npm - @things-factory/auth-base - Versions diffs - 5.0.7 → 6.0.0-alpha.0 - Mend

@things-factory/auth-base 5.0.7 → 6.0.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (411) hide show

package/server/errors/user-domain-not-match-error.ts CHANGED Viewed

@@ -15,11 +15,14 @@ export class DomainError extends AuthError {
       REDIRECT_TO_DEFAULT_DOMAIN
     }
   }
   domains: any
   constructor({ errorCode = UNAVAILABLE_DOMAIN, domains }) {
     super({
       errorCode
     })
     this.name = 'user-domain-not-match'
     this.domains = domains
   }

package/server/index.ts CHANGED Viewed

@@ -1,3 +1,5 @@
+import './routes'
 export * from './service'
 export * from './migrations'
@@ -12,4 +14,4 @@ export * from './utils/check-user-belongs-domain'
 export * from './utils/access-token-cookie'
 export * from './errors'
-import './routes'
+export * from './types'

package/server/middlewares/authenticate-401-middleware.ts CHANGED Viewed

@@ -1,9 +1,7 @@
-import { SUBDOMAIN_NOTFOUND, USER_LOCKED, USER_NOT_ACTIVATED } from '../constants/error-code'
+import { SUBDOMAIN_NOTFOUND, USER_DUPLICATED, USER_LOCKED, USER_NOT_ACTIVATED } from '../constants/error-code'
 import { AuthError } from '../errors/auth-error'
 import { accepts } from '../utils/accepts'
-const debug = require('debug')('things-factory:auth-base:authenticate-401-middleware')
 export async function authenticate401Middleware(context, next) {
   try {
     await next()
@@ -12,7 +10,6 @@ export async function authenticate401Middleware(context, next) {
     if (err instanceof AuthError) {
       message = context.t(`error.${err.errorCode}`, err.detail || {})
-      debug(`auth error(${err.errorCode})`, message)
     } else {
       if (err?.status !== 401) {
         throw err
@@ -21,8 +18,6 @@ export async function authenticate401Middleware(context, next) {
       message = err.message
     }
-    debug('401 error', message)
     context.status = 401
     context.body = message
@@ -35,7 +30,6 @@ export async function authenticate401Middleware(context, next) {
     const { method, header, path, originalUrl } = context
     if (method == 'POST' && path.startsWith('/graphql')) {
-      debug('Not rewriting', method, path, 'because the graphql request.')
       if (err.errorCode == SUBDOMAIN_NOTFOUND) {
         context.status = 403
       }
@@ -43,13 +37,11 @@ export async function authenticate401Middleware(context, next) {
     }
     if (!accepts(header.accept, ['text/html', '*/*'])) {
-      debug('Not rewriting', method, path, 'because the client does not accept HTML.')
       return
     }
     const { redirect_to } = context.query
     const { redirectTo = redirect_to || originalUrl } = context.request.body || {}
-    debug('rewriting to signin', method, path, message, redirectTo)
     switch (err.errorCode) {
       case SUBDOMAIN_NOTFOUND:
@@ -61,7 +53,7 @@ export async function authenticate401Middleware(context, next) {
           pageElement: 'auth-activate',
           elementScript: '/auth/activate.js',
           data: {
-            email: err.detail.email,
+            ...err.detail,
             message,
             redirectTo
           }
@@ -72,7 +64,18 @@ export async function authenticate401Middleware(context, next) {
           pageElement: 'auth-activate',
           elementScript: '/auth/activate.js',
           data: {
-            email: err.detail.email,
+            ...err.detail,
+            message,
+            redirectTo
+          }
+        })
+      case USER_DUPLICATED:
+        return await context.render('auth-page', {
+          pageElement: 'auth-signup',
+          elementScript: '/auth/signup.js',
+          data: {
+            ...err.detail,
             message,
             redirectTo
           }
@@ -83,6 +86,7 @@ export async function authenticate401Middleware(context, next) {
           pageElement: 'auth-signin',
           elementScript: '/auth/signin.js',
           data: {
+            ...err.detail,
             message: err instanceof AuthError ? message : '',
             redirectTo
           }

