@things-factory/auth-base 7.0.0-alpha.9 → 7.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/client/actions/auth.ts +3 -3
- package/dist-client/actions/auth.d.ts +3 -3
- package/dist-client/actions/auth.js.map +1 -1
- package/dist-client/auth.js.map +1 -1
- package/dist-client/directive/privileged.d.ts +4 -4
- package/dist-client/directive/privileged.js.map +1 -1
- package/dist-client/profiled.js.map +1 -1
- package/dist-client/reducers/auth.js.map +1 -1
- package/dist-client/tsconfig.tsbuildinfo +1 -1
- package/dist-server/constants/error-code.d.ts +3 -0
- package/dist-server/constants/error-code.js +4 -1
- package/dist-server/constants/error-code.js.map +1 -1
- package/dist-server/controllers/change-pwd.js +1 -2
- package/dist-server/controllers/change-pwd.js.map +1 -1
- package/dist-server/controllers/checkin.js +1 -2
- package/dist-server/controllers/checkin.js.map +1 -1
- package/dist-server/controllers/delete-user.js +2 -3
- package/dist-server/controllers/delete-user.js.map +1 -1
- package/dist-server/controllers/invitation.js +4 -5
- package/dist-server/controllers/invitation.js.map +1 -1
- package/dist-server/controllers/profile.d.ts +1 -0
- package/dist-server/controllers/profile.js +1 -2
- package/dist-server/controllers/profile.js.map +1 -1
- package/dist-server/controllers/reset-password.js +2 -3
- package/dist-server/controllers/reset-password.js.map +1 -1
- package/dist-server/controllers/signin.js +1 -2
- package/dist-server/controllers/signin.js.map +1 -1
- package/dist-server/controllers/signup.js +1 -2
- package/dist-server/controllers/signup.js.map +1 -1
- package/dist-server/controllers/unlock-user.js +2 -3
- package/dist-server/controllers/unlock-user.js.map +1 -1
- package/dist-server/controllers/utils/make-invitation-token.js +1 -2
- package/dist-server/controllers/utils/make-invitation-token.js.map +1 -1
- package/dist-server/controllers/utils/make-verification-token.js +1 -2
- package/dist-server/controllers/utils/make-verification-token.js.map +1 -1
- package/dist-server/controllers/utils/password-rule.js +10 -10
- package/dist-server/controllers/utils/password-rule.js.map +1 -1
- package/dist-server/controllers/utils/save-invitation-token.js +1 -2
- package/dist-server/controllers/utils/save-invitation-token.js.map +1 -1
- package/dist-server/controllers/utils/save-verification-token.js +1 -2
- package/dist-server/controllers/utils/save-verification-token.js.map +1 -1
- package/dist-server/controllers/verification.js +3 -4
- package/dist-server/controllers/verification.js.map +1 -1
- package/dist-server/index.js.map +1 -1
- package/dist-server/middlewares/authenticate-401-middleware.js +2 -3
- package/dist-server/middlewares/authenticate-401-middleware.js.map +1 -1
- package/dist-server/middlewares/domain-authenticate-middleware.js +5 -3
- package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/graphql-authenticate-middleware.js +1 -2
- package/dist-server/middlewares/graphql-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/index.d.ts +1 -0
- package/dist-server/middlewares/index.js +3 -3
- package/dist-server/middlewares/index.js.map +1 -1
- package/dist-server/middlewares/jwt-authenticate-middleware.js +1 -2
- package/dist-server/middlewares/jwt-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/signin-middleware.js +1 -2
- package/dist-server/middlewares/signin-middleware.js.map +1 -1
- package/dist-server/middlewares/webauthn-middleware.d.ts +1 -0
- package/dist-server/middlewares/webauthn-middleware.js +100 -0
- package/dist-server/middlewares/webauthn-middleware.js.map +1 -0
- package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
- package/dist-server/migrations/1566805283882-SeedPrivilege.js.map +1 -1
- package/dist-server/router/auth-checkin-router.js.map +1 -1
- package/dist-server/router/auth-private-process-router.js +7 -1
- package/dist-server/router/auth-private-process-router.js.map +1 -1
- package/dist-server/router/auth-public-process-router.js.map +1 -1
- package/dist-server/router/auth-signin-router.js.map +1 -1
- package/dist-server/router/auth-signup-router.js.map +1 -1
- package/dist-server/router/index.d.ts +1 -0
- package/dist-server/router/index.js +1 -0
- package/dist-server/router/index.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-authorize-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-server.js.map +1 -1
- package/dist-server/router/oauth2/passport-oauth2-client-password.js +1 -2
- package/dist-server/router/oauth2/passport-oauth2-client-password.js.map +1 -1
- package/dist-server/router/oauth2/passport-refresh-token.js +1 -2
- package/dist-server/router/oauth2/passport-refresh-token.js.map +1 -1
- package/dist-server/router/site-root-router.js.map +1 -1
- package/dist-server/router/webauthn-router.d.ts +2 -0
- package/dist-server/router/webauthn-router.js +69 -0
- package/dist-server/router/webauthn-router.js.map +1 -0
- package/dist-server/routes.js +3 -1
- package/dist-server/routes.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-mutation.js +2 -2
- package/dist-server/service/app-binding/app-binding-mutation.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-query.js +3 -3
- package/dist-server/service/app-binding/app-binding-query.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-types.js +2 -2
- package/dist-server/service/app-binding/app-binding-types.js.map +1 -1
- package/dist-server/service/app-binding/app-binding.js +2 -2
- package/dist-server/service/app-binding/app-binding.js.map +1 -1
