@nocobase/plugin-auth 0.11.1-alpha.5 → 0.12.0-alpha.2

package/dist/node_modules/cron/package.json

@@ -0,0 +1 @@
+{"name":"cron","description":"Cron jobs for your node","version":"2.3.1","author":"Nick Campbell <nicholas.j.campbell@gmail.com> (https://github.com/ncb000gt)","bugs":{"url":"https://github.com/kelektiv/node-cron/issues"},"repository":{"type":"git","url":"https://github.com/kelektiv/node-cron.git"},"main":"lib/cron","scripts":{"lint":"eslint {lib,tests}/*.js","test":"jest --coverage","test:watch":"jest --watch --coverage"},"dependencies":{"luxon":"^3.2.1"},"devDependencies":{"chai":"~4.2.x","eslint":"~8.36.x","eslint-config-prettier":"^8.7.x","eslint-config-standard":"~17.0.x","eslint-plugin-import":"~2.27.x","eslint-plugin-jest":"~27.2.x","eslint-plugin-n":"~15.6.x","eslint-plugin-prettier":"~4.2.x","eslint-plugin-promise":"~6.1.x","jest":"~29.5.x","prettier":"~2.8.x","sinon":"^15.0.x"},"keywords":["cron","node cron","node-cron","schedule","scheduler","cronjob","cron job"],"license":"MIT","contributors":["Brandon der Blätter <https://interlucid.com/contact/> (https://github.com/intcreator)","Romain Beauxis <toots@rastageeks.org> (https://github.com/toots)","James Padolsey <> (https://github.com/jamespadolsey)","Finn Herpich <fh@three-heads.de> (https://github.com/ErrorProne)","Clifton Cunningham <clifton.cunningham@gmail.com> (https://github.com/cliftonc)","Eric Abouaf <eric.abouaf@gmail.com> (https://github.com/neyric)","humanchimp <morphcham@gmail.com> (https://github.com/humanchimp)","Craig Condon <craig@spiceapps.com> (https://github.com/spiceapps)","Dan Bear <daniel@hulu.com> (https://github.com/danhbear)","Vadim Baryshev <vadimbaryshev@gmail.com> (https://github.com/baryshev)","Leandro Ferrari <lfthomaz@gmail.com> (https://github.com/lfthomaz)","Gregg Zigler <greggzigler@gmail.com> (https://github.com/greggzigler)","Jordan Abderrachid <jabderrachid@gmail.com> (https://github.com/jordanabderrachid)","Masakazu Matsushita <matsukaz@gmail.com> (matsukaz)","Christopher Lunt <me@kirisu.co.uk> (https://github.com/kirisu)"],"jest":{"collectCoverage":true,"collectCoverageFrom":["lib/*.js"],"coverageThreshold":{"global":{"statements":80,"branches":80,"functions":70,"lines":80}}},"files":["lib","CHANGELOG.md","LICENSE","README.md"],"_lastModified":"2023-08-01T18:36:28.439Z"}

package/{lib → dist}/preset.d.ts

@@ -1,3 +1,3 @@
 export declare const presetAuthType = "Email/Password";
 export declare const presetAuthenticator = "basic";
-export declare const namespace: any;
+export declare const namespace: string;

package/dist/preset.js

@@ -0,0 +1,11 @@
+'use strict';
+
+var package_json = require('../package.json');
+
+const presetAuthType = "Email/Password";
+const presetAuthenticator = "basic";
+const namespace = package_json.name;
+
+exports.namespace = namespace;
+exports.presetAuthType = presetAuthType;
+exports.presetAuthenticator = presetAuthenticator;

package/dist/server/actions/auth.js

@@ -0,0 +1,22 @@
+'use strict';
+
+var auth_default = {
+  lostPassword: async (ctx, next) => {
+    ctx.body = await ctx.auth.lostPassword();
+    await next();
+  },
+  resetPassword: async (ctx, next) => {
+    ctx.body = await ctx.auth.resetPassword();
+    await next();
+  },
+  getUserByResetToken: async (ctx, next) => {
+    ctx.body = await ctx.auth.getUserByResetToken();
+    await next();
+  },
+  changePassword: async (ctx, next) => {
+    ctx.body = await ctx.auth.changePassword();
+    await next();
+  }
+};
+
+module.exports = auth_default;

