
password: string | undefined,
|
|
105
|
+
validatePasswordMethod?: {
|
|
106
|
+
(password: string, hash: string, salt: string): Promise<boolean>;
|
|
107
|
+
}
|
|
108
|
+
): Promise<UserLoginRes> {
|
|
109
|
+
const user = await repo.getOne({ username: username.toLowerCase() });
|
|
110
|
+
if (user == null) {
|
|
111
|
+
return { status: "failed" };
|
|
98
112
|
}
|
|
99
|
-
|
|
100
|
-
let valid : boolean = false;
|
|
101
113
|
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
if(
|
|
114
|
+
let valid: boolean = false;
|
|
115
|
+
|
|
116
|
+
if (user.authentificationMethod == "password") {
|
|
117
|
+
if (password == null) password = "";
|
|
118
|
+
|
|
119
|
+
if (validatePasswordMethod != null) {
|
|
106
120
|
valid = await validatePasswordMethod(password, <string>user.password, <string>user.salt);
|
|
107
121
|
|
|
108
122
|
//If not valid, try to use default auth
|
|
109
|
-
if(!valid){
|
|
110
|
-
try{
|
|
111
|
-
valid = await auth.validatePassword(password, <string>user.password, <string>user.salt);
|
|
112
|
-
}catch(ex){}
|
|
123
|
+
if (!valid) {
|
|
124
|
+
try {
|
|
125
|
+
valid = await auth.validatePassword(password, <string>user.password, <string>user.salt);
|
|
126
|
+
} catch (ex) {}
|
|
113
127
|
}
|
|
114
|
-
}else{
|
|
128
|
+
} else {
|
|
115
129
|
valid = await auth.validatePassword(password, <string>user.password, <string>user.salt);
|
|
116
|
-
|
|
117
130
|
}
|
|
118
|
-
|
|
119
131
|
}
|
|
120
|
-
if(user.authentificationMethod == "sms"){
|
|
121
|
-
log.error("SMS login is not yet impleted.")
|
|
122
|
-
return { status
|
|
132
|
+
if (user.authentificationMethod == "sms") {
|
|
133
|
+
log.error("SMS login is not yet impleted.");
|
|
134
|
+
return { status: "failed" };
|
|
123
135
|
}
|
|
124
136
|
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
const token = await auth.createToken({ username : username.toLowerCase(), _id : user._id}, user.roles);
|
|
137
|
+
if (valid) {
|
|
138
|
+
const token = await auth.createToken({ username: username.toLowerCase(), _id: user._id }, user.roles);
|
|
128
139
|
|
|
129
140
|
return {
|
|
130
|
-
status
|
|
131
|
-
user
|
|
132
|
-
_id
|
|
133
|
-
username
|
|
141
|
+
status: "success",
|
|
142
|
+
user: {
|
|
143
|
+
_id: user._id,
|
|
144
|
+
username: user.username,
|
|
134
145
|
token,
|
|
135
|
-
profile
|
|
136
|
-
}
|
|
137
|
-
}
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
return { status : "failed" };
|
|
146
|
+
profile: user.profile,
|
|
147
|
+
},
|
|
148
|
+
};
|
|
149
|
+
} else {
|
|
150
|
+
return { status: "failed" };
|
|
141
151
|
}
|
|
142
152
|
}
|
|
143
153
|
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
154
|
+
export async function changePassword(
|
|
155
|
+
repo: FlinkRepo<any, User>,
|
|
156
|
+
auth: JwtAuthPlugin,
|
|
157
|
+
userId: string,
|
|
158
|
+
newPassword: string,
|
|
159
|
+
createPasswordHashAndSaltMethod?: {
|
|
160
|
+
(password: string): Promise<{ hash: string; salt: string } | null>;
|
|
151
161
|
}
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
162
|
+
): Promise<UserPasswordChangeRes> {
|
|
163
|
+
const user = await repo.getById(userId);
|
|
164
|
+
if (user == null) {
|
|
165
|
+
return { status: "failed" };
|
|
166
|
+
}
|
|
167
|
+
|
|
168
|
+
if (user.authentificationMethod != "password") {
|
|
169
|
+
return { status: "failed" };
|
|
155
170
|
}
|
|
156
171
|
|
|
157
172
|
let passwordAndSalt = null;
|
|
158
|
-
|
|
159
|
-
if(createPasswordHashAndSaltMethod == null){
|
|
173
|
+
|
|
174
|
+
if (createPasswordHashAndSaltMethod == null) {
|
|
160
175
|
passwordAndSalt = await auth.createPasswordHashAndSalt(newPassword);
|
|
161
|
-
}else{
|
|
162
|
-
passwordAndSalt = await createPasswordHashAndSaltMethod(newPassword)
|
|
176
|
+
} else {
|
|
177
|
+
passwordAndSalt = await createPasswordHashAndSaltMethod(newPassword);
|
|
163
178
|
}
|
|
164
|
-
|
|
165
