@solidxai/core 0.1.9-beta.7 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +89 -0
- package/README.md +3 -1
- package/dist/constants/chatter-message.constants.d.ts +6 -0
- package/dist/constants/chatter-message.constants.d.ts.map +1 -1
- package/dist/constants/chatter-message.constants.js +7 -1
- package/dist/constants/chatter-message.constants.js.map +1 -1
- package/dist/controllers/authentication.controller.d.ts +12 -0
- package/dist/controllers/authentication.controller.d.ts.map +1 -1
- package/dist/controllers/authentication.controller.js +13 -0
- package/dist/controllers/authentication.controller.js.map +1 -1
- package/dist/controllers/chatter-message.controller.d.ts +1 -0
- package/dist/controllers/chatter-message.controller.d.ts.map +1 -1
- package/dist/controllers/chatter-message.controller.js +12 -0
- package/dist/controllers/chatter-message.controller.js.map +1 -1
- package/dist/controllers/facebook-authentication.controller.d.ts +27 -0
- package/dist/controllers/facebook-authentication.controller.d.ts.map +1 -0
- package/dist/controllers/facebook-authentication.controller.js +117 -0
- package/dist/controllers/facebook-authentication.controller.js.map +1 -0
- package/dist/controllers/menu-item-metadata.controller.d.ts +1 -0
- package/dist/controllers/menu-item-metadata.controller.d.ts.map +1 -1
- package/dist/controllers/menu-item-metadata.controller.js +15 -0
- package/dist/controllers/menu-item-metadata.controller.js.map +1 -1
- package/dist/controllers/microsoft-authentication.controller.d.ts +27 -0
- package/dist/controllers/microsoft-authentication.controller.d.ts.map +1 -0
- package/dist/controllers/microsoft-authentication.controller.js +118 -0
- package/dist/controllers/microsoft-authentication.controller.js.map +1 -0
- package/dist/controllers/setting.controller.d.ts +2 -2
- package/dist/controllers/setting.controller.js +2 -2
- package/dist/decorators/auth.decorator.d.ts.map +1 -1
- package/dist/decorators/computed-field-provider.decorator.d.ts.map +1 -1
- package/dist/decorators/dashboard-question-data-provider.decorator.d.ts.map +1 -1
- package/dist/decorators/dashboard-selection-provider.decorator.d.ts.map +1 -1
- package/dist/decorators/disallow-in-production.decorator.d.ts.map +1 -1
- package/dist/decorators/error-codes-provider.decorator.d.ts.map +1 -1
- package/dist/decorators/extension-user-creation-provider.decorator.d.ts.map +1 -1
- package/dist/decorators/is-not-in-enum.decorator.d.ts.map +1 -1
- package/dist/decorators/mail-provider.decorator.d.ts.map +1 -1
- package/dist/decorators/roles.decorator.d.ts.map +1 -1
- package/dist/decorators/scheduled-job-provider.decorator.d.ts.map +1 -1
- package/dist/decorators/security-rule-config-provider.decorator.d.ts.map +1 -1
- package/dist/decorators/selection-provider.decorator.d.ts.map +1 -1
- package/dist/decorators/sms-provider.decorator.d.ts.map +1 -1
- package/dist/decorators/solid-database-module.decorator.d.ts.map +1 -1
- package/dist/decorators/whatsapp-provider.decorator.d.ts.map +1 -1
- package/dist/dtos/create-chatter-message.dto.d.ts +1 -0
- package/dist/dtos/create-chatter-message.dto.d.ts.map +1 -1
- package/dist/dtos/create-chatter-message.dto.js +7 -1
- package/dist/dtos/create-chatter-message.dto.js.map +1 -1
- package/dist/dtos/post-chatter-message.dto.d.ts +1 -0
- package/dist/dtos/post-chatter-message.dto.d.ts.map +1 -1
- package/dist/dtos/post-chatter-message.dto.js +6 -1
- package/dist/dtos/post-chatter-message.dto.js.map +1 -1
- package/dist/dtos/update-chatter-message.dto.d.ts +1 -0
- package/dist/dtos/update-chatter-message.dto.d.ts.map +1 -1
- package/dist/dtos/update-chatter-message.dto.js +7 -1
- package/dist/dtos/update-chatter-message.dto.js.map +1 -1
- package/dist/entities/chatter-message.entity.d.ts +1 -0
- package/dist/entities/chatter-message.entity.d.ts.map +1 -1
- package/dist/entities/chatter-message.entity.js +5 -1
- package/dist/entities/chatter-message.entity.js.map +1 -1
- package/dist/entities/user.entity.d.ts +8 -0
- package/dist/entities/user.entity.d.ts.map +1 -1
- package/dist/entities/user.entity.js +33 -1
- package/dist/entities/user.entity.js.map +1 -1
- package/dist/helpers/cors.helper.js +1 -1
- package/dist/helpers/cors.helper.js.map +1 -1
- package/dist/helpers/facebook-oauth.helper.d.ts +8 -0
- package/dist/helpers/facebook-oauth.helper.d.ts.map +1 -0
- package/dist/helpers/facebook-oauth.helper.js +11 -0
- package/dist/helpers/facebook-oauth.helper.js.map +1 -0
- package/dist/helpers/microsoft-oauth.helper.d.ts +9 -0
- package/dist/helpers/microsoft-oauth.helper.d.ts.map +1 -0
- package/dist/helpers/microsoft-oauth.helper.js +12 -0
- package/dist/helpers/microsoft-oauth.helper.js.map +1 -0
- package/dist/helpers/security.helper.d.ts.map +1 -1
- package/dist/helpers/string.helper.d.ts.map +1 -1
- package/dist/helpers/user-helper.d.ts.map +1 -1
- package/dist/helpers/user-helper.js +4 -0
- package/dist/helpers/user-helper.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/interfaces.d.ts +19 -0
- package/dist/interfaces.d.ts.map +1 -1
- package/dist/interfaces.js.map +1 -1
- package/dist/passport-strategies/facebook-oauth.strategy.d.ts +16 -0
- package/dist/passport-strategies/facebook-oauth.strategy.d.ts.map +1 -0
- package/dist/passport-strategies/facebook-oauth.strategy.js +96 -0
- package/dist/passport-strategies/facebook-oauth.strategy.js.map +1 -0
- package/dist/passport-strategies/microsoft-oauth.strategy.d.ts +14 -0
- package/dist/passport-strategies/microsoft-oauth.strategy.d.ts.map +1 -0
- package/dist/passport-strategies/microsoft-oauth.strategy.js +77 -0
- package/dist/passport-strategies/microsoft-oauth.strategy.js.map +1 -0
- package/dist/seeders/seed-data/solid-core-metadata.json +27 -58
- package/dist/services/api-key.service.d.ts +17 -1
- package/dist/services/api-key.service.d.ts.map +1 -1
- package/dist/services/api-key.service.js +38 -2
- package/dist/services/api-key.service.js.map +1 -1
- package/dist/services/authentication.service.d.ts +61 -27
- package/dist/services/authentication.service.d.ts.map +1 -1
- package/dist/services/authentication.service.js +356 -164
- package/dist/services/authentication.service.js.map +1 -1
- package/dist/services/chatter-message.service.d.ts +1 -0
- package/dist/services/chatter-message.service.d.ts.map +1 -1
- package/dist/services/chatter-message.service.js +24 -7
- package/dist/services/chatter-message.service.js.map +1 -1
- package/dist/services/crud-helper.service.d.ts.map +1 -1
- package/dist/services/model-metadata.service.js +1 -1
- package/dist/services/model-metadata.service.js.map +1 -1
- package/dist/services/setting.service.d.ts +5 -2
- package/dist/services/setting.service.d.ts.map +1 -1
- package/dist/services/setting.service.js +51 -6
- package/dist/services/setting.service.js.map +1 -1
- package/dist/services/settings/default-settings-provider.service.d.ts +846 -0
- package/dist/services/settings/default-settings-provider.service.d.ts.map +1 -1
- package/dist/services/settings/default-settings-provider.service.js +1096 -117
- package/dist/services/settings/default-settings-provider.service.js.map +1 -1
