@things-factory/auth-base 8.0.0-beta.8 → 8.0.0

package/dist-server/router/auth-public-process-router.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth-public-process-router.js","sourceRoot":"","sources":["../../server/router/auth-public-process-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAC/B,qCAA+B;AAE/B,6CAA4C;AAC5C,iDAAsE;AAEtE,0DAAiE;AACjE,kEAAqF;AACrF,4DAAuD;AACvD,8DAA6E;AAC7E,+CAA2C;AAC3C,8CAA0C;AAC1C,sEAAqE;AAErE,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AACrD,MAAM,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI;IAC7C,SAAS,EAAE,IAAI;IACf,SAAS,EAAE,IAAI;IACf,KAAK,EAAE,IAAI;IACX,gBAAgB,EAAE,IAAI;IACtB,WAAW,EAAE,KAAK;IAClB,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,KAAK;IACtB,oBAAoB,EAAE,CAAC;IACvB,oBAAoB,EAAE,EAAE;CACzB,CAAA;AAEY,QAAA,uBAAuB,GAAG,IAAI,oBAAM,CAAC;IAChD,MAAM,EAAE,OAAO;CAChB,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5D,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAA;IAE/C,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IAEtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,IAAI,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAC9B,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC,EAAE;YACjC,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,CAAC,QAAQ,CAAC,yBAAyB,QAAQ,EAAE,CAAC,CAAA;IACvD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,QAAQ,CAAC,yBAAyB,QAAQ,EAAE,CAAC,CAAA;IACvD,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC9D,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;IAE/B,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,2BAA2B,CAAC,CAAA;IAE7C,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,OAAO,CAAC,QAAQ,CAAC,IAAA,uBAAe,EAAC,OAAO,CAAC,CAAC,CAAA;IAC5C,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,iBAAiB;QAC9B,aAAa,EAAE,0BAA0B;QACzC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACrE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,gBAAgB;QAC7B,aAAa,EAAE,yBAAyB;QACxC,IAAI,EAAE;YACJ,KAAK;YACL,YAAY;YACZ,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAClE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,aAAa;QAC1B,aAAa,EAAE,sBAAsB;QACrC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAEhC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,eAAe;QAC5B,aAAa,EAAE,mBAAmB;QAClC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACpE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,IAAI,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAA;IAEhC,MAAM,IAAA,qBAAM,EAAC,KAAK,CAAC,CAAA;IAEnB,IAAI,OAAO,GAAG,CAAC,CAAC,kCAAkC,CAAC,CAAA;IAEnD,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IAEtB,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,aAAa;YAC1B,aAAa,EAAE,iBAAiB;YAChC,IAAI,EAAE;gBACJ,OAAO;gBACP,wBAAwB;gBACxB,0BAA0B;gBAC1B,SAAS;aACV;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACjF,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEtC,IAAI,OAAO,GAAG,MAAM,IAAA,sCAAuB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAA;IAC3D,IAAI,OAAO,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;IAE/C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IACxB,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/E,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEvD,IAAI,OAAO,GAAG,MAAM,IAAA,kCAAqB,EACvC;QACE,KAAK;QACL,SAAS;QACT,IAAI;KACL,EACD,OAAO,CACR,CAAA;IAED,IAAI,OAAO,GAAG,CAAC,CAAC,4BAA4B,CAAC,CAAA;IAE7C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IACxB,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACvE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEtC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,EAAE,CAAA;IAEzB,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE;YACL,KAAK;SACN;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,MAAM,IAAA,uCAAsB,EAAC;QAC3C,IAAI;QACJ,OAAO;KACR,CAAC,CAAA;IAEF,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,gCAAgC,CAAC,CAAA;IACpD,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEhD,IAAI,CAAC;QACH,IAAI,CAAC,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,CAAC;YACzB,IAAI,OAAO,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;YAErD,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;YACpB,OAAO,CAAC,IAAI,GAAG;gBACb,OAAO;aACR,CAAA;YAED,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;gBACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBAChC,WAAW,EAAE,gBAAgB;oBAC7B,aAAa,EAAE,yBAAyB;oBACxC,IAAI,EAAE;wBACJ,KAAK;wBACL,OAAO;wBACP,YAAY;wBACZ,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS;qBACV;iBACF,CAAC,CAAA;YACJ,CAAC;YAED,OAAM;QACR,CAAC;QAED,MAAM,IAAA,8BAAa,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAA;QAE7C,IAAI,OAAO,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;QACrD,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;QAEtB,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;QAE/B,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,aAAa;gBAC1B,aAAa,EAAE,iBAAiB;gBAChC,IAAI,EAAE;oBACJ,OAAO;oBACP,wBAAwB;oBACxB,0BAA0B;oBAC1B,SAAS;iBACV;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,OAAO,CAAA;QAExB,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,gBAAgB;gBAC7B,aAAa,EAAE,yBAAyB;gBACxC,IAAI,EAAE;oBACJ,KAAK;oBACL,OAAO,EAAE,CAAC,CAAC,OAAO;oBAClB,YAAY;oBACZ,wBAAwB;oBACxB,0BAA0B;oBAC1B,SAAS;iBACV;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACnE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEhD,IAAI,CAAC,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;QAEtD,OAAM;IACR,CAAC;IAED,IAAI,OAAO,GAAG,MAAM,IAAA,wBAAU,EAAC,KAAK,EAAE,QAAQ,CAAC,CAAA;IAE/C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;QAE/C,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;IACjC,CAAC;IAED,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,aAAa;YAC1B,aAAa,EAAE,iBAAiB;YAChC,IAAI,EAAE;gBACJ,OAAO,EAAE,CAAC,CAAC,6BAA6B,CAAC;gBACzC,wBAAwB;gBACxB,0BAA0B;gBAC1B,SAAS;aACV;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA","sourcesContent":["import Router from 'koa-router'\nimport { ILike } from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { getRepository, getSiteRootPath } from '@things-factory/shell'\n\nimport { resendInvitationEmail } from '../controllers/invitation'\nimport { resetPassword, sendPasswordResetEmail } from '../controllers/reset-password'\nimport { unlockUser } from '../controllers/unlock-user'\nimport { resendVerificationEmail, verify } from '../controllers/verification'\nimport { User } from '../service/user/user'\nimport { accepts } from '../utils/accepts'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie'\n\nconst disableUserSignupProcess = config.get('disableUserSignupProcess', false)\nconst disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)\nconst languages = config.get('i18n/languages', false)\nconst passwordRule = config.get('password') || {\n  lowerCase: true,\n  upperCase: true,\n  digit: true,\n  specialCharacter: true,\n  allowRepeat: false,\n  useTightPattern: true,\n  useLoosePattern: false,\n  tightCharacterLength: 8,\n  looseCharacterLength: 15\n}\n\nexport const authPublicProcessRouter = new Router({\n  prefix: '/auth'\n})\n\nauthPublicProcessRouter.post('/join', async (context, next) => {\n  const { username } = context.request.body || {}\n\n  const repository = getRepository(User)\n\n  var user = await repository.findOne({\n    where: { username },\n    relations: ['domains']\n  })\n\n  if (!user && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n    user = await repository.findOne({\n      where: { email: ILike(username) },\n      relations: ['domains']\n    })\n  }\n\n  if (user) {\n    context.redirect(`/auth/signin?username=${username}`)\n  } else {\n    context.redirect(`/auth/signup?username=${username}`)\n  }\n})\n\nauthPublicProcessRouter.all('/signout', async (context, next) => {\n  const { header, t } = context\n  clearAccessTokenCookie(context)\n\n  context.body = t('text.signout successfully')\n\n  if (accepts(header.accept, ['text/html', '*/*'])) {\n    context.redirect(getSiteRootPath(context))\n  }\n})\n\nauthPublicProcessRouter.get('/forgot-password', async (context, next) => {\n  const { email } = context.request.query\n\n  await context.render('auth-page', {\n    pageElement: 'forgot-password',\n    elementScript: '/auth/forgot-password.js',\n    data: {\n      email,\n      disableUserSignupProcess,\n      disableUserFavoredLanguage,\n      languages\n    }\n  })\n})\n\nauthPublicProcessRouter.get('/reset-password', async (context, next) => {\n  const { token } = context.request.query\n\n  await context.render('auth-page', {\n    pageElement: 'reset-password',\n    elementScript: '/auth/reset-password.js',\n    data: {\n      token,\n      passwordRule,\n      disableUserSignupProcess,\n      disableUserFavoredLanguage,\n      languages\n    }\n  })\n})\n\nauthPublicProcessRouter.get('/unlock-user', async (context, next) => {\n  const { token } = context.request.query\n\n  await context.render('auth-page', {\n    pageElement: 'unlock-user',\n    elementScript: '/auth/unlock-user.js',\n    data: {\n      token,\n      disableUserSignupProcess,\n      disableUserFavoredLanguage,\n      