@things-factory/auth-base 7.0.1-beta.1 → 7.0.1-beta.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (160) hide show
  1. package/dist-client/auth.js.map +1 -1
  2. package/dist-client/directive/privileged.d.ts +1 -1
  3. package/dist-client/directive/privileged.js.map +1 -1
  4. package/dist-client/profiled.js.map +1 -1
  5. package/dist-client/reducers/auth.js.map +1 -1
  6. package/dist-client/tsconfig.tsbuildinfo +1 -1
  7. package/dist-server/constants/error-code.d.ts +1 -0
  8. package/dist-server/constants/error-code.js +2 -1
  9. package/dist-server/constants/error-code.js.map +1 -1
  10. package/dist-server/controllers/change-pwd.js.map +1 -1
  11. package/dist-server/controllers/checkin.js.map +1 -1
  12. package/dist-server/controllers/delete-user.js.map +1 -1
  13. package/dist-server/controllers/invitation.js.map +1 -1
  14. package/dist-server/controllers/profile.js.map +1 -1
  15. package/dist-server/controllers/reset-password.js.map +1 -1
  16. package/dist-server/controllers/signin.js.map +1 -1
  17. package/dist-server/controllers/signup.js.map +1 -1
  18. package/dist-server/controllers/unlock-user.js.map +1 -1
  19. package/dist-server/controllers/utils/password-rule.js +6 -6
  20. package/dist-server/controllers/utils/password-rule.js.map +1 -1
  21. package/dist-server/controllers/verification.js.map +1 -1
  22. package/dist-server/index.js.map +1 -1
  23. package/dist-server/middlewares/authenticate-401-middleware.js.map +1 -1
  24. package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -1
  25. package/dist-server/middlewares/graphql-authenticate-middleware.js.map +1 -1
  26. package/dist-server/middlewares/jwt-authenticate-middleware.js.map +1 -1
  27. package/dist-server/middlewares/signin-middleware.js.map +1 -1
  28. package/dist-server/middlewares/webauthn-middleware.js +7 -1
  29. package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
  30. package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
  31. package/dist-server/migrations/1566805283882-SeedPrivilege.js.map +1 -1
  32. package/dist-server/router/auth-checkin-router.js.map +1 -1
  33. package/dist-server/router/auth-private-process-router.js.map +1 -1
  34. package/dist-server/router/auth-public-process-router.js.map +1 -1
  35. package/dist-server/router/auth-signin-router.js.map +1 -1
  36. package/dist-server/router/auth-signup-router.js.map +1 -1
  37. package/dist-server/router/oauth2/oauth2-authorize-router.js.map +1 -1
  38. package/dist-server/router/oauth2/oauth2-router.js.map +1 -1
  39. package/dist-server/router/oauth2/oauth2-server.js.map +1 -1
  40. package/dist-server/router/oauth2/passport-oauth2-client-password.js.map +1 -1
  41. package/dist-server/router/oauth2/passport-refresh-token.js.map +1 -1
  42. package/dist-server/router/site-root-router.js.map +1 -1
  43. package/dist-server/routes.js.map +1 -1
  44. package/dist-server/service/app-binding/app-binding-mutation.js +2 -2
  45. package/dist-server/service/app-binding/app-binding-mutation.js.map +1 -1
  46. package/dist-server/service/app-binding/app-binding-query.js +2 -2
  47. package/dist-server/service/app-binding/app-binding-query.js.map +1 -1
  48. package/dist-server/service/app-binding/app-binding-types.js +2 -2
  49. package/dist-server/service/app-binding/app-binding-types.js.map +1 -1
  50. package/dist-server/service/app-binding/app-binding.js +2 -2
  51. package/dist-server/service/app-binding/app-binding.js.map +1 -1
  52. package/dist-server/service/appliance/appliance-mutation.js +2 -2
  53. package/dist-server/service/appliance/appliance-mutation.js.map +1 -1
  54. package/dist-server/service/appliance/appliance-query.js +2 -2
  55. package/dist-server/service/appliance/appliance-query.js.map +1 -1
  56. package/dist-server/service/appliance/appliance-types.js +6 -6
  57. package/dist-server/service/appliance/appliance-types.js.map +1 -1
  58. package/dist-server/service/appliance/appliance.js +2 -2
  59. package/dist-server/service/appliance/appliance.js.map +1 -1
  60. package/dist-server/service/application/application-mutation.js +2 -2
  61. package/dist-server/service/application/application-mutation.js.map +1 -1
  62. package/dist-server/service/application/application-query.js +2 -2
  63. package/dist-server/service/application/application-query.js.map +1 -1
  64. package/dist-server/service/application/application-types.js +8 -8
  65. package/dist-server/service/application/application-types.js.map +1 -1
  66. package/dist-server/service/application/application.js +4 -4
  67. package/dist-server/service/application/application.js.map +1 -1
  68. package/dist-server/service/auth-provider/auth-provider-mutation.js +2 -2
  69. package/dist-server/service/auth-provider/auth-provider-mutation.js.map +1 -1
  70. package/dist-server/service/auth-provider/auth-provider-parameter-spec.js +2 -2
  71. package/dist-server/service/auth-provider/auth-provider-parameter-spec.js.map +1 -1
  72. package/dist-server/service/auth-provider/auth-provider-query.js +2 -2
  73. package/dist-server/service/auth-provider/auth-provider-query.js.map +1 -1
  74. package/dist-server/service/auth-provider/auth-provider-type.js +6 -6
