@nymphjs/tilmeld-client 1.0.0-beta.11 → 1.0.0-beta.111

package/src/User.ts

@@ -1,7 +1,7 @@
 import { Nymph, Entity } from '@nymphjs/client';
 
-import type Group from './Group';
-import type { AdminGroupData, CurrentGroupData } from './Group';
+import type Group from './Group.js';
+import type { AdminGroupData, CurrentGroupData } from './Group.js';
 
 export type EventType = 'register' | 'login' | 'logout';
 export type RegisterCallback = (user: User & CurrentUserData) => void;
@@ -76,6 +76,11 @@ export type CurrentUserData = UserData & {
    * Whether the user should inherit the abilities of his groups.
    */
   inheritAbilities?: boolean;
+  /**
+   * If the user has changed their email address, this is the new one, awaiting
+   * verification.
+   */
+  newEmailAddress?: string;
 };
 
 export type AdminUserData = CurrentUserData & {
@@ -123,10 +128,13 @@ export type AdminUserData = CurrentUserData & {
    * Used by admins to change a user's password. Not saved to the database.
    */
   passwordTemp?: string;
+  /**
+   * If set, this timestamp is the cutoff point for JWT issue dates. Any token
+   * issued before this date will not authenticate the user.
+   */
+  revokeTokenDate?: number;
 };
 
-let currentToken: string | null = null;
-
 type InstanceStore = {
   registerCallbacks: RegisterCallback[];
   loginCallbacks: LoginCallback[];
@@ -134,6 +142,7 @@ type InstanceStore = {
   clientConfig?: ClientConfig;
   clientConfigPromise?: Promise<ClientConfig>;
   removeNymphResponseListener?: () => void;
+  currentToken?: string;
 };
 
 export default class User extends Entity<UserData> {
@@ -163,26 +172,11 @@ export default class User extends Entity<UserData> {
       store.removeNymphResponseListener();
     }
     store.removeNymphResponseListener = nymph.on('response', (response) =>
-      this.handleToken(response)
+      this.handleToken(response),
     );
     this.handleToken();
   }
 
-  constructor(guid?: string) {
-    super(guid);
-
-    if (guid == null) {
-      this.$data.enabled = true;
-      (this.$data as CurrentUserData).abilities = [];
-      (this.$data as CurrentUserData).groups = [];
-      (this.$data as CurrentUserData).inheritAbilities = true;
-    }
-  }
-
-  static async factory(guid?: string): Promise<User & UserData> {
-    return (await super.factory(guid)) as User & UserData;
-  }
-
   static async factoryUsername(username?: string): Promise<User & UserData> {
     const entity = new this();
     if (username != null) {
@@ -193,7 +187,7 @@ export default class User extends Entity<UserData> {
         {
           type: '&',
           ilike: ['username', username.replace(/([\\%_])/g, (s) => `\\${s}`)],
-        }
+        },
       );
       if (entity != null) {
         return entity;
@@ -202,8 +196,25 @@ export default class User extends Entity<UserData> {
     return entity;
   }
 
-  static factorySync(guid?: string): User & UserData {
-    return super.factorySync(guid) as User & UserData;
+  static async getDomainUsers(
+    domain: string,
+    options?: {
+      limit?: number;
+      offset?: number;
+      sort?: string;
+      reverse?: boolean;
+    },
+  ): Promise<(User & UserData)[]> {
+    return await this.serverCallStatic('getDomainUsers', [domain, options]);
+  }
+
+  constructor() {
+    super();
+
+    this.$data.enabled = true;
+    (this.$data as CurrentUserData).abilities = [];
+    (this.$data as CurrentUserData).groups = [];
+    (this.$data as CurrentUserData).inheritAbilities = true;
   }
 
   public async $checkUsername(): Promise<{
@@ -238,7 +249,7 @@ export default class User extends Entity<UserData> {
     const store = User.stores.get(this.$nymph);
     if (store == null) {
       throw new Error(
-        'This user class was never initialized with an instance of Nymph'
+        'This user class was never initialized with an instance of Nymph',
       );
     }
 
