@steedos/accounts 2.2.55-beta.9 → 2.3.0-beta.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. package/lib/core/index.js +26 -28
  2. package/lib/core/index.js.map +1 -1
  3. package/lib/database-mongo/mongo.js +141 -154
  4. package/lib/database-mongo/mongo.js.map +1 -1
  5. package/lib/index.js +1 -3
  6. package/lib/index.js.map +1 -1
  7. package/lib/mail.js +6 -6
  8. package/lib/mail.js.map +1 -1
  9. package/lib/password/accounts-password.js +112 -233
  10. package/lib/password/accounts-password.js.map +1 -1
  11. package/lib/password/utils/encryption.js +4 -4
  12. package/lib/password/utils/encryption.js.map +1 -1
  13. package/lib/rest-express/endpoints/authorize.js +1 -1
  14. package/lib/rest-express/endpoints/get-user.js +1 -1
  15. package/lib/rest-express/endpoints/impersonate.js +4 -4
  16. package/lib/rest-express/endpoints/impersonate.js.map +1 -1
  17. package/lib/rest-express/endpoints/initServer.js +4 -4
  18. package/lib/rest-express/endpoints/initServer.js.map +1 -1
  19. package/lib/rest-express/endpoints/login.js +5 -5
  20. package/lib/rest-express/endpoints/login.js.map +1 -1
  21. package/lib/rest-express/endpoints/logout.js +4 -4
  22. package/lib/rest-express/endpoints/logout.js.map +1 -1
  23. package/lib/rest-express/endpoints/oauth/provider-callback.js +4 -4
  24. package/lib/rest-express/endpoints/oauth/provider-callback.js.map +1 -1
  25. package/lib/rest-express/endpoints/password/change-password.js +5 -5
  26. package/lib/rest-express/endpoints/password/change-password.js.map +1 -1
  27. package/lib/rest-express/endpoints/password/register.js +13 -39
  28. package/lib/rest-express/endpoints/password/register.js.map +1 -1
  29. package/lib/rest-express/endpoints/password/reset.js +8 -8
  30. package/lib/rest-express/endpoints/password/reset.js.map +1 -1
  31. package/lib/rest-express/endpoints/password/two-factor.js +14 -14
  32. package/lib/rest-express/endpoints/password/two-factor.js.map +1 -1
  33. package/lib/rest-express/endpoints/password/verify-email.js +12 -12
  34. package/lib/rest-express/endpoints/password/verify-email.js.map +1 -1
  35. package/lib/rest-express/endpoints/password/verify.js +18 -18
  36. package/lib/rest-express/endpoints/password/verify.js.map +1 -1
  37. package/lib/rest-express/endpoints/put-user-name.js +5 -5
  38. package/lib/rest-express/endpoints/put-user-name.js.map +1 -1
  39. package/lib/rest-express/endpoints/refresh-access-token.js +4 -4
  40. package/lib/rest-express/endpoints/refresh-access-token.js.map +1 -1
  41. package/lib/rest-express/endpoints/service-authenticate.js +9 -14
  42. package/lib/rest-express/endpoints/service-authenticate.js.map +1 -1
  43. package/lib/rest-express/endpoints/spaces.js +3 -3
  44. package/lib/rest-express/endpoints/spaces.js.map +1 -1
  45. package/lib/rest-express/endpoints/steedos/create-tenant.js +9 -9
  46. package/lib/rest-express/endpoints/steedos/create-tenant.js.map +1 -1
  47. package/lib/rest-express/endpoints/steedos/get-tenant.js +5 -5
  48. package/lib/rest-express/endpoints/steedos/get-tenant.js.map +1 -1
  49. package/lib/rest-express/endpoints/steedos/settings.js +4 -4
  50. package/lib/rest-express/endpoints/steedos/settings.js.map +1 -1
  51. package/lib/rest-express/endpoints/update-session.js +5 -6
  52. package/lib/rest-express/endpoints/update-session.js.map +1 -1
  53. package/lib/rest-express/express-middleware.js +0 -4
  54. package/lib/rest-express/express-middleware.js.map +1 -1
  55. package/lib/rest-express/user-loader.js +8 -8
  56. package/lib/rest-express/user-loader.js.map +1 -1
  57. package/lib/rest-express/utils/get-user-agent.js +0 -1
  58. package/lib/rest-express/utils/get-user-agent.js.map +1 -1
  59. package/lib/rest-express/utils/users.js +6 -6
  60. package/lib/rest-express/utils/users.js.map +1 -1
  61. package/lib/server/accounts-server.js +76 -159
  62. package/lib/server/accounts-server.js.map +1 -1
  63. package/lib/server/utils/email.js +1 -3
  64. package/lib/server/utils/email.js.map +1 -1
  65. package/lib/server/utils/get-first-user-email.js +0 -1
  66. package/lib/server/utils/get-first-user-email.js.map +1 -1
  67. package/lib/server/utils/tokens.js +0 -11
  68. package/lib/server/utils/tokens.js.map +1 -1
  69. package/package.json +6 -6
  70. package/src/server/accounts-server.ts +1 -0
  71. package/src/types/types/login-result.ts +1 -0
@@ -7,17 +7,14 @@ var server_1 = require("../server");
7
7
  var utils_1 = require("./utils");
8
8
  var errors_1 = require("./errors");
9
9
  var objectql_1 = require("@steedos/objectql");
10
- var EFFECTIVE_TIME = 10; //10分钟
10
+ var EFFECTIVE_TIME = 10;
11
11
  var CODE_LENGTH = 6;
12
12
  var MAX_FAILURE_COUNT = 10;
13
13
  var _ = require('underscore');
14
14
  var moment = require('moment');
15
15
  var defaultOptions = {
16
- // 3 days - 3 * 24 * 60 * 60 * 1000
17
16
  verifyEmailTokenExpiration: 259200000,
18
- // 3 days - 3 * 24 * 60 * 60 * 1000
19
17
  passwordResetTokenExpiration: 259200000,
20
- // 30 days - 30 * 24 * 60 * 60 * 1000
21
18
  passwordEnrollTokenExpiration: 2592000000,
22
19
  notifyUserAfterPasswordChanged: true,
23
20
