@spinajs/rbac-http-user 2.0.375 → 2.0.378
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/2fa/Default2FaToken.d.ts +2 -1
- package/lib/cjs/2fa/Default2FaToken.d.ts.map +1 -1
- package/lib/cjs/2fa/Default2FaToken.js +6 -3
- package/lib/cjs/2fa/Default2FaToken.js.map +1 -1
- package/lib/cjs/actions/2fa.d.ts.map +1 -1
- package/lib/cjs/actions/2fa.js +6 -3
- package/lib/cjs/actions/2fa.js.map +1 -1
- package/lib/cjs/cli/EnableUser2Fa.d.ts +1 -0
- package/lib/cjs/cli/EnableUser2Fa.d.ts.map +1 -1
- package/lib/cjs/cli/EnableUser2Fa.js +3 -2
- package/lib/cjs/cli/EnableUser2Fa.js.map +1 -1
- package/lib/cjs/config/rbac-http.d.ts +2 -2
- package/lib/cjs/config/rbac-http.d.ts.map +1 -1
- package/lib/cjs/config/rbac-http.js +2 -2
- package/lib/cjs/config/rbac-http.js.map +1 -1
- package/lib/cjs/controllers/LoginController.d.ts +1 -0
- package/lib/cjs/controllers/LoginController.d.ts.map +1 -1
- package/lib/cjs/controllers/LoginController.js +41 -18
- package/lib/cjs/controllers/LoginController.js.map +1 -1
- package/lib/cjs/controllers/TwoFactorAuthController.d.ts +5 -3
- package/lib/cjs/controllers/TwoFactorAuthController.d.ts.map +1 -1
- package/lib/cjs/controllers/TwoFactorAuthController.js +27 -3
- package/lib/cjs/controllers/TwoFactorAuthController.js.map +1 -1
- package/lib/cjs/controllers/UserController.d.ts.map +1 -1
- package/lib/cjs/controllers/UserController.js +1 -1
- package/lib/cjs/controllers/UserController.js.map +1 -1
- package/lib/cjs/controllers/UserMetadataController.js +1 -1
- package/lib/cjs/controllers/UserMetadataController.js.map +1 -1
- package/lib/cjs/index.d.ts +3 -0
- package/lib/cjs/index.d.ts.map +1 -1
- package/lib/cjs/index.js +3 -0
- package/lib/cjs/index.js.map +1 -1
- package/lib/cjs/policies/2FaPolicy.d.ts.map +1 -1
- package/lib/cjs/policies/2FaPolicy.js +2 -2
- package/lib/cjs/policies/2FaPolicy.js.map +1 -1
- package/lib/mjs/2fa/Default2FaToken.d.ts +2 -1
- package/lib/mjs/2fa/Default2FaToken.d.ts.map +1 -1
- package/lib/mjs/2fa/Default2FaToken.js +6 -3
- package/lib/mjs/2fa/Default2FaToken.js.map +1 -1
- package/lib/mjs/actions/2fa.d.ts.map +1 -1
- package/lib/mjs/actions/2fa.js +7 -4
- package/lib/mjs/actions/2fa.js.map +1 -1
- package/lib/mjs/cli/EnableUser2Fa.d.ts +1 -0
- package/lib/mjs/cli/EnableUser2Fa.d.ts.map +1 -1
- package/lib/mjs/cli/EnableUser2Fa.js +3 -2
- package/lib/mjs/cli/EnableUser2Fa.js.map +1 -1
- package/lib/mjs/config/rbac-http.d.ts +2 -2
- package/lib/mjs/config/rbac-http.d.ts.map +1 -1
- package/lib/mjs/config/rbac-http.js +2 -2
- package/lib/mjs/config/rbac-http.js.map +1 -1
- package/lib/mjs/controllers/LoginController.d.ts +1 -0
- package/lib/mjs/controllers/LoginController.d.ts.map +1 -1
- package/lib/mjs/controllers/LoginController.js +43 -20
- package/lib/mjs/controllers/LoginController.js.map +1 -1
- package/lib/mjs/controllers/TwoFactorAuthController.d.ts +5 -3
- package/lib/mjs/controllers/TwoFactorAuthController.d.ts.map +1 -1
- package/lib/mjs/controllers/TwoFactorAuthController.js +30 -6
- package/lib/mjs/controllers/TwoFactorAuthController.js.map +1 -1
- package/lib/mjs/controllers/UserController.d.ts.map +1 -1
- package/lib/mjs/controllers/UserController.js +2 -2
- package/lib/mjs/controllers/UserController.js.map +1 -1
- package/lib/mjs/controllers/UserMetadataController.js +2 -2
- package/lib/mjs/controllers/UserMetadataController.js.map +1 -1
- package/lib/mjs/index.d.ts +3 -0
- package/lib/mjs/index.d.ts.map +1 -1
- package/lib/mjs/index.js +3 -0
- package/lib/mjs/index.js.map +1 -1
- package/lib/mjs/policies/2FaPolicy.d.ts.map +1 -1
- package/lib/mjs/policies/2FaPolicy.js +3 -3
- package/lib/mjs/policies/2FaPolicy.js.map +1 -1
- package/lib/tsconfig.cjs.tsbuildinfo +1 -1
- package/lib/tsconfig.mjs.tsbuildinfo +1 -1
- package/package.json +11 -11
|
@@ -12,10 +12,12 @@ import { Config } from '@spinajs/configuration';
|
|
|
12
12
|
import { Log, Logger } from '@spinajs/log';
|
|
13
13
|
import { TwoFactorAuthProvider } from "@spinajs/rbac-http";
|
|
14
14
|
import * as OTPAuth from "otpauth";
|
|
15
|
+
import { Exception } from '@spinajs/exceptions';
|
|
15
16
|
export var TWO_FA_METATADATA_KEYS;
|
|
16
17
|
(function (TWO_FA_METATADATA_KEYS) {
|
|
17
18
|
TWO_FA_METATADATA_KEYS["TOKEN"] = "2fa:token";
|
|
18
19
|
TWO_FA_METATADATA_KEYS["ENABLED"] = "2fa:enabled";
|
|
20
|
+
TWO_FA_METATADATA_KEYS["OTP"] = "2fa:otp";
|
|
19
21
|
})(TWO_FA_METATADATA_KEYS || (TWO_FA_METATADATA_KEYS = {}));
|
|
20
22
|
let Default2FaToken = class Default2FaToken extends TwoFactorAuthProvider {
|
|
21
23
|
constructor() {
|
|
@@ -39,20 +41,21 @@ let Default2FaToken = class Default2FaToken extends TwoFactorAuthProvider {
|
|
|
39
41
|
async verifyToken(token, user) {
|
|
40
42
|
const twoFaToken = user.Metadata[TWO_FA_METATADATA_KEYS.TOKEN];
|
|
41
43
|
if (!twoFaToken) {
|
|
42
|
-
|
|
43
|
-
return false;
|
|
44
|
+
throw new Exception(`Cannot verify 2fa token, no 2fa token for user ${user.Uuid}`);
|
|
44
45
|
}
|
|
45
46
|
const totp = this._getOTP(user, twoFaToken);
|
|
46
47
|
const verified = totp.validate({
|
|
47
48
|
token: token,
|
|
48
49
|
window: this.Config.window,
|
|
49
50
|
});
|
|
50
|
-
return verified
|
|
51
|
+
return verified !== null;
|
|
51
52
|
}
|
|
52
53
|
async initialize(user) {
|
|
53
54
|
const secret = new OTPAuth.Secret({ size: this.Config.secretSize });
|
|
54
55
|
const totp = this._getOTP(user, secret.base32);
|
|
55
56
|
user.Metadata[TWO_FA_METATADATA_KEYS.TOKEN] = secret.base32;
|
|
57
|
+
user.Metadata[TWO_FA_METATADATA_KEYS.ENABLED] = true;
|
|
58
|
+
user.Metadata[TWO_FA_METATADATA_KEYS.OTP] = totp.toString();
|
|
56
59
|
await user.Metadata.sync();
|
|
57
60
|
this.Log.trace(`2fa token initialized for user ${user.Id}`, {
|
|
58
61
|
