@things-factory/auth-base 5.0.0 → 5.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/config/config.development.js +2 -1
- package/dist-server/constants/error-code.js.map +1 -1
- package/dist-server/constants/error-message.js.map +1 -1
- package/dist-server/constants/max-age.js.map +1 -1
- package/dist-server/controllers/auth.js +5 -18
- package/dist-server/controllers/auth.js.map +1 -1
- package/dist-server/controllers/change-pwd.js +6 -8
- package/dist-server/controllers/change-pwd.js.map +1 -1
- package/dist-server/controllers/checkin.js.map +1 -1
- package/dist-server/controllers/delete-user.js.map +1 -1
- package/dist-server/controllers/invitation.js +3 -8
- package/dist-server/controllers/invitation.js.map +1 -1
- package/dist-server/controllers/profile.js.map +1 -1
- package/dist-server/controllers/reset-password.js +7 -9
- package/dist-server/controllers/reset-password.js.map +1 -1
- package/dist-server/controllers/signin.js.map +1 -1
- package/dist-server/controllers/signup.js.map +1 -1
- package/dist-server/controllers/unlock-user.js.map +1 -1
- package/dist-server/controllers/utils/make-invitation-token.js +2 -4
- package/dist-server/controllers/utils/make-invitation-token.js.map +1 -1
- package/dist-server/controllers/utils/make-verification-token.js +2 -4
- package/dist-server/controllers/utils/make-verification-token.js.map +1 -1
- package/dist-server/controllers/utils/password-rule.js +2 -5
- package/dist-server/controllers/utils/password-rule.js.map +1 -1
- package/dist-server/controllers/utils/save-invitation-token.js.map +1 -1
- package/dist-server/controllers/utils/save-verification-token.js.map +1 -1
- package/dist-server/controllers/verification.js.map +1 -1
- package/dist-server/errors/auth-error.js +2 -24
- package/dist-server/errors/auth-error.js.map +1 -1
- package/dist-server/errors/index.js +3 -16
- package/dist-server/errors/index.js.map +1 -1
- package/dist-server/errors/user-domain-not-match-error.js.map +1 -1
- package/dist-server/index.js +12 -25
- package/dist-server/index.js.map +1 -1
- package/dist-server/middlewares/authenticate-401-middleware.js +0 -6
- package/dist-server/middlewares/authenticate-401-middleware.js.map +1 -1
- package/dist-server/middlewares/domain-authenticate-middleware.js +2 -5
- package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/graphql-authenticate-middleware.js +1 -3
- package/dist-server/middlewares/graphql-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/index.js +6 -24
- package/dist-server/middlewares/index.js.map +1 -1
- package/dist-server/middlewares/jwt-authenticate-middleware.js +5 -11
- package/dist-server/middlewares/jwt-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/signin-middleware.js +2 -6
- package/dist-server/middlewares/signin-middleware.js.map +1 -1
- package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
- package/dist-server/migrations/1566805283882-SeedPrivilege.js.map +1 -1
- package/dist-server/migrations/index.js.map +1 -1
- package/dist-server/router/auth-checkin-router.js +3 -8
- package/dist-server/router/auth-checkin-router.js.map +1 -1
- package/dist-server/router/auth-private-process-router.js +15 -20
- package/dist-server/router/auth-private-process-router.js.map +1 -1
- package/dist-server/router/auth-public-process-router.js +4 -22
- package/dist-server/router/auth-public-process-router.js.map +1 -1
- package/dist-server/router/auth-signin-router.js +2 -7
- package/dist-server/router/auth-signin-router.js.map +1 -1
- package/dist-server/router/auth-signup-router.js +3 -8
- package/dist-server/router/auth-signup-router.js.map +1 -1
- package/dist-server/router/index.js +9 -22
- package/dist-server/router/index.js.map +1 -1
- package/dist-server/router/oauth2/index.js +3 -16
- package/dist-server/router/oauth2/index.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-authorize-router.js +2 -9
- package/dist-server/router/oauth2/oauth2-authorize-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-router.js +5 -10
- package/dist-server/router/oauth2/oauth2-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-server.js +2 -14
- package/dist-server/router/oauth2/oauth2-server.js.map +1 -1
- package/dist-server/router/oauth2/passport-oauth2-client-password.js +3 -5
- package/dist-server/router/oauth2/passport-oauth2-client-password.js.map +1 -1
- package/dist-server/router/oauth2/passport-refresh-token.js +3 -5
- package/dist-server/router/oauth2/passport-refresh-token.js.map +1 -1
- package/dist-server/router/path-base-domain-router.js +2 -6
- package/dist-server/router/path-base-domain-router.js.map +1 -1
- package/dist-server/router/site-root-router.js +4 -13
- package/dist-server/router/site-root-router.js.map +1 -1
- package/dist-server/routes.js +2 -9
- package/dist-server/routes.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-mutation.js +10 -23
- package/dist-server/service/app-binding/app-binding-mutation.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-query.js +45 -52
- package/dist-server/service/app-binding/app-binding-query.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-types.js +6 -14
- package/dist-server/service/app-binding/app-binding-types.js.map +1 -1
- package/dist-server/service/app-binding/app-binding.js +8 -16
- package/dist-server/service/app-binding/app-binding.js.map +1 -1
- package/dist-server/service/app-binding/index.js.map +1 -1
- package/dist-server/service/appliance/appliance-mutation.js +27 -41
- package/dist-server/service/appliance/appliance-mutation.js.map +1 -1
- package/dist-server/service/appliance/appliance-query.js +29 -40
- package/dist-server/service/appliance/appliance-query.js.map +1 -1
- package/dist-server/service/appliance/appliance-types.js +34 -42
- package/dist-server/service/appliance/appliance-types.js.map +1 -1
- package/dist-server/service/appliance/appliance.js +35 -46
- package/dist-server/service/appliance/appliance.js.map +1 -1
- package/dist-server/service/appliance/index.js.map +1 -1
- package/dist-server/service/application/application-mutation.js +34 -48
- package/dist-server/service/application/application-mutation.js.map +1 -1
- package/dist-server/service/application/application-query.js +44 -55
- package/dist-server/service/application/application-query.js.map +1 -1
- package/dist-server/service/application/application-types.js +41 -49
- package/dist-server/service/application/application-types.js.map +1 -1
- package/dist-server/service/application/application.js +42 -53
- package/dist-server/service/application/application.js.map +1 -1
- package/dist-server/service/application/index.js.map +1 -1
- package/dist-server/service/domain-generator/domain-generator-mutation.js +14 -25
- package/dist-server/service/domain-generator/domain-generator-mutation.js.map +1 -1
- package/dist-server/service/domain-generator/domain-generator-types.js +26 -34
- package/dist-server/service/domain-generator/domain-generator-types.js.map +1 -1
- package/dist-server/service/domain-generator/index.js.map +1 -1
- package/dist-server/service/granted-role/granted-role-mutation.js +9 -20
- package/dist-server/service/granted-role/granted-role-mutation.js.map +1 -1
- package/dist-server/service/granted-role/granted-role-query.js +23 -34
- package/dist-server/service/granted-role/granted-role-query.js.map +1 -1
- package/dist-server/service/granted-role/granted-role.js +12 -20
- package/dist-server/service/granted-role/granted-role.js.map +1 -1
- package/dist-server/service/granted-role/index.js.map +1 -1
- package/dist-server/service/index.js +22 -35
- package/dist-server/service/index.js.map +1 -1
- package/dist-server/service/invitation/index.js.map +1 -1
- package/dist-server/service/invitation/invitation-mutation.js +17 -28
- package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
- package/dist-server/service/invitation/invitation-query.js +15 -26
- package/dist-server/service/invitation/invitation-query.js.map +1 -1
- package/dist-server/service/invitation/invitation-types.js +6 -14
- package/dist-server/service/invitation/invitation-types.js.map +1 -1
- package/dist-server/service/invitation/invitation.js +24 -32
- package/dist-server/service/invitation/invitation.js.map +1 -1
- package/dist-server/service/login-history/index.js.map +1 -1
- package/dist-server/service/login-history/login-history-query.js +18 -29
- package/dist-server/service/login-history/login-history-query.js.map +1 -1
- package/dist-server/service/login-history/login-history.js +16 -24
- package/dist-server/service/login-history/login-history.js.map +1 -1
- package/dist-server/service/partner/index.js.map +1 -1
- package/dist-server/service/partner/partner-mutation.js +14 -25
- package/dist-server/service/partner/partner-mutation.js.map +1 -1
- package/dist-server/service/partner/partner-query.js +44 -55
- package/dist-server/service/partner/partner-query.js.map +1 -1