languages\n    }\n  })\n})\n\nauthPublicProcessRouter.get('/activate/:email', async (context, next) => {\n  const { email } = context.params\n\n  await context.render('auth-page', {\n    pageElement: 'auth-activate',\n    elementScript: '/auth/activate.js',\n    data: {\n      email,\n      disableUserSignupProcess,\n      disableUserFavoredLanguage,\n      languages\n    }\n  })\n})\n\nauthPublicProcessRouter.get('/verify/:token', async (context, next) => {\n  const { header, t } = context\n  var token = context.params.token\n\n  await verify(token)\n\n  var message = t('text.user activated successfully')\n\n  context.body = message\n\n  if (accepts(header.accept, ['text/html', '*/*'])) {\n    await context.render('auth-page', {\n      pageElement: 'auth-result',\n      elementScript: '/auth/result.js',\n      data: {\n        message,\n        disableUserSignupProcess,\n        disableUserFavoredLanguage,\n        languages\n      }\n    })\n  }\n})\n\nauthPublicProcessRouter.post('/resend-verification-email', async (context, next) => {\n  const { t } = context\n  const { email } = context.request.body\n\n  var succeed = await resendVerificationEmail(email, context)\n  var message = t('text.verification email sent')\n\n  if (succeed) {\n    context.status = 200\n    context.body = message\n  }\n})\n\nauthPublicProcessRouter.post('/resend-invitation-email', async (context, next) => {\n  const { t } = context\n  const { email, reference, type } = context.request.body\n\n  var succeed = await resendInvitationEmail(\n    {\n      email,\n      reference,\n      type\n    },\n    context\n  )\n\n  var message = t('text.invitation email sent')\n\n  if (succeed) {\n    context.status = 200\n    context.body = message\n  }\n})\n\nauthPublicProcessRouter.post('/forgot-password', async (context, next) => {\n  const { t } = context\n  const { email } = context.request.body\n\n  if (!email) return next()\n\n  const userRepo = getRepository(User)\n  const user = await userRepo.findOne({\n    where: {\n      email\n    }\n  })\n\n  const succeed = await sendPasswordResetEmail({\n    user,\n    context\n  })\n\n  if (succeed) {\n    context.status = 200\n    context.body = t('text.password reset email sent')\n  }\n})\n\nauthPublicProcessRouter.post('/reset-password', async (context, next) => {\n  const { header, t } = context\n  const { password, token } = context.request.body\n\n  try {\n    if (!(token && password)) {\n      let message = t('error.token or password is invalid')\n\n      context.status = 404\n      context.body = {\n        message\n      }\n\n      if (accepts(header.accept, ['text/html', '*/*'])) {\n        await context.render('auth-page', {\n          pageElement: 'reset-password',\n          elementScript: '/auth/reset-password.js',\n          data: {\n            token,\n            message,\n            passwordRule,\n            disableUserSignupProcess,\n            disableUserFavoredLanguage,\n            languages\n          }\n        })\n      }\n\n      return\n    }\n\n    await resetPassword(token, password, context)\n\n    var message = t('text.password changed successfully')\n    context.body = message\n\n    clearAccessTokenCookie(context)\n\n    if (accepts(header.accept, ['text/html', '*/*'])) {\n      await context.render('auth-page', {\n        pageElement: 'auth-result',\n        elementScript: '/auth/result.js',\n        data: {\n          message,\n          disableUserSignupProcess,\n          disableUserFavoredLanguage,\n          languages\n        }\n      })\n    }\n  } catch (e) {\n    context.status = 404\n    context.body = e.message\n\n    if (accepts(header.accept, ['text/html', '*/*'])) {\n      await context.render('auth-page', {\n        pageElement: 'reset-password',\n        elementScript: '/auth/reset-password.js',\n        data: {\n          token,\n          message: e.message,\n          passwordRule,\n          disableUserSignupProcess,\n          disableUserFavoredLanguage,\n          languages\n        }\n      })\n    }\n  }\n})\n\nauthPublicProcessRouter.post('/unlock-user', async (context, next) => {\n  const { header, t } = context\n  const { password, token } = context.request.body\n\n  if (!(token || password)) {\n    context.status = 404\n    context.body = t('error.token or password is invalid')\n\n    return\n  }\n\n  var succeed = await unlockUser(token, password)\n\n  if (succeed) {\n    context.body = t('text.password reset succeed')\n\n    clearAccessTokenCookie(context)\n  }\n\n  if (accepts(header.accept, ['text/html', '*/*'])) {\n    await context.render('auth-page', {\n      pageElement: 'auth-result',\n      elementScript: '/auth/result.js',\n      data: {\n        message: t('text.account is reactivated'),\n        disableUserSignupProcess,\n        disableUserFavoredLanguage,\n        languages\n      }\n    })\n  }\n})\n"]}
+{"version":3,"file":"auth-public-process-router.js","sourceRoot":"","sources":["../../server/router/auth-public-process-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAAsE;AAEtE,0DAAiE;AACjE,kEAAqF;AACrF,4DAAuD;AACvD,8DAA6E;AAC7E,+CAA2C;AAC3C,8CAA0C;AAC1C,sEAAqE;AAErE,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AACrD,MAAM,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI;IAC7C,SAAS,EAAE,IAAI;IACf,SAAS,EAAE,IAAI;IACf,KAAK,EAAE,IAAI;IACX,gBAAgB,EAAE,IAAI;IACtB,WAAW,EAAE,KAAK;IAClB,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,KAAK;IACtB,oBAAoB,EAAE,CAAC;IACvB,oBAAoB,EAAE,EAAE;CACzB,CAAA;AAEY,QAAA,uBAAuB,GAAG,IAAI,oBAAM,CAAC;IAChD,MAAM,EAAE,OAAO;CAChB,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5D,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAA;IAE5C,MAAM,IAAI,GAAS,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC;QACrD,KAAK;KACN,CAAC,CAAA;IAEF,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,CAAC,QAAQ,CAAC,sBAAsB,KAAK,EAAE,CAAC,CAAA;IACjD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,QAAQ,CAAC,sBAAsB,KAAK,EAAE,CAAC,CAAA;IACjD,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC9D,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;IAE/B,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,2BAA2B,CAAC,CAAA;IAE7C,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,OAAO,CAAC,QAAQ,CAAC,IAAA,uBAAe,EAAC,OAAO,CAAC,CAAC,CAAA;IAC5C,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,iBAAiB;QAC9B,aAAa,EAAE,0BAA0B;QACzC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACrE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,gBAAgB;QAC7B,aAAa,EAAE,yBAAyB;QACxC,IAAI,EAAE;YACJ,KAAK;YACL,YAAY;YACZ,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAClE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,aAAa;QAC1B,aAAa,EAAE,sBAAsB;QACrC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAEhC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,eAAe;QAC5B,aAAa,EAAE,mBAAmB;QAClC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACpE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,IAAI,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAA;IAEhC,MAAM,IAAA,qBAAM,EAAC,KAAK,CAAC,CAAA;IAEnB,IAAI,OAAO,GAAG,CAAC,CAAC,kCAAkC,CAAC,CAAA;IAEnD,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IAEtB,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,aAAa;YAC1B,aAAa,EAAE,iBAAiB;YAChC,IAAI,EAAE;gBACJ,OAAO;gBACP,wBAAwB;gBACxB,0BAA0B;gBAC1B,SAAS;aACV;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACjF,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEtC,IAAI,OAAO,GAAG,MAAM,IAAA,sCAAuB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAA;IAC3D,IAAI,OAAO,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;IAE/C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IACxB,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/E,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEvD,IAAI,OAAO,GAAG,MAAM,IAAA,kCAAqB,EACvC;QACE,KAAK;QACL,SAAS;QACT,IAAI;KACL,EACD,OAAO,CACR,CAAA;IAED,IAAI,OAAO,GAAG,CAAC,CAAC,4BAA4B,CAAC,CAAA;IAE7C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IACxB,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACvE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEtC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,EAAE,CAAA;IAEzB,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE;YACL,KAAK;SACN;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,MAAM,IAAA,uCAAsB,EAAC;QAC3C,IAAI;QACJ,OAAO;KACR,CAAC,CAAA;IAEF,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,gCAAgC,CAAC,CAAA;IACpD,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAE7B,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;QAEhD,IAAI,CAAC,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,CAAC;YACzB,IAAI,OAAO,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;YAErD,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;YACpB,OAAO,CAAC,IAAI,GAAG;gBACb,OAAO;aACR,CAAA;YAED,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;gBACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBAChC,WAAW,EAAE,gBAAgB;oBAC7B,aAAa,EAAE,yBAAyB;oBACxC,IAAI,EAAE;wBACJ,KAAK;wBACL,OAAO;wBACP,YAAY;wBACZ,