userId: user.Id,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Default2FaToken.js","sourceRoot":"","sources":["../../../src/2fa/Default2FaToken.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,KAAK,OAAO,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"Default2FaToken.js","sourceRoot":"","sources":["../../../src/2fa/Default2FaToken.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,KAAK,OAAO,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAEhD,MAAM,CAAN,IAAY,sBAIX;AAJD,WAAY,sBAAsB;IAC9B,6CAAmB,CAAA;IACnB,iDAAuB,CAAA;IACvB,yCAAe,CAAA;AACnB,CAAC,EAJW,sBAAsB,KAAtB,sBAAsB,QAIjC;AAGM,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,qBAAqB;IAOtD;QACI,KAAK,EAAE,CAAC;IACZ,CAAC;IAEO,OAAO,CAAC,IAAW,EAAE,MAAc;QACrC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;YACtB,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YAChC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC;SAC5C,CAAC,CAAC;IAEP,CAAC;IAEM,OAAO,CAAC,CAAO;QAClB,yDAAyD;QACzD,gCAAgC;QAChC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,IAAU;QAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QAE/D,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,MAAM,IAAI,SAAS,CAAC,kDAAkD,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QACvF,CAAC;QAED,MAAM,IAAI,GAAI,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;YAC3B,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;SAC7B,CAAC,CAAC;QAEH,OAAO,QAAQ,KAAI,IAAI,CAAC;IAC5B,CAAC;IAEM,KAAK,CAAC,UAAU,CAAC,IAAU;QAC9B,MAAM,MAAM,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QACpE,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAE/C,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5D,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC;QACrD,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;QAE5D,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAE3B,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,kCAAkC,IAAI,CAAC,EAAE,EAAE,EAAE;YACxD,MAAM,EAAE,IAAI,CAAC,EAAE;SAClB,CAAC,CAAC;QAEH;;WAEG;QACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAEM,KAAK,CAAC,aAAa,CAAE,IAAU;QAClC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QAE1D,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,kDAAkD,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;YAC5E,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAEM,KAAK,CAAC,SAAS,CAAC,IAAU;QAC7B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAChE,OAAO,GAAc,CAAC;IAC1B,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,IAAU;QACjC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QAC1D,OAAO,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,EAAE,CAAC;IACjE,CAAC;CACJ,CAAA;AApFa;IADT,MAAM,CAAC,cAAc,CAAC;;+CACD;AAGZ;IADT,MAAM,CAAC,WAAW,CAAC;8BACL,GAAG;4CAAC;AALV,eAAe;IAD3B,UAAU,CAAC,qBAAqB,CAAC;;GACrB,eAAe,CAsF3B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"2fa.d.ts","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAyD,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"2fa.d.ts","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAyD,MAAM,eAAe,CAAC;AAW5F,wBAAsB,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,oBAOrE;AAED;;;;;;;GAOG;AACH,wBAAsB,OAAO,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,EAAE,KAAK,EAAE,MAAM,oBA8B9E"}
|
package/lib/mjs/actions/2fa.js
CHANGED
|
@@ -1,13 +1,14 @@
|
|
|
1
1
|
import { _user_ev, _user_unsafe, _user_update, UserLoginFailed } from '@spinajs/rbac';
|
|
2
|
+
import { Unauthorized } from "@spinajs/http";
|
|
2
3
|
import { _service } from '@spinajs/configuration';
|
|
3
4
|
import { DateTime } from 'luxon';
|
|
4
|
-
import { _chain, _check_arg, _non_empty, _trim, _catch } from '@spinajs/util';
|
|
5
|
+
import { _chain, _check_arg, _non_empty, _trim, _catch, _either, _tap } from '@spinajs/util';
|
|
5
6
|
import { User2FaPassed } from '../events/User2FaPassed.js';
|
|
6
7
|
import { User2FaEnabled } from '../events/User2FaEnabled.js';
|
|
7
8
|
import { TwoFactorAuthProvider, } from '@spinajs/rbac-http';
|
|
8
9
|
export async function enableUser2Fa(identifier) {
|
|
9
10
|
return _chain(_user_unsafe(identifier), (u) => {
|
|
10
|
-
return _chain(_service('rbac.twoFactorAuth', TwoFactorAuthProvider), async (twoFa) => twoFa.initialize(u), _user_ev(User2FaEnabled));
|
|
11
|
+
return _chain(_service('rbac.twoFactorAuth', TwoFactorAuthProvider), async (twoFa) => twoFa.initialize(u), _tap(_user_ev(User2FaEnabled)));
|
|
11
12
|
});
|
|
12
13
|
}
|
|
13
14
|
/**
|
|
@@ -19,9 +20,11 @@ export async function enableUser2Fa(identifier) {
|
|
|
19
20
|
* @returns
|
|
20
21
|
*/
|
|
21
22
|
export async function auth2Fa(identifier, token) {
|
|
22
|
-
token = _check_arg(_trim(), _non_empty)(token, 'token');
|
|
23
|
+
token = _check_arg(_trim(), _non_empty())(token, 'token');
|
|
23
24
|
return _chain(_user_unsafe(identifier), _catch((u) => {
|
|
24
|
-
return _chain(_service('rbac.twoFactorAuth', TwoFactorAuthProvider),
|
|
25
|
+
return _chain(_service('rbac.twoFactorAuth', TwoFactorAuthProvider), _either((twoFa) => twoFa.verifyToken(token, u), () => _chain(u, _user_update({ LastLoginAt: DateTime.now() }), _user_ev(User2FaPassed)), () => {
|
|
26
|
+
throw new Unauthorized('2fa check failed');
|
|
27
|
+
}));
|
|
25
28
|
}, (err, u) => {
|
|
26
29
|
return _chain(() => u,
|
|
27
30
|
// send event of failed login
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"2fa.js","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,QAAQ,EAAE,YAAY,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"2fa.js","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,QAAQ,EAAE,YAAY,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAC5F,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAmB,KAAK,EAAQ,MAAM,EAAE,OAAO,EAAE,IAAI,EAAC,MAAM,eAAe,CAAC;AACnH,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,qBAAqB,GAAG,MAAM,oBAAoB,CAAC;AAG5D,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,UAAkC;IAClE,OAAO,MAAM,CACT,YAAY,CAAC,UAAU,CAAC,EACxB,CAAC,CAAO,EAAE,EAAE;QACR,OAAO,MAAM,CAAC,QAAQ,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,EAAE,KAAK,EAAE,KAA4B,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IACtK,CAAC,CACJ,CAAC;AACN,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,UAAkC,EAAE,KAAa;IAC3E,KAAK,GAAG,UAAU,CAAC,KAAK,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAE1D,OAAO,MAAM,CACT,YAAY,CAAC,UAAU,CAAC,EACxB,MAAM,CACF,CAAC,CAAO,EAAE,EAAE;QACR,OAAO,MAAM,CAAC,QAAQ,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,EAAE,OAAO,CACxE,CAAC,KAA4B,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC,EAC7D,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,EAAE,YAAY,CAAC,EAAE,WAAW,EAAE,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC,EACvF,GAAG,EAAE;YACD,MAAM,IAAI,YAAY,CAAC,kBAAkB,CAAC,CAAC;QAC/C,CAAC,CACJ,CAAC,CAAA;IACN,CAAC,EACD,CAAC,GAAG,EAAE,CAAO,EAAE,EAAE;QACb,OAAO,MAAM,CACT,GAAG,EAAE,CAAC,CAAC;QAEP,6BAA6B;QAC7B,QAAQ,CAAC,eAAe,EAAE,GAAG,CAAC;QAE9B,2BAA2B;QAC3B,GAAG,EAAE;YACD,MAAM,GAAG,CAAC;QACd,CAAC,CACJ,CAAC;IACN,CAAC,CACJ,CACJ,CAAC;AACN,CAAC"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { Log } from '@spinajs/log';
|
|
2
2
|
import { CliCommand } from '@spinajs/cli';
|
|
3
3
|
