@flowerforce/flowerbase 1.2.1-beta.2 → 1.2.1-beta.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +37 -6
- package/dist/auth/controller.d.ts.map +1 -1
- package/dist/auth/controller.js +55 -4
- package/dist/auth/plugins/jwt.d.ts.map +1 -1
- package/dist/auth/plugins/jwt.js +52 -6
- package/dist/auth/providers/anon-user/controller.d.ts +8 -0
- package/dist/auth/providers/anon-user/controller.d.ts.map +1 -0
- package/dist/auth/providers/anon-user/controller.js +90 -0
- package/dist/auth/providers/anon-user/dtos.d.ts +10 -0
- package/dist/auth/providers/anon-user/dtos.d.ts.map +1 -0
- package/dist/auth/providers/anon-user/dtos.js +2 -0
- package/dist/auth/providers/custom-function/controller.d.ts.map +1 -1
- package/dist/auth/providers/custom-function/controller.js +35 -25
- package/dist/auth/providers/custom-function/dtos.d.ts +4 -1
- package/dist/auth/providers/custom-function/dtos.d.ts.map +1 -1
- package/dist/auth/providers/local-userpass/controller.d.ts.map +1 -1
- package/dist/auth/providers/local-userpass/controller.js +159 -73
- package/dist/auth/providers/local-userpass/dtos.d.ts +17 -2
- package/dist/auth/providers/local-userpass/dtos.d.ts.map +1 -1
- package/dist/auth/utils.d.ts +76 -14
- package/dist/auth/utils.d.ts.map +1 -1
- package/dist/auth/utils.js +55 -61
- package/dist/constants.d.ts +12 -0
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +16 -4
- package/dist/features/functions/controller.d.ts.map +1 -1
- package/dist/features/functions/controller.js +31 -12
- package/dist/features/functions/dtos.d.ts +3 -0
- package/dist/features/functions/dtos.d.ts.map +1 -1
- package/dist/features/functions/interface.d.ts +3 -0
- package/dist/features/functions/interface.d.ts.map +1 -1
- package/dist/features/functions/utils.d.ts +3 -2
- package/dist/features/functions/utils.d.ts.map +1 -1
- package/dist/features/functions/utils.js +19 -7
- package/dist/features/triggers/index.d.ts.map +1 -1
- package/dist/features/triggers/index.js +49 -7
- package/dist/features/triggers/interface.d.ts +1 -0
- package/dist/features/triggers/interface.d.ts.map +1 -1
- package/dist/features/triggers/utils.d.ts.map +1 -1
- package/dist/features/triggers/utils.js +67 -26
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +48 -13
- package/dist/services/mongodb-atlas/index.d.ts.map +1 -1
- package/dist/services/mongodb-atlas/index.js +72 -2
- package/dist/services/mongodb-atlas/model.d.ts +3 -2
- package/dist/services/mongodb-atlas/model.d.ts.map +1 -1
- package/dist/services/mongodb-atlas/utils.d.ts.map +1 -1
- package/dist/services/mongodb-atlas/utils.js +3 -1
- package/dist/shared/handleUserRegistration.d.ts.map +1 -1
- package/dist/shared/handleUserRegistration.js +66 -1
- package/dist/shared/models/handleUserRegistration.model.d.ts +2 -1
- package/dist/shared/models/handleUserRegistration.model.d.ts.map +1 -1
- package/dist/shared/models/handleUserRegistration.model.js +1 -0
- package/dist/utils/context/helpers.d.ts +6 -6
- package/dist/utils/context/helpers.d.ts.map +1 -1
- package/dist/utils/context/index.d.ts +1 -1
- package/dist/utils/context/index.d.ts.map +1 -1
- package/dist/utils/context/index.js +176 -9
- package/dist/utils/context/interface.d.ts +1 -1
- package/dist/utils/context/interface.d.ts.map +1 -1
- package/dist/utils/crypto/index.d.ts +1 -0
- package/dist/utils/crypto/index.d.ts.map +1 -1
- package/dist/utils/crypto/index.js +6 -2
- package/dist/utils/initializer/exposeRoutes.js +1 -1
- package/dist/utils/initializer/registerPlugins.d.ts.map +1 -1
- package/dist/utils/initializer/registerPlugins.js +12 -4
- package/dist/utils/roles/helpers.js +2 -1
- package/dist/utils/rules-matcher/utils.d.ts.map +1 -1
- package/dist/utils/rules-matcher/utils.js +3 -0
- package/package.json +1 -2
- package/src/auth/controller.ts +71 -5
- package/src/auth/plugins/jwt.test.ts +93 -0
- package/src/auth/plugins/jwt.ts +67 -8
