@spinajs/rbac-http 2.0.38 → 2.0.44

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/lib/2fa/SpeakEasy2FaToken.js +5 -6
  2. package/lib/2fa/SpeakEasy2FaToken.js.map +1 -1
  3. package/lib/config/rbac-http.js +11 -3
  4. package/lib/config/rbac-http.js.map +1 -1
  5. package/lib/controllers/LoginController.d.ts +24 -8
  6. package/lib/controllers/LoginController.js +201 -43
  7. package/lib/controllers/LoginController.js.map +1 -1
  8. package/lib/controllers/TwoFactorAuthController.d.ts +3 -3
  9. package/lib/controllers/TwoFactorAuthController.js +20 -21
  10. package/lib/controllers/TwoFactorAuthController.js.map +1 -1
  11. package/lib/controllers/UserController.d.ts +1 -3
  12. package/lib/controllers/UserController.js +5 -20
  13. package/lib/controllers/UserController.js.map +1 -1
  14. package/lib/controllers/UserMetadata.js +4 -0
  15. package/lib/controllers/UserMetadata.js.map +1 -1
  16. package/lib/decorators.js +3 -7
  17. package/lib/decorators.js.map +1 -1
  18. package/lib/dto/restore-password-dto.d.ts +23 -0
  19. package/lib/dto/restore-password-dto.js +34 -0
  20. package/lib/dto/restore-password-dto.js.map +1 -0
  21. package/lib/events/UserLoginFailed.d.ts +5 -0
  22. package/lib/events/UserLoginFailed.js +25 -0
  23. package/lib/events/UserLoginFailed.js.map +1 -0
  24. package/lib/events/UserLoginSuccess.d.ts +5 -0
  25. package/lib/events/UserLoginSuccess.js +25 -0
  26. package/lib/events/UserLoginSuccess.js.map +1 -0
  27. package/lib/events/UserPassordRestore.d.ts +6 -0
  28. package/lib/events/UserPassordRestore.js +26 -0
  29. package/lib/events/UserPassordRestore.js.map +1 -0
  30. package/lib/fingerprint/FingerprintJs.d.ts +3 -0
  31. package/lib/fingerprint/FingerprintJs.js +18 -0
  32. package/lib/fingerprint/FingerprintJs.js.map +1 -0
  33. package/lib/interfaces.d.ts +0 -2
  34. package/lib/middlewares/AttributeFilter.d.ts +10 -0
  35. package/lib/middlewares/AttributeFilter.js +19 -0
  36. package/lib/middlewares/AttributeFilter.js.map +1 -0
  37. package/lib/middlewares.d.ts +1 -1
  38. package/lib/middlewares.js +1 -1
  39. package/lib/middlewares.js.map +1 -1
  40. package/lib/policies/LoggedPolicy.d.ts +9 -0
  41. package/lib/policies/LoggedPolicy.js +23 -0
  42. package/lib/policies/LoggedPolicy.js.map +1 -0
  43. package/lib/policies/NotLoggedPolicy.d.ts +9 -0
  44. package/lib/policies/NotLoggedPolicy.js +22 -0
  45. package/lib/policies/NotLoggedPolicy.js.map +1 -0
  46. package/lib/policies/captchaPolicy.d.ts +0 -0
  47. package/lib/policies/captchaPolicy.js +1 -0
  48. package/lib/policies/captchaPolicy.js.map +1 -0
  49. package/package.json +17 -15
package/lib/2fa/SpeakEasy2FaToken.js CHANGED
@@ -36,7 +36,6 @@ exports.SpeakEasy2FaToken = void 0;
36
36
  const di_1 = require("@spinajs/di");
37
37
  const interfaces_1 = require("../interfaces");
38
38
  const speakeasy = __importStar(require("speakeasy"));
39
- const rbac_1 = require("@spinajs/rbac");
40
39
  const configuration_1 = require("@spinajs/configuration");
41
40
  const log_1 = require("@spinajs/log");
42
41
  let SpeakEasy2FaToken = class SpeakEasy2FaToken extends interfaces_1.TwoFactorAuthProvider {
@@ -64,16 +63,16 @@ let SpeakEasy2FaToken = class SpeakEasy2FaToken extends interfaces_1.TwoFactorAu
64
63
  }
65
64
  async initialize(user) {
66
65
  const secret = speakeasy.generateSecret(this.Config);
67
- await user.Metadata.add(new rbac_1.UserMetadata({ Value: secret.base32, Key: '2fa_speakeasy_token' }));
66
+ await (user.Metadata['2fa_speakeasy_token'] = secret.base32);
68
67
  return secret.base32;
69
68
  }
70
69
  async isEnabled(user) {
71
- const meta = user.Metadata.find((x) => x.Key === '2fa_enabled');
72
- return meta ? meta.asBoolean() : false;
70
+ const val = await user.Metadata['2fa_enabled'];
71
+ return val;
73
72
  }
74
73
  async isInitialized(user) {
75
- const meta = user.Metadata.find((x) => x.Key === '2fa_speakeasy_token');
76
- return meta ? meta.Value !== '' : false;
74
+ const val = await user.Metadata['2fa_speakeasy_token'];
75
+ return val !== '';
77
76
  }
78
77
  };
79
78
  __decorate([
package/lib/2fa/SpeakEasy2FaToken.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"SpeakEasy2FaToken.js","sourceRoot":"","sources":["../../src/2fa/SpeakEasy2FaToken.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oCAAyC;AACzC,8CAAsD;AACtD,qDAAuC;AACvC,wCAAmD;AACnD,0DAAgD;AAChD,sCAA2C;AAG3C,IAAa,iBAAiB,GAA9B,MAAa,iBAAkB,SAAQ,kCAAqB;IAO1D;QACE,KAAK,EAAE,CAAC;IACV,CAAC;IAEM,OAAO,CAAC,CAAO;QACpB,yDAAyD;QACzD,gCAAgC;QAChC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IACM,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,IAAU;QAChD,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,qBAAqB,CAAC,CAAC;QAExE,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,EAAE,EAAE;YAC9B,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,kDAAkD,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;YAE5E,OAAO,KAAK,CAAC;SACd;QAED,MAAM,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC;YACrC,MAAM,EAAE,IAAI,CAAC,KAAK;YAClB,QAAQ,EAAE,QAAQ;YAClB,KAAK;YACL,MAAM,EAAE,CAAC;SACV,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC;IACM,KAAK,CAAC,UAAU,CAAC,IAAU;QAChC,MAAM,MAAM,GAAG,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrD,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,mBAAY,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,EAAE,qBAAqB,EAAE,CAAC,CAAC,CAAC;QAChG,OAAO,MAAM,CAAC,MAAM,CAAC;IACvB,CAAC;IACM,KAAK,CAAC,SAAS,CAAC,IAAU;QAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,aAAa,CAAC,CAAC;QAChE,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;IACzC,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,IAAU;QACnC,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,qBAAqB,CAAC,CAAC;QACxE,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;IAC1C,CAAC;CACF,CAAA;AA9CC;IADC,IAAA,sBAAM,EAAC,gBAAgB,CAAC;;iDACH;AAGtB;IADC,IAAA,YAAM,EAAC,qBAAqB,CAAC;8BACf,SAAG;8CAAC;AALR,iBAAiB;IAD7B,IAAA,eAAU,EAAC,kCAAqB,CAAC;;GACrB,iBAAiB,CAgD7B;AAhDY,8CAAiB"}
1
+ {"version":3,"file":"SpeakEasy2FaToken.js","sourceRoot":"","sources":["../../src/2fa/SpeakEasy2FaToken.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oCAAyC;AACzC,8CAAsD;AACtD,qDAAuC;AAEvC,0DAAgD;AAChD,sCAA2C;AAG3C,IAAa,iBAAiB,GAA9B,MAAa,iBAAkB,SAAQ,kCAAqB;IAO1D;QACE,KAAK,EAAE,CAAC;IACV,CAAC;IAEM,OAAO,CAAC,CAAO;QACpB,yDAAyD;QACzD,gCAAgC;QAChC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAEM,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,IAAU;QAChD,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,qBAAqB,CAAC,CAAC;QAExE,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,EAAE,EAAE;YAC9B,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,kDAAkD,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;YAE5E,OAAO,KAAK,CAAC;SACd;QAED,MAAM,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC;YACrC,MAAM,EAAE,IAAI,CAAC,KAAK;YAClB,QAAQ,EAAE,QAAQ;YAClB,KAAK;YACL,MAAM,EAAE,CAAC;SACV,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEM,KAAK,CAAC,UAAU,CAAC,IAAU;QAChC,MAAM,MAAM,GAAG,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrD,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,qBAAqB,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;QAC7D,OAAO,MAAM,CAAC,MAAM,CAAC;IACvB,CAAC;IAEM,KAAK,CAAC,SAAS,CAAC,IAAU;QAC/B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAC/C,OAAO,GAAc,CAAC;IACxB,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,IAAU;QACnC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC;QACvD,OAAO,GAAG,KAAK,EAAE,CAAC;IACpB,CAAC;CACF,CAAA;AAjDC;IADC,IAAA,sBAAM,EAAC,gBAAgB,CAAC;;iDACH;AAGtB;IADC,IAAA,YAAM,EAAC,qBAAqB,CAAC;8BACf,SAAG;8CAAC;AALR,iBAAiB;IAD7B,IAAA,eAAU,EAAC,kCAAqB,CAAC;;GACrB,iBAAiB,CAmD7B;AAnDY,8CAAiB"}
package/lib/config/rbac-http.js CHANGED
@@ -15,12 +15,20 @@ module.exports = {
15
15
  rbac: {
16
16
  twoFactorAuth: {
17
17
  enabled: true,
18
- service: 'google-auth-2fa',
18
+ service: 'SpeakEasy2FaToken',
19
19
  },
20
20
  fingerprint: {
21
- enabled: true,
21
+ enabled: false,
22
22
  maxDevices: 3,
23
- service: 'fingerprintjs',
23
+ service: 'FingerprintJs',
24
+ },
25
+ password: {
26
+ // password reset token ttl in minutes
27
+ tokenTTL: 60,
28
+ /**
29
+ * Block account after invalid login attempts
30
+ */
31
+ blockAfterAttempts: 3,
24
32
  },
25
33
  },
26
34
  http: {
package/lib/config/rbac-http.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"rbac-http.js","sourceRoot":"","sources":["../../src/config/rbac-http.ts"],"names":[],"mappings":";;AAAA,+BAAgD;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,OAAO,IAAA,cAAO,EAAC,IAAA,gBAAS,EAAC,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AACnD,CAAC;AACD,MAAM,CAAC,OAAO,GAAG;IACf,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,WAAW,EAAE,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YACtC,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC9B,KAAK,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;SAC3B;KACF;IACD,IAAI,EAAE;QACJ,aAAa,EAAE;YACb,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,iBAAiB;SAC3B;QACD,WAAW,EAAE;YACX,OAAO,EAAE,IAAI;YACb,UAAU,EAAE,CAAC;YACb,OAAO,EAAE,eAAe;SACzB;KACF;IACD,IAAI,EAAE;QACJ,WAAW,EAAE;QACX,0CAA0C;SAC3C;KACF;CACF,CAAC"}
1
+ {"version":3,"file":"rbac-http.js","sourceRoot":"","sources":["../../src/config/rbac-http.ts"],"names":[],"mappings":";;AAAA,+BAAgD;AAEhD,SAAS,GAAG,CAAC,IAAY;IACvB,OAAO,IAAA,cAAO,EAAC,IAAA,gBAAS,EAAC,IAAA,WAAI,EAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AACnD,CAAC;AACD,MAAM,CAAC,OAAO,GAAG;IACf,MAAM,EAAE;QACN,IAAI,EAAE;YACJ,WAAW,EAAE,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YACtC,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC9B,KAAK,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;SAC3B;KACF;IACD,IAAI,EAAE;QACJ,aAAa,EAAE;YACb,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,mBAAmB;SAC7B;QACD,WAAW,EAAE;YACX,OAAO,EAAE,KAAK;YACd,UAAU,EAAE,CAAC;YACb,OAAO,EAAE,eAAe;SACzB;QACD,QAAQ,EAAE;YACR,sCAAsC;YACtC,QAAQ,EAAE,EAAE;YAEZ;;eAEG;YACH,kBAAkB,EAAE,CAAC;SACtB;KACF;IACD,IAAI,EAAE;QACJ,WAAW,EAAE;QACX,0CAA0C;SAC3C;KACF;CACF,CAAC"}
package/lib/controllers/LoginController.d.ts CHANGED
@@ -1,18 +1,34 @@
1
+ import { InvalidOperation } from '@spinajs/exceptions';
1
2
  import { UserLoginDto } from '../dto/userLogin-dto';
