npm - @things-factory/auth-base - Versions diffs - 8.0.0-alpha.29 → 8.0.0-alpha.35 - Mend

@things-factory/auth-base 8.0.0-alpha.29 → 8.0.0-alpha.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (85) hide show

package/dist-client/tsconfig.tsbuildinfo +1 -1
package/dist-server/constants/error-code.d.ts +2 -0
package/dist-server/constants/error-code.js +3 -1
package/dist-server/constants/error-code.js.map +1 -1
package/dist-server/controllers/change-pwd.js +2 -2
package/dist-server/controllers/change-pwd.js.map +1 -1
package/dist-server/controllers/delete-user.js +13 -12
package/dist-server/controllers/delete-user.js.map +1 -1
package/dist-server/controllers/invitation.d.ts +2 -1
package/dist-server/controllers/invitation.js +30 -5
package/dist-server/controllers/invitation.js.map +1 -1
package/dist-server/controllers/profile.d.ts +4 -3
package/dist-server/controllers/profile.js +20 -2
package/dist-server/controllers/profile.js.map +1 -1
package/dist-server/controllers/signin.d.ts +4 -1
package/dist-server/controllers/signin.js +17 -1
package/dist-server/controllers/signin.js.map +1 -1
package/dist-server/controllers/signup.js +13 -4
package/dist-server/controllers/signup.js.map +1 -1
package/dist-server/controllers/unlock-user.js +1 -0
package/dist-server/controllers/unlock-user.js.map +1 -1
package/dist-server/controllers/verification.js +1 -0
package/dist-server/controllers/verification.js.map +1 -1
package/dist-server/middlewares/signin-middleware.js +3 -3
package/dist-server/middlewares/signin-middleware.js.map +1 -1
package/dist-server/migrations/1548206416130-SeedUser.js +2 -1
package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
package/dist-server/router/auth-checkin-router.js +8 -2
package/dist-server/router/auth-checkin-router.js.map +1 -1
package/dist-server/router/auth-private-process-router.js +12 -7
package/dist-server/router/auth-private-process-router.js.map +1 -1
package/dist-server/router/auth-public-process-router.js +14 -5
package/dist-server/router/auth-public-process-router.js.map +1 -1
package/dist-server/router/auth-signin-router.js +3 -3
package/dist-server/router/auth-signin-router.js.map +1 -1
package/dist-server/service/invitation/invitation-mutation.d.ts +3 -2
package/dist-server/service/invitation/invitation-mutation.js +20 -8
package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
package/dist-server/service/user/user-mutation.d.ts +3 -2
package/dist-server/service/user/user-mutation.js +21 -12
package/dist-server/service/user/user-mutation.js.map +1 -1
package/dist-server/service/user/user-types.d.ts +1 -0
package/dist-server/service/user/user-types.js +4 -0
package/dist-server/service/user/user-types.js.map +1 -1
package/dist-server/service/user/user.d.ts +1 -0
package/dist-server/service/user/user.js +40 -14
package/dist-server/service/user/user.js.map +1 -1
package/dist-server/templates/account-unlock-email.d.ts +2 -1
package/dist-server/templates/account-unlock-email.js +1 -1
package/dist-server/templates/account-unlock-email.js.map +1 -1
package/dist-server/templates/invitation-email.d.ts +2 -1
package/dist-server/templates/invitation-email.js +1 -1
package/dist-server/templates/invitation-email.js.map +1 -1
package/dist-server/templates/verification-email.d.ts +2 -1
package/dist-server/templates/verification-email.js +1 -1
package/dist-server/templates/verification-email.js.map +1 -1
package/dist-server/tsconfig.tsbuildinfo +1 -1
package/package.json +2 -2
package/server/constants/error-code.ts +2 -0
package/server/controllers/change-pwd.ts +3 -2
package/server/controllers/delete-user.ts +16 -13
package/server/controllers/invitation.ts +36 -5
package/server/controllers/profile.ts +29 -2
package/server/controllers/signin.ts +21 -2
package/server/controllers/signup.ts +16 -4
package/server/controllers/unlock-user.ts +1 -0
package/server/controllers/verification.ts +1 -0
package/server/middlewares/signin-middleware.ts +3 -3
package/server/migrations/1548206416130-SeedUser.ts +2 -1
package/server/router/auth-checkin-router.ts +11 -5
package/server/router/auth-private-process-router.ts +14 -7
package/server/router/auth-public-process-router.ts +16 -5
package/server/router/auth-signin-router.ts +3 -3
package/server/service/invitation/invitation-mutation.ts +24 -9
package/server/service/user/user-mutation.ts +21 -10
package/server/service/user/user-types.ts +3 -0
package/server/service/user/user.ts +41 -14
package/server/templates/account-unlock-email.ts +1 -1
package/server/templates/invitation-email.ts +1 -1
package/server/templates/verification-email.ts +1 -1
package/translations/en.json +4 -1
package/translations/ja.json +4 -1
package/translations/ko.json +5 -3
package/translations/ms.json +4 -1
package/translations/zh.json +4 -1

