@spinajs/rbac-http-user 2.0.381 → 2.0.382
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/2fa/Default2FaToken.d.ts +1 -0
- package/lib/cjs/2fa/Default2FaToken.d.ts.map +1 -1
- package/lib/cjs/2fa/Default2FaToken.js +18 -3
- package/lib/cjs/2fa/Default2FaToken.js.map +1 -1
- package/lib/cjs/actions/2fa.d.ts +2 -0
- package/lib/cjs/actions/2fa.d.ts.map +1 -1
- package/lib/cjs/actions/2fa.js +15 -1
- package/lib/cjs/actions/2fa.js.map +1 -1
- package/lib/cjs/config/rbac-http.d.ts +16 -0
- package/lib/cjs/config/rbac-http.d.ts.map +1 -1
- package/lib/cjs/config/rbac-http.js +8 -0
- package/lib/cjs/config/rbac-http.js.map +1 -1
- package/lib/cjs/controllers/TwoFactorAuthController.d.ts +1 -0
- package/lib/cjs/controllers/TwoFactorAuthController.d.ts.map +1 -1
- package/lib/cjs/controllers/TwoFactorAuthController.js +16 -3
- package/lib/cjs/controllers/TwoFactorAuthController.js.map +1 -1
- package/lib/cjs/events/User2FaDisabled.d.ts +4 -0
- package/lib/cjs/events/User2FaDisabled.d.ts.map +1 -0
- package/lib/cjs/events/User2FaDisabled.js +18 -0
- package/lib/cjs/events/User2FaDisabled.js.map +1 -0
- package/lib/cjs/events/User2FaReset.d.ts +4 -0
- package/lib/cjs/events/User2FaReset.d.ts.map +1 -0
- package/lib/cjs/events/User2FaReset.js +18 -0
- package/lib/cjs/events/User2FaReset.js.map +1 -0
- package/lib/cjs/index.d.ts +5 -0
- package/lib/cjs/index.d.ts.map +1 -1
- package/lib/cjs/index.js +24 -2
- package/lib/cjs/index.js.map +1 -1
- package/lib/mjs/2fa/Default2FaToken.d.ts +1 -0
- package/lib/mjs/2fa/Default2FaToken.d.ts.map +1 -1
- package/lib/mjs/2fa/Default2FaToken.js +19 -4
- package/lib/mjs/2fa/Default2FaToken.js.map +1 -1
- package/lib/mjs/actions/2fa.d.ts +2 -0
- package/lib/mjs/actions/2fa.d.ts.map +1 -1
- package/lib/mjs/actions/2fa.js +12 -0
- package/lib/mjs/actions/2fa.js.map +1 -1
- package/lib/mjs/config/rbac-http.d.ts +16 -0
- package/lib/mjs/config/rbac-http.d.ts.map +1 -1
- package/lib/mjs/config/rbac-http.js +8 -0
- package/lib/mjs/config/rbac-http.js.map +1 -1
- package/lib/mjs/controllers/TwoFactorAuthController.d.ts +1 -0
- package/lib/mjs/controllers/TwoFactorAuthController.d.ts.map +1 -1
- package/lib/mjs/controllers/TwoFactorAuthController.js +17 -4
- package/lib/mjs/controllers/TwoFactorAuthController.js.map +1 -1
- package/lib/mjs/events/User2FaDisabled.d.ts +4 -0
- package/lib/mjs/events/User2FaDisabled.d.ts.map +1 -0
- package/lib/mjs/events/User2FaDisabled.js +15 -0
- package/lib/mjs/events/User2FaDisabled.js.map +1 -0
- package/lib/mjs/events/User2FaReset.d.ts +4 -0
- package/lib/mjs/events/User2FaReset.d.ts.map +1 -0
- package/lib/mjs/events/User2FaReset.js +15 -0
- package/lib/mjs/events/User2FaReset.js.map +1 -0
- package/lib/mjs/index.d.ts +5 -0
- package/lib/mjs/index.d.ts.map +1 -1
- package/lib/mjs/index.js +23 -2
- package/lib/mjs/index.js.map +1 -1
- package/lib/tsconfig.cjs.tsbuildinfo +1 -1
- package/lib/tsconfig.mjs.tsbuildinfo +1 -1
- package/package.json +11 -11
|
@@ -13,6 +13,7 @@ export declare class Default2FaToken extends TwoFactorAuthProvider {
|
|
|
13
13
|
private _getOTP;
|
|
14
14
|
execute(_: User): Promise<void>;
|
|
15
15
|
verifyToken(token: string, user: User): Promise<boolean>;
|
|
16
|
+
disable(user: User): Promise<void>;
|
|
16
17
|
initialize(user: User): Promise<any>;
|
|
17
18
|
getOtpAuthUrl(user: User): Promise<string | null>;
|
|
18
19
|
isEnabled(user: User): Promise<boolean>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Default2FaToken.d.ts","sourceRoot":"","sources":["../../../src/2fa/Default2FaToken.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAErC,OAAO,EAAE,GAAG,EAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAI3D,oBAAY,sBAAsB;IAC9B,KAAK,cAAc;IACnB,OAAO,gBAAgB;IACvB,GAAG,YAAY;CAClB;AAED,qBACa,eAAgB,SAAQ,qBAAqB;IAEtD,SAAS,CAAC,MAAM,EAAE,GAAG,CAAC;IAGtB,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;;IAMnB,OAAO,CAAC,OAAO;IAYR,OAAO,CAAC,CAAC,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAMzB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;IAgBxD,UAAU,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;
|
|
1
|
+
{"version":3,"file":"Default2FaToken.d.ts","sourceRoot":"","sources":["../../../src/2fa/Default2FaToken.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAErC,OAAO,EAAE,GAAG,EAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAI3D,oBAAY,sBAAsB;IAC9B,KAAK,cAAc;IACnB,OAAO,gBAAgB;IACvB,GAAG,YAAY;CAClB;AAED,qBACa,eAAgB,SAAQ,qBAAqB;IAEtD,SAAS,CAAC,MAAM,EAAE,GAAG,CAAC;IAGtB,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;;IAMnB,OAAO,CAAC,OAAO;IAYR,OAAO,CAAC,CAAC,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAMzB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;IAgBxD,OAAO,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAclC,UAAU,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;IA2BpC,aAAa,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAYjD,SAAS,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;IAKvC,aAAa,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;CAI3D"}
|
|
@@ -76,15 +76,30 @@ let Default2FaToken = class Default2FaToken extends rbac_http_1.TwoFactorAuthPro
|
|
|
76
76
|
});
|
|
77
77
|
return verified !== null;
|
|
78
78
|
}
|
|
79
|
+
async disable(user) {
|
|
80
|
+
await user.Metadata.delete(TWO_FA_METATADATA_KEYS.TOKEN);
|
|
81
|
+
await user.Metadata.delete(TWO_FA_METATADATA_KEYS.ENABLED);
|
|
82
|
+
await user.Metadata.delete(TWO_FA_METATADATA_KEYS.OTP);
|
|
83
|
+
this.Log.trace(`2fa token removed for user ${user.Uuid}`, {
|
|
84
|
+
user: {
|
|
85
|
+
Uuid: user.Uuid
|
|
86
|
+
},
|
|
87
|
+
});
|
|
88
|
+
}
|
|
79
89
|
async initialize(user) {
|
|
90
|
+
if (user.Metadata[TWO_FA_METATADATA_KEYS.ENABLED]) {
|
|
91
|
+
throw new exceptions_1.InvalidOperation(`user ${user.Uuid} alread have enabled 2f, disable it first.`);
|
|
92
|
+
}
|
|
80
93
|
const secret = new OTPAuth.Secret({ size: this.Config.secretSize });
|
|
81
94
|
const totp = this._getOTP(user, secret.base32);
|
|
82
95
|
user.Metadata[TWO_FA_METATADATA_KEYS.TOKEN] = secret.base32;
|
|
83
96
|
user.Metadata[TWO_FA_METATADATA_KEYS.ENABLED] = true;
|
|
84
97
|
user.Metadata[TWO_FA_METATADATA_KEYS.OTP] = totp.toString();
|
|
85
|
-
await user.Metadata.