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS;qBACV;iBACF,CAAC,CAAA;YACJ,CAAC;YAED,OAAM;QACR,CAAC;QAED,MAAM,IAAA,8BAAa,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAA;QAE7C,IAAI,OAAO,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;QAC9C,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;QAEtB,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;QAE/B,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,aAAa;gBAC1B,aAAa,EAAE,iBAAiB;gBAChC,IAAI,EAAE;oBACJ,OAAO;oBACP,wBAAwB;oBACxB,0BAA0B;oBAC1B,SAAS;iBACV;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,OAAO,CAAA;QAExB,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,aAAa;gBAC1B,aAAa,EAAE,iBAAiB;gBAChC,IAAI,EAAE;oBACJ,OAAO,EAAE,CAAC,CAAC,OAAO;oBAClB,wBAAwB;oBACxB,0BAA0B;oBAC1B,SAAS;iBACV;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACnE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEhD,IAAI,CAAC,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;QAEtD,OAAM;IACR,CAAC;IAED,IAAI,OAAO,GAAG,MAAM,IAAA,wBAAU,EAAC,KAAK,EAAE,QAAQ,CAAC,CAAA;IAE/C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;QAE/C,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;IACjC,CAAC;IAED,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,aAAa;YAC1B,aAAa,EAAE,iBAAiB;YAChC,IAAI,EAAE;gBACJ,OAAO,EAAE,CAAC,CAAC,6BAA6B,CAAC;gBACzC,wBAAwB;gBACxB,0BAA0B;gBAC1B,SAAS;aACV;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { getRepository, getSiteRootPath } from '@things-factory/shell'\n\nimport { resendInvitationEmail } from '../controllers/invitation'\nimport { resetPassword, sendPasswordResetEmail } from '../controllers/reset-password'\nimport { unlockUser } from '../controllers/unlock-user'\nimport { resendVerificationEmail, verify } from '../controllers/verification'\nimport { User } from '../service/user/user'\nimport { accepts } from '../utils/accepts'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie'\n\nconst disableUserSignupProcess = config.get('disableUserSignupProcess', false)\nconst disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)\nconst languages = config.get('i18n/languages', false)\nconst passwordRule = config.get('password') || {\n  lowerCase: true,\n  upperCase: true,\n  digit: true,\n  specialCharacter: true,\n  allowRepeat: false,\n  useTightPattern: true,\n  useLoosePattern: false,\n  tightCharacterLength: 8,\n  looseCharacterLength: 15\n}\n\nexport const authPublicProcessRouter = new Router({\n  prefix: '/auth'\n})\n\nauthPublicProcessRouter.post('/join', async (context, next) => {\n  const { email } = context.request.body || {}\n\n  const user: User = await getRepository(User).findOneBy({\n    email\n  })\n\n  if (user) {\n    context.redirect(`/auth/signin?email=${email}`)\n  } else {\n    context.redirect(`/auth/signup?email=${email}`)\n  }\n})\n\nauthPublicProcessRouter.all('/signout', async (context, next) => {\n  const { header, t } = context\n  clearAccessTokenCookie(context)\n\n  context.body = t('text.signout successfully')\n\n  if (accepts(header.accept, ['text/html', '*/*'])) {\n    context.redirect(getSiteRootPath(context))\n  }\n})\n\nauthPublicProcessRouter.get('/forgot-password', async (context, next) => {\n  const { email } = context.request.query\n\n  await context.render('auth-page', {\n    pageElement: 'forgot-password',\n    elementScript: '/auth/forgot-password.js',\n    data: {\n      email,\n      disableUserSignupProcess,\n      disableUserFavoredLanguage,\n      languages\n    }\n  })\n})\n\nauthPublicProcessRouter.get('/reset-password', async (context, next) => {\n  const { token } = context.request.query\n\n  await context.render('auth-page', {\n    pageElement: 'reset-password',\n    elementScript: '/auth/reset-password.js',\n    data: {\n      token,\n      passwordRule,\n      disableUserSignupProcess,\n      disableUserFavoredLanguage,\n      languages\n    }\n  })\n})\n\nauthPublicProcessRouter.get('/unlock-user', async (context, next) => {\n  const { token } = context.request.query\n\n  await context.render('auth-page', {\n    pageElement: 'unlock-user',\n    elementScript: '/auth/unlock-user.js',\n    data: {\n      token,\n      disableUserSignupProcess,\n      disableUserFavoredLanguage,\n      languages\n    }\n  })\n})\n\nauthPublicProcessRouter.get('/activate/:email', async (context, next) => {\n  const { email } = context.params\n\n  await context.render('auth-page', {\n    pageElement: 'auth-activate',\n    elementScript: '/auth/activate.js',\n    data: {\n      email,\n      disableUserSignupProcess,\n      disableUserFavoredLanguage,\n      languages\n    }\n  })\n})\n\nauthPublicProcessRouter.get('/verify/:token', async (context, next) => {\n  const { header, t } = context\n  var token = context.params.token\n\n  await verify(token)\n\n  var message = t('text.user activated successfully')\n\n  context.body = message\n\n  if (accepts(header.accept, ['text/html', '*/*'])) {\n    await context.render('auth-page', {\n      pageElement: 'auth-result',\n      elementScript: '/auth/result.js',\n      data: {\n        message,\n        disableUserSignupProcess,\n        disableUserFavoredLanguage,\n        languages\n      }\n    })\n  }\n})\n\nauthPublicProcessRouter.post('/resend-verification-email', async (context, next) => {\n  const { t } = context\n  const { email } = context.request.body\n\n  var succeed = await resendVerificationEmail(email, context)\n  var message = t('text.verification email sent')\n\n  if (succeed) {\n    context.status = 200\n    context.body = message\n  }\n})\n\nauthPublicProcessRouter.post('/resend-invitation-email', async (context, next) => {\n  const { t } = context\n  const { email, reference, type } = context.request.body\n\n  var succeed = await resendInvitationEmail(\n    {\n      email,\n      reference,\n      type\n    },\n    context\n  )\n\n  var message = t('text.invitation email sent')\n\n  if (succeed) {\n    context.status = 200\n    context.body = message\n  }\n})\n\nauthPublicProcessRouter.post('/forgot-password', async (context, next) => {\n  const { t } = context\n  const { email } = context.request.body\n\n  if (!email) return next()\n\n  const userRepo = getRepository(User)\n  const user = await userRepo.findOne({\n    where: {\n      email\n    }\n  })\n\n  const succeed = await sendPasswordResetEmail({\n    user,\n    context\n  })\n\n  if (succeed) {\n    context.status = 200\n    context.body = t('text.password reset email sent')\n  }\n})\n\nauthPublicProcessRouter.post('/reset-password', async (context, next) => {\n  const { header, t } = context\n\n  try {\n    const { password, token } = context.request.body\n\n    if (!(token && password)) {\n      let message = t('error.token or password is invalid')\n\n      context.status = 404\n      context.body = {\n        message\n      }\n\n      if (accepts(header.accept, ['text/html', '*/*'])) {\n        await context.render('auth-page', {\n          pageElement: 'reset-password',\n          elementScript: '/auth/reset-password.js',\n          data: {\n            token,\n            message,\n            passwordRule,\n            disableUserSignupProcess,\n            disableUserFavoredLanguage,\n            languages\n          }\n        })\n      }\n\n      return\n    }\n\n    await resetPassword(token, password, context)\n\n    var message = t('text.password reset succeed')\n    context.body = message\n\n    clearAccessTokenCookie(context)\n\n    if (accepts(header.accept, ['text/html', '*/*'])) {\n      await context.render('auth-page', {\n        pageElement: 'auth-result',\n        elementScript: '/auth/result.js',\n        data: {\n          message,\n          disableUserSignupProcess,\n          disableUserFavoredLanguage,\n          languages\n        }\n      })\n    }\n  } catch (e) {\n    context.status = 404\n    context.body = e.message\n\n    if (accepts(header.accept, ['text/html', '*/*'])) {\n      await context.render('auth-page', {\n        pageElement: 'auth-result',\n        elementScript: '/auth/result.js',\n        data: {\n          message: e.message,\n          disableUserSignupProcess,\n          disableUserFavoredLanguage,\n          languages\n        }\n      })\n    }\n  }\n})\n\nauthPublicProcessRouter.post('/unlock-user', async (context, next) => {\n  const { header, t } = context\n  const { password, token } = context.request.body\n\n  if (!(token || password)) {\n    context.status = 404\n    context.body = t('error.token or password is invalid')\n\n    return\n  }\n\n  var succeed = await unlockUser(token, password)\n\n  if (succeed) {\n    context.body = t('text.password reset succeed')\n\n    clearAccessTokenCookie(context)\n  }\n\n  if (accepts(header.accept, ['text/html', '*/*'])) {\n    await context.render('auth-page', {\n      pageElement: 'auth-result',\n      elementScript: '/auth/result.js',\n      data: {\n        message: t('text.account is reactivated'),\n        disableUserSignupProcess,\n        disableUserFavoredLanguage,\n        languages\n      }\n    })\n  }\n})\n"]}