- package/src/auth/providers/anon-user/controller.ts +91 -0
- package/src/auth/providers/anon-user/dtos.ts +10 -0
- package/src/auth/providers/custom-function/controller.ts +40 -31
- package/src/auth/providers/custom-function/dtos.ts +5 -1
- package/src/auth/providers/local-userpass/controller.ts +211 -101
- package/src/auth/providers/local-userpass/dtos.ts +20 -2
- package/src/auth/utils.ts +66 -83
- package/src/constants.ts +14 -2
- package/src/features/functions/controller.ts +42 -12
- package/src/features/functions/dtos.ts +3 -0
- package/src/features/functions/interface.ts +3 -0
- package/src/features/functions/utils.ts +29 -8
- package/src/features/triggers/index.ts +44 -1
- package/src/features/triggers/interface.ts +1 -0
- package/src/features/triggers/utils.ts +89 -37
- package/src/index.ts +49 -13
- package/src/services/mongodb-atlas/__tests__/findOneAndUpdate.test.ts +95 -0
- package/src/services/mongodb-atlas/index.ts +665 -567
- package/src/services/mongodb-atlas/model.ts +16 -3
- package/src/services/mongodb-atlas/utils.ts +3 -0
- package/src/shared/handleUserRegistration.ts +83 -2
- package/src/shared/models/handleUserRegistration.model.ts +2 -1
- package/src/utils/__tests__/registerPlugins.test.ts +5 -1
- package/src/utils/context/index.ts +238 -18
- package/src/utils/context/interface.ts +1 -1
- package/src/utils/crypto/index.ts +5 -1
- package/src/utils/initializer/exposeRoutes.ts +1 -1
- package/src/utils/initializer/registerPlugins.ts +8 -0
- package/src/utils/roles/helpers.ts +3 -2
- package/src/utils/rules-matcher/utils.ts +3 -0
|
@@ -13,15 +13,23 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
13
13
|
};
|
|
14
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
15
|
exports.localUserPassController = localUserPassController;
|
|
16
|
-
const mail_1 = __importDefault(require("@sendgrid/mail"));
|
|
17
16
|
const constants_1 = require("../../../constants");
|
|
18
|
-
const services_1 = require("../../../services");
|
|
19
17
|
const handleUserRegistration_1 = __importDefault(require("../../../shared/handleUserRegistration"));
|
|
20
18
|
const handleUserRegistration_model_1 = require("../../../shared/models/handleUserRegistration.model");
|
|
21
19
|
const state_1 = require("../../../state");
|
|
22
20
|
const context_1 = require("../../../utils/context");
|
|
23
21
|
const crypto_1 = require("../../../utils/crypto");
|
|
24
22
|
const utils_1 = require("../../utils");
|
|
23
|
+
const rateLimitStore = new Map();
|
|
24
|
+
const isRateLimited = (key, maxAttempts, windowMs) => {
|
|
25
|
+
var _a;
|
|
26
|
+
const now = Date.now();
|
|
27
|
+
const existing = (_a = rateLimitStore.get(key)) !== null && _a !== void 0 ? _a : [];
|
|
28
|
+
const recent = existing.filter((timestamp) => now - timestamp < windowMs);
|
|
29
|
+
recent.push(now);
|
|
30
|
+
rateLimitStore.set(key, recent);
|
|
31
|
+
return recent.length > maxAttempts;
|
|
32
|
+
};
|
|
25
33
|
/**
|
|
26
34
|
* Controller for handling local user registration and login.
|
|
27
35
|
* @testable
|
|
@@ -29,9 +37,60 @@ const utils_1 = require("../../utils");
|
|
|
29
37
|
*/
|
|
30
38
|
function localUserPassController(app) {
|
|
31
39
|
return __awaiter(this, void 0, void 0, function* () {
|
|
32
|
-
const
|
|
33
|
-
const {
|
|
40
|
+
const { authCollection, userCollection, user_id_field } = constants_1.AUTH_CONFIG;
|
|
41
|
+
const { resetPasswordCollection } = constants_1.AUTH_CONFIG;
|
|
42
|
+
const { refreshTokensCollection } = constants_1.AUTH_CONFIG;
|
|
34
43
|
const db = app.mongo.client.db(constants_1.DB_NAME);
|
|
44
|
+
const resetPasswordTtlSeconds = constants_1.DEFAULT_CONFIG.RESET_PASSWORD_TTL_SECONDS;
|
|
45
|
+
const rateLimitWindowMs = constants_1.DEFAULT_CONFIG.AUTH_RATE_LIMIT_WINDOW_MS;
|
|
46
|
+
const loginMaxAttempts = constants_1.DEFAULT_CONFIG.AUTH_LOGIN_MAX_ATTEMPTS;
|
|
47
|
+