package/server/service/user/user-mutation.ts CHANGED Viewed

@@ -10,6 +10,7 @@ import { buildDomainUsersQueryBuilder } from '../../utils/get-domain-users'
 import { Role } from '../role/role'
 import { User, UserStatus } from './user'
 import { NewUser, UserPatch } from './user-types'
+import { USERNAME_ALREADY_EXISTS, EMAIL_ALREADY_EXISTS } from '../../constants/error-code'
 @Resolver(User)
 export class UserMutation {
@@ -19,17 +20,27 @@ export class UserMutation {
   async createUser(@Arg('user') user: NewUser, @Ctx() context: ResolverContext) {
     const { domain, tx } = context.state
     const { defaultPassword } = config.get('password')
-    const { email } = user
+    const { username, email } = user
+    const userRepository = getRepository(User, tx)
+    user.username = username.trim()
     user.email = email.trim()
-    const oldUser: User = await getRepository(User, tx).findOne({ where: { email: ILike(user.email) } })
-    if (oldUser) {
-      throw new Error(context.t('error.x already exists in y', { x: context.t('field.user'), y: 'operato' }))
+    if (await userRepository.findOne({ where: { username: user.username } })) {
+      throw new Error(context.t(USERNAME_ALREADY_EXISTS))
+    }
+    if (await userRepository.findOne({ where: { email: ILike(user.email) } })) {
+      throw new Error(context.t(EMAIL_ALREADY_EXISTS))
     }
     if (!user.password && !defaultPassword) {
-      throw new Error(context.t('error.initial password or default password should be supported'))
+      throw new Error('initial password or default password should be supported.')
+    }
+    // TODO username은 다음 패턴을 따라야 한다. pattern="^[A-Za-z0-9]*$"
+    if (!/^[A-Za-z0-9]*$/.test(user.username)) {
+      throw new Error(context.t('error.invalid x', { x: context.t('field.username') }))
     }
     // consider if validation password rule is required
@@ -38,7 +49,7 @@ export class UserMutation {
     const salt = User.generateSalt()
-    return await getRepository(User, tx).save({
+    return await userRepository.save({
       creator: context.state.user,
       updater: context.state.user,
       ...user,
@@ -185,10 +196,10 @@ export class UserMutation {
   @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
   @Directive('@transaction')
   @Mutation(returns => Boolean, { description: 'To delete a user' })
-  async deleteUser(@Arg('email', type => GraphQLEmailAddress) email: string, @Ctx() context: ResolverContext) {
+  async deleteUser(@Arg('username') username: string, @Ctx() context: ResolverContext) {
     const { tx } = context.state
-    await commonDeleteUser({ email }, tx)
+    await commonDeleteUser({ username }, tx)
     return true
   }
@@ -196,9 +207,9 @@ export class UserMutation {
   @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
   @Directive('@transaction')
   @Mutation(returns => Boolean, { description: 'To delete some users' })
-  async deleteUsers(@Arg('emails', type => [String]) emails: string[], @Ctx() context: ResolverContext) {
+  async deleteUsers(@Arg('usernames', type => [String]) usernames: string[], @Ctx() context: ResolverContext) {
     const { tx } = context.state
-    await commonDeleteUsers({ emails }, tx)
+    await commonDeleteUsers({ usernames }, tx)
     return true
   }

package/server/service/user/user-types.ts CHANGED Viewed

@@ -35,6 +35,9 @@ export class PasswordRule {
 @InputType()
 export class NewUser {
+  @Field()
+  username: string
   @Field()
   name: string