2
- import { BaseController, Ok, CookieResponse, Unauthorized, NotAllowed } from '@spinajs/http';
3
- import { AuthProvider, SessionProvider, User as UserModel } from '@spinajs/rbac';
3
+ import { BaseController, Ok, CookieResponse, Unauthorized, BadRequest, NotFound } from '@spinajs/http';
4
+ import { AuthProvider, FederatedAuthProvider, PasswordProvider, PasswordValidationProvider, SessionProvider, User as UserModel } from '@spinajs/rbac';
4
5
  import { Configuration } from '@spinajs/configuration';
5
- import { FingerpringConfig, FingerprintProvider, TwoFactorAuthConfig, TwoFactorAuthProvider } from '../interfaces';
6
+ import { FingerprintProvider, TwoFactorAuthProvider } from '../interfaces';
7
+ import { QueueClient } from '@spinajs/queue';
8
+ import { RestorePasswordDto } from '../dto/restore-password-dto';
6
9
  export declare class LoginController extends BaseController {
7
10
  protected Configuration: Configuration;
8
11
  protected AuthProvider: AuthProvider;
9
12
  protected SessionProvider: SessionProvider;
10
13
  protected SessionExpirationTime: number;
11
- protected TwoFactorConfig: TwoFactorAuthConfig;
12
- protected FingerPrintConfig: FingerpringConfig;
14
+ protected PasswordResetTokenTTL: number;
13
15
  protected TwoFactorAuthProvider: TwoFactorAuthProvider;
14
- protected FingerprintPrivider: FingerprintProvider;
15
- resolveAsync(): Promise<void>;
16
- login(credentials: UserLoginDto, logged: UserModel): Promise<Unauthorized | CookieResponse | NotAllowed>;
16
+ protected FingerprintProvider: FingerprintProvider;
17
+ protected PasswordValidationService: PasswordValidationProvider;
18
+ protected FederatedLoginStrategies: FederatedAuthProvider<any>[];
19
+ protected PasswordProvider: PasswordProvider;
20
+ protected Queue: QueueClient;
21
+ loginFederated(credentials: unknown, caller: string): Promise<Unauthorized | CookieResponse>;
22
+ /**
23
+ *
24
+ * Api call for listing avaible federated login strategies
25
+ *
26
+ * @returns response with avaible login strategies
27
+ */
28
+ federatedLoginList(): Promise<Ok>;
29
+ login(credentials: UserLoginDto): Promise<Unauthorized | CookieResponse>;
30
+ setNewPassword(token: string, pwd: RestorePasswordDto): Promise<BadRequest | NotFound>;
31
+ forgotPassword(login: UserLoginDto): Promise<InvalidOperation | Ok>;
17
32
  logout(ssid: string): Promise<Ok | CookieResponse>;
33
+ protected authenticate(user: UserModel, federated?: boolean): Promise<Unauthorized | CookieResponse>;
18
34
  }
package/lib/controllers/LoginController.js CHANGED
@@ -11,38 +11,143 @@ var __metadata = (this && this.__metadata) || function (k, v) {
11
11
  var __param = (this && this.__param) || function (paramIndex, decorator) {
12
12
  return function (target, key) { decorator(target, key, paramIndex); }
13
13
  };
14
- var __importDefault = (this && this.__importDefault) || function (mod) {
15
- return (mod && mod.__esModule) ? mod : { "default": mod };
16
- };
17
14
  Object.defineProperty(exports, "__esModule", { value: true });
18
15
  exports.LoginController = void 0;
16
+ const exceptions_1 = require("@spinajs/exceptions");
19
17
  const userLogin_dto_1 = require("../dto/userLogin-dto");
20
18
  const http_1 = require("@spinajs/http");
21
19
  const rbac_1 = require("@spinajs/rbac");
22
20
  const di_1 = require("@spinajs/di");
23
21
  const configuration_1 = require("@spinajs/configuration");
24
- const decorators_1 = require("./../decorators");
25
- const lodash_1 = __importDefault(require("lodash"));
22
+ const interfaces_1 = require("../interfaces");
23
+ const queue_1 = require("@spinajs/queue");
24
+ const NotLoggedPolicy_1 = require("../policies/NotLoggedPolicy");
25
+ const LoggedPolicy_1 = require("../policies/LoggedPolicy");
26
+ const UserPassordRestore_1 = require("../events/UserPassordRestore");
27
+ const restore_password_dto_1 = require("../dto/restore-password-dto");
28
+ const uuid_1 = require("uuid");
29
+ const luxon_1 = require("luxon");
30
+ const rbac_2 = require("@spinajs/rbac");
31
+ const UserLoginSuccess_1 = require("../events/UserLoginSuccess");
26
32
  let LoginController = class LoginController extends http_1.BaseController {
27
- async resolveAsync() {
28
- if (this.TwoFactorConfig.enabled) {
29
- if (!di_1.DI.check(this.TwoFactorConfig.service)) {
30
- throw new di_1.ServiceNotFound(`2FA provider ${this.TwoFactorConfig.service} not registered in DI container`);
31
- }
32
- this.TwoFactorAuthProvider = di_1.DI.resolve(this.TwoFactorConfig.service);
33
+ async loginFederated(credentials, caller) {
34
+ const strategy = this.FederatedLoginStrategies.find((x) => x.callerCheck(caller));
35
+ if (!strategy) {
36
+ throw new exceptions_1.InvalidOperation(`No auth stragegy registered for caller ${caller}`);
33
37
  }
34
- if (this.FingerPrintConfig.enabled) {
35
- if (!di_1.DI.check(this.FingerPrintConfig.service)) {
36
- throw new di_1.ServiceNotFound(`Fingerprint provider ${this.FingerPrintConfig.service} not registered in DI container`);
37
- }
38
- this.FingerprintPrivider = di_1.DI.resolve(this.FingerPrintConfig.service);
38
+ const result = await strategy.authenticate(credentials);
39
+ if (!result.Error) {
40
+ // proceed with standard authentication
41
+ return await this.authenticate(result.User);
42
+ }
43
+ return new http_1.Unauthorized(result.Error);
44
+ }
45
+ /**
46
+ *
47
+ * Api call for listing avaible federated login strategies
48
+ *
49
+ * @returns response with avaible login strategies
50
+ */
51
+ async federatedLoginList() {
52
+ return new http_1.Ok(this.FederatedLoginStrategies.map((x) => x.Name));
53
+ }
54
+ async login(credentials) {
55
+ const result = await this.AuthProvider.authenticate(credentials.Email, credentials.Password);
56
+ if (!result.Error) {
57
+ // proceed with standard authentication
58
+ return await this.authenticate(result.User);
59
+ }
60
+ return new http_1.Unauthorized(result.Error);
61
+ }
62
+ async setNewPassword(token, pwd) {
63
+ const user = await rbac_1.User.query()
64
+ .innerJoin(rbac_1.UserMetadata, function () {
65
+ this.where({
66
+ Key: 'password:reset:token',
67
+ Value: token,
68
+ });
69
+ })
70
+ .populate('Metadata')
71
+ .first();
72
+ if (!user) {
73
+ return new http_1.NotFound({
74
+ error: {
75
+ code: 'ERR_USER_NOT_FOUND',
76
+ message: 'No user found for this reset token',
77
+ },
78
+ });
79
+ }
80
+ const val = (await user.Metadata['password:reset:start']);
81
+ const now = luxon_1.DateTime.now().plus({ seconds: -this.PasswordResetTokenTTL });
82
+ if (val < now) {
83
+ return new http_1.BadRequest({
84
+ error: {
85
+ code: 'ERR_RESET_TOKEN_EXPIRED',
86
+ message: 'Password reset token expired',
87
+ },
88
+ });
39
89
  }
90
+ if (!this.PasswordValidationService.check(pwd.Password)) {
91
+ return new http_1.BadRequest({
92
+ error: {
93
+ code: 'ERR_PASSWORD_RULE',
94
+ message: 'Invalid password, does not match password rules',
95
+ },
96
+ });
97
+ }
98
+ if (pwd.Password !== pwd.ConfirmPassword) {
99
+ return new http_1.BadRequest({
100
+ error: {
101
+ code: 'ERR_PASSWORD_NOT_MATCH',
102
+ message: 'Password and repeat password does not match',
103
+ },
104
+ });
105
+ }
106
+ const hashedPassword = await this.PasswordProvider.hash(pwd.Password);
107
+ user.Password = hashedPassword;
108
+ await user.update();
109
+ /**
110
+ * Delete all reset related meta for user
111
+ */
112
+ await user.Metadata.delete(/password:reset.*/);
113
+ // add to action list
114
+ await user.Actions.add(new rbac_2.UserAction({
115
+ Persistent: true,
116
+ Action: 'password:reset',
117
+ }));
118
+ // inform others
119
+ await this.Queue.emit(new rbac_1.UserPasswordChanged(user.Uuid));
40
120
  }
41
- async login(credentials, logged) {
42
- if (logged) {
43
- return new http_1.NotAllowed('User already logged in. Please logout before trying to authorize.');
121
+ async forgotPassword(login) {
122
+ const user = await this.AuthProvider.getByEmail(login.Email);
123
+ if (!user.IsActive || user.IsBanned || user.DeletedAt !== null) {
124
+ return new exceptions_1.InvalidOperation('User is inactive, banned or deleted. Contact system administrator');
44
125
  }
45
- const user = await this.AuthProvider.authenticate(credentials.Email, credentials.Password);
126
+ const token = (0, uuid_1.v4)();
127
+ // assign meta to user
128
+ await (user.Metadata['password:reset'] = true);
129
+ await (user.Metadata['password:reset:token'] = token);
130
+ await (user.Metadata['password:reset:start'] = luxon_1.DateTime.now());
131
+ await user.Actions.add(new rbac_2.UserAction({
132
+ Action: 'user:password:reset',
133
+ Data: luxon_1.DateTime.now().toISO(),
134
+ Persistent: true,
135
+ }));
136
+ await this.Queue.emit(new UserPassordRestore_1.UserPasswordRestore(user.Uuid, token));
137
+ return new http_1.Ok({
138
+ reset_token: token,
139
+ ttl: this.PasswordResetTokenTTL,
140
+ });
141
+ }
142
+ async logout(ssid) {
143
+ if (!ssid) {
144
+ return new http_1.Ok();
145
+ }
146
+ await this.SessionProvider.delete(ssid);
147
+ // send empty cookie to confirm session deletion
148
+ return new http_1.CookieResponse('ssid', null, this.SessionExpirationTime);
149
+ }
150
+ async authenticate(user, federated) {
46
151
  if (!user) {
47
152
  return new http_1.Unauthorized({
48
153
  error: {
@@ -58,8 +163,10 @@ let LoginController = class LoginController extends http_1.BaseController {
58
163
  // eg. 2fa auth is not performed
59
164
  // create session, but user is not yet authorized
60
165
  session.Data.set('Authorized', false);
61
- await this.SessionProvider.save(session);
62
- if (this.TwoFactorConfig.enabled) {
166
+ // if its federated login, skip 2fa - assume
167
+ // external login service provided it
168
+ if (this.TwoFactorConfig.enabled || !federated) {
169
+ await this.SessionProvider.save(session);
63
170
  const enabledForUser = await this.TwoFactorAuthProvider.isEnabled(user);
64
171
  /**
65
172
  * if 2fa is enabled for user, proceed
@@ -73,7 +180,7 @@ let LoginController = class LoginController extends http_1.BaseController {
73
180
  const twoFaResult = await this.TwoFactorAuthProvider.initialize(user);
74
181
  return new http_1.CookieResponse('ssid', session.SessionId, this.SessionExpirationTime, true, {
