@steedos/accounts 2.2.55-beta.9 → 2.2.56
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/core/index.js +26 -28
- package/lib/core/index.js.map +1 -1
- package/lib/database-mongo/mongo.js +141 -154
- package/lib/database-mongo/mongo.js.map +1 -1
- package/lib/index.js +1 -3
- package/lib/index.js.map +1 -1
- package/lib/mail.js +6 -6
- package/lib/mail.js.map +1 -1
- package/lib/password/accounts-password.js +112 -233
- package/lib/password/accounts-password.js.map +1 -1
- package/lib/password/utils/encryption.js +4 -4
- package/lib/password/utils/encryption.js.map +1 -1
- package/lib/rest-express/endpoints/authorize.js +1 -1
- package/lib/rest-express/endpoints/get-user.js +1 -1
- package/lib/rest-express/endpoints/impersonate.js +4 -4
- package/lib/rest-express/endpoints/impersonate.js.map +1 -1
- package/lib/rest-express/endpoints/initServer.js +4 -4
- package/lib/rest-express/endpoints/initServer.js.map +1 -1
- package/lib/rest-express/endpoints/login.js +5 -5
- package/lib/rest-express/endpoints/login.js.map +1 -1
- package/lib/rest-express/endpoints/logout.js +4 -4
- package/lib/rest-express/endpoints/logout.js.map +1 -1
- package/lib/rest-express/endpoints/oauth/provider-callback.js +4 -4
- package/lib/rest-express/endpoints/oauth/provider-callback.js.map +1 -1
- package/lib/rest-express/endpoints/password/change-password.js +5 -5
- package/lib/rest-express/endpoints/password/change-password.js.map +1 -1
- package/lib/rest-express/endpoints/password/register.js +13 -39
- package/lib/rest-express/endpoints/password/register.js.map +1 -1
- package/lib/rest-express/endpoints/password/reset.js +8 -8
- package/lib/rest-express/endpoints/password/reset.js.map +1 -1
- package/lib/rest-express/endpoints/password/two-factor.js +14 -14
- package/lib/rest-express/endpoints/password/two-factor.js.map +1 -1
- package/lib/rest-express/endpoints/password/verify-email.js +12 -12
- package/lib/rest-express/endpoints/password/verify-email.js.map +1 -1
- package/lib/rest-express/endpoints/password/verify.js +18 -18
- package/lib/rest-express/endpoints/password/verify.js.map +1 -1
- package/lib/rest-express/endpoints/put-user-name.js +5 -5
- package/lib/rest-express/endpoints/put-user-name.js.map +1 -1
- package/lib/rest-express/endpoints/refresh-access-token.js +4 -4
- package/lib/rest-express/endpoints/refresh-access-token.js.map +1 -1
- package/lib/rest-express/endpoints/service-authenticate.js +9 -14
- package/lib/rest-express/endpoints/service-authenticate.js.map +1 -1
- package/lib/rest-express/endpoints/spaces.js +3 -3
- package/lib/rest-express/endpoints/spaces.js.map +1 -1
- package/lib/rest-express/endpoints/steedos/create-tenant.js +9 -9
- package/lib/rest-express/endpoints/steedos/create-tenant.js.map +1 -1
- package/lib/rest-express/endpoints/steedos/get-tenant.js +5 -5
- package/lib/rest-express/endpoints/steedos/get-tenant.js.map +1 -1
- package/lib/rest-express/endpoints/steedos/settings.js +4 -4
- package/lib/rest-express/endpoints/steedos/settings.js.map +1 -1
- package/lib/rest-express/endpoints/update-session.js +5 -6
- package/lib/rest-express/endpoints/update-session.js.map +1 -1
- package/lib/rest-express/express-middleware.js +0 -4
- package/lib/rest-express/express-middleware.js.map +1 -1
- package/lib/rest-express/user-loader.js +8 -8
- package/lib/rest-express/user-loader.js.map +1 -1
- package/lib/rest-express/utils/get-user-agent.js +0 -1
- package/lib/rest-express/utils/get-user-agent.js.map +1 -1
- package/lib/rest-express/utils/users.js +6 -6
- package/lib/rest-express/utils/users.js.map +1 -1
- package/lib/server/accounts-server.js +75 -159
- package/lib/server/accounts-server.js.map +1 -1
- package/lib/server/utils/email.js +1 -3
- package/lib/server/utils/email.js.map +1 -1
- package/lib/server/utils/get-first-user-email.js +0 -1
- package/lib/server/utils/get-first-user-email.js.map +1 -1
- package/lib/server/utils/tokens.js +0 -11
- package/lib/server/utils/tokens.js.map +1 -1
- package/package.json +6 -6
|
@@ -26,27 +26,18 @@ var defaultOptions = {
|
|
|
26
26
|
sendMail: email_1.sendMail,
|
|
27
27
|
siteUrl: "http://localhost:3000",
|
|
28
28
|
};
|
|
29
|
-
var AccountsServer =
|
|
29
|
+
var AccountsServer = (function () {
|
|
30
30
|
function AccountsServer(options, services) {
|
|
31
31
|
this.options = (0, lodash_1.merge)(tslib_1.__assign({}, defaultOptions), options);
|
|
32
32
|
if (!this.options.db) {
|
|
33
33
|
throw new Error("A database driver is required");
|
|
34
34
|
}
|
|
35
|
-
// if (this.options.tokenSecret === defaultOptions.tokenSecret) {
|
|
36
|
-
// // tslint:disable-next-line no-console
|
|
37
|
-
// console.log(`
|
|
38
|
-
// You are using the default secret "${this.options.tokenSecret}" which is not secure.
