@things-factory/auth-base 8.0.37 → 9.0.0-9.0.0-beta.59.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/config/config.development.js +46 -0
- package/config/config.production.js +45 -0
- package/dist-client/bootstrap.d.ts +1 -1
- package/dist-client/bootstrap.js +4 -4
- package/dist-client/bootstrap.js.map +1 -1
- package/dist-client/directive/privileged.d.ts +1 -1
- package/dist-client/directive/privileged.js +1 -1
- package/dist-client/directive/privileged.js.map +1 -1
- package/dist-client/index.d.ts +4 -3
- package/dist-client/index.js +4 -3
- package/dist-client/index.js.map +1 -1
- package/dist-client/profiled.js +1 -1
- package/dist-client/profiled.js.map +1 -1
- package/dist-client/reducers/auth.js +1 -1
- package/dist-client/reducers/auth.js.map +1 -1
- package/dist-client/tsconfig.tsbuildinfo +1 -1
- package/dist-client/verify-webauthn.d.ts +13 -0
- package/dist-client/verify-webauthn.js +72 -0
- package/dist-client/verify-webauthn.js.map +1 -0
- package/dist-server/controllers/auth.d.ts +5 -5
- package/dist-server/controllers/auth.js +5 -5
- package/dist-server/controllers/auth.js.map +1 -1
- package/dist-server/controllers/change-pwd.js +19 -19
- package/dist-server/controllers/change-pwd.js.map +1 -1
- package/dist-server/controllers/checkin.js +4 -4
- package/dist-server/controllers/checkin.js.map +1 -1
- package/dist-server/controllers/delete-user.js +10 -15
- package/dist-server/controllers/delete-user.js.map +1 -1
- package/dist-server/controllers/invitation.js +20 -25
- package/dist-server/controllers/invitation.js.map +1 -1
- package/dist-server/controllers/profile.d.ts +5 -5
- package/dist-server/controllers/profile.js +10 -10
- package/dist-server/controllers/profile.js.map +1 -1
- package/dist-server/controllers/reset-password.js +24 -24
- package/dist-server/controllers/reset-password.js.map +1 -1
- package/dist-server/controllers/signin.d.ts +1 -1
- package/dist-server/controllers/signin.js +25 -30
- package/dist-server/controllers/signin.js.map +1 -1
- package/dist-server/controllers/signup.d.ts +1 -1
- package/dist-server/controllers/signup.js +14 -19
- package/dist-server/controllers/signup.js.map +1 -1
- package/dist-server/controllers/unlock-user.js +17 -17
- package/dist-server/controllers/unlock-user.js.map +1 -1
- package/dist-server/controllers/utils/password-rule.js +4 -4
- package/dist-server/controllers/utils/password-rule.js.map +1 -1
- package/dist-server/controllers/utils/save-invitation-token.d.ts +1 -1
- package/dist-server/controllers/utils/save-invitation-token.js +2 -2
- package/dist-server/controllers/utils/save-invitation-token.js.map +1 -1
- package/dist-server/controllers/utils/save-verification-token.d.ts +1 -1
- package/dist-server/controllers/utils/save-verification-token.js +3 -3
- package/dist-server/controllers/utils/save-verification-token.js.map +1 -1
- package/dist-server/controllers/verification.js +23 -23
- package/dist-server/controllers/verification.js.map +1 -1
- package/dist-server/errors/auth-error.js +1 -1
- package/dist-server/errors/auth-error.js.map +1 -1
- package/dist-server/errors/index.d.ts +2 -2
- package/dist-server/errors/index.js +2 -2
- package/dist-server/errors/index.js.map +1 -1
- package/dist-server/errors/user-domain-not-match-error.d.ts +1 -1
- package/dist-server/errors/user-domain-not-match-error.js +8 -8
- package/dist-server/errors/user-domain-not-match-error.js.map +1 -1
- package/dist-server/index.d.ts +16 -16
- package/dist-server/index.js +18 -18
- package/dist-server/index.js.map +1 -1
- package/dist-server/middlewares/authenticate-401-middleware.js +11 -11
- package/dist-server/middlewares/authenticate-401-middleware.js.map +1 -1
- package/dist-server/middlewares/bypass-signin-middleware.d.ts +1 -0
- package/dist-server/middlewares/bypass-signin-middleware.js +20 -0
- package/dist-server/middlewares/bypass-signin-middleware.js.map +1 -0
- package/dist-server/middlewares/domain-authenticate-middleware.d.ts +1 -1
- package/dist-server/middlewares/domain-authenticate-middleware.js +9 -9
- package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/graphql-authenticate-middleware.js +4 -4