- package/dist/services/user.service.d.ts +12 -8
- package/dist/services/user.service.d.ts.map +1 -1
- package/dist/services/user.service.js +143 -32
- package/dist/services/user.service.js.map +1 -1
- package/dist/solid-core.module.d.ts.map +1 -1
- package/dist/solid-core.module.js +11 -3
- package/dist/solid-core.module.js.map +1 -1
- package/dist/transformers/array-transformer.d.ts.map +1 -1
- package/dist/transformers/boolean-transformer.d.ts.map +1 -1
- package/dist/transformers/datetime-transformer.d.ts.map +1 -1
- package/dist/transformers/integer-transformer.d.ts.map +1 -1
- package/dist/validators/is-parsable-int.d.ts.map +1 -1
- package/nest +0 -0
- package/package.json +8 -2
- package/src/constants/chatter-message.constants.ts +7 -0
- package/src/controllers/authentication.controller.ts +8 -1
- package/src/controllers/chatter-message.controller.ts +6 -0
- package/src/controllers/facebook-authentication.controller.ts +113 -0
- package/src/controllers/menu-item-metadata.controller.ts +21 -15
- package/src/controllers/microsoft-authentication.controller.ts +116 -0
- package/src/dtos/create-chatter-message.dto.ts +11 -0
- package/src/dtos/post-chatter-message.dto.ts +4 -0
- package/src/dtos/update-chatter-message.dto.ts +13 -1
- package/src/entities/chatter-message.entity.ts +4 -1
- package/src/entities/user.entity.ts +32 -0
- package/src/helpers/cors.helper.ts +1 -1
- package/src/helpers/facebook-oauth.helper.ts +17 -0
- package/src/helpers/microsoft-oauth.helper.ts +19 -0
- package/src/helpers/user-helper.ts +4 -0
- package/src/index.ts +2 -0
- package/src/interfaces.ts +32 -1
- package/src/passport-strategies/facebook-oauth.strategy.ts +115 -0
- package/src/passport-strategies/microsoft-oauth.strategy.ts +70 -0
- package/src/seeders/seed-data/solid-core-metadata.json +27 -58
- package/src/services/api-key.service.ts +77 -35
- package/src/services/authentication.service.ts +1947 -1432
- package/src/services/chatter-message.service.ts +23 -3
- package/src/services/model-metadata.service.ts +1 -1
- package/src/services/setting.service.ts +64 -8
- package/src/services/settings/default-settings-provider.service.ts +1168 -156
- package/src/services/user.service.ts +220 -61
- package/src/solid-core.module.ts +25 -8
- package/dev-grooming-docs/ozzy-prompts.txt +0 -70
- package/docs/grouping-enhancements.md +0 -89
- package/docs/seed-changes.md +0 -65
- package/docs/test-data-workflow.md +0 -200
- package/docs/type-declaration-import-issue.md +0 -24
|
@@ -65,17 +65,14 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
65
65
|
this.logger = new common_1.Logger(AuthenticationService_1.name);
|
|
66
66
|
}
|
|
67
67
|
async getCompanyLogo() {
|
|
68
|
-
return this.settingService.getConfigValue(
|
|
68
|
+
return this.settingService.getConfigValue("companylogo");
|
|
69
69
|
}
|
|
70
70
|
async resolveUser(username, email) {
|
|
71
71
|
return await this.userRepository.findOne({
|
|
72
|
-
where: [
|
|
73
|
-
{ username: username },
|
|
74
|
-
{ email: email },
|
|
75
|
-
],
|
|
72
|
+
where: [{ username: username }, { email: email }],
|
|
76
73
|
relations: {
|
|
77
|
-
roles: true
|
|
78
|
-
}
|
|
74
|
+
roles: true,
|
|
75
|
+
},
|
|
79
76
|
});
|
|
80
77
|
}
|
|
81
78
|
async updatePasswordDetails(user, newPassword) {
|
|
@@ -87,14 +84,14 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
87
84
|
password: user.password,
|
|
88
85
|
passwordScheme: user.passwordScheme,
|
|
89
86
|
passwordSchemeVersion: user.passwordSchemeVersion,
|
|
90
|
-
rehashedAt: user.rehashedAt
|
|
87
|
+
rehashedAt: user.rehashedAt,
|
|
91
88
|
});
|
|
92
89
|
return user;
|
|
93
90
|
}
|
|
94
91
|
async resolveUserByVerificationToken(token) {
|
|
95
92
|
return await this.userRepository.findOne({
|
|
96
93
|
where: { verificationTokenOnForgotPassword: token },
|
|
97
|
-
relations: { roles: true }
|
|
94
|
+
relations: { roles: true },
|
|
98
95
|
});
|
|
99
96
|
}
|
|
100
97
|
async validateUserForPasswordLogin(user, password) {
|
|
@@ -114,11 +111,11 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
114
111
|
}
|
|
115
112
|
}
|
|
116
113
|
async signUp(signUpDto, activeUser = null) {
|
|
117
|
-
const hasExtensionFields = Object.keys(signUpDto).some(k => !AuthenticationService_1.SIGNUP_DTO_KEYS.has(k));
|
|
114
|
+
const hasExtensionFields = Object.keys(signUpDto).some((k) => !AuthenticationService_1.SIGNUP_DTO_KEYS.has(k));
|
|
118
115
|
if (hasExtensionFields) {
|
|
119
116
|
const provider = this.solidRegistry.getExtensionUserCreationProvider();
|
|
120
117
|
if (!provider) {
|
|
121
|
-
throw new common_1.InternalServerErrorException(
|
|
118
|
+
throw new common_1.InternalServerErrorException("No ExtensionUserCreationProvider registered. Register one to handle extension user creation.");
|
|
122
119
|
}
|
|
123
120
|
const entity = await provider.buildExtensionEntity(signUpDto);
|
|
124
121
|
const effectiveDto = { ...signUpDto, roles: provider.roles(signUpDto) };
|
|
@@ -128,9 +125,9 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
128
125
|
}
|
|
129
126
|
async performSignUp(signUpDto, entity, repo) {
|
|
130
127
|
try {
|
|
131
|
-
const onForcePasswordChange = this.settingService.getConfigValue(
|
|
132
|
-
const activateUserOnRegistration = this.settingService.getConfigValue(
|
|
133
|
-
const defaultRole = this.settingService.getConfigValue(
|
|
128
|
+
const onForcePasswordChange = this.settingService.getConfigValue("forceChangePasswordOnFirstLogin");
|
|
129
|
+
const activateUserOnRegistration = this.settingService.getConfigValue("activateUserOnRegistration");
|
|
130
|
+
const defaultRole = this.settingService.getConfigValue("defaultRole");
|
|
134
131
|
var { user, pwd, autoGeneratedPwd } = await this.populateForSignup(entity, signUpDto, activateUserOnRegistration, onForcePasswordChange);
|
|
135
132
|
const privateDto = signUpDto;
|
|
136
133
|
if (privateDto.isAllowedToGenerateApiKeys !== undefined) {
|
|
@@ -138,14 +135,16 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
138
135
|
}
|
|
139
136
|
const savedUser = await repo.save(user);
|
|
140
137
|
const userRoles = signUpDto.roles ?? [];
|
|
141
|
-
if ((signUpDto.roles?.length ?? 0) === 0 &&
|
|
138
|
+
if ((signUpDto.roles?.length ?? 0) === 0 &&
|
|
139
|
+
signUpDto.username !== "sa" &&
|
|
140
|
+
defaultRole) {
|
|
142
141
|
userRoles.push(defaultRole);
|
|
143
142
|
}
|
|
144
143
|
await this.handlePostSignup(savedUser, userRoles, pwd, autoGeneratedPwd);
|
|
145
144
|
return savedUser;
|
|
146
145
|
}
|
|
147
146
|
catch (err) {
|
|
148
|
-
const pgUniqueViolationErrorCode =
|
|
147
|
+
const pgUniqueViolationErrorCode = "23505";
|
|
149
148
|
if (err.code === pgUniqueViolationErrorCode) {
|
|
150
149
|
throw new common_1.ConflictException(parseUniqueConstraintError(err.detail || error_messages_1.ERROR_MESSAGES.UNIQUE_CONSTRAINT_VIOLATION));
|
|
151
150
|
}
|
|
@@ -153,11 +152,11 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
153
152
|
}
|
|
154
153
|
}
|
|
155
154
|
async signupForExtensionUser(signUpDto, extensionUserDto, extensionUserRepo) {
|
|
156
|
-
const entity = extensionUserRepo.
