@things-factory/auth-base 4.3.671 → 4.3.672

package/dist-server/utils/accepts.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.accepts = void 0;
+function accepts(header, accepts) {
+    accepts = accepts || ['text/html', '*/*'];
+    for (let i = 0; i < accepts.length; i++) {
+        if ((header || '').indexOf(accepts[i]) !== -1) {
+            return true;
+        }
+    }
+    return false;
+}
+exports.accepts = accepts;
+//# sourceMappingURL=accepts.js.map

package/dist-server/utils/accepts.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"accepts.js","sourceRoot":"","sources":["../../server/utils/accepts.ts"],"names":[],"mappings":";;;AAAA,SAAgB,OAAO,CAAC,MAAW,EAAE,OAAQ;IAC3C,OAAO,GAAG,OAAO,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,CAAA;IAEzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACvC,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE;YAC7C,OAAO,IAAI,CAAA;SACZ;KACF;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAVD,0BAUC"}

package/dist-server/utils/access-token-cookie.js

@@ -0,0 +1,45 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.clearAccessTokenCookie = exports.setAccessTokenCookie = exports.getAccessTokenCookie = void 0;
+const shell_1 = require("@things-factory/shell");
+const env_1 = require("@things-factory/env");
+const max_age_1 = require("../constants/max-age");
+const accessTokenCookieKey = env_1.config.get('accessTokenCookieKey', 'access_token');
+function getAccessTokenCookie(context) {
+    var _a;
+    return (_a = context === null || context === void 0 ? void 0 : context.cookies) === null || _a === void 0 ? void 0 : _a.get(accessTokenCookieKey);
+}
+exports.getAccessTokenCookie = getAccessTokenCookie;
+function setAccessTokenCookie(context, token) {
+    const { secure } = context;
+    var cookie = {
+        secure,
+        httpOnly: true,
+        maxAge: max_age_1.MAX_AGE
+    };
+    const cookieDomain = (0, shell_1.getCookieDomainFromHostname)(context.hostname);
+    if (cookieDomain) {
+        cookie['domain'] = cookieDomain;
+    }
+    context.cookies.set(accessTokenCookieKey, token, cookie);
+}
+exports.setAccessTokenCookie = setAccessTokenCookie;
+function clearAccessTokenCookie(context) {
+    const { secure } = context;
+    var cookie = {
+        secure,
+        httpOnly: true
+    };
+    const cookieDomain = (0, shell_1.getCookieDomainFromHostname)(context.hostname);
+    if (cookieDomain) {
+        cookie['domain'] = cookieDomain;
+    }
+    context.cookies.set(accessTokenCookieKey, '', cookie);
+    /*
+     * TODO clear i18next cookie as well - need to support domain
+     * https://github.com/hatiolab/things-factory/issues/70
+     */
+    context.cookies.set('i18next', '', cookie);
+}
+exports.clearAccessTokenCookie = clearAccessTokenCookie;
+//# sourceMappingURL=access-token-cookie.js.map

package/dist-server/utils/access-token-cookie.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"access-token-cookie.js","sourceRoot":"","sources":["../../server/utils/access-token-cookie.ts"],"names":[],"mappings":";;;AAAA,iDAAmE;AACnE,6CAA4C;AAC5C,kDAA8C;AAE9C,MAAM,oBAAoB,GAAG,YAAM,CAAC,GAAG,CAAC,sBAAsB,EAAE,cAAc,CAAC,CAAA;AAE/E,SAAgB,oBAAoB,CAAC,OAAO;;IAC1C,OAAO,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,0CAAE,GAAG,CAAC,oBAAoB,CAAC,CAAA;AACpD,CAAC;AAFD,oDAEC;AAED,SAAgB,oBAAoB,CAAC,OAAO,EAAE,KAAK;IACjD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAE1B,IAAI,MAAM,GAAG;QACX,MAAM;QACN,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,iBAAO;KAChB,CAAA;IAED,MAAM,YAAY,GAAG,IAAA,mCAA2B,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAClE,IAAI,YAAY,EAAE;QAChB,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAA;KAChC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,EAAE,MAAM,CAAC,CAAA;AAC1D,CAAC;AAfD,oDAeC;AAED,SAAgB,sBAAsB,CAAC,OAAO;IAC5C,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAE1B,IAAI,MAAM,GAAG;QACX,MAAM;QACN,QAAQ,EAAE,IAAI;KACf,CAAA;IAED,MAAM,YAAY,GAAG,IAAA,mCAA2B,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAClE,IAAI,YAAY,EAAE;QAChB,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAA;KAChC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;IACrD;;;OAGG;IACH,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;AAC5C,CAAC;AAnBD,wDAmBC"}

