@live-change/password-authentication-service 0.2.12 → 0.2.13

package/change.js

@@ -0,0 +1,47 @@
+const definition = require('./definition.js')
+const config = definition.config
+const { PasswordAuthentication, secretProperties } = require('./model.js')
+
+definition.action({
+  name: 'setPassword',
+  waitForEvents: true,
+  properties: {
+    ...secretProperties
+  },
+  access: (params, { client }) => {
+    return !!client.user
+  },
+  async execute({ passwordHash }, { client, service }, emit) {
+    const user = client.user
+    const passwordAuthenticationData = await PasswordAuthentication.get(user)
+    if(passwordAuthenticationData) throw 'exists'
+    emit({
+      type: 'passwordAuthenticationSet',
+      user, passwordHash
+    })
+  }
+})
+
+definition.action({
+  name: 'changePassword',
+  waitForEvents: true,
+  properties: {
+    currentPasswordHash: secretProperties.passwordHash,
+    ...secretProperties
+  },
+  access: (params, { client }) => {
+    return !!client.user
+  },
+  async execute({ currentPasswordHash, passwordHash }, { client, service }, emit) {
+    const user = client.user
+    const passwordAuthenticationData = await PasswordAuthentication.get(user)
+    if(!passwordAuthenticationData) throw 'notFound'
+    if(currentPasswordHash != passwordAuthenticationData.passwordHash) throw { properties: {
+      currentPasswordHash: 'wrongPassword'
+    } }
+    emit({
+      type: 'passwordAuthenticationSet',
+      user, passwordHash
+    })
+  }
+})

package/definition.js

@@ -0,0 +1,9 @@
+const app = require("@live-change/framework").app()
+const user = require('@live-change/user-service')
+
+const definition = app.createServiceDefinition({
+  name: "passwordAuthentication",
+  use: [ user ]
+})
+
+module.exports = definition

package/index.js

@@ -1,141 +1,9 @@
-const crypto = require('crypto')
-const app = require("@live-change/framework").app()
-const user = require('@live-change/user-service')
-const { AuthenticatedUser } = require("../user-service/model.js")
+const definition = require('./definition.js')
 
-const definition = app.createServiceDefinition({
-  name: "passwordAuthentication",
-  use: [ user ]
-})
-const config = definition.config
-
-const User = definition.foreignModel('user', 'User')
-
-const secretProperties = {
-  passwordHash: {
-    type: String,
-    secret: true,
-    preFilter: config.passwordHash ||
-      (password => password && crypto.createHash('sha256').update(password).digest('hex')),
-    validation: config.passwordValidation || ['password']
-  },
-}
-
-const PasswordAuthentication = definition.model({
-  name: 'PasswordAuthentication',
-  userProperty: {
-    userViews: [
-      { suffix: 'Exists', fields: ['user'] }
-    ]
-  },
-  properties: {
-    ...secretProperties,
-  }
-})
-
-definition.event({
-  name: 'passwordAuthenticationSet',
-  async execute({ user, passwordHash }) {
-    await PasswordAuthentication.create({ id: user, user, passwordHash })
-  }
-})
-
-definition.action({
-  name: 'setPassword',
-  waitForEvents: true,
-  properties: {
-    ...secretProperties
-  },
-  access: (params, { client }) => {
-    return !!client.user
-  },
-  async execute({ passwordHash }, { client, service }, emit) {
-    const user = client.user
-    const passwordAuthenticationData = await PasswordAuthentication.get(user)
-    if(passwordAuthenticationData) throw 'exists'
-    emit({
-      type: 'passwordAuthenticationSet',
-      user, passwordHash
-    })
-  }
-})
-
-definition.action({
-  name: 'changePassword',
-  waitForEvents: true,
-  properties: {
-    currentPasswordHash: secretProperties.passwordHash,
-    ...secretProperties
-  },
-  access: (params, { client }) => {
-    return !!client.user
-  },
-  async execute({ currentPasswordHash, passwordHash }, { client, service }, emit) {
-    const user = client.user
-    const passwordAuthenticationData = await PasswordAuthentication.get(user)
-    if(!passwordAuthenticationData) throw 'notFound'
-    if(currentPasswordHash != passwordAuthenticationData.passwordHash) throw { properties: {
-      currentPasswordHash: 'wrongPassword'
-    } }
-    emit({
-      type: 'passwordAuthenticationSet',
-      user, passwordHash
-    })
-  }
-})
-
-for(const contactType of config.contactTypes) {
-  const contactTypeUpperCaseName = contactType[0].toUpperCase() + contactType.slice(1)
-
-  const contactConfig = (typeof contactType == "string") ? { name: contactType } : contactType
-
-  const contactTypeName = contactConfig.name
-  const contactTypeUName = contactTypeName[0].toUpperCase() + contactTypeName.slice(1)
-
-  const contactTypeProperties = {
-    [contactType]: {
-      type: String,
-      validation: ['nonEmpty', contactTypeName]
-    }
-  }
-
-  definition.action({
-    name: 'signIn' + contactTypeUpperCaseName,
-    waitForEvents: true,
-    properties: {
-      ...contactTypeProperties,
-      ...secretProperties
-    },
-    async execute({ [contactTypeName]: contact, passwordHash }, { client, service }, emit) {
-      await service.trigger({
-        type: 'checkExisting' + contactTypeUName,
-        [contactType]: contact,
-      })
-      if(passwordHash) { // login with password
-        throw Error('not implemented yet')
-      } else { // login without password - with message
-        if(!config.signInWithoutPassword) throw { properties: { passwordHash: 'empty' } }
-        const contactData = (await service.trigger({
-          type: 'get' + contactTypeUName,
-          [contactType]: contact,
-        }))[0]
-        const messageData = {
-          user: contactData.user
-        }
-        const results = await service.trigger({
-          type: 'authenticateWithMessage',
-          contactType,
-          contact,
-          messageData,
-          action: 'signInWithMessage',
-          targetPage: config.signInTargetPage || { name: 'user:signInFinished' }
-        })
-        return results[0]
-      }
-    }
-  })
-
-}
+require('./model.js')
+require('./change.js')
+require('./signIn.js')
+require('./reset.js')
 