|
|
155
|
+
const entity = extensionUserRepo.create(extensionUserDto);
|
|
157
156
|
return this.performSignUp(signUpDto, entity, extensionUserRepo);
|
|
158
157
|
}
|
|
159
158
|
async populateForSignup(user, signUpDto, isUserActive = true, onForcePasswordChange) {
|
|
160
|
-
let autoGeneratedPwdPermission = this.settingService.getConfigValue(
|
|
159
|
+
let autoGeneratedPwdPermission = this.settingService.getConfigValue("iamAutoGeneratedPassword");
|
|
161
160
|
if (signUpDto.roles && signUpDto.roles.length > 0) {
|
|
162
161
|
for (let i = 0; i < signUpDto.roles.length; i++) {
|
|
163
162
|
const roleName = signUpDto.roles[i];
|
|
@@ -171,20 +170,20 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
171
170
|
if (signUpDto.mobile) {
|
|
172
171
|
user.mobile = signUpDto.mobile;
|
|
173
172
|
}
|
|
174
|
-
let pwd =
|
|
175
|
-
let autoGeneratedPwd =
|
|
173
|
+
let pwd = "";
|
|
174
|
+
let autoGeneratedPwd = "";
|
|
176
175
|
if (signUpDto.password) {
|
|
177
176
|
pwd = await this.hashingService.hash(signUpDto.password);
|
|
178
177
|
}
|
|
179
178
|
else {
|
|
180
|
-
if (autoGeneratedPwdPermission?.toString().toLowerCase() ===
|
|
179
|
+
if (autoGeneratedPwdPermission?.toString().toLowerCase() === "true") {
|
|
181
180
|
autoGeneratedPwd = this.generatePassword();
|
|
182
181
|
pwd = await this.hashingService.hash(autoGeneratedPwd);
|
|
183
182
|
user.forcePasswordChange = true;
|
|
184
183
|
}
|
|
185
184
|
else {
|
|
186
|
-
if (!await this.isPasswordlessRegistrationEnabled()) {
|
|
187
|
-
this.logger.error(
|
|
185
|
+
if (!(await this.isPasswordlessRegistrationEnabled())) {
|
|
186
|
+
this.logger.error("User being created without password, and password less login is also not enabled in the system. Is this intentional?");
|
|
188
187
|
throw new common_1.BadRequestException(error_messages_1.ERROR_MESSAGES.PASSWORDLESS_REGISTRATION_DISABLED);
|
|
189
188
|
}
|
|
190
189
|
pwd = await this.hashingService.hash(pwd);
|
|
@@ -219,48 +218,48 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
219
218
|
async notifyUserOnForcePasswordChange(user, autoGeneratedPwd) {
|
|
220
219
|
const companyLogo = await this.getCompanyLogo();
|
|
221
220
|
const mailService = this.mailServiceFactory.getMailService();
|
|
222
|
-
mailService.sendEmailUsingTemplate(user.email,
|
|
223
|
-
solidAppName: this.settingService.getConfigValue(
|
|
224
|
-
solidAppWebsiteUrl: this.settingService.getConfigValue(
|
|
225
|
-
frontendLoginPageUrl: this.settingService.getConfigValue(
|
|
221
|
+
mailService.sendEmailUsingTemplate(user.email, "on-force-password-change", {
|
|
222
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
223
|
+
solidAppWebsiteUrl: this.settingService.getConfigValue("solidAppWebsiteUrl"),
|
|
224
|
+
frontendLoginPageUrl: this.settingService.getConfigValue("frontendLoginPageUrl"),
|
|
226
225
|
email: user.email,
|
|
227
226
|
fullName: user.fullName,
|
|
228
227
|
userName: user.username,
|
|
229
228
|
password: autoGeneratedPwd,
|
|
230
|
-
companyLogoUrl: companyLogo
|
|
231
|
-
}, this.settingService.getConfigValue(
|
|
229
|
+
companyLogoUrl: companyLogo,
|
|
230
|
+
}, this.settingService.getConfigValue("shouldQueueEmails"), null, null, "user", user.id);
|
|
232
231
|
}
|
|
233
232
|
async isWelcomeEmailEnabled() {
|
|
234
|
-
const sendWelcomeEmailOnSignup = this.settingService.getConfigValue(
|
|
233
|
+
const sendWelcomeEmailOnSignup = this.settingService.getConfigValue("sendWelcomeEmailOnSignup");
|
|
235
234
|
return sendWelcomeEmailOnSignup;
|
|
236
235
|
}
|
|
237
236
|
async isWelcomeSmsEnabled() {
|
|
238
|
-
const sendWelcomeSmsOnSignup = this.settingService.getConfigValue(
|
|
237
|
+
const sendWelcomeSmsOnSignup = this.settingService.getConfigValue("sendWelcomeSmsOnSignup");
|
|
239
238
|
return sendWelcomeSmsOnSignup;
|
|
240
239
|
}
|
|
241
240
|
async notifyUserOnSignup(user) {
|
|
242
241
|
const companyLogo = await this.getCompanyLogo();
|
|
243
242
|
if (await this.isWelcomeEmailEnabled()) {
|
|
244
243
|
const mailService = this.mailServiceFactory.getMailService();
|
|
245
|
-
mailService.sendEmailUsingTemplate(user.email,
|
|
246
|
-
solidAppName: this.settingService.getConfigValue(
|
|
247
|
-
solidAppWebsiteUrl: this.settingService.getConfigValue(
|
|
248
|
-
frontendLoginPageUrl: this.settingService.getConfigValue(
|
|
244
|
+
mailService.sendEmailUsingTemplate(user.email, "email-on-signup", {
|
|
245
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
246
|
+
solidAppWebsiteUrl: this.settingService.getConfigValue("solidAppWebsiteUrl"),
|
|
247
|
+
frontendLoginPageUrl: this.settingService.getConfigValue("frontendLoginPageUrl"),
|
|
249
248
|
email: user.email,
|
|
250
249
|
fullName: user.fullName,
|
|
251
250
|
userName: user.username,
|
|
252
|
-
companyLogoUrl: companyLogo
|
|
253
|
-
}, this.settingService.getConfigValue(
|
|
251
|
+
companyLogoUrl: companyLogo,
|
|
252
|
+
}, this.settingService.getConfigValue("shouldQueueEmails"), null, null, "user", user.id);
|
|
254
253
|
}
|
|
255
254
|
const isWelcomeSmsEnabled = await this.isWelcomeSmsEnabled();
|
|
256
255
|
if (isWelcomeSmsEnabled && user.mobile) {
|
|
257
256
|
const smsService = this.smsFactory.getSmsService();
|
|
258
|
-
smsService.sendSMSUsingTemplate(user.mobile,
|
|
259
|
-
solidAppName: this.settingService.getConfigValue(
|
|
260
|
-
frontendLoginPageUrl: this.settingService.getConfigValue(
|
|
257
|
+
smsService.sendSMSUsingTemplate(user.mobile, "text-on-signup", {
|
|
258
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
259
|
+
frontendLoginPageUrl: this.settingService.getConfigValue("frontendLoginPageUrl"),
|
|
261
260
|
firstName: user.username,
|
|
262
|
-
fullName: user.fullName ? user.fullName : user.username
|
|
263
|
-
}, this.settingService.getConfigValue(
|
|
261
|
+
fullName: user.fullName ? user.fullName : user.username,
|
|
262
|
+
}, this.settingService.getConfigValue("shouldQueueSms"));
|
|
264
263
|
}
|
|
265
264
|
}
|
|
266
265
|
async otpInitiateRegistration(signUpDto) {
|
|
@@ -279,7 +278,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
279
278
|
await this.notifyUserOnOtpInitiateRegistration(user, validationSource);
|
|
280
279
|
}
|
|
281
280
|
catch (err) {
|
|
282
|
-
if (err.code ===
|
|
281
|
+
if (err.code === "23505") {
|
|
283
282
|
throw new common_1.ConflictException(error_messages_1.ERROR_MESSAGES.USER_ALREADY_EXISTS);
|
|
284
283
|
}
|
|
285
284
|
throw err;
|
|
@@ -287,10 +286,12 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
287
286
|
return { message: success_messages_1.SUCCESS_MESSAGES.OTP_SENT_SUCCESS_REGISTRATION };
|
|
288
287
|
}
|
|
289
288
|
validateOtpRegistrationInput(signUpDto, validationSource) {
|
|
290
|
-
if (validationSource === constants_1.PasswordlessRegistrationValidateWhatSources.EMAIL &&
|
|
289
|
+
if (validationSource === constants_1.PasswordlessRegistrationValidateWhatSources.EMAIL &&
|
|
290
|
+
(0, class_validator_1.isEmpty)(signUpDto.email)) {
|
|
291
291
|
throw new common_1.BadRequestException(error_messages_1.ERROR_MESSAGES.EMAIL_REQUIRED_FOR_VALIDATION);
|
|
292
292
|
}
|
|
293
|
-
if (validationSource === constants_1.PasswordlessRegistrationValidateWhatSources.MOBILE &&
|
|
293
|
+
if (validationSource === constants_1.PasswordlessRegistrationValidateWhatSources.MOBILE &&
|
|
294
|
+
(0, class_validator_1.isEmpty)(signUpDto.mobile)) {
|
|
294
295
|
throw new common_1.BadRequestException(error_messages_1.ERROR_MESSAGES.MOBILE_REQUIRED_FOR_VALIDATION);
|
|
295
296
|
}
|
|
296
297
|
}
|
|
@@ -300,11 +301,11 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
300
301
|
{ email: signUpDto.email },