package/dist-server/router/auth-signin-router.js

@@ -18,12 +18,12 @@ const SSOLinks = Object.values(SSOConfig)
 });
 exports.authSigninRouter = new koa_router_1.default();
 exports.authSigninRouter.get('/auth/signin', async (context, next) => {
-    const { redirect_to, username } = context.query;
+    const { redirect_to, email } = context.query;
     await context.render('auth-page', {
         pageElement: 'auth-signin',
         elementScript: '/auth/signin.js',
         data: {
-            username,
+            email,
             redirectTo: redirect_to,
             ssoLinks: SSOLinks,
             disableUserSignupProcess,
@@ -34,7 +34,7 @@ exports.authSigninRouter.get('/auth/signin', async (context, next) => {
 });
 exports.authSigninRouter.post('/auth/signin', middlewares_1.signinMiddleware, async (context, next) => {
     const { request, t } = context;
-    const { token, domain } = context.state;
+    const { token, user, domain } = context.state;
     const { body: reqBody, header } = request;
     if (!(0, accepts_1.accepts)(header.accept, ['text/html', '*/*'])) {
         context.body = token;

package/dist-server/router/auth-signin-router.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth-signin-router.js","sourceRoot":"","sources":["../../server/router/auth-signin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,gDAAiD;AACjD,8CAA0C;AAC1C,sEAAmE;AAEnE,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AAErD,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,KAAK,EAAE,EAAS,CAAC,CAAA;AAC9C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC;KACtC,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC;KAC1C,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;IACvB,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAA;AACxB,CAAC,CAAC,CAAA;AAES,QAAA,gBAAgB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE5C,wBAAgB,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC3D,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAE/C,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,aAAa;QAC1B,aAAa,EAAE,iBAAiB;QAChC,IAAI,EAAE;YACJ,QAAQ;YACR,UAAU,EAAE,WAAW;YACvB,QAAQ,EAAE,QAAQ;YAClB,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,wBAAgB,CAAC,IAAI,CAAC,cAAc,EAAE,8BAAgB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC9E,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IACvC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAEzC,IAAI,CAAC,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QAClD,OAAO,CAAC,IAAI,GAAG,KAAK,CAAA;QACpB,OAAM;IACR,CAAC;IAED,IAAI,UAAU,GAAG,gBAAgB,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,kBAAkB,CACrG,OAAO,CAAC,UAAU,IAAI,GAAG,CAC1B,EAAE,CAAA;IAEH,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAEpC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;AAC9B,CAAC,CAAC,CAAA","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { signinMiddleware } from '../middlewares'\nimport { accepts } from '../utils/accepts'\nimport { setAccessTokenCookie } from '../utils/access-token-cookie'\n\nconst disableUserSignupProcess = config.get('disableUserSignupProcess', false)\nconst disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)\nconst languages = config.get('i18n/languages', false)\n\nconst SSOConfig = config.get('sso', {} as any)\nconst SSOLinks = Object.values(SSOConfig)\n  .filter(({ link, title }) => link && title)\n  .map(({ link, title }) => {\n    return { link, title }\n  })\n\nexport const authSigninRouter = new Router()\n\nauthSigninRouter.get('/auth/signin', async (context, next) => {\n  const { redirect_to, username } = context.query\n\n  await context.render('auth-page', {\n    pageElement: 'auth-signin',\n    elementScript: '/auth/signin.js',\n    data: {\n      username,\n      redirectTo: redirect_to,\n      ssoLinks: SSOLinks,\n      disableUserSignupProcess,\n      disableUserFavoredLanguage,\n      languages\n    }\n  })\n})\n\nauthSigninRouter.post('/auth/signin', signinMiddleware, async (context, next) => {\n  const { request, t } = context\n  const { token, domain } = context.state\n  const { body: reqBody, header } = request\n\n  if (!accepts(header.accept, ['text/html', '*/*'])) {\n    context.body = token\n    return\n  }\n\n  var redirectTo = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(\n    reqBody.redirectTo || '/'\n  )}`\n\n  setAccessTokenCookie(context, token)\n\n  context.redirect(redirectTo)\n})\n"]}
+{"version":3,"file":"auth-signin-router.js","sourceRoot":"","sources":["../../server/router/auth-signin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,gDAAiD;AACjD,8CAA0C;AAC1C,sEAAmE;AAEnE,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AAErD,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,KAAK,EAAE,EAAS,CAAC,CAAA;AAC9C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC;KACtC,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC;KAC1C,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;IACvB,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAA;AACxB,CAAC,CAAC,CAAA;AAES,QAAA,gBAAgB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE5C,wBAAgB,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC3D,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAE5C,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,aAAa;QAC1B,aAAa,EAAE,iBAAiB;QAChC,IAAI,EAAE;YACJ,KAAK;YACL,UAAU,EAAE,WAAW;YACvB,QAAQ,EAAE,QAAQ;YAClB,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,wBAAgB,CAAC,IAAI,CAAC,cAAc,EAAE,8BAAgB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC9E,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC7C,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAEzC,IAAI,CAAC,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QAClD,OAAO,CAAC,IAAI,GAAG,KAAK,CAAA;QACpB,OAAM;IACR,CAAC;IAED,IAAI,UAAU,GAAG,gBAAgB,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,kBAAkB,CACrG,OAAO,CAAC,UAAU,IAAI,GAAG,CAC1B,EAAE,CAAA;IAEH,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAEpC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;AAC9B,CAAC,CAAC,CAAA","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { signinMiddleware } from '../middlewares'\nimport { accepts } from '../utils/accepts'\nimport { setAccessTokenCookie } from '../utils/access-token-cookie'\n\nconst disableUserSignupProcess = config.get('disableUserSignupProcess', false)\nconst disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)\nconst languages = config.get('i18n/languages', false)\n\nconst SSOConfig = config.get('sso', {} as any)\nconst SSOLinks = Object.values(SSOConfig)\n  .filter(({ link, title }) => link && title)\n  .map(({ link, title }) => {\n    return { link, title }\n  })\n\nexport const authSigninRouter = new Router()\n\nauthSigninRouter.get('/auth/signin', async (context, next) => {\n  const { redirect_to, email } = context.query\n\n  await context.render('auth-page', {\n    pageElement: 'auth-signin',\n    elementScript: '/auth/signin.js',\n    data: {\n      email,\n      redirectTo: redirect_to,\n      ssoLinks: SSOLinks,\n      disableUserSignupProcess,\n      disableUserFavoredLanguage,\n      languages\n    }\n  })\n})\n\nauthSigninRouter.post('/auth/signin', signinMiddleware, async (context, next) => {\n  const { request, t } = context\n  const { token, user, domain } = context.state\n  const { body: reqBody, header } = request\n\n  if (!accepts(header.accept, ['text/html', '*/*'])) {\n    context.body = token\n    return\n  }\n\n  var redirectTo = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(\n    reqBody.redirectTo || '/'\n  )}`\n\n  setAccessTokenCookie(context, token)\n\n  context.redirect(redirectTo)\n})\n"]}

