@hed-hog/core 0.0.96 → 0.0.98
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth/auth.controller.d.ts +24 -11
- package/dist/auth/auth.controller.d.ts.map +1 -1
- package/dist/auth/auth.controller.js +43 -9
- package/dist/auth/auth.controller.js.map +1 -1
- package/dist/auth/auth.service.d.ts +34 -22
- package/dist/auth/auth.service.d.ts.map +1 -1
- package/dist/auth/auth.service.js +256 -13
- package/dist/auth/auth.service.js.map +1 -1
- package/dist/auth/dto/login-email-verification-resend.dto.d.ts +4 -0
- package/dist/auth/dto/login-email-verification-resend.dto.d.ts.map +1 -0
- package/dist/auth/dto/login-email-verification-resend.dto.js +22 -0
- package/dist/auth/dto/login-email-verification-resend.dto.js.map +1 -0
- package/dist/auth/dto/login-email-verification.dto.d.ts +5 -0
- package/dist/auth/dto/login-email-verification.dto.d.ts.map +1 -0
- package/dist/auth/dto/login-email-verification.dto.js +28 -0
- package/dist/auth/dto/login-email-verification.dto.js.map +1 -0
- package/dist/challenge/challenge.service.d.ts.map +1 -1
- package/dist/challenge/challenge.service.js +1 -0
- package/dist/challenge/challenge.service.js.map +1 -1
- package/dist/dashboard/dashboard-core/dashboard-core.controller.d.ts +2 -2
- package/dist/dashboard/dashboard-core/dashboard-core.service.d.ts +2 -2
- package/dist/dashboard/dashboard-user/dashboard-user.controller.d.ts +3 -3
- package/dist/dashboard/dashboard-user/dashboard-user.service.d.ts +3 -3
- package/dist/mail/mail.controller.d.ts +2 -2
- package/dist/mail/mail.service.d.ts +2 -2
- package/dist/menu/menu.controller.d.ts +6 -6
- package/dist/menu/menu.service.d.ts +6 -6
- package/dist/profile/dto/email-verification-confirm.dto.d.ts +1 -0
- package/dist/profile/dto/email-verification-confirm.dto.d.ts.map +1 -1
- package/dist/profile/dto/email-verification-confirm.dto.js +7 -0
- package/dist/profile/dto/email-verification-confirm.dto.js.map +1 -1
- package/dist/profile/profile.controller.d.ts +2 -4
- package/dist/profile/profile.controller.d.ts.map +1 -1
- package/dist/profile/profile.controller.js +1 -0
- package/dist/profile/profile.controller.js.map +1 -1
- package/dist/profile/profile.service.d.ts +3 -5
- package/dist/profile/profile.service.d.ts.map +1 -1
- package/dist/profile/profile.service.js +54 -7
- package/dist/profile/profile.service.js.map +1 -1
- package/dist/role/role.controller.d.ts +3 -3
- package/dist/role/role.service.d.ts +3 -3
- package/dist/screen/screen.controller.d.ts +3 -3
- package/dist/screen/screen.service.d.ts +3 -3
- package/dist/security/security.service.d.ts +1 -0
- package/dist/security/security.service.d.ts.map +1 -1
- package/dist/security/security.service.js +5 -0
- package/dist/security/security.service.js.map +1 -1
- package/dist/setting/setting.controller.d.ts +4 -4
- package/dist/setting/setting.service.d.ts +4 -4
- package/dist/token/token.service.d.ts +1 -0
- package/dist/token/token.service.d.ts.map +1 -1
- package/dist/token/token.service.js +15 -1
- package/dist/token/token.service.js.map +1 -1
- package/dist/user/user.controller.d.ts +1 -1
- package/dist/user/user.service.d.ts +46 -4
- package/dist/user/user.service.d.ts.map +1 -1
- package/dist/user/user.service.js +11 -3
- package/dist/user/user.service.js.map +1 -1
- package/hedhog/data/mail.yaml +19 -0
- package/package.json +2 -2
- package/src/auth/auth.controller.ts +30 -10
- package/src/auth/auth.service.ts +329 -21
- package/src/auth/dto/login-email-verification-resend.dto.ts +7 -0
- package/src/auth/dto/login-email-verification.dto.ts +12 -0
- package/src/challenge/challenge.service.ts +4 -0
- package/src/mail/mail.controller.ts +13 -13
- package/src/profile/dto/email-verification-confirm.dto.ts +7 -1
- package/src/profile/profile.controller.ts +1 -0
- package/src/profile/profile.service.ts +63 -6
- package/src/security/security.service.ts +8 -0
- package/src/token/token.service.ts +17 -1
- package/src/user/user.service.ts +13 -5
|
@@ -3,6 +3,8 @@ import { CreateWithEmailAndPasswordDTO } from '../user/dto/create-with-email-and
|
|
|
3
3
|
import { UserService } from '../user/user.service';
|
|
4
4
|
import { AuthService } from './auth.service';
|
|
5
5
|
import { ForgetDTO } from './dto/forget.dto';
|
|
6
|
+
import { LoginEmailVerificationResendDTO } from './dto/login-email-verification-resend.dto';
|
|
7
|
+
import { LoginEmailVerificationDTO } from './dto/login-email-verification.dto';
|
|
6
8
|
import { LoginWithCodeDTO } from './dto/login-with-code.dto';
|
|
7
9
|
import { LoginWithRecoveryCodeDTO } from './dto/login-with-recovery-code';
|
|
8
10
|
import { LoginDTO } from './dto/login.dto';
|
|
@@ -21,9 +23,9 @@ export declare class AuthController {
|
|
|
21
23
|
provider: import("@prisma/client").$Enums.user_account_provider_enum;
|
|
22
24
|
created_at: Date;
|
|
23
25
|
updated_at: Date;
|
|
24
|
-
email: string | null;
|
|
25
26
|
user_id: number;
|
|
26
27
|
provider_user_id: string;
|
|
28
|
+
email: string | null;
|
|
27
29
|
scopes: string | null;
|