|
|
301
302
|
{ mobile: signUpDto.mobile },
|
|
302
303
|
{ username: signUpDto.username },
|
|
303
|
-
]
|
|
304
|
+
],
|
|
304
305
|
});
|
|
305
306
|
}
|
|
306
307
|
resolvePasswordlessValidationSource() {
|
|
307
|
-
return this.settingService.getConfigValue(
|
|
308
|
+
return this.settingService.getConfigValue("passwordlessRegistrationValidateWhat");
|
|
308
309
|
}
|
|
309
310
|
async upsertUserWithRegistrationVerificationTokens(existingUser, signUpDto, validationSource) {
|
|
310
311
|
let user = existingUser;
|
|
@@ -313,7 +314,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
313
314
|
user.active = false;
|
|
314
315
|
await this.assignRegistrationOtp(validationSource, user);
|
|
315
316
|
await this.userRepository.save(user);
|
|
316
|
-
await this.userService.addRoleToUser(user.username, this.settingService.getConfigValue(
|
|
317
|
+
await this.userService.addRoleToUser(user.username, this.settingService.getConfigValue("defaultRole"));
|
|
317
318
|
}
|
|
318
319
|
else {
|
|
319
320
|
await this.assignRegistrationOtp(validationSource, user);
|
|
@@ -334,8 +335,9 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
334
335
|
if (!passwordlessRegistrationValidateWhat) {
|
|
335
336
|
throw new common_1.BadRequestException(error_messages_1.ERROR_MESSAGES.VALIDATION_SOURCE_REQUIRED);
|
|
336
337
|
}
|
|
337
|
-
const autoLoginUserOnRegistration = this.settingService.getConfigValue(
|
|
338
|
-
if (passwordlessRegistrationValidateWhat ===
|
|
338
|
+
const autoLoginUserOnRegistration = this.settingService.getConfigValue("autoLoginUserOnRegistration");
|
|
339
|
+
if (passwordlessRegistrationValidateWhat ===
|
|
340
|
+
constants_1.PasswordlessRegistrationValidateWhatSources.EMAIL) {
|
|
339
341
|
const { token, expiresAt } = await this.otp();
|
|
340
342
|
user.emailVerificationTokenOnRegistration = token;
|
|
341
343
|
user.emailVerificationTokenOnRegistrationExpiresAt = expiresAt;
|
|
@@ -344,7 +346,8 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
344
346
|
user.emailVerificationTokenOnLoginExpiresAt = expiresAt;
|
|
345
347
|
}
|
|
346
348
|
}
|
|
347
|
-
if (passwordlessRegistrationValidateWhat ===
|
|
349
|
+
if (passwordlessRegistrationValidateWhat ===
|
|
350
|
+
constants_1.PasswordlessRegistrationValidateWhatSources.MOBILE) {
|
|
348
351
|
const { token, expiresAt } = await this.otp();
|
|
349
352
|
user.mobileVerificationTokenOnRegistration = token;
|
|
350
353
|
user.mobileVerificationTokenOnRegistrationExpiresAt = expiresAt;
|
|
@@ -356,27 +359,29 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
356
359
|
}
|
|
357
360
|
async notifyUserOnOtpInitiateRegistration(user, registrationValidationSource) {
|
|
358
361
|
const companyLogo = await this.getCompanyLogo();
|
|
359
|
-
if (registrationValidationSource ===
|
|
362
|
+
if (registrationValidationSource ===
|
|
363
|
+
constants_1.PasswordlessLoginValidateWhatSources.EMAIL) {
|
|
360
364
|
const mailService = this.mailServiceFactory.getMailService();
|
|
361
|
-
mailService.sendEmailUsingTemplate(user.email,
|
|
362
|
-
solidAppName: this.settingService.getConfigValue(
|
|
363
|
-
solidAppWebsiteUrl: this.settingService.getConfigValue(
|
|
365
|
+
mailService.sendEmailUsingTemplate(user.email, "otp-on-register", {
|
|
366
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
367
|
+
solidAppWebsiteUrl: this.settingService.getConfigValue("solidAppWebsiteUrl"),
|
|
364
368
|
firstName: user.username,
|
|
365
369
|
fullName: user.fullName ? user.fullName : user.username,
|
|
366
370
|
emailVerificationTokenOnRegistration: user.emailVerificationTokenOnRegistration,
|
|
367
|
-
companyLogoUrl: companyLogo
|
|
368
|
-
}, this.settingService.getConfigValue(
|
|
371
|
+
companyLogoUrl: companyLogo,
|
|
372
|
+
}, this.settingService.getConfigValue("shouldQueueEmails"), null, null, "user", user.id);
|
|
369
373
|
}
|
|
370
|
-
if (registrationValidationSource ===
|
|
374
|
+
if (registrationValidationSource ===
|
|
375
|
+
constants_1.PasswordlessLoginValidateWhatSources.MOBILE) {
|
|
371
376
|
const smsService = this.smsFactory.getSmsService();
|
|
372
|
-
smsService.sendSMSUsingTemplate(user.mobile,
|
|
373
|
-
solidAppName: this.settingService.getConfigValue(
|
|
377
|
+
smsService.sendSMSUsingTemplate(user.mobile, "otp-on-register", {
|
|
378
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
374
379
|
otp: user.mobileVerificationTokenOnRegistration,
|
|
375
380
|
mobileVerificationTokenOnRegistration: user.mobileVerificationTokenOnRegistration,
|
|
376
381
|
firstName: user.username,
|
|
377
382
|
fullName: user.fullName ? user.fullName : user.username,
|
|
378
|
-
companyLogoUrl: companyLogo
|
|
379
|
-
}, this.settingService.getConfigValue(
|
|
383
|
+
companyLogoUrl: companyLogo,
|
|
384
|
+
}, this.settingService.getConfigValue("shouldQueueSms"));
|
|
380
385
|
}
|
|
381
386
|
}
|
|
382
387
|
async otpConfirmRegistration(confirmSignUpDto) {
|
|
@@ -392,11 +397,15 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
392
397
|
const user = await this.findUserByRegistrationIdentifier(type, identifier);
|
|
393
398
|
this.validateRegistrationOtp(user, otp, type);
|
|
394
399
|
this.clearRegistrationOtp(user, type);
|
|
395
|
-
user.active =
|
|
396
|
-
|
|
400
|
+
user.active =
|
|
401
|
+
this.settingService.getConfigValue("activateUserOnRegistration") &&
|
|
402
|
+
(await this.areAllPasswordlessRegistrationValidationSourcesVerified(user));
|
|
397
403
|
const savedUser = await this.userRepository.save(user);
|
|
398
404
|
this.triggerRegistrationEvent(savedUser);
|
|
399
|
-
return {
|
|
405
|
+
return {
|
|
406
|
+
active: savedUser.active,
|
|
407
|
+
message: `User registration verified for ${type}`,
|
|
408
|
+
};
|
|
400
409
|
}
|
|
401
410
|
async findUserByRegistrationIdentifier(type, identifier) {
|
|
402
411
|
const where = type === constants_1.PasswordlessRegistrationValidateWhatSources.EMAIL
|
|
@@ -410,8 +419,12 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
410
419
|
}
|
|
411
420
|
validateRegistrationOtp(user, otp, type) {
|
|
412
421
|
const isEmail = type === constants_1.PasswordlessRegistrationValidateWhatSources.EMAIL;
|
|
413
|
-
const token = isEmail
|
|
414
|
-
|
|
422
|
+
const token = isEmail
|
|
423
|
+
? user.emailVerificationTokenOnRegistration
|
|
424
|
+
: user.mobileVerificationTokenOnRegistration;
|
|
425
|
+
const expiresAt = isEmail
|
|
426
|
+
? user.emailVerificationTokenOnRegistrationExpiresAt
|
|
427
|
+
: user.mobileVerificationTokenOnRegistrationExpiresAt;
|
|
415
428
|
if (token !== otp) {
|
|
416
429
|
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.INVALID_OTP);
|
|
417
430
|
}
|
|
@@ -437,12 +450,14 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
437
450
|
}
|
|
438
451
|
async areAllPasswordlessRegistrationValidationSourcesVerified(user) {
|
|
439
452
|
const registrationValidationSource = this.resolvePasswordlessValidationSource();
|
|
440
|
-
if (registrationValidationSource ===
|
|
453
|
+
if (registrationValidationSource ===
|
|
454
|
+
constants_1.PasswordlessLoginValidateWhatSources.EMAIL) {
|
|
441
455
|
if (!user.emailVerifiedOnRegistrationAt) {
|
|
442
456
|
return false;
|
|
443
457
|
}
|
|
444
458
|
}
|
|
445
|
-
if (registrationValidationSource ===
|
|
459
|
+
if (registrationValidationSource ===
|
|
460
|
+
constants_1.PasswordlessLoginValidateWhatSources.MOBILE) {
|
|
446
461
|
if (!user.mobileVerifiedOnRegistrationAt) {
|
|
447
462
|
return false;
|
|
448
463
|
}
|
|
@@ -451,7 +466,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
451
466
|
}
|
|
452
467
|
async otp() {
|
|
453
468
|
const now = new Date();
|