package/server/middlewares/domain-authenticate-middleware.ts CHANGED Viewed

@@ -1,8 +1,8 @@
 import { config } from '@things-factory/env'
-import { Domain } from '@things-factory/shell'
-import { getRepository } from 'typeorm'
-import { User } from '../service/user/user'
+import { Domain, getRepository } from '@things-factory/shell'
 import { AuthError } from '../errors/auth-error'
+import { User } from '../service/user/user'
 import { getUserDomains } from '../utils/get-user-domains'
 const useVirtualHostBasedDomain = !!config.get('useVirtualHostBasedDomain')
@@ -18,19 +18,22 @@ declare global {
   }
 }
-const debug = require('debug')('things-factory:auth-base:domain-authenticate-middleware')
 process.domainOwnerGranted = async (domain: Domain, user: User): Promise<boolean> => {
   return domain && domain.owner === user.id
 }
 process.superUserGranted = async (domain: Domain, user: User): Promise<boolean> => {
-  if (!user.domains.length)
-    user = await getRepository(User).findOne(user.id, {
+  if (!user.domains.length) {
+    user = await getRepository(User).findOne({
+      where: { id: user.id },
       relations: ['domains']
     })
+  }
   const systemDomain: Domain = user.domains.find((domain: Domain) => domain.subdomain === 'system')
-  if (!systemDomain) return false
+  if (!systemDomain) {
+    return false
+  }
   return systemDomain.owner === user.id
 }
@@ -51,13 +54,9 @@ export async function domainAuthenticateMiddleware(context: any, next: any) {
   const subdomain: string = domain?.subdomain
-  debug('context - user, subdomain', user?.email, subdomain)
   // 1. 현재 subdomain 이 결정되지 않은 경우.
   // - checkin로 이동한다.
   if (!subdomain) {
-    debug('subdomain not found, move to checkin')
     throw new AuthError({
       errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND
     })

package/server/middlewares/graphql-authenticate-middleware.ts CHANGED Viewed

@@ -1,14 +1,10 @@
-import { jwtAuthenticateMiddleware } from './jwt-authenticate-middleware'
 import { domainAuthenticateMiddleware } from './domain-authenticate-middleware'
-const debug = require('debug')('things-factory:auth-base:graphql-authenticate-middleware')
+import { jwtAuthenticateMiddleware } from './jwt-authenticate-middleware'
 export async function graphqlAuthenticateMiddleware(context, next) {
   const { method, path } = context
   if (method == 'POST' && path.startsWith('/graphql')) {
-    debug(method, path)
     await jwtAuthenticateMiddleware(context, () => {})
     await domainAuthenticateMiddleware(context, () => {})
   }

package/server/middlewares/index.ts CHANGED Viewed

@@ -5,8 +5,6 @@ import { domainAuthenticateMiddleware } from './domain-authenticate-middleware'
 import { graphqlAuthenticateMiddleware } from './graphql-authenticate-middleware'
 import { jwtAuthenticateMiddleware } from './jwt-authenticate-middleware'
-const debug = require('debug')('things-factory:auth-base:middleware')
 export function initMiddlewares(app: any) {
   /* passport initialize */
   app.use(passport.initialize())
@@ -22,8 +20,6 @@ export function initMiddlewares(app: any) {
 }
 process.on('bootstrap-module-subscription' as any, (app, subscriptionMiddleware) => {
-  debug('bootstrap-module-subscription')
   subscriptionMiddleware.push(jwtAuthenticateMiddleware, domainAuthenticateMiddleware)
   // subscriptionMiddleware.push(jwtAuthenticateMiddleware, async (context, next) => {

package/server/middlewares/jwt-authenticate-middleware.ts CHANGED Viewed

@@ -1,13 +1,12 @@
 import passport from 'passport'
 import { ExtractJwt, Strategy as JWTstrategy } from 'passport-jwt'
+import { makeVerificationToken } from '../controllers/utils/make-verification-token'
+import { saveVerificationToken } from '../controllers/utils/save-verification-token'
 import { User, UserStatus } from '../service/user/user'
 import { VerificationTokenType } from '../service/verification-token/verification-token'
+import { clearAccessTokenCookie, getAccessTokenCookie } from '../utils/access-token-cookie'
 import { SECRET } from '../utils/get-secret'
-import { getAccessTokenCookie, clearAccessTokenCookie } from '../utils/access-token-cookie'
-import { makeVerificationToken } from '../controllers/utils/make-verification-token'
-import { saveVerificationToken } from '../controllers/utils/save-verification-token'
-const debug = require('debug')('things-factory:auth-base:jwt-authenticate-middleware')
 passport.use(
   new JWTstrategy(
@@ -41,16 +40,12 @@ export async function jwtAuthenticateMiddleware(context, next) {
   const { path } = context
   const { user } = context.state
   if (user) {
-    debug('reuse user', path, user?.email)
     return await next()
   }
   return await passport.authenticate('jwt', { session: false }, async (err, decoded, info) => {
-    debug('passport.authenticate - jwt', path)
     if (err || !decoded) {
       const e = (context.state.error = err || info)
-      debug('error - jwt', path, err?.message, info?.message)
       // TODO cookie 가 authenticate에 적용된 상황에서 오류가 발생한 경우만, 쿠키를 클리어한다.
       clearAccessTokenCookie(context)