package/dist/server/actions/authenticators.js

@@ -0,0 +1,83 @@
+'use strict';
+
+var preset = require('../../preset');
+
+async function checkCount(repository, id) {
+  const count = await repository.count({
+    filter: {
+      enabled: true,
+      id: {
+        $ne: id
+      }
+    }
+  });
+  if (count <= 0) {
+    throw new Error("Please keep and enable at least one authenticator");
+  }
+}
+var authenticators_default = {
+  listTypes: async (ctx, next) => {
+    ctx.body = ctx.app.authManager.listTypes();
+    await next();
+  },
+  publicList: async (ctx, next) => {
+    const repo = ctx.db.getRepository("authenticators");
+    const authenticators = await repo.find({
+      fields: ["name", "authType", "title", "options", "sort"],
+      filter: {
+        enabled: true
+      },
+      sort: "sort"
+    });
+    ctx.body = authenticators.map((authenticator) => {
+      var _a;
+      return {
+        name: authenticator.name,
+        authType: authenticator.authType,
+        title: authenticator.title,
+        options: ((_a = authenticator.options) == null ? void 0 : _a.public) || {}
+      };
+    });
+    await next();
+  },
+  destroy: async (ctx, next) => {
+    const repository = ctx.db.getRepository("authenticators");
+    const { filterByTk, filter } = ctx.action.params;
+    try {
+      await checkCount(repository, filterByTk);
+    } catch (err) {
+      ctx.throw(400, ctx.t(err.message, { ns: preset.namespace }));
+    }
+    const instance = await repository.destroy({
+      filter,
+      filterByTk,
+      context: ctx
+    });
+    ctx.body = instance;
+    await next();
+  },
+  update: async (ctx, next) => {
+    const repository = ctx.db.getRepository("authenticators");
+    const { forceUpdate, filterByTk, values, whitelist, blacklist, filter, updateAssociationValues } = ctx.action.params;
+    if (!values.enabled) {
+      try {
+        await checkCount(repository, values.id);
+      } catch (err) {
+        ctx.throw(400, ctx.t(err.message, { ns: preset.namespace }));
+      }
+    }
+    ctx.body = await repository.update({
+      filterByTk,
+      values,
+      whitelist,
+      blacklist,
+      filter,
+      updateAssociationValues,
+      context: ctx,
+      forceUpdate
+    });
+    await next();
+  }
+};
+
+module.exports = authenticators_default;

package/{src/server/basic-auth.ts → dist/server/basic-auth.js}

@@ -1,82 +1,81 @@
-import { AuthConfig, BaseAuth } from '@nocobase/auth';
-import { PasswordField } from '@nocobase/database';
-import crypto from 'crypto';
-import { namespace } from '../preset';
+'use strict';
 
