@sync-in/server 1.5.2 → 1.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +20 -0
- package/README.md +1 -0
- package/environment/environment.dist.min.yaml +1 -0
- package/environment/environment.dist.yaml +88 -30
- package/migrations/0002_sleepy_korath.sql +1 -0
- package/migrations/meta/0002_snapshot.json +2424 -0
- package/migrations/meta/_journal.json +7 -0
- package/package.json +6 -4
- package/server/app.bootstrap.js +1 -1
- package/server/app.bootstrap.js.map +1 -1
- package/server/applications/files/services/files-manager.service.js +1 -2
- package/server/applications/files/services/files-manager.service.js.map +1 -1
- package/server/applications/files/services/files-only-office-manager.service.js +5 -6
- package/server/applications/files/services/files-only-office-manager.service.js.map +1 -1
- package/server/applications/files/utils/files.js +6 -4
- package/server/applications/files/utils/files.js.map +1 -1
- package/server/applications/links/links.controller.js +2 -2
- package/server/applications/links/links.controller.js.map +1 -1
- package/server/applications/links/services/links-manager.service.js +2 -1
- package/server/applications/links/services/links-manager.service.js.map +1 -1
- package/server/applications/links/services/links-manager.service.spec.js +6 -3
- package/server/applications/links/services/links-manager.service.spec.js.map +1 -1
- package/server/applications/notifications/constants/notifications.js +9 -0
- package/server/applications/notifications/constants/notifications.js.map +1 -1
- package/server/applications/notifications/i18n/fr.js +10 -1
- package/server/applications/notifications/i18n/fr.js.map +1 -1
- package/server/applications/notifications/interfaces/notification-properties.interface.js.map +1 -1
- package/server/applications/notifications/mails/models.js +41 -3
- package/server/applications/notifications/mails/models.js.map +1 -1
- package/server/applications/notifications/mails/templates.js +1 -1
- package/server/applications/notifications/mails/templates.js.map +1 -1
- package/server/applications/notifications/schemas/notifications.schema.js +2 -1
- package/server/applications/notifications/schemas/notifications.schema.js.map +1 -1
- package/server/applications/notifications/services/notifications-manager.service.js +16 -13
- package/server/applications/notifications/services/notifications-manager.service.js.map +1 -1
- package/server/applications/notifications/services/notifications-manager.service.spec.js +9 -8
- package/server/applications/notifications/services/notifications-manager.service.spec.js.map +1 -1
- package/server/applications/notifications/services/notifications-queries.service.js +1 -1
- package/server/applications/notifications/services/notifications-queries.service.js.map +1 -1
- package/server/applications/shares/services/shares-manager.service.js +3 -2
- package/server/applications/shares/services/shares-manager.service.js.map +1 -1
- package/server/applications/sync/constants/auth.js +2 -2
- package/server/applications/sync/constants/auth.js.map +1 -1
- package/server/applications/sync/dtos/sync-client-registration.dto.js +5 -0
- package/server/applications/sync/dtos/sync-client-registration.dto.js.map +1 -1
- package/server/applications/sync/dtos/sync-operations.dto.js +1 -2
- package/server/applications/sync/dtos/sync-operations.dto.js.map +1 -1
- package/server/applications/sync/schemas/sync-clients.schema.js +2 -1
- package/server/applications/sync/schemas/sync-clients.schema.js.map +1 -1
- package/server/applications/sync/schemas/sync-paths.schema.js +2 -1
- package/server/applications/sync/schemas/sync-paths.schema.js.map +1 -1
- package/server/applications/sync/services/sync-clients-manager.service.js +28 -20
- package/server/applications/sync/services/sync-clients-manager.service.js.map +1 -1
- package/server/applications/sync/services/sync-clients-manager.service.spec.js +24 -18
- package/server/applications/sync/services/sync-clients-manager.service.spec.js.map +1 -1
- package/server/applications/sync/services/sync-queries.service.js +5 -5
- package/server/applications/sync/services/sync-queries.service.js.map +1 -1
- package/server/applications/users/admin-users.controller.js +48 -37
- package/server/applications/users/admin-users.controller.js.map +1 -1
- package/server/applications/users/admin-users.controller.spec.js +15 -0
- package/server/applications/users/admin-users.controller.spec.js.map +1 -1
- package/server/applications/users/constants/routes.js +5 -0
- package/server/applications/users/constants/routes.js.map +1 -1
- package/server/applications/users/constants/user.js +8 -0
- package/server/applications/users/constants/user.js.map +1 -1
- package/server/applications/users/dto/delete-user.dto.js +5 -23
- package/server/applications/users/dto/delete-user.dto.js.map +1 -1
- package/server/applications/users/dto/user-properties.dto.js +38 -3
- package/server/applications/users/dto/user-properties.dto.js.map +1 -1
- package/server/applications/users/interfaces/admin-user.interface.js.map +1 -1
- package/server/applications/users/interfaces/user-secrets.interface.js +10 -0
- package/server/applications/users/interfaces/user-secrets.interface.js.map +1 -0
- package/server/applications/users/models/user.model.js +84 -50
- package/server/applications/users/models/user.model.js.map +1 -1
- package/server/applications/users/schemas/user.interface.js.map +1 -1
- package/server/applications/users/schemas/users.schema.js +2 -0
- package/server/applications/users/schemas/users.schema.js.map +1 -1
- package/server/applications/users/services/admin-users-manager.service.js +7 -19
- package/server/applications/users/services/admin-users-manager.service.js.map +1 -1
- package/server/applications/users/services/admin-users-manager.service.spec.js +7 -26
- package/server/applications/users/services/admin-users-manager.service.spec.js.map +1 -1
- package/server/applications/users/services/admin-users-queries.service.js +1 -0
- package/server/applications/users/services/admin-users-queries.service.js.map +1 -1
- package/server/applications/users/services/users-manager.service.js +138 -28
- package/server/applications/users/services/users-manager.service.js.map +1 -1
- package/server/applications/users/services/users-manager.service.spec.js +11 -9
- package/server/applications/users/services/users-manager.service.spec.js.map +1 -1
- package/server/applications/users/services/users-queries.service.js +63 -57
- package/server/applications/users/services/users-queries.service.js.map +1 -1
- package/server/applications/users/users.controller.js +48 -1
- package/server/applications/users/users.controller.js.map +1 -1
- package/server/applications/users/users.controller.spec.js +8 -1
- package/server/applications/users/users.controller.spec.js.map +1 -1
- package/server/applications/users/users.e2e-spec.js +2 -1
- package/server/applications/users/users.e2e-spec.js.map +1 -1
- package/server/applications/users/utils/avatar.js +48 -0
- package/server/applications/users/utils/avatar.js.map +1 -0
- package/server/authentication/auth.config.js +85 -26
- package/server/authentication/auth.config.js.map +1 -1
- package/server/authentication/auth.controller.js +117 -9
- package/server/authentication/auth.controller.js.map +1 -1
- package/server/authentication/auth.controller.spec.js +16 -1
- package/server/authentication/auth.controller.spec.js.map +1 -1
- package/server/authentication/auth.e2e-spec.js +4 -3
- package/server/authentication/auth.e2e-spec.js.map +1 -1
- package/server/authentication/auth.module.js +4 -1
- package/server/authentication/auth.module.js.map +1 -1
- package/server/authentication/constants/auth.js +37 -4
- package/server/authentication/constants/auth.js.map +1 -1
- package/server/authentication/constants/routes.js +21 -0
- package/server/authentication/constants/routes.js.map +1 -1
- package/server/authentication/constants/scope.js +20 -0
- package/server/authentication/constants/scope.js.map +1 -0
- package/server/authentication/dto/login-response.dto.js +27 -4
- package/server/authentication/dto/login-response.dto.js.map +1 -1
- package/server/authentication/dto/token-response.dto.js +5 -0
- package/server/authentication/dto/token-response.dto.js.map +1 -1
- package/server/{applications/users/dto/user-password.dto.js → authentication/dto/two-fa-verify.dto.js} +27 -9
- package/server/authentication/dto/two-fa-verify.dto.js.map +1 -0
- package/server/authentication/guards/auth-basic.strategy.js +6 -5
- package/server/authentication/guards/auth-basic.strategy.js.map +1 -1
- package/server/authentication/guards/auth-token-access.strategy.js +3 -2
- package/server/authentication/guards/auth-token-access.strategy.js.map +1 -1
- package/server/authentication/guards/auth-token-refresh.strategy.js +3 -2
- package/server/authentication/guards/auth-token-refresh.strategy.js.map +1 -1
- package/server/authentication/guards/auth-two-fa-guard.js +81 -0
- package/server/authentication/guards/auth-two-fa-guard.js.map +1 -0
- package/server/authentication/interfaces/jwt-payload.interface.js +5 -0
- package/server/authentication/interfaces/jwt-payload.interface.js.map +1 -1
- package/server/authentication/interfaces/token.interface.js +2 -0
- package/server/authentication/interfaces/token.interface.js.map +1 -1
- package/server/authentication/interfaces/two-fa-setup.interface.js +10 -0
- package/server/authentication/interfaces/two-fa-setup.interface.js.map +1 -0
- package/server/authentication/models/auth-method.js.map +1 -1
- package/server/authentication/services/auth-manager.service.js +72 -49
- package/server/authentication/services/auth-manager.service.js.map +1 -1
- package/server/authentication/services/auth-methods/auth-method-database.service.js +3 -3
- package/server/authentication/services/auth-methods/auth-method-database.service.js.map +1 -1
- package/server/authentication/services/auth-methods/auth-method-database.service.spec.js +5 -0
- package/server/authentication/services/auth-methods/auth-method-database.service.spec.js.map +1 -1
- package/server/authentication/services/auth-methods/auth-method-ldap.service.js +100 -27
- package/server/authentication/services/auth-methods/auth-method-ldap.service.js.map +1 -1
- package/server/authentication/services/auth-methods/auth-method-ldap.service.spec.js +11 -12
- package/server/authentication/services/auth-methods/auth-method-ldap.service.spec.js.map +1 -1
- package/server/authentication/services/auth-methods/auth-method-two-fa.service.js +251 -0
- package/server/authentication/services/auth-methods/auth-method-two-fa.service.js.map +1 -0