|
454
|
-
const otpExpiry = this.settingService.getConfigValue(
|
|
469
|
+
const otpExpiry = this.settingService.getConfigValue("otpExpiry");
|
|
455
470
|
now.setMinutes(now.getMinutes() + otpExpiry);
|
|
456
471
|
return {
|
|
457
472
|
token: (0, crypto_1.randomInt)(100000, 999999).toString(),
|
|
@@ -459,7 +474,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
459
474
|
};
|
|
460
475
|
}
|
|
461
476
|
getDummyOtpForUser(user) {
|
|
462
|
-
const dummyOtp = this.settingService.getConfigValue(
|
|
477
|
+
const dummyOtp = this.settingService.getConfigValue("dummyOtp");
|
|
463
478
|
if (!dummyOtp || !user?.username) {
|
|
464
479
|
return undefined;
|
|
465
480
|
}
|
|
@@ -474,12 +489,12 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
474
489
|
return allowedUsers.has(username) ? dummyOtp : undefined;
|
|
475
490
|
}
|
|
476
491
|
getDummyOtpUsers() {
|
|
477
|
-
const rawUsers = this.settingService.getConfigValue(
|
|
478
|
-
if (!rawUsers || typeof rawUsers !==
|
|
492
|
+
const rawUsers = this.settingService.getConfigValue("dummyOtpUsers");
|
|
493
|
+
if (!rawUsers || typeof rawUsers !== "string") {
|
|
479
494
|
return new Set();
|
|
480
495
|
}
|
|
481
496
|
return new Set(rawUsers
|
|
482
|
-
.split(
|
|
497
|
+
.split(",")
|
|
483
498
|
.map((value) => value.trim().toLowerCase())
|
|
484
499
|
.filter(Boolean));
|
|
485
500
|
}
|
|
@@ -492,7 +507,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
492
507
|
await this.rehashPasswordIfRequired(user, signInDto.password);
|
|
493
508
|
await this.resetFailedAttempts(user);
|
|
494
509
|
const tokens = await this.generateTokens(user);
|
|
495
|
-
await this.userActivityHistoryService.logEvent(
|
|
510
|
+
await this.userActivityHistoryService.logEvent("login", user);
|
|
496
511
|
return {
|
|
497
512
|
user: {
|
|
498
513
|
email: user.email,
|
|
@@ -500,15 +515,15 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
500
515
|
username: user.username,
|
|
501
516
|
forcePasswordChange: user.forcePasswordChange,
|
|
502
517
|
id: user.id,
|
|
503
|
-
roles: user.roles.map((role) => role.name)
|
|
518
|
+
roles: user.roles.map((role) => role.name),
|
|
504
519
|
},
|
|
505
|
-
...tokens
|
|
520
|
+
...tokens,
|
|
506
521
|
};
|
|
507
522
|
}
|
|
508
523
|
maskEmail(email) {
|
|
509
524
|
if (!email)
|
|
510
525
|
return null;
|
|
511
|
-
const [localPart, domain] = email.split(
|
|
526
|
+
const [localPart, domain] = email.split("@");
|
|
512
527
|
if (localPart.length <= 2) {
|
|
513
528
|
return `${localPart[0]}***@${domain}`;
|
|
514
529
|
}
|
|
@@ -540,7 +555,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
540
555
|
return this.buildLoginOtpResponse(user, type);
|
|
541
556
|
}
|
|
542
557
|
resolveLoginType(signInDto) {
|
|
543
|
-
const setting = this.settingService.getConfigValue(
|
|
558
|
+
const setting = this.settingService.getConfigValue("passwordlessLoginValidateWhat");
|
|
544
559
|
if (setting === constants_1.PasswordlessLoginValidateWhatSources.SELECTABLE) {
|
|
545
560
|
if (signInDto.type !== constants_1.PasswordlessLoginValidateWhatSources.EMAIL &&
|
|
546
561
|
signInDto.type !== constants_1.PasswordlessLoginValidateWhatSources.MOBILE) {
|
|
@@ -593,7 +608,10 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
593
608
|
const maskedIdentifier = type === constants_1.PasswordlessLoginValidateWhatSources.EMAIL
|
|
594
609
|
? { email: this.maskEmail(user.email) }
|
|
595
610
|
: { mobile: this.maskMobile(user.mobile) };
|
|
596
|
-
return {
|
|
611
|
+
return {
|
|
612
|
+
message: success_messages_1.SUCCESS_MESSAGES.OTP_SENT_SUCCESS_LOGIN,
|
|
613
|
+
user: maskedIdentifier,
|
|
614
|
+
};
|
|
597
615
|
}
|
|
598
616
|
async notifyUserOnOtpInititateLogin(user, loginType) {
|
|
599
617
|
const companyLogo = await this.getCompanyLogo();
|
|
@@ -602,25 +620,25 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
602
620
|
return;
|
|
603
621
|
if (loginType === constants_1.PasswordlessLoginValidateWhatSources.EMAIL) {
|
|
604
622
|
const mailService = this.mailServiceFactory.getMailService();
|
|
605
|
-
mailService.sendEmailUsingTemplate(user.email,
|
|
606
|
-
solidAppName: this.settingService.getConfigValue(
|
|
607
|
-
solidAppWebsiteUrl: this.settingService.getConfigValue(
|
|
623
|
+
mailService.sendEmailUsingTemplate(user.email, "otp-on-login", {
|
|
624
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
625
|
+
solidAppWebsiteUrl: this.settingService.getConfigValue("solidAppWebsiteUrl"),
|
|
608
626
|
firstName: user.username,
|
|
609
627
|
emailVerificationTokenOnLogin: user.emailVerificationTokenOnLogin,
|
|
610
628
|
fullName: user.fullName ? user.fullName : user.username,
|
|
611
|
-
companyLogoUrl: companyLogo
|
|
612
|
-
}, this.settingService.getConfigValue(
|
|
629
|
+
companyLogoUrl: companyLogo,
|
|
630
|
+
}, this.settingService.getConfigValue("shouldQueueEmails"), null, null, "user", user.id);
|
|
613
631
|
}
|
|
614
632
|
if (loginType === constants_1.PasswordlessLoginValidateWhatSources.MOBILE) {
|
|
615
633
|
const smsService = this.smsFactory.getSmsService();
|
|
616
|
-
smsService.sendSMSUsingTemplate(user.mobile,
|
|
617
|
-
solidAppName: this.settingService.getConfigValue(
|
|
634
|
+
smsService.sendSMSUsingTemplate(user.mobile, "otp-on-login", {
|
|
635
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
618
636
|
otp: user.mobileVerificationTokenOnLogin,
|
|
619
637
|
mobileVerificationTokenOnLogin: user.mobileVerificationTokenOnLogin,
|
|
620
638
|
firstName: user.username,
|
|
621
639
|
fullName: user.fullName ? user.fullName : user.username,
|
|
622
|
-
companyLogoUrl: companyLogo
|
|
623
|
-
}, this.settingService.getConfigValue(
|
|
640
|
+
companyLogoUrl: companyLogo,
|
|
641
|
+
}, this.settingService.getConfigValue("shouldQueueSms"));
|
|
624
642
|
}
|
|
625
643
|
}
|
|
626
644
|
async otpConfirmLogin(confirmSignInDto) {
|
|
@@ -633,7 +651,9 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
633
651
|
type !== constants_1.PasswordlessLoginValidateWhatSources.MOBILE) {
|
|
634
652
|
throw new common_1.BadRequestException(error_messages_1.ERROR_MESSAGES.INVALID_VERIFICATION_TYPE);
|
|
635
653
|
}
|
|
636
|
-
const user = await this.findUserForLogin(type, identifier, {
|
|
654
|
+
const user = await this.findUserForLogin(type, identifier, {
|
|
655
|
+
withRoles: true,
|
|
656
|
+
});
|
|
637
657
|
this.checkAccountBlocked(user);
|
|
638
658
|
const dummyOtp = this.getDummyOtpForUser(user);
|
|
639
659
|
if (dummyOtp) {
|
|
@@ -650,14 +670,18 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
650
670
|
throw e;
|
|
651
671
|
}
|
|
652
672
|
await this.clearLoginOtp(user, type);
|
|
653
|
-
await this.userActivityHistoryService.logEvent(
|
|
673
|
+
await this.userActivityHistoryService.logEvent("login", user);
|
|
654
674
|
await this.resetFailedAttempts(user);
|
|
655
675
|
return this.buildLoginTokenResponse(user);
|
|
656
676
|
}
|
|
657
677
|
validateLoginOtp(user, otp, type) {
|
|
658
678
|
const isEmail = type === constants_1.PasswordlessLoginValidateWhatSources.EMAIL;
|
|
659
|
-
const token = isEmail
|
|
660
|
-
|
|
679
|
+
const token = isEmail
|
|
680
|
+
? user.emailVerificationTokenOnLogin
|
|
681
|
+
: user.mobileVerificationTokenOnLogin;
|
|
682
|
+
const expiresAt = isEmail
|
|
683
|
+
? user.emailVerificationTokenOnLoginExpiresAt
|
|
684
|
+
: user.mobileVerificationTokenOnLoginExpiresAt;
|
|
661
685
|
if (token !== otp) {
|
|
662
686
|
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.INVALID_OTP);
|
|
663
687
|
}
|
|
@@ -700,7 +724,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
700
724
|
}
|
|
701
725
|
