npm - @things-factory/auth-base - Versions diffs - 8.0.0 → 9.0.0-beta.3 - Mend

@things-factory/auth-base 8.0.0 → 9.0.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (212) hide show

package/dist-client/index.d.ts +1 -0
package/dist-client/index.js +1 -0
package/dist-client/index.js.map +1 -1
package/dist-client/tsconfig.tsbuildinfo +1 -1
package/dist-client/verify-webauthn.d.ts +13 -0
package/dist-client/verify-webauthn.js +72 -0
package/dist-client/verify-webauthn.js.map +1 -0
package/dist-server/constants/error-code.d.ts +2 -0
package/dist-server/constants/error-code.js +3 -1
package/dist-server/constants/error-code.js.map +1 -1
package/dist-server/controllers/change-pwd.js +2 -2
package/dist-server/controllers/change-pwd.js.map +1 -1
package/dist-server/controllers/delete-user.js +13 -12
package/dist-server/controllers/delete-user.js.map +1 -1
package/dist-server/controllers/invitation.d.ts +2 -1
package/dist-server/controllers/invitation.js +30 -5
package/dist-server/controllers/invitation.js.map +1 -1
package/dist-server/controllers/profile.d.ts +4 -3
package/dist-server/controllers/profile.js +20 -2
package/dist-server/controllers/profile.js.map +1 -1
package/dist-server/controllers/signin.d.ts +4 -1
package/dist-server/controllers/signin.js +17 -1
package/dist-server/controllers/signin.js.map +1 -1
package/dist-server/controllers/signup.js +13 -4
package/dist-server/controllers/signup.js.map +1 -1
package/dist-server/controllers/unlock-user.js +1 -0
package/dist-server/controllers/unlock-user.js.map +1 -1
package/dist-server/controllers/verification.js +1 -0
package/dist-server/controllers/verification.js.map +1 -1
package/dist-server/middlewares/signin-middleware.js +5 -4
package/dist-server/middlewares/signin-middleware.js.map +1 -1
package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
package/dist-server/migrations/1548206416130-SeedUser.js +2 -1
package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
package/dist-server/router/auth-checkin-router.js +8 -2
package/dist-server/router/auth-checkin-router.js.map +1 -1
package/dist-server/router/auth-private-process-router.js +12 -7
package/dist-server/router/auth-private-process-router.js.map +1 -1
package/dist-server/router/auth-public-process-router.js +20 -9
package/dist-server/router/auth-public-process-router.js.map +1 -1
package/dist-server/router/auth-signin-router.js +10 -4
package/dist-server/router/auth-signin-router.js.map +1 -1
package/dist-server/router/webauthn-router.js +51 -1
package/dist-server/router/webauthn-router.js.map +1 -1
package/dist-server/service/invitation/invitation-mutation.d.ts +3 -2
package/dist-server/service/invitation/invitation-mutation.js +20 -8
package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
package/dist-server/service/user/user-mutation.d.ts +10 -9
package/dist-server/service/user/user-mutation.js +112 -54
package/dist-server/service/user/user-mutation.js.map +1 -1
package/dist-server/service/user/user-types.d.ts +1 -0
package/dist-server/service/user/user-types.js +4 -0
package/dist-server/service/user/user-types.js.map +1 -1
package/dist-server/service/user/user.d.ts +1 -0
package/dist-server/service/user/user.js +40 -14
package/dist-server/service/user/user.js.map +1 -1
package/dist-server/templates/account-unlock-email.d.ts +2 -1
package/dist-server/templates/account-unlock-email.js +1 -1
package/dist-server/templates/account-unlock-email.js.map +1 -1
package/dist-server/templates/invitation-email.d.ts +2 -1
package/dist-server/templates/invitation-email.js +1 -1
package/dist-server/templates/invitation-email.js.map +1 -1
package/dist-server/templates/verification-email.d.ts +2 -1
package/dist-server/templates/verification-email.js +1 -1
package/dist-server/templates/verification-email.js.map +1 -1
package/dist-server/tsconfig.tsbuildinfo +1 -1
package/package.json +6 -6