|
|
39
|
-
// Please change it with a strong random token.`);
|
|
40
|
-
// }
|
|
41
35
|
this.services = services || {};
|
|
42
36
|
this.db = this.options.db;
|
|
43
|
-
// Set the db to all services
|
|
44
|
-
// tslint:disable-next-line
|
|
45
37
|
for (var service in this.services) {
|
|
46
38
|
this.services[service].setStore(this.db);
|
|
47
39
|
this.services[service].server = this;
|
|
48
40
|
}
|
|
49
|
-
// Initialize hooks
|
|
50
41
|
this.hooks = new Emittery();
|
|
51
42
|
}
|
|
52
43
|
AccountsServer.prototype.getServices = function () {
|
|
@@ -74,8 +65,8 @@ var AccountsServer = /** @class */ (function () {
|
|
|
74
65
|
if (!service) {
|
|
75
66
|
throw new Error("Service ".concat(serviceName, " not found"));
|
|
76
67
|
}
|
|
77
|
-
return [4
|
|
78
|
-
case 1: return [2
|
|
68
|
+
return [4, service.getUserProfile(userId)];
|
|
69
|
+
case 1: return [2, _a.sent()];
|
|
79
70
|
}
|
|
80
71
|
});
|
|
81
72
|
});
|
|
@@ -87,11 +78,8 @@ var AccountsServer = /** @class */ (function () {
|
|
|
87
78
|
switch (_a.label) {
|
|
88
79
|
case 0:
|
|
89
80
|
hooksInfo = {
|
|
90
|
-
// The service name, such as “password” or “twitter”.
|
|
91
81
|
service: serviceName,
|
|
92
|
-
// The connection informations <ConnectionInformations>
|
|
93
82
|
connection: infos,
|
|
94
|
-
// Params received
|
|
95
83
|
params: params,
|
|
96
84
|
};
|
|
97
85
|
_a.label = 1;
|
|
@@ -100,7 +88,7 @@ var AccountsServer = /** @class */ (function () {
|
|
|
100
88
|
if (!this.services[serviceName]) {
|
|
101
89
|
throw new Error("No service with the name ".concat(serviceName, " was registered."));
|
|
102
90
|
}
|
|
103
|
-
return [4
|
|
91
|
+
return [4, this.services[serviceName].authenticate(params)];
|
|
104
92
|
case 2:
|
|
105
93
|
user = _a.sent();
|
|
106
94
|
hooksInfo.user = user;
|
|
@@ -110,10 +98,8 @@ var AccountsServer = /** @class */ (function () {
|
|
|
110
98
|
if (user.deactivated) {
|
|
111
99
|
throw new Error("Your account has been deactivated");
|
|
112
100
|
}
|
|
113
|
-
|
|
114
|
-
return [4 /*yield*/, this.hooks.emitSerial(server_hooks_1.ServerHooks.ValidateLogin, hooksInfo)];
|
|
101
|
+
return [4, this.hooks.emitSerial(server_hooks_1.ServerHooks.ValidateLogin, hooksInfo)];
|
|
115
102
|
case 3:
|
|
116
|
-
// Let the user validate the login attempt
|
|
117
103
|
_a.sent();
|
|
118
104
|
enable_MFA = false;
|
|
119
105
|
logout_other_clients = false;
|
|
@@ -121,7 +107,7 @@ var AccountsServer = /** @class */ (function () {
|
|
|
121
107
|
phone_logout_other_clients = false;
|
|
122
108
|
phone_login_expiration_in_days = null;
|
|
123
109
|
space = null;
|
|
124
|
-
return [4
|
|
110
|
+
return [4, this.services[serviceName].getUserProfile(user.id)];
|
|
125
111
|
case 4:
|
|
126
112
|
userProfile = _a.sent();
|
|
127
113
|
if (userProfile) {
|
|
@@ -134,18 +120,13 @@ var AccountsServer = /** @class */ (function () {
|
|
|
134
120
|
userProfile.phone_login_expiration_in_days;
|
|
135
121
|
space = userProfile.space;
|
|
136
122
|
}
|
|
137
|
-
//启用了多重验证
|
|
138
123
|
if (enable_MFA) {
|
|
139
|
-
//不是验证码登录
|
|
140
124
|
if (!(params.user && params.token)) {
|
|
141
125
|
_next = "TO_MOBILE_CODE_LOGIN";
|
|
142
|
-
|
|
143
|
-
// _next = 'TO_VERIFY_MOBILE';
|
|
144
|
-
// }
|
|
145
|
-
return [2 /*return*/, { _next: _next, mobile: user.mobile, mobile_verified: user.mobile_verified }];
|
|
126
|
+
return [2, { _next: _next, mobile: user.mobile, mobile_verified: user.mobile_verified }];
|
|
146
127
|
}
|
|
147
128
|
}
|
|
148
|
-
return [4
|
|
129
|
+
return [4, this.loginWithUser(user, Object.assign({}, infos, {
