npm - @lenne.tech/nest-server - Versions diffs - 8.6.24 → 8.6.25 - Mend

@lenne.tech/nest-server 8.6.24 → 8.6.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

package/src/core/modules/auth/services/core-auth.service.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
 import * as bcrypt from 'bcrypt';
+import { sha256 } from 'js-sha256';
 import { merge } from '../../../common/helpers/config.helper';
 import { ServiceOptions } from '../../../common/interfaces/service-options.interface';
 import { ICoreAuthUser } from '../interfaces/core-auth-user.interface';
@@ -23,10 +24,17 @@ export class CoreAuthService {
     serviceOptions?: ServiceOptions
   ): Promise<{ token: string; user: ICoreAuthUser }> {
     serviceOptions = merge(serviceOptions || {}, { prepareOutput: null });
+    // Get user
     const user = await this.userService.getViaEmail(email, serviceOptions);
-    if (!user || !(await bcrypt.compare(password, user.password))) {
+    if (
+      !user ||
+      !((await bcrypt.compare(password, user.password)) || (await bcrypt.compare(sha256(password), user.password)))
+    ) {
       throw new UnauthorizedException();
     }
+    // Return JWT
     const payload: JwtPayload = { email: user.email };
     return {
       token: this.jwtService.sign(payload),

package/src/core/modules/file/core-file-info.model.ts CHANGED Viewed

@@ -8,7 +8,17 @@ import { CoreModel } from '../../common/models/core-model.model';
  */
 @ObjectType({ description: 'Information about file' })
 export class CoreFileInfo extends CoreModel {
-  _id: Types.ObjectId;
+  // ===========================================================================
+  // Getter
+  // ===========================================================================
+  get _id() {
+    return new Types.ObjectId(this.id);
+  }
+  // ===========================================================================
+  // Properties
+  // ===========================================================================
   @Field(() => String, { description: 'ID of the file' })
   id: string = undefined;

package/src/core/modules/user/core-user.service.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import { BadRequestException, NotFoundException, UnprocessableEntityException } from '@nestjs/common';
 import * as bcrypt from 'bcrypt';
 import * as crypto from 'crypto';
+import { sha256 } from 'js-sha256';
 import { Document, Model } from 'mongoose';
 import { merge } from '../../common/helpers/config.helper';
 import { assignPlain } from '../../common/helpers/input.helper';
@@ -128,6 +129,10 @@ export abstract class CoreUserService<
     return this.process(
       async () => {
+        // Check if the password was transmitted encrypted
+        // If not, the password is encrypted to enable future encrypted and unencrypted transmissions
+        newPassword = /^[a-f0-9]{64}$/i.test(newPassword) ? newPassword : sha256(newPassword);
         // Update and return user
         return await assignPlain(dbObject, {
           password: await bcrypt.hash(newPassword, 10),

package/src/index.ts CHANGED Viewed

@@ -62,6 +62,7 @@ export * from './core/common/types/field-selection.type';
 export * from './core/common/types/ids.type';
 export * from './core/common/types/maybe-promise.type';
 export * from './core/common/types/plain-input.type';
+export * from './core/common/types/plain-object.type';
 export * from './core/common/types/remove-methods.type';
 export * from './core/common/types/require-only-one.type';
 export * from './core/common/types/required-at-least-one.type';

package/src/server/common/services/cron-jobs.service.ts CHANGED Viewed

@@ -21,7 +21,7 @@ export class CronJobs extends CoreCronJobs {
   // ===================================================================================================================
   protected async sayHello() {
-    console.log('Hello :)');
+    console.info('Hello :)');
     await new Promise<void>((resolve) => {
       setTimeout(() => resolve(), 30000);
     });

