@flink-app/generic-auth-plugin 1.0.0 → 2.0.0-alpha.100

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (198) hide show
  1. package/.flink/generatedAgents.ts +5 -0
  2. package/.flink/generatedHandlers.ts +22 -22
  3. package/.flink/generatedJobs.ts +1 -1
  4. package/.flink/generatedRepos.ts +1 -1
  5. package/.flink/generatedServices.ts +5 -0
  6. package/.flink/generatedTools.ts +5 -0
  7. package/.flink/start.ts +4 -1
  8. package/CHANGELOG.md +586 -0
  9. package/dist/.flink/generatedAgents.d.ts +1 -0
  10. package/dist/.flink/generatedAgents.js +14 -0
  11. package/dist/.flink/generatedAgents.js.map +1 -0
  12. package/dist/.flink/generatedHandlers.js +13 -6
  13. package/dist/.flink/generatedHandlers.js.map +1 -0
  14. package/dist/.flink/generatedJobs.js +13 -6
  15. package/dist/.flink/generatedJobs.js.map +1 -0
  16. package/dist/.flink/generatedRepos.js +13 -6
  17. package/dist/.flink/generatedRepos.js.map +1 -0
  18. package/dist/.flink/generatedServices.js +14 -0
  19. package/dist/.flink/generatedServices.js.map +1 -0
  20. package/dist/.flink/generatedTools.d.ts +1 -0
  21. package/dist/.flink/generatedTools.js +14 -0
  22. package/dist/.flink/generatedTools.js.map +1 -0
  23. package/dist/.flink/schema-manifest.json +588 -0
  24. package/dist/.flink/schemas/schemas.js +1 -1
  25. package/dist/.flink/start.d.ts +2 -0
  26. package/dist/.flink/start.js +15 -3
  27. package/dist/.flink/start.js.map +1 -0
  28. package/dist/.tsbuildinfo +1 -0
  29. package/dist/src/coreFunctions.js +356 -412
  30. package/dist/src/coreFunctions.js.map +1 -0
  31. package/dist/src/genericAuthContext.js +3 -1
  32. package/dist/src/genericAuthContext.js.map +1 -0
  33. package/dist/src/genericAuthPluginOptions.js +3 -1
  34. package/dist/src/genericAuthPluginOptions.js.map +1 -0
  35. package/dist/src/handlers/Management/DeleteUserByUserid.d.ts +1 -1
  36. package/dist/src/handlers/Management/DeleteUserByUserid.js +21 -60
  37. package/dist/src/handlers/Management/DeleteUserByUserid.js.map +1 -0
  38. package/dist/src/handlers/Management/GetSchema.d.ts +1 -1
  39. package/dist/src/handlers/Management/GetSchema.js +16 -50
  40. package/dist/src/handlers/Management/GetSchema.js.map +1 -0
  41. package/dist/src/handlers/Management/GetUser.d.ts +1 -1
  42. package/dist/src/handlers/Management/GetUser.js +25 -59
  43. package/dist/src/handlers/Management/GetUser.js.map +1 -0
  44. package/dist/src/handlers/Management/GetUserByUserid.d.ts +1 -1
  45. package/dist/src/handlers/Management/GetUserByUserid.js +60 -71
  46. package/dist/src/handlers/Management/GetUserByUserid.js.map +1 -0
  47. package/dist/src/handlers/Management/GetUserViewByUserid.d.ts +1 -1
  48. package/dist/src/handlers/Management/GetUserViewByUserid.js +35 -74
  49. package/dist/src/handlers/Management/GetUserViewByUserid.js.map +1 -0
  50. package/dist/src/handlers/Management/PutUserPasswordByUserid.d.ts +1 -1
  51. package/dist/src/handlers/Management/PutUserPasswordByUserid.js +37 -85
  52. package/dist/src/handlers/Management/PutUserPasswordByUserid.js.map +1 -0
  53. package/dist/src/handlers/Management/PutUserProfileByUserid.d.ts +1 -1
  54. package/dist/src/handlers/Management/PutUserProfileByUserid.js +27 -70
  55. package/dist/src/handlers/Management/PutUserProfileByUserid.js.map +1 -0
  56. package/dist/src/handlers/Management/PutUserProfileByUseridAppend.d.ts +1 -1
  57. package/dist/src/handlers/Management/PutUserProfileByUseridAppend.js +53 -76
  58. package/dist/src/handlers/Management/PutUserProfileByUseridAppend.js.map +1 -0
  59. package/dist/src/handlers/Management/PutUserRolesByUserid.d.ts +1 -1
  60. package/dist/src/handlers/Management/PutUserRolesByUserid.js +24 -63
  61. package/dist/src/handlers/Management/PutUserRolesByUserid.js.map +1 -0
  62. package/dist/src/handlers/Management/PutUserUsernameByUserid.d.ts +1 -1
  63. package/dist/src/handlers/Management/PutUserUsernameByUserid.js +31 -72
  64. package/dist/src/handlers/Management/PutUserUsernameByUserid.js.map +1 -0
  65. package/dist/src/handlers/UserCreate.d.ts +1 -1
  66. package/dist/src/handlers/UserCreate.js +44 -84
  67. package/dist/src/handlers/UserCreate.js.map +1 -0
  68. package/dist/src/handlers/UserLogin.d.ts +1 -1
  69. package/dist/src/handlers/UserLogin.js +45 -88
  70. package/dist/src/handlers/UserLogin.js.map +1 -0
  71. package/dist/src/handlers/UserLoginByToken.d.ts +1 -1
  72. package/dist/src/handlers/UserLoginByToken.js +24 -63
  73. package/dist/src/handlers/UserLoginByToken.js.map +1 -0
  74. package/dist/src/handlers/UserPasswordPut.d.ts +1 -1
  75. package/dist/src/handlers/UserPasswordPut.js +24 -60
  76. package/dist/src/handlers/UserPasswordPut.js.map +1 -0
  77. package/dist/src/handlers/UserPasswordResetComplete.d.ts +1 -1
  78. package/dist/src/handlers/UserPasswordResetComplete.js +30 -66
  79. package/dist/src/handlers/UserPasswordResetComplete.js.map +1 -0
  80. package/dist/src/handlers/UserPasswordResetForm.d.ts +1 -1
