@steedos/accounts 2.2.52-beta.3 → 2.2.52-beta.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. package/LICENSE.txt +2 -3
  2. package/lib/core/index.js +20 -20
  3. package/lib/core/index.js.map +1 -1
  4. package/lib/database-mongo/mongo.js +93 -90
  5. package/lib/database-mongo/mongo.js.map +1 -1
  6. package/lib/index.js +10 -5
  7. package/lib/index.js.map +1 -1
  8. package/lib/mail.js +5 -5
  9. package/lib/mail.js.map +1 -1
  10. package/lib/oauth2/stub/oidc-cert.js +1 -1
  11. package/lib/oauth2/stub/oidc-cert.js.map +1 -1
  12. package/lib/password/accounts-password.js +54 -41
  13. package/lib/password/accounts-password.js.map +1 -1
  14. package/lib/password/index.js +1 -1
  15. package/lib/password/index.js.map +1 -1
  16. package/lib/password/utils/encryption.js +3 -3
  17. package/lib/rest-express/endpoints/authorize.js +2 -2
  18. package/lib/rest-express/endpoints/get-user.js +2 -2
  19. package/lib/rest-express/endpoints/impersonate.js +2 -2
  20. package/lib/rest-express/endpoints/initServer.js +2 -2
  21. package/lib/rest-express/endpoints/login.js +2 -2
  22. package/lib/rest-express/endpoints/logout.js +2 -2
  23. package/lib/rest-express/endpoints/oauth/provider-callback.js +3 -3
  24. package/lib/rest-express/endpoints/oauth/provider-callback.js.map +1 -1
  25. package/lib/rest-express/endpoints/password/change-password.js +2 -2
  26. package/lib/rest-express/endpoints/password/register.js +2 -2
  27. package/lib/rest-express/endpoints/password/reset.js +4 -4
  28. package/lib/rest-express/endpoints/password/two-factor.js +6 -6
  29. package/lib/rest-express/endpoints/password/verify-email.js +6 -6
  30. package/lib/rest-express/endpoints/password/verify.js +4 -4
  31. package/lib/rest-express/endpoints/put-user-name.js +2 -2
  32. package/lib/rest-express/endpoints/refresh-access-token.js +2 -2
  33. package/lib/rest-express/endpoints/service-authenticate.js +2 -2
  34. package/lib/rest-express/endpoints/spaces.js +2 -2
  35. package/lib/rest-express/endpoints/steedos/create-tenant.js +2 -2
  36. package/lib/rest-express/endpoints/steedos/get-tenant.js +2 -2
  37. package/lib/rest-express/endpoints/steedos/settings.js +2 -2
  38. package/lib/rest-express/endpoints/update-session.js +2 -2
  39. package/lib/rest-express/express-middleware.js +1 -1
  40. package/lib/rest-express/express-middleware.js.map +1 -1
  41. package/lib/rest-express/user-loader.js +2 -2
  42. package/lib/rest-express/utils/steedos-auth.js +2 -2
  43. package/lib/rest-express/utils/steedos-auth.js.map +1 -1
  44. package/lib/rest-express/utils/users.js +4 -4
  45. package/lib/saml-idp/express-middleware.js +10 -10
  46. package/lib/saml-idp/express-middleware.js.map +1 -1
  47. package/lib/server/accounts-server.js +56 -30
  48. package/lib/server/accounts-server.js.map +1 -1
  49. package/lib/server/utils/email.js +2 -2
  50. package/lib/types/index.js +14 -14
  51. package/lib/types/index.js.map +1 -1
  52. package/package.json +6 -6
  53. package/src/core/index.ts +2 -2
  54. package/src/database-mongo/mongo.ts +3 -0
  55. package/src/index.ts +5 -3
  56. package/src/mail.ts +3 -3
  57. package/src/password/accounts-password.ts +17 -5
  58. package/src/server/accounts-server.ts +26 -3
  59. package/src/server/types/jwt-data.ts +10 -1
  60. package/src/types/types/connection-informations.ts +9 -0
@@ -593,6 +593,7 @@ export class Mongo implements DatabaseInterface {
593
593
  let is_phone = connection.is_phone;
594
594
  let is_tablet = connection.is_tablet;
595
595
  let space = connection.space;
596
+ let provider = connection.provider;
596
597
  if (userAgent) {
597
598
  const foo = userAgent.split(" Space/");
598
599
  if (foo.length > 1) {
@@ -613,6 +614,7 @@ export class Mongo implements DatabaseInterface {
613
614
  is_phone,
614
615
  is_tablet,
615
616
  login_expiration_in_days,
617
+ user_provider: provider
616
618
  };
617
619
  }
618
620
 