|
|
86
|
-
this.Log.trace(`2fa token initialized for user ${user.
|
|
87
|
-
|
|
98
|
+
await user.Metadata.update();
|
|
99
|
+
this.Log.trace(`2fa token initialized for user ${user.Uuid}`, {
|
|
100
|
+
user: {
|
|
101
|
+
Uuid: user.Uuid
|
|
102
|
+
},
|
|
88
103
|
});
|
|
89
104
|
/**
|
|
90
105
|
* returns: `otpauth://totp/ACME:Alice?issuer=ACME&secret=US3WHSG7X5KAPV27VANWKQHF3SH3HULL&algorithm=SHA1&digits=6&period=30`
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Default2FaToken.js","sourceRoot":"","sources":["../../../src/2fa/Default2FaToken.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oCAAyC;AAEzC,0DAAgD;AAChD,sCAA2C;AAC3C,kDAA2D;AAC3D,iDAAmC;AACnC,
|
|
1
|
+
{"version":3,"file":"Default2FaToken.js","sourceRoot":"","sources":["../../../src/2fa/Default2FaToken.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oCAAyC;AAEzC,0DAAgD;AAChD,sCAA2C;AAC3C,kDAA2D;AAC3D,iDAAmC;AACnC,oDAAkE;AAElE,IAAY,sBAIX;AAJD,WAAY,sBAAsB;IAC9B,6CAAmB,CAAA;IACnB,iDAAuB,CAAA;IACvB,yCAAe,CAAA;AACnB,CAAC,EAJW,sBAAsB,sCAAtB,sBAAsB,QAIjC;AAGM,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,iCAAqB;IAOtD;QACI,KAAK,EAAE,CAAC;IACZ,CAAC;IAEO,OAAO,CAAC,IAAU,EAAE,MAAc;QACtC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;YACpB,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YAChC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC;SAC5C,CAAC,CAAC;IAEP,CAAC;IAEM,OAAO,CAAC,CAAO;QAClB,yDAAyD;QACzD,gCAAgC;QAChC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,IAAU;QAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QAE/D,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,MAAM,IAAI,sBAAS,CAAC,kDAAkD,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QACvF,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC5C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;YAC3B,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;SAC7B,CAAC,CAAC;QAEH,OAAO,QAAQ,KAAK,IAAI,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,IAAU;QAE3B,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QACzD,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAC3D,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC;QAGvD,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,8BAA8B,IAAI,CAAC,IAAI,EAAE,EAAE;YACtD,IAAI,EAAE;gBACF,IAAI,EAAE,IAAI,CAAC,IAAI;aAClB;SACJ,CAAC,CAAC;IACP,CAAC;IAEM,KAAK,CAAC,UAAU,CAAC,IAAU;QAE9B,IAAI,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,OAAO,CAAC,EAAE,CAAC;YAChD,MAAM,IAAI,6BAAgB,CAAC,QAAQ,IAAI,CAAC,IAAI,4CAA4C,CAAC,CAAC;QAC9F,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QACpE,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAE/C,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5D,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC;QACrD,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;QAE5D,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;QAE7B,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,kCAAkC,IAAI,CAAC,IAAI,EAAE,EAAE;YAC1D,IAAI,EAAE;gBACF,IAAI,EAAE,IAAI,CAAC,IAAI;aAClB;SACJ,CAAC,CAAC;QAEH;;WAEG;QACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,IAAU;QACjC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QAE1D,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,kDAAkD,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;YAC5E,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAEM,KAAK,CAAC,SAAS,CAAC,IAAU;QAC7B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAChE,OAAO,GAAc,CAAC;IAC1B,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,IAAU;QACjC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QAC1D,OAAO,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,EAAE,CAAC;IACjE,CAAC;CACJ,CAAA;AA3GY,0CAAe;AAEd;IADT,IAAA,sBAAM,EAAC,cAAc,CAAC;;+CACD;AAGZ;IADT,IAAA,YAAM,EAAC,WAAW,CAAC;8BACL,SAAG;4CAAC;0BALV,eAAe;IAD3B,IAAA,eAAU,EAAC,iCAAqB,CAAC;;GACrB,eAAe,CA2G3B"}
|
package/lib/cjs/actions/2fa.d.ts
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
import { User } from '@spinajs/rbac';
|
|
2
2
|
export declare function enableUser2Fa(identifier: number | string | User): Promise<unknown>;
|
|
3
|
+
export declare function disableUser2Fa(identifier: number | string | User): Promise<unknown>;
|
|
4
|
+
export declare function resetUser2Fa(identifier: number | string | User): Promise<unknown>;
|
|
3
5
|
/**
|
|
4
6
|
*
|
|
5
7
|
* Verify 2fa token for user
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"2fa.d.ts","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAyD,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"2fa.d.ts","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAyD,MAAM,eAAe,CAAC;AAY5F,wBAAsB,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,oBAOrE;AAED,wBAAsB,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,oBAOtE;AAED,wBAAsB,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,oBAUpE;AAED;;;;;;;GAOG;AACH,wBAAsB,OAAO,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,EAAE,KAAK,EAAE,MAAM,oBA8B9E"}
|
package/lib/cjs/actions/2fa.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.auth2Fa = exports.enableUser2Fa = void 0;
|
|
3
|
+
exports.auth2Fa = exports.resetUser2Fa = exports.disableUser2Fa = exports.enableUser2Fa = void 0;
|
|
4
4
|
const rbac_1 = require("@spinajs/rbac");
|
|
5
5
|
const http_1 = require("@spinajs/http");
|
|
6
6
|
const configuration_1 = require("@spinajs/configuration");
|
|
@@ -9,12 +9,26 @@ const util_1 = require("@spinajs/util");
|
|
|
9
9
|
const User2FaPassed_js_1 = require("../events/User2FaPassed.js");
|
|
10
10
|
const User2FaEnabled_js_1 = require("../events/User2FaEnabled.js");
|
|
11
11
|
const rbac_http_1 = require("@spinajs/rbac-http");
|
|
12
|
+
const User2FaReset_js_1 = require("../events/User2FaReset.js");
|
|
12
13
|
async function enableUser2Fa(identifier) {
|
|
13
14
|
return (0, util_1._chain)((0, rbac_1._user_unsafe)(identifier), (u) => {
|
|
14
15
|