import { TwoFactorAuthProvider } from "@spinajs/rbac-http";
|
|
4
|
+
import "../2fa/Default2FaToken.js";
|
|
4
5
|
export declare class EnableUser2Fa extends CliCommand {
|
|
5
6
|
protected Log: Log;
|
|
6
7
|
protected TwoFa: TwoFactorAuthProvider;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"EnableUser2Fa.d.ts","sourceRoot":"","sources":["../../../src/cli/EnableUser2Fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAY,UAAU,EAAW,MAAM,cAAc,CAAC;AAE7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAG3D,qBAEa,aAAc,SAAQ,UAAU;IAE3C,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;IAGnB,SAAS,CAAC,KAAK,EAAE,qBAAqB,CAAC;IAE1B,OAAO,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAItD"}
|
|
1
|
+
{"version":3,"file":"EnableUser2Fa.d.ts","sourceRoot":"","sources":["../../../src/cli/EnableUser2Fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAY,UAAU,EAAW,MAAM,cAAc,CAAC;AAE7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAG3D,OAAO,2BAA2B,CAAC;AAEnC,qBAEa,aAAc,SAAQ,UAAU;IAE3C,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;IAGnB,SAAS,CAAC,KAAK,EAAE,qBAAqB,CAAC;IAE1B,OAAO,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAItD"}
|
|
@@ -12,10 +12,11 @@ import { Argument, CliCommand, Command } from '@spinajs/cli';
|
|
|
12
12
|
import { AutoinjectService } from '@spinajs/configuration';
|
|
13
13
|
import { TwoFactorAuthProvider } from "@spinajs/rbac-http";
|
|
14
14
|
import { enableUser2Fa } from "../actions/2fa.js";
|
|
15
|
+
import "../2fa/Default2FaToken.js";
|
|
15
16
|
let EnableUser2Fa = class EnableUser2Fa extends CliCommand {
|
|
16
17
|
async execute(idOrUuid) {
|
|
17
|
-
await enableUser2Fa(idOrUuid);
|
|
18
|
-
this.Log.success(`2fa enabled for user ${idOrUuid}`);
|
|
18
|
+
const result = await enableUser2Fa(idOrUuid);
|
|
19
|
+
this.Log.success(`2fa enabled for user ${idOrUuid}, otp: ${result}`);
|
|
19
20
|
}
|
|
20
21
|
};
|
|
21
22
|
__decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"EnableUser2Fa.js","sourceRoot":"","sources":["../../../src/cli/EnableUser2Fa.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"EnableUser2Fa.js","sourceRoot":"","sources":["../../../src/cli/EnableUser2Fa.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD,OAAO,2BAA2B,CAAC;AAI5B,IAAM,aAAa,GAAnB,MAAM,aAAc,SAAQ,UAAU;IAOpC,KAAK,CAAC,OAAO,CAAC,QAAgB;QACnC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;QAC7C,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,wBAAwB,QAAQ,UAAU,MAAM,EAAE,CAAC,CAAC;IACvE,CAAC;CACF,CAAA;AATW;IADT,MAAM,CAAC,gBAAgB,CAAC;8BACV,GAAG;0CAAC;AAGT;IADT,iBAAiB,CAAC,oBAAoB,CAAC;8BACvB,qBAAqB;4CAAC;AAL5B,aAAa;IAFzB,OAAO,CAAC,sBAAsB,EAAE,6CAA6C,CAAC;IAC9E,QAAQ,CAAC,UAAU,EAAE,IAAI,EAAE,oBAAoB,CAAC;GACpC,aAAa,CAWzB"}
|
|
@@ -2,8 +2,7 @@ declare const rbacHttp: {
|
|
|
2
2
|
system: {
|
|
3
3
|
dirs: {
|
|
4
4
|
controllers: string[];
|
|
5
|
-
|
|
6
|
-
views: string[];
|
|
5
|
+
cli: string[];
|
|
7
6
|
};
|
|
8
7
|
};
|
|
9
8
|
rbac: {
|
|
@@ -22,6 +21,7 @@ declare const rbacHttp: {
|
|
|
22
21
|
};
|
|
23
22
|
twoFactorAuth: {
|
|
24
23
|
enabled: boolean;
|
|
24
|
+
forceUser: boolean;
|
|
25
25
|
service: string;
|
|
26
26
|
};
|
|
27
27
|
fingerprint: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rbac-http.d.ts","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":"AAQA,QAAA,MAAM,QAAQ
|
|
1
|
+
{"version":3,"file":"rbac-http.d.ts","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":"AAQA,QAAA,MAAM,QAAQ;;;;;;;;;YASR;;eAEG;;YAGH;;eAEG;;;;;;;;;;;;;;;;;;;;;;;YAyBH;;eAEG;;;QAGL;;WAEG;;;;CAQN,CAAC;AAEF,eAAe,QAAQ,CAAC"}
|
|
@@ -7,8 +7,7 @@ const rbacHttp = {
|
|
|
7
7
|
system: {
|
|
8
8
|
dirs: {
|
|
9
9
|
controllers: [dir('controllers')],
|
|
10
|
-
|
|
11
|
-
views: [dir('views')],
|
|
10
|
+
cli: [dir('cli')]
|
|
12
11
|
},
|
|
13
12
|
},
|
|
14
13
|
rbac: {
|
|
@@ -27,6 +26,7 @@ const rbacHttp = {
|
|
|
27
26
|
},
|
|
28
27
|
twoFactorAuth: {
|
|
29
28
|
enabled: true,
|
|
29
|
+
forceUser: false,
|
|
30
30
|
service: 'Default2FaToken',
|
|
31
31
|
},
|
|
32
32
|
fingerprint: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rbac-http.js","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,MAAM,UAAU,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC;IACjD,OAAO,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,UAAU,EAAE,gBAAgB,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AACxI,CAAC;AAGD,MAAM,QAAQ,GAAG;IACf,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,WAAW,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YACjC,
|
|
1
|
+
{"version":3,"file":"rbac-http.js","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,MAAM,UAAU,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC;IACjD,OAAO,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,UAAU,EAAE,gBAAgB,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AACxI,CAAC;AAGD,MAAM,QAAQ,GAAG;IACf,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,WAAW,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YACjC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;SAClB;KACF;IACD,IAAI,EAAE;QACJ,OAAO,EAAE;YACP;;eAEG;YACH,MAAM,EAAE,SAAS;YAEjB;;eAEG;YACH,SAAS,EAAE,MAAM;YACjB,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,CAAC;SACV;QACD,aAAa,EAAE;YACb,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,KAAK;YAChB,OAAO,EAAE,iBAAiB;SAC3B;QACD,WAAW,EAAE;YACX,OAAO,EAAE,KAAK;YACd,UAAU,EAAE,CAAC;YACb,OAAO,EAAE,eAAe;SACzB;QACD,OAAO,EAAC;YACN,MAAM,EAAE;gBACN,QAAQ,EAAE,KAAK;aAChB;SACF;QACD,QAAQ,EAAE;YACR,sCAAsC;YACtC,QAAQ,EAAE,EAAE;YAEZ;;eAEG;YACH,kBAAkB,EAAE,CAAC;SACtB;QACD;;WAEG;QACH,cAAc,EAAE,KAAK;KACtB;IACD,IAAI,EAAE;IACJ,iBAAiB;IACjB,+CAA+C;IAC/C,KAAK;KACN;CACF,CAAC;AAEF,eAAe,QAAQ,CAAC"}
|
|
@@ -9,6 +9,7 @@ export declare class LoginController extends BaseController {
|
|
|
9
9
|
protected SessionProvider: SessionProvider;
|
|
10
10
|
protected SessionExpirationTime: number;
|
|
11
11
|
protected TwoFactorAuthEnabled: boolean;
|
|
12
|
+
protected TwoFactorAuthForceUser: boolean;
|
|
12
13
|
protected SessionCookieConfig: any;
|
|
13
14
|
protected AC: AccessControl;
|
|
14
15
|
login(credentials: UserLoginDto): Promise<Ok | Unauthorized>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"LoginController.d.ts","sourceRoot":"","sources":["../../../src/controllers/LoginController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAwB,EAAE,EAAe,YAAY,EAAU,MAAM,eAAe,CAAC;AAC5G,OAAO,EAAE,YAAY,EAAE,eAAe,
|
|
1
|
+