package/translations/en.json +5 -1
package/translations/ja.json +5 -1
package/translations/ko.json +6 -3
package/translations/ms.json +5 -1
package/translations/zh.json +5 -1
package/client/actions/auth.ts +0 -24
package/client/auth.ts +0 -272
package/client/bootstrap.ts +0 -47
package/client/directive/privileged.ts +0 -28
package/client/index.ts +0 -3
package/client/profiled.ts +0 -83
package/client/reducers/auth.ts +0 -31
package/server/constants/error-code.ts +0 -20
package/server/constants/error-message.ts +0 -0
package/server/constants/max-age.ts +0 -1
package/server/controllers/auth.ts +0 -5
package/server/controllers/change-pwd.ts +0 -99
package/server/controllers/checkin.ts +0 -21
package/server/controllers/delete-user.ts +0 -68
package/server/controllers/invitation.ts +0 -132
package/server/controllers/profile.ts +0 -28
package/server/controllers/reset-password.ts +0 -126
package/server/controllers/signin.ts +0 -79
package/server/controllers/signup.ts +0 -60
package/server/controllers/unlock-user.ts +0 -61
package/server/controllers/utils/make-invitation-token.ts +0 -5
package/server/controllers/utils/make-verification-token.ts +0 -4
package/server/controllers/utils/password-rule.ts +0 -120
package/server/controllers/utils/save-invitation-token.ts +0 -10
package/server/controllers/utils/save-verification-token.ts +0 -12
package/server/controllers/verification.ts +0 -83
package/server/errors/auth-error.ts +0 -24
package/server/errors/index.ts +0 -2
package/server/errors/user-domain-not-match-error.ts +0 -29
package/server/index.ts +0 -37
package/server/middlewares/authenticate-401-middleware.ts +0 -114
package/server/middlewares/domain-authenticate-middleware.ts +0 -78
package/server/middlewares/graphql-authenticate-middleware.ts +0 -13
package/server/middlewares/index.ts +0 -67
package/server/middlewares/jwt-authenticate-middleware.ts +0 -84
package/server/middlewares/signin-middleware.ts +0 -55
package/server/middlewares/webauthn-middleware.ts +0 -127
package/server/migrations/1548206416130-SeedUser.ts +0 -59
package/server/migrations/1566805283882-SeedPrivilege.ts +0 -28
package/server/migrations/index.ts +0 -9
package/server/router/auth-checkin-router.ts +0 -107
package/server/router/auth-private-process-router.ts +0 -107
package/server/router/auth-public-process-router.ts +0 -302
package/server/router/auth-signin-router.ts +0 -55
package/server/router/auth-signup-router.ts +0 -95
package/server/router/index.ts +0 -9
package/server/router/oauth2/index.ts +0 -2
package/server/router/oauth2/oauth2-authorize-router.ts +0 -81
package/server/router/oauth2/oauth2-router.ts +0 -165
package/server/router/oauth2/oauth2-server.ts +0 -262
package/server/router/oauth2/passport-oauth2-client-password.ts +0 -87
package/server/router/oauth2/passport-refresh-token.ts +0 -87
package/server/router/path-base-domain-router.ts +0 -8
package/server/router/site-root-router.ts +0 -48
package/server/router/webauthn-router.ts +0 -87
package/server/routes.ts +0 -80
package/server/service/app-binding/app-binding-mutation.ts +0 -22
package/server/service/app-binding/app-binding-query.ts +0 -92
package/server/service/app-binding/app-binding-types.ts +0 -11
package/server/service/app-binding/app-binding.ts +0 -17
package/server/service/app-binding/index.ts +0 -4
package/server/service/appliance/appliance-mutation.ts +0 -113
package/server/service/appliance/appliance-query.ts +0 -76
package/server/service/appliance/appliance-types.ts +0 -56
package/server/service/appliance/appliance.ts +0 -133
package/server/service/appliance/index.ts +0 -6
package/server/service/application/application-mutation.ts +0 -104
package/server/service/application/application-query.ts +0 -98
package/server/service/application/application-types.ts +0 -76
package/server/service/application/application.ts +0 -216
package/server/service/application/index.ts +0 -6
