@nocobase/plugin-auth 0.11.1-alpha.5 → 0.12.0-alpha.2

package/src/server/__tests__/actions.test.ts

@@ -1,142 +0,0 @@
-import Database, { Repository } from '@nocobase/database';
-import { mockServer, MockServer } from '@nocobase/test';
-import AuthPlugin from '../';
-import UsersPlugin from '@nocobase/plugin-users';
-
-describe('actions', () => {
-  describe('authenticators', () => {
-    let app: MockServer;
-    let db: Database;
-    let repo: Repository;
-    let agent;
-
-    beforeAll(async () => {
-      app = mockServer();
-      app.plugin(AuthPlugin);
-      await app.loadAndInstall({ clean: true });
-      db = app.db;
-      repo = db.getRepository('authenticators');
-
-      agent = app.agent();
-    });
-
-    afterEach(async () => {
-      await repo.destroy({
-        truncate: true,
-      });
-    });
-
-    afterAll(async () => {
-      await db.close();
-    });
-
-    it('should list authenticator types', async () => {
-      const res = await agent.resource('authenticators').listTypes();
-      expect(res.body.data).toEqual(['Email/Password']);
-    });
-
-    it('should return enabled authenticators with public options', async () => {
-      await repo.destroy({
-        truncate: true,
-      });
-      await repo.createMany({
-        records: [
-          { name: 'test', authType: 'testType', enabled: true, options: { public: { test: 1 }, private: { test: 2 } } },
-          { name: 'test2', authType: 'testType' },
-        ],
-      });
-      const res = await agent.resource('authenticators').publicList();
-      expect(res.body.data.length).toBe(1);
-      expect(res.body.data[0].name).toBe('test');
-    });
-
-    it('should keep at least one authenticator', async () => {
-      await repo.createMany({
-        records: [{ name: 'test', authType: 'testType', enabled: true }],
-      });
-      const res = await agent.resource('authenticators').destroy();
-      expect(res.statusCode).toBe(400);
-      expect(await repo.count()).toBe(1);
-    });
-
-    it('shoud enable at least one authenticator', async () => {
-      await repo.createMany({
-        records: [{ name: 'test', authType: 'testType', enabled: true }],
-      });
-      const res = await agent.resource('authenticators').update({
-        filterByTk: 1,
-        values: {
-          enabled: false,
-        },
-      });
-      expect(res.statusCode).toBe(400);
-      expect(await repo.count()).toBe(1);
-    });
-  });
-
-  describe('auth', () => {
-    let app: MockServer;
-    let db: Database;
-    let agent;
-
-    beforeAll(async () => {
-      app = mockServer();
-      process.env.INIT_ROOT_EMAIL = 'test@nocobase.com';
-      process.env.INIT_ROOT_PASSWORD = '123456';
-      process.env.INIT_ROOT_NICKNAME = 'Test';
-      app.plugin(AuthPlugin);
-      app.plugin(UsersPlugin, { name: 'users' });
-      await app.loadAndInstall({ clean: true });
-      db = app.db;
-      agent = app.agent();
-    });
-
-    afterAll(async () => {
-      await db.close();
-    });
-
-    it('should sign in with email and password', async () => {
-      let res = await agent.resource('auth').check();
-      expect(res.body.data.id).toBeUndefined();
-
-      res = await agent.post('/auth:signIn').set({ 'X-Authenticator': 'basic' }).send({
-        email: process.env.INIT_ROOT_EMAIL,
-        password: process.env.INIT_ROOT_PASSWORD,
-      });
-      expect(res.statusCode).toEqual(200);
-      const data = res.body.data;
-      const token = data.token;
-      expect(token).toBeDefined();
-
-      res = await agent.get('/auth:check').set({ Authorization: `Bearer ${token}`, 'X-Authenticator': 'basic' });
-      expect(res.body.data.id).toBeDefined();
-    });
-
-    it('should disable sign up', async () => {
-      let res = await agent.post('/auth:signUp').set({ 'X-Authenticator': 'basic' }).send({
-        email: 'new',
-        password: 'new',
-      });
-      expect(res.statusCode).toEqual(200);
-
-      const repo = db.getRepository('authenticators');
-      await repo.update({
-        filter: {
-          name: 'basic',
-        },
-        values: {
-          options: {
-            public: {
-              allowSignUp: false,
-            },
-          },
-        },
-      });
-      res = await agent.post('/auth:signUp').set({ 'X-Authenticator': 'basic' }).send({
-        email: process.env.INIT_ROOT_EMAIL,
-        password: process.env.INIT_ROOT_PASSWORD,
-      });
-      expect(res.statusCode).toEqual(403);
-    });
-  });
-});