  75. package/dist-server/service/auth-provider/auth-provider-type.js.map +1 -1
  76. package/dist-server/service/auth-provider/auth-provider.js +6 -6
  77. package/dist-server/service/auth-provider/auth-provider.js.map +1 -1
  78. package/dist-server/service/domain-generator/domain-generator-mutation.js +2 -2
  79. package/dist-server/service/domain-generator/domain-generator-mutation.js.map +1 -1
  80. package/dist-server/service/domain-generator/domain-generator-types.js +6 -6
  81. package/dist-server/service/domain-generator/domain-generator-types.js.map +1 -1
  82. package/dist-server/service/granted-role/granted-role-mutation.js +2 -2
  83. package/dist-server/service/granted-role/granted-role-mutation.js.map +1 -1
  84. package/dist-server/service/granted-role/granted-role-query.js +2 -2
  85. package/dist-server/service/granted-role/granted-role-query.js.map +1 -1
  86. package/dist-server/service/granted-role/granted-role.js +2 -2
  87. package/dist-server/service/granted-role/granted-role.js.map +1 -1
  88. package/dist-server/service/invitation/invitation-mutation.js +2 -2
  89. package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
  90. package/dist-server/service/invitation/invitation-query.js +2 -2
  91. package/dist-server/service/invitation/invitation-query.js.map +1 -1
  92. package/dist-server/service/invitation/invitation-types.js +2 -2
  93. package/dist-server/service/invitation/invitation-types.js.map +1 -1
  94. package/dist-server/service/invitation/invitation.js +2 -2
  95. package/dist-server/service/invitation/invitation.js.map +1 -1
  96. package/dist-server/service/login-history/login-history-query.js +2 -2
  97. package/dist-server/service/login-history/login-history-query.js.map +1 -1
  98. package/dist-server/service/login-history/login-history-type.js +2 -2
  99. package/dist-server/service/login-history/login-history-type.js.map +1 -1
  100. package/dist-server/service/login-history/login-history.js +2 -2
  101. package/dist-server/service/login-history/login-history.js.map +1 -1
  102. package/dist-server/service/partner/partner-mutation.js +2 -2
  103. package/dist-server/service/partner/partner-mutation.js.map +1 -1
  104. package/dist-server/service/partner/partner-query.js +2 -2
  105. package/dist-server/service/partner/partner-query.js.map +1 -1
  106. package/dist-server/service/partner/partner-types.js +2 -2
  107. package/dist-server/service/partner/partner-types.js.map +1 -1
  108. package/dist-server/service/partner/partner.js +2 -2
  109. package/dist-server/service/partner/partner.js.map +1 -1
  110. package/dist-server/service/password-history/password-history.js +2 -2
  111. package/dist-server/service/password-history/password-history.js.map +1 -1
  112. package/dist-server/service/privilege/privilege-directive.js.map +1 -1
  113. package/dist-server/service/privilege/privilege-mutation.js +2 -2
  114. package/dist-server/service/privilege/privilege-mutation.js.map +1 -1
  115. package/dist-server/service/privilege/privilege-query.js +2 -2
  116. package/dist-server/service/privilege/privilege-query.js.map +1 -1
  117. package/dist-server/service/privilege/privilege-types.js +8 -8
  118. package/dist-server/service/privilege/privilege-types.js.map +1 -1
  119. package/dist-server/service/privilege/privilege.js +6 -6
  120. package/dist-server/service/privilege/privilege.js.map +1 -1
  121. package/dist-server/service/role/role-mutation.js +2 -2
  122. package/dist-server/service/role/role-mutation.js.map +1 -1
  123. package/dist-server/service/role/role-query.js +2 -2
  124. package/dist-server/service/role/role-query.js.map +1 -1
  125. package/dist-server/service/role/role-types.js +10 -10
  126. package/dist-server/service/role/role-types.js.map +1 -1
  127. package/dist-server/service/role/role.js +2 -2
  128. package/dist-server/service/role/role.js.map +1 -1
  129. package/dist-server/service/user/domain-query.js +2 -2
  130. package/dist-server/service/user/domain-query.js.map +1 -1
  131. package/dist-server/service/user/user-mutation.js +2 -2
  132. package/dist-server/service/user/user-mutation.js.map +1 -1
  133. package/dist-server/service/user/user-query.js +2 -2
  134. package/dist-server/service/user/user-query.js.map +1 -1
  135. package/dist-server/service/user/user-types.js +6 -6
  136. package/dist-server/service/user/user-types.js.map +1 -1
  137. package/dist-server/service/user/user.js +5 -5
  138. package/dist-server/service/user/user.js.map +1 -1
  139. package/dist-server/service/users-auth-providers/users-auth-providers.js +2 -2
  140. package/dist-server/service/users-auth-providers/users-auth-providers.js.map +1 -1
  141. package/dist-server/service/verification-token/verification-token.js +3 -3
  142. package/dist-server/service/verification-token/verification-token.js.map +1 -1
  143. package/dist-server/service/web-auth-credential/web-auth-credential.js +2 -2
  144. package/dist-server/service/web-auth-credential/web-auth-credential.js.map +1 -1
  145. package/dist-server/tsconfig.tsbuildinfo +1 -1
  146. package/dist-server/utils/accepts.js.map +1 -1
