@things-factory/auth-base 7.0.1-beta.9 → 7.0.1-rc.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-client/auth.js.map +1 -1
- package/dist-client/directive/privileged.d.ts +5 -5
- package/dist-client/directive/privileged.js.map +1 -1
- package/dist-client/profiled.js.map +1 -1
- package/dist-client/reducers/auth.js.map +1 -1
- package/dist-client/tsconfig.tsbuildinfo +1 -1
- package/dist-server/controllers/change-pwd.js +1 -2
- package/dist-server/controllers/change-pwd.js.map +1 -1
- package/dist-server/controllers/checkin.js +1 -2
- package/dist-server/controllers/checkin.js.map +1 -1
- package/dist-server/controllers/delete-user.js +2 -3
- package/dist-server/controllers/delete-user.js.map +1 -1
- package/dist-server/controllers/invitation.js +4 -5
- package/dist-server/controllers/invitation.js.map +1 -1
- package/dist-server/controllers/profile.js +1 -2
- package/dist-server/controllers/profile.js.map +1 -1
- package/dist-server/controllers/reset-password.js +2 -3
- package/dist-server/controllers/reset-password.js.map +1 -1
- package/dist-server/controllers/signin.js +1 -2
- package/dist-server/controllers/signin.js.map +1 -1
- package/dist-server/controllers/signup.js +1 -2
- package/dist-server/controllers/signup.js.map +1 -1
- package/dist-server/controllers/unlock-user.js +2 -3
- package/dist-server/controllers/unlock-user.js.map +1 -1
- package/dist-server/controllers/utils/make-invitation-token.js +1 -2
- package/dist-server/controllers/utils/make-invitation-token.js.map +1 -1
- package/dist-server/controllers/utils/make-verification-token.js +1 -2
- package/dist-server/controllers/utils/make-verification-token.js.map +1 -1
- package/dist-server/controllers/utils/password-rule.js +10 -10
- package/dist-server/controllers/utils/password-rule.js.map +1 -1
- package/dist-server/controllers/utils/save-invitation-token.js +1 -2
- package/dist-server/controllers/utils/save-invitation-token.js.map +1 -1
- package/dist-server/controllers/utils/save-verification-token.js +1 -2
- package/dist-server/controllers/utils/save-verification-token.js.map +1 -1
- package/dist-server/controllers/verification.js +3 -4
- package/dist-server/controllers/verification.js.map +1 -1
- package/dist-server/index.js.map +1 -1
- package/dist-server/middlewares/authenticate-401-middleware.js +1 -2
- package/dist-server/middlewares/authenticate-401-middleware.js.map +1 -1
- package/dist-server/middlewares/domain-authenticate-middleware.js +1 -2
- package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/graphql-authenticate-middleware.js +1 -2
- package/dist-server/middlewares/graphql-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/index.js +1 -2
- package/dist-server/middlewares/index.js.map +1 -1
- package/dist-server/middlewares/jwt-authenticate-middleware.js +1 -2
- package/dist-server/middlewares/jwt-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/signin-middleware.js +1 -2
- package/dist-server/middlewares/signin-middleware.js.map +1 -1
- package/dist-server/middlewares/webauthn-middleware.js +2 -2
- package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
- package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
- package/dist-server/migrations/1566805283882-SeedPrivilege.js.map +1 -1
- package/dist-server/router/auth-checkin-router.js.map +1 -1
- package/dist-server/router/auth-private-process-router.js.map +1 -1
- package/dist-server/router/auth-public-process-router.js.map +1 -1
- package/dist-server/router/auth-signin-router.js.map +1 -1
- package/dist-server/router/auth-signup-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-authorize-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-server.js.map +1 -1
- package/dist-server/router/oauth2/passport-oauth2-client-password.js +1 -2
- package/dist-server/router/oauth2/passport-oauth2-client-password.js.map +1 -1
- package/dist-server/router/oauth2/passport-refresh-token.js +1 -2
- package/dist-server/router/oauth2/passport-refresh-token.js.map +1 -1
- package/dist-server/router/site-root-router.js.map +1 -1
- package/dist-server/routes.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-mutation.js +2 -2
- package/dist-server/service/app-binding/app-binding-mutation.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-query.js +3 -3
- package/dist-server/service/app-binding/app-binding-query.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-types.js +2 -2
- package/dist-server/service/app-binding/app-binding-types.js.map +1 -1
- package/dist-server/service/app-binding/app-binding.js +2 -2
- package/dist-server/service/app-binding/app-binding.js.map +1 -1
- package/dist-server/service/appliance/appliance-mutation.js +2 -2
- package/dist-server/service/appliance/appliance-mutation.js.map +1 -1
- package/dist-server/service/appliance/appliance-query.js +4 -4
- package/dist-server/service/appliance/appliance-query.js.map +1 -1
- package/dist-server/service/appliance/appliance-types.js +6 -6
- package/dist-server/service/appliance/appliance-types.js.map +1 -1
- package/dist-server/service/appliance/appliance.js +2 -2
- package/dist-server/service/appliance/appliance.js.map +1 -1
- package/dist-server/service/application/application-mutation.js +2 -2
- package/dist-server/service/application/application-mutation.js.map +1 -1
- package/dist-server/service/application/application-query.js +3 -3
- package/dist-server/service/application/application-query.js.map +1 -1
- package/dist-server/service/application/application-types.js +8 -8
- package/dist-server/service/application/application-types.js.map +1 -1
- package/dist-server/service/application/application.js +6 -6
- package/dist-server/service/application/application.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-mutation.js +2 -2
- package/dist-server/service/auth-provider/auth-provider-mutation.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-parameter-spec.js +2 -2
- package/dist-server/service/auth-provider/auth-provider-parameter-spec.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-query.js +3 -3
- package/dist-server/service/auth-provider/auth-provider-query.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-type.js +6 -6
- package/dist-server/service/auth-provider/auth-provider-type.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider.js +6 -6
- package/dist-server/service/auth-provider/auth-provider.js.map +1 -1
- package/dist-server/service/domain-generator/domain-generator-mutation.js +2 -2
- package/dist-server/service/domain-generator/domain-generator-mutation.js.map +1 -1
- package/dist-server/service/domain-generator/domain-generator-types.js +6 -6
- package/dist-server/service/domain-generator/domain-generator-types.js.map +1 -1
- package/dist-server/service/granted-role/granted-role-mutation.js +6 -6
- package/dist-server/service/granted-role/granted-role-mutation.js.map +1 -1
- package/dist-server/service/granted-role/granted-role-query.js +2 -2
- package/dist-server/service/granted-role/granted-role-query.js.map +1 -1
- package/dist-server/service/granted-role/granted-role.js +2 -2
- package/dist-server/service/granted-role/granted-role.js.map +1 -1
- package/dist-server/service/invitation/invitation-mutation.js +2 -2
- package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
- package/dist-server/service/invitation/invitation-query.js +2 -2
- package/dist-server/service/invitation/invitation-query.js.map +1 -1
- package/dist-server/service/invitation/invitation-types.js +2 -2
- package/dist-server/service/invitation/invitation-types.js.map +1 -1
- package/dist-server/service/invitation/invitation.js +2 -2
- package/dist-server/service/invitation/invitation.js.map +1 -1
- package/dist-server/service/login-history/login-history-query.js +3 -3
- package/dist-server/service/login-history/login-history-query.js.map +1 -1
- package/dist-server/service/login-history/login-history-type.js +2 -2
- package/dist-server/service/login-history/login-history-type.js.map +1 -1
- package/dist-server/service/login-history/login-history.js +2 -2
- package/dist-server/service/login-history/login-history.js.map +1 -1
- package/dist-server/service/partner/partner-mutation.js +2 -2
- package/dist-server/service/partner/partner-mutation.js.map +1 -1
- package/dist-server/service/partner/partner-query.js +4 -4
- package/dist-server/service/partner/partner-query.js.map +1 -1
- package/dist-server/service/partner/partner-types.js +2 -2
- package/dist-server/service/partner/partner-types.js.map +1 -1
- package/dist-server/service/partner/partner.js +2 -2
- package/dist-server/service/partner/partner.js.map +1 -1
- package/dist-server/service/password-history/password-history.js +2 -2
- package/dist-server/service/password-history/password-history.js.map +1 -1
- package/dist-server/service/privilege/privilege-directive.js.map +1 -1
- package/dist-server/service/privilege/privilege-mutation.js +2 -2
- package/dist-server/service/privilege/privilege-mutation.js.map +1 -1
- package/dist-server/service/privilege/privilege-query.js +3 -3
- package/dist-server/service/privilege/privilege-query.js.map +1 -1
- package/dist-server/service/privilege/privilege-types.js +8 -8
- package/dist-server/service/privilege/privilege-types.js.map +1 -1
- package/dist-server/service/privilege/privilege.js +6 -6
- package/dist-server/service/privilege/privilege.js.map +1 -1
- package/dist-server/service/role/role-mutation.js +2 -2
- package/dist-server/service/role/role-mutation.js.map +1 -1
- package/dist-server/service/role/role-query.js +3 -3
- package/dist-server/service/role/role-query.js.map +1 -1
- package/dist-server/service/role/role-types.js +10 -10
- package/dist-server/service/role/role-types.js.map +1 -1
- package/dist-server/service/role/role.js +2 -2
- package/dist-server/service/role/role.js.map +1 -1
- package/dist-server/service/user/domain-query.js +2 -2
- package/dist-server/service/user/domain-query.js.map +1 -1