  81. package/dist/src/handlers/UserPasswordResetForm.js +155 -110
  82. package/dist/src/handlers/UserPasswordResetForm.js.map +1 -0
  83. package/dist/src/handlers/UserPasswordResetStart.d.ts +1 -1
  84. package/dist/src/handlers/UserPasswordResetStart.js +66 -95
  85. package/dist/src/handlers/UserPasswordResetStart.js.map +1 -0
  86. package/dist/src/handlers/UserProfileGet.d.ts +1 -1
  87. package/dist/src/handlers/UserProfileGet.js +21 -60
  88. package/dist/src/handlers/UserProfileGet.js.map +1 -0
  89. package/dist/src/handlers/UserProfilePut.d.ts +1 -1
  90. package/dist/src/handlers/UserProfilePut.js +55 -81
  91. package/dist/src/handlers/UserProfilePut.js.map +1 -0
  92. package/dist/src/handlers/UserPushRegisterToken.d.ts +1 -1
  93. package/dist/src/handlers/UserPushRegisterToken.js +119 -118
  94. package/dist/src/handlers/UserPushRegisterToken.js.map +1 -0
  95. package/dist/src/handlers/UserPushRemoveToken.d.ts +1 -1
  96. package/dist/src/handlers/UserPushRemoveToken.js +26 -63
  97. package/dist/src/handlers/UserPushRemoveToken.js.map +1 -0
  98. package/dist/src/handlers/UserToken.d.ts +1 -1
  99. package/dist/src/handlers/UserToken.js +29 -63
  100. package/dist/src/handlers/UserToken.js.map +1 -0
  101. package/dist/src/index.js +133 -50
  102. package/dist/src/index.js.map +1 -0
  103. package/dist/src/init.js +160 -101
  104. package/dist/src/init.js.map +1 -0
  105. package/dist/src/management.js +109 -86
  106. package/dist/src/management.js.map +1 -0
  107. package/dist/src/schemas/Management/DeleteUserByUseridReq.js +3 -1
  108. package/dist/src/schemas/Management/DeleteUserByUseridReq.js.map +1 -0
  109. package/dist/src/schemas/Management/DeleteUserByUseridRes.js +3 -1
  110. package/dist/src/schemas/Management/DeleteUserByUseridRes.js.map +1 -0
  111. package/dist/src/schemas/Management/GetUserByUseridReq.js +3 -1
  112. package/dist/src/schemas/Management/GetUserByUseridReq.js.map +1 -0
  113. package/dist/src/schemas/Management/GetUserByUseridRes.js +3 -1
  114. package/dist/src/schemas/Management/GetUserByUseridRes.js.map +1 -0
  115. package/dist/src/schemas/Management/GetUserReq.js +3 -1
  116. package/dist/src/schemas/Management/GetUserReq.js.map +1 -0
  117. package/dist/src/schemas/Management/GetUserRes.js +3 -1
  118. package/dist/src/schemas/Management/GetUserRes.js.map +1 -0
  119. package/dist/src/schemas/Management/GetUserViewByUseridReq.js +3 -1
  120. package/dist/src/schemas/Management/GetUserViewByUseridReq.js.map +1 -0
  121. package/dist/src/schemas/Management/GetUserViewByUseridRes.js +3 -1
  122. package/dist/src/schemas/Management/GetUserViewByUseridRes.js.map +1 -0
  123. package/dist/src/schemas/Management/PutUserPasswordByUseridReq.js +3 -1
  124. package/dist/src/schemas/Management/PutUserPasswordByUseridReq.js.map +1 -0
  125. package/dist/src/schemas/Management/PutUserPasswordByUseridRes.js +3 -1
  126. package/dist/src/schemas/Management/PutUserPasswordByUseridRes.js.map +1 -0
  127. package/dist/src/schemas/Management/PutUserProfileByUseridReq.js +3 -1
  128. package/dist/src/schemas/Management/PutUserProfileByUseridReq.js.map +1 -0
  129. package/dist/src/schemas/Management/PutUserProfileByUseridRes.js +3 -1
  130. package/dist/src/schemas/Management/PutUserProfileByUseridRes.js.map +1 -0
  131. package/dist/src/schemas/Management/PutUserRolesByUseridReq.js +3 -1
  132. package/dist/src/schemas/Management/PutUserRolesByUseridReq.js.map +1 -0
  133. package/dist/src/schemas/Management/PutUserRolesByUseridRes.js +3 -1
  134. package/dist/src/schemas/Management/PutUserRolesByUseridRes.js.map +1 -0
  135. package/dist/src/schemas/Management/PutUserUsernameByUseridReq.js +3 -1
  136. package/dist/src/schemas/Management/PutUserUsernameByUseridReq.js.map +1 -0
  137. package/dist/src/schemas/Management/PutUserUsernameByUseridRes.js +3 -1
  138. package/dist/src/schemas/Management/PutUserUsernameByUseridRes.js.map +1 -0
  139. package/dist/src/schemas/PushNotificationToken.js +3 -1
  140. package/dist/src/schemas/PushNotificationToken.js.map +1 -0
  141. package/dist/src/schemas/PushNotificationTokenRes.js +3 -1
  142. package/dist/src/schemas/PushNotificationTokenRes.js.map +1 -0
  143. package/dist/src/schemas/User.js +3 -1
  144. package/dist/src/schemas/User.js.map +1 -0
  145. package/dist/src/schemas/UserCreateReq.js +3 -1
  146. package/dist/src/schemas/UserCreateReq.js.map +1 -0
  147. package/dist/src/schemas/UserCreateRes.js +3 -1
  148. package/dist/src/schemas/UserCreateRes.js.map +1 -0
  149. package/dist/src/schemas/UserLoginByTokenReq.js +3 -1
  150. package/dist/src/schemas/UserLoginByTokenReq.js.map +1 -0
  151. package/dist/src/schemas/UserLoginReq.js +3 -1
  152. package/dist/src/schemas/UserLoginReq.js.map +1 -0
  153. package/dist/src/schemas/UserLoginRes.js +3 -1
  154. package/dist/src/schemas/UserLoginRes.js.map +1 -0
  155. package/dist/src/schemas/UserPasswordChangeReq.js +3 -1