  147. package/dist-server/utils/access-token-cookie.js.map +1 -1
  148. package/dist-server/utils/check-permission.js.map +1 -1
  149. package/dist-server/utils/check-user-belongs-domain.js.map +1 -1
  150. package/dist-server/utils/get-aes-256-key.js.map +1 -1
  151. package/dist-server/utils/get-domain-users.js.map +1 -1
  152. package/dist-server/utils/get-secret.js.map +1 -1
  153. package/package.json +6 -6
  154. package/server/constants/error-code.ts +1 -0
  155. package/server/middlewares/webauthn-middleware.ts +6 -1
  156. package/translations/en.json +1 -0
  157. package/translations/ja.json +1 -0
  158. package/translations/ko.json +1 -0
  159. package/translations/ms.json +1 -0
  160. package/translations/zh.json +1 -0
package/dist-server/utils/accepts.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"accepts.js","sourceRoot":"","sources":["../../server/utils/accepts.ts"],"names":[],"mappings":";;;AAAA,SAAgB,OAAO,CAAC,MAAW,EAAE,OAAQ;IAC3C,OAAO,GAAG,OAAO,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,CAAA;IAEzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACvC,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE;YAC7C,OAAO,IAAI,CAAA;SACZ;KACF;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAVD,0BAUC","sourcesContent":["export function accepts(header: any, accepts?) {\n accepts = accepts || ['text/html', '*/*']\n \n for (let i = 0; i < accepts.length; i++) {\n if ((header || '').indexOf(accepts[i]) !== -1) {\n return true\n }\n }\n\n return false\n}\n"]}
1
+ {"version":3,"file":"accepts.js","sourceRoot":"","sources":["../../server/utils/accepts.ts"],"names":[],"mappings":";;;AAAA,SAAgB,OAAO,CAAC,MAAW,EAAE,OAAQ;IAC3C,OAAO,GAAG,OAAO,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,CAAA;IAEzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;YAC9C,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAVD,0BAUC","sourcesContent":["export function accepts(header: any, accepts?) {\n accepts = accepts || ['text/html', '*/*']\n \n for (let i = 0; i < accepts.length; i++) {\n if ((header || '').indexOf(accepts[i]) !== -1) {\n return true\n }\n }\n\n return false\n}\n"]}
package/dist-server/utils/access-token-cookie.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"access-token-cookie.js","sourceRoot":"","sources":["../../server/utils/access-token-cookie.ts"],"names":[],"mappings":";;;AAAA,iDAAmE;AACnE,6CAA4C;AAC5C,kDAA8C;AAE9C,MAAM,oBAAoB,GAAG,YAAM,CAAC,GAAG,CAAC,sBAAsB,EAAE,cAAc,CAAC,CAAA;AAE/E,SAAgB,oBAAoB,CAAC,OAAO;;IAC1C,OAAO,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,0CAAE,GAAG,CAAC,oBAAoB,CAAC,CAAA;AACpD,CAAC;AAFD,oDAEC;AAED,SAAgB,oBAAoB,CAAC,OAAO,EAAE,KAAK;IACjD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAE1B,IAAI,MAAM,GAAG;QACX,MAAM;QACN,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,iBAAO;KAChB,CAAA;IAED,MAAM,YAAY,GAAG,IAAA,mCAA2B,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAClE,IAAI,YAAY,EAAE;QAChB,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAA;KAChC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,EAAE,MAAM,CAAC,CAAA;AAC1D,CAAC;AAfD,oDAeC;AAED,SAAgB,qBAAqB,CAAC,OAAO;IAC3C,0FAA0F;IAC1F,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAE9B,OAAO,CAAC,OAAO,GAAG;QAChB,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,QAAQ,EAAE,IAAI,CAAC,IAAI;QACnB,MAAM,EAAE,IAAI,CAAC,KAAK;KACnB,CAAA;AACH,CAAC;AATD,sDASC;AAED,SAAgB,sBAAsB,CAAC,OAAO;IAC5C,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAE1B,IAAI,MAAM,GAAG;QACX,MAAM;QACN,QAAQ,EAAE,IAAI;KACf,CAAA;IAED,MAAM,YAAY,GAAG,IAAA,mCAA2B,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAClE,IAAI,YAAY,EAAE;QAChB,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAA;KAChC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;IACrD;;;OAGG;IACH,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;IAC1C,OAAO,CAAC,OAAO,GAAG,IAAI,CAAA;AACxB,CAAC;AApBD,wDAoBC","sourcesContent":["import { getCookieDomainFromHostname } from '@things-factory/shell'\nimport { config } from '@things-factory/env'\nimport { MAX_AGE } from '../constants/max-age'\n\nconst accessTokenCookieKey = config.get('accessTokenCookieKey', 'access_token')\n\nexport function getAccessTokenCookie(context) {\n return context?.cookies?.get(accessTokenCookieKey)\n}\n\nexport function setAccessTokenCookie(context, token) {\n const { secure } = context\n\n var cookie = {\n secure,\n httpOnly: true,\n maxAge: MAX_AGE\n }\n\n const cookieDomain = getCookieDomainFromHostname(context.hostname)\n if (cookieDomain) {\n cookie['domain'] = cookieDomain\n }\n\n context.cookies.set(accessTokenCookieKey, token, cookie)\n}\n\nexport function setSessionAccessToken(context) {\n /* koa-session 을 사용하는 경우에는, cookie 직접 설정이 작동되지 않는다. 그런 경우에는 session에 설정해서 cookie를 변경한다. */\n const { user } = context.state\n\n context.session = {\n id: user.id,\n userType: user.type,\n status: user.state\n }\n}\n\nexport function clearAccessTokenCookie(context) {\n const { secure } = context\n\n var cookie = {\n secure,\n httpOnly: true\n }\n\n const cookieDomain = getCookieDomainFromHostname(context.hostname)\n if (cookieDomain) {\n cookie['domain'] = cookieDomain\n }\n\n context.cookies.set(accessTokenCookieKey, '', cookie)\n /*\n * TODO clear i18next cookie as well - need to support domain\n * https://github.com/hatiolab/things-factory/issues/70\n */\n context.cookies.set('i18next', '', cookie)\n context.session = null\n}\n"]}