package/dist-server/router/webauthn-router.js

@@ -12,53 +12,6 @@ const webauthn_middleware_1 = require("../middlewares/webauthn-middleware");
 exports.webAuthnGlobalPublicRouter = new koa_router_1.default();
 exports.webAuthnGlobalPrivateRouter = new koa_router_1.default();
 const { name: rpName } = env_1.appPackage;
-// Generate authentication challenge for the currently logged-in user
-exports.webAuthnGlobalPrivateRouter.get('/auth/verify-webauthn/challenge', async (context, next) => {
-    const { user } = context.state;
-    const rpID = context.hostname;
-    if (!user) {
-        context.status = 401;
-        context.body = { error: 'User not authenticated' };
-        return;
-    }
-    const webAuthCredentials = await (0, shell_1.getRepository)(web_auth_credential_1.WebAuthCredential).find({
-        where: { user: { id: user.id } }
-    });
-    if (webAuthCredentials.length === 0) {
-        context.status = 400;
-        context.body = { error: 'No biometric credentials registered for this user' };
-        return;
-    }
-    const options = await (0, server_1.generateAuthenticationOptions)({
-        rpID,
-        userVerification: 'preferred',
-        allowCredentials: webAuthCredentials.map(credential => ({
-            id: credential.credentialId,
-            type: 'public-key'
-        }))
-    });
-    context.session.challenge = options.challenge;
-    context.body = options;
-});
-// Verify biometric authentication
-exports.webAuthnGlobalPrivateRouter.post('/auth/verify-webauthn', 
-/* reuse webauthn-login as webauthn-verify strategy */
-(0, webauthn_middleware_1.createWebAuthnMiddleware)('webauthn-login'), async (context, next) => {
-    const { user } = context.state;
-    const { request } = context;
-    const { body: reqBody } = request;
-    if (!user) {
-        context.status = 401;
-        context.body = { verified: false, message: 'User not authenticated' };
-        return;
-    }
-    context.body = {
-        verified: true,
-        message: 'Biometric authentication successful'
-    };
-    await next();
-});
-// Generate registration challenge for the currently logged-in user
 exports.webAuthnGlobalPrivateRouter.get('/auth/register-webauthn/challenge', async (context, next) => {
     const { user } = context.state;
     const rpID = context.hostname;
@@ -92,9 +45,7 @@ exports.webAuthnGlobalPrivateRouter.get('/auth/register-webauthn/challenge', asy
     context.session.challenge = options.challenge;
     context.body = options;
 });
-// Verify registration
 exports.webAuthnGlobalPrivateRouter.post('/auth/verify-registration', (0, webauthn_middleware_1.createWebAuthnMiddleware)('webauthn-register'));
-// Generate sign-in challenge
 exports.webAuthnGlobalPublicRouter.get('/auth/signin-webauthn/challenge', async (context, next) => {
     const rpID = context.hostname;
     const options = await (0, server_1.generateAuthenticationOptions)({
@@ -104,7 +55,6 @@ exports.webAuthnGlobalPublicRouter.get('/auth/signin-webauthn/challenge', async
     context.session.challenge = options.challenge;
     context.body = options;
 });
-// Sign in with biometric authentication
 exports.webAuthnGlobalPublicRouter.post('/auth/signin-webauthn', (0, webauthn_middleware_1.createWebAuthnMiddleware)('webauthn-login'), async (context, next) => {
     const { domain, user } = context.state;
     const { request } = context;
@@ -112,7 +62,7 @@ exports.webAuthnGlobalPublicRouter.post('/auth/signin-webauthn', (0, webauthn_mi
     const token = await user.sign({ subdomain: domain === null || domain === void 0 ? void 0 : domain.subdomain });
     (0, access_token_cookie_1.setAccessTokenCookie)(context, token);
     var redirectURL = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(reqBody.redirectTo || '/')}`;
-    /* Due to the two-step interaction, it will be processed by fetch(...) in the browser, so it cannot be handled with a redirect(3xx) response. Therefore, respond with redirectURL as data. */
+    /* 2단계 인터렉션 때문에 브라우저에서 fetch(...)로 진행될 것이므로, redirect(3xx) 응답으로 처리할 수 없다. 따라서, 데이타로 redirectURL를 응답한다. */
     context.body = { redirectURL, verified: true };
     await next();
 });