|
|
149
130
|
logout_other_clients: logout_other_clients,
|
|
150
131
|
login_expiration_in_days: login_expiration_in_days,
|
|
151
132
|
phone_logout_other_clients: phone_logout_other_clients,
|
|
@@ -155,25 +136,16 @@ var AccountsServer = /** @class */ (function () {
|
|
|
155
136
|
case 5:
|
|
156
137
|
loginResult = _a.sent();
|
|
157
138
|
this.hooks.emit(server_hooks_1.ServerHooks.LoginSuccess, hooksInfo);
|
|
158
|
-
return [2
|
|
139
|
+
return [2, loginResult];
|
|
159
140
|
case 6:
|
|
160
141
|
err_1 = _a.sent();
|
|
161
142
|
this.hooks.emit(server_hooks_1.ServerHooks.LoginError, tslib_1.__assign(tslib_1.__assign({}, hooksInfo), { error: err_1 }));
|
|
162
143
|
throw err_1;
|
|
163
|
-
case 7: return [2
|
|
144
|
+
case 7: return [2];
|
|
164
145
|
}
|
|
165
146
|
});
|
|
166
147
|
});
|
|
167
148
|
};
|
|
168
|
-
/**
|
|
169
|
-
* @description Server use only.
|
|
170
|
-
* This method creates a session without authenticating any user identity.
|
|
171
|
-
* Any authentication should happen before calling this function.
|
|
172
|
-
* @param {User} userId - The user object.
|
|
173
|
-
* @param {string} ip - User's ip.
|
|
174
|
-
* @param {string} userAgent - User's client agent.
|
|
175
|
-
* @returns {Promise<LoginResult>} - Session tokens and user object.
|
|
176
|
-
*/
|
|
177
149
|
AccountsServer.prototype.loginWithUser = function (user, infos) {
|
|
178
150
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
179
151
|
var ip, userAgent, logout_other_clients, login_expiration_in_days, phone_logout_other_clients, phone_login_expiration_in_days, space, provider, jwtToken, is_phone, is_tablet, _a, phone, tablet, query, userSessions, _i, userSessions_1, userSession, token, sessionId, _b, accessToken, refreshToken;
|
|
@@ -193,7 +165,7 @@ var AccountsServer = /** @class */ (function () {
|
|
|
193
165
|
console.log("Exception", Exception);
|
|
194
166
|
}
|
|
195
167
|
}
|
|
196
|
-
if (!(logout_other_clients || phone_logout_other_clients)) return [3
|
|
168
|
+
if (!(logout_other_clients || phone_logout_other_clients)) return [3, 7];
|
|
197
169
|
query = null;
|
|
198
170
|
if (is_phone) {
|
|
199
171
|
query = { is_phone: true };
|
|
@@ -201,38 +173,35 @@ var AccountsServer = /** @class */ (function () {
|
|
|
201
173
|
else {
|
|
202
174
|
query = { is_phone: { $ne: true } };
|
|
203
175
|
}
|
|
204
|
-
|
|
205
|
-
return [4 /*yield*/, this.db.updateUser(user.id, {
|
|
176
|
+
return [4, this.db.updateUser(user.id, {
|
|
206
177
|
$pull: {
|
|
207
178
|
"services.resume.loginTokens": query,
|
|
208
179
|
},
|
|
209
180
|
})];
|
|
210
181
|
case 1:
|
|
211
|
-
//1 将当前user的所有 token 清空
|
|
212
182
|
_c.sent();
|
|
213
|
-
return [4
|
|
183
|
+
return [4, this.db.findValidSessionsByUserId(user.id, is_phone)];
|
|
214
184
|
case 2:
|
|
215
185
|
userSessions = _c.sent();
|
|
216
|
-
if (!userSessions) return [3
|
|
186
|
+
if (!userSessions) return [3, 6];
|
|
217
187
|
_i = 0, userSessions_1 = userSessions;
|
|
218
188
|
_c.label = 3;
|
|
219
189
|
case 3:
|
|
220
|
-
if (!(_i < userSessions_1.length)) return [3
|
|
190
|
+
if (!(_i < userSessions_1.length)) return [3, 6];
|
|
221
191
|
userSession = userSessions_1[_i];
|
|
222
|
-
return [4
|
|
192
|
+
return [4, this.db.invalidateSession(userSession.id)];
|
|
223
193
|
case 4:
|
|
224
194
|
_c.sent();
|
|
225
195
|
_c.label = 5;
|
|
226
196
|
case 5:
|
|
227
197
|
_i++;
|
|
228
|
-
return [3
|
|
198
|
+
return [3, 3];
|
|
229
199
|
case 6:
|
|
230
|
-
//3 清理用户所有session 缓存
|
|
231
200
|
