@opengis/fastify-table 2.0.84 → 2.0.86

package/dist/server/plugins/auth/funcs/authorizeUser.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"authorizeUser.d.ts","sourceRoot":"","sources":["../../../../../server/plugins/auth/funcs/authorizeUser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AA4BtD,wBAA8B,aAAa,CACzC,IAAI,EAAE,YAAY,EAClB,GAAG,EAAE,GAAG,EACR,QAAQ,SAAe,EACvB,MAAM,CAAC,EAAE,MAAM,gBA+HhB"}
+{"version":3,"file":"authorizeUser.d.ts","sourceRoot":"","sources":["../../../../../server/plugins/auth/funcs/authorizeUser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AA4BtD,wBAA8B,aAAa,CACzC,IAAI,EAAE,YAAY,EAClB,GAAG,EAAE,GAAG,EACR,QAAQ,SAAe,EACvB,MAAM,CAAC,EAAE,MAAM,gBA8HhB"}

package/dist/server/plugins/auth/funcs/authorizeUser.js

@@ -57,7 +57,7 @@ export default async function authorizeUser(user, req, authType = "creds-user",
         {};
     await req.session?.save?.();
     const redirectUrl = req.headers?.referer?.match?.(/[?&]redirect=([^&]+)/)?.[1] || "/";
-    const twofaEnabled = config.auth?.["2factor"] && user?.twofa && user.uid && pg;
+    const twofaEnabled = user?.twofa && user.uid && pg;
     const registered = false; // ? check by created/updated date?
     if (req.method === "POST" &&
         (!twofaEnabled || req.session?.secondFactorPassed)) {
@@ -91,7 +91,7 @@ export default async function authorizeUser(user, req, authType = "creds-user",
     }
     // by default, disable 2factor for id.gov.ua auth
     const check = authType === "govid" ? config.auth?.["2factor"]?.govid : true;
-    if (config.auth?.["2factor"] && user?.twofa && check) {
+    if (user?.twofa && check) {
         return ("/2factor?redirect=" +
             (href ||
                 config.auth?.redirectAfter ||

package/dist/server/plugins/auth/index.js

@@ -56,7 +56,7 @@ export async function onRequest(req, reply) {
         !config.auth?.disableRedirect &&
         !req.url.startsWith(prefix) &&
         !req.url.startsWith("/api") &&
-        !req.url.startsWith(loginPageUrl) &&
+        !req.url.includes(loginPageUrl) &&
         !req.url.includes(".") &&
         !req.url.includes("@")) {
         return reply.redirect(`${loginPageUrl}` + `?redirect=${req.url}`);

package/dist/server/routes/auth/controllers/2factor/verify.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../../../../../server/routes/auth/controllers/2factor/verify.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAiBvC;;;;;;;;;;;;;;;;GAgBG;AAEH,wBAA8B,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,kBAkEzE"}
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../../../../../server/routes/auth/controllers/2factor/verify.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AA0BvC;;;;;;;;;;;;;;;;GAgBG;AAEH,wBAA8B,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,kBAmEzE"}

