npm - @stamhoofd/backend - Versions diffs - 2.68.0 → 2.69.0 - Mend

@stamhoofd/backend 2.68.0 → 2.69.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/package.json +10 -10
package/src/endpoints/auth/CreateTokenEndpoint.ts +16 -3
package/src/endpoints/auth/PatchUserEndpoint.ts +1 -1
package/src/endpoints/auth/SignupEndpoint.ts +14 -2
package/src/helpers/AdminPermissionChecker.ts +3 -0
package/src/helpers/OpenIDConnectHelper.ts +4 -1

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@stamhoofd/backend",
-    "version": "2.68.0",
+    "version": "2.69.0",
     "main": "./dist/index.js",
     "exports": {
         ".": {
@@ -37,14 +37,14 @@
         "@simonbackx/simple-encoding": "2.19.0",
         "@simonbackx/simple-endpoints": "1.15.0",
         "@simonbackx/simple-logging": "^1.0.1",
-        "@stamhoofd/backend-i18n": "2.68.0",
-        "@stamhoofd/backend-middleware": "2.68.0",
-        "@stamhoofd/email": "2.68.0",
-        "@stamhoofd/models": "2.68.0",
-        "@stamhoofd/queues": "2.68.0",
-        "@stamhoofd/sql": "2.68.0",
-        "@stamhoofd/structures": "2.68.0",
-        "@stamhoofd/utility": "2.68.0",
+        "@stamhoofd/backend-i18n": "2.69.0",
+        "@stamhoofd/backend-middleware": "2.69.0",
+        "@stamhoofd/email": "2.69.0",
+        "@stamhoofd/models": "2.69.0",
+        "@stamhoofd/queues": "2.69.0",
+        "@stamhoofd/sql": "2.69.0",
+        "@stamhoofd/structures": "2.69.0",
+        "@stamhoofd/utility": "2.69.0",
         "archiver": "^7.0.1",
         "aws-sdk": "^2.885.0",
         "axios": "1.6.8",
@@ -64,5 +64,5 @@
     "publishConfig": {
         "access": "public"
     },
-    "gitHead": "6356e14541b66873ca0d2ccd4b660825ac39a7fd"
+    "gitHead": "1cc1c8c1109298b0c712b1e7ddf7ef37054be5a9"
 }

package/src/endpoints/auth/CreateTokenEndpoint.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
 import { SimpleError } from '@simonbackx/simple-errors';
-import { EmailVerificationCode, PasswordToken, Token, User } from '@stamhoofd/models';
-import { ChallengeGrantStruct, CreateTokenStruct, PasswordGrantStruct, PasswordTokenGrantStruct, RefreshTokenGrantStruct, RequestChallengeGrantStruct, SignupResponse, Token as TokenStruct } from '@stamhoofd/structures';
+import { EmailVerificationCode, PasswordToken, Platform, Token, User } from '@stamhoofd/models';
+import { ChallengeGrantStruct, CreateTokenStruct, LoginMethod, PasswordGrantStruct, PasswordTokenGrantStruct, RefreshTokenGrantStruct, RequestChallengeGrantStruct, SignupResponse, Token as TokenStruct } from '@stamhoofd/structures';
 import { Context } from '../../helpers/Context';
@@ -81,8 +81,21 @@ export class CreateTokenEndpoint extends Endpoint<Params, Query, Body, ResponseB
             }
             case 'password': {
-            // Increase timout for legacy
+                // Increase timout for legacy
                 request.request.request?.setTimeout(30 * 1000);
+                if (STAMHOOFD.userMode === 'platform') {
+                    const platform = await Platform.getShared();
+                    if (!platform.config.loginMethods.includes(LoginMethod.Password)) {
+                        throw new SimpleError({
+                            code: 'not_supported',
+                            message: 'This platform does not support password login',
+                            human: 'Dit platform ondersteunt geen wachtwoord login',
+                            statusCode: 400,
+                        });
+                    }
+                }
                 const user = await User.login(organization?.id ?? null, request.body.username, request.body.password);
                 const errBody = {

package/src/endpoints/auth/PatchUserEndpoint.ts CHANGED Viewed

@@ -109,7 +109,7 @@ export class PatchUserEndpoint extends Endpoint<Params, Query, Body, ResponseBod
             }
         }
-        if (editUser.id == user.id && request.body.password) {
+        if (editUser.id === user.id && request.body.password) {
             // password changes
             await editUser.changePassword(request.body.password);
             await PasswordToken.clearFor(editUser.id);

package/src/endpoints/auth/SignupEndpoint.ts CHANGED Viewed

@@ -1,8 +1,8 @@
 import { Decoder } from '@simonbackx/simple-encoding';
 import { DecodedRequest, Endpoint, Request, Response } from '@simonbackx/simple-endpoints';
 import { SimpleError } from '@simonbackx/simple-errors';
-import { EmailVerificationCode, PasswordToken, sendEmailTemplate, User } from '@stamhoofd/models';
-import { EmailTemplateType, NewUser, Recipient, Replacement, SignupResponse } from '@stamhoofd/structures';
+import { EmailVerificationCode, PasswordToken, Platform, sendEmailTemplate, User } from '@stamhoofd/models';
+import { EmailTemplateType, LoginMethod, NewUser, Recipient, Replacement, SignupResponse } from '@stamhoofd/structures';
 import { Context } from '../../helpers/Context';
@@ -30,6 +30,18 @@ export class SignupEndpoint extends Endpoint<Params, Query, Body, ResponseBody>
     async handle(request: DecodedRequest<Params, Query, Body>) {
         const organization = await Context.setUserOrganizationScope();
+        if (STAMHOOFD.userMode === 'platform') {
+            const platform = await Platform.getShared();
+            if (!platform.config.loginMethods.includes(LoginMethod.Password)) {
+                throw new SimpleError({
+                    code: 'not_supported',
+                    message: 'This platform does not support password login',
+                    human: 'Dit platform ondersteunt geen wachtwoord login',
+                    statusCode: 400,
+                });
+            }
+        }
         const u = await User.getForRegister(organization?.id ?? null, request.body.email);
         // Don't optimize. Always run two queries atm.

package/src/helpers/AdminPermissionChecker.ts CHANGED Viewed

@@ -556,6 +556,9 @@ export class AdminPermissionChecker {
     }
     async canEditUserEmail(user: User) {
+        if (user.meta?.loginProviderIds?.size) {
+            return false;
+        }
         return this.canEditUserName(user);
     }

package/src/helpers/OpenIDConnectHelper.ts CHANGED Viewed

@@ -41,6 +41,9 @@ export class OpenIDConnectHelper {
     }
     get redirectUri() {
+        if (this.configuration.redirectUri) {
+            return this.configuration.redirectUri;
+        }
         // todo: we might need a special url for the app here
         if (!this.organization) {
@@ -78,7 +81,7 @@ export class OpenIDConnectHelper {
         // Store
         CookieHelper.setCookie(response, 'oid_session_id', sessionId, {
             httpOnly: true,
-            secure: true,
+            secure: STAMHOOFD.environment !== 'development',
             expires: data.expires,
         });
     }