package/src/server/modules/auth/auth.service.ts CHANGED Viewed

@@ -1,7 +1,10 @@
 import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
 import * as bcrypt from 'bcrypt';
+import { sha256 } from 'js-sha256';
 import envConfig from '../../../config.env';
+import { Roles } from '../../../core/common/decorators/roles.decorator';
+import { RoleEnum } from '../../../core/common/enums/role.enum';
 import { prepareServiceOptions } from '../../../core/common/helpers/service.helper';
 import { ServiceOptions } from '../../../core/common/interfaces/service-options.interface';
 import { EmailService } from '../../../core/common/services/email.service';
@@ -12,6 +15,7 @@ import { AuthSignInInput } from './inputs/auth-sign-in.input';
 import { AuthSignUpInput } from './inputs/auth-sign-up.input';
 @Injectable()
+@Roles(RoleEnum.ADMIN)
 export class AuthService {
   constructor(
     protected readonly jwtService: JwtService,
@@ -22,6 +26,7 @@ export class AuthService {
   /**
    * Sign in for user
    */
+  @Roles(RoleEnum.S_EVERYONE)
   async signIn(input: AuthSignInInput, serviceOptions?: ServiceOptions): Promise<Auth> {
     // Prepare service options
     const serviceOptionsForUserService = prepareServiceOptions(serviceOptions, {
@@ -34,12 +39,13 @@ export class AuthService {
     // Get and check user
     const user = await this.userService.getViaEmail(input.email, serviceOptionsForUserService);
-    if (!user) {
-      throw new UnauthorizedException();
-    }
-    // Check password
-    if (!(await bcrypt.compare(input.password, user.password))) {
+    if (
+      !user ||
+      !(
+        (await bcrypt.compare(input.password, user.password)) ||
+        (await bcrypt.compare(sha256(input.password), user.password))
+      )
+    ) {
       throw new UnauthorizedException();
     }
@@ -54,6 +60,7 @@ export class AuthService {
   /**
    * Register a new user Account
    */
+  @Roles(RoleEnum.S_EVERYONE)
   async signUp(input: AuthSignUpInput, serviceOptions?: ServiceOptions): Promise<Auth> {
     // Prepare service options
     const serviceOptionsForUserService = prepareServiceOptions(serviceOptions, {

package/src/server/modules/file/file.controller.ts CHANGED Viewed

@@ -42,6 +42,6 @@ export class FileController extends CoreFileController {
     })
   )
   uploadFiles(@UploadedFiles() files, @Body() fields: any) {
-    console.log('Saved file info', JSON.stringify({ files, fields }, null, 2));
+    console.info('Saved file info', JSON.stringify({ files, fields }, null, 2));
   }
 }

package/src/server/modules/file/file.resolver.ts CHANGED Viewed

@@ -11,6 +11,7 @@ import { FileService } from './file.service';
  * File resolver
  */
 @Resolver()
+@Roles(RoleEnum.ADMIN)
 export class FileResolver {
   /**
    * Integrate services

package/src/server/modules/user/user.model.ts CHANGED Viewed

@@ -1,7 +1,6 @@
 import { Field, ObjectType } from '@nestjs/graphql';
 import { Prop, Schema as MongooseSchema, SchemaFactory } from '@nestjs/mongoose';
-import { Document, Schema, Types } from 'mongoose';
-import { mapClasses } from '../../../core/common/helpers/model.helper';
+import { Document, Schema } from 'mongoose';
 import { CoreUserModel } from '../../../core/modules/user/core-user.model';
 import { PersistenceModel } from '../../common/models/persistence.model';
@@ -34,7 +33,7 @@ export class User extends CoreUserModel implements PersistenceModel {
     nullable: true,
   })
   @Prop({ type: Schema.Types.ObjectId, ref: 'User' })
-  createdBy: Types.ObjectId | string = undefined;
+  createdBy: string = undefined;
   /**
    * ID of the user who updated the object
@@ -46,7 +45,7 @@ export class User extends CoreUserModel implements PersistenceModel {
     nullable: true,
   })
   @Prop({ type: Schema.Types.ObjectId, ref: 'User' })
-  updatedBy: Types.ObjectId | string = undefined;
+  updatedBy: string = undefined;
   // ===================================================================================================================
   // Methods
@@ -66,7 +65,9 @@ export class User extends CoreUserModel implements PersistenceModel {
    */
   map(input) {
     super.map(input);
-    return mapClasses(input, { createdBy: User, updatedBy: User }, this);
+    // There is nothing to map yet. Non-primitive variables should always be mapped.
+    // If something comes up, you can use `mapClasses` / `mapClassesAsync` from ModelHelper.
+    return this;
   }
 }

package/src/server/modules/user/user.module.ts CHANGED Viewed

@@ -2,6 +2,7 @@ import { Module } from '@nestjs/common';
 import { MongooseModule } from '@nestjs/mongoose';
 import { PubSub } from 'graphql-subscriptions';
 import { JSON } from '../../../core/common/scalars/json.scalar';
+import { ConfigService } from '../../../core/common/services/config.service';
 import { AvatarController } from './avatar.controller';
 import { User, UserSchema } from './user.model';
 import { UserResolver } from './user.resolver';
@@ -16,6 +17,7 @@ import { UserService } from './user.service';
   providers: [
     JSON,
     UserResolver,
+    ConfigService,
     UserService,
     {
       provide: 'USER_CLASS',