- package/dist-server/service/partner/partner-types.js +6 -14
- package/dist-server/service/partner/partner-types.js.map +1 -1
- package/dist-server/service/partner/partner.js +24 -32
- package/dist-server/service/partner/partner.js.map +1 -1
- package/dist-server/service/password-history/index.js.map +1 -1
- package/dist-server/service/password-history/password-history.js +6 -14
- package/dist-server/service/password-history/password-history.js.map +1 -1
- package/dist-server/service/privilege/index.js.map +1 -1
- package/dist-server/service/privilege/privilege-directive.js +2 -5
- package/dist-server/service/privilege/privilege-directive.js.map +1 -1
- package/dist-server/service/privilege/privilege-mutation.js +26 -37
- package/dist-server/service/privilege/privilege-mutation.js.map +1 -1
- package/dist-server/service/privilege/privilege-query.js +35 -46
- package/dist-server/service/privilege/privilege-query.js.map +1 -1
- package/dist-server/service/privilege/privilege-types.js +35 -43
- package/dist-server/service/privilege/privilege-types.js.map +1 -1
- package/dist-server/service/privilege/privilege.js +24 -32
- package/dist-server/service/privilege/privilege.js.map +1 -1
- package/dist-server/service/role/index.js.map +1 -1
- package/dist-server/service/role/role-mutation.js +27 -38
- package/dist-server/service/role/role-mutation.js.map +1 -1
- package/dist-server/service/role/role-query.js +70 -77
- package/dist-server/service/role/role-query.js.map +1 -1
- package/dist-server/service/role/role-types.js +48 -56
- package/dist-server/service/role/role-types.js.map +1 -1
- package/dist-server/service/role/role.js +28 -36
- package/dist-server/service/role/role.js.map +1 -1
- package/dist-server/service/user/index.js.map +1 -1
- package/dist-server/service/user/user-mutation.js +65 -76
- package/dist-server/service/user/user-mutation.js.map +1 -1
- package/dist-server/service/user/user-query.js +59 -70
- package/dist-server/service/user/user-query.js.map +1 -1
- package/dist-server/service/user/user-types.js +40 -48
- package/dist-server/service/user/user-types.js.map +1 -1
- package/dist-server/service/user/user.js +46 -57
- package/dist-server/service/user/user.js.map +1 -1
- package/dist-server/service/verification-token/index.js.map +1 -1
- package/dist-server/service/verification-token/verification-token.js +14 -22
- package/dist-server/service/verification-token/verification-token.js.map +1 -1
- package/dist-server/templates/account-unlock-email.js.map +1 -1
- package/dist-server/templates/invitation-email.js.map +1 -1
- package/dist-server/templates/reset-password-email.js.map +1 -1
- package/dist-server/templates/verification-email.js.map +1 -1
- package/dist-server/tsconfig.tsbuildinfo +1 -0
- package/dist-server/utils/accepts.js.map +1 -1
- package/dist-server/utils/access-token-cookie.js.map +1 -1
- package/dist-server/utils/check-user-belongs-domain.js.map +1 -1
- package/dist-server/utils/get-domain-from-hostname.js.map +1 -1
- package/dist-server/utils/get-domain-users.js.map +1 -1
- package/dist-server/utils/get-secret.js.map +1 -1
- package/dist-server/utils/get-user-domains.js.map +1 -1
- package/package.json +6 -6
- package/server/controllers/change-pwd.ts +10 -13
- package/server/controllers/invitation.ts +5 -10
- package/server/controllers/reset-password.ts +10 -11
- package/server/controllers/utils/password-rule.ts +0 -1
- package/server/middlewares/authenticate-401-middleware.ts +0 -8
- package/server/middlewares/domain-authenticate-middleware.ts +4 -8
- package/server/middlewares/graphql-authenticate-middleware.ts +1 -5
- package/server/middlewares/index.ts +0 -4
- package/server/middlewares/jwt-authenticate-middleware.ts +4 -9
- package/server/middlewares/signin-middleware.ts +6 -5
- package/server/router/auth-checkin-router.ts +4 -6
- package/server/router/auth-private-process-router.ts +16 -17
- package/server/router/auth-public-process-router.ts +4 -34
- package/server/router/auth-signin-router.ts +1 -5
- package/server/router/auth-signup-router.ts +3 -10
- package/server/router/oauth2/oauth2-authorize-router.ts +1 -8
- package/server/router/oauth2/oauth2-router.ts +0 -6
- package/server/router/oauth2/oauth2-server.ts +0 -12
- package/server/router/path-base-domain-router.ts +0 -4
- package/server/router/site-root-router.ts +4 -11
- package/server/routes.ts +8 -13
- package/server/service/app-binding/app-binding-mutation.ts +3 -6
- package/server/service/app-binding/app-binding-query.ts +7 -6
- package/server/service/appliance/appliance-mutation.ts +0 -5
- package/server/service/application/application-mutation.ts +3 -6
- package/server/service/granted-role/granted-role-mutation.ts +1 -1
- package/server/service/privilege/privilege-directive.ts +0 -2
- package/server/service/privilege/privilege-mutation.ts +5 -4
- package/server/service/role/role-query.ts +14 -8
package/dist-server/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../server/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../server/index.ts"],"names":[],"mappings":";;;AAAA,oDAAyB;AACzB,uDAA4B;AAE5B,wDAA6B;AAC7B,mDAAwB;AACxB,mDAAwB;AAExB,mEAAwC;AACxC,mEAAwC;AACxC,6DAAkC;AAClC,4EAAiD;AACjD,sEAA2C;AAC3C,mDAAwB;AAExB,oBAAiB","sourcesContent":["export * from './service'\nexport * from './migrations'\n\nexport * from './middlewares'\nexport * from './routes'\nexport * from './router'\n\nexport * from './utils/get-domain-users'\nexport * from './utils/get-user-domains'\nexport * from './utils/get-secret'\nexport * from './utils/check-user-belongs-domain'\nexport * from './utils/access-token-cookie'\nexport * from './errors'\n\nimport './routes'\n"]}
|
|
@@ -4,7 +4,6 @@ exports.authenticate401Middleware = void 0;
|
|
|
4
4
|
const error_code_1 = require("../constants/error-code");
|
|
5
5
|
const auth_error_1 = require("../errors/auth-error");
|
|
6
6
|
const accepts_1 = require("../utils/accepts");
|
|
7
|
-
const debug = require('debug')('things-factory:auth-base:authenticate-401-middleware');
|
|
8
7
|
async function authenticate401Middleware(context, next) {
|
|
9
8
|
try {
|
|
10
9
|
await next();
|
|
@@ -13,7 +12,6 @@ async function authenticate401Middleware(context, next) {
|
|
|
13
12
|
var message;
|
|
14
13
|
if (err instanceof auth_error_1.AuthError) {
|
|
15
14
|
message = context.t(`error.${err.errorCode}`, err.detail || {});
|
|
16
|
-
debug(`auth error(${err.errorCode})`, message);
|
|
17
15
|
}
|
|
18
16
|
else {
|
|
19
17
|
if ((err === null || err === void 0 ? void 0 : err.status) !== 401) {
|
|
@@ -21,7 +19,6 @@ async function authenticate401Middleware(context, next) {
|
|
|
21
19
|
}
|
|
22
20
|
message = err.message;
|
|
23
21
|
}
|
|
24
|
-
debug('401 error', message);
|
|
25
22
|
context.status = 401;
|
|
26
23
|
context.body = message;
|
|
27
24
|
/*
|
|
@@ -31,19 +28,16 @@ async function authenticate401Middleware(context, next) {
|
|
|
31
28
|
*/
|
|
32
29
|
const { method, header, path, originalUrl } = context;
|
|
33
30
|
if (method == 'POST' && path.startsWith('/graphql')) {
|
|
34
|
-
debug('Not rewriting', method, path, 'because the graphql request.');
|
|
35
31
|
if (err.errorCode == error_code_1.SUBDOMAIN_NOTFOUND) {
|
|
36
32
|
context.status = 403;
|
|
37
33
|
}
|
|
38
34
|
return;
|
|
39
35
|
}
|
|
40
36
|
if (!(0, accepts_1.accepts)(header.accept, ['text/html', '*/*'])) {
|
|
41
|
-
debug('Not rewriting', method, path, 'because the client does not accept HTML.');
|
|
42
37
|
return;
|
|
43
38
|
}
|
|
44
39
|
const { redirect_to } = context.query;
|
|
45
40
|
const { redirectTo = redirect_to || originalUrl } = context.request.body || {};
|
|
46
|
-
debug('rewriting to signin', method, path, message, redirectTo);
|
|
47
41
|
switch (err.errorCode) {
|
|
48
42
|
case error_code_1.SUBDOMAIN_NOTFOUND:
|
|
49
43
|
context.redirect(`/auth/checkin?redirect_to=${encodeURIComponent(redirectTo)}`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authenticate-401-middleware.js","sourceRoot":"","sources":["../../server/middlewares/authenticate-401-middleware.ts"],"names":[],"mappings":";;;AAAA,wDAA6F;AAC7F,qDAAgD;AAChD,8CAA0C;
|
|
1
|
+