|
28
30
|
refresh_token: import("@prisma/client/runtime/library").Bytes | null;
|
|
29
31
|
token_expires_at: Date | null;
|
|
@@ -77,6 +79,11 @@ export declare class AuthController {
|
|
|
77
79
|
suspended_reason: string | null;
|
|
78
80
|
deactivated_at: Date | null;
|
|
79
81
|
}>;
|
|
82
|
+
roles(user: any, locale: string): Promise<{
|
|
83
|
+
roles: {
|
|
84
|
+
slug: string;
|
|
85
|
+
}[];
|
|
86
|
+
}>;
|
|
80
87
|
refresh(locale: string, req: any, res: any, refreshTokenFromBody: string, userAgent: string, ipAddress: string): Promise<{
|
|
81
88
|
accessToken: string;
|
|
82
89
|
refreshToken: string;
|
|
@@ -85,27 +92,33 @@ export declare class AuthController {
|
|
|
85
92
|
refreshToken?: undefined;
|
|
86
93
|
}>;
|
|
87
94
|
login(locale: string, data: LoginDTO, ipAddress: string, userAgent: string, res: any): Promise<{
|
|
88
|
-
requiresMfa:
|
|
95
|
+
requiresMfa: boolean;
|
|
96
|
+
token: string;
|
|
97
|
+
} | {
|
|
98
|
+
requiresEmailVerification: boolean;
|
|
99
|
+
token: string;
|
|
100
|
+
} | {
|
|
101
|
+
accessToken: string;
|
|
102
|
+
refreshToken: string;
|
|
103
|
+
} | {
|
|
104
|
+
accessToken: string;
|
|
105
|
+
refreshToken?: undefined;
|
|
106
|
+
} | {
|
|
107
|
+
requiresMfa: boolean;
|
|
89
108
|
mfaToken: string;
|
|
90
109
|
mfaMethods: {
|
|
91
110
|
type: import("@prisma/client").$Enums.user_mfa_type_enum;
|
|
92
111
|
id: number;
|
|
93
112
|
}[];
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
} | {
|
|
113
|
+
}>;
|
|
114
|
+
emailVerificationLogin(locale: string, { token, code }: LoginEmailVerificationDTO, ipAddress: string, userAgent: string, res: any): Promise<{
|
|
97
115
|
accessToken: string;
|
|
98
116
|
refreshToken: string;
|
|
99
|
-
requiresMfa?: undefined;
|
|
100
|
-
mfaToken?: undefined;
|
|
101
|
-
mfaMethods?: undefined;
|
|
102
117
|
} | {
|
|
103
118
|
accessToken: string;
|
|
104
|
-
requiresMfa?: undefined;
|
|
105
|
-
mfaToken?: undefined;
|
|
106
|
-
mfaMethods?: undefined;
|
|
107
119
|
refreshToken?: undefined;
|
|
108
120
|
}>;
|
|
121
|
+
emailVerificationLoginResend(locale: string, { token }: LoginEmailVerificationResendDTO): Promise<any>;
|
|
109
122
|
registerWithEmailAndPassword(locale: string, data: CreateWithEmailAndPasswordDTO): Promise<{
|
|
110
123
|
user: {
|
|
111
124
|
name: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.controller.d.ts","sourceRoot":"","sources":["../../src/auth/auth.controller.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,6BAA6B,EAAE,MAAM,gDAAgD,CAAC;AAC/F,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAC7D,OAAO,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAC1E,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAC7D,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,qBAEa,cAAc;IAGvB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAExB,OAAO,CAAC,QAAQ,CAAC,KAAK;IAEtB,OAAO,CAAC,QAAQ,CAAC,IAAI;gBAJJ,OAAO,EAAE,WAAW,EAEpB,KAAK,EAAE,YAAY,EAEnB,IAAI,EAAE,WAAW;IAI9B,MAAM,CAAS,EAAE,EAAE,EAAE;;KAAA,EAAY,MAAM,EAAE,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAM/C,OAAO,CACD,MAAM,EAAE,MAAM,EACjB,GAAG,KAAA,EACkB,GAAG,KAAA,EACT,oBAAoB,EAAE,MAAM,EAC3B,SAAS,EAAE,MAAM,EAClC,SAAS,EAAE,MAAM;;;;;;;IAiBnB,KAAK,CACC,MAAM,EAAE,MAAM,EAChB,IAAI,EAAE,QAAQ,EAChB,SAAS,EAAE,MAAM,EACA,SAAS,EAAE,MAAM,EACZ,GAAG,KAAA
|
|
1
|
+
{"version":3,"file":"auth.controller.d.ts","sourceRoot":"","sources":["../../src/auth/auth.controller.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,6BAA6B,EAAE,MAAM,gDAAgD,CAAC;AAC/F,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,+BAA+B,EAAE,MAAM,2CAA2C,CAAC;AAC5F,OAAO,EAAE,yBAAyB,EAAE,MAAM,oCAAoC,CAAC;AAC/E,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAC7D,OAAO,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAC1E,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAC7D,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,qBAEa,cAAc;IAGvB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAExB,OAAO,CAAC,QAAQ,CAAC,KAAK;IAEtB,OAAO,CAAC,QAAQ,CAAC,IAAI;gBAJJ,OAAO,EAAE,WAAW,EAEpB,KAAK,EAAE,YAAY,EAEnB,IAAI,EAAE,WAAW;IAI9B,MAAM,CAAS,EAAE,EAAE,EAAE;;KAAA,EAAY,MAAM,EAAE,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAM/C,KAAK,CAAiB,IAAI,KAAA,EAAY,MAAM,EAAE,MAAM;;;;;IAOpD,OAAO,CACD,MAAM,EAAE,MAAM,EACjB,GAAG,KAAA,EACkB,GAAG,KAAA,EACT,oBAAoB,EAAE,MAAM,EAC3B,SAAS,EAAE,MAAM,EAClC,SAAS,EAAE,MAAM;;;;;;;IAiBnB,KAAK,CACC,MAAM,EAAE,MAAM,EAChB,IAAI,EAAE,QAAQ,EAChB,SAAS,EAAE,MAAM,EACA,SAAS,EAAE,MAAM,EACZ,GAAG,KAAA;;;;;;;;;;;;;;;;;;;;IAO3B,sBAAsB,CAChB,MAAM,EAAE,MAAM,EAChB,EAAC,KAAK,EAAE,IAAI,EAAC,EAAE,yBAAyB,EAC1C,SAAS,EAAE,MAAM,EACA,SAAS,EAAE,MAAM,EACZ,GAAG,KAAA;;;;;;;IAO3B,4BAA4B,CACtB,MAAM,EAAE,MAAM,EAChB,EAAC,KAAK,EAAC,EAAE,+BAA+B;IAO5C,4BAA4B,CACtB,MAAM,EAAE,MAAM,EAChB,IAAI,EAAE,6BAA6B;;;;;;;;;;;;;;;IAOvC,SAAS,CACH,MAAM,EAAE,MAAM,EAChB,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,gBAAgB,EAC/C,SAAS,EAAE,MAAM,EACA,SAAS,EAAE,MAAM,EACZ,GAAG,KAAA;;;;IAiB3B,iBAAiB,CACX,MAAM,EAAE,MAAM,EAChB,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,wBAAwB,EAC3C,SAAS,EAAE,MAAM,EACA,SAAS,EAAE,MAAM,EACZ,GAAG,KAAA;;;;IAgB3B,aAAa,CACP,MAAM,EAAE,MAAM,EAChB,EAAE,KAAK,EAAE,EAAE,gBAAgB;;;;IAO/B,uBAAuB,CACjB,MAAM,EAAE,MAAM,EAChB,EAAE,QAAQ,EAAE,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE;IAOtC,cAAc,CACR,MAAM,EAAE,MAAM,EAChB,EAAE,QAAQ,EAAE,iBAAiB,EAAE,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,iBAAiB,EAAE,GAAG,CAAA;KAAE,EAC/E,SAAS,EAAE,MAAM,EACA,SAAS,EAAE,MAAM,EACZ,GAAG,KAAA;;;;IAgB3B,MAAM,CACA,MAAM,EAAE,MAAM,EAExB,IAAI,EAAE,SAAS;;;IAOX,MAAM,CACH,GAAG,KAAA,EACkB,GAAG,KAAA,EACT,oBAAoB,EAAE,MAAM;;;IAa9C,WAAW,CACL,MAAM,EAAE,MAAM,EAChB,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,QAAQ,EAC9B,SAAS,EAAE,MAAM,EACA,SAAS,EAAE,MAAM;;;;;;;;;;;;;;;CAI3C"}