  returnTokensAfterResetPassword: false,
@@ -46,10 +43,7 @@ var getPathFragmentPrefix = function () {
46
43
  }
47
44
  return pathFragmentPrefix;
48
45
  };
49
- // interface MyDatabaseInterface extends DatabaseInterface{
50
- // updateUser?(userId: string, options: any): Promise<void>;
51
- // }
52
- var AccountsPassword = /** @class */ (function () {
46
+ var AccountsPassword = (function () {
53
47
  function AccountsPassword(options) {
54
48
  if (options === void 0) { options = {}; }
55
49
  this.serviceName = 'password';
@@ -58,7 +52,6 @@ var AccountsPassword = /** @class */ (function () {
58
52
  }
59
53
  AccountsPassword.prototype.setStore = function (store) {
60
54
  this.db = store;
61
- // this.twoFactor.setStore(store);
62
55
  };
63
56
  AccountsPassword.prototype.authenticate = function (params) {
64
57
  return tslib_1.__awaiter(this, void 0, void 0, function () {
@@ -73,9 +66,9 @@ var AccountsPassword = /** @class */ (function () {
73
66
  password = passwordUnencrypted;
74
67
  isHashPassword = false;
75
68
  }
76
- if (!(user && token)) return [3 /*break*/, 2];
77
- return [4 /*yield*/, this.codeAuthenticator(user, token, locale)];
78
- case 1: return [2 /*return*/, _a.sent()];
69
+ if (!(user && token)) return [3, 2];
70
+ return [4, this.codeAuthenticator(user, token, locale)];
71
+ case 1: return [2, _a.sent()];
79
72
  case 2:
80
73
  if (!user || !password) {
81
74
  throw new Error(this.options.errors.unrecognizedOptionsForLogin);
@@ -83,39 +76,20 @@ var AccountsPassword = /** @class */ (function () {
83
76
  if ((!(0, lodash_1.isString)(user) && !(0, lodash_1.isPlainObject)(user)) || !(0, lodash_1.isString)(password)) {
84
77
  throw new Error(this.options.errors.matchFailed);
85
78
  }
86
- return [4 /*yield*/, this.passwordAuthenticator(user, password, isHashPassword)];
79
+ return [4, this.passwordAuthenticator(user, password, isHashPassword)];
87
80
  case 3:
88
81
  foundUser = _a.sent();
89
- // // If user activated two factor authentication try with the code
90
- // if (getUserTwoFactorService(foundUser)) {
91
- // await this.twoFactor.authenticate(foundUser, code!);
92
- // }
93
- return [2 /*return*/, foundUser];
82
+ return [2, foundUser];
94
83
  }
95
84
  });
96
85
  });
97
86
  };
98
- /**
99
- * @description Find a user by one of his emails.
100
- * @param {string} email - User email.
101
- * @returns {Promise<Object>} - Return a user or null if not found.
102
- */
103
87
  AccountsPassword.prototype.findUserByEmail = function (email) {
104
88
  return this.db.findUserByEmail(email);
105
89
  };
106
- /**
107
- * @description Find a user by his username.
108
- * @param {string} username - User username.
109
- * @returns {Promise<Object>} - Return a user or null if not found.
110
- */
111
90
  AccountsPassword.prototype.findUserById = function (id) {
112
91
  return this.db.findUserById(id);
113
92
  };
114
- /**
115
- * @description Find a user by his username.
116
- * @param {string} username - User username.
117
- * @returns {Promise<Object>} - Return a user or null if not found.
118
- */
119
93
  AccountsPassword.prototype.findUserByUsername = function (username) {
120
94
  return this.db.findUserByUsername(username);
121
95
  };
@@ -123,43 +97,21 @@ var AccountsPassword = /** @class */ (function () {
123
97
  return tslib_1.__awaiter(this, void 0, void 0, function () {
124
98
  return tslib_1.__generator(this, function (_a) {
125
99
  switch (_a.label) {
126
- case 0: return [4 /*yield*/, this.db.getInviteInfo(id)];
127
- case 1: return [2 /*return*/, _a.sent()];
100
+ case 0: return [4, this.db.getInviteInfo(id)];
101
+ case 1: return [2, _a.sent()];
128
102
  }
129
103
  });
130
104
  });
131
105
  };
132
- /**
133
- * @description Add an email address for a user.
134
- * It will trigger the `validateEmail` option and throw if email is invalid.
135
- * Use this instead of directly updating the database.
136
- * @param {string} userId - User id.
137
- * @param {string} newEmail - A new email address for the user.
138
- * @param {boolean} [verified] - Whether the new email address should be marked as verified.
139
- * Defaults to false.
140
- * @returns {Promise<void>} - Return a Promise.
141
- */
142
106
  AccountsPassword.prototype.addEmail = function (userId, newEmail, verified) {
143
107
  if (!this.options.validateEmail(newEmail)) {
144
108
  throw new Error(this.options.errors.invalidEmail);
145
109
  }
146
110
  return this.db.addEmail(userId, newEmail, verified);
147
111
  };
148
- /**
149
- * @description Remove an email address for a user.
150
- * Use this instead of directly updating the database.
151
- * @param {string} userId - User id.
152
- * @param {string} email - The email address to remove.
153
- * @returns {Promise<void>} - Return a Promise.
154
- */
155
112
  AccountsPassword.prototype.removeEmail = function (userId, email) {
156
113
  return this.db.removeEmail(userId, email);
157
114
  };
158
- /**
159
- * @description Marks the user's email address as verified.
160
- * @param {string} token - The token retrieved from the verification URL.
161
- * @returns {Promise<void>} - Return a Promise.