return (0, util_1._chain)((0, configuration_1._service)('rbac.twoFactorAuth', rbac_http_1.TwoFactorAuthProvider), async (twoFa) => twoFa.initialize(u), (0, util_1._tap)((0, rbac_1._user_ev)(User2FaEnabled_js_1.User2FaEnabled)));
|
|
15
16
|
});
|
|
16
17
|
}
|
|
17
18
|
exports.enableUser2Fa = enableUser2Fa;
|
|
19
|
+
async function disableUser2Fa(identifier) {
|
|
20
|
+
return (0, util_1._chain)((0, rbac_1._user_unsafe)(identifier), (u) => {
|
|
21
|
+
return (0, util_1._chain)((0, configuration_1._service)('rbac.twoFactorAuth', rbac_http_1.TwoFactorAuthProvider), async (twoFa) => twoFa.disable(u), (0, util_1._tap)((0, rbac_1._user_ev)(User2FaEnabled_js_1.User2FaEnabled)));
|
|
22
|
+
});
|
|
23
|
+
}
|
|
24
|
+
exports.disableUser2Fa = disableUser2Fa;
|
|
25
|
+
async function resetUser2Fa(identifier) {
|
|
26
|
+
return (0, util_1._chain)((0, rbac_1._user_unsafe)(identifier), (u) => {
|
|
27
|
+
return (0, util_1._chain)((0, configuration_1._service)('rbac.twoFactorAuth', rbac_http_1.TwoFactorAuthProvider), (0, util_1._tap)(async (twoFa) => twoFa.disable(u))),
|
|
28
|
+
(0, util_1._tap)((0, rbac_1._user_ev)(User2FaReset_js_1.User2FaReset));
|
|
29
|
+
});
|
|
30
|
+
}
|
|
31
|
+
exports.resetUser2Fa = resetUser2Fa;
|
|
18
32
|
/**
|
|
19
33
|
*
|
|
20
34
|
* Verify 2fa token for user
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"2fa.js","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":";;;AAAA,wCAA4F;AAC5F,wCAA6C;AAE7C,0DAAkD;AAClD,iCAAiC;AACjC,
|
|
1
|
+
{"version":3,"file":"2fa.js","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":";;;AAAA,wCAA4F;AAC5F,wCAA6C;AAE7C,0DAAkD;AAClD,iCAAiC;AACjC,wCAAoH;AACpH,iEAA2D;AAC3D,mEAA6D;AAC7D,kDAA4D;AAC5D,+DAAyD;AAGlD,KAAK,UAAU,aAAa,CAAC,UAAkC;IAClE,OAAO,IAAA,aAAM,EACT,IAAA,mBAAY,EAAC,UAAU,CAAC,EACxB,CAAC,CAAO,EAAE,EAAE;QACR,OAAO,IAAA,aAAM,EAAC,IAAA,wBAAQ,EAAC,oBAAoB,EAAE,iCAAqB,CAAC,EAAE,KAAK,EAAE,KAA4B,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,IAAA,WAAI,EAAC,IAAA,eAAQ,EAAC,kCAAc,CAAC,CAAC,CAAC,CAAC;IACtK,CAAC,CACJ,CAAC;AACN,CAAC;AAPD,sCAOC;AAEM,KAAK,UAAU,cAAc,CAAC,UAAkC;IACnE,OAAO,IAAA,aAAM,EACT,IAAA,mBAAY,EAAC,UAAU,CAAC,EACxB,CAAC,CAAO,EAAE,EAAE;QACR,OAAO,IAAA,aAAM,EAAC,IAAA,wBAAQ,EAAC,oBAAoB,EAAE,iCAAqB,CAAC,EAAE,KAAK,EAAE,KAA4B,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,IAAA,WAAI,EAAC,IAAA,eAAQ,EAAC,kCAAc,CAAC,CAAC,CAAC,CAAC;IACnK,CAAC,CACJ,CAAC;AACN,CAAC;AAPD,wCAOC;AAEM,KAAK,UAAU,YAAY,CAAC,UAAkC;IACjE,OAAO,IAAA,aAAM,EACT,IAAA,mBAAY,EAAC,UAAU,CAAC,EACxB,CAAC,CAAO,EAAE,EAAE;QACR,OAAO,IAAA,aAAM,EAAC,IAAA,wBAAQ,EAAC,oBAAoB,EAAE,iCAAqB,CAAC,EAC/D,IAAA,WAAI,EAAC,KAAK,EAAE,KAA4B,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CACjE;YACD,IAAA,WAAI,EAAC,IAAA,eAAQ,EAAC,8BAAY,CAAC,CAAC,CAAC;IACjC,CAAC,CACJ,CAAC;AACN,CAAC;AAVD,oCAUC;AAED;;;;;;;GAOG;AACI,KAAK,UAAU,OAAO,CAAC,UAAkC,EAAE,KAAa;IAC3E,KAAK,GAAG,IAAA,iBAAU,EAAC,IAAA,YAAK,GAAE,EAAE,IAAA,iBAAU,GAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAE1D,OAAO,IAAA,aAAM,EACT,IAAA,mBAAY,EAAC,UAAU,CAAC,EACxB,IAAA,aAAM,EACF,CAAC,CAAO,EAAE,EAAE;QACR,OAAO,IAAA,aAAM,EAAC,IAAA,wBAAQ,EAAC,oBAAoB,EAAE,iCAAqB,CAAC,EAAE,IAAA,cAAO,EACxE,CAAC,KAA4B,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC,EAC7D,GAAG,EAAE,CAAC,IAAA,aAAM,EAAC,CAAC,EAAE,IAAA,mBAAY,EAAC,EAAE,WAAW,EAAE,gBAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,IAAA,eAAQ,EAAC,gCAAa,CAAC,CAAC,EACvF,GAAG,EAAE;YACD,MAAM,IAAI,mBAAY,CAAC,kBAAkB,CAAC,CAAC;QAC/C,CAAC,CACJ,CAAC,CAAA;IACN,CAAC,EACD,CAAC,GAAG,EAAE,CAAO,EAAE,EAAE;QACb,OAAO,IAAA,aAAM,EACT,GAAG,EAAE,CAAC,CAAC;QAEP,6BAA6B;QAC7B,IAAA,eAAQ,EAAC,sBAAe,EAAE,GAAG,CAAC;QAE9B,2BAA2B;QAC3B,GAAG,EAAE;YACD,MAAM,GAAG,CAAC;QACd,CAAC,CACJ,CAAC;IACN,CAAC,CACJ,CACJ,CAAC;AACN,CAAC;AA9BD,0BA8BC"}
|
|
@@ -5,6 +5,22 @@ declare const rbacHttp: {
|
|
|
5
5
|
cli: string[];
|
|
6
6
|
};
|
|
7
7
|
};
|
|
8
|
+
queue: {
|
|
9
|
+
routing: {
|
|
10
|
+
User2FaDisabled: {
|
|
11
|
+
connection: string;
|
|
12
|
+
};
|
|
13
|
+
User2FaEnabled: {
|
|
14
|
+
connection: string;
|
|
15
|
+
};
|
|
16
|
+
User2FaPassed: {
|
|
17
|
+
connection: string;
|
|
18
|
+
};
|
|
19
|
+
User2FaReset: {
|
|
20
|
+
connection: string;
|
|
21
|
+
};
|
|
22
|
+
};
|
|
23
|
+
};
|
|
8
24
|
rbac: {
|
|
9
25
|
otpauth: {
|
|
10
26
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rbac-http.d.ts","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":"AAQA,QAAA,MAAM,QAAQ
|
|
1
|
+
{"version":3,"file":"rbac-http.d.ts","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":"AAQA,QAAA,MAAM,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;YAiBR;;eAEG;;YAGH;;eAEG;;;;;;;;;;;;;;;;;;;;;;;YAyBH;;eAEG;;;QAGL;;WAEG;;;;CAQN,CAAC;AAEF,eAAe,QAAQ,CAAC"}
|
|
@@ -12,6 +12,14 @@ const rbacHttp = {
|
|
|
12
12
|
cli: [dir('cli')]
|
|
13
13
|
},
|
|
14
14
|
},
|
|
15
|
+
queue: {
|
|
16
|
+
routing: {
|
|
17
|
+
User2FaDisabled: { connection: 'rbac-user-empty-queue' },
|
|
18
|
+
User2FaEnabled: { connection: 'rbac-user-empty-queue' },
|
|
19
|
+
User2FaPassed: { connection: 'rbac-user-empty-queue' },
|
|
20
|
+
User2FaReset: { connection: 'rbac-user-empty-queue' },
|
|
21
|
+
},
|
|
22
|
+
},
|
|
15
23
|
rbac: {
|
|
16
24
|
otpauth: {
|
|
17
25
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rbac-http.js","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":";;AAAA,+BAAgD;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,MAAM,UAAU,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC;IACjD,OAAO,IAAA,cAAO,EAAC,IAAA,gBAAS,EAAC,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,UAAU,EAAE,gBAAgB,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AACxI,CAAC;AAGD,MAAM,QAAQ,GAAG;IACf,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,WAAW,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YACjC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;SAClB;KACF;IACD,IAAI,EAAE;QACJ,OAAO,EAAE;YACP;;eAEG;YACH,MAAM,EAAE,SAAS;YAEjB;;eAEG;YACH,SAAS,EAAE,MAAM;YACjB,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,CAAC;SACV;QACD,aAAa,EAAE;YACb,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,KAAK;YAChB,OAAO,EAAE,iBAAiB;SAC3B;QACD,WAAW,EAAE;YACX,OAAO,EAAE,KAAK;YACd,UAAU,EAAE,CAAC;YACb,OAAO,EAAE,eAAe;SACzB;QACD,OAAO,