@@ -622,6 +624,7 @@ export class Mongo implements DatabaseInterface {
622
624
  is_phone,
623
625
  is_tablet,
624
626
  login_expiration_in_days,
627
+ user_provider: provider
625
628
  };
626
629
  }
627
630
 
package/src/index.ts CHANGED
@@ -2,7 +2,7 @@ import * as express from 'express';
2
2
  import * as path from 'path';
3
3
  import * as mongoose from 'mongoose';
4
4
  import * as mongodb from 'mongodb';
5
- import { AccountsServer } from './server';
5
+ import { AccountsServer, generateRandomToken } from './server';
6
6
  import { AccountsPassword } from './password';
7
7
  import { errors } from './password/errors';
8
8
  import accountsExpress from './rest-express';
@@ -20,15 +20,17 @@ import oauth2Login from './oauth2/login';
20
20
  import oauth2Logout from './oauth2/logout';
21
21
  import initServer from './rest-express/endpoints/initServer';
22
22
  export { hydraAdmin } from './oauth2/config';
23
+ export { setAuthCookies, clearAuthCookies } from './rest-express/utils/steedos-auth';
24
+ export { getMergedTenant } from './core';
23
25
 
24
26
  declare var WebApp;
25
27
 
26
28
  const config = getSteedosConfig();
27
29
 
28
30
  function getAccountsServer() {
29
- let accountsConfig = config.accounts || {};
31
+ let accountsConfig = config.tenant || {};
30
32
  let emailConfig = config.email || {};
31
- let tokenSecret = accountsConfig.tokenSecret || "secret";
33
+ let tokenSecret = accountsConfig.tokenSecret || generateRandomToken();
32
34
  let accessTokenExpiresIn = accountsConfig.accessTokenExpiresIn || "90d";
33
35
  let refreshTokenExpiresIn = accountsConfig.refreshTokenExpiresIn || "7d";
34
36
  let mailSignname = emailConfig.signname || "华炎魔方";
package/src/mail.ts CHANGED
@@ -8,15 +8,15 @@ export const sendMail = async ({from, subject, to, text, html}) => {
8
8
 
9
9
  const config = getSteedosConfig().email
10
10
  if (!config) {
11
- console.log("Please set email configs in steedos-config.yml")
11
+ console.log("Please set email configs in steedos.config.js")
12
12
  return
13
13
  }
14
14
  if (!config.from) {
15
- console.log("Please set email configs in steedos-config.yml")
15
+ console.log("Please set email configs in steedos.config.js")
16
16
  return
17
17
  }
18
18
  if (!config.url && (!config.host || !config.port || !config.username || !config.password)) {
19
- console.log("Please set email configs in steedos-config.yml")
19
+ console.log("Please set email configs in steedos.config.js")
20
20
  return
21
21
  }
22
22
 
@@ -160,7 +160,14 @@ export default class AccountsPassword implements AuthenticationService {
160
160
  }
161
161
 
162
162
  public async authenticate(params: any): Promise<User> {
163
- const { user, password, token, locale } = params;
163
+ let { user, password, token, locale } = params;
164
+
165
+ const passwordUnencrypted = params['password-unencrypted'];
166
+ let isHashPassword = true;
167
+ if(passwordUnencrypted && !password ){
168
+ password = passwordUnencrypted;
169
+ isHashPassword = false;
170
+ }
164
171
 
165
172
  if(user && token){
166
173
  return await this.codeAuthenticator(user, token, locale);
@@ -174,7 +181,7 @@ export default class AccountsPassword implements AuthenticationService {
174
181
  throw new Error(this.options.errors.matchFailed);
175
182
  }
176
183
 
177
- const foundUser = await this.passwordAuthenticator(user, password);
184
+ const foundUser = await this.passwordAuthenticator(user, password, isHashPassword);
178
185
 
179
186
  // // If user activated two factor authentication try with the code
180
187
  // if (getUserTwoFactorService(foundUser)) {
@@ -686,7 +693,8 @@ export default class AccountsPassword implements AuthenticationService {
686
693
 
687
694
  public async passwordAuthenticator(
688
695
  user: string | LoginUserIdentity,
689
- password: PasswordType
696
+ password: PasswordType,
697
+ isHashPassword = true
690
698
  ): Promise<User> {
691
699
  const { username, email, id, mobile } = isString(user)
692
700
  ? this.toMobileAndEmail({ user })
@@ -735,8 +743,12 @@ export default class AccountsPassword implements AuthenticationService {
735
743
  }
736
744
  }
737
745
  const hashAlgorithm = this.options.passwordHashAlgorithm;
738
- // const pass: any = hashAlgorithm ? hashPassword(password, hashAlgorithm) : password;
739
- const pass: any = password;
746
+ let pass = null;
747
+ if(isHashPassword){
748
+ pass = password;
749
+ }else{
750
+ pass = hashAlgorithm ? hashPassword(password, hashAlgorithm) : password;
751
+ }
740
752
  const isPasswordValid = await verifyPassword(pass, hash);
741
753
 