package/dist-server/router/webauthn-router.js.map

@@ -1 +1 @@
-{"version":3,"file":"webauthn-router.js","sourceRoot":"","sources":["../../server/router/webauthn-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAC/B,iDAAqD;AACrD,6CAAgD;AAEhD,mDAAmG;AAEnG,4FAAsF;AAEtF,sEAAmE;AACnE,4EAA6E;AAEhE,QAAA,0BAA0B,GAAG,IAAI,oBAAM,EAAE,CAAA;AACzC,QAAA,2BAA2B,GAAG,IAAI,oBAAM,EAAE,CAAA;AAEvD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,gBAAiB,CAAA;AAE1C,qEAAqE;AACrE,mCAA2B,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzF,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAA;IAE7B,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAA;QAClD,OAAM;IACR,CAAC;IAED,MAAM,kBAAkB,GAAG,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,IAAI,CAAC;QACrE,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE;KACjC,CAAC,CAAA;IAEF,IAAI,kBAAkB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpC,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,EAAE,KAAK,EAAE,mDAAmD,EAAE,CAAA;QAC7E,OAAM;IACR,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,IAAA,sCAA6B,EAAC;QAClD,IAAI;QACJ,gBAAgB,EAAE,WAAW;QAC7B,gBAAgB,EAAE,kBAAkB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;YACtD,EAAE,EAAE,UAAU,CAAC,YAAY;YAC3B,IAAI,EAAE,YAAY;SACnB,CAAC,CAAC;KACJ,CAAC,CAAA;IAEF,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAC7C,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,kCAAkC;AAClC,mCAA2B,CAAC,IAAI,CAC9B,uBAAuB;AACvB,sDAAsD;AACtD,IAAA,8CAAwB,EAAC,gBAAgB,CAAC,EAC1C,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtB,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC3B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAEjC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAA;QACrE,OAAM;IACR,CAAC;IAED,OAAO,CAAC,IAAI,GAAG;QACb,QAAQ,EAAE,IAAI;QACd,OAAO,EAAE,qCAAqC;KAC/C,CAAA;IAED,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,CACF,CAAA;AAED,mEAAmE;AACnE,mCAA2B,CAAC,GAAG,CAAC,mCAAmC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC3F,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAA;IAE7B,MAAM,kBAAkB,GAAG,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,IAAI,CAAC;QACrE,KAAK,EAAE;YACL,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;SACtB;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GAA2C,MAAM,IAAA,oCAA2B,EAAC;QACxF,MAAM;QACN,IAAI;QACJ,QAAQ,EAAE,IAAI,CAAC,KAAK;QACpB,eAAe,EAAE,IAAI,CAAC,IAAI;QAC1B,wEAAwE;QACxE,gCAAgC;QAChC,eAAe,EAAE,MAAM;QACvB,4DAA4D;QAC5D,kBAAkB,EAAE,kBAAkB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;YACxD,EAAE,EAAE,UAAU,CAAC,YAAY;YAC3B,WAAW;YACX,oCAAoC;SACrC,CAAC,CAAC;QACH,sBAAsB,EAAE;YACtB,WAAW;YACX,WAAW,EAAE,WAAW;YACxB,gBAAgB,EAAE,WAAW;YAC7B,WAAW;YACX,uBAAuB,EAAE,UAAU;SACpC;KACF,CAAC,CAAA;IAEF,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAC7C,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,sBAAsB;AACtB,mCAA2B,CAAC,IAAI,CAAC,2BAA2B,EAAE,IAAA,8CAAwB,EAAC,mBAAmB,CAAC,CAAC,CAAA;AAE5G,6BAA6B;AAC7B,kCAA0B,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACxF,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAA;IAE7B,MAAM,OAAO,GAAG,MAAM,IAAA,sCAA6B,EAAC;QAClD,IAAI;QACJ,gBAAgB,EAAE,WAAW;KAC9B,CAAC,CAAA;IAEF,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAC7C,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,wCAAwC;AACxC,kCAA0B,CAAC,IAAI,CAC7B,uBAAuB,EACvB,IAAA,8CAAwB,EAAC,gBAAgB,CAAC,EAC1C,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IACtC,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC3B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAEjC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC,CAAA;IAC/D,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAEpC,IAAI,WAAW,GAAG,gBAAgB,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,kBAAkB,CAAC,OAAO,CAAC,UAAU,IAAI,GAAG,CAAC,EAAE,CAAA;IAErI,6LAA6L;IAC7L,OAAO,CAAC,IAAI,GAAG,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAA;IAE9C,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,CACF,CAAA","sourcesContent":["import Router from 'koa-router'\nimport { getRepository } from '@things-factory/shell'\nimport { appPackage } from '@things-factory/env'\n\nimport { generateRegistrationOptions, generateAuthenticationOptions } from '@simplewebauthn/server'\n\nimport { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'\nimport { PublicKeyCredentialCreationOptionsJSON } from '@simplewebauthn/server/script/deps'\nimport { setAccessTokenCookie } from '../utils/access-token-cookie'\nimport { createWebAuthnMiddleware } from '../middlewares/webauthn-middleware'\n\nexport const webAuthnGlobalPublicRouter = new Router()\nexport const webAuthnGlobalPrivateRouter = new Router()\n\nconst { name: rpName } = appPackage as any\n\n// Generate authentication challenge for the currently logged-in user\nwebAuthnGlobalPrivateRouter.get('/auth/verify-webauthn/challenge', async (context, next) => {\n  const { user } = context.state\n  const rpID = context.hostname\n\n  if (!user) {\n    context.status = 401\n    context.body = { error: 'User not authenticated' }\n    return\n  }\n\n  const webAuthCredentials = await getRepository(WebAuthCredential).find({\n    where: { user: { id: user.id } }\n  })\n\n  if (webAuthCredentials.length === 0) {\n    context.status = 400\n    context.body = { error: 'No biometric credentials registered for this user' }\n    return\n  }\n\n  const options = await generateAuthenticationOptions({\n    rpID,\n    userVerification: 'preferred',\n    allowCredentials: webAuthCredentials.map(credential => ({\n      id: credential.credentialId,\n      type: 'public-key'\n    }))\n  })\n\n  context.session.challenge = options.challenge\n  context.body = options\n})\n\n// Verify biometric authentication\nwebAuthnGlobalPrivateRouter.post(\n  '/auth/verify-webauthn',\n  /* reuse webauthn-login as webauthn-verify strategy */\n  createWebAuthnMiddleware('webauthn-login'),\n  async (context, next) => {\n    const { user } = context.state\n    const { request } = context\n    const { body: reqBody } = request\n\n    if (!user) {\n      context.status = 401\n      context.body = { verified: false, message: 'User not authenticated' }\n      return\n    }\n\n    context.body = {\n      verified: true,\n      message: 'Biometric authentication successful'\n    }\n\n    await next()\n  }\n)\n\n// Generate registration challenge for the currently logged-in user\nwebAuthnGlobalPrivateRouter.get('/auth/register-webauthn/challenge', async (context, next) => {\n  const { user } = context.state\n  const rpID = context.hostname\n\n  const webAuthCredentials = await getRepository(WebAuthCredential).find({\n    where: {\n      user: { id: user.id }\n    }\n  })\n\n  const options: PublicKeyCredentialCreationOptionsJSON = await generateRegistrationOptions({\n    rpName,\n    rpID,\n    userName: user.email,\n    userDisplayName: user.name,\n    // Don't prompt users for additional information about the authenticator\n    // (Recommended for smoother UX)\n    attestationType: 'none',\n    // Prevent users from re-registering existing authenticators\n    excludeCredentials: webAuthCredentials.map(credential => ({\n      id: credential.credentialId\n      // Optional\n      // transports: credential.transports\n    })),\n    authenticatorSelection: {\n      // Defaults\n      residentKey: 'preferred',\n      userVerification: 'preferred',\n      // Optional\n      authenticatorAttachment: 'platform'\n    }\n  })\n\n  context.session.challenge = options.challenge\n  context.body = options\n})\n\n// Verify registration\nwebAuthnGlobalPrivateRouter.post('/auth/verify-registration', createWebAuthnMiddleware('webauthn-register'))\n\n// Generate sign-in challenge\nwebAuthnGlobalPublicRouter.get('/auth/signin-webauthn/challenge', async (context, next) => {\n  const rpID = context.hostname\n\n  const options = await generateAuthenticationOptions({\n    rpID,\n    userVerification: 'preferred'\n  })\n\n  context.session.challenge = options.challenge\n  context.body = options\n})\n\n// Sign in with biometric authentication\nwebAuthnGlobalPublicRouter.post(\n  '/auth/signin-webauthn',\n  createWebAuthnMiddleware('webauthn-login'),\n  async (context, next) => {\n    const { domain, user } = context.state\n    const { request } = context\n    const { body: reqBody } = request\n\n    const token = await user.sign({ subdomain: domain?.subdomain })\n    setAccessTokenCookie(context, token)\n\n    var redirectURL = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(reqBody.redirectTo || '/')}`\n\n    /* Due to the two-step interaction, it will be processed by fetch(...) in the browser, so it cannot be handled with a redirect(3xx) response. Therefore, respond with redirectURL as data. */\n    context.body = { redirectURL, verified: true }\n\n    await next()\n  }\n)\n"]}
+{"version":3,"file":"webauthn-router.js","sourceRoot":"","sources":["../../server/router/webauthn-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAC/B,iDAAqD;AACrD,6CAAgD;AAEhD,mDAAmG;AAEnG,4FAAsF;AAItF,sEAAmE;AACnE,4EAA8E;AAEjE,QAAA,0BAA0B,GAAG,IAAI,oBAAM,EAAE,CAAA;AACzC,QAAA,2BAA2B,GAAG,IAAI,oBAAM,EAAE,CAAA;AAEvD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,gBAAiB,CAAA;AAE1C,mCAA2B,CAAC,GAAG,CAAC,mCAAmC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC3F,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAA;IAE7B,MAAM,kBAAkB,GAAG,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,IAAI,CAAC;QACrE,KAAK,EAAE;YACL,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;SACtB;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GAA2C,MAAM,IAAA,oCAA2B,EAAC;QACxF,MAAM;QACN,IAAI;QACJ,QAAQ,EAAE,IAAI,CAAC,KAAK;QACpB,eAAe,EAAE,IAAI,CAAC,IAAI;QAC1B,wEAAwE;QACxE,gCAAgC;QAChC,eAAe,EAAE,MAAM;QACvB,4DAA4D;QAC5D,kBAAkB,EAAE,kBAAkB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;YACxD,EAAE,EAAE,UAAU,CAAC,YAAY;YAC3B,WAAW;YACX,oCAAoC;SACrC,CAAC,CAAC;QACH,sBAAsB,EAAE;YACtB,WAAW;YACX,WAAW,EAAE,WAAW;YACxB,gBAAgB,EAAE,WAAW;YAC7B,WAAW;YACX,uBAAuB,EAAE,UAAU;SACpC;KACF,CAAC,CAAA;IAEF,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAC7C,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,mCAA2B,CAAC,IAAI,CAAC,2BAA2B,EAAE,IAAA,8CAAwB,EAAC,mBAAmB,CAAC,CAAC,CAAC;AAE7G,kCAA0B,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACxF,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAA;IAE7B,MAAM,OAAO,GAAG,MAAM,IAAA,sCAA6B,EAAC;QAClD,IAAI;QACJ,gBAAgB,EAAE,WAAW;KAC9B,CAAC,CAAA;IAEF,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAC7C,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,kCAA0B,CAAC,IAAI,CAC7B,uBAAuB,EAAE,IAAA,8CAAwB,EAAC,gBAAgB,CAAC,EACnE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAE,KAAK,CAAA;IACvC,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC3B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAEjC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC,CAAA;IAC/D,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAEpC,IAAI,WAAW,GAAG,gBAAgB,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,kBAAkB,CAAC,OAAO,CAAC,UAAU,IAAI,GAAG,CAAC,EAAE,CAAA;IAErI,yGAAyG;IACzG,OAAO,CAAC,IAAI,GAAG,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAA;IAE9C,MAAM,IAAI,EAAE,CAAC;AACf,CAAC,CACF,CAAA","sourcesContent":["import Router from 'koa-router'\nimport { getRepository } from '@things-factory/shell'\nimport { appPackage } from '@things-factory/env'\n\nimport { generateRegistrationOptions, generateAuthenticationOptions } from '@simplewebauthn/server'\n\nimport { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'\nimport {\n  PublicKeyCredentialCreationOptionsJSON,\n} from '@simplewebauthn/server/script/deps'\nimport { setAccessTokenCookie } from '../utils/access-token-cookie'\nimport { createWebAuthnMiddleware } from '../middlewares/webauthn-middleware';\n\nexport const webAuthnGlobalPublicRouter = new Router()\nexport const webAuthnGlobalPrivateRouter = new Router()\n\nconst { name: rpName } = appPackage as any\n\nwebAuthnGlobalPrivateRouter.get('/auth/register-webauthn/challenge', async (context, next) => {\n  const { user } = context.state\n  const rpID = context.hostname\n\n  const webAuthCredentials = await getRepository(WebAuthCredential).find({\n    where: {\n      user: { id: user.id }\n    }\n  })\n\n  const options: PublicKeyCredentialCreationOptionsJSON = await generateRegistrationOptions({\n    rpName,\n    rpID,\n    userName: user.email,\n    userDisplayName: user.name,\n    // Don't prompt users for additional information about the authenticator\n    // (Recommended for smoother UX)\n    attestationType: 'none',\n    // Prevent users from re-registering existing authenticators\n    excludeCredentials: webAuthCredentials.map(credential => ({\n      id: credential.credentialId\n      // Optional\n      // transports: credential.transports\n    })),\n    authenticatorSelection: {\n      // Defaults\n      residentKey: 'preferred',\n      userVerification: 'preferred',\n      // Optional\n      authenticatorAttachment: 'platform'\n    }\n  })\n\n  context.session.challenge = options.challenge\n  context.body = options\n})\n\nwebAuthnGlobalPrivateRouter.post('/auth/verify-registration', createWebAuthnMiddleware('webauthn-register'));\n\nwebAuthnGlobalPublicRouter.get('/auth/signin-webauthn/challenge', async (context, next) => {\n  const rpID = context.hostname\n\n  const options = await generateAuthenticationOptions({\n    rpID,\n    userVerification: 'preferred'\n  })\n\n  context.session.challenge = options.challenge\n  context.body = options\n})\n\nwebAuthnGlobalPublicRouter.post(\n  '/auth/signin-webauthn', createWebAuthnMiddleware('webauthn-login'),\n  async (context, next) => {\n    const { domain, user } = context. state\n    const { request } = context\n    const { body: reqBody } = request\n\n    const token = await user.sign({ subdomain: domain?.subdomain })\n    setAccessTokenCookie(context, token)\n\n    var redirectURL = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(reqBody.redirectTo || '/')}`\n\n    /* 2단계 인터렉션 때문에 브라우저에서 fetch(...)로 진행될 것이므로, redirect(3xx) 응답으로 처리할 수 없다. 따라서, 데이타로 redirectURL를 응답한다. */\n    context.body = { redirectURL, verified: true }\n\n    await next();\n  }\n)\n"]}