package/src/server/__tests__/token-blacklist.test.ts

@@ -1,73 +0,0 @@
-import Database, { Repository } from '@nocobase/database';
-import { MockServer, mockServer } from '@nocobase/test';
-import { TokenBlacklistService } from '../token-blacklist';
-
-describe('token-blacklist', () => {
-  let app: MockServer;
-  let db: Database;
-  let repo: Repository;
-  let tokenBlacklist: TokenBlacklistService;
-
-  beforeAll(async () => {
-    app = mockServer({
-      plugins: ['auth'],
-    });
-    await app.loadAndInstall({ clean: true });
-    db = app.db;
-    repo = db.getRepository('tokenBlacklist');
-    tokenBlacklist = new TokenBlacklistService(app.getPlugin('auth'));
-  });
-
-  afterAll(async () => {
-    await db.close();
-  });
-
-  afterEach(async () => {
-    await repo.destroy({
-      truncate: true,
-    });
-  });
-
-  it('add and has correctly', async () => {
-    await tokenBlacklist.add({
-      token: 'test',
-      expiration: new Date(),
-    });
-
-    await tokenBlacklist.add({
-      token: 'test1',
-      expiration: new Date(),
-    });
-
-    expect(tokenBlacklist.has('test')).toBeTruthy();
-    expect(tokenBlacklist.has('test1')).toBeTruthy();
-  });
-
-  it('add same token correctly', async () => {
-    await tokenBlacklist.add({
-      token: 'test',
-      expiration: new Date(),
-    });
-
-    await tokenBlacklist.add({
-      token: 'test',
-      expiration: new Date(),
-    });
-
-    expect(tokenBlacklist.has('test')).toBeTruthy();
-  });
-
-  it('delete expired token correctly', async () => {
-    await tokenBlacklist.add({
-      token: 'should be deleted',
-      expiration: new Date('2020-01-01'),
-    });
-    await tokenBlacklist.add({
-      token: 'should not be deleted',
-      expiration: new Date('2100-01-01'),
-    });
-    await tokenBlacklist.deleteByExpiration();
-    expect(await tokenBlacklist.has('should be deleted')).not.toBeTruthy();
-    expect(await tokenBlacklist.has('should not be deleted')).toBeTruthy();
-  });
-});

package/src/server/actions/auth.ts

@@ -1,20 +0,0 @@
-import { Context, Next } from '@nocobase/actions';
-
-export default {
-  lostPassword: async (ctx: Context, next: Next) => {
-    ctx.body = await ctx.auth.lostPassword();
-    await next();
-  },
-  resetPassword: async (ctx: Context, next: Next) => {
-    ctx.body = await ctx.auth.resetPassword();
-    await next();
-  },
-  getUserByResetToken: async (ctx: Context, next: Next) => {
-    ctx.body = await ctx.auth.getUserByResetToken();
-    await next();
-  },
-  changePassword: async (ctx: Context, next: Next) => {
-    ctx.body = await ctx.auth.changePassword();
-    await next();
-  },
-};

