@loomcore/api 0.0.13 → 0.0.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/__tests__/test-express-app.js +1 -1
- package/dist/models/base-api-config.interface.d.ts +1 -1
- package/dist/services/auth.service.js +7 -6
- package/dist/services/multi-tenant-api.service.d.ts +1 -1
- package/dist/services/multi-tenant-api.service.js +13 -1
- package/dist/services/password-reset-token.service.js +4 -3
- package/dist/services/user.service.js +3 -0
- package/package.json +2 -2
|
@@ -66,7 +66,7 @@ export class AuthService extends GenericApiService {
|
|
|
66
66
|
});
|
|
67
67
|
}
|
|
68
68
|
getUserByEmail(email) {
|
|
69
|
-
return this.collection.findOne({ email: email })
|
|
69
|
+
return this.collection.findOne({ email: email.toLowerCase() })
|
|
70
70
|
.then((user) => {
|
|
71
71
|
return user;
|
|
72
72
|
});
|
|
@@ -176,17 +176,18 @@ export class AuthService extends GenericApiService {
|
|
|
176
176
|
await this.emailService.sendHtmlEmail(emailAddress, `Reset Password for ${config.appName}`, htmlEmailBody);
|
|
177
177
|
}
|
|
178
178
|
async resetPassword(email, passwordResetToken, password) {
|
|
179
|
-
const
|
|
179
|
+
const lowerCaseEmail = email.toLowerCase();
|
|
180
|
+
const retrievedPasswordResetToken = await this.passwordResetTokenService.getByEmail(lowerCaseEmail);
|
|
180
181
|
if (!retrievedPasswordResetToken) {
|
|
181
|
-
throw new ServerError(`Unable to retrieve password reset token for email: ${
|
|
182
|
+
throw new ServerError(`Unable to retrieve password reset token for email: ${lowerCaseEmail}`);
|
|
182
183
|
}
|
|
183
184
|
if (retrievedPasswordResetToken.token !== passwordResetToken || retrievedPasswordResetToken.expiresOn < Date.now()) {
|
|
184
185
|
throw new BadRequestError('Invalid password reset token');
|
|
185
186
|
}
|
|
186
|
-
const result = await this.changePassword(EmptyUserContext, { email }, password);
|
|
187
|
-
console.log(`password changed using forgot-password for email: ${
|
|
187
|
+
const result = await this.changePassword(EmptyUserContext, { email: lowerCaseEmail }, password);
|
|
188
|
+
console.log(`password changed using forgot-password for email: ${lowerCaseEmail}`);
|
|
188
189
|
await this.passwordResetTokenService.deleteById(EmptyUserContext, retrievedPasswordResetToken._id.toString());
|
|
189
|
-
console.log(`passwordResetToken deleted for email: ${
|
|
190
|
+
console.log(`passwordResetToken deleted for email: ${lowerCaseEmail}`);
|
|
190
191
|
return result;
|
|
191
192
|
}
|
|
192
193
|
deleteRefreshTokensForDevice(deviceId) {
|
|
@@ -2,7 +2,7 @@ import { Db } from 'mongodb';
|
|
|
2
2
|
import { IUserContext, IEntity, QueryOptions, IModelSpec } from '@loomcore/common/models';
|
|
3
3
|
import { GenericApiService } from './generic-api.service.js';
|
|
4
4
|
export declare class MultiTenantApiService<T extends IEntity> extends GenericApiService<T> {
|
|
5
|
-
private tenantDecorator
|
|
5
|
+
private tenantDecorator?;
|
|
6
6
|
constructor(db: Db, pluralResourceName: string, singularResourceName: string, modelSpec?: IModelSpec);
|
|
7
7
|
protected prepareQuery(userContext: IUserContext, query: any): any;
|
|
8
8
|
protected prepareQueryOptions(userContext: IUserContext, queryOptions: QueryOptions): QueryOptions;
|
|
@@ -1,25 +1,37 @@
|
|
|
1
1
|
import { GenericApiService } from './generic-api.service.js';
|
|
2
2
|
import { TenantQueryDecorator } from './tenant-query-decorator.js';
|
|
3
3
|
import { BadRequestError } from '../errors/bad-request.error.js';
|
|
4
|
+
import { config } from '../config/base-api-config.js';
|
|
4
5
|
export class MultiTenantApiService extends GenericApiService {
|
|
5
6
|
tenantDecorator;