{"version":3,"file":"authenticate-401-middleware.js","sourceRoot":"","sources":["../../server/middlewares/authenticate-401-middleware.ts"],"names":[],"mappings":";;;AAAA,wDAA6F;AAC7F,qDAAgD;AAChD,8CAA0C;AAEnC,KAAK,UAAU,yBAAyB,CAAC,OAAO,EAAE,IAAI;IAC3D,IAAI;QACF,MAAM,IAAI,EAAE,CAAA;KACb;IAAC,OAAO,GAAG,EAAE;QACZ,IAAI,OAAO,CAAA;QAEX,IAAI,GAAG,YAAY,sBAAS,EAAE;YAC5B,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,SAAS,EAAE,EAAE,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAA;SAChE;aAAM;YACL,IAAI,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,MAAM,MAAK,GAAG,EAAE;gBACvB,MAAM,GAAG,CAAA;aACV;YAED,OAAO,GAAG,GAAG,CAAC,OAAO,CAAA;SACtB;QAED,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;QAEtB;;;;WAIG;QAEH,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,OAAO,CAAA;QAErD,IAAI,MAAM,IAAI,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE;YACnD,IAAI,GAAG,CAAC,SAAS,IAAI,+BAAkB,EAAE;gBACvC,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;aACrB;YACD,OAAM;SACP;QAED,IAAI,CAAC,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE;YACjD,OAAM;SACP;QAED,MAAM,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACrC,MAAM,EAAE,UAAU,GAAG,WAAW,IAAI,WAAW,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAA;QAE9E,QAAQ,GAAG,CAAC,SAAS,EAAE;YACrB,KAAK,+BAAkB;gBACrB,OAAO,CAAC,QAAQ,CAAC,6BAA6B,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAA;gBAC/E,MAAK;YAEP,KAAK,wBAAW;gBACd,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,eAAe;oBAC5B,aAAa,EAAE,mBAAmB;oBAClC,IAAI,EAAE;wBACJ,KAAK,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;wBACvB,OAAO;wBACP,UAAU;qBACX;iBACF,CAAC,CAAA;YAEJ,KAAK,+BAAkB;gBACrB,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,eAAe;oBAC5B,aAAa,EAAE,mBAAmB;oBAClC,IAAI,EAAE;wBACJ,KAAK,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;wBACvB,OAAO;wBACP,UAAU;qBACX;iBACF,CAAC,CAAA;YAEJ;gBACE,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,aAAa;oBAC1B,aAAa,EAAE,iBAAiB;oBAChC,IAAI,EAAE;wBACJ,OAAO,EAAE,GAAG,YAAY,sBAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;wBAChD,UAAU;qBACX;iBACF,CAAC,CAAA;SACL;KACF;AACH,CAAC;AA/ED,8DA+EC","sourcesContent":["import { SUBDOMAIN_NOTFOUND, USER_LOCKED, USER_NOT_ACTIVATED } from '../constants/error-code'\nimport { AuthError } from '../errors/auth-error'\nimport { accepts } from '../utils/accepts'\n\nexport async function authenticate401Middleware(context, next) {\n try {\n await next()\n } catch (err) {\n var message\n\n if (err instanceof AuthError) {\n message = context.t(`error.${err.errorCode}`, err.detail || {})\n } else {\n if (err?.status !== 401) {\n throw err\n }\n\n message = err.message\n }\n\n context.status = 401\n context.body = message\n\n /*\n * 클라이언트 라우팅을 위한 ApiHistoryFallback의 상황과,\n * 서버라우팅의 상황에서 발생하는 던져지는 401 에러인 경우에는\n * error code에 맞춰서 적절하게 rewriting 되도록 한다.\n */\n\n const { method, header, path, originalUrl } = context\n\n if (method == 'POST' && path.startsWith('/graphql')) {\n if (err.errorCode == SUBDOMAIN_NOTFOUND) {\n context.status = 403\n }\n return\n }\n\n if (!accepts(header.accept, ['text/html', '*/*'])) {\n return\n }\n\n const { redirect_to } = context.query\n const { redirectTo = redirect_to || originalUrl } = context.request.body || {}\n\n switch (err.errorCode) {\n case SUBDOMAIN_NOTFOUND:\n context.redirect(`/auth/checkin?redirect_to=${encodeURIComponent(redirectTo)}`)\n break\n\n case USER_LOCKED:\n return await context.render('auth-page', {\n pageElement: 'auth-activate',\n elementScript: '/auth/activate.js',\n data: {\n email: err.detail.email,\n message,\n redirectTo\n }\n })\n\n case USER_NOT_ACTIVATED:\n return await context.render('auth-page', {\n pageElement: 'auth-activate',\n elementScript: '/auth/activate.js',\n data: {\n email: err.detail.email,\n message,\n redirectTo\n }\n })\n\n default:\n return await context.render('auth-page', {\n pageElement: 'auth-signin',\n elementScript: '/auth/signin.js',\n data: {\n message: err instanceof AuthError ? message : '',\n redirectTo\n }\n })\n }\n }\n}\n"]}
|
|
@@ -1,15 +1,14 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.domainAuthenticateMiddleware = void 0;
|
|
4
|
-
const env_1 = require("@things-factory/env");
|
|
5
4
|
const typeorm_1 = require("typeorm");
|
|
6
|
-
const
|
|
5
|
+
const env_1 = require("@things-factory/env");
|
|
7
6
|
const auth_error_1 = require("../errors/auth-error");
|
|
7
|
+
const user_1 = require("../service/user/user");
|
|
8
8
|
const get_user_domains_1 = require("../utils/get-user-domains");
|
|
9
9
|
const useVirtualHostBasedDomain = !!env_1.config.get('useVirtualHostBasedDomain');
|
|
10
10
|
const fixed = env_1.config.get('subdomain');
|
|
11
11
|
const subdomainOffset = env_1.config.getNumber('subdomainOffset', 2);
|
|
12
|
-
const debug = require('debug')('things-factory:auth-base:domain-authenticate-middleware');
|
|
13
12
|
process.domainOwnerGranted = async (domain, user) => {
|
|
14
13
|
return domain && domain.owner === user.id;
|
|
15
14
|
};
|
|
@@ -36,11 +35,9 @@ async function domainAuthenticateMiddleware(context, next) {
|
|
|
36
35
|
const { t } = context;
|
|
37
36
|
const { domain, user } = context.state;
|
|
38
37
|
const subdomain = domain === null || domain === void 0 ? void 0 : domain.subdomain;
|
|
39
|
-
debug('context - user, subdomain', user === null || user === void 0 ? void 0 : user.email, subdomain);
|
|
40
38
|
// 1. 현재 subdomain 이 결정되지 않은 경우.
|
|
41
39
|
// - checkin로 이동한다.
|
|
42
40
|
if (!subdomain) {
|
|
43
|
-
debug('subdomain not found, move to checkin');
|
|
44
41
|
throw new auth_error_1.AuthError({
|
|
45
42
|
errorCode: auth_error_1.AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND
|
|
46
43
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"domain-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/domain-authenticate-middleware.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;
|
|
1
|
+
{"version":3,"file":"domain-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/domain-authenticate-middleware.ts"],"names":[],"mappings":";;;AAAA,qCAAuC;AAEvC,6CAA4C;AAG5C,qDAAgD;AAChD,+CAA2C;AAC3C,gEAA0D;AAE1D,MAAM,yBAAyB,GAAG,CAAC,CAAC,YAAM,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAA;AAC3E,MAAM,KAAK,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;AACrC,MAAM,eAAe,GAAG,YAAM,CAAC,SAAS,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAA;AAW9D,OAAO,CAAC,kBAAkB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAClF,OAAO,MAAM,IAAI,MAAM,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AAC3C,CAAC,CAAA;AAED,OAAO,CAAC,gBAAgB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAChF,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM;QACtB,IAAI,GAAG,MAAM,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE;YAChD,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,MAAM,YAAY,GAAW,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAA;IACjG,IAAI,CAAC,YAAY;QAAE,OAAO,KAAK,CAAA;IAE/B,OAAO,YAAY,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACvC,CAAC,CAAA;AAED;;;;;;;;GAQG;AAEI,KAAK,UAAU,4BAA4B,CAAC,OAAY,EAAE,IAAS;IACxE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,MAAM,SAAS,GAAW,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA;IAE3C,gCAAgC;IAChC,mBAAmB;IACnB,IAAI,CAAC,SAAS,EAAE;QACd,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;KACH;IAED,4BAA4B;IAC5B,MAAM,WAAW,GAAa,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IACxD,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,IAAI,SAAS,CAAC,EAAE;QAC7D,OAAO,MAAM,IAAI,EAAE,CAAA;KACpB;IAED,MAAM,IAAI,sBAAS,CAAC;QAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;KACpD,CAAC,CAAA;AACJ,CAAC;AAvBD,oEAuBC","sourcesContent":["import { getRepository } from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain } from '@things-factory/shell'\n\nimport { AuthError } from '../errors/auth-error'\nimport { User } from '../service/user/user'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst useVirtualHostBasedDomain = !!config.get('useVirtualHostBasedDomain')\nconst fixed = config.get('subdomain')\nconst subdomainOffset = config.getNumber('subdomainOffset', 2)\n\ndeclare global {\n namespace NodeJS {\n interface Process {\n domainOwnerGranted: (domain: Domain, user: User) => Promise<boolean>\n superUserGranted: (domain: Domain, user: User) => Promise<boolean>\n }\n }\n}\n\nprocess.domainOwnerGranted = async (domain: Domain, user: User): Promise<boolean> => {\n return domain && domain.owner === user.id\n}\n\nprocess.superUserGranted = async (domain: Domain, user: User): Promise<boolean> => {\n if (!user.domains.length)\n user = await getRepository(User).findOne(user.id, {\n relations: ['domains']\n })\n const systemDomain: Domain = user.domains.find((domain: Domain) => domain.subdomain === 'system')\n if (!systemDomain) return false\n\n return systemDomain.owner === user.id\n}\n\n/*\n * 현재 subdomain 과 user의 domain list와의 비교를 통해서,\n * 인증 성공 또는 인증 에러를 발생시킬 것인지를 결정한다.\n * 1. 현재 subdomain 이 결정되지 않은 경우.\n * - checkin로 이동한다.\n * 2. superUser 판단\n * 3. 현재 subdomain 이 결정된 경우.\n * - user의 domains 리스트에 해당 subdomain이 없다면, 인증 오류를 발생한다.\n */\n\nexport async function domainAuthenticateMiddleware(context: any, next: any) {\n const { t } = context\n const { domain, user } = context.state\n\n const subdomain: string = domain?.subdomain\n\n // 1. 현재 subdomain 이 결정되지 않은 경우.\n // - checkin로 이동한다.\n if (!subdomain) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n }\n\n // 2. 현재 subdomain 이 결정된 경우.\n const userDomains: Domain[] = await getUserDomains(user)\n if (userDomains.find(domain => domain.subdomain == subdomain)) {\n return await next()\n }\n\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n}\n"]}
|
|