-export class BasicAuth extends BaseAuth {
-  constructor(config: AuthConfig) {
-    const userCollection = config.ctx.db.getCollection('users');
+var auth = require('@nocobase/auth');
+var crypto = require('crypto');
+var preset = require('../preset');
+
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+
+var crypto__default = /*#__PURE__*/_interopDefault(crypto);
+
+class BasicAuth extends auth.BaseAuth {
+  constructor(config) {
+    const userCollection = config.ctx.db.getCollection("users");
     super({ ...config, userCollection });
   }
-
   async validate() {
     const ctx = this.ctx;
-    const { uniqueField = 'email', values } = ctx.action.params;
-
+    const { uniqueField = "email", values } = ctx.action.params;
     if (!values[uniqueField]) {
-      ctx.throw(400, ctx.t('Please fill in your email address', { ns: namespace }));
+      ctx.throw(400, ctx.t("Please fill in your email address", { ns: preset.namespace }));
     }
     const user = await this.userRepository.findOne({
       where: {
-        [uniqueField]: values[uniqueField],
-      },
+        [uniqueField]: values[uniqueField]
+      }
     });
-
     if (!user) {
-      ctx.throw(401, ctx.t('The email is incorrect, please re-enter', { ns: namespace }));
+      ctx.throw(401, ctx.t("The email is incorrect, please re-enter", { ns: preset.namespace }));
     }
-
-    const field = this.userCollection.getField<PasswordField>('password');
+    const field = this.userCollection.getField("password");
     const valid = await field.verify(values.password, user.password);
     if (!valid) {
-      ctx.throw(401, ctx.t('The password is incorrect, please re-enter', { ns: namespace }));
+      ctx.throw(401, ctx.t("The password is incorrect, please re-enter", { ns: preset.namespace }));
     }
     return user;
   }
-
   async signUp() {
+    var _a;
     const ctx = this.ctx;
-    const options = this.authenticator.options?.public || {};
+    const options = ((_a = this.authenticator.options) == null ? void 0 : _a.public) || {};
     if (!options.allowSignUp) {
-      ctx.throw(403, ctx.t('Not allowed to sign up', { ns: namespace }));
+      ctx.throw(403, ctx.t("Not allowed to sign up", { ns: preset.namespace }));
     }
-    const User = ctx.db.getRepository('users');
+    const User = ctx.db.getRepository("users");
     const { values } = ctx.action.params;
     const user = await User.create({ values });
     return user;
   }
-
   async lostPassword() {
     const ctx = this.ctx;
     const {
-      values: { email },
+      values: { email }
     } = ctx.action.params;
     if (!email) {
-      ctx.throw(400, ctx.t('Please fill in your email address', { ns: namespace }));
+      ctx.throw(400, ctx.t("Please fill in your email address", { ns: preset.namespace }));
     }
     const user = await this.userRepository.findOne({
       where: {
-        email,
-      },
+        email
+      }
     });
     if (!user) {
-      ctx.throw(401, ctx.t('The email is incorrect, please re-enter', { ns: namespace }));
+      ctx.throw(401, ctx.t("The email is incorrect, please re-enter", { ns: preset.namespace }));
     }
-    user.resetToken = crypto.randomBytes(20).toString('hex');
+    user.resetToken = crypto__default.default.randomBytes(20).toString("hex");
     await user.save();
     return user;
   }
-
   async resetPassword() {
     const ctx = this.ctx;
     const {
-      values: { email, password, resetToken },
+      values: { email, password, resetToken }
     } = ctx.action.params;
     const user = await this.userRepository.findOne({
       where: {
         email,
-        resetToken,
-      },
+        resetToken
+      }
     });
     if (!user) {
       ctx.throw(404);
@@ -87,25 +86,23 @@ export class BasicAuth extends BaseAuth {
     await user.save();
     return user;
   }
-
   async getUserByResetToken() {
     const ctx = this.ctx;
     const { token } = ctx.action.params;
     const user = await this.userRepository.findOne({
       where: {
-        resetToken: token,
-      },
+        resetToken: token
+      }
     });
     if (!user) {
       ctx.throw(401);
     }
     return user;
   }
-
   async changePassword() {
     const ctx = this.ctx;
     const {
-      values: { oldPassword, newPassword },
+      values: { oldPassword, newPassword }
     } = ctx.action.params;
     const currentUser = ctx.auth.user;
     if (!currentUser) {
@@ -113,16 +110,18 @@ export class BasicAuth extends BaseAuth {
     }
     const user = await this.userRepository.findOne({
       where: {
-        email: currentUser.email,
-      },
+        email: currentUser.email
+      }
     });
-    const pwd = this.userCollection.getField<PasswordField>('password');
+    const pwd = this.userCollection.getField("password");
     const isValid = await pwd.verify(oldPassword, user.password);
     if (!isValid) {
-      ctx.throw(401, ctx.t('The password is incorrect, please re-enter', { ns: namespace }));
+      ctx.throw(401, ctx.t("The password is incorrect, please re-enter", { ns: preset.namespace }));
     }
     user.password = newPassword;
     await user.save();
     return currentUser;
   }
 }
+
+exports.BasicAuth = BasicAuth;