const registerMaxAttempts = constants_1.DEFAULT_CONFIG.AUTH_REGISTER_MAX_ATTEMPTS;
|
|
48
|
+
const resetMaxAttempts = constants_1.DEFAULT_CONFIG.AUTH_RESET_MAX_ATTEMPTS;
|
|
49
|
+
const refreshTokenTtlMs = constants_1.DEFAULT_CONFIG.REFRESH_TOKEN_TTL_DAYS * 24 * 60 * 60 * 1000;
|
|
50
|
+
try {
|
|
51
|
+
yield db.collection(resetPasswordCollection).createIndex({ createdAt: 1 }, { expireAfterSeconds: resetPasswordTtlSeconds });
|
|
52
|
+
}
|
|
53
|
+
catch (error) {
|
|
54
|
+
console.error('Failed to ensure reset password TTL index', error);
|
|
55
|
+
}
|
|
56
|
+
try {
|
|
57
|
+
yield db.collection(refreshTokensCollection).createIndex({ expiresAt: 1 }, { expireAfterSeconds: 0 });
|
|
58
|
+
}
|
|
59
|
+
catch (error) {
|
|
60
|
+
console.error('Failed to ensure refresh token TTL index', error);
|
|
61
|
+
}
|
|
62
|
+
const handleResetPasswordRequest = (email, password, extraArguments) => __awaiter(this, void 0, void 0, function* () {
|
|
63
|
+
const { resetPasswordConfig } = constants_1.AUTH_CONFIG;
|
|
64
|
+
const authUser = yield db.collection(authCollection).findOne({
|
|
65
|
+
email
|
|
66
|
+
});
|
|
67
|
+
if (!authUser) {
|
|
68
|
+
return;
|
|
69
|
+
}
|
|
70
|
+
const token = (0, crypto_1.generateToken)();
|
|
71
|
+
const tokenId = (0, crypto_1.generateToken)();
|
|
72
|
+
yield (db === null || db === void 0 ? void 0 : db.collection(resetPasswordCollection).updateOne({ email }, { $set: { token, tokenId, email, createdAt: new Date() } }, { upsert: true }));
|
|
73
|
+
if (!resetPasswordConfig.runResetFunction && !resetPasswordConfig.resetFunctionName) {
|
|
74
|
+
throw new Error(utils_1.AUTH_ERRORS.MISSING_RESET_FUNCTION);
|
|
75
|
+
}
|
|
76
|
+
if (resetPasswordConfig.runResetFunction && resetPasswordConfig.resetFunctionName) {
|
|
77
|
+
const functionsList = state_1.StateManager.select('functions');
|
|
78
|
+
const services = state_1.StateManager.select('services');
|
|
79
|
+
const currentFunction = functionsList[resetPasswordConfig.resetFunctionName];
|
|
80
|
+
const baseArgs = { token, tokenId, email, password, username: email };
|
|
81
|
+
const args = Array.isArray(extraArguments) ? [baseArgs, ...extraArguments] : [baseArgs];
|
|
82
|
+
yield (0, context_1.GenerateContext)({
|
|
83
|
+
args,
|
|
84
|
+
app,
|
|
85
|
+
rules: {},
|
|
86
|
+
user: {},
|
|
87
|
+
currentFunction,
|
|
88
|
+
functionsList,
|
|
89
|
+
services
|
|
90
|
+
});
|
|
91
|
+
return;
|
|
92
|
+
}
|
|
93
|
+
});
|
|
35
94
|
/**
|
|
36
95
|
* Endpoint for user registration.
|
|
37
96
|
*
|
|
@@ -43,6 +102,11 @@ function localUserPassController(app) {
|
|
|
43
102
|
app.post(utils_1.AUTH_ENDPOINTS.REGISTRATION, {
|
|
44
103
|
schema: utils_1.REGISTRATION_SCHEMA
|
|
45
104
|
}, (req, res) => __awaiter(this, void 0, void 0, function* () {
|
|
105
|
+
const key = `register:${req.ip}`;
|
|
106
|
+
if (isRateLimited(key, registerMaxAttempts, rateLimitWindowMs)) {
|
|
107
|
+
res.status(429).send({ message: 'Too many requests' });
|
|
108
|
+
return;
|
|
109
|
+
}
|
|
46
110
|
const result = yield (0, handleUserRegistration_1.default)(app, { run_as_system: true, provider: handleUserRegistration_model_1.PROVIDER.LOCAL_USERPASS })({ email: req.body.email.toLowerCase(), password: req.body.password });
|
|
47
111
|
if (!(result === null || result === void 0 ? void 0 : result.insertedId)) {
|
|
48
112
|
res === null || res === void 0 ? void 0 : res.status(500);
|
|
@@ -51,6 +115,38 @@ function localUserPassController(app) {
|
|
|
51
115
|
res === null || res === void 0 ? void 0 : res.status(201);
|
|
52
116
|
return { userId: result.insertedId.toString() };
|
|
53
117
|
}));
|
|
118
|
+
/**
|
|
119
|
+
* Endpoint for confirming a user registration.
|
|
120
|
+
*
|
|
121
|
+
* @route {POST} /confirm
|
|
122
|
+
* @param {ConfirmUserDto} req - The request object with confirmation data.
|
|
123
|
+
* @returns {Promise<Object>} A promise resolving with confirmation status.