package/server/service/auth-provider/auth-provider-mutation.ts +0 -159
package/server/service/auth-provider/auth-provider-parameter-spec.ts +0 -24
package/server/service/auth-provider/auth-provider-query.ts +0 -88
package/server/service/auth-provider/auth-provider-type.ts +0 -67
package/server/service/auth-provider/auth-provider.ts +0 -155
package/server/service/auth-provider/index.ts +0 -7
package/server/service/domain-generator/domain-generator-mutation.ts +0 -117
package/server/service/domain-generator/domain-generator-types.ts +0 -46
package/server/service/domain-generator/index.ts +0 -3
package/server/service/granted-role/granted-role-mutation.ts +0 -156
package/server/service/granted-role/granted-role-query.ts +0 -60
package/server/service/granted-role/granted-role.ts +0 -27
package/server/service/granted-role/index.ts +0 -6
package/server/service/index.ts +0 -90
package/server/service/invitation/index.ts +0 -6
package/server/service/invitation/invitation-mutation.ts +0 -63
package/server/service/invitation/invitation-query.ts +0 -33
package/server/service/invitation/invitation-types.ts +0 -11
package/server/service/invitation/invitation.ts +0 -63
package/server/service/login-history/index.ts +0 -5
package/server/service/login-history/login-history-query.ts +0 -51
package/server/service/login-history/login-history-type.ts +0 -12
package/server/service/login-history/login-history.ts +0 -45
package/server/service/partner/index.ts +0 -6
package/server/service/partner/partner-mutation.ts +0 -61
package/server/service/partner/partner-query.ts +0 -102
package/server/service/partner/partner-types.ts +0 -11
package/server/service/partner/partner.ts +0 -57
package/server/service/password-history/index.ts +0 -3
package/server/service/password-history/password-history.ts +0 -16
package/server/service/privilege/index.ts +0 -6
package/server/service/privilege/privilege-directive.ts +0 -77
package/server/service/privilege/privilege-mutation.ts +0 -92
package/server/service/privilege/privilege-query.ts +0 -94
package/server/service/privilege/privilege-types.ts +0 -60
package/server/service/privilege/privilege.ts +0 -102
package/server/service/role/index.ts +0 -6
package/server/service/role/role-mutation.ts +0 -109
package/server/service/role/role-query.ts +0 -155
package/server/service/role/role-types.ts +0 -81
package/server/service/role/role.ts +0 -72
package/server/service/user/domain-query.ts +0 -24
package/server/service/user/index.ts +0 -7
package/server/service/user/user-mutation.ts +0 -413
package/server/service/user/user-query.ts +0 -145
package/server/service/user/user-types.ts +0 -97
package/server/service/user/user.ts +0 -354
package/server/service/users-auth-providers/index.ts +0 -5
package/server/service/users-auth-providers/users-auth-providers.ts +0 -71
package/server/service/verification-token/index.ts +0 -3
package/server/service/verification-token/verification-token.ts +0 -60
package/server/service/web-auth-credential/index.ts +0 -3
package/server/service/web-auth-credential/web-auth-credential.ts +0 -67
package/server/templates/account-unlock-email.ts +0 -65
package/server/templates/invitation-email.ts +0 -66
package/server/templates/reset-password-email.ts +0 -65
package/server/templates/verification-email.ts +0 -66
package/server/types.ts +0 -21
package/server/utils/accepts.ts +0 -11
package/server/utils/access-token-cookie.ts +0 -61
package/server/utils/check-permission.ts +0 -52
package/server/utils/check-user-belongs-domain.ts +0 -19
package/server/utils/check-user-has-role.ts +0 -29
package/server/utils/encrypt-state.ts +0 -22
package/server/utils/get-aes-256-key.ts +0 -13
package/server/utils/get-domain-from-hostname.ts +0 -7
package/server/utils/get-domain-users.ts +0 -38
package/server/utils/get-secret.ts +0 -13
package/server/utils/get-user-domains.ts +0 -112