@@ -257,11 +268,34 @@ export default class User extends Entity<UserData> {
     return response;
   }
 
+  public async $switchUser(data?: {
+    additionalData?: { [k: string]: any };
+  }): Promise<{
+    result: boolean;
+    message: string;
+  }> {
+    const store = User.stores.get(this.$nymph);
+    if (store == null) {
+      throw new Error(
+        'This user class was never initialized with an instance of Nymph',
+      );
+    }
+
+    const response = await this.$serverCall('$switchUser', [data]);
+    if (response.result) {
+      (this.constructor as typeof User).handleToken();
+      for (let i = 0; i < store.loginCallbacks.length; i++) {
+        store.loginCallbacks[i] && store.loginCallbacks[i](this);
+      }
+    }
+    return response;
+  }
+
   public async $logout(): Promise<{ result: boolean; message: string }> {
     const store = User.stores.get(this.$nymph);
     if (store == null) {
       throw new Error(
-        'This user class was never initialized with an instance of Nymph'
+        'This user class was never initialized with an instance of Nymph',
       );
     }
 
@@ -282,18 +316,54 @@ export default class User extends Entity<UserData> {
   public async $changePassword(data: {
     newPassword: string;
     currentPassword: string;
+    revokeCurrentTokens?: boolean;
   }): Promise<{ result: boolean; message: string }> {
     return await this.$serverCall('$changePassword', [data]);
   }
 
+  public async $revokeCurrentTokens(data: {
+    password: string;
+  }): Promise<{ result: boolean; message: string }> {
+    return await this.$serverCall('$revokeCurrentTokens', [data]);
+  }
+
+  public async $hasTOTPSecret(): Promise<boolean> {
+    return await this.$serverCall('$hasTOTPSecret', [], true);
+  }
+
+  public async $getNewTOTPSecret(): Promise<{
+    uri: string;
+    qrcode: string;
+    secret: string;
+  }> {
+    return await this.$serverCall('$getNewTOTPSecret', [], true);
+  }
+
+  public async $saveTOTPSecret(data: {
+    password: string;
+    secret: string;
+    code: string;
+  }): Promise<{ result: boolean; message: string }> {
+    return await this.$serverCall('$saveTOTPSecret', [data]);
+  }
+
+  public async $removeTOTPSecret(data?: {
+    password: string;
+    code: string;
+  }): Promise<{ result: boolean; message: string }> {
+    return await this.$serverCall('$removeTOTPSecret', [
+      ...(data ? [data] : []),
+    ]);
+  }
+
   public static async current(
-    returnObjectIfNotExist: true
+    returnObjectIfNotExist: true,
   ): Promise<User & CurrentUserData>;
   public static async current(
-    returnObjectIfNotExist?: false
+    returnObjectIfNotExist?: false,
   ): Promise<(User & CurrentUserData) | null>;
   public static async current(
-    returnObjectIfNotExist?: boolean
+    returnObjectIfNotExist?: boolean,
   ): Promise<(User & CurrentUserData) | null> {
     const currentUser = await this.serverCallStatic('current', [false]);
     if (currentUser == null) {
@@ -305,16 +375,18 @@ export default class User extends Entity<UserData> {
   public static async loginUser(data: {
     username: string;
     password: string;
+    code?: string;
     additionalData?: { [k: string]: any };
   }): Promise<{
     result: boolean;
     message: string;
+    needTOTP?: true;
     user?: User & CurrentUserData;
   }> {
     const store = User.stores.get(this.nymph);
     if (store == null) {
       throw new Error(
-        'This user class was never initialized with an instance of Nymph'
+        'This user class was never initialized with an instance of Nymph',
       );
     }
 
@@ -347,7 +419,7 @@ export default class User extends Entity<UserData> {
     const store = User.stores.get(this.nymph);
     if (store == null) {
       throw new Error(
-        'This user class was never initialized with an instance of Nymph'
+        'This user class was never initialized with an instance of Nymph',
       );
     }
 