package/server/middlewares/signin-middleware.ts CHANGED Viewed

@@ -1,8 +1,7 @@
 import passport from 'passport'
 import { Strategy as localStrategy } from 'passport-local'
-import { signin } from '../controllers/signin'
-const debug = require('debug')('things-factory:auth-base:signin-middleware')
+import { signin } from '../controllers/signin'
 passport.use(
   'signin',
@@ -13,7 +12,11 @@ passport.use(
     },
     async (email, password, done) => {
       try {
-        const { user: userInfo, token, domains } = await signin({
+        const {
+          user: userInfo,
+          token,
+          domains
+        } = await signin({
           email,
           password
         })
@@ -39,8 +42,6 @@ passport.use(
 export async function signinMiddleware(context, next) {
   return passport.authenticate('signin', { session: false }, async (err, user, info) => {
     if (err || !user) {
-      debug('signin fail', err)
       throw err
     } else {
       const { user: userInfo, token } = user

package/server/migrations/1548206416130-SeedUser.ts CHANGED Viewed

@@ -1,7 +1,7 @@
-import { getRepository, MigrationInterface, QueryRunner } from 'typeorm'
+import { MigrationInterface, QueryRunner } from 'typeorm'
 import { config, logger } from '@things-factory/env'
-import { Domain } from '@things-factory/shell'
+import { Domain, getRepository } from '@things-factory/shell'
 import { User, UserStatus } from '../service/user/user'
@@ -52,7 +52,7 @@ export class SeedUsers1548206416130 implements MigrationInterface {
     const repository = getRepository(User)
     SEED_USERS.reverse().forEach(async user => {
-      let record = await repository.findOne({ email: user.email })
+      let record = await repository.findOneBy({ email: user.email })
       await repository.remove(record)
     })
   }

package/server/migrations/1566805283882-SeedPrivilege.ts CHANGED Viewed

@@ -1,6 +1,7 @@
-import { getRepository, MigrationInterface, QueryRunner } from 'typeorm'
+import { MigrationInterface, QueryRunner } from 'typeorm'
 import { logger } from '@things-factory/env'
+import { getRepository } from '@things-factory/shell'
 import { Privilege } from '../service/privilege/privilege'

package/server/router/auth-checkin-router.ts CHANGED Viewed

@@ -1,13 +1,14 @@
+import Router from 'koa-router'
 import { config } from '@things-factory/env'
-import { accepts } from '../utils/accepts'
 import { Domain, findSubdomainFromPath, getRedirectSubdomainPath } from '@things-factory/shell'
-import Router from 'koa-router'
 import { LoginHistory } from '../service/login-history/login-history'
 import { User } from '../service/user/user'
+import { accepts } from '../utils/accepts'
 import { clearAccessTokenCookie } from '../utils/access-token-cookie'
 import { getUserDomains } from '../utils/get-user-domains'
-const debug = require('debug')('things-factory:auth-base:checkin-router')
 const domainType = config.get('domainType')
 export const authCheckinRouter = new Router()
@@ -24,7 +25,6 @@ authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {
   if (!accepts(header.accept, ['text/html', '*/*'])) {
     // When request expects non html response
     try {
-      debug('get:/auth/checkin/:subdomain?', subdomain)
       if (!subdomain) throw new Error(t('error.domain not specified', { subdomain })) // When params doesn't have subdomain
       const checkInDomain: Domain | undefined = domains.find((d: Domain) => d.subdomain === subdomain) // When no matched domain with subdomain
       if (!checkInDomain) throw new Error(t('error.domain not specified', { subdomain }))
@@ -42,8 +42,6 @@ authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {
     try {
       let message: string
-      debug('get:/auth/checkin/:subdomain?', subdomain, redirectTo)
       if (!subdomain) {
         /* try to find domain from redirectTo path */
         subdomain = findSubdomainFromPath(context, redirectTo)
@@ -89,7 +87,7 @@ authCheckinRouter.get('/auth/domains', async context => {
   context.body = domains
 })
-async function checkIn(checkInDomain: Domain, redirectTo: string | null, context: any): Promise<void> {
+async function checkIn(checkInDomain: Domain, redirectTo: string | null, context: ResolverContext): Promise<void> {
   const user: User = context.state.user
   await LoginHistory.stamp(checkInDomain, user, context.req.connection.remoteAddress)