{"version":3,"file":"LoginController.d.ts","sourceRoot":"","sources":["../../../src/controllers/LoginController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAwB,EAAE,EAAe,YAAY,EAAU,MAAM,eAAe,CAAC;AAC5G,OAAO,EAAE,YAAY,EAAE,eAAe,EAAsB,aAAa,EAAiB,MAAM,eAAe,CAAC;AAEhH,OAAO,EAA6B,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAGlF,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACrC,qBACa,eAAgB,SAAQ,cAAc;IAEjD,SAAS,CAAC,aAAa,EAAE,aAAa,CAAC;IAGvC,SAAS,CAAC,YAAY,EAAE,YAAY,CAAC;IAGrC,SAAS,CAAC,eAAe,EAAE,eAAe,CAAC;IAK3C,SAAS,CAAC,qBAAqB,EAAE,MAAM,CAAC;IAKxC,SAAS,CAAC,oBAAoB,EAAE,OAAO,CAAC;IAMxC,SAAS,CAAC,sBAAsB,EAAE,OAAO,CAAC;IAG1C,SAAS,CAAC,mBAAmB,EAAE,GAAG,CAAC;IAGnC,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC;IAIf,KAAK,CAAS,WAAW,EAAE,YAAY;IAsGvC,MAAM,CAAW,IAAI,EAAE,MAAM;IA4B7B,MAAM,CAAiB,IAAI,EAAE,IAAI;CAK/C"}
|
|
@@ -12,15 +12,15 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
|
12
12
|
};
|
|
13
13
|
import { UserLoginDto } from '../dto/userLogin-dto.js';
|
|
14
14
|
import { BaseController, BasePath, Post, Body, Ok, Get, Cookie, Unauthorized, Policy } from '@spinajs/http';
|
|
15
|
-
import { AuthProvider, SessionProvider,
|
|
15
|
+
import { AuthProvider, SessionProvider, login, UserSession, AccessControl, _unwindGrants } from '@spinajs/rbac';
|
|
16
16
|
import { Autoinject } from '@spinajs/di';
|
|
17
17
|
import { AutoinjectService, Config, Configuration } from '@spinajs/configuration';
|
|
18
|
-
import { LoggedPolicy,
|
|
18
|
+
import { LoggedPolicy, NotAuthorizedPolicy, User as UserRouteArg } from '@spinajs/rbac-http';
|
|
19
19
|
import { User } from '@spinajs/rbac';
|
|
20
20
|
let LoginController = class LoginController extends BaseController {
|
|
21
21
|
async login(credentials) {
|
|
22
22
|
try {
|
|
23
|
-
const user = await
|
|
23
|
+
const user = await login(credentials.Email, credentials.Password);
|
|
24
24
|
const session = new UserSession();
|
|
25
25
|
const coockies = [
|
|
26
26
|
{
|
|
@@ -37,35 +37,52 @@ let LoginController = class LoginController extends BaseController {
|
|
|
37
37
|
},
|
|
38
38
|
},
|
|
39
39
|
];
|
|
40
|
+
let result = {};
|
|
40
41
|
session.Data.set('User', user.Uuid);
|
|
42
|
+
// we have two states for user
|
|
43
|
+
// LOGGED - when user use proper login/password and session is created
|
|
44
|
+
// AUTHORIZED - when user is atuhenticated eg. by 2fa check. If 2fa is disabled
|
|
45
|
+
// user is automatically authorized at login
|
|
46
|
+
session.Data.set('Logged', true);
|
|
41
47
|
// set expiration time ( default val in config )
|
|
42
48
|
session.extend();
|
|
43
|
-
|
|
44
|
-
|
|
49
|
+
if (this.TwoFactorAuthForceUser && !user.Metadata['2fa:enabled']) {
|
|
50
|
+
this._log.trace('User logged in, 2fa init required', {
|
|
51
|
+
Uuid: user.Uuid
|
|
52
|
+
});
|
|
53
|
+
session.Data.set('Authorized', false);
|
|
54
|
+
session.Data.set('TwoFactorAuth', true);
|
|
55
|
+
result = {
|
|
56
|
+
TwoFactorInitRequired: true,
|
|
57
|
+
};
|
|
58
|
+
}
|
|
59
|
+
else if (this.TwoFactorAuthEnabled && user.Metadata['2fa:enabled']) {
|
|
45
60
|
this._log.trace('User logged in, 2fa required', {
|
|
46
61
|
Uuid: user.Uuid
|
|
47
62
|
});
|
|
48
63
|
session.Data.set('Authorized', false);
|
|
49
64
|
session.Data.set('TwoFactorAuth', true);
|
|
50
|
-
|
|
65
|
+
result = {
|
|
51
66
|
TwoFactorAuthRequired: true,
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
67
|
+
};
|
|
68
|
+
}
|
|
69
|
+
else {
|
|
70
|
+
session.Data.set('Authorized', true);
|
|
71
|
+
const grants = this.AC.getGrants();
|
|
72
|
+
const userGrants = user.Role.map(r => _unwindGrants(r, grants));
|
|
73
|
+
const combinedGrants = Object.assign({}, ...userGrants);
|
|
74
|
+
result = {
|
|
75
|
+
...user.dehydrateWithRelations({
|
|
76
|
+
dateTimeFormat: "iso"
|
|
77
|
+
}),
|
|
78
|
+
Grants: combinedGrants,
|
|
79
|
+
};
|
|
56
80
|
}
|
|
57
81
|
this._log.trace('User logged in, no 2fa required', {
|
|
58
82
|
Uuid: user.Uuid
|
|
59
83
|
});
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
const combinedGrants = Object.assign({}, ...userGrants);
|
|
63
|
-
return new Ok({
|
|
64
|
-
...user.dehydrateWithRelations({
|
|
65
|
-
dateTimeFormat: "iso"
|
|
66
|
-
}),
|
|
67
|
-
Grants: combinedGrants,
|
|
68
|
-
}, {
|
|
84
|
+
await this.SessionProvider.save(session);
|
|
85
|
+
return new Ok(result, {
|
|
69
86
|
Coockies: coockies
|
|
70
87
|
});
|
|
71
88
|
}
|
|
@@ -130,6 +147,12 @@ __decorate([
|
|
|
130
147
|
}),
|
|
131
148
|
__metadata("design:type", Boolean)
|
|
132
149
|
], LoginController.prototype, "TwoFactorAuthEnabled", void 0);
|
|
150
|
+
__decorate([
|
|
151
|
+
Config('rbac.twoFactorAuth.forceUser', {
|
|
152
|
+
defaultValue: false,
|
|
153
|
+
}),
|
|
154
|
+
__metadata("design:type", Boolean)
|
|
155
|
+
], LoginController.prototype, "TwoFactorAuthForceUser", void 0);
|
|
133
156
|
__decorate([
|
|
134
157
|
Config('rbac.session.cookie', {}),
|
|
135
158
|
__metadata("design:type", Object)
|
|
@@ -140,7 +163,7 @@ __decorate([
|
|
|
140
163
|
], LoginController.prototype, "AC", void 0);
|
|
141
164
|
__decorate([
|
|
142
165
|
Post(),
|
|
143
|
-
Policy(
|
|
166
|
+
Policy(NotAuthorizedPolicy),
|
|
144
167
|
__param(0, Body()),
|
|
145
168
|
__metadata("design:type", Function),
|
|
146
169
|
__metadata("design:paramtypes", [UserLoginDto]),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"LoginController.js","sourceRoot":"","sources":["../../../src/controllers/LoginController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAC5G,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"LoginController.js","sourceRoot":"","sources":["../../../src/controllers/LoginController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAC5G,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAChH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,iBAAiB,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAElF,OAAO,EAAE,YAAY,EAAE,mBAAmB,EAAE,IAAI,IAAI,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAC7F,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAE9B,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,cAAc;IAkCpC,AAAN,KAAK,CAAC,KAAK,CAAS,WAAyB;QAClD,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;YAClE,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;YAElC,MAAM,QAAQ,GAAG;gBACf;oBACE,IAAI,EAAE,MAAM;oBACZ,KAAK,EAAE,OAAO,CAAC,SAAS;oBACxB,OAAO,EAAE;wBACP,MAAM,EAAE,IAAI;wBACZ,QAAQ,EAAE,IAAI;wBAEd,4BAA4B;wBAC5B,MAAM,EAAE,IAAI,CAAC,qBAAqB,GAAG,IAAI;wBAEzC,8BAA8B;wBAC9B,2BAA2B;wBAC3B,GAAG,IAAI,CAAC,mBAAmB