@things-factory/auth-base 4.3.671 → 4.3.672
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-server/constants/error-code.js +21 -0
- package/dist-server/constants/error-code.js.map +1 -0
- package/dist-server/constants/error-message.js +1 -0
- package/dist-server/constants/error-message.js.map +1 -0
- package/dist-server/constants/max-age.js +5 -0
- package/dist-server/constants/max-age.js.map +1 -0
- package/dist-server/controllers/auth.js +21 -0
- package/dist-server/controllers/auth.js.map +1 -0
- package/dist-server/controllers/change-pwd.js +80 -0
- package/dist-server/controllers/change-pwd.js.map +1 -0
- package/dist-server/controllers/checkin.js +21 -0
- package/dist-server/controllers/checkin.js.map +1 -0
- package/dist-server/controllers/delete-user.js +61 -0
- package/dist-server/controllers/delete-user.js.map +1 -0
- package/dist-server/controllers/invitation.js +119 -0
- package/dist-server/controllers/invitation.js.map +1 -0
- package/dist-server/controllers/profile.js +26 -0
- package/dist-server/controllers/profile.js.map +1 -0
- package/dist-server/controllers/reset-password.js +110 -0
- package/dist-server/controllers/reset-password.js.map +1 -0
- package/dist-server/controllers/signin.js +76 -0
- package/dist-server/controllers/signin.js.map +1 -0
- package/dist-server/controllers/signup.js +105 -0
- package/dist-server/controllers/signup.js.map +1 -0
- package/dist-server/controllers/unlock-user.js +60 -0
- package/dist-server/controllers/unlock-user.js.map +1 -0
- package/dist-server/controllers/utils/make-invitation-token.js +12 -0
- package/dist-server/controllers/utils/make-invitation-token.js.map +1 -0
- package/dist-server/controllers/utils/make-verification-token.js +12 -0
- package/dist-server/controllers/utils/make-verification-token.js.map +1 -0
- package/dist-server/controllers/utils/password-rule.js +90 -0
- package/dist-server/controllers/utils/password-rule.js.map +1 -0
- package/dist-server/controllers/utils/save-invitation-token.js +13 -0
- package/dist-server/controllers/utils/save-invitation-token.js.map +1 -0
- package/dist-server/controllers/utils/save-verification-token.js +15 -0
- package/dist-server/controllers/utils/save-verification-token.js.map +1 -0
- package/dist-server/controllers/verification.js +78 -0
- package/dist-server/controllers/verification.js.map +1 -0
- package/dist-server/errors/auth-error.js +40 -0
- package/dist-server/errors/auth-error.js.map +1 -0
- package/dist-server/errors/index.js +19 -0
- package/dist-server/errors/index.js.map +1 -0
- package/dist-server/errors/user-domain-not-match-error.js +24 -0
- package/dist-server/errors/user-domain-not-match-error.js.map +1 -0
- package/dist-server/index.js +29 -0
- package/dist-server/index.js.map +1 -0
- package/dist-server/middlewares/authenticate-401-middleware.js +84 -0
- package/dist-server/middlewares/authenticate-401-middleware.js.map +1 -0
- package/dist-server/middlewares/domain-authenticate-middleware.js +58 -0
- package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -0
- package/dist-server/middlewares/graphql-authenticate-middleware.js +17 -0
- package/dist-server/middlewares/graphql-authenticate-middleware.js.map +1 -0
- package/dist-server/middlewares/index.js +57 -0
- package/dist-server/middlewares/index.js.map +1 -0
- package/dist-server/middlewares/jwt-authenticate-middleware.js +77 -0
- package/dist-server/middlewares/jwt-authenticate-middleware.js.map +1 -0
- package/dist-server/middlewares/signin-middleware.js +47 -0
- package/dist-server/middlewares/signin-middleware.js.map +1 -0
- package/dist-server/migrations/1548206416130-SeedUser.js +46 -0
- package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -0
- package/dist-server/migrations/1566805283882-SeedPrivilege.js +26 -0
- package/dist-server/migrations/1566805283882-SeedPrivilege.js.map +1 -0
- package/dist-server/migrations/index.js +12 -0
- package/dist-server/migrations/index.js.map +1 -0
- package/dist-server/router/auth-checkin-router.js +96 -0
- package/dist-server/router/auth-checkin-router.js.map +1 -0
- package/dist-server/router/auth-private-process-router.js +91 -0
- package/dist-server/router/auth-private-process-router.js.map +1 -0
- package/dist-server/router/auth-public-process-router.js +243 -0
- package/dist-server/router/auth-public-process-router.js.map +1 -0
- package/dist-server/router/auth-signin-router.js +38 -0
- package/dist-server/router/auth-signin-router.js.map +1 -0
- package/dist-server/router/auth-signup-router.js +76 -0
- package/dist-server/router/auth-signup-router.js.map +1 -0
- package/dist-server/router/index.js +25 -0
- package/dist-server/router/index.js.map +1 -0
- package/dist-server/router/oauth2/index.js +19 -0
- package/dist-server/router/oauth2/index.js.map +1 -0
- package/dist-server/router/oauth2/oauth2-authorize-router.js +72 -0
- package/dist-server/router/oauth2/oauth2-authorize-router.js.map +1 -0
- package/dist-server/router/oauth2/oauth2-router.js +137 -0
- package/dist-server/router/oauth2/oauth2-router.js.map +1 -0
- package/dist-server/router/oauth2/oauth2-server.js +201 -0
- package/dist-server/router/oauth2/oauth2-server.js.map +1 -0
- package/dist-server/router/oauth2/passport-oauth2-client-password.js +84 -0
- package/dist-server/router/oauth2/passport-oauth2-client-password.js.map +1 -0
- package/dist-server/router/oauth2/passport-refresh-token.js +84 -0
- package/dist-server/router/oauth2/passport-refresh-token.js.map +1 -0
- package/dist-server/router/path-base-domain-router.js +15 -0
- package/dist-server/router/path-base-domain-router.js.map +1 -0
- package/dist-server/router/site-root-router.js +48 -0
- package/dist-server/router/site-root-router.js.map +1 -0
- package/dist-server/routes.js +58 -0
- package/dist-server/routes.js.map +1 -0
- package/dist-server/service/app-binding/app-binding-mutation.js +45 -0
- package/dist-server/service/app-binding/app-binding-mutation.js.map +1 -0
- package/dist-server/service/app-binding/app-binding-query.js +135 -0
- package/dist-server/service/app-binding/app-binding-query.js.map +1 -0
- package/dist-server/service/app-binding/app-binding-types.js +29 -0
- package/dist-server/service/app-binding/app-binding-types.js.map +1 -0
- package/dist-server/service/app-binding/app-binding.js +34 -0
- package/dist-server/service/app-binding/app-binding.js.map +1 -0
- package/dist-server/service/app-binding/index.js +7 -0
- package/dist-server/service/app-binding/index.js.map +1 -0
- package/dist-server/service/appliance/appliance-mutation.js +117 -0
- package/dist-server/service/appliance/appliance-mutation.js.map +1 -0
- package/dist-server/service/appliance/appliance-query.js +85 -0
- package/dist-server/service/appliance/appliance-query.js.map +1 -0
- package/dist-server/service/appliance/appliance-types.js +93 -0