|
|
1
|
+
{"version":3,"file":"rbac-http.js","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":";;AAAA,+BAAgD;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,MAAM,UAAU,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC;IACjD,OAAO,IAAA,cAAO,EAAC,IAAA,gBAAS,EAAC,IAAA,WAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,UAAU,EAAE,gBAAgB,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AACxI,CAAC;AAGD,MAAM,QAAQ,GAAG;IACf,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,WAAW,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YACjC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;SAClB;KACF;IACD,KAAK,EAAE;QACL,OAAO,EAAE;YACP,eAAe,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACxD,cAAc,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACvD,aAAa,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACtD,YAAY,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;SACtD;KACF;IACD,IAAI,EAAE;QACJ,OAAO,EAAE;YACP;;eAEG;YACH,MAAM,EAAE,SAAS;YAEjB;;eAEG;YACH,SAAS,EAAE,MAAM;YACjB,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,CAAC;SACV;QACD,aAAa,EAAE;YACb,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,KAAK;YAChB,OAAO,EAAE,iBAAiB;SAC3B;QACD,WAAW,EAAE;YACX,OAAO,EAAE,KAAK;YACd,UAAU,EAAE,CAAC;YACb,OAAO,EAAE,eAAe;SACzB;QACD,OAAO,EAAE;YACP,MAAM,EAAE;gBACN,QAAQ,EAAE,KAAK;aAChB;SACF;QACD,QAAQ,EAAE;YACR,sCAAsC;YACtC,QAAQ,EAAE,EAAE;YAEZ;;eAEG;YACH,kBAAkB,EAAE,CAAC;SACtB;QACD;;WAEG;QACH,cAAc,EAAE,KAAK;KACtB;IACD,IAAI,EAAE;IACJ,iBAAiB;IACjB,+CAA+C;IAC/C,KAAK;KACN;CACF,CAAC;AAEF,kBAAe,QAAQ,CAAC"}
|
|
@@ -7,6 +7,7 @@ export declare class TwoFactorAuthController extends BaseController {
|
|
|
7
7
|
protected SessionProvider: SessionProvider;
|
|
8
8
|
protected AC: AccessControl;
|
|
9
9
|
enable2fa(user: UserModel): Promise<Ok>;
|
|
10
|
+
disable2Fa(user: UserModel): Promise<Ok>;
|
|
10
11
|
verifyToken(logged: UserModel, token: TokenDto, session: ISession): Promise<Ok | ForbiddenResponse>;
|
|
11
12
|
}
|
|
12
13
|
//# sourceMappingURL=TwoFactorAuthController.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TwoFactorAuthController.d.ts","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAY,EAAE,EAAa,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAC3F,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,IAAI,SAAS,EAAyC,aAAa,EAAE,MAAM,eAAe,CAAC;AAOnI,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"TwoFactorAuthController.d.ts","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAY,EAAE,EAAa,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAC3F,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,IAAI,SAAS,EAAyC,aAAa,EAAE,MAAM,eAAe,CAAC;AAOnI,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAO9C,qBAGa,uBAAwB,SAAQ,cAAc;IAEvD,SAAS,CAAC,KAAK,EAAE,YAAY,CAAC;IAG9B,SAAS,CAAC,eAAe,EAAE,eAAe,CAAC;IAG3C,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC;IAGf,SAAS,CAAS,IAAI,EAAE,SAAS;IAajC,UAAU,CAAS,IAAI,EAAE,SAAS;IAUlC,WAAW,CAAS,MAAM,EAAE,SAAS,EAAU,KAAK,EAAE,QAAQ,EAAa,OAAO,EAAE,QAAQ;CAuC5G"}
|
|
@@ -25,18 +25,24 @@ const queue_1 = require("@spinajs/queue");
|
|
|
25
25
|
const rbac_http_2 = require("@spinajs/rbac-http");
|
|
26
26
|
const _2fa_js_1 = require("./../actions/2fa.js");
|
|
27
27
|
const _2fa_js_2 = require("../actions/2fa.js");
|
|
28
|
+
const exceptions_1 = require("@spinajs/exceptions");
|
|
28
29
|
let TwoFactorAuthController = class TwoFactorAuthController extends http_1.BaseController {
|
|
29
30
|
async enable2fa(user) {
|
|
30
31
|
if (user.Metadata['2fa:enabled']) {
|
|
31
|
-
|
|
32
|
-
otp: user.Metadata['2fa:otp'],
|
|
33
|
-
});
|
|
32
|
+
throw new exceptions_1.InvalidOperation(`User ${user.Uuid} already has 2fa enabled`);
|
|
34
33
|
}
|
|
35
34
|
const result = await (0, _2fa_js_2.enableUser2Fa)(user);
|
|
36
35
|
return new http_1.Ok({
|
|
37
36
|
otp: result
|
|
38
37
|
});
|
|
39
38
|
}
|
|
39
|
+
async disable2Fa(user) {
|
|
40
|
+
if (!user.Metadata['2fa:enabled']) {
|
|
41
|
+
throw new exceptions_1.InvalidOperation(`User ${user.Uuid} already has 2fa disabled`);
|
|
42
|
+
}
|
|
43
|
+
await (0, _2fa_js_1.disableUser2Fa)(user);
|
|
44
|
+
return new http_1.Ok();
|
|
45
|
+
}
|
|
40
46
|
async verifyToken(logged, token, session) {
|
|
41
47
|
try {
|
|
42
48
|
await (0, _2fa_js_1.auth2Fa)(logged, token.Token);
|
|
@@ -89,6 +95,13 @@ __decorate([
|
|
|
89
95
|
__metadata("design:paramtypes", [rbac_1.User]),
|
|
90
96
|
__metadata("design:returntype", Promise)
|
|
91
97
|
], TwoFactorAuthController.prototype, "enable2fa", null);
|
|
98
|
+
__decorate([
|
|
99
|
+
(0, http_1.Get)('2fa/disable'),
|
|
100
|
+
__param(0, (0, rbac_http_2.User)()),
|
|
101
|
+
__metadata("design:type", Function),
|
|
102
|
+
__metadata("design:paramtypes", [rbac_1.User]),
|
|
103
|
+
__metadata("design:returntype", Promise)
|
|
104
|
+
], TwoFactorAuthController.prototype, "disable2Fa", null);
|
|
92
105
|
__decorate([
|
|
93
106
|
(0, http_1.Post)('2fa/verify'),
|
|
94
107
|
__param(0, (0, rbac_http_2.User)()),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TwoFactorAuthController.js","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,wDAAiD;AACjD,wCAA2F;AAC3F,wCAAmI;AACnI,kDAA6C;AAC7C,wCAA6C;AAE7C,4DAA8D;AAC9D,0DAAqE;AACrE,oCAAyC;AACzC,0CAA8C;AAE9C,kDAAgE;AAChE,
|
|
1
|
+