async changePassword(changePasswordDto, activeUser) {
|
|
702
726
|
const user = await this.userRepository.findOne({
|
|
703
|
-
where: { id: changePasswordDto.id }
|
|
727
|
+
where: { id: changePasswordDto.id },
|
|
704
728
|
});
|
|
705
729
|
if (!user) {
|
|
706
730
|
throw new common_1.NotFoundException(error_messages_1.ERROR_MESSAGES.USER_NOT_FOUND);
|
|
@@ -708,7 +732,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
708
732
|
if (!user.active) {
|
|
709
733
|
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.USER_INACTIVE);
|
|
710
734
|
}
|
|
711
|
-
if (user.lastLoginProvider !==
|
|
735
|
+
if (user.lastLoginProvider !== "local") {
|
|
712
736
|
throw new common_1.BadRequestException(error_messages_1.ERROR_MESSAGES.NON_LOCAL_PROVIDER);
|
|
713
737
|
}
|
|
714
738
|
if (!(user.id === activeUser.sub)) {
|
|
@@ -732,7 +756,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
732
756
|
}
|
|
733
757
|
async generateForgotPasswordToken(user) {
|
|
734
758
|
const expiryTime = new Date();
|
|
735
|
-
const forgotPasswordVerificationTokenExpiry = this.settingService.getConfigValue(
|
|
759
|
+
const forgotPasswordVerificationTokenExpiry = this.settingService.getConfigValue("forgotPasswordVerificationTokenExpiry");
|
|
736
760
|
const dummyOtp = this.getDummyOtpForUser(user);
|
|
737
761
|
expiryTime.setMinutes(expiryTime.getMinutes() + forgotPasswordVerificationTokenExpiry);
|
|
738
762
|
return {
|
|
@@ -749,7 +773,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
749
773
|
if (isValidUser && !user?.active) {
|
|
750
774
|
isValidUser = false;
|
|
751
775
|
}
|
|
752
|
-
if (isValidUser && user?.lastLoginProvider !==
|
|
776
|
+
if (isValidUser && user?.lastLoginProvider !== "local") {
|
|
753
777
|
isValidUser = false;
|
|
754
778
|
}
|
|
755
779
|
if (isValidUser) {
|
|
@@ -760,40 +784,43 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
760
784
|
await this.notifyUserOnForgotPassword(user);
|
|
761
785
|
}
|
|
762
786
|
return {
|
|
763
|
-
status:
|
|
787
|
+
status: "success",
|
|
764
788
|
message: success_messages_1.SUCCESS_MESSAGES.FORGOT_PASSWORD_TOKEN_SENT,
|
|
765
|
-
error:
|
|
766
|
-
errorCode:
|
|
789
|
+
error: "",
|
|
790
|
+
errorCode: "",
|
|
767
791
|
data: {
|
|
768
792
|
user: {
|
|
769
793
|
email: user?.email,
|
|
770
794
|
},
|
|
771
|
-
}
|
|
795
|
+
},
|
|
772
796
|
};
|
|
773
797
|
}
|
|
774
798
|
async notifyUserOnForgotPassword(user) {
|
|
775
799
|
const companyLogo = await this.getCompanyLogo();
|
|
776
|
-
const forgotPasswordSendVerificationTokenOn = this.settingService.getConfigValue(
|
|
777
|
-
if (forgotPasswordSendVerificationTokenOn ==
|
|
800
|
+
const forgotPasswordSendVerificationTokenOn = this.settingService.getConfigValue("forgotPasswordSendVerificationTokenOn");
|
|
801
|
+
if (forgotPasswordSendVerificationTokenOn ==
|
|
802
|
+
constants_1.ForgotPasswordSendVerificationTokenOn.EMAIL) {
|
|
778
803
|
const mailService = this.mailServiceFactory.getMailService();
|
|
779
|
-
mailService.sendEmailUsingTemplate(user.email,
|
|
780
|
-
solidAppName: this.settingService.getConfigValue(
|
|
781
|
-
solidAppWebsiteUrl: this.settingService.getConfigValue(
|
|
804
|
+
mailService.sendEmailUsingTemplate(user.email, "forgot-password", {
|
|
805
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
806
|
+
solidAppWebsiteUrl: this.settingService.getConfigValue("solidAppWebsiteUrl"),
|
|
782
807
|
firstName: user.username,
|
|
783
808
|
fullName: user.fullName,
|
|
784
|
-
passwordResetLink: `${this.settingService.getConfigValue(
|
|
785
|
-
companyLogoUrl: companyLogo
|
|
786
|
-
}, this.settingService.getConfigValue(
|
|
809
|
+
passwordResetLink: `${this.settingService.getConfigValue("frontendForgotPasswordPageUrl")}?token=${user.verificationTokenOnForgotPassword}`,
|
|
810
|
+
companyLogoUrl: companyLogo,
|
|
811
|
+
}, this.settingService.getConfigValue("shouldQueueEmails"), null, null, "user", user.id);
|
|
787
812
|
}
|
|
788
|
-
if (forgotPasswordSendVerificationTokenOn ==
|
|
813
|
+
if (forgotPasswordSendVerificationTokenOn ==
|
|
814
|
+
constants_1.ForgotPasswordSendVerificationTokenOn.MOBILE &&
|
|
815
|
+
user.mobile) {
|
|
789
816
|
const smsService = this.smsFactory.getSmsService();
|
|
790
|
-
smsService.sendSMSUsingTemplate(user.mobile,
|
|
791
|
-
solidAppName: this.settingService.getConfigValue(
|
|
817
|
+
smsService.sendSMSUsingTemplate(user.mobile, "forgot-password", {
|
|
818
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
792
819
|
otp: user.verificationTokenOnForgotPassword,
|
|
793
820
|
verificationTokenOnForgotPassword: user.verificationTokenOnForgotPassword,
|
|
794
821
|
firstName: user.username,
|
|
795
|
-
companyLogoUrl: companyLogo
|
|
796
|
-
}, this.settingService.getConfigValue(
|
|
822
|
+
companyLogoUrl: companyLogo,
|
|
823
|
+
}, this.settingService.getConfigValue("shouldQueueSms"));
|
|
797
824
|
}
|
|
798
825
|
}
|
|
799
826
|
async confirmForgotPassword(confirmForgotPasswordDto) {
|
|
@@ -801,7 +828,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
801
828
|
const user = await this.resolveUserByVerificationToken(confirmForgotPasswordDto.verificationToken);
|
|
802
829
|
if (!user)
|
|
803
830
|
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.INVALID_CREDENTIALS);
|
|
804
|
-
if (user.lastLoginProvider !==
|
|
831
|
+
if (user.lastLoginProvider !== "local")
|
|
805
832
|
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.INVALID_CREDENTIALS);
|
|
806
833
|
if (!user.active)
|
|
807
834
|
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.INVALID_CREDENTIALS);
|
|
@@ -809,13 +836,15 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
809
836
|
.createQueryBuilder()
|
|
810
837
|
.update(user_entity_1.User)
|
|
811
838
|
.set({
|
|
812
|
-
forgotPasswordConfirmedAt: () =>
|
|
813
|
-
verificationTokenOnForgotPassword: () =>
|
|
814
|
-
verificationTokenOnForgotPasswordExpiresAt: () =>
|
|
839
|
+
forgotPasswordConfirmedAt: () => "NOW()",
|
|
840
|
+
verificationTokenOnForgotPassword: () => "NULL",
|
|
841
|
+
verificationTokenOnForgotPasswordExpiresAt: () => "NULL",
|
|
815
842
|
})
|
|
816
|
-
.where(
|
|
817
|
-
.andWhere(
|
|
818
|
-
.
|
|
843
|
+
.where("id = :id", { id: user.id })
|
|
844
|
+
.andWhere("verificationTokenOnForgotPassword = :token", {
|
|
845
|
+
token: confirmForgotPasswordDto.verificationToken,
|
|
846
|
+
})
|
|
847
|
+
.andWhere("verificationTokenOnForgotPasswordExpiresAt > NOW()")
|
|
819
848
|
.execute();
|
|
820
849
|
if (affected !== 1) {
|
|
821
850
|
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.INVALID_CREDENTIALS);
|
|
@@ -823,41 +852,48 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
823
852
|
const pwdHash = await this.hashingService.hash(confirmForgotPasswordDto.password);
|
|
824
853
|
const pwdScheme = this.hashingService.name();
|
|
825
854
|
const pwdSchemeVersion = this.hashingService.currentVersion();
|
|
826
|
-
await m.getRepository(user_entity_1.User).update({ id: user.id }, {
|
|
855
|
+
await m.getRepository(user_entity_1.User).update({ id: user.id }, {
|
|
856
|
+
password: pwdHash,
|
|
857
|
+
passwordScheme: pwdScheme,
|
|
858
|
+
passwordSchemeVersion: pwdSchemeVersion,
|
|
859
|
+
});
|
|
827
860
|
await this.notifyUserOnPasswordChanged(user);
|
|
828
861
|
return {
|
|
829
|
-
status:
|
|
862
|
+
status: "success",
|
|
830
863
|
message: success_messages_1.SUCCESS_MESSAGES.FORGOT_PASSWORD_CONFIRMED,
|
|
831
|
-
error:
|
|
832
|
-
errorCode:
|
|
864
|
+
error: "",
|
|
865
|
+
errorCode: "",
|
|
833
866
|
data: {},
|
|
834
867
|
};
|
|
835
868
|
});
|
|
836
869
|
}
|
|
837
870
|
async notifyUserOnPasswordChanged(user) {