- package/dist-server/service/user/user-mutation.js +2 -2
- package/dist-server/service/user/user-mutation.js.map +1 -1
- package/dist-server/service/user/user-query.js +3 -3
- package/dist-server/service/user/user-query.js.map +1 -1
- package/dist-server/service/user/user-types.js +6 -6
- package/dist-server/service/user/user-types.js.map +1 -1
- package/dist-server/service/user/user.js +5 -5
- package/dist-server/service/user/user.js.map +1 -1
- package/dist-server/service/users-auth-providers/users-auth-providers.js +2 -2
- package/dist-server/service/users-auth-providers/users-auth-providers.js.map +1 -1
- package/dist-server/service/verification-token/verification-token.js +3 -3
- package/dist-server/service/verification-token/verification-token.js.map +1 -1
- package/dist-server/service/web-auth-credential/web-auth-credential.js +2 -2
- package/dist-server/service/web-auth-credential/web-auth-credential.js.map +1 -1
- package/dist-server/templates/account-unlock-email.js +1 -2
- package/dist-server/templates/account-unlock-email.js.map +1 -1
- package/dist-server/templates/invitation-email.js +1 -2
- package/dist-server/templates/invitation-email.js.map +1 -1
- package/dist-server/templates/reset-password-email.js +1 -2
- package/dist-server/templates/reset-password-email.js.map +1 -1
- package/dist-server/templates/verification-email.js +1 -2
- package/dist-server/templates/verification-email.js.map +1 -1
- package/dist-server/tsconfig.tsbuildinfo +1 -1
- package/dist-server/utils/accepts.js +1 -2
- package/dist-server/utils/accepts.js.map +1 -1
- package/dist-server/utils/access-token-cookie.js +4 -5
- package/dist-server/utils/access-token-cookie.js.map +1 -1
- package/dist-server/utils/check-permission.js +1 -2
- package/dist-server/utils/check-permission.js.map +1 -1
- package/dist-server/utils/check-user-belongs-domain.js +1 -2
- package/dist-server/utils/check-user-belongs-domain.js.map +1 -1
- package/dist-server/utils/encrypt-state.js +2 -3
- package/dist-server/utils/encrypt-state.js.map +1 -1
- package/dist-server/utils/get-aes-256-key.js.map +1 -1
- package/dist-server/utils/get-domain-from-hostname.js +1 -2
- package/dist-server/utils/get-domain-from-hostname.js.map +1 -1
- package/dist-server/utils/get-domain-users.js +2 -3
- package/dist-server/utils/get-domain-users.js.map +1 -1
- package/dist-server/utils/get-secret.js.map +1 -1
- package/dist-server/utils/get-user-domains.js +4 -5
- package/dist-server/utils/get-user-domains.js.map +1 -1
- package/helps/config/SECRET.ja.md +13 -0
- package/helps/config/SECRET.ko.md +13 -0
- package/helps/config/SECRET.md +3 -3
- package/helps/config/SECRET.ms.md +13 -0
- package/helps/config/SECRET.zh.md +13 -0
- package/helps/config/accessTokenCookieKey.ja.md +11 -0
- package/helps/config/accessTokenCookieKey.ko.md +11 -0
- package/helps/config/accessTokenCookieKey.md +1 -1
- package/helps/config/accessTokenCookieKey.ms.md +11 -0
- package/helps/config/accessTokenCookieKey.zh.md +11 -0
- package/helps/config/applianceJwtExpiresIn.ja.md +26 -0
- package/helps/config/applianceJwtExpiresIn.ko.md +26 -0
- package/helps/config/applianceJwtExpiresIn.md +18 -15
- package/helps/config/applianceJwtExpiresIn.ms.md +30 -0
- package/helps/config/applianceJwtExpiresIn.zh.md +26 -0
- package/helps/config/disableUserSignupProcess.ja.md +22 -0
- package/helps/config/disableUserSignupProcess.ko.md +22 -0
- package/helps/config/disableUserSignupProcess.md +3 -3
- package/helps/config/disableUserSignupProcess.ms.md +22 -0
- package/helps/config/disableUserSignupProcess.zh.md +22 -0
- package/helps/config/i18n.ja.md +44 -0
- package/helps/config/i18n.ko.md +44 -0
- package/helps/config/i18n.md +6 -6
- package/helps/config/i18n.ms.md +44 -0
- package/helps/config/i18n.zh.md +44 -0
- package/helps/config/password.ja.md +53 -0
- package/helps/config/password.ko.md +65 -0
- package/helps/config/password.md +8 -36
- package/helps/config/password.ms.md +65 -0
- package/helps/config/password.zh.md +65 -0
- package/helps/config/publicHomeRoute.ja.md +14 -0
- package/helps/config/publicHomeRoute.ko.md +14 -0
- package/helps/config/publicHomeRoute.md +3 -3
- package/helps/config/publicHomeRoute.ms.md +14 -0
- package/helps/config/publicHomeRoute.zh.md +14 -0
- package/helps/config/session.ja.md +45 -0
- package/helps/config/session.ko.md +49 -0
- package/helps/config/session.md +10 -10
- package/helps/config/session.ms.md +46 -0
- package/helps/config/session.zh.md +49 -0
- package/package.json +6 -6
- package/server/service/app-binding/app-binding-query.ts +1 -1
- package/server/service/appliance/appliance-query.ts +5 -2
- package/server/service/application/application-query.ts +1 -1
- package/server/service/application/application.ts +2 -2
- package/server/service/auth-provider/auth-provider-query.ts +4 -1
- package/server/service/login-history/login-history-query.ts +4 -1
- package/server/service/partner/partner-query.ts +5 -2
- package/server/service/privilege/privilege-query.ts +14 -3
- package/server/service/role/role-query.ts +1 -1
- package/server/service/user/user-query.ts +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"reset-password.js","sourceRoot":"","sources":["../../server/controllers/reset-password.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"reset-password.js","sourceRoot":"","sources":["../../server/controllers/reset-password.ts"],"names":[],"mappings":";;AAiBA,wDAqBC;AAED,sCAqFC;AA7HD,6BAAyB;AAEzB,2DAAsD;AACtD,6CAA4C;AAC5C,iDAAqD;AAErD,wDAA4D;AAC5D,qDAAgD;AAChD,mFAA8E;AAC9E,+CAA2C;AAC3C,yFAA2G;AAC3G,4EAA6E;AAC7E,6EAAuE;AACvE,6EAAuE;AAEvE,MAAM,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,OAAO,CAAA;AAE5D,KAAK,UAAU,sBAAsB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE;IAC5D,IAAI,CAAC;QACH,IAAI,KAAK,GAAG,IAAA,+CAAqB,GAAE,CAAA;QACnC,IAAI,WAAW,GAAG,MAAM,IAAA,+CAAqB,EAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,0CAAqB,CAAC,cAAc,CAAC,CAAA;QAEnG,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,UAAU,GAAG,IAAI,SAAG,CAAC,8BAA8B,KAAK,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YACvF,MAAM,IAAA,sBAAS,EAAC;gBACd,QAAQ,EAAE,IAAI,CAAC,KAAK;gBACpB,OAAO,EAAE,qBAAqB;gBAC9B,OAAO,EAAE,IAAA,gDAAyB,EAAC;oBACjC,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,QAAQ,EAAE,UAAU;iBACrB,CAAC;aACH,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,aAAa,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO;IAC1D,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAErB,MAAM,iBAAiB,GAAG,MAAM,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAC,OAAO,CAAC;QACvE,KAAK,EAAE;YACL,KAAK;YACL,IAAI,EAAE,0CAAqB,CAAC,cAAc;SAC3C;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAA;IACvD,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,iBAAiB,CAAA;IACpC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAA;IACvD,CAAC;IAED,IAAI,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;IAC9D,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAA;IAC5C,CAAC;IAED,4CAA4C;IAC5C,6CAA6C;IAC7C,IAAI;IAEJ,6CAA6C;IAC7C,WAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,CAAC,CAAA;IAEnD,IAAI,CAAC,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IAEhD,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QACrB,IAAI,eAAe,GAAoB,MAAM,IAAA,qBAAa,EAAC,kCAAe,CAAC,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,CAAA;QAC1G,IAAI,OAAO,GAAG,EAAE,CAAA;QAEhB,IAAI,eAAe,EAAE,CAAC;YACpB,IAAI,CAAC;gBACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,CAAC,CAAA;gBAC7C,IAAI,CAAC,CAAC,OAAO,YAAY,KAAK,CAAC,EAAE,CAAC;oBAChC,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAA;oBAChE,OAAO,GAAG,EAAE,CAAA;gBACd,CAAC;YACH,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAA;YAC/D,CAAC;YAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBACpD,OAAO,WAAI,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAA;YAClD,CAAC,CAAC,CAAA;YAEF,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,IAAI,sBAAS,CAAC;oBAClB,SAAS,EAAE,+BAAkB;iBAC9B,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,iCACzB,IAAI,KACP,iBAAiB,EAAE,IAAI,IAAI,EAAE,IAC7B,CAAA;IAEF,MAAM,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAC,MAAM,CAAC;QAC5C,MAAM;QACN,KAAK;QACL,IAAI,EAAE,0CAAqB,CAAC,cAAc;KAC3C,CAAC,CAAA;IAEF,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,GAAG;YACR;gBACE,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB;YACD,GAAG,OAAO;SACX,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAA;QAExB,MAAM,IAAA,qBAAa,EAAC,kCAAe,CAAC,CAAC,IAAI,CAAC;YACxC,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;SACjC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { URL } from 'url'\n\nimport { sendEmail } from '@things-factory/email-base'\nimport { config } from '@things-factory/env'\nimport { getRepository } from '@things-factory/shell'\n\nimport { PASSWORD_USED_PAST } from '../constants/error-code'\nimport { AuthError } from '../errors/auth-error'\nimport { PasswordHistory } from '../service/password-history/password-history'\nimport { User } from '../service/user/user'\nimport { VerificationToken, VerificationTokenType } from '../service/verification-token/verification-token'\nimport { getResetPasswordEmailForm } from '../templates/reset-password-email'\nimport { makeVerificationToken } from './utils/make-verification-token'\nimport { saveVerificationToken } from './utils/save-verification-token'\n\nconst HISTORY_SIZE = config.get('password', { history: 0 }).history\n\nexport async function sendPasswordResetEmail({ user, context }) {\n try {\n var token = makeVerificationToken()\n var verifaction = await saveVerificationToken(user.id, token, VerificationTokenType.PASSWORD_RESET)\n\n if (verifaction) {\n var serviceUrl = new URL(`/auth/reset-password?token=${token}`, context.header.referer)\n await sendEmail({\n receiver: user.email,\n subject: 'Reset your password',\n content: getResetPasswordEmailForm({\n name: user.name,\n resetUrl: serviceUrl\n })\n })\n\n return true\n }\n } catch (e) {\n return false\n }\n}\n\nexport async function resetPassword(token, password, context) {\n const { t } = context\n\n const verificationToken = await getRepository(VerificationToken).findOne({\n where: {\n token,\n type: VerificationTokenType.PASSWORD_RESET\n }\n })\n\n if (!verificationToken) {\n throw new Error(t('text.invalid verification token'))\n }\n\n const { userId } = verificationToken\n if (!userId) {\n throw new Error(t('text.invalid verification token'))\n }\n\n var user = await getRepository(User).findOneBy({ id: userId })\n if (!user) {\n throw new Error(t('error.user not found'))\n }\n\n // if (user.status == UserStatus.INACTIVE) {\n // throw new Error(t('text.inactive user'))\n // }\n\n /* check if password is following the rule */\n User.validatePasswordByRule(password, context?.lng)\n\n user.password = User.encode(password, user.salt)\n\n if (HISTORY_SIZE > 0) {\n var passwordHistory: PasswordHistory = await getRepository(PasswordHistory).findOneBy({ userId: user.id })\n var history = []\n\n if (passwordHistory) {\n try {\n history = JSON.parse(passwordHistory.history)\n if (!