package/server/service/user/user.ts CHANGED Viewed

@@ -6,6 +6,7 @@ import {
   Column,
   CreateDateColumn,
   Entity,
+  ILike,
   Index,
   JoinTable,
   ManyToMany,
@@ -43,13 +44,23 @@ export enum UserStatus {
 }
 @Entity()
-@Index('ix_user_0', (user: User) => [user.email], { unique: true })
+@Index('ix_user_0', (user: User) => [user.email], {
+  unique: true
+})
+@Index('ix_user_1', (user: User) => [user.username], {
+  unique: true,
+  where: '"username" IS NOT NULL'
+})
 @ObjectType()
 export class User {
   @PrimaryGeneratedColumn('uuid')
   @Field(type => ID)
   readonly id: string
+  @Column({ nullable: true })
+  @Field({ nullable: true })
+  username: string
   @Column()
   @Field({ nullable: true })
   name: string
@@ -165,15 +176,10 @@ export class User {
   /* signing for jsonwebtoken */
   async sign(options?) {
-    var { expiresIn = sessionExpirySeconds, subdomain } = options || {}
+    var { expiresIn = sessionExpirySeconds } = options || {}
     var user = {
-      id: this.id,
-      userType: this.userType,
-      status: this.status,
-      domain: {
-        subdomain
-      }
+      username: this.username || this.email
     }
     return await jwt.sign(user, SECRET, {
@@ -262,18 +268,39 @@ export class User {
   }
   static async checkAuth(decoded) {
-    if (decoded?.id === undefined) {
+    // id 는 하위호환성을 위해 단기적으로 유지함
+    const { id, username } = decoded || {}
+    if (!id && !username) {
       throw new AuthError({
         errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND
       })
     }
     const repository = getRepository(User)
-    var user = await repository.findOne({
-      where: { id: decoded.id },
-      relations: ['domains', 'credentials'],
-      cache: true
-    })
+    if (id) {
+      var user = await repository.findOne({
+        where: { id },
+        relations: ['domains', 'credentials'],
+        cache: true
+      })
+    } else {
+      var user = await repository.findOne({
+        where: { username },
+        relations: ['domains', 'credentials'],
+        cache: true
+      })
+      if (!user && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
+        user = await repository.findOne({
+          where: {
+            email: ILike(username)
+          },
+          relations: ['domains', 'credentials'],
+          cache: true
+        })
+      }
+    }
     if (!user)
       throw new AuthError({

package/server/templates/account-unlock-email.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-export function getUnlockUserEmailForm({ name, resetUrl }) {
+export function getUnlockUserEmailForm({ username, name, resetUrl }) {
   return `
   <html lang="en">
     <head>

package/server/templates/invitation-email.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-export function getInvitationEmailForm({ email, acceptUrl }) {
+export function getInvitationEmailForm({ username, email, acceptUrl }) {
   return `
   <html lang="en">
     <head>

package/server/templates/verification-email.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-export function getVerificationEmailForm({ name, verifyUrl }) {
+export function getVerificationEmailForm({ username, name, verifyUrl }) {
   return `
   <html lang="en">
     <head>

package/translations/en.json CHANGED Viewed

@@ -4,6 +4,7 @@
   "error.confirm password not matched": "new password and confirm password is not matched",
   "error.domain mismatch": "certificate is not for this domain",
   "error.domain not allowed": "user not allowed domain `{subdomain}`",
+  "error.email already exists": "email already used by another user",
   "error.failed to find x": "failed to find {x}",
   "error.password should be supported": "initial password or default password should be supported",
   "error.password should match the rule": "password should match following rule. ${rule}",
@@ -11,13 +12,15 @@
   "error.subdomain not found": "domain not found",
   "error.token or password is invalid": "token or password is invalid",
   "error.unavailable-domain": "unavailable domain",
+  "error.user credential not found": "user credential not found. You need to register device to use biometric authentication.",
   "error.user credential registeration failed": "user credential registration failed. It may be an already registered credential.",
   "error.user credential registration not allowed": "user credential registration failed. The registration timed out or was not allowed.",
-  "error.user duplicated": "user duplicated",
+  "error.user duplicated.": "there is a user account using same email or user ID.",
   "error.user not activated": "user is not activated",
   "error.user not found": "user not found",
   "error.user or verification token not found": "user or verification token not found",
   "error.user validation failed": "user validation failed",
+  "error.username already exists": "username already used by another user",
   "error.x is not a member of y": "{x} is not a member of {y}",
   "field.active": "active",
   "field.appliance_id": "appliance id",