(0, auth_1.removeUserSessionsCacheByUserId)(user.id, is_phone);
|
|
232
201
|
_c.label = 7;
|
|
233
202
|
case 7:
|
|
234
203
|
token = jwtToken || (0, tokens_1.generateRandomToken)();
|
|
235
|
-
return [4
|
|
204
|
+
return [4, this.db.createSession(user.id, token, {
|
|
236
205
|
ip: ip,
|
|
237
206
|
userAgent: userAgent,
|
|
238
207
|
login_expiration_in_days: login_expiration_in_days,
|
|
@@ -250,7 +219,7 @@ var AccountsServer = /** @class */ (function () {
|
|
|
250
219
|
name: user.name,
|
|
251
220
|
email: user.email
|
|
252
221
|
}), accessToken = _b.accessToken, refreshToken = _b.refreshToken;
|
|
253
|
-
return [2
|
|
222
|
+
return [2, {
|
|
254
223
|
sessionId: sessionId,
|
|
255
224
|
token: token,
|
|
256
225
|
tokens: {
|
|
@@ -263,14 +232,6 @@ var AccountsServer = /** @class */ (function () {
|
|
|
263
232
|
});
|
|
264
233
|
});
|
|
265
234
|
};
|
|
266
|
-
/**
|
|
267
|
-
* @description Impersonate to another user.
|
|
268
|
-
* @param {string} accessToken - User access token.
|
|
269
|
-
* @param {object} impersonated - impersonated user.
|
|
270
|
-
* @param {string} ip - The user ip.
|
|
271
|
-
* @param {string} userAgent - User user agent.
|
|
272
|
-
* @returns {Promise<Object>} - ImpersonationResult
|
|
273
|
-
*/
|
|
274
235
|
AccountsServer.prototype.impersonate = function (accessToken, impersonated, ip, userAgent) {
|
|
275
236
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
276
237
|
var session, user, impersonatedUser, isAuthorized, token, newSessionId, impersonationTokens, impersonationResult, e_1;
|
|
@@ -287,54 +248,54 @@ var AccountsServer = /** @class */ (function () {
|
|
|
287
248
|
catch (err) {
|
|
288
249
|
throw new Error("Access token is not valid");
|
|
289
250
|
}
|
|
290
|
-
return [4
|
|
251
|
+
return [4, this.findSessionByAccessToken(accessToken)];
|
|
291
252
|
case 1:
|
|
292
253
|
session = _a.sent();
|
|
293
254
|
if (!session.valid) {
|
|
294
255
|
throw new Error("Session is not valid for user");
|
|
295
256
|
}
|
|
296
|
-
return [4
|
|
257
|
+
return [4, this.db.findUserById(session.userId)];
|
|
297
258
|
case 2:
|
|
298
259
|
user = _a.sent();
|
|
299
260
|
if (!user) {
|
|
300
261
|
throw new Error("User not found");
|
|
301
262
|
}
|
|
302
263
|
impersonatedUser = void 0;
|
|
303
|
-
if (!impersonated.userId) return [3
|
|
304
|
-
return [4
|
|
264
|
+
if (!impersonated.userId) return [3, 4];
|
|
265
|
+
return [4, this.db.findUserById(impersonated.userId)];
|
|
305
266
|
case 3:
|
|
306
267
|
impersonatedUser = _a.sent();
|
|
307
|
-
return [3
|
|
268
|
+
return [3, 8];
|
|
308
269
|
case 4:
|
|
309
|
-
if (!impersonated.username) return [3
|
|
310
|
-
return [4
|
|
270
|
+
if (!impersonated.username) return [3, 6];
|
|
271
|
+
return [4, this.db.findUserByUsername(impersonated.username)];
|
|
311
272
|
case 5:
|
|
312
273
|
impersonatedUser = _a.sent();
|
|
313
|
-
return [3
|
|
274
|
+
return [3, 8];
|
|
314
275
|
case 6:
|
|
315
|
-
if (!impersonated.email) return [3
|
|
316
|
-
return [4
|
|
276
|
+
if (!impersonated.email) return [3, 8];
|
|
277
|
+
return [4, this.db.findUserByEmail(impersonated.email)];
|
|
317
278
|
case 7:
|
|
318
279
|
impersonatedUser = _a.sent();
|
|
319
280
|
_a.label = 8;
|
|
320
281
|
case 8:
|
|
321
282
|
if (!impersonatedUser) {
|
|
322
283
|
if (this.options.ambiguousErrorMessages) {
|
|
323
|
-
return [2
|
|
284
|
+
return [2, { authorized: false }];
|
|
324
285
|
}
|
|
325
286
|
throw new Error("Impersonated user not found");
|
|
326
287
|
}
|
|
327
288
|
if (!this.options.impersonationAuthorize) {
|
|
328
|
-
return [2