package/client/reducers/auth.ts DELETED Viewed

@@ -1,31 +0,0 @@
-import { SET_AUTH, SET_PROFILE } from '../actions/auth'
-const INITIAL_STATE = {
-  authenticated: false,
-  accessToken: '',
-  user: null
-}
-const auth = (state = INITIAL_STATE, action) => {
-  switch (action.type) {
-    case SET_AUTH:
-      let auth = action.auth
-      return {
-        ...state,
-        authenticated: auth.authenticated,
-        accessToken: auth.accessToken
-      }
-    case SET_PROFILE:
-      return {
-        ...state,
-        user: action.user
-      }
-    default:
-      return state
-  }
-}
-export default auth

package/server/constants/error-code.ts DELETED Viewed

@@ -1,20 +0,0 @@
-export const USER_NOT_FOUND = 'user not found'
-export const PASSWORD_NOT_MATCHED = 'password-not-matched'
-export const USER_NOT_ACTIVATED = 'user not activated'
-export const USER_LOCKED = 'user-locked'
-export const USER_DELETED = 'user-deleted'
-export const NO_AVAILABLE_DOMAIN = 'no-available-domain'
-export const UNAVAILABLE_DOMAIN = 'unavailable-domain'
-export const NO_SELECTED_DOMAIN = 'no-selected-domain'
-export const REDIRECT_TO_DEFAULT_DOMAIN = 'redirect-to-default-domain'
-export const TOKEN_INVALID = 'token-invalid'
-export const AUTH_INVALID = 'auth-invalid'
-export const SUBDOMAIN_NOTFOUND = 'subdomain not found'
-export const CONFIRM_PASSWORD_NOT_MATCHED = 'confirm password not matched'
-export const PASSWORD_PATTERN_NOT_MATCHED = 'password should match the rule'
-export const USER_DUPLICATED = 'user duplicated'
-export const PASSWORD_USED_PAST = 'password used in the past'
-export const VERIFICATION_ERROR = 'user or verification token not found'
-export const AUTHN_VERIFICATION_FAILED = 'authn verification failed'
-export const USER_CREDENTIAL_NOT_FOUND = 'user credential not found'
-export const AUTH_ERROR = 'auth error'

package/server/constants/error-message.ts DELETED Viewed

File without changes

package/server/constants/max-age.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- export const MAX_AGE = 7 * 24 * 3600 * 1000

package/server/controllers/auth.ts DELETED Viewed

@@ -1,5 +0,0 @@
-export * from './change-pwd'
-export * from './signin'
-export * from './signup'
-export * from './verification'
-export * from './invitation'