- package/dist-server/service/appliance/appliance-mutation.js +2 -2
- package/dist-server/service/appliance/appliance-mutation.js.map +1 -1
- package/dist-server/service/appliance/appliance-query.d.ts +1 -0
- package/dist-server/service/appliance/appliance-query.js +24 -3
- package/dist-server/service/appliance/appliance-query.js.map +1 -1
- package/dist-server/service/appliance/appliance-types.js +6 -6
- package/dist-server/service/appliance/appliance-types.js.map +1 -1
- package/dist-server/service/appliance/appliance.d.ts +1 -1
- package/dist-server/service/appliance/appliance.js +3 -2
- package/dist-server/service/appliance/appliance.js.map +1 -1
- package/dist-server/service/application/application-mutation.js +2 -2
- package/dist-server/service/application/application-mutation.js.map +1 -1
- package/dist-server/service/application/application-query.js +3 -3
- package/dist-server/service/application/application-query.js.map +1 -1
- package/dist-server/service/application/application-types.js +8 -8
- package/dist-server/service/application/application-types.js.map +1 -1
- package/dist-server/service/application/application.js +7 -6
- package/dist-server/service/application/application.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-mutation.js +2 -2
- package/dist-server/service/auth-provider/auth-provider-mutation.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-parameter-spec.d.ts +3 -0
- package/dist-server/service/auth-provider/auth-provider-parameter-spec.js +6 -2
- package/dist-server/service/auth-provider/auth-provider-parameter-spec.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-query.js +3 -3
- package/dist-server/service/auth-provider/auth-provider-query.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-type.js +6 -6
- package/dist-server/service/auth-provider/auth-provider-type.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider.d.ts +0 -5
- package/dist-server/service/auth-provider/auth-provider.js +8 -22
- package/dist-server/service/auth-provider/auth-provider.js.map +1 -1
- package/dist-server/service/domain-generator/domain-generator-mutation.js +2 -2
- package/dist-server/service/domain-generator/domain-generator-mutation.js.map +1 -1
- package/dist-server/service/domain-generator/domain-generator-types.js +6 -6
- package/dist-server/service/domain-generator/domain-generator-types.js.map +1 -1
- package/dist-server/service/granted-role/granted-role-mutation.js +6 -6
- package/dist-server/service/granted-role/granted-role-mutation.js.map +1 -1
- package/dist-server/service/granted-role/granted-role-query.js +2 -2
- package/dist-server/service/granted-role/granted-role-query.js.map +1 -1
- package/dist-server/service/granted-role/granted-role.d.ts +1 -1
- package/dist-server/service/granted-role/granted-role.js +3 -3
- package/dist-server/service/granted-role/granted-role.js.map +1 -1
- package/dist-server/service/index.d.ts +2 -1
- package/dist-server/service/index.js +4 -1
- package/dist-server/service/index.js.map +1 -1
- package/dist-server/service/invitation/invitation-mutation.js +2 -2
- package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
- package/dist-server/service/invitation/invitation-query.js +2 -2
- package/dist-server/service/invitation/invitation-query.js.map +1 -1
- package/dist-server/service/invitation/invitation-types.js +2 -2
- package/dist-server/service/invitation/invitation-types.js.map +1 -1
- package/dist-server/service/invitation/invitation.js +2 -2
- package/dist-server/service/invitation/invitation.js.map +1 -1
- package/dist-server/service/login-history/login-history-query.js +3 -3
- package/dist-server/service/login-history/login-history-query.js.map +1 -1
- package/dist-server/service/login-history/login-history-type.js +2 -2
- package/dist-server/service/login-history/login-history-type.js.map +1 -1
- package/dist-server/service/login-history/login-history.d.ts +1 -1
- package/dist-server/service/login-history/login-history.js +4 -4
- package/dist-server/service/login-history/login-history.js.map +1 -1
- package/dist-server/service/partner/partner-mutation.js +2 -2
- package/dist-server/service/partner/partner-mutation.js.map +1 -1
- package/dist-server/service/partner/partner-query.js +4 -4
- package/dist-server/service/partner/partner-query.js.map +1 -1
- package/dist-server/service/partner/partner-types.js +2 -2
- package/dist-server/service/partner/partner-types.js.map +1 -1
- package/dist-server/service/partner/partner.d.ts +2 -2
- package/dist-server/service/partner/partner.js +6 -6
- package/dist-server/service/partner/partner.js.map +1 -1
- package/dist-server/service/password-history/password-history.js +2 -2
- package/dist-server/service/password-history/password-history.js.map +1 -1
- package/dist-server/service/privilege/privilege-directive.js.map +1 -1
- package/dist-server/service/privilege/privilege-mutation.js +2 -2
- package/dist-server/service/privilege/privilege-mutation.js.map +1 -1
- package/dist-server/service/privilege/privilege-query.js +3 -3
- package/dist-server/service/privilege/privilege-query.js.map +1 -1
- package/dist-server/service/privilege/privilege-types.js +8 -8
- package/dist-server/service/privilege/privilege-types.js.map +1 -1
- package/dist-server/service/privilege/privilege.js +6 -6
- package/dist-server/service/privilege/privilege.js.map +1 -1
- package/dist-server/service/role/role-mutation.js +2 -2
- package/dist-server/service/role/role-mutation.js.map +1 -1