 definition.processor(function(service, app) {
   service.validators.password = require('./passwordValidator.js')

package/model.js

@@ -0,0 +1,34 @@
+const crypto = require('crypto')
+const definition = require('./definition.js')
+const config = definition.config
+
+const secretProperties = {
+  passwordHash: {
+    type: String,
+    secret: true,
+    preFilter: config.passwordHash ||
+      (password => password && crypto.createHash('sha256').update(password).digest('hex')),
+    validation: config.passwordValidation || ['password']
+  },
+}
+
+const PasswordAuthentication = definition.model({
+  name: 'PasswordAuthentication',
+  userProperty: {
+    userViews: [
+      { suffix: 'Exists', fields: ['user'] }
+    ]
+  },
+  properties: {
+    ...secretProperties,
+  }
+})
+
+definition.event({
+  name: 'passwordAuthenticationSet',
+  async execute({ user, passwordHash }) {
+    await PasswordAuthentication.create({ id: user, user, passwordHash })
+  }
+})
+
+module.exports = { PasswordAuthentication, secretProperties }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@live-change/password-authentication-service",
-  "version": "0.2.12",
+  "version": "0.2.13",
   "description": "",
   "main": "index.js",
   "scripts": {
@@ -24,5 +24,5 @@
     "@live-change/framework": "^0.5.7",
     "nodemailer": "^6.7.2"
   },
-  "gitHead": "a0dce761d803684a74e4cf4d50c63a0dc80dd4cf"
+  "gitHead": "add122f25ae8a848c2d24e1a75c3c9ae69d86faa"
 }