|
|
124
|
+
*/
|
|
125
|
+
app.post(utils_1.AUTH_ENDPOINTS.CONFIRM, {
|
|
126
|
+
schema: utils_1.CONFIRM_USER_SCHEMA
|
|
127
|
+
}, (req, res) => __awaiter(this, void 0, void 0, function* () {
|
|
128
|
+
const key = `confirm:${req.ip}`;
|
|
129
|
+
if (isRateLimited(key, resetMaxAttempts, rateLimitWindowMs)) {
|
|
130
|
+
res.status(429).send({ message: 'Too many requests' });
|
|
131
|
+
return;
|
|
132
|
+
}
|
|
133
|
+
const existing = yield db.collection(authCollection).findOne({
|
|
134
|
+
confirmationToken: req.body.token,
|
|
135
|
+
confirmationTokenId: req.body.tokenId
|
|
136
|
+
});
|
|
137
|
+
if (!existing) {
|
|
138
|
+
res.status(500);
|
|
139
|
+
throw new Error(utils_1.AUTH_ERRORS.INVALID_TOKEN);
|
|
140
|
+
}
|
|
141
|
+
if (existing.status !== 'confirmed') {
|
|
142
|
+
yield db.collection(authCollection).updateOne({ _id: existing._id }, {
|
|
143
|
+
$set: { status: 'confirmed' },
|
|
144
|
+
$unset: { confirmationToken: '', confirmationTokenId: '' }
|
|
145
|
+
});
|
|
146
|
+
}
|
|
147
|
+
res.status(200);
|
|
148
|
+
return { status: 'confirmed' };
|
|
149
|
+
}));
|
|
54
150
|
/**
|
|
55
151
|
* Endpoint for user login.
|
|
56
152
|
*
|
|
@@ -60,8 +156,13 @@ function localUserPassController(app) {
|
|
|
60
156
|
*/
|
|
61
157
|
app.post(utils_1.AUTH_ENDPOINTS.LOGIN, {
|
|
62
158
|
schema: utils_1.LOGIN_SCHEMA
|
|
63
|
-
}, function (req) {
|
|
159
|
+
}, function (req, res) {
|
|
64
160
|
return __awaiter(this, void 0, void 0, function* () {
|
|
161
|
+
const key = `login:${req.ip}`;
|
|
162
|
+
if (isRateLimited(key, loginMaxAttempts, rateLimitWindowMs)) {
|
|
163
|
+
res.status(429).send({ message: 'Too many requests' });
|
|
164
|
+
return;
|
|
165
|
+
}
|
|
65
166
|
const authUser = yield db.collection(authCollection).findOne({
|
|
66
167
|
email: req.body.username
|
|
67
168
|
});
|
|
@@ -79,40 +180,21 @@ function localUserPassController(app) {
|
|
|
79
180
|
: {};
|
|
80
181
|
authUser === null || authUser === void 0 ? true : delete authUser.password;
|
|
81
182
|
const userWithCustomData = Object.assign(Object.assign({}, authUser), { user_data: Object.assign(Object.assign({}, (user || {})), { _id: authUser._id }), data: { email: authUser.email }, id: authUser._id.toString() });
|
|
82
|
-
if (authUser && authUser.status
|
|
83
|
-
|
|
84
|
-
yield (db === null || db === void 0 ? void 0 : db.collection(authCollection).updateOne({ _id: authUser._id }, {
|
|
85
|
-
$set: {
|
|
86
|
-
status: 'confirmed'
|
|
87
|
-
}
|
|
88
|
-
}));
|
|
89
|
-
}
|
|
90
|
-
catch (error) {
|
|
91
|
-
console.log('>>> 🚀 ~ localUserPassController ~ error:', error);
|
|
92
|
-
}
|
|
93
|
-
}
|
|
94
|
-
if (authUser &&
|
|
95
|
-
authUser.status === 'pending' &&
|
|
96
|
-
on_user_creation_function_name &&
|
|
97
|
-
functionsList[on_user_creation_function_name]) {
|
|
98
|
-
try {
|
|
99
|
-
yield (0, context_1.GenerateContext)({
|
|
100
|
-
args: [userWithCustomData],
|
|
101
|
-
app,
|
|
102
|
-
rules: {},
|
|
103
|
-
user: userWithCustomData,
|
|
104
|
-
currentFunction: functionsList[on_user_creation_function_name],
|
|
105
|
-
functionsList,
|
|
106
|
-
services: services_1.services
|
|
107
|
-
});
|
|
108
|
-
}
|
|
109
|
-
catch (error) {
|
|
110
|
-
console.log('localUserPassController - /login - GenerateContext - CATCH:', error);
|
|
111
|
-
}
|
|
183
|
+
if (authUser && authUser.status !== 'confirmed') {
|
|
184
|
+
throw new Error(utils_1.AUTH_ERRORS.USER_NOT_CONFIRMED);
|
|
112
185
|
}
|
|
186
|
+
const refreshToken = this.createRefreshToken(userWithCustomData);
|
|
187
|
+
const refreshTokenHash = (0, crypto_1.hashToken)(refreshToken);
|
|
188
|
+
yield db.collection(refreshTokensCollection).insertOne({
|
|
189
|
+
userId: authUser._id,
|
|
190
|
+
tokenHash: refreshTokenHash,
|
|
191
|
+
createdAt: new Date(),
|
|
192
|
+
expiresAt: new Date(Date.now() + refreshTokenTtlMs),
|
|
193
|
+
revokedAt: null
|
|
194
|
+
});
|
|
113
195
|
return {
|
|
114
196
|
access_token: this.createAccessToken(userWithCustomData),
|
|
115
|
-
refresh_token:
|
|
197
|
+
refresh_token: refreshToken,
|
|
116
198
|
device_id: '',
|
|
117
199
|
user_id: authUser._id.toString()
|
|
118
200
|
};
|
|
@@ -121,48 +203,40 @@ function localUserPassController(app) {
|
|
|
121
203
|
/**
|
|
122
204
|
* Endpoint for reset password.