;qBAC5B;iBACF;aACF,CAAC;YACF,IAAI,MAAM,GAAQ,EAAE,CAAC;YAErB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAEpC,8BAA8B;YAC9B,sEAAsE;YACtE,+EAA+E;YAC/E,yDAAyD;YACzD,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;YAEjC,gDAAgD;YAChD,OAAO,CAAC,MAAM,EAAE,CAAC;YAGjB,IAAI,IAAI,CAAC,sBAAsB,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBACjE,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,mCAAmC,EAAE;oBACnD,IAAI,EAAE,IAAI,CAAC,IAAI;iBAChB,CAAC,CAAC;gBAEH,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,IAAI,CAAC,CAAC;gBAExC,MAAM,GAAG;oBACP,qBAAqB,EAAE,IAAI;iBAC5B,CAAC;YACJ,CAAC;iBACI,IAAI,IAAI,CAAC,oBAAoB,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBAEnE,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,8BAA8B,EAAE;oBAC9C,IAAI,EAAE,IAAI,CAAC,IAAI;iBAChB,CAAC,CAAC;gBAEH,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,IAAI,CAAC,CAAC;gBAExC,MAAM,GAAG;oBACP,qBAAqB,EAAE,IAAI;iBAC5B,CAAC;YACJ,CAAC;iBAAM,CAAC;gBAEN,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;gBAErC,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;gBACnC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;gBAChE,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC;gBAExD,MAAM,GAAG;oBACP,GAAG,IAAI,CAAC,sBAAsB,CAAC;wBAC7B,cAAc,EAAE,KAAK;qBACtB,CAAC;oBACF,MAAM,EAAE,cAAc;iBACvB,CAAC;YACJ,CAAC;YAGD,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,iCAAiC,EAAE;gBACjD,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB,CAAC,CAAC;YAGH,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEzC,OAAO,IAAI,EAAE,CAAC,MAAM,EAAE;gBACpB,QAAQ,EAAE,QAAQ;aACnB,CAAC,CAAC;QAEL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAErB,OAAO,IAAI,YAAY,CAAC;gBACtB,KAAK,EAAE;oBACL,IAAI,EAAE,eAAe;oBACrB,OAAO,EAAE,6BAA6B;iBACvC;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAIY,AAAN,KAAK,CAAC,MAAM,CAAW,IAAY;QACxC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,EAAE,EAAE,CAAC;QAClB,CAAC;QAED,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAExC,gDAAgD;QAChD,OAAO,IAAI,EAAE,CAAC,IAAI,EAAE;YAClB,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,MAAM;oBACZ,KAAK,EAAE,EAAE;oBACT,OAAO,EAAE;wBACP,QAAQ,EAAE,IAAI;wBACd,MAAM,EAAE,CAAC;wBAET,8BAA8B;wBAC9B,2BAA2B;wBAC3B,GAAG,IAAI,CAAC,mBAAmB;qBAC5B;iBACF;aACF;SACF,CAAC,CAAC;IACL,CAAC;IAIY,AAAN,KAAK,CAAC,MAAM,CAAiB,IAAU;QAE5C,kCAAkC;QAClC,OAAO,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;CACF,CAAA;AAvKW;IADT,UAAU,EAAE;8BACY,aAAa;sDAAC;AAG7B;IADT,iBAAiB,CAAC,WAAW,CAAC;8BACP,YAAY;qDAAC;AAG3B;IADT,iBAAiB,CAAC,cAAc,CAAC;8BACP,eAAe;wDAAC;AAKjC;IAHT,MAAM,CAAC,yBAAyB,EAAE;QACjC,YAAY,EAAE,GAAG;KAClB,CAAC;;8DACsC;AAK9B;IAHT,MAAM,CAAC,4BAA4B,EAAE;QACpC,YAAY,EAAE,KAAK;KACpB,CAAC;;6DACsC;AAM9B;IAHT,MAAM,CAAC,8BAA8B,EAAE;QACtC,YAAY,EAAE,KAAK;KACpB,CAAC;;+DACwC;AAGhC;IADT,MAAM,CAAC,qBAAqB,EAAE,EAAE,CAAC;;4DACC;AAGzB;IADT,UAAU,CAAC,aAAa,CAAC;8BACZ,aAAa;2CAAC;AAIf;IAFZ,IAAI,EAAE;IACN,MAAM,CAAC,mBAAmB,CAAC;IACR,WAAA,IAAI,EAAE,CAAA;;qCAAc,YAAY;;4CAkGnD;AAIY;IAFZ,GAAG,EAAE;IACL,MAAM,CAAC,YAAY,CAAC;IACA,WAAA,MAAM,EAAE,CAAA;;;;6CAwB5B;AAIY;IAFZ,GAAG,EAAE;IACL,MAAM,CAAC,YAAY,CAAC;IACA,WAAA,YAAY,EAAE,CAAA;;qCAAO,IAAI;;6CAI7C;AAxKU,eAAe;IAD3B,QAAQ,CAAC,MAAM,CAAC;GACJ,eAAe,CAyK3B"}
|
|
@@ -1,10 +1,12 @@
|
|
|
1
1
|
import { TokenDto } from './../dto/token-dto.js';
|
|
2
|
-
import { BaseController, Ok,
|
|
3
|
-
import { ISession, SessionProvider, User as UserModel } from '@spinajs/rbac';
|
|
2
|
+
import { BaseController, Ok, ForbiddenResponse } from '@spinajs/http';
|
|
3
|
+
import { ISession, SessionProvider, User as UserModel, AccessControl } from '@spinajs/rbac';
|
|
4
4
|
import { QueueService } from '@spinajs/queue';
|
|
5
5
|
export declare class TwoFactorAuthController extends BaseController {
|
|
6
6
|
protected Queue: QueueService;
|
|
7
7
|
protected SessionProvider: SessionProvider;
|
|
8
|
-
|
|
8
|
+
protected AC: AccessControl;
|
|
9
|
+
enable2fa(user: UserModel): Promise<Ok>;
|
|
10
|
+
verifyToken(logged: UserModel, token: TokenDto, session: ISession): Promise<Ok | ForbiddenResponse>;
|
|
9
11
|
}
|
|
10
12
|
//# sourceMappingURL=TwoFactorAuthController.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TwoFactorAuthController.d.ts","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAY,EAAE,
|
|
1
|
+
{"version":3,"file":"TwoFactorAuthController.d.ts","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAY,EAAE,EAAa,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAC3F,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,IAAI,SAAS,EAAyC,aAAa,EAAE,MAAM,eAAe,CAAC;AAOnI,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAM9C,qBAGa,uBAAwB,SAAQ,cAAc;IAEvD,SAAS,CAAC,KAAK,EAAE,YAAY,CAAC;IAG9B,SAAS,CAAC,eAAe,EAAE,eAAe,CAAC;IAG3C,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC;IAGf,SAAS,CAAS,IAAI,EAAE,SAAS;IAejC,WAAW,CAAS,MAAM,EAAE,SAAS,EAAU,KAAK,EAAE,QAAQ,EAAa,OAAO,EAAE,QAAQ;CAuC5G"}
|
|
@@ -11,17 +11,29 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
|
11
11
|
return function (target, key) { decorator(target, key, paramIndex); }
|
|
12
12
|
};
|
|
13
13
|
import { TokenDto } from './../dto/token-dto.js';
|
|
14
|
-
import { BaseController, BasePath, Ok, Post,
|
|
15
|
-
import { SessionProvider, User as UserModel, _unwindGrants } from '@spinajs/rbac';
|
|
14
|
+
import { BaseController, BasePath, Ok, Post, Get, ForbiddenResponse } from '@spinajs/http';
|
|
15
|
+
import { SessionProvider, User as UserModel, _unwindGrants, AccessControl } from '@spinajs/rbac';
|
|
16
16
|
import { Session } from "@spinajs/rbac-http";
|
|
17
17
|
import { Body, Policy } from '@spinajs/http';
|
|
18
18
|
import { TwoFacRouteEnabled } from '../policies/2FaPolicy.js';
|
|
19
19
|
import { AutoinjectService } from '@spinajs/configuration';
|
|
20
20
|
import { Autoinject } from '@spinajs/di';
|
|
21
21
|
import { QueueService } from '@spinajs/queue';
|
|
22
|
-
import { User } from "@spinajs/rbac-http";
|
|
22
|
+
import { User, NotAuthorizedPolicy, } from "@spinajs/rbac-http";
|
|
23
23
|
import { auth2Fa } from "./../actions/2fa.js";
|
|
24
|
+
import { enableUser2Fa } from "../actions/2fa.js";
|
|
24
25
|
let TwoFactorAuthController = class TwoFactorAuthController extends BaseController {
|
|
26
|
+
async enable2fa(user) {
|
|
27
|
+
if (user.Metadata['2fa:enabled']) {
|
|
28
|
+
return new Ok({
|
|
29
|
+
otp: user.Metadata['2fa:otp'],
|
|
30
|
+
});
|
|
31
|
+
}
|
|
32
|
+
const result = await enableUser2Fa(user);
|
|
33
|
+
return new Ok({
|
|
34
|
+
otp: result
|
|
35