  156. package/dist/src/schemas/UserPasswordChangeReq.js.map +1 -0
  157. package/dist/src/schemas/UserPasswordChangeRes.js +3 -1
  158. package/dist/src/schemas/UserPasswordChangeRes.js.map +1 -0
  159. package/dist/src/schemas/UserPasswordResetCompleteReq.js +3 -1
  160. package/dist/src/schemas/UserPasswordResetCompleteReq.js.map +1 -0
  161. package/dist/src/schemas/UserPasswordResetCompleteRes.js +3 -1
  162. package/dist/src/schemas/UserPasswordResetCompleteRes.js.map +1 -0
  163. package/dist/src/schemas/UserPasswordResetSettings.js +3 -1
  164. package/dist/src/schemas/UserPasswordResetSettings.js.map +1 -0
  165. package/dist/src/schemas/UserPasswordResetStartReq.js +3 -1
  166. package/dist/src/schemas/UserPasswordResetStartReq.js.map +1 -0
  167. package/dist/src/schemas/UserPasswordResetStartRes.js +3 -1
  168. package/dist/src/schemas/UserPasswordResetStartRes.js.map +1 -0
  169. package/dist/src/schemas/UserPasswordResetStartResPublic.js +3 -1
  170. package/dist/src/schemas/UserPasswordResetStartResPublic.js.map +1 -0
  171. package/dist/src/schemas/UserProfile.js +3 -1
  172. package/dist/src/schemas/UserProfile.js.map +1 -0
  173. package/dist/src/schemas/UserTokenRes.js +3 -1
  174. package/dist/src/schemas/UserTokenRes.js.map +1 -0
  175. package/package.json +9 -6
  176. package/src/coreFunctions.ts +3 -3
  177. package/src/handlers/Management/DeleteUserByUserid.ts +10 -14
  178. package/src/handlers/Management/GetSchema.ts +6 -12
  179. package/src/handlers/Management/GetUser.ts +11 -15
  180. package/src/handlers/Management/GetUserByUserid.ts +13 -23
  181. package/src/handlers/Management/PutUserPasswordByUserid.ts +39 -45
  182. package/src/handlers/Management/PutUserProfileByUserid.ts +21 -27
  183. package/src/handlers/Management/PutUserProfileByUseridAppend.ts +22 -28
  184. package/src/handlers/Management/PutUserRolesByUserid.ts +17 -23
  185. package/src/handlers/Management/PutUserUsernameByUserid.ts +24 -31
  186. package/src/handlers/UserLoginByToken.ts +20 -27
  187. package/src/handlers/UserPasswordPut.ts +17 -24
  188. package/src/handlers/UserPasswordResetComplete.ts +31 -40
  189. package/src/handlers/UserPasswordResetForm.ts +25 -29
  190. package/src/handlers/UserPasswordResetStart.ts +13 -5
  191. package/src/handlers/UserProfileGet.ts +11 -14
  192. package/src/handlers/UserProfilePut.ts +1 -1
  193. package/src/handlers/UserPushRegisterToken.ts +2 -2
  194. package/src/handlers/UserPushRemoveToken.ts +12 -18
  195. package/src/handlers/UserToken.ts +13 -24
  196. package/src/init.ts +23 -1
  197. package/tsconfig.json +1 -1
  198. package/.flink/schemas/schemas.ts +0 -1
@@ -1,54 +1,44 @@
1
1
  "use strict";
2
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
- return new (P || (P = Promise))(function (resolve, reject) {
5
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
- step((generator = generator.apply(thisArg, _arguments || [])).next());
2
+ Object.defineProperty(exports, "__esModule", {
3
+ value: true
4
+ });
5
+ function _export(target, all) {
6
+ for(var name in all)Object.defineProperty(target, name, {
7
+ enumerable: true,
8
+ get: Object.getOwnPropertyDescriptor(all, name).get
9
9
  });
10
- };
11
- var __generator = (this && this.__generator) || function (thisArg, body) {
12
- var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g = Object.create((typeof Iterator === "function" ? Iterator : Object).prototype);
13
- return g.next = verb(0), g["throw"] = verb(1), g["return"] = verb(2), typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
14
- function verb(n) { return function (v) { return step([n, v]); }; }
15
- function step(op) {
16
- if (f) throw new TypeError("Generator is already executing.");
17
- while (g && (g = 0, op[0] && (_ = 0)), _) try {
18
- if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
19
- if (y = 0, t) op = [op[0] & 2, t.value];
20
- switch (op[0]) {
21
- case 0: case 1: t = op; break;
22
- case 4: _.label++; return { value: op[1], done: false };
23
- case 5: _.label++; y = op[1]; op = [0]; continue;
24
- case 7: op = _.ops.pop(); _.trys.pop(); continue;
25
- default:
26
- if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
27
- if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
28
- if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
29
- if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
30
- if (t[2]) _.ops.pop();
31
- _.trys.pop(); continue;
32
- }
33
- op = body.call(thisArg, _);
34
- } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
35
- if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
36
- }
37
- };
38
- var __importDefault = (this && this.__importDefault) || function (mod) {
39
- return (mod && mod.__esModule) ? mod : { "default": mod };
40
- };
41
- Object.defineProperty(exports, "__esModule", { value: true });
42
- exports.getJtwTokenPlugin = getJtwTokenPlugin;
43
- exports.createUser = createUser;
44
- exports.loginByToken = loginByToken;
45
- exports.loginUser = loginUser;
46
