npm - @hed-hog/core - Versions diffs - 0.0.276 → 0.0.279 - Mend

@hed-hog/core 0.0.276 → 0.0.279

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (77) hide show

package/src/user/user.service.ts CHANGED Viewed

@@ -13,6 +13,7 @@ import { DeleteDTO } from '../dto/delete.dto';
 import { FileService } from '../file/file.service';
 import { SecurityService } from '../security/security.service';
 import { CreateWithEmailAndPasswordDTO } from './dto/create-with-email-and-password.dto';
+import { ResetPasswordDTO } from './dto/reset-password.dto';
 import { UpdateDTO } from './dto/update.dto';
 // Constants
@@ -28,6 +29,14 @@ const DEFAULT_ROLE_SLUG = 'user';
 const DEFAULT_LOCALE = 'en';
 const DAYS_IN_MS = 24 * 60 * 60 * 1000;
 const NEW_USERS_PERIOD_DAYS = 7;
+const RANDOM_PASSWORD_LENGTH = 16;
+const PASSWORD_CHARSETS = {
+  lowercase: 'abcdefghijkmnopqrstuvwxyz',
+  uppercase: 'ABCDEFGHJKLMNPQRSTUVWXYZ',
+  numbers: '23456789',
+  symbols: '@#$%&*!?-_+',
+} as const;
 const USER_SORT_FIELDS = [
   'id',
@@ -197,6 +206,46 @@ export class UserService {
     });
   }
+  async resetPassword(
+    locale: string,
+    userId: number,
+    { password }: ResetPasswordDTO,
+  ) {
+    await this.validateUserExists(locale, userId);
+    const nextPassword = password || this.generateRandomPassword();
+    const passwordHash = await this.security.hashArgon2(nextPassword);
+    const updateResult = await this.prismaService.user_credential.updateMany({
+      where: {
+        user_id: userId,
+        type: CREDENTIAL_TYPE.PASSWORD,
+      },
+      data: {
+        hash: passwordHash,
+        requires_reset: true,
+      },
+    });
+    if (updateResult.count === 0) {
+      await this.prismaService.user_credential.create({
+        data: {
+          user_id: userId,
+          type: CREDENTIAL_TYPE.PASSWORD,
+          hash: passwordHash,
+          requires_reset: true,
+        },
+      });
+    }
+    await this.registerUserActivity(userId, 'resetPassword');
+    return {
+      password: nextPassword,
+      requiresReset: true,
+    };
+  }
   async delete(locale: string, { ids }: DeleteDTO) {
     this.validateDeleteIds(locale, ids);
@@ -424,6 +473,41 @@ export class UserService {
     return role;
   }
+  private generateRandomPassword(length = RANDOM_PASSWORD_LENGTH) {
+    const cryptoObj = globalThis.crypto;
+    const groups = [
+      PASSWORD_CHARSETS.lowercase,
+      PASSWORD_CHARSETS.uppercase,
+      PASSWORD_CHARSETS.numbers,
+      PASSWORD_CHARSETS.symbols,
+    ];
+    const allChars = groups.join('');
+    const values = new Uint32Array(length + groups.length);
+    cryptoObj.getRandomValues(values);
+    const passwordChars: string[] = [];
+    groups.forEach((group, index) => {
+      const randomIndex = values[index] % group.length;
+      passwordChars.push(group[randomIndex]);
+    });
+    for (let i = groups.length; i < values.length; i++) {
+      const randomIndex = values[i] % allChars.length;
+      passwordChars.push(allChars[randomIndex]);
+    }
+    for (let i = passwordChars.length - 1; i > 0; i--) {
+      const randomIndex = values[i] % (i + 1);
+      const temp = passwordChars[i];
+      passwordChars[i] = passwordChars[randomIndex];
+      passwordChars[randomIndex] = temp;
+    }
+    return passwordChars.slice(0, length).join('');
+  }
   private getUserIncludeClause() {
     return {
       user_account: true,