1
+ {"version":3,"file":"access-token-cookie.js","sourceRoot":"","sources":["../../server/utils/access-token-cookie.ts"],"names":[],"mappings":";;;AAAA,iDAAmE;AACnE,6CAA4C;AAC5C,kDAA8C;AAE9C,MAAM,oBAAoB,GAAG,YAAM,CAAC,GAAG,CAAC,sBAAsB,EAAE,cAAc,CAAC,CAAA;AAE/E,SAAgB,oBAAoB,CAAC,OAAO;;IAC1C,OAAO,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,0CAAE,GAAG,CAAC,oBAAoB,CAAC,CAAA;AACpD,CAAC;AAFD,oDAEC;AAED,SAAgB,oBAAoB,CAAC,OAAO,EAAE,KAAK;IACjD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAE1B,IAAI,MAAM,GAAG;QACX,MAAM;QACN,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,iBAAO;KAChB,CAAA;IAED,MAAM,YAAY,GAAG,IAAA,mCAA2B,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAClE,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAA;IACjC,CAAC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,EAAE,MAAM,CAAC,CAAA;AAC1D,CAAC;AAfD,oDAeC;AAED,SAAgB,qBAAqB,CAAC,OAAO;IAC3C,0FAA0F;IAC1F,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAE9B,OAAO,CAAC,OAAO,GAAG;QAChB,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,QAAQ,EAAE,IAAI,CAAC,IAAI;QACnB,MAAM,EAAE,IAAI,CAAC,KAAK;KACnB,CAAA;AACH,CAAC;AATD,sDASC;AAED,SAAgB,sBAAsB,CAAC,OAAO;IAC5C,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAE1B,IAAI,MAAM,GAAG;QACX,MAAM;QACN,QAAQ,EAAE,IAAI;KACf,CAAA;IAED,MAAM,YAAY,GAAG,IAAA,mCAA2B,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAClE,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAA;IACjC,CAAC;IAED,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;IACrD;;;OAGG;IACH,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,EAAE,MAAM,CAAC,CAAA;IAC1C,OAAO,CAAC,OAAO,GAAG,IAAI,CAAA;AACxB,CAAC;AApBD,wDAoBC","sourcesContent":["import { getCookieDomainFromHostname } from '@things-factory/shell'\nimport { config } from '@things-factory/env'\nimport { MAX_AGE } from '../constants/max-age'\n\nconst accessTokenCookieKey = config.get('accessTokenCookieKey', 'access_token')\n\nexport function getAccessTokenCookie(context) {\n return context?.cookies?.get(accessTokenCookieKey)\n}\n\nexport function setAccessTokenCookie(context, token) {\n const { secure } = context\n\n var cookie = {\n secure,\n httpOnly: true,\n maxAge: MAX_AGE\n }\n\n const cookieDomain = getCookieDomainFromHostname(context.hostname)\n if (cookieDomain) {\n cookie['domain'] = cookieDomain\n }\n\n context.cookies.set(accessTokenCookieKey, token, cookie)\n}\n\nexport function setSessionAccessToken(context) {\n /* koa-session 을 사용하는 경우에는, cookie 직접 설정이 작동되지 않는다. 그런 경우에는 session에 설정해서 cookie를 변경한다. */\n const { user } = context.state\n\n context.session = {\n id: user.id,\n userType: user.type,\n status: user.state\n }\n}\n\nexport function clearAccessTokenCookie(context) {\n const { secure } = context\n\n var cookie = {\n secure,\n httpOnly: true\n }\n\n const cookieDomain = getCookieDomainFromHostname(context.hostname)\n if (cookieDomain) {\n cookie['domain'] = cookieDomain\n }\n\n context.cookies.set(accessTokenCookieKey, '', cookie)\n /*\n * TODO clear i18next cookie as well - need to support domain\n * https://github.com/hatiolab/things-factory/issues/70\n */\n context.cookies.set('i18next', '', cookie)\n context.session = null\n}\n"]}
package/dist-server/utils/check-permission.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"check-permission.js","sourceRoot":"","sources":["../../server/utils/check-permission.ts"],"names":[],"mappings":";;;AAEA,+CAA2C;AAEpC,KAAK,UAAU,eAAe,CACnC,eAAgC,EAChC,IAAU,EACV,MAAc,EACd,QAAkB,EAClB,oBAAgE;IAEhE,IAAI,CAAC,eAAe,EAAE;QACpB,OAAO,IAAI,CAAA;KACZ;IAED,MAAM,EAAE,KAAK,EAAE,kBAAkB,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,eAAe,CAAA;IAEnG,IAAI,QAAQ,EAAE;QACZ,IAAI,SAAS,IAAI,QAAQ,EAAE;YACzB,8CAA8C;YAC9C,IAAI,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,IAAI,QAAQ,IAAI,EAAE,CAAC,SAAS,IAAI,SAAS,CAAC,EAAE;gBACjG,OAAO,KAAK,CAAA;aACb;YAED,OAAO,MAAM,WAAI,CAAC,YAAY,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,CAAA;SAClE;QAED,wEAAwE;QACxE,OAAO,CAAC,kBAAkB,IAAI,CAAC,gBAAgB,CAAA;KAChD;SAAM;QACL,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,EAAE;YAC3B,8DAA8D;YAC9D,OAAO,CACL,CAAC,kBAAkB,IAAI,CAAC,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;gBACxE,CAAC,gBAAgB,IAAI,CAAC,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC,CACrE,CAAA;SACF;QAED,IACE,CAAC,kBAAkB,IAAI,CAAC,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;YACxE,CAAC,gBAAgB,IAAI,CAAC,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC,EACpE;YACA,OAAO,IAAI,CAAA;SACZ;QAED,IAAI,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,IAAI,QAAQ,IAAI,EAAE,CAAC,SAAS,IAAI,SAAS,CAAC,EAAE;YACjG,OAAO,KAAK,CAAA;SACb;QAED,OAAO,MAAM,WAAI,CAAC,YAAY,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,CAAA;KAClE;AACH,CAAC;AA/CD,0CA+CC","sourcesContent":["import { Domain } from '@things-factory/shell'\nimport { PrivilegeObject } from '../service/privilege/privilege'\nimport { User } from '../service/user/user'\n\nexport async function checkPermission(\n privilegeObject: PrivilegeObject,\n user: User,\n domain: Domain,\n unsafeIP?: boolean,\n prohibitedPrivileges?: { category: string; privilege: string }[]\n): Promise<boolean> {\n if (!privilegeObject) {\n return true\n }\n\n const { owner: domainOwnerGranted, super: superUserGranted, category, privilege } = privilegeObject\n\n if (unsafeIP) {\n if (privilege && category) {\n // unsafeIP 상황에서는 ownership granted는 적용되지 않는다.