package/translations/ja.json CHANGED Viewed

@@ -4,6 +4,7 @@
   "error.confirm password not matched": "新しいパスワードと確認パスワードが一致しません.",
   "error.domain mismatch": "証明書のドメインと現在のドメインが一致しません.",
   "error.domain not allowed": "'{subdomain}' 領域はこのユーザに許可されていません.",
+  "error.email already exists": "メールはすでに他のユーザーによって使用されています.",
   "error.failed to find x": "{x}が見つかりません.",
   "error.password should be supported": "初期パスワードまたはデフォルトパスワードがサポートされるべきです",
   "error.password should match the rule": "パスワードは次の規則を守らなければなりません. {rule}",
@@ -11,13 +12,15 @@
   "error.subdomain not found": "サブドメインが見つかりません.",
   "error.token or password is invalid": "トークンまたはパスワードが無効です.",
   "error.unavailable-domain": "使用できないドメインです.",
+  "error.user credential not found": "ユーザー資格情報が見つかりません. 生体認証を使用するにはデバイスを登録する必要があります.",
   "error.user credential registeration failed": "ユーザー資格情報の登録に失敗しました。既に登録されている資格情報の可能性があります。",
   "error.user credential registration not allowed": "ユーザー資格情報の登録に失敗しました。登録のタイムアウトまたは登録が許可されていません。",
-  "error.user duplicated": "同じメールで登録されたアカウントが存在します.",
+  "error.user duplicated.": "ユーザーが重複しています.",
   "error.user not activated": "ユーザーがアクティブ化されていません.",
   "error.user not found": "ユーザーが存在しません.",
   "error.user or verification token not found": "ユーザーまたは確認トークンが見つかりません.",
   "error.user validation failed": "ユーザー確認に失敗しました.",
+  "error.username already exists": "ユーザー名はすでに他のユーザーによって使用されています.",
   "error.x is not a member of y": "{x}は{y}のメンバーではありません.",
   "field.active": "アクティブ",
   "field.appliance_id": "器具ID",

package/translations/ko.json CHANGED Viewed

@@ -4,6 +4,7 @@
   "error.confirm password not matched": "새 비밀번호와 확인 비밀번호가 일치하지 않습니다.",
   "error.domain mismatch": "인증서의 도메인과 현재 도메인이 일치하지 않습니다.",
   "error.domain not allowed": "'{subdomain}' 영역은 이 사용자에게 허가되지 않았습니다.",
+  "error.email already exists": "이메일이 이미 사용되고 있습니다.",
   "error.failed to find x": "{x}을(를) 찾을 수 없습니다.",
   "error.password should be supported": "초기 비밀번호나 디폴트 비밀번호가 제공되어야 합니다.",
   "error.password should match the rule": "비밀번호는 다음 규칙을 지켜야 합니다. {rule}",
@@ -12,13 +13,14 @@
   "error.token or password is invalid": "토큰 또는 비밀번호가 유효하지 않습니다.",
   "error.unavailable-domain": "사용할 수 없는 도메인입니다.",
   "error.user credential not found": "사용자 자격 증명을 찾을 수 없습니다. 바이오메트릭 인증을 사용하기 위해서는 먼저 기기를 등록해야 합니다.",
-  "error.user duplicated": "동일한 이메일로 가입된 계정이 이미 존재합니다.",
+  "error.user credential registeration failed": "사용자 인증서 등록이 실패하였습니다. 이미 등록된 인증서일 수 있습니다.",
+  "error.user credential registration not allowed": "사용자 인증서 등록이 실패하였습니다. 등록 시간이 초과되었거나 등록이 허용되지 않았습니다.",
+  "error.user duplicated": "동일한 이메일이나 사용자아이디로 가입된 계정이 이미 존재합니다.",
   "error.user not activated": "사용자가 활성화되지 않았습니다.",
   "error.user not found": "사용자가 존재하지 않습니다.",
   "error.user or verification token not found": "사용자 또는 확인토큰을 찾을 수 없습니다.",
-  "error.user credential registeration failed": "사용자 인증서 등록이 실패하였습니다. 이미 등록된 인증서일 수 있습니다.",
-  "error.user credential registration not allowed": "사용자 인증서 등록이 실패하였습니다. 등록 시간이 초과되었거나 등록이 허용되지 않았습니다.",
   "error.user validation failed": "사용자 확인에 실패하였습니다.",
+  "error.username already exists": "사용자 아이디가 이미 사용되고 있습니다.",
   "error.x is not a member of y": "{x}은(는) {y}의 멤버가 아닙니다.",
   "field.active": "활성화",
   "field.appliance_id": "기구 아이디",