- package/server/authentication/services/auth-methods/auth-method-two-fa.service.spec.js +41 -0
- package/server/authentication/services/auth-methods/auth-method-two-fa.service.spec.js.map +1 -0
- package/server/authentication/utils/crypt-secret.js +68 -0
- package/server/authentication/utils/crypt-secret.js.map +1 -0
- package/server/common/functions.js +18 -2
- package/server/common/functions.js.map +1 -1
- package/server/common/qrcode.js +34 -0
- package/server/common/qrcode.js.map +1 -0
- package/server/common/shared.js +18 -0
- package/server/common/shared.js.map +1 -1
- package/server/configuration/config.environment.js +23 -6
- package/server/configuration/config.environment.js.map +1 -1
- package/server/configuration/config.interfaces.js +10 -0
- package/server/configuration/config.interfaces.js.map +1 -0
- package/server/configuration/config.loader.js.map +1 -1
- package/server/configuration/config.validation.js +13 -13
- package/server/configuration/config.validation.js.map +1 -1
- package/server/infrastructure/cache/adapters/mysql-cache.adapter.js +6 -6
- package/server/infrastructure/cache/adapters/mysql-cache.adapter.js.map +1 -1
- package/server/infrastructure/cache/schemas/mysql-cache.schema.js +2 -1
- package/server/infrastructure/cache/schemas/mysql-cache.schema.js.map +1 -1
- package/server/infrastructure/cache/services/cache.service.js.map +1 -1
- package/server/infrastructure/database/columns.js +39 -0
- package/server/infrastructure/database/columns.js.map +1 -0
- package/server/infrastructure/database/database.config.js +0 -1
- package/server/infrastructure/database/database.config.js.map +1 -1
- package/server/infrastructure/mailer/interfaces/mail.interface.js.map +1 -1
- package/server/infrastructure/mailer/mailer.config.js +12 -0
- package/server/infrastructure/mailer/mailer.config.js.map +1 -1
- package/server/infrastructure/mailer/mailer.service.js +2 -1
- package/server/infrastructure/mailer/mailer.service.js.map +1 -1
- package/static/assets/mimes/text-x-c.svg +1 -0
- package/static/chunk-2TZUZMCM.js +4 -0
- package/static/chunk-2XJ5Z2GZ.js +1 -0
- package/static/{chunk-7VRUZRJG.js → chunk-5M4YJZUB.js} +2 -2
- package/static/{chunk-MRSWNAVB.js → chunk-5ZGQYTS2.js} +1 -1
- package/static/chunk-6BFNMDUD.js +1 -0
- package/static/chunk-6IRL673W.js +559 -0
- package/static/{chunk-2R6HHGUR.js → chunk-ABGR5AYC.js} +1 -1
- package/static/chunk-CN27VAGB.js +1 -0
- package/static/{chunk-MVO4WZLK.js → chunk-DNMO47SY.js} +1 -1
- package/static/{chunk-MGGT6MIJ.js → chunk-EI4PVI2W.js} +1 -1
- package/static/chunk-ET6QDNNM.js +1 -0
- package/static/{chunk-L6MU6S2V.js → chunk-G2TKYYWK.js} +1 -1
- package/static/chunk-G3FOG2QB.js +1 -0
- package/static/{chunk-MCLQFZ3S.js → chunk-GCUWGVYT.js} +1 -1
- package/static/{chunk-RSS6GYNE.js → chunk-HME7LAEY.js} +1 -1
- package/static/chunk-IEUANP3Q.js +1 -0
- package/static/{chunk-VJRTMDEJ.js → chunk-IIFHIIC6.js} +1 -1
- package/static/{chunk-YJMN3B4N.js → chunk-KPZ7FEMO.js} +1 -1
- package/static/{chunk-JYXLQRHG.js → chunk-M57NVD4V.js} +1 -1
- package/static/chunk-NN3VQOS7.js +1 -0
- package/static/chunk-NW3CTYUW.js +1 -0
- package/static/{chunk-6OJZWYRZ.js → chunk-O3ANXCPE.js} +1 -1
- package/static/{chunk-ZC5NIT55.js → chunk-QFOMEU3T.js} +1 -1
- package/static/{chunk-BIUNUYZ5.js → chunk-RKNTQYMU.js} +1 -1
- package/static/{chunk-VUI3KV7V.js → chunk-UQ4TRQCE.js} +1 -1
- package/static/{chunk-WI7FOANP.js → chunk-WINILGQN.js} +1 -1
- package/static/{chunk-NE4NDO45.js → chunk-X7MFVDBY.js} +1 -1
- package/static/chunk-XCBLEI2E.js +1 -0
- package/static/{chunk-CRQNEHTX.js → chunk-XLWCV4HI.js} +1 -1
- package/static/chunk-XPIYOZBX.js +4 -0
- package/static/{chunk-LLWSLOSX.js → chunk-YD74UCFG.js} +1 -1
- package/static/{chunk-IZL7JPTS.js → chunk-YDFVKH2D.js} +1 -1
- package/static/{chunk-SPTF6FSM.js → chunk-YVJDYSDE.js} +1 -1
- package/static/index.html +2 -2
- package/static/main-QNBKYA6L.js +9 -0
- package/static/{styles-FYUSO6OJ.css → styles-A5VYX3CE.css} +1 -1
- package/server/applications/users/dto/user-password.dto.js.map +0 -1
- package/static/chunk-4U5A2DEP.js +0 -4
- package/static/chunk-54EAZ2UD.js +0 -1
- package/static/chunk-7ZRXJONB.js +0 -1
- package/static/chunk-F2J2IIJE.js +0 -1
- package/static/chunk-FNFGUIQH.js +0 -4
- package/static/chunk-GGLK52CG.js +0 -1
- package/static/chunk-HW2H3ISM.js +0 -559
- package/static/chunk-HX6BBYVD.js +0 -1
- package/static/chunk-JF7S3UYQ.js +0 -1
- package/static/chunk-KSHPKI4G.js +0 -1
- package/static/chunk-VPJ2V27B.js +0 -1
- package/static/chunk-ZXS4V7J2.js +0 -1
- package/static/main-FFIWFD2F.js +0 -7
|
@@ -16,9 +16,18 @@ _export(exports, {
|
|
|
16
16
|
get AuthConfig () {
|
|
17
17
|
return AuthConfig;
|
|
18
18
|
},
|
|
19
|
+
get AuthMethodLdapAttributesConfig () {
|
|
20
|
+
return AuthMethodLdapAttributesConfig;
|
|
21
|
+
},
|
|
19
22
|
get AuthMethodLdapConfig () {
|
|
20
23
|
return AuthMethodLdapConfig;
|
|
21
24
|
},
|
|
25
|
+
get AuthMfaConfig () {
|
|
26
|
+
return AuthMfaConfig;
|
|
27
|
+
},
|
|
28
|
+
get AuthMfaTotpConfig () {
|
|
29
|
+
return AuthMfaTotpConfig;
|
|
30
|
+
},
|
|
22
31
|
get AuthTokenAccessConfig () {
|
|
23
32
|
return AuthTokenAccessConfig;
|
|
24
33
|
},
|
|
@@ -37,6 +46,7 @@ _export(exports, {
|
|
|
37
46
|
});
|
|
38
47
|
const _classtransformer = require("class-transformer");
|
|
39
48
|
const _classvalidator = require("class-validator");
|
|
49
|
+
const _appconstants = require("../app.constants");
|
|
40
50
|
const _auth = require("./constants/auth");
|
|
41
51
|
function _ts_decorate(decorators, target, key, desc) {
|
|
42
52
|
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
@@ -47,16 +57,42 @@ function _ts_decorate(decorators, target, key, desc) {
|
|
|
47
57
|
function _ts_metadata(k, v) {
|
|
48
58
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
49
59
|
}
|
|
60
|
+
let AuthMfaTotpConfig = class AuthMfaTotpConfig {
|
|
61
|
+
constructor(){
|
|
62
|
+
this.enabled = true;
|
|
63
|
+
this.issuer = _appconstants.SERVER_NAME;
|
|
64
|
+
}
|
|
65
|
+
};
|
|
66
|
+
_ts_decorate([
|
|
67
|
+
(0, _classvalidator.IsBoolean)()
|
|
68
|
+
], AuthMfaTotpConfig.prototype, "enabled", void 0);
|
|
69
|
+
_ts_decorate([
|
|
70
|
+
(0, _classvalidator.IsString)()
|
|
71
|
+
], AuthMfaTotpConfig.prototype, "issuer", void 0);
|
|
72
|
+
let AuthMfaConfig = class AuthMfaConfig {
|
|
73
|
+
constructor(){
|
|
74
|
+
this.totp = new AuthMfaTotpConfig();
|
|
75
|
+
}
|
|
76
|
+
};
|
|
77
|
+
_ts_decorate([
|
|
78
|
+
(0, _classvalidator.IsDefined)(),
|
|
79
|
+
(0, _classvalidator.IsNotEmptyObject)(),
|
|
80
|
+
(0, _classvalidator.IsObject)(),
|
|
81
|
+
(0, _classvalidator.ValidateNested)(),
|
|
82
|
+
(0, _classtransformer.Type)(()=>AuthMfaTotpConfig),
|
|
83
|
+
_ts_metadata("design:type", typeof AuthMfaTotpConfig === "undefined" ? Object : AuthMfaTotpConfig)
|
|
84
|
+
], AuthMfaConfig.prototype, "totp", void 0);
|
|
50
85
|
let AuthTokenAccessConfig = class AuthTokenAccessConfig {
|
|
51
86
|
constructor(){
|
|
52
|
-
this
|
|
87
|
+
this.// force default name
|
|
88
|
+
name = _auth.ACCESS_KEY;
|
|
53
89
|
this.expiration = '30m';
|
|
54
|
-
this.cookieMaxAge = '30m';
|
|
55
90
|
}
|
|
56
91
|
};
|
|
57
92
|
_ts_decorate([
|
|
58
|
-
(0,
|
|
59
|
-
|
|
93
|
+
(0, _classtransformer.Exclude)({
|
|
94
|
+
toClassOnly: true
|
|
95
|
+
})
|
|
60
96
|
], AuthTokenAccessConfig.prototype, "name", void 0);
|
|
61
97
|
_ts_decorate([
|
|
62
98
|
(0, _classvalidator.IsString)(),
|
|
@@ -67,20 +103,17 @@ _ts_decorate([
|
|
|
67
103
|
(0, _classvalidator.IsString)(),
|
|
68
104
|
(0, _classvalidator.IsNotEmpty)()
|
|
69
105
|
], AuthTokenAccessConfig.prototype, "expiration", void 0);
|
|
70
|
-
_ts_decorate([
|
|
71
|
-
(0, _classvalidator.IsNotEmpty)(),
|
|
72
|
-
(0, _classvalidator.IsString)()
|
|
73
|
-
], AuthTokenAccessConfig.prototype, "cookieMaxAge", void 0);
|
|
74
106
|
let AuthTokenRefreshConfig = class AuthTokenRefreshConfig {
|
|
75
107
|
constructor(){
|
|
76
|
-
this
|
|
108
|
+
this.// force default name
|
|
109
|
+
name = _auth.REFRESH_KEY;
|
|
77
110
|
this.expiration = '4h';
|
|
78
|
-
this.cookieMaxAge = '4h';
|
|
79
111
|
}
|
|
80
112
|
};
|
|
81
113
|
_ts_decorate([
|
|
82
|
-
(0,
|
|
83
|
-
|
|
114
|
+
(0, _classtransformer.Exclude)({
|
|
115
|
+
toClassOnly: true
|
|
116
|
+
})
|
|
84
117
|
], AuthTokenRefreshConfig.prototype, "name", void 0);
|
|
85
118
|
_ts_decorate([
|
|
86
119
|
(0, _classvalidator.IsString)(),
|
|
@@ -91,10 +124,6 @@ _ts_decorate([
|
|
|
91
124
|
(0, _classvalidator.IsString)(),
|
|
92
125
|
(0, _classvalidator.IsNotEmpty)()
|
|
93
126
|
], AuthTokenRefreshConfig.prototype, "expiration", void 0);
|
|
94
|
-
_ts_decorate([
|
|
95
|
-
(0, _classvalidator.IsNotEmpty)(),
|
|
96
|
-
(0, _classvalidator.IsString)()
|
|
97
|
-
], AuthTokenRefreshConfig.prototype, "cookieMaxAge", void 0);
|
|
98
127
|
let AuthTokenCsrfConfig = class AuthTokenCsrfConfig extends AuthTokenRefreshConfig {
|
|
99
128
|
constructor(...args){
|
|
100
129
|
super(...args), this.name = _auth.CSRF_KEY;
|
|
@@ -149,9 +178,25 @@ _ts_decorate([
|
|
|
149
178
|
(0, _classtransformer.Type)(()=>AuthTokenWSConfig),
|
|
150
179
|
_ts_metadata("design:type", typeof AuthTokenWSConfig === "undefined" ? Object : AuthTokenWSConfig)
|
|
151
180
|
], AuthTokenConfig.prototype, "ws", void 0);
|
|
181
|
+
let AuthMethodLdapAttributesConfig = class AuthMethodLdapAttributesConfig {
|
|
182
|
+
constructor(){
|
|
183
|
+
this.login = 'uid';
|
|
184
|
+
this.email = 'mail';
|
|
185
|
+
}
|
|
186
|
+
};
|
|
187
|
+
_ts_decorate([
|
|
188
|
+
(0, _classvalidator.IsOptional)(),
|
|
189
|
+
(0, _classvalidator.IsString)(),
|
|
190
|
+
(0, _classtransformer.Transform)(({ value })=>value || 'uid')
|
|
191
|
+
], AuthMethodLdapAttributesConfig.prototype, "login", void 0);
|
|
192
|
+
_ts_decorate([
|
|
193
|
+
(0, _classvalidator.IsOptional)(),
|
|
194
|
+
(0, _classvalidator.IsString)(),
|
|
195
|
+
(0, _classtransformer.Transform)(({ value })=>value || 'mail')
|
|
196
|
+
], AuthMethodLdapAttributesConfig.prototype, "email", void 0);
|
|
152
197
|
let AuthMethodLdapConfig = class AuthMethodLdapConfig {
|
|
153
198
|
constructor(){
|
|
154
|
-
this.
|
|
199
|
+
this.attributes = new AuthMethodLdapAttributesConfig();
|
|
155
200
|
}
|
|
156
201
|
};
|
|
157
202
|
_ts_decorate([
|
|
@@ -174,17 +219,18 @@ _ts_decorate([
|
|
|
174
219
|
_ts_metadata("design:type", String)
|
|
175
220
|
], AuthMethodLdapConfig.prototype, "filter", void 0);
|
|
176
221
|
_ts_decorate([
|
|
177
|
-
(0, _classvalidator.
|
|
178
|
-
(0, _classvalidator.
|
|
179
|
-
(0, _classvalidator.