\n if ((prohibitedPrivileges || []).find(pp => pp.category == category && pp.privilege == privilege)) {\n return false\n }\n\n return await User.hasPrivilege(privilege, category, domain, user)\n }\n\n // privilege, category가 설정되지 않은 경우에는 ownership granted가 설정되었다면 허가하지 않는다.\n return !domainOwnerGranted && !superUserGranted\n } else {\n if (!privilege || !category) {\n // privilege, category가 설정되지 않은 경우에는 ownership granted만을 적용한다.\n return (\n (domainOwnerGranted && (await process.domainOwnerGranted(domain, user))) ||\n (superUserGranted && (await process.superUserGranted(domain, user)))\n )\n }\n\n if (\n (domainOwnerGranted && (await process.domainOwnerGranted(domain, user))) ||\n (superUserGranted && (await process.superUserGranted(domain, user)))\n ) {\n return true\n }\n\n if ((prohibitedPrivileges || []).find(pp => pp.category == category && pp.privilege == privilege)) {\n return false\n }\n\n return await User.hasPrivilege(privilege, category, domain, user)\n }\n}\n"]}
1
+ {"version":3,"file":"check-permission.js","sourceRoot":"","sources":["../../server/utils/check-permission.ts"],"names":[],"mappings":";;;AAEA,+CAA2C;AAEpC,KAAK,UAAU,eAAe,CACnC,eAAgC,EAChC,IAAU,EACV,MAAc,EACd,QAAkB,EAClB,oBAAgE;IAEhE,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,EAAE,KAAK,EAAE,kBAAkB,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,eAAe,CAAA;IAEnG,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,SAAS,IAAI,QAAQ,EAAE,CAAC;YAC1B,8CAA8C;YAC9C,IAAI,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,IAAI,QAAQ,IAAI,EAAE,CAAC,SAAS,IAAI,SAAS,CAAC,EAAE,CAAC;gBAClG,OAAO,KAAK,CAAA;YACd,CAAC;YAED,OAAO,MAAM,WAAI,CAAC,YAAY,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,CAAA;QACnE,CAAC;QAED,wEAAwE;QACxE,OAAO,CAAC,kBAAkB,IAAI,CAAC,gBAAgB,CAAA;IACjD,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,8DAA8D;YAC9D,OAAO,CACL,CAAC,kBAAkB,IAAI,CAAC,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;gBACxE,CAAC,gBAAgB,IAAI,CAAC,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC,CACrE,CAAA;QACH,CAAC;QAED,IACE,CAAC,kBAAkB,IAAI,CAAC,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC;YACxE,CAAC,gBAAgB,IAAI,CAAC,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC,EACpE,CAAC;YACD,OAAO,IAAI,CAAA;QACb,CAAC;QAED,IAAI,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,IAAI,QAAQ,IAAI,EAAE,CAAC,SAAS,IAAI,SAAS,CAAC,EAAE,CAAC;YAClG,OAAO,KAAK,CAAA;QACd,CAAC;QAED,OAAO,MAAM,WAAI,CAAC,YAAY,CAAC,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,CAAA;IACnE,CAAC;AACH,CAAC;AA/CD,0CA+CC","sourcesContent":["import { Domain } from '@things-factory/shell'\nimport { PrivilegeObject } from '../service/privilege/privilege'\nimport { User } from '../service/user/user'\n\nexport async function checkPermission(\n privilegeObject: PrivilegeObject,\n user: User,\n domain: Domain,\n unsafeIP?: boolean,\n prohibitedPrivileges?: { category: string; privilege: string }[]\n): Promise<boolean> {\n if (!privilegeObject) {\n return true\n }\n\n const { owner: domainOwnerGranted, super: superUserGranted, category, privilege } = privilegeObject\n\n if (unsafeIP) {\n if (privilege && category) {\n // unsafeIP 상황에서는 ownership granted는 적용되지 않는다.\n if ((prohibitedPrivileges || []).find(pp => pp.category == category && pp.privilege == privilege)) {\n return false\n }\n\n return await User.hasPrivilege(privilege, category, domain, user)\n }\n\n // privilege, category가 설정되지 않은 경우에는 ownership granted가 설정되었다면 허가하지 않는다.\n return !domainOwnerGranted && !superUserGranted\n } else {\n if (!privilege || !category) {\n // privilege, category가 설정되지 않은 경우에는 ownership granted만을 적용한다.\n return (\n (domainOwnerGranted && (await process.domainOwnerGranted(domain, user))) ||\n (superUserGranted && (await process.superUserGranted(domain, user)))\n )\n }\n\n if (\n (domainOwnerGranted && (await process.domainOwnerGranted(domain, user))) ||\n (superUserGranted && (await process.superUserGranted(domain, user)))\n ) {\n return true\n }\n\n if ((prohibitedPrivileges || []).find(pp => pp.category == category && pp.privilege == privilege)) {\n return false\n }\n\n return await User.hasPrivilege(privilege, category, domain, user)\n }\n}\n"]}