75
182
  toFactorAuth: true,
76
- initialize: true,
183
+ twoFactorAuthFirstTime: true,
77
184
  method: this.TwoFactorConfig.service,
78
185
  data: twoFaResult,
79
186
  }, { httpOnly: true });
@@ -90,17 +197,12 @@ let LoginController = class LoginController extends http_1.BaseController {
90
197
  // 2fa is not enabled, so we found user, it means it is logged
91
198
  session.Data.set('Authorized', true);
92
199
  await this.SessionProvider.save(session);
200
+ await this.Queue.emit(new UserLoginSuccess_1.UserLoginSuccess(user.Uuid));
201
+ user.LastLoginAt = luxon_1.DateTime.now();
202
+ await user.update();
93
203
  // BEWARE: httpOnly coockie, only accesible via http method in browser
94
204
  // return coockie session id with additional user data
95
- return new http_1.CookieResponse('ssid', session.SessionId, this.SessionExpirationTime, true, lodash_1.default.omit(dUser, ['Id']), { httpOnly: true });
96
- }
97
- async logout(ssid) {
98
- if (!ssid) {
99
- return new http_1.Ok();
100
- }
101
- await this.SessionProvider.delete(ssid);
102
- // send empty cookie to confirm session deletion
103
- return new http_1.CookieResponse('ssid', null, this.SessionExpirationTime);
205
+ return new http_1.CookieResponse('ssid', session.SessionId, this.SessionExpirationTime, true, dUser, { httpOnly: true });
104
206
  }
105
207
  };
106
208
  __decorate([
@@ -108,35 +210,91 @@ __decorate([
108
210
  __metadata("design:type", configuration_1.Configuration)
109
211
  ], LoginController.prototype, "Configuration", void 0);
110
212
  __decorate([
111
- (0, di_1.Autoinject)(),
213
+ (0, configuration_1.AutoinjectService)('rbac.auth'),
112
214
  __metadata("design:type", rbac_1.AuthProvider)
113
215
  ], LoginController.prototype, "AuthProvider", void 0);
114
216
  __decorate([
115
- (0, di_1.Autoinject)(),
217
+ (0, configuration_1.AutoinjectService)('rbac.session'),
116
218
  __metadata("design:type", rbac_1.SessionProvider)
117
219
  ], LoginController.prototype, "SessionProvider", void 0);
118
220
  __decorate([
119
- (0, configuration_1.Config)('rbac.session.expiration', 120),
221
+ (0, configuration_1.Config)('rbac.session.expiration', {
222
+ defaultValue: 120,
223
+ }),
120
224
  __metadata("design:type", Number)
121
225
  ], LoginController.prototype, "SessionExpirationTime", void 0);
122
226
  __decorate([
123
- (0, configuration_1.Config)('rbac.twoFactorAuth'),
124
- __metadata("design:type", Object)
125
- ], LoginController.prototype, "TwoFactorConfig", void 0);
227
+ (0, configuration_1.Config)('rbac.password_reset.ttl'),
228
+ __metadata("design:type", Number)
229
+ ], LoginController.prototype, "PasswordResetTokenTTL", void 0);
230
+ __decorate([
231
+ (0, configuration_1.AutoinjectService)('rbac.twoFactorAuth'),
232
+ __metadata("design:type", interfaces_1.TwoFactorAuthProvider)
233
+ ], LoginController.prototype, "TwoFactorAuthProvider", void 0);
126
234
  __decorate([
127
- (0, configuration_1.Config)('rbac.fingerprint'),
128
- __metadata("design:type", Object)
129
- ], LoginController.prototype, "FingerPrintConfig", void 0);
235
+ (0, configuration_1.AutoinjectService)('rbac.fingerprint.provider'),
236
+ __metadata("design:type", interfaces_1.FingerprintProvider)
237
+ ], LoginController.prototype, "FingerprintProvider", void 0);
238
+ __decorate([
239
+ (0, configuration_1.AutoinjectService)('rbac.password.validation'),
240
+ __metadata("design:type", rbac_1.PasswordValidationProvider)
241
+ ], LoginController.prototype, "PasswordValidationService", void 0);
242
+ __decorate([
243
+ (0, di_1.Autoinject)(rbac_1.FederatedAuthProvider),
244
+ __metadata("design:type", Array)
245
+ ], LoginController.prototype, "FederatedLoginStrategies", void 0);
246
+ __decorate([
247
+ (0, di_1.Autoinject)(),
248
+ __metadata("design:type", rbac_1.PasswordProvider)
249
+ ], LoginController.prototype, "PasswordProvider", void 0);
250
+ __decorate([
251
+ (0, di_1.Autoinject)(queue_1.QueueClient),
252
+ __metadata("design:type", queue_1.QueueClient)
253
+ ], LoginController.prototype, "Queue", void 0);
254
+ __decorate([
255
+ (0, http_1.Post)('federated-login'),
256
+ (0, http_1.Policy)(NotLoggedPolicy_1.NotLoggedPolicy),
257
+ __param(0, (0, http_1.Body)()),
258
+ __param(1, (0, http_1.Header)('Host')),
259
+ __metadata("design:type", Function),
260
+ __metadata("design:paramtypes", [Object, String]),
261
+ __metadata("design:returntype", Promise)
262
+ ], LoginController.prototype, "loginFederated", null);
263
+ __decorate([
264
+ (0, http_1.Get)(),
265
+ (0, http_1.Policy)(NotLoggedPolicy_1.NotLoggedPolicy),
266
+ __metadata("design:type", Function),
267
+ __metadata("design:paramtypes", []),
268
+ __metadata("design:returntype", Promise)
269
+ ], LoginController.prototype, "federatedLoginList", null);
130
270
  __decorate([
131
271
  (0, http_1.Post)(),
272
+ (0, http_1.Policy)(NotLoggedPolicy_1.NotLoggedPolicy),
132
273
  __param(0, (0, http_1.Body)()),
133
- __param(1, (0, decorators_1.User)()),
134
274
  __metadata("design:type", Function),
135
- __metadata("design:paramtypes", [userLogin_dto_1.UserLoginDto, rbac_1.User]),
275
+ __metadata("design:paramtypes", [userLogin_dto_1.UserLoginDto]),
136
276
  __metadata("design:returntype", Promise)
137
277
  ], LoginController.prototype, "login", null);
278
+ __decorate([
279
+ (0, http_1.Post)('new-password'),
280
+ (0, http_1.Policy)(NotLoggedPolicy_1.NotLoggedPolicy),
281
+ __param(0, (0, http_1.Query)()),
282
+ __param(1, (0, http_1.Body)()),
283
+ __metadata("design:type", Function),
284
+ __metadata("design:paramtypes", [String, restore_password_dto_1.RestorePasswordDto]),
285
+ __metadata("design:returntype", Promise)
286
+ ], LoginController.prototype, "setNewPassword", null);
287
+ __decorate([
288
+ (0, http_1.Post)('forgot-password'),
289
+ (0, http_1.Policy)(NotLoggedPolicy_1.NotLoggedPolicy),
290
+ __param(0, (0, http_1.Body)()),
291
+ __metadata("design:type", Function),
292
+ __metadata("design:paramtypes", [userLogin_dto_1.UserLoginDto]),
293
+ __metadata("design:returntype", Promise)
294
+ ], LoginController.prototype, "forgotPassword", null);
138
295
  __decorate([
139
296
  (0, http_1.Get)(),
297
+ (0, http_1.Policy)(LoggedPolicy_1.LoggedPolicy),
140
298
  __param(0, (0, http_1.Cookie)()),
141
299
  __metadata("design:type", Function),
142
300
  __metadata("design:paramtypes", [String]),
package/lib/controllers/LoginController.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"LoginController.js","sourceRoot":"","sources":["../../src/controllers/LoginController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,wDAAoD;AACpD,wCAAgI;AAChI,wCAA0F;AAC1F,oCAA8D;AAC9D,0DAA+D;AAC/D,gDAAuC;AACvC,oDAAuB;AAIvB,IAAa,eAAe,GAA5B,MAAa,eAAgB,SAAQ,qBAAc;IAuB1C,KAAK,CAAC,YAAY;QACvB,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE;YAChC,IAAI,CAAC,OAAE,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE;gBAC3C,MAAM,IAAI,oBAAe,CAAC,gBAAgB,IAAI,CAAC,eAAe,CAAC,OAAO,iCAAiC,CAAC,CAAC;aAC1G;YACD,IAAI,CAAC,qBAAqB,GAAG,OAAE,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;SACvE;QAED,IAAI,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE;YAClC,IAAI,CAAC,OAAE,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,EAAE;gBAC7C,MAAM,IAAI,oBAAe,CAAC,wBAAwB,IAAI,CAAC,iBAAiB,CAAC,OAAO,iCAAiC,CAAC,CAAC;aACpH;YACD,IAAI,CAAC,mBAAmB,GAAG,OAAE,CAAC,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;SACvE;IACH,CAAC;IAGM,KAAK,CAAC,KAAK,CAAS,WAAyB,EAAU,MAAiB;QAC7E,IAAI,MAAM,EAAE;YACV,OAAO,IAAI,iBAAU,CAAC,mEAAmE,CAAC,CAAC;SAC5F;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;QAE3F,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,mBAAY,CAAC;gBACtB,KAAK,EAAE;oBACL,OAAO,EAAE,6BAA6B;iBACvC;aACF,CAAC,CAAC;SACJ;QAED,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE/B,MAAM,OAAO,GAAG,IAAI,cAAO,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAC/B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAEhC,wDAAwD;QACxD,gCAAgC;QAChC,iDAAiD;QACjD,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QAEtC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEzC,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE;YAChC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAExE;;eAEG;YACH,IAAI,cAAc,EAAE;gBAClB;;mBAEG;gBACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;gBAC3E,IAAI,CAAC,aAAa,EAAE;oBAClB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;oBAEtE,OAAO,IAAI,qBAAc,CACvB,MAAM,EACN,OAAO,CAAC,SAAS,EACjB,IAAI,CAAC,qBAAqB,EAC1B,IAAI,EACJ;wBACE,YAAY,EAAE,IAAI;wBAClB,UAAU,EAAE,IAAI;wBAChB,MAAM,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO;wBACpC,IAAI,EAAE,WAAW;qBAClB,EACD,EAAE,QAAQ,EAAE,IAAI,EAAE,CACnB,CAAC;iBACH;gBAED,mDAAmD;gBACnD,MAAM,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAE/C,kCAAkC;gBAClC,iDAAiD;gBACjD,OAAO,IAAI,qBAAc,CACvB,MAAM,EACN,OAAO,CAAC,SAAS,EACjB,IAAI,CAAC,qBAAqB,EAC1B,IAAI,EACJ;oBACE,YAAY,EAAE,IAAI;iBACnB,EACD,EAAE,QAAQ,EAAE,IAAI,EAAE,CACnB,CAAC;aACH;SACF;QAED,8DAA8D;QAC9D,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QACrC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEzC,sEAAsE;QACtE,sDAAsD;QACtD,OAAO,IAAI,qBAAc,CAAC,MAAM,EAAE,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,qBAAqB,EAAE,IAAI,EAAE,gBAAC,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;IACpI,CAAC;IAGM,KAAK,CAAC,MAAM,CAAW,IAAY;QACxC,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,SAAE,EAAE,CAAC;SACjB;QAED,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAExC,gDAAgD;QAChD,OAAO,IAAI,qBAAc,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC;IACtE,CAAC;CACF,CAAA;AArIC;IADC,IAAA,eAAU,GAAE;8BACY,6BAAa;sDAAC;AAGvC;IADC,IAAA,eAAU,GAAE;8BACW,mBAAY;qDAAC;AAGrC;IADC,IAAA,eAAU,GAAE;8BACc,sBAAe;wDAAC;AAG3C;IADC,IAAA,sBAAM,EAAC,yBAAyB,EAAE,GAAG,CAAC;;8DACC;AAGxC;IADC,IAAA,sBAAM,EAAC,oBAAoB,CAAC;;wDACkB;AAG/C;IADC,IAAA,sBAAM,EAAC,kBAAkB,CAAC;;0DACoB;AAuB/C;IADC,IAAA,WAAI,GAAE;IACa,WAAA,IAAA,WAAI,GAAE,CAAA;IAA6B,WAAA,IAAA,iBAAI,GAAE,CAAA;;qCAArB,4BAAY,EAAkB,WAAS;;4CAkF9E;AAGD;IADC,IAAA,UAAG,GAAE;IACe,WAAA,IAAA,aAAM,GAAE,CAAA;;;;6CAS5B;AAtIU,eAAe;IAD3B,IAAA,eAAQ,EAAC,WAAW,CAAC;GACT,eAAe,CAuI3B;AAvIY,0CAAe"}
1