@@ -357,7 +429,7 @@ export default class User extends Entity<UserData> {
     if (!store.clientConfigPromise) {
       store.clientConfigPromise = this.serverCallStatic(
         'getClientConfig',
-        []
+        [],
       ).then((config) => {
         store.clientConfig = config;
         store.clientConfigPromise = undefined;
@@ -368,27 +440,44 @@ export default class User extends Entity<UserData> {
   }
 
   private static handleToken(response?: Response) {
+    const store = User.stores.get(this.nymph);
+
+    if (store == null) {
+      throw new Error(
+        'This user class was never initialized with an instance of Nymph',
+      );
+    }
+
     let token: string | null = null;
+    let switchToken: string | null = null;
+    let hasNoCookie =
+      typeof document === 'undefined' || typeof document.cookie === 'undefined';
     const authCookiePattern =
       /(?:(?:^|.*;\s*)TILMELDAUTH\s*=\s*([^;]*).*$)|^.*$/;
+    const switchCookiePattern =
+      /(?:(?:^|.*;\s*)TILMELDSWITCH\s*=\s*([^;]*).*$)|^.*$/;
     if (response && response.headers.has('X-TILMELDAUTH')) {
       token = response.headers.get('X-TILMELDAUTH');
+      switchToken = response.headers.get('X-TILMELDSWITCH');
     } else if (
       typeof document !== 'undefined' &&
       document.cookie.match(authCookiePattern)
     ) {
       token = document.cookie.replace(authCookiePattern, '$1');
+      switchToken = document.cookie.replace(switchCookiePattern, '$1');
     } else {
       return;
     }
-    if (currentToken !== token) {
+    if (store.currentToken != token) {
       if (token == null || token === '') {
-        if (currentToken != null) {
-          this.nymph.setXsrfToken(null);
+        if (store.currentToken != null) {
+          delete this.nymph.headers['X-Xsrf-Token'];
+          delete this.nymph.headers['X-TILMELDAUTH'];
+          delete this.nymph.headers['X-TILMELDSWITCH'];
           if (this.nymph.pubsub) {
-            this.nymph.pubsub.setToken(null);
+            this.nymph.pubsub.authenticate(null);
           }
-          currentToken = null;
+          delete store.currentToken;
         }
       } else {
         const base64Url = token.split('.')[1];
@@ -398,11 +487,18 @@ export default class User extends Entity<UserData> {
             ? Buffer.from(base64, 'base64').toString('binary') // node
             : atob(base64); // browser
         const jwt = JSON.parse(json);
-        this.nymph.setXsrfToken(jwt.xsrfToken);
+        this.nymph.headers['X-Xsrf-Token'] = jwt.xsrfToken;
+        if (hasNoCookie) {
+          this.nymph.headers['X-TILMELDAUTH'] = token;
+          delete this.nymph.headers['X-TILMELDSWITCH'];
+          if (switchToken != null) {
+            this.nymph.headers['X-TILMELDSWITCH'] = switchToken;
+          }
+        }
         if (this.nymph.pubsub) {
-          this.nymph.pubsub.setToken(token);
+          this.nymph.pubsub.authenticate(token, switchToken);
         }
-        currentToken = token;
+        store.currentToken = token;
       }
     }
   }
@@ -412,25 +508,25 @@ export default class User extends Entity<UserData> {
     callback: T extends 'register'
       ? RegisterCallback
       : T extends 'login'
-      ? LoginCallback
-      : T extends 'logout'
-      ? LogoutCallback
-      : never
+        ? LoginCallback
+        : T extends 'logout'
+          ? LogoutCallback
+          : never,
   ) {
     const store = User.stores.get(this.nymph);
     if (store == null) {
       throw new Error(
-        'This user class was never initialized with an instance of Nymph'
+        'This user class was never initialized with an instance of Nymph',
       );
     }
 