|
|
@@ -21,6 +21,8 @@ const create_with_email_and_password_dto_1 = require("../user/dto/create-with-em
|
|
|
21
21
|
const user_service_1 = require("../user/user.service");
|
|
22
22
|
const auth_service_1 = require("./auth.service");
|
|
23
23
|
const forget_dto_1 = require("./dto/forget.dto");
|
|
24
|
+
const login_email_verification_resend_dto_1 = require("./dto/login-email-verification-resend.dto");
|
|
25
|
+
const login_email_verification_dto_1 = require("./dto/login-email-verification.dto");
|
|
24
26
|
const login_with_code_dto_1 = require("./dto/login-with-code.dto");
|
|
25
27
|
const login_with_recovery_code_1 = require("./dto/login-with-recovery-code");
|
|
26
28
|
const login_dto_1 = require("./dto/login.dto");
|
|
@@ -35,6 +37,10 @@ let AuthController = class AuthController {
|
|
|
35
37
|
async verify({ id }, locale) {
|
|
36
38
|
return this.service.verifyUser(locale, id);
|
|
37
39
|
}
|
|
40
|
+
async roles(user, locale) {
|
|
41
|
+
const roles = !user || !user.id ? [] : await this.service.verifyRoles(locale, user.id);
|
|
42
|
+
return { roles };
|
|
43
|
+
}
|
|
38
44
|
async refresh(locale, req, res, refreshTokenFromBody, userAgent, ipAddress) {
|
|
39
45
|
const currentRefreshToken = req.cookies['rt'] || refreshTokenFromBody;
|
|
40
46
|
const { session, refreshToken, accessToken } = await this.service.refreshAccessToken(locale, currentRefreshToken, ipAddress, userAgent);
|
|
@@ -48,15 +54,13 @@ let AuthController = class AuthController {
|
|
|
48
54
|
return { accessToken };
|
|
49
55
|
}
|
|
50
56
|
async login(locale, data, ipAddress, userAgent, res) {
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
}
|
|
59
|
-
return { accessToken };
|
|
57
|
+
return this.service.loginWithEmailAndPassword(res, locale, ipAddress, userAgent, data);
|
|
58
|
+
}
|
|
59
|
+
async emailVerificationLogin(locale, { token, code }, ipAddress, userAgent, res) {
|
|
60
|
+
return this.service.emailVerificationLogin(locale, token, code, ipAddress, userAgent, res);
|
|
61
|
+
}
|
|
62
|
+
async emailVerificationLoginResend(locale, { token }) {
|
|
63
|
+
return this.service.emailVerificationLoginResend(locale, token);
|
|
60
64
|
}
|
|
61
65
|
async registerWithEmailAndPassword(locale, data) {
|
|
62
66
|
return this.user.createWithEmailAndPassword(locale, data);
|
|
@@ -106,6 +110,15 @@ __decorate([
|
|
|
106
110
|
__metadata("design:paramtypes", [Object, String]),
|
|
107
111
|
__metadata("design:returntype", Promise)
|
|
108
112
|
], AuthController.prototype, "verify", null);
|
|
113
|
+
__decorate([
|
|
114
|
+
(0, api_1.Public)(),
|
|
115
|
+
(0, common_1.Get)('roles'),
|
|
116
|
+
__param(0, (0, api_1.UserOptional)()),
|
|
117
|
+
__param(1, (0, api_locale_1.Locale)()),
|
|
118
|
+
__metadata("design:type", Function),
|
|
119
|
+
__metadata("design:paramtypes", [Object, String]),
|
|
120
|
+
__metadata("design:returntype", Promise)
|
|
121
|
+
], AuthController.prototype, "roles", null);
|
|
109
122
|
__decorate([
|
|
110
123
|
(0, api_1.Public)(),
|
|
111
124
|
(0, common_1.Post)('refresh'),
|
|
@@ -131,6 +144,27 @@ __decorate([
|
|
|
131
144
|
__metadata("design:paramtypes", [String, login_dto_1.LoginDTO, String, String, Object]),
|
|
132
145
|
__metadata("design:returntype", Promise)
|
|
133
146
|
], AuthController.prototype, "login", null);
|
|
147
|
+
__decorate([
|
|
148
|
+
(0, api_1.Public)(),
|
|
149
|
+
(0, common_1.Post)('login-email-verification'),
|
|
150
|
+
__param(0, (0, api_locale_1.Locale)()),
|
|
151
|
+
__param(1, (0, common_1.Body)()),
|
|
152
|
+
__param(2, (0, common_1.Ip)()),
|
|
153
|
+
__param(3, (0, common_1.Headers)('user-agent')),
|
|
154
|
+
__param(4, (0, common_1.Res)({ passthrough: true })),
|
|
155
|
+
__metadata("design:type", Function),
|
|
156
|
+
__metadata("design:paramtypes", [String, login_email_verification_dto_1.LoginEmailVerificationDTO, String, String, Object]),
|
|
157
|
+
__metadata("design:returntype", Promise)
|
|
158
|
+
], AuthController.prototype, "emailVerificationLogin", null);
|
|
159
|
+
__decorate([
|
|
160
|
+
(0, api_1.Public)(),
|
|
161
|
+
(0, common_1.Post)('login-email-verification-resend'),
|
|
162
|
+
__param(0, (0, api_locale_1.Locale)()),
|
|
163
|
+
__param(1, (0, common_1.Body)()),
|
|
164
|
+
__metadata("design:type", Function),
|