{"version":3,"file":"TwoFactorAuthController.js","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,wDAAiD;AACjD,wCAA2F;AAC3F,wCAAmI;AACnI,kDAA6C;AAC7C,wCAA6C;AAE7C,4DAA8D;AAC9D,0DAAqE;AACrE,oCAAyC;AACzC,0CAA8C;AAE9C,kDAAgE;AAChE,iDAA8D;AAC9D,+CAAkD;AAClD,oDAAuD;AAKhD,IAAM,uBAAuB,GAA7B,MAAM,uBAAwB,SAAQ,qBAAc;IAW1C,AAAN,KAAK,CAAC,SAAS,CAAS,IAAe;QAE1C,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,6BAAgB,CAAC,QAAQ,IAAI,CAAC,IAAI,0BAA0B,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAA,uBAAa,EAAC,IAAI,CAAC,CAAC;QACzC,OAAO,IAAI,SAAE,CAAC;YACV,GAAG,EAAE,MAAM;SACd,CAAC,CAAC;IACP,CAAC;IAGY,AAAN,KAAK,CAAC,UAAU,CAAS,IAAe;QAC3C,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,6BAAgB,CAAC,QAAQ,IAAI,CAAC,IAAI,2BAA2B,CAAC,CAAC;QAC7E,CAAC;QAED,MAAM,IAAA,wBAAc,EAAC,IAAI,CAAC,CAAC;QAC3B,OAAO,IAAI,SAAE,EAAE,CAAC;IACpB,CAAC;IAGY,AAAN,KAAK,CAAC,WAAW,CAAS,MAAiB,EAAU,KAAe,EAAa,OAAiB;QAErG,IAAI,CAAC;YACD,MAAM,IAAA,iBAAO,EAAC,MAAM,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YAEnC,mCAAmC;YACnC,4CAA4C;YAC5C,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;YACrC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;YACrC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEzC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,gCAAgC,EAAE;gBAC9C,IAAI,EAAE,MAAM,CAAC,IAAI;aACpB,CAAC,CAAC;YAGH,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC;YACnC,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAA,oBAAa,EAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;YAClE,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,UAAU,CAAC,CAAC;YAGxD,OAAO,IAAI,SAAE,CAAC;gBACV,GAAG,MAAM,CAAC,sBAAsB,CAAC;oBAC7B,cAAc,EAAE,KAAK;iBACxB,CAAC;gBACF,MAAM,EAAE,cAAc;aACzB,CAAC,CAAC;QACP,CAAC;QACD,OAAO,GAAG,EAAE,CAAC;YACT,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAErB,OAAO,IAAI,wBAAiB,CAAC;gBACzB,KAAK,EAAE;oBACH,IAAI,EAAE,cAAc;oBACpB,OAAO,EAAE,kBAAkB;iBAC9B;aACJ,CAAC,CAAC;QACP,CAAC;IACL,CAAC;CACJ,CAAA;AAzEY,0DAAuB;AAEtB;IADT,IAAA,eAAU,EAAC,oBAAY,CAAC;8BACR,oBAAY;sDAAC;AAGpB;IADT,IAAA,iCAAiB,EAAC,cAAc,CAAC;8BACP,sBAAe;gEAAC;AAGjC;IADT,IAAA,eAAU,EAAC,oBAAa,CAAC;8BACZ,oBAAa;mDAAC;AAGf;IADZ,IAAA,UAAG,EAAC,YAAY,CAAC;IACM,WAAA,IAAA,gBAAI,GAAE,CAAA;;qCAAO,WAAS;;wDAU7C;AAGY;IADZ,IAAA,UAAG,EAAC,aAAa,CAAC;IACM,WAAA,IAAA,gBAAI,GAAE,CAAA;;qCAAO,WAAS;;yDAO9C;AAGY;IADZ,IAAA,WAAI,EAAC,YAAY,CAAC;IACO,WAAA,IAAA,gBAAI,GAAE,CAAA;IAAqB,WAAA,IAAA,WAAI,GAAE,CAAA;IAAmB,WAAA,IAAA,mBAAO,GAAE,CAAA;;qCAA9C,WAAS,EAAiB,uBAAQ;;0DAsC1E;kCAxEQ,uBAAuB;IAHnC,IAAA,eAAQ,EAAC,MAAM,CAAC;IAChB,IAAA,aAAM,EAAC,kCAAkB,CAAC;IAC1B,IAAA,aAAM,EAAC,+BAAmB,CAAC;GACf,uBAAuB,CAyEnC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"User2FaDisabled.d.ts","sourceRoot":"","sources":["../../../src/events/User2FaDisabled.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAE1C,qBACa,eAAgB,SAAQ,SAAS;CAAG"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.User2FaDisabled = void 0;
|
|
10
|
+
const queue_1 = require("@spinajs/queue");
|
|
11
|
+
const rbac_1 = require("@spinajs/rbac");
|
|
12
|
+
let User2FaDisabled = class User2FaDisabled extends rbac_1.UserEvent {
|
|
13
|
+
};
|
|
14
|
+
exports.User2FaDisabled = User2FaDisabled;
|
|
15
|
+
exports.User2FaDisabled = User2FaDisabled = __decorate([
|
|
16
|
+
(0, queue_1.Event)()
|
|
17
|
+
], User2FaDisabled);
|
|
18
|
+
//# sourceMappingURL=User2FaDisabled.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"User2FaDisabled.js","sourceRoot":"","sources":["../../../src/events/User2FaDisabled.ts"],"names":[],"mappings":";;;;;;;;;AAAA,0CAAuC;AACvC,wCAA0C;AAGnC,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,gBAAS;CAAG,CAAA;AAApC,0CAAe;0BAAf,eAAe;IAD3B,IAAA,aAAK,GAAE;GACK,eAAe,CAAqB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"User2FaReset.d.ts","sourceRoot":"","sources":["../../../src/events/User2FaReset.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAE1C,qBACa,YAAa,SAAQ,SAAS;CAAG"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.User2FaReset = void 0;
|
|
10
|
+
const queue_1 = require("@spinajs/queue");
|
|
11
|
+
const rbac_1 = require("@spinajs/rbac");
|
|
12
|
+
let User2FaReset = class User2FaReset extends rbac_1.UserEvent {
|
|
13
|
+
};
|
|
14
|
+
exports.User2FaReset = User2FaReset;
|
|
15
|
+
exports.User2FaReset = User2FaReset = __decorate([
|
|
16
|
+
(0, queue_1.Event)()
|
|
17
|
+
], User2FaReset);
|
|
18
|
+
//# sourceMappingURL=User2FaReset.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"User2FaReset.js","sourceRoot":"","sources":["../../../src/events/User2FaReset.ts"],"names":[],"mappings":";;;;;;;;;AAAA,0CAAuC;AACvC,wCAA0C;AAGnC,IAAM,YAAY,GAAlB,MAAM,YAAa,SAAQ,gBAAS;CAAG,CAAA;AAAjC,oCAAY;uBAAZ,YAAY;IADxB,IAAA,aAAK,GAAE;GACK,YAAY,CAAqB"}
|
package/lib/cjs/index.d.ts
CHANGED
|
@@ -1,7 +1,12 @@
|
|
|
1
|
+
import { Bootstrapper } from '@spinajs/di';
|
|
1
2
|
export * from './controllers/LoginController.js';
|
|
2
3
|
export * from './controllers/UserController.js';
|
|
3
4
|
export * from './controllers/UserMetadataController.js';
|
|
4
5
|
export * from "./controllers/TwoFactorAuthController.js";
|
|
5
6
|
export * from "./cli/EnableUser2Fa.js";
|
|
6
7
|
export * from "./2fa/Default2FaToken.js";
|
|
8
|
+
export * from './actions/2fa.js';
|
|
9
|
+
export declare class RbacHttpUserBootstrapper extends Bootstrapper {
|
|
10
|
+
bootstrap(): void;
|
|
11
|
+
}
|
|
7
12
|
//# sourceMappingURL=index.d.ts.map
|
package/lib/cjs/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,kCAAkC,CAAC;AACjD,cAAc,iCAAiC,CAAC;AAChD,cAAc,yCAAyC,CAAC;AACxD,cAAc,0CAA0C,CAAC;AAEzD,cAAc,wBAAwB,CAAC;AACvC,cAAc,0BAA0B,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAc,MAAM,aAAa,CAAC;AAIvD,cAAc,kCAAkC,CAAC;AACjD,cAAc,iCAAiC,CAAC;AAChD,cAAc,yCAAyC,CAAC;AACxD,cAAc,0CAA0C,CAAC;AAEzD,cAAc,wBAAwB,CAAC;AACvC,cAAc,0BAA0B,CAAC;AAEzC,cAAc,kBAAkB,CAAC;AAGjC,qBACa,wBAAyB,SAAQ,YAAY;IAC/C,SAAS,IAAI,IAAI;CAO3B"}
|
package/lib/cjs/index.js
CHANGED
|
@@ -10,16 +10,38 @@ var __createBinding = (this && this.__createBinding) || (Object.create ? (functi
|
|
|
10
10
|
if (k2 === undefined) k2 = k;
|
|
11
11
|
o[k2] = m[k];
|
|
12
12
|
}));
|
|
13
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
14
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
15
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
16
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
17
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
18
|
+
};
|
|
13
19
|
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