+ {"version":3,"file":"LoginController.js","sourceRoot":"","sources":["../../src/controllers/LoginController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,oDAAuD;AACvD,wDAAoD;AACpD,wCAAiK;AACjK,wCAAwM;AACxM,oCAAyC;AACzC,0DAAkF;AAElF,8CAA2E;AAC3E,0CAA6C;AAE7C,iEAA8D;AAC9D,2DAAwD;AACxD,qEAAmE;AACnE,sEAAiE;AAEjE,+BAAoC;AACpC,iCAAiC;AACjC,wCAA2C;AAC3C,iEAA8D;AAG9D,IAAa,eAAe,GAA5B,MAAa,eAAgB,SAAQ,qBAAc;IAsC1C,KAAK,CAAC,cAAc,CAAS,WAAoB,EAAkB,MAAc;QACtF,MAAM,QAAQ,GAAG,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;QAClF,IAAI,CAAC,QAAQ,EAAE;YACb,MAAM,IAAI,6BAAgB,CAAC,0CAA0C,MAAM,EAAE,CAAC,CAAC;SAChF;QAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QACxD,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;YACjB,uCAAuC;YACvC,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;SAC7C;QAED,OAAO,IAAI,mBAAY,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACxC,CAAC;IAED;;;;;OAKG;IAGI,KAAK,CAAC,kBAAkB;QAC7B,OAAO,IAAI,SAAE,CAAC,IAAI,CAAC,wBAAwB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAClE,CAAC;IAIM,KAAK,CAAC,KAAK,CAAS,WAAyB;QAClD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAC;QAE7F,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE;YACjB,uCAAuC;YACvC,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;SAC7C;QAED,OAAO,IAAI,mBAAY,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACxC,CAAC;IAIM,KAAK,CAAC,cAAc,CAAU,KAAa,EAAU,GAAuB;QACjF,MAAM,IAAI,GAAG,MAAM,WAAI,CAAC,KAAK,EAAE;aAC5B,SAAS,CAAC,mBAAY,EAAE;YACvB,IAAI,CAAC,KAAK,CAAC;gBACT,GAAG,EAAE,sBAAsB;gBAC3B,KAAK,EAAE,KAAK;aACb,CAAC,CAAC;QACL,CAAC,CAAC;aACD,QAAQ,CAAC,UAAU,CAAC;aACpB,KAAK,EAAE,CAAC;QAEX,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,eAAQ,CAAC;gBAClB,KAAK,EAAE;oBACL,IAAI,EAAE,oBAAoB;oBAC1B,OAAO,EAAE,oCAAoC;iBAC9C;aACF,CAAC,CAAC;SACJ;QAED,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAa,CAAC;QACtE,MAAM,GAAG,GAAG,gBAAQ,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC,IAAI,CAAC,qBAAqB,EAAE,CAAC,CAAC;QAE1E,IAAI,GAAG,GAAG,GAAG,EAAE;YACb,OAAO,IAAI,iBAAU,CAAC;gBACpB,KAAK,EAAE;oBACL,IAAI,EAAE,yBAAyB;oBAC/B,OAAO,EAAE,8BAA8B;iBACxC;aACF,CAAC,CAAC;SACJ;QAED,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE;YACvD,OAAO,IAAI,iBAAU,CAAC;gBACpB,KAAK,EAAE;oBACL,IAAI,EAAE,mBAAmB;oBACzB,OAAO,EAAE,iDAAiD;iBAC3D;aACF,CAAC,CAAC;SACJ;QAED,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,eAAe,EAAE;YACxC,OAAO,IAAI,iBAAU,CAAC;gBACpB,KAAK,EAAE;oBACL,IAAI,EAAE,wBAAwB;oBAC9B,OAAO,EAAE,6CAA6C;iBACvD;aACF,CAAC,CAAC;SACJ;QAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,CAAC,QAAQ,GAAG,cAAc,CAAC;QAE/B,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAEpB;;WAEG;QACH,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QAE/C,qBAAqB;QACrB,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CACpB,IAAI,iBAAU,CAAC;YACb,UAAU,EAAE,IAAI;YAChB,MAAM,EAAE,gBAAgB;SACzB,CAAC,CACH,CAAC;QAEF,gBAAgB;QAChB,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,0BAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC5D,CAAC;IAIM,KAAK,CAAC,cAAc,CAAS,KAAmB;QACrD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAE7D,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,SAAS,KAAK,IAAI,EAAE;YAC9D,OAAO,IAAI,6BAAgB,CAAC,mEAAmE,CAAC,CAAC;SAClG;QAED,MAAM,KAAK,GAAG,IAAA,SAAM,GAAE,CAAC;QAEvB,sBAAsB;QACtB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC;QAC/C,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,GAAG,KAAK,CAAC,CAAC;QACtD,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,GAAG,gBAAQ,CAAC,GAAG,EAAE,CAAC,CAAC;QAE/D,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CACpB,IAAI,iBAAU,CAAC;YACb,MAAM,EAAE,qBAAqB;YAC7B,IAAI,EAAE,gBAAQ,CAAC,GAAG,EAAE,CAAC,KAAK,EAAE;YAC5B,UAAU,EAAE,IAAI;SACjB,CAAC,CACH,CAAC;QAEF,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,wCAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;QAEjE,OAAO,IAAI,SAAE,CAAC;YACZ,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,IAAI,CAAC,qBAAqB;SAChC,CAAC,CAAC;IACL,CAAC;IAIM,KAAK,CAAC,MAAM,CAAW,IAAY;QACxC,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,SAAE,EAAE,CAAC;SACjB;QAED,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAExC,gDAAgD;QAChD,OAAO,IAAI,qBAAc,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC;IACtE,CAAC;IAES,KAAK,CAAC,YAAY,CAAC,IAAe,EAAE,SAAmB;QAC/D,IAAI,CAAC,IAAI,EAAE;YACT,OAAO,IAAI,mBAAY,CAAC;gBACtB,KAAK,EAAE;oBACL,OAAO,EAAE,6BAA6B;iBACvC;aACF,CAAC,CAAC;SACJ;QAED,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE/B,MAAM,OAAO,GAAG,IAAI,cAAO,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAC/B,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAEhC,wDAAwD;QACxD,gCAAgC;QAChC,iDAAiD;QACjD,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QAEtC,4CAA4C;QAC5C,qCAAqC;QACrC,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,IAAI,CAAC,SAAS,EAAE;YAC9C,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEzC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAExE;;eAEG;YACH,IAAI,cAAc,EAAE;gBAClB;;mBAEG;gBACH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;gBAC3E,IAAI,CAAC,aAAa,EAAE;oBAClB,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;oBAEtE,OAAO,IAAI,qBAAc,CACvB,MAAM,EACN,OAAO,CAAC,SAAS,EACjB,IAAI,CAAC,qBAAqB,EAC1B,IAAI,EACJ;wBACE,YAAY,EAAE,IAAI;wBAClB,sBAAsB,EAAE,IAAI;wBAC5B,MAAM,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO;wBACpC,IAAI,EAAE,WAAW;qBAClB,EACD,EAAE,QAAQ,EAAE,IAAI,EAAE,CACnB,CAAC;iBACH;gBAED,mDAAmD;gBACnD,MAAM,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAE/C,kCAAkC;gBAClC,iDAAiD;gBACjD,OAAO,IAAI,qBAAc,CACvB,MAAM,EACN,OAAO,CAAC,SAAS,EACjB,IAAI,CAAC,qBAAqB,EAC1B,IAAI,EACJ;oBACE,YAAY,EAAE,IAAI;iBACnB,EACD,EAAE,QAAQ,EAAE,IAAI,EAAE,CACnB,CAAC;aACH;SACF;QAED,8DAA8D;QAC9D,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QACrC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEzC,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,mCAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAEvD,IAAI,CAAC,WAAW,GAAG,gBAAQ,CAAC,GAAG,EAAE,CAAC;QAClC,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAEpB,sEAAsE;QACtE,sDAAsD;QACtD,OAAO,IAAI,qBAAc,CAAC,MAAM,EAAE,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,qBAAqB,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;IACpH,CAAC;CACF,CAAA;AAvRC;IADC,IAAA,eAAU,GAAE;8BACY,6BAAa;sDAAC;AAGvC;IADC,IAAA,iCAAiB,EAAC,WAAW,CAAC;8BACP,mBAAY;qDAAC;AAGrC;IADC,IAAA,iCAAiB,EAAC,cAAc,CAAC;8BACP,sBAAe;wDAAC;AAK3C;IAHC,IAAA,sBAAM,EAAC,yBAAyB,EAAE;QACjC,YAAY,EAAE,GAAG;KAClB,CAAC;;8DACsC;AAGxC;IADC,IAAA,sBAAM,EAAC,yBAAyB,CAAC;;8DACM;AAGxC;IADC,IAAA,iCAAiB,EAAC,oBAAoB,CAAC;8BACP,kCAAqB;8DAAC;AAGvD;IADC,IAAA,iCAAiB,EAAC,2BAA2B,CAAC;8BAChB,gCAAmB;4DAAC;AAGnD;IADC,IAAA,iCAAiB,EAAC,0BAA0B,CAAC;8BACT,iCAA0B;kEAAC;AAGhE;IADC,IAAA,eAAU,EAAC,4BAAqB,CAAC;;iEAC+B;AAGjE;IADC,IAAA,eAAU,GAAE;8BACe,uBAAgB;yDAAC;AAG7C;IADC,IAAA,eAAU,EAAC,mBAAW,CAAC;8BACP,mBAAW;8CAAC;AAI7B;IAFC,IAAA,WAAI,EAAC,iBAAiB,CAAC;IACvB,IAAA,aAAM,EAAC,iCAAe,CAAC;IACK,WAAA,IAAA,WAAI,GAAE,CAAA;IAAwB,WAAA,IAAA,aAAM,EAAC,MAAM,CAAC,CAAA;;;;qDAaxE;AAUD;IAFC,IAAA,UAAG,GAAE;IACL,IAAA,aAAM,EAAC,iCAAe,CAAC;;;;yDAGvB;AAID;IAFC,IAAA,WAAI,GAAE;IACN,IAAA,aAAM,EAAC,iCAAe,CAAC;IACJ,WAAA,IAAA,WAAI,GAAE,CAAA;;qCAAc,4BAAY;;4CASnD;AAID;IAFC,IAAA,WAAI,EAAC,cAAc,CAAC;IACpB,IAAA,aAAM,EAAC,iCAAe,CAAC;IACK,WAAA,IAAA,YAAK,GAAE,CAAA;IAAiB,WAAA,IAAA,WAAI,GAAE,CAAA;;6CAAM,yCAAkB;;qDAsElF;AAID;IAFC,IAAA,WAAI,EAAC,iBAAiB,CAAC;IACvB,IAAA,aAAM,EAAC,iCAAe,CAAC;IACK,WAAA,IAAA,WAAI,GAAE,CAAA;;qCAAQ,4BAAY;;qDA4BtD;AAID;IAFC,IAAA,UAAG,GAAE;IACL,IAAA,aAAM,EAAC,2BAAY,CAAC;IACA,WAAA,IAAA,aAAM,GAAE,CAAA;;;;6CAS5B;AAnMU,eAAe;IAD3B,IAAA,eAAQ,EAAC,WAAW,CAAC;GACT,eAAe,CAyR3B;AAzRY,0CAAe"}
package/lib/controllers/TwoFactorAuthController.d.ts CHANGED
@@ -1,11 +1,11 @@
1
1
  import { TokenDto } from './../dto/token-dto';
2
2
  import { BaseController, Ok, Unauthorized } from '@spinajs/http';
3
3
  import { SessionProvider, User as UserModel } from '@spinajs/rbac';
4
- import { TwoFactorAuthConfig, TwoFactorAuthProvider } from '../interfaces';
4
+ import { TwoFactorAuthProvider } from '../interfaces';
5
+ import { QueueClient } from '@spinajs/queue';
5
6
  export declare class TwoFactorAuthController extends BaseController {
6
- protected TwoFactorConfig: TwoFactorAuthConfig;
7
+ protected Queue: QueueClient;
7
8
  protected SessionProvider: SessionProvider;
8
9
  protected TwoFactorAuthProvider: TwoFactorAuthProvider;
9
- resolveAsync(): Promise<void>;
10
10
  verifyToken(logged: UserModel, token: TokenDto, ssid: string): Promise<Ok | Unauthorized>;
11
11
  }
package/lib/controllers/TwoFactorAuthController.js CHANGED
@@ -11,50 +11,49 @@ var __metadata = (this && this.__metadata) || function (k, v) {
11
11
  var __param = (this && this.__param) || function (paramIndex, decorator) {
12
12
  return function (target, key) { decorator(target, key, paramIndex); }
13
13
  };
14
- var __importDefault = (this && this.__importDefault) || function (mod) {
15
- return (mod && mod.__esModule) ? mod : { "default": mod };
16
- };
17
14
  Object.defineProperty(exports, "__esModule", { value: true });
18
15
  exports.TwoFactorAuthController = void 0;
19
16
  const token_dto_1 = require("./../dto/token-dto");
20
17
  const http_1 = require("@spinajs/http");
21
18
  const rbac_1 = require("@spinajs/rbac");
22
19
  const http_2 = require("@spinajs/http");
23
- const lodash_1 = __importDefault(require("lodash"));
24
20
  const decorators_1 = require("../decorators");
25
21
  const _2FaPolicy_1 = require("../policies/2FaPolicy");
26
22
  const configuration_1 = require("@spinajs/configuration");
23
+ const interfaces_1 = require("../interfaces");
24
+ const luxon_1 = require("luxon");
25
+ const UserLoginSuccess_1 = require("../events/UserLoginSuccess");
27
26
  const di_1 = require("@spinajs/di");
27
+ const queue_1 = require("@spinajs/queue");
28
28
  let TwoFactorAuthController = class TwoFactorAuthController extends http_1.BaseController {
29
- async resolveAsync() {
30
- if (this.TwoFactorConfig.enabled) {
31
- if (!di_1.DI.check(this.TwoFactorConfig.service)) {
32
- throw new di_1.ServiceNotFound(`2FA provider ${this.TwoFactorConfig.service} not registered in DI container`);
33
- }
34
- this.TwoFactorAuthProvider = di_1.DI.resolve(this.TwoFactorConfig.service);
35
- }
36
- }
37
29
  async verifyToken(logged, token, ssid) {
38
30
  const result = await this.TwoFactorAuthProvider.verifyToken(token.Token, logged);
39
31
  if (result) {
40
32
  return new http_1.Unauthorized(`invalid token`);
41
33
  }
42