|
+
});
|
|
36
|
+
}
|
|
25
37
|
async verifyToken(logged, token, session) {
|
|
26
38
|
try {
|
|
27
39
|
await auth2Fa(logged, token.Token);
|
|
@@ -45,7 +57,7 @@ let TwoFactorAuthController = class TwoFactorAuthController extends BaseControll
|
|
|
45
57
|
}
|
|
46
58
|
catch (err) {
|
|
47
59
|
this._log.error(err);
|
|
48
|
-
return new
|
|
60
|
+
return new ForbiddenResponse({
|
|
49
61
|
error: {
|
|
50
62
|
code: 'E_2FA_FAILED',
|
|
51
63
|
message: '2fa check failed',
|
|
@@ -62,6 +74,17 @@ __decorate([
|
|
|
62
74
|
AutoinjectService('rbac.session'),
|
|
63
75
|
__metadata("design:type", SessionProvider)
|
|
64
76
|
], TwoFactorAuthController.prototype, "SessionProvider", void 0);
|
|
77
|
+
__decorate([
|
|
78
|
+
Autoinject(AccessControl),
|
|
79
|
+
__metadata("design:type", AccessControl)
|
|
80
|
+
], TwoFactorAuthController.prototype, "AC", void 0);
|
|
81
|
+
__decorate([
|
|
82
|
+
Get('2fa/enable'),
|
|
83
|
+
__param(0, User()),
|
|
84
|
+
__metadata("design:type", Function),
|
|
85
|
+
__metadata("design:paramtypes", [UserModel]),
|
|
86
|
+
__metadata("design:returntype", Promise)
|
|
87
|
+
], TwoFactorAuthController.prototype, "enable2fa", null);
|
|
65
88
|
__decorate([
|
|
66
89
|
Post('2fa/verify'),
|
|
67
90
|
__param(0, User()),
|
|
@@ -72,8 +95,9 @@ __decorate([
|
|
|
72
95
|
__metadata("design:returntype", Promise)
|
|
73
96
|
], TwoFactorAuthController.prototype, "verifyToken", null);
|
|
74
97
|
TwoFactorAuthController = __decorate([
|
|
75
|
-
BasePath('
|
|
76
|
-
Policy(TwoFacRouteEnabled)
|
|
98
|
+
BasePath('auth'),
|
|
99
|
+
Policy(TwoFacRouteEnabled),
|
|
100
|
+
Policy(NotAuthorizedPolicy)
|
|
77
101
|
], TwoFactorAuthController);
|
|
78
102
|
export { TwoFactorAuthController };
|
|
79
103
|
//# sourceMappingURL=TwoFactorAuthController.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TwoFactorAuthController.js","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,
|
|
1
|
+
{"version":3,"file":"TwoFactorAuthController.js","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAC3F,OAAO,EAAY,eAAe,EAAE,IAAI,IAAI,SAAS,EAA0B,aAAa,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnI,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAE7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,iBAAiB,EAAY,MAAM,wBAAwB,CAAC;AACrE,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,IAAI,EAAE,mBAAmB,GAAG,MAAM,oBAAoB,CAAC;AAChE,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAK3C,IAAM,uBAAuB,GAA7B,MAAM,uBAAwB,SAAQ,cAAc;IAW1C,AAAN,KAAK,CAAC,SAAS,CAAS,IAAe;QAE1C,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/B,OAAO,IAAI,EAAE,CAAC;gBACV,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;aAChC,CAAC,CAAC;QACP,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,CAAC;QACzC,OAAO,IAAI,EAAE,CAAC;YACV,GAAG,EAAE,MAAM;SACd,CAAC,CAAC;IACP,CAAC;IAGY,AAAN,KAAK,CAAC,WAAW,CAAS,MAAiB,EAAU,KAAe,EAAa,OAAiB;QAErG,IAAI,CAAC;YACD,MAAM,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YAEnC,mCAAmC;YACnC,4CAA4C;YAC5C,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;YACrC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;YACrC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEzC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,gCAAgC,EAAE;gBAC9C,IAAI,EAAE,MAAM,CAAC,IAAI;aACpB,CAAC,CAAC;YAGH,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;YACnC,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;YAClE,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC;YAGxD,OAAO,IAAI,EAAE,CAAC;gBACV,GAAG,MAAM,CAAC,sBAAsB,CAAC;oBAC7B,cAAc,EAAE,KAAK;iBACxB,CAAC;gBACF,MAAM,EAAE,cAAc;aACzB,CAAC,CAAC;QACP,CAAC;QACD,OAAO,GAAG,EAAE,CAAC;YACT,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAErB,OAAO,IAAI,iBAAiB,CAAC;gBACzB,KAAK,EAAE;oBACH,IAAI,EAAE,cAAc;oBACpB,OAAO,EAAE,kBAAkB;iBAC9B;aACJ,CAAC,CAAC;QACP,CAAC;IACL,CAAC;CACJ,CAAA;AA/Da;IADT,UAAU,CAAC,YAAY,CAAC;8BACR,YAAY;sDAAC;AAGpB;IADT,iBAAiB,CAAC,cAAc,CAAC;8BACP,eAAe;gEAAC;AAGjC;IADT,UAAU,CAAC,aAAa,CAAC;8BACZ,aAAa;mDAAC;AAGf;IADZ,GAAG,CAAC,YAAY,CAAC;IACM,WAAA,IAAI,EAAE,CAAA;;qCAAO,SAAS;;wDAY7C;AAGY;IADZ,IAAI,CAAC,YAAY,CAAC;IACO,WAAA,IAAI,EAAE,CAAA;IAAqB,WAAA,IAAI,EAAE,CAAA;IAAmB,WAAA,OAAO,EAAE,CAAA;;qCAA9C,SAAS,EAAiB,QAAQ;;0DAsC1E;AAhEQ,uBAAuB;IAHnC,QAAQ,CAAC,MAAM,CAAC;IAChB,MAAM,CAAC,kBAAkB,CAAC;IAC1B,MAAM,CAAC,mBAAmB,CAAC;GACf,uBAAuB,CAiEnC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"UserController.d.ts","sourceRoot":"","sources":["../../../src/controllers/UserController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAgD,aAAa,EAAE,MAAM,eAAe,CAAC;AAClJ,OAAO,EAAE,cAAc,EAAiB,EAAE,EAA+B,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"UserController.d.ts","sourceRoot":"","sources":["../../../src/controllers/UserController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAgD,aAAa,EAAE,MAAM,eAAe,CAAC;AAClJ,OAAO,EAAE,cAAc,EAAiB,EAAE,EAA+B,MAAM,eAAe,CAAC;AAW/F,qBAGa,cAAe,SAAQ,cAAc;IAEhD,SAAS,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;IAG7C,SAAS,CAAC,aAAa,EAAE,MAAM,CAAC;IAGhC,SAAS,CAAC,eAAe,EAAE,eAAe,CAAC;IAG3C,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC;IAIf,OAAO,CAAS,IAAI,EAAE,SAAS,EAAY,IAAI,EAAE,MAAM;IAmBvD,SAAS,CAAS,IAAI,EAAE,SAAS;IAYjC,WAAW,CAAS,IAAI,EAAE,SAAS,EAAU,GAAG,EAAE,WAAW;CAkB3E"}
|
|
@@ -17,7 +17,7 @@ import { InvalidArgument } from '@spinajs/exceptions';
|
|
|
17
17
|
import { Autoinject } from '@spinajs/di';
|
|
18
18
|
import { Config } from '@spinajs/configuration';
|
|
19
19
|
import * as cs from 'cookie-signature';
|
|
20
|
-
import {
|
|
20
|
+
import { AuthorizedPolicy, Permission, Resource, User } from '@spinajs/rbac-http';
|
|
21
21
|
import { _chain, _either } from '@spinajs/util';
|
|
22
22
|
let UserController = class UserController extends BaseController {
|
|
23
23
|
async refresh(user, ssid) {
|
|
@@ -94,7 +94,7 @@ __decorate([
|
|
|
94
94
|
UserController = __decorate([
|
|
95
95
|
BasePath('user'),
|
|
96
96
|
Resource('user'),
|
|
97
|
-
Policy(
|
|
97
|
+
Policy(AuthorizedPolicy)
|
|
98
98
|
], UserController);
|
|
99
99
|
export { UserController };
|
|
100
100
|