20
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
21
|
};
|
|
16
22
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
23
|
+
exports.RbacHttpUserBootstrapper = void 0;
|
|
24
|
+
const di_1 = require("@spinajs/di");
|
|
25
|
+
const rbac_1 = require("@spinajs/rbac");
|
|
26
|
+
const Default2FaToken_js_1 = require("./2fa/Default2FaToken.js");
|
|
17
27
|
__exportStar(require("./controllers/LoginController.js"), exports);
|
|
18
28
|
__exportStar(require("./controllers/UserController.js"), exports);
|
|
19
29
|
__exportStar(require("./controllers/UserMetadataController.js"), exports);
|
|
20
30
|
__exportStar(require("./controllers/TwoFactorAuthController.js"), exports);
|
|
21
31
|
__exportStar(require("./cli/EnableUser2Fa.js"), exports);
|
|
22
32
|
__exportStar(require("./2fa/Default2FaToken.js"), exports);
|
|
23
|
-
|
|
24
|
-
|
|
33
|
+
__exportStar(require("./actions/2fa.js"), exports);
|
|
34
|
+
let RbacHttpUserBootstrapper = class RbacHttpUserBootstrapper extends di_1.Bootstrapper {
|
|
35
|
+
bootstrap() {
|
|
36
|
+
rbac_1.UserMetadataBase._hiddenKeys = [
|
|
37
|
+
...rbac_1.UserMetadataBase._hiddenKeys,
|
|
38
|
+
Default2FaToken_js_1.TWO_FA_METATADATA_KEYS.TOKEN,
|
|
39
|
+
Default2FaToken_js_1.TWO_FA_METATADATA_KEYS.OTP
|
|
40
|
+
];
|
|
41
|
+
}
|
|
42
|
+
};
|
|
43
|
+
exports.RbacHttpUserBootstrapper = RbacHttpUserBootstrapper;
|
|
44
|
+
exports.RbacHttpUserBootstrapper = RbacHttpUserBootstrapper = __decorate([
|
|
45
|
+
(0, di_1.Injectable)(di_1.Bootstrapper)
|
|
46
|
+
], RbacHttpUserBootstrapper);
|
|
25
47
|
//# sourceMappingURL=index.js.map
|
package/lib/cjs/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAA,oCAAuD;AACvD,wCAAiD;AACjD,iEAAkE;AAElE,mEAAiD;AACjD,kEAAgD;AAChD,0EAAwD;AACxD,2EAAyD;AAEzD,yDAAuC;AACvC,2DAAyC;AAEzC,mDAAiC;AAI1B,IAAM,wBAAwB,GAA9B,MAAM,wBAAyB,SAAQ,iBAAY;IAC/C,SAAS;QACZ,uBAAgB,CAAC,WAAW,GAAG;YAC3B,GAAG,uBAAgB,CAAC,WAAW;YAC/B,2CAAsB,CAAC,KAAK;YAC5B,2CAAsB,CAAC,GAAG;SAC7B,CAAA;IACL,CAAC;CACJ,CAAA;AARY,4DAAwB;mCAAxB,wBAAwB;IADpC,IAAA,eAAU,EAAC,iBAAY,CAAC;GACZ,wBAAwB,CAQpC"}
|
|
@@ -13,6 +13,7 @@ export declare class Default2FaToken extends TwoFactorAuthProvider {
|
|
|
13
13
|
private _getOTP;
|
|
14
14
|
execute(_: User): Promise<void>;
|
|
15
15
|
verifyToken(token: string, user: User): Promise<boolean>;
|
|
16
|
+
disable(user: User): Promise<void>;
|
|
16
17
|
initialize(user: User): Promise<any>;
|
|
17
18
|
getOtpAuthUrl(user: User): Promise<string | null>;
|
|
18
19
|
isEnabled(user: User): Promise<boolean>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Default2FaToken.d.ts","sourceRoot":"","sources":["../../../src/2fa/Default2FaToken.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAErC,OAAO,EAAE,GAAG,EAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAI3D,oBAAY,sBAAsB;IAC9B,KAAK,cAAc;IACnB,OAAO,gBAAgB;IACvB,GAAG,YAAY;CAClB;AAED,qBACa,eAAgB,SAAQ,qBAAqB;IAEtD,SAAS,CAAC,MAAM,EAAE,GAAG,CAAC;IAGtB,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;;IAMnB,OAAO,CAAC,OAAO;IAYR,OAAO,CAAC,CAAC,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAMzB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;IAgBxD,UAAU,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;
|
|
1
|
+
{"version":3,"file":"Default2FaToken.d.ts","sourceRoot":"","sources":["../../../src/2fa/Default2FaToken.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAErC,OAAO,EAAE,GAAG,EAAU,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAI3D,oBAAY,sBAAsB;IAC9B,KAAK,cAAc;IACnB,OAAO,gBAAgB;IACvB,GAAG,YAAY;CAClB;AAED,qBACa,eAAgB,SAAQ,qBAAqB;IAEtD,SAAS,CAAC,MAAM,EAAE,GAAG,CAAC;IAGtB,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC;;IAMnB,OAAO,CAAC,OAAO;IAYR,OAAO,CAAC,CAAC,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAMzB,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;IAgBxD,OAAO,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAclC,UAAU,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;IA2BpC,aAAa,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAYjD,SAAS,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;IAKvC,aAAa,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC;CAI3D"}
|
|
@@ -12,7 +12,7 @@ import { Config } from '@spinajs/configuration';
|
|
|
12
12
|
import { Log, Logger } from '@spinajs/log';
|
|
13
13
|
import { TwoFactorAuthProvider } from "@spinajs/rbac-http";
|
|
14
14
|
import * as OTPAuth from "otpauth";
|
|
15
|
-
import { Exception } from '@spinajs/exceptions';
|
|
15
|
+
import { Exception, InvalidOperation } from '@spinajs/exceptions';
|
|
16
16
|
export var TWO_FA_METATADATA_KEYS;
|
|
17
17
|
(function (TWO_FA_METATADATA_KEYS) {
|
|
18
18
|
TWO_FA_METATADATA_KEYS["TOKEN"] = "2fa:token";
|
|
@@ -50,15 +50,30 @@ let Default2FaToken = class Default2FaToken extends TwoFactorAuthProvider {
|
|
|
50
50
|
});
|
|
51
51
|
return verified !== null;
|
|
52
52
|
}
|
|
53
|
+
async disable(user) {
|
|
54
|
+
await user.Metadata.delete(TWO_FA_METATADATA_KEYS.TOKEN);
|
|
55
|
+
await user.Metadata.delete(TWO_FA_METATADATA_KEYS.ENABLED);
|
|
56
|
+
await user.Metadata.delete(TWO_FA_METATADATA_KEYS.OTP);
|
|
57
|
+
this.Log.trace(`2fa token removed for user ${user.Uuid}`, {
|
|
58
|
+
user: {
|
|
59
|
+
Uuid: user.Uuid
|
|
60
|
+
},
|
|
61
|
+
});
|
|
62
|
+
}
|
|
53
63
|
async initialize(user) {
|
|
64
|
+
if (user.Metadata[TWO_FA_METATADATA_KEYS.ENABLED]) {
|
|
65
|
+
throw new InvalidOperation(`user ${user.Uuid} alread have enabled 2f, disable it first.`);
|
|
66
|
+
}
|
|
54
67
|
const secret = new OTPAuth.Secret({ size: this.Config.secretSize });
|
|
55
68
|
const totp = this._getOTP(user, secret.base32);
|
|
56
69
|
user.Metadata[TWO_FA_METATADATA_KEYS.TOKEN] = secret.base32;
|
|
57
70
|
user.Metadata[TWO_FA_METATADATA_KEYS.ENABLED] = true;
|
|
58
71
|
user.Metadata[TWO_FA_METATADATA_KEYS.OTP] = totp.toString();
|
|
59
|
-
await user.Metadata.
|
|
60
|
-
this.Log.trace(`2fa token initialized for user ${user.