- package/dist-server/service/role/role-query.js +3 -3
- package/dist-server/service/role/role-query.js.map +1 -1
- package/dist-server/service/role/role-types.js +10 -10
- package/dist-server/service/role/role-types.js.map +1 -1
- package/dist-server/service/role/role.d.ts +1 -1
- package/dist-server/service/role/role.js +4 -3
- package/dist-server/service/role/role.js.map +1 -1
- package/dist-server/service/user/domain-query.js +2 -2
- package/dist-server/service/user/domain-query.js.map +1 -1
- package/dist-server/service/user/user-mutation.js +2 -2
- package/dist-server/service/user/user-mutation.js.map +1 -1
- package/dist-server/service/user/user-query.js +3 -32
- package/dist-server/service/user/user-query.js.map +1 -1
- package/dist-server/service/user/user-types.js +6 -6
- package/dist-server/service/user/user-types.js.map +1 -1
- package/dist-server/service/user/user.d.ts +2 -0
- package/dist-server/service/user/user.js +19 -29
- package/dist-server/service/user/user.js.map +1 -1
- package/dist-server/service/users-auth-providers/users-auth-providers.js +3 -3
- package/dist-server/service/users-auth-providers/users-auth-providers.js.map +1 -1
- package/dist-server/service/verification-token/verification-token.js +3 -3
- package/dist-server/service/verification-token/verification-token.js.map +1 -1
- package/dist-server/service/web-auth-credential/index.d.ts +2 -0
- package/dist-server/service/web-auth-credential/index.js +6 -0
- package/dist-server/service/web-auth-credential/index.js.map +1 -0
- package/dist-server/service/web-auth-credential/web-auth-credential.d.ts +15 -0
- package/dist-server/service/web-auth-credential/web-auth-credential.js +72 -0
- package/dist-server/service/web-auth-credential/web-auth-credential.js.map +1 -0
- package/dist-server/templates/account-unlock-email.js +1 -2
- package/dist-server/templates/account-unlock-email.js.map +1 -1
- package/dist-server/templates/invitation-email.js +1 -2
- package/dist-server/templates/invitation-email.js.map +1 -1
- package/dist-server/templates/reset-password-email.js +1 -2
- package/dist-server/templates/reset-password-email.js.map +1 -1
- package/dist-server/templates/verification-email.js +1 -2
- package/dist-server/templates/verification-email.js.map +1 -1
- package/dist-server/tsconfig.tsbuildinfo +1 -1
- package/dist-server/types.d.ts +2 -2
- package/dist-server/types.js.map +1 -1
- package/dist-server/utils/accepts.js +1 -2
- package/dist-server/utils/accepts.js.map +1 -1
- package/dist-server/utils/access-token-cookie.d.ts +1 -0
- package/dist-server/utils/access-token-cookie.js +14 -4
- package/dist-server/utils/access-token-cookie.js.map +1 -1
- package/dist-server/utils/check-permission.js +1 -2
- package/dist-server/utils/check-permission.js.map +1 -1
- package/dist-server/utils/check-user-belongs-domain.js +1 -2
- package/dist-server/utils/check-user-belongs-domain.js.map +1 -1
- package/dist-server/utils/encrypt-state.js +2 -3
- package/dist-server/utils/encrypt-state.js.map +1 -1
- package/dist-server/utils/get-aes-256-key.js.map +1 -1
- package/dist-server/utils/get-domain-from-hostname.js +1 -2
- package/dist-server/utils/get-domain-from-hostname.js.map +1 -1
- package/dist-server/utils/get-domain-users.js +2 -3
- package/dist-server/utils/get-domain-users.js.map +1 -1
- package/dist-server/utils/get-secret.js.map +1 -1
- package/dist-server/utils/get-user-domains.js +4 -5
- package/dist-server/utils/get-user-domains.js.map +1 -1
- package/helps/config/SECRET.ja.md +13 -0
- package/helps/config/SECRET.ko.md +13 -0
- package/helps/config/SECRET.md +3 -3
- package/helps/config/SECRET.ms.md +13 -0
- package/helps/config/SECRET.zh.md +13 -0
- package/helps/config/accessTokenCookieKey.ja.md +11 -0
- package/helps/config/accessTokenCookieKey.ko.md +11 -0
- package/helps/config/accessTokenCookieKey.md +1 -1
- package/helps/config/accessTokenCookieKey.ms.md +11 -0
- package/helps/config/accessTokenCookieKey.zh.md +11 -0
- package/helps/config/applianceJwtExpiresIn.ja.md +26 -0
- package/helps/config/applianceJwtExpiresIn.ko.md +26 -0
- package/helps/config/applianceJwtExpiresIn.md +18 -15
- package/helps/config/applianceJwtExpiresIn.ms.md +30 -0
- package/helps/config/applianceJwtExpiresIn.zh.md +26 -0
- package/helps/config/disableUserSignupProcess.ja.md +22 -0
- package/helps/config/disableUserSignupProcess.ko.md +22 -0
- package/helps/config/disableUserSignupProcess.md +3 -3
- package/helps/config/disableUserSignupProcess.ms.md +22 -0
- package/helps/config/disableUserSignupProcess.zh.md +22 -0
- package/helps/config/i18n.ja.md +44 -0
- package/helps/config/i18n.ko.md +44 -0
- package/helps/config/i18n.md +6 -6
- package/helps/config/i18n.ms.md +44 -0
- package/helps/config/i18n.zh.md +44 -0
- package/helps/config/password.ja.md +53 -0
- package/helps/config/password.ko.md +65 -0
- package/helps/config/password.md +8 -36
- package/helps/config/password.ms.md +65 -0
- package/helps/config/password.zh.md +65 -0
- package/helps/config/publicHomeRoute.ja.md +14 -0
- package/helps/config/publicHomeRoute.ko.md +14 -0
- package/helps/config/publicHomeRoute.md +3 -3
- package/helps/config/publicHomeRoute.ms.md +14 -0
- package/helps/config/publicHomeRoute.zh.md +14 -0
- package/helps/config/session.ja.md +45 -0
- package/helps/config/session.ko.md +49 -0
- package/helps/config/session.md +10 -10
- package/helps/config/session.ms.md +46 -0
- package/helps/config/session.zh.md +49 -0
- package/package.json +12 -9
- package/server/constants/error-code.ts +3 -0