|
|
123
205
|
*
|
|
124
|
-
* @route {POST} /reset/
|
|
206
|
+
* @route {POST} /reset/send
|
|
125
207
|
* @param {ResetPasswordDto} req - The request object with th reset request.
|
|
126
208
|
* @returns {Promise<void>}
|
|
127
209
|
*/
|
|
128
210
|
app.post(utils_1.AUTH_ENDPOINTS.RESET, {
|
|
129
|
-
schema: utils_1.
|
|
130
|
-
}, function (req) {
|
|
211
|
+
schema: utils_1.RESET_SEND_SCHEMA
|
|
212
|
+
}, function (req, res) {
|
|
131
213
|
return __awaiter(this, void 0, void 0, function* () {
|
|
132
|
-
const
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
});
|
|
137
|
-
if (!authUser) {
|
|
138
|
-
throw new Error(utils_1.AUTH_ERRORS.INVALID_CREDENTIALS);
|
|
214
|
+
const key = `reset:${req.ip}`;
|
|
215
|
+
if (isRateLimited(key, resetMaxAttempts, rateLimitWindowMs)) {
|
|
216
|
+
res.status(429);
|
|
217
|
+
return { message: 'Too many requests' };
|
|
139
218
|
}
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
});
|
|
156
|
-
return;
|
|
219
|
+
yield handleResetPasswordRequest(req.body.email);
|
|
220
|
+
res.status(202);
|
|
221
|
+
return {
|
|
222
|
+
status: 'ok'
|
|
223
|
+
};
|
|
224
|
+
});
|
|
225
|
+
});
|
|
226
|
+
app.post(utils_1.AUTH_ENDPOINTS.RESET_CALL, {
|
|
227
|
+
schema: utils_1.RESET_CALL_SCHEMA
|
|
228
|
+
}, function (req, res) {
|
|
229
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
230
|
+
const key = `reset:${req.ip}`;
|
|
231
|
+
if (isRateLimited(key, resetMaxAttempts, rateLimitWindowMs)) {
|
|
232
|
+
res.status(429);
|
|
233
|
+
return { message: 'Too many requests' };
|
|
157
234
|
}
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
subject,
|
|
164
|
-
html: body
|
|
165
|
-
});
|
|
235
|
+
yield handleResetPasswordRequest(req.body.email, req.body.password, req.body.arguments);
|
|
236
|
+
res.status(202);
|
|
237
|
+
return {
|
|
238
|
+
status: 'ok'
|
|
239
|
+
};
|
|
166
240
|
});
|
|
167
241
|
});
|
|
168
242
|
/**
|
|
@@ -174,14 +248,26 @@ function localUserPassController(app) {
|
|
|
174
248
|
*/
|
|
175
249
|
app.post(utils_1.AUTH_ENDPOINTS.CONFIRM_RESET, {
|
|
176
250
|
schema: utils_1.CONFIRM_RESET_SCHEMA
|
|
177
|
-
}, function (req) {
|
|
251
|
+
}, function (req, res) {
|
|
178
252
|
return __awaiter(this, void 0, void 0, function* () {
|
|
179
|
-
const
|
|
253
|
+
const key = `reset-confirm:${req.ip}`;
|
|
254
|
+
if (isRateLimited(key, resetMaxAttempts, rateLimitWindowMs)) {
|
|
255
|
+
res.status(429);
|
|
256
|
+
return { message: 'Too many requests' };
|
|
257
|
+
}
|
|
180
258
|
const { token, tokenId, password } = req.body;
|
|
181
259
|
const resetRequest = yield (db === null || db === void 0 ? void 0 : db.collection(resetPasswordCollection).findOne({ token, tokenId }));
|
|
182
260
|
if (!resetRequest) {
|
|
183
261
|
throw new Error(utils_1.AUTH_ERRORS.INVALID_RESET_PARAMS);
|
|
184
262
|
}
|
|
263
|
+
const createdAt = resetRequest.createdAt ? new Date(resetRequest.createdAt) : null;
|
|
264
|
+
const isExpired = !createdAt ||
|
|
265
|
+
Number.isNaN(createdAt.getTime()) ||
|
|
266
|
+
Date.now() - createdAt.getTime() > resetPasswordTtlSeconds * 1000;
|
|
267
|
+
if (isExpired) {
|
|
268
|
+
yield (db === null || db === void 0 ? void 0 : db.collection(resetPasswordCollection).deleteOne({ _id: resetRequest._id }));
|
|
269
|
+
throw new Error(utils_1.AUTH_ERRORS.INVALID_RESET_PARAMS);
|
|
270
|
+
}
|
|
185
271
|