- const session = await this.SessionProvider.restore(ssid);
43
- session.Data.set('Authorized', true);
44
- session.Data.set('2fa_check', true);
45
- await this.SessionProvider.save(session);
34
+ logged.LastLoginAt = luxon_1.DateTime.now();
35
+ await logged.update();
36
+ await this.Queue.emit(new UserLoginSuccess_1.UserLoginSuccess(logged.Uuid));
37
+ await this.SessionProvider.save(ssid, {
38
+ Authorized: true,
39
+ TwoFactorAuth_check: true,
40
+ });
46
41
  // return user data
47
- return new http_1.Ok(lodash_1.default.omit(logged.dehydrate(), ['Id']));
42
+ return new http_1.Ok(logged.dehydrate());
48
43
  }
49
44
  };
50
45
  __decorate([
51
- (0, configuration_1.Config)('rbac.twoFactorAuth'),
52
- __metadata("design:type", Object)
53
- ], TwoFactorAuthController.prototype, "TwoFactorConfig", void 0);
46
+ (0, di_1.Autoinject)(queue_1.QueueClient),
47
+ __metadata("design:type", queue_1.QueueClient)
48
+ ], TwoFactorAuthController.prototype, "Queue", void 0);
54
49
  __decorate([
55
- (0, di_1.Autoinject)(),
50
+ (0, configuration_1.AutoinjectService)('rbac.session'),
56
51
  __metadata("design:type", rbac_1.SessionProvider)
57
52
  ], TwoFactorAuthController.prototype, "SessionProvider", void 0);
53
+ __decorate([
54
+ (0, configuration_1.AutoinjectService)('rbac.twoFactorAuth'),
55
+ __metadata("design:type", interfaces_1.TwoFactorAuthProvider)
56
+ ], TwoFactorAuthController.prototype, "TwoFactorAuthProvider", void 0);
58
57
  __decorate([
59
58
  (0, http_1.Post)('2fa/verify'),
60
59
  __param(0, (0, decorators_1.User)()),
package/lib/controllers/TwoFactorAuthController.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"TwoFactorAuthController.js","sourceRoot":"","sources":["../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,kDAA8C;AAC9C,wCAAyF;AACzF,wCAAmE;AACnE,wCAA6C;AAC7C,oDAAuB;AACvB,8CAAqC;AACrC,sDAA2D;AAC3D,0DAAgD;AAEhD,oCAA8D;AAI9D,IAAa,uBAAuB,GAApC,MAAa,uBAAwB,SAAQ,qBAAc;IASlD,KAAK,CAAC,YAAY;QACvB,IAAI,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE;YAChC,IAAI,CAAC,OAAE,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE;gBAC3C,MAAM,IAAI,oBAAe,CAAC,gBAAgB,IAAI,CAAC,eAAe,CAAC,OAAO,iCAAiC,CAAC,CAAC;aAC1G;YACD,IAAI,CAAC,qBAAqB,GAAG,OAAE,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;SACvE;IACH,CAAC;IAGM,KAAK,CAAC,WAAW,CAAS,MAAiB,EAAU,KAAe,EAAY,IAAY;QACjG,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,WAAW,CAAC,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAEjF,IAAI,MAAM,EAAE;YACV,OAAO,IAAI,mBAAY,CAAC,eAAe,CAAC,CAAC;SAC1C;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QAEpC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEzC,mBAAmB;QACnB,OAAO,IAAI,SAAE,CAAC,gBAAC,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpD,CAAC;CACF,CAAA;AAjCC;IADC,IAAA,sBAAM,EAAC,oBAAoB,CAAC;;gEACkB;AAG/C;IADC,IAAA,eAAU,GAAE;8BACc,sBAAe;gEAAC;AAc3C;IADC,IAAA,WAAI,EAAC,YAAY,CAAC;IACO,WAAA,IAAA,iBAAI,GAAE,CAAA;IAAqB,WAAA,IAAA,WAAI,GAAE,CAAA;IAAmB,WAAA,IAAA,aAAM,GAAE,CAAA;;qCAA7C,WAAS,EAAiB,oBAAQ;;0DAe1E;AAlCU,uBAAuB;IAFnC,IAAA,eAAQ,EAAC,WAAW,CAAC;IACrB,IAAA,aAAM,EAAC,+BAAkB,CAAC;GACd,uBAAuB,CAmCnC;AAnCY,0DAAuB"}
1
+ {"version":3,"file":"TwoFactorAuthController.js","sourceRoot":"","sources":["../../src/controllers/TwoFactorAuthController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,kDAA8C;AAC9C,wCAAyF;AACzF,wCAAmE;AACnE,wCAA6C;AAE7C,8CAAqC;AACrC,sDAA2D;AAC3D,0DAA2D;AAC3D,8CAAsD;AACtD,iCAAiC;AACjC,iEAA8D;AAC9D,oCAAyC;AACzC,0CAA6C;AAI7C,IAAa,uBAAuB,GAApC,MAAa,uBAAwB,SAAQ,qBAAc;IAWlD,KAAK,CAAC,WAAW,CAAS,MAAiB,EAAU,KAAe,EAAY,IAAY;QACjG,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,WAAW,CAAC,KAAK,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAEjF,IAAI,MAAM,EAAE;YACV,OAAO,IAAI,mBAAY,CAAC,eAAe,CAAC,CAAC;SAC1C;QAED,MAAM,CAAC,WAAW,GAAG,gBAAQ,CAAC,GAAG,EAAE,CAAC;QACpC,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;QAEtB,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,mCAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAEzD,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE;YACpC,UAAU,EAAE,IAAI;YAChB,mBAAmB,EAAE,IAAI;SAC1B,CAAC,CAAC;QAEH,mBAAmB;QACnB,OAAO,IAAI,SAAE,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;IACpC,CAAC;CACF,CAAA;AA7BC;IADC,IAAA,eAAU,EAAC,mBAAW,CAAC;8BACP,mBAAW;sDAAC;AAG7B;IADC,IAAA,iCAAiB,EAAC,cAAc,CAAC;8BACP,sBAAe;gEAAC;AAG3C;IADC,IAAA,iCAAiB,EAAC,oBAAoB,CAAC;8BACP,kCAAqB;sEAAC;AAGvD;IADC,IAAA,WAAI,EAAC,YAAY,CAAC;IACO,WAAA,IAAA,iBAAI,GAAE,CAAA;IAAqB,WAAA,IAAA,WAAI,GAAE,CAAA;IAAmB,WAAA,IAAA,aAAM,GAAE,CAAA;;qCAA7C,WAAS,EAAiB,oBAAQ;;0DAmB1E;AA9BU,uBAAuB;IAFnC,IAAA,eAAQ,EAAC,WAAW,CAAC;IACrB,IAAA,aAAM,EAAC,+BAAkB,CAAC;GACd,uBAAuB,CA+BnC;AA/BY,0DAAuB"}
package/lib/controllers/UserController.d.ts CHANGED
@@ -1,5 +1,4 @@
1
1
  import { PasswordDto } from '../dto/password-dto';
2
- import { UserLoginDto } from '../dto/login-dto';
3
2
  import { User as UserModel, PasswordProvider, SessionProvider } from '@spinajs/rbac';
4
3
  import { BaseController, Ok } from '@spinajs/http';
5
4
  export declare class UserController extends BaseController {
@@ -7,6 +6,5 @@ export declare class UserController extends BaseController {
7
6
  protected CoockieSecret: string;
8
7
  protected SessionProvider: SessionProvider;
9
8
  refresh(user: UserModel, ssid: string): Promise<Ok>;
10
- restorePassword(_login: UserLoginDto): Promise<void>;
11
- newPassword(login: string, pwd: PasswordDto): Promise<Ok>;
9
+ newPassword(user: UserModel, pwd: PasswordDto): Promise<Ok>;
12
10
  }
package/lib/controllers/UserController.js CHANGED
@@ -34,13 +34,9 @@ var __metadata = (this && this.__metadata) || function (k, v) {
34
34
  var __param = (this && this.__param) || function (paramIndex, decorator) {
35
35
  return function (target, key) { decorator(target, key, paramIndex); }
36
36
  };
37
- var __importDefault = (this && this.__importDefault) || function (mod) {
38
- return (mod && mod.__esModule) ? mod : { "default": mod };
39
- };
40
37
  Object.defineProperty(exports, "__esModule", { value: true });
41
38
  exports.UserController = void 0;
42
39
  const password_dto_1 = require("../dto/password-dto");
43
- const login_dto_1 = require("../dto/login-dto");
44
40
  const rbac_1 = require("@spinajs/rbac");
45
41
  const http_1 = require("@spinajs/http");
46
42
  const exceptions_1 = require("@spinajs/exceptions");
@@ -48,8 +44,6 @@ const di_1 = require("@spinajs/di");
48
44
  const decorators_1 = require("../decorators");
49
45
  const configuration_1 = require("@spinajs/configuration");
50
46
  const cs = __importStar(require("cookie-signature"));
51
- const lodash_1 = __importDefault(require("lodash"));
52
- const http_2 = require("@spinajs/http");
53
47
  let UserController = class UserController extends http_1.BaseController {
54
48
  async refresh(user, ssid) {
55
49
  // get user data from db
@@ -63,14 +57,12 @@ let UserController = class UserController extends http_1.BaseController {
63
57
  session.Data.set('User', user.dehydrate());
64
58
  }
65
59
  }
66
- return new http_1.Ok(lodash_1.default.omit(user.dehydrate(), ['Id']));
60
+ return new http_1.Ok(user.dehydrate());
67
61
  }
68
- async restorePassword(_login) { }
69
- async newPassword(login, pwd) {
62
+ async newPassword(user, pwd) {
70
63
  if (pwd.Password !== pwd.ConfirmPassword) {
71
64
  throw new exceptions_1.InvalidArgument('password does not match');
72
65
  }
73
- const user = await rbac_1.User.where({ Login: login }).firstOrFail();
74
66
  const isValid = await this.PasswordProvider.verify(user.Password, pwd.OldPassword);
75
67
  if (!isValid) {
76
68
  throw new exceptions_1.Forbidden('old password do not match');
@@ -103,18 +95,11 @@ __decorate([
103
95
  __metadata("design:returntype", Promise)
104
96
  ], UserController.prototype, "refresh", null);
105
97
  __decorate([
106
- (0, http_2.Post)('password/restore'),
107
- __param(0, (0, http_1.Body)()),
108
- __metadata("design:type", Function),
109
- __metadata("design:paramtypes", [login_dto_1.UserLoginDto]),
110
- __metadata("design:returntype", Promise)
111
- ], UserController.prototype, "restorePassword", null);
112
- __decorate([
113
- (0, http_1.Patch)('/password/:login'),
114
- __param(0, (0, http_1.Param)()),
98
+ (0, http_1.Patch)('/password'),
99
+ __param(0, (0, decorators_1.User)()),
115
100
  __param(1, (0, http_1.Body)()),
116
101
  __metadata("design:type", Function),
117
- __metadata("design:paramtypes", [String, password_dto_1.PasswordDto]),
102
+ __metadata("design:paramtypes", [rbac_1.User, password_dto_1.PasswordDto]),
118
103
  __metadata("design:returntype", Promise)
119
104
  ], UserController.prototype, "newPassword", null);
120
105
  UserController = __decorate([
package/lib/controllers/UserController.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"UserController.js","sourceRoot":"","sources":["../../src/controllers/UserController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sDAAkD;AAClD,gDAAgD;AAChD,wCAAqF;AACrF,wCAA8F;AAC9F,oDAAiE;AACjE,oCAAyC;AACzC,8CAA2D;AAC3D,0DAAgD;AAChD,qDAAuC;AACvC,oDAAuB;AACvB,wCAAqC;AAIrC,IAAa,cAAc,GAA3B,MAAa,cAAe,SAAQ,qBAAc;IAYzC,KAAK,CAAC,OAAO,CAAS,IAAe,EAAY,IAAY;QAClE,wBAAwB;QACxB,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE/B,+BAA+B;QAC/B,MAAM,GAAG,GAAmB,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAChE,IAAI,GAAG,EAAE;YACP,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACxD,IAAI,OAAO,EAAE;gBACX,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;aAC5C;SACF;QAED,OAAO,IAAI,SAAE,CAAC,gBAAC,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IAGM,KAAK,CAAC,eAAe,CAAS,MAAoB,IAAG,CAAC;IAGtD,KAAK,CAAC,WAAW,CAAU,KAAa,EAAU,GAAgB;QACvE,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,eAAe,EAAE;YACxC,MAAM,IAAI,4BAAe,CAAC,yBAAyB,CAAC,CAAC;SACtD;QAED,MAAM,IAAI,GAAG,MAAM,WAAS,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QACnE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;QAEnF,IAAI,CAAC,OAAO,EAAE;YACZ,MAAM,IAAI,sBAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,CAAC,QAAQ,GAAG,cAAc,CAAC;QAC/B,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACpB,OAAO,IAAI,SAAE,EAAE,CAAC;IAClB,CAAC;CACF,CAAA;AAhDC;IADC,IAAA,eAAU,GAAE;8BACe,uBAAgB;wDAAC;AAG7C;IADC,IAAA,sBAAM,EAAC,oBAAoB,CAAC;;qDACG;AAGhC;IADC,IAAA,eAAU,GAAE;8BACc,sBAAe;uDAAC;AAI3C;IAFC,IAAA,UAAG,GAAE;IACL,IAAA,uBAAU,EAAC,SAAS,CAAC;IACA,WAAA,IAAA,iBAAI,GAAE,CAAA;IAAmB,WAAA,IAAA,aAAM,GAAE,CAAA;;qCAApB,WAAS;;6CAe3C;AAGD;IADC,IAAA,WAAI,EAAC,kBAAkB,CAAC;IACK,WAAA,IAAA,WAAI,GAAE,CAAA;;qCAAS,wBAAY;;qDAAI;AAG7D;IADC,IAAA,YAAK,EAAC,kBAAkB,CAAC;IACA,WAAA,IAAA,YAAK,GAAE,CAAA;IAAiB,WAAA,IAAA,WAAI,GAAE,CAAA;;6CAAM,0BAAW;;iDAgBxE;AAjDU,cAAc;IAF1B,IAAA,eAAQ,EAAC,MAAM,CAAC;IAChB,IAAA,qBAAQ,EAAC,MAAM,CAAC;GACJ,cAAc,CAkD1B;AAlDY,wCAAc"}