@@ -1,13 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.graphqlAuthenticateMiddleware = void 0;
|
|
4
|
-
const jwt_authenticate_middleware_1 = require("./jwt-authenticate-middleware");
|
|
5
4
|
const domain_authenticate_middleware_1 = require("./domain-authenticate-middleware");
|
|
6
|
-
const
|
|
5
|
+
const jwt_authenticate_middleware_1 = require("./jwt-authenticate-middleware");
|
|
7
6
|
async function graphqlAuthenticateMiddleware(context, next) {
|
|
8
7
|
const { method, path } = context;
|
|
9
8
|
if (method == 'POST' && path.startsWith('/graphql')) {
|
|
10
|
-
debug(method, path);
|
|
11
9
|
await (0, jwt_authenticate_middleware_1.jwtAuthenticateMiddleware)(context, () => { });
|
|
12
10
|
await (0, domain_authenticate_middleware_1.domainAuthenticateMiddleware)(context, () => { });
|
|
13
11
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"graphql-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/graphql-authenticate-middleware.ts"],"names":[],"mappings":";;;AAAA
|
|
1
|
+
{"version":3,"file":"graphql-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/graphql-authenticate-middleware.ts"],"names":[],"mappings":";;;AAAA,qFAA+E;AAC/E,+EAAyE;AAElE,KAAK,UAAU,6BAA6B,CAAC,OAAO,EAAE,IAAI;IAC/D,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAA;IAEhC,IAAI,MAAM,IAAI,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE;QACnD,MAAM,IAAA,uDAAyB,EAAC,OAAO,EAAE,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;QAClD,MAAM,IAAA,6DAA4B,EAAC,OAAO,EAAE,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;KACtD;IAED,MAAM,IAAI,EAAE,CAAA;AACd,CAAC;AATD,sEASC","sourcesContent":["import { domainAuthenticateMiddleware } from './domain-authenticate-middleware'\nimport { jwtAuthenticateMiddleware } from './jwt-authenticate-middleware'\n\nexport async function graphqlAuthenticateMiddleware(context, next) {\n const { method, path } = context\n\n if (method == 'POST' && path.startsWith('/graphql')) {\n await jwtAuthenticateMiddleware(context, () => {})\n await domainAuthenticateMiddleware(context, () => {})\n }\n\n await next()\n}\n"]}
|
|
@@ -1,29 +1,12 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
-
};
|
|
16
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
17
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
18
|
-
};
|
|
19
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
20
3
|
exports.initMiddlewares = void 0;
|
|
21
|
-
const
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const koa_passport_1 = tslib_1.__importDefault(require("koa-passport"));
|
|
22
6
|
const authenticate_401_middleware_1 = require("./authenticate-401-middleware");
|
|
23
7
|
const domain_authenticate_middleware_1 = require("./domain-authenticate-middleware");
|
|
24
8
|
const graphql_authenticate_middleware_1 = require("./graphql-authenticate-middleware");
|
|
25
9
|
const jwt_authenticate_middleware_1 = require("./jwt-authenticate-middleware");
|
|
26
|
-
const debug = require('debug')('things-factory:auth-base:middleware');
|
|
27
10
|
function initMiddlewares(app) {
|
|
28
11
|
/* passport initialize */
|
|
29
12
|
app.use(koa_passport_1.default.initialize());
|
|
@@ -37,7 +20,6 @@ function initMiddlewares(app) {
|
|
|
37
20
|
}
|
|
38
21
|
exports.initMiddlewares = initMiddlewares;
|
|
39
22
|
process.on('bootstrap-module-subscription', (app, subscriptionMiddleware) => {
|
|
40
|
-
debug('bootstrap-module-subscription');
|
|
41
23
|
subscriptionMiddleware.push(jwt_authenticate_middleware_1.jwtAuthenticateMiddleware, domain_authenticate_middleware_1.domainAuthenticateMiddleware);
|
|
42
24
|
// subscriptionMiddleware.push(jwtAuthenticateMiddleware, async (context, next) => {
|
|
43
25
|
// const { domain, user } = context.state
|
|
@@ -50,8 +32,8 @@ process.on('bootstrap-module-subscription', (app, subscriptionMiddleware) => {
|
|
|
50
32
|
// await next()
|
|
51
33
|
// })
|
|
52
34
|
});
|
|
53
|
-
__exportStar(require("./jwt-authenticate-middleware"), exports);
|
|
54
|
-
__exportStar(require("./domain-authenticate-middleware"), exports);
|
|
55
|
-
__exportStar(require("./signin-middleware"), exports);
|
|
56
|
-
__exportStar(require("./authenticate-401-middleware"), exports);
|
|
35
|
+
tslib_1.__exportStar(require("./jwt-authenticate-middleware"), exports);
|
|
36
|
+
tslib_1.__exportStar(require("./domain-authenticate-middleware"), exports);
|
|
37
|
+
tslib_1.__exportStar(require("./signin-middleware"), exports);
|
|
38
|
+
tslib_1.__exportStar(require("./authenticate-401-middleware"), exports);
|
|
57
39
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/middlewares/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/middlewares/index.ts"],"names":[],"mappings":";;;;AAAA,wEAAmC;AAEnC,+EAAyE;AACzE,qFAA+E;AAC/E,uFAAiF;AACjF,+EAAyE;AAEzE,SAAgB,eAAe,CAAC,GAAQ;IACtC,yBAAyB;IACzB,GAAG,CAAC,GAAG,CAAC,sBAAQ,CAAC,UAAU,EAAE,CAAC,CAAA;IAE9B,mCAAmC;IACnC,GAAG,CAAC,GAAG,CAAC,uDAAyB,CAAC,CAAA;IAElC;;;OAGG;IACH,GAAG,CAAC,GAAG,CAAC,+DAA6B,CAAC,CAAA;AACxC,CAAC;AAZD,0CAYC;AAED,OAAO,CAAC,EAAE,CAAC,+BAAsC,EAAE,CAAC,GAAG,EAAE,sBAAsB,EAAE,EAAE;IACjF,sBAAsB,CAAC,IAAI,CAAC,uDAAyB,EAAE,6DAA4B,CAAC,CAAA;IAEpF,oFAAoF;IACpF,2CAA2C;IAE3C,+EAA+E;IAC/E,kFAAkF;IAClF,qCAAqC;IACrC,kCAAkC;IAClC,MAAM;IAEN,yDAAyD;IAEzD,iBAAiB;IACjB,KAAK;AACP,CAAC,CAAC,CAAA;AAEF,wEAA6C;AAC7C,2EAAgD;AAChD,8DAAmC;AACnC,wEAA6C","sourcesContent":["import passport from 'koa-passport'\n\nimport { authenticate401Middleware } from './authenticate-401-middleware'\nimport { domainAuthenticateMiddleware } from './domain-authenticate-middleware'\nimport { graphqlAuthenticateMiddleware } from './graphql-authenticate-middleware'\nimport { jwtAuthenticateMiddleware } from './jwt-authenticate-middleware'\n\nexport function initMiddlewares(app: any) {\n /* passport initialize */\n app.use(passport.initialize())\n\n /* authentication error handling */\n app.use(authenticate401Middleware)\n\n /*\n * post:graphql 에 대해서는 authenticationMiddleware를 적용한다.\n * graphql app을 router에 적용하지 못하기 때문임.\n */\n app.use(graphqlAuthenticateMiddleware)\n}\n\nprocess.on('bootstrap-module-subscription' as any, (app, subscriptionMiddleware) => {\n subscriptionMiddleware.push(jwtAuthenticateMiddleware, domainAuthenticateMiddleware)\n\n // subscriptionMiddleware.push(jwtAuthenticateMiddleware, async (context, next) => {\n // const { domain, user } = context.state\n\n // if (domain && !user.domains.find(d => d.subdomain === domain.subdomain)) {\n // let message = `subdomain '${domain.subdomain}' is not allowed for the user`\n // debug('subscription', message)\n // context.throw(401, message)\n // }\n\n // debug('subscription', user.email, domain?.subdomain)\n\n // await next()\n // })\n})\n\nexport * from './jwt-authenticate-middleware'\nexport * from './domain-authenticate-middleware'\nexport * from './signin-middleware'\nexport * from './authenticate-401-middleware'\n"]}
|
|
@@ -1,18 +1,15 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
3
|
exports.jwtAuthenticateMiddleware = void 0;
|
|
7
|
-
const
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const passport_1 = tslib_1.__importDefault(require("passport"));
|
|
8
6
|
const passport_jwt_1 = require("passport-jwt");
|
|
7
|
+
const make_verification_token_1 = require("../controllers/utils/make-verification-token");
|
|
8
|
+
const save_verification_token_1 = require("../controllers/utils/save-verification-token");
|
|
9
9
|
const user_1 = require("../service/user/user");
|
|
10
10
|
const verification_token_1 = require("../service/verification-token/verification-token");
|
|
11
|
-
const get_secret_1 = require("../utils/get-secret");
|
|
12
11
|
const access_token_cookie_1 = require("../utils/access-token-cookie");
|
|
13
|
-
const
|
|
14
|
-
const save_verification_token_1 = require("../controllers/utils/save-verification-token");
|
|
15
|
-
const debug = require('debug')('things-factory:auth-base:jwt-authenticate-middleware');
|
|
12
|
+
const get_secret_1 = require("../utils/get-secret");
|
|
16
13
|
passport_1.default.use(new passport_jwt_1.Strategy({
|
|
17
14
|
secretOrKey: get_secret_1.SECRET,
|
|
18
15
|
passReqToCallback: true,
|
|
@@ -40,14 +37,11 @@ async function jwtAuthenticateMiddleware(context, next) {
|
|
|
40
37
|
const { path } = context;
|
|
41
38
|
const { user } = context.state;
|
|
42
39
|
if (user) {
|
|
43
|
-
debug('reuse user', path, user === null || user === void 0 ? void 0 : user.email);
|
|
44
40
|
return await next();
|
|
45
41
|
}
|
|
46
42
|
return await passport_1.default.authenticate('jwt', { session: false }, async (err, decoded, info) => {
|
|
47
|
-
debug('passport.authenticate - jwt', path);
|
|
48
43
|
if (err || !decoded) {
|
|
49
44
|
const e = (context.state.error = err || info);
|
|
50
|
-
debug('error - jwt', path, err === null || err === void 0 ? void 0 : err.message, info === null || info === void 0 ? void 0 : info.message);
|
|
51
45
|
// TODO cookie 가 authenticate에 적용된 상황에서 오류가 발생한 경우만, 쿠키를 클리어한다.