package/translations/ms.json CHANGED Viewed

@@ -4,6 +4,7 @@
   "error.confirm password not matched": "Kata laluan baru dan pengesahan kata laluan tidak sepadan",
   "error.domain mismatch": "Sijil tidak sesuai untuk domain ini",
   "error.domain not allowed": "Pengguna tidak dibenarkan domain `{subdomain}`",
+  "error.email already exists": "Emel telah digunakan oleh pengguna lain",
   "error.failed to find x": "Gagal mencari {x}",
   "error.password should be supported": "kata laluan awal atau kata laluan lalai harus disokong",
   "error.password should match the rule": "Kata laluan harus mematuhi peraturan berikut. ${rule}",
@@ -11,13 +12,15 @@
   "error.subdomain not found": "Domain tidak ditemui",
   "error.token or password is invalid": "Token atau kata laluan tidak sah",
   "error.unavailable-domain": "Domain tidak tersedia",
+  "error.user credential not found": "kelayakan pengguna tidak ditemui. Anda perlu mendaftarkan peranti untuk menggunakan pengesahan biometrik.",
   "error.user credential registeration failed": "pendaftaran kelayakan pengguna gagal. Mungkin kelayakan tersebut sudah didaftarkan.",
   "error.user credential registration not allowed": "pendaftaran kelayakan pengguna gagal. Masa pendaftaran telah tamat atau pendaftaran tidak dibenarkan.",
-  "error.user duplicated": "Emel telah digunakan oleh akaun lain",
+  "error.user duplicated": "terdapat akaun pengguna yang menggunakan e-mel atau ID pengguna yang sama.",
   "error.user not activated": "Pengguna tidak diaktifkan",
   "error.user not found": "Pengguna tidak ditemui",
   "error.user or verification token not found": "Pengguna atau token pengesahan tidak ditemui",
   "error.user validation failed": "Validasi pengguna gagal",
+  "error.username already exists": "Nama pengguna telah digunakan oleh pengguna lain",
   "error.x is not a member of y": "{x} bukan ahli {y}",
   "field.active": "Aktif",
   "field.appliance_id": "Perkakas",

package/translations/zh.json CHANGED Viewed

@@ -5,6 +5,7 @@
   "error.confirm password not matched": "新密码与确认密码不匹配！",
   "error.domain mismatch": "证书不适用于该域！",
   "error.domain not allowed": "用户无权限使用`{subdomain}`域！",
+  "error.email already exists": "电子邮件已被其他用户使用！",
   "error.failed to find x": "查询{x}失败！",
   "error.password should be supported": "应支持初始密码或默认密码",
   "error.password should match the rule": "密码应符合以下规则。${rule}",
@@ -12,13 +13,15 @@
   "error.subdomain not found": "用户域查询失败！",
   "error.token or password is invalid": "令牌或密码无效！",
   "error.unavailable-domain": "不可用的域名",
+  "error.user credential not found": "用户凭证未找到。您需要注册设备以使用生物识别认证。",
   "error.user credential registeration failed": "用户凭证注册失败。可能是已注册的凭证。",
   "error.user credential registration not allowed": "用户凭证注册失败。注册超时或注册不被允许。",
-  "error.user duplicated": "有一个用户帐户使用相同的电子邮件",
+  "error.user duplicated": "存在一个用户帐户使用相同的电子邮件或用户ID。",
   "error.user not activated": "用户未激活！",
   "error.user not found": "找不到用户",
   "error.user or verification token not found": "找不到用户或验证令牌。",
   "error.user validation failed": "用户验证失败！",
+  "error.username already exists": "用户名已被其他用户使用",
   "error.x is not a member of y": "{x}不是{y}的成员",
   "field.active": "激活",
   "field.appliance_id": "终端机ID",