742
754
  if (!isPasswordValid) {
@@ -28,7 +28,7 @@ import isMobile from "ismobilejs";
28
28
 
29
29
  const defaultOptions = {
30
30
  ambiguousErrorMessages: true,
31
- tokenSecret: "secret",
31
+ tokenSecret: generateRandomToken(),
32
32
  tokenConfigs: {
33
33
  accessToken: {
34
34
  expiresIn: "90m",
@@ -96,6 +96,14 @@ export class AccountsServer {
96
96
  return () => this.hooks.off(eventName, callback);
97
97
  }
98
98
 
99
+ public async getUserProfile(userId, serviceName = 'password'){
100
+ const service = this.services[serviceName];
101
+ if(!service){
102
+ throw new Error(`Service ${serviceName} not found`);
103
+ }
104
+ return await service.getUserProfile(userId);
105
+ }
106
+
99
107
  public async loginWithService(
100
108
  serviceName: string,
101
109
  params: any,
@@ -203,6 +211,8 @@ export class AccountsServer {
203
211
  phone_logout_other_clients,
204
212
  phone_login_expiration_in_days,
205
213
  space,
214
+ provider,
215
+ jwtToken,
206
216
  } = infos;
207
217
 
208
218
  let is_phone = false;
@@ -243,7 +253,7 @@ export class AccountsServer {
243
253
  //3 清理用户所有session 缓存
244
254
  removeUserSessionsCacheByUserId(user.id, is_phone);
245
255
  }
246
- const token = generateRandomToken();
256
+ const token = jwtToken || generateRandomToken();
247
257
  const sessionId = await this.db.createSession(user.id, token, {
248
258
  ip,
249
259
  userAgent,
@@ -252,11 +262,14 @@ export class AccountsServer {
252
262
  is_phone,
253
263
  is_tablet,
254
264
  space,
265
+ provider
255
266
  });
256
267
 
257
268
  const { accessToken, refreshToken } = this.createTokens({
258
269
  token,
259
270
  userId: user.id,
271
+ name: user.name,
272
+ email: user.email
260
273
  });
261
274
 
262
275
  return {
@@ -357,6 +370,8 @@ export class AccountsServer {
357
370
  token: newSessionId,
358
371
  isImpersonated: true,
359
372
  userId: user.id,
373
+ name: user.name,
374
+ email: user.email,
360
375
  });
361
376
  const impersonationResult = {
362
377
  authorized: true,
@@ -426,6 +441,8 @@ export class AccountsServer {
426
441
  const tokens = this.createTokens({
427
442
  token: sessionToken,
428
443
  userId: user.id,
444
+ name: user.name,
445
+ email: user.email
429
446
  });
430
447
  await this.db.updateSession(session.id, { ip, userAgent });
431
448
 
@@ -459,16 +476,22 @@ export class AccountsServer {
459
476
  token,
460
477
  isImpersonated = false,
461
478
  userId,
479
+ name,
480
+ email
462
481
  }: {
463
482
  token: string;
464
483
  isImpersonated?: boolean;
465
484
  userId: string;
485
+ name: string,
486
+ email: string
466
487
  }): Tokens {
467
488
  const { tokenSecret, tokenConfigs } = this.options;
468
489
  const jwtData: JwtData = {
469
- token,
490
+ // token,
470
491
  isImpersonated,
471
492
  userId,
493
+ name,
494
+ email
472
495
  };
473
496
  const accessToken = generateAccessToken({
474
497
  data: jwtData,
@@ -1,5 +1,14 @@
1
+ /*
2
+ * @Author: baozhoutao@steedos.com
3
+ * @Date: 2022-03-28 09:35:34
4
+ * @LastEditors: baozhoutao@steedos.com
5
+ * @LastEditTime: 2022-07-01 15:01:17
6
+ * @Description:
7
+ */
1
8
  export interface JwtData {
2
- token: string;
9
+ token?: string;
3
10
  isImpersonated: boolean;
4
11
  userId: string;
12
+ name: string,
13
+ email: string,
5
14
  }
@@ -1,3 +1,10 @@
1
+ /*
2
+ * @Author: baozhoutao@steedos.com
3
+ * @Date: 2022-03-28 09:35:34
4
+ * @LastEditors: baozhoutao@steedos.com
5
+ * @LastEditTime: 2022-06-29 16:05:04
6
+ * @Description:
7
+ */
1
8
  export interface ConnectionInformations {
2
9
  ip?: string;
3
10
  userAgent?: string;
@@ -8,4 +15,6 @@ export interface ConnectionInformations {
8
15
  login_expiration_in_days?: number;
9
16
  phone_logout_other_clients?: boolean;
10
17
  phone_login_expiration_in_days?: number;
18
+ provider?: string;
19
+ jwtToken?: string;
11
20
  }