package/dist/server/routes/auth/controllers/2factor/verify.js

@@ -1,6 +1,6 @@
 import path from "node:path";
 import { fileURLToPath } from "url";
-import { readFile } from "node:fs/promises";
+import { existsSync, readFileSync } from "node:fs";
 import config from "../../../../../config.js";
 import getTemplate from "../../../../plugins/table/funcs/getTemplate.js";
 import pgClients from "../../../../plugins/pg/pgClients.js";
@@ -9,6 +9,9 @@ import { verify, enableSecret } from "./providers/totp.js";
 import sendNotification from "../../../../plugins/auth/funcs/sendNotification.js";
 const template = "recovery-codes-email-template";
 const dirname = path.dirname(fileURLToPath(import.meta.url));
+const defaultPt = existsSync(path.join(dirname, `../../../../templates/pt/${template}.hbs`))
+    ? readFileSync(path.join(dirname, `../../../../templates/pt/${template}.hbs`), "utf8")
+    : "Recovery codes: {{{code}}}";
 /**
  * Перевірка двохфакторної авторизації для користувача
  *
@@ -28,10 +31,10 @@ const dirname = path.dirname(fileURLToPath(import.meta.url));
  */
 export default async function verifyFunction(req, reply) {
     const { pg = pgClients.client, session = {}, body = {} } = req;
-    const { uid, email } = session?.passport?.user || {};
+    const { uid, twofa, email } = session?.passport?.user || {};
     // const { nocache = config.local } = query;
     const { code } = body;
-    if (!config?.auth?.["2factor"]) {
+    if (!twofa) {
         return reply.status(400).send("2fa not enabled");
     }
     if (!config.pg) {
@@ -54,10 +57,10 @@ export default async function verifyFunction(req, reply) {
       from admin.users_social_auth where uid=$1 and social_auth_type='TOTP'`, [uid])
                 ?.then((el) => el.rows?.[0] || {});
             const customPt = await getTemplate("pt", template);
-            const pt = customPt ||
-                (await readFile(path.join(dirname, `../../../../../templates/pt/${template}.html`), "utf8"));
+            const pt = customPt || defaultPt;
             const html = await handlebars.compile(pt)({
                 recoveryCodes,
+                code: recoveryCodes,
                 domain: `${req.protocol || "https"}://${req.hostname}`,
             });
             await sendNotification({
@@ -69,9 +72,15 @@ export default async function verifyFunction(req, reply) {
             });
         }
         const redirectUrl = req.headers?.referer?.match?.(/[?&]redirect=([^&]+)/)?.[1] || "/";
-        return reply.redirect(redirectUrl.startsWith("/") ? redirectUrl : "/");
+        // return reply.redirect(redirectUrl.startsWith("/") ? redirectUrl : "/");
+        return reply
+            .status(200)
+            .send({ redirectUrl: redirectUrl.startsWith("/") ? redirectUrl : "/" });
     }
     catch (err) {
+        if (err.message === "Невірний код") {
+            return reply.status(401).send({ error: err.message, code: 401 });
+        }
         return reply.status(500).send(err.toString());
     }
 }

package/dist/server/templates/pt/recovery-codes-email-template.hbs

@@ -0,0 +1,13 @@
+<div style="background:#eee;padding:30px;">
+  <div
+      style="background:#fff;padding: 15px 20px;width: 550px;border: 1px solid #e3e3e5;border-radius:3px;margin: 0 auto;font: normal 13px/19px Verdana;box-shadow: 0 3px 7px rgba(0,0,0,.1);">
+      <h2 style="font:normal 21px/48px Arial;color: #222;text-align:center">
+          Коди відновлення на випадок втрати доступу до застосунку для двофакторної аутентифікації порталу {{domain}}
+      </h2>
+        {{#each recoveryCodes}}
+          <p style="width: 400px;margin:0 auto;display: block;background: #4CAF50;color: #fff;font-weight:bold; line-height: 44px;text-align: center;text-decoration: none;border-radius: 3px;text-shadow: 0 1px 3px rgba(0,0,0,.35);border: 1px solid #388E3C;box-shadow: inset 0 1px rgba(255,255,255,.4);">
+            {{this}}<hr>
+          </p>
+        {{/each}}
+  </div>
+</div>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opengis/fastify-table",
-  "version": "2.0.84",
+  "version": "2.0.86",
   "type": "module",
   "description": "core-plugins",
   "keywords": [
@@ -23,7 +23,7 @@
   "scripts": {
     "prepublishOnly": "npm run build",
     "clean": "tsc -b --clean",
-    "build": "tsc -b --clean && tsc && copyfiles server/plugins/grpc/utils/*.proto dist && copyfiles server/migrations/*.sql dist && copyfiles server/templates/**/*.html dist",
+    "build": "tsc -b --clean && tsc && copyfiles server/plugins/grpc/utils/*.proto dist && copyfiles server/migrations/*.sql dist && copyfiles server/templates/**/*.html dist && copyfiles server/templates/**/*.hbs dist",
     "prod": "NODE_ENV=production bun dist/server",
     "patch": "npm version patch && git push && npm publish",
     "lint": "eslint . --ext .vue,.js,.jsx,.cjs,.mjs,.ts,.tsx,.cts,.mts --fix --ignore-path .gitignore",