package/src/server/modules/user/user.resolver.ts CHANGED Viewed

@@ -15,6 +15,7 @@ import { UserService } from './user.service';
  * Resolver to process with user data
  */
 @Resolver(() => User)
+@Roles(RoleEnum.ADMIN)
 export class UserResolver {
   /**
    * Import services
@@ -53,6 +54,7 @@ export class UserResolver {
   /**
    * Get verified state of user with token
    */
+  @Roles(RoleEnum.S_USER)
   @Query(() => Boolean, { description: 'Get verified state of user with token' })
   async getVerifiedState(@Args('token') token: string) {
     return await this.userService.getVerifiedState(token);
@@ -61,6 +63,7 @@ export class UserResolver {
   /**
    * Request new password for user with email
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Query(() => Boolean, { description: 'Request new password for user with email' })
   async requestPasswordResetMail(@Args('email') email: string): Promise<boolean> {
     return !!(await this.userService.sendPasswordResetMail(email));
@@ -103,6 +106,7 @@ export class UserResolver {
   /**
    * Set new password for user with token
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Mutation(() => Boolean, { description: 'Set new password for user with token' })
   async resetPassword(@Args('token') token: string, @Args('password') password: string): Promise<boolean> {
     return !!(await this.userService.resetPassword(token, password));
@@ -131,6 +135,7 @@ export class UserResolver {
   /**
    * Verify user with email
    */
+  @Roles(RoleEnum.S_EVERYONE)
   @Mutation(() => Boolean, { description: 'Verify user with email' })
   async verifyUser(@Args('token') token: string): Promise<boolean> {
     return !!(await this.userService.verify(token));
@@ -143,6 +148,7 @@ export class UserResolver {
   /**
    * Subscription for created user
    */
+  @Roles(RoleEnum.ADMIN)
   @Subscription(() => User, {
     filter(this: UserResolver, payload, variables, context) {
       return context?.user?.hasRole?.(RoleEnum.ADMIN);

package/src/server/modules/user/user.service.ts CHANGED Viewed

@@ -98,7 +98,7 @@ export class UserService extends CoreUserService<User, UserInput, UserCreateInpu
     if (user.avatar) {
       fs.unlink(envConfig.staticAssets.path + '/avatars/' + user.avatar, (err) => {
         if (err) {
-          console.log(err);
+          console.error(err);
         }
       });
     }

package/src/test/test.helper.ts CHANGED Viewed

@@ -91,7 +91,7 @@ export interface TestGraphQLOptions {
   countOfSubscriptionMessages?: number;
   /**
-   * Print console logs
+   * Output information in the console
    */
   log?: boolean;
@@ -444,7 +444,7 @@ export class TestHelper {
     //
     //   // Log response
     //   if (log) {
-    //     console.log(response);
+    //     console.info(response);
     //   }
     //
     //   // Check data
@@ -468,7 +468,7 @@ export class TestHelper {
     // Response
     if (log) {
-      console.log(requestConfig);
+      console.info(requestConfig);
     }
     const response = await (variables ? request : request.send(requestConfig.payload));
     return this.processResponse(response, statusCode, log, logError);
@@ -528,7 +528,7 @@ export class TestHelper {
   processResponse(response, statusCode, log, logError) {
     // Log response
     if (log) {
-      console.log('Response', JSON.stringify(response, null, 2));
+      console.info('Response', JSON.stringify(response, null, 2));
     }
     // Log error
@@ -565,14 +565,14 @@ export class TestHelper {
     // Init client
     if (options.log) {
-      console.log('Subscription query', JSON.stringify(query, null, 2));
+      console.info('Subscription query', JSON.stringify(query, null, 2));
     }
     const client = createClient({ url: this.subscriptionUrl, connectionParams, webSocketImpl: ws });
     const messages: any[] = [];
     let unsubscribe: () => void;
     const onNext = (message) => {
       if (options.log) {
-        console.log('Subscription message', JSON.stringify(message, null, 2));
+        console.info('Subscription message', JSON.stringify(message, null, 2));
       }
       messages.push(message?.data?.[graphql.name]);
       if (messages.length <= options.countOfSubscriptionMessages) {