package/server/controllers/change-pwd.ts DELETED Viewed

@@ -1,99 +0,0 @@
-import { ILike } from 'typeorm'
-import { config } from '@things-factory/env'
-import { getRepository } from '@things-factory/shell'
-import {
-  CONFIRM_PASSWORD_NOT_MATCHED,
-  PASSWORD_NOT_MATCHED,
-  PASSWORD_USED_PAST,
-  USER_NOT_FOUND
-} from '../constants/error-code'
-import { AuthError } from '../errors/auth-error'
-import { PasswordHistory } from '../service/password-history/password-history'
-import { User } from '../service/user/user'
-const HISTORY_SIZE = config.get('password', { history: 0 }).history
-export async function changePwd(attrs, currentPass, newPass, confirmPass, context) {
-  const { domain } = context.state
-  // TODO 이 사용자가 이 도메인에 속한 사용자인지 확인해야함.
-  const repository = getRepository(User)
-  const user: User = await repository.findOne({ where: { email: ILike(attrs.email) } })
-  if (!user) {
-    throw new AuthError({
-      errorCode: USER_NOT_FOUND
-    })
-  }
-  if (newPass !== confirmPass) {
-    throw new AuthError({
-      errorCode: CONFIRM_PASSWORD_NOT_MATCHED
-    })
-  }
-  if (!User.verify(user.password, currentPass, user.salt)) {
-    throw new AuthError({
-      errorCode: PASSWORD_NOT_MATCHED,
-      detail: {
-        email: user.email,
-        failCount: user.failCount
-      }
-    })
-  }
-  /* check if password is following the rule */
-  User.validatePasswordByRule(newPass, context?.lng)
-  user.password = User.encode(newPass, user.salt)
-  if (HISTORY_SIZE > 0) {
-    var passwordHistory: PasswordHistory = await getRepository(PasswordHistory).findOneBy({ userId: user.id })
-    var history = []
-    if (passwordHistory) {
-      try {
-        history = JSON.parse(passwordHistory.history)
-        if (!(history instanceof Array)) {
-          console.error('password history maybe currupted - not an array')
-          history = []
-        }
-      } catch (e) {
-        console.error('password history currupted - not json format')
-      }
-      const found = history.slice(0, HISTORY_SIZE).find(h => {
-        return User.verify(h.password, newPass, h.salt)
-      })
-      if (found) {
-        throw new AuthError({
-          errorCode: PASSWORD_USED_PAST
-        })
-      }
-    }
-  }
-  await repository.save({
-    ...user,
-    passwordUpdatedAt: new Date()
-  })
-  if (HISTORY_SIZE > 0) {
-    history = [
-      {
-        password: user.password,
-        salt: user.salt
-      },
-      ...history
-    ].slice(0, HISTORY_SIZE)
-    await getRepository(PasswordHistory).save({
-      userId: user.id,
-      history: JSON.stringify(history)
-    })
-  }
-  return await user.sign({ subdomain: domain.subdomain })
-}

package/server/controllers/checkin.ts DELETED Viewed

@@ -1,21 +0,0 @@
-import { Domain, getRepository } from '@things-factory/shell'
-import { User } from '../service/user/user'
-import { getUserDomains } from '../utils/get-user-domains'
-export async function checkin({ userId, subdomain }) {
-  const userRepo = getRepository(User)
-  const user = await userRepo.findOne({ where: { id: userId } })
-  const domains: Partial<Domain>[] = await getUserDomains(user)
-  if (!domains?.length) {
-    return false
-  }
-  const domain = domains.find(domain => domain.subdomain == subdomain)
-  if (!domain) {
-    return false
-  }
-  return await user.sign({ subdomain })
-}

package/server/controllers/delete-user.ts DELETED Viewed

@@ -1,68 +0,0 @@
-import { EntityManager, ILike, In } from 'typeorm'
-import { User, UserStatus } from '../service/user/user'
-import { AuthError } from '../errors/auth-error'
-import { USER_NOT_FOUND } from '../constants/error-code'
-export async function deleteUser(attrs, tx?: EntityManager) {
-  // TODO 이 사용자가 이 도메인에 속한 사용자인지 확인해야함.
-  // TODO 다른 도메인에도 포함되어있다면, domains-users 관게와 해당 도메인 관련 정보만 삭제해야 함.
-  const repository = tx?.getRepository(User)
-  const user = await repository.findOne({ where: { email: ILike(attrs.email) } })
-  if (!user) {
-    throw new AuthError({
-      errorCode: USER_NOT_FOUND
-    })
-  }
-  user.status = UserStatus.DELETED
-  user.domains = []
-  await repository.save(user)
-  // repository api는 작동하지 않음.
-  // await txManager
-  //   .createQueryBuilder()
-  //   .delete()
-  //   .from('users_domains')
-  //   .where({
-  //     usersId: user.id
-  //   })
-  //   .execute()
-}
-export async function deleteUsers(attrs, tx?: EntityManager) {
-  // TODO 이 사용자가 이 도메인에 속한 사용자인지 확인해야함.
-  // TODO 다른 도메인에도 포함되어있다면, domains-users 관게와 해당 도메인 관련 정보만 삭제해야 함.
-  const { emails } = attrs
-  const repo = tx?.getRepository(User)
-  const users = await repo.find({
-    where: {
-      email: In(emails)
-    }
-  })
-  const userIds = []
-  users.forEach(user => {
-    user.status = UserStatus.DELETED
-    user.domains = []
-    userIds.push(user.id)
-  })
-  await repo.save(users)
-  // repository api는 작동하지 않음.
-  // await txManager
-  //   .createQueryBuilder()
-  //   .delete()
-  //   .from('users_domains')
-  //   .where({
-  //     usersId: In(userIds)
-  //   })
-  //   .execute()
-  return true
-}