const hashedPassword = yield (0, crypto_1.hashPassword)(password);
|
|
186
272
|
yield db.collection(authCollection).updateOne({ email: resetRequest.email }, {
|
|
187
273
|
$set: {
|
|
@@ -12,17 +12,26 @@ export type LoginSuccessDto = {
|
|
|
12
12
|
refresh_token: string;
|
|
13
13
|
user_id: string;
|
|
14
14
|
};
|
|
15
|
+
export type ErrorResponseDto = {
|
|
16
|
+
message: string;
|
|
17
|
+
};
|
|
15
18
|
export interface RegistrationDto {
|
|
16
19
|
Body: RegisterUserDto;
|
|
17
20
|
}
|
|
18
21
|
export interface LoginDto {
|
|
19
22
|
Body: LoginUserDto;
|
|
20
|
-
Reply: LoginSuccessDto;
|
|
23
|
+
Reply: LoginSuccessDto | ErrorResponseDto;
|
|
24
|
+
}
|
|
25
|
+
export interface ResetPasswordSendDto {
|
|
26
|
+
Body: {
|
|
27
|
+
email: string;
|
|
28
|
+
};
|
|
21
29
|
}
|
|
22
|
-
export interface
|
|
30
|
+
export interface ResetPasswordCallDto {
|
|
23
31
|
Body: {
|
|
24
32
|
email: string;
|
|
25
33
|
password: string;
|
|
34
|
+
arguments?: unknown[];
|
|
26
35
|
};
|
|
27
36
|
}
|
|
28
37
|
export interface ConfirmResetPasswordDto {
|
|
@@ -32,4 +41,10 @@ export interface ConfirmResetPasswordDto {
|
|
|
32
41
|
password: string;
|
|
33
42
|
};
|
|
34
43
|
}
|
|
44
|
+
export interface ConfirmUserDto {
|
|
45
|
+
Body: {
|
|
46
|
+
token: string;
|
|
47
|
+
tokenId: string;
|
|
48
|
+
};
|
|
49
|
+
}
|
|
35
50
|
//# sourceMappingURL=dtos.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dtos.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/dtos.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG;IAC5B,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,MAAM,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,eAAe,CAAA;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,YAAY,CAAA;IAClB,KAAK,EAAE,eAAe,CAAA;
|
|
1
|
+
{"version":3,"file":"dtos.d.ts","sourceRoot":"","sources":["../../../../src/auth/providers/local-userpass/dtos.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG;IAC5B,KAAK,EAAE,MAAM,CAAA;IACb,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,MAAM,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,eAAe,CAAA;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,YAAY,CAAA;IAClB,KAAK,EAAE,eAAe,GAAG,gBAAgB,CAAA;CAC1C;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;KACd,CAAA;CACF;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,SAAS,CAAC,EAAE,OAAO,EAAE,CAAA;KACtB,CAAA;CACF;AAED,MAAM,WAAW,uBAAuB;IACtC,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,OAAO,EAAE,MAAM,CAAA;QACf,QAAQ,EAAE,MAAM,CAAA;KACjB,CAAA;CACF;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAA;QACb,OAAO,EAAE,MAAM,CAAA;KAChB,CAAA;CACF"}
|
package/dist/auth/utils.d.ts
CHANGED
|
@@ -4,23 +4,50 @@ export declare const LOGIN_SCHEMA: {
|
|
|
4
4
|
properties: {
|
|
5
5
|
username: {
|
|
6
6
|
type: string;
|
|
7
|
+
pattern: string;
|
|
8
|
+
minLength: number;
|
|
9
|
+
maxLength: number;
|
|
7
10
|
};
|
|
8
11
|
password: {
|
|
9
12
|
type: string;
|
|
13
|
+
minLength: number;
|
|
14
|
+
maxLength: number;
|
|
10
15
|
};
|
|
11
16
|
};
|
|
12
17
|
required: string[];
|
|
13
18
|
};
|
|
14
19
|
};
|
|
15
|
-
export declare const
|
|
20
|
+
export declare const RESET_SEND_SCHEMA: {
|
|
21
|
+
body: {
|
|
22
|
+
type: string;
|
|
23
|
+
properties: {
|
|
24
|
+
email: {
|
|
25
|
+
type: string;
|
|
26
|
+
pattern: string;
|
|
27
|
+
minLength: number;
|
|
28
|
+
maxLength: number;
|
|
29
|
+
};
|
|
30
|
+
};
|
|
31