|
|
52
46
|
(0, access_token_cookie_1.clearAccessTokenCookie)(context);
|
|
53
47
|
context.throw(401, e.message);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/jwt-authenticate-middleware.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jwt-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/jwt-authenticate-middleware.ts"],"names":[],"mappings":";;;;AAAA,gEAA+B;AAC/B,+CAAkE;AAElE,0FAAoF;AACpF,0FAAoF;AACpF,+CAAuD;AACvD,yFAAwF;AACxF,sEAA2F;AAC3F,oDAA4C;AAE5C,kBAAQ,CAAC,GAAG,CACV,IAAI,uBAAW,CACb;IACE,WAAW,EAAE,mBAAM;IACnB,iBAAiB,EAAE,IAAI;IACvB,cAAc,EAAE,yBAAU,CAAC,cAAc,CAAC;QACxC,yBAAU,CAAC,2BAA2B,EAAE;QACxC,yBAAU,CAAC,UAAU,CAAC,eAAe,CAAC;QACtC,yBAAU,CAAC,UAAU,CAAC,gBAAgB,CAAC;QACvC,yBAAU,CAAC,qBAAqB,CAAC,cAAc,CAAC;QAChD,yBAAU,CAAC,aAAa,CAAC,cAAc,CAAC;QACxC,GAAG,CAAC,EAAE;YACJ,IAAI,KAAK,GAAG,IAAI,CAAA;YAChB,KAAK,GAAG,IAAA,0CAAoB,EAAC,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,GAAG,CAAC,CAAA;YACtC,OAAO,KAAK,CAAA;QACd,CAAC;KACF,CAAC;CACH,EACD,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/B,IAAI;QACF,OAAO,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;KAC3B;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,IAAI,CAAC,KAAK,CAAC,CAAA;KACnB;AACH,CAAC,CACF,CACF,CAAA;AAEM,KAAK,UAAU,yBAAyB,CAAC,OAAO,EAAE,IAAI;IAC3D,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAA;IACxB,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,IAAI,EAAE;QACR,OAAO,MAAM,IAAI,EAAE,CAAA;KACpB;IAED,OAAO,MAAM,kBAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QACzF,IAAI,GAAG,IAAI,CAAC,OAAO,EAAE;YACnB,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,IAAI,IAAI,CAAC,CAAA;YAE7C,+DAA+D;YAC/D,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;YAE/B,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,CAAA;SAC9B;aAAM;YACL,MAAM,UAAU,GAAG,MAAM,WAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;YAEhD,IAAI,UAAU,CAAC,MAAM,KAAK,iBAAU,CAAC,kBAAkB,EAAE;gBACvD,IAAI;oBACF,MAAM,KAAK,GAAG,IAAA,+CAAqB,GAAE,CAAA;oBACrC,MAAM,IAAA,+CAAqB,EAAC,UAAU,CAAC,EAAE,EAAE,KAAK,EAAE,0CAAqB,CAAC,cAAc,CAAC,CAAA;oBACvF,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;oBAC/B,OAAO,CAAC,QAAQ,CAAC,8BAA8B,KAAK,EAAE,CAAC,CAAA;iBACxD;gBAAC,OAAO,CAAC,EAAE;oBACV,MAAM,GAAG,CAAA;iBACV;aACF;iBAAM;gBACL,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,UAAU,CAAA;gBAC/B,OAAO,CAAC,KAAK,CAAC,YAAY,GAAG,OAAO,CAAA;gBACpC,MAAM,IAAI,EAAE,CAAA;aACb;SACF;IACH,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACnB,CAAC;AAlCD,8DAkCC","sourcesContent":["import passport from 'passport'\nimport { ExtractJwt, Strategy as JWTstrategy } from 'passport-jwt'\n\nimport { makeVerificationToken } from '../controllers/utils/make-verification-token'\nimport { saveVerificationToken } from '../controllers/utils/save-verification-token'\nimport { User, UserStatus } from '../service/user/user'\nimport { VerificationTokenType } from '../service/verification-token/verification-token'\nimport { clearAccessTokenCookie, getAccessTokenCookie } from '../utils/access-token-cookie'\nimport { SECRET } from '../utils/get-secret'\n\npassport.use(\n new JWTstrategy(\n {\n secretOrKey: SECRET,\n passReqToCallback: true,\n jwtFromRequest: ExtractJwt.fromExtractors([\n ExtractJwt.fromAuthHeaderAsBearerToken(),\n ExtractJwt.fromHeader('authorization'),\n ExtractJwt.fromHeader('x-access-token'),\n ExtractJwt.fromUrlQueryParameter('access_token'),\n ExtractJwt.fromBodyField('access_token'),\n req => {\n var token = null\n token = getAccessTokenCookie(req?.ctx)\n return token\n }\n ])\n },\n async (request, decoded, done) => {\n try {\n return done(null, decoded)\n } catch (error) {\n return done(error)\n }\n }\n )\n)\n\nexport async function jwtAuthenticateMiddleware(context, next) {\n const { path } = context\n const { user } = context.state\n if (user) {\n return await next()\n }\n\n return await passport.authenticate('jwt', { session: false }, async (err, decoded, info) => {\n if (err || !decoded) {\n const e = (context.state.error = err || info)\n\n // TODO cookie 가 authenticate에 적용된 상황에서 오류가 발생한 경우만, 쿠키를 클리어한다.\n clearAccessTokenCookie(context)\n\n context.throw(401, e.message)\n } else {\n const userEntity = await User.checkAuth(decoded)\n\n if (userEntity.status === UserStatus.PWD_RESET_REQUIRED) {\n try {\n const token = makeVerificationToken()\n await saveVerificationToken(userEntity.id, token, VerificationTokenType.PASSWORD_RESET)\n clearAccessTokenCookie(context)\n context.redirect(`/auth/reset-password?token=${token}`)\n } catch (e) {\n throw err\n }\n } else {\n context.state.user = userEntity\n context.state.decodedToken = decoded\n await next()\n }\n }\n })(context, next)\n}\n"]}
|
|
@@ -1,13 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
3
|
exports.signinMiddleware = void 0;
|
|
7
|
-
const
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const passport_1 = tslib_1.__importDefault(require("passport"));
|
|
8
6
|
const passport_local_1 = require("passport-local");
|
|
9
7
|
const signin_1 = require("../controllers/signin");
|
|
10
|
-
const debug = require('debug')('things-factory:auth-base:signin-middleware');
|
|
11
8
|
passport_1.default.use('signin', new passport_local_1.Strategy({
|
|
12
9
|
usernameField: 'email',
|
|
13
10
|
passwordField: 'password'
|
|
@@ -32,7 +29,6 @@ passport_1.default.use('signin', new passport_local_1.Strategy({
|
|
|
32
29
|
async function signinMiddleware(context, next) {
|
|
33
30
|
return passport_1.default.authenticate('signin', { session: false }, async (err, user, info) => {
|
|
34
31
|
if (err || !user) {
|
|
35
|
-
debug('signin fail', err);
|
|
36
32
|
throw err;
|
|
37
33
|
}
|
|
38
34
|
else {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signin-middleware.js","sourceRoot":"","sources":["../../server/middlewares/signin-middleware.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"signin-middleware.js","sourceRoot":"","sources":["../../server/middlewares/signin-middleware.ts"],"names":[],"mappings":";;;;AAAA,gEAA+B;AAC/B,mDAA0D;AAE1D,kDAA8C;AAE9C,kBAAQ,CAAC,GAAG,CACV,QAAQ,EACR,IAAI,yBAAa,CACf;IACE,aAAa,EAAE,OAAO;IACtB,aAAa,EAAE,UAAU;CAC1B,EACD,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE;IAC9B,IAAI;QACF,MAAM,EACJ,IAAI,EAAE,QAAQ,EACd,KAAK,EACL,OAAO,EACR,GAAG,MAAM,IAAA,eAAM,EAAC;YACf,KAAK;YACL,QAAQ;SACT,CAAC,CAAA;QAEF,OAAO,IAAI,CACT,IAAI,EACJ;YACE,IAAI,EAAE,QAAQ;YACd,KAAK;YACL,OAAO;SACR,EACD;YACE,OAAO,EAAE,wBAAwB;SAClC,CACF,CAAA;KACF;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,IAAI,CAAC,KAAK,CAAC,CAAA;KACnB;AACH,CAAC,CACF,CACF,CAAA;AAEM,KAAK,UAAU,gBAAgB,CAAC,OAAO,EAAE,IAAI;IAClD,OAAO,kBAAQ,CAAC,YAAY,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;QACnF,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE;YAChB,MAAM,GAAG,CAAA;SACV;aAAM;YACL,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;YAEtC,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,QAAQ,CAAA;YAC7B,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,KAAK,CAAA;YAE3B,MAAM,IAAI,EAAE,CAAA;SACb;IACH,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACnB,CAAC;AAbD,4CAaC","sourcesContent":["import passport from 'passport'\nimport { Strategy as localStrategy } from 'passport-local'\n\nimport { signin } from '../controllers/signin'\n\npassport.use(\n 'signin',\n new localStrategy(\n {\n usernameField: 'email',\n passwordField: 'password'\n },\n async (email, password, done) => {\n try {\n const {\n user: userInfo,\n token,\n domains\n } = await signin({\n email,\n password\n })\n\n return done(\n null,\n {\n user: userInfo,\n token,\n domains\n },\n {\n message: 'Logged in Successfully'\n }\n )\n } catch (error) {\n return done(error)\n }\n }\n )\n)\n\nexport async function signinMiddleware(context, next) {\n return passport.authenticate('signin', { session: false }, async (err, user, info) => {\n if (err || !user) {\n throw err\n } else {\n const { user: userInfo, token } = user\n\n context.state.user = userInfo\n context.state.token = token\n\n await next()\n }\n })(context, next)\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"1548206416130-SeedUser.js","sourceRoot":"","sources":["../../server/migrations/1548206416130-SeedUser.ts"],"names":[],"mappings":";;;AAAA,qCAAwE;AAExE,6CAAoD;AACpD,iDAA8C;AAE9C,+CAAuD;AAEvD,MAAM,aAAa,GAAG,YAAM,CAAC,GAAG,CAAC,cAAc,EAAE;IAC/C,IAAI,EAAE,OAAO;IACb,KAAK,EAAE,oBAAoB;IAC3B,QAAQ,EAAE,OAAO;CAClB,CAAC,CAAA;AAEF,MAAM,UAAU,GAAG;oCAEZ,aAAa,KAChB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,iBAAU,CAAC,SAAS;CAE/B,CAAA;AACD,MAAa,sBAAsB;IAC1B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,cAAc,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAA,uBAAa,EAAC,cAAM,CAAC,CAAA;QAE9C,MAAM,MAAM,GAAW,MAAM,gBAAgB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAEpF,IAAI;YACF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;gBAC1C,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC1B,MAAM,IAAI,GAAG,WAAI,CAAC,YAAY,EAAE,CAAA;gBAChC,MAAM,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;gBAEjD,MAAM,cAAc,CAAC,IAAI,iCACpB,IAAI,KACP,IAAI;oBACJ,QAAQ,EACR,OAAO,EAAE,CAAC,MAAM,CAAC,IACjB,CAAA;aACH;SACF;QAAC,OAAO,CAAC,EAAE;YACV,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;SAChB;QAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,CAAC,CAAA;QACtF,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,EAAE,CAAA;QAEvB,MAAM,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACxC,MAAM,UAAU,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;QAEtC,UAAU,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;YACxC,IAAI,MAAM,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAA;YAC5D,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QACjC,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAtCD,wDAsCC"}
|
|
1
|
+
{"version":3,"file":"1548206416130-SeedUser.js","sourceRoot":"","sources":["../../server/migrations/1548206416130-SeedUser.ts"],"names":[],"mappings":";;;AAAA,qCAAwE;AAExE,6CAAoD;AACpD,iDAA8C;AAE9C,+CAAuD;AAEvD,MAAM,aAAa,GAAG,YAAM,CAAC,GAAG,CAAC,cAAc,EAAE;IAC/C,IAAI,EAAE,OAAO;IACb,KAAK,EAAE,oBAAoB;IAC3B,QAAQ,EAAE,OAAO;CAClB,CAAC,CAAA;AAEF,MAAM,UAAU,GAAG;oCAEZ,aAAa,KAChB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,iBAAU,CAAC,SAAS;CAE/B,CAAA;AACD,MAAa,sBAAsB;IAC1B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,cAAc,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAA,uBAAa,EAAC,cAAM,CAAC,CAAA;QAE9C,MAAM,MAAM,GAAW,MAAM,gBAAgB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAEpF,IAAI;YACF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;gBAC1C,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC1B,MAAM,IAAI,GAAG,WAAI,CAAC,YAAY,EAAE,CAAA;gBAChC,MAAM,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;gBAEjD,MAAM,cAAc,CAAC,IAAI,iCACpB,IAAI,KACP,IAAI;oBACJ,QAAQ,EACR,OAAO,EAAE,CAAC,MAAM,CAAC,IACjB,CAAA;aACH;SACF;QAAC,OAAO,CAAC,EAAE;YACV,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;SAChB;QAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,oBAAoB,EAAE,EAAE,CAAC,CAAA;QACtF,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,EAAE,CAAA;QAEvB,MAAM,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACxC,MAAM,UAAU,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;QAEtC,UAAU,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;YACxC,IAAI,MAAM,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAA;YAC5D,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QACjC,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAtCD,wDAsCC","sourcesContent":["import { getRepository, MigrationInterface, QueryRunner } from 'typeorm'\n\nimport { config, logger } from '@things-factory/env'\nimport { Domain } from '@things-factory/shell'\n\nimport { User, UserStatus } from '../service/user/user'\n\nconst ADMIN_ACCOUNT = config.get('adminAccount', {\n name: 'Admin',\n email: 'admin@hatiolab.com',\n password: 'admin'\n})\n\nconst SEED_USERS = [\n {\n ...ADMIN_ACCOUNT,\n userType: 'user',\n status: UserStatus.ACTIVATED\n }\n]\nexport class SeedUsers1548206416130 implements MigrationInterface {\n public async up(queryRunner: QueryRunner): Promise<any> {\n const userRepository = getRepository(User)\n const domainRepository = getRepository(Domain)\n\n const domain: Domain = await domainRepository.findOne({ where: { name: 'SYSTEM' } })\n\n try {\n for (let i = 0; i < SEED_USERS.length; i++) {\n const user = SEED_USERS[i]\n const salt = User.generateSalt()\n const password = User.encode(user.password, salt)\n\n await userRepository.save({\n ...user,\n salt,\n password,\n domains: [domain]\n })\n }\n } catch (e) {\n logger.error(e)\n }\n\n const admin = await userRepository.findOne({ where: { email: 'admin@hatiolab.com' } })\n domain.owner = admin.id\n\n await domainRepository.save(domain)\n }\n\n public async down(queryRunner: QueryRunner): Promise<any> {\n const repository = getRepository(User)\n\n SEED_USERS.reverse().forEach(async user => {\n let record = await repository.findOne({ email: user.email })\n await repository.remove(record)\n })\n }\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"1566805283882-SeedPrivilege.js","sourceRoot":"","sources":["../../server/migrations/1566805283882-SeedPrivilege.ts"],"names":[],"mappings":";;;AAAA,qCAAwE;AAExE,6CAA4C;AAE5C,8DAA0D;AAE1D,MAAa,0BAA0B;IAC9B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,mBAAmB,GAAG,IAAA,uBAAa,EAAC,qBAAS,CAAC,CAAA;QAEpD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,0CAA0C,CAAC,CAAA;QACtE,MAAM,MAAM,EAAE,CAAA;QACd,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;QAExC,IAAI;YACF,KAAK,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAA8B,CAAC,EAAE;gBAC5E,IAAI,CAAC,IAAI,CAAC,MAAM,mBAAmB,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE;oBACzE,MAAM,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;iBACnD;aACF;SACF;QAAC,OAAO,CAAC,EAAE;YACV,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;SAChB;IACH,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB,IAAiB,CAAC;CAC7D;AApBD,gEAoBC"}
|
|
1
|
+
{"version":3,"file":"1566805283882-SeedPrivilege.js","sourceRoot":"","sources":["../../server/migrations/1566805283882-SeedPrivilege.ts"],"names":[],"mappings":";;;AAAA,qCAAwE;AAExE,6CAA4C;AAE5C,8DAA0D;AAE1D,MAAa,0BAA0B;IAC9B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,mBAAmB,GAAG,IAAA,uBAAa,EAAC,qBAAS,CAAC,CAAA;QAEpD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,0CAA0C,CAAC,CAAA;QACtE,MAAM,MAAM,EAAE,CAAA;QACd,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;QAExC,IAAI;YACF,KAAK,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAA8B,CAAC,EAAE;gBAC5E,IAAI,CAAC,IAAI,CAAC,MAAM,mBAAmB,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE;oBACzE,MAAM,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;iBACnD;aACF;SACF;QAAC,OAAO,CAAC,EAAE;YACV,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;SAChB;IACH,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB,IAAiB,CAAC;CAC7D;AApBD,gEAoBC","sourcesContent":["import { getRepository, MigrationInterface, QueryRunner } from 'typeorm'\n\nimport { logger } from '@things-factory/env'\n\nimport { Privilege } from '../service/privilege/privilege'\n\nexport class SeedPrivilege1566805283882 implements MigrationInterface {\n public async up(queryRunner: QueryRunner): Promise<any> {\n const privilegeRepository = getRepository(Privilege)\n\n const { schema } = require('@things-factory/shell/dist-server/schema')\n await schema()\n const privileges = process['PRIVILEGES']\n\n try {\n for (const [category, name] of Object.values(privileges as [string, string])) {\n if (0 == (await privilegeRepository.count({ where: { category, name } }))) {\n await privilegeRepository.save({ category, name })\n }\n }\n } catch (e) {\n logger.error(e)\n }\n }\n\n public async down(queryRunner: QueryRunner): Promise<any> {}\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/migrations/index.ts"],"names":[],"mappings":";;;AAAA,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAEjB,QAAA,UAAU,GAAG,EAAE,CAAA;AAE1B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAS,IAAI;IACzE,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAAE,OAAM;IAC3C,kBAAU,GAAG,kBAAU,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;AAClF,CAAC,CAAC,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/migrations/index.ts"],"names":[],"mappings":";;;AAAA,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAEjB,QAAA,UAAU,GAAG,EAAE,CAAA;AAE1B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAS,IAAI;IACzE,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAAE,OAAM;IAC3C,kBAAU,GAAG,kBAAU,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;AAClF,CAAC,CAAC,CAAA","sourcesContent":["const glob = require('glob')\nconst path = require('path')\n\nexport var migrations = []\n\nglob.sync(path.resolve(__dirname, '.', '**', '*.js')).forEach(function(file) {\n if (file.indexOf('index.js') !== -1) return\n migrations = migrations.concat(Object.values(require(path.resolve(file))) || [])\n})\n"]}