package/dist-server/utils/check-user-belongs-domain.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkUserBelongsDomain = void 0;
+const user_1 = require("../service/user/user");
+const typeorm_1 = require("typeorm");
+/**
+ * @description Based on domain and user information,
+ * Find out whether the user belongs domain or user has partnership with domain
+ *
+ * @param domain
+ * @param user
+ */
+async function checkUserBelongsDomain(domain, user) {
+    var _a;
+    if (!((_a = user.domains) === null || _a === void 0 ? void 0 : _a.length)) {
+        user = await (0, typeorm_1.getRepository)(user_1.User).findOne({ where: { id: user.id }, relations: ['domains'] });
+    }
+    const { domains: userDomains } = user;
+    return Boolean(userDomains.find((userDomain) => userDomain.id === domain.id));
+}
+exports.checkUserBelongsDomain = checkUserBelongsDomain;
+//# sourceMappingURL=check-user-belongs-domain.js.map

package/dist-server/utils/check-user-belongs-domain.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"check-user-belongs-domain.js","sourceRoot":"","sources":["../../server/utils/check-user-belongs-domain.ts"],"names":[],"mappings":";;;AAAA,+CAA2C;AAE3C,qCAAuC;AAEvC;;;;;;GAMG;AACI,KAAK,UAAU,sBAAsB,CAAC,MAAc,EAAE,IAAU;;IACrE,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,CAAA,EAAE;QACzB,IAAI,GAAG,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;KAC7F;IAED,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAS,IAAI,CAAA;IAC3C,OAAO,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,UAAkB,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,KAAK,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;AACvF,CAAC;AAPD,wDAOC"}

package/dist-server/utils/get-domain-from-hostname.js

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getDomainFromHostname = void 0;
+const env_1 = require("@things-factory/env");
+var subdomainOffset = env_1.config.get('subdomainOffset', 2);
+function getDomainFromHostname(hostname) {
+    return hostname.split('.').slice(-subdomainOffset).join('.');
+}
+exports.getDomainFromHostname = getDomainFromHostname;
+//# sourceMappingURL=get-domain-from-hostname.js.map

package/dist-server/utils/get-domain-from-hostname.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-domain-from-hostname.js","sourceRoot":"","sources":["../../server/utils/get-domain-from-hostname.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAE5C,IAAI,eAAe,GAAG,YAAM,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAA;AAEtD,SAAgB,qBAAqB,CAAC,QAAQ;IAC5C,OAAO,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;AAC9D,CAAC;AAFD,sDAEC"}

package/dist-server/utils/get-domain-users.js

@@ -0,0 +1,31 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.buildDomainUsersQueryBuilder = exports.getDomainUsers = void 0;
+const shell_1 = require("@things-factory/shell");
+const typeorm_1 = require("typeorm");
+const user_1 = require("../service/user/user");
+async function getDomainUsers(domain, trxMgr) {
+    const domainRepo = (trxMgr === null || trxMgr === void 0 ? void 0 : trxMgr.getRepository(shell_1.Domain)) || (0, typeorm_1.getRepository)(shell_1.Domain);
+    if (!domain.id) {
+        const foundDomain = await domainRepo.findOne({ where: Object.assign({}, domain) });
+        if (!foundDomain)
+            throw new Error(`Failed to find domain by passed condition, ${domain}`);
+        domain = foundDomain;
+    }
+    const qb = buildDomainUsersQueryBuilder(domain.id);
+    return await qb.getMany();
+}
+exports.getDomainUsers = getDomainUsers;
+function buildDomainUsersQueryBuilder(domainId, alias = 'USER', trxMgr) {
+    const userRepo = (trxMgr === null || trxMgr === void 0 ? void 0 : trxMgr.getRepository(user_1.User)) || (0, typeorm_1.getRepository)(user_1.User);
+    const qb = userRepo.createQueryBuilder(alias);
+    qb.select().where(`${alias}.id IN ${qb
+        .subQuery()
+        .select('USERS_DOMAINS.users_id')
+        .from('users_domains', 'USERS_DOMAINS')
+        .where('USERS_DOMAINS.domains_id = :domainId', { domainId })
+        .getQuery()}`);
+    return qb;
+}
+exports.buildDomainUsersQueryBuilder = buildDomainUsersQueryBuilder;
+//# sourceMappingURL=get-domain-users.js.map