|
|
838
871
|
const companyLogo = await this.getCompanyLogo();
|
|
839
|
-
const forgotPasswordSendVerificationTokenOn = this.settingService.getConfigValue(
|
|
840
|
-
if (forgotPasswordSendVerificationTokenOn ==
|
|
872
|
+
const forgotPasswordSendVerificationTokenOn = this.settingService.getConfigValue("forgotPasswordSendVerificationTokenOn");
|
|
873
|
+
if (forgotPasswordSendVerificationTokenOn ==
|
|
874
|
+
constants_1.ForgotPasswordSendVerificationTokenOn.EMAIL) {
|
|
841
875
|
const mailService = this.mailServiceFactory.getMailService();
|
|
842
|
-
mailService.sendEmailUsingTemplate(user.email,
|
|
843
|
-
solidAppName: this.settingService.getConfigValue(
|
|
844
|
-
solidAppWebsiteUrl: this.settingService.getConfigValue(
|
|
876
|
+
mailService.sendEmailUsingTemplate(user.email, "password-changed", {
|
|
877
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
878
|
+
solidAppWebsiteUrl: this.settingService.getConfigValue("solidAppWebsiteUrl"),
|
|
845
879
|
email: user.email,
|
|
846
880
|
firstName: user.username,
|
|
847
881
|
fullName: user.fullName,
|
|
848
|
-
passwordResetLink: `${this.settingService.getConfigValue(
|
|
849
|
-
companyLogoUrl: companyLogo
|
|
850
|
-
}, this.settingService.getConfigValue(
|
|
882
|
+
passwordResetLink: `${this.settingService.getConfigValue("frontendForgotPasswordPageUrl")}?token=${user.verificationTokenOnForgotPassword}`,
|
|
883
|
+
companyLogoUrl: companyLogo,
|
|
884
|
+
}, this.settingService.getConfigValue("shouldQueueEmails"), null, null, "user", user.id);
|
|
851
885
|
}
|
|
852
|
-
if (forgotPasswordSendVerificationTokenOn ==
|
|
886
|
+
if (forgotPasswordSendVerificationTokenOn ==
|
|
887
|
+
constants_1.ForgotPasswordSendVerificationTokenOn.MOBILE &&
|
|
888
|
+
user.mobile) {
|
|
853
889
|
const smsService = this.smsFactory.getSmsService();
|
|
854
|
-
smsService.sendSMSUsingTemplate(user.mobile,
|
|
855
|
-
solidAppName: this.settingService.getConfigValue(
|
|
890
|
+
smsService.sendSMSUsingTemplate(user.mobile, "forgot-password", {
|
|
891
|
+
solidAppName: this.settingService.getConfigValue("appTitle"),
|
|
856
892
|
otp: user.verificationTokenOnForgotPassword,
|
|
857
893
|
verificationTokenOnForgotPassword: user.verificationTokenOnForgotPassword,
|
|
858
894
|
firstName: user.username,
|
|
859
|
-
companyLogoUrl: companyLogo
|
|
860
|
-
}, this.settingService.getConfigValue(
|
|
895
|
+
companyLogoUrl: companyLogo,
|
|
896
|
+
}, this.settingService.getConfigValue("shouldQueueSms"));
|
|
861
897
|
}
|
|
862
898
|
}
|
|
863
899
|
async generateTokens(user) {
|
|
@@ -900,14 +936,14 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
900
936
|
id: sub,
|
|
901
937
|
},
|
|
902
938
|
relations: {
|
|
903
|
-
roles: true
|
|
904
|
-
}
|
|
939
|
+
roles: true,
|
|
940
|
+
},
|
|
905
941
|
});
|
|
906
942
|
if (!user) {
|
|
907
943
|
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.SESSION_INVALID);
|
|
908
944
|
}
|
|
909
945
|
const currentRefreshToken = await this.refreshTokenIdsStorage.validateAndRotate(user, refreshTokenDto.refreshToken);
|
|
910
|
-
await this.userActivityHistoryService.logEvent(
|
|
946
|
+
await this.userActivityHistoryService.logEvent("tokenRefreshed", user);
|
|
911
947
|
return {
|
|
912
948
|
accessToken: await this.generateAccessToken(user),
|
|
913
949
|
refreshToken: currentRefreshToken,
|
|
@@ -938,7 +974,8 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
938
974
|
try {
|
|
939
975
|
const response = await this.httpService.axiosRef.get(`https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=${user.googleAccessToken}`);
|
|
940
976
|
const userProfile = response.data;
|
|
941
|
-
if (userProfile.email === user.email &&
|
|
977
|
+
if (userProfile.email === user.email &&
|
|
978
|
+
userProfile.id === user.googleId) {
|
|
942
979
|
return userProfile;
|
|
943
980
|
}
|
|
944
981
|
else {
|
|
@@ -952,11 +989,11 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
952
989
|
async signInUsingGoogle(accessCode) {
|
|
953
990
|
const user = await this.userRepository.findOne({
|
|
954
991
|
where: {
|
|
955
|
-
accessCode: accessCode
|
|
992
|
+
accessCode: accessCode,
|
|
956
993
|
},
|
|
957
994
|
relations: {
|
|
958
|
-
roles: true
|
|
959
|
-
}
|
|
995
|
+
roles: true,
|
|
996
|
+
},
|
|
960
997
|
});
|
|
961
998
|
if (!user) {
|
|
962
999
|
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.USER_NOT_FOUND);
|
|
@@ -977,24 +1014,167 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
977
1014
|
mobile: user.mobile,
|
|
978
1015
|
username: user.username,
|
|
979
1016
|
id: user.id,
|
|
980
|
-
roles: user.roles.map((role) => role.name)
|
|
1017
|
+
roles: user.roles.map((role) => role.name),
|
|
1018
|
+
},
|
|
1019
|
+
...tokens,
|
|
1020
|
+
};
|
|
1021
|
+
}
|
|
1022
|
+
async validateUserUsingFacebook(user) {
|
|
1023
|
+
if (!user.facebookAccessToken || !user.facebookId) {
|
|
1024
|
+
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.USER_NOT_FOUND);
|
|
1025
|
+
}
|
|
1026
|
+
try {
|
|
1027
|
+
const response = await this.httpService.axiosRef.get(`https://graph.facebook.com/me`, {
|
|
1028
|
+
params: { fields: "id,name,email" },
|
|
1029
|
+
headers: {
|
|
1030
|
+
Authorization: `Bearer ${user.facebookAccessToken}`,
|
|
1031
|
+
},
|
|
1032
|
+
});
|
|
1033
|
+
const userProfile = response.data;
|
|
1034
|
+
if (userProfile.id === user.facebookId &&
|
|
1035
|
+
(!user.email || !userProfile.email || userProfile.email === user.email)) {
|
|
1036
|
+
return userProfile;
|
|
1037
|
+
}
|
|
1038
|
+
else {
|
|
1039
|
+
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.INVALID_USER_PROFILE);
|
|
1040
|
+
}
|
|
1041
|
+
}
|
|
1042
|
+
catch (error) {
|
|
1043
|
+
if (error instanceof common_1.UnauthorizedException) {
|
|
1044
|
+
throw error;
|
|
1045
|
+
}
|
|
1046
|
+
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.USER_NOT_FOUND);
|
|
1047
|
+
}
|
|
1048
|
+
}
|
|
1049
|
+
async signInUsingFacebook(accessCode) {
|
|
1050
|
+
const user = await this.userRepository.findOne({
|
|
1051
|
+
where: {
|
|
1052
|
+
accessCode: accessCode,
|
|
1053
|
+
},
|
|
1054
|
+
relations: {
|
|
1055
|
+
roles: true,
|
|
1056
|
+
},
|
|
1057
|
+
});
|
|
1058
|
+
if (!user) {
|
|
1059
|
+
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.USER_NOT_FOUND);
|
|
1060
|
+
}
|
|
1061
|
+
this.checkAccountBlocked(user);
|
|
1062
|
+
try {
|
|
1063
|
+
await this.validateUserUsingFacebook(user);
|
|
1064
|
+
}
|
|
1065
|
+
catch (e) {
|
|
1066
|
+
await this.incrementFailedAttempts(user);
|
|
1067
|
+
throw e;
|
|
1068
|
+
}
|
|
1069
|
+
await this.resetFailedAttempts(user);
|
|
1070
|
+
const tokens = await this.generateTokens(user);
|
|
1071
|
+
return {
|
|
1072
|
+
user: {
|
|
1073
|
+
email: user.email,
|
|
1074
|
+
mobile: user.mobile,
|
|
1075
|
+
username: user.username,
|
|
1076
|
+
id: user.id,
|
|
1077
|
+
roles: user.roles.map((role) => role.name),
|
|
1078
|
+
},
|
|
1079
|
+
...tokens,
|
|
1080
|
+
};
|
|
1081
|
+
}
|
|
1082
|
+
async validateUserUsingMicrosoft(user) {
|
|
1083
|
+
try {
|
|
1084
|
+
const response = await this.httpService.axiosRef.get(`https://graph.microsoft.com/v1.0/me`, {
|
|
1085
|
+
headers: {
|
|
1086
|
+
Authorization: `Bearer ${user.microsoftAccessToken}`,
|
|
1087
|
+
},
|
|
1088
|
+
});
|
|
1089
|
+
const userProfile = response.data;
|
|
1090
|
+
const profileEmail = userProfile.mail || userProfile.userPrincipalName;
|
|
1091
|
+
if (userProfile.id === user.microsoftId &&
|
|
1092
|
+
(!user.email || profileEmail === user.email)) {
|
|
1093
|
+
return userProfile;
|
|
1094
|
+
}
|
|
1095
|
+
else {
|
|
1096
|
+