(history instanceof Array)) {\n console.error('password history maybe currupted - not an array')\n history = []\n }\n } catch (e) {\n console.error('password history currupted - not json format')\n }\n\n const found = history.slice(0, HISTORY_SIZE).find(h => {\n return User.verify(h.password, password, h.salt)\n })\n\n if (found) {\n throw new AuthError({\n errorCode: PASSWORD_USED_PAST\n })\n }\n }\n }\n\n await getRepository(User).save({\n ...user,\n passwordUpdatedAt: new Date()\n })\n\n await getRepository(VerificationToken).delete({\n userId,\n token,\n type: VerificationTokenType.PASSWORD_RESET\n })\n\n if (HISTORY_SIZE > 0) {\n history = [\n {\n password: user.password,\n salt: user.salt\n },\n ...history\n ].slice(0, HISTORY_SIZE)\n\n await getRepository(PasswordHistory).save({\n userId: user.id,\n history: JSON.stringify(history)\n })\n }\n}\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.signin =
|
|
3
|
+
exports.signin = signin;
|
|
4
4
|
const typeorm_1 = require("typeorm");
|
|
5
5
|
const shell_1 = require("@things-factory/shell");
|
|
6
6
|
const unlock_user_1 = require("../controllers/unlock-user");
|
|
@@ -74,5 +74,4 @@ async function signin(attrs, context) {
|
|
|
74
74
|
domains: user.domains || []
|
|
75
75
|
};
|
|
76
76
|
}
|
|
77
|
-
exports.signin = signin;
|
|
78
77
|
//# sourceMappingURL=signin.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signin.js","sourceRoot":"","sources":["../../server/controllers/signin.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"signin.js","sourceRoot":"","sources":["../../server/controllers/signin.ts"],"names":[],"mappings":";;AAOA,wBAuEC;AA9ED,qCAA+B;AAC/B,iDAAqD;AAErD,4DAAgE;AAChE,qDAAgD;AAChD,+CAAuD;AAEhD,KAAK,UAAU,MAAM,CAAC,KAAK,EAAE,OAAQ;IAC1C,MAAM,EAAE,MAAM,EAAE,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,KAAI,EAAE,CAAA;IAEvC,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACtC,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,KAAK,CAAC,KAAK,CAAC,EAAE,EAAE,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;IACvG,IAAI,CAAC,IAAI;QACP,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;SAChD,CAAC,CAAA;IAEJ,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,OAAO,EAAE,CAAC;QACtC,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,YAAY;SAC9C,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,MAAM,EAAE,CAAC;QACrC,IAAA,iCAAmB,EAAC;YAClB,IAAI;YACJ,OAAO;SACR,CAAC,CAAA;QACF,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;YAC5C,MAAM,EAAE;gBACN,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;SACF,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,WAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3D,IAAI,CAAC,SAAS,EAAE,CAAA;QAChB,IAAI,IAAI,CAAC,SAAS,IAAI,CAAC;YAAE,IAAI,CAAC,MAAM,GAAG,iBAAU,CAAC,MAAM,CAAA;QACxD,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC3B,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,MAAM,EAAE,CAAC;YACrC,IAAA,iCAAmB,EAAC;gBAClB,IAAI;gBACJ,OAAO;aACR,CAAC,CAAA;YACF,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;gBAC5C,MAAM,EAAE;oBACN,KAAK,EAAE,IAAI,CAAC,KAAK;iBAClB;aACF,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,oBAAoB;YACrD,MAAM,EAAE;gBACN,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B;SACF,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,SAAS,GAAG,CAAC,CAAA;QAClB,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC7B,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;YACnD,MAAM,EAAE;gBACN,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;SACF,CAAC,CAAA;IACJ,CAAC;IAED,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC;QACxD,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE;KAC5B,CAAA;AACH,CAAC","sourcesContent":["import { ILike } from 'typeorm'\nimport { getRepository } from '@things-factory/shell'\n\nimport { sendUnlockUserEmail } from '../controllers/unlock-user'\nimport { AuthError } from '../errors/auth-error'\nimport { User, UserStatus } from '../service/user/user'\n\nexport async function signin(attrs, context?) {\n const { domain } = context?.state || {}\n\n const repository = getRepository(User)\n const user = await repository.findOne({ where: { email: ILike(attrs.email) }, relations: ['domains'] })\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n\n if (user.status == UserStatus.DELETED) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n if (user.status == UserStatus.LOCKED) {\n sendUnlockUserEmail({\n user,\n context\n })\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n }\n\n if (!User.verify(user.password, attrs.password, user.salt)) {\n user.failCount++\n if (user.failCount >= 5) user.status = UserStatus.LOCKED\n await repository.save(user)\n if (user.status == UserStatus.LOCKED) {\n sendUnlockUserEmail({\n user,\n context\n })\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n }\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.PASSWORD_NOT_MATCHED,\n detail: {\n email: user.email,\n failCount: user.failCount\n }\n })\n } else {\n user.failCount = 0\n await repository.save(user)\n }\n\n if (user.status == UserStatus.INACTIVE) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n }\n\n return {\n user,\n token: await user.sign({ subdomain: domain?.subdomain }),\n domains: user.domains || []\n }\n}\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.signup =
|
|
3
|
+
exports.signup = signup;
|
|
4
4
|
const typeorm_1 = require("typeorm");
|
|
5
5
|
const shell_1 = require("@things-factory/shell");
|
|
6
6
|
const error_code_1 = require("../constants/error-code");
|
|
@@ -44,5 +44,4 @@ async function signup(attrs, withEmailVerification) {
|
|
|
44
44
|
return { token: null };
|
|
45
45
|
}
|
|
46
46
|
}
|
|
47
|
-
exports.signup = signup;
|
|
48
47
|
//# sourceMappingURL=signup.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signup.js","sourceRoot":"","sources":["../../server/controllers/signup.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"signup.js","sourceRoot":"","sources":["../../server/controllers/signup.ts"],"names":[],"mappings":";;AASA,wBAkDC;AA3DD,qCAA+B;AAC/B,iDAAqD;AAErD,wDAAyD;AACzD,qDAAgD;AAChD,+CAA2C;AAC3C,qCAAiC;AACjC,iDAAsD;AAE/C,KAAK,UAAU,MAAM,CAAC,KAAK,EAAE,qBAA+B;IACjE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAA;IAExD,6CAA6C;IAC7C,WAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAA;IAElD,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACtC,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,KAAK,CAAC,EAAE,CAAC,CAAA;IACtE,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,4BAAe;YAC1B,MAAM,EAAE;gBACN,IAAI;gBACJ,KAAK;aACN;SACF,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,WAAI,CAAC,YAAY,EAAE,CAAA;IAEhC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI,+BAC9B,QAAQ,EAAE,MAAM,IACb,KAAK,KACR,IAAI,EACJ,QAAQ,EAAE,WAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,EACrC,iBAAiB,EAAE,IAAI,IAAI,EAAE,EAC7B,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,IAC/B,CAAA;IAEF,IAAI,OAAO,GAAG,KAAK,CAAA;IACnB,IAAI,qBAAqB,EAAE,CAAC;QAC1B,OAAO,GAAG,MAAM,IAAA,oCAAqB,EAAC;YACpC,OAAO;YACP,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC;QACH,OAAO;YACL,KAAK,EAAE,MAAM,IAAA,eAAM,EACjB;gBACE,KAAK;gBACL,QAAQ;aACT,EACD,EAAE,MAAM,EAAE,CACX;SACF,CAAA;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;IACxB,CAAC;AACH,CAAC","sourcesContent":["import { ILike } from 'typeorm'\nimport { getRepository } from '@things-factory/shell'\n\nimport { USER_DUPLICATED } from '../constants/error-code'\nimport { AuthError } from '../errors/auth-error'\nimport { User } from '../service/user/user'\nimport { signin } from './signin'\nimport { sendVerificationEmail } from './verification'\n\nexport async function signup(attrs, withEmailVerification?: Boolean) {\n const { name, email, password, domain, context } = attrs\n\n /* check if password is following the rule */\n User.validatePasswordByRule(password, context.lng)\n\n const repository = getRepository(User)\n const duplicated = await repository.findOneBy({ email: ILike(email) })\n if (duplicated) {\n throw new AuthError({\n errorCode: USER_DUPLICATED,\n detail: {\n name,\n email\n }\n })\n }\n\n const salt = User.generateSalt()\n\n var user = await repository.save({\n userType: 'user',\n ...attrs,\n salt,\n password: User.encode(password, salt),\n passwordUpdatedAt: new Date(),\n domains: domain ? [domain] : []\n })\n\n var succeed = false\n if (withEmailVerification) {\n succeed = await sendVerificationEmail({\n context,\n user\n })\n }\n\n try {\n return {\n token: await signin(\n {\n email,\n password\n },\n { domain }\n )\n }\n } catch (e) {\n return { token: null }\n }\n}\n"]}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.sendUnlockUserEmail = sendUnlockUserEmail;
|
|
4
|
+
exports.unlockUser = unlockUser;
|
|
4
5
|
const url_1 = require("url");
|
|
5
6
|
const email_base_1 = require("@things-factory/email-base");
|
|
6
7
|
const shell_1 = require("@things-factory/shell");
|
|
@@ -30,7 +31,6 @@ async function sendUnlockUserEmail({ user, context }) {