package/server/router/auth-private-process-router.ts CHANGED Viewed

@@ -1,15 +1,15 @@
-import { config } from '@things-factory/env'
-import { Domain } from '@things-factory/shell'
 import Router from 'koa-router'
-import { getUserDomains } from '../utils/get-user-domains'
-import { getRepository } from 'typeorm'
+import { config } from '@things-factory/env'
+import { Domain, getRepository } from '@things-factory/shell'
 import { changePwd } from '../controllers/change-pwd'
 import { deleteUser } from '../controllers/delete-user'
 import { updateProfile } from '../controllers/profile'
 import { User } from '../service/user/user'
 import { clearAccessTokenCookie, setAccessTokenCookie } from '../utils/access-token-cookie'
+import { getUserDomains } from '../utils/get-user-domains'
-const debug = require('debug')('things-factory:auth-base:auth-private-process-router')
 const domainType = config.get('domainType')
 export const authPrivateProcessRouter = new Router({
@@ -68,18 +68,7 @@ authPrivateProcessRouter
     const { domain, user } = context.state
     let domains: Domain[] = await getUserDomains(user)
-    domains = domains
-      .filter((d: Domain) => d.extType == domainType)
-      .map((d: Domain) => {
-        return {
-          subdomain: d.subdomain,
-          name: d.name,
-          description: d.description,
-          extType: d.extType,
-          brandName: d.brandName,
-          brandImage: d.brandImage
-        }
-      })
+    domains = domains.filter((d: Domain) => d.extType == domainType)
     context.body = {
       user: {
@@ -89,7 +78,16 @@ authPrivateProcessRouter
         owner: await process.domainOwnerGranted(domain, user),
         super: await process.superUserGranted(domain, user)
       },
-      domains,
+      domains: domains.map((d: Domain) => {
+        return {
+          subdomain: d.subdomain,
+          name: d.name,
+          description: d.description,
+          extType: d.extType,
+          brandName: d.brandName,
+          brandImage: d.brandImage
+        }
+      }),
       domain: domain && {
         name: domain.name,
         subdomain: domain.subdomain