- package/dist-server/service/appliance/appliance-types.js.map +1 -0
- package/dist-server/service/appliance/appliance.js +155 -0
- package/dist-server/service/appliance/appliance.js.map +1 -0
- package/dist-server/service/appliance/index.js +9 -0
- package/dist-server/service/appliance/index.js.map +1 -0
- package/dist-server/service/application/application-mutation.js +121 -0
- package/dist-server/service/application/application-mutation.js.map +1 -0
- package/dist-server/service/application/application-query.js +128 -0
- package/dist-server/service/application/application-query.js.map +1 -0
- package/dist-server/service/application/application-types.js +119 -0
- package/dist-server/service/application/application-types.js.map +1 -0
- package/dist-server/service/application/application.js +236 -0
- package/dist-server/service/application/application.js.map +1 -0
- package/dist-server/service/application/index.js +9 -0
- package/dist-server/service/application/index.js.map +1 -0
- package/dist-server/service/domain-generator/domain-generator-mutation.js +117 -0
- package/dist-server/service/domain-generator/domain-generator-mutation.js.map +1 -0
- package/dist-server/service/domain-generator/domain-generator-types.js +79 -0
- package/dist-server/service/domain-generator/domain-generator-types.js.map +1 -0
- package/dist-server/service/domain-generator/index.js +6 -0
- package/dist-server/service/domain-generator/index.js.map +1 -0
- package/dist-server/service/granted-role/granted-role-mutation.js +144 -0
- package/dist-server/service/granted-role/granted-role-mutation.js.map +1 -0
- package/dist-server/service/granted-role/granted-role-query.js +93 -0
- package/dist-server/service/granted-role/granted-role-query.js.map +1 -0
- package/dist-server/service/granted-role/granted-role.js +49 -0
- package/dist-server/service/granted-role/granted-role.js.map +1 -0
- package/dist-server/service/granted-role/index.js +9 -0
- package/dist-server/service/granted-role/index.js.map +1 -0
- package/dist-server/service/index.js +94 -0
- package/dist-server/service/index.js.map +1 -0
- package/dist-server/service/invitation/index.js +9 -0
- package/dist-server/service/invitation/index.js.map +1 -0
- package/dist-server/service/invitation/invitation-mutation.js +76 -0
- package/dist-server/service/invitation/invitation-mutation.js.map +1 -0
- package/dist-server/service/invitation/invitation-query.js +57 -0
- package/dist-server/service/invitation/invitation-query.js.map +1 -0
- package/dist-server/service/invitation/invitation-types.js +29 -0
- package/dist-server/service/invitation/invitation-types.js.map +1 -0
- package/dist-server/service/invitation/invitation.js +84 -0
- package/dist-server/service/invitation/invitation.js.map +1 -0
- package/dist-server/service/login-history/index.js +8 -0
- package/dist-server/service/login-history/index.js.map +1 -0
- package/dist-server/service/login-history/login-history-query.js +67 -0
- package/dist-server/service/login-history/login-history-query.js.map +1 -0
- package/dist-server/service/login-history/login-history.js +68 -0
- package/dist-server/service/login-history/login-history.js.map +1 -0
- package/dist-server/service/partner/index.js +9 -0
- package/dist-server/service/partner/index.js.map +1 -0
- package/dist-server/service/partner/partner-mutation.js +134 -0
- package/dist-server/service/partner/partner-mutation.js.map +1 -0
- package/dist-server/service/partner/partner-query.js +193 -0
- package/dist-server/service/partner/partner-query.js.map +1 -0
- package/dist-server/service/partner/partner-types.js +57 -0
- package/dist-server/service/partner/partner-types.js.map +1 -0
- package/dist-server/service/partner/partner.js +86 -0
- package/dist-server/service/partner/partner.js.map +1 -0
- package/dist-server/service/password-history/index.js +6 -0
- package/dist-server/service/password-history/index.js.map +1 -0
- package/dist-server/service/password-history/password-history.js +34 -0
- package/dist-server/service/password-history/password-history.js.map +1 -0
- package/dist-server/service/privilege/index.js +9 -0
- package/dist-server/service/privilege/index.js.map +1 -0
- package/dist-server/service/privilege/privilege-directive.js +85 -0
- package/dist-server/service/privilege/privilege-directive.js.map +1 -0
- package/dist-server/service/privilege/privilege-mutation.js +80 -0
- package/dist-server/service/privilege/privilege-mutation.js.map +1 -0
- package/dist-server/service/privilege/privilege-query.js +109 -0
- package/dist-server/service/privilege/privilege-query.js.map +1 -0
- package/dist-server/service/privilege/privilege-types.js +100 -0
- package/dist-server/service/privilege/privilege-types.js.map +1 -0
- package/dist-server/service/privilege/privilege.js +92 -0
- package/dist-server/service/privilege/privilege.js.map +1 -0
- package/dist-server/service/role/index.js +9 -0
- package/dist-server/service/role/index.js.map +1 -0
- package/dist-server/service/role/role-mutation.js +121 -0
- package/dist-server/service/role/role-mutation.js.map +1 -0
- package/dist-server/service/role/role-query.js +207 -0
- package/dist-server/service/role/role-query.js.map +1 -0
- package/dist-server/service/role/role-types.js +130 -0
- package/dist-server/service/role/role-types.js.map +1 -0
- package/dist-server/service/role/role.js +94 -0
- package/dist-server/service/role/role.js.map +1 -0
- package/dist-server/service/user/index.js +9 -0
- package/dist-server/service/user/index.js.map +1 -0
- package/dist-server/service/user/user-mutation.js +307 -0
- package/dist-server/service/user/user-mutation.js.map +1 -0
- package/dist-server/service/user/user-query.js +194 -0
- package/dist-server/service/user/user-query.js.map +1 -0
- package/dist-server/service/user/user-types.js +106 -0
- package/dist-server/service/user/user-types.js.map +1 -0
- package/dist-server/service/user/user.js +274 -0
- package/dist-server/service/user/user.js.map +1 -0
- package/dist-server/service/verification-token/index.js +6 -0
- package/dist-server/service/verification-token/index.js.map +1 -0
- package/dist-server/service/verification-token/verification-token.js +75 -0
- package/dist-server/service/verification-token/verification-token.js.map +1 -0
- package/dist-server/templates/account-unlock-email.js +69 -0
- package/dist-server/templates/account-unlock-email.js.map +1 -0
- package/dist-server/templates/invitation-email.js +70 -0
- package/dist-server/templates/invitation-email.js.map +1 -0
- package/dist-server/templates/reset-password-email.js +66 -0
- package/dist-server/templates/reset-password-email.js.map +1 -0
- package/dist-server/templates/verification-email.js +70 -0
- package/dist-server/templates/verification-email.js.map +1 -0
- package/dist-server/utils/accepts.js +14 -0
- package/dist-server/utils/accepts.js.map +1 -0