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
], AuthMethodLdapConfig.prototype, "
|
|
222
|
+
(0, _classvalidator.IsDefined)(),
|
|
223
|
+
(0, _classvalidator.IsNotEmptyObject)(),
|
|
224
|
+
(0, _classvalidator.IsObject)(),
|
|
225
|
+
(0, _classvalidator.ValidateNested)(),
|
|
226
|
+
(0, _classtransformer.Type)(()=>AuthMethodLdapAttributesConfig),
|
|
227
|
+
_ts_metadata("design:type", typeof AuthMethodLdapAttributesConfig === "undefined" ? Object : AuthMethodLdapAttributesConfig)
|
|
228
|
+
], AuthMethodLdapConfig.prototype, "attributes", void 0);
|
|
184
229
|
let AuthConfig = class AuthConfig {
|
|
185
230
|
constructor(){
|
|
186
231
|
this.method = 'mysql';
|
|
187
|
-
this.
|
|
232
|
+
this.mfa = new AuthMfaConfig();
|
|
233
|
+
this.cookieSameSite = 'strict';
|
|
188
234
|
}
|
|
189
235
|
};
|
|
190
236
|
_ts_decorate([
|
|
@@ -195,6 +241,19 @@ _ts_decorate([
|
|
|
195
241
|
]),
|
|
196
242
|
_ts_metadata("design:type", String)
|
|
197
243
|
], AuthConfig.prototype, "method", void 0);
|
|
244
|
+
_ts_decorate([
|
|
245
|
+
(0, _classvalidator.IsOptional)(),
|
|
246
|
+
(0, _classvalidator.IsString)(),
|
|
247
|
+
_ts_metadata("design:type", String)
|
|
248
|
+
], AuthConfig.prototype, "encryptionKey", void 0);
|
|
249
|
+
_ts_decorate([
|
|
250
|
+
(0, _classvalidator.IsDefined)(),
|
|
251
|
+
(0, _classvalidator.IsNotEmptyObject)(),
|
|
252
|
+
(0, _classvalidator.IsObject)(),
|
|
253
|
+
(0, _classvalidator.ValidateNested)(),
|
|
254
|
+
(0, _classtransformer.Type)(()=>AuthMfaConfig),
|
|
255
|
+
_ts_metadata("design:type", typeof AuthMfaConfig === "undefined" ? Object : AuthMfaConfig)
|
|
256
|
+
], AuthConfig.prototype, "mfa", void 0);
|
|
198
257
|
_ts_decorate([
|
|
199
258
|
(0, _classvalidator.IsString)(),
|
|
200
259
|
(0, _classvalidator.IsIn)([
|
|
@@ -202,7 +261,7 @@ _ts_decorate([
|
|
|
202
261
|
'strict'
|
|
203
262
|
]),
|
|
204
263
|
_ts_metadata("design:type", String)
|
|
205
|
-
], AuthConfig.prototype, "
|
|
264
|
+
], AuthConfig.prototype, "cookieSameSite", void 0);
|
|
206
265
|
_ts_decorate([
|
|
207
266
|
(0, _classvalidator.IsDefined)(),
|
|
208
267
|
(0, _classvalidator.IsNotEmptyObject)(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../backend/src/authentication/auth.config.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { Transform, Type } from 'class-transformer'\nimport {\n ArrayNotEmpty,\n IsArray,\n IsDefined,\n IsIn,\n IsNotEmpty,\n IsNotEmptyObject,\n IsObject,\n IsOptional,\n IsString,\n ValidateIf,\n ValidateNested\n} from 'class-validator'\nimport { CSRF_KEY, WS_KEY } from './constants/auth'\n\nexport class
|
|
1
|
+
{"version":3,"sources":["../../../backend/src/authentication/auth.config.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { Exclude, Transform, Type } from 'class-transformer'\nimport {\n ArrayNotEmpty,\n IsArray,\n IsBoolean,\n IsDefined,\n IsIn,\n IsNotEmpty,\n IsNotEmptyObject,\n IsObject,\n IsOptional,\n IsString,\n ValidateIf,\n ValidateNested\n} from 'class-validator'\nimport { SERVER_NAME } from '../app.constants'\nimport { ACCESS_KEY, CSRF_KEY, REFRESH_KEY, WS_KEY } from './constants/auth'\n\nexport class AuthMfaTotpConfig {\n @IsBoolean()\n enabled = true\n\n @IsString()\n issuer = SERVER_NAME\n}\n\nexport class AuthMfaConfig {\n @IsDefined()\n @IsNotEmptyObject()\n @IsObject()\n @ValidateNested()\n @Type(() => AuthMfaTotpConfig)\n totp: AuthMfaTotpConfig = new AuthMfaTotpConfig()\n}\n\nexport class AuthTokenAccessConfig {\n @Exclude({ toClassOnly: true })\n // force default name\n name = ACCESS_KEY\n\n @IsString()\n @IsNotEmpty()\n secret: string\n\n @IsString()\n @IsNotEmpty()\n expiration = '30m'\n}\n\nexport class AuthTokenRefreshConfig {\n @Exclude({ toClassOnly: true })\n // force default name\n name = REFRESH_KEY\n\n @IsString()\n @IsNotEmpty()\n secret: string\n\n @IsString()\n @IsNotEmpty()\n expiration = '4h'\n}\n\nexport class AuthTokenCsrfConfig extends AuthTokenRefreshConfig {\n @IsString()\n @IsNotEmpty()\n override name: string = CSRF_KEY\n}\n\nexport class AuthTokenWSConfig extends AuthTokenRefreshConfig {\n @IsString()\n @IsNotEmpty()\n override name: string = WS_KEY\n}\n\nexport class AuthTokenConfig {\n @IsDefined()\n @IsNotEmptyObject()\n @IsObject()\n @ValidateNested()\n @Type(() => AuthTokenAccessConfig)\n access: AuthTokenAccessConfig\n\n @IsDefined()\n @IsNotEmptyObject()\n @IsObject()\n @ValidateNested()\n @Type(() => AuthTokenRefreshConfig)\n refresh: AuthTokenRefreshConfig\n\n @IsDefined()\n @IsNotEmptyObject()\n @IsObject()\n @ValidateNested()\n @Type(() => AuthTokenCsrfConfig)\n csrf: AuthTokenCsrfConfig\n\n @IsDefined()\n @IsNotEmptyObject()\n @IsObject()\n @ValidateNested()\n @Type(() => AuthTokenWSConfig)\n ws: AuthTokenWSConfig\n}\n\nexport class AuthMethodLdapAttributesConfig {\n @IsOptional()\n @IsString()\n @Transform(({ value }) => value || 'uid')\n login? = 'uid'\n\n @IsOptional()\n @IsString()\n @Transform(({ value }) => value || 'mail')\n email? = 'mail'\n}\n\nexport class AuthMethodLdapConfig {\n @Transform(({ value }) => (Array.isArray(value) ? value.filter((v: string) => Boolean(v)) : value))\n @ArrayNotEmpty()\n @IsArray()\n @IsString({ each: true })\n servers: string[]\n\n @IsString()\n @IsNotEmpty()\n baseDN: string\n\n @IsOptional()\n @IsString()\n filter?: string\n\n @IsDefined()\n @IsNotEmptyObject()\n @IsObject()\n @ValidateNested()\n @Type(() => AuthMethodLdapAttributesConfig)\n attributes: AuthMethodLdapAttributesConfig = new AuthMethodLdapAttributesConfig()\n}\n\nexport class AuthConfig {\n @IsString()\n @IsIn(['mysql', 'ldap'])\n method: 'mysql' | 'ldap' = 'mysql'\n\n @IsOptional()\n @IsString()\n encryptionKey: string\n\n @IsDefined()\n @IsNotEmptyObject()\n @IsObject()\n @ValidateNested()\n @Type(() => AuthMfaConfig)\n mfa: AuthMfaConfig = new AuthMfaConfig()\n\n @IsString()\n @IsIn(['lax', 'strict'])\n cookieSameSite: 'lax' | 'strict' = 'strict'\n\n @IsDefined()\n @IsNotEmptyObject()\n @IsObject()\n @ValidateNested()\n @Type(() => AuthTokenConfig)\n token: AuthTokenConfig\n\n @ValidateIf((o: AuthConfig) => o.method === 'ldap')\n @IsDefined()\n @IsObject()\n @ValidateNested()\n @Type(() => AuthMethodLdapConfig)\n ldap: AuthMethodLdapConfig\n}\n"],"names":["AuthConfig","AuthMethodLdapAttributesConfig","AuthMethodLdapConfig","AuthMfaConfig","AuthMfaTotpConfig","AuthTokenAccessConfig","AuthTokenConfig","AuthTokenCsrfConfig","AuthTokenRefreshConfig","AuthTokenWSConfig","enabled","issuer","SERVER_NAME","totp","name","ACCESS_KEY","expiration","toClassOnly","REFRESH_KEY","CSRF_KEY","WS_KEY","login","email","value","attributes","Array","isArray","filter","v","Boolean","each","method","mfa","cookieSameSite","o"],"mappings":"AAAA;;;;CAIC;;;;;;;;;;;QA8IYA;eAAAA;;QAnCAC;eAAAA;;QAYAC;eAAAA;;QA3FAC;eAAAA;;QARAC;eAAAA;;QAiBAC;eAAAA;;QAwCAC;eAAAA;;QAZAC;eAAAA;;QAdAC;eAAAA;;QAoBAC;eAAAA;;;kCArE4B;gCAclC;8BACqB;sBAC8B;;;;;;;;;;AAEnD,IAAA,AAAML,oBAAN,MAAMA;;aAEXM,UAAU;aAGVC,SAASC,yBAAW;;AACtB;;;;;;;AAEO,IAAA,AAAMT,gBAAN,MAAMA;;aAMXU,OAA0B,IAAIT;;AAChC;;;;;;oCAFcA;;;AAIP,IAAA,AAAMC,wBAAN,MAAMA;;aAEX,qBAAqB;QACrBS,OAAOC,gBAAU;aAQjBC,aAAa;;AACf;;;QAXaC,aAAa;;;;;;;;;;;;AAanB,IAAA,AAAMT,yBAAN,MAAMA;;aAEX,qBAAqB;QACrBM,OAAOI,iBAAW;aAQlBF,aAAa;;AACf;;;QAXaC,aAAa;;;;;;;;;;;;AAanB,IAAA,AAAMV,sBAAN,MAAMA,4BAA4BC;;QAAlC,qBAGIM,OAAeK,cAAQ;;AAClC;;;;;;AAEO,IAAA,AAAMV,oBAAN,MAAMA,0BAA0BD;;QAAhC,qBAGIM,OAAeM,YAAM;;AAChC;;;;;;AAEO,IAAA,AAAMd,kBAAN,MAAMA;AA4Bb;;;;;;oCAvBcD;;;;;;;;oCAOAG;;;;;;;;oCAOAD;;;;;;;;oCAOAE;;;AAIP,IAAA,AAAMR,iCAAN,MAAMA;;aAIXoB,QAAS;aAKTC,QAAS;;AACX;;;;sCAPc,EAAEC,KAAK,EAAE,GAAKA,SAAS;;;;;sCAKvB,EAAEA,KAAK,EAAE,GAAKA,SAAS;;AAI9B,IAAA,AAAMrB,uBAAN,MAAMA;;aAoBXsB,aAA6C,IAAIvB;;AACnD;;sCApBc,EAAEsB,KAAK,EAAE,GAAME,MAAMC,OAAO,CAACH,SAASA,MAAMI,MAAM,CAAC,CAACC,IAAcC,QAAQD,MAAML;;;;QAGhFO,MAAM;;;;;;;;;;;;;;;;;;;oCAeN7B;;;AAIP,IAAA,AAAMD,aAAN,MAAMA;;aAGX+B,SAA2B;aAW3BC,MAAqB,IAAI7B;aAIzB8B,iBAAmC;;AAerC;;;;QA/BS;QAAS;;;;;;;;;;;;;;oCAWJ9B;;;;;;QAIL;QAAO;;;;;;;;;oCAOFG;;;;qCAGC4B,IAAkBA,EAAEH,MAAM,KAAK;;;;oCAIhC7B"}
|
|
@@ -14,13 +14,22 @@ Object.defineProperty(exports, "AuthController", {
|
|
|
14
14
|
});
|
|
15
15
|
const _common = require("@nestjs/common");
|
|
16
16
|
const _fastify = require("fastify");
|
|
17
|
+
const _user = require("../applications/users/constants/user");
|
|
18
|
+
const _rolesdecorator = require("../applications/users/decorators/roles.decorator");
|
|
17
19
|
const _userdecorator = require("../applications/users/decorators/user.decorator");
|
|
20
|
+
const _rolesguard = require("../applications/users/guards/roles.guard");
|
|
18
21
|
const _usermodel = require("../applications/users/models/user.model");
|
|
22
|
+
const _auth = require("./constants/auth");
|
|
19
23
|
const _routes = require("./constants/routes");
|
|
20
24
|
const _authtokenskipdecorator = require("./decorators/auth-token-skip.decorator");
|
|
25
|
+
const _twofaverifydto = require("./dto/two-fa-verify.dto");
|
|
21
26
|
const _authlocalguard = require("./guards/auth-local.guard");
|
|
22
27
|
const _authtokenrefreshguard = require("./guards/auth-token-refresh.guard");
|
|
28
|
+
const _authtwofaguard = require("./guards/auth-two-fa-guard");
|
|
29
|
+
const _authrequestinterface = require("./interfaces/auth-request.interface");
|
|
30
|
+
const _tokeninterface = require("./interfaces/token.interface");
|
|
23
31
|
const _authmanagerservice = require("./services/auth-manager.service");
|
|
32
|
+
const _authmethodtwofaservice = require("./services/auth-methods/auth-method-two-fa.service");
|
|
24
33
|
function _ts_decorate(decorators, target, key, desc) {
|
|
25
34
|
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
26
35
|
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
@@ -37,26 +46,56 @@ function _ts_param(paramIndex, decorator) {
|
|
|
37
46
|
}
|
|
38
47
|
let AuthController = class AuthController {
|
|
39
48
|
login(user, res) {
|
|
40
|
-
return this.