- package/server/middlewares/authenticate-401-middleware.ts +1 -1
- package/server/middlewares/domain-authenticate-middleware.ts +5 -1
- package/server/middlewares/index.ts +2 -1
- package/server/middlewares/webauthn-middleware.ts +127 -0
- package/server/router/auth-private-process-router.ts +8 -1
- package/server/router/index.ts +1 -0
- package/server/router/webauthn-router.ts +87 -0
- package/server/routes.ts +7 -8
- package/server/service/app-binding/app-binding-query.ts +1 -1
- package/server/service/appliance/appliance-query.ts +22 -1
- package/server/service/appliance/appliance.ts +4 -3
- package/server/service/application/application-query.ts +1 -1
- package/server/service/application/application.ts +7 -6
- package/server/service/auth-provider/auth-provider-parameter-spec.ts +3 -0
- package/server/service/auth-provider/auth-provider-query.ts +4 -1
- package/server/service/auth-provider/auth-provider-type.ts +3 -7
- package/server/service/auth-provider/auth-provider.ts +3 -19
- package/server/service/granted-role/granted-role.ts +2 -2
- package/server/service/index.ts +5 -5
- package/server/service/login-history/login-history-query.ts +4 -1
- package/server/service/login-history/login-history.ts +3 -3
- package/server/service/partner/partner-query.ts +5 -2
- package/server/service/partner/partner.ts +6 -6
- package/server/service/privilege/privilege-query.ts +14 -3
- package/server/service/role/role-query.ts +1 -1
- package/server/service/role/role.ts +3 -2
- package/server/service/user/user-query.ts +1 -33
- package/server/service/user/user.ts +12 -22
- package/server/service/users-auth-providers/users-auth-providers.ts +1 -1
- package/server/service/web-auth-credential/index.ts +3 -0
- package/server/service/web-auth-credential/web-auth-credential.ts +67 -0
- package/server/types.ts +2 -2
- package/server/utils/access-token-cookie.ts +12 -0
- package/translations/en.json +33 -28
- package/translations/ja.json +34 -29
- package/translations/ko.json +35 -29
- package/translations/ms.json +5 -0
- package/translations/zh.json +6 -0
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
# password
|
|
2
|
+
|
|
3
|
+
可以灵活定义密码设置规则,并基于这些规则验证密码的有效性。
|
|
4
|
+
|
|
5
|
+
密码规则可以调整大小写字母、数字、特殊字符和长度等各种元素,以便根据安全策略自定义密码规则。
|
|
6
|
+
|
|
7
|
+
- `lowerCase` (默认值: `true`):
|
|
8
|
+
|
|
9
|
+
- 布尔值,指示是否包含小写字母。如果设置,密码必须至少包含一个小写字母。
|
|
10
|
+
|
|
11
|
+
- `upperCase` (默认值: `true`):
|
|
12
|
+
|
|
13
|
+
- 布尔值,指示是否包含大写字母。如果设置,密码必须至少包含一个大写字母。
|
|
14
|
+
|
|
15
|
+
- `digit` (默认值: `true`):
|
|
16
|
+
|
|
17
|
+
- 布尔值,指示是否包含数字。如果设置,密码必须至少包含一个数字。
|
|
18
|
+
|
|
19
|
+
- `specialCharacter` (默认值: `true`):
|
|
20
|
+
|
|
21
|
+
- 布尔值,指示是否包含特殊字符。如果设置,密码必须至少包含一个特殊字符(!@#$%^&\*())。
|
|
22
|
+
|
|
23
|
+
- `allowRepeat` (默认值: `false`):
|
|
24
|
+
|
|
25
|
+
- 布尔值,指示是否允许字符重复。如果设置,密码中字符不得连续重复两次以上。
|
|
26
|
+
|
|
27
|
+
- `useTightPattern` (默认值: `true`):
|
|
28
|
+
|
|
29
|
+
- 布尔值,指示是否使用严格的密码模式。如果设置,密码必须严格遵循长度和各个元素(小写字母、大写字母、数字、特殊字符)的要求。
|
|
30
|
+
|
|
31
|
+
- `useLoosePattern` (默认值: `false`):
|
|
32
|
+
|
|
33
|
+
- 布尔值,指示是否使用宽松的密码模式。如果设置,密码只严格检查长度,忽略其他元素的要求。
|
|
34
|
+
|
|
35
|
+
- `tightCharacterLength` (默认值: `8`):
|
|
36
|
+
|
|
37
|
+
- 使用严格密码模式时,密码的最小长度。
|
|
38
|
+
|
|
39
|
+
- `looseCharacterLength` (默认值: `15`):
|
|
40
|
+
|
|
41
|
+
- 使用宽松密码模式时,密码的最小长度。
|
|
42
|
+
|
|
43
|
+
- `defaultPassword` (默认值: false):
|
|
44
|
+
- 管理员注册用户时,设置给新用户的默认密码。
|
|
45
|
+
- 如果此值为false,则管理员无法使用用户注册功能。
|
|
46
|
+
|
|
47
|
+
## default
|
|
48
|
+
|
|
49
|
+
```
|
|
50
|
+
module.exports = {
|
|
51
|
+
password: {
|
|
52
|
+
lowerCase: true,
|
|
53
|
+
upperCase: false,
|
|
54
|
+
digit: true,
|
|
55
|
+
specialCharacter: true,
|
|
56
|
+
allowRepeat: true,
|
|
57
|
+
useTightPattern: true,
|
|
58
|
+
useLoosePattern: false,
|
|
59
|
+
tightCharacterLength: 8,
|
|
60
|
+
looseCharacterLength: 15,
|
|
61
|
+
history: 2,
|
|
62
|
+
defaultPassword: false
|
|
63
|
+
},
|
|
64
|
+
}
|
|
65
|
+
```
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
# publicHomeRoute
|
|
2
|
+
|
|
3
|
+
ログインしていないユーザーがアプリケーションURLに初めてアクセスしたときに表示されるページのパスを指定します。
|
|
4
|
+
|
|
5
|
+
通常は '/public/home' パスにルーティングされ、イントロ画面が表示されます。
|
|
6
|
+
ログインページに直接移動したい場合は、この設定を '/auth/signin' に設定します。
|
|
7
|
+
|
|
8
|
+
## default
|
|
9
|
+
|
|
10
|
+
```
|
|
11
|
+
module.exports = {
|
|
12
|
+
publicHomeRoute: '/public/home',
|
|
13
|
+
}
|
|
14
|
+
```
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
# publicHomeRoute
|
|
2
|
+
|
|
3
|
+
로그인되지 않은 사용자가 어플리케이션 URL에 처음 접근했을 때, 보여지게 될 페이지의 path를 지정한다.
|
|
4
|
+
|
|
5
|
+
보통 '/public/home' 패스로 라우팅되어 인트로 화면을 볼 수 있다.
|
|
6
|
+
만약, 로그인 페이지로 바로 이동하고 싶다면, 이 설정을 '/auth/signin' 으로 설정하면 된다.
|
|
7
|
+
|
|
8
|
+
## default
|
|
9
|
+
|
|
10
|
+
```
|
|
11
|
+
module.exports = {
|
|
12
|
+
publicHomeRoute: '/public/home',
|
|
13
|
+
}
|
|
14
|
+
```
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
# publicHomeRoute
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
specifies the path of the page to be displayed when a user who is not logged in first accesses the application URL.
|
|
4
4
|
|
|
5
|
-
|
|
6
|
-
|
|
5
|
+
usually routed to the '/public/home' path to display the intro screen.
|
|
6
|
+
if you want to go directly to the login page, set this to '/auth/signin'.
|
|
7
7
|
|
|
8
8
|
## default
|
|
9
9
|
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
# publicHomeRoute
|
|
2
|
+
|
|
3
|
+
menentukan laluan halaman yang akan dipaparkan apabila pengguna yang belum log masuk mengakses URL aplikasi buat kali pertama.