|
|
@@ -1,17 +1,14 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
3
|
exports.authCheckinRouter = void 0;
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const koa_router_1 = tslib_1.__importDefault(require("koa-router"));
|
|
7
6
|
const env_1 = require("@things-factory/env");
|
|
8
|
-
const accepts_1 = require("../utils/accepts");
|
|
9
7
|
const shell_1 = require("@things-factory/shell");
|
|
10
|
-
const koa_router_1 = __importDefault(require("koa-router"));
|
|
11
8
|
const login_history_1 = require("../service/login-history/login-history");
|
|
9
|
+
const accepts_1 = require("../utils/accepts");
|
|
12
10
|
const access_token_cookie_1 = require("../utils/access-token-cookie");
|
|
13
11
|
const get_user_domains_1 = require("../utils/get-user-domains");
|
|
14
|
-
const debug = require('debug')('things-factory:auth-base:checkin-router');
|
|
15
12
|
const domainType = env_1.config.get('domainType');
|
|
16
13
|
exports.authCheckinRouter = new koa_router_1.default();
|
|
17
14
|
exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {
|
|
@@ -25,7 +22,6 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
|
|
|
25
22
|
if (!(0, accepts_1.accepts)(header.accept, ['text/html', '*/*'])) {
|
|
26
23
|
// When request expects non html response
|
|
27
24
|
try {
|
|
28
|
-
debug('get:/auth/checkin/:subdomain?', subdomain);
|
|
29
25
|
if (!subdomain)
|
|
30
26
|
throw new Error(t('error.domain not specified', { subdomain })); // When params doesn't have subdomain
|
|
31
27
|
const checkInDomain = domains.find((d) => d.subdomain === subdomain); // When no matched domain with subdomain
|
|
@@ -44,7 +40,6 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
|
|
|
44
40
|
const { redirect_to: redirectTo = '/' } = context.query;
|
|
45
41
|
try {
|
|
46
42
|
let message;
|
|
47
|
-
debug('get:/auth/checkin/:subdomain?', subdomain, redirectTo);
|
|
48
43
|
if (!subdomain) {
|
|
49
44
|
/* try to find domain from redirectTo path */
|
|
50
45
|
subdomain = (0, shell_1.findSubdomainFromPath)(context, redirectTo);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-checkin-router.js","sourceRoot":"","sources":["../../server/router/auth-checkin-router.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth-checkin-router.js","sourceRoot":"","sources":["../../server/router/auth-checkin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA+F;AAE/F,0EAAqE;AAErE,8CAA0C;AAC1C,sEAAqE;AACrE,gEAA0D;AAE1D,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;AAE9B,QAAA,iBAAiB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE7C,yBAAiB,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzE,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;IAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAElC,IAAI,OAAO,GAAa,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IAClD,IAAI,UAAU;QAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IAEtE,IAAI,CAAC,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE;QACjD,yCAAyC;QACzC,IAAI;YACF,IAAI,CAAC,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA,CAAC,qCAAqC;YACrH,MAAM,aAAa,GAAuB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAA,CAAC,wCAAwC;YACzI,IAAI,CAAC,aAAa;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;YAEnF,MAAM,OAAO,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;YAC3C,OAAO,CAAC,IAAI,GAAG,IAAI,CAAA;SACpB;QAAC,OAAO,CAAC,EAAE;YACV,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,MAAM,CAAC,CAAA;SACR;KACF;SAAM;QACL,qCAAqC;QACrC,MAAM,EAAE,WAAW,EAAE,UAAU,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEvD,IAAI;YACF,IAAI,OAAe,CAAA;YAEnB,IAAI,CAAC,SAAS,EAAE;gBACd,6CAA6C;gBAC7C,SAAS,GAAG,IAAA,6BAAqB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAA;aACvD;YAED,IAAI,aAAqB,CAAA;YACzB,IAAI,SAAS,EAAE;gBACb,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;gBAC3D,IAAI,CAAC,aAAa;oBAAE,OAAO,GAAG,CAAC,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAA;aAC3E;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC/B,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;aAC3B;YAED,IAAI,aAAa;gBAAE,OAAO,MAAM,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YAE3E,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,cAAc;gBAC3B,aAAa,EAAE,kBAAkB;gBACjC,IAAI,EAAE;oBACJ,IAAI;oBACJ,OAAO;oBACP,UAAU;oBACV,UAAU;oBACV,OAAO;iBACR;aACF,CAAC,CAAA;SACH;QAAC,OAAO,CAAC,EAAE;YACV,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,OAAO,CAAC,QAAQ,CACd,sBAAsB,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,CACrG,CAAA;SACF;KACF;AACH,CAAC,CAAC,CAAA;AAEF,yBAAiB,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,EAAC,OAAO,EAAC,EAAE;IACrD,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,OAAO,GAAG,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IACxC,IAAI,UAAU,EAAE;QACd,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;KACvD;IAED,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,KAAK,UAAU,OAAO,CAAC,aAAqB,EAAE,UAAyB,EAAE,OAAY;IACnF,MAAM,IAAI,GAAS,OAAO,CAAC,KAAK,CAAC,IAAI,CAAA;IACrC,MAAM,4BAAY,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,CAAC,CAAA;IAEnF,IAAI,UAAU,EAAE;QACd,OAAO,OAAO,CAAC,QAAQ,CAAC,IAAA,gCAAwB,EAAC,OAAO,EAAE,aAAa,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAA;KAChG;AACH,CAAC","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, findSubdomainFromPath, getRedirectSubdomainPath } from '@things-factory/shell'\n\nimport { LoginHistory } from '../service/login-history/login-history'\nimport { User } from '../service/user/user'\nimport { accepts } from '../utils/accepts'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst domainType = config.get('domainType')\n\nexport const authCheckinRouter = new Router()\n\nauthCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {\n const { request, t } = context\n const header = request.header\n const { user } = context.state\n let { subdomain } = context.params\n\n let domains: Domain[] = await getUserDomains(user)\n if (domainType) domains = domains.filter(d => d.extType == domainType)\n\n if (!accepts(header.accept, ['text/html', '*/*'])) {\n // When request expects non html response\n try {\n if (!subdomain) throw new Error(t('error.domain not specified', { subdomain })) // When params doesn't have subdomain\n const checkInDomain: Domain | undefined = domains.find((d: Domain) => d.subdomain === subdomain) // When no matched domain with subdomain\n if (!checkInDomain) throw new Error(t('error.domain not specified', { subdomain }))\n\n await checkIn(checkInDomain, null, context)\n context.body = true\n } catch (e) {\n clearAccessTokenCookie(context)\n throw e\n }\n } else {\n // When request expects html response\n const { redirect_to: redirectTo = '/' } = context.query\n\n try {\n let message: string\n\n if (!subdomain) {\n /* try to find domain from redirectTo path */\n subdomain = findSubdomainFromPath(context, redirectTo)\n }\n\n let checkInDomain: Domain\n if (subdomain) {\n checkInDomain = domains.find(d => d.subdomain == subdomain)\n if (!checkInDomain) message = t('error.domain not allowed', { subdomain })\n } else if (domains.length === 1) {\n checkInDomain = domains[0]\n }\n\n if (checkInDomain) return await checkIn(checkInDomain, redirectTo, context)\n\n await context.render('auth-page', {\n pageElement: 'auth-checkin',\n elementScript: '/auth/checkin.js',\n data: {\n user,\n domains,\n domainType,\n redirectTo,\n message\n }\n })\n } catch (e) {\n clearAccessTokenCookie(context)\n context.redirect(\n `/auth/signin?email=${encodeURIComponent(user.email)}&redirect_to=${encodeURIComponent(redirectTo)}`\n )\n }\n }\n})\n\nauthCheckinRouter.get('/auth/domains', async context => {\n const { user } = context.state\n var domains = await getUserDomains(user)\n if (domainType) {\n domains = domains.filter(d => d.extType == domainType)\n }\n\n context.body = domains\n})\n\nasync function checkIn(checkInDomain: Domain, redirectTo: string | null, context: any): Promise<void> {\n const user: User = context.state.user\n await LoginHistory.stamp(checkInDomain, user, context.req.connection.remoteAddress)\n\n if (redirectTo) {\n return context.redirect(getRedirectSubdomainPath(context, checkInDomain.subdomain, redirectTo))\n }\n}\n"]}