|
|
49
|
+
return this.authManager.setCookies(user, res, true);
|
|
41
50
|
}
|
|
42
51
|
logout(res) {
|
|
43
|
-
return this.
|
|
52
|
+
return this.authManager.clearCookies(res);
|
|
44
53
|
}
|
|
45
54
|
refreshCookies(user, res) {
|
|
46
|
-
return this.
|
|
55
|
+
return this.authManager.refreshCookies(user, res);
|
|
47
56
|
}
|
|
48
57
|
token(user) {
|
|
49
|
-
return this.
|
|
58
|
+
return this.authManager.getTokens(user);
|
|
50
59
|
}
|
|
51
60
|
refreshToken(user) {
|
|
52
|
-
return this.
|
|
61
|
+
return this.authManager.getTokens(user, true);
|
|
53
62
|
}
|
|
54
|
-
|
|
55
|
-
this.
|
|
63
|
+
/* TWO-FA Part */ twoFaInit(user) {
|
|
64
|
+
return this.authMethod2FA.initTwoFactor(user);
|
|
65
|
+
}
|
|
66
|
+
twoFaEnable(body, req) {
|
|
67
|
+
return this.authMethod2FA.enableTwoFactor(body, req);
|
|
68
|
+
}
|
|
69
|
+
twoFaDisable(body, req) {
|
|
70
|
+
return this.authMethod2FA.disableTwoFactor(body, req);
|
|
71
|
+
}
|
|
72
|
+
async twoFaLogin(body, req, res) {
|
|
73
|
+
const [authStatus, user] = await this.authMethod2FA.verify(body, req, true);
|
|
74
|
+
if (authStatus.success) {
|
|
75
|
+
const loginResponseDto = await this.authManager.setCookies(user, res);
|
|
76
|
+
// clear the temporary 2FA cookie
|
|
77
|
+
res.clearCookie(_auth.ACCESS_KEY, {
|
|
78
|
+
path: _auth.TOKEN_PATHS[_tokeninterface.TOKEN_TYPE.ACCESS_2FA],
|
|
79
|
+
httpOnly: true
|
|
80
|
+
});
|
|
81
|
+
return {
|
|
82
|
+
...loginResponseDto,
|
|
83
|
+
...authStatus
|
|
84
|
+
};
|
|
85
|
+
}
|
|
86
|
+
return authStatus;
|
|
87
|
+
}
|
|
88
|
+
twoFaReset(userId) {
|
|
89
|
+
return this.authMethod2FA.adminResetUserTwoFa(userId);
|
|
90
|
+
}
|
|
91
|
+
constructor(authManager, authMethod2FA){
|
|
92
|
+
this.authManager = authManager;
|
|
93
|
+
this.authMethod2FA = authMethod2FA;
|
|
56
94
|
}
|
|
57
95
|
};
|
|
58
96
|
_ts_decorate([
|
|
59
97
|
(0, _common.Post)(_routes.AUTH_ROUTE.LOGIN),
|
|
98
|
+
(0, _authtokenskipdecorator.AuthTokenSkip)(),
|
|
60
99
|
(0, _common.UseGuards)(_authlocalguard.AuthLocalGuard),
|
|
61
100
|
_ts_param(0, (0, _userdecorator.GetUser)()),
|
|
62
101
|
_ts_param(1, (0, _common.Res)({
|
|
@@ -71,6 +110,7 @@ _ts_decorate([
|
|
|
71
110
|
], AuthController.prototype, "login", null);
|
|
72
111
|
_ts_decorate([
|
|
73
112
|
(0, _common.Post)(_routes.AUTH_ROUTE.LOGOUT),
|
|
113
|
+
(0, _authtokenskipdecorator.AuthTokenSkip)(),
|
|
74
114
|
_ts_param(0, (0, _common.Res)({
|
|
75
115
|
passthrough: true
|
|
76
116
|
})),
|
|
@@ -82,6 +122,7 @@ _ts_decorate([
|
|
|
82
122
|
], AuthController.prototype, "logout", null);
|
|
83
123
|
_ts_decorate([
|
|
84
124
|
(0, _common.Post)(_routes.AUTH_ROUTE.REFRESH),
|
|
125
|
+
(0, _authtokenskipdecorator.AuthTokenSkip)(),
|
|
85
126
|
(0, _common.UseGuards)(_authtokenrefreshguard.AuthTokenRefreshGuard),
|
|
86
127
|
_ts_param(0, (0, _userdecorator.GetUser)()),
|
|
87
128
|
_ts_param(1, (0, _common.Res)({
|
|
@@ -96,6 +137,7 @@ _ts_decorate([
|
|
|
96
137
|
], AuthController.prototype, "refreshCookies", null);
|
|
97
138
|
_ts_decorate([
|
|
98
139
|
(0, _common.Post)(_routes.AUTH_ROUTE.TOKEN),
|
|
140
|
+
(0, _authtokenskipdecorator.AuthTokenSkip)(),
|
|
99
141
|
(0, _common.UseGuards)(_authlocalguard.AuthLocalGuard),
|
|
100
142
|
_ts_param(0, (0, _userdecorator.GetUser)()),
|
|
101
143
|
_ts_metadata("design:type", Function),
|
|
@@ -106,6 +148,7 @@ _ts_decorate([
|
|
|
106
148
|
], AuthController.prototype, "token", null);
|
|
107
149
|
_ts_decorate([
|
|
108
150
|
(0, _common.Post)(_routes.AUTH_ROUTE.TOKEN_REFRESH),
|
|
151
|
+
(0, _authtokenskipdecorator.AuthTokenSkip)(),
|
|
109
152
|
(0, _common.UseGuards)(_authtokenrefreshguard.AuthTokenRefreshGuard),
|
|
110
153
|
_ts_param(0, (0, _userdecorator.GetUser)()),
|
|
111
154
|
_ts_metadata("design:type", Function),
|
|
@@ -114,12 +157,77 @@ _ts_decorate([
|
|
|
114
157
|
]),
|
|
115
158
|
_ts_metadata("design:returntype", typeof Promise === "undefined" ? Object : Promise)
|
|
116
159
|
], AuthController.prototype, "refreshToken", null);
|
|
160
|
+
_ts_decorate([
|
|
161
|
+
(0, _common.Get)(`${_routes.AUTH_ROUTE.TWO_FA_BASE}/${_routes.AUTH_ROUTE.TWO_FA_ENABLE}`),
|
|
162
|
+
(0, _common.UseGuards)(_rolesguard.UserRolesGuard),
|
|
163
|
+
(0, _rolesdecorator.UserHaveRole)(_user.USER_ROLE.USER),
|
|
164
|
+
_ts_param(0, (0, _userdecorator.GetUser)()),
|
|
165
|
+
_ts_metadata("design:type", Function),
|
|
166
|
+
_ts_metadata("design:paramtypes", [
|
|
167
|
+
typeof _usermodel.UserModel === "undefined" ? Object : _usermodel.UserModel
|
|
168
|
+
]),
|
|
169
|
+
_ts_metadata("design:returntype", typeof Promise === "undefined" ? Object : Promise)
|
|
170
|
+
], AuthController.prototype, "twoFaInit", null);
|
|
171
|
+
_ts_decorate([
|
|
172
|
+
(0, _common.Post)(`${_routes.AUTH_ROUTE.TWO_FA_BASE}/${_routes.AUTH_ROUTE.TWO_FA_ENABLE}`),
|
|
173
|
+
(0, _common.UseGuards)(_rolesguard.UserRolesGuard),
|
|
174
|
+
(0, _rolesdecorator.UserHaveRole)(_user.USER_ROLE.USER),
|
|
175
|
+
_ts_param(0, (0, _common.Body)()),
|
|
176
|
+
_ts_param(1, (0, _common.Req)()),
|
|
177
|
+
_ts_metadata("design:type", Function),
|
|
178
|
+
_ts_metadata("design:paramtypes", [
|
|
179
|
+
typeof _twofaverifydto.TwoFaVerifyWithPasswordDto === "undefined" ? Object : _twofaverifydto.TwoFaVerifyWithPasswordDto,
|
|
180
|
+
typeof _authrequestinterface.FastifyAuthenticatedRequest === "undefined" ? Object : _authrequestinterface.FastifyAuthenticatedRequest
|
|
181
|
+
]),
|
|
182
|
+
_ts_metadata("design:returntype", typeof Promise === "undefined" ? Object : Promise)
|
|
183
|
+
], AuthController.prototype, "twoFaEnable", null);
|
|
184
|
+
_ts_decorate([
|
|
185
|
+
(0, _common.Post)(`${_routes.AUTH_ROUTE.TWO_FA_BASE}/${_routes.AUTH_ROUTE.TWO_FA_DISABLE}`),
|
|
186
|
+
(0, _common.UseGuards)(_rolesguard.UserRolesGuard),
|
|
187
|
+
(0, _rolesdecorator.UserHaveRole)(_user.USER_ROLE.USER),
|
|
188
|
+
_ts_param(0, (0, _common.Body)()),
|
|
189
|
+
_ts_param(1, (0, _common.Req)()),
|
|
190
|
+
_ts_metadata("design:type", Function),
|
|
191
|
+
_ts_metadata("design:paramtypes", [
|
|
192
|
+
typeof _twofaverifydto.TwoFaVerifyWithPasswordDto === "undefined" ? Object : _twofaverifydto.TwoFaVerifyWithPasswordDto,
|
|
193
|
+
typeof _authrequestinterface.FastifyAuthenticatedRequest === "undefined" ? Object : _authrequestinterface.FastifyAuthenticatedRequest
|
|
194
|
+
]),
|
|
195
|
+
_ts_metadata("design:returntype", typeof Promise === "undefined" ? Object : Promise)
|
|
196
|
+
], AuthController.prototype, "twoFaDisable", null);
|
|
197
|
+
_ts_decorate([
|
|
198
|
+
(0, _common.Post)(`${_routes.AUTH_ROUTE.TWO_FA_BASE}/${_routes.AUTH_ROUTE.TWO_FA_LOGIN_VERIFY}`),
|
|
199
|
+
(0, _common.UseGuards)(_rolesguard.UserRolesGuard),
|
|
200
|
+
(0, _rolesdecorator.UserHaveRole)(_user.USER_ROLE.USER),
|
|
201
|
+
_ts_param(0, (0, _common.Body)()),
|
|
202
|
+
_ts_param(1, (0, _common.Req)()),
|
|
203
|
+
_ts_param(2, (0, _common.Res)({
|
|
204
|
+
passthrough: true
|
|
205
|
+
})),
|
|
206
|
+
_ts_metadata("design:type", Function),
|
|
207
|
+
_ts_metadata("design:paramtypes", [
|
|
208
|
+
typeof _twofaverifydto.TwoFaVerifyDto === "undefined" ? Object : _twofaverifydto.TwoFaVerifyDto,
|
|
209
|
+
typeof _authrequestinterface.FastifyAuthenticatedRequest === "undefined" ? Object : _authrequestinterface.FastifyAuthenticatedRequest,
|
|
210
|
+
typeof _fastify.FastifyReply === "undefined" ? Object : _fastify.FastifyReply
|
|
211
|
+
]),
|
|
212
|
+
_ts_metadata("design:returntype", Promise)
|
|
213
|
+
], AuthController.prototype, "twoFaLogin", null);
|
|
214
|
+
_ts_decorate([
|
|
215
|
+
(0, _common.Post)(`${_routes.AUTH_ROUTE.TWO_FA_BASE}/${_routes.AUTH_ROUTE.TWO_FA_ADMIN_RESET_USER}/:id`),
|
|
216
|
+
(0, _common.UseGuards)(_rolesguard.UserRolesGuard, _authtwofaguard.AuthTwoFaGuard),
|
|
217
|
+
(0, _rolesdecorator.UserHaveRole)(_user.USER_ROLE.ADMINISTRATOR),
|
|
218
|
+
_ts_param(0, (0, _common.Param)('id', _common.ParseIntPipe)),
|
|
219
|
+
_ts_metadata("design:type", Function),
|
|
220
|
+
_ts_metadata("design:paramtypes", [
|
|
221
|
+
Number
|
|
222
|
+
]),
|
|
223
|
+
_ts_metadata("design:returntype", typeof Promise === "undefined" ? Object : Promise)
|
|
224
|
+