162
- */
163
115
  AccountsPassword.prototype.verifyEmail = function (token) {
164
116
  return tslib_1.__awaiter(this, void 0, void 0, function () {
165
117
  var user, verificationTokens, tokenRecord, emailRecord;
@@ -169,7 +121,7 @@ var AccountsPassword = /** @class */ (function () {
169
121
  if (!token || !(0, lodash_1.isString)(token)) {
170
122
  throw new Error(this.options.errors.invalidToken);
171
123
  }
172
- return [4 /*yield*/, this.db.findUserByEmailVerificationToken(token)];
124
+ return [4, this.db.findUserByEmailVerificationToken(token)];
173
125
  case 1:
174
126
  user = _a.sent();
175
127
  if (!user) {
@@ -184,20 +136,14 @@ var AccountsPassword = /** @class */ (function () {
184
136
  if (!emailRecord) {
185
137
  throw new Error(this.options.errors.verifyEmailLinkUnknownAddress);
186
138
  }
187
- return [4 /*yield*/, this.db.verifyEmail(user.id, emailRecord.address)];
139
+ return [4, this.db.verifyEmail(user.id, emailRecord.address)];
188
140
  case 2:
189
141
  _a.sent();
190
- return [2 /*return*/];
142
+ return [2];
191
143
  }
192
144
  });
193
145
  });
194
146
  };
195
- /**
196
- * @description Reset the password for a user using a token received in email.
197
- * @param {string} token - The token retrieved from the reset password URL.
198
- * @param {string} newPassword - A new password for the user.
199
- * @returns {Promise<LoginResult | null>} - If `returnTokensAfterResetPassword` option is true return the session tokens and user object, otherwise return null.
200
- */
201
147
  AccountsPassword.prototype.resetPassword = function (token, newPassword, infos) {
202
148
  return tslib_1.__awaiter(this, void 0, void 0, function () {
203
149
  var user, resetTokens, resetTokenRecord, emails, password, address, passwordChangedMail;
@@ -210,7 +156,7 @@ var AccountsPassword = /** @class */ (function () {
210
156
  if (!newPassword || !(0, lodash_1.isString)(newPassword)) {
211
157
  throw new Error(this.options.errors.invalidNewPassword);
212
158
  }
213
- return [4 /*yield*/, this.db.findUserByResetPasswordToken(token)];
159
+ return [4, this.db.findUserByResetPasswordToken(token)];
214
160
  case 1:
215
161
  user = _a.sent();
216
162
  if (!user) {
@@ -228,40 +174,38 @@ var AccountsPassword = /** @class */ (function () {
228
174
  if (!(0, lodash_1.includes)(emails.map(function (email) { return email.address; }), resetTokenRecord.address)) {
229
175
  throw new Error(this.options.errors.resetPasswordLinkUnknownAddress);
230
176
  }
231
- return [4 /*yield*/, this.hashAndBcryptPassword(newPassword)];
177
+ return [4, this.hashAndBcryptPassword(newPassword)];
232
178
  case 2:
233
179
  password = _a.sent();
234
- // Change the user password and remove the old token
235
- return [4 /*yield*/, this.db.setResetPassword(user.id, resetTokenRecord.address, password, token)];
180
+ return [4, this.db.setResetPassword(user.id, resetTokenRecord.address, password, token)];
236
181
  case 3:
237
- // Change the user password and remove the old token
238
182
  _a.sent();
239
183
  this.server.getHooks().emit(server_1.ServerHooks.ResetPasswordSuccess, user);
240
- if (!(resetTokenRecord.reason === 'enroll')) return [3 /*break*/, 5];
241
- return [4 /*yield*/, this.db.verifyEmail(user.id, resetTokenRecord.address)];
184
+ if (!(resetTokenRecord.reason === 'enroll')) return [3, 5];
185
+ return [4, this.db.verifyEmail(user.id, resetTokenRecord.address)];
242
186
  case 4:
243
187
  _a.sent();
244
188
  _a.label = 5;
245
189
  case 5:
246
- if (!this.options.invalidateAllSessionsAfterPasswordReset) return [3 /*break*/, 7];
247
- return [4 /*yield*/, this.db.invalidateAllSessions(user.id)];
190
+ if (!this.options.invalidateAllSessionsAfterPasswordReset) return [3, 7];
191
+ return [4, this.db.invalidateAllSessions(user.id)];
248
192
  case 6:
249
193
  _a.sent();
250
194
  _a.label = 7;
251
195
  case 7:
252
- if (!this.options.notifyUserAfterPasswordChanged) return [3 /*break*/, 9];
196
+ if (!this.options.notifyUserAfterPasswordChanged) return [3, 9];
253
197
  address = user.emails && user.emails[0].address;
254
- if (!address) return [3 /*break*/, 9];
198
+ if (!address) return [3, 9];
255
199
  passwordChangedMail = this.server.prepareMail(address, '', this.server.sanitizeUser(user), '', this.server.options.emailTemplates.passwordChanged, this.server.options.emailTemplates.from);
256
- return [4 /*yield*/, this.server.options.sendMail(passwordChangedMail)];
200
+ return [4, this.server.options.sendMail(passwordChangedMail)];
257
201
  case 8:
258
202
  _a.sent();
259
203
  _a.label = 9;
260
204
  case 9:
261
205
  if (this.options.returnTokensAfterResetPassword) {
262
- return [2 /*return*/, this.server.loginWithUser(user, infos)];
206
+ return [2, this.server.loginWithUser(user, infos)];
263
207
  }
264
- return [2 /*return*/, null];
208
+ return [2, null];
265
209
  }
266
210
  });
267
211
  });
@@ -281,14 +225,14 @@ var AccountsPassword = /** @class */ (function () {
281
225
  login_expiration_in_days = null;
282
226
  phone_logout_other_clients = false;
283
227
  phone_login_expiration_in_days = null;
284
- return [4 /*yield*/, (0, objectql_1.getObject)("space_users").find({
228
+ return [4, (0, objectql_1.getObject)("space_users").find({
285
229
  filters: "(user eq '".concat(userId, "') and (space eq '").concat(spaceId, "')"),
286
230
  })];
287
231
  case 1:
288
232
  spaceUsers = _a.sent();
289
- if (!(spaceUsers.length > 0)) return [3 /*break*/, 3];
233
+ if (!(spaceUsers.length > 0)) return [3, 3];
290
234
  spaceUser = spaceUsers[0];
291
- return [4 /*yield*/, (0, objectql_1.getObject)("permission_set").find({
235
+ return [4, (0, objectql_1.getObject)("permission_set").find({
292
236
  filters: "(name eq '".concat(spaceUser.profile, "') and (type eq 'profile') and (space eq '").concat(spaceId, "')"),
293
237
  })];
294
238
  case 2:
@@ -322,7 +266,7 @@ var AccountsPassword = /** @class */ (function () {
322
266
  }
323
267
  }
324
268
  _a.label = 3;
325
- case 3: return [2 /*return*/, Object.assign({
269
+ case 3: return [2, Object.assign({
326
270
  space: spaceId,
327
271
  password_history: password_history,
328
272
  max_login_attempts: max_login_attempts,
@@ -337,33 +281,19 @@ var AccountsPassword = /** @class */ (function () {
337
281
  });
338
282
  });
339
283
  };
340
- /**
341
- * @description Change the password for a user.