|
|
4
|
+
|
|
5
|
+
biasanya akan dilalukan ke laluan '/public/home' untuk memaparkan skrin pengenalan.
|
|
6
|
+
jika ingin terus ke halaman log masuk, tetapkan ini ke '/auth/signin'.
|
|
7
|
+
|
|
8
|
+
## default
|
|
9
|
+
|
|
10
|
+
```
|
|
11
|
+
module.exports = {
|
|
12
|
+
publicHomeRoute: '/public/home',
|
|
13
|
+
}
|
|
14
|
+
```
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
# session
|
|
2
|
+
|
|
3
|
+
セッション有効期間に関する設定を行うことができます。
|
|
4
|
+
|
|
5
|
+
- expirySeconds: セッション有効時間(秒単位)
|
|
6
|
+
|
|
7
|
+
- この値は、ユーザーセッションが非アクティブの後に何秒で期限切れになるかを定義します。
|
|
8
|
+
- これを1800に設定すると、30分の非アクティブ後にセッションが期限切れになります。
|
|
9
|
+
|
|
10
|
+
- expiryPolicy: セッション有効期限ポリシー
|
|
11
|
+
|
|
12
|
+
- この設定は、セッションのタイムアウトをどのように管理するかを決定します。
|
|
13
|
+
- オプション:
|
|
14
|
+
|
|
15
|
+
- 'rolling' - セッションのタイムアウトはユーザーのアクティビティに基づいて延長されます。
|
|
16
|
+
各新しいリクエストは、タイマーを指定されたタイムアウト期間にリセットします。
|
|
17
|
+
- 'fixed' - セッションのタイムアウトは固定されて
|
|
18
|
+
|
|
19
|
+
## default
|
|
20
|
+
|
|
21
|
+
```
|
|
22
|
+
module.exports = {
|
|
23
|
+
session: {
|
|
24
|
+
/*
|
|
25
|
+
Session Expiry Time in Seconds
|
|
26
|
+
This value defines the duration in seconds after which a user session will expire due to inactivity.
|
|
27
|
+
Setting this to 1800 means the session will expire after 30 minutes of inactivity.
|
|
28
|
+
*/
|
|
29
|
+
expirySeconds: 60 * 60 * 24 * 7,
|
|
30
|
+
/*
|
|
31
|
+
Session Expiry Policy
|
|
32
|
+
This setting determines how the session timeout is managed.
|
|
33
|
+
Options:
|
|
34
|
+
'rolling' - The session timeout is extended based on user activity.
|
|
35
|
+
Each new request resets the timer to the specified timeout duration.
|
|
36
|
+
'fixed' - The session timeout is fixed and based on the initial login time.
|
|
37
|
+
The session will expire after the specified duration, regardless of user activity.
|
|
38
|
+
|
|
39
|
+
Example:
|
|
40
|
+
expiryPolicy: 'rolling' or 'fixed'
|
|
41
|
+
*/
|
|
42
|
+
expiryPolicy: 'fixed'
|
|
43
|
+
},
|
|
44
|
+
}
|
|
45
|
+
```
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
# session
|
|
2
|
+
|
|
3
|
+
세션 유효기간과 관련한 설정을 할 수 있다.
|
|
4
|
+
|
|
5
|
+
- expirySeconds: Session Expiry Time in Seconds
|
|
6
|
+
|
|
7
|
+
- This value defines the duration in seconds after which a user session will expire due to inactivity.
|
|
8
|
+
- Setting this to 1800 means the session will expire after 30 minutes of inactivity.
|
|
9
|
+
|
|
10
|
+
- expiryPolicy: Session Expiry Policy
|
|
11
|
+
|
|
12
|
+
- This setting determines how the session timeout is managed.
|
|
13
|
+
- Options:
|
|
14
|
+
|
|
15
|
+
- 'rolling' - The session timeout is extended based on user activity.
|
|
16
|
+
Each new request resets the timer to the specified timeout duration.
|
|
17
|
+
- 'fixed' - The session timeout is fixed and based on the initial login time.
|
|
18
|
+
The session will expire after the specified duration, regardless of user activity.
|
|
19
|
+
|
|
20
|
+
Example:
|
|
21
|
+
expiryPolicy: 'rolling' or 'fixed'
|
|
22
|
+
|
|
23
|
+
## default
|
|
24
|
+
|
|
25
|
+
```
|
|
26
|
+
module.exports = {
|
|
27
|
+
session: {
|
|
28
|
+
/*
|
|
29
|
+
Session Expiry Time in Seconds
|
|
30
|
+
This value defines the duration in seconds after which a user session will expire due to inactivity.
|
|
31
|
+
Setting this to 1800 means the session will expire after 30 minutes of inactivity.
|
|
32
|
+
*/
|
|
33
|
+
expirySeconds: 60 * 60 * 24 * 7,
|
|
34
|
+
/*
|
|
35
|
+
Session Expiry Policy
|
|
36
|
+
This setting determines how the session timeout is managed.
|
|
37
|
+
Options:
|
|
38
|
+
'rolling' - The session timeout is extended based on user activity.
|
|
39
|
+
Each new request resets the timer to the specified timeout duration.
|
|
40
|
+
'fixed' - The session timeout is fixed and based on the initial login time.
|
|
41
|
+
The session will expire after the specified duration, regardless of user activity.
|
|
42
|
+
|
|
43
|
+
Example:
|
|
44
|
+
expiryPolicy: 'rolling' or 'fixed'
|
|
45
|
+
*/
|
|
46
|
+
expiryPolicy: 'fixed'
|
|
47
|
+
},
|
|
48
|
+
}
|
|
49
|
+
```
|
package/helps/config/session.md
CHANGED
|
@@ -1,23 +1,23 @@
|
|
|
1
1
|
# session
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
you can set the session expiration settings.
|
|
4
4
|
|
|
5
5
|
- expirySeconds: Session Expiry Time in Seconds
|
|
6
6
|
|
|
7
|
-
-
|
|
8
|
-
-
|
|
7
|
+
- this value defines the duration in seconds after which a user session will expire due to inactivity.