package/dist-server/utils/get-domain-users.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-domain-users.js","sourceRoot":"","sources":["../../server/utils/get-domain-users.ts"],"names":[],"mappings":";;;AAAA,iDAA8C;AAC9C,qCAAsF;AACtF,+CAA2C;AAEpC,KAAK,UAAU,cAAc,CAAC,MAAuB,EAAE,MAAsB;IAClF,MAAM,UAAU,GAAuB,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,aAAa,CAAC,cAAM,CAAC,KAAI,IAAA,uBAAa,EAAC,cAAM,CAAC,CAAA;IAE7F,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE;QACd,MAAM,WAAW,GAAW,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,oBAAO,MAAM,CAAE,EAAE,CAAC,CAAA;QAC9E,IAAI,CAAC,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,MAAM,EAAE,CAAC,CAAA;QAEzF,MAAM,GAAG,WAAW,CAAA;KACrB;IAED,MAAM,EAAE,GAA6B,4BAA4B,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IAC5E,OAAO,MAAM,EAAE,CAAC,OAAO,EAAE,CAAA;AAC3B,CAAC;AAZD,wCAYC;AAED,SAAgB,4BAA4B,CAC1C,QAAgB,EAChB,QAAgB,MAAM,EACtB,MAAsB;IAEtB,MAAM,QAAQ,GAAqB,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,aAAa,CAAC,WAAI,CAAC,KAAI,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;IACrF,MAAM,EAAE,GAA6B,QAAQ,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAA;IACvE,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,CACf,GAAG,KAAK,UAAU,EAAE;SACjB,QAAQ,EAAE;SACV,MAAM,CAAC,wBAAwB,CAAC;SAChC,IAAI,CAAC,eAAe,EAAE,eAAe,CAAC;SACtC,KAAK,CAAC,sCAAsC,EAAE,EAAE,QAAQ,EAAE,CAAC;SAC3D,QAAQ,EAAE,EAAE,CAChB,CAAA;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAjBD,oEAiBC"}

package/dist-server/utils/get-secret.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SECRET = void 0;
+const env_1 = require("@things-factory/env");
+var _SECRET = env_1.config.get('SECRET');
+if (!_SECRET) {
+    if (process.env.NODE_ENV == 'production') {
+        throw new TypeError('SECRET key not configured.');
+    }
+    else {
+        _SECRET = '0xD58F835B69D207A76CC5F84a70a1D0d4C79dAC95';
+    }
+}
+exports.SECRET = _SECRET;
+//# sourceMappingURL=get-secret.js.map

package/dist-server/utils/get-secret.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-secret.js","sourceRoot":"","sources":["../../server/utils/get-secret.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAE5C,IAAI,OAAO,GAAG,YAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;AAElC,IAAI,CAAC,OAAO,EAAE;IACZ,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,YAAY,EAAE;QACxC,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAA;KAClD;SAAM;QACL,OAAO,GAAG,4CAA4C,CAAA;KACvD;CACF;AAEY,QAAA,MAAM,GAAG,OAAO,CAAA"}

package/dist-server/utils/get-user-domains.js

@@ -0,0 +1,40 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getDomainsAsOwner = exports.getRoleBasedDomains = exports.getUserDomains = void 0;
+const shell_1 = require("@things-factory/shell");
+const typeorm_1 = require("typeorm");
+const user_1 = require("../service/user/user");
+async function getUserDomains(user) {
+    const roleBasedDomains = await getRoleBasedDomains(user);
+    const domainsAsOwner = await getDomainsAsOwner(user);
+    const roleBasedDomainIds = roleBasedDomains.map((domain) => domain.id);
+    const domainIdsAsOwner = domainsAsOwner.map((domain) => domain.id);
+    const domainIdSet = new Set([...roleBasedDomainIds, ...domainIdsAsOwner]);
+    return await (0, typeorm_1.getRepository)(shell_1.Domain).findByIds(Array.from(domainIdSet), { order: { name: 'ASC' } });
+}
+exports.getUserDomains = getUserDomains;
+async function getRoleBasedDomains(user) {
+    return await (0, typeorm_1.getRepository)(shell_1.Domain)
+        .createQueryBuilder('DOMAIN')
+        .where(qb => {
+        const subQuery = qb
+            .subQuery()
+            .distinct(true)
+            .select('DOMAIN.id')
+            .from(user_1.User, 'USER')
+            .leftJoin('USER.roles', 'ROLE')
+            .leftJoin('ROLE.domain', 'DOMAIN')
+            .where('USER.id = :userId', { userId: user.id })
+            .getQuery();
+        return 'DOMAIN.id IN ' + subQuery;
+    })
+        .getMany();
+}
+exports.getRoleBasedDomains = getRoleBasedDomains;
+async function getDomainsAsOwner(user) {
+    return await (0, typeorm_1.getRepository)(shell_1.Domain).find({
+        where: { owner: user.id }
+    });
+}
+exports.getDomainsAsOwner = getDomainsAsOwner;
+//# sourceMappingURL=get-user-domains.js.map