- exports.changePassword = changePassword;
47
- exports.passwordResetStart = passwordResetStart;
48
- exports.passwordResetComplete = passwordResetComplete;
49
- var flink_1 = require("@flink-app/flink");
50
- var jwt_auth_plugin_1 = require("@flink-app/jwt-auth-plugin");
51
- var jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
10
+ }
11
+ _export(exports, {
12
+ get changePassword () {
13
+ return changePassword;
14
+ },
15
+ get createUser () {
16
+ return createUser;
17
+ },
18
+ get getJtwTokenPlugin () {
19
+ return getJtwTokenPlugin;
20
+ },
21
+ get loginByToken () {
22
+ return loginByToken;
23
+ },
24
+ get loginUser () {
25
+ return loginUser;
26
+ },
27
+ get passwordResetComplete () {
28
+ return passwordResetComplete;
29
+ },
30
+ get passwordResetStart () {
31
+ return passwordResetStart;
32
+ }
33
+ });
34
+ const _flink = require("@flink-app/flink");
35
+ const _jwtauthplugin = require("@flink-app/jwt-auth-plugin");
36
+ const _jsonwebtoken = /*#__PURE__*/ _interop_require_default(require("jsonwebtoken"));
37
+ function _interop_require_default(obj) {
38
+ return obj && obj.__esModule ? obj : {
39
+ default: obj
40
+ };
41
+ }
52
42
  function getJtwTokenPlugin(secret, rolePermissions, passwordPolicy, tokenTTL) {
53
43
  if (passwordPolicy == undefined) {
54
44
  passwordPolicy = /.{1,}$/;
@@ -59,383 +49,337 @@ function getJtwTokenPlugin(secret, rolePermissions, passwordPolicy, tokenTTL) {
59
49
  if (rolePermissions["user"] == null) {
60
50
  rolePermissions["user"] = [];
61
51
  }
62
- if (!rolePermissions["user"].includes("authenticated"))
63
- rolePermissions["user"].push("authenticated");
64
- return (0, jwt_auth_plugin_1.jwtAuthPlugin)({
65
- secret: secret,
66
- getUser: function (tokenData) {
67
- return new Promise(function (res) {
52
+ if (!rolePermissions["user"].includes("authenticated")) rolePermissions["user"].push("authenticated");
53
+ return (0, _jwtauthplugin.jwtAuthPlugin)({
54
+ secret,
55
+ getUser: (tokenData)=>{
56
+ return new Promise((res)=>{
68
57
  res({
69
58
  username: tokenData.username,
70
- _id: tokenData._id,
59
+ _id: tokenData._id
71
60
  });
72
61
  });
73
62
  },
74
- passwordPolicy: passwordPolicy,
75
- rolePermissions: rolePermissions,
76
- tokenTTL: tokenTTL,
63
+ passwordPolicy,
64
+ rolePermissions,
65
+ tokenTTL
77
66
  });
78
67
  }
79
- function createUser(repo, auth, username, password, authentificationMethod, roles, profile, createPasswordHashAndSaltMethod, onUserCreated, personalNumber) {
80
- return __awaiter(this, void 0, void 0, function () {
81
- var existingUser, userData, passwordAndSalt, user, token;
82
- return __generator(this, function (_a) {
83
- switch (_a.label) {
84
- case 0:
85
- if (!roles.includes("user"))
86
- roles.push("user");
87
- return [4 /*yield*/, repo.getOne({ username: username.toLowerCase() })];
88
- case 1:
89
- existingUser = _a.sent();
90
- if (existingUser != null) {
91
- return [2 /*return*/, {
92
- status: "userExists",
93
- }];
94
- }
95
- userData = {
96
- username: username.toLowerCase(),
97
- roles: roles,
98
- profile: profile,
99
- authentificationMethod: authentificationMethod,
100
- pushNotificationTokens: [],
101
- };
102
- if (personalNumber) {
103
- userData.personalNumber = personalNumber;
104
- }
105
- if (authentificationMethod == "bankid") {
106
- if (!personalNumber) {
107
- flink_1.log.warn("BankID login requested but no personal number found for user");
108
- return [2 /*return*/, { status: "error" }];
109
- }
110
- }
111
- if (!(authentificationMethod == "password")) return [3 /*break*/, 6];
112
- passwordAndSalt = null;
113
- if (!(createPasswordHashAndSaltMethod != null)) return [3 /*break*/, 3];
114
- return [4 /*yield*/, createPasswordHashAndSaltMethod(password)];
115
- case 2:
116
- passwordAndSalt = _a.sent();
117
- return [3 /*break*/, 5];
118
- case 3: return [4 /*yield*/, auth.createPasswordHashAndSalt(password)];
119
- case 4:
120
- passwordAndSalt = _a.sent();
121
- _a.label = 5;
122
- case 5:
123
- if (passwordAndSalt == null) {
124
- return [2 /*return*/, {
125
- status: "passwordError",
126
- }];
127
- }
128
- userData.password = passwordAndSalt.hash;
129
- userData.salt = passwordAndSalt.salt;
130
- _a.label = 6;
131
- case 6: return [4 /*yield*/, repo.create(userData)];
132
- case 7:
133
- user = _a.sent();
134
- if (!onUserCreated) return [3 /*break*/, 9];
135
- return [4 /*yield*/, onUserCreated(user)];
136
- case 8:
137
- _a.sent();
138
- _a.label = 9;
139
- case 9: return [4 /*yield*/, auth.createToken({ username: username.toLowerCase(), _id: user._id }, roles)];
140
- case 10:
141
- token = _a.sent();
142
- if (user.authentificationMethod == "sms") {
143
- return [2 /*return*/, {
144
- status: "success",
145
- }];
146
- }
147
- return [2 /*return*/, {
148
- status: "success",
149
- user: {
150
- _id: user._id,
151
- token: token,
152
- username: username.toLowerCase(),
153
- },
154
- }];
155
- }
156
- });
68