|
|
8
|
+
- setting this to 1800 means the session will expire after 30 minutes of inactivity.
|
|
9
9
|
|
|
10
10
|
- expiryPolicy: Session Expiry Policy
|
|
11
11
|
|
|
12
|
-
-
|
|
13
|
-
-
|
|
12
|
+
- this setting determines how the session timeout is managed.
|
|
13
|
+
- options:
|
|
14
14
|
|
|
15
|
-
- 'rolling' -
|
|
16
|
-
|
|
17
|
-
- 'fixed' -
|
|
18
|
-
|
|
15
|
+
- 'rolling' - the session timeout is extended based on user activity.
|
|
16
|
+
each new request resets the timer to the specified timeout duration.
|
|
17
|
+
- 'fixed' - the session timeout is fixed and based on the initial login time.
|
|
18
|
+
the session will expire after the specified duration, regardless of user activity.
|
|
19
19
|
|
|
20
|
-
|
|
20
|
+
example:
|
|
21
21
|
expiryPolicy: 'rolling' or 'fixed'
|
|
22
22
|
|
|
23
23
|
## default
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
# session
|
|
2
|
+
|
|
3
|
+
boleh menetapkan tetapan berkaitan tempoh sah sesi.
|
|
4
|
+
|
|
5
|
+
- expirySeconds: Masa Tamat Sesi dalam Detik
|
|
6
|
+
|
|
7
|
+
- nilai ini menentukan tempoh dalam detik selepas mana sesi pengguna akan tamat akibat ketidakaktifan.
|
|
8
|
+
- menetapkan ini kepada 1800 bermaksud sesi akan tamat selepas 30 minit ketidakaktifan.
|
|
9
|
+
|
|
10
|
+
- expiryPolicy: Polisi Tamat Sesi
|
|
11
|
+
|
|
12
|
+
- tetapan ini menentukan bagaimana masa tamat sesi diuruskan.
|
|
13
|
+
- pilihan:
|
|
14
|
+
|
|
15
|
+
- 'rolling' - masa tamat sesi dilanjutkan berdasarkan aktiviti pengguna.
|
|
16
|
+
setiap permintaan baru menetapkan semula pemasa kepada tempoh tamat yang ditentukan.
|
|
17
|
+
- 'fixed' - masa tamat sesi adalah tetap dan berdasarkan masa log masuk awal.
|
|
18
|
+
sesi akan tamat selepas tempoh yang dit
|
|
19
|
+
|
|
20
|
+
## default
|
|
21
|
+
|
|
22
|
+
```
|
|
23
|
+
module.exports = {
|
|
24
|
+
session: {
|
|
25
|
+
/*
|
|
26
|
+
Session Expiry Time in Seconds
|
|
27
|
+
This value defines the duration in seconds after which a user session will expire due to inactivity.
|
|
28
|
+
Setting this to 1800 means the session will expire after 30 minutes of inactivity.
|
|
29
|
+
*/
|
|
30
|
+
expirySeconds: 60 * 60 * 24 * 7,
|
|
31
|
+
/*
|
|
32
|
+
Session Expiry Policy
|
|
33
|
+
This setting determines how the session timeout is managed.
|
|
34
|
+
Options:
|
|
35
|
+
'rolling' - The session timeout is extended based on user activity.
|
|
36
|
+
Each new request resets the timer to the specified timeout duration.
|
|
37
|
+
'fixed' - The session timeout is fixed and based on the initial login time.
|
|
38
|
+
The session will expire after the specified duration, regardless of user activity.
|
|
39
|
+
|
|
40
|
+
Example:
|
|
41
|
+
expiryPolicy: 'rolling' or 'fixed'
|
|
42
|
+
*/
|
|
43
|
+
expiryPolicy: 'fixed'
|
|
44
|
+
},
|
|
45
|
+
}
|
|
46
|
+
```
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
# session
|
|
2
|
+
|
|
3
|
+
可以设置与会话有效期相关的设置。
|
|
4
|
+
|
|
5
|
+
- expirySeconds: Session Expiry Time in Seconds
|
|
6
|
+
|
|
7
|
+
- 此值定义由于不活动,用户会话将在多少秒后过期。
|
|
8
|
+
- 将此值设置为1800意味着会话将在30分钟不活动后过期。
|
|
9
|
+
|
|
10
|
+
- expiryPolicy: Session Expiry Policy
|
|
11
|
+
|
|
12
|
+
- 此设置确定如何管理会话超时。
|
|
13
|
+
- 选项:
|
|
14
|
+
|
|
15
|
+
- 'rolling' - 会话超时基于用户活动延长。
|
|
16
|
+
每个新请求将计时器重置为指定的超时持续时间。
|
|
17
|
+
- 'fixed' - 会话超时是固定的,基于初始登录时间。
|
|
18
|
+
无论用户活动如何,会话将在指定的持续时间后过期。
|
|
19
|
+
|
|
20
|
+
例子:
|
|
21
|
+
expiryPolicy: 'rolling' or 'fixed'
|
|
22
|
+
|
|
23
|
+
## default
|
|
24
|
+
|
|
25
|
+
```
|
|
26
|
+
module.exports = {
|
|
27
|
+
session: {
|
|
28
|
+
/*
|
|
29
|
+
Session Expiry Time in Seconds
|
|
30
|
+
This value defines the duration in seconds after which a user session will expire due to inactivity.
|
|
31
|
+
Setting this to 1800 means the session will expire after 30 minutes of inactivity.
|
|
32
|
+
*/
|
|
33
|
+
expirySeconds: 60 * 60 * 24 * 7,
|
|
34
|
+
/*
|
|
35
|
+
Session Expiry Policy
|
|
36
|
+
This setting determines how the session timeout is managed.
|
|
37
|
+
Options:
|
|
38
|
+
'rolling' - The session timeout is extended based on user activity.
|
|
39
|
+
Each new request resets the timer to the specified timeout duration.
|
|
40
|
+
'fixed' - The session timeout is fixed and based on the initial login time.
|
|
41
|
+
The session will expire after the specified duration, regardless of user activity.