], AuthController.prototype, "twoFaReset", null);
|
|
117
225
|
AuthController = _ts_decorate([
|
|
118
226
|
(0, _common.Controller)(_routes.AUTH_ROUTE.BASE),
|
|
119
|
-
(0, _authtokenskipdecorator.AuthTokenSkip)(),
|
|
120
227
|
_ts_metadata("design:type", Function),
|
|
121
228
|
_ts_metadata("design:paramtypes", [
|
|
122
|
-
typeof _authmanagerservice.AuthManager === "undefined" ? Object : _authmanagerservice.AuthManager
|
|
229
|
+
typeof _authmanagerservice.AuthManager === "undefined" ? Object : _authmanagerservice.AuthManager,
|
|
230
|
+
typeof _authmethodtwofaservice.AuthMethod2FA === "undefined" ? Object : _authmethodtwofaservice.AuthMethod2FA
|
|
123
231
|
])
|
|
124
232
|
], AuthController);
|
|
125
233
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../backend/src/authentication/auth.controller.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { Controller, Post, Res, UseGuards } from '@nestjs/common'\nimport { FastifyReply } from 'fastify'\nimport { GetUser } from '../applications/users/decorators/user.decorator'\nimport { UserModel } from '../applications/users/models/user.model'\nimport { AUTH_ROUTE } from './constants/routes'\nimport { AuthTokenSkip } from './decorators/auth-token-skip.decorator'\nimport { LoginResponseDto } from './dto/login-response.dto'\nimport { TokenResponseDto } from './dto/token-response.dto'\nimport { AuthLocalGuard } from './guards/auth-local.guard'\nimport { AuthTokenRefreshGuard } from './guards/auth-token-refresh.guard'\nimport { AuthManager } from './services/auth-manager.service'\n\n@Controller(AUTH_ROUTE.BASE)\
|
|
1
|
+
{"version":3,"sources":["../../../backend/src/authentication/auth.controller.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { Body, Controller, Get, Param, ParseIntPipe, Post, Req, Res, UseGuards } from '@nestjs/common'\nimport { FastifyReply } from 'fastify'\nimport { USER_ROLE } from '../applications/users/constants/user'\nimport { UserHaveRole } from '../applications/users/decorators/roles.decorator'\nimport { GetUser } from '../applications/users/decorators/user.decorator'\nimport { UserRolesGuard } from '../applications/users/guards/roles.guard'\nimport { UserModel } from '../applications/users/models/user.model'\nimport { ACCESS_KEY, TOKEN_PATHS } from './constants/auth'\nimport { AUTH_ROUTE } from './constants/routes'\nimport { AuthTokenSkip } from './decorators/auth-token-skip.decorator'\nimport { LoginResponseDto, LoginVerify2FaDto, TwoFaResponseDto } from './dto/login-response.dto'\nimport { TokenResponseDto } from './dto/token-response.dto'\nimport { TwoFaVerifyDto, TwoFaVerifyWithPasswordDto } from './dto/two-fa-verify.dto'\nimport { AuthLocalGuard } from './guards/auth-local.guard'\nimport { AuthTokenRefreshGuard } from './guards/auth-token-refresh.guard'\nimport { AuthTwoFaGuard } from './guards/auth-two-fa-guard'\nimport { FastifyAuthenticatedRequest } from './interfaces/auth-request.interface'\nimport { TOKEN_TYPE } from './interfaces/token.interface'\nimport { TwoFaSetup, TwoFaVerifyResult } from './interfaces/two-fa-setup.interface'\nimport { AuthManager } from './services/auth-manager.service'\nimport { AuthMethod2FA } from './services/auth-methods/auth-method-two-fa.service'\n\n@Controller(AUTH_ROUTE.BASE)\nexport class AuthController {\n constructor(\n private readonly authManager: AuthManager,\n private readonly authMethod2FA: AuthMethod2FA\n ) {}\n\n @Post(AUTH_ROUTE.LOGIN)\n @AuthTokenSkip()\n @UseGuards(AuthLocalGuard)\n login(@GetUser() user: UserModel, @Res({ passthrough: true }) res: FastifyReply): Promise<LoginResponseDto | LoginVerify2FaDto> {\n return this.authManager.setCookies(user, res, true)\n }\n\n @Post(AUTH_ROUTE.LOGOUT)\n @AuthTokenSkip()\n logout(@Res({ passthrough: true }) res: FastifyReply) {\n return this.authManager.clearCookies(res)\n }\n\n @Post(AUTH_ROUTE.REFRESH)\n @AuthTokenSkip()\n @UseGuards(AuthTokenRefreshGuard)\n refreshCookies(@GetUser() user: UserModel, @Res({ passthrough: true }) res: FastifyReply): Promise<TokenResponseDto> {\n return this.authManager.refreshCookies(user, res)\n }\n\n @Post(AUTH_ROUTE.TOKEN)\n @AuthTokenSkip()\n @UseGuards(AuthLocalGuard)\n token(@GetUser() user: UserModel): Promise<TokenResponseDto> {\n return this.authManager.getTokens(user)\n }\n\n @Post(AUTH_ROUTE.TOKEN_REFRESH)\n @AuthTokenSkip()\n @UseGuards(AuthTokenRefreshGuard)\n refreshToken(@GetUser() user: UserModel): Promise<TokenResponseDto> {\n return this.authManager.getTokens(user, true)\n }\n\n /* TWO-FA Part */\n\n @Get(`${AUTH_ROUTE.TWO_FA_BASE}/${AUTH_ROUTE.TWO_FA_ENABLE}`)\n @UseGuards(UserRolesGuard)\n @UserHaveRole(USER_ROLE.USER)\n twoFaInit(@GetUser() user: UserModel): Promise<TwoFaSetup> {\n return this.authMethod2FA.initTwoFactor(user)\n }\n\n @Post(`${AUTH_ROUTE.TWO_FA_BASE}/${AUTH_ROUTE.TWO_FA_ENABLE}`)\n @UseGuards(UserRolesGuard)\n @UserHaveRole(USER_ROLE.USER)\n twoFaEnable(@Body() body: TwoFaVerifyWithPasswordDto, @Req() req: FastifyAuthenticatedRequest): Promise<TwoFaVerifyResult> {\n return this.authMethod2FA.enableTwoFactor(body, req)\n }\n\n @Post(`${AUTH_ROUTE.TWO_FA_BASE}/${AUTH_ROUTE.TWO_FA_DISABLE}`)\n @UseGuards(UserRolesGuard)\n @UserHaveRole(USER_ROLE.USER)\n twoFaDisable(@Body() body: TwoFaVerifyWithPasswordDto, @Req() req: FastifyAuthenticatedRequest): Promise<TwoFaVerifyResult> {\n return this.authMethod2FA.disableTwoFactor(body, req)\n }\n\n @Post(`${AUTH_ROUTE.TWO_FA_BASE}/${AUTH_ROUTE.TWO_FA_LOGIN_VERIFY}`)\n @UseGuards(UserRolesGuard)\n @UserHaveRole(USER_ROLE.USER)\n async twoFaLogin(\n @Body() body: TwoFaVerifyDto,\n @Req() req: FastifyAuthenticatedRequest,\n @Res({ passthrough: true }) res: FastifyReply\n ): Promise<TwoFaResponseDto | TwoFaVerifyResult> {\n const [authStatus, user] = await this.authMethod2FA.verify(body, req, true)\n if (authStatus.success) {\n const loginResponseDto = await this.authManager.setCookies(user, res)\n // clear the temporary 2FA cookie\n res.clearCookie(ACCESS_KEY, { path: TOKEN_PATHS[TOKEN_TYPE.ACCESS_2FA], httpOnly: true })\n return { ...loginResponseDto, ...authStatus } satisfies TwoFaResponseDto\n }\n return authStatus\n }\n\n @Post(`${AUTH_ROUTE.TWO_FA_BASE}/${AUTH_ROUTE.TWO_FA_ADMIN_RESET_USER}/:id`)\n @UseGuards(UserRolesGuard, AuthTwoFaGuard)\n @UserHaveRole(USER_ROLE.ADMINISTRATOR)\n twoFaReset(@Param('id', ParseIntPipe) userId: number): Promise<TwoFaVerifyResult> {\n return this.authMethod2FA.adminResetUserTwoFa(userId)\n }\n}\n"],"names":["AuthController","login","user","res","authManager","setCookies","logout","clearCookies","refreshCookies","token","getTokens","refreshToken","twoFaInit","authMethod2FA","initTwoFactor","twoFaEnable","body","req","enableTwoFactor","twoFaDisable","disableTwoFactor","twoFaLogin","authStatus","verify","success","loginResponseDto","clearCookie","ACCESS_KEY","path","TOKEN_PATHS","TOKEN_TYPE","ACCESS_2FA","httpOnly","twoFaReset","userId","adminResetUserTwoFa","LOGIN","passthrough","LOGOUT","REFRESH","TOKEN","TOKEN_REFRESH","AUTH_ROUTE","TWO_FA_BASE","TWO_FA_ENABLE","USER","TWO_FA_DISABLE","TWO_FA_LOGIN_VERIFY","TWO_FA_ADMIN_RESET_USER","ADMINISTRATOR","BASE"],"mappings":"AAAA;;;;CAIC;;;;+BAyBYA;;;eAAAA;;;wBAvByE;yBACzD;sBACH;gCACG;+BACL;4BACO;2BACL;sBACc;wBACb;wCACG;gCAG6B;gCAC5B;uCACO;gCACP;sCACa;gCACjB;oCAEC;wCACE;;;;;;;;;;;;;;;AAGvB,IAAA,AAAMA,iBAAN,MAAMA;IASXC,MAAM,AAAWC,IAAe,EAAE,AAA4BC,GAAiB,EAAiD;QAC9H,OAAO,IAAI,CAACC,WAAW,CAACC,UAAU,CAACH,MAAMC,KAAK;IAChD;IAIAG,OAAO,AAA4BH,GAAiB,EAAE;QACpD,OAAO,IAAI,CAACC,WAAW,CAACG,YAAY,CAACJ;IACvC;IAKAK,eAAe,AAAWN,IAAe,EAAE,AAA4BC,GAAiB,EAA6B;QACnH,OAAO,IAAI,CAACC,WAAW,CAACI,cAAc,CAACN,MAAMC;IAC/C;IAKAM,MAAM,AAAWP,IAAe,EAA6B;QAC3D,OAAO,IAAI,CAACE,WAAW,CAACM,SAAS,CAACR;IACpC;IAKAS,aAAa,AAAWT,IAAe,EAA6B;QAClE,OAAO,IAAI,CAACE,WAAW,CAACM,SAAS,CAACR,MAAM;IAC1C;IAEA,eAAe,GAEf,AAGAU,UAAU,AAAWV,IAAe,EAAuB;QACzD,OAAO,IAAI,CAACW,aAAa,CAACC,aAAa,CAACZ;IAC1C;IAKAa,YAAY,AAAQC,IAAgC,EAAE,AAAOC,GAAgC,EAA8B;QACzH,OAAO,IAAI,CAACJ,aAAa,CAACK,eAAe,CAACF,MAAMC;IAClD;IAKAE,aAAa,AAAQH,IAAgC,EAAE,AAAOC,GAAgC,EAA8B;QAC1H,OAAO,IAAI,CAACJ,aAAa,CAACO,gBAAgB,CAACJ,MAAMC;IACnD;IAEA,MAGMI,WACJ,AAAQL,IAAoB,EAC5B,AAAOC,GAAgC,EACvC,AAA4Bd,GAAiB,EACE;QAC/C,MAAM,CAACmB,YAAYpB,KAAK,GAAG,MAAM,IAAI,CAACW,aAAa,CAACU,MAAM,CAACP,MAAMC,KAAK;QACtE,IAAIK,WAAWE,OAAO,EAAE;YACtB,MAAMC,mBAAmB,MAAM,IAAI,CAACrB,WAAW,CAACC,UAAU,CAACH,MAAMC;YACjE,iCAAiC;YACjCA,IAAIuB,WAAW,CAACC,gBAAU,EAAE;gBAAEC,MAAMC,iBAAW,CAACC,0BAAU,CAACC,UAAU,CAAC;gBAAEC,UAAU;YAAK;YACvF,OAAO;gBAAE,GAAGP,gBAAgB;gBAAE,GAAGH,UAAU;YAAC;QAC9C;QACA,OAAOA;IACT;IAKAW,WAAW,AAA2BC,MAAc,EAA8B;QAChF,OAAO,IAAI,CAACrB,aAAa,CAACsB,mBAAmB,CAACD;IAChD;IArFA,YACE,AAAiB9B,WAAwB,EACzC,AAAiBS,aAA4B,CAC7C;aAFiBT,cAAAA;aACAS,gBAAAA;IAChB;AAmFL;;yCAjFmBuB;;;;;QAGwBC,aAAa;;;;;;;;;;yCAIrCC;;;QAEHD,aAAa;;;;;;;;;yCAIVE;;;;;QAGiCF,aAAa;;;;;;;;;;yCAI9CG;;;;;;;;;;;yCAOAC;;;;;;;;;;;wBASTC,kBAAU,CAACC,WAAW,CAAC,CAAC,EAAED,kBAAU,CAACE,aAAa;;sDAElCC;;;;;;;;;yBAKfH,kBAAU,CAACC,WAAW,CAAC,CAAC,EAAED,kBAAU,CAACE,aAAa;;sDAEnCC;;;;;;;;;;;yBAKfH,kBAAU,CAACC,WAAW,CAAC,CAAC,EAAED,kBAAU,CAACI,cAAc;;sDAEpCD;;;;;;;;;;;yBAKfH,kBAAU,CAACC,WAAW,CAAC,CAAC,EAAED,kBAAU,CAACK,mBAAmB;;sDAEzCF;;;;QAIfR,aAAa;;;;;;;;;;;yBAYbK,kBAAU,CAACC,WAAW,CAAC,CAAC,EAAED,kBAAU,CAACM,uBAAuB,CAAC,IAAI;;sDAElDC;;;;;;;;;+CApFHC"}