|
|
|
30
31
|
return false;
|
|
31
32
|
}
|
|
32
33
|
}
|
|
33
|
-
exports.sendUnlockUserEmail = sendUnlockUserEmail;
|
|
34
34
|
async function unlockUser(token, password) {
|
|
35
35
|
var { userId } = await (0, shell_1.getRepository)(verification_token_1.VerificationToken).findOne({
|
|
36
36
|
where: {
|
|
@@ -56,5 +56,4 @@ async function unlockUser(token, password) {
|
|
|
56
56
|
});
|
|
57
57
|
return true;
|
|
58
58
|
}
|
|
59
|
-
exports.unlockUser = unlockUser;
|
|
60
59
|
//# sourceMappingURL=unlock-user.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"unlock-user.js","sourceRoot":"","sources":["../../server/controllers/unlock-user.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"unlock-user.js","sourceRoot":"","sources":["../../server/controllers/unlock-user.ts"],"names":[],"mappings":";;AAWA,kDAqBC;AAED,gCA0BC;AA5DD,6BAAyB;AAEzB,2DAAsD;AACtD,iDAAqD;AAErD,+CAAuD;AACvD,yFAA2G;AAC3G,4EAA0E;AAC1E,6EAAuE;AACvE,6EAAuE;AAEhE,KAAK,UAAU,mBAAmB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE;IACzD,IAAI,CAAC;QACH,IAAI,KAAK,GAAG,IAAA,+CAAqB,GAAE,CAAA;QACnC,IAAI,WAAW,GAAG,MAAM,IAAA,+CAAqB,EAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,0CAAqB,CAAC,MAAM,CAAC,CAAA;QAE3F,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,UAAU,GAAG,IAAI,SAAG,CAAC,2BAA2B,KAAK,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YACpF,MAAM,IAAA,sBAAS,EAAC;gBACd,QAAQ,EAAE,IAAI,CAAC,KAAK;gBACpB,OAAO,EAAE,wBAAwB;gBACjC,OAAO,EAAE,IAAA,6CAAsB,EAAC;oBAC9B,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,QAAQ,EAAE,UAAU;iBACrB,CAAC;aACH,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,UAAU,CAAC,KAAK,EAAE,QAAQ;IAC9C,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAC,OAAO,CAAC;QAC9D,KAAK,EAAE;YACL,KAAK;YACL,IAAI,EAAE,0CAAqB,CAAC,MAAM;SACnC;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAA;IAEzB,IAAI,QAAQ,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;IAClE,IAAI,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC3B,IAAI,QAAQ,CAAC,MAAM,IAAI,iBAAU,CAAC,MAAM;QAAE,OAAO,KAAK,CAAA;IAEtD,QAAQ,CAAC,MAAM,GAAG,iBAAU,CAAC,SAAS,CAAA;IACtC,QAAQ,CAAC,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;IACxD,QAAQ,CAAC,SAAS,GAAG,CAAC,CAAA;IAEtB,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACxC,MAAM,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAC,MAAM,CAAC;QAC5C,MAAM;QACN,KAAK;QACL,IAAI,EAAE,0CAAqB,CAAC,MAAM;KACnC,CAAC,CAAA;IAEF,OAAO,IAAI,CAAA;AACb,CAAC","sourcesContent":["import { URL } from 'url'\n\nimport { sendEmail } from '@things-factory/email-base'\nimport { getRepository } from '@things-factory/shell'\n\nimport { User, UserStatus } from '../service/user/user'\nimport { VerificationToken, VerificationTokenType } from '../service/verification-token/verification-token'\nimport { getUnlockUserEmailForm } from '../templates/account-unlock-email'\nimport { makeVerificationToken } from './utils/make-verification-token'\nimport { saveVerificationToken } from './utils/save-verification-token'\n\nexport async function sendUnlockUserEmail({ user, context }) {\n try {\n var token = makeVerificationToken()\n var verifaction = await saveVerificationToken(user.id, token, VerificationTokenType.UNLOCK)\n\n if (verifaction) {\n var serviceUrl = new URL(`/auth/unlock-user?token=${token}`, context.header.referer)\n await sendEmail({\n receiver: user.email,\n subject: 'Your account is locked',\n content: getUnlockUserEmailForm({\n name: user.name,\n resetUrl: serviceUrl\n })\n })\n\n return true\n }\n } catch (e) {\n return false\n }\n}\n\nexport async function unlockUser(token, password) {\n var { userId } = await getRepository(VerificationToken).findOne({\n where: {\n token,\n type: VerificationTokenType.UNLOCK\n }\n })\n\n if (!userId) return false\n\n var userInfo = await getRepository(User).findOneBy({ id: userId })\n if (!userInfo) return false\n if (userInfo.status != UserStatus.LOCKED) return false\n\n userInfo.status = UserStatus.ACTIVATED\n userInfo.password = User.encode(password, userInfo.salt)\n userInfo.failCount = 0\n\n await getRepository(User).save(userInfo)\n await getRepository(VerificationToken).delete({\n userId,\n token,\n type: VerificationTokenType.UNLOCK\n })\n\n return true\n}\n"]}
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.makeInvitationToken =
|
|
3
|
+
exports.makeInvitationToken = makeInvitationToken;
|
|
4
4
|
const tslib_1 = require("tslib");
|
|
5
5
|
const crypto_1 = tslib_1.__importDefault(require("crypto"));
|
|
6
6
|
function makeInvitationToken() {
|
|
7
7
|
return crypto_1.default.randomBytes(16).toString('hex');
|
|
8
8
|
}
|
|
9
|
-
exports.makeInvitationToken = makeInvitationToken;
|
|
10
9
|
//# sourceMappingURL=make-invitation-token.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"make-invitation-token.js","sourceRoot":"","sources":["../../../server/controllers/utils/make-invitation-token.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"make-invitation-token.js","sourceRoot":"","sources":["../../../server/controllers/utils/make-invitation-token.ts"],"names":[],"mappings":";;AAEA,kDAEC;;AAJD,4DAA2B;AAE3B,SAAgB,mBAAmB;IACjC,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AAC/C,CAAC","sourcesContent":["import crypto from 'crypto'\n\nexport function makeInvitationToken() {\n return crypto.randomBytes(16).toString('hex')\n}\n"]}
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.makeVerificationToken =
|
|
3
|
+
exports.makeVerificationToken = makeVerificationToken;
|
|
4
4
|
const tslib_1 = require("tslib");
|
|
5
5
|
const crypto_1 = tslib_1.__importDefault(require("crypto"));
|
|
6
6
|
function makeVerificationToken() {
|
|
7
7
|
return crypto_1.default.randomBytes(16).toString('hex');
|
|
8
8
|
}
|
|
9
|
-
exports.makeVerificationToken = makeVerificationToken;
|
|
10
9
|
//# sourceMappingURL=make-verification-token.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"make-verification-token.js","sourceRoot":"","sources":["../../../server/controllers/utils/make-verification-token.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"make-verification-token.js","sourceRoot":"","sources":["../../../server/controllers/utils/make-verification-token.ts"],"names":[],"mappings":";;AACA,sDAEC;;AAHD,4DAA2B;AAC3B,SAAgB,qBAAqB;IACnC,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;AAC/C,CAAC","sourcesContent":["import crypto from 'crypto'\nexport function makeVerificationToken() {\n return crypto.randomBytes(16).toString('hex')\n}\n"]}
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.passwordPattern = void 0;
|
|
4
|
+
exports.generatePasswordPatternHelp = generatePasswordPatternHelp;
|
|
5
|
+
exports.passwordHelp = passwordHelp;
|
|
6
|
+
exports.validatePasswordByRule = validatePasswordByRule;
|
|
4
7
|
const tslib_1 = require("tslib");
|
|
5
8
|
const i18next_1 = tslib_1.__importDefault(require("i18next"));
|
|
6
9
|
const env_1 = require("@things-factory/env");
|
|
@@ -20,11 +23,11 @@ const passwordConfig = env_1.config.get('password') || {
|
|
|
20
23
|
function generatePasswordPatternRegExp({ lowerCase = true, upperCase = true, digit = true, specialCharacter = true, allowRepeat = false, useTightPattern = true, useLoosePattern = false, tightCharacterLength = 8, looseCharacterLength = 15 } = {}) {
|
|
21
24
|
var tightChecklist = useTightPattern
|
|
22
25
|
? [
|
|
23
|
-
lowerCase ? '(?=.*[a-z])' : '',
|
|
24
|
-
upperCase ? '(?=.*[A-Z])' : '',
|
|
25
|
-
digit ? '(?=.*\\d)' : '',
|
|
26
|
-
specialCharacter ? '(?=.*[!@#$%^&*()])' : '',
|
|
27
|
-
!allowRepeat ? '(?!.*(.)\\1(?=\\1{1,}))' : '',
|
|
26
|
+
lowerCase ? '(?=.*[a-z])' : '', // has at least one lower case character
|
|
27
|
+
upperCase ? '(?=.*[A-Z])' : '', // has at least one upper case character
|
|
28
|
+
digit ? '(?=.*\\d)' : '', // has at least one digit
|
|
29
|
+
specialCharacter ? '(?=.*[!@#$%^&*()])' : '', // has at least one special character
|
|
30
|
+
!allowRepeat ? '(?!.*(.)\\1(?=\\1{1,}))' : '', // has not an repeated character more than twice
|
|
28
31
|
`.{${tightCharacterLength},}` // has a length of 8 and more
|
|
29
32
|
]
|
|
30
33
|
: [];
|
|
@@ -34,7 +37,7 @@ function generatePasswordPatternRegExp({ lowerCase = true, upperCase = true, dig
|
|
|
34
37
|
]
|
|
35
38
|
: [];
|
|
36
39
|
var checkList = [
|
|
37
|
-
'^',
|
|
40
|
+
'^', // from start
|
|
38
41
|
...tightChecklist,
|
|
39
42
|
tightChecklist.length && looseChecklist.length ? '|' : '',
|
|
40
43
|
...looseChecklist,
|
|
@@ -62,12 +65,10 @@ function generatePasswordPatternHelp({ lowerCase = true, upperCase = true, digit
|
|
|
62
65
|
}
|
|
63
66
|
return descriptions.join(', ');
|
|
64
67
|
}
|
|
65
|
-
exports.generatePasswordPatternHelp = generatePasswordPatternHelp;
|
|
66
68
|
exports.passwordPattern = generatePasswordPatternRegExp(passwordConfig);
|
|
67
69
|
function passwordHelp(lng) {
|
|
68
70
|
return generatePasswordPatternHelp(passwordConfig, lng);
|
|
69
71
|
}
|
|
70
|
-
exports.passwordHelp = passwordHelp;
|
|
71
72
|
function validatePasswordByRule(password, lng) {
|
|
72
73
|
if (!exports.passwordPattern) {
|
|
73
74
|
return;
|
|
@@ -83,5 +84,4 @@ function validatePasswordByRule(password, lng) {
|
|
|
83
84
|
}
|
|
84
85
|
});
|
|
85
86
|
}
|
|
86
|
-
exports.validatePasswordByRule = validatePasswordByRule;
|
|
87
87
|