+ async function createUser(repo, auth, username, password, authentificationMethod, roles, profile, createPasswordHashAndSaltMethod, onUserCreated, personalNumber) {
69
+ if (!roles.includes("user")) roles.push("user");
70
+ const existingUser = await repo.getOne({
71
+ username: username.toLowerCase()
157
72
  });
73
+ if (existingUser != null) {
74
+ return {
75
+ status: "userExists"
76
+ };
77
+ }
78
+ let userData = {
79
+ username: username.toLowerCase(),
80
+ roles,
81
+ profile,
82
+ authentificationMethod,
83
+ pushNotificationTokens: []
84
+ };
85
+ if (personalNumber) {
86
+ userData.personalNumber = personalNumber;
87
+ }
88
+ if (authentificationMethod == "bankid") {
89
+ if (!personalNumber) {
90
+ _flink.log.warn("BankID login requested but no personal number found for user");
91
+ return {
92
+ status: "error"
93
+ };
94
+ }
95
+ }
96
+ if (authentificationMethod == "password") {
97
+ let passwordAndSalt = null;
98
+ if (createPasswordHashAndSaltMethod != null) {
99
+ passwordAndSalt = await createPasswordHashAndSaltMethod(password);
100
+ } else {
101
+ passwordAndSalt = await auth.createPasswordHashAndSalt(password);
102
+ }
103
+ if (passwordAndSalt == null) {
104
+ return {
105
+ status: "passwordError"
106
+ };
107
+ }
108
+ userData.password = passwordAndSalt.hash;
109
+ userData.salt = passwordAndSalt.salt;
110
+ }
111
+ const user = await repo.create(userData);
112
+ if (onUserCreated) {
113
+ await onUserCreated(user);
114
+ }
115
+ const token = await auth.createToken({
116
+ username: username.toLowerCase(),
117
+ _id: user._id
118
+ }, roles);
119
+ if (user.authentificationMethod == "sms") {
120
+ return {
121
+ status: "success"
122
+ };
123
+ }
124
+ return {
125
+ status: "success",
126
+ user: {
127
+ _id: user._id,
128
+ token: token,
129
+ username: username.toLowerCase()
130
+ }
131
+ };
158
132
  }
159
- function loginByToken(repo, auth, token, code, jwtSecret) {
160
- return __awaiter(this, void 0, void 0, function () {
161
- var payload, user, authToken;
162
- return __generator(this, function (_a) {
163
- switch (_a.label) {
164
- case 0:
165
- try {
166
- payload = jsonwebtoken_1.default.verify(token, jwtSecret + ":" + code);
167
- }
168
- catch (ex) {
169
- return [2 /*return*/, { status: "failed" }];
170
- }
171
- if (payload.type != "smsLogin") {
172
- return [2 /*return*/, { status: "failed" }];
173
- }
174
- return [4 /*yield*/, repo.getById(payload.userId)];
175
- case 1:
176
- user = _a.sent();
177
- if (user == null) {
178
- return [2 /*return*/, { status: "failed" }];
179
- }
180
- return [4 /*yield*/, auth.createToken({ username: user.username.toLowerCase(), _id: user._id }, user.roles)];
181
- case 2:
182
- authToken = _a.sent();
183
- return [2 /*return*/, {
184
- status: "success",
185
- user: {
186
- _id: user._id,
187
- username: user.username,
188
- token: authToken,
189
- profile: user.profile,
190
- },
191
- }];
192
- }
193
- });
194
- });
133
+ async function loginByToken(repo, auth, token, code, jwtSecret) {
134
+ let payload;
135
+ try {
136
+ payload = _jsonwebtoken.default.verify(token, jwtSecret + ":" + code);
137
+ } catch (ex) {
138
+ return {
139
+ status: "failed"
140
+ };
141
+ }
142
+ if (payload.type != "smsLogin") {
143
+ return {
144
+ status: "failed"
145
+ };
146
+ }
147
+ const user = await repo.getById(payload.userId);
148
+ if (user == null) {
149
+ return {
150
+ status: "failed"
151
+ };
152
+ }
153
+ const authToken = await auth.createToken({
154
+ username: user.username.toLowerCase(),
155
+ _id: user._id
156
+ }, user.roles);
157
+ return {
158
+ status: "success",
159
+ user: {
160
+ _id: user._id,
161
+ username: user.username,
162
+ token: authToken,
163
+ profile: user.profile
164
+ }
165
+ };
195
166
  }
196
- function loginUser(repo, auth, username, password, validatePasswordMethod, smsOptions, onSuccessfulLogin, req) {
197
- return __awaiter(this, void 0, void 0, function () {
198
- var user, valid, ex_1, code, payload, secret, options, token, token;
199
- return __generator(this, function (_a) {
200
- switch (_a.label) {
201
- case 0: return [4 /*yield*/, repo.getOne({ username: username.toLowerCase() })];
202
- case 1:
203
- user = _a.sent();
204
- if (user == null) {
205
- return [2 /*return*/, { status: "failed" }];
206
- }
207
- valid = false;
208
- if (!(user.authentificationMethod == "password")) return [3 /*break*/, 9];
209
- if (password == null)
210
- password = "";
211
- if (!validatePasswordMethod) return [3 /*break*/, 7];
212
- return [4 /*yield*/, validatePasswordMethod(password, user.password, user.salt)];
213
- case 2:
214
- valid = _a.sent();
215
- if (!!valid) return [3 /*break*/, 6];
216
- _a.label = 3;
217
- case 3:
218
- _a.trys.push([3, 5, , 6]);
219
- return [4 /*yield*/, auth.validatePassword(password, user.password, user.salt)];
220
- case 4:
221
- valid = _a.sent();
222
- return [3 /*break*/, 6];
223
- case 5:
224
- ex_1 = _a.sent();
225
- return [3 /*break*/, 6];
226
- case 6: return [3 /*break*/, 9];
227