package/server/controllers/invitation.ts DELETED Viewed

@@ -1,132 +0,0 @@
-import { ILike } from 'typeorm'
-import { URL } from 'url'
-import { sendEmail } from '@things-factory/email-base'
-import { Domain, getRepository } from '@things-factory/shell'
-import { Invitation } from '../service/invitation/invitation'
-import { User } from '../service/user/user'
-import { getInvitationEmailForm } from '../templates/invitation-email'
-import { makeInvitationToken } from './utils/make-invitation-token'
-import { saveInvitationToken } from './utils/save-invitation-token'
-export async function invite(attrs, withEmailInvitation?: Boolean) {
-  const { email, reference, type, context } = attrs
-  var user = await getRepository(User).findOne({ where: { email: ILike(email) }, relations: ['domains'] })
-  var domains = user.domains
-  // TODO reference should not be a domain.id (security reason)
-  if (user) {
-    const domain = domains.find(domain => domain.id == reference)
-    if (domain) {
-      const msg = `user already a member of the ${type}.`
-      throw new Error(msg)
-    }
-  }
-  if (withEmailInvitation) {
-    var invitation = await getRepository(Invitation).findOneBy({
-      email: ILike(email),
-      reference,
-      type
-    })
-    if (!invitation) {
-      invitation = await getRepository(Invitation).save({
-        email,
-        reference,
-        type
-      })
-    }
-    return await sendInvitationEmail({
-      invitation,
-      context
-    })
-  }
-  if (user) {
-    user.domains = [...domains, await getRepository(Domain).findOneBy({ id: reference })]
-    await getRepository(User).save(user)
-  } else {
-    // TODO need to signup
-  }
-}
-export async function acceptInvitation(token) {
-  var invitation = await getRepository(Invitation).findOneBy({
-    token
-  })
-  if (!invitation) {
-    throw new Error(`not found invitation.`)
-  }
-  var { email, reference, type } = invitation
-  var user = await getRepository(User).findOne({ where: { email: ILike(email) }, relations: ['domains'] })
-  if (user) {
-    var domains = user.domains
-    const domain = domains.find(domain => domain.id == reference)
-    if (domain) {
-      const msg = `user already a member of the ${type}.`
-      throw new Error(msg)
-    }
-    user.domains = [...domains, await getRepository(Domain).findOneBy({ id: reference })]
-    await getRepository(User).save(user)
-    await getRepository(Invitation).delete(invitation.id)
-  } else {
-    // TODO goto signup
-  }
-  return true
-}
-export async function sendInvitationEmail({ invitation, context }) {
-  try {
-    var token = makeInvitationToken()
-    var verifaction = await saveInvitationToken(invitation.id, token)
-    if (verifaction) {
-      var serviceUrl = new URL(`/auth/accept/${token}`, context.header.referer)
-      await sendEmail({
-        receiver: invitation.email,
-        subject: 'Invitation',
-        content: getInvitationEmailForm({
-          email: invitation.email,
-          acceptUrl: serviceUrl
-        })
-      })
-      return true
-    }
-  } catch (e) {
-    return false
-  }
-}
-export async function resendInvitationEmail(
-  { email, reference, type }: { email: string; reference: string; type: string },
-  context
-) {
-  var invitation = await getRepository(Invitation).findOneBy({
-    email: ILike(email),
-    reference,
-    type
-  })
-  if (!invitation) return false
-  return await sendInvitationEmail({
-    invitation,
-    context
-  })
-}