     const prop = (event + 'Callbacks') as T extends 'register'
       ? 'registerCallbacks'
       : T extends 'login'
-      ? 'loginCallbacks'
-      : T extends 'logout'
-      ? 'logoutCallbacks'
-      : never;
+        ? 'loginCallbacks'
+        : T extends 'logout'
+          ? 'logoutCallbacks'
+          : never;
     if (!(prop in store)) {
       throw new Error('Invalid event type.');
     }
@@ -444,25 +540,25 @@ export default class User extends Entity<UserData> {
     callback: T extends 'register'
       ? RegisterCallback
       : T extends 'login'
-      ? LoginCallback
-      : T extends 'logout'
-      ? LogoutCallback
-      : never
+        ? LoginCallback
+        : T extends 'logout'
+          ? LogoutCallback
+          : never,
   ) {
     const store = User.stores.get(this.nymph);
     if (store == null) {
       throw new Error(
-        'This user class was never initialized with an instance of Nymph'
+        'This user class was never initialized with an instance of Nymph',
       );
     }
 
     const prop = (event + 'Callbacks') as T extends 'register'
       ? 'registerCallbacks'
       : T extends 'login'
-      ? 'loginCallbacks'
-      : T extends 'logout'
-      ? 'logoutCallbacks'
-      : never;
+        ? 'loginCallbacks'
+        : T extends 'logout'
+          ? 'logoutCallbacks'
+          : never;
     if (!(prop in store)) {
       return false;
     }

package/src/helpers.ts

@@ -1,5 +1,5 @@
-import type UserClass from './User';
-import type { ClientConfig, CurrentUserData } from './User';
+import type UserClass from './User.js';
+import type { ClientConfig, CurrentUserData } from './User.js';
 
 export type RegistrationDetails = {
   /**
@@ -40,11 +40,14 @@ export type RegistrationDetails = {
   additionalData?: { [k: string]: any };
 };
 
+export class NeedTOTPError extends Error {}
+
 export async function login(
   User: typeof UserClass,
   username: string,
   password: string,
-  additionalData?: { [k: string]: any }
+  code?: string,
+  additionalData?: { [k: string]: any },
 ) {
   if (username === '') {
     throw new Error('You need to enter a username.');
@@ -54,16 +57,24 @@ export async function login(
   }
 
   try {
-    const { result, ...response } = await User.loginUser({
+    const { result, needTOTP, ...response } = await User.loginUser({
       username,
       password,
+      code,
       ...(additionalData ? { additionalData } : {}),
     });
     if (!result) {
+      if (needTOTP) {
+        throw new NeedTOTPError(response.message);
+      }
+
       throw new Error(response.message);
     }
     return response;
   } catch (e: any) {
+    if (e instanceof NeedTOTPError) {
+      throw e;
+    }
     throw new Error(e?.message ?? 'An error occurred.');
   }
 }
@@ -71,7 +82,7 @@ export async function login(
 export async function register(
   User: typeof UserClass,
   userDetails: RegistrationDetails,
-  clientConfig?: ClientConfig
+  clientConfig?: ClientConfig,
 ): Promise<{
   loggedin: boolean;
   message: string;
@@ -95,16 +106,18 @@ export async function register(
   user.username = userDetails.username;
   const config = clientConfig || (await User.getClientConfig());
 
-  if (config.emailUsernames) {
-    user.email = userDetails.username;
-  } else if (config.regFields.indexOf('email') !== -1) {
-    user.email = userDetails.email;
+  if (config.regFields.includes('email')) {
+    if (config.emailUsernames) {
+      user.email = userDetails.username;
+    } else {
+      user.email = userDetails.email;
+    }
   }
-  if (config.regFields.indexOf('name') !== -1) {
+  if (config.regFields.includes('name')) {
     user.nameFirst = userDetails.nameFirst;
     user.nameLast = userDetails.nameLast;
   }
-  if (config.regFields.indexOf('phone') !== -1) {
+  if (config.regFields.includes('phone')) {
     user.phone = userDetails.phone;
   }
 
@@ -127,7 +140,7 @@ export async function register(
 export async function checkUsername(
   User: typeof UserClass,
   username: string,
-  clientConfig?: ClientConfig
+  clientConfig?: ClientConfig,
 ) {
   let user = User.factorySync() as UserClass & CurrentUserData;
   user.username = username;