package/dist/server/collections/authenticators.js

@@ -0,0 +1,97 @@
+'use strict';
+
+var authenticators_default = {
+  namespace: "auth.auth",
+  duplicator: "optional",
+  name: "authenticators",
+  sortable: true,
+  title: '{{t("Authenticators")}}',
+  model: "AuthModel",
+  createdBy: true,
+  updatedBy: true,
+  logging: true,
+  fields: [
+    {
+      name: "id",
+      type: "bigInt",
+      autoIncrement: true,
+      primaryKey: true,
+      allowNull: false,
+      interface: "id"
+    },
+    {
+      interface: "input",
+      type: "string",
+      name: "name",
+      allowNull: false,
+      unique: true,
+      uiSchema: {
+        type: "string",
+        title: '{{t("Name")}}',
+        "x-component": "Input",
+        required: true
+      }
+    },
+    {
+      interface: "input",
+      type: "string",
+      name: "authType",
+      allowNull: false,
+      uiSchema: {
+        type: "string",
+        title: '{{t("Auth Type")}}',
+        "x-component": "Input",
+        required: true
+      }
+    },
+    {
+      interface: "input",
+      type: "string",
+      name: "title",
+      uiSchema: {
+        type: "string",
+        title: '{{t("Title")}}',
+        "x-component": "Input"
+      },
+      translation: true
+    },
+    {
+      interface: "textarea",
+      type: "string",
+      name: "description",
+      allowNull: false,
+      defaultValue: "",
+      uiSchema: {
+        type: "string",
+        title: '{{t("Description")}}',
+        "x-component": "Input",
+        required: true
+      }
+    },
+    {
+      type: "json",
+      name: "options",
+      allowNull: false,
+      defaultValue: {}
+    },
+    {
+      type: "boolean",
+      name: "enabled",
+      defaultValue: false
+    },
+    {
+      interface: "m2m",
+      type: "belongsToMany",
+      name: "users",
+      target: "users",
+      foreignKey: "authenticator",
+      otherKey: "userId",
+      onDelete: "CASCADE",
+      sourceKey: "name",
+      targetKey: "id",
+      through: "usersAuthenticators"
+    }
+  ]
+};
+
+module.exports = authenticators_default;

package/dist/server/collections/token-blacklist.js

@@ -0,0 +1,21 @@
+'use strict';
+
+var token_blacklist_default = {
+  namespace: "auth.token-black",
+  duplicator: "optional",
+  name: "tokenBlacklist",
+  model: "TokenBlacklistModel",
+  fields: [
+    {
+      type: "string",
+      name: "token",
+      index: true
+    },
+    {
+      type: "date",
+      name: "expiration"
+    }
+  ]
+};
+
+module.exports = token_blacklist_default;

package/dist/server/collections/users-authenticators.js

@@ -0,0 +1,71 @@
+'use strict';
+
+var users_authenticators_default = {
+  namespace: "auth.auth",
+  duplicator: {
+    dumpable: "optional",
+    /**
+     * When dump this collection, the users collection is required to be dumped.
+     */
+    with: "users"
+  },
+  name: "usersAuthenticators",
+  title: '{{t("Users Authenticators")}}',
+  model: "UserAuthModel",
+  createdBy: true,
+  updatedBy: true,
+  logging: true,
+  fields: [
+    /**
+     * uuid:
+     * Unique user id of the authentication method, such as wechat openid, phone number, etc.
+     */
+    {
+      name: "uuid",
+      interface: "input",
+      type: "string",
+      allowNull: false,
+      uiSchema: {
+        type: "string",
+        title: '{{t("UUID")}}',
+        "x-component": "Input",
+        required: true
+      }
+    },
+    {
+      interface: "input",
+      type: "string",
+      name: "nickname",
+      allowNull: false,
+      defaultValue: "",
+      uiSchema: {
+        type: "string",
+        title: '{{t("Nickname")}}',
+        "x-component": "Input"
+      }
+    },
+    {
+      interface: "attachment",
+      type: "string",
+      name: "avatar",
+      allowNull: false,
+      defaultValue: "",
+      uiSchema: {
+        type: "string",
+        title: '{{t("Avatar")}}',
+        "x-component": "Upload"
+      }
+    },
+    /**
+     * meta:
+     * Metadata, some other information of the authentication method.
+     */
+    {
+      type: "json",
+      name: "meta",
+      defaultValue: {}
+    }
+  ]
+};
+
+module.exports = users_authenticators_default;