|
|
6
7
|
constructor(db, pluralResourceName, singularResourceName, modelSpec) {
|
|
7
8
|
super(db, pluralResourceName, singularResourceName, modelSpec);
|
|
8
|
-
|
|
9
|
+
if (config?.app?.isMultiTenant) {
|
|
10
|
+
this.tenantDecorator = new TenantQueryDecorator();
|
|
11
|
+
}
|
|
9
12
|
}
|
|
10
13
|
prepareQuery(userContext, query) {
|
|
14
|
+
if (!config?.app?.isMultiTenant) {
|
|
15
|
+
return super.prepareQuery(userContext, query);
|
|
16
|
+
}
|
|
11
17
|
if (!userContext || !userContext._orgId) {
|
|
12
18
|
throw new BadRequestError('A valid userContext was not provided to MultiTenantApiService.prepareQuery');
|
|
13
19
|
}
|
|
14
20
|
return this.tenantDecorator.applyTenantToQuery(userContext, query, this.pluralResourceName);
|
|
15
21
|
}
|
|
16
22
|
prepareQueryOptions(userContext, queryOptions) {
|
|
23
|
+
if (!config?.app?.isMultiTenant) {
|
|
24
|
+
return super.prepareQueryOptions(userContext, queryOptions);
|
|
25
|
+
}
|
|
17
26
|
if (!userContext || !userContext._orgId) {
|
|
18
27
|
throw new BadRequestError('A valid userContext was not provided to MultiTenantApiService.prepareQueryOptions');
|
|
19
28
|
}
|
|
20
29
|
return this.tenantDecorator.applyTenantToQueryOptions(userContext, queryOptions, this.pluralResourceName);
|
|
21
30
|
}
|
|
22
31
|
async prepareEntity(userContext, entity, isCreate) {
|
|
32
|
+
if (!config?.app?.isMultiTenant) {
|
|
33
|
+
return super.prepareEntity(userContext, entity, isCreate);
|
|
34
|
+
}
|
|
23
35
|
if (!userContext || !userContext._orgId) {
|
|
24
36
|
throw new BadRequestError('A valid userContext was not provided to MultiTenantApiService.prepareEntity');
|
|
25
37
|
}
|
|
@@ -6,15 +6,16 @@ export class PasswordResetTokenService extends GenericApiService {
|
|
|
6
6
|
super(db, 'passwordResetTokens', 'passwordResetToken', PasswordResetTokenSpec);
|
|
7
7
|
}
|
|
8
8
|
async createPasswordResetToken(email, expiresOn) {
|
|
9
|
-
|
|
9
|
+
const lowerCaseEmail = email.toLowerCase();
|
|
10
|
+
await this.collection.deleteMany({ email: lowerCaseEmail });
|
|
10
11
|
const passwordResetToken = {
|
|
11
|
-
email,
|
|
12
|
+
email: lowerCaseEmail,
|
|
12
13
|
token: crypto.randomBytes(40).toString('hex'),
|
|
13
14
|
expiresOn: expiresOn,
|
|
14
15
|
};
|
|
15
16
|
return super.create(EmptyUserContext, passwordResetToken);
|
|
16
17
|
}
|
|
17
18
|
async getByEmail(email) {
|
|
18
|
-
return await super.findOne(EmptyUserContext, { email });
|
|
19
|
+
return await super.findOne(EmptyUserContext, { email: email.toLowerCase() });
|
|
19
20
|
}
|
|
20
21
|
}
|
|
@@ -11,6 +11,9 @@ export class UserService extends MultiTenantApiService {
|
|
|
11
11
|
}
|
|
12
12
|
async prepareEntity(userContext, entity, isCreate) {
|
|
13
13
|
const preparedEntity = await super.prepareEntity(userContext, entity, isCreate);
|
|
14
|
+
if (preparedEntity.email) {
|
|
15
|
+
preparedEntity.email = preparedEntity.email.toLowerCase();
|
|
16
|
+
}
|
|
14
17
|
if (!isCreate) {
|
|
15
18
|
return Value.Clean(PublicUserSchema, preparedEntity);
|
|
16
19
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@loomcore/api",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.16",
|
|
4
4
|
"private": false,
|
|
5
5
|
"description": "Loom Core Api - An opinionated Node.js api using Typescript, Express, and MongoDb",
|
|
6
6
|
"scripts": {
|
|
@@ -44,7 +44,7 @@
|
|
|
44
44
|
"jsonwebtoken": "^9.0.2"
|
|
45
45
|
},
|
|
46
46
|
"peerDependencies": {
|
|
47
|
-
"@loomcore/common": "^0.0.
|
|
47
|
+
"@loomcore/common": "^0.0.8",
|
|
48
48
|
"@sinclair/typebox": "^0.34.31",
|
|
49
49
|
"cookie-parser": "^1.4.6",
|
|
50
50
|
"cors": "^2.8.5",
|