|
165
|
+
__metadata("design:paramtypes", [String, login_email_verification_resend_dto_1.LoginEmailVerificationResendDTO]),
|
|
166
|
+
__metadata("design:returntype", Promise)
|
|
167
|
+
], AuthController.prototype, "emailVerificationLoginResend", null);
|
|
134
168
|
__decorate([
|
|
135
169
|
(0, api_1.Public)(),
|
|
136
170
|
(0, common_1.Post)('signup'),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.controller.js","sourceRoot":"","sources":["../../src/auth/auth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"auth.controller.js","sourceRoot":"","sources":["../../src/auth/auth.controller.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,sCAAgE;AAChE,oDAA6C;AAC7C,2CAYwB;AACxB,0DAAsD;AACtD,uGAA+F;AAC/F,uDAAmD;AACnD,iDAA6C;AAC7C,iDAA6C;AAC7C,mGAA4F;AAC5F,qFAA+E;AAC/E,mEAA6D;AAC7D,6EAA0E;AAC1E,+CAA2C;AAC3C,mEAA6D;AAC7D,+CAA2C;AAGpC,IAAM,cAAc,GAApB,MAAM,cAAc;IACzB,YAEmB,OAAoB,EAEpB,KAAmB,EAEnB,IAAiB;QAJjB,YAAO,GAAP,OAAO,CAAa;QAEpB,UAAK,GAAL,KAAK,CAAc;QAEnB,SAAI,GAAJ,IAAI,CAAa;IAChC,CAAC;IAGC,AAAN,KAAK,CAAC,MAAM,CAAS,EAAE,EAAE,EAAE,EAAY,MAAc;QACnD,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC7C,CAAC;IAIK,AAAN,KAAK,CAAC,KAAK,CAAiB,IAAI,EAAY,MAAc;QACxD,MAAM,KAAK,GAAG,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACvF,OAAO,EAAE,KAAK,EAAE,CAAC;IACnB,CAAC;IAIK,AAAN,KAAK,CAAC,OAAO,CACD,MAAc,EACjB,GAAG,EACkB,GAAG,EACT,oBAA4B,EAC3B,SAAiB,EAClC,SAAiB;QAEvB,MAAM,mBAAmB,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,oBAAoB,CAAC;QACtE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,mBAAmB,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;QACxI,MAAM,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,MAAM,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QAEtF,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,oBAAoB,EAAE,CAAC;YAC/C,OAAO;gBACL,WAAW;gBACX,YAAY;aACb,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,WAAW,EAAE,CAAC;IACzB,CAAC;IAIK,AAAN,KAAK,CAAC,KAAK,CACC,MAAc,EAChB,IAAc,EAChB,SAAiB,EACA,SAAiB,EACZ,GAAG;QAE/B,OAAO,IAAI,CAAC,OAAO,CAAC,yBAAyB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;IACzF,CAAC;IAIK,AAAN,KAAK,CAAC,sBAAsB,CAChB,MAAc,EAChB,EAAC,KAAK,EAAE,IAAI,EAA4B,EAC1C,SAAiB,EACA,SAAiB,EACZ,GAAG;QAE/B,OAAO,IAAI,CAAC,OAAO,CAAC,sBAAsB,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;IAC7F,CAAC;IAIK,AAAN,KAAK,CAAC,4BAA4B,CACtB,MAAc,EAChB,EAAC,KAAK,EAAkC;QAEhD,OAAO,IAAI,CAAC,OAAO,CAAC,4BAA4B,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAClE,CAAC;IAIK,AAAN,KAAK,CAAC,4BAA4B,CACtB,MAAc,EAChB,IAAmC;QAE3C,OAAO,IAAI,CAAC,IAAI,CAAC,0BAA0B,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;IAIK,AAAN,KAAK,CAAC,SAAS,CACH,MAAc,EAChB,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAoB,EAC/C,SAAiB,EACA,SAAiB,EACZ,GAAG;QAE/B,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,CAC7E,MAAM,EACN,KAAK,EACL,IAAI,EACJ,SAAS,EACT,SAAS,EACT,UAAU,CACX,CAAC;QAEF,MAAM,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,MAAM,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QACtF,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;IACvC,CAAC;IAIK,AAAN,KAAK,CAAC,iBAAiB,CACX,MAAc,EAChB,EAAE,KAAK,EAAE,IAAI,EAA4B,EAC3C,SAAiB,EACA,SAAiB,EACZ,GAAG;QAE/B,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,qBAAqB,CACrF,MAAM,EACN,KAAK,EACL,IAAI,EACJ,SAAS,EACT,SAAS,CACV,CAAC;QAEF,MAAM,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,MAAM,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QACtF,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;IACvC,CAAC;IAIK,AAAN,KAAK,CAAC,aAAa,CACP,MAAc,EAChB,EAAE,KAAK,EAAoB;QAEnC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IACnD,CAAC;IAIK,AAAN,KAAK,CAAC,uBAAuB,CACjB,MAAc,EAChB,EAAE,QAAQ,EAAwB;QAE1C,OAAO,IAAI,CAAC,OAAO,CAAC,qCAAqC,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC9E,CAAC;IAIK,AAAN,KAAK,CAAC,cAAc,CACR,MAAc,EAChB,EAAE,QAAQ,EAAE,iBAAiB,EAAgD,EAC/E,SAAiB,EACA,SAAiB,EACZ,GAAG;QAE/B,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,4BAA4B,CAC5F,MAAM,EACN,QAAQ,EACR,iBAAiB,EACjB,SAAS,EACT,SAAS,CACV,CAAC;QAEF,MAAM,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,MAAM,EAAE,GAAG,EAAE,YAAY,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QACtF,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;IACvC,CAAC;IAIK,AAAN,KAAK,CAAC,MAAM,CACA,MAAc,EAExB,IAAe;QAEf,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACnD,CAAC;IAIK,AAAN,KAAK,CAAC,MAAM,CACH,GAAG,EACkB,GAAG,EACT,oBAA4B;QAElD,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,oBAAoB,CAAC;QAC/D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,4BAAmB,CAAC,4BAA4B,CAAC,CAAC;QAC9D,CAAC;QAED,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QAClD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAIK,AAAN,KAAK,CAAC,WAAW,CACL,MAAc,EAChB,EAAE,QAAQ,EAAE,IAAI,EAAY,EAC9B,SAAiB,EACA,SAAiB;QAExC,OAAO,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;IACxF,CAAC;CACF,CAAA;AA7MY,wCAAc;AAWnB;IADL,IAAA,YAAG,EAAC,QAAQ,CAAC;IACA,WAAA,IAAA,UAAI,GAAE,CAAA;IAAU,WAAA,IAAA,mBAAM,GAAE,CAAA;;;;4CAErC;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