- case 7: return [4 /*yield*/, auth.validatePassword(password, user.password, user.salt)];
228
- case 8:
229
- valid = _a.sent();
230
- _a.label = 9;
231
- case 9:
232
- if (user.authentificationMethod == "sms") {
233
- if (!smsOptions)
234
- throw "SMS options must be specified to use SMS login";
235
- code = smsOptions.codeType == "numeric" ? generate(smsOptions.codeLength) : generateString(smsOptions.codeLength);
236
- smsOptions.smsClient.send({
237
- to: [user.username],
238
- from: smsOptions.smsFrom,
239
- message: smsOptions.smsMessage.replace("{{code}}", code),
240
- });
241
- payload = {
242
- type: "smsLogin",
243
- userId: user._id,
244
- };
245
- secret = smsOptions.jwtToken + ":" + code;
246
- options = {
247
- expiresIn: "1h",
248
- };
249
- token = jsonwebtoken_1.default.sign(payload, secret, options);
250
- return [2 /*return*/, {
251
- status: "success",
252
- validationToken: token,
253
- }];
254
- }
255
- if (user.authentificationMethod == "bankid") {
256
- if (!user.personalNumber) {
257
- flink_1.log.warn("BankID login requested but no personal number found for user");
258
- return [2 /*return*/, { status: "failed" }];
259
- }
260
- flink_1.log.warn("BankID login required to be handled in other way, i.e. using flink bankid plugin");
261
- return [2 /*return*/, { status: "failed" }];
262
- }
263
- if (!valid) return [3 /*break*/, 13];
264
- return [4 /*yield*/, auth.createToken({ username: username.toLowerCase(), _id: user._id }, user.roles)];
265
- case 10:
266
- token = _a.sent();
267
- if (!onSuccessfulLogin) return [3 /*break*/, 12];
268
- return [4 /*yield*/, onSuccessfulLogin(user, req)];
269
- case 11:
270
- _a.sent();
271
- _a.label = 12;
272
- case 12: return [2 /*return*/, {
273
- status: "success",
274
- user: {
275
- _id: user._id,
276
- username: user.username,
277
- token: token,
278
- profile: user.profile,
279
- },
280
- }];
281
- case 13: return [2 /*return*/, { status: "failed" }];
282
- }
283
- });
167
+ async function loginUser(repo, auth, username, password, validatePasswordMethod, smsOptions, onSuccessfulLogin, req) {
168
+ const user = await repo.getOne({
169
+ username: username.toLowerCase()
284
170
  });
285
- }
286
- function changePassword(repo, auth, userId, newPassword, createPasswordHashAndSaltMethod) {
287
- return __awaiter(this, void 0, void 0, function () {
288
- var user, passwordAndSalt;
289
- return __generator(this, function (_a) {
290
- switch (_a.label) {
291
- case 0: return [4 /*yield*/, repo.getById(userId)];
292
- case 1:
293
- user = _a.sent();
294
- if (user == null) {
295
- return [2 /*return*/, { status: "failed" }];
296
- }
297
- if (user.authentificationMethod != "password") {
298
- return [2 /*return*/, { status: "failed" }];
299
- }
300
- passwordAndSalt = null;
301
- if (!(createPasswordHashAndSaltMethod == null)) return [3 /*break*/, 3];
302
- return [4 /*yield*/, auth.createPasswordHashAndSalt(newPassword)];
303
- case 2:
304
- passwordAndSalt = _a.sent();
305
- return [3 /*break*/, 5];
306
- case 3: return [4 /*yield*/, createPasswordHashAndSaltMethod(newPassword)];
307
- case 4:
308
- passwordAndSalt = _a.sent();
309
- _a.label = 5;
310
- case 5:
311
- if (passwordAndSalt == null) {
312
- return [2 /*return*/, {
313
- status: "passwordError",
314
- }];
315
- }
316
- return [4 /*yield*/, repo.updateOne(userId, {
317
- password: passwordAndSalt.hash,
318
- salt: passwordAndSalt.salt,
319
- })];
320
- case 6:
321
- _a.sent();
322
- return [2 /*return*/, { status: "success" }];
171
+ if (user == null) {
172
+ return {
173
+ status: "failed"
174
+ };
175
+ }
176
+ let valid = false;
177
+ if (user.authentificationMethod == "password") {
178
+ if (password == null) password = "";
179
+ if (validatePasswordMethod) {
180
+ valid = await validatePasswordMethod(password, user.password, user.salt);
181
+ //If not valid, try to use default auth
182
+ if (!valid) {
183
+ try {
184
+ valid = await auth.validatePassword(password, user.password, user.salt);
185
+ } catch (ex) {}
323
186
  }
187
+ } else {
188
+ valid = await auth.validatePassword(password, user.password, user.salt);
189
+ }
190
+ }
191
+ if (user.authentificationMethod == "sms") {
192
+ if (!smsOptions) throw "SMS options must be specified to use SMS login";
193
+ let code = smsOptions.codeType == "numeric" ? generate(smsOptions.codeLength) : generateString(smsOptions.codeLength);
194
+ smsOptions.smsClient.send({
195
+ to: [
196
+ user.username
197
+ ],
198
+ from: smsOptions.smsFrom,
199
+ message: smsOptions.smsMessage.replace("{{code}}", code)
324
200
  });
325
- });
326
- }
327
- function passwordResetStart(repo_1, auth_1, jwtSecret_1, username_1, numberOfDigits_1, lifeTime_1) {
328
- return __awaiter(this, arguments, void 0, function (repo, auth, jwtSecret, username, numberOfDigits, lifeTime, passwordResetReusableTokens) {
329
- var user, fakepayload, fakeToken, payload, code, pwdResetStartedAt, secret, options, token;
330
- if (passwordResetReusableTokens === void 0) { passwordResetReusableTokens = true; }