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.INVALID_USER_PROFILE);
|
|
1097
|
+
}
|
|
1098
|
+
}
|
|
1099
|
+
catch (error) {
|
|
1100
|
+
throw new common_1.UnauthorizedException("Microsoft OAuth profile fetch failed");
|
|
1101
|
+
}
|
|
1102
|
+
}
|
|
1103
|
+
async signInUsingMicrosoft(accessCode) {
|
|
1104
|
+
const user = await this.userRepository.findOne({
|
|
1105
|
+
where: {
|
|
1106
|
+
accessCode: accessCode,
|
|
1107
|
+
},
|
|
1108
|
+
relations: {
|
|
1109
|
+
roles: true,
|
|
1110
|
+
},
|
|
1111
|
+
});
|
|
1112
|
+
if (!user) {
|
|
1113
|
+
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.USER_NOT_FOUND);
|
|
1114
|
+
}
|
|
1115
|
+
this.checkAccountBlocked(user);
|
|
1116
|
+
try {
|
|
1117
|
+
await this.validateUserUsingMicrosoft(user);
|
|
1118
|
+
}
|
|
1119
|
+
catch (e) {
|
|
1120
|
+
await this.incrementFailedAttempts(user);
|
|
1121
|
+
throw e;
|
|
1122
|
+
}
|
|
1123
|
+
await this.resetFailedAttempts(user);
|
|
1124
|
+
const tokens = await this.generateTokens(user);
|
|
1125
|
+
return {
|
|
1126
|
+
user: {
|
|
1127
|
+
email: user.email,
|
|
1128
|
+
mobile: user.mobile,
|
|
1129
|
+
username: user.username,
|
|
1130
|
+
id: user.id,
|
|
1131
|
+
roles: user.roles.map((role) => role.name),
|
|
981
1132
|
},
|
|
982
|
-
...tokens
|
|
1133
|
+
...tokens,
|
|
1134
|
+
};
|
|
1135
|
+
}
|
|
1136
|
+
async signInUsingApple(accessCode) {
|
|
1137
|
+
const user = await this.userRepository.findOne({
|
|
1138
|
+
where: {
|
|
1139
|
+
accessCode: accessCode,
|
|
1140
|
+
},
|
|
1141
|
+
relations: {
|
|
1142
|
+
roles: true,
|
|
1143
|
+
},
|
|
1144
|
+
});
|
|
1145
|
+
if (!user) {
|
|
1146
|
+
throw new common_1.UnauthorizedException(error_messages_1.ERROR_MESSAGES.USER_NOT_FOUND);
|
|
1147
|
+
}
|
|
1148
|
+
this.checkAccountBlocked(user);
|
|
1149
|
+
await this.resetFailedAttempts(user);
|
|
1150
|
+
const tokens = await this.generateTokens(user);
|
|
1151
|
+
return {
|
|
1152
|
+
user: {
|
|
1153
|
+
email: user.email,
|
|
1154
|
+
mobile: user.mobile,
|
|
1155
|
+
username: user.username,
|
|
1156
|
+
id: user.id,
|
|
1157
|
+
roles: user.roles.map((role) => role.name),
|
|
1158
|
+
},
|
|
1159
|
+
...tokens,
|
|
983
1160
|
};
|
|
984
1161
|
}
|
|
985
1162
|
async isPasswordlessRegistrationEnabled() {
|
|
986
|
-
return this.settingService.getConfigValue(
|
|
1163
|
+
return this.settingService.getConfigValue("passwordLessAuth");
|
|
987
1164
|
}
|
|
988
1165
|
checkAccountBlocked(user) {
|
|
989
|
-
const maxFailedAttempts = this.settingService.getConfigValue(
|
|
990
|
-
if (maxFailedAttempts > 0 &&
|
|
1166
|
+
const maxFailedAttempts = this.settingService.getConfigValue("maxFailedLoginAttempts");
|
|
1167
|
+
if (maxFailedAttempts > 0 &&
|
|
1168
|
+
user.failedLoginAttempts >= maxFailedAttempts) {
|
|
991
1169
|
throw new common_1.ForbiddenException(error_messages_1.ERROR_MESSAGES.ACCOUNT_BLOCKED);
|
|
992
1170
|
}
|
|
993
1171
|
}
|
|
994
1172
|
async incrementFailedAttempts(user) {
|
|
995
1173
|
const nextFailedAttempts = (user.failedLoginAttempts ?? 0) + 1;
|
|
996
1174
|
user.failedLoginAttempts = nextFailedAttempts;
|
|
997
|
-
await this.userRepository.update(user.id, {
|
|
1175
|
+
await this.userRepository.update(user.id, {
|
|
1176
|
+
failedLoginAttempts: nextFailedAttempts,
|
|
1177
|
+
});
|
|
998
1178
|
}
|
|
999
1179
|
async resetFailedAttempts(user) {
|
|
1000
1180
|
if (user.failedLoginAttempts === 0)
|
|
@@ -1013,13 +1193,14 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
1013
1193
|
const user = await this.userRepository.findOne({
|
|
1014
1194
|
where: {
|
|
1015
1195
|
id: userId,
|
|
1016
|
-
}
|
|
1196
|
+
},
|
|
1017
1197
|
});
|
|
1018
|
-
await this.userActivityHistoryService.logEvent(
|
|
1198
|
+
await this.userActivityHistoryService.logEvent("logout", user);
|
|
1019
1199
|
return { message: success_messages_1.SUCCESS_MESSAGES.LOGOUT_SUCCESS };
|
|
1020
1200
|
}
|
|
1021
1201
|
catch (err) {
|
|
1022
|
-
throw err instanceof common_1.UnauthorizedException ||
|
|
1202
|
+
throw err instanceof common_1.UnauthorizedException ||
|
|
1203
|
+
err instanceof common_1.InternalServerErrorException
|
|
1023
1204
|
? err
|
|
1024
1205
|
: new common_1.InternalServerErrorException(error_messages_1.ERROR_MESSAGES.LOGOUT_FAILED);
|
|
1025
1206
|
}
|
|
@@ -1038,8 +1219,8 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
1038
1219
|
id: activeUser.sub,
|
|
1039
1220
|
},
|
|
1040
1221
|
relations: {
|
|
1041
|
-
roles: true
|
|
1042
|
-
}
|
|
1222
|
+
roles: true,
|
|
1223
|
+
},
|
|
1043
1224
|
});
|
|
1044
1225
|
const refreshTokenState = await this.refreshTokenIdsStorage.getCurrentRefreshTokenState(user.id);
|
|
1045
1226
|
const response = {
|
|
@@ -1048,7 +1229,7 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
1048
1229
|
mobile: user.mobile,
|
|
1049
1230
|
username: user.username,
|
|
1050
1231
|
id: user.id,
|
|
1051
|
-
roles: user.roles.map((role) => role.name)
|
|
1232
|
+
roles: user.roles.map((role) => role.name),
|
|
1052
1233
|
},
|
|
1053
1234
|
refreshToken: refreshTokenState.currentRefreshToken,
|
|
1054
1235
|
};
|
|
@@ -1057,22 +1238,33 @@ let AuthenticationService = AuthenticationService_1 = class AuthenticationServic
|
|
|
1057
1238
|
async generateSsoCode(activeUser, rawAccessToken) {
|
|
1058
1239
|
const refreshTokenState = await this.refreshTokenIdsStorage.getCurrentRefreshTokenState(activeUser.sub);
|
|
1059
1240
|
if (!refreshTokenState?.currentRefreshToken) {
|
|
1060
|
-
throw new common_1.UnauthorizedException(
|
|
1241
|
+
throw new common_1.UnauthorizedException("No active session found");
|
|
1061
1242
|
}
|
|
1062
1243
|
const ssoCode = await this.ssoCodeStorage.generateCode(activeUser.sub, rawAccessToken, refreshTokenState.currentRefreshToken);
|
|
1063
1244
|
return { ssoCode };
|
|
1064
1245
|
}
|
|
1065
1246
|
async exchangeSsoCode(code) {
|
|
1066
1247
|
const { userId, accessToken, refreshToken } = await this.ssoCodeStorage.consumeCode(code);
|
|
1067
|
-
const user = await this.userRepository.findOne({
|
|
1248
|
+
const user = await this.userRepository.findOne({
|
|
1249
|
+
where: { id: userId },
|
|
1250
|
+
relations: { roles: true },
|
|
1251
|
+
});
|
|
1068
1252
|
if (!user) {
|
|
1069
|
-
throw new common_1.UnauthorizedException(
|
|
1253
|
+
throw new common_1.UnauthorizedException("User not found");
|
|
1070
1254
|
}
|
|
1071
1255
|
return { accessToken, refreshToken, user: this.buildUserPayload(user) };
|
|
1072
1256
|
}
|
|
1073
1257
|
};
|
|
1074
1258
|
exports.AuthenticationService = AuthenticationService;
|
|
1075
|
-
AuthenticationService.SIGNUP_DTO_KEYS = new Set([
|
|
1259
|
+
AuthenticationService.SIGNUP_DTO_KEYS = new Set([
|
|
1260
|
+
"username",
|
|
1261
|
+
"email",
|
|
1262
|
+
"password",
|
|
1263
|
+
"fullName",
|
|
1264
|
+
"mobile",
|
|
1265
|
+
"roles",
|
|
1266
|
+
"forcePasswordChange",
|
|
1267
|
+
]);
|
|
1076
1268
|
exports.AuthenticationService = AuthenticationService = AuthenticationService_1 = __decorate([
|
|
1077
1269
|
(0, common_1.Injectable)(),
|
|
1078
1270
|
__param(13, (0, typeorm_1.InjectDataSource)()),
|
|
@@ -1098,9 +1290,9 @@ function parseUniqueConstraintError(detail) {
|
|
|
1098
1290
|
const field = match[1];
|
|
1099
1291
|
const value = match[2];
|
|
1100
1292
|
const fieldMap = {
|
|
1101
|
-
username:
|
|
1102
|
-
email:
|
|
1103
|
-
full_name_user_key:
|
|
1293
|
+
username: "username",
|
|
1294
|
+
email: "email address",
|
|
1295
|
+
full_name_user_key: "full name",
|
|
1104
1296
|
};
|
|
1105
1297
|
const friendlyField = fieldMap[field] || field;
|
|
1106
1298
|
return `A user with ${friendlyField} "${value}" already exists.`;
|