,YAAG,EAAC,OAAO,CAAC;IACA,WAAA,IAAA,kBAAY,GAAE,CAAA;IAAQ,WAAA,IAAA,mBAAM,GAAE,CAAA;;;;2CAG1C;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,SAAS,CAAC;IAEb,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,YAAG,GAAE,CAAA;IACL,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;IAC1B,WAAA,IAAA,aAAI,EAAC,cAAc,CAAC,CAAA;IACpB,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;IACrB,WAAA,IAAA,WAAE,GAAE,CAAA;;;;6CAaN;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,OAAO,CAAC;IAEX,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;IACN,WAAA,IAAA,WAAE,GAAE,CAAA;IACJ,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;IACrB,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;;6CAHb,oBAAQ;;2CAMvB;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,0BAA0B,CAAC;IAE9B,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;IACN,WAAA,IAAA,WAAE,GAAE,CAAA;IACJ,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;IACrB,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;;6CAHJ,wDAAyB;;4DAMjD;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,iCAAiC,CAAC;IAErC,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;;6CAAU,qEAA+B;;kEAGjD;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,QAAQ,CAAC;IAEZ,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;;6CAAO,kEAA6B;;kEAG5C;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,YAAY,CAAC;IAEhB,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;IACN,WAAA,IAAA,WAAE,GAAE,CAAA;IACJ,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;IACrB,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;;6CAHU,sCAAgB;;+CAgBtD;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,qBAAqB,CAAC;IAEzB,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;IACN,WAAA,IAAA,WAAE,GAAE,CAAA;IACJ,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;IACrB,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;;6CAHF,mDAAwB;;uDAelD;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,iBAAiB,CAAC;IAErB,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;;6CAAY,sCAAgB;;mDAGpC;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,mBAAmB,CAAC;IAEvB,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;;;;6DAGR;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,iBAAiB,CAAC;IAErB,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;IACN,WAAA,IAAA,WAAE,GAAE,CAAA;IACJ,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;IACrB,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;;;;oDAY5B;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,QAAQ,CAAC;IAEZ,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;;6CACD,sBAAS;;4CAGhB;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,QAAQ,CAAC;IAEZ,WAAA,IAAA,YAAG,GAAE,CAAA;IACL,WAAA,IAAA,YAAG,EAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAA;IAC1B,WAAA,IAAA,aAAI,EAAC,cAAc,CAAC,CAAA;;;;4CAStB;AAIK;IAFL,IAAA,YAAM,GAAE;IACR,IAAA,aAAI,EAAC,cAAc,CAAC;IAElB,WAAA,IAAA,mBAAM,GAAE,CAAA;IACR,WAAA,IAAA,aAAI,GAAE,CAAA;IACN,WAAA,IAAA,WAAE,GAAE,CAAA;IACJ,WAAA,IAAA,gBAAO,EAAC,YAAY,CAAC,CAAA;;6CAFM,oBAAQ;;iDAKrC;yBA5MU,cAAc;IAF1B,IAAA,UAAI,GAAE;IACN,IAAA,mBAAU,EAAC,MAAM,CAAC;IAGd,WAAA,IAAA,eAAM,EAAC,IAAA,mBAAU,EAAC,GAAG,EAAE,CAAC,0BAAW,CAAC,CAAC,CAAA;IAErC,WAAA,IAAA,eAAM,EAAC,IAAA,mBAAU,EAAC,GAAG,EAAE,CAAC,4BAAY,CAAC,CAAC,CAAA;IAEtC,WAAA,IAAA,eAAM,EAAC,IAAA,mBAAU,EAAC,GAAG,EAAE,CAAC,0BAAW,CAAC,CAAC,CAAA;qCAHZ,0BAAW;QAEb,4BAAY;QAEb,0BAAW;GAPzB,cAAc,CA6M1B"}
|
|
@@ -33,43 +33,55 @@ export declare class AuthService {
|
|
|
33
33
|
user_agent: string;
|
|
34
34
|
};
|
|
35
35
|
}>;
|
|
36
|
-
|
|
36
|
+
requiresMfaForLogin(locale: string, email: string, user: any): Promise<{
|
|
37
37
|
requiresMfa: boolean;
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
38
|
+
token: string;
|
|
39
|
+
}>;
|
|
40
|
+
requiresEmailVerificationForLogin(locale: string, email: string, user: any): Promise<{
|
|
41
|
+
requiresEmailVerification: boolean;
|
|
42
|
+
token: string;
|
|
43
|
+
}>;
|
|
44
|
+
emailVerificationLoginResend(locale: string, token: string): any;
|
|
45
|
+
emailVerificationLogin(locale: string, token: string, code: string, ipAddress: string, userAgent: string, res: any): Promise<{
|
|
46
|
+
accessToken: string;
|
|
47
|
+
refreshToken: string;
|
|
48
|
+
} | {
|
|
49
|
+
accessToken: string;
|
|
44
50
|
refreshToken?: undefined;
|
|
45
|
-
|
|
51
|
+
}>;
|
|
52
|
+
private login;
|
|
53
|
+
loginWithEmailAndPassword(res: any, locale: string, ipAddress: string, userAgent: string, { email, password }: LoginDTO): Promise<{
|
|
54
|
+
requiresMfa: boolean;
|
|
55
|
+
token: string;
|
|
56
|
+
} | {
|
|
57
|
+
requiresEmailVerification: boolean;
|
|
58
|
+
token: string;
|
|
46
59
|
} | {
|
|
47
60
|
accessToken: string;
|
|
48
61
|
refreshToken: string;
|
|
49
|
-
|
|
62
|
+
} | {
|
|
63
|
+
accessToken: string;
|
|
64
|
+
refreshToken?: undefined;
|
|
65
|
+
} | {
|
|
66
|
+
requiresMfa: boolean;
|
|
67
|
+
mfaToken: string;
|
|
68
|
+
mfaMethods: {
|
|
69
|
+
type: import("@prisma/client").$Enums.user_mfa_type_enum;