//# sourceMappingURL=password-rule.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"password-rule.js","sourceRoot":"","sources":["../../../server/controllers/utils/password-rule.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"password-rule.js","sourceRoot":"","sources":["../../../server/controllers/utils/password-rule.ts"],"names":[],"mappings":";;;AA0DA,kEAsCC;AAGD,oCAEC;AAED,wDAgBC;;AAvHD,8DAA6B;AAE7B,6CAA4C;AAE5C,2DAAyE;AACzE,wDAAmD;AAEnD,MAAM,cAAc,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI;IAC/C,SAAS,EAAE,IAAI;IACf,SAAS,EAAE,IAAI;IACf,KAAK,EAAE,IAAI;IACX,gBAAgB,EAAE,IAAI;IACtB,WAAW,EAAE,KAAK;IAClB,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,KAAK;IACtB,oBAAoB,EAAE,CAAC;IACvB,oBAAoB,EAAE,EAAE;CACzB,CAAA;AAED,SAAS,6BAA6B,CAAC,EACrC,SAAS,GAAG,IAAI,EAChB,SAAS,GAAG,IAAI,EAChB,KAAK,GAAG,IAAI,EACZ,gBAAgB,GAAG,IAAI,EACvB,WAAW,GAAG,KAAK,EACnB,eAAe,GAAG,IAAI,EACtB,eAAe,GAAG,KAAK,EACvB,oBAAoB,GAAG,CAAC,EACxB,oBAAoB,GAAG,EAAE,EAC1B,GAAG,EAAE;IACJ,IAAI,cAAc,GAAG,eAAe;QAClC,CAAC,CAAC;YACE,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,EAAE,wCAAwC;YACxE,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,EAAE,wCAAwC;YACxE,KAAK,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,yBAAyB;YACnD,gBAAgB,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,EAAE,EAAE,qCAAqC;YACnF,CAAC,WAAW,CAAC,CAAC,CAAC,yBAAyB,CAAC,CAAC,CAAC,EAAE,EAAE,gDAAgD;YAC/F,KAAK,oBAAoB,IAAI,CAAC,6BAA6B;SAC5D;QACH,CAAC,CAAC,EAAE,CAAA;IAEN,IAAI,cAAc,GAAG,eAAe;QAClC,CAAC,CAAC;YACE,KAAK,oBAAoB,IAAI,CAAC,8BAA8B;SAC7D;QACH,CAAC,CAAC,EAAE,CAAA;IAEN,IAAI,SAAS,GAAG;QACd,GAAG,EAAE,aAAa;QAClB,GAAG,cAAc;QACjB,cAAc,CAAC,MAAM,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;QACzD,GAAG,cAAc;QACjB,GAAG,CAAC,aAAa;KAClB,CAAA;IAED,OAAO,IAAI,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAA;AACvC,CAAC;AAED,SAAgB,2BAA2B,CACzC,EACE,SAAS,GAAG,IAAI,EAChB,SAAS,GAAG,IAAI,EAChB,KAAK,GAAG,IAAI,EACZ,gBAAgB,GAAG,IAAI,EACvB,WAAW,GAAG,KAAK,EACnB,eAAe,GAAG,IAAI,EACtB,eAAe,GAAG,KAAK,EACvB,oBAAoB,GAAG,CAAC,EACxB,oBAAoB,GAAG,EAAE,EAC1B,GAAG,EAAE,EACN,GAAG;IAEH,GAAG,GAAG,GAAG,IAAI,OAAO,CAAA;IACpB,IAAI,YAAY,GAAG,EAAE,CAAA;IAErB,MAAM,CAAC,GAAG,iBAAO,CAAC,SAAS,CAAC,GAAG,EAAE,cAAc,CAAC,CAAA;IAEhD,IAAI,eAAe,EAAE,CAAC;QACpB,YAAY,CAAC,IAAI,CAAC,aAAa,oBAAoB,aAAa,CAAC,CAAA;IACnE,CAAC;IAED,IAAI,eAAe,EAAE,CAAC;QACpB,CAAC,eAAe;YACd,YAAY,CAAC,IAAI,CACf,CAAC,CAAC,gCAAgC,EAAE;gBAClC,MAAM,EAAE,oBAAoB;aAC7B,CAAC,CACH,CAAA;QACH,SAAS,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC,CAAA;QACrE,SAAS,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC,CAAA;QACrE,KAAK,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,8BAA8B,CAAC,CAAC,CAAA;QAC7D,gBAAgB,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,gCAAgC,CAAC,CAAC,CAAA;QAC1E,CAAC,WAAW,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAA;IAClE,CAAC;IAED,OAAO,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AAChC,CAAC;AAEY,QAAA,eAAe,GAAG,6BAA6B,CAAC,cAAc,CAAC,CAAA;AAC5E,SAAgB,YAAY,CAAC,GAAG;IAC9B,OAAO,2BAA2B,CAAC,cAAc,EAAE,GAAG,CAAC,CAAA;AACzD,CAAC;AAED,SAAgB,sBAAsB,CAAC,QAAQ,EAAE,GAAG;IAClD,IAAI,CAAC,uBAAe,EAAE,CAAC;QACrB,OAAM;IACR,CAAC;IAED,IAAI,uBAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,OAAM;IACR,CAAC;IAED,MAAM,IAAI,GAAG,2BAA2B,CAAC,cAAc,EAAE,GAAG,CAAC,CAAA;IAC7D,MAAM,IAAI,sBAAS,CAAC;QAClB,SAAS,EAAE,yCAA4B;QACvC,MAAM,EAAE;YACN,IAAI;SACL;KACF,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import i18next from 'i18next'\n\nimport { config } from '@things-factory/env'\n\nimport { PASSWORD_PATTERN_NOT_MATCHED } from '../../constants/error-code'\nimport { AuthError } from '../../errors/auth-error'\n\nconst passwordConfig = config.get('password') || {\n lowerCase: true,\n upperCase: true,\n digit: true,\n specialCharacter: true,\n allowRepeat: false,\n useTightPattern: true,\n useLoosePattern: false,\n tightCharacterLength: 8,\n looseCharacterLength: 15\n}\n\nfunction generatePasswordPatternRegExp({\n lowerCase = true,\n upperCase = true,\n digit = true,\n specialCharacter = true,\n allowRepeat = false,\n useTightPattern = true,\n useLoosePattern = false,\n tightCharacterLength = 8,\n looseCharacterLength = 15\n} = {}) {\n var tightChecklist = useTightPattern\n ? [\n lowerCase ? '(?=.*[a-z])' : '', // has at least one lower case character\n upperCase ? '(?=.*[A-Z])' : '', // has at least one upper case character\n digit ? '(?=.*\\\\d)' : '', // has at least one digit\n specialCharacter ? '(?=.*[!@#$%^&*()])' : '', // has at least one special character\n !allowRepeat ? '(?!.*(.)\\\\1(?=\\\\1{1,}))' : '', // has not an repeated character more than twice\n `.{${tightCharacterLength},}` // has a length of 8 and more\n ]\n : []\n\n var looseChecklist = useLoosePattern\n ? [\n `.{${looseCharacterLength},}` // has a length of 15 and more\n ]\n : []\n\n var checkList = [\n '^', // from start\n ...tightChecklist,\n tightChecklist.length && looseChecklist.length ? '|' : '',\n ...looseChecklist,\n '$' //to the end\"\n ]\n\n return new RegExp(checkList.join(''))\n}\n\nexport function generatePasswordPatternHelp(\n {\n lowerCase = true,\n upperCase = true,\n digit = true,\n specialCharacter = true,\n allowRepeat = false,\n useTightPattern = true,\n useLoosePattern = false,\n tightCharacterLength = 8,\n looseCharacterLength = 15\n } = {},\n lng\n) {\n lng = lng || 'en-US'\n var descriptions = []\n\n const t = i18next.getFixedT(lng, 'translations')\n\n if (useLoosePattern) {\n descriptions.push(`more than ${looseCharacterLength} characters`)\n }\n\n if (useTightPattern) {\n !useLoosePattern &&\n descriptions.push(\n t('text.pattern_minimum_charaters', {\n length: tightCharacterLength\n })\n )\n lowerCase && descriptions.push(t('text.pattern_atleast_1_lowercase'))\n upperCase && descriptions.push(t('text.pattern_atleast_1_uppercase'))\n digit && descriptions.push(t('text.pattern_atleast_1_digit'))\n specialCharacter && descriptions.push(t('text.pattern_atleast_1_special'))\n !allowRepeat && descriptions.push(t('text.pattern_not_allowed'))\n }\n\n return descriptions.join(', ')\n}\n\nexport const passwordPattern = generatePasswordPatternRegExp(passwordConfig)\nexport function passwordHelp(lng) {\n return generatePasswordPatternHelp(passwordConfig, lng)\n}\n\nexport function validatePasswordByRule(password, lng) {\n if (!passwordPattern) {\n return\n }\n\n if (passwordPattern.test(password)) {\n return\n }\n\n const rule = generatePasswordPatternHelp(passwordConfig, lng)\n throw new AuthError({\n errorCode: PASSWORD_PATTERN_NOT_MATCHED,\n detail: {\n rule\n }\n })\n}\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.saveInvitationToken =
|
|
3
|
+
exports.saveInvitationToken = saveInvitationToken;
|
|
4
4
|
const shell_1 = require("@things-factory/shell");
|
|
5
5
|
const invitation_1 = require("../../service/invitation/invitation");
|
|
6
6
|
async function saveInvitationToken(id, token) {
|
|
@@ -9,5 +9,4 @@ async function saveInvitationToken(id, token) {
|
|
|
9
9
|
token
|
|
10
10
|
});
|
|
11
11
|
}
|
|
12
|
-
exports.saveInvitationToken = saveInvitationToken;
|
|
13
12
|
//# sourceMappingURL=save-invitation-token.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"save-invitation-token.js","sourceRoot":"","sources":["../../../server/controllers/utils/save-invitation-token.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"save-invitation-token.js","sourceRoot":"","sources":["../../../server/controllers/utils/save-invitation-token.ts"],"names":[],"mappings":";;AAIA,kDAKC;AATD,iDAAqD;AAErD,oEAAgE;AAEzD,KAAK,UAAU,mBAAmB,CAAC,EAAE,EAAE,KAAK;IACjD,OAAO,MAAM,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAC,IAAI,CAAC;QAC1C,EAAE;QACF,KAAK;KACN,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { getRepository } from '@things-factory/shell'\n\nimport { Invitation } from '../../service/invitation/invitation'\n\nexport async function saveInvitationToken(id, token) {\n return await getRepository(Invitation).save({\n id,\n token\n })\n}\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.saveVerificationToken =
|
|
3
|
+
exports.saveVerificationToken = saveVerificationToken;
|
|
4
4
|
const shell_1 = require("@things-factory/shell");
|
|
5
5
|
const verification_token_1 = require("../../service/verification-token/verification-token");
|
|
6
6
|
async function saveVerificationToken(id, token, type = verification_token_1.VerificationTokenType.ACTIVATION) {
|
|
@@ -11,5 +11,4 @@ async function saveVerificationToken(id, token, type = verification_token_1.Veri
|
|
|
11
11
|
type
|
|
12
12
|
});
|
|
13
13
|
}
|
|
14
|
-
exports.saveVerificationToken = saveVerificationToken;
|
|
15
14
|
//# sourceMappingURL=save-verification-token.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"save-verification-token.js","sourceRoot":"","sources":["../../../server/controllers/utils/save-verification-token.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"save-verification-token.js","sourceRoot":"","sources":["../../../server/controllers/utils/save-verification-token.ts"],"names":[],"mappings":";;AAIA,sDAOC;AAXD,iDAAqD;AAErD,4FAA8G;AAEvG,KAAK,UAAU,qBAAqB,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,GAAG,0CAAqB,CAAC,UAAU;IAC5F,MAAM,gBAAgB,GAAG,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAA;IACzD,OAAO,MAAM,gBAAgB,CAAC,IAAI,CAAC;QACjC,MAAM,EAAE,EAAE;QACV,KAAK;QACL,IAAI;KACL,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { getRepository } from '@things-factory/shell'\n\nimport { VerificationToken, VerificationTokenType } from '../../service/verification-token/verification-token'\n\nexport async function saveVerificationToken(id, token, type = VerificationTokenType.ACTIVATION) {\n const verificationRepo = getRepository(VerificationToken)\n return await verificationRepo.save({\n userId: id,\n token,\n type\n })\n}\n"]}
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.sendVerificationEmail = sendVerificationEmail;
|
|
4
|
+
exports.verify = verify;
|
|
5
|
+
exports.resendVerificationEmail = resendVerificationEmail;
|
|
4
6
|
const url_1 = require("url");
|
|
5
7
|
const email_base_1 = require("@things-factory/email-base");
|
|
6
8
|
const shell_1 = require("@things-factory/shell");
|
|
@@ -31,7 +33,6 @@ async function sendVerificationEmail({ user, context }) {
|
|
|
31
33
|
return false;
|
|
32
34
|
}
|
|
33
35
|
}
|
|
34
|
-
exports.sendVerificationEmail = sendVerificationEmail;
|
|
35
36
|
async function verify(token) {
|
|
36
37
|
var verification = await (0, shell_1.getRepository)(verification_token_1.VerificationToken).findOne({
|
|
37
38
|
where: {
|
|
@@ -59,7 +60,6 @@ async function verify(token) {
|
|
|
59
60
|
await (0, shell_1.getRepository)(user_1.User).save(userInfo);
|
|
60
61
|
await (0, shell_1.getRepository)(verification_token_1.VerificationToken).delete(verification);