//# sourceMappingURL=UserController.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"UserController.js","sourceRoot":"","sources":["../../../src/controllers/UserController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAE,aAAa,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAClJ,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAC/F,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEvC,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"UserController.js","sourceRoot":"","sources":["../../../src/controllers/UserController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,gBAAgB,EAAE,eAAe,EAAE,aAAa,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAClJ,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AAC/F,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEvC,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAClF,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAOzC,IAAM,cAAc,GAApB,MAAM,cAAe,SAAQ,cAAc;IAenC,AAAN,KAAK,CAAC,OAAO,CAAS,IAAe,EAAY,IAAY;QAClE,wBAAwB;QACxB,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE/B,+BAA+B;QAC/B,MAAM,GAAG,GAAmB,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAChE,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACxD,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,OAAO,IAAI,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IAClC,CAAC;IAIY,AAAN,KAAK,CAAC,SAAS,CAAS,IAAe;QAE5C,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;QACnC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;QAChE,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC;QAExD,OAAO,IAAI,EAAE,CAAC,cAAc,CAAC,CAAC;IAChC,CAAC;IAKY,AAAN,KAAK,CAAC,WAAW,CAAS,IAAe,EAAU,GAAgB;QACxE,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,eAAe,EAAE,CAAC;YACzC,MAAM,IAAI,eAAe,CAAC,yBAAyB,CAAC,CAAC;QACvD,CAAC;QAGD,OAAO,IAAI,EAAE,CACX,MAAM,CACJ,IAAI,EACJ,OAAO,CACL,aAAa,CAAC,GAAG,CAAC,WAAW,CAAC,EAC9B,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,EAC5B,GAAG,EAAE;YACH,MAAM,IAAI,eAAe,CAAC,2BAA2B,CAAC,CAAC;QACzD,CAAC,CAAC,CACL,CACF,CAAC;IACJ,CAAC;CACF,CAAA;AA9DW;IADT,UAAU,EAAE;8BACe,gBAAgB;wDAAC;AAGnC;IADT,MAAM,CAAC,oBAAoB,CAAC;;qDACG;AAGtB;IADT,UAAU,EAAE;8BACc,eAAe;uDAAC;AAGjC;IADT,UAAU,CAAC,aAAa,CAAC;8BACZ,aAAa;0CAAC;AAIf;IAFZ,GAAG,EAAE;IACL,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IACF,WAAA,IAAI,EAAE,CAAA;IAAmB,WAAA,MAAM,EAAE,CAAA;;qCAApB,SAAS;;6CAe3C;AAIY;IAFZ,GAAG,CAAC,QAAQ,CAAC;IACb,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IACA,WAAA,IAAI,EAAE,CAAA;;qCAAO,SAAS;;+CAO7C;AAKY;IAFZ,KAAK,CAAC,UAAU,CAAC;IACjB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACA,WAAA,IAAI,EAAE,CAAA;IAAmB,WAAA,IAAI,EAAE,CAAA;;qCAAlB,SAAS,EAAe,WAAW;;iDAiBzE;AA/DU,cAAc;IAH1B,QAAQ,CAAC,MAAM,CAAC;IAChB,QAAQ,CAAC,MAAM,CAAC;IAChB,MAAM,CAAC,gBAAgB,CAAC;GACZ,cAAc,CAgE1B"}
|
|
@@ -12,7 +12,7 @@ var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
|
12
12
|
};
|
|
13
13
|
import { Post, BasePath, Ok, Del, Body, Get, Query, Param, Policy, BaseController, Patch } from '@spinajs/http';
|
|
14
14
|
import { User as UserModel, UserMetadata } from '@spinajs/rbac';
|
|
15
|
-
import {
|
|
15
|
+
import { AuthorizedPolicy, Permission, Resource } from '@spinajs/rbac-http';
|
|
16
16
|
import { AsModel, PaginationDTO, OrderDTO, Filter, FromModel } from '@spinajs/orm-http';
|
|
17
17
|
import { UserMetadataDto } from '../dto/metadata-dto.js';
|
|
18
18
|
import { InsertBehaviour, SortOrder } from '@spinajs/orm';
|
|
@@ -193,7 +193,7 @@ __decorate([
|
|
|
193
193
|
UserMetadataController = __decorate([
|
|
194
194
|
BasePath('user'),
|
|
195
195
|
Resource('user.metadata'),
|
|
196
|
-
Policy(
|
|
196
|
+
Policy(AuthorizedPolicy)
|
|
197
197
|
], UserMetadataController);
|
|
198
198
|
export { UserMetadataController };
|
|
199
199
|
//# sourceMappingURL=UserMetadataController.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"UserMetadataController.js","sourceRoot":"","sources":["../../../src/controllers/UserMetadataController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAChH,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"UserMetadataController.js","sourceRoot":"","sources":["../../../src/controllers/UserMetadataController.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAChH,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC5E,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAW,SAAS,EAAE,MAAM,mBAAmB,CAAC;AACjG,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAKtE,IAAM,sBAAsB,GAA5B,MAAM,sBAAuB,SAAQ,cAAc;IAGtD;;OAEG;IAIU,AAAN,KAAK,CAAC,YAAY,CACc,IAAe,EACzC,UAA0B,EAC1B,KAAgB,EAEzB,MAAkB;QAElB,OAAO,IAAI,EAAE,CAAC,sBAAsB,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC;YAChD,OAAO,EAAE,IAAI,CAAC,EAAE;SACnB,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC;aACZ,IAAI,CAAC,UAAU,EAAE,KAAK,IAAI,SAAS,CAAC;aACpC,IAAI,CAAC,UAAU,EAAE,KAAK,GAAG,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC;aAC/C,KAAK,CAAC,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,KAAK,EAAE,KAAK,IAAI,SAAS,CAAC,IAAI,CAAC,CAChE,CAAC;IACN,CAAC;IAKY,AAAN,KAAK,CAAC,WAAW,CACe,IAAe,EACzC,GAAW;QACpB,OAAO,IAAI,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC;YAC7B,GAAG,EAAE,GAAG;YACR,OAAO,EAAE,IAAI,CAAC,EAAE;SACnB,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACtB,CAAC;IAIY,AAAN,KAAK,CAAC,eAAe,CACW,IAAe,EACvC,QAAsB;QAEjC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC3B,MAAM,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;QACtD,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAIY,AAAN,KAAK,CAAC,kBAAkB,CAOxB,IAAkB,EACc,KAAgB,EAC3C,IAAqB;QAC7B,MAAM,IAAI,CAAC,MAAM,CAAC;YACd,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;SAClB,CAAC,CAAA;QAEF,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAIY,AAAN,KAAK,CAAC,kBAAkB,CACQ,IAAe,EACzC,IAAY;QACrB,MAAM,YAAY,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC;YAC/B,EAAE,EAAE,IAAI;YACR,OAAO,EAAE,IAAI,CAAC,EAAE;SACnB,CAAC,CAAC;QAEH,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAID;;OAEG;IAMU,AAAN,KAAK,CAAC,QAAQ,CACR,UAA0B,EAC1B,KAAgB,EAEzB,MAAkB;QAElB,OAAO,IAAI,EAAE,CAAC,sBAAsB,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC;aACvD,IAAI,CAAC,UAAU,EAAE,KAAK,IAAI,SAAS,CAAC;aACpC,IAAI,CAAC,UAAU,EAAE,KAAK,GAAG,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC;aAC/C,KAAK,CAAC,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,KAAK,EAAE,KAAK,IAAI,SAAS,CAAC,IAAI,CAAC,CAChE,CAAC;IACN,CAAC;IAIY,AAAN,KAAK,CAAC,OAAO,CAAU,GAAW;QACrC,OAAO,IAAI,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC;YAC7B,GAAG,EAAE,GAAG;SACX,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACtB,CAAC;IAIY,AAAN,KAAK,CAAC,WAAW,CAAY,QAAsB;QACtD,MAAM,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC;IAC1D,CAAC;IAIY,AAAN,KAAK,CAAC,cAAc,CAAU,IAAY,EAAU,IAAqB;QAC5E,MAAM,YAAY,CAAC,MAAM,CAAC;YACtB,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;SAClB,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAE1C,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;IAIY,AAAN,KAAK,CAAC,cAAc,CAAU,IAAY;QAC7C,MAAM,YAAY,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC;YAC/B,EAAE,EAAE,IAAI;SACX,CAAC,CAAC;QAEH,OAAO,IAAI,EAAE,EAAE,CAAC;IACpB,CAAC;CACJ,CAAA;AAnIgB;IAFZ,GAAG,CAAC,gBAAgB,CAAC;IACrB,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IAEnB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,MAAM,CAAC,sBAAsB,CAAC,CAAA;;qCAHU,SAAS;QAC5B,aAAa;QAClB,QAAQ;;0DAW5B;AAKY;IAFZ,GAAG,CAAC,qBAAqB,CAAC;IAC1B,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IAEnB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,KAAK,EAAE,CAAA;;qCADiC,SAAS;;yDAMrD;AAIY;IAFZ,IAAI,CAAC,gBAAgB,CAAC;IACtB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IAErB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,OAAO,EAAE,CAAA;;qCAD+B,SAAS;QAC7B,YAAY;;6DAKpC;AAIY;IAFZ,KAAK,CAAC,uBAAuB,CAAC;IAC9B,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IAErB,WAAA,SAAS,CAAC;QACP,KAAK,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,IAAI,CAAC,EAAE,IAAI;YAC7B,OAAO,IAAI,CAAC,KAAK,CAAC;gBACd,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;YAC/C,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC,CAAA;QACnC,CAAC,CAAC;KACL,CAAC,CAAA;IACD,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,IAAI,EAAE,CAAA;;qCAFE,YAAY;QACqB,SAAS;QACrC,eAAe;;gEAQhC;AAIY;IAFZ,GAAG,CAAC,sBAAsB,CAAC;IAC3B,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IAErB,WAAA,SAAS,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC,CAAA;IACjC,WAAA,KAAK,EAAE,CAAA;;qCADiC,SAAS;;gEAQrD;AAYY;IAFZ,GAAG,CAAC,UAAU,CAAC;IACf,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IAEnB,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,KAAK,EAAE,CAAA;IACP,WAAA,MAAM,CAAC,sBAAsB,CAAC,CAAA;;qCAFT,aAAa;QAClB,QAAQ;;sDAS5B;AAIY;IAFZ,GAAG,CAAC,eAAe,CAAC;IACpB,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC;IACF,WAAA,KAAK,EAAE,CAAA;;;;qDAI5B;AAIY;IAFZ,IAAI,CAAC,UAAU,CAAC;IAChB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACA,WAAA,OAAO,EAAE,CAAA;;qCAAW,YAAY;;yDAEzD;AAIY;IAFZ,KAAK,CAAC,gBAAgB,CAAC;IACvB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACG,WAAA,KAAK,EAAE,CAAA;IAAgB,WAAA,IAAI,EAAE,CAAA;;6CAAO,eAAe;;4DAQ/E;AAIY;IAFZ,GAAG,CAAC,gBAAgB,CAAC;IACrB,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC;IACG,WAAA,KAAK,EAAE,CAAA;;;;4DAMnC;AA3IQ,sBAAsB;IAHlC,QAAQ,CAAC,MAAM,CAAC;IAChB,QAAQ,CAAC,eAAe,CAAC;IACzB,MAAM,CAAC,gBAAgB,CAAC;GACZ,sBAAsB,CA4IlC"}
|
package/lib/mjs/index.d.ts
CHANGED
|
@@ -1,4 +1,7 @@
|
|
|
1
1
|
export * from './controllers/LoginController.js';
|
|
2
2
|
export * from './controllers/UserController.js';
|
|
3
3
|
export * from './controllers/UserMetadataController.js';
|
|
4
|
+
export * from "./controllers/TwoFactorAuthController.js";
|
|
5
|
+
export * from "./cli/EnableUser2Fa.js";
|
|
6
|
+
export * from "./2fa/Default2FaToken.js";
|
|
4
7
|
//# sourceMappingURL=index.d.ts.map
|
package/lib/mjs/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,kCAAkC,CAAC;AACjD,cAAc,iCAAiC,CAAC;AAChD,cAAc,yCAAyC,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,kCAAkC,CAAC;AACjD,cAAc,iCAAiC,CAAC;AAChD,cAAc,yCAAyC,CAAC;AACxD,cAAc,0CAA0C,CAAC;AAEzD,cAAc,wBAAwB,CAAC;AACvC,cAAc,0BAA0B,CAAC"}
|
package/lib/mjs/index.js
CHANGED
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
export * from './controllers/LoginController.js';
|
|
2
2
|
export * from './controllers/UserController.js';
|
|
3
3
|
export * from './controllers/UserMetadataController.js';
|
|
4
|
+
export * from "./controllers/TwoFactorAuthController.js";
|
|
5
|
+
export * from "./cli/EnableUser2Fa.js";
|
|
6
|
+
export * from "./2fa/Default2FaToken.js";
|
|
4
7
|
// export * from './2fa/SpeakEasy2FaToken.js';
|
|
5
8
|
// export * from "./fingerprint/FingerprintJs.js";
|
|
6
9
|
//# sourceMappingURL=index.js.map
|
package/lib/mjs/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,kCAAkC,CAAC;AACjD,cAAc,iCAAiC,CAAC;AAChD,cAAc,yCAAyC,CAAC;AACxD,8CAA8C;AAC9C,kDAAkD"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,kCAAkC,CAAC;AACjD,cAAc,iCAAiC,CAAC;AAChD,cAAc,yCAAyC,CAAC;AACxD,cAAc,0CAA0C,CAAC;AAEzD,cAAc,wBAAwB,CAAC;AACvC,cAAc,0BAA0B,CAAC;AACzC,8CAA8C;AAC9C,kDAAkD"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"2FaPolicy.d.ts","sourceRoot":"","sources":["../../../src/policies/2FaPolicy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"2FaPolicy.d.ts","sourceRoot":"","sources":["../../../src/policies/2FaPolicy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAIzD,qBAAa,kBAAmB,SAAQ,UAAU;IAEhD,SAAS,CAAC,eAAe,EAAE,mBAAmB,CAAC;IAExC,SAAS,IAAI,OAAO;IAGpB,OAAO,CAAC,GAAG,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;CAgB7C"}
|
|
@@ -10,7 +10,7 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
10
10
|
import { InvalidOperation } from '@spinajs/exceptions';
|
|
11
11
|
import { Config } from '@spinajs/configuration';
|
|
12
12
|
import { BasePolicy } from '@spinajs/http';
|
|
13
|
-
import {
|
|
13
|
+
import { Forbidden } from '@spinajs/exceptions';
|
|
14
14
|
export class TwoFacRouteEnabled extends BasePolicy {
|
|
15
15
|
isEnabled() {
|
|
16
16
|
return true;
|
|
@@ -22,8 +22,8 @@ export class TwoFacRouteEnabled extends BasePolicy {
|
|
|
22
22
|
/**
|
|
23
23
|
* Check only if user passed login page and waiting for TwoFactorAuth
|
|
24
24
|
*/
|
|
25
|
-
if (!req.storage
|
|
26
|
-
throw new
|
|
25
|
+
if (!req.storage.Session?.Data.get('TwoFactorAuth')) {
|
|
26
|
+
throw new Forbidden('user does not have 2fa enabled');
|
|
27
27
|
}
|
|
28
28
|
return Promise.resolve();
|
|
29
29
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"2FaPolicy.js","sourceRoot":"","sources":["../../../src/policies/2FaPolicy.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAuB,MAAM,eAAe,CAAC;AAEhE,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"2FaPolicy.js","sourceRoot":"","sources":["../../../src/policies/2FaPolicy.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAuB,MAAM,eAAe,CAAC;AAEhE,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAGhD,MAAM,OAAO,kBAAmB,SAAQ,UAAU;IAIzC,SAAS;QACd,OAAO,IAAI,CAAC;IACd,CAAC;IACM,OAAO,CAAC,GAAa;QAC1B,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;YAC3C,MAAM,IAAI,gBAAgB,CAAC,8BAA8B,CAAC,CAAC;QAC7D,CAAC;QAGD;;WAEG;QACH,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,SAAS,CAAC,gCAAgC,CAAC,CAAC;QACxD,CAAC;QAGD,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;CACF;AArBW;IADT,MAAM,CAAC,oBAAoB,CAAC;;2DACkB"}
|