package/reset.js

@@ -0,0 +1,158 @@
+const app = require("@live-change/framework").app()
+const { randomString } = require('@live-change/uid')
+const definition = require('./definition.js')
+const config = definition.config
+const { PasswordAuthentication, secretProperties } = require('./model.js')
+
+const User = definition.foreignModel('user', 'User')
+
+const ResetPasswordAuthentication = definition.model({
+  name: 'ResetPasswordAuthentication',
+  userProperty: {
+    userReadAccess: () => true
+  },
+  properties: {
+    expire: {
+      type: Date,
+      validation: ['nonEmpty']
+    },
+    key: {
+      type: String,
+      validation: ['nonEmpty']
+    },
+    state: {
+      type: String,
+      validation: ['nonEmpty']
+    }
+  },
+  indexes: {
+    byKey: {
+      property: 'key'
+    }
+  }
+})
+
+definition.event({
+  name: 'resetPasswordAuthenticationCreated',
+  async execute({ resetPasswordAuthentication, user, key, expire }) {
+    await ResetPasswordAuthentication.create({ id: resetPasswordAuthentication, user, key, expire, state: 'created' })
+  }
+})
+
+definition.event({
+  name: 'resetPasswordAuthenticationUsed',
+  async execute({ resetPasswordAuthentication }) {
+    await ResetPasswordAuthentication.update(resetPasswordAuthentication, { state: 'used' })
+  }
+})
+
+definition.view({
+  name: "resetPasswordAuthentication",
+  properties: {
+    key: {
+      type: String,
+      validation: ['nonEmpty']
+    }
+  },
+  daoPath({ key }, { client, context }) {
+    return ResetPasswordAuthentication.indexObjectPath('byKey', key)
+  }
+})
+
+for(const contactType of config.contactTypes) {
+
+  const contactConfig = (typeof contactType == "string") ? { name: contactType } : contactType
+  const contactTypeName = contactConfig.name
+  const contactTypeUName = contactTypeName[0].toUpperCase() + contactTypeName.slice(1)
+
+  const contactTypeProperties = {
+    [contactTypeName]: {
+      type: String,
+      validation: ['nonEmpty', contactTypeName]
+    }
+  }
+
+  definition.action({
+    name: 'resetPassword' + contactTypeUName,
+    waitForEvents: true,
+    properties: {
+      ...contactTypeProperties
+    },
+    async execute({ [contactTypeName]: contact }, { client, service }, emit) {
+      const contactData = (await service.trigger({
+        type: 'get' + contactTypeUName,
+        [contactTypeName]: contact,
+      }))[0]
+      const { user } = contactData
+      const messageData = { user }
+      const actionProperties = { user }
+      return (await service.trigger({
+        type: 'authenticateWithMessage',
+        contactType,
+        contact,
+        messageData,
+        action: 'startResetPasswordWithMessage',
+        actionProperties,
+        targetPage: config.resetPasswordTargetPage || { name: 'user:resetPasswordForm' }
+      }))[0]
+    }
+  })
+
+}
+
+definition.trigger({
+  name: 'startResetPasswordWithMessageAuthenticated',
+  waitForEvents: true,
+  properties: {
+    user: {
+      type: User,
+      validation: ['nonEmpty']
+    }
+  },
+  async execute({ user, session }, { client, service }, emit) {
+    if(!user) throw new Error('user required')
+    const resetPasswordAuthentication = app.generateUid()
+    const key = randomString(config.resetKeyLength || 16)
+    const expire = new Date()
+    expire.setTime(Date.now() + (config.resetExpireTime || 1*60*60*1000))
+    service.trigger({
+      type: 'signIn',
+      user, session
+    })
+    emit({
+      type: 'resetPasswordAuthenticationCreated',
+      resetPasswordAuthentication,
+      user, key, expire
+    })
+    return {
+      resetKey: key
+    }
+  }
+})
+
+definition.action({
+  name: 'finishResetPassword',
+  waitForEvents: true,
+  properties: {
+    key: {
+      type: String,
+      validation: ['nonEmpty']
+    },
+    ...secretProperties
+  },
+  async execute({ key, passwordHash }, { client, service }, emit) {
+    const resetPasswordAuthenticationData = await ResetPasswordAuthentication.indexObjectGet('byKey', key)
+    console.log("RESET AUTH", resetPasswordAuthenticationData)
+    if(!resetPasswordAuthenticationData) throw 'authenticationNotFound'
+    if(resetPasswordAuthenticationData.state == 'used') throw 'authenticationUsed'
+    if(resetPasswordAuthenticationData.expire < (new Date().toISOString())) throw 'authenticationExpired'
+    const { user } = resetPasswordAuthenticationData
+    emit([{
+      type: 'passwordAuthenticationSet',
+      user, passwordHash
+    }, {
+      type: 'resetPasswordAuthenticationUsed',
+      resetPasswordAuthentication: resetPasswordAuthenticationData.id
+    }])
+  }
+})

package/signIn.js

@@ -0,0 +1,62 @@
+const definition = require('./definition.js')
+const config = definition.config
+
+const { PasswordAuthentication, secretProperties } = require('./model.js')
+
+for(const contactType of config.contactTypes) {
+  const contactTypeUpperCaseName = contactType[0].toUpperCase() + contactType.slice(1)
+
+  const contactConfig = (typeof contactType == "string") ? { name: contactType } : contactType
+
+  const contactTypeName = contactConfig.name
+  const contactTypeUName = contactTypeName[0].toUpperCase() + contactTypeName.slice(1)
+
+  const contactTypeProperties = {
+    [contactType]: {
+      type: String,
+      validation: ['nonEmpty', contactTypeName]
+    }
+  }
+
+  definition.action({
+    name: 'signIn' + contactTypeUpperCaseName,
+    waitForEvents: true,
+    properties: {
+      ...contactTypeProperties,
+      ...secretProperties
+    },
+    async execute({ [contactTypeName]: contact, passwordHash }, { client, service }, emit) {
+      const contactData = (await service.trigger({
+        type: 'get' + contactTypeUName,
+        [contactType]: contact,
+      }))[0]
+      const { user } = contactData
+      if(passwordHash) { // login with password
+        console.log("USER!", user)
+        const passwordAuthenticationData = await PasswordAuthentication.get(user)
+        console.log("PASSWORD AUTH!", passwordAuthenticationData)
+        if(!passwordAuthenticationData || passwordAuthenticationData.passwordHash != passwordHash)
+          throw { properties: { passwordHash: 'wrongPassword' } }
+        await service.trigger({
+          type: 'signIn', user, session
+        })
+        return user
+      } else { // login without password - with message
+        if(!config.signInWithoutPassword) throw { properties: { passwordHash: 'empty' } }
+        const messageData = {
+          user
+        }
+        const results = await service.trigger({
+          type: 'authenticateWithMessage',
+          contactType,
+          contact,
+          messageData,
+          action: 'signInWithMessage',
+          targetPage: config.signInTargetPage || { name: 'user:signInFinished' }
+        })
+        return results[0]
+      }
+    }
+  })
+
+}