package/dist/server/index.js

@@ -0,0 +1,21 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+var plugin = require('./plugin');
+var authenticator = require('./model/authenticator');
+
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+
+var plugin__default = /*#__PURE__*/_interopDefault(plugin);
+
+
+
+Object.defineProperty(exports, 'default', {
+  enumerable: true,
+  get: function () { return plugin__default.default; }
+});
+Object.defineProperty(exports, 'AuthModel', {
+  enumerable: true,
+  get: function () { return authenticator.AuthModel; }
+});

package/dist/server/locale/en-US.js

@@ -0,0 +1,12 @@
+'use strict';
+
+var en_US_default = {
+  "The email is incorrect, please re-enter": "The email is incorrect, please re-enter",
+  "Please fill in your email address": "Please fill in your email address",
+  "The password is incorrect, please re-enter": "The password is incorrect, please re-enter",
+  "Not a valid cellphone number, please re-enter": "Not a valid cellphone number, please re-enter",
+  "The phone number has been registered, please login directly": "The phone number has been registered, please login directly",
+  "The phone number is not registered, please register first": "The phone number is not registered, please register first"
+};
+
+module.exports = en_US_default;

package/dist/server/locale/fr-FR.js

@@ -0,0 +1,12 @@
+'use strict';
+
+var fr_FR_default = {
+  "The email is incorrect, please re-enter": "L'email est incorrect, veuillez le saisir \xE0 nouveau",
+  "Please fill in your email address": "Veuillez remplir votre adresse e-mail",
+  "The password is incorrect, please re-enter": "Le mot de passe est incorrect, veuillez le saisir \xE0 nouveau",
+  "Not a valid cellphone number, please re-enter": "Num\xE9ro de t\xE9l\xE9phone portable non valide, veuillez le saisir \xE0 nouveau",
+  "The phone number has been registered, please login directly": "Le num\xE9ro de t\xE9l\xE9phone a \xE9t\xE9 enregistr\xE9, veuillez vous connecter directement",
+  "The phone number is not registered, please register first": "Le num\xE9ro de t\xE9l\xE9phone n'est pas enregistr\xE9, veuillez vous inscrire d'abord"
+};
+
+module.exports = fr_FR_default;

package/dist/server/locale/index.js

@@ -0,0 +1,26 @@
+'use strict';
+
+var enUS = require('./en-US');
+var zhCN = require('./zh-CN');
+var ptBR = require('./pt-BR');
+
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+
+var enUS__default = /*#__PURE__*/_interopDefault(enUS);
+var zhCN__default = /*#__PURE__*/_interopDefault(zhCN);
+var ptBR__default = /*#__PURE__*/_interopDefault(ptBR);
+
+
+
+Object.defineProperty(exports, 'enUS', {
+  enumerable: true,
+  get: function () { return enUS__default.default; }
+});
+Object.defineProperty(exports, 'zhCN', {
+  enumerable: true,
+  get: function () { return zhCN__default.default; }
+});
+Object.defineProperty(exports, 'ptBR', {
+  enumerable: true,
+  get: function () { return ptBR__default.default; }
+});

package/dist/server/locale/ja-JP.js

@@ -0,0 +1,8 @@
+'use strict';
+
+var ja_JP_default = {
+  "Please fill in your email address": "\u30E1\u30FC\u30EB\u30A2\u30C9\u30EC\u30B9\u3092\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044",
+  "The password is incorrect, please re-enter": "\u30D1\u30B9\u30EF\u30FC\u30C9\u304C\u6B63\u3057\u304F\u3042\u308A\u307E\u305B\u3093\u3002\u518D\u5EA6\u5165\u529B\u3057\u3066\u304F\u3060\u3055\u3044\u3002"
+};
+
+module.exports = ja_JP_default;