package/dist-server/service/invitation/invitation-mutation.d.ts

@@ -1,4 +1,3 @@
-import { User } from '../../service/user/user';
 import { Invitation } from './invitation';
 export declare class InvitationMutation {
     cancelInvitation(email: string, reference: string, type: string): Promise<boolean>;
@@ -6,12 +5,12 @@ export declare class InvitationMutation {
         email: string;
         reference: string;
         type: string;
-        updater: User;
+        creator: import("..").User;
+        updater: import("..").User;
         id: string;
         token: string;
         createdAt: Date;
         updatedAt: Date;
-        creator: User;
         creatorId: string;
         updaterId: string;
     } & Invitation>;

package/dist-server/service/invitation/invitation-mutation.js

@@ -2,11 +2,9 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.InvitationMutation = void 0;
 const tslib_1 = require("tslib");
-const typeorm_1 = require("typeorm");
 const type_graphql_1 = require("type-graphql");
 const graphql_scalars_1 = require("graphql-scalars");
 const shell_1 = require("@things-factory/shell");
-const user_1 = require("../../service/user/user");
 const invitation_1 = require("../../controllers/invitation");
 const invitation_2 = require("./invitation");
 let InvitationMutation = class InvitationMutation {
@@ -20,36 +18,26 @@ let InvitationMutation = class InvitationMutation {
         return true;
     }
     async sendInvitation(email, reference, type, context) {
-        const { user: updater } = context.state;
-        const invitationRepository = (0, shell_1.getRepository)(invitation_2.Invitation);
-        var user = await (0, shell_1.getRepository)(user_1.User).findOne({
-            where: {
-                email: (0, typeorm_1.ILike)(email),
-                status: user_1.UserStatus.ACTIVATED
-            }
+        const repository = (0, shell_1.getRepository)(invitation_2.Invitation);
+        const oldone = await repository.findOneBy({
+            email,
+            type,
+            reference
         });
-        if (!user) {
-            throw new Error(`user not found: ${email}`);
-        }
+        // TODO send invitation
         await (0, invitation_1.sendInvitationEmail)({
             invitation: {
                 email,
                 reference,
                 type
             },
-            user,
             context
         });
-        const oldone = await invitationRepository.findOneBy({
-            email,
-            type,
-            reference
-        });
         // update or create
-        return await invitationRepository.save(Object.assign(Object.assign({ creator: updater }, oldone), { // take only id from oldone for update
+        return await repository.save(Object.assign(Object.assign({}, oldone), { // take only id from oldone for update
             email,
             reference,
-            type, updater: updater }));
+            type, creator: context.state.user, updater: context.state.user }));
     }
 };
 exports.InvitationMutation = InvitationMutation;