package/dist-server/utils/get-user-domains.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-user-domains.js","sourceRoot":"","sources":["../../server/utils/get-user-domains.ts"],"names":[],"mappings":";;;AAAA,iDAA8C;AAC9C,qCAAuC;AACvC,+CAA2C;AAEpC,KAAK,UAAU,cAAc,CAAC,IAAU;IAC7C,MAAM,gBAAgB,GAAa,MAAM,mBAAmB,CAAC,IAAI,CAAC,CAAA;IAClE,MAAM,cAAc,GAAa,MAAM,iBAAiB,CAAC,IAAI,CAAC,CAAA;IAE9D,MAAM,kBAAkB,GAAa,gBAAgB,CAAC,GAAG,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IACxF,MAAM,gBAAgB,GAAa,cAAc,CAAC,GAAG,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IAEpF,MAAM,WAAW,GAAgB,IAAI,GAAG,CAAC,CAAC,GAAG,kBAAkB,EAAE,GAAG,gBAAgB,CAAC,CAAC,CAAA;IAEtF,OAAO,MAAM,IAAA,uBAAa,EAAC,cAAM,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAA;AACnG,CAAC;AAVD,wCAUC;AAEM,KAAK,UAAU,mBAAmB,CAAC,IAAU;IAClD,OAAO,MAAM,IAAA,uBAAa,EAAC,cAAM,CAAC;SAC/B,kBAAkB,CAAC,QAAQ,CAAC;SAC5B,KAAK,CAAC,EAAE,CAAC,EAAE;QACV,MAAM,QAAQ,GAAG,EAAE;aAChB,QAAQ,EAAE;aACV,QAAQ,CAAC,IAAI,CAAC;aACd,MAAM,CAAC,WAAW,CAAC;aACnB,IAAI,CAAC,WAAI,EAAE,MAAM,CAAC;aAClB,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;aAC9B,QAAQ,CAAC,aAAa,EAAE,QAAQ,CAAC;aACjC,KAAK,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAC/C,QAAQ,EAAE,CAAA;QACb,OAAO,eAAe,GAAG,QAAQ,CAAA;IACnC,CAAC,CAAC;SACD,OAAO,EAAE,CAAA;AACd,CAAC;AAhBD,kDAgBC;AAEM,KAAK,UAAU,iBAAiB,CAAC,IAAU;IAChD,OAAO,MAAM,IAAA,uBAAa,EAAC,cAAM,CAAC,CAAC,IAAI,CAAC;QACtC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,EAAE,EAAE;KAC1B,CAAC,CAAA;AACJ,CAAC;AAJD,8CAIC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@things-factory/auth-base",
-  "version": "4.3.671",
+  "version": "4.3.672",
   "main": "dist-server/index.js",
   "browser": "client/index.js",
   "things-factory": true,
@@ -26,10 +26,10 @@
     "migration:create": "node ../../node_modules/typeorm/cli.js migration:create -d ./server/migrations"
   },
   "dependencies": {
-    "@things-factory/email-base": "^4.3.671",
+    "@things-factory/email-base": "^4.3.672",
     "@things-factory/env": "^4.3.591",
-    "@things-factory/i18n-base": "^4.3.671",
-    "@things-factory/shell": "^4.3.671",
+    "@things-factory/i18n-base": "^4.3.672",
+    "@things-factory/shell": "^4.3.672",
     "@things-factory/utils": "^4.3.591",
     "jsonwebtoken": "^8.5.1",
     "koa-passport": "^4.1.4",
@@ -40,5 +40,5 @@
     "passport-local": "^1.0.0",
     "uuid": "^3.4.0"
   },
-  "gitHead": "ef524cb207378186ec71917d9a8546363d4300b2"
+  "gitHead": "e15764fbf19b0a3c8408d907fc1dcff13bc0a933"
 }