|
|
@@ -1,19 +1,16 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
-
};
|
|
5
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
3
|
exports.authPrivateProcessRouter = void 0;
|
|
7
|
-
const
|
|
8
|
-
const koa_router_1 = __importDefault(require("koa-router"));
|
|
9
|
-
const get_user_domains_1 = require("../utils/get-user-domains");
|
|
4
|
+
const tslib_1 = require("tslib");
|
|
5
|
+
const koa_router_1 = tslib_1.__importDefault(require("koa-router"));
|
|
10
6
|
const typeorm_1 = require("typeorm");
|
|
7
|
+
const env_1 = require("@things-factory/env");
|
|
11
8
|
const change_pwd_1 = require("../controllers/change-pwd");
|
|
12
9
|
const delete_user_1 = require("../controllers/delete-user");
|
|
13
10
|
const profile_1 = require("../controllers/profile");
|
|
14
11
|
const user_1 = require("../service/user/user");
|
|
15
12
|
const access_token_cookie_1 = require("../utils/access-token-cookie");
|
|
16
|
-
const
|
|
13
|
+
const get_user_domains_1 = require("../utils/get-user-domains");
|
|
17
14
|
const domainType = env_1.config.get('domainType');
|
|
18
15
|
exports.authPrivateProcessRouter = new koa_router_1.default({
|
|
19
16
|
prefix: '/auth'
|
|
@@ -61,18 +58,7 @@ exports.authPrivateProcessRouter
|
|
|
61
58
|
.get('/profile', async (context, next) => {
|
|
62
59
|
const { domain, user } = context.state;
|
|
63
60
|
let domains = await (0, get_user_domains_1.getUserDomains)(user);
|
|
64
|
-
domains = domains
|
|
65
|
-
.filter((d) => d.extType == domainType)
|
|
66
|
-
.map((d) => {
|
|
67
|
-
return {
|
|
68
|
-
subdomain: d.subdomain,
|
|
69
|
-
name: d.name,
|
|
70
|
-
description: d.description,
|
|
71
|
-
extType: d.extType,
|
|
72
|
-
brandName: d.brandName,
|
|
73
|
-
brandImage: d.brandImage
|
|
74
|
-
};
|
|
75
|
-
});
|
|
61
|
+
domains = domains.filter((d) => d.extType == domainType);
|
|
76
62
|
context.body = {
|
|
77
63
|
user: {
|
|
78
64
|
email: user.email,
|
|
@@ -81,7 +67,16 @@ exports.authPrivateProcessRouter
|
|
|
81
67
|
owner: await process.domainOwnerGranted(domain, user),
|
|
82
68
|
super: await process.superUserGranted(domain, user)
|
|
83
69
|
},
|
|
84
|
-
domains
|
|
70
|
+
domains: domains.map((d) => {
|
|
71
|
+
return {
|
|
72
|
+
subdomain: d.subdomain,
|
|
73
|
+
name: d.name,
|
|
74
|
+
description: d.description,
|
|
75
|
+
extType: d.extType,
|
|
76
|
+
brandName: d.brandName,
|
|
77
|
+
brandImage: d.brandImage
|
|
78
|
+
};
|
|
79
|
+
}),
|
|
85
80
|
domain: domain && {
|
|
86
81
|
name: domain.name,
|
|
87
82
|
subdomain: domain.subdomain
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-private-process-router.js","sourceRoot":"","sources":["../../server/router/auth-private-process-router.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth-private-process-router.js","sourceRoot":"","sources":["../../server/router/auth-private-process-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAC/B,qCAAuC;AAEvC,6CAA4C;AAG5C,0DAAqD;AACrD,4DAAuD;AACvD,oDAAsD;AACtD,+CAA2C;AAC3C,sEAA2F;AAC3F,gEAA0D;AAE1D,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;AAE9B,QAAA,wBAAwB,GAAG,IAAI,oBAAM,CAAC;IACjD,MAAM,EAAE,OAAO;CAChB,CAAC,CAAA;AAEF,gCAAwB;KACrB,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEnE,MAAM,KAAK,GAAG,MAAM,IAAA,sBAAS,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAA;IAEhG,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;IAEtD,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;AACtC,CAAC,CAAC;KACD,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/C,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IACxC,MAAM,IAAA,uBAAa,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;IAEpD,IAAI,WAAW,CAAC,MAAM,EAAE;QACtB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,mCAAmC,CAAC,CAAA;KAC1F;SAAM;QACL,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,mCAAmC,CAAC,CAAA;KACtD;AACH,CAAC,CAAC;KACD,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,IAAI,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC5B,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAA;IAE/B,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAE9C,MAAM,QAAQ,GAAG,IAAA,uBAAa,EAAC,WAAI,CAAC,CAAA;IACpC,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QACtC,KAAK,EAAE;YACL,KAAK,EAAE,SAAS;SACjB;QACD,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,KAAK,IAAI,SAAS,IAAI,CAAC,WAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,EAAE;QAClF,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;QAChD,OAAM;KACP;IAED,MAAM,IAAA,wBAAU,EAAC,IAAI,CAAC,CAAA;IAEtB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;IAC/C,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;AACjC,CAAC,CAAC;KACD,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACvC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,IAAI,OAAO,GAAa,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IAClD,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IAEhE,OAAO,CAAC,IAAI,GAAG;QACb,IAAI,EAAE;YACJ,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC;YACrD,KAAK,EAAE,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC;SACpD;QACD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE;YACjC,OAAO;gBACL,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,UAAU,EAAE,CAAC,CAAC,UAAU;aACzB,CAAA;QACH,CAAC,CAAC;QACF,MAAM,EAAE,MAAM,IAAI;YAChB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B;KACF,CAAA;AACH,CAAC,CAAC,CAAA","sourcesContent":["import Router from 'koa-router'\nimport { getRepository } from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain } from '@things-factory/shell'\n\nimport { changePwd } from '../controllers/change-pwd'\nimport { deleteUser } from '../controllers/delete-user'\nimport { updateProfile } from '../controllers/profile'\nimport { User } from '../service/user/user'\nimport { clearAccessTokenCookie, setAccessTokenCookie } from '../utils/access-token-cookie'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst domainType = config.get('domainType')\n\nexport const authPrivateProcessRouter = new Router({\n prefix: '/auth'\n})\n\nauthPrivateProcessRouter\n .post('/change-pass', async (context, next) => {\n const { t } = context\n let { current_pass, new_pass, confirm_pass } = context.request.body\n\n const token = await changePwd(context.state.user, current_pass, new_pass, confirm_pass, context)\n\n context.body = t('text.password changed successfully')\n\n setAccessTokenCookie(context, token)\n })\n .post('/update-profile', async (context, next) => {\n const { i18next, t } = context\n const newProfiles = context.request.body\n await updateProfile(context.state.user, newProfiles)\n\n if (newProfiles.locale) {\n context.body = i18next.getFixedT(newProfiles.locale)('text.profile changed successfully')\n } else {\n context.body = t('text.profile changed successfully')\n }\n })\n .post('/delete-user', async (context, next) => {\n const { t } = context\n var { user } = context.state\n var { email: userEmail } = user\n\n var { password, email } = context.request.body\n\n const userRepo = getRepository(User)\n const userInfo = await userRepo.findOne({\n where: {\n email: userEmail\n },\n relations: ['domains']\n })\n\n if (email != userEmail || !User.verify(userInfo.password, password, userInfo.salt)) {\n context.status = 401\n context.body = t('error.user validation failed')\n return\n }\n\n await deleteUser(user)\n\n context.body = t('text.delete account succeed')\n clearAccessTokenCookie(context)\n })\n .get('/profile', async (context, next) => {\n const { domain, user } = context.state\n\n let domains: Domain[] = await getUserDomains(user)\n domains = domains.filter((d: Domain) => d.extType == domainType)\n\n context.body = {\n user: {\n email: user.email,\n name: user.name,\n userType: user.userType,\n owner: await process.domainOwnerGranted(domain, user),\n super: await process.superUserGranted(domain, user)\n },\n domains: domains.map((d: Domain) => {\n return {\n subdomain: d.subdomain,\n name: d.name,\n description: d.description,\n extType: d.extType,\n brandName: d.brandName,\n brandImage: d.brandImage\n }\n }),\n domain: domain && {\n name: domain.name,\n subdomain: domain.subdomain\n }\n }\n })\n"]}
|