|
|
289
|
+
return [2, { authorized: false }];
|
|
329
290
|
}
|
|
330
|
-
return [4
|
|
291
|
+
return [4, this.options.impersonationAuthorize(user, impersonatedUser)];
|
|
331
292
|
case 9:
|
|
332
293
|
isAuthorized = _a.sent();
|
|
333
294
|
if (!isAuthorized) {
|
|
334
|
-
return [2
|
|
295
|
+
return [2, { authorized: false }];
|
|
335
296
|
}
|
|
336
297
|
token = (0, tokens_1.generateRandomToken)();
|
|
337
|
-
return [4
|
|
298
|
+
return [4, this.db.createSession(impersonatedUser.id, token, {
|
|
338
299
|
ip: ip,
|
|
339
300
|
userAgent: userAgent,
|
|
340
301
|
}, { impersonatorUserId: user.id })];
|
|
@@ -356,24 +317,16 @@ var AccountsServer = /** @class */ (function () {
|
|
|
356
317
|
user: user,
|
|
357
318
|
impersonationResult: impersonationResult,
|
|
358
319
|
});
|
|
359
|
-
return [2
|
|
320
|
+
return [2, impersonationResult];
|
|
360
321
|
case 11:
|
|
361
322
|
e_1 = _a.sent();
|
|
362
323
|
this.hooks.emit(server_hooks_1.ServerHooks.ImpersonationError, e_1);
|
|
363
324
|
throw e_1;
|
|
364
|
-
case 12: return [2
|
|
325
|
+
case 12: return [2];
|
|
365
326
|
}
|
|
366
327
|
});
|
|
367
328
|
});
|
|
368
329
|
};
|
|
369
|
-
/**
|
|
370
|
-
* @description Refresh a user token.
|
|
371
|
-
* @param {string} accessToken - User access token.
|
|
372
|
-
* @param {string} refreshToken - User refresh token.
|
|
373
|
-
* @param {string} ip - User ip.
|
|
374
|
-
* @param {string} userAgent - User user agent.
|
|
375
|
-
* @returns {Promise<Object>} - LoginResult.
|
|
376
|
-
*/
|
|
377
330
|
AccountsServer.prototype.refreshTokens = function (accessToken, refreshToken, ip, userAgent) {
|
|
378
331
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
379
332
|
var sessionToken, decodedAccessToken, session, user, tokens, result, err_2;
|
|
@@ -395,14 +348,14 @@ var AccountsServer = /** @class */ (function () {
|
|
|
395
348
|
catch (err) {
|
|
396
349
|
throw new Error("Tokens are not valid");
|
|
397
350
|
}
|
|
398
|
-
return [4
|
|
351
|
+
return [4, this.db.findSessionByToken(sessionToken)];
|
|
399
352
|
case 1:
|
|
400
353
|
session = _a.sent();
|
|
401
354
|
if (!session) {
|
|
402
355
|
throw new Error("Session not found");
|
|
403
356
|
}
|
|
404
|
-
if (!session.valid) return [3
|
|
405
|
-
return [4
|
|
357
|
+
if (!session.valid) return [3, 4];
|
|
358
|
+
return [4, this.db.findUserById(session.userId)];
|
|
406
359
|
case 2:
|
|
407
360
|
user = _a.sent();
|
|
408
361
|
if (!user) {
|
|
@@ -414,7 +367,7 @@ var AccountsServer = /** @class */ (function () {
|
|
|
414
367
|
name: user.name,
|
|
415
368
|
email: user.email
|
|
416
369
|
});
|
|
417
|
-
return [4
|
|
370
|
+
return [4, this.db.updateSession(session.id, { ip: ip, userAgent: userAgent })];
|
|
418
371
|
case 3:
|
|
419
372
|
_a.sent();
|
|
420
373
|
result = {
|
|
@@ -424,29 +377,22 @@ var AccountsServer = /** @class */ (function () {
|
|
|
424
377
|
tokens: tokens,
|
|
425
378
|
};
|
|
426
379
|
this.hooks.emit(server_hooks_1.ServerHooks.RefreshTokensSuccess, result);
|
|
427
|
-
return [2
|
|
380
|
+
return [2, result];
|
|
428
381
|
case 4: throw new Error("Session is no longer valid");
|
|
429
|
-
case 5: return [3
|
|
382
|
+
case 5: return [3, 7];
|
|
430
383
|
case 6:
|
|
431
384
|
err_2 = _a.sent();
|
|
432
385
|
this.hooks.emit(server_hooks_1.ServerHooks.RefreshTokensError, err_2);
|
|
433
386
|
throw err_2;
|
|
434
|
-
case 7: return [2
|
|
387
|
+
case 7: return [2];
|
|
435
388
|
}
|
|
436
389
|
});
|
|
437
390
|
});
|
|
438
391
|
};
|
|
439
|
-
/**
|
|
440
|
-
* @description Refresh a user token.