|
|
@@ -10,7 +10,9 @@ const _config = require("@nestjs/config");
|
|
|
10
10
|
const _jwt = require("@nestjs/jwt");
|
|
11
11
|
const _passport = require("@nestjs/passport");
|
|
12
12
|
const _testing = require("@nestjs/testing");
|
|
13
|
+
const _notificationsmanagerservice = require("../applications/notifications/services/notifications-manager.service");
|
|
13
14
|
const _usermodel = require("../applications/users/models/user.model");
|
|
15
|
+
const _usersmanagerservice = require("../applications/users/services/users-manager.service");
|
|
14
16
|
const _test = require("../applications/users/utils/test");
|
|
15
17
|
const _functions = require("../common/functions");
|
|
16
18
|
const _shared = require("../common/shared");
|
|
@@ -18,9 +20,12 @@ const _configenvironment = require("../configuration/config.environment");
|
|
|
18
20
|
const _cacheservice = require("../infrastructure/cache/services/cache.service");
|
|
19
21
|
const _constants = require("../infrastructure/database/constants");
|
|
20
22
|
const _authcontroller = require("./auth.controller");
|
|
23
|
+
const _auth = require("./constants/auth");
|
|
21
24
|
const _loginresponsedto = require("./dto/login-response.dto");
|
|
25
|
+
const _authtwofaguard = require("./guards/auth-two-fa-guard");
|
|
22
26
|
const _tokeninterface = require("./interfaces/token.interface");
|
|
23
27
|
const _authmanagerservice = require("./services/auth-manager.service");
|
|
28
|
+
const _authmethodtwofaservice = require("./services/auth-methods/auth-method-two-fa.service");
|
|
24
29
|
describe(_authcontroller.AuthController.name, ()=>{
|
|
25
30
|
let module;
|
|
26
31
|
let authController;
|
|
@@ -44,6 +49,8 @@ describe(_authcontroller.AuthController.name, ()=>{
|
|
|
44
49
|
_config.ConfigService,
|
|
45
50
|
_authmanagerservice.AuthManager,
|
|
46
51
|
_jwt.JwtService,
|
|
52
|
+
_authmethodtwofaservice.AuthMethod2FA,
|
|
53
|
+
_authtwofaguard.AuthTwoFaGuard,
|
|
47
54
|
{
|
|
48
55
|
provide: _constants.DB_TOKEN_PROVIDER,
|
|
49
56
|
useValue: {}
|
|
@@ -51,6 +58,14 @@ describe(_authcontroller.AuthController.name, ()=>{
|
|
|
51
58
|
{
|
|
52
59
|
provide: _cacheservice.Cache,
|
|
53
60
|
useValue: {}
|
|
61
|
+
},
|
|
62
|
+
{
|
|
63
|
+
provide: _usersmanagerservice.UsersManager,
|
|
64
|
+
useValue: {}
|
|
65
|
+
},
|
|
66
|
+
{
|
|
67
|
+
provide: _notificationsmanagerservice.NotificationsManager,
|
|
68
|
+
useValue: {}
|
|
54
69
|
}
|
|
55
70
|
]
|
|
56
71
|
}).compile();
|
|
@@ -88,7 +103,7 @@ describe(_authcontroller.AuthController.name, ()=>{
|
|
|
88
103
|
clearCookie: jest.fn()
|
|
89
104
|
};
|
|
90
105
|
await expect(authController.logout(res)).resolves.not.toThrow();
|
|
91
|
-
expect(res.clearCookie).toHaveBeenCalledTimes(
|
|
106
|
+
expect(res.clearCookie).toHaveBeenCalledTimes(Object.keys(_auth.TOKEN_PATHS).length);
|
|
92
107
|
});
|
|
93
108
|
it('should refresh JWT in cookies', async ()=>{
|
|
94
109
|
userTest.exp = (0, _shared.currentTimeStamp)() + (0, _functions.convertHumanTimeToSeconds)('30s');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../../backend/src/authentication/auth.controller.spec.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { ConfigModule, ConfigService } from '@nestjs/config'\nimport { JwtService } from '@nestjs/jwt'\nimport { PassportModule } from '@nestjs/passport'\nimport { Test, TestingModule } from '@nestjs/testing'\nimport { UserModel } from '../applications/users/models/user.model'\nimport { generateUserTest } from '../applications/users/utils/test'\nimport { convertHumanTimeToSeconds } from '../common/functions'\nimport { currentTimeStamp } from '../common/shared'\nimport { exportConfiguration } from '../configuration/config.environment'\nimport { Cache } from '../infrastructure/cache/services/cache.service'\nimport { DB_TOKEN_PROVIDER } from '../infrastructure/database/constants'\nimport { AuthConfig } from './auth.config'\nimport { AuthController } from './auth.controller'\nimport { LoginResponseDto } from './dto/login-response.dto'\nimport { TOKEN_TYPE } from './interfaces/token.interface'\nimport { AuthManager } from './services/auth-manager.service'\n\ndescribe(AuthController.name, () => {\n let module: TestingModule\n let authController: AuthController\n let authConfig: AuthConfig\n let userTest: UserModel\n\n beforeAll(async () => {\n module = await Test.createTestingModule({\n imports: [await ConfigModule.forRoot({ load: [exportConfiguration], isGlobal: true }), PassportModule],\n controllers: [AuthController],\n providers: [ConfigService, AuthManager, JwtService, { provide: DB_TOKEN_PROVIDER, useValue: {} }, { provide: Cache, useValue: {} }]\n }).compile()\n\n module.useLogger(['fatal'])\n authConfig = module.get<ConfigService>(ConfigService).get<AuthConfig>('auth')\n authController = module.get<AuthController>(AuthController)\n userTest = new UserModel({ ...generateUserTest(), id: 888 }, false)\n })\n\n afterAll(async () => {\n await module.close()\n })\n\n it('should be defined', () => {\n expect(authConfig).toBeDefined()\n expect(authController).toBeDefined()\n expect(userTest).toBeDefined()\n })\n\n it('should set JWT in cookies', async () => {\n const res: any = { setCookie: jest.fn() }\n const result = await authController.login(userTest, res)\n expect(result).toBeDefined()\n expect(result).toBeInstanceOf(LoginResponseDto)\n expect(res.setCookie).toHaveBeenCalledTimes(4)\n expect(result.token.access_expiration).toBeCloseTo(convertHumanTimeToSeconds(authConfig.token.access.expiration) + currentTimeStamp(), -1)\n expect(result.token.refresh_expiration).toBeCloseTo(convertHumanTimeToSeconds(authConfig.token.refresh.expiration) + currentTimeStamp(), -1)\n })\n\n it('should clear JWT in cookies', async () => {\n const res: any = { clearCookie: jest.fn() }\n await expect(authController.logout(res)).resolves.not.toThrow()\n expect(res.clearCookie).toHaveBeenCalledTimes(4)\n })\n\n it('should refresh JWT in cookies', async () => {\n userTest.exp = currentTimeStamp() + convertHumanTimeToSeconds('30s')\n const res: any = { setCookie: jest.fn() }\n const result = await authController.refreshCookies(userTest, res)\n expect(result).toBeDefined()\n expect(res.setCookie).toHaveBeenCalledTimes(4)\n expect(result.access_expiration).toBeCloseTo(convertHumanTimeToSeconds(authConfig.token.access.expiration) + currentTimeStamp(), -1)\n expect(result.refresh_expiration).toBe(userTest.exp)\n })\n\n it('should not refresh JWT in cookies', async () => {\n userTest.exp = currentTimeStamp() - 1\n const res: any = { setCookie: jest.fn() }\n await expect(authController.refreshCookies(userTest, res)).rejects.toThrow()\n })\n\n it('should get JWT in response body', async () => {\n const result = await authController.token(userTest)\n expect(result[TOKEN_TYPE.ACCESS]).toBeDefined()\n expect(result[TOKEN_TYPE.REFRESH]).toBeDefined()\n expect(result[`${TOKEN_TYPE.ACCESS}_expiration`]).toBeCloseTo(\n convertHumanTimeToSeconds(authConfig.token.access.expiration) + currentTimeStamp(),\n -1\n )\n expect(result[`${TOKEN_TYPE.REFRESH}_expiration`]).toBeCloseTo(\n convertHumanTimeToSeconds(authConfig.token.refresh.expiration) + currentTimeStamp(),\n -1\n )\n })\n\n it('should refresh JWT