1
+ {"version":3,"file":"UserController.js","sourceRoot":"","sources":["../../src/controllers/UserController.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sDAAkD;AAClD,wCAAqF;AACrF,wCAAuF;AACvF,oDAAiE;AACjE,oCAAyC;AACzC,8CAA2D;AAC3D,0DAAgD;AAChD,qDAAuC;AAKvC,IAAa,cAAc,GAA3B,MAAa,cAAe,SAAQ,qBAAc;IAYzC,KAAK,CAAC,OAAO,CAAS,IAAe,EAAY,IAAY;QAClE,wBAAwB;QACxB,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE/B,+BAA+B;QAC/B,MAAM,GAAG,GAAmB,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAChE,IAAI,GAAG,EAAE;YACP,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACxD,IAAI,OAAO,EAAE;gBACX,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;aAC5C;SACF;QAED,OAAO,IAAI,SAAE,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IAClC,CAAC;IAGM,KAAK,CAAC,WAAW,CAAS,IAAe,EAAU,GAAgB;QACxE,IAAI,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,eAAe,EAAE;YACxC,MAAM,IAAI,4BAAe,CAAC,yBAAyB,CAAC,CAAC;SACtD;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;QAEnF,IAAI,CAAC,OAAO,EAAE;YACZ,MAAM,IAAI,sBAAS,CAAC,2BAA2B,CAAC,CAAC;SAClD;QAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,CAAC,QAAQ,GAAG,cAAc,CAAC;QAC/B,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACpB,OAAO,IAAI,SAAE,EAAE,CAAC;IAClB,CAAC;CACF,CAAA;AA5CC;IADC,IAAA,eAAU,GAAE;8BACe,uBAAgB;wDAAC;AAG7C;IADC,IAAA,sBAAM,EAAC,oBAAoB,CAAC;;qDACG;AAGhC;IADC,IAAA,eAAU,GAAE;8BACc,sBAAe;uDAAC;AAI3C;IAFC,IAAA,UAAG,GAAE;IACL,IAAA,uBAAU,EAAC,SAAS,CAAC;IACA,WAAA,IAAA,iBAAI,GAAE,CAAA;IAAmB,WAAA,IAAA,aAAM,GAAE,CAAA;;qCAApB,WAAS;;6CAe3C;AAGD;IADC,IAAA,YAAK,EAAC,WAAW,CAAC;IACO,WAAA,IAAA,iBAAI,GAAE,CAAA;IAAmB,WAAA,IAAA,WAAI,GAAE,CAAA;;qCAAlB,WAAS,EAAe,0BAAW;;iDAezE;AA7CU,cAAc;IAF1B,IAAA,eAAQ,EAAC,MAAM,CAAC;IAChB,IAAA,qBAAQ,EAAC,MAAM,CAAC;GACJ,cAAc,CA8C1B;AA9CY,wCAAc"}
package/lib/controllers/UserMetadata.js CHANGED
@@ -63,4 +63,8 @@ UserMetaController = __decorate([
63
63
  (0, decorators_1.Resource)('user.metadata')
64
64
  ], UserMetaController);
65
65
  exports.UserMetaController = UserMetaController;
66
+ // function userOwnerPermissionStrategy(){
67
+ // // 1. obtain current logged user
68
+ // // 2. find
69
+ // }
66
70
  //# sourceMappingURL=UserMetadata.js.map
package/lib/controllers/UserMetadata.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"UserMetadata.js","sourceRoot":"","sources":["../../src/controllers/UserMetadata.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,wCAAqE;AACrE,wCAAgE;AAChE,gDAA2C;AAC3C,8CAAiD;AACjD,gDAAuD;AAIvD,IAAa,kBAAkB,GAA/B,MAAa,kBAAkB;IAGtB,KAAK,CAAC,WAAW,CAAS,MAAiB,EAAe,IAAe,EAAa,IAAkB;QAC7G,IAAI,MAAM,CAAC,EAAE,KAAK,IAAI,CAAC,EAAE,EAAE;YACzB,MAAM,IAAI,gBAAS,CAAC,qCAAqC,CAAC,CAAC;SAC5D;QAED,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC9B,OAAO,IAAI,SAAE,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;IAIM,KAAK,CAAC,cAAc,CAAS,MAAiB,EAAe,IAAe,EAAe,IAAkB;QAClH,IAAI,MAAM,CAAC,EAAE,KAAK,IAAI,CAAC,EAAE,EAAE;YACzB,MAAM,IAAI,gBAAS,CAAC,qCAAqC,CAAC,CAAC;SAC5D;QAED,MAAM,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC3B,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,KAAK,MAAM,CAAC,EAAE,EAAE;YACpC,MAAM,IAAI,gBAAS,CAAC,8CAA8C,CAAC,CAAC;SACrE;QAED,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAEpB,OAAO,IAAI,SAAE,EAAE,CAAC;IAClB,CAAC;CACF,CAAA;AAzBC;IAFC,IAAA,WAAI,GAAE;IACN,IAAA,uBAAU,EAAC,WAAW,CAAC;IACE,WAAA,IAAA,iBAAI,GAAE,CAAA;IAAqB,WAAA,IAAA,oBAAS,GAAE,CAAA;IAAmB,WAAA,IAAA,kBAAO,GAAE,CAAA;;qCAAnD,WAAS,EAAqB,WAAS,EAAmB,mBAAY;;qDAO9G;AAID;IAFC,IAAA,YAAK,EAAC,2BAA2B,CAAC;IAClC,IAAA,uBAAU,EAAC,WAAW,CAAC;IACK,WAAA,IAAA,iBAAI,GAAE,CAAA;IAAqB,WAAA,IAAA,oBAAS,GAAE,CAAA;IAAmB,WAAA,IAAA,oBAAS,GAAE,CAAA;;qCAArD,WAAS,EAAqB,WAAS,EAAqB,mBAAY;;wDAanH;AA3BU,kBAAkB;IAF9B,IAAA,eAAQ,EAAC,qBAAqB,CAAC;IAC/B,IAAA,qBAAQ,EAAC,eAAe,CAAC;GACb,kBAAkB,CA4B9B;AA5BY,gDAAkB"}
1
+ {"version":3,"file":"UserMetadata.js","sourceRoot":"","sources":["../../src/controllers/UserMetadata.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,wCAAqE;AACrE,wCAAgE;AAChE,gDAA2C;AAC3C,8CAAiD;AACjD,gDAAuD;AAIvD,IAAa,kBAAkB,GAA/B,MAAa,kBAAkB;IAGtB,KAAK,CAAC,WAAW,CAAS,MAAiB,EAAe,IAAe,EAAa,IAAkB;QAC7G,IAAI,MAAM,CAAC,EAAE,KAAK,IAAI,CAAC,EAAE,EAAE;YACzB,MAAM,IAAI,gBAAS,CAAC,qCAAqC,CAAC,CAAC;SAC5D;QAED,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC9B,OAAO,IAAI,SAAE,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;IAIM,KAAK,CAAC,cAAc,CAAS,MAAiB,EAAe,IAAe,EAAe,IAAkB;QAClH,IAAI,MAAM,CAAC,EAAE,KAAK,IAAI,CAAC,EAAE,EAAE;YACzB,MAAM,IAAI,gBAAS,CAAC,qCAAqC,CAAC,CAAC;SAC5D;QAED,MAAM,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC3B,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,KAAK,MAAM,CAAC,EAAE,EAAE;YACpC,MAAM,IAAI,gBAAS,CAAC,8CAA8C,CAAC,CAAC;SACrE;QAED,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QAEpB,OAAO,IAAI,SAAE,EAAE,CAAC;IAClB,CAAC;CACF,CAAA;AAzBC;IAFC,IAAA,WAAI,GAAE;IACN,IAAA,uBAAU,EAAC,WAAW,CAAC;IACE,WAAA,IAAA,iBAAI,GAAE,CAAA;IAAqB,WAAA,IAAA,oBAAS,GAAE,CAAA;IAAmB,WAAA,IAAA,kBAAO,GAAE,CAAA;;qCAAnD,WAAS,EAAqB,WAAS,EAAmB,mBAAY;;qDAO9G;AAID;IAFC,IAAA,YAAK,EAAC,2BAA2B,CAAC;IAClC,IAAA,uBAAU,EAAC,WAAW,CAAC;IACK,WAAA,IAAA,iBAAI,GAAE,CAAA;IAAqB,WAAA,IAAA,oBAAS,GAAE,CAAA;IAAmB,WAAA,IAAA,oBAAS,GAAE,CAAA;;qCAArD,WAAS,EAAqB,WAAS,EAAqB,mBAAY;;wDAanH;AA3BU,kBAAkB;IAF9B,IAAA,eAAQ,EAAC,qBAAqB,CAAC;IAC/B,IAAA,qBAAQ,EAAC,eAAe,CAAC;GACb,kBAAkB,CA4B9B;AA5BY,gDAAkB;AA8B/B,0CAA0C;AAE1C,sCAAsC;AACtC,gBAAgB;AAEhB,IAAI"}
package/lib/decorators.js CHANGED
@@ -57,17 +57,13 @@ exports.Resource = Resource;
57
57
  */
58
58
  function Permission(permission = 'readOwn') {
59
59
  return descriptor((metadata, target, propertyKey) => {
60
- let route = null;
61
60
  if (propertyKey) {
62
- if (metadata.Routes.has(propertyKey)) {
63
- route = metadata.Routes.get(propertyKey);
64
- }
65
- else {
66
- route = {
61
+ if (!metadata.Routes.has(propertyKey)) {
62
+ const route = {
67
63
  Permission: permission,
68
64
  };
65
+ metadata.Routes.set(propertyKey, route);
69
66
  }
70
- metadata.Routes.set(propertyKey, route);
71
67
  }
72
68
  (0, http_1.Policy)(RbacPolicy_1.RbacPolicy)(target, propertyKey, null);
73
69
  });
package/lib/decorators.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"decorators.js","sourceRoot":"","sources":["../src/decorators.ts"],"names":[],"mappings":";;;AACA,wCAAyD;AACzD,sDAAmD;AAEtC,QAAA,yBAAyB,GAAG,MAAM,CAAC,kCAAkC,CAAC,CAAC;AAEpF,SAAgB,eAAe,CAAC,MAAW,EAAE,QAAyC;IACpF,IAAI,QAAQ,GAAoB,OAAO,CAAC,WAAW,CAAC,iCAAyB,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;IAC3G,IAAI,CAAC,QAAQ,EAAE;QACb,QAAQ,GAAG;YACT,QAAQ,EAAE,EAAE;YACZ,MAAM,EAAE,IAAI,GAAG,EAA0C;YACzD,UAAU,EAAE,SAAS;SACtB,CAAC;QAEF,OAAO,CAAC,cAAc,CAAC,iCAAyB,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;KACzF;IAED,IAAI,QAAQ,EAAE;QACZ,QAAQ,CAAC,QAAQ,CAAC,CAAC;KACpB;AACH,CAAC;AAfD,0CAeC;AAED,SAAS,UAAU,CAAC,QAA0I;IAC5J,OAAO,CAAC,MAAW,EAAE,WAA4B,EAAE,iBAA8C,EAAE,EAAE;QACnG,IAAI,QAAQ,GAAoB,OAAO,CAAC,WAAW,CAAC,iCAAyB,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;QAC3G,IAAI,CAAC,QAAQ,EAAE;YACb,QAAQ,GAAG;gBACT,QAAQ,EAAE,EAAE;gBACZ,MAAM,EAAE,IAAI,GAAG,EAA0C;gBACzD,UAAU,EAAE,SAAS;aACtB,CAAC;YAEF,OAAO,CAAC,cAAc,CAAC,iCAAyB,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;SACzF;QAED,IAAI,QAAQ,EAAE;YACZ,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,iBAAiB,CAAC,CAAC;SAC5D;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAgB,QAAQ,CAAC,QAAgB,EAAE,aAA6B,SAAS;IAC/E,OAAO,UAAU,CAAC,CAAC,QAAyB,EAAE,MAAW,EAAE,EAAE;QAC3D,IAAA,aAAM,EAAC,uBAAU,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QAEvC,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAC7B,QAAQ,CAAC,UAAU,GAAG,UAAU,CAAC;IACnC,CAAC,CAAC,CAAC;AACL,CAAC;AAPD,4BAOC;AAED;;;;;GAKG;AACH,SAAgB,UAAU,CAAC,aAA6B,SAAS;IAC/D,OAAO,UAAU,CAAC,CAAC,QAAyB,EAAE,MAAW,EAAE,WAAmB,EAAE,EAAE;QAChF,IAAI,KAAK,GAAmC,IAAI,CAAC;QAEjD,IAAI,WAAW,EAAE;YACf,IAAI,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;gBACpC,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;aAC1C;iBAAM;gBACL,KAAK,GAAG;oBACN,UAAU,EAAE,UAAU;iBACvB,CAAC;aACH;YAED,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;SACzC;QAED,IAAA,aAAM,EAAC,uBAAU,CAAC,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC;AAlBD,gCAkBC;AAED;;GAEG;AACH,SAAgB,IAAI;IAClB,OAAO,IAAA,YAAK,EAAC,IAAA,gBAAS,EAAC,SAAS,CAAC,CAAC,CAAC;AACrC,CAAC;AAFD,oBAEC;AAED;;GAEG;AACH,SAAgB,OAAO;IACrB,OAAO,IAAA,YAAK,EAAC,IAAA,gBAAS,EAAC,YAAY,CAAC,CAAC,CAAC;AACxC,CAAC;AAFD,0BAEC"}
1
+ {"version":3,"file":"decorators.js","sourceRoot":"","sources":["../src/decorators.ts"],"names":[],"mappings":";;;AACA,wCAAyD;AACzD,sDAAmD;AAEtC,QAAA,yBAAyB,GAAG,MAAM,CAAC,kCAAkC,CAAC,CAAC;AAEpF,SAAgB,eAAe,CAAC,MAAW,EAAE,QAAyC;IACpF,IAAI,QAAQ,GAAoB,OAAO,CAAC,WAAW,CAAC,iCAAyB,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;IAC3G,IAAI,CAAC,QAAQ,EAAE;QACb,QAAQ,GAAG;YACT,QAAQ,EAAE,EAAE;YACZ,MAAM,EAAE,IAAI,GAAG,EAA0C;YACzD,UAAU,EAAE,SAAS;SACtB,CAAC;QAEF,OAAO,CAAC,cAAc,CAAC,iCAAyB,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;KACzF;IAED,IAAI,QAAQ,EAAE;QACZ,QAAQ,CAAC,QAAQ,CAAC,CAAC;KACpB;AACH,CAAC;AAfD,0CAeC;AAED,SAAS,UAAU,CAAC,QAA0I;IAC5J,OAAO,CAAC,MAAW,EAAE,WAA4B,EAAE,iBAA8C,EAAE,EAAE;QACnG,IAAI,QAAQ,GAAoB,OAAO,CAAC,WAAW,CAAC,iCAAyB,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;QAC3G,IAAI,CAAC,QAAQ,EAAE;YACb,QAAQ,GAAG;gBACT,QAAQ,EAAE,EAAE;gBACZ,MAAM,EAAE,IAAI,GAAG,EAA0C;gBACzD,UAAU,EAAE,SAAS;aACtB,CAAC;YAEF,OAAO,CAAC,cAAc,CAAC,iCAAyB,EAAE,QAAQ,EAAE,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;SACzF;QAED,IAAI,QAAQ,EAAE;YACZ,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,iBAAiB,CAAC,CAAC;SAC5D;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAgB,QAAQ,CAAC,QAAgB,EAAE,aAA6B,SAAS;IAC/E,OAAO,UAAU,CAAC,CAAC,QAAyB,EAAE,MAAW,EAAE,EAAE;QAC3D,IAAA,aAAM,EAAC,uBAAU,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QAEvC,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAC7B,QAAQ,CAAC,UAAU,GAAG,UAAU,CAAC;IACnC,CAAC,CAAC,CAAC;AACL,CAAC;AAPD,4BAOC;AAED;;;;;GAKG;AACH,SAAgB,UAAU,CAAC,aAA6B,SAAS;IAC/D,OAAO,UAAU,CAAC,CAAC,QAAyB,EAAE,MAAW,EAAE,WAAmB,EAAE,EAAE;QAChF,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;gBACrC,MAAM,KAAK,GAAG;oBACZ,UAAU,EAAE,UAAU;iBACvB,CAAC;gBACF,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;aACzC;SACF;QAED,IAAA,aAAM,EAAC,uBAAU,CAAC,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC;AAbD,gCAaC;AAED;;GAEG;AACH,SAAgB,IAAI;IAClB,OAAO,IAAA,YAAK,EAAC,IAAA,gBAAS,EAAC,SAAS,CAAC,CAAC,CAAC;AACrC,CAAC;AAFD,oBAEC;AAED;;GAEG;AACH,SAAgB,OAAO;IACrB,OAAO,IAAA,YAAK,EAAC,IAAA,gBAAS,EAAC,YAAY,CAAC,CAAC,CAAC;AACxC,CAAC;AAFD,0BAEC"}
