@raytio/decrypt-helper 3.1.1 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/dist/api/signIn.js +28 -11
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## 3.2.0 (2022-04-21)
|
|
11
|
+
|
|
12
|
+
- !177 do not use `hashPassword` when logging in, and migrate old credentials
|
|
13
|
+
|
|
10
14
|
## 3.1.1 (2022-04-02)
|
|
11
15
|
|
|
12
16
|
- !168 Fix import issue in v3.1
|
package/dist/api/signIn.js
CHANGED
|
@@ -8,31 +8,48 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
8
8
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
12
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
|
-
};
|
|
14
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
12
|
exports.signIn = void 0;
|
|
16
|
-
const auth_1 =
|
|
13
|
+
const auth_1 = require("@aws-amplify/auth");
|
|
17
14
|
const core_1 = require("@raytio/core");
|
|
15
|
+
/** see #1252 in the client repo */
|
|
16
|
+
function signInWithPasswordMigration(username, password) {
|
|
17
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
18
|
+
try {
|
|
19
|
+
const userObj = yield auth_1.Auth.signIn(username, password);
|
|
20
|
+
return userObj;
|
|
21
|
+
}
|
|
22
|
+
catch (_a) {
|
|
23
|
+
// if the login fails, try again with their hashed password.
|
|
24
|
+
// if it's successful the second time, we quietly change their password.
|
|
25
|
+
const hashedPassword = yield (0, core_1.hashPassword)(password);
|
|
26
|
+
const userObj = yield auth_1.Auth.signIn(username, hashedPassword);
|
|
27
|
+
// the login was successful. So we need to migrate their account.
|
|
28
|
+
// No changes to the maxcryptor, purely to cognito.
|
|
29
|
+
// we can only migrate their password if there are no login challenges
|
|
30
|
+
if (!userObj.challengeName) {
|
|
31
|
+
console.log("Migrating credentials...");
|
|
32
|
+
yield auth_1.Auth.changePassword(userObj, hashedPassword, password);
|
|
33
|
+
}
|
|
34
|
+
return userObj;
|
|
35
|
+
}
|
|
36
|
+
});
|
|
37
|
+
}
|
|
18
38
|
function signIn(CONFIG, envConfig) {
|
|
19
39
|
var _a, _b;
|
|
20
40
|
return __awaiter(this, void 0, void 0, function* () {
|
|
21
|
-
auth_1.
|
|
41
|
+
auth_1.Auth.configure({
|
|
22
42
|
region: envConfig.cognito_region,
|
|
23
43
|
userPoolId: envConfig.cognito_user_pool_id,
|
|
24
44
|
userPoolWebClientId: envConfig.cognito_web_client_id,
|
|
25
45
|
});
|
|
26
|
-
const userObj = yield
|
|
27
|
-
username: CONFIG.RAYTIO_USERNAME,
|
|
28
|
-
password: yield (0, core_1.hashPassword)(CONFIG.RAYTIO_PASSWORD),
|
|
29
|
-
});
|
|
46
|
+
const userObj = yield signInWithPasswordMigration(CONFIG.RAYTIO_USERNAME, CONFIG.RAYTIO_PASSWORD);
|
|
30
47
|
if (userObj.challengeName === "SOFTWARE_TOKEN_MFA") {
|
|
31
48
|
throw new Error(`The configured account (${CONFIG.RAYTIO_USERNAME}) has two factor authentication enabled. You must disable 2FA or use a different account`);
|
|
32
49
|
}
|
|
33
|
-
const user = yield auth_1.
|
|
50
|
+
const user = yield auth_1.Auth.currentAuthenticatedUser();
|
|
34
51
|
const apiToken = (_b = (_a = user.signInUserSession) === null || _a === void 0 ? void 0 : _a.idToken) === null || _b === void 0 ? void 0 : _b.jwtToken;
|
|
35
|
-
const cognitoAttributes = yield auth_1.
|
|
52
|
+
const cognitoAttributes = yield auth_1.Auth.userAttributes(user);
|
|
36
53
|
return { apiToken, cognitoAttributes };
|
|
37
54
|
});
|
|
38
55
|
}
|