- package/dist-server/utils/access-token-cookie.js +45 -0
- package/dist-server/utils/access-token-cookie.js.map +1 -0
- package/dist-server/utils/check-user-belongs-domain.js +22 -0
- package/dist-server/utils/check-user-belongs-domain.js.map +1 -0
- package/dist-server/utils/get-domain-from-hostname.js +10 -0
- package/dist-server/utils/get-domain-from-hostname.js.map +1 -0
- package/dist-server/utils/get-domain-users.js +31 -0
- package/dist-server/utils/get-domain-users.js.map +1 -0
- package/dist-server/utils/get-secret.js +15 -0
- package/dist-server/utils/get-secret.js.map +1 -0
- package/dist-server/utils/get-user-domains.js +40 -0
- package/dist-server/utils/get-user-domains.js.map +1 -0
- package/package.json +5 -5
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.VERIFICATION_ERROR = exports.PASSWORD_USED_PAST = exports.USER_DUPLICATED = exports.PASSWORD_PATTERN_NOT_MATCHED = exports.CONFIRM_PASSWORD_NOT_MATCHED = exports.SUBDOMAIN_NOTFOUND = exports.AUTH_INVALID = exports.TOKEN_INVALID = exports.REDIRECT_TO_DEFAULT_DOMAIN = exports.NO_SELECTED_DOMAIN = exports.UNAVAILABLE_DOMAIN = exports.NO_AVAILABLE_DOMAIN = exports.USER_DELETED = exports.USER_LOCKED = exports.USER_NOT_ACTIVATED = exports.PASSWORD_NOT_MATCHED = exports.USER_NOT_FOUND = void 0;
|
|
4
|
+
exports.USER_NOT_FOUND = 'user not found';
|
|
5
|
+
exports.PASSWORD_NOT_MATCHED = 'password-not-matched';
|
|
6
|
+
exports.USER_NOT_ACTIVATED = 'user not activated';
|
|
7
|
+
exports.USER_LOCKED = 'user-locked';
|
|
8
|
+
exports.USER_DELETED = 'user-deleted';
|
|
9
|
+
exports.NO_AVAILABLE_DOMAIN = 'no-available-domain';
|
|
10
|
+
exports.UNAVAILABLE_DOMAIN = 'unavailable-domain';
|
|
11
|
+
exports.NO_SELECTED_DOMAIN = 'no-selected-domain';
|
|
12
|
+
exports.REDIRECT_TO_DEFAULT_DOMAIN = 'redirect-to-default-domain';
|
|
13
|
+
exports.TOKEN_INVALID = 'token-invalid';
|
|
14
|
+
exports.AUTH_INVALID = 'auth-invalid';
|
|
15
|
+
exports.SUBDOMAIN_NOTFOUND = 'subdomain not found';
|
|
16
|
+
exports.CONFIRM_PASSWORD_NOT_MATCHED = 'confirm password not matched';
|
|
17
|
+
exports.PASSWORD_PATTERN_NOT_MATCHED = 'password should match the rule';
|
|
18
|
+
exports.USER_DUPLICATED = 'user duplicated';
|
|
19
|
+
exports.PASSWORD_USED_PAST = 'password used in the past';
|
|
20
|
+
exports.VERIFICATION_ERROR = 'user or verification token not found';
|
|
21
|
+
//# sourceMappingURL=error-code.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"error-code.js","sourceRoot":"","sources":["../../server/constants/error-code.ts"],"names":[],"mappings":";;;AAAa,QAAA,cAAc,GAAG,gBAAgB,CAAA;AACjC,QAAA,oBAAoB,GAAG,sBAAsB,CAAA;AAC7C,QAAA,kBAAkB,GAAG,oBAAoB,CAAA;AACzC,QAAA,WAAW,GAAG,aAAa,CAAA;AAC3B,QAAA,YAAY,GAAG,cAAc,CAAA;AAC7B,QAAA,mBAAmB,GAAG,qBAAqB,CAAA;AAC3C,QAAA,kBAAkB,GAAG,oBAAoB,CAAA;AACzC,QAAA,kBAAkB,GAAG,oBAAoB,CAAA;AACzC,QAAA,0BAA0B,GAAG,4BAA4B,CAAA;AACzD,QAAA,aAAa,GAAG,eAAe,CAAA;AAC/B,QAAA,YAAY,GAAG,cAAc,CAAA;AAC7B,QAAA,kBAAkB,GAAG,qBAAqB,CAAA;AAC1C,QAAA,4BAA4B,GAAG,8BAA8B,CAAA;AAC7D,QAAA,4BAA4B,GAAG,gCAAgC,CAAA;AAC/D,QAAA,eAAe,GAAG,iBAAiB,CAAA;AACnC,QAAA,kBAAkB,GAAG,2BAA2B,CAAA;AAChD,QAAA,kBAAkB,GAAG,sCAAsC,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
//# sourceMappingURL=error-message.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"error-message.js","sourceRoot":"","sources":["../../server/constants/error-message.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"max-age.js","sourceRoot":"","sources":["../../server/constants/max-age.ts"],"names":[],"mappings":";;;AAAa,QAAA,OAAO,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAA"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./change-pwd"), exports);
|
|
18
|
+
__exportStar(require("./signin"), exports);
|
|
19
|
+
__exportStar(require("./signup"), exports);
|
|
20
|
+
__exportStar(require("./verification"), exports);
|
|
21
|
+
//# sourceMappingURL=auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../server/controllers/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAA4B;AAC5B,2CAAwB;AACxB,2CAAwB;AACxB,iDAA8B"}
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.changePwd = void 0;
|
|
4
|
+
const typeorm_1 = require("typeorm");
|
|
5
|
+
const user_1 = require("../service/user/user");
|
|
6
|
+
const password_history_1 = require("../service/password-history/password-history");
|
|
7
|
+
const auth_error_1 = require("../errors/auth-error");
|
|
8
|
+
const error_code_1 = require("../constants/error-code");
|
|
9
|
+
const env_1 = require("@things-factory/env");
|
|
10
|
+
const debug = require('debug')('things-factory:auth-base:changed-pwd');
|
|
11
|
+
const HISTORY_SIZE = env_1.config.get('password', { history: 0 }).history;
|
|
12
|
+
async function changePwd(attrs, currentPass, newPass, confirmPass, context) {
|
|
13
|
+
const { domain } = context.state;
|
|
14
|
+
// TODO 이 사용자가 이 도메인에 속한 사용자인지 확인해야함.
|
|
15
|
+
const repository = (0, typeorm_1.getRepository)(user_1.User);
|
|
16
|
+
const user = await repository.findOne({ where: { email: attrs.email } });
|
|
17
|
+
if (!user) {
|
|
18
|
+
throw new auth_error_1.AuthError({
|
|
19
|
+
errorCode: error_code_1.USER_NOT_FOUND
|
|
20
|
+
});
|
|
21
|
+
}
|
|
22
|
+
if (newPass !== confirmPass) {
|
|
23
|
+
throw new auth_error_1.AuthError({
|
|
24
|
+
errorCode: error_code_1.CONFIRM_PASSWORD_NOT_MATCHED
|
|
25
|
+
});
|
|
26
|
+
}
|
|
27
|
+
if (!user_1.User.verify(user.password, currentPass, user.salt)) {
|
|
28
|
+
throw new auth_error_1.AuthError({
|
|
29
|
+
errorCode: error_code_1.PASSWORD_NOT_MATCHED,
|
|
30
|
+
detail: {
|
|
31
|
+
failCount: user.failCount
|
|
32
|
+
}
|
|
33
|
+
});
|
|
34
|
+
}
|
|
35
|
+
/* check if password is following the rule */
|
|
36
|
+
user_1.User.validatePasswordByRule(newPass, context === null || context === void 0 ? void 0 : context.lng);
|
|
37
|
+
user.password = user_1.User.encode(newPass, user.salt);
|
|
38
|
+
if (HISTORY_SIZE > 0) {
|
|
39
|
+
var passwordHistory = await (0, typeorm_1.getRepository)(password_history_1.PasswordHistory).findOne(user.id);
|
|
40
|
+
var history = [];
|
|
41
|
+
if (passwordHistory) {
|
|
42
|
+
try {
|
|
43
|
+
history = JSON.parse(passwordHistory.history);
|
|
44
|
+
if (!(history instanceof Array)) {
|
|
45
|
+
debug('password history maybe currupted - not an array');
|
|
46
|
+
history = [];
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
catch (e) {
|
|
50
|
+
debug('password history currupted - not json format');
|
|
51
|
+
}
|
|
52
|
+
const found = history.slice(0, HISTORY_SIZE).find(h => {
|
|
53
|
+
return user_1.User.verify(h.password, newPass, h.salt);
|
|
54
|
+
});
|
|
55
|
+
if (found) {
|
|
56
|
+
throw new auth_error_1.AuthError({
|
|
57
|
+
errorCode: error_code_1.PASSWORD_USED_PAST
|
|
58
|
+
});
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
await repository.save(Object.assign(Object.assign({}, user), { passwordUpdatedAt: new Date() }));
|
|