|
|
50
70
|
id: number;
|
|
51
|
-
|
|
52
|
-
created_at: Date;
|
|
53
|
-
updated_at: Date;
|
|
54
|
-
user_id: number;
|
|
55
|
-
revoked_at: Date | null;
|
|
56
|
-
expires_at: Date;
|
|
57
|
-
ip_address: string;
|
|
58
|
-
user_agent: string;
|
|
59
|
-
};
|
|
60
|
-
requiresMfa?: undefined;
|
|
61
|
-
mfaToken?: undefined;
|
|
62
|
-
mfaMethods?: undefined;
|
|
71
|
+
}[];
|
|
63
72
|
}>;
|
|
73
|
+
verifyRoles(_locale: string, userId: number): Promise<{
|
|
74
|
+
slug: string;
|
|
75
|
+
}[]>;
|
|
64
76
|
verifyUser(locale: string, userId: number): Promise<{
|
|
65
77
|
user_account: {
|
|
66
78
|
id: number;
|
|
67
79
|
provider: import("@prisma/client").$Enums.user_account_provider_enum;
|
|
68
80
|
created_at: Date;
|
|
69
81
|
updated_at: Date;
|
|
70
|
-
email: string | null;
|
|
71
82
|
user_id: number;
|
|
72
83
|
provider_user_id: string;
|
|
84
|
+
email: string | null;
|
|
73
85
|
scopes: string | null;
|
|
74
86
|
refresh_token: import("@prisma/client/runtime/library").Bytes | null;
|
|
75
87
|
token_expires_at: Date | null;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/auth/auth.service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../src/auth/auth.service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AASpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,WAAW,IAAI,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE3C,qBACa,WAAW;IAIpB,OAAO,CAAC,QAAQ,CAAC,MAAM;IAEvB,OAAO,CAAC,QAAQ,CAAC,IAAI;IAErB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAExB,OAAO,CAAC,QAAQ,CAAC,QAAQ;IAEzB,OAAO,CAAC,QAAQ,CAAC,KAAK;IAEtB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAExB,OAAO,CAAC,QAAQ,CAAC,IAAI;IAErB,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAdT,MAAM,EAAE,aAAa,EAErB,IAAI,EAAE,kBAAkB,EAExB,OAAO,EAAE,cAAc,EAEvB,QAAQ,EAAE,eAAe,EAEzB,KAAK,EAAE,YAAY,EAEnB,OAAO,EAAE,cAAc,EAEvB,IAAI,EAAE,WAAW,EAEjB,SAAS,EAAE,gBAAgB;IAGxC,wBAAwB,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAC9E,SAAS,EAAE,MAAM;;;;;;;;;;;;;;;IAab,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG;;;;IAqF5D,iCAAiC,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG;;;;IA0D1E,4BAA4B,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM;IAwC1D,sBAAsB,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;;;;;;;YA4D1G,KAAK;IAkDb,yBAAyB,CAC7B,GAAG,EAAE,GAAG,EACR,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,EACjB,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,QAAQ;;;;;;;;;;;;;;;;;;;;IAkEzB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;;;IAe3C,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAMzC,kBAAkB,CAAC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;;;;;;;;;;;;;;;IAqB7F,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,EAAE,SAAS;;;IASnD,MAAM,CAAC,GAAG,KAAA,EAAE,GAAG,KAAA,EAAE,YAAY,EAAE,MAAM;;;IAMrC,mBAAmB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;;;;;;;;;;;;;;;IAqDxG,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,UAAU;;;;;;;;;;;;;;;IAyH9I,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;;;;;;;;;;;;;;;IAuClH,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM;;;;IA+B9C,qCAAqC,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM;IA4CtE,4BAA4B,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,iBAAiB,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;;;;;;;;;;;;;;;CAqFlI"}
|
|
@@ -77,13 +77,242 @@ let AuthService = class AuthService {
|
|
|
77
77
|
session,
|
|
78
78
|
};
|
|
79
79
|
}
|
|
80
|
-
async
|
|
80
|
+
async requiresMfaForLogin(locale, email, user) {
|
|
81
|
+
console.log('MFA required, setting up email MFA');
|
|
82
|
+
const settings = await this.setting.getSettingValues([
|
|
83
|
+
'require-mfa',
|
|
84
|
+
'require-email-verification',
|
|
85
|
+
'mfa-email-code-length',
|
|
86
|
+
'mfa-challenge-expiration-minutes'
|
|
87
|
+
]);
|
|
88
|
+
const code = this.security.generateCode(settings['mfa-email-code-length'] || 6);
|
|
89
|
+
const codeHash = this.security.hashWithPepper(code);
|
|
90
|
+
const identifier = await this.prisma.user_identifier.findFirst({
|
|
91
|
+
where: {
|
|
92
|
+
user_id: user.id,
|
|
93
|
+
type: 'email',
|
|
94
|
+
value: email,
|
|
95
|
+
},
|
|
96
|
+
select: { id: true }
|
|
97
|
+
});
|
|
98
|
+
if (!identifier) {
|
|
99
|
+
throw new common_1.NotFoundException((0, api_locale_1.getLocaleText)('identifierNotFound', locale, 'Email identifier not found or already verified.'));
|
|
100
|
+
}
|
|
101
|
+
const challengeIdentifier = await this.prisma.user_identifier_challenge.create({
|
|
102
|
+
data: {
|
|
103
|
+
hash: codeHash,
|
|
104
|
+
expires_at: new Date(Date.now() + (settings['mfa-challenge-expiration-minutes'] || 15) * 60000),
|
|
105
|
+
user_identifier_id: identifier.id,
|
|
106
|
+
},
|
|
107
|
+
select: {
|
|
108
|
+
id: true,
|
|
109
|
+
}
|
|
110
|
+
});
|
|
111
|
+
const mfa = await this.prisma.user_mfa.create({
|
|
112
|
+
data: {
|
|
113
|
+
name: (0, api_locale_1.getLocaleText)('mfaEmailDefaultName', locale, 'Email MFA'),
|
|
114
|
+
type: 'email',