package/lib/dto/restore-password-dto.d.ts ADDED
@@ -0,0 +1,23 @@
1
+ export declare const RestorePasswordDtoSchema: {
2
+ $schema: string;
3
+ title: string;
4
+ type: string;
5
+ properties: {
6
+ Password: {
7
+ type: string;
8
+ maxLength: number;
9
+ minLength: number;
10
+ };
11
+ ConfirmPassword: {
12
+ type: string;
13
+ maxLength: number;
14
+ minLength: number;
15
+ };
16
+ };
17
+ required: string[];
18
+ };
19
+ export declare class RestorePasswordDto {
20
+ Password: string;
21
+ ConfirmPassword: string;
22
+ constructor(data: any);
23
+ }
package/lib/dto/restore-password-dto.js ADDED
@@ -0,0 +1,34 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ var __metadata = (this && this.__metadata) || function (k, v) {
9
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
+ };
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.RestorePasswordDto = exports.RestorePasswordDtoSchema = void 0;
13
+ const validation_1 = require("@spinajs/validation");
14
+ exports.RestorePasswordDtoSchema = {
15
+ $schema: 'http://json-schema.org/draft-07/schema#',
16
+ title: 'User password DTO',
17
+ type: 'object',
18
+ properties: {
19
+ Password: { type: 'string', maxLength: 32, minLength: 6 },
20
+ ConfirmPassword: { type: 'string', maxLength: 32, minLength: 6 },
21
+ },
22
+ required: ['Password', 'ConfirmPassword'],
23
+ };
24
+ let RestorePasswordDto = class RestorePasswordDto {
25
+ constructor(data) {
26
+ Object.assign(this, data);
27
+ }
28
+ };
29
+ RestorePasswordDto = __decorate([
30
+ (0, validation_1.Schema)(exports.RestorePasswordDtoSchema),
31
+ __metadata("design:paramtypes", [Object])
32
+ ], RestorePasswordDto);
33
+ exports.RestorePasswordDto = RestorePasswordDto;
34
+ //# sourceMappingURL=restore-password-dto.js.map
package/lib/dto/restore-password-dto.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"restore-password-dto.js","sourceRoot":"","sources":["../../src/dto/restore-password-dto.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oDAA6C;AAEhC,QAAA,wBAAwB,GAAG;IACtC,OAAO,EAAE,yCAAyC;IAClD,KAAK,EAAE,mBAAmB;IAC1B,IAAI,EAAE,QAAQ;IACd,UAAU,EAAE;QACV,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE;QACzD,eAAe,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE;KACjE;IACD,QAAQ,EAAE,CAAC,UAAU,EAAE,iBAAiB,CAAC;CAC1C,CAAC;AAGF,IAAa,kBAAkB,GAA/B,MAAa,kBAAkB;IAK7B,YAAY,IAAS;QACnB,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC5B,CAAC;CACF,CAAA;AARY,kBAAkB;IAD9B,IAAA,mBAAM,EAAC,gCAAwB,CAAC;;GACpB,kBAAkB,CAQ9B;AARY,gDAAkB"}
package/lib/events/UserLoginFailed.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import { QueueEvent } from '@spinajs/queue';
2
+ export declare class UserLoginFailed extends QueueEvent {
3
+ UserUUID: string;
4
+ constructor(UserUUID: string);
5
+ }
package/lib/events/UserLoginFailed.js ADDED
@@ -0,0 +1,25 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ var __metadata = (this && this.__metadata) || function (k, v) {
9
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
+ };
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.UserLoginFailed = void 0;
13
+ const queue_1 = require("@spinajs/queue");
14
+ let UserLoginFailed = class UserLoginFailed extends queue_1.QueueEvent {
15
+ constructor(UserUUID) {
16
+ super();
17
+ this.UserUUID = UserUUID;
18
+ }
19
+ };
20
+ UserLoginFailed = __decorate([
21
+ (0, queue_1.Event)(),
22
+ __metadata("design:paramtypes", [String])
23
+ ], UserLoginFailed);
24
+ exports.UserLoginFailed = UserLoginFailed;
25
+ //# sourceMappingURL=UserLoginFailed.js.map
package/lib/events/UserLoginFailed.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"UserLoginFailed.js","sourceRoot":"","sources":["../../src/events/UserLoginFailed.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,0CAAmD;AAGnD,IAAa,eAAe,GAA5B,MAAa,eAAgB,SAAQ,kBAAU;IAC7C,YAAmB,QAAgB;QACjC,KAAK,EAAE,CAAC;QADS,aAAQ,GAAR,QAAQ,CAAQ;IAEnC,CAAC;CACF,CAAA;AAJY,eAAe;IAD3B,IAAA,aAAK,GAAE;;GACK,eAAe,CAI3B;AAJY,0CAAe"}
package/lib/events/UserLoginSuccess.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import { QueueEvent } from '@spinajs/queue';
2
+ export declare class UserLoginSuccess extends QueueEvent {
3
+ UserUUID: string;
4
+ constructor(UserUUID: string);
5
+ }
package/lib/events/UserLoginSuccess.js ADDED
@@ -0,0 +1,25 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ var __metadata = (this && this.__metadata) || function (k, v) {
9
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
+ };
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.UserLoginSuccess = void 0;
13
+ const queue_1 = require("@spinajs/queue");
14
+ let UserLoginSuccess = class UserLoginSuccess extends queue_1.QueueEvent {
15
+ constructor(UserUUID) {
16
+ super();
17
+ this.UserUUID = UserUUID;
18
+ }
19
+ };
20
+ UserLoginSuccess = __decorate([
21
+ (0, queue_1.Event)(),
22
+ __metadata("design:paramtypes", [String])
23
+ ], UserLoginSuccess);
24
+ exports.UserLoginSuccess = UserLoginSuccess;
25
+ //# sourceMappingURL=UserLoginSuccess.js.map
package/lib/events/UserLoginSuccess.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"UserLoginSuccess.js","sourceRoot":"","sources":["../../src/events/UserLoginSuccess.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,0CAAmD;AAGnD,IAAa,gBAAgB,GAA7B,MAAa,gBAAiB,SAAQ,kBAAU;IAC9C,YAAmB,QAAgB;QACjC,KAAK,EAAE,CAAC;QADS,aAAQ,GAAR,QAAQ,CAAQ;IAEnC,CAAC;CACF,CAAA;AAJY,gBAAgB;IAD5B,IAAA,aAAK,GAAE;;GACK,gBAAgB,CAI5B;AAJY,4CAAgB"}
package/lib/events/UserPassordRestore.d.ts ADDED
@@ -0,0 +1,6 @@
1
+ import { QueueEvent } from '@spinajs/queue';
2
+ export declare class UserPasswordRestore extends QueueEvent {
3
+ UserUUID: string;
4
+ resetToken: string;
5
+ constructor(UserUUID: string, resetToken: string);
6
+ }
package/lib/events/UserPassordRestore.js ADDED
@@ -0,0 +1,26 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ var __metadata = (this && this.__metadata) || function (k, v) {
9
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
+ };
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.UserPasswordRestore = void 0;
13
+ const queue_1 = require("@spinajs/queue");
14
+ let UserPasswordRestore = class UserPasswordRestore extends queue_1.QueueEvent {
15
+ constructor(UserUUID, resetToken) {
16
+ super();
17
+ this.UserUUID = UserUUID;
18
+ this.resetToken = resetToken;
19
+ }
20
+ };
21
+ UserPasswordRestore = __decorate([
22
+ (0, queue_1.Event)(),
23
+ __metadata("design:paramtypes", [String, String])
24
+ ], UserPasswordRestore);
25
+ exports.UserPasswordRestore = UserPasswordRestore;
26
+ //# sourceMappingURL=UserPassordRestore.js.map
package/lib/events/UserPassordRestore.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"UserPassordRestore.js","sourceRoot":"","sources":["../../src/events/UserPassordRestore.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,0CAAmD;AAGnD,IAAa,mBAAmB,GAAhC,MAAa,mBAAoB,SAAQ,kBAAU;IACjD,YAAmB,QAAgB,EAAS,UAAkB;QAC5D,KAAK,EAAE,CAAC;QADS,aAAQ,GAAR,QAAQ,CAAQ;QAAS,eAAU,GAAV,UAAU,CAAQ;IAE9D,CAAC;CACF,CAAA;AAJY,mBAAmB;IAD/B,IAAA,aAAK,GAAE;;GACK,mBAAmB,CAI/B;AAJY,kDAAmB"}
package/lib/fingerprint/FingerprintJs.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ import { FingerprintProvider } from '../interfaces';
2
+ export declare class FingerprintJs extends FingerprintProvider {
3
+ }
package/lib/fingerprint/FingerprintJs.js ADDED
@@ -0,0 +1,18 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ Object.defineProperty(exports, "__esModule", { value: true });
9
+ exports.FingerprintJs = void 0;
10
+ const di_1 = require("@spinajs/di");
11
+ const interfaces_1 = require("../interfaces");
12
+ let FingerprintJs = class FingerprintJs extends interfaces_1.FingerprintProvider {
13
+ };
14
+ FingerprintJs = __decorate([
15
+ (0, di_1.Injectable)(interfaces_1.FingerprintProvider)
16
+ ], FingerprintJs);
17
+ exports.FingerprintJs = FingerprintJs;
18
+ //# sourceMappingURL=FingerprintJs.js.map
package/lib/fingerprint/FingerprintJs.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"FingerprintJs.js","sourceRoot":"","sources":["../../src/fingerprint/FingerprintJs.ts"],"names":[],"mappings":";;;;;;;;;AAAA,oCAAyC;AACzC,8CAAoD;AAGpD,IAAa,aAAa,GAA1B,MAAa,aAAc,SAAQ,gCAAmB;CAAG,CAAA;AAA5C,aAAa;IADzB,IAAA,eAAU,EAAC,gCAAmB,CAAC;GACnB,aAAa,CAA+B;AAA5C,sCAAa"}
package/lib/interfaces.d.ts CHANGED
@@ -54,8 +54,6 @@ export declare abstract class TwoFactorAuthProvider {
54
54
  }
55
55
  export declare abstract class FingerprintProvider {
56
56
  }
57
- export interface AuthProvider {
58
- }
59
57
  export interface TwoFactorAuthConfig {
60
58
  enabled: boolean;
61
59
  service: string;
package/lib/middlewares/AttributeFilter.d.ts ADDED
@@ -0,0 +1,10 @@
1
+ import { RouteMiddleware, IController, IRoute } from '@spinajs/http';
2
+ /**
3
+ * Filters attributes of db models
4
+ */
5
+ export declare class FilterAttribute extends RouteMiddleware {
6
+ onResponse(): Promise<void>;
7
+ isEnabled(_action: IRoute, _instance: IController): boolean;
8
+ onBefore(): Promise<void>;
9
+ onAfter(): Promise<void>;
10
+ }
package/lib/middlewares/AttributeFilter.js ADDED
@@ -0,0 +1,19 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.FilterAttribute = void 0;
4
+ const http_1 = require("@spinajs/http");
5
+ /**
6
+ * Filters attributes of db models
7
+ */
8
+ class FilterAttribute extends http_1.RouteMiddleware {
9
+ async onResponse() { }
10
+ isEnabled(_action, _instance) {
11
+ return true;
12
+ }
13
+ // tslint:disable-next-line: no-empty
14
+ async onBefore() { }
15
+ // tslint:disable-next-line: no-empty
16
+ async onAfter() { }
17
+ }
18
+ exports.FilterAttribute = FilterAttribute;
19
+ //# sourceMappingURL=AttributeFilter.js.map