package/server/controllers/profile.ts DELETED Viewed

@@ -1,28 +0,0 @@
-import { getRepository } from '@things-factory/shell'
-import { USER_NOT_FOUND } from '../constants/error-code'
-import { AuthError } from '../errors/auth-error'
-import { User } from '../service/user/user'
-export async function updateProfile({ id }, newProfiles) {
-  const repository = getRepository(User)
-  const user = await repository.findOneBy({ id })
-  if (!user) {
-    throw new AuthError({
-      errorCode: USER_NOT_FOUND
-    })
-  }
-  /* only 'name', 'email' and 'locale' attributes can be changed */
-  var allowed = ['name', 'email', 'locale']
-    .filter(attr => attr in newProfiles)
-    .reduce((sum, attr) => {
-      sum[attr] = newProfiles[attr]
-      return sum
-    }, {})
-  return await repository.save({
-    ...user,
-    ...allowed
-  })
-}

package/server/controllers/reset-password.ts DELETED Viewed

@@ -1,126 +0,0 @@
-import { URL } from 'url'
-import { sendEmail } from '@things-factory/email-base'
-import { config } from '@things-factory/env'
-import { getRepository } from '@things-factory/shell'
-import { PASSWORD_USED_PAST } from '../constants/error-code'
-import { AuthError } from '../errors/auth-error'
-import { PasswordHistory } from '../service/password-history/password-history'
-import { User } from '../service/user/user'
-import { VerificationToken, VerificationTokenType } from '../service/verification-token/verification-token'
-import { getResetPasswordEmailForm } from '../templates/reset-password-email'
-import { makeVerificationToken } from './utils/make-verification-token'
-import { saveVerificationToken } from './utils/save-verification-token'
-const HISTORY_SIZE = config.get('password', { history: 0 }).history
-export async function sendPasswordResetEmail({ user, context }) {
-  try {
-    var token = makeVerificationToken()
-    var verifaction = await saveVerificationToken(user.id, token, VerificationTokenType.PASSWORD_RESET)
-    if (verifaction) {
-      var serviceUrl = new URL(`/auth/reset-password?token=${token}`, context.header.referer)
-      await sendEmail({
-        receiver: user.email,
-        subject: 'Reset your password',
-        content: getResetPasswordEmailForm({
-          name: user.name,
-          resetUrl: serviceUrl
-        })
-      })
-      return true
-    }
-  } catch (e) {
-    return false
-  }
-}
-export async function resetPassword(token, password, context) {
-  const { t } = context
-  const verificationToken = await getRepository(VerificationToken).findOne({
-    where: {
-      token,
-      type: VerificationTokenType.PASSWORD_RESET
-    }
-  })
-  if (!verificationToken) {
-    throw new Error(t('text.invalid verification token'))
-  }
-  const { userId } = verificationToken
-  if (!userId) {
-    throw new Error(t('text.invalid verification token'))
-  }
-  var user = await getRepository(User).findOneBy({ id: userId })
-  if (!user) {
-    throw new Error(t('error.user not found'))
-  }
-  // if (user.status == UserStatus.INACTIVE) {
-  //   throw new Error(t('text.inactive user'))
-  // }
-  /* check if password is following the rule */
-  User.validatePasswordByRule(password, context?.lng)
-  user.password = User.encode(password, user.salt)
-  if (HISTORY_SIZE > 0) {
-    var passwordHistory: PasswordHistory = await getRepository(PasswordHistory).findOneBy({ userId: user.id })
-    var history = []
-    if (passwordHistory) {
-      try {
-        history = JSON.parse(passwordHistory.history)
-        if (!(history instanceof Array)) {
-          console.error('password history maybe currupted - not an array')
-          history = []
-        }
-      } catch (e) {
-        console.error('password history currupted - not json format')
-      }
-      const found = history.slice(0, HISTORY_SIZE).find(h => {
-        return User.verify(h.password, password, h.salt)
-      })
-      if (found) {
-        throw new AuthError({
-          errorCode: PASSWORD_USED_PAST
-        })
-      }
-    }
-  }
-  await getRepository(User).save({
-    ...user,
-    passwordUpdatedAt: new Date()
-  })
-  await getRepository(VerificationToken).delete({
-    userId,
-    token,
-    type: VerificationTokenType.PASSWORD_RESET
-  })
-  if (HISTORY_SIZE > 0) {
-    history = [
-      {
-        password: user.password,
-        salt: user.salt
-      },
-      ...history
-    ].slice(0, HISTORY_SIZE)
-    await getRepository(PasswordHistory).save({
-      userId: user.id,
-      history: JSON.stringify(history)
-    })
-  }
-}