|
|
115
|
+
user_id: user.id,
|
|
116
|
+
user_mfa_email: {
|
|
117
|
+
create: {
|
|
118
|
+
email,
|
|
119
|
+
}
|
|
120
|
+
},
|
|
121
|
+
user_mfa_challenge: {
|
|
122
|
+
create: {
|
|
123
|
+
expires_at: new Date(Date.now() + (settings['mfa-challenge-expiration-minutes'] || 15) * 60000),
|
|
124
|
+
hash: codeHash,
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
},
|
|
128
|
+
select: {
|
|
129
|
+
user_mfa_challenge: {
|
|
130
|
+
select: { id: true }
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
});
|
|
134
|
+
const challengeMfaId = mfa.user_mfa_challenge[0].id;
|
|
135
|
+
await this.mail.sendTemplatedMail(locale, {
|
|
136
|
+
email,
|
|
137
|
+
slug: 'auth-sign-up-confirm-email',
|
|
138
|
+
variables: {
|
|
139
|
+
code,
|
|
140
|
+
name: user.name,
|
|
141
|
+
}
|
|
142
|
+
});
|
|
143
|
+
return {
|
|
144
|
+
requiresMfa: true,
|
|
145
|
+
token: await this.token.createAccessToken({
|
|
146
|
+
challengeIdentifierId: challengeIdentifier.id,
|
|
147
|
+
challengeMfaId,
|
|
148
|
+
})
|
|
149
|
+
};
|
|
150
|
+
}
|
|
151
|
+
async requiresEmailVerificationForLogin(locale, email, user) {
|
|
152
|
+
const settings = await this.setting.getSettingValues([
|
|
153
|
+
'require-mfa',
|
|
154
|
+
'require-email-verification',
|
|
155
|
+
'mfa-email-code-length',
|
|
156
|
+
'mfa-challenge-expiration-minutes'
|
|
157
|
+
]);
|
|
158
|
+
const code = this.security.generateCode(settings['mfa-email-code-length'] || 6);
|
|
159
|
+
const codeHash = this.security.hashWithPepper(code);
|
|
160
|
+
const identifier = await this.prisma.user_identifier.findFirst({
|
|
161
|
+
where: {
|
|
162
|
+
user_id: user.id,
|
|
163
|
+
type: 'email',
|
|
164
|
+
value: email,
|
|
165
|
+
},
|
|
166
|
+
select: { id: true }
|
|
167
|
+
});
|
|
168
|
+
if (!identifier) {
|
|
169
|
+
throw new common_1.NotFoundException((0, api_locale_1.getLocaleText)('identifierNotFound', locale, 'Email identifier not found or already verified.'));
|
|
170
|
+
}
|
|
171
|
+
const challengeIdentifier = await this.prisma.user_identifier_challenge.create({
|
|
172
|
+
data: {
|
|
173
|
+
hash: codeHash,
|
|
174
|
+
expires_at: new Date(Date.now() + (settings['mfa-challenge-expiration-minutes'] || 15) * 60000),
|
|
175
|
+
user_identifier_id: identifier.id,
|
|
176
|
+
},
|
|
177
|
+
select: {
|
|
178
|
+
id: true,
|
|
179
|
+
}
|
|
180
|
+
});
|
|
181
|
+
await this.mail.sendTemplatedMail(locale, {
|
|
182
|
+
email,
|
|
183
|
+
slug: 'auth-sign-up-confirm-email',
|
|
184
|
+
variables: {
|
|
185
|
+
code,
|
|
186
|
+
name: user.name,
|
|
187
|
+
}
|
|
188
|
+
});
|
|
189
|
+
return {
|
|
190
|
+
requiresEmailVerification: true,
|
|
191
|
+
token: await this.token.createAccessToken({
|
|
192
|
+
challengeIdentifierId: challengeIdentifier.id,
|
|
193
|
+
email
|
|
194
|
+
})
|
|
195
|
+
};
|
|
196
|
+
}
|
|
197
|
+
async emailVerificationLoginResend(locale, token) {
|
|
81
198
|
var _a;
|
|
199
|
+
try {
|
|
200
|
+
const payload = await this.token.verify(locale, token);
|
|
201
|
+
const challenge = await this.prisma.user_identifier_challenge.findUnique({
|
|
202
|
+
where: { id: payload.challengeIdentifierId },
|
|
203
|
+
select: {
|
|
204
|
+
user_identifier: {
|
|
205
|
+
select: {
|
|
206
|
+
user_id: true
|
|
207
|
+
}
|
|
208
|
+
}
|
|
209
|
+
}
|
|
210
|
+
});
|
|
211
|
+
if (!challenge) {
|
|
212
|
+
throw new common_1.NotFoundException((0, api_locale_1.getLocaleText)('challengeNotFound', locale, 'Challenge not found.'));
|
|
213
|
+
}
|
|
214
|
+
const user = await this.user.findUserById(locale, challenge.user_identifier.user_id);
|
|
215
|
+
return await this.requiresEmailVerificationForLogin(locale, payload.email, user);
|
|
216
|
+
}
|
|
217
|
+
catch (error) {
|
|
218
|
+
if (((_a = error.message) === null || _a === void 0 ? void 0 : _a.includes('jwt expired')) || error.name === 'TokenExpiredError') {
|
|
219
|
+
const expiredPayload = await this.token.decodeExpiredToken(token);
|
|
220
|
+
const newToken = await this.token.createAccessToken({
|
|
221
|
+
challengeIdentifierId: expiredPayload.challengeIdentifierId,
|
|
222
|
+
email: expiredPayload.email
|
|
223
|
+
});
|
|
224
|
+
return this.emailVerificationLoginResend(locale, newToken);
|
|
225
|
+
}
|
|
226
|
+
throw error;
|
|
227
|
+
}
|
|
228
|
+
}
|
|
229
|
+
async emailVerificationLogin(locale, token, code, ipAddress, userAgent, res) {
|
|
230
|
+
try {
|
|
231
|
+
const payload = await this.token.verify(locale, token);
|
|
232
|
+
const challenge = await this.prisma.user_identifier_challenge.findUnique({
|
|
233
|
+
where: { id: payload.challengeIdentifierId },
|
|
234
|
+
select: {
|
|
235
|
+
hash: true,
|
|
236
|
+
user_identifier_id: true,
|
|
237
|
+
user_identifier: {
|
|
238
|
+
select: {
|
|
239
|
+
user_id: true
|
|
240
|
+
}
|
|
241
|
+
}
|
|
242
|
+
}
|
|
243
|
+
});
|
|
244
|
+
if (!challenge) {
|
|
245
|
+
throw new common_1.NotFoundException((0, api_locale_1.getLocaleText)('challengeNotFound', locale, 'Challenge not found.'));
|
|
246
|
+
}
|
|