331
- return __generator(this, function (_a) {
332
- switch (_a.label) {
333
- case 0: return [4 /*yield*/, repo.getOne({ username: username.toLowerCase() })];
334
- case 1:
335
- user = _a.sent();
336
- fakepayload = {
337
- type: "passwordReset",
338
- username: username.toLocaleLowerCase(),
339
- };
340
- fakeToken = jsonwebtoken_1.default.sign(fakepayload, "fake_payload", { expiresIn: lifeTime });
341
- if (user == null) {
342
- return [2 /*return*/, { status: "userNotFound", passwordResetToken: fakeToken }];
343
- }
344
- if (user.authentificationMethod != "password") {
345
- return [2 /*return*/, { status: "userNotFound", passwordResetToken: fakeToken }];
346
- }
347
- if (numberOfDigits == null)
348
- numberOfDigits = 6;
349
- if (lifeTime == null)
350
- lifeTime = "1h";
351
- payload = {
352
- type: "passwordReset",
353
- username: username.toLocaleLowerCase(),
354
- };
355
- code = generate(numberOfDigits);
356
- pwdResetStartedAt = new Date().toISOString();
357
- if (!passwordResetReusableTokens) return [3 /*break*/, 2];
358
- secret = jwtSecret + ":" + code;
359
- return [3 /*break*/, 4];
360
- case 2:
361
- secret = jwtSecret + ":" + code + ":" + pwdResetStartedAt;
362
- return [4 /*yield*/, repo.updateOne(user._id, { pwdResetStartedAt: pwdResetStartedAt })];
363
- case 3:
364
- _a.sent();
365
- _a.label = 4;
366
- case 4:
367
- options = {
368
- expiresIn: lifeTime,
369
- };
370
- token = jsonwebtoken_1.default.sign(payload, secret, options);
371
- return [2 /*return*/, {
372
- status: "success",
373
- passwordResetToken: token,
374
- code: code,
375
- profile: user.profile,
376
- }];
201
+ const payload = {
202
+ type: "smsLogin",
203
+ userId: user._id
204
+ };
205
+ const secret = smsOptions.jwtToken + ":" + code;
206
+ const options = {
207
+ expiresIn: "1h"
208
+ };
209
+ const token = _jsonwebtoken.default.sign(payload, secret, options);
210
+ return {
211
+ status: "success",
212
+ validationToken: token
213
+ };
214
+ }
215
+ if (user.authentificationMethod == "bankid") {
216
+ if (!user.personalNumber) {
217
+ _flink.log.warn("BankID login requested but no personal number found for user");
218
+ return {
219
+ status: "failed"
220
+ };
221
+ }
222
+ _flink.log.warn("BankID login required to be handled in other way, i.e. using flink bankid plugin");
223
+ return {
224
+ status: "failed"
225
+ };
226
+ }
227
+ if (valid) {
228
+ const token = await auth.createToken({
229
+ username: username.toLowerCase(),
230
+ _id: user._id
231
+ }, user.roles);
232
+ if (onSuccessfulLogin) {
233
+ await onSuccessfulLogin(user, req);
234
+ }
235
+ return {
236
+ status: "success",
237
+ user: {
238
+ _id: user._id,
239
+ username: user.username,
240
+ token,
241
+ profile: user.profile
377
242
  }
378
- });
243
+ };
244
+ } else {
245
+ return {
246
+ status: "failed"
247
+ };
248
+ }
249
+ }
250
+ async function changePassword(repo, auth, userId, newPassword, createPasswordHashAndSaltMethod) {
251
+ const user = await repo.getById(userId);
252
+ if (user == null) {
253
+ return {
254
+ status: "failed"
255
+ };
256
+ }
257
+ if (user.authentificationMethod != "password") {
258
+ return {
259
+ status: "failed"
260
+ };
261
+ }
262
+ let passwordAndSalt = null;
263
+ if (createPasswordHashAndSaltMethod == null) {
264
+ passwordAndSalt = await auth.createPasswordHashAndSalt(newPassword);
265
+ } else {
266
+ passwordAndSalt = await createPasswordHashAndSaltMethod(newPassword);
267
+ }
268
+ if (passwordAndSalt == null) {
269
+ return {
270
+ status: "passwordError"
271
+ };
272
+ }
273
+ await repo.updateById(userId, {
274
+ password: passwordAndSalt.hash,
275
+ salt: passwordAndSalt.salt
379
276
  });
277
+ return {
278
+ status: "success"
279
+ };
380
280
  }
381
- function passwordResetComplete(repo_1, auth_1, jwtSecret_1, passwordResetToken_1, code_1, newPassword_1, createPasswordHashAndSaltMethod_1) {
382
- return __awaiter(this, arguments, void 0, function (repo, auth, jwtSecret, passwordResetToken, code, newPassword, createPasswordHashAndSaltMethod, passwordResetReusableTokens) {
383
- var payload, user, secret, passwordAndSalt;
384
- if (passwordResetReusableTokens === void 0) { passwordResetReusableTokens = true; }
385
- return __generator(this, function (_a) {
386
- switch (_a.label) {
387
- case 0:
388
- payload = jsonwebtoken_1.default.decode(passwordResetToken);
389
- if (!payload || !payload.username)
390
- return [2 /*return*/, { status: "invalidCode" }];
391
- return [4 /*yield*/, repo.getOne({ username: payload.username })];
392
- case 1:
393
- user = _a.sent();
394
- if (!user || user == null || user.authentificationMethod != "password") {
395
- return [2 /*return*/, { status: "userNotFound" }];
396
- }
397
- if (passwordResetReusableTokens === true) {
398
- secret = jwtSecret + ":" + code;
399
- }
400
- else {
401
- if (!user.pwdResetStartedAt || user.pwdResetStartedAt === null) {
402
- return [2 /*return*/, { status: "userNotFound" }];
403