package/server/controllers/signin.ts DELETED Viewed

@@ -1,79 +0,0 @@
-import { ILike } from 'typeorm'
-import { getRepository } from '@things-factory/shell'
-import { sendUnlockUserEmail } from '../controllers/unlock-user'
-import { AuthError } from '../errors/auth-error'
-import { User, UserStatus } from '../service/user/user'
-export async function signin(attrs, context?) {
-  const { domain } = context?.state || {}
-  const repository = getRepository(User)
-  const user = await repository.findOne({ where: { email: ILike(attrs.email) }, relations: ['domains'] })
-  if (!user)
-    throw new AuthError({
-      errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND
-    })
-  if (user.status == UserStatus.DELETED) {
-    throw new AuthError({
-      errorCode: AuthError.ERROR_CODES.USER_DELETED
-    })
-  }
-  if (user.status == UserStatus.LOCKED) {
-    sendUnlockUserEmail({
-      user,
-      context
-    })
-    throw new AuthError({
-      errorCode: AuthError.ERROR_CODES.USER_LOCKED,
-      detail: {
-        email: user.email
-      }
-    })
-  }
-  if (!User.verify(user.password, attrs.password, user.salt)) {
-    user.failCount++
-    if (user.failCount >= 5) user.status = UserStatus.LOCKED
-    await repository.save(user)
-    if (user.status == UserStatus.LOCKED) {
-      sendUnlockUserEmail({
-        user,
-        context
-      })
-      throw new AuthError({
-        errorCode: AuthError.ERROR_CODES.USER_LOCKED,
-        detail: {
-          email: user.email
-        }
-      })
-    }
-    throw new AuthError({
-      errorCode: AuthError.ERROR_CODES.PASSWORD_NOT_MATCHED,
-      detail: {
-        email: user.email,
-        failCount: user.failCount
-      }
-    })
-  } else {
-    user.failCount = 0
-    await repository.save(user)
-  }
-  if (user.status == UserStatus.INACTIVE) {
-    throw new AuthError({
-      errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,
-      detail: {
-        email: user.email
-      }
-    })
-  }
-  return {
-    user,
-    token: await user.sign({ subdomain: domain?.subdomain }),
-    domains: user.domains || []
-  }
-}

package/server/controllers/signup.ts DELETED Viewed

@@ -1,60 +0,0 @@
-import { ILike } from 'typeorm'
-import { getRepository } from '@things-factory/shell'
-import { USER_DUPLICATED } from '../constants/error-code'
-import { AuthError } from '../errors/auth-error'
-import { User } from '../service/user/user'
-import { signin } from './signin'
-import { sendVerificationEmail } from './verification'
-export async function signup(attrs, withEmailVerification?: Boolean) {
-  const { name, email, password, domain, context } = attrs
-  /* check if password is following the rule */
-  User.validatePasswordByRule(password, context.lng)
-  const repository = getRepository(User)
-  const duplicated = await repository.findOneBy({ email: ILike(email) })
-  if (duplicated) {
-    throw new AuthError({
-      errorCode: USER_DUPLICATED,
-      detail: {
-        name,
-        email
-      }
-    })
-  }
-  const salt = User.generateSalt()
-  var user = await repository.save({
-    userType: 'user',
-    ...attrs,
-    salt,
-    password: User.encode(password, salt),
-    passwordUpdatedAt: new Date(),
-    domains: domain ? [domain] : []
-  })
-  var succeed = false
-  if (withEmailVerification) {
-    succeed = await sendVerificationEmail({
-      context,
-      user
-    })
-  }
-  try {
-    return {
-      token: await signin(
-        {
-          email,
-          password
-        },
-        { domain }
-      )
-    }
-  } catch (e) {
-    return { token: null }
-  }
-}