|
|
441
|
-
* @param {string} token - User session token.
|
|
442
|
-
* @param {boolean} isImpersonated - Should be true if impersonating another user.
|
|
443
|
-
* @returns {Promise<Object>} - Return a new accessToken and refreshToken.
|
|
444
|
-
*/
|
|
445
392
|
AccountsServer.prototype.createTokens = function (_a) {
|
|
446
393
|
var token = _a.token, _b = _a.isImpersonated, isImpersonated = _b === void 0 ? false : _b, userId = _a.userId, name = _a.name, email = _a.email;
|
|
447
394
|
var _c = this.options, tokenSecret = _c.tokenSecret, tokenConfigs = _c.tokenConfigs;
|
|
448
395
|
var jwtData = {
|
|
449
|
-
// token,
|
|
450
396
|
isImpersonated: isImpersonated,
|
|
451
397
|
userId: userId,
|
|
452
398
|
name: name,
|
|
@@ -463,11 +409,6 @@ var AccountsServer = /** @class */ (function () {
|
|
|
463
409
|
});
|
|
464
410
|
return { accessToken: accessToken, refreshToken: refreshToken };
|
|
465
411
|
};
|
|
466
|
-
/**
|
|
467
|
-
* @description Logout a user and invalidate his session.
|
|
468
|
-
* @param {string} accessToken - User access token.
|
|
469
|
-
* @returns {Promise<void>} - Return a promise.
|
|
470
|
-
*/
|
|
471
412
|
AccountsServer.prototype.logout = function (token) {
|
|
472
413
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
473
414
|
var session, error_1;
|
|
@@ -475,34 +416,29 @@ var AccountsServer = /** @class */ (function () {
|
|
|
475
416
|
switch (_a.label) {
|
|
476
417
|
case 0:
|
|
477
418
|
_a.trys.push([0, 5, , 6]);
|
|
478
|
-
return [4
|
|
419
|
+
return [4, this.db.findSessionByToken(token)];
|
|
479
420
|
case 1:
|
|
480
421
|
session = _a.sent();
|
|
481
|
-
if (!(session && session.valid)) return [3
|
|
482
|
-
return [4
|
|
422
|
+
if (!(session && session.valid)) return [3, 3];
|
|
423
|
+
return [4, this.db.invalidateSession(session.id)];
|
|
483
424
|
case 2:
|
|
484
425
|
_a.sent();
|
|
485
426
|
this.hooks.emit(server_hooks_1.ServerHooks.LogoutSuccess, {
|
|
486
427
|
session: session,
|
|
487
428
|
token: token,
|
|
488
429
|
});
|
|
489
|
-
return [3
|
|
430
|
+
return [3, 4];
|
|
490
431
|
case 3: throw new Error("Session is no longer valid");
|
|
491
|
-
case 4: return [3
|
|
432
|
+
case 4: return [3, 6];
|
|
492
433
|
case 5:
|
|
493
434
|
error_1 = _a.sent();
|
|
494
435
|
this.hooks.emit(server_hooks_1.ServerHooks.LogoutError, error_1);
|
|
495
436
|
throw error_1;
|
|
496
|
-
case 6: return [2
|
|
437
|
+
case 6: return [2];
|
|
497
438
|
}
|
|
498
439
|
});
|
|
499
440
|
});
|
|
500
441
|
};
|
|
501
|
-
/**
|
|
502
|
-
* @description Logout a user and invalidate his session.
|
|
503
|
-
* @param {string} accessToken - User access token.
|
|
504
|
-
* @returns {Promise<void>} - Return a promise.
