@loomcore/api 0.1.129 → 0.1.131
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -74,9 +74,14 @@ export class AuthController {
|
|
|
74
74
|
}
|
|
75
75
|
async forgotPassword(req, res) {
|
|
76
76
|
const email = req.body?.email;
|
|
77
|
+
let referer = req.get('referer') || req.headers.referer;
|
|
78
|
+
if (!referer) {
|
|
79
|
+
throw new BadRequestError('Missing required fields: referer is required.');
|
|
80
|
+
}
|
|
81
|
+
referer = referer.replace(/\/$/, '');
|
|
77
82
|
const user = await this.authService.getUserByEmail(email);
|
|
78
83
|
if (user) {
|
|
79
|
-
await this.authService.sendResetPasswordEmail(email);
|
|
84
|
+
await this.authService.sendResetPasswordEmail(email, referer);
|
|
80
85
|
}
|
|
81
86
|
apiUtils.apiResponse(res, 200);
|
|
82
87
|
}
|
|
@@ -34,7 +34,7 @@ export declare class AuthService extends MultiTenantApiService<IUser> {
|
|
|
34
34
|
}>;
|
|
35
35
|
getActiveRefreshToken(refreshToken: string, deviceId: string): Promise<IRefreshToken | null>;
|
|
36
36
|
createNewRefreshToken(userId: AppIdType, deviceId: string, orgId?: AppIdType): Promise<IRefreshToken | null>;
|
|
37
|
-
sendResetPasswordEmail(emailAddress: string): Promise<void>;
|
|
37
|
+
sendResetPasswordEmail(emailAddress: string, clientBaseUrl: string): Promise<void>;
|
|
38
38
|
resetPassword(email: string, passwordResetToken: string, password: string): Promise<UpdateResult>;
|
|
39
39
|
deleteRefreshTokensForDevice(deviceId: string): Promise<import("../databases/models/delete-result.js").DeleteResult>;
|
|
40
40
|
generateJwt(userContext: IUserContext): string;
|
|
@@ -193,15 +193,14 @@ export class AuthService extends MultiTenantApiService {
|
|
|
193
193
|
const insertResult = await this.refreshTokenService.create(EmptyUserContext, newRefreshToken);
|
|
194
194
|
return insertResult;
|
|
195
195
|
}
|
|
196
|
-
async sendResetPasswordEmail(emailAddress) {
|
|
196
|
+
async sendResetPasswordEmail(emailAddress, clientBaseUrl) {
|
|
197
197
|
const expiresOn = this.getExpiresOnFromMinutes(this.authConfig.passwordResetTokenExpirationInMinutes);
|
|
198
198
|
const passwordResetToken = await this.passwordResetTokenService.createPasswordResetToken(emailAddress, expiresOn);
|
|
199
199
|
if (!passwordResetToken) {
|
|
200
200
|
throw new ServerError(`Failed to create password reset token for email: ${emailAddress}`);
|
|
201
201
|
}
|
|
202
|
-
const httpOrHttps = config.env === 'local' ? 'http' : 'https';
|
|
203
202
|
const urlEncodedEmail = encodeURIComponent(emailAddress);
|
|
204
|
-
const resetPasswordLink = `${
|
|
203
|
+
const resetPasswordLink = `${clientBaseUrl}/reset-password/${passwordResetToken.token}/${urlEncodedEmail}`;
|
|
205
204
|
await this.emailService.sendResetPasswordEmail(emailAddress, resetPasswordLink);
|
|
206
205
|
}
|
|
207
206
|
async resetPassword(email, passwordResetToken, password) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@loomcore/api",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.131",
|
|
4
4
|
"private": false,
|
|
5
5
|
"description": "Loom Core Api - An opinionated Node.js api using Typescript, Express, and MongoDb or PostgreSQL",
|
|
6
6
|
"scripts": {
|
|
@@ -58,7 +58,7 @@
|
|
|
58
58
|
"qs": "^6.15.0"
|
|
59
59
|
},
|
|
60
60
|
"peerDependencies": {
|
|
61
|
-
"@loomcore/common": "^0.0.
|
|
61
|
+
"@loomcore/common": "^0.0.64",
|
|
62
62
|
"@sinclair/typebox": "0.34.33",
|
|
63
63
|
"cookie-parser": "^1.4.6",
|
|
64
64
|
"cors": "^2.8.5",
|