|
-
if(passwordAndSalt == null){
|
|
179
|
+
|
|
180
|
+
if (passwordAndSalt == null) {
|
|
166
181
|
return {
|
|
167
|
-
status
|
|
168
|
-
}
|
|
182
|
+
status: "passwordError",
|
|
183
|
+
};
|
|
169
184
|
}
|
|
170
185
|
|
|
171
|
-
await repo.updateOne(userId, {
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
186
|
+
await repo.updateOne(userId, {
|
|
187
|
+
password: passwordAndSalt.hash,
|
|
188
|
+
salt: passwordAndSalt.salt,
|
|
189
|
+
});
|
|
177
190
|
|
|
191
|
+
return { status: "success" };
|
|
178
192
|
}
|
|
179
193
|
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
194
|
+
export async function passwordResetStart(
|
|
195
|
+
repo: FlinkRepo<any, User>,
|
|
196
|
+
auth: JwtAuthPlugin,
|
|
197
|
+
jwtSecret: string,
|
|
198
|
+
username: string,
|
|
199
|
+
numberOfDigits?: number,
|
|
200
|
+
lifeTime?: string
|
|
201
|
+
): Promise<UserPasswordResetStartRes> {
|
|
202
|
+
const user = await repo.getOne({ username: username.toLowerCase() });
|
|
203
|
+
if (user == null) {
|
|
204
|
+
return { status: "userNotFound" };
|
|
189
205
|
}
|
|
190
|
-
|
|
191
|
-
if(user.authentificationMethod != "password"){
|
|
192
|
-
return { status
|
|
206
|
+
|
|
207
|
+
if (user.authentificationMethod != "password") {
|
|
208
|
+
return { status: "userNotFound" };
|
|
193
209
|
}
|
|
194
210
|
|
|
195
|
-
if(numberOfDigits == null) numberOfDigits = 6;
|
|
196
|
-
if(lifeTime == null) lifeTime = "1h"
|
|
211
|
+
if (numberOfDigits == null) numberOfDigits = 6;
|
|
212
|
+
if (lifeTime == null) lifeTime = "1h";
|
|
197
213
|
|
|
198
214
|
const payload = {
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
const code = generate(numberOfDigits)
|
|
215
|
+
type: "passwordReset",
|
|
216
|
+
username: username.toLocaleLowerCase(),
|
|
217
|
+
};
|
|
218
|
+
const code = generate(numberOfDigits);
|
|
204
219
|
|
|
205
220
|
const secret = jwtSecret + ":" + code;
|
|
206
221
|
|
|
207
|
-
const options
|
|
208
|
-
expiresIn
|
|
209
|
-
}
|
|
210
|
-
|
|
211
|
-
const token = jsonwebtoken.sign(payload, secret, options )
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
return { status : "success", passwordResetToken : token, code, profile : user.profile }
|
|
215
|
-
|
|
216
|
-
|
|
222
|
+
const options: jsonwebtoken.SignOptions = {
|
|
223
|
+
expiresIn: lifeTime,
|
|
224
|
+
};
|
|
217
225
|
|
|
226
|
+
const token = jsonwebtoken.sign(payload, secret, options);
|
|
218
227
|
|
|
228
|
+
return {
|
|
229
|
+
status: "success",
|
|
230
|
+
passwordResetToken: token,
|
|
231
|
+
code,
|
|
232
|
+
profile: user.profile,
|
|
233
|
+
};
|
|
219
234
|
}
|
|
220
235
|
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
236
|
+
export async function passwordResetComplete(
|
|
237
|
+
repo: FlinkRepo<any, User>,
|
|
238
|
+
auth: JwtAuthPlugin,
|
|
239
|
+
jwtSecret: string,
|
|
240
|
+
passwordResetToken: string,
|
|
241
|
+
code: string,
|
|
242
|
+
newPassword: string,
|
|
243
|
+
createPasswordHashAndSaltMethod?: {
|
|
244
|
+
(password: string): Promise<{ hash: string; salt: string } | null>;
|
|
245
|
+
}
|
|
246
|
+
): Promise<UserPasswordResetCompleteRes> {
|
|
247
|
+
let payload: { type: string; username: string } = { type: "", username: "" };
|
|
248
|
+
try {
|
|
227
249
|
const secret = jwtSecret + ":" + code;
|
|
228
|
-
payload = <{ type
|
|
229
|
-
}catch(ex){
|
|
230
|
-
return { status
|
|
250
|
+
payload = <{ type: string; username: string }>jsonwebtoken.verify(passwordResetToken, secret);
|
|
251
|
+
} catch (ex) {
|
|
252
|
+
return { status: "invalidCode" };
|
|
231
253
|
}
|
|
232
254
|
|
|
233
|
-
const user = await repo.getOne({ username
|
|
234
|
-
if(user == null){
|
|
235
|
-
return { status
|
|
236
|
-
}
|
|
237
|
-
|
|
238
|
-
if(user.authentificationMethod != "password"){
|
|
239
|
-
return { status : "userNotFound"};
|
|
255
|
+
const user = await repo.getOne({ username: payload.username });