342
- * @param {string} userId - User id.
343
- * @param {string} newPassword - A new password for the user.
344
- * @returns {Promise<void>} - Return a Promise.
345
- */
346
284
  AccountsPassword.prototype.setPassword = function (userId, newPassword) {
347
285
  return tslib_1.__awaiter(this, void 0, void 0, function () {
348
286
  var password;
349
287
  return tslib_1.__generator(this, function (_a) {
350
288
  switch (_a.label) {
351
- case 0: return [4 /*yield*/, (0, utils_1.bcryptPassword)(newPassword)];
289
+ case 0: return [4, (0, utils_1.bcryptPassword)(newPassword)];
352
290
  case 1:
353
291
  password = _a.sent();
354
- return [2 /*return*/, this.db.setPassword(userId, password)];
292
+ return [2, this.db.setPassword(userId, password)];
355
293
  }
356
294
  });
357
295
  });
358
296
  };
359
- /**
360
- * @description Change the current user's password.
361
- * It will trigger the `validatePassword` option and throw if password is invalid.
362
- * @param {string} userId - User id.
363
- * @param {string} oldPassword - The user's current password.
364
- * @param {string} newPassword - A new password for the user.
365
- * @returns {Promise<void>} - Return a Promise.
366
- */
367
297
  AccountsPassword.prototype.changePassword = function (userId, oldPassword, newPassword) {
368
298
  return tslib_1.__awaiter(this, void 0, void 0, function () {
369
299
  var user, saas, passwordHistory, userProfile, validPasswordHistory, _i, validPasswordHistory_1, item, verify, password, address, passwordChangedMail;
@@ -373,22 +303,22 @@ var AccountsPassword = /** @class */ (function () {
373
303
  if (!this.options.validatePassword(newPassword)) {
374
304
  throw new Error(this.options.errors.invalidPassword);
375
305
  }
376
- return [4 /*yield*/, this.passwordAuthenticator({ id: userId }, oldPassword)];
306
+ return [4, this.passwordAuthenticator({ id: userId }, oldPassword)];
377
307
  case 1:
378
308
  user = _a.sent();
379
309
  saas = (0, objectql_1.getSteedosConfig)().tenant.saas;
380
- if (!!saas) return [3 /*break*/, 6];
310
+ if (!!saas) return [3, 6];
381
311
  passwordHistory = user.services.password_history || [];
382
- return [4 /*yield*/, this.getUserProfile(userId)];
312
+ return [4, this.getUserProfile(userId)];
383
313
  case 2:
384
314
  userProfile = _a.sent();
385
315
  validPasswordHistory = _.last(passwordHistory, userProfile.password_history);
386
316
  _i = 0, validPasswordHistory_1 = validPasswordHistory;
387
317
  _a.label = 3;
388
318
  case 3:
389
- if (!(_i < validPasswordHistory_1.length)) return [3 /*break*/, 6];
319
+ if (!(_i < validPasswordHistory_1.length)) return [3, 6];
390
320
  item = validPasswordHistory_1[_i];
391
- return [4 /*yield*/, (0, utils_1.verifyPassword)(newPassword, item)];
321
+ return [4, (0, utils_1.verifyPassword)(newPassword, item)];
392
322
  case 4:
393
323
  verify = _a.sent();
394
324
  if (verify) {
@@ -397,41 +327,33 @@ var AccountsPassword = /** @class */ (function () {
397
327
  _a.label = 5;
398
328
  case 5:
399
329
  _i++;
400
- return [3 /*break*/, 3];
401
- case 6: return [4 /*yield*/, (0, utils_1.bcryptPassword)(newPassword)];
330
+ return [3, 3];
331
+ case 6: return [4, (0, utils_1.bcryptPassword)(newPassword)];
402
332
  case 7:
403
333
  password = _a.sent();
404
- return [4 /*yield*/, this.db.setPassword(userId, password)];
334
+ return [4, this.db.setPassword(userId, password)];
405
335
  case 8:
406
336
  _a.sent();
407
337
  this.server.getHooks().emit(server_1.ServerHooks.ChangePasswordSuccess, user);
408
- if (!this.options.invalidateAllSessionsAfterPasswordChanged) return [3 /*break*/, 10];
409
- return [4 /*yield*/, this.db.invalidateAllSessions(user.id)];
338
+ if (!this.options.invalidateAllSessionsAfterPasswordChanged) return [3, 10];
339
+ return [4, this.db.invalidateAllSessions(user.id)];
410
340
  case 9:
411
341
  _a.sent();
412
342
  _a.label = 10;
413
343
  case 10:
414
- if (!this.options.notifyUserAfterPasswordChanged) return [3 /*break*/, 12];
344
+ if (!this.options.notifyUserAfterPasswordChanged) return [3, 12];
415
345
  address = user.emails && user.emails[0].address;
416
- if (!address) return [3 /*break*/, 12];
346
+ if (!address) return [3, 12];
417
347
  passwordChangedMail = this.server.prepareMail(address, '', this.server.sanitizeUser(user), '', this.server.options.emailTemplates.passwordChanged, this.server.options.emailTemplates.from);
418
- return [4 /*yield*/, this.server.options.sendMail(passwordChangedMail)];
348
+ return [4, this.server.options.sendMail(passwordChangedMail)];
419
349
  case 11:
420
350
  _a.sent();
421
351
  _a.label = 12;
422
- case 12: return [2 /*return*/];
352
+ case 12: return [2];
423
353
  }
424
354
  });
425
355
  });
426
356
  };
427
- /**
428
- * @description Send an email with a link the user can use verify their email address.