63
|
+
if (HISTORY_SIZE > 0) {
|
|
64
|
+
history = [
|
|
65
|
+
{
|
|
66
|
+
password: user.password,
|
|
67
|
+
salt: user.salt
|
|
68
|
+
},
|
|
69
|
+
...history
|
|
70
|
+
].slice(0, HISTORY_SIZE);
|
|
71
|
+
await (0, typeorm_1.getRepository)(password_history_1.PasswordHistory).save({
|
|
72
|
+
userId: user.id,
|
|
73
|
+
history: JSON.stringify(history)
|
|
74
|
+
});
|
|
75
|
+
debug('password history updated', history.length);
|
|
76
|
+
}
|
|
77
|
+
return await user.sign({ subdomain: domain.subdomain });
|
|
78
|
+
}
|
|
79
|
+
exports.changePwd = changePwd;
|
|
80
|
+
//# sourceMappingURL=change-pwd.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"change-pwd.js","sourceRoot":"","sources":["../../server/controllers/change-pwd.ts"],"names":[],"mappings":";;;AAAA,qCAAuC;AACvC,+CAA2C;AAC3C,mFAA8E;AAC9E,qDAAgD;AAChD,wDAKgC;AAEhC,6CAA4C;AAE5C,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,sCAAsC,CAAC,CAAA;AAEtE,MAAM,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,OAAO,CAAA;AAE5D,KAAK,UAAU,SAAS,CAAC,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO;IAC/E,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEhC,qCAAqC;IACrC,MAAM,UAAU,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;IACtC,MAAM,IAAI,GAAS,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IAE9E,IAAI,CAAC,IAAI,EAAE;QACT,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,2BAAc;SAC1B,CAAC,CAAA;KACH;IAED,IAAI,OAAO,KAAK,WAAW,EAAE;QAC3B,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,yCAA4B;SACxC,CAAC,CAAA;KACH;IAED,IAAI,CAAC,WAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE;QACvD,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,iCAAoB;YAC/B,MAAM,EAAE;gBACN,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B;SACF,CAAC,CAAA;KACH;IACD,6CAA6C;IAC7C,WAAI,CAAC,sBAAsB,CAAC,OAAO,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,CAAC,CAAA;IAElD,IAAI,CAAC,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IAE/C,IAAI,YAAY,GAAG,CAAC,EAAE;QACpB,IAAI,eAAe,GAAoB,MAAM,IAAA,uBAAa,EAAC,kCAAe,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAC5F,IAAI,OAAO,GAAG,EAAE,CAAA;QAEhB,IAAI,eAAe,EAAE;YACnB,IAAI;gBACF,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,CAAC,CAAA;gBAC7C,IAAI,CAAC,CAAC,OAAO,YAAY,KAAK,CAAC,EAAE;oBAC/B,KAAK,CAAC,iDAAiD,CAAC,CAAA;oBACxD,OAAO,GAAG,EAAE,CAAA;iBACb;aACF;YAAC,OAAO,CAAC,EAAE;gBACV,KAAK,CAAC,8CAA8C,CAAC,CAAA;aACtD;YAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBACpD,OAAO,WAAI,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAA;YACjD,CAAC,CAAC,CAAA;YAEF,IAAI,KAAK,EAAE;gBACT,MAAM,IAAI,sBAAS,CAAC;oBAClB,SAAS,EAAE,+BAAkB;iBAC9B,CAAC,CAAA;aACH;SACF;KACF;IAED,MAAM,UAAU,CAAC,IAAI,iCAChB,IAAI,KACP,iBAAiB,EAAE,IAAI,IAAI,EAAE,IAC7B,CAAA;IAEF,IAAI,YAAY,GAAG,CAAC,EAAE;QACpB,OAAO,GAAG;YACR;gBACE,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB;YACD,GAAG,OAAO;SACX,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAA;QAExB,MAAM,IAAA,uBAAa,EAAC,kCAAe,CAAC,CAAC,IAAI,CAAC;YACxC,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;SACjC,CAAC,CAAA;QAEF,KAAK,CAAC,0BAA0B,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;KAClD;IAED,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,CAAC,CAAA;AACzD,CAAC;AAlFD,8BAkFC"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.checkin = void 0;
|
|
4
|
+
const get_user_domains_1 = require("../utils/get-user-domains");
|
|
5
|
+
const typeorm_1 = require("typeorm");
|
|
6
|
+
const user_1 = require("../service/user/user");
|
|
7
|
+
async function checkin({ userId, subdomain }) {
|
|
8
|
+
const userRepo = (0, typeorm_1.getRepository)(user_1.User);
|
|
9
|
+
const user = await userRepo.findOne({ where: { id: userId } });
|
|
10
|
+
const domains = await (0, get_user_domains_1.getUserDomains)(user);
|
|
11
|
+
if (!(domains === null || domains === void 0 ? void 0 : domains.length)) {
|
|
12
|
+
return false;
|
|
13
|
+
}
|
|
14
|
+
const domain = domains.find(domain => domain.subdomain == subdomain);
|
|
15
|
+
if (!domain) {
|
|
16
|
+
return false;
|
|
17
|
+
}
|
|
18
|
+
return await user.sign({ subdomain });
|
|
19
|
+
}
|
|
20
|
+
exports.checkin = checkin;
|
|
21
|
+
//# sourceMappingURL=checkin.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"checkin.js","sourceRoot":"","sources":["../../server/controllers/checkin.ts"],"names":[],"mappings":";;;AAAA,gEAA0D;AAE1D,qCAAuC;AACvC,+CAA2C;AAEpC,KAAK,UAAU,OAAO,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE;IACjD,MAAM,QAAQ,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAA;IAC9D,MAAM,OAAO,GAAa,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IAEpD,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,CAAA,EAAE;QACpB,OAAO,KAAK,CAAA;KACb;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;IACpE,IAAI,CAAC,MAAM,EAAE;QACX,OAAO,KAAK,CAAA;KACb;IAED,OAAO,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC,CAAA;AACvC,CAAC;AAfD,0BAeC"}
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.deleteUsers = exports.deleteUser = void 0;
|
|
4
|
+
const typeorm_1 = require("typeorm");
|
|
5
|
+
const user_1 = require("../service/user/user");
|
|
6
|
+
const auth_error_1 = require("../errors/auth-error");
|
|
7
|
+
const error_code_1 = require("../constants/error-code");
|
|
8
|
+
async function deleteUser(attrs, tx) {
|
|
9
|
+
// TODO 이 사용자가 이 도메인에 속한 사용자인지 확인해야함.
|
|
10
|
+
// TODO 다른 도메인에도 포함되어있다면, domains-users 관게와 해당 도메인 관련 정보만 삭제해야 함.
|
|
11
|
+
const repository = tx === null || tx === void 0 ? void 0 : tx.getRepository(user_1.User);
|
|
12
|
+
const user = await repository.findOne({ where: { email: attrs.email } });
|
|
13
|
+
if (!user) {
|
|
14
|
+
throw new auth_error_1.AuthError({
|
|
15
|
+
errorCode: error_code_1.USER_NOT_FOUND
|
|
16
|
+
});
|
|
17
|
+
}
|
|
18
|
+
user.status = user_1.UserStatus.DELETED;
|
|
19
|
+
user.domains = [];
|
|
20
|
+
await repository.save(user);
|
|
21
|
+
// repository api는 작동하지 않음.
|
|
22
|
+
// await txManager
|
|
23
|
+
// .createQueryBuilder()
|
|
24
|
+
// .delete()
|
|
25
|
+
// .from('users_domains')
|
|
26
|
+
// .where({
|
|
27
|
+
// usersId: user.id
|
|
28
|
+
// })
|
|
29
|
+
// .execute()
|
|
30
|
+
}
|
|
31
|
+
exports.deleteUser = deleteUser;
|
|
32
|
+
async function deleteUsers(attrs, tx) {
|
|
33
|
+
// TODO 이 사용자가 이 도메인에 속한 사용자인지 확인해야함.
|
|
34
|
+
// TODO 다른 도메인에도 포함되어있다면, domains-users 관게와 해당 도메인 관련 정보만 삭제해야 함.
|
|
35
|
+
const { emails } = attrs;
|
|
36
|
+
const repo = tx === null || tx === void 0 ? void 0 : tx.getRepository(user_1.User);
|
|
37
|
+
const users = await repo.find({
|
|
38
|
+
where: {
|
|
39
|
+
email: (0, typeorm_1.In)(emails)
|
|
40
|
+
}
|
|
41
|
+
});
|
|
42
|
+
const userIds = [];
|
|
43
|
+
users.forEach(user => {
|
|
44
|
+
user.status = user_1.UserStatus.DELETED;
|
|
45
|
+
user.domains = [];
|
|
46
|
+
userIds.push(user.id);
|
|
47
|
+
});
|
|
48
|
+
await repo.save(users);
|
|
49
|
+
// repository api는 작동하지 않음.