package/server/router/auth-public-process-router.ts CHANGED Viewed

@@ -1,16 +1,15 @@
 import Router from 'koa-router'
-import { getRepository } from 'typeorm'
 import { config } from '@things-factory/env'
-import { getSiteRootPath } from '@things-factory/shell'
+import { getRepository, getSiteRootPath } from '@things-factory/shell'
+import { resendInvitationEmail } from '../controllers/invitation'
 import { resetPassword, sendPasswordResetEmail } from '../controllers/reset-password'
 import { unlockUser } from '../controllers/unlock-user'
 import { resendVerificationEmail, verify } from '../controllers/verification'
-import { resendInvitationEmail, acceptInvitation } from '../controllers/invitation'
 import { User } from '../service/user/user'
-import { clearAccessTokenCookie } from '../utils/access-token-cookie'
 import { accepts } from '../utils/accepts'
-const debug = require('debug')('things-factory:auth-base:auth-public-process-router')
+import { clearAccessTokenCookie } from '../utils/access-token-cookie'
 const passwordRule = config.get('password') || {
   lowerCase: true,
@@ -31,14 +30,10 @@ export const authPublicProcessRouter = new Router({
 authPublicProcessRouter.post('/join', async (context, next) => {
   const { email } = context.request.body || {}
-  debug('post:/join', context.request.body)
-  const user: User = await getRepository(User).findOne({
+  const user: User = await getRepository(User).findOneBy({
     email
   })
-  debug('post:/join', email, user?.email)
   if (user) {
     context.redirect(`/auth/signin?email=${email}`)
   } else {
@@ -52,8 +47,6 @@ authPublicProcessRouter.all('/signout', async (context, next) => {
   context.body = t('text.signout successfully')
-  debug('all:/signout', header.accept)
   if (accepts(header.accept, ['text/html', '*/*'])) {
     context.redirect(getSiteRootPath(context))
   }
@@ -62,8 +55,6 @@ authPublicProcessRouter.all('/signout', async (context, next) => {
 authPublicProcessRouter.get('/forgot-password', async (context, next) => {
   const { email } = context.request.query
-  debug('get:/forgot-password', email)
   await context.render('auth-page', {
     pageElement: 'forgot-password',
     elementScript: '/auth/forgot-password.js',
@@ -76,8 +67,6 @@ authPublicProcessRouter.get('/forgot-password', async (context, next) => {
 authPublicProcessRouter.get('/reset-password', async (context, next) => {
   const { token } = context.request.query
-  debug('get:/reset-password', token)
   await context.render('auth-page', {
     pageElement: 'reset-password',
     elementScript: '/auth/reset-password.js',
@@ -91,8 +80,6 @@ authPublicProcessRouter.get('/reset-password', async (context, next) => {
 authPublicProcessRouter.get('/unlock-user', async (context, next) => {
   const { token } = context.request.query
-  debug('get:/unlock-user', token)
   await context.render('auth-page', {
     pageElement: 'unlock-user',
     elementScript: '/auth/unlock-user.js',
@@ -105,8 +92,6 @@ authPublicProcessRouter.get('/unlock-user', async (context, next) => {
 authPublicProcessRouter.get('/activate/:email', async (context, next) => {
   const { email } = context.params
-  debug('get:/activate/:email', email)
   await context.render('auth-page', {
     pageElement: 'auth-activate',
     elementScript: '/auth/activate.js',
@@ -120,8 +105,6 @@ authPublicProcessRouter.get('/verify/:token', async (context, next) => {
   const { header, t } = context
   var token = context.params.token
-  debug('get:/verify/:token', token)
   await verify(token)
   var message = t('text.user activated successfully')
@@ -150,8 +133,6 @@ authPublicProcessRouter.post('/resend-verification-email', async (context, next)
     context.status = 200
     context.body = message
   }
-  debug('get:/resend-verification-email', email)
 })
 authPublicProcessRouter.post('/resend-invitation-email', async (context, next) => {
@@ -173,8 +154,6 @@ authPublicProcessRouter.post('/resend-invitation-email', async (context, next) =
     context.status = 200
     context.body = message
   }
-  debug('get:/resend-invitation-email', email)
 })
 authPublicProcessRouter.post('/forgot-password', async (context, next) => {
@@ -199,8 +178,6 @@ authPublicProcessRouter.post('/forgot-password', async (context, next) => {
     context.status = 200
     context.body = t('text.password reset email sent')
   }
-  debug('post:/forgot-password', email)
 })
 authPublicProcessRouter.post('/reset-password', async (context, next) => {
@@ -234,8 +211,6 @@ authPublicProcessRouter.post('/reset-password', async (context, next) => {
     await resetPassword(token, password, context)
-    debug('post:/reset-password', token)
     var message = t('text.password reset succeed')
     context.body = message
@@ -270,14 +245,10 @@ authPublicProcessRouter.post('/unlock-user', async (context, next) => {
   const { header, t } = context
   const { password, token } = context.request.body
-  debug('post:/unlock-user', token)
   if (!(token || password)) {
     context.status = 404
     context.body = t('error.token or password is invalid')
-    debug('post:/unlock-user', 'token or password is invalid')
     return
   }
@@ -287,8 +258,6 @@ authPublicProcessRouter.post('/unlock-user', async (context, next) => {
     context.body = t('text.password reset succeed')
     clearAccessTokenCookie(context)
-    debug('post:/unlock-user', 'password reset succeed')
   }
   if (accepts(header.accept, ['text/html', '*/*'])) {

package/server/router/auth-signin-router.ts CHANGED Viewed

@@ -1,10 +1,9 @@
 import Router from 'koa-router'
 import { signinMiddleware } from '../middlewares'
 import { accepts } from '../utils/accepts'
 import { setAccessTokenCookie } from '../utils/access-token-cookie'
-const debug = require('debug')('things-factory:auth-base:auth-signin-router')
 export const authSigninRouter = new Router()
 authSigninRouter.get('/auth/signin', async (context, next) => {
@@ -25,8 +24,6 @@ authSigninRouter.post('/auth/signin', signinMiddleware, async (context, next) =>
   const { token, user, domain } = context.state
   const { body: reqBody, header } = request
-  debug('post:/auth/signin', token?.substr(0, 20), user?.email, domain?.subdomain, redirectTo)
   if (!accepts(header.accept, ['text/html', '*/*'])) {
     context.body = token
     return
@@ -38,6 +35,5 @@ authSigninRouter.post('/auth/signin', signinMiddleware, async (context, next) =>
   setAccessTokenCookie(context, token)
-  debug('post:/auth/signin', redirectTo)
   context.redirect(redirectTo)
 })