429
- * @param {string} [address] - Which address of the user's to send the email to.
430
- * This address must be in the user's emails list.
431
- * Defaults to the first unverified email in the list.
432
- * If the address is already verified we do not send any email.
433
- * @returns {Promise<void>} - Return a Promise.
434
- */
435
357
  AccountsPassword.prototype.sendVerificationEmail = function (address) {
436
358
  return tslib_1.__awaiter(this, void 0, void 0, function () {
437
359
  var user, code, token, resetPasswordMail;
@@ -441,40 +363,31 @@ var AccountsPassword = /** @class */ (function () {
441
363
  if (!address || !(0, lodash_1.isString)(address)) {
442
364
  throw new Error(this.options.errors.invalidEmail);
443
365
  }
444
- return [4 /*yield*/, this.db.findUserByEmail(address)];
366
+ return [4, this.db.findUserByEmail(address)];
445
367
  case 1:
446
368
  user = _a.sent();
447
369
  if (!user) {
448
- // To prevent user enumeration we fail silently
449
370
  if (this.server.options.ambiguousErrorMessages) {
450
- return [2 /*return*/];
371
+ return [2];
451
372
  }
452
373
  throw new Error(this.options.errors.userNotFound);
453
374
  }
454
- //Do not send an email if the address is already verified
455
375
  if (user.email_verified)
456
- return [2 /*return*/];
376
+ return [2];
457
377
  code = (0, server_1.generateRandomCode)();
458
378
  token = (0, server_1.generateRandomToken)();
459
- return [4 /*yield*/, this.db.addEmailVerificationToken(user.id, address, token, code)];
379
+ return [4, this.db.addEmailVerificationToken(user.id, address, token, code)];
460
380
  case 2:
461
381
  _a.sent();
462
382
  resetPasswordMail = this.server.prepareMail(address, code, this.server.sanitizeUser(user), getPathFragmentPrefix() + 'verify-email', this.server.options.emailTemplates.verifyEmail, this.server.options.emailTemplates.from);
463
- return [4 /*yield*/, this.server.options.sendMail(resetPasswordMail)];
383
+ return [4, this.server.options.sendMail(resetPasswordMail)];
464
384
  case 3:
465
385
  _a.sent();
466
- return [2 /*return*/];
386
+ return [2];
467
387
  }
468
388
  });
469
389
  });
470
390
  };
471
- /**
472
- * @description Send an email with a link the user can use to reset their password.
473
- * @param {string} [address] - Which address of the user's to send the email to.
474
- * This address must be in the user's emails list.
475
- * Defaults to the first email in the list.
476
- * @returns {Promise<void>} - Return a Promise.
477
- */
478
391
  AccountsPassword.prototype.sendResetPasswordEmail = function (address) {
479
392
  return tslib_1.__awaiter(this, void 0, void 0, function () {
480
393
  var user, token, resetPasswordMail;
@@ -484,37 +397,28 @@ var AccountsPassword = /** @class */ (function () {
484
397
  if (!address || !(0, lodash_1.isString)(address)) {
485
398
  throw new Error(this.options.errors.invalidEmail);
486
399
  }
487
- return [4 /*yield*/, this.db.findUserByEmail(address)];
400
+ return [4, this.db.findUserByEmail(address)];
488
401
  case 1:
489
402
  user = _a.sent();
490
403
  if (!user) {
491
- // To prevent user enumeration we fail silently
492
404
  if (this.server.options.ambiguousErrorMessages) {
493
- return [2 /*return*/];
405
+ return [2];
494
406
  }
495
407
  throw new Error(this.options.errors.userNotFound);
496
408
  }
497
409
  token = (0, server_1.generateRandomToken)();
498
- return [4 /*yield*/, this.db.addResetPasswordToken(user.id, address, token, 'reset')];
410
+ return [4, this.db.addResetPasswordToken(user.id, address, token, 'reset')];
499
411
  case 2:
500
412
  _a.sent();
501
413
  resetPasswordMail = this.server.prepareMail(address, token, this.server.sanitizeUser(user), getPathFragmentPrefix() + 'reset-password', this.server.options.emailTemplates.resetPassword, this.server.options.emailTemplates.from);
502
- return [4 /*yield*/, this.server.options.sendMail(resetPasswordMail)];
414
+ return [4, this.server.options.sendMail(resetPasswordMail)];
503
415
  case 3:
504
416
  _a.sent();
505
- return [2 /*return*/];
417
+ return [2];
506
418
  }
507
419
  });
508
420
  });
509
421
  };
510
- /**
511
- * @description Send an email with a link the user can use to set their initial password.
512
- * The user's email will be verified after clicking on the link.
513
- * @param {string} [address] - Which address of the user's to send the email to.
514
- * This address must be in the user's emails list.
515
- * Defaults to the first email in the list.
516
- * @returns {Promise<void>} - Return a Promise.
517
- */
518
422
  AccountsPassword.prototype.sendEnrollmentEmail = function (address) {
519
423
  return tslib_1.__awaiter(this, void 0, void 0, function () {
520
424
  var user, token, enrollmentMail;
@@ -524,30 +428,25 @@ var AccountsPassword = /** @class */ (function () {
524
428
  if (!address || !(0, lodash_1.isString)(address)) {
525
429
  throw new Error(this.options.errors.invalidEmail);
526
430
  }
527
- return [4 /*yield*/, this.db.findUserByEmail(address)];
431
+ return [4, this.db.findUserByEmail(address)];
528
432
  case 1:
529
433
  user = _a.sent();
530
434
  if (!user) {
531
435
  throw new Error(this.options.errors.userNotFound);
532
436
  }
533
437
  token = (0, server_1.generateRandomToken)();
534
- return [4 /*yield*/, this.db.addResetPasswordToken(user.id, address, token, 'enroll')];
438
+ return [4, this.db.addResetPasswordToken(user.id, address, token, 'enroll')];
535
439
  case 2:
536
440
  _a.sent();
537
441
  enrollmentMail = this.server.prepareMail(address, token, this.server.sanitizeUser(user), getPathFragmentPrefix() + 'enroll-account', this.server.options.emailTemplates.enrollAccount, this.server.options.emailTemplates.from);
538
- return [4 /*yield*/, this.server.options.sendMail(enrollmentMail)];
442
+ return [4, this.server.options.sendMail(enrollmentMail)];
539
443
  case 3:
540
444
  _a.sent();
541
- return [2 /*return*/];
445
+ return [2];
542
446
  }
543
447
  });
544
448
  });
545
449
  };
546
- /**
547
- * @description Create a new user.