|
|
42
|
+
|
|
43
|
+
Example:
|
|
44
|
+
expiryPolicy: 'rolling' or 'fixed'
|
|
45
|
+
*/
|
|
46
|
+
expiryPolicy: 'fixed'
|
|
47
|
+
},
|
|
48
|
+
}
|
|
49
|
+
```
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@things-factory/auth-base",
|
|
3
|
-
"version": "7.0.0
|
|
3
|
+
"version": "7.0.0",
|
|
4
4
|
"main": "dist-server/index.js",
|
|
5
5
|
"browser": "dist-client/index.js",
|
|
6
6
|
"things-factory": true,
|
|
@@ -30,18 +30,21 @@
|
|
|
30
30
|
"migration:create": "node ../../node_modules/typeorm/cli.js migration:create -d ./server/migrations"
|
|
31
31
|
},
|
|
32
32
|
"dependencies": {
|
|
33
|
-
"@
|
|
34
|
-
"@
|
|
35
|
-
"@things-factory/
|
|
36
|
-
"@things-factory/
|
|
37
|
-
"@things-factory/
|
|
33
|
+
"@simplewebauthn/browser": "^10.0.0",
|
|
34
|
+
"@simplewebauthn/server": "^10.0.0",
|
|
35
|
+
"@things-factory/email-base": "^7.0.0",
|
|
36
|
+
"@things-factory/env": "^7.0.0",
|
|
37
|
+
"@things-factory/shell": "^7.0.0",
|
|
38
|
+
"@things-factory/utils": "^7.0.0",
|
|
39
|
+
"@types/webappsec-credential-management": "^0.6.8",
|
|
38
40
|
"jsonwebtoken": "^9.0.0",
|
|
39
41
|
"koa-passport": "^6.0.0",
|
|
40
42
|
"koa-session": "^6.4.0",
|
|
41
43
|
"oauth2orize-koa": "^1.3.2",
|
|
44
|
+
"passport": "^0.7.0",
|
|
45
|
+
"passport-custom": "^1.1.1",
|
|
42
46
|
"passport-jwt": "^4.0.0",
|
|
43
|
-
"passport-local": "^1.0.0"
|
|
44
|
-
"popsicle-cookie-jar": "^1.0.0"
|
|
47
|
+
"passport-local": "^1.0.0"
|
|
45
48
|
},
|
|
46
|
-
"gitHead": "
|
|
49
|
+
"gitHead": "00f3917ca132679e3571f3f4fd16f4caf84f488e"
|
|
47
50
|
}
|
|
@@ -15,3 +15,6 @@ export const PASSWORD_PATTERN_NOT_MATCHED = 'password should match the rule'
|
|
|
15
15
|
export const USER_DUPLICATED = 'user duplicated'
|
|
16
16
|
export const PASSWORD_USED_PAST = 'password used in the past'
|
|
17
17
|
export const VERIFICATION_ERROR = 'user or verification token not found'
|
|
18
|
+
export const AUTHN_VERIFICATION_FAILED = 'authn verification failed'
|
|
19
|
+
export const USER_CREDENTIAL_NOT_FOUND = 'user credential not found'
|
|
20
|
+
export const AUTH_ERROR = 'auth error'
|
|
@@ -15,7 +15,7 @@ export async function authenticate401Middleware(context, next) {
|
|
|
15
15
|
var message
|
|
16
16
|
|
|
17
17
|
if (err instanceof AuthError) {
|
|
18
|
-
message = context.t(`error.${err.errorCode}`, err.detail || {})
|
|
18
|
+
message = (context.t && context.t(`error.${err.errorCode}`, err.detail || {})) || err.errorCode
|
|
19
19
|
} else {
|
|
20
20
|
if (err?.status !== 401) {
|
|
21
21
|
throw err
|
|
@@ -19,10 +19,14 @@ declare global {
|
|
|
19
19
|
}
|
|
20
20
|
|
|
21
21
|
process.domainOwnerGranted = async (domain: Domain, user: User): Promise<boolean> => {
|
|
22
|
-
return domain && domain.owner === user.id
|
|
22
|
+
return user && domain && domain.owner === user.id
|
|
23
23
|
}
|
|
24
24
|
|
|
25
25
|
process.superUserGranted = async (domain: Domain, user: User): Promise<boolean> => {
|
|
26
|
+
if (!user) {
|
|
27
|
+
return false
|
|
28
|
+
}
|
|
29
|
+
|
|
26
30
|
if (!user.domains.length) {
|
|
27
31
|
user = await getRepository(User).findOne({
|
|
28
32
|
where: { id: user.id },
|
|
@@ -20,7 +20,7 @@ export function initMiddlewares(app: any) {
|
|
|
20
20
|
app.use(
|
|
21
21
|
session(
|
|
22
22
|
{
|
|
23
|
-
key:
|
|
23
|
+
key: 'tfsession',
|
|
24
24
|
maxAge: MAX_AGE,
|
|
25
25
|
overwrite: true,
|
|
26
26
|
httpOnly: true,
|
|
@@ -63,4 +63,5 @@ process.on('bootstrap-module-subscription' as any, (app, subscriptionMiddleware)
|
|
|
63
63
|
export * from './jwt-authenticate-middleware'
|
|
64
64
|
export * from './domain-authenticate-middleware'
|
|
65
65
|
export * from './signin-middleware'
|
|
66
|
+
export * from './webauthn-middleware'
|
|
66
67
|
export * from './authenticate-401-middleware'
|
|
@@ -0,0 +1,127 @@
|
|
|
1
|
+
import passport from 'koa-passport'
|
|
2
|
+
import { Strategy as CustomStrategy } from 'passport-custom'
|
|
3
|
+
|
|
4
|
+
import { getRepository } from '@things-factory/shell'
|
|
5
|
+
|
|
6
|
+
import { User } from '../service/user/user'
|
|
7
|
+
import { AuthError } from '../errors/auth-error'
|
|
8
|
+
|
|
9
|
+
import { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'
|
|
10
|
+
import { verifyRegistrationResponse, verifyAuthenticationResponse } from '@simplewebauthn/server'
|
|
11
|
+
|
|
12
|
+
import { AuthenticatorAssertionResponse } from '@simplewebauthn/types'
|
|
13
|
+
|
|
14
|
+
passport.use(
|
|
15
|
+
'webauthn-register',
|
|
16
|
+
new CustomStrategy(async (context, done) => {
|
|
17
|
+
const { body, session, user, hostname, origin } = context as any