|
+
required: string[];
|
|
32
|
+
};
|
|
33
|
+
};
|
|
34
|
+
export declare const RESET_CALL_SCHEMA: {
|
|
16
35
|
body: {
|
|
17
36
|
type: string;
|
|
18
37
|
properties: {
|
|
19
38
|
email: {
|
|
20
39
|
type: string;
|
|
40
|
+
pattern: string;
|
|
41
|
+
minLength: number;
|
|
42
|
+
maxLength: number;
|
|
21
43
|
};
|
|
22
44
|
password: {
|
|
23
45
|
type: string;
|
|
46
|
+
minLength: number;
|
|
47
|
+
maxLength: number;
|
|
48
|
+
};
|
|
49
|
+
arguments: {
|
|
50
|
+
type: string;
|
|
24
51
|
};
|
|
25
52
|
};
|
|
26
53
|
required: string[];
|
|
@@ -32,6 +59,8 @@ export declare const CONFIRM_RESET_SCHEMA: {
|
|
|
32
59
|
properties: {
|
|
33
60
|
password: {
|
|
34
61
|
type: string;
|
|
62
|
+
minLength: number;
|
|
63
|
+
maxLength: number;
|
|
35
64
|
};
|
|
36
65
|
token: {
|
|
37
66
|
type: string;
|
|
@@ -43,15 +72,48 @@ export declare const CONFIRM_RESET_SCHEMA: {
|
|
|
43
72
|
required: string[];
|
|
44
73
|
};
|
|
45
74
|
};
|
|
75
|
+
export declare const CONFIRM_USER_SCHEMA: {
|
|
76
|
+
body: {
|
|
77
|
+
type: string;
|
|
78
|
+
properties: {
|
|
79
|
+
token: {
|
|
80
|
+
type: string;
|
|
81
|
+
};
|
|
82
|
+
tokenId: {
|
|
83
|
+
type: string;
|
|
84
|
+
};
|
|
85
|
+
};
|
|
86
|
+
required: string[];
|
|
87
|
+
};
|
|
88
|
+
};
|
|
89
|
+
export declare const RESET_SCHEMA: {
|
|
90
|
+
body: {
|
|
91
|
+
type: string;
|
|
92
|
+
properties: {
|
|
93
|
+
email: {
|
|
94
|
+
type: string;
|
|
95
|
+
pattern: string;
|
|
96
|
+
minLength: number;
|
|
97
|
+
maxLength: number;
|
|
98
|
+
};
|
|
99
|
+
};
|
|
100
|
+
required: string[];
|
|
101
|
+
};
|
|
102
|
+
};
|
|
46
103
|
export declare const REGISTRATION_SCHEMA: {
|
|
47
104
|
body: {
|
|
48
105
|
type: string;
|
|
49
106
|
properties: {
|
|
50
107
|
email: {
|
|
51
108
|
type: string;
|
|
109
|
+
pattern: string;
|
|
110
|
+
minLength: number;
|
|
111
|
+
maxLength: number;
|
|
52
112
|
};
|
|
53
113
|
password: {
|
|
54
114
|
type: string;
|
|
115
|
+
minLength: number;
|
|
116
|
+
maxLength: number;
|
|
55
117
|
};
|
|
56
118
|
};
|
|
57
119
|
required: string[];
|
|
@@ -60,22 +122,27 @@ export declare const REGISTRATION_SCHEMA: {
|
|
|
60
122
|
export declare enum AUTH_ENDPOINTS {
|
|
61
123
|
LOGIN = "/login",
|
|
62
124
|
REGISTRATION = "/register",
|
|
125
|
+
CONFIRM = "/confirm",
|
|
63
126
|
PROFILE = "/profile",
|
|
64
127
|
SESSION = "/session",
|
|
65
|
-
RESET = "/reset/
|
|
128
|
+
RESET = "/reset/send",
|
|
129
|
+
RESET_CALL = "/reset/call",
|
|
66
130
|
CONFIRM_RESET = "/reset",
|
|
67
131
|
FIRST_USER = "/setup/first-user"
|
|
68
132
|
}
|
|
69
133
|
export declare enum AUTH_ERRORS {
|
|
70
134
|
INVALID_CREDENTIALS = "Invalid credentials",
|
|
71
135
|
INVALID_TOKEN = "Invalid refresh token provided",
|
|
72
|
-
INVALID_RESET_PARAMS = "Invalid token or tokenId provided"
|
|
136
|
+
INVALID_RESET_PARAMS = "Invalid token or tokenId provided",
|
|
137
|
+
MISSING_RESET_FUNCTION = "Missing reset function",
|
|
138
|
+
USER_NOT_CONFIRMED = "User not confirmed"
|
|
73
139
|
}
|
|
74
140
|
export interface AuthConfig {
|
|
75
141
|
auth_collection?: string;
|
|
76
142
|
'api-key': ApiKey;
|
|
77
143
|
'local-userpass': LocalUserpass;
|
|
78
144
|
'custom-function': CustomFunction;
|
|
145
|
+
'anon-user'?: AnonUser;
|
|
79
146
|
}
|
|
80
147
|
interface ApiKey {
|
|
81
148
|
name: string;
|
|
@@ -96,17 +163,18 @@ interface CustomFunction {