|
|
61
|
-
|
|
72
|
+
await user.Metadata.update();
|
|
73
|
+
this.Log.trace(`2fa token initialized for user ${user.Uuid}`, {
|
|
74
|
+
user: {
|
|
75
|
+
Uuid: user.Uuid
|
|
76
|
+
},
|
|
62
77
|
});
|
|
63
78
|
/**
|
|
64
79
|
* returns: `otpauth://totp/ACME:Alice?issuer=ACME&secret=US3WHSG7X5KAPV27VANWKQHF3SH3HULL&algorithm=SHA1&digits=6&period=30`
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Default2FaToken.js","sourceRoot":"","sources":["../../../src/2fa/Default2FaToken.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,KAAK,OAAO,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"Default2FaToken.js","sourceRoot":"","sources":["../../../src/2fa/Default2FaToken.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAChD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,KAAK,OAAO,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAElE,MAAM,CAAN,IAAY,sBAIX;AAJD,WAAY,sBAAsB;IAC9B,6CAAmB,CAAA;IACnB,iDAAuB,CAAA;IACvB,yCAAe,CAAA;AACnB,CAAC,EAJW,sBAAsB,KAAtB,sBAAsB,QAIjC;AAGM,IAAM,eAAe,GAArB,MAAM,eAAgB,SAAQ,qBAAqB;IAOtD;QACI,KAAK,EAAE,CAAC;IACZ,CAAC;IAEO,OAAO,CAAC,IAAU,EAAE,MAAc;QACtC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;YACpB,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YAChC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC;SAC5C,CAAC,CAAC;IAEP,CAAC;IAEM,OAAO,CAAC,CAAO;QAClB,yDAAyD;QACzD,gCAAgC;QAChC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,IAAU;QAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QAE/D,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,MAAM,IAAI,SAAS,CAAC,kDAAkD,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QACvF,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC5C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;YAC3B,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;SAC7B,CAAC,CAAC;QAEH,OAAO,QAAQ,KAAK,IAAI,CAAC;IAC7B,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,IAAU;QAE3B,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QACzD,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAC3D,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC;QAGvD,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,8BAA8B,IAAI,CAAC,IAAI,EAAE,EAAE;YACtD,IAAI,EAAE;gBACF,IAAI,EAAE,IAAI,CAAC,IAAI;aAClB;SACJ,CAAC,CAAC;IACP,CAAC;IAEM,KAAK,CAAC,UAAU,CAAC,IAAU;QAE9B,IAAI,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,OAAO,CAAC,EAAE,CAAC;YAChD,MAAM,IAAI,gBAAgB,CAAC,QAAQ,IAAI,CAAC,IAAI,4CAA4C,CAAC,CAAC;QAC9F,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QACpE,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;QAE/C,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5D,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC;QACrD,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;QAE5D,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;QAE7B,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,kCAAkC,IAAI,CAAC,IAAI,EAAE,EAAE;YAC1D,IAAI,EAAE;gBACF,IAAI,EAAE,IAAI,CAAC,IAAI;aAClB;SACJ,CAAC,CAAC;QAEH;;WAEG;QACH,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,IAAU;QACjC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QAE1D,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,kDAAkD,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;YAC5E,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,QAAQ,EAAE,CAAC;IAC3B,CAAC;IAEM,KAAK,CAAC,SAAS,CAAC,IAAU;QAC7B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAChE,OAAO,GAAc,CAAC;IAC1B,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,IAAU;QACjC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;QAC1D,OAAO,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,EAAE,CAAC;IACjE,CAAC;CACJ,CAAA;AAzGa;IADT,MAAM,CAAC,cAAc,CAAC;;+CACD;AAGZ;IADT,MAAM,CAAC,WAAW,CAAC;8BACL,GAAG;4CAAC;AALV,eAAe;IAD3B,UAAU,CAAC,qBAAqB,CAAC;;GACrB,eAAe,CA2G3B"}
|
package/lib/mjs/actions/2fa.d.ts
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
import { User } from '@spinajs/rbac';
|
|
2
2
|
export declare function enableUser2Fa(identifier: number | string | User): Promise<unknown>;
|
|
3
|
+
export declare function disableUser2Fa(identifier: number | string | User): Promise<unknown>;
|
|
4
|
+
export declare function resetUser2Fa(identifier: number | string | User): Promise<unknown>;
|
|
3
5
|
/**
|
|
4
6
|
*
|
|
5
7
|
* Verify 2fa token for user
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"2fa.d.ts","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAyD,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"2fa.d.ts","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAyD,MAAM,eAAe,CAAC;AAY5F,wBAAsB,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,oBAOrE;AAED,wBAAsB,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,oBAOtE;AAED,wBAAsB,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,oBAUpE;AAED;;;;;;;GAOG;AACH,wBAAsB,OAAO,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,EAAE,KAAK,EAAE,MAAM,oBA8B9E"}
|
package/lib/mjs/actions/2fa.js
CHANGED
|
@@ -6,11 +6,23 @@ import { _chain, _check_arg, _non_empty, _trim, _catch, _either, _tap } from '@s
|
|
|
6
6
|
import { User2FaPassed } from '../events/User2FaPassed.js';
|
|
7
7
|
import { User2FaEnabled } from '../events/User2FaEnabled.js';
|
|
8
8
|
import { TwoFactorAuthProvider, } from '@spinajs/rbac-http';
|
|
9
|
+
import { User2FaReset } from '../events/User2FaReset.js';
|
|
9
10
|
export async function enableUser2Fa(identifier) {
|
|
10
11
|
return _chain(_user_unsafe(identifier), (u) => {
|
|
11
12
|
return _chain(_service('rbac.twoFactorAuth', TwoFactorAuthProvider), async (twoFa) => twoFa.initialize(u), _tap(_user_ev(User2FaEnabled)));
|
|
12
13
|
});
|
|
13
14
|
}
|
|
15
|
+
export async function disableUser2Fa(identifier) {
|
|
16
|
+
return _chain(_user_unsafe(identifier), (u) => {
|
|
17
|
+
return _chain(_service('rbac.twoFactorAuth', TwoFactorAuthProvider), async (twoFa) => twoFa.disable(u), _tap(_user_ev(User2FaEnabled)));
|
|
18
|
+
});
|
|
19
|
+
}
|
|
20
|
+
export async function resetUser2Fa(identifier) {
|
|
21
|
+
return _chain(_user_unsafe(identifier), (u) => {
|
|
22
|
+
return _chain(_service('rbac.twoFactorAuth', TwoFactorAuthProvider), _tap(async (twoFa) => twoFa.disable(u))),
|
|
23
|
+
_tap(_user_ev(User2FaReset));
|
|
24
|
+
});
|
|
25
|
+
}
|
|
14
26
|
/**
|
|
15
27
|
*
|
|
16
28
|
* Verify 2fa token for user
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"2fa.js","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,QAAQ,EAAE,YAAY,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAC5F,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAmB,KAAK,EAAQ,MAAM,EAAE,OAAO,EAAE,IAAI,
|
|
1
|
+