|
|
505
|
-
*/
|
|
506
442
|
AccountsServer.prototype.logoutByAccessToken = function (accessToken) {
|
|
507
443
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
508
444
|
var session, error_2;
|
|
@@ -510,25 +446,25 @@ var AccountsServer = /** @class */ (function () {
|
|
|
510
446
|
switch (_a.label) {
|
|
511
447
|
case 0:
|
|
512
448
|
_a.trys.push([0, 5, , 6]);
|
|
513
|
-
return [4
|
|
449
|
+
return [4, this.findSessionByAccessToken(accessToken)];
|
|
514
450
|
case 1:
|
|
515
451
|
session = _a.sent();
|
|
516
|
-
if (!session.valid) return [3
|
|
517
|
-
return [4
|
|
452
|
+
if (!session.valid) return [3, 3];
|
|
453
|
+
return [4, this.db.invalidateSession(session.id)];
|
|
518
454
|
case 2:
|
|
519
455
|
_a.sent();
|
|
520
456
|
this.hooks.emit(server_hooks_1.ServerHooks.LogoutSuccess, {
|
|
521
457
|
session: session,
|
|
522
458
|
accessToken: accessToken,
|
|
523
459
|
});
|
|
524
|
-
return [3
|
|
460
|
+
return [3, 4];
|
|
525
461
|
case 3: throw new Error("Session is no longer valid");
|
|
526
|
-
case 4: return [3
|
|
462
|
+
case 4: return [3, 6];
|
|
527
463
|
case 5:
|
|
528
464
|
error_2 = _a.sent();
|
|
529
465
|
this.hooks.emit(server_hooks_1.ServerHooks.LogoutError, error_2);
|
|
530
466
|
throw error_2;
|
|
531
|
-
case 6: return [2
|
|
467
|
+
case 6: return [2];
|
|
532
468
|
}
|
|
533
469
|
});
|
|
534
470
|
});
|
|
@@ -540,30 +476,30 @@ var AccountsServer = /** @class */ (function () {
|
|
|
540
476
|
switch (_a.label) {
|
|
541
477
|
case 0:
|
|
542
478
|
_a.trys.push([0, 8, , 9]);
|
|
543
|
-
return [4
|
|
479
|
+
return [4, this.db.findSessionByToken(token)];
|
|
544
480
|
case 1:
|
|
545
481
|
session = _a.sent();
|
|
546
|
-
if (!(session && session.valid)) return [3
|
|
547
|
-
return [4
|
|
482
|
+
if (!(session && session.valid)) return [3, 7];
|
|
483
|
+
return [4, this.db.findUserById(session.userId)];
|
|
548
484
|
case 2:
|
|
549
485
|
user = _a.sent();
|
|
550
486
|
if (!user) {
|
|
551
487
|
throw new Error("User not found");
|
|
552
488
|
}
|
|
553
|
-
if (!this.options.resumeSessionValidator) return [3
|
|
489
|
+
if (!this.options.resumeSessionValidator) return [3, 6];
|
|
554
490
|
_a.label = 3;
|
|
555
491
|
case 3:
|
|
556
492
|
_a.trys.push([3, 5, , 6]);
|
|
557
|
-
return [4
|
|
493
|
+
return [4, this.options.resumeSessionValidator(user, session)];
|
|
558
494
|
case 4:
|
|
559
495
|
_a.sent();
|
|
560
|
-
return [3
|
|
496
|
+
return [3, 6];
|
|
561
497
|
case 5:
|
|
562
498
|
e_2 = _a.sent();
|
|
563
499
|
throw new Error(e_2);
|
|
564
500
|
case 6:
|
|
565
501
|
this.hooks.emit(server_hooks_1.ServerHooks.ResumeSessionSuccess, { user: user, token: token });
|
|
566
|
-
return [2
|
|
502
|
+
return [2, this.sanitizeUser(user)];
|
|
567
503
|
case 7:
|
|
568
504
|
this.hooks.emit(server_hooks_1.ServerHooks.ResumeSessionError, new Error("Invalid Session"));
|
|
569
505
|
throw new Error("Invalid Session");
|
|
@@ -571,7 +507,7 @@ var AccountsServer = /** @class */ (function () {
|
|
|
571
507
|
e_3 = _a.sent();
|
|
572
508
|
this.hooks.emit(server_hooks_1.ServerHooks.ResumeSessionError, e_3);
|
|
573
509
|
throw e_3;
|
|
574
|
-
case 9: return [2
|
|
510
|
+
case 9: return [2];
|
|
575
511
|
}
|
|
576
512
|
});
|
|
577
513
|
});
|
|
@@ -583,24 +519,24 @@ var AccountsServer = /** @class */ (function () {
|
|
|
583
519
|
switch (_a.label) {
|
|
584
520
|
case 0:
|
|
585
521
|
_a.trys.push([0, 8, , 9]);
|
|
586
|
-
return [4
|
|
522
|
+
return [4, this.findSessionByAccessToken(accessToken)];
|
|
587
523
|
case 1:
|
|
588
524
|
session = _a.sent();
|
|
589
|
-
if (!session.valid) return [3
|
|
590
|
-
return [4
|
|
525
|
+
if (!session.valid) return [3, 7];
|
|
526
|
+
return [4, this.db.findUserById(session.userId)];
|
|
591
527
|
case 2:
|
|
592
528
|
user = _a.sent();