package/lib/middlewares/AttributeFilter.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"AttributeFilter.js","sourceRoot":"","sources":["../../src/middlewares/AttributeFilter.ts"],"names":[],"mappings":";;;AAAA,wCAAqE;AAErE;;GAEG;AACH,MAAa,eAAgB,SAAQ,sBAAe;IAC3C,KAAK,CAAC,UAAU,KAAmB,CAAC;IAEpC,SAAS,CAAC,OAAe,EAAE,SAAsB;QACtD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,qCAAqC;IAC9B,KAAK,CAAC,QAAQ,KAAmB,CAAC;IAEzC,qCAAqC;IAC9B,KAAK,CAAC,OAAO,KAAmB,CAAC;CACzC;AAZD,0CAYC"}
package/lib/middlewares.d.ts CHANGED
@@ -5,7 +5,7 @@ import { Request as sRequest, ServerMiddleware } from '@spinajs/http';
5
5
  export declare class RbacMiddleware extends ServerMiddleware {
6
6
  protected CoockieSecret: string;
7
7
  protected SessionProvider: SessionProvider;
8
- resolveAsync(): Promise<void>;
8
+ resolve(): Promise<void>;
9
9
  before(): (req: sRequest, res: express.Response, next: express.NextFunction) => void;
10
10
  after(): (req: sRequest, res: express.Response, next: express.NextFunction) => void;
11
11
  }
package/lib/middlewares.js CHANGED
@@ -40,7 +40,7 @@ const configuration_1 = require("@spinajs/configuration");
40
40
  const cs = __importStar(require("cookie-signature"));
41
41
  const http_1 = require("@spinajs/http");
42
42
  let RbacMiddleware = class RbacMiddleware extends http_1.ServerMiddleware {
43
- async resolveAsync() {
43
+ async resolve() {
44
44
  if (!this.CoockieSecret) {
45
45
  throw new Error('http.cookie.secres is not set, cannot start UserFromSessionMiddleware. Set this value in configuration file !');
46
46
  }
package/lib/middlewares.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"middlewares.js","sourceRoot":"","sources":["../src/middlewares.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wCAAsD;AACtD,oCAAqD;AACrD,4BAA0B;AAE1B,0DAAgD;AAChD,qDAAuC;AACvC,wCAAsE;AAGtE,IAAa,cAAc,GAA3B,MAAa,cAAe,SAAQ,uBAAgB;IAO3C,KAAK,CAAC,YAAY;QACvB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE;YACvB,MAAM,IAAI,KAAK,CAAC,+GAA+G,CAAC,CAAC;SAClI;IACH,CAAC;IAEM,MAAM;QACX,OAAO,KAAK,EAAE,GAAa,EAAE,IAAsB,EAAE,IAA0B,EAAE,EAAE;YACjF,IAAI;gBACF,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE;oBACpB,MAAM,IAAI,GAAmB,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;oBAC7E,IAAI,IAAI,EAAE;wBACR,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;wBACzD,IAAI,OAAO,EAAE;4BACX,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,IAAI,WAAI,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;4BACtD,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;yBAC/B;6BAAM;4BACL,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;yBACzB;qBACF;yBAAM;wBACL,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;qBACzB;iBACF;gBACD,IAAI,EAAE,CAAC;aACR;YAAC,OAAO,GAAG,EAAE;gBACZ,IAAI,CAAC,GAAG,CAAC,CAAC;aACX;QACH,CAAC,CAAC;IACJ,CAAC;IACM,KAAK;QACV,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AArCC;IADC,IAAA,sBAAM,EAAC,oBAAoB,CAAC;;qDACG;AAGhC;IADC,IAAA,eAAU,GAAE;8BACc,sBAAe;uDAAC;AALhC,cAAc;IAD1B,IAAA,eAAU,EAAC,uBAAgB,CAAC;GAChB,cAAc,CAuC1B;AAvCY,wCAAc"}
1
+ {"version":3,"file":"middlewares.js","sourceRoot":"","sources":["../src/middlewares.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wCAAsD;AACtD,oCAAqD;AACrD,4BAA0B;AAE1B,0DAAgD;AAChD,qDAAuC;AACvC,wCAAsE;AAGtE,IAAa,cAAc,GAA3B,MAAa,cAAe,SAAQ,uBAAgB;IAO3C,KAAK,CAAC,OAAO;QAClB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE;YACvB,MAAM,IAAI,KAAK,CAAC,+GAA+G,CAAC,CAAC;SAClI;IACH,CAAC;IAEM,MAAM;QACX,OAAO,KAAK,EAAE,GAAa,EAAE,IAAsB,EAAE,IAA0B,EAAE,EAAE;YACjF,IAAI;gBACF,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE;oBACpB,MAAM,IAAI,GAAmB,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;oBAC7E,IAAI,IAAI,EAAE;wBACR,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;wBACzD,IAAI,OAAO,EAAE;4BACX,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,IAAI,WAAI,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;4BACtD,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;yBAC/B;6BAAM;4BACL,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;yBACzB;qBACF;yBAAM;wBACL,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;qBACzB;iBACF;gBACD,IAAI,EAAE,CAAC;aACR;YAAC,OAAO,GAAG,EAAE;gBACZ,IAAI,CAAC,GAAG,CAAC,CAAC;aACX;QACH,CAAC,CAAC;IACJ,CAAC;IACM,KAAK;QACV,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AArCC;IADC,IAAA,sBAAM,EAAC,oBAAoB,CAAC;;qDACG;AAGhC;IADC,IAAA,eAAU,GAAE;8BACc,sBAAe;uDAAC;AALhC,cAAc;IAD1B,IAAA,eAAU,EAAC,uBAAgB,CAAC;GAChB,cAAc,CAuC1B;AAvCY,wCAAc"}
package/lib/policies/LoggedPolicy.d.ts ADDED
@@ -0,0 +1,9 @@
1
+ import { BasePolicy, IController, IRoute, Request as sRequest } from '@spinajs/http';
2
+ /**
3
+ * Simple policy to only check if user is authorized ( do not check permissions for routes)
4
+ * Usefull if we want to give acces for all logged users
5
+ */
6
+ export declare class LoggedPolicy extends BasePolicy {
7
+ isEnabled(_action: IRoute, _instance: IController): boolean;
8
+ execute(req: sRequest): Promise<void>;
9
+ }
package/lib/policies/LoggedPolicy.js ADDED
@@ -0,0 +1,23 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.LoggedPolicy = void 0;
4
+ const http_1 = require("@spinajs/http");
5
+ const exceptions_1 = require("@spinajs/exceptions");
6
+ /**
7
+ * Simple policy to only check if user is authorized ( do not check permissions for routes)
8
+ * Usefull if we want to give acces for all logged users
9
+ */
10
+ class LoggedPolicy extends http_1.BasePolicy {
11
+ isEnabled(_action, _instance) {
12
+ // acl is always on if set
13
+ return true;
14
+ }
15
+ async execute(req) {
16
+ if (!req.storage || !req.storage.user || !req.storage.session.Data.get('Authorized')) {
17
+ throw new exceptions_1.Forbidden('user not logged or session expired');
18
+ }
19
+ return Promise.resolve();
20
+ }
21
+ }
22
+ exports.LoggedPolicy = LoggedPolicy;
23
+ //# sourceMappingURL=LoggedPolicy.js.map
package/lib/policies/LoggedPolicy.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"LoggedPolicy.js","sourceRoot":"","sources":["../../src/policies/LoggedPolicy.ts"],"names":[],"mappings":";;;AAAA,wCAAqF;AACrF,oDAAgD;AAEhD;;;GAGG;AACH,MAAa,YAAa,SAAQ,iBAAU;IACnC,SAAS,CAAC,OAAe,EAAE,SAAsB;QACtD,0BAA0B;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,GAAa;QAChC,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE;YACpF,MAAM,IAAI,sBAAS,CAAC,oCAAoC,CAAC,CAAC;SAC3D;QAED,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;CACF;AAbD,oCAaC"}
package/lib/policies/NotLoggedPolicy.d.ts ADDED
@@ -0,0 +1,9 @@
1
+ import { BasePolicy, IController, IRoute, Request as sRequest } from '@spinajs/http';
2
+ /**
3
+ * Simple policy to only check if user is authorized ( do not check permissions for routes)
4
+ * Usefull if we want to give acces for all logged users
5
+ */
6
+ export declare class NotLoggedPolicy extends BasePolicy {
7
+ isEnabled(_action: IRoute, _instance: IController): boolean;
8
+ execute(req: sRequest): Promise<void>;
9
+ }
package/lib/policies/NotLoggedPolicy.js ADDED
@@ -0,0 +1,22 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.NotLoggedPolicy = void 0;
4
+ const http_1 = require("@spinajs/http");
5
+ const exceptions_1 = require("@spinajs/exceptions");
6
+ /**
7
+ * Simple policy to only check if user is authorized ( do not check permissions for routes)
8
+ * Usefull if we want to give acces for all logged users
9
+ */
10
+ class NotLoggedPolicy extends http_1.BasePolicy {
11
+ isEnabled(_action, _instance) {
12
+ return true;
13
+ }
14
+ async execute(req) {
15
+ if (!req.storage || !req.storage.user || !req.storage.session.Data.get('Authorized')) {
16
+ return Promise.resolve();
17
+ }
18
+ throw new exceptions_1.InvalidOperation('Cannot perform action when user is logged.');
19
+ }
20
+ }
21
+ exports.NotLoggedPolicy = NotLoggedPolicy;
22
+ //# sourceMappingURL=NotLoggedPolicy.js.map
package/lib/policies/NotLoggedPolicy.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"NotLoggedPolicy.js","sourceRoot":"","sources":["../../src/policies/NotLoggedPolicy.ts"],"names":[],"mappings":";;;AAAA,wCAAqF;AACrF,oDAAuD;AAEvD;;;GAGG;AACH,MAAa,eAAgB,SAAQ,iBAAU;IACtC,SAAS,CAAC,OAAe,EAAE,SAAsB;QACtD,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,KAAK,CAAC,OAAO,CAAC,GAAa;QAChC,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE;YACpF,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;SAC1B;QAED,MAAM,IAAI,6BAAgB,CAAC,4CAA4C,CAAC,CAAC;IAC3E,CAAC;CACF;AAZD,0CAYC"}
package/lib/policies/captchaPolicy.d.ts ADDED
File without changes
package/lib/policies/captchaPolicy.js ADDED
@@ -0,0 +1 @@
1
+ //# sourceMappingURL=captchaPolicy.js.map
package/lib/policies/captchaPolicy.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"captchaPolicy.js","sourceRoot":"","sources":["../../src/policies/captchaPolicy.ts"],"names":[],"mappings":""}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@spinajs/rbac-http",
3
- "version": "2.0.38",
3
+ "version": "2.0.44",
4
4
  "description": "HTTP API for user session & permissions",
5
5
  "main": "lib/index.js",
6
6
  "private": false,
@@ -38,24 +38,26 @@
38
38
  },
39
39
  "homepage": "https://github.com/spinajs/main#readme",
40
40
  "dependencies": {
41
- "@spinajs/configuration": "^2.0.38",
42
- "@spinajs/di": "^2.0.38",
43
- "@spinajs/exceptions": "^2.0.12",
44
- "@spinajs/http": "^2.0.38",
45
- "@spinajs/log": "^2.0.38",
46
- "@spinajs/orm": "^2.0.38",
47
- "@spinajs/orm-http": "^2.0.38",
48
- "@spinajs/rbac": "^2.0.38",
49
- "@spinajs/reflection": "^2.0.38",
41
+ "@spinajs/configuration": "^2.0.44",
42
+ "@spinajs/di": "^2.0.44",
43
+ "@spinajs/exceptions": "^2.0.39",
44
+ "@spinajs/http": "^2.0.44",
45
+ "@spinajs/log": "^2.0.44",
46
+ "@spinajs/orm": "^2.0.44",
47
+ "@spinajs/orm-http": "^2.0.44",
48
+ "@spinajs/rbac": "^2.0.44",
49
+ "@spinajs/reflection": "^2.0.44",
50
50
  "accesscontrol": "^2.2.1",
51
- "luxon": "^2.4.0",
51
+ "luxon": "^3.2.1",
52
52
  "qrcode": "^1.5.1",
53
- "speakeasy": "^2.0.0"
53
+ "speakeasy": "^2.0.0",
54
+ "uuid": "^8.3.2"
54
55
  },
55
56
  "devDependencies": {
56
- "@spinajs/orm-sqlite": "^2.0.38",
57
+ "@spinajs/orm-sqlite": "^2.0.44",
57
58
  "@types/qrcode": "^1.4.2",
58
- "@types/speakeasy": "^2.0.7"
59
+ "@types/speakeasy": "^2.0.7",
60
+ "@types/uuid": "^8.3.3"
59
61
  },
60
- "gitHead": "5ea5440ee9db49595f531592ebdbc6d69f457082"
62
+ "gitHead": "1857a6e3626e0fed22ffb0b44b48d587c79898db"
61
63
  }