- }
404
- secret = jwtSecret + ":" + code + ":" + user.pwdResetStartedAt;
405
- }
406
- try {
407
- jsonwebtoken_1.default.verify(passwordResetToken, secret);
408
- }
409
- catch (ex) {
410
- return [2 /*return*/, { status: "invalidCode" }];
411
- }
412
- passwordAndSalt = null;
413
- if (!(createPasswordHashAndSaltMethod == null)) return [3 /*break*/, 3];
414
- return [4 /*yield*/, auth.createPasswordHashAndSalt(newPassword)];
415
- case 2:
416
- passwordAndSalt = _a.sent();
417
- return [3 /*break*/, 5];
418
- case 3: return [4 /*yield*/, createPasswordHashAndSaltMethod(newPassword)];
419
- case 4:
420
- passwordAndSalt = _a.sent();
421
- _a.label = 5;
422
- case 5:
423
- if (passwordAndSalt == null) {
424
- return [2 /*return*/, {
425
- status: "passwordError",
426
- }];
427
- }
428
- return [4 /*yield*/, repo.updateOne(user._id, {
429
- password: passwordAndSalt.hash,
430
- salt: passwordAndSalt.salt,
431
- pwdResetStartedAt: null,
432
- })];
433
- case 6:
434
- _a.sent();
435
- return [2 /*return*/, { status: "success", user: user }];
436
- }
281
+ async function passwordResetStart(repo, auth, jwtSecret, username, numberOfDigits, lifeTime, passwordResetReusableTokens = true) {
282
+ const user = await repo.getOne({
283
+ username: username.toLowerCase()
284
+ });
285
+ const fakepayload = {
286
+ type: "passwordReset",
287
+ username: username.toLocaleLowerCase()
288
+ };
289
+ const fakeToken = _jsonwebtoken.default.sign(fakepayload, "fake_payload", {
290
+ expiresIn: lifeTime
291
+ });
292
+ if (user == null) {
293
+ return {
294
+ status: "userNotFound",
295
+ passwordResetToken: fakeToken
296
+ };
297
+ }
298
+ if (user.authentificationMethod != "password") {
299
+ return {
300
+ status: "userNotFound",
301
+ passwordResetToken: fakeToken
302
+ };
303
+ }
304
+ if (numberOfDigits == null) numberOfDigits = 6;
305
+ if (lifeTime == null) lifeTime = "1h";
306
+ const payload = {
307
+ type: "passwordReset",
308
+ username: username.toLocaleLowerCase()
309
+ };
310
+ const code = generate(numberOfDigits);
311
+ const pwdResetStartedAt = new Date().toISOString();
312
+ let secret;
313
+ if (passwordResetReusableTokens) {
314
+ secret = jwtSecret + ":" + code;
315
+ } else {
316
+ secret = jwtSecret + ":" + code + ":" + pwdResetStartedAt;
317
+ await repo.updateById(user._id, {
318
+ pwdResetStartedAt
437
319
  });
320
+ }
321
+ const options = {
322
+ expiresIn: lifeTime
323
+ };
324
+ const token = _jsonwebtoken.default.sign(payload, secret, options);
325
+ return {
326
+ status: "success",
327
+ passwordResetToken: token,
328
+ code,
329
+ profile: user.profile
330
+ };
331
+ }
332
+ async function passwordResetComplete(repo, auth, jwtSecret, passwordResetToken, code, newPassword, createPasswordHashAndSaltMethod, passwordResetReusableTokens = true) {
333
+ const payload = _jsonwebtoken.default.decode(passwordResetToken);
334
+ if (!payload || !payload.username) return {
335
+ status: "invalidCode"
336
+ };
337
+ const user = await repo.getOne({
338
+ username: payload.username
339
+ });
340
+ if (!user || user == null || user.authentificationMethod != "password") {
341
+ return {
342
+ status: "userNotFound"
343
+ };
344
+ }
345
+ let secret;
346
+ if (passwordResetReusableTokens === true) {
347
+ secret = jwtSecret + ":" + code;
348
+ } else {
349
+ if (!user.pwdResetStartedAt || user.pwdResetStartedAt === null) {
350
+ return {
351
+ status: "userNotFound"
352
+ };
353
+ }
354
+ secret = jwtSecret + ":" + code + ":" + user.pwdResetStartedAt;
355
+ }
356
+ try {
357
+ _jsonwebtoken.default.verify(passwordResetToken, secret);
358
+ } catch (ex) {
359
+ return {
360
+ status: "invalidCode"
361
+ };
362
+ }
363
+ let passwordAndSalt = null;
364
+ if (createPasswordHashAndSaltMethod == null) {
365
+ passwordAndSalt = await auth.createPasswordHashAndSalt(newPassword);
366
+ } else {
367
+ passwordAndSalt = await createPasswordHashAndSaltMethod(newPassword);
368
+ }
369
+ if (passwordAndSalt == null) {
370
+ return {
371
+ status: "passwordError"
372
+ };
373
+ }
374
+ await repo.updateById(user._id, {
375
+ password: passwordAndSalt.hash,
376
+ salt: passwordAndSalt.salt,
377
+ pwdResetStartedAt: null
438
378
  });
379
+ return {
380
+ status: "success",
381
+ user
382
+ };
439
383
  }
440
384
  function generate(n) {
441
385
  var add = 1, max = 12 - add;
@@ -448,10 +392,10 @@ function generate(n) {
448
392
  return ("" + number).substring(add);
449
393
  }
450
394
  function generateString(length) {
451
- var characters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
452
- var result = " ";
453
- var charactersLength = characters.length;
454
- for (var i = 0; i < length; i++) {
395
+ const characters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
396
+ let result = " ";
397
+ const charactersLength = characters.length;
398
+ for(let i = 0; i < length; i++){
455
399
  result += characters.charAt(Math.floor(Math.random() * charactersLength));
456
400
  }
457
401
  return result;