{"version":3,"file":"2fa.js","sourceRoot":"","sources":["../../../src/actions/2fa.ts"],"names":[],"mappings":"AAAA,OAAO,EAAQ,QAAQ,EAAE,YAAY,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAC5F,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE7C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAmB,KAAK,EAAQ,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACpH,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,qBAAqB,GAAG,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAGzD,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,UAAkC;IAClE,OAAO,MAAM,CACT,YAAY,CAAC,UAAU,CAAC,EACxB,CAAC,CAAO,EAAE,EAAE;QACR,OAAO,MAAM,CAAC,QAAQ,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,EAAE,KAAK,EAAE,KAA4B,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IACtK,CAAC,CACJ,CAAC;AACN,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,UAAkC;IACnE,OAAO,MAAM,CACT,YAAY,CAAC,UAAU,CAAC,EACxB,CAAC,CAAO,EAAE,EAAE;QACR,OAAO,MAAM,CAAC,QAAQ,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,EAAE,KAAK,EAAE,KAA4B,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC;IACnK,CAAC,CACJ,CAAC;AACN,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,UAAkC;IACjE,OAAO,MAAM,CACT,YAAY,CAAC,UAAU,CAAC,EACxB,CAAC,CAAO,EAAE,EAAE;QACR,OAAO,MAAM,CAAC,QAAQ,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,EAC/D,IAAI,CAAC,KAAK,EAAE,KAA4B,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CACjE;YACD,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC;IACjC,CAAC,CACJ,CAAC;AACN,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,UAAkC,EAAE,KAAa;IAC3E,KAAK,GAAG,UAAU,CAAC,KAAK,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAE1D,OAAO,MAAM,CACT,YAAY,CAAC,UAAU,CAAC,EACxB,MAAM,CACF,CAAC,CAAO,EAAE,EAAE;QACR,OAAO,MAAM,CAAC,QAAQ,CAAC,oBAAoB,EAAE,qBAAqB,CAAC,EAAE,OAAO,CACxE,CAAC,KAA4B,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC,EAC7D,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC,EAAE,YAAY,CAAC,EAAE,WAAW,EAAE,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC,EACvF,GAAG,EAAE;YACD,MAAM,IAAI,YAAY,CAAC,kBAAkB,CAAC,CAAC;QAC/C,CAAC,CACJ,CAAC,CAAA;IACN,CAAC,EACD,CAAC,GAAG,EAAE,CAAO,EAAE,EAAE;QACb,OAAO,MAAM,CACT,GAAG,EAAE,CAAC,CAAC;QAEP,6BAA6B;QAC7B,QAAQ,CAAC,eAAe,EAAE,GAAG,CAAC;QAE9B,2BAA2B;QAC3B,GAAG,EAAE;YACD,MAAM,GAAG,CAAC;QACd,CAAC,CACJ,CAAC;IACN,CAAC,CACJ,CACJ,CAAC;AACN,CAAC"}
|
|
@@ -5,6 +5,22 @@ declare const rbacHttp: {
|
|
|
5
5
|
cli: string[];
|
|
6
6
|
};
|
|
7
7
|
};
|
|
8
|
+
queue: {
|
|
9
|
+
routing: {
|
|
10
|
+
User2FaDisabled: {
|
|
11
|
+
connection: string;
|
|
12
|
+
};
|
|
13
|
+
User2FaEnabled: {
|
|
14
|
+
connection: string;
|
|
15
|
+
};
|
|
16
|
+
User2FaPassed: {
|
|
17
|
+
connection: string;
|
|
18
|
+
};
|
|
19
|
+
User2FaReset: {
|
|
20
|
+
connection: string;
|
|
21
|
+
};
|
|
22
|
+
};
|
|
23
|
+
};
|
|
8
24
|
rbac: {
|
|
9
25
|
otpauth: {
|
|
10
26
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rbac-http.d.ts","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":"AAQA,QAAA,MAAM,QAAQ
|
|
1
|
+
{"version":3,"file":"rbac-http.d.ts","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":"AAQA,QAAA,MAAM,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;YAiBR;;eAEG;;YAGH;;eAEG;;;;;;;;;;;;;;;;;;;;;;;YAyBH;;eAEG;;;QAGL;;WAEG;;;;CAQN,CAAC;AAEF,eAAe,QAAQ,CAAC"}
|
|
@@ -10,6 +10,14 @@ const rbacHttp = {
|
|
|
10
10
|
cli: [dir('cli')]
|
|
11
11
|
},
|
|
12
12
|
},
|
|
13
|
+
queue: {
|
|
14
|
+
routing: {
|
|
15
|
+
User2FaDisabled: { connection: 'rbac-user-empty-queue' },
|
|
16
|
+
User2FaEnabled: { connection: 'rbac-user-empty-queue' },
|
|
17
|
+
User2FaPassed: { connection: 'rbac-user-empty-queue' },
|
|
18
|
+
User2FaReset: { connection: 'rbac-user-empty-queue' },
|
|
19
|
+
},
|
|
20
|
+
},
|
|
13
21
|
rbac: {
|
|
14
22
|
otpauth: {
|
|
15
23
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rbac-http.js","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,MAAM,UAAU,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC;IACjD,OAAO,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,UAAU,EAAE,gBAAgB,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AACxI,CAAC;AAGD,MAAM,QAAQ,GAAG;IACf,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,WAAW,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YACjC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;SAClB;KACF;IACD,IAAI,EAAE;QACJ,OAAO,EAAE;YACP;;eAEG;YACH,MAAM,EAAE,SAAS;YAEjB;;eAEG;YACH,SAAS,EAAE,MAAM;YACjB,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,CAAC;SACV;QACD,aAAa,EAAE;YACb,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,KAAK;YAChB,OAAO,EAAE,iBAAiB;SAC3B;QACD,WAAW,EAAE;YACX,OAAO,EAAE,KAAK;YACd,UAAU,EAAE,CAAC;YACb,OAAO,EAAE,eAAe;SACzB;QACD,OAAO,
|
|
1
|
+
{"version":3,"file":"rbac-http.js","sourceRoot":"","sources":["../../../src/config/rbac-http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,MAAM,UAAU,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC;IACjD,OAAO,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,UAAU,EAAE,gBAAgB,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AACxI,CAAC;AAGD,MAAM,QAAQ,GAAG;IACf,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,WAAW,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YACjC,GAAG,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;SAClB;KACF;IACD,KAAK,EAAE;QACL,OAAO,EAAE;YACP,eAAe,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACxD,cAAc,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACvD,aAAa,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;YACtD,YAAY,EAAE,EAAE,UAAU,EAAE,uBAAuB,EAAE;SACtD;KACF;IACD,IAAI,EAAE;QACJ,OAAO,EAAE;YACP;;eAEG;YACH,MAAM,EAAE,SAAS;YAEjB;;eAEG;YACH,SAAS,EAAE,MAAM;YACjB,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,CAAC;SACV;QACD,aAAa,EAAE;YACb,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,KAAK;YAChB,OAAO,EAAE,iBAAiB;SAC3B;QACD,WAAW,EAAE;YACX,OAAO,EAAE,KAAK;YACd,UAAU,EAAE,CAAC;YACb,OAAO,EAAE,eAAe;SACzB;QACD,OAAO,EAAE;YACP,MAAM,EAAE;gBACN,QAAQ,EAAE,KAAK;aAChB;SACF;QACD,QAAQ,EAAE;YACR,sCAAsC;YACtC,QAAQ,EAAE,EAAE;YAEZ;;eAEG;YACH,kBAAkB,EAAE,CAAC;SACtB;QACD;;WAEG;QACH,cAAc,EAAE,KAAK;KACtB;IACD,IAAI,EAAE;IACJ,iBAAiB;IACjB,+CAA+C;IAC/C,KAAK;KACN;CACF,CAAC;AAEF,eAAe,QAAQ,CAAC"}
|
|
@@ -7,6 +7,7 @@ export declare class TwoFactorAuthController extends BaseController {
|
|
|
7
7
|
protected SessionProvider: SessionProvider;
|
|
8
8
|
protected AC: AccessControl;
|
|
9
9
|
enable2fa(user: UserModel): Promise<Ok>;
|
|
10
|
+
disable2Fa(user: UserModel): Promise<Ok>;
|
|
10
11
|
verifyToken(logged: UserModel, token: TokenDto, session: ISession): Promise<Ok | ForbiddenResponse>;
|
|
11
12
|
}
|
|
12
13
|
//# sourceMappingURL=TwoFactorAuthController.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TwoFactorAuthController.d.ts","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAY,EAAE,EAAa,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAC3F,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,IAAI,SAAS,EAAyC,aAAa,EAAE,MAAM,eAAe,CAAC;AAOnI,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"TwoFactorAuthController.d.ts","sourceRoot":"","sources":["../../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAY,EAAE,EAAa,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAC3F,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,IAAI,SAAS,EAAyC,aAAa,EAAE,MAAM,eAAe,CAAC;AAOnI,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAO9C,qBAGa,uBAAwB,SAAQ,cAAc;IAEvD,SAAS,CAAC,KAAK,EAAE,YAAY,CAAC;IAG9B,SAAS,CAAC,eAAe,EAAE,eAAe,CAAC;IAG3C,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC;IAGf,SAAS,CAAS,IAAI,EAAE,SAAS;IAajC,UAAU,CAAS,IAAI,EAAE,SAAS;IAUlC,WAAW,CAAS,MAAM,EAAE,SAAS,EAAU,KAAK,EAAE,QAAQ,EAAa,OAAO,EAAE,QAAQ;CAuC5G"}
|