package/dist-server/service/invitation/invitation-mutation.js.map

@@ -1 +1 @@
-{"version":3,"file":"invitation-mutation.js","sourceRoot":"","sources":["../../../server/service/invitation/invitation-mutation.ts"],"names":[],"mappings":";;;;AAAA,qCAA+B;AAE/B,+CAA2D;AAC3D,qDAAqD;AAErD,iDAAqD;AAErD,kDAA0D;AAC1D,6DAAkE;AAClE,6CAAyC;AAGlC,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAEvB,AAAN,KAAK,CAAC,gBAAgB,CACuB,KAAa,EACtC,SAAiB,EACtB,IAAY;QAEzB,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAA;QAE5C,MAAM,UAAU,CAAC,MAAM,CAAC;YACtB,KAAK;YACL,SAAS;YACT,IAAI;SACL,CAAC,CAAA;QAEF,OAAO,IAAI,CAAA;IACb,CAAC;IAGK,AAAN,KAAK,CAAC,cAAc,CACyB,KAAa,EACtC,SAAiB,EACtB,IAAY,EAClB,OAAwB;QAE/B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACvC,MAAM,oBAAoB,GAAG,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAA;QAEtD,IAAI,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC;YAC3C,KAAK,EAAE;gBACL,KAAK,EAAE,IAAA,eAAK,EAAC,KAAK,CAAC;gBACnB,MAAM,EAAE,iBAAU,CAAC,SAAS;aAC7B;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,mBAAmB,KAAK,EAAE,CAAC,CAAA;QAC7C,CAAC;QAED,MAAM,IAAA,gCAAmB,EAAC;YACxB,UAAU,EAAE;gBACV,KAAK;gBACL,SAAS;gBACT,IAAI;aACL;YACD,IAAI;YACJ,OAAO;SACR,CAAC,CAAA;QAEF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,SAAS,CAAC;YAClD,KAAK;YACL,IAAI;YACJ,SAAS;SACV,CAAC,CAAA;QAEF,mBAAmB;QACnB,OAAO,MAAM,oBAAoB,CAAC,IAAI,+BACpC,OAAO,EAAE,OAAO,IACb,MAAM,KAAE,sCAAsC;YACjD,KAAK;YACL,SAAS;YACT,IAAI,EACJ,OAAO,EAAE,OAAO,IAChB,CAAA;IACJ,CAAC;CACF,CAAA;AAjEY,gDAAkB;AAEvB;IADL,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC;IAE1B,mBAAA,IAAA,kBAAG,EAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC,CAAA;IACzC,mBAAA,IAAA,kBAAG,EAAC,WAAW,CAAC,CAAA;IAChB,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;;;;0DAWb;AAGK;IADL,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,uBAAU,CAAC;IAE7B,mBAAA,IAAA,kBAAG,EAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC,CAAA;IACzC,mBAAA,IAAA,kBAAG,EAAC,WAAW,CAAC,CAAA;IAChB,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;wDAyCP;6BAhEU,kBAAkB;IAD9B,IAAA,uBAAQ,EAAC,uBAAU,CAAC;GACR,kBAAkB,CAiE9B","sourcesContent":["import { ILike } from 'typeorm'\n\nimport { Arg, Ctx, Mutation, Resolver } from 'type-graphql'\nimport { GraphQLEmailAddress } from 'graphql-scalars'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { User, UserStatus } from '../../service/user/user'\nimport { sendInvitationEmail } from '../../controllers/invitation'\nimport { Invitation } from './invitation'\n\n@Resolver(Invitation)\nexport class InvitationMutation {\n  @Mutation(returns => Boolean)\n  async cancelInvitation(\n    @Arg('email', type => GraphQLEmailAddress) email: string,\n    @Arg('reference') reference: string,\n    @Arg('type') type: string\n  ) {\n    const repository = getRepository(Invitation)\n\n    await repository.delete({\n      email,\n      reference,\n      type\n    })\n\n    return true\n  }\n\n  @Mutation(returns => Invitation)\n  async sendInvitation(\n    @Arg('email', type => GraphQLEmailAddress) email: string,\n    @Arg('reference') reference: string,\n    @Arg('type') type: string,\n    @Ctx() context: ResolverContext\n  ) {\n    const { user: updater } = context.state\n    const invitationRepository = getRepository(Invitation)\n\n    var user = await getRepository(User).findOne({\n      where: {\n        email: ILike(email),\n        status: UserStatus.ACTIVATED\n      }\n    })\n\n    if (!user) {\n      throw new Error(`user not found: ${email}`)\n    }\n\n    await sendInvitationEmail({\n      invitation: {\n        email,\n        reference,\n        type\n      },\n      user,\n      context\n    })\n\n    const oldone = await invitationRepository.findOneBy({\n      email,\n      type,\n      reference\n    })\n\n    // update or create\n    return await invitationRepository.save({\n      creator: updater,\n      ...oldone, // take only id from oldone for update\n      email,\n      reference,\n      type,\n      updater: updater\n    })\n  }\n}\n"]}
+{"version":3,"file":"invitation-mutation.js","sourceRoot":"","sources":["../../../server/service/invitation/invitation-mutation.ts"],"names":[],"mappings":";;;;AAAA,+CAA2D;AAC3D,qDAAqD;AAErD,iDAAqD;AAErD,6DAAkE;AAClE,6CAAyC;AAGlC,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAEvB,AAAN,KAAK,CAAC,gBAAgB,CACuB,KAAa,EACtC,SAAiB,EACtB,IAAY;QAEzB,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAA;QAE5C,MAAM,UAAU,CAAC,MAAM,CAAC;YACtB,KAAK;YACL,SAAS;YACT,IAAI;SACL,CAAC,CAAA;QAEF,OAAO,IAAI,CAAA;IACb,CAAC;IAGK,AAAN,KAAK,CAAC,cAAc,CACyB,KAAa,EACtC,SAAiB,EACtB,IAAY,EAClB,OAAwB;QAE/B,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAA;QAE5C,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC;YACxC,KAAK;YACL,IAAI;YACJ,SAAS;SACV,CAAC,CAAA;QAEF,uBAAuB;QACvB,MAAM,IAAA,gCAAmB,EAAC;YACxB,UAAU,EAAE;gBACV,KAAK;gBACL,SAAS;gBACT,IAAI;aACL;YACD,OAAO;SACR,CAAC,CAAA;QAEF,mBAAmB;QACnB,OAAO,MAAM,UAAU,CAAC,IAAI,iCACvB,MAAM,KAAE,sCAAsC;YACjD,KAAK;YACL,SAAS;YACT,IAAI,EACJ,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,EAC3B,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,IAC3B,CAAA;IACJ,CAAC;CACF,CAAA;AArDY,gDAAkB;AAEvB;IADL,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC;IAE1B,mBAAA,IAAA,kBAAG,EAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC,CAAA;IACzC,mBAAA,IAAA,kBAAG,EAAC,WAAW,CAAC,CAAA;IAChB,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;;;;0DAWb;AAGK;IADL,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,uBAAU,CAAC;IAE7B,mBAAA,IAAA,kBAAG,EAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC,CAAA;IACzC,mBAAA,IAAA,kBAAG,EAAC,WAAW,CAAC,CAAA;IAChB,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;wDA6BP;6BApDU,kBAAkB;IAD9B,IAAA,uBAAQ,EAAC,uBAAU,CAAC;GACR,kBAAkB,CAqD9B","sourcesContent":["import { Arg, Ctx, Mutation, Resolver } from 'type-graphql'\nimport { GraphQLEmailAddress } from 'graphql-scalars'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { sendInvitationEmail } from '../../controllers/invitation'\nimport { Invitation } from './invitation'\n\n@Resolver(Invitation)\nexport class InvitationMutation {\n  @Mutation(returns => Boolean)\n  async cancelInvitation(\n    @Arg('email', type => GraphQLEmailAddress) email: string,\n    @Arg('reference') reference: string,\n    @Arg('type') type: string\n  ) {\n    const repository = getRepository(Invitation)\n\n    await repository.delete({\n      email,\n      reference,\n      type\n    })\n\n    return true\n  }\n\n  @Mutation(returns => Invitation)\n  async sendInvitation(\n    @Arg('email', type => GraphQLEmailAddress) email: string,\n    @Arg('reference') reference: string,\n    @Arg('type') type: string,\n    @Ctx() context: ResolverContext\n  ) {\n    const repository = getRepository(Invitation)\n\n    const oldone = await repository.findOneBy({\n      email,\n      type,\n      reference\n    })\n\n    // TODO send invitation\n    await sendInvitationEmail({\n      invitation: {\n        email,\n        reference,\n        type\n      },\n      context\n    })\n\n    // update or create\n    return await repository.save({\n      ...oldone, // take only id from oldone for update\n      email,\n      reference,\n      type,\n      creator: context.state.user,\n      updater: context.state.user\n    })\n  }\n}\n"]}

package/dist-server/service/user/user-mutation.d.ts

@@ -9,7 +9,6 @@ export declare class UserMutation {
         salt: string;
         passwordUpdatedAt: Date;
         password: string;
-        username: string;
         name: string;
         description?: string;
         email: string;
@@ -19,13 +18,13 @@ export declare class UserMutation {
     } & User>;
     updateUser(email: string, patch: UserPatch, context: ResolverContext): Promise<any>;
     updateMultipleUser(patches: UserPatch[], context: ResolverContext): Promise<any[]>;
-    deleteUser(username: string, context: ResolverContext): Promise<boolean>;
-    deleteUsers(usernames: string[], context: ResolverContext): Promise<boolean>;
-    inviteUser(username: string, context: ResolverContext): Promise<boolean>;
-    deleteDomainUser(username: string, context: ResolverContext): Promise<boolean>;
-    transferOwner(username: string, context: ResolverContext): Promise<boolean>;
-    activateUser(username: string, context: ResolverContext): Promise<boolean>;
-    inactivateUser(username: string, context: ResolverContext): Promise<boolean>;
-    resetPasswordToDefault(username: string, context: ResolverContext): Promise<boolean>;
-    updateUserRoles(username: string, availableRoles: ObjectRef[], selectedRoles: ObjectRef[], context: ResolverContext): Promise<User>;
+    deleteUser(email: string, context: ResolverContext): Promise<boolean>;
+    deleteUsers(emails: string[], context: ResolverContext): Promise<boolean>;
+    inviteUser(email: string, context: ResolverContext): Promise<boolean>;
+    deleteDomainUser(email: string, context: ResolverContext): Promise<boolean>;
+    transferOwner(email: string, context: ResolverContext): Promise<boolean>;
+    activateUser(userId: string, context: ResolverContext): Promise<boolean>;
+    inactivateUser(userId: string, context: ResolverContext): Promise<boolean>;
+    resetPasswordToDefault(userId: string, context: ResolverContext): Promise<boolean>;
+    updateUserRoles(userId: string, availableRoles: ObjectRef[], selectedRoles: ObjectRef[], context: ResolverContext): Promise<User>;
 }