548
- * @param user - The user object.
549
- * @returns Return the id of user created.
550
- */
551
450
  AccountsPassword.prototype.createUser = function (user) {
552
451
  return tslib_1.__awaiter(this, void 0, void 0, function () {
553
452
  var _a, _b, _c, _d, r, userId_1, e_1;
@@ -565,8 +464,8 @@ var AccountsPassword = /** @class */ (function () {
565
464
  throw new Error(this.options.errors.invalidEmail);
566
465
  }
567
466
  _a = user.mobile;
568
- if (!_a) return [3 /*break*/, 2];
569
- return [4 /*yield*/, this.db.findUserByMobile(user.mobile)];
467
+ if (!_a) return [3, 2];
468
+ return [4, this.db.findUserByMobile(user.mobile)];
570
469
  case 1:
571
470
  _a = (_e.sent());
572
471
  _e.label = 2;
@@ -575,8 +474,8 @@ var AccountsPassword = /** @class */ (function () {
575
474
  throw new Error(this.options.errors.mobileAlreadyExists);
576
475
  }
577
476
  _b = user.username;
578
- if (!_b) return [3 /*break*/, 4];
579
- return [4 /*yield*/, this.db.findUserByUsername(user.username)];
477
+ if (!_b) return [3, 4];
478
+ return [4, this.db.findUserByUsername(user.username)];
580
479
  case 3:
581
480
  _b = (_e.sent());
582
481
  _e.label = 4;
@@ -585,8 +484,8 @@ var AccountsPassword = /** @class */ (function () {
585
484
  throw new Error(this.options.errors.usernameAlreadyExists);
586
485
  }
587
486
  _c = user.email;
588
- if (!_c) return [3 /*break*/, 6];
589
- return [4 /*yield*/, this.db.findUserByEmail(user.email)];
487
+ if (!_c) return [3, 6];
488
+ return [4, this.db.findUserByEmail(user.email)];
590
489
  case 5:
591
490
  _c = (_e.sent());
592
491
  _e.label = 6;
@@ -597,21 +496,19 @@ var AccountsPassword = /** @class */ (function () {
597
496
  if (!user.password && !user.verifyCode) {
598
497
  throw new Error(this.options.errors.invalidVerifyParam);
599
498
  }
600
- if (!user.password) return [3 /*break*/, 9];
499
+ if (!user.password) return [3, 9];
601
500
  if (!this.options.validatePassword(user.password)) {
602
501
  throw new Error(this.options.errors.invalidPassword);
603
502
  }
604
- // user.password = await this.hashAndBcryptPassword(user.password);
605
503
  _d = user;
606
- return [4 /*yield*/, (0, utils_1.bcryptPassword)(user.password)];
607
- case 7: return [4 /*yield*/, _e.sent()];
504
+ return [4, (0, utils_1.bcryptPassword)(user.password)];
505
+ case 7: return [4, _e.sent()];
608
506
  case 8:
609
- // user.password = await this.hashAndBcryptPassword(user.password);
610
507
  _d.password = _e.sent();
611
508
  _e.label = 9;
612
509
  case 9:
613
- if (!user.verifyCode) return [3 /*break*/, 11];
614
- return [4 /*yield*/, this.db.checkVerificationCode(user, user.verifyCode)];
510
+ if (!user.verifyCode) return [3, 11];
511
+ return [4, this.db.checkVerificationCode(user, user.verifyCode)];
615
512
  case 10:
616
513
  r = _e.sent();
617
514
  if (!r) {
@@ -625,7 +522,7 @@ var AccountsPassword = /** @class */ (function () {
625
522
  _e.label = 11;
626
523
  case 11:
627
524
  _e.trys.push([11, 13, , 15]);
628
- return [4 /*yield*/, this.db.createUser(user)];
525
+ return [4, this.db.createUser(user)];
629
526
  case 12:
630
527
  userId_1 = _e.sent();
631
528
  (0, lodash_1.defer)(function () { return tslib_1.__awaiter(_this, void 0, void 0, function () {
@@ -635,22 +532,22 @@ var AccountsPassword = /** @class */ (function () {
635
532
  case 0:
636
533
  if (this.options.sendVerificationEmailAfterSignup && user.email && !user.email_verified)
637
534
  this.sendVerificationEmail(user.email);
638
- return [4 /*yield*/, this.db.findUserById(userId_1)];
535
+ return [4, this.db.findUserById(userId_1)];
639
536
  case 1:
640
537
  userRecord = (_a.sent());
641
538
  this.server.getHooks().emit(server_1.ServerHooks.CreateUserSuccess, userRecord);
642
- return [2 /*return*/];
539
+ return [2];
643
540
  }
644
541
  });
645
542
  }); });
646
- return [2 /*return*/, userId_1];
543
+ return [2, userId_1];
647
544
  case 13:
648
545
  e_1 = _e.sent();
649
- return [4 /*yield*/, this.server.getHooks().emit(server_1.ServerHooks.CreateUserError, user)];
546
+ return [4, this.server.getHooks().emit(server_1.ServerHooks.CreateUserError, user)];
650
547
  case 14:
651
548
  _e.sent();
652
549
  throw e_1;
653
- case 15: return [2 /*return*/];
550
+ case 15: return [2];
654
551
  }
655
552
  });
656
553
  });
@@ -662,8 +559,8 @@ var AccountsPassword = /** @class */ (function () {
662
559
  return tslib_1.__awaiter(this, void 0, void 0, function () {
663
560
  return tslib_1.__generator(this, function (_a) {
664
561
  switch (_a.label) {
665
- case 0: return [4 /*yield*/, this.passwordAuthenticator({ email: email }, password)];
666
- case 1: return [2 /*return*/, _a.sent()];
562
+ case 0: return [4, this.passwordAuthenticator({ email: email }, password)];
563
+ case 1: return [2, _a.sent()];
667