package/dist-server/utils/check-user-belongs-domain.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"check-user-belongs-domain.js","sourceRoot":"","sources":["../../server/utils/check-user-belongs-domain.ts"],"names":[],"mappings":";;;AAAA,iDAA6D;AAE7D,+CAA2C;AAE3C;;;;;;GAMG;AACI,KAAK,UAAU,sBAAsB,CAAC,MAAc,EAAE,IAAU;;IACrE,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,CAAA,EAAE;QACzB,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;KAC7F;IAED,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAS,IAAI,CAAA;IAC3C,OAAO,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,UAAkB,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,KAAK,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;AACvF,CAAC;AAPD,wDAOC","sourcesContent":["import { Domain, getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user'\n\n/**\n * @description Based on domain and user information,\n * Find out whether the user belongs domain or user has partnership with domain\n *\n * @param domain\n * @param user\n */\nexport async function checkUserBelongsDomain(domain: Domain, user: User): Promise<Boolean> {\n if (!user.domains?.length) {\n user = await getRepository(User).findOne({ where: { id: user.id }, relations: ['domains'] })\n }\n\n const { domains: userDomains }: User = user\n return Boolean(userDomains.find((userDomain: Domain) => userDomain.id === domain.id))\n}\n"]}
1
+ {"version":3,"file":"check-user-belongs-domain.js","sourceRoot":"","sources":["../../server/utils/check-user-belongs-domain.ts"],"names":[],"mappings":";;;AAAA,iDAA6D;AAE7D,+CAA2C;AAE3C;;;;;;GAMG;AACI,KAAK,UAAU,sBAAsB,CAAC,MAAc,EAAE,IAAU;;IACrE,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,MAAM,CAAA,EAAE,CAAC;QAC1B,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;IAC9F,CAAC;IAED,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAS,IAAI,CAAA;IAC3C,OAAO,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,UAAkB,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,KAAK,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;AACvF,CAAC;AAPD,wDAOC","sourcesContent":["import { Domain, getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user'\n\n/**\n * @description Based on domain and user information,\n * Find out whether the user belongs domain or user has partnership with domain\n *\n * @param domain\n * @param user\n */\nexport async function checkUserBelongsDomain(domain: Domain, user: User): Promise<Boolean> {\n if (!user.domains?.length) {\n user = await getRepository(User).findOne({ where: { id: user.id }, relations: ['domains'] })\n }\n\n const { domains: userDomains }: User = user\n return Boolean(userDomains.find((userDomain: Domain) => userDomain.id === domain.id))\n}\n"]}
package/dist-server/utils/get-aes-256-key.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"get-aes-256-key.js","sourceRoot":"","sources":["../../server/utils/get-aes-256-key.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAE5C,IAAI,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;AAE5C,IAAI,CAAC,YAAY,EAAE;IACjB,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,YAAY,EAAE;QACxC,MAAM,IAAI,SAAS,CAAC,6BAA6B,CAAC,CAAA;KACnD;SAAM;QACL,YAAY,GAAG,kCAAkC,CAAA;KAClD;CACF;AAEY,QAAA,WAAW,GAAG,YAAY,CAAA","sourcesContent":["import { config } from '@things-factory/env'\n\nvar _AES_256_KEY = config.get('AES_256_KEY')\n\nif (!_AES_256_KEY) {\n if (process.env.NODE_ENV == 'production') {\n throw new TypeError('AES_256_KEY not configured.')\n } else {\n _AES_256_KEY = 'V6g5oHJZb7KcYzIyL6cM95XvIDouon5b'\n }\n}\n\nexport const AES_256_KEY = _AES_256_KEY\n"]}
1
+ {"version":3,"file":"get-aes-256-key.js","sourceRoot":"","sources":["../../server/utils/get-aes-256-key.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAE5C,IAAI,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;AAE5C,IAAI,CAAC,YAAY,EAAE,CAAC;IAClB,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,YAAY,EAAE,CAAC;QACzC,MAAM,IAAI,SAAS,CAAC,6BAA6B,CAAC,CAAA;IACpD,CAAC;SAAM,CAAC;QACN,YAAY,GAAG,kCAAkC,CAAA;IACnD,CAAC;AACH,CAAC;AAEY,QAAA,WAAW,GAAG,YAAY,CAAA","sourcesContent":["import { config } from '@things-factory/env'\n\nvar _AES_256_KEY = config.get('AES_256_KEY')\n\nif (!_AES_256_KEY) {\n if (process.env.NODE_ENV == 'production') {\n throw new TypeError('AES_256_KEY not configured.')\n } else {\n _AES_256_KEY = 'V6g5oHJZb7KcYzIyL6cM95XvIDouon5b'\n }\n}\n\nexport const AES_256_KEY = _AES_256_KEY\n"]}
package/dist-server/utils/get-domain-users.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"get-domain-users.js","sourceRoot":"","sources":["../../server/utils/get-domain-users.ts"],"names":[],"mappings":";;;AAEA,iDAA6D;AAE7D,+CAA2C;AAEpC,KAAK,UAAU,cAAc,CAAC,MAAuB,EAAE,MAAsB;IAClF,MAAM,UAAU,GAAuB,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,aAAa,CAAC,cAAM,CAAC,KAAI,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAA;IAE7F,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE;QACd,MAAM,WAAW,GAAW,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAClF,IAAI,CAAC,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,MAAM,EAAE,CAAC,CAAA;QAEzF,MAAM,GAAG,WAAW,CAAA;KACrB;IAED,MAAM,EAAE,GAA6B,4BAA4B,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IAC5E,OAAO,MAAM,EAAE,CAAC,OAAO,EAAE,CAAA;AAC3B,CAAC;AAZD,wCAYC;AAED,SAAgB,4BAA4B,CAC1C,QAAgB,EAChB,QAAgB,MAAM,EACtB,MAAsB;IAEtB,MAAM,QAAQ,GAAqB,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,aAAa,CAAC,WAAI,CAAC,KAAI,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACrF,MAAM,EAAE,GAA6B,QAAQ,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAA;IACvE,EAAE,CAAC,MAAM,EAAE,CAAC,QAAQ,CAClB,GAAG,KAAK,UAAU,EAAE;SACjB,QAAQ,EAAE;SACV,MAAM,CAAC,wBAAwB,CAAC;SAChC,IAAI,CAAC,eAAe,EAAE,eAAe,CAAC;SACtC,KAAK,CAAC,sCAAsC,EAAE,EAAE,QAAQ,EAAE,CAAC;SAC3D,QAAQ,EAAE,EAAE,CAChB,CAAA;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAjBD,oEAiBC","sourcesContent":["import { EntityManager, Repository, SelectQueryBuilder } from 'typeorm'\n\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user'\n\nexport async function getDomainUsers(domain: Partial<Domain>, trxMgr?: EntityManager): Promise<User[]> {\n const domainRepo: Repository<Domain> = trxMgr?.getRepository(Domain) || getRepository(Domain)\n\n if (!domain.id) {\n const foundDomain: Domain = await domainRepo.findOne({ where: { id: domain.id } })\n if (!foundDomain) throw new Error(`Failed to find domain by passed condition, ${domain}`)\n\n domain = foundDomain\n }\n\n const qb: SelectQueryBuilder<User> = buildDomainUsersQueryBuilder(domain.id)\n return await qb.getMany()\n}\n\nexport function buildDomainUsersQueryBuilder(\n domainId: string,\n alias: string = 'USER',\n trxMgr?: EntityManager\n): SelectQueryBuilder<User> {\n const userRepo: Repository<User> = trxMgr?.getRepository(User) || getRepository(User)\n const qb: SelectQueryBuilder<User> = userRepo.createQueryBuilder(alias)\n qb.select().andWhere(\n `${alias}.id IN ${qb\n .subQuery()\n .select('USERS_DOMAINS.users_id')\n .from('users_domains', 'USERS_DOMAINS')\n .where('USERS_DOMAINS.domains_id = :domainId', { domainId })\n .getQuery()}`\n )\n\n return qb\n}\n"]}
1
+ {"version":3,"file":"get-domain-users.js","sourceRoot":"","sources":["../../server/utils/get-domain-users.ts"],"names":[],"mappings":";;;AAEA,iDAA6D;AAE7D,+CAA2C;AAEpC,KAAK,UAAU,cAAc,CAAC,MAAuB,EAAE,MAAsB;IAClF,MAAM,UAAU,GAAuB,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,aAAa,CAAC,cAAM,CAAC,KAAI,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAA;IAE7F,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;QACf,MAAM,WAAW,GAAW,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAClF,IAAI,CAAC,WAAW;YAAE,MAAM,IAAI,KAAK,CAAC,8CAA8C,MAAM,EAAE,CAAC,CAAA;QAEzF,MAAM,GAAG,WAAW,CAAA;IACtB,CAAC;IAED,MAAM,EAAE,GAA6B,4BAA4B,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IAC5E,OAAO,MAAM,EAAE,CAAC,OAAO,EAAE,CAAA;AAC3B,CAAC;AAZD,wCAYC;AAED,SAAgB,4BAA4B,CAC1C,QAAgB,EAChB,QAAgB,MAAM,EACtB,MAAsB;IAEtB,MAAM,QAAQ,GAAqB,CAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,aAAa,CAAC,WAAI,CAAC,KAAI,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACrF,MAAM,EAAE,GAA6B,QAAQ,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAA;IACvE,EAAE,CAAC,MAAM,EAAE,CAAC,QAAQ,CAClB,GAAG,KAAK,UAAU,EAAE;SACjB,QAAQ,EAAE;SACV,MAAM,CAAC,wBAAwB,CAAC;SAChC,IAAI,CAAC,eAAe,EAAE,eAAe,CAAC;SACtC,KAAK,CAAC,sCAAsC,EAAE,EAAE,QAAQ,EAAE,CAAC;SAC3D,QAAQ,EAAE,EAAE,CAChB,CAAA;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAjBD,oEAiBC","sourcesContent":["import { EntityManager, Repository, SelectQueryBuilder } from 'typeorm'\n\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user'\n\nexport async function getDomainUsers(domain: Partial<Domain>, trxMgr?: EntityManager): Promise<User[]> {\n const domainRepo: Repository<Domain> = trxMgr?.getRepository(Domain) || getRepository(Domain)\n\n if (!domain.id) {\n const foundDomain: Domain = await domainRepo.findOne({ where: { id: domain.id } })\n if (!foundDomain) throw new Error(`Failed to find domain by passed condition, ${domain}`)\n\n domain = foundDomain\n }\n\n const qb: SelectQueryBuilder<User> = buildDomainUsersQueryBuilder(domain.id)\n return await qb.getMany()\n}\n\nexport function buildDomainUsersQueryBuilder(\n domainId: string,\n alias: string = 'USER',\n trxMgr?: EntityManager\n): SelectQueryBuilder<User> {\n const userRepo: Repository<User> = trxMgr?.getRepository(User) || getRepository(User)\n const qb: SelectQueryBuilder<User> = userRepo.createQueryBuilder(alias)\n qb.select().andWhere(\n `${alias}.id IN ${qb\n .subQuery()\n .select('USERS_DOMAINS.users_id')\n .from('users_domains', 'USERS_DOMAINS')\n .where('USERS_DOMAINS.domains_id = :domainId', { domainId })\n .getQuery()}`\n )\n\n return qb\n}\n"]}
package/dist-server/utils/get-secret.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"get-secret.js","sourceRoot":"","sources":["../../server/utils/get-secret.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAE5C,IAAI,OAAO,GAAG,YAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;AAElC,IAAI,CAAC,OAAO,EAAE;IACZ,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,YAAY,EAAE;QACxC,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAA;KAClD;SAAM;QACL,OAAO,GAAG,4CAA4C,CAAA;KACvD;CACF;AAEY,QAAA,MAAM,GAAG,OAAO,CAAA","sourcesContent":["import { config } from '@things-factory/env'\n\nvar _SECRET = config.get('SECRET')\n\nif (!_SECRET) {\n if (process.env.NODE_ENV == 'production') {\n throw new TypeError('SECRET key not configured.')\n } else {\n _SECRET = '0xD58F835B69D207A76CC5F84a70a1D0d4C79dAC95'\n }\n}\n\nexport const SECRET = _SECRET\n"]}
1