|
|
256
|
+
if (user == null) {
|
|
257
|
+
return { status: "userNotFound" };
|
|
240
258
|
}
|
|
241
259
|
|
|
242
|
-
|
|
260
|
+
if (user.authentificationMethod != "password") {
|
|
261
|
+
return { status: "userNotFound" };
|
|
262
|
+
}
|
|
243
263
|
|
|
244
264
|
let passwordAndSalt = null;
|
|
245
|
-
|
|
246
|
-
if(createPasswordHashAndSaltMethod == null){
|
|
265
|
+
|
|
266
|
+
if (createPasswordHashAndSaltMethod == null) {
|
|
247
267
|
passwordAndSalt = await auth.createPasswordHashAndSalt(newPassword);
|
|
248
|
-
}else{
|
|
268
|
+
} else {
|
|
249
269
|
passwordAndSalt = await createPasswordHashAndSaltMethod(newPassword);
|
|
250
270
|
}
|
|
251
|
-
|
|
252
271
|
|
|
253
|
-
if(passwordAndSalt == null){
|
|
272
|
+
if (passwordAndSalt == null) {
|
|
254
273
|
return {
|
|
255
|
-
status
|
|
256
|
-
}
|
|
274
|
+
status: "passwordError",
|
|
275
|
+
};
|
|
257
276
|
}
|
|
258
277
|
|
|
259
|
-
await repo.updateOne(user._id, {
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
278
|
+
await repo.updateOne(user._id, {
|
|
279
|
+
password: passwordAndSalt.hash,
|
|
280
|
+
salt: passwordAndSalt.salt,
|
|
281
|
+
});
|
|
265
282
|
|
|
283
|
+
return { status: "success" };
|
|
266
284
|
}
|
|
267
285
|
|
|
286
|
+
function generate(n: number): string {
|
|
287
|
+
var add = 1,
|
|
288
|
+
max = 12 - add;
|
|
268
289
|
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
function generate(n : number) : string {
|
|
272
|
-
var add = 1, max = 12 - add;
|
|
273
|
-
|
|
274
|
-
if ( n > max ) {
|
|
275
|
-
return generate(max) + generate(n - max);
|
|
290
|
+
if (n > max) {
|
|
291
|
+
return generate(max) + generate(n - max);
|
|
276
292
|
}
|
|
277
293
|
|
|
278
|
-
max
|
|
279
|
-
var min
|
|
280
|
-
var number = Math.floor(
|
|
294
|
+
max = Math.pow(10, n + add);
|
|
295
|
+
var min = max / 10;
|
|
296
|
+
var number = Math.floor(Math.random() * (max - min + 1)) + min;
|
|
281
297
|
|
|
282
|
-
return ("" + number).substring(add);
|
|
298
|
+
return ("" + number).substring(add);
|
|
283
299
|
}
|
|
284
|
-
|
|
@@ -1,25 +1,31 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import {
|
|
2
|
+
FlinkContext,
|
|
3
|
+
Handler,
|
|
4
|
+
HttpMethod,
|
|
5
|
+
notFound,
|
|
6
|
+
RouteProps,
|
|
7
|
+
} from "@flink-app/flink";
|
|
2
8
|
import { GetManagementUserByUseridReq } from "../../schemas/Management/GetUserByUseridReq";
|
|
3
9
|
import { GetManagementUserByUseridRes } from "../../schemas/Management/GetUserByUseridRes";
|
|
4
10
|
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
11
|
+
const GetManagementUserByUserid: Handler<
|
|
12
|
+
FlinkContext,
|
|
13
|
+
GetManagementUserByUseridReq,
|
|
14
|
+
GetManagementUserByUseridRes
|
|
15
|
+
> = async ({ ctx, req, origin }) => {
|
|
9
16
|
let pluginName = origin || "genericAuthPlugin";
|
|
10
|
-
let repo = ctx.repos[
|
|
17
|
+
let repo = ctx.repos[(<any>ctx.plugins)[pluginName].repoName];
|
|
11
18
|
|
|
12
|
-
const user = await repo.
|
|
13
|
-
if(user == null){
|
|
19
|
+
const user = await repo.getById(req.params.userid);
|
|
20
|
+
if (user == null) {
|
|
14
21
|
return notFound();
|
|
15
22
|
}
|
|
16
23
|
|
|
17
24
|
const { password, salt, ...u } = user;
|
|
18
25
|
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
export default GetManagementUserByUserid;
|
|
26
|
+
return {
|
|
27
|
+
data: u,
|
|
28
|
+
status: 200,
|
|
29
|
+
};
|
|
30
|
+
};
|
|
31
|
+
export default GetManagementUserByUserid;
|
|
@@ -11,7 +11,7 @@ const PutManagementUserPasswordByUserid: Handler<
|
|
|
11
11
|
let pluginName = origin || "genericAuthPlugin";
|
|
12
12
|
let repo = ctx.repos[(<any>ctx.plugins)[pluginName].repoName];
|
|
13
13
|
|
|
14
|
-
const user = await repo.
|
|
14
|
+
const user = await repo.getById(req.params.userid);
|
|
15
15
|
if (user == null) {
|
|
16
16
|
return notFound();
|
|
17
17
|
}
|