npm - @furystack/rest-service - Versions diffs - 4.1.12 → 5.0.0 - Mend

@furystack/rest-service 4.1.12 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

package/dist/actions/index.js +6 -6
package/dist/actions/index.js.map +1 -1
package/dist/api-manager.js +2 -2
package/dist/api-manager.js.map +1 -1
package/dist/endpoint-generators/create-delete-endpoint.spec.js +1 -1
package/dist/endpoint-generators/create-delete-endpoint.spec.js.map +1 -1
package/dist/endpoint-generators/create-get-collection-endpoint.spec.js +1 -1
package/dist/endpoint-generators/create-get-collection-endpoint.spec.js.map +1 -1
package/dist/endpoint-generators/create-get-entity-endpoint.spec.js +1 -1
package/dist/endpoint-generators/create-get-entity-endpoint.spec.js.map +1 -1
package/dist/endpoint-generators/create-patch-endpoint.spec.js +1 -1
package/dist/endpoint-generators/create-patch-endpoint.spec.js.map +1 -1
package/dist/endpoint-generators/create-post-endpoint.spec.js +1 -1
package/dist/endpoint-generators/create-post-endpoint.spec.js.map +1 -1
package/dist/endpoint-generators/index.js +5 -5
package/dist/endpoint-generators/index.js.map +1 -1
package/dist/http-authentication-settings.d.ts +1 -4
package/dist/http-authentication-settings.d.ts.map +1 -1
package/dist/http-authentication-settings.js +1 -3
package/dist/http-authentication-settings.js.map +1 -1
package/dist/http-user-context.d.ts +5 -8
package/dist/http-user-context.d.ts.map +1 -1
package/dist/http-user-context.js +19 -28
package/dist/http-user-context.js.map +1 -1
package/dist/http-user-context.spec.d.ts.map +1 -1
package/dist/http-user-context.spec.js +33 -26
package/dist/http-user-context.spec.js.map +1 -1
package/dist/incoming-message-extensions.js +1 -1
package/dist/incoming-message-extensions.js.map +1 -1
package/dist/index.js +15 -15
package/dist/index.js.map +1 -1
package/dist/models/index.js +2 -2
package/dist/models/index.js.map +1 -1
package/dist/rest-service.integration.spec.js +1 -1
package/dist/rest-service.integration.spec.js.map +1 -1
package/dist/schema-validator/index.js +2 -2
package/dist/schema-validator/index.js.map +1 -1
package/dist/schema-validator/schema-validator.js +2 -2
package/dist/schema-validator/schema-validator.js.map +1 -1
package/dist/server-manager.js +2 -2
package/dist/server-manager.js.map +1 -1
package/dist/server-response-extensions.js +1 -1
package/dist/server-response-extensions.js.map +1 -1
package/dist/utils.js +1 -1
package/dist/validate.integration.spec.js +1 -1
package/dist/validate.integration.spec.js.map +1 -1
package/dist/validate.js.map +1 -1
package/package.json +12 -12
package/src/http-authentication-settings.ts +2 -5
package/src/http-user-context.spec.ts +44 -26
package/src/http-user-context.ts +15 -25

package/src/http-user-context.ts CHANGED Viewed

@@ -4,6 +4,7 @@ import { Injectable } from '@furystack/inject'
 import { v1 } from 'uuid'
 import { HttpAuthenticationSettings } from './http-authentication-settings'
 import { DefaultSession } from 'models/default-session'
+import { PasswordAuthenticator, UnauthenticatedError } from '@furystack/security'
 /**
  * Injectable UserContext for FuryStack HTTP Api
@@ -54,21 +55,16 @@ export class HttpUserContext {
    * @returns the authenticated User
    */
   public async authenticateUser(userName: string, password: string) {
-    const match =
-      (password &&
-        password.length &&
-        (await this.getUserStore().find({
-          filter: {
-            username: { $eq: userName },
-            password: { $eq: this.authentication.hashMethod(password) },
-          },
-        }))) ||
-      []
-    if (match.length === 1) {
-      const { password: pw, ...user } = match[0]
-      return user
+    const result = await this.authenticator.checkPasswordForUser(userName, password)
+    if (!result.isValid) {
+      throw new UnauthenticatedError()
+    }
+    const user = await this.getUserStore().get(userName)
+    if (!user) {
+      throw new UnauthenticatedError()
     }
-    throw Error('Failed to authenticate.')
+    return user
   }
   public async getCurrentUser(request: IncomingMessage) {
@@ -108,23 +104,16 @@ export class HttpUserContext {
     // Cookie auth
     const sessionId = this.getSessionIdFromRequest(request)
     if (sessionId) {
-      const [session] = await this.getSessionStore().find({ filter: { sessionId: { $eq: sessionId } }, top: 2 })
+      const session = await this.getSessionStore().get(sessionId)
       if (session) {
-        const userResult = await this.getUserStore().find({
-          filter: {
-            username: { $eq: session.username },
-          },
-          top: 2,
-        })
-        if (userResult.length === 1) {
-          const { password, ...user } = userResult[0]
+        const user = await this.getUserStore().get(session.username)
+        if (user) {
           return user
         }
-        throw Error('Inconsistent session result')
       }
     }
-    throw Error('Failed to authenticate request')
+    throw new UnauthenticatedError()
   }
   /**
@@ -156,5 +145,6 @@ export class HttpUserContext {
   constructor(
     public readonly authentication: HttpAuthenticationSettings<User, DefaultSession>,
     private readonly storeManager: StoreManager,
+    private readonly authenticator: PasswordAuthenticator,
   ) {}
 }