package/src/server/actions/authenticators.ts

@@ -1,85 +0,0 @@
-import { Context, Next } from '@nocobase/actions';
-import { Model, Repository } from '@nocobase/database';
-import { namespace } from '../../preset';
-
-async function checkCount(repository: Repository, id: number[]) {
-  // TODO(yangqia): This is a temporary solution, may cause concurrency problem.
-  const count = await repository.count({
-    filter: {
-      enabled: true,
-      id: {
-        $ne: id,
-      },
-    },
-  });
-  if (count <= 0) {
-    throw new Error('Please keep and enable at least one authenticator');
-  }
-}
-
-export default {
-  listTypes: async (ctx: Context, next: Next) => {
-    ctx.body = ctx.app.authManager.listTypes();
-    await next();
-  },
-  publicList: async (ctx: Context, next: Next) => {
-    const repo = ctx.db.getRepository('authenticators');
-    const authenticators = await repo.find({
-      fields: ['name', 'authType', 'title', 'options', 'sort'],
-      filter: {
-        enabled: true,
-      },
-      sort: 'sort',
-    });
-    ctx.body = authenticators.map((authenticator: Model) => ({
-      name: authenticator.name,
-      authType: authenticator.authType,
-      title: authenticator.title,
-      options: authenticator.options?.public || {},
-    }));
-    await next();
-  },
-  destroy: async (ctx: Context, next: Next) => {
-    const repository = ctx.db.getRepository('authenticators');
-    const { filterByTk, filter } = ctx.action.params;
-    try {
-      await checkCount(repository, filterByTk);
-    } catch (err) {
-      ctx.throw(400, ctx.t(err.message, { ns: namespace }));
-    }
-    const instance = await repository.destroy({
-      filter,
-      filterByTk,
-      context: ctx,
-    });
-
-    ctx.body = instance;
-    await next();
-  },
-  update: async (ctx: Context, next: Next) => {
-    const repository = ctx.db.getRepository('authenticators');
-    const { forceUpdate, filterByTk, values, whitelist, blacklist, filter, updateAssociationValues } =
-      ctx.action.params;
-
-    if (!values.enabled) {
-      try {
-        await checkCount(repository, values.id);
-      } catch (err) {
-        ctx.throw(400, ctx.t(err.message, { ns: namespace }));
-      }
-    }
-
-    ctx.body = await repository.update({
-      filterByTk,
-      values,
-      whitelist,
-      blacklist,
-      filter,
-      updateAssociationValues,
-      context: ctx,
-      forceUpdate,
-    });
-
-    await next();
-  },
-};

package/src/server/collections/authenticators.ts

@@ -1,98 +0,0 @@
-import { CollectionOptions } from '@nocobase/database';
-
-/**
- * Collection for extended authentication methods,
- */
-export default {
-  namespace: 'auth.auth',
-  duplicator: 'optional',
-  name: 'authenticators',
-  sortable: true,
-  title: '{{t("Authenticators")}}',
-  model: 'AuthModel',
-  createdBy: true,
-  updatedBy: true,
-  logging: true,
-  fields: [
-    {
-      name: 'id',
-      type: 'bigInt',
-      autoIncrement: true,
-      primaryKey: true,
-      allowNull: false,
-      interface: 'id',
-    },
-    {
-      interface: 'input',
-      type: 'string',
-      name: 'name',
-      allowNull: false,
-      unique: true,
-      uiSchema: {
-        type: 'string',
-        title: '{{t("Name")}}',
-        'x-component': 'Input',
-        required: true,
-      },
-    },
-    {
-      interface: 'input',
-      type: 'string',
-      name: 'authType',
-      allowNull: false,
-      uiSchema: {
-        type: 'string',
-        title: '{{t("Auth Type")}}',
-        'x-component': 'Input',
-        required: true,
-      },
-    },
-    {
-      interface: 'input',
-      type: 'string',
-      name: 'title',
-      uiSchema: {
-        type: 'string',
-        title: '{{t("Title")}}',
-        'x-component': 'Input',
-      },
-      translation: true,
-    },
-    {
-      interface: 'textarea',
-      type: 'string',
-      name: 'description',
-      allowNull: false,
-      defaultValue: '',
-      uiSchema: {
-        type: 'string',
-        title: '{{t("Description")}}',
-        'x-component': 'Input',
-        required: true,
-      },
-    },
-    {
-      type: 'json',
-      name: 'options',
-      allowNull: false,
-      defaultValue: {},
-    },
-    {
-      type: 'boolean',
-      name: 'enabled',
-      defaultValue: false,
-    },
-    {
-      interface: 'm2m',
-      type: 'belongsToMany',
-      name: 'users',
-      target: 'users',
-      foreignKey: 'authenticator',
-      otherKey: 'userId',
-      onDelete: 'CASCADE',
-      sourceKey: 'name',
-      targetKey: 'id',
-      through: 'usersAuthenticators',
-    },
-  ],
-} as CollectionOptions;