+ {"version":3,"file":"get-secret.js","sourceRoot":"","sources":["../../server/utils/get-secret.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAE5C,IAAI,OAAO,GAAG,YAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;AAElC,IAAI,CAAC,OAAO,EAAE,CAAC;IACb,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,YAAY,EAAE,CAAC;QACzC,MAAM,IAAI,SAAS,CAAC,4BAA4B,CAAC,CAAA;IACnD,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,4CAA4C,CAAA;IACxD,CAAC;AACH,CAAC;AAEY,QAAA,MAAM,GAAG,OAAO,CAAA","sourcesContent":["import { config } from '@things-factory/env'\n\nvar _SECRET = config.get('SECRET')\n\nif (!_SECRET) {\n if (process.env.NODE_ENV == 'production') {\n throw new TypeError('SECRET key not configured.')\n } else {\n _SECRET = '0xD58F835B69D207A76CC5F84a70a1D0d4C79dAC95'\n }\n}\n\nexport const SECRET = _SECRET\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@things-factory/auth-base",
3
- "version": "7.0.1-beta.1",
3
+ "version": "7.0.1-beta.10",
4
4
  "main": "dist-server/index.js",
5
5
  "browser": "dist-client/index.js",
6
6
  "things-factory": true,
@@ -30,10 +30,10 @@
30
30
  "migration:create": "node ../../node_modules/typeorm/cli.js migration:create -d ./server/migrations"
31
31
  },
32
32
  "dependencies": {
33
- "@things-factory/email-base": "^7.0.1-beta.1",
34
- "@things-factory/env": "^7.0.1-beta.1",
35
- "@things-factory/shell": "^7.0.1-beta.1",
36
- "@things-factory/utils": "^7.0.1-beta.1",
33
+ "@things-factory/email-base": "^7.0.1-beta.10",
34
+ "@things-factory/env": "^7.0.1-beta.6",
35
+ "@things-factory/shell": "^7.0.1-beta.10",
36
+ "@things-factory/utils": "^7.0.1-beta.10",
37
37
  "@types/webappsec-credential-management": "^0.6.8",
38
38
  "jsonwebtoken": "^9.0.0",
39
39
  "koa-passport": "^6.0.0",
@@ -45,5 +45,5 @@
45
45
  "passport-local": "^1.0.0",
46
46
  "popsicle-cookie-jar": "^1.0.0"
47
47
  },
48
- "gitHead": "f117e0029bfbd061d3f76caa067ed81305f6c2b7"
48
+ "gitHead": "facbff076fc6af507fa83d5e0b033ad88cdb2fc8"
49
49
  }
package/server/constants/error-code.ts CHANGED
@@ -17,3 +17,4 @@ export const PASSWORD_USED_PAST = 'password used in the past'
17
17
  export const VERIFICATION_ERROR = 'user or verification token not found'
18
18
  export const USER_CREDENTIAL_NOT_FOUND = 'user credential not found'
19
19
  export const AUTH_ERROR = 'auth error'
20
+ export const FIDO2_CERT_UNSUPPORTED = 'fido2 certificate unsupported'
package/server/middlewares/webauthn-middleware.ts CHANGED
@@ -24,7 +24,12 @@ passport.use(
24
24
  return cb(null, false, { errorCode: AuthError.ERROR_CODES.USER_CREDENTIAL_NOT_FOUND })
25
25
  }
26
26
 
27
- return cb(null, user, credential.publicKey)
27
+ try {
28
+ return cb(null, user, credential.publicKey)
29
+ } catch (error) {
30
+ console.error(error)
31
+ return cb(null, false, { errorCode: AuthError.ERROR_CODES.FIDO2_CERT_UNSUPPORTED })
32
+ }
28
33
  },
29
34
  async function register(user, id, publicKey, cb) {
30
35
  const userObject = await getRepository(User).findOne({ where: { id: user.id.toString() } })
package/translations/en.json CHANGED
@@ -4,6 +4,7 @@
4
4
  "error.domain mismatch": "certificate is not for this domain",
5
5
  "error.domain not allowed": "user not allowed domain `{subdomain}`",
6
6
  "error.failed to find x": "failed to find {x}",
7
+ "error.fido2 certificate unsupported": "FIDO2 certificate unsupported",
7
8
  "error.password should match the rule": "password should match following rule. ${rule}",
8
9
  "error.password used in the past": "password used in the past",
9
10
  "error.subdomain not found": "domain not found",
package/translations/ja.json CHANGED
@@ -4,6 +4,7 @@
4
4
  "error.domain mismatch": "証明書のドメインと現在のドメインが一致しません.",
5
5
  "error.domain not allowed": "'{subdomain}' 領域はこのユーザに許可されていません.",
6
6
  "error.failed to find x": "{x}が見つかりません.",
7
+ "error.fido2 certificate unsupported": "fido2証明書はサポートされていません",
7
8
  "error.password should match the rule": "パスワードは次の規則を守らなければなりません. {rule}",
8
9
  "error.password used in the past": "過去に使用されたパスワードです.",
9
10
  "error.subdomain not found": "サブドメインが見つかりません.",
package/translations/ko.json CHANGED
@@ -4,6 +4,7 @@
4
4
  "error.domain mismatch": "인증서의 도메인과 현재 도메인이 일치하지 않습니다.",
5
5
  "error.domain not allowed": "'{subdomain}' 영역은 이 사용자에게 허가되지 않았습니다.",
6
6
  "error.failed to find x": "{x}을(를) 찾을 수 없습니다.",
7
+ "error.fido2 certificate unsupported": "제공된 인증서가 올바르지 않거나 지원되지 않는 형식입니다. 다른 로그인 방법을 사용하세요.",
7
8
  "error.password should match the rule": "비밀번호는 다음 규칙을 지켜야 합니다. {rule}",
8
9
  "error.password used in the past": "과거에 사용된 비밀번호입니다.",
9
10
  "error.subdomain not found": "서브도메인을 찾을 수 없습니다.",
package/translations/ms.json CHANGED
@@ -4,6 +4,7 @@
4
4
  "error.domain mismatch": "Sijil tidak sesuai untuk domain ini",
5
5
  "error.domain not allowed": "Pengguna tidak dibenarkan domain `{subdomain}`",
6
6
  "error.failed to find x": "Gagal mencari {x}",
7
+ "error.fido2 certificate unsupported": "sijil fido2 tidak disokong",
7
8
  "error.password should match the rule": "Kata laluan harus mematuhi peraturan berikut. ${rule}",
8
9
  "error.password used in the past": "Kata laluan telah digunakan dalam masa lampau",
9
10
  "error.subdomain not found": "Domain tidak ditemui",
package/translations/zh.json CHANGED
@@ -4,6 +4,7 @@
4
4
  "error.domain mismatch": "证书不适用于该域!",
5
5
  "error.domain not allowed": "用户无权限使用`{subdomain}`域!",
6
6
  "error.failed to find x": "查询{x}失败!",
7
+ "error.fido2 certificate unsupported": "fido2证书不支持",
7
8
  "error.password should match the rule": "密码应符合以下规则。${rule}",
8
9
  "error.password used in the past": "使用过的密码!",
9
10
  "error.subdomain not found": "用户域查询失败!",