564
  }
668
565
  });
669
566
  });
@@ -679,31 +576,27 @@ var AccountsPassword = /** @class */ (function () {
679
576
  ? this.toMobileAndEmail({ user: user })
680
577
  : this.toMobileAndEmail(tslib_1.__assign({}, user)), username = _a.username, email = _a.email, id = _a.id, mobile = _a.mobile;
681
578
  foundUser = null;
682
- if (!id) return [3 /*break*/, 2];
683
- return [4 /*yield*/, this.db.findUserById(id)];
579
+ if (!id) return [3, 2];
580
+ return [4, this.db.findUserById(id)];
684
581
  case 1:
685
- // this._validateLoginWithField('id', user);
686
582
  foundUser = _b.sent();
687
- return [3 /*break*/, 8];
583
+ return [3, 8];
688
584
  case 2:
689
- if (!username) return [3 /*break*/, 4];
690
- return [4 /*yield*/, this.db.findUserByUsername(username)];
585
+ if (!username) return [3, 4];
586
+ return [4, this.db.findUserByUsername(username)];
691
587
  case 3:
692
- // this._validateLoginWithField('username', user);
693
588
  foundUser = _b.sent();
694
- return [3 /*break*/, 8];
589
+ return [3, 8];
695
590
  case 4:
696
- if (!mobile) return [3 /*break*/, 6];
697
- return [4 /*yield*/, this.db.findUserByMobile(mobile)];
591
+ if (!mobile) return [3, 6];
592
+ return [4, this.db.findUserByMobile(mobile)];
698
593
  case 5:
699
- // this._validateLoginWithField('username', user);
700
594
  foundUser = _b.sent();
701
- return [3 /*break*/, 8];
595
+ return [3, 8];
702
596
  case 6:
703
- if (!email) return [3 /*break*/, 8];
704
- return [4 /*yield*/, this.db.findUserByEmail(email)];
597
+ if (!email) return [3, 8];
598
+ return [4, this.db.findUserByEmail(email)];
705
599
  case 7:
706
- // this._validateLoginWithField('email', user);
707
600
  foundUser = _b.sent();
708
601
  _b.label = 8;
709
602
  case 8:
@@ -712,7 +605,7 @@ var AccountsPassword = /** @class */ (function () {
712
605
  ? this.options.errors.invalidCredentials
713
606
  : this.options.errors.userNotFound);
714
607
  }
715
- return [4 /*yield*/, this.db.findPasswordHash(foundUser.id)];
608
+ return [4, this.db.findPasswordHash(foundUser.id)];
716
609
  case 9:
717
610
  hash = _b.sent();
718
611
  if (!hash) {
@@ -741,21 +634,21 @@ var AccountsPassword = /** @class */ (function () {
741
634
  else {
742
635
  pass = hashAlgorithm ? (0, utils_1.hashPassword)(password, hashAlgorithm) : password;
743
636
  }
744
- return [4 /*yield*/, (0, utils_1.verifyPassword)(pass, hash)];
637
+ return [4, (0, utils_1.verifyPassword)(pass, hash)];
745
638
  case 10:
746
639
  isPasswordValid = _b.sent();
747
- if (!!isPasswordValid) return [3 /*break*/, 16];
748
- if (!!saas) return [3 /*break*/, 15];
749
- return [4 /*yield*/, this.getUserProfile(foundUser.id)];
640
+ if (!!isPasswordValid) return [3, 16];
641
+ if (!!saas) return [3, 15];
642
+ return [4, this.getUserProfile(foundUser.id)];
750
643
  case 11:
751
644
  userProfile = _b.sent();
752
- return [4 /*yield*/, this.db.updateUser(foundUser.id, { $inc: { login_failed_number: 1 } })];
645
+ return [4, this.db.updateUser(foundUser.id, { $inc: { login_failed_number: 1 } })];
753
646
  case 12:
754
647
  _b.sent();
755
- return [4 /*yield*/, this.db.findUserById(foundUser.id)];
648
+ return [4, this.db.findUserById(foundUser.id)];
756
649
  case 13:
757
650
  user_1 = _b.sent();
758
- if (!(user_1.login_failed_number >= userProfile.max_login_attempts)) return [3 /*break*/, 15];
651
+ if (!(user_1.login_failed_number >= userProfile.max_login_attempts)) return [3, 15];
759
652
  lockout_interval = userProfile.lockout_interval;
760
653
  login_failed_lockout_time = null;
761
654
  if (lockout_interval === 0) {
@@ -764,18 +657,18 @@ var AccountsPassword = /** @class */ (function () {
764
657
  else {
765
658
  login_failed_lockout_time = new Date(moment().add(userProfile.lockout_interval, 'm'));
766
659
  }
767
- return [4 /*yield*/, this.db.updateUser(foundUser.id, { $set: { lockout: true, login_failed_lockout_time: login_failed_lockout_time } })];
660
+ return [4, this.db.updateUser(foundUser.id, { $set: { lockout: true, login_failed_lockout_time: login_failed_lockout_time } })];
768
661
  case 14:
769
662
  _b.sent();
770
663
  _b.label = 15;
771
664
  case 15: throw new Error(this.server.options.ambiguousErrorMessages
772
665
  ? this.options.errors.invalidCredentials
773
666
  : this.options.errors.incorrectPassword);
774
- case 16: return [4 /*yield*/, this.db.updateUser(foundUser.id, { $set: { lockout: false, login_failed_number: 0 }, $unset: { login_failed_lockout_time: 1 } })];
667
+ case 16: return [4, this.db.updateUser(foundUser.id, { $set: { lockout: false, login_failed_number: 0 }, $unset: { login_failed_lockout_time: 1 } })];
775
668
  case 17:
776
669
  _b.sent();
777
670
  _b.label = 18;
778
- case 18: return [2 /*return*/, foundUser];
671
+ case 18: return [2, foundUser];
779
672
  }
780