|
|
|
96
163
|
"authFunctionName": string;
|
|
97
164
|
};
|
|
98
165
|
}
|
|
166
|
+
export interface AnonUser {
|
|
167
|
+
name: "anon-user";
|
|
168
|
+
type: "anon-user";
|
|
169
|
+
disabled: boolean;
|
|
170
|
+
}
|
|
99
171
|
export interface Config {
|
|
100
172
|
autoConfirm: boolean;
|
|
173
|
+
confirmationFunctionName?: string;
|
|
101
174
|
resetFunctionName: string;
|
|
102
175
|
resetPasswordUrl: string;
|
|
103
176
|
runConfirmationFunction: boolean;
|
|
104
177
|
runResetFunction: boolean;
|
|
105
|
-
mailConfig: {
|
|
106
|
-
from: string;
|
|
107
|
-
subject: string;
|
|
108
|
-
mailToken: string;
|
|
109
|
-
};
|
|
110
178
|
}
|
|
111
179
|
export interface CustomUserDataConfig {
|
|
112
180
|
enabled: boolean;
|
|
@@ -126,12 +194,6 @@ export declare const loadAuthConfig: () => AuthConfig;
|
|
|
126
194
|
* @testable
|
|
127
195
|
*/
|
|
128
196
|
export declare const loadCustomUserData: () => CustomUserDataConfig;
|
|
129
|
-
export declare const getMailConfig: (resetPasswordConfig: Config, token: string, tokenId: string) => {
|
|
130
|
-
from: string;
|
|
131
|
-
subject: string;
|
|
132
|
-
mailToken: string;
|
|
133
|
-
body: string;
|
|
134
|
-
};
|
|
135
197
|
export declare const generatePassword: (length?: number) => string;
|
|
136
198
|
export {};
|
|
137
199
|
//# sourceMappingURL=utils.d.ts.map
|
package/dist/auth/utils.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,YAAY
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/auth/utils.ts"],"names":[],"mappings":"AAMA,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;CAcxB,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;CAa7B,CAAA;AAED,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;CAe7B,CAAA;AAED,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;CAUhC,CAAA;AAED,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;CAS/B,CAAA;AAED,eAAO,MAAM,YAAY;;;;;;;;;;;;;CAAoB,CAAA;AAE7C,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;CAc/B,CAAA;AAED,oBAAY,cAAc;IACxB,KAAK,WAAW;IAChB,YAAY,cAAc;IAC1B,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,OAAO,aAAa;IACpB,KAAK,gBAAgB;IACrB,UAAU,gBAAgB;IAC1B,aAAa,WAAW;IACxB,UAAU,sBAAsB;CACjC;AAED,oBAAY,WAAW;IACrB,mBAAmB,wBAAwB;IAC3C,aAAa,mCAAmC;IAChD,oBAAoB,sCAAsC;IAC1D,sBAAsB,2BAA2B;IACjD,kBAAkB,uBAAuB;CAC1C;AAED,MAAM,WAAW,UAAU;IACzB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,SAAS,EAAE,MAAM,CAAA;IACjB,gBAAgB,EAAE,aAAa,CAAA;IAC/B,iBAAiB,EAAE,cAAc,CAAA;IACjC,WAAW,CAAC,EAAE,QAAQ,CAAA;CACvB;AAED,UAAU,MAAM;IACd,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AACD,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;IACjB,MAAM,EAAE,MAAM,CAAA;CACf;AAED,UAAU,cAAc;IACtB,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE;QACN,kBAAkB,EAAE,MAAM,CAAA;KAC3B,CAAA;CACF;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,WAAW,CAAA;IACjB,IAAI,EAAE,WAAW,CAAA;IACjB,QAAQ,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,MAAM;IACrB,WAAW,EAAE,OAAO,CAAA;IACpB,wBAAwB,CAAC,EAAE,MAAM,CAAA;IACjC,iBAAiB,EAAE,MAAM,CAAA;IACzB,gBAAgB,EAAE,MAAM,CAAA;IACxB,uBAAuB,EAAE,OAAO,CAAA;IAChC,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAA;IAChB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,8BAA8B,EAAE,MAAM,CAAA;CACvC;AAMD;;;GAGG;AACH,eAAO,MAAM,cAAc,QAAO,UAGjC,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,QAAO,oBAGrC,CAAA;AAED,eAAO,MAAM,gBAAgB,GAAI,eAAW,WAG3C,CAAA"}
|