247
|
+
await this.prisma.user_identifier_challenge.update({
|
|
248
|
+
where: { id: payload.challengeIdentifierId },
|
|
249
|
+
data: {
|
|
250
|
+
attempts: { increment: 1 }
|
|
251
|
+
}
|
|
252
|
+
});
|
|
253
|
+
if (challenge.hash !== this.security.hashWithPepper(code)) {
|
|
254
|
+
throw new common_1.BadRequestException((0, api_locale_1.getLocaleText)('invalidVerificationCode', locale, 'Invalid verification code.'));
|
|
255
|
+
}
|
|
256
|
+
await this.prisma.$transaction(async (tx) => {
|
|
257
|
+
await tx.user_identifier_challenge.update({
|
|
258
|
+
where: { id: payload.challengeIdentifierId },
|
|
259
|
+
data: {
|
|
260
|
+
verified_at: new Date(),
|
|
261
|
+
}
|
|
262
|
+
});
|
|
263
|
+
await tx.user_identifier.update({
|
|
264
|
+
where: { id: challenge.user_identifier_id },
|
|
265
|
+
data: {
|
|
266
|
+
verified_at: new Date(),
|
|
267
|
+
}
|
|
268
|
+
});
|
|
269
|
+
});
|
|
270
|
+
const user = await this.user.findUserById(locale, challenge.user_identifier.user_id);
|
|
271
|
+
return this.login(locale, user, ipAddress, userAgent, res);
|
|
272
|
+
}
|
|
273
|
+
catch (error) {
|
|
274
|
+
throw error;
|
|
275
|
+
}
|
|
276
|
+
}
|
|
277
|
+
async login(locale, user, ipAddress, userAgent, res) {
|
|
278
|
+
const emails = await this.prisma.user_identifier.findMany({
|
|
279
|
+
where: {
|
|
280
|
+
user_id: user.id,
|
|
281
|
+
type: 'email',
|
|
282
|
+
},
|
|
283
|
+
select: { value: true }
|
|
284
|
+
});
|
|
285
|
+
if (!emails || emails.length === 0) {
|
|
286
|
+
throw new common_1.BadRequestException((0, api_locale_1.getLocaleText)('accessDenied', locale, 'Access denied.'));
|
|
287
|
+
}
|
|
288
|
+
const { accessToken, refreshToken, session } = await this.getAuthenticationPayload(locale, user.id, ipAddress, userAgent);
|
|
289
|
+
for (const emailObj of emails) {
|
|
290
|
+
this.mail.sendTemplatedMail(locale, {
|
|
291
|
+
email: emailObj.value,
|
|
292
|
+
slug: 'auth-login-new-device',
|
|
293
|
+
variables: {
|
|
294
|
+
name: user.name,
|
|
295
|
+
ipAddress,
|
|
296
|
+
userAgent,
|
|
297
|
+
location: 'Unknown',
|
|
298
|
+
}
|
|
299
|
+
});
|
|
300
|
+
}
|
|
301
|
+
await this.user.registerUserActivity(user.id, "login");
|
|
302
|
+
await this.token.setRefreshTokenCookie(locale, res, refreshToken, session.expires_at);
|
|
303
|
+
if (refreshToken) {
|
|
304
|
+
return { accessToken, refreshToken };
|
|
305
|
+
}
|
|
306
|
+
return { accessToken };
|
|
307
|
+
}
|
|
308
|
+
async loginWithEmailAndPassword(res, locale, ipAddress, userAgent, { email, password }) {
|
|
309
|
+
var _a, _b;
|
|
82
310
|
const user = await this.user.findUserByEmail(locale, email);
|
|
83
311
|
if (!user)
|
|
84
312
|
throw new common_1.BadRequestException((0, api_locale_1.getLocaleText)('accessDenied', locale, 'Access denied.'));
|
|
85
313
|
const credentials = ((_a = user.user_credential) === null || _a === void 0 ? void 0 : _a.filter((c) => c.type === 'password')) || [];
|
|
86
|
-
|
|
314
|
+
const identifier = (_b = user.user_identifier) === null || _b === void 0 ? void 0 : _b.find((i) => i.type === 'email' && i.value === email);
|
|
315
|
+
if (!(await this.security.validatePassword(locale, credentials, password))) {
|
|
87
316
|
throw new common_1.BadRequestException((0, api_locale_1.getLocaleText)('accessDenied', locale, 'Access denied.'));
|
|
88
317
|
}
|
|
89
318
|
const mfaMethods = await this.prisma.user_mfa.findMany({
|
|
@@ -114,19 +343,33 @@ let AuthService = class AuthService {
|
|
|
114
343
|
mfaMethods: mfaMethods.map(m => ({ type: m.type, id: m.id }))
|
|
115
344
|
};
|
|
116
345
|
}
|
|
117
|
-
const
|
|
118
|
-
|
|
119
|
-
email,
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
346
|
+
const settings = await this.setting.getSettingValues([
|
|
347
|
+
'require-mfa',
|
|
348
|
+
'require-email-verification',
|
|
349
|
+
'mfa-email-code-length',
|
|
350
|
+
'mfa-challenge-expiration-minutes'
|
|
351
|
+
]);
|
|
352
|
+
if (settings['require-mfa'] === true && mfaMethods.length === 0) {
|
|
353
|
+
return this.requiresMfaForLogin(locale, email, user);
|
|
354
|
+
}
|
|
355
|
+
else if (settings['require-email-verification'] === true && (identifier === null || identifier === void 0 ? void 0 : identifier.verified_at) === null) {
|
|
356
|
+
return this.requiresEmailVerificationForLogin(locale, email, user);
|
|
357
|
+
}
|
|
358
|
+
return this.login(locale, user, ipAddress, userAgent, res);
|
|
359
|
+
}
|
|
360
|
+
async verifyRoles(_locale, userId) {
|
|
361
|
+
return this.prisma.role.findMany({
|
|
362
|
+
where: {
|
|
363
|
+
role_user: {
|
|
364
|
+
some: {
|
|
365
|
+
user_id: userId
|
|
366
|
+
}
|
|
367
|
+
}
|
|
368
|
+
},
|
|
369
|
+
select: {
|
|
370
|
+
slug: true
|
|
126
371
|
}
|
|
127
372
|
});
|
|
128
|
-
await this.user.registerUserActivity(user.id, "login");
|
|
129
|
-
return { accessToken, refreshToken, session };
|
|
130
373
|
}
|
|
131
374
|
async verifyUser(locale, userId) {
|
|
132
375
|
const user = await this.user.findUserById(locale, userId);
|