673
  });
781
674
  });
@@ -789,7 +682,7 @@ var AccountsPassword = /** @class */ (function () {
789
682
  _a = (0, lodash_1.isString)(user)
790
683
  ? this.toMobileAndEmail({ user: user })
791
684
  : this.toMobileAndEmail(tslib_1.__assign({}, user)), username = _a.username, email = _a.email, mobile = _a.mobile, id = _a.id;
792
- return [4 /*yield*/, this.db.findUserByVerificationCode({ email: email, mobile: mobile }, token)];
685
+ return [4, this.db.findUserByVerificationCode({ email: email, mobile: mobile }, token)];
793
686
  case 1:
794
687
  foundUser = _b.sent();
795
688
  if (!foundUser) {
@@ -797,7 +690,7 @@ var AccountsPassword = /** @class */ (function () {
797
690
  ? this.options.errors.invalidCode
798
691
  : this.options.errors.userNotFound);
799
692
  }
800
- return [2 /*return*/, foundUser];
693
+ return [2, foundUser];
801
694
  }
802
695
  });
803
696
  });
@@ -808,16 +701,10 @@ var AccountsPassword = /** @class */ (function () {
808
701
  return tslib_1.__generator(this, function (_a) {
809
702
  hashAlgorithm = this.options.passwordHashAlgorithm;
810
703
  hashedPassword = hashAlgorithm ? (0, utils_1.hashPassword)(password, hashAlgorithm) : password;
811
- return [2 /*return*/, (0, utils_1.bcryptPassword)(hashedPassword)];
704
+ return [2, (0, utils_1.bcryptPassword)(hashedPassword)];
812
705
  });
813
706
  });
814
707
  };
815
- /**
816
- * Given a username, user and/or email figure out the username and/or email.
817
- *
818
- * @param user An object containing at least `username`, `user` and/or `email`.
819
- * @returns An object containing `id`, `username` and `email`.
820
- */
821
708
  AccountsPassword.prototype.toMobileAndEmail = function (_a) {
822
709
  var user = _a.user, username = _a.username, email = _a.email, mobile = _a.mobile, id = _a.id;
823
710
  if (user && !username && !email && !mobile) {
@@ -830,14 +717,6 @@ var AccountsPassword = /** @class */ (function () {
830
717
  }
831
718
  return { username: username, email: email, mobile: mobile, id: id };
832
719
  };
833
- /**
834
- * @description Send an email with a link the user can use verify their email address.
835
- * @param {string} [address] - Which address of the user's to send the email to.
836
- * This address must be in the user's emails list.
837
- * Defaults to the first unverified email in the list.
838
- * If the address is already verified we do not send any email.
839
- * @returns {Promise<void>} - Return a Promise.
840
- */
841
720
  AccountsPassword.prototype.sendVerificationCode = function (user) {
842
721
  return tslib_1.__awaiter(this, void 0, void 0, function () {
843
722
  var code, result, verificationCodeMail, result, sms;
@@ -845,29 +724,29 @@ var AccountsPassword = /** @class */ (function () {
845
724
  switch (_a.label) {
846
725
  case 0:
847
726
  code = (0, server_1.generateRandomCode)();
848
- if (!user.email) return [3 /*break*/, 3];
849
- return [4 /*yield*/, this.db.addVerificationCode(user, code, { MAX_FAILURE_COUNT: MAX_FAILURE_COUNT, EFFECTIVE_TIME: EFFECTIVE_TIME })];
727
+ if (!user.email) return [3, 3];
728
+ return [4, this.db.addVerificationCode(user, code, { MAX_FAILURE_COUNT: MAX_FAILURE_COUNT, EFFECTIVE_TIME: EFFECTIVE_TIME })];
850
729
  case 1:
851
730
  result = _a.sent();
852
731
  verificationCodeMail = this.server.prepareMail(user.email, result.code, null, getPathFragmentPrefix() + 'verify-email', this.server.options.emailTemplates.verificationCode, this.server.options.emailTemplates.from);
853
- return [4 /*yield*/, this.server.options.sendMail(verificationCodeMail)];
732
+ return [4, this.server.options.sendMail(verificationCodeMail)];
854
733
  case 2:
855
734
  _a.sent();
856
- return [2 /*return*/, result.owner];
735
+ return [2, result.owner];
857
736
  case 3:
858
- if (!user.mobile) return [3 /*break*/, 6];
859
- return [4 /*yield*/, this.db.addVerificationCode(user, code, { MAX_FAILURE_COUNT: MAX_FAILURE_COUNT, EFFECTIVE_TIME: EFFECTIVE_TIME })];
737
+ if (!user.mobile) return [3, 6];
738
+ return [4, this.db.addVerificationCode(user, code, { MAX_FAILURE_COUNT: MAX_FAILURE_COUNT, EFFECTIVE_TIME: EFFECTIVE_TIME })];
860
739
  case 4:
861
740
  result = _a.sent();
862
741
  sms = {
863
742
  mobile: user.mobile,
864
743
  message: "\u60A8\u7684\u9A8C\u8BC1\u7801\u4E3A\uFF1A".concat(result.code, "\uFF0C\u8BE5\u9A8C\u8BC1\u7801").concat(EFFECTIVE_TIME, "\u5206\u949F\u5185\u6709\u6548\uFF0C\u8BF7\u52FF\u6CC4\u6F0F\u4E8E\u4ED6\u4EBA\uFF01")
865
744
  };
866
- return [4 /*yield*/, this.server.options.sendSMS(sms)];
745
+ return [4, this.server.options.sendSMS(sms)];
867
746
  case 5:
868
747
  _a.sent();
869
- return [2 /*return*/, result.owner];
870
- case 6: return [2 /*return*/];
748
+ return [2, result.owner];
749
+ case 6: return [2];
871
750
  }
872
751
  });
873
752
  });