package/src/server/collections/token-blacklist.ts

@@ -1,19 +0,0 @@
-import { CollectionOptions } from '@nocobase/client';
-
-export default {
-  namespace: 'auth.token-black',
-  duplicator: 'optional',
-  name: 'tokenBlacklist',
-  model: 'TokenBlacklistModel',
-  fields: [
-    {
-      type: 'string',
-      name: 'token',
-      index: true,
-    },
-    {
-      type: 'date',
-      name: 'expiration',
-    },
-  ],
-} as CollectionOptions;

package/src/server/collections/users-authenticators.ts

@@ -1,73 +0,0 @@
-import { CollectionOptions } from '@nocobase/database';
-
-/**
- * Collection for user information of extended authentication methods,
- * such as saml, oicd, oauth, sms, etc.
- */
-export default {
-  namespace: 'auth.auth',
-  duplicator: {
-    dumpable: 'optional',
-    /**
-     * When dump this collection, the users collection is required to be dumped.
-     */
-    with: 'users',
-  },
-  name: 'usersAuthenticators',
-  title: '{{t("Users Authenticators")}}',
-  model: 'UserAuthModel',
-  createdBy: true,
-  updatedBy: true,
-  logging: true,
-  fields: [
-    /**
-     * uuid:
-     * Unique user id of the authentication method, such as wechat openid, phone number, etc.
-     */
-    {
-      name: 'uuid',
-      interface: 'input',
-      type: 'string',
-      allowNull: false,
-      uiSchema: {
-        type: 'string',
-        title: '{{t("UUID")}}',
-        'x-component': 'Input',
-        required: true,
-      },
-    },
-    {
-      interface: 'input',
-      type: 'string',
-      name: 'nickname',
-      allowNull: false,
-      defaultValue: '',
-      uiSchema: {
-        type: 'string',
-        title: '{{t("Nickname")}}',
-        'x-component': 'Input',
-      },
-    },
-    {
-      interface: 'attachment',
-      type: 'string',
-      name: 'avatar',
-      allowNull: false,
-      defaultValue: '',
-      uiSchema: {
-        type: 'string',
-        title: '{{t("Avatar")}}',
-        'x-component': 'Upload',
-      },
-    },
-    /**
-     * meta:
-     * Metadata, some other information of the authentication method.
-     */
-    {
-      type: 'json',
-      name: 'meta',
-      defaultValue: {},
-    },
-  ],
-} as CollectionOptions;

package/src/server/index.ts

@@ -1,2 +0,0 @@
-export { default } from './plugin';
-export { AuthModel } from './model/authenticator';

package/src/server/locale/en-US.ts

@@ -1,10 +0,0 @@
-export default {
-  'The email is incorrect, please re-enter': 'The email is incorrect, please re-enter',
-  'Please fill in your email address': 'Please fill in your email address',
-  'The password is incorrect, please re-enter': 'The password is incorrect, please re-enter',
-  'Not a valid cellphone number, please re-enter': 'Not a valid cellphone number, please re-enter',
-  'The phone number has been registered, please login directly':
-    'The phone number has been registered, please login directly',
-  'The phone number is not registered, please register first':
-    'The phone number is not registered, please register first',
-};