|
|
593
529
|
if (!user) {
|
|
594
530
|
throw new Error("User not found");
|
|
595
531
|
}
|
|
596
|
-
if (!this.options.resumeSessionValidator) return [3
|
|
532
|
+
if (!this.options.resumeSessionValidator) return [3, 6];
|
|
597
533
|
_a.label = 3;
|
|
598
534
|
case 3:
|
|
599
535
|
_a.trys.push([3, 5, , 6]);
|
|
600
|
-
return [4
|
|
536
|
+
return [4, this.options.resumeSessionValidator(user, session)];
|
|
601
537
|
case 4:
|
|
602
538
|
_a.sent();
|
|
603
|
-
return [3
|
|
539
|
+
return [3, 6];
|
|
604
540
|
case 5:
|
|
605
541
|
e_4 = _a.sent();
|
|
606
542
|
throw new Error(e_4);
|
|
@@ -609,7 +545,7 @@ var AccountsServer = /** @class */ (function () {
|
|
|
609
545
|
user: user,
|
|
610
546
|
accessToken: accessToken,
|
|
611
547
|
});
|
|
612
|
-
return [2
|
|
548
|
+
return [2, this.sanitizeUser(user)];
|
|
613
549
|
case 7:
|
|
614
550
|
this.hooks.emit(server_hooks_1.ServerHooks.ResumeSessionError, new Error("Invalid Session"));
|
|
615
551
|
throw new Error("Invalid Session");
|
|
@@ -617,16 +553,11 @@ var AccountsServer = /** @class */ (function () {
|
|
|
617
553
|
e_5 = _a.sent();
|
|
618
554
|
this.hooks.emit(server_hooks_1.ServerHooks.ResumeSessionError, e_5);
|
|
619
555
|
throw e_5;
|
|
620
|
-
case 9: return [2
|
|
556
|
+
case 9: return [2];
|
|
621
557
|
}
|
|
622
558
|
});
|
|
623
559
|
});
|
|
624
560
|
};
|
|
625
|
-
/**
|
|
626
|
-
* @description Find a session by his token.
|
|
627
|
-
* @param {string} accessToken
|
|
628
|
-
* @returns {Promise<Session>} - Return a session.
|
|
629
|
-
*/
|
|
630
561
|
AccountsServer.prototype.findSessionByAccessToken = function (accessToken) {
|
|
631
562
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
632
563
|
var sessionToken, decodedAccessToken, session;
|
|
@@ -643,46 +574,31 @@ var AccountsServer = /** @class */ (function () {
|
|
|
643
574
|
catch (err) {
|
|
644
575
|
throw new Error("Tokens are not valid");
|
|
645
576
|
}
|
|
646
|
-
return [4
|
|
577
|
+
return [4, this.db.findSessionByToken(sessionToken)];
|
|
647
578
|
case 1:
|
|
648
579
|
session = _a.sent();
|
|
649
580
|
if (!session) {
|
|
650
581
|
throw new Error("Session not found");
|
|
651
582
|
}
|
|
652
|
-
return [2
|
|
583
|
+
return [2, session];
|
|
653
584
|
}
|
|
654
585
|
});
|
|
655
586
|
});
|
|
656
587
|
};
|
|
657
|
-
/**
|
|
658
|
-
* @description Find a user by his id.
|
|
659
|
-
* @param {string} userId - User id.
|
|
660
|
-
* @returns {Promise<Object>} - Return a user or null if not found.
|
|
661
|
-
*/
|
|
662
588
|
AccountsServer.prototype.findUserById = function (userId) {
|
|
663
589
|
return this.db.findUserById(userId);
|
|
664
590
|
};
|
|
665
|
-
/**
|
|
666
|
-
* @description Deactivate a user, the user will not be able to login until his account is reactivated.
|
|
667
|
-
* @param {string} userId - User id.
|
|
668
|
-
* @returns {Promise<void>} - Return a Promise.
|
|
669
|
-
*/
|
|
670
591
|
AccountsServer.prototype.deactivateUser = function (userId) {
|
|
671
592
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
672
593
|
return tslib_1.__generator(this, function (_a) {
|
|
673
|
-
return [2
|
|
594
|
+
return [2, this.db.setUserDeactivated(userId, true)];
|
|
674
595
|
});
|
|
675
596
|
});
|
|
676
597
|
};
|
|
677
|
-
/**
|
|
678
|
-
* @description Activate a user.
|
|
679
|
-
* @param {string} userId - User id.
|
|
680
|
-
* @returns {Promise<void>} - Return a Promise.
|
|
681
|
-
*/
|
|
682
598
|
AccountsServer.prototype.activateUser = function (userId) {
|
|
683
599
|
return tslib_1.__awaiter(this, void 0, void 0, function () {
|
|
684
600
|
return tslib_1.__generator(this, function (_a) {
|
|
685
|
-
return [2
|
|
601
|
+
return [2, this.db.setUserDeactivated(userId, false)];
|
|
686
602
|
});
|
|
687
603
|
});
|
|
688
604
|
};
|