in response body', async () => {\n userTest.exp = currentTimeStamp() + convertHumanTimeToSeconds('30s')\n const result = await authController.refreshToken(userTest)\n expect(result[TOKEN_TYPE.ACCESS]).toBeDefined()\n expect(result[TOKEN_TYPE.REFRESH]).toBeDefined()\n expect(result[`${TOKEN_TYPE.ACCESS}_expiration`]).toBeCloseTo(\n convertHumanTimeToSeconds(authConfig.token.access.expiration) + currentTimeStamp(),\n -1\n )\n expect(result[`${TOKEN_TYPE.REFRESH}_expiration`]).toBe(userTest.exp)\n })\n\n it('should not refresh JWT in response body', async () => {\n userTest.exp = currentTimeStamp() - 1\n await expect(authController.refreshToken(userTest)).rejects.toThrow()\n })\n})\n"],"names":["describe","AuthController","name","module","authController","authConfig","userTest","beforeAll","Test","createTestingModule","imports","ConfigModule","forRoot","load","exportConfiguration","isGlobal","PassportModule","controllers","providers","ConfigService","AuthManager","JwtService","provide","DB_TOKEN_PROVIDER","useValue","Cache","compile","useLogger","get","UserModel","generateUserTest","id","afterAll","close","it","expect","toBeDefined","res","setCookie","jest","fn","result","login","toBeInstanceOf","LoginResponseDto","toHaveBeenCalledTimes","token","access_expiration","toBeCloseTo","convertHumanTimeToSeconds","access","expiration","currentTimeStamp","refresh_expiration","refresh","clearCookie","logout","resolves","not","toThrow","exp","refreshCookies","toBe","rejects","TOKEN_TYPE","ACCESS","REFRESH","refreshToken"],"mappings":"AAAA;;;;CAIC;;;;wBAE2C;qBACjB;0BACI;yBACK;2BACV;sBACO;2BACS;wBACT;mCACG;8BACd;2BACY;gCAEH;kCACE;gCACN;oCACC;AAE5BA,SAASC,8BAAc,CAACC,IAAI,EAAE;IAC5B,IAAIC;IACJ,IAAIC;IACJ,IAAIC;IACJ,IAAIC;IAEJC,UAAU;QACRJ,SAAS,MAAMK,aAAI,CAACC,mBAAmB,CAAC;YACtCC,SAAS;gBAAC,MAAMC,oBAAY,CAACC,OAAO,CAAC;oBAAEC,MAAM;wBAACC,sCAAmB;qBAAC;oBAAEC,UAAU;gBAAK;gBAAIC,wBAAc;aAAC;YACtGC,aAAa;gBAAChB,8BAAc;aAAC;YAC7BiB,WAAW;gBAACC,qBAAa;gBAAEC,+BAAW;gBAAEC,eAAU;gBAAE;oBAAEC,SAASC,4BAAiB;oBAAEC,UAAU,CAAC;gBAAE;gBAAG;oBAAEF,SAASG,mBAAK;oBAAED,UAAU,CAAC;gBAAE;aAAE;QACrI,GAAGE,OAAO;QAEVvB,OAAOwB,SAAS,CAAC;YAAC;SAAQ;QAC1BtB,aAAaF,OAAOyB,GAAG,CAAgBT,qBAAa,EAAES,GAAG,CAAa;QACtExB,iBAAiBD,OAAOyB,GAAG,CAAiB3B,8BAAc;QAC1DK,WAAW,IAAIuB,oBAAS,CAAC;YAAE,GAAGC,IAAAA,sBAAgB,GAAE;YAAEC,IAAI;QAAI,GAAG;IAC/D;IAEAC,SAAS;QACP,MAAM7B,OAAO8B,KAAK;IACpB;IAEAC,GAAG,qBAAqB;QACtBC,OAAO9B,YAAY+B,WAAW;QAC9BD,OAAO/B,gBAAgBgC,WAAW;QAClCD,OAAO7B,UAAU8B,WAAW;IAC9B;IAEAF,GAAG,6BAA6B;QAC9B,MAAMG,MAAW;YAAEC,WAAWC,KAAKC,EAAE;QAAG;QACxC,MAAMC,SAAS,MAAMrC,eAAesC,KAAK,CAACpC,UAAU+B;QACpDF,OAAOM,QAAQL,WAAW;QAC1BD,OAAOM,QAAQE,cAAc,CAACC,kCAAgB;QAC9CT,OAAOE,IAAIC,SAAS,EAAEO,qBAAqB,CAAC;QAC5CV,OAAOM,OAAOK,KAAK,CAACC,iBAAiB,EAAEC,WAAW,CAACC,IAAAA,oCAAyB,EAAC5C,WAAWyC,KAAK,CAACI,MAAM,CAACC,UAAU,IAAIC,IAAAA,wBAAgB,KAAI,CAAC;QACxIjB,OAAOM,OAAOK,KAAK,CAACO,kBAAkB,EAAEL,WAAW,CAACC,IAAAA,oCAAyB,EAAC5C,WAAWyC,KAAK,CAACQ,OAAO,CAACH,UAAU,IAAIC,IAAAA,wBAAgB,KAAI,CAAC;IAC5I;IAEAlB,GAAG,+BAA+B;QAChC,MAAMG,MAAW;YAAEkB,aAAahB,KAAKC,EAAE;QAAG;QAC1C,MAAML,OAAO/B,eAAeoD,MAAM,CAACnB,MAAMoB,QAAQ,CAACC,GAAG,CAACC,OAAO;QAC7DxB,OAAOE,IAAIkB,WAAW,EAAEV,qBAAqB,CAAC;IAChD;IAEAX,GAAG,iCAAiC;QAClC5B,SAASsD,GAAG,GAAGR,IAAAA,wBAAgB,MAAKH,IAAAA,oCAAyB,EAAC;QAC9D,MAAMZ,MAAW;YAAEC,WAAWC,KAAKC,EAAE;QAAG;QACxC,MAAMC,SAAS,MAAMrC,eAAeyD,cAAc,CAACvD,UAAU+B;QAC7DF,OAAOM,QAAQL,WAAW;QAC1BD,OAAOE,IAAIC,SAAS,EAAEO,qBAAqB,CAAC;QAC5CV,OAAOM,OAAOM,iBAAiB,EAAEC,WAAW,CAACC,IAAAA,oCAAyB,EAAC5C,WAAWyC,KAAK,CAACI,MAAM,CAACC,UAAU,IAAIC,IAAAA,wBAAgB,KAAI,CAAC;QAClIjB,OAAOM,OAAOY,kBAAkB,EAAES,IAAI,CAACxD,SAASsD,GAAG;IACrD;IAEA1B,GAAG,qCAAqC;QACtC5B,SAASsD,GAAG,GAAGR,IAAAA,wBAAgB,MAAK;QACpC,MAAMf,MAAW;YAAEC,WAAWC,KAAKC,EAAE;QAAG;QACxC,MAAML,OAAO/B,eAAeyD,cAAc,CAACvD,UAAU+B,MAAM0B,OAAO,CAACJ,OAAO;IAC5E;IAEAzB,GAAG,mCAAmC;QACpC,MAAMO,SAAS,MAAMrC,eAAe0C,KAAK,CAACxC;QAC1C6B,OAAOM,MAAM,CAACuB,0BAAU,CAACC,MAAM,CAAC,EAAE7B,WAAW;QAC7CD,OAAOM,MAAM,CAACuB,0BAAU,CAACE,OAAO,CAAC,EAAE9B,WAAW;QAC9CD,OAAOM,MAAM,CAAC,GAAGuB,0BAAU,CAACC,MAAM,CAAC,WAAW,CAAC,CAAC,EAAEjB,WAAW,CAC3DC,IAAAA,oCAAyB,EAAC5C,WAAWyC,KAAK,CAACI,MAAM,CAACC,UAAU,IAAIC,IAAAA,wBAAgB,KAChF,CAAC;QAEHjB,OAAOM,MAAM,CAAC,GAAGuB,0BAAU,CAACE,OAAO,CAAC,WAAW,CAAC,CAAC,EAAElB,WAAW,CAC5DC,IAAAA,oCAAyB,EAAC5C,WAAWyC,KAAK,CAACQ,OAAO,CAACH,UAAU,IAAIC,IAAAA,wBAAgB,KACjF,CAAC;IAEL;IAEAlB,GAAG,uCAAuC;QACxC5B,SAASsD,GAAG,GAAGR,IAAAA,wBAAgB,MAAKH,IAAAA,oCAAyB,EAAC;QAC9D,MAAMR,SAAS,MAAMrC,eAAe+D,YAAY,CAAC7D;QACjD6B,OAAOM,MAAM,CAACuB,0BAAU,CAACC,MAAM,CAAC,EAAE7B,WAAW;QAC7CD,OAAOM,MAAM,CAACuB,0BAAU,CAACE,OAAO,CAAC,EAAE9B,WAAW;QAC9CD,OAAOM,MAAM,CAAC,GAAGuB,0BAAU,CAACC,MAAM,CAAC,WAAW,CAAC,CAAC,EAAEjB,WAAW,CAC3DC,IAAAA,oCAAyB,EAAC5C,WAAWyC,KAAK,CAACI,MAAM,CAACC,UAAU,IAAIC,IAAAA,wBAAgB,KAChF,CAAC;QAEHjB,OAAOM,MAAM,CAAC,GAAGuB,0BAAU,CAACE,OAAO,CAAC,WAAW,CAAC,CAAC,EAAEJ,IAAI,CAACxD,SAASsD,GAAG;IACtE;IAEA1B,GAAG,2CAA2C;QAC5C5B,SAASsD,GAAG,GAAGR,IAAAA,wBAAgB,MAAK;QACpC,MAAMjB,OAAO/B,eAAe+D,YAAY,CAAC7D,WAAWyD,OAAO,CAACJ,OAAO;IACrE;AACF"}
|
|
1
|
+
{"version":3,"sources":["../../../backend/src/authentication/auth.controller.spec.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { ConfigModule, ConfigService } from '@nestjs/config'\nimport { JwtService } from '@nestjs/jwt'\nimport { PassportModule } from '@nestjs/passport'\nimport { Test, TestingModule } from '@nestjs/testing'\nimport { NotificationsManager } from '../applications/notifications/services/notifications-manager.service'\nimport { UserModel } from '../applications/users/models/user.model'\nimport { UsersManager } from '../applications/users/services/users-manager.service'\nimport { generateUserTest } from '../applications/users/utils/test'\nimport { convertHumanTimeToSeconds } from '../common/functions'\nimport { currentTimeStamp } from '../common/shared'\nimport { exportConfiguration } from '../configuration/config.environment'\nimport { Cache } from '../infrastructure/cache/services/cache.service'\nimport { DB_TOKEN_PROVIDER } from '../infrastructure/database/constants'\nimport { AuthConfig } from './auth.config'\nimport { AuthController } from './auth.controller'\nimport { TOKEN_PATHS } from './constants/auth'\nimport { LoginResponseDto } from './dto/login-response.dto'\nimport { AuthTwoFaGuard } from './guards/auth-two-fa-guard'\nimport { TOKEN_TYPE } from './interfaces/token.interface'\nimport { AuthManager } from './services/auth-manager.service'\nimport { AuthMethod2FA } from './services/auth-methods/auth-method-two-fa.service'\n\ndescribe(AuthController.name, () => {\n let module: TestingModule\n let authController: AuthController\n let authConfig: AuthConfig\n let userTest: UserModel\n\n beforeAll(async () => {\n module = await Test.createTestingModule({\n imports: [await ConfigModule.forRoot({ load: [exportConfiguration], isGlobal: true }), PassportModule],\n controllers: [AuthController],\n providers: [\n ConfigService,\n AuthManager,\n JwtService,\n AuthMethod2FA,\n AuthTwoFaGuard,\n { provide: DB_TOKEN_PROVIDER, useValue: {} },\n { provide: Cache, useValue: {} },\n { provide: UsersManager, useValue: {} },\n { provide: NotificationsManager, useValue: {} }\n ]\n }).compile()\n\n module.useLogger(['fatal'])\n authConfig = module.get<ConfigService>(ConfigService).get<AuthConfig>('auth')\n authController = module.get<AuthController>(AuthController)\n userTest = new UserModel({ ...generateUserTest(), id: 888 }, false)\n })\n\n afterAll(async () => {\n await module.close()\n })\n\n it('should be defined', () => {\n expect(authConfig).toBeDefined()\n expect(authController).toBeDefined()\n expect(userTest).toBeDefined()\n })\n\n it('should set JWT in cookies', async () => {\n const res: any = { setCookie: jest.fn() }\n const result = await authController.login(userTest, res)\n expect(result).toBeDefined()\n expect(result).toBeInstanceOf(LoginResponseDto)\n expect(res.setCookie).toHaveBeenCalledTimes(4)\n expect(result.token.access_expiration).toBeCloseTo(convertHumanTimeToSeconds(authConfig.token.access.expiration) + currentTimeStamp(), -1)\n expect(result.token.refresh_expiration).toBeCloseTo(convertHumanTimeToSeconds(authConfig.token.refresh.expiration) + currentTimeStamp(), -1)\n })\n\n it('should clear JWT in cookies', async () => {\n const res: any = { clearCookie: jest.fn() }\n