|
|
18
|
+
|
|
19
|
+
const challenge = session.challenge
|
|
20
|
+
|
|
21
|
+
const verification = await verifyRegistrationResponse({
|
|
22
|
+
response: body,
|
|
23
|
+
expectedChallenge: challenge,
|
|
24
|
+
expectedOrigin: origin,
|
|
25
|
+
expectedRPID: hostname,
|
|
26
|
+
expectedType: 'webauthn.create',
|
|
27
|
+
requireUserVerification: false
|
|
28
|
+
})
|
|
29
|
+
|
|
30
|
+
if (verification.verified) {
|
|
31
|
+
const { registrationInfo } = verification
|
|
32
|
+
const publicKey = Buffer.from(registrationInfo.credentialPublicKey).toString('base64')
|
|
33
|
+
|
|
34
|
+
if (user) {
|
|
35
|
+
const webAuthRepository = getRepository(WebAuthCredential)
|
|
36
|
+
await webAuthRepository.save({
|
|
37
|
+
user,
|
|
38
|
+
credentialId: registrationInfo.credentialID,
|
|
39
|
+
publicKey,
|
|
40
|
+
counter: registrationInfo.counter,
|
|
41
|
+
creator: user,
|
|
42
|
+
updater: user
|
|
43
|
+
})
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
return done(null, user)
|
|
47
|
+
} else {
|
|
48
|
+
return done(null, false)
|
|
49
|
+
}
|
|
50
|
+
})
|
|
51
|
+
)
|
|
52
|
+
|
|
53
|
+
passport.use(
|
|
54
|
+
'webauthn-login',
|
|
55
|
+
new CustomStrategy(async (context, done) => {
|
|
56
|
+
try {
|
|
57
|
+
const { body, session, origin, hostname } = context as any
|
|
58
|
+
|
|
59
|
+
const challenge = session.challenge
|
|
60
|
+
|
|
61
|
+
const assertionResponse = body as {
|
|
62
|
+
id: string
|
|
63
|
+
response: AuthenticatorAssertionResponse
|
|
64
|
+
}
|
|
65
|
+
|
|
66
|
+
const credential = await getRepository(WebAuthCredential).findOne({
|
|
67
|
+
where: {
|
|
68
|
+
credentialId: assertionResponse.id
|
|
69
|
+
},
|
|
70
|
+
relations: ['user']
|
|
71
|
+
})
|
|
72
|
+
|
|
73
|
+
if (!credential) {
|
|
74
|
+
return done(null, false)
|
|
75
|
+
}
|
|
76
|
+
|
|
77
|
+
const verification = await verifyAuthenticationResponse({
|
|
78
|
+
response: body,
|
|
79
|
+
expectedChallenge: challenge,
|
|
80
|
+
expectedOrigin: origin,
|
|
81
|
+
expectedRPID: hostname,
|
|
82
|
+
requireUserVerification: false,
|
|
83
|
+
authenticator: {
|
|
84
|
+
credentialID: credential.credentialId,
|
|
85
|
+
credentialPublicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),
|
|
86
|
+
counter: credential.counter
|
|
87
|
+
}
|
|
88
|
+
})
|
|
89
|
+
|
|
90
|
+
if (verification.verified) {
|
|
91
|
+
const { authenticationInfo } = verification
|
|
92
|
+
credential.counter = authenticationInfo.newCounter
|
|
93
|
+
await getRepository(WebAuthCredential).save(credential)
|
|
94
|
+
|
|
95
|
+
const user = credential.user
|
|
96
|
+
return done(null, user)
|
|
97
|
+
} else {
|
|
98
|
+
return done(verification, false)
|
|
99
|
+
}
|
|
100
|
+
} catch(error) {
|
|
101
|
+
return done(error, false)
|
|
102
|
+
}
|
|
103
|
+
})
|
|
104
|
+
)
|
|
105
|
+
|
|
106
|
+
export function createWebAuthnMiddleware(strategy: 'webauthn-register' | 'webauthn-login') {
|
|
107
|
+
return async function webAuthnMiddleware(context, next) {
|
|
108
|
+
return passport.authenticate(
|
|
109
|
+
strategy,
|
|
110
|
+
{ session: true, failureMessage: true, failWithError: true },
|
|
111
|
+
async (err, user) => {
|
|
112
|
+
if (err || !user) {
|
|
113
|
+
throw new AuthError({
|
|
114
|
+
errorCode: AuthError.ERROR_CODES.AUTHN_VERIFICATION_FAILED,
|
|
115
|
+
detail: err
|
|
116
|
+
})
|
|
117
|
+
} else {
|
|
118
|
+
context.state.user = user
|
|
119
|
+
|
|
120
|
+
context.body = { user, verified: true }
|
|
121
|
+
}
|
|
122
|
+
|
|
123
|
+
await next()
|
|
124
|
+
}
|
|
125
|
+
)(context, next)
|
|
126
|
+
}
|
|
127
|
+
}
|
|
@@ -41,7 +41,7 @@ authPrivateProcessRouter
|
|
|
41
41
|
}
|
|
42
42
|
})
|
|
43
43
|
.post('/delete-user', async (context, next) => {
|
|
44
|
-
const { t } = context
|
|
44
|
+
const { t, session } = context
|
|
45
45
|
var { user } = context.state
|
|
46
46
|
var { email: userEmail } = user
|
|
47
47
|
|
|
@@ -67,8 +67,15 @@ authPrivateProcessRouter
|
|
|
67
67
|
clearAccessTokenCookie(context)
|
|
68
68
|
})
|
|
69
69
|
.get('/profile', async (context, next) => {
|
|
70
|
+
const { t } = context
|
|
70
71
|
const { domain, user, unsafeIP, prohibitedPrivileges } = context.state
|
|
71
72
|
|
|
73
|
+
if (!domain) {
|
|
74
|
+
context.status = 401
|
|
75
|
+
context.body = t('error.user validation failed')
|
|
76
|
+
return
|
|
77
|
+
}
|
|
78
|
+
|
|
72
79
|
let domains: Partial<Domain>[] = await getUserDomains(user)
|
|
73
80
|
domains = domains.filter((d: Domain) => d.extType == domainType)
|
|
74
81
|
|
package/server/router/index.ts
CHANGED