|
|
50
|
+
// await txManager
|
|
51
|
+
// .createQueryBuilder()
|
|
52
|
+
// .delete()
|
|
53
|
+
// .from('users_domains')
|
|
54
|
+
// .where({
|
|
55
|
+
// usersId: In(userIds)
|
|
56
|
+
// })
|
|
57
|
+
// .execute()
|
|
58
|
+
return true;
|
|
59
|
+
}
|
|
60
|
+
exports.deleteUsers = deleteUsers;
|
|
61
|
+
//# sourceMappingURL=delete-user.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"delete-user.js","sourceRoot":"","sources":["../../server/controllers/delete-user.ts"],"names":[],"mappings":";;;AAAA,qCAA2C;AAC3C,+CAAuD;AACvD,qDAAgD;AAChD,wDAAwD;AAEjD,KAAK,UAAU,UAAU,CAAC,KAAK,EAAE,EAAkB;IACxD,qCAAqC;IACrC,iEAAiE;IAEjE,MAAM,UAAU,GAAG,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,aAAa,CAAC,WAAI,CAAC,CAAA;IAC1C,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IACxE,IAAI,CAAC,IAAI,EAAE;QACT,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,2BAAc;SAC1B,CAAC,CAAA;KACH;IAED,IAAI,CAAC,MAAM,GAAG,iBAAU,CAAC,OAAO,CAAA;IAChC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAA;IAEjB,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAE3B,2BAA2B;IAC3B,kBAAkB;IAClB,0BAA0B;IAC1B,cAAc;IACd,2BAA2B;IAC3B,aAAa;IACb,uBAAuB;IACvB,OAAO;IACP,eAAe;AACjB,CAAC;AA1BD,gCA0BC;AAEM,KAAK,UAAU,WAAW,CAAC,KAAK,EAAE,EAAkB;IACzD,qCAAqC;IACrC,iEAAiE;IAEjE,MAAM,EAAE,MAAM,EAAE,GAAG,KAAK,CAAA;IAExB,MAAM,IAAI,GAAG,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,aAAa,CAAC,WAAI,CAAC,CAAA;IAEpC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC;QAC5B,KAAK,EAAE;YACL,KAAK,EAAE,IAAA,YAAE,EAAC,MAAM,CAAC;SAClB;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,EAAE,CAAA;IAClB,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;QACnB,IAAI,CAAC,MAAM,GAAG,iBAAU,CAAC,OAAO,CAAA;QAChC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAA;QAEjB,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IACvB,CAAC,CAAC,CAAA;IAEF,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;IAEtB,2BAA2B;IAC3B,kBAAkB;IAClB,0BAA0B;IAC1B,cAAc;IACd,2BAA2B;IAC3B,aAAa;IACb,2BAA2B;IAC3B,OAAO;IACP,eAAe;IACf,OAAO,IAAI,CAAA;AACb,CAAC;AAlCD,kCAkCC"}
|
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.resendInvitationEmail = exports.sendInvitationEmail = exports.acceptInvitation = exports.invite = void 0;
|
|
4
|
+
const shell_1 = require("@things-factory/shell");
|
|
5
|
+
const email_base_1 = require("@things-factory/email-base");
|
|
6
|
+
const typeorm_1 = require("typeorm");
|
|
7
|
+
const url_1 = require("url");
|
|
8
|
+
const user_1 = require("../service/user/user");
|
|
9
|
+
const invitation_1 = require("../service/invitation/invitation");
|
|
10
|
+
const invitation_email_1 = require("../templates/invitation-email");
|
|
11
|
+
const make_invitation_token_1 = require("./utils/make-invitation-token");
|
|
12
|
+
const save_invitation_token_1 = require("./utils/save-invitation-token");
|
|
13
|
+
const debug = require('debug')('things-factory:auth-base:invitation');
|
|
14
|
+
async function invite(attrs, withEmailInvitation) {
|
|
15
|
+
const { email, reference, type, context } = attrs;
|
|
16
|
+
var user = await (0, typeorm_1.getRepository)(user_1.User).findOne({ where: { email }, relations: ['domains'] });
|
|
17
|
+
var domains = user.domains;
|
|
18
|
+
// TODO reference should not be a domain.id (security reason)
|
|
19
|
+
debug('invite', email, reference, type);
|
|
20
|
+
if (user) {
|
|
21
|
+
const domain = domains.find(domain => domain.id == reference);
|
|
22
|
+
if (domain) {
|
|
23
|
+
const msg = `user already a member of the ${type}.`;
|
|
24
|
+
debug('invite', msg);
|
|
25
|
+
throw new Error(msg);
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
if (withEmailInvitation) {
|
|
29
|
+
var invitation = await (0, typeorm_1.getRepository)(invitation_1.Invitation).findOne({
|
|
30
|
+
email,
|
|
31
|
+
reference,
|
|
32
|
+
type
|
|
33
|
+
});
|
|
34
|
+
if (!invitation) {
|
|
35
|
+
invitation = await (0, typeorm_1.getRepository)(invitation_1.Invitation).save({
|
|
36
|
+
email,
|
|
37
|
+
reference,
|
|
38
|
+
type
|
|
39
|
+
});
|
|
40
|
+
}
|
|
41
|
+
return await sendInvitationEmail({
|
|
42
|
+
invitation,
|
|
43
|
+
context
|
|
44
|
+
});
|
|
45
|
+
}
|
|
46
|
+
if (user) {
|
|
47
|
+
user.domains = [...domains, await (0, typeorm_1.getRepository)(shell_1.Domain).findOne(reference)];
|
|
48
|
+
await (0, typeorm_1.getRepository)(user_1.User).save(user);
|
|
49
|
+
}
|
|
50
|
+
else {
|
|
51
|
+
// TODO need to signup
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
exports.invite = invite;
|
|
55
|
+
async function acceptInvitation(token) {
|
|
56
|
+
var invitation = await (0, typeorm_1.getRepository)(invitation_1.Invitation).findOne({
|
|
57
|
+
token
|
|
58
|
+
});
|
|
59
|
+
debug('accept-invitation', invitation);
|
|
60
|
+
if (!invitation) {
|
|
61
|
+
throw new Error(`not found invitation.`);
|
|
62
|
+
}
|
|
63
|
+
var { email, reference, type } = invitation;
|
|
64
|
+
var user = await (0, typeorm_1.getRepository)(user_1.User).findOne({ where: { email }, relations: ['domains'] });
|
|
65
|
+
if (user) {
|
|
66
|
+
var domains = user.domains;
|
|
67
|
+
const domain = domains.find(domain => domain.id == reference);
|
|
68
|
+
if (domain) {
|
|
69
|
+
const msg = `user already a member of the ${type}.`;
|
|
70
|
+
debug('accept-invitation', msg);
|
|
71
|
+
throw new Error(msg);
|
|
72
|
+
}
|
|
73
|
+
user.domains = [...domains, await (0, typeorm_1.getRepository)(shell_1.Domain).findOne(reference)];
|
|
74
|
+
await (0, typeorm_1.getRepository)(user_1.User).save(user);
|
|
75
|
+
await (0, typeorm_1.getRepository)(invitation_1.Invitation).delete(invitation.id);
|
|
76
|
+
}
|
|
77
|
+
else {
|
|
78
|
+
// TODO goto signup
|
|
79
|
+
}
|
|
80
|
+
return true;
|
|
81
|
+
}
|
|
82
|
+
exports.acceptInvitation = acceptInvitation;
|
|
83
|
+
async function sendInvitationEmail({ invitation, context }) {
|
|
84
|
+
try {
|
|
85
|
+
var token = (0, make_invitation_token_1.makeInvitationToken)();
|
|
86
|
+
var verifaction = await (0, save_invitation_token_1.saveInvitationToken)(invitation.id, token);
|
|
87
|
+
if (verifaction) {
|
|
88
|
+
var serviceUrl = new url_1.URL(`/auth/accept/${token}`, context.header.referer);
|
|
89
|
+
await (0, email_base_1.sendEmail)({
|
|
90
|
+
receiver: invitation.email,
|
|
91
|
+
subject: 'Invitation',
|
|
92
|
+
content: (0, invitation_email_1.getInvitationEmailForm)({
|
|
93
|
+
email: invitation.email,
|
|
94
|
+
acceptUrl: serviceUrl
|
|
95
|
+
})
|
|
96
|
+
});
|
|
97
|
+
return true;
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
catch (e) {
|
|
101
|
+
return false;
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
exports.sendInvitationEmail = sendInvitationEmail;