package/src/server/locale/fr-FR.ts

@@ -1,10 +0,0 @@
-export default {
-  'The email is incorrect, please re-enter': 'L\'email est incorrect, veuillez le saisir à nouveau',
-  'Please fill in your email address': 'Veuillez remplir votre adresse e-mail',
-  'The password is incorrect, please re-enter': 'Le mot de passe est incorrect, veuillez le saisir à nouveau',
-  'Not a valid cellphone number, please re-enter': 'Numéro de téléphone portable non valide, veuillez le saisir à nouveau',
-  'The phone number has been registered, please login directly':
-    'Le numéro de téléphone a été enregistré, veuillez vous connecter directement',
-  'The phone number is not registered, please register first':
-    'Le numéro de téléphone n\'est pas enregistré, veuillez vous inscrire d\'abord',
-};

package/src/server/locale/index.ts

@@ -1,3 +0,0 @@
-export { default as enUS } from './en-US';
-export { default as zhCN } from './zh-CN';
-export { default as ptBR } from './pt-BR';

package/src/server/locale/ja-JP.ts

@@ -1,4 +0,0 @@
-export default {
-  'Please fill in your email address': 'メールアドレスを入力してください',
-  'The password is incorrect, please re-enter': 'パスワードが正しくありません。再度入力してください。',
-};

package/src/server/locale/pt-BR.ts

@@ -1,10 +0,0 @@
-export default {
-  'The email is incorrect, please re-enter': 'O e-mail está incorreto, por favor, digite novamente',
-  'Please fill in your email address': 'Por favor, preencha o seu endereço de e-mail',
-  'The password is incorrect, please re-enter': 'A senha está incorreta, por favor, digite novamente',
-  'Not a valid cellphone number, please re-enter': 'Número de celular inválido, por favor, digite novamente',
-  'The phone number has been registered, please login directly':
-    'O número de celular já está registrado, por favor, faça login diretamente',
-  'The phone number is not registered, please register first':
-    'O número de celular não está registrado, por favor, registre-se primeiro',
-};

package/src/server/locale/zh-CN.ts

@@ -1,9 +0,0 @@
-export default {
-  'The email is incorrect, please re-enter': '邮箱有误，请重新输入',
-  'Please fill in your email address': '请填写邮箱',
-  'The password is incorrect, please re-enter': '密码有误，请重新输入',
-  'Not a valid cellphone number, please re-enter': '不是有效的手机号，请重新输入',
-  'The phone number has been registered, please login directly': '手机号已注册，请直接登录',
-  'The phone number is not registered, please register first': '手机号未注册，请先注册',
-  'Please keep and enable at least one authenticator': '请至少保留并启用一个认证器',
-};

package/src/server/migrations/20230506152253-basic-authenticator.ts

@@ -1,22 +0,0 @@
-import { Migration } from '@nocobase/server';
-import { presetAuthType, presetAuthenticator } from '../../preset';
-
-export default class AddBasicAuthMigration extends Migration {
-  async up() {
-    const repo = this.context.db.getRepository('authenticators');
-    const existed = await repo.count();
-    if (existed) {
-      return;
-    }
-    await repo.create({
-      values: {
-        name: presetAuthenticator,
-        authType: presetAuthType,
-        description: 'Sign in with email and password.',
-        enabled: true,
-      },
-    });
-  }
-
-  async down() {}
-}

package/src/server/migrations/20230607174500-update-basic.ts

@@ -1,25 +0,0 @@
-import { Migration } from '@nocobase/server';
-import { presetAuthenticator } from '../../preset';
-
-export default class UpdateBasicAuthMigration extends Migration {
-  async up() {
-    const SystemSetting = this.context.db.getRepository('systemSettings');
-    const setting = await SystemSetting.findOne();
-    const allowSignUp = setting.get('allowSignUp') ? true : false;
-    const repo = this.context.db.getRepository('authenticators');
-    await repo.update({
-      values: {
-        options: {
-          public: {
-            allowSignUp,
-          },
-        },
-      },
-      filter: {
-        name: presetAuthenticator,
-      },
-    });
-  }
-
-  async down() {}
-}