|
|
61
62
|
}
|
|
62
|
-
exports.verify = verify;
|
|
63
63
|
async function resendVerificationEmail(email, context) {
|
|
64
64
|
var user = await (0, shell_1.getRepository)(user_1.User).findOne({
|
|
65
65
|
where: {
|
|
@@ -75,5 +75,4 @@ async function resendVerificationEmail(email, context) {
|
|
|
75
75
|
context
|
|
76
76
|
});
|
|
77
77
|
}
|
|
78
|
-
exports.resendVerificationEmail = resendVerificationEmail;
|
|
79
78
|
//# sourceMappingURL=verification.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verification.js","sourceRoot":"","sources":["../../server/controllers/verification.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"verification.js","sourceRoot":"","sources":["../../server/controllers/verification.ts"],"names":[],"mappings":";;AAYA,sDAqBC;AAED,wBA+BC;AAED,0DAcC;AAlFD,6BAAyB;AAEzB,2DAAsD;AACtD,iDAAqD;AAErD,qDAAgD;AAChD,+CAAuD;AACvD,yFAAoF;AACpF,wEAA0E;AAC1E,6EAAuE;AACvE,6EAAuE;AAEhE,KAAK,UAAU,qBAAqB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE;IAC3D,IAAI,CAAC;QACH,IAAI,KAAK,GAAG,IAAA,+CAAqB,GAAE,CAAA;QACnC,IAAI,WAAW,GAAG,MAAM,IAAA,+CAAqB,EAAC,IAAI,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;QAE7D,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,UAAU,GAAG,IAAI,SAAG,CAAC,gBAAgB,KAAK,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YACzE,MAAM,IAAA,sBAAS,EAAC;gBACd,QAAQ,EAAE,IAAI,CAAC,KAAK;gBACpB,OAAO,EAAE,mBAAmB;gBAC5B,OAAO,EAAE,IAAA,6CAAwB,EAAC;oBAChC,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,SAAS,EAAE,UAAU;iBACtB,CAAC;aACH,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,MAAM,CAAC,KAAK;IAChC,IAAI,YAAY,GAAG,MAAM,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAC,OAAO,CAAC;QAChE,KAAK,EAAE;YACL,KAAK;SACN;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,QAAQ,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC,CAAA;IAC/E,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,IAAI,iBAAU,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,IAAI,iBAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACtF,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,QAAQ,CAAC,MAAM,GAAG,iBAAU,CAAC,SAAS,CAAA;IACtC,QAAQ,CAAC,SAAS,GAAG,CAAC,CAAA;IAEtB,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACxC,MAAM,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;AAC7D,CAAC;AAEM,KAAK,UAAU,uBAAuB,CAAC,KAAK,EAAE,OAAO;IAC1D,IAAI,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC;QAC3C,KAAK,EAAE;YACL,KAAK;SACN;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAA;IACvB,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,SAAS;QAAE,OAAO,KAAK,CAAA;IAErD,OAAO,MAAM,qBAAqB,CAAC;QACjC,IAAI;QACJ,OAAO;KACR,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { URL } from 'url'\n\nimport { sendEmail } from '@things-factory/email-base'\nimport { getRepository } from '@things-factory/shell'\n\nimport { AuthError } from '../errors/auth-error'\nimport { User, UserStatus } from '../service/user/user'\nimport { VerificationToken } from '../service/verification-token/verification-token'\nimport { getVerificationEmailForm } from '../templates/verification-email'\nimport { makeVerificationToken } from './utils/make-verification-token'\nimport { saveVerificationToken } from './utils/save-verification-token'\n\nexport async function sendVerificationEmail({ user, context }) {\n try {\n var token = makeVerificationToken()\n var verifaction = await saveVerificationToken(user.id, token)\n\n if (verifaction) {\n var serviceUrl = new URL(`/auth/verify/${token}`, context.header.referer)\n await sendEmail({\n receiver: user.email,\n subject: 'Verify your email',\n content: getVerificationEmailForm({\n name: user.name,\n verifyUrl: serviceUrl\n })\n })\n\n return true\n }\n } catch (e) {\n return false\n }\n}\n\nexport async function verify(token) {\n var verification = await getRepository(VerificationToken).findOne({\n where: {\n token\n }\n })\n\n if (!verification) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.VERIFICATION_ERROR\n })\n }\n\n var userInfo = await getRepository(User).findOneBy({ id: verification.userId })\n if (!userInfo) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.VERIFICATION_ERROR\n })\n }\n\n if (!(userInfo.status == UserStatus.INACTIVE || userInfo.status == UserStatus.LOCKED)) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.VERIFICATION_ERROR\n })\n }\n\n userInfo.status = UserStatus.ACTIVATED\n userInfo.failCount = 0\n\n await getRepository(User).save(userInfo)\n await getRepository(VerificationToken).delete(verification)\n}\n\nexport async function resendVerificationEmail(email, context) {\n var user = await getRepository(User).findOne({\n where: {\n email\n }\n })\n\n if (!user) return false\n if (user.status == UserStatus.ACTIVATED) return false\n\n return await sendVerificationEmail({\n user,\n context\n })\n}\n"]}
|
package/dist-server/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../server/index.ts"],"names":[],"mappings":";;;AAAA,iDAAqD;AACrD,6DAAyD;AAEzD,oBAAiB;AAEjB,oDAAyB;AACzB,uDAA4B;AAE5B,wDAA6B;AAC7B,mDAAwB;AACxB,mDAAwB;AAExB,mEAAwC;AACxC,mEAAwC;AACxC,6DAAkC;AAClC,4EAAiD;AACjD,sEAA2C;AAC3C,gEAAqC;AACrC,mEAAwC;AAExC,mDAAwB;AAExB,kDAAuB;AAEvB,OAAO,CAAC,EAAE,CAAC,wBAA+B,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,EAAO,EAAE,EAAE;IACjF,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;IACxC,MAAM,mBAAmB,GAAG,IAAA,qBAAa,EAAC,qBAAS,CAAC,CAAA;IAEpD,KAAK,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAA8B,CAAC,EAAE;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../server/index.ts"],"names":[],"mappings":";;;AAAA,iDAAqD;AACrD,6DAAyD;AAEzD,oBAAiB;AAEjB,oDAAyB;AACzB,uDAA4B;AAE5B,wDAA6B;AAC7B,mDAAwB;AACxB,mDAAwB;AAExB,mEAAwC;AACxC,mEAAwC;AACxC,6DAAkC;AAClC,4EAAiD;AACjD,sEAA2C;AAC3C,gEAAqC;AACrC,mEAAwC;AAExC,mDAAwB;AAExB,kDAAuB;AAEvB,OAAO,CAAC,EAAE,CAAC,wBAA+B,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,EAAO,EAAE,EAAE;IACjF,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;IACxC,MAAM,mBAAmB,GAAG,IAAA,qBAAa,EAAC,qBAAS,CAAC,CAAA;IAEpD,KAAK,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAA8B,CAAC,EAAE,CAAC;QAC7E,IAAI,CAAC,IAAI,CAAC,MAAM,mBAAmB,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;YAC1E,MAAM,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;QACpD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,2EAA2E,CAAC,CAAA;AAC1F,CAAC,CAAC,CAAA","sourcesContent":["import { getRepository } from '@things-factory/shell'\nimport { Privilege } from './service/privilege/privilege'\n\nimport './routes'\n\nexport * from './service'\nexport * from './migrations'\n\nexport * from './middlewares'\nexport * from './routes'\nexport * from './router'\n\nexport * from './utils/get-domain-users'\nexport * from './utils/get-user-domains'\nexport * from './utils/get-secret'\nexport * from './utils/check-user-belongs-domain'\nexport * from './utils/access-token-cookie'\nexport * from './utils/encrypt-state'\nexport * from './utils/check-permission'\n\nexport * from './errors'\n\nexport * from './types'\n\nprocess.on('bootstrap-module-start' as any, async ({ app, config, client }: any) => {\n const privileges = process['PRIVILEGES']\n const privilegeRepository = getRepository(Privilege)\n\n for (const [category, name] of Object.values(privileges as [string, string])) {\n if (0 == (await privilegeRepository.count({ where: { category, name } }))) {\n await privilegeRepository.save({ category, name })\n }\n }\n\n console.log('[auth-base:bootstrap] Synchronization for privilege master has just done.')\n})\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.authenticate401Middleware =
|
|
3
|
+
exports.authenticate401Middleware = authenticate401Middleware;
|
|
4
4
|
const env_1 = require("@things-factory/env");
|
|
5
5
|
const error_code_1 = require("../constants/error-code");
|
|
6
6
|
const auth_error_1 = require("../errors/auth-error");
|
|
@@ -88,5 +88,4 @@ async function authenticate401Middleware(context, next) {
|
|
|
88
88
|
}
|
|
89
89
|
}
|
|
90
90
|
}
|
|
91
|
-
exports.authenticate401Middleware = authenticate401Middleware;
|
|
92
91
|
//# sourceMappingURL=authenticate-401-middleware.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authenticate-401-middleware.js","sourceRoot":"","sources":["../../server/middlewares/authenticate-401-middleware.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"authenticate-401-middleware.js","sourceRoot":"","sources":["../../server/middlewares/authenticate-401-middleware.ts"],"names":[],"mappings":";;AAUA,8DAuGC;AAjHD,6CAA4C;AAE5C,wDAA8G;AAC9G,qDAAgD;AAChD,8CAA0C;AAE1C,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AAE9C,KAAK,UAAU,yBAAyB,CAAC,OAAO,EAAE,IAAI;IAC3D,IAAI,CAAC;QACH,MAAM,IAAI,EAAE,CAAA;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,OAAO,CAAA;QAEX,IAAI,GAAG,YAAY,sBAAS,EAAE,CAAC;YAC7B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,SAAS,EAAE,EAAE,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,SAAS,CAAA;QACjG,CAAC;aAAM,CAAC;YACN,IAAI,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,MAAM,MAAK,GAAG,EAAE,CAAC;gBACxB,MAAM,GAAG,CAAA;YACX,CAAC;YAED,OAAO,GAAG,GAAG,CAAC,OAAO,CAAA;QACvB,CAAC;QAED,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;QAEtB;;;;WAIG;QAEH,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,OAAO,CAAA;QAErD,IAAI,MAAM,IAAI,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACpD,IAAI,GAAG,CAAC,SAAS,IAAI,+BAAkB,EAAE,CAAC;gBACxC,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;YACtB,CAAC;YACD,OAAM;QACR,CAAC;QAED,IAAI,CAAC,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YAClD,OAAM;QACR,CAAC;QAED,MAAM,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACrC,MAAM,EAAE,UAAU,GAAG,WAAW,IAAI,WAAW,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAA;QAE9E,QAAQ,GAAG,CAAC,SAAS,EAAE,CAAC;YACtB,KAAK,+BAAkB;gBACrB,OAAO,CAAC,QAAQ,CAAC,6BAA6B,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAA;gBAC/E,MAAK;YAEP,KAAK,wBAAW;gBACd,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,eAAe;oBAC5B,aAAa,EAAE,mBAAmB;oBAClC,IAAI,kCACC,GAAG,CAAC,MAAM,KACb,OAAO;wBACP,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS,GACV;iBACF,CAAC,CAAA;YAEJ,KAAK,+BAAkB;gBACrB,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,eAAe;oBAC5B,aAAa,EAAE,mBAAmB;oBAClC,IAAI,kCACC,GAAG,CAAC,MAAM,KACb,OAAO;wBACP,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS,GACV;iBACF,CAAC,CAAA;YAEJ,KAAK,4BAAe;gBAClB,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,aAAa;oBAC1B,aAAa,EAAE,iBAAiB;oBAChC,IAAI,kCACC,GAAG,CAAC,MAAM,KACb,OAAO;wBACP,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS,GACV;iBACF,CAAC,CAAA;YAEJ;gBACE,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,aAAa;oBAC1B,aAAa,EAAE,iBAAiB;oBAChC,IAAI,kCACC,GAAG,CAAC,MAAM,KACb,OAAO,EAAE,GAAG,YAAY,sBAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAChD,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS,GACV;iBACF,CAAC,CAAA;QACN,CAAC;IACH,CAAC;AACH,CAAC","sourcesContent":["import { config } from '@things-factory/env'\n\nimport { SUBDOMAIN_NOTFOUND, USER_DUPLICATED, USER_LOCKED, USER_NOT_ACTIVATED } from '../constants/error-code'\nimport { AuthError } from '../errors/auth-error'\nimport { accepts } from '../utils/accepts'\n\nconst disableUserSignupProcess = config.get('disableUserSignupProcess', false)\nconst disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)\nconst languages = config.get('i18n/languages', false)\n\nexport async function authenticate401Middleware(context, next) {\n try {\n await next()\n } catch (err) {\n var message\n\n if (err instanceof AuthError) {\n message = (context.t && context.t(`error.${err.errorCode}`, err.detail || {})) || err.errorCode\n } else {\n if (err?.status !== 401) {\n throw err\n }\n\n message = err.message\n }\n\n context.status = 401\n context.body = message\n\n /*\n * 클라이언트 라우팅을 위한 ApiHistoryFallback의 상황과,\n * 서버라우팅의 상황에서 발생하는 던져지는 401 에러인 경우에는\n * error code에 맞춰서 적절하게 rewriting 되도록 한다.\n */\n\n const { method, header, path, originalUrl } = context\n\n if (method == 'POST' && path.startsWith('/graphql')) {\n if (err.errorCode == SUBDOMAIN_NOTFOUND) {\n context.status = 403\n }\n return\n }\n\n if (!accepts(header.accept, ['text/html', '*/*'])) {\n return\n }\n\n const { redirect_to } = context.query\n const { redirectTo = redirect_to || originalUrl } = context.request.body || {}\n\n switch (err.errorCode) {\n case SUBDOMAIN_NOTFOUND:\n context.redirect(`/auth/checkin?redirect_to=${encodeURIComponent(redirectTo)}`)\n break\n\n case USER_LOCKED:\n return await context.render('auth-page', {\n pageElement: 'auth-activate',\n elementScript: '/auth/activate.js',\n data: {\n ...err.detail,\n message,\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n\n case USER_NOT_ACTIVATED:\n return await context.render('auth-page', {\n pageElement: 'auth-activate',\n elementScript: '/auth/activate.js',\n data: {\n ...err.detail,\n message,\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n\n case USER_DUPLICATED:\n return await context.render('auth-page', {\n pageElement: 'auth-signup',\n elementScript: '/auth/signup.js',\n data: {\n ...err.detail,\n message,\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n\n default:\n return await context.render('auth-page', {\n pageElement: 'auth-signin',\n elementScript: '/auth/signin.js',\n data: {\n ...err.detail,\n message: err instanceof AuthError ? message : '',\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n }\n}\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.domainAuthenticateMiddleware =
|
|
3
|
+
exports.domainAuthenticateMiddleware = domainAuthenticateMiddleware;
|
|
4
4
|
const env_1 = require("@things-factory/env");
|
|
5
5
|
const shell_1 = require("@things-factory/shell");
|
|
6
6
|
const auth_error_1 = require("../errors/auth-error");
|
|
@@ -57,5 +57,4 @@ async function domainAuthenticateMiddleware(context, next) {
|
|
|
57
57
|
errorCode: auth_error_1.AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND
|
|
58
58
|
});
|
|
59
59
|
}
|
|
60
|
-
exports.domainAuthenticateMiddleware = domainAuthenticateMiddleware;
|
|
61
60
|
//# sourceMappingURL=domain-authenticate-middleware.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"domain-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/domain-authenticate-middleware.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"domain-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/domain-authenticate-middleware.ts"],"names":[],"mappings":";;AAsDA,oEAuBC;AA7ED,6CAA4C;AAC5C,iDAA6D;AAE7D,qDAAgD;AAChD,+CAA2C;AAC3C,gEAA0D;AAE1D,MAAM,yBAAyB,GAAG,CAAC,CAAC,YAAM,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAA;AAC3E,MAAM,KAAK,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;AACrC,MAAM,eAAe,GAAG,YAAM,CAAC,SAAS,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAA;AAW9D,OAAO,CAAC,kBAAkB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAClF,OAAO,IAAI,IAAI,MAAM,IAAI,MAAM,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACnD,CAAC,CAAA;AAED,OAAO,CAAC,gBAAgB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAChF,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,KAAK,CAAA;IACd,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACzB,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC;YACvC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,YAAY,GAAW,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAA;IACjG,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,YAAY,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACvC,CAAC,CAAA;AAED;;;;;;;;GAQG;AAEI,KAAK,UAAU,4BAA4B,CAAC,OAAY,EAAE,IAAS;IACxE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,MAAM,SAAS,GAAW,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA;IAE3C,gCAAgC;IAChC,mBAAmB;IACnB,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,4BAA4B;IAC5B,MAAM,WAAW,GAAsB,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IACjE,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;QAChH,OAAO,MAAM,IAAI,EAAE,CAAA;IACrB,CAAC;IAED,MAAM,IAAI,sBAAS,CAAC;QAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;KACpD,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { AuthError } from '../errors/auth-error'\nimport { User } from '../service/user/user'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst useVirtualHostBasedDomain = !!config.get('useVirtualHostBasedDomain')\nconst fixed = config.get('subdomain')\nconst subdomainOffset = config.getNumber('subdomainOffset', 2)\n\ndeclare global {\n namespace NodeJS {\n interface Process {\n domainOwnerGranted: (domain: Domain, user: User) => Promise<boolean>\n superUserGranted: (domain: Domain, user: User) => Promise<boolean>\n }\n }\n}\n\nprocess.domainOwnerGranted = async (domain: Domain, user: User): Promise<boolean> => {\n return user && domain && domain.owner === user.id\n}\n\nprocess.superUserGranted = async (domain: Domain, user: User): Promise<boolean> => {\n if (!user) {\n return false\n }\n\n if (!user.domains.length) {\n user = await getRepository(User).findOne({\n where: { id: user.id },\n relations: ['domains']\n })\n }\n\n const systemDomain: Domain = user.domains.find((domain: Domain) => domain.subdomain === 'system')\n if (!systemDomain) {\n return false\n }\n\n return systemDomain.owner === user.id\n}\n\n/*\n * 현재 subdomain 과 user의 domain list와의 비교를 통해서,\n * 인증 성공 또는 인증 에러를 발생시킬 것인지를 결정한다.\n * 1. 현재 subdomain 이 결정되지 않은 경우.\n * - checkin로 이동한다.\n * 2. superUser 판단\n * 3. 현재 subdomain 이 결정된 경우.\n * - user의 domains 리스트에 해당 subdomain이 없다면, 인증 오류를 발생한다.\n */\n\nexport async function domainAuthenticateMiddleware(context: any, next: any) {\n const { t } = context\n const { domain, user } = context.state\n\n const subdomain: string = domain?.subdomain\n\n // 1. 현재 subdomain 이 결정되지 않은 경우.\n // - checkin로 이동한다.\n if (!subdomain) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n }\n\n // 2. 현재 subdomain 이 결정된 경우.\n const userDomains: Partial<Domain>[] = await getUserDomains(user)\n if (userDomains.find(domain => domain.subdomain == subdomain) || (await process.superUserGranted(domain, user))) {\n return await next()\n }\n\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n}\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.graphqlAuthenticateMiddleware =
|
|
3
|
+
exports.graphqlAuthenticateMiddleware = graphqlAuthenticateMiddleware;
|
|
4
4
|
const domain_authenticate_middleware_1 = require("./domain-authenticate-middleware");
|
|
5
5
|
const jwt_authenticate_middleware_1 = require("./jwt-authenticate-middleware");
|
|
6
6
|
async function graphqlAuthenticateMiddleware(context, next) {
|
|
@@ -11,5 +11,4 @@ async function graphqlAuthenticateMiddleware(context, next) {
|
|
|
11
11
|
}
|
|
12
12
|
await next();
|
|
13
13
|
}
|
|
14
|
-
exports.graphqlAuthenticateMiddleware = graphqlAuthenticateMiddleware;
|
|
15
14
|
//# sourceMappingURL=graphql-authenticate-middleware.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"graphql-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/graphql-authenticate-middleware.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"graphql-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/graphql-authenticate-middleware.ts"],"names":[],"mappings":";;AAGA,sEASC;AAZD,qFAA+E;AAC/E,+EAAyE;AAElE,KAAK,UAAU,6BAA6B,CAAC,OAAO,EAAE,IAAI;IAC/D,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAA;IAEhC,IAAI,MAAM,IAAI,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACpD,MAAM,IAAA,uDAAyB,EAAC,OAAO,EAAE,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;QAClD,MAAM,IAAA,6DAA4B,EAAC,OAAO,EAAE,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;IACvD,CAAC;IAED,MAAM,IAAI,EAAE,CAAA;AACd,CAAC","sourcesContent":["import { domainAuthenticateMiddleware } from './domain-authenticate-middleware'\nimport { jwtAuthenticateMiddleware } from './jwt-authenticate-middleware'\n\nexport async function graphqlAuthenticateMiddleware(context, next) {\n const { method, path } = context\n\n if (method == 'POST' && path.startsWith('/graphql')) {\n await jwtAuthenticateMiddleware(context, () => {})\n await domainAuthenticateMiddleware(context, () => {})\n }\n\n await next()\n}\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.initMiddlewares =