|
|
105
|
+
async function resendInvitationEmail({ email, reference, type }, context) {
|
|
106
|
+
var invitation = await (0, typeorm_1.getRepository)(invitation_1.Invitation).findOne({
|
|
107
|
+
email,
|
|
108
|
+
reference,
|
|
109
|
+
type
|
|
110
|
+
});
|
|
111
|
+
if (!invitation)
|
|
112
|
+
return false;
|
|
113
|
+
return await sendInvitationEmail({
|
|
114
|
+
invitation,
|
|
115
|
+
context
|
|
116
|
+
});
|
|
117
|
+
}
|
|
118
|
+
exports.resendInvitationEmail = resendInvitationEmail;
|
|
119
|
+
//# sourceMappingURL=invitation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"invitation.js","sourceRoot":"","sources":["../../server/controllers/invitation.ts"],"names":[],"mappings":";;;AAAA,iDAA8C;AAC9C,2DAAsD;AACtD,qCAAuC;AACvC,6BAAyB;AACzB,+CAAuD;AACvD,iEAA6D;AAC7D,oEAAsE;AACtE,yEAAmE;AACnE,yEAAmE;AAEnE,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,qCAAqC,CAAC,CAAA;AAE9D,KAAK,UAAU,MAAM,CAAC,KAAK,EAAE,mBAA6B;IAC/D,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,KAAK,CAAA;IAEjD,IAAI,IAAI,GAAG,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;IAC1F,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;IAE1B,6DAA6D;IAC7D,KAAK,CAAC,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,CAAC,CAAA;IAEvC,IAAI,IAAI,EAAE;QACR,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,IAAI,SAAS,CAAC,CAAA;QAE7D,IAAI,MAAM,EAAE;YACV,MAAM,GAAG,GAAG,gCAAgC,IAAI,GAAG,CAAA;YACnD,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;YACpB,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAA;SACrB;KACF;IAED,IAAI,mBAAmB,EAAE;QACvB,IAAI,UAAU,GAAG,MAAM,IAAA,uBAAa,EAAC,uBAAU,CAAC,CAAC,OAAO,CAAC;YACvD,KAAK;YACL,SAAS;YACT,IAAI;SACL,CAAC,CAAA;QAEF,IAAI,CAAC,UAAU,EAAE;YACf,UAAU,GAAG,MAAM,IAAA,uBAAa,EAAC,uBAAU,CAAC,CAAC,IAAI,CAAC;gBAChD,KAAK;gBACL,SAAS;gBACT,IAAI;aACL,CAAC,CAAA;SACH;QAED,OAAO,MAAM,mBAAmB,CAAC;YAC/B,UAAU;YACV,OAAO;SACR,CAAC,CAAA;KACH;IAED,IAAI,IAAI,EAAE;QACR,IAAI,CAAC,OAAO,GAAG,CAAC,GAAG,OAAO,EAAE,MAAM,IAAA,uBAAa,EAAC,cAAM,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAA;QAC3E,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;KACrC;SAAM;QACL,sBAAsB;KACvB;AACH,CAAC;AA9CD,wBA8CC;AAEM,KAAK,UAAU,gBAAgB,CAAC,KAAK;IAC1C,IAAI,UAAU,GAAG,MAAM,IAAA,uBAAa,EAAC,uBAAU,CAAC,CAAC,OAAO,CAAC;QACvD,KAAK;KACN,CAAC,CAAA;IAEF,KAAK,CAAC,mBAAmB,EAAE,UAAU,CAAC,CAAA;IAEtC,IAAI,CAAC,UAAU,EAAE;QACf,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAA;KACzC;IAED,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,UAAU,CAAA;IAE3C,IAAI,IAAI,GAAG,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;IAE1F,IAAI,IAAI,EAAE;QACR,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC1B,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,IAAI,SAAS,CAAC,CAAA;QAE7D,IAAI,MAAM,EAAE;YACV,MAAM,GAAG,GAAG,gCAAgC,IAAI,GAAG,CAAA;YACnD,KAAK,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAA;YAC/B,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAA;SACrB;QAED,IAAI,CAAC,OAAO,GAAG,CAAC,GAAG,OAAO,EAAE,MAAM,IAAA,uBAAa,EAAC,cAAM,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAA;QAC3E,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAEpC,MAAM,IAAA,uBAAa,EAAC,uBAAU,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC,CAAA;KACtD;SAAM;QACL,mBAAmB;KACpB;IAED,OAAO,IAAI,CAAA;AACb,CAAC;AAlCD,4CAkCC;AAEM,KAAK,UAAU,mBAAmB,CAAC,EAAE,UAAU,EAAE,OAAO,EAAE;IAC/D,IAAI;QACF,IAAI,KAAK,GAAG,IAAA,2CAAmB,GAAE,CAAA;QACjC,IAAI,WAAW,GAAG,MAAM,IAAA,2CAAmB,EAAC,UAAU,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;QAEjE,IAAI,WAAW,EAAE;YACf,IAAI,UAAU,GAAG,IAAI,SAAG,CAAC,gBAAgB,KAAK,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YAEzE,MAAM,IAAA,sBAAS,EAAC;gBACd,QAAQ,EAAE,UAAU,CAAC,KAAK;gBAC1B,OAAO,EAAE,YAAY;gBACrB,OAAO,EAAE,IAAA,yCAAsB,EAAC;oBAC9B,KAAK,EAAE,UAAU,CAAC,KAAK;oBACvB,SAAS,EAAE,UAAU;iBACtB,CAAC;aACH,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;SACZ;KACF;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,KAAK,CAAA;KACb;AACH,CAAC;AAtBD,kDAsBC;AAEM,KAAK,UAAU,qBAAqB,CACzC,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAsD,EAC9E,OAAO;IAEP,IAAI,UAAU,GAAG,MAAM,IAAA,uBAAa,EAAC,uBAAU,CAAC,CAAC,OAAO,CAAC;QACvD,KAAK;QACL,SAAS;QACT,IAAI;KACL,CAAC,CAAA;IAEF,IAAI,CAAC,UAAU;QAAE,OAAO,KAAK,CAAA;IAE7B,OAAO,MAAM,mBAAmB,CAAC;QAC/B,UAAU;QACV,OAAO;KACR,CAAC,CAAA;AACJ,CAAC;AAhBD,sDAgBC"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.updateProfile = void 0;
|
|
4
|
+
const typeorm_1 = require("typeorm");
|
|
5
|
+
const error_code_1 = require("../constants/error-code");
|
|
6
|
+
const user_1 = require("../service/user/user");
|
|
7
|
+
const auth_error_1 = require("../errors/auth-error");
|
|
8
|
+
async function updateProfile({ id }, newProfiles) {
|
|
9
|
+
const repository = (0, typeorm_1.getRepository)(user_1.User);
|
|
10
|
+
const user = await repository.findOne(id);
|
|
11
|
+
if (!user) {
|
|
12
|
+
throw new auth_error_1.AuthError({
|
|
13
|
+
errorCode: error_code_1.USER_NOT_FOUND
|
|
14
|
+
});
|
|
15
|
+
}
|
|
16
|
+
/* only 'name', 'email' and 'locale' attributes can be changed */
|
|
17
|
+
var allowed = ['name', 'email', 'locale']
|
|
18
|
+
.filter(attr => attr in newProfiles)
|
|
19
|
+
.reduce((sum, attr) => {
|
|
20
|
+
sum[attr] = newProfiles[attr];
|
|
21
|
+
return sum;
|
|
22
|
+
}, {});
|
|
23
|
+
return await repository.save(Object.assign(Object.assign({}, user), allowed));
|
|
24
|
+
}
|
|
25
|
+
exports.updateProfile = updateProfile;
|
|
26
|
+
//# sourceMappingURL=profile.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"profile.js","sourceRoot":"","sources":["../../server/controllers/profile.ts"],"names":[],"mappings":";;;AAAA,qCAAuC;AACvC,wDAAwD;AACxD,+CAA2C;AAC3C,qDAAgD;AAEzC,KAAK,UAAU,aAAa,CAAC,EAAE,EAAE,EAAE,EAAE,WAAW;IACrD,MAAM,UAAU,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;IACtC,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IACzC,IAAI,CAAC,IAAI,EAAE;QACT,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,2BAAc;SAC1B,CAAC,CAAA;KACH;IAED,iEAAiE;IACjE,IAAI,OAAO,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC;SACtC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,IAAI,WAAW,CAAC;SACnC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;QACpB,GAAG,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,IAAI,CAAC,CAAA;QAC7B,OAAO,GAAG,CAAA;IACZ,CAAC,EAAE,EAAE,CAAC,CAAA;IAER,OAAO,MAAM,UAAU,CAAC,IAAI,iCACvB,IAAI,GACJ,OAAO,EACV,CAAA;AACJ,CAAC;AArBD,sCAqBC"}
|
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.resetPassword = exports.sendPasswordResetEmail = void 0;
|
|
4
|
+
const email_base_1 = require("@things-factory/email-base");
|
|
5
|
+
const typeorm_1 = require("typeorm");
|
|
6
|
+
const url_1 = require("url");
|
|
7
|
+