await expect(authController.logout(res)).resolves.not.toThrow()\n expect(res.clearCookie).toHaveBeenCalledTimes(Object.keys(TOKEN_PATHS).length)\n })\n\n it('should refresh JWT in cookies', async () => {\n userTest.exp = currentTimeStamp() + convertHumanTimeToSeconds('30s')\n const res: any = { setCookie: jest.fn() }\n const result = await authController.refreshCookies(userTest, res)\n expect(result).toBeDefined()\n expect(res.setCookie).toHaveBeenCalledTimes(4)\n expect(result.access_expiration).toBeCloseTo(convertHumanTimeToSeconds(authConfig.token.access.expiration) + currentTimeStamp(), -1)\n expect(result.refresh_expiration).toBe(userTest.exp)\n })\n\n it('should not refresh JWT in cookies', async () => {\n userTest.exp = currentTimeStamp() - 1\n const res: any = { setCookie: jest.fn() }\n await expect(authController.refreshCookies(userTest, res)).rejects.toThrow()\n })\n\n it('should get JWT in response body', async () => {\n const result = await authController.token(userTest)\n expect(result[TOKEN_TYPE.ACCESS]).toBeDefined()\n expect(result[TOKEN_TYPE.REFRESH]).toBeDefined()\n expect(result[`${TOKEN_TYPE.ACCESS}_expiration`]).toBeCloseTo(\n convertHumanTimeToSeconds(authConfig.token.access.expiration) + currentTimeStamp(),\n -1\n )\n expect(result[`${TOKEN_TYPE.REFRESH}_expiration`]).toBeCloseTo(\n convertHumanTimeToSeconds(authConfig.token.refresh.expiration) + currentTimeStamp(),\n -1\n )\n })\n\n it('should refresh JWT in response body', async () => {\n userTest.exp = currentTimeStamp() + convertHumanTimeToSeconds('30s')\n const result = await authController.refreshToken(userTest)\n expect(result[TOKEN_TYPE.ACCESS]).toBeDefined()\n expect(result[TOKEN_TYPE.REFRESH]).toBeDefined()\n expect(result[`${TOKEN_TYPE.ACCESS}_expiration`]).toBeCloseTo(\n convertHumanTimeToSeconds(authConfig.token.access.expiration) + currentTimeStamp(),\n -1\n )\n expect(result[`${TOKEN_TYPE.REFRESH}_expiration`]).toBe(userTest.exp)\n })\n\n it('should not refresh JWT in response body', async () => {\n userTest.exp = currentTimeStamp() - 1\n await expect(authController.refreshToken(userTest)).rejects.toThrow()\n })\n})\n"],"names":["describe","AuthController","name","module","authController","authConfig","userTest","beforeAll","Test","createTestingModule","imports","ConfigModule","forRoot","load","exportConfiguration","isGlobal","PassportModule","controllers","providers","ConfigService","AuthManager","JwtService","AuthMethod2FA","AuthTwoFaGuard","provide","DB_TOKEN_PROVIDER","useValue","Cache","UsersManager","NotificationsManager","compile","useLogger","get","UserModel","generateUserTest","id","afterAll","close","it","expect","toBeDefined","res","setCookie","jest","fn","result","login","toBeInstanceOf","LoginResponseDto","toHaveBeenCalledTimes","token","access_expiration","toBeCloseTo","convertHumanTimeToSeconds","access","expiration","currentTimeStamp","refresh_expiration","refresh","clearCookie","logout","resolves","not","toThrow","Object","keys","TOKEN_PATHS","length","exp","refreshCookies","toBe","rejects","TOKEN_TYPE","ACCESS","REFRESH","refreshToken"],"mappings":"AAAA;;;;CAIC;;;;wBAE2C;qBACjB;0BACI;yBACK;6CACC;2BACX;qCACG;sBACI;2BACS;wBACT;mCACG;8BACd;2BACY;gCAEH;sBACH;kCACK;gCACF;gCACJ;oCACC;wCACE;AAE9BA,SAASC,8BAAc,CAACC,IAAI,EAAE;IAC5B,IAAIC;IACJ,IAAIC;IACJ,IAAIC;IACJ,IAAIC;IAEJC,UAAU;QACRJ,SAAS,MAAMK,aAAI,CAACC,mBAAmB,CAAC;YACtCC,SAAS;gBAAC,MAAMC,oBAAY,CAACC,OAAO,CAAC;oBAAEC,MAAM;wBAACC,sCAAmB;qBAAC;oBAAEC,UAAU;gBAAK;gBAAIC,wBAAc;aAAC;YACtGC,aAAa;gBAAChB,8BAAc;aAAC;YAC7BiB,WAAW;gBACTC,qBAAa;gBACbC,+BAAW;gBACXC,eAAU;gBACVC,qCAAa;gBACbC,8BAAc;gBACd;oBAAEC,SAASC,4BAAiB;oBAAEC,UAAU,CAAC;gBAAE;gBAC3C;oBAAEF,SAASG,mBAAK;oBAAED,UAAU,CAAC;gBAAE;gBAC/B;oBAAEF,SAASI,iCAAY;oBAAEF,UAAU,CAAC;gBAAE;gBACtC;oBAAEF,SAASK,iDAAoB;oBAAEH,UAAU,CAAC;gBAAE;aAC/C;QACH,GAAGI,OAAO;QAEV3B,OAAO4B,SAAS,CAAC;YAAC;SAAQ;QAC1B1B,aAAaF,OAAO6B,GAAG,CAAgBb,qBAAa,EAAEa,GAAG,CAAa;QACtE5B,iBAAiBD,OAAO6B,GAAG,CAAiB/B,8BAAc;QAC1DK,WAAW,IAAI2B,oBAAS,CAAC;YAAE,GAAGC,IAAAA,sBAAgB,GAAE;YAAEC,IAAI;QAAI,GAAG;IAC/D;IAEAC,SAAS;QACP,MAAMjC,OAAOkC,KAAK;IACpB;IAEAC,GAAG,qBAAqB;QACtBC,OAAOlC,YAAYmC,WAAW;QAC9BD,OAAOnC,gBAAgBoC,WAAW;QAClCD,OAAOjC,UAAUkC,WAAW;IAC9B;IAEAF,GAAG,6BAA6B;QAC9B,MAAMG,MAAW;YAAEC,WAAWC,KAAKC,EAAE;QAAG;QACxC,MAAMC,SAAS,MAAMzC,eAAe0C,KAAK,CAACxC,UAAUmC;QACpDF,OAAOM,QAAQL,WAAW;QAC1BD,OAAOM,QAAQE,cAAc,CAACC,kCAAgB;QAC9CT,OAAOE,IAAIC,SAAS,EAAEO,qBAAqB,CAAC;QAC5CV,OAAOM,OAAOK,KAAK,CAACC,iBAAiB,EAAEC,WAAW,CAACC,IAAAA,oCAAyB,EAAChD,WAAW6C,KAAK,CAACI,MAAM,CAACC,UAAU,IAAIC,IAAAA,wBAAgB,KAAI,CAAC;QACxIjB,OAAOM,OAAOK,KAAK,CAACO,kBAAkB,EAAEL,WAAW,CAACC,IAAAA,oCAAyB,EAAChD,WAAW6C,KAAK,CAACQ,OAAO,CAACH,UAAU,IAAIC,IAAAA,wBAAgB,KAAI,CAAC;IAC5I;IAEAlB,GAAG,+BAA+B;QAChC,MAAMG,MAAW;YAAEkB,aAAahB,KAAKC,EAAE;QAAG;QAC1C,MAAML,OAAOnC,eAAewD,MAAM,CAACnB,MAAMoB,QAAQ,CAACC,GAAG,CAACC,OAAO;QAC7DxB,OAAOE,IAAIkB,WAAW,EAAEV,qBAAqB,CAACe,OAAOC,IAAI,CAACC,iBAAW,EAAEC,MAAM;IAC/E;IAEA7B,GAAG,iCAAiC;QAClChC,SAAS8D,GAAG,GAAGZ,IAAAA,wBAAgB,MAAKH,IAAAA,oCAAyB,EAAC;QAC9D,MAAMZ,MAAW;YAAEC,WAAWC,KAAKC,EAAE;QAAG;QACxC,MAAMC,SAAS,MAAMzC,eAAeiE,cAAc,CAAC/D,UAAUmC;QAC7DF,OAAOM,QAAQL,WAAW;QAC1BD,OAAOE,IAAIC,SAAS,EAAEO,qBAAqB,CAAC;QAC5CV,OAAOM,OAAOM,iBAAiB,EAAEC,WAAW,CAACC,IAAAA,oCAAyB,EAAChD,WAAW6C,KAAK,CAACI,MAAM,CAACC,UAAU,IAAIC,IAAAA,wBAAgB,KAAI,CAAC;QAClIjB,OAAOM,OAAOY,kBAAkB,EAAEa,IAAI,CAAChE,SAAS8D,GAAG;IACrD;IAEA9B,GAAG,qCAAqC;QACtChC,SAAS8D,GAAG,GAAGZ,IAAAA,wBAAgB,MAAK;QACpC,MAAMf,MAAW;YAAEC,WAAWC,KAAKC,EAAE;QAAG;QACxC,MAAML,OAAOnC,eAAeiE,cAAc,CAAC/D,UAAUmC,MAAM8B,OAAO,CAACR,OAAO;IAC5E;IAEAzB,GAAG,mCAAmC;QACpC,MAAMO,SAAS,MAAMzC,eAAe8C,KAAK,CAAC5C;QAC1CiC,OAAOM,MAAM,CAAC2B,0BAAU,CAACC,MAAM,CAAC,EAAEjC,WAAW;QAC7CD,OAAOM,MAAM,CAAC2B,0BAAU,CAACE,OAAO,CAAC,EAAElC,WAAW;QAC9CD,OAAOM,MAAM,CAAC,GAAG2B,0BAAU,CAACC,MAAM,CAAC,WAAW,CAAC,CAAC,EAAErB,WAAW,CAC3DC,IAAAA,oCAAyB,EAAChD,WAAW6C,KAAK,CAACI,MAAM,CAACC,UAAU,IAAIC,IAAAA,wBAAgB,KAChF,CAAC;QAEHjB,OAAOM,MAAM,CAAC,GAAG2B,0BAAU,CAACE,OAAO,CAAC,WAAW,CAAC,CAAC,EAAEtB,WAAW,CAC5DC,IAAAA,oCAAyB,EAAChD,WAAW6C,KAAK,CAACQ,OAAO,CAACH,UAAU,IAAIC,IAAAA,wBAAgB,KACjF,CAAC;IAEL;IAEAlB,GAAG,uCAAuC;QACxChC,SAAS8D,GAAG,GAAGZ,IAAAA,wBAAgB,MAAKH,IAAAA,oCAAyB,EAAC;QAC9D,MAAMR,SAAS,MAAMzC,eAAeuE,YAAY,CAACrE;QACjDiC,OAAOM,MAAM,CAAC2B,0BAAU,CAACC,MAAM,CAAC,EAAEjC,WAAW;QAC7CD,OAAOM,MAAM,CAAC2B,0BAAU,CAACE,OAAO,CAAC,EAAElC,WAAW;QAC9CD,OAAOM,MAAM,CAAC,GAAG2B,0BAAU,CAACC,MAAM,CAAC,WAAW,CAAC,CAAC,EAAErB,WAAW,CAC3DC,IAAAA,oCAAyB,EAAChD,WAAW6C,KAAK,CAACI,MAAM,CAACC,UAAU,IAAIC,IAAAA,wBAAgB,KAChF,CAAC;QAEHjB,OAAOM,MAAM,CAAC,GAAG2B,0BAAU,CAACE,OAAO,CAAC,WAAW,CAAC,CAAC,EAAEJ,IAAI,CAAChE,SAAS8D,GAAG;IACtE;IAEA9B,GAAG,2CAA2C;QAC5ChC,SAAS8D,GAAG,GAAGZ,IAAAA,wBAAgB,MAAK;QACpC,MAAMjB,OAAOnC,eAAeuE,YAAY,CAACrE,WAAWiE,OAAO,CAACR,OAAO;IACrE;AACF"}
|
|
@@ -39,7 +39,8 @@ describe('Auth (e2e)', ()=>{
|
|
|
39
39
|
});
|
|
40
40
|
afterAll(async ()=>{
|
|
41
41
|
await expect(adminUsersManager.deleteUserOrGuest(userTest.id, userTest.login, {
|
|
42
|
-
deleteSpace: true
|
|
42
|
+
deleteSpace: true,
|
|
43
|
+
isGuest: false
|
|
43
44
|
})).resolves.not.toThrow();
|
|
44
45
|
await (0, _utils.dbCloseConnection)(app);
|
|
45
46
|
await app.close();
|
|
@@ -324,13 +325,13 @@ describe('Auth (e2e)', ()=>{
|
|
|
324
325
|
expect(cookie.content).toContain('HttpOnly');
|
|
325
326
|
}
|
|
326
327
|
expect(cookie.content).not.toContain('Secure');
|
|
327
|
-
expect(cookie.content[cookie.content.length - 1].split('=')[1].toLowerCase()).toBe(authConfig.
|
|
328
|
+
expect(cookie.content[cookie.content.length - 1].split('=')[1].toLowerCase()).toBe(authConfig.cookieSameSite);
|
|
328
329
|
if (clear) {
|
|
329
330
|
expect(cookie.content[0].split('=')[1]).toBe('');
|
|
330
331
|
expect(cookie.content[1].split('=')[1]).toBe('0');
|
|
331
332
|
expect(cookie.content[3].split('=')[1]).toBe('Thu, 01 Jan 1970 00:00:00 GMT');
|
|
332
333
|
} else {
|
|
333
|
-
expect(parseInt(cookie.content[1].split('=')[1])).toBeCloseTo((0, _functions.convertHumanTimeToSeconds)(authConfig.token[cookie.type].
|
|
334
|
+
expect(parseInt(cookie.content[1].split('=')[1])).toBeCloseTo((0, _functions.convertHumanTimeToSeconds)(authConfig.token[cookie.type].expiration), -1);
|
|
334
335
|
expect(cookie.content[0].split('=')[1]).not.toBe('');
|
|
335
336
|
}
|
|
336
337
|
}
|