|
|
3
|
+
exports.initMiddlewares = initMiddlewares;
|
|
4
4
|
const tslib_1 = require("tslib");
|
|
5
5
|
const koa_session_1 = tslib_1.__importDefault(require("koa-session"));
|
|
6
6
|
const koa_passport_1 = tslib_1.__importDefault(require("koa-passport"));
|
|
@@ -43,7 +43,6 @@ function initMiddlewares(app) {
|
|
|
43
43
|
*/
|
|
44
44
|
app.use(graphql_authenticate_middleware_1.graphqlAuthenticateMiddleware);
|
|
45
45
|
}
|
|
46
|
-
exports.initMiddlewares = initMiddlewares;
|
|
47
46
|
process.on('bootstrap-module-subscription', (app, subscriptionMiddleware) => {
|
|
48
47
|
subscriptionMiddleware.push(jwt_authenticate_middleware_1.jwtAuthenticateMiddleware, domain_authenticate_middleware_1.domainAuthenticateMiddleware);
|
|
49
48
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/middlewares/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/middlewares/index.ts"],"names":[],"mappings":";;AAgBA,0CAwCC;;AAxDD,sEAAiC;AACjC,wEAAmC;AAEnC,6CAA4C;AAC5C,oDAA4C;AAE5C,+EAAyE;AACzE,qFAA+E;AAC/E,uFAAiF;AACjF,+EAAyE;AAEzE,+CAA2C;AAC3C,kDAA8C;AAE9C,MAAM,oBAAoB,GAAG,YAAM,CAAC,GAAG,CAAC,sBAAsB,EAAE,cAAc,CAAC,CAAA;AAE/E,SAAgB,eAAe,CAAC,GAAQ;IACtC,yDAAyD;IACzD,GAAG,CAAC,IAAI,GAAG,CAAC,mBAAM,CAAC,CAAA;IACnB,GAAG,CAAC,GAAG,CACL,IAAA,qBAAO,EACL;QACE,GAAG,EAAE,WAAW;QAChB,MAAM,EAAE,iBAAO;QACf,SAAS,EAAE,IAAI;QACf,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,IAAI;QACZ,OAAO,EAAE,KAAK;QACd,KAAK,EAAE,KAAK;KACb,EACD,GAAG,CACJ,CACF,CAAA;IAED,sBAAQ,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE;QACvC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;IACrB,CAAC,CAAC,CAAA;IAEF,sBAAQ,CAAC,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QAC/C,IAAI,CAAC,IAAI,EAAE,MAAM,WAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAA;IAC3C,CAAC,CAAC,CAAA;IAEF,yBAAyB;IACzB,GAAG,CAAC,GAAG,CAAC,sBAAQ,CAAC,UAAU,EAAE,CAAC,CAAA;IAE9B,kDAAkD;IAClD,GAAG,CAAC,GAAG,CAAC,sBAAQ,CAAC,OAAO,EAAE,CAAC,CAAA;IAE3B,mCAAmC;IACnC,GAAG,CAAC,GAAG,CAAC,uDAAyB,CAAC,CAAA;IAElC;;;OAGG;IACH,GAAG,CAAC,GAAG,CAAC,+DAA6B,CAAC,CAAA;AACxC,CAAC;AAED,OAAO,CAAC,EAAE,CAAC,+BAAsC,EAAE,CAAC,GAAG,EAAE,sBAAsB,EAAE,EAAE;IACjF,sBAAsB,CAAC,IAAI,CAAC,uDAAyB,EAAE,6DAA4B,CAAC,CAAA;AACtF,CAAC,CAAC,CAAA;AAEF,wEAA6C;AAC7C,2EAAgD;AAChD,8DAAmC;AACnC,gEAAqC;AACrC,wEAA6C","sourcesContent":["import session from 'koa-session'\nimport passport from 'koa-passport'\n\nimport { config } from '@things-factory/env'\nimport { SECRET } from '../utils/get-secret'\n\nimport { authenticate401Middleware } from './authenticate-401-middleware'\nimport { domainAuthenticateMiddleware } from './domain-authenticate-middleware'\nimport { graphqlAuthenticateMiddleware } from './graphql-authenticate-middleware'\nimport { jwtAuthenticateMiddleware } from './jwt-authenticate-middleware'\n\nimport { User } from '../service/user/user'\nimport { MAX_AGE } from '../constants/max-age'\n\nconst accessTokenCookieKey = config.get('accessTokenCookieKey', 'access_token')\n\nexport function initMiddlewares(app: any) {\n /* oauth2orize-koa 에서 oauth 트랜잭션 관리를 위해서 session을 사용함. */\n app.keys = [SECRET]\n app.use(\n session(\n {\n key: 'tfsession',\n maxAge: MAX_AGE,\n overwrite: true,\n httpOnly: true,\n signed: true,\n rolling: false,\n renew: false\n },\n app\n )\n )\n\n passport.serializeUser((profile, done) => {\n done(null, profile)\n })\n\n passport.deserializeUser(async (profile, done) => {\n done(null, await User.checkAuth(profile))\n })\n\n /* passport initialize */\n app.use(passport.initialize())\n\n /* passport use session - for oauth transaction */\n app.use(passport.session())\n\n /* authentication error handling */\n app.use(authenticate401Middleware)\n\n /*\n * post:graphql 에 대해서는 graphqlAuthenticationMiddleware를 적용한다.\n * graphql app을 router에 적용하지 못하기 때문임.\n */\n app.use(graphqlAuthenticateMiddleware)\n}\n\nprocess.on('bootstrap-module-subscription' as any, (app, subscriptionMiddleware) => {\n subscriptionMiddleware.push(jwtAuthenticateMiddleware, domainAuthenticateMiddleware)\n})\n\nexport * from './jwt-authenticate-middleware'\nexport * from './domain-authenticate-middleware'\nexport * from './signin-middleware'\nexport * from './webauthn-middleware'\nexport * from './authenticate-401-middleware'\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.jwtAuthenticateMiddleware =
|
|
3
|
+
exports.jwtAuthenticateMiddleware = jwtAuthenticateMiddleware;
|
|
4
4
|
const tslib_1 = require("tslib");
|
|
5
5
|
const koa_passport_1 = tslib_1.__importDefault(require("koa-passport"));
|
|
6
6
|
const passport_jwt_1 = require("passport-jwt");
|
|
@@ -73,5 +73,4 @@ async function jwtAuthenticateMiddleware(context, next) {
|
|
|
73
73
|
}
|
|
74
74
|
})(context, next);
|
|
75
75
|
}
|
|
76
|
-
exports.jwtAuthenticateMiddleware = jwtAuthenticateMiddleware;
|
|
77
76
|
//# sourceMappingURL=jwt-authenticate-middleware.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/jwt-authenticate-middleware.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jwt-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/jwt-authenticate-middleware.ts"],"names":[],"mappings":";;AA0CA,8DAyCC;;AAnFD,wEAAmC;AACnC,+CAAkE;AAElE,6CAA4C;AAE5C,0FAAoF;AACpF,0FAAoF;AACpF,+CAAuD;AACvD,yFAAwF;AACxF,sEAAiH;AACjH,oDAA4C;AAE5C,MAAM,mBAAmB,GAAG,YAAM,CAAC,GAAG,CAAC,sBAAsB,EAAE,OAAO,CAAC,CAAA;AAEvE,sBAAQ,CAAC,GAAG,CACV,IAAI,uBAAW,CACb;IACE,WAAW,EAAE,mBAAM;IACnB,iBAAiB,EAAE,IAAI;IACvB,cAAc,EAAE,yBAAU,CAAC,cAAc,CAAC;QACxC,yBAAU,CAAC,2BAA2B,EAAE;QACxC,yBAAU,CAAC,UAAU,CAAC,eAAe,CAAC;QACtC,yBAAU,CAAC,UAAU,CAAC,gBAAgB,CAAC;QACvC,yBAAU,CAAC,qBAAqB,CAAC,cAAc,CAAC;QAChD,yBAAU,CAAC,aAAa,CAAC,cAAc,CAAC;QACxC,GAAG,CAAC,EAAE;YACJ,IAAI,KAAK,GAAG,IAAI,CAAA;YAChB,KAAK,GAAG,IAAA,0CAAoB,EAAC,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,GAAG,CAAC,CAAA;YACtC,OAAO,KAAK,CAAA;QACd,CAAC;KACF,CAAC;CACH,EACD,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/B,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;IAC5B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,CAAC,KAAK,CAAC,CAAA;IACpB,CAAC;AACH,CAAC,CACF,CACF,CAAA;AAEM,KAAK,UAAU,yBAAyB,CAAC,OAAO,EAAE,IAAI;IAC3D,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAA;IACxB,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,MAAM,IAAI,EAAE,CAAA;IACrB,CAAC;IAED,OAAO,MAAM,sBAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QACzF,IAAI,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,IAAI,IAAI,CAAC,CAAA;YAE7C,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;YAE/B,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,CAAA;QAC/B,CAAC;aAAM,CAAC;YACN,MAAM,UAAU,GAAG,MAAM,WAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;YAEhD,IAAI,UAAU,CAAC,MAAM,KAAK,iBAAU,CAAC,kBAAkB,EAAE,CAAC;gBACxD,IAAI,CAAC;oBACH,MAAM,KAAK,GAAG,IAAA,+CAAqB,GAAE,CAAA;oBACrC,MAAM,IAAA,+CAAqB,EAAC,UAAU,CAAC,EAAE,EAAE,KAAK,EAAE,0CAAqB,CAAC,cAAc,CAAC,CAAA;oBACvF,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;oBAC/B,OAAO,CAAC,QAAQ,CAAC,8BAA8B,KAAK,EAAE,CAAC,CAAA;gBACzD,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,GAAG,CAAA;gBACX,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,UAAU,CAAA;gBAC/B,OAAO,CAAC,KAAK,CAAC,YAAY,GAAG,OAAO,CAAA;gBAEpC,IAAI,mBAAmB,IAAI,SAAS,EAAE,CAAC;oBACrC,6FAA6F;oBAE7F,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,IAAI,EAAE,CAAA;oBACrC,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;gBACtC,CAAC;gBAED,MAAM,IAAI,EAAE,CAAA;YACd,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACnB,CAAC","sourcesContent":["import passport from 'koa-passport'\nimport { ExtractJwt, Strategy as JWTstrategy } from 'passport-jwt'\n\nimport { config } from '@things-factory/env'\n\nimport { makeVerificationToken } from '../controllers/utils/make-verification-token'\nimport { saveVerificationToken } from '../controllers/utils/save-verification-token'\nimport { User, UserStatus } from '../service/user/user'\nimport { VerificationTokenType } from '../service/verification-token/verification-token'\nimport { clearAccessTokenCookie, getAccessTokenCookie, setAccessTokenCookie } from '../utils/access-token-cookie'\nimport { SECRET } from '../utils/get-secret'\n\nconst sessionExpiryPolicy = config.get('session/expiryPolicy', 'fixed')\n\npassport.use(\n new JWTstrategy(\n {\n secretOrKey: SECRET,\n passReqToCallback: true,\n jwtFromRequest: ExtractJwt.fromExtractors([\n ExtractJwt.fromAuthHeaderAsBearerToken(),\n ExtractJwt.fromHeader('authorization'),\n ExtractJwt.fromHeader('x-access-token'),\n ExtractJwt.fromUrlQueryParameter('access_token'),\n ExtractJwt.fromBodyField('access_token'),\n req => {\n var token = null\n token = getAccessTokenCookie(req?.ctx)\n return token\n }\n ])\n },\n async (request, decoded, done) => {\n try {\n return done(null, decoded)\n } catch (error) {\n return done(error)\n }\n }\n )\n)\n\nexport async function jwtAuthenticateMiddleware(context, next) {\n const { path } = context\n const { user } = context.state\n if (user) {\n return await next()\n }\n\n return await passport.authenticate('jwt', { session: false }, async (err, decoded, info) => {\n if (err || !decoded) {\n const e = (context.state.error = err || info)\n\n clearAccessTokenCookie(context)\n\n context.throw(401, e.message)\n } else {\n const userEntity = await User.checkAuth(decoded)\n\n if (userEntity.status === UserStatus.PWD_RESET_REQUIRED) {\n try {\n const token = makeVerificationToken()\n await saveVerificationToken(userEntity.id, token, VerificationTokenType.PASSWORD_RESET)\n clearAccessTokenCookie(context)\n context.redirect(`/auth/reset-password?token=${token}`)\n } catch (e) {\n throw err\n }\n } else {\n context.state.user = userEntity\n context.state.decodedToken = decoded\n\n if (sessionExpiryPolicy == 'rolling') {\n /* To renew the expiry time on each request, a token is issued and the session is updated. */\n\n const token = await userEntity.sign()\n setAccessTokenCookie(context, token)\n }\n\n await next()\n }\n }\n })(context, next)\n}\n"]}
|