const user_1 = require("../service/user/user");
|
|
8
|
+
const verification_token_1 = require("../service/verification-token/verification-token");
|
|
9
|
+
const password_history_1 = require("../service/password-history/password-history");
|
|
10
|
+
const reset_password_email_1 = require("../templates/reset-password-email");
|
|
11
|
+
const make_verification_token_1 = require("./utils/make-verification-token");
|
|
12
|
+
const save_verification_token_1 = require("./utils/save-verification-token");
|
|
13
|
+
const env_1 = require("@things-factory/env");
|
|
14
|
+
const error_code_1 = require("../constants/error-code");
|
|
15
|
+
const auth_error_1 = require("../errors/auth-error");
|
|
16
|
+
const HISTORY_SIZE = env_1.config.get('password', { history: 0 }).history;
|
|
17
|
+
const debug = require('debug')('things-factory:auth-base:reset-password');
|
|
18
|
+
async function sendPasswordResetEmail({ user, context }) {
|
|
19
|
+
try {
|
|
20
|
+
var token = (0, make_verification_token_1.makeVerificationToken)();
|
|
21
|
+
var verifaction = await (0, save_verification_token_1.saveVerificationToken)(user.id, token, verification_token_1.VerificationTokenType.PASSWORD_RESET);
|
|
22
|
+
if (verifaction) {
|
|
23
|
+
var serviceUrl = new url_1.URL(`/auth/reset-password?token=${token}`, context.header.referer);
|
|
24
|
+
await (0, email_base_1.sendEmail)({
|
|
25
|
+
receiver: user.email,
|
|
26
|
+
subject: 'Reset your password',
|
|
27
|
+
content: (0, reset_password_email_1.getResetPasswordEmailForm)({
|
|
28
|
+
resetUrl: serviceUrl
|
|
29
|
+
})
|
|
30
|
+
});
|
|
31
|
+
return true;
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
catch (e) {
|
|
35
|
+
return false;
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
exports.sendPasswordResetEmail = sendPasswordResetEmail;
|
|
39
|
+
async function resetPassword(token, password, context) {
|
|
40
|
+
const { t } = context;
|
|
41
|
+
const verificationToken = await (0, typeorm_1.getRepository)(verification_token_1.VerificationToken).findOne({
|
|
42
|
+
where: {
|
|
43
|
+
token,
|
|
44
|
+
type: verification_token_1.VerificationTokenType.PASSWORD_RESET
|
|
45
|
+
}
|
|
46
|
+
});
|
|
47
|
+
if (!verificationToken) {
|
|
48
|
+
throw new Error(t('text.invalid verification token'));
|
|
49
|
+
}
|
|
50
|
+
const { userId } = verificationToken;
|
|
51
|
+
if (!userId) {
|
|
52
|
+
throw new Error(t('text.invalid verification token'));
|
|
53
|
+
}
|
|
54
|
+
var user = await (0, typeorm_1.getRepository)(user_1.User).findOne(userId);
|
|
55
|
+
if (!user) {
|
|
56
|
+
throw new Error(t('error.user not found'));
|
|
57
|
+
}
|
|
58
|
+
// if (user.status == UserStatus.INACTIVE) {
|
|
59
|
+
// throw new Error(t('text.inactive user'))
|
|
60
|
+
// }
|
|
61
|
+
/* check if password is following the rule */
|
|
62
|
+
user_1.User.validatePasswordByRule(password, context === null || context === void 0 ? void 0 : context.lng);
|
|
63
|
+
user.password = user_1.User.encode(password, user.salt);
|
|
64
|
+
if (HISTORY_SIZE > 0) {
|
|
65
|
+
var passwordHistory = await (0, typeorm_1.getRepository)(password_history_1.PasswordHistory).findOne(user.id);
|
|
66
|
+
var history = [];
|
|
67
|
+
if (passwordHistory) {
|
|
68
|
+
try {
|
|
69
|
+
history = JSON.parse(passwordHistory.history);
|
|
70
|
+
if (!(history instanceof Array)) {
|
|
71
|
+
debug('password history maybe currupted - not an array');
|
|
72
|
+
history = [];
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
catch (e) {
|
|
76
|
+
debug('password history currupted - not json format');
|
|
77
|
+
}
|
|
78
|
+
const found = history.slice(0, HISTORY_SIZE).find(h => {
|
|
79
|
+
return user_1.User.verify(h.password, password, h.salt);
|
|
80
|
+
});
|
|
81
|
+
if (found) {
|
|
82
|
+
throw new auth_error_1.AuthError({
|
|
83
|
+
errorCode: error_code_1.PASSWORD_USED_PAST
|
|
84
|
+
});
|
|
85
|
+
}
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
await (0, typeorm_1.getRepository)(user_1.User).save(Object.assign(Object.assign({}, user), { passwordUpdatedAt: new Date() }));
|
|
89
|
+
await (0, typeorm_1.getRepository)(verification_token_1.VerificationToken).delete({
|
|
90
|
+
userId,
|
|
91
|
+
token,
|
|
92
|
+
type: verification_token_1.VerificationTokenType.PASSWORD_RESET
|
|
93
|
+
});
|
|
94
|
+
if (HISTORY_SIZE > 0) {
|
|
95
|
+
history = [
|
|
96
|
+
{
|
|
97
|
+
password: user.password,
|
|
98
|
+
salt: user.salt
|
|
99
|
+
},
|
|
100
|
+
...history
|
|
101
|
+
].slice(0, HISTORY_SIZE);
|
|
102
|
+
await (0, typeorm_1.getRepository)(password_history_1.PasswordHistory).save({
|
|
103
|
+
userId: user.id,
|
|
104
|
+
history: JSON.stringify(history)
|
|
105
|
+
});
|
|
106
|
+
debug('password history updated', history.length);
|
|
107
|
+
}
|
|
108
|
+
}
|
|
109
|
+
exports.resetPassword = resetPassword;
|
|
110
|
+
//# sourceMappingURL=reset-password.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"reset-password.js","sourceRoot":"","sources":["../../server/controllers/reset-password.ts"],"names":[],"mappings":";;;AAAA,2DAAsD;AACtD,qCAAuC;AACvC,6BAAyB;AACzB,+CAAuD;AACvD,yFAA2G;AAC3G,mFAA8E;AAC9E,4EAA6E;AAC7E,6EAAuE;AACvE,6EAAuE;AACvE,6CAA4C;AAC5C,wDAA4D;AAC5D,qDAAgD;AAEhD,MAAM,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,OAAO,CAAA;AACnE,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,yCAAyC,CAAC,CAAA;AAElE,KAAK,UAAU,sBAAsB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE;IAC5D,IAAI;QACF,IAAI,KAAK,GAAG,IAAA,+CAAqB,GAAE,CAAA;QACnC,IAAI,WAAW,GAAG,MAAM,IAAA,+CAAqB,EAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,0CAAqB,CAAC,cAAc,CAAC,CAAA;QAEnG,IAAI,WAAW,EAAE;YACf,IAAI,UAAU,GAAG,IAAI,SAAG,CAAC,8BAA8B,KAAK,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YACvF,MAAM,IAAA,sBAAS,EAAC;gBACd,QAAQ,EAAE,IAAI,CAAC,KAAK;gBACpB,OAAO,EAAE,qBAAqB;gBAC9B,OAAO,EAAE,IAAA,gDAAyB,EAAC;oBACjC,QAAQ,EAAE,UAAU;iBACrB,CAAC;aACH,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;SACZ;KACF;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,KAAK,CAAA;KACb;AACH,CAAC;AApBD,wDAoBC;AAEM,KAAK,UAAU,aAAa,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO;IAC1D,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAErB,MAAM,iBAAiB,GAAG,MAAM,IAAA,uBAAa,EAAC,sCAAiB,CAAC,CAAC,OAAO,CAAC;QACvE,KAAK,EAAE;YACL,KAAK;YACL,IAAI,EAAE,0CAAqB,CAAC,cAAc;SAC3C;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,iBAAiB,EAAE;QACtB,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAA;KACtD;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,iBAAiB,CAAA;IACpC,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAA;KACtD;IAED,IAAI,IAAI,GAAG,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;IACpD,IAAI,CAAC,IAAI,EAAE;QACT,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAA;KAC3C;IAED,4CAA4C;IAC5C,6CAA6C;IAC7C,IAAI;IAEJ,6CAA6C;IAC7C,WAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,CAAC,CAAA;IAEnD,IAAI,CAAC,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IAEhD,IAAI,YAAY,GAAG,CAAC,EAAE;QACpB,IAAI,eAAe,GAAoB,MAAM,IAAA,uBAAa,EAAC,kCAAe,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAC5F,IAAI,OAAO,GAAG,EAAE,CAAA;QAEhB,IAAI,eAAe,EAAE;YACnB,IAAI;gBACF,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,CAAC,CAAA;gBAC7C,IAAI,CAAC,CAAC,OAAO,YAAY,KAAK,CAAC,EAAE;oBAC/B,KAAK,CAAC,iDAAiD,CAAC,CAAA;oBACxD,OAAO,GAAG,EAAE,CAAA;iBACb;aACF;YAAC,OAAO,CAAC,EAAE;gBACV,KAAK,CAAC,8CAA8C,CAAC,CAAA;aACtD;YAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBACpD,OAAO,WAAI,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAA;YAClD,CAAC,CAAC,CAAA;YAEF,IAAI,KAAK,EAAE;gBACT,MAAM,IAAI,sBAAS,CAAC;oBAClB,SAAS,EAAE,+BAAkB;iBAC9B,CAAC,CAAA;aACH;SACF;KACF;IAED,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,iCACzB,IAAI,KACP,iBAAiB,EAAE,IAAI,IAAI,EAAE,IAC7B,CAAA;IAEF,MAAM,IAAA,uBAAa,EAAC,sCAAiB,CAAC,CAAC,MAAM,CAAC;QAC5C,MAAM;QACN,KAAK;QACL,IAAI,EAAE,0CAAqB,CAAC,cAAc;KAC3C,CAAC,CAAA;IAEF,IAAI,YAAY,GAAG,CAAC,EAAE;QACpB,OAAO,GAAG;YACR;gBACE,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB;YACD,GAAG,OAAO;SACX,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAA;QAExB,MAAM,IAAA,uBAAa,EAAC,kCAAe,CAAC,CAAC,IAAI,CAAC;YACxC,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;SACjC,CAAC,CAAA;QAEF,KAAK,CAAC,0BAA0B,EAAE,OAAO,CAAC,MAAM,CAAC,CAAA;KAClD;AACH,CAAC;AAvFD,sCAuFC"}
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.signin = void 0;
|
|
4
|
+
const typeorm_1 = require("typeorm");
|
|
5
|
+
const unlock_user_1 = require("../controllers/unlock-user");
|
|
6
|
+
const user_1 = require("../service/user/user");
|
|
7
|
+
const auth_error_1 = require("../errors/auth-error");
|
|
8
|
+
async function signin(attrs, context) {
|
|
9
|
+
const { domain } = (context === null || context === void 0 ? void 0 : context.state) || {};
|
|
10
|
+
const repository = (0, typeorm_1.getRepository)(user_1.User);
|
|
11
|
+
const user = await repository.findOne({ where: { email: attrs.email }, relations: ['domains'] });
|
|
12
|
+
if (!user)
|
|
13
|
+
throw new auth_error_1.AuthError({
|
|
14
|
+
errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_FOUND
|
|
15
|
+
});
|
|
16
|
+
if (user.status == user_1.UserStatus.DELETED) {
|
|
17
|
+
throw new auth_error_1.AuthError({
|
|
18
|
+
errorCode: auth_error_1.AuthError.ERROR_CODES.USER_DELETED
|
|
19
|
+
});
|
|
20
|
+
}
|
|
21
|
+
if (user.status == user_1.UserStatus.LOCKED) {
|
|
22
|
+
(0, unlock_user_1.sendUnlockUserEmail)({
|
|
23
|
+
user,
|
|
24
|
+
context
|
|
25
|
+
});
|
|
26
|
+
throw new auth_error_1.AuthError({
|
|
27
|
+
errorCode: auth_error_1.AuthError.ERROR_CODES.USER_LOCKED,
|
|
28
|
+
detail: {
|
|
29
|
+
email: user.email
|
|
30
|
+
}
|
|
31
|
+
});
|
|
32
|
+
}
|
|
33
|
+
if (!user_1.User.verify(user.password, attrs.password, user.salt)) {
|
|
34
|
+
user.failCount++;
|
|
35
|
+
if (user.failCount >= 5)
|
|
36
|
+
user.status = user_1.UserStatus.LOCKED;
|
|
37
|
+
await repository.save(user);
|
|
38
|
+
if (user.status == user_1.UserStatus.LOCKED) {
|
|
39
|
+
(0, unlock_user_1.sendUnlockUserEmail)({
|
|
40
|
+
user,
|
|
41
|
+
context
|
|
42
|
+
});
|
|
43
|
+
throw new auth_error_1.AuthError({
|
|
44
|
+
errorCode: auth_error_1.AuthError.ERROR_CODES.USER_LOCKED,
|
|
45
|
+
detail: {
|
|
46
|
+
email: user.email
|
|
47
|
+
}
|
|
48
|
+
});
|
|
49
|
+
}
|
|
50
|
+
throw new auth_error_1.AuthError({
|
|
51
|
+
errorCode: auth_error_1.AuthError.ERROR_CODES.PASSWORD_NOT_MATCHED,
|
|
52
|
+
detail: {
|
|
53
|
+
failCount: user.failCount
|
|
54
|
+
}
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
else {
|
|
58
|
+
user.failCount = 0;
|
|
59
|
+
await repository.save(user);
|
|
60
|
+
}
|
|
61
|
+
if (user.status == user_1.UserStatus.INACTIVE) {
|
|
62
|
+
throw new auth_error_1.AuthError({
|
|
63
|
+
errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_ACTIVATED,
|
|
64
|
+
detail: {
|
|
65
|
+
email: user.email
|
|
66
|
+
}
|
|
67
|
+
});
|
|
68
|
+
}
|
|
69
|
+
return {
|
|
70
|
+
user,
|
|
71
|
+
token: await user.sign({ subdomain: domain === null || domain === void 0 ? void 0 : domain.subdomain }),
|
|
72
|
+
domains: user.domains || []
|
|
73
|
+
};
|
|
74
|
+
}
|
|
75
|
+
exports.signin = signin;
|
|
76
|
+
//# sourceMappingURL=signin.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"signin.js","sourceRoot":"","sources":["../../server/controllers/signin.ts"],"names":[],"mappings":";;;AAAA,qCAAuC;AACvC,4DAAgE;AAChE,+CAAuD;AACvD,qDAAgD;AAEzC,KAAK,UAAU,MAAM,CAAC,KAAK,EAAE,OAAQ;IAC1C,MAAM,EAAE,MAAM,EAAE,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,KAAI,EAAE,CAAA;IAEvC,MAAM,UAAU,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;IACtC,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;IAChG,IAAI,CAAC,IAAI;QACP,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;SAChD,CAAC,CAAA;IAEJ,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,OAAO,EAAE;QACrC,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,YAAY;SAC9C,CAAC,CAAA;KACH;IAED,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,MAAM,EAAE;QACpC,IAAA,iCAAmB,EAAC;YAClB,IAAI;YACJ,OAAO;SACR,CAAC,CAAA;QACF,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;YAC5C,MAAM,EAAE;gBACN,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;SACF,CAAC,CAAA;KACH;IAED,IAAI,CAAC,WAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE;QAC1D,IAAI,CAAC,SAAS,EAAE,CAAA;QAChB,IAAI,IAAI,CAAC,SAAS,IAAI,CAAC;YAAE,IAAI,CAAC,MAAM,GAAG,iBAAU,CAAC,MAAM,CAAA;QACxD,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC3B,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,MAAM,EAAE;YACpC,IAAA,iCAAmB,EAAC;gBAClB,IAAI;gBACJ,OAAO;aACR,CAAC,CAAA;YACF,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;gBAC5C,MAAM,EAAE;oBACN,KAAK,EAAE,IAAI,CAAC,KAAK;iBAClB;aACF,CAAC,CAAA;SACH;QACD,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,oBAAoB;YACrD,MAAM,EAAE;gBACN,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B;SACF,CAAC,CAAA;KACH;SAAM;QACL,IAAI,CAAC,SAAS,GAAG,CAAC,CAAA;QAClB,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;KAC5B;IAED,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,QAAQ,EAAE;QACtC,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;YACnD,MAAM,EAAE;gBACN,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;SACF,CAAC,CAAA;KACH;IAED,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC;QACxD,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE;KAC5B,CAAA;AACH,CAAC;AAtED,wBAsEC"}
|