package/dist/server/locale/pt-BR.js

@@ -0,0 +1,12 @@
+'use strict';
+
+var pt_BR_default = {
+  "The email is incorrect, please re-enter": "O e-mail est\xE1 incorreto, por favor, digite novamente",
+  "Please fill in your email address": "Por favor, preencha o seu endere\xE7o de e-mail",
+  "The password is incorrect, please re-enter": "A senha est\xE1 incorreta, por favor, digite novamente",
+  "Not a valid cellphone number, please re-enter": "N\xFAmero de celular inv\xE1lido, por favor, digite novamente",
+  "The phone number has been registered, please login directly": "O n\xFAmero de celular j\xE1 est\xE1 registrado, por favor, fa\xE7a login diretamente",
+  "The phone number is not registered, please register first": "O n\xFAmero de celular n\xE3o est\xE1 registrado, por favor, registre-se primeiro"
+};
+
+module.exports = pt_BR_default;

package/dist/server/locale/zh-CN.js

@@ -0,0 +1,13 @@
+'use strict';
+
+var zh_CN_default = {
+  "The email is incorrect, please re-enter": "\u90AE\u7BB1\u6709\u8BEF\uFF0C\u8BF7\u91CD\u65B0\u8F93\u5165",
+  "Please fill in your email address": "\u8BF7\u586B\u5199\u90AE\u7BB1",
+  "The password is incorrect, please re-enter": "\u5BC6\u7801\u6709\u8BEF\uFF0C\u8BF7\u91CD\u65B0\u8F93\u5165",
+  "Not a valid cellphone number, please re-enter": "\u4E0D\u662F\u6709\u6548\u7684\u624B\u673A\u53F7\uFF0C\u8BF7\u91CD\u65B0\u8F93\u5165",
+  "The phone number has been registered, please login directly": "\u624B\u673A\u53F7\u5DF2\u6CE8\u518C\uFF0C\u8BF7\u76F4\u63A5\u767B\u5F55",
+  "The phone number is not registered, please register first": "\u624B\u673A\u53F7\u672A\u6CE8\u518C\uFF0C\u8BF7\u5148\u6CE8\u518C",
+  "Please keep and enable at least one authenticator": "\u8BF7\u81F3\u5C11\u4FDD\u7559\u5E76\u542F\u7528\u4E00\u4E2A\u8BA4\u8BC1\u5668"
+};
+
+module.exports = zh_CN_default;

package/dist/server/migrations/20230506152253-basic-authenticator.js

@@ -0,0 +1,26 @@
+'use strict';
+
+var server = require('@nocobase/server');
+var preset = require('../../preset');
+
+class AddBasicAuthMigration extends server.Migration {
+  async up() {
+    const repo = this.context.db.getRepository("authenticators");
+    const existed = await repo.count();
+    if (existed) {
+      return;
+    }
+    await repo.create({
+      values: {
+        name: preset.presetAuthenticator,
+        authType: preset.presetAuthType,
+        description: "Sign in with email and password.",
+        enabled: true
+      }
+    });
+  }
+  async down() {
+  }
+}
+
+module.exports = AddBasicAuthMigration;

package/dist/server/migrations/20230607174500-update-basic.js

@@ -0,0 +1,29 @@
+'use strict';
+
+var server = require('@nocobase/server');
+var preset = require('../../preset');
+
+class UpdateBasicAuthMigration extends server.Migration {
+  async up() {
+    const SystemSetting = this.context.db.getRepository("systemSettings");
+    const setting = await SystemSetting.findOne();
+    const allowSignUp = setting.get("allowSignUp") ? true : false;
+    const repo = this.context.db.getRepository("authenticators");
+    await repo.update({
+      values: {
+        options: {
+          public: {
+            allowSignUp
+          }
+        }
+      },
+      filter: {
+        name: preset.presetAuthenticator
+      }
+    });
+  }
+  async down() {
+  }
+}
+
+module.exports = UpdateBasicAuthMigration;