- package/dist-server/middlewares/graphql-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/index.d.ts +5 -5
- package/dist-server/middlewares/index.js +24 -19
- package/dist-server/middlewares/index.js.map +1 -1
- package/dist-server/middlewares/jwt-authenticate-middleware.js +15 -15
- package/dist-server/middlewares/jwt-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/signin-middleware.js +2 -2
- package/dist-server/middlewares/signin-middleware.js.map +1 -1
- package/dist-server/middlewares/verify-recaptcha-middleware.d.ts +3 -0
- package/dist-server/middlewares/verify-recaptcha-middleware.js +95 -0
- package/dist-server/middlewares/verify-recaptcha-middleware.js.map +1 -0
- package/dist-server/middlewares/webauthn-middleware.js +7 -7
- package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
- package/dist-server/migrations/1548206416130-SeedUser.js +6 -6
- package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
- package/dist-server/migrations/1566805283882-SeedPrivilege.js +2 -2
- package/dist-server/migrations/1566805283882-SeedPrivilege.js.map +1 -1
- package/dist-server/migrations/index.js.map +1 -1
- package/dist-server/router/auth-checkin-router.js +17 -20
- package/dist-server/router/auth-checkin-router.js.map +1 -1
- package/dist-server/router/auth-private-process-router.js +16 -23
- package/dist-server/router/auth-private-process-router.js.map +1 -1
- package/dist-server/router/auth-public-process-router.js +30 -35
- package/dist-server/router/auth-public-process-router.js.map +1 -1
- package/dist-server/router/auth-signin-router.js +7 -13
- package/dist-server/router/auth-signin-router.js.map +1 -1
- package/dist-server/router/auth-signup-router.js +13 -9
- package/dist-server/router/auth-signup-router.js.map +1 -1
- package/dist-server/router/index.d.ts +9 -9
- package/dist-server/router/index.js +9 -9
- package/dist-server/router/index.js.map +1 -1
- package/dist-server/router/oauth2/index.d.ts +2 -2
- package/dist-server/router/oauth2/index.js +2 -2
- package/dist-server/router/oauth2/index.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-authorize-router.js +6 -6
- package/dist-server/router/oauth2/oauth2-authorize-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-router.d.ts +1 -1
- package/dist-server/router/oauth2/oauth2-router.js +21 -21
- package/dist-server/router/oauth2/oauth2-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-server.js +21 -21
- package/dist-server/router/oauth2/oauth2-server.js.map +1 -1
- package/dist-server/router/site-root-router.js +4 -4
- package/dist-server/router/site-root-router.js.map +1 -1
- package/dist-server/router/webauthn-router.js +58 -8
- package/dist-server/router/webauthn-router.js.map +1 -1
- package/dist-server/routes.js +75 -50
- package/dist-server/routes.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-mutation.js +4 -4
- package/dist-server/service/app-binding/app-binding-mutation.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-query.d.ts +4 -4
- package/dist-server/service/app-binding/app-binding-query.js +22 -22
- package/dist-server/service/app-binding/app-binding-query.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-types.d.ts +1 -1
- package/dist-server/service/app-binding/app-binding-types.js +2 -2
- package/dist-server/service/app-binding/app-binding-types.js.map +1 -1
- package/dist-server/service/app-binding/app-binding.d.ts +2 -2
- package/dist-server/service/app-binding/app-binding.js +4 -4
- package/dist-server/service/app-binding/app-binding.js.map +1 -1
- package/dist-server/service/app-binding/index.d.ts +2 -2
- package/dist-server/service/app-binding/index.js +3 -3
- package/dist-server/service/app-binding/index.js.map +1 -1
- package/dist-server/service/appliance/appliance-mutation.d.ts +2 -2
- package/dist-server/service/appliance/appliance-mutation.js +32 -45
- package/dist-server/service/appliance/appliance-mutation.js.map +1 -1
- package/dist-server/service/appliance/appliance-query.d.ts +3 -3
- package/dist-server/service/appliance/appliance-query.js +17 -17
- package/dist-server/service/appliance/appliance-query.js.map +1 -1
- package/dist-server/service/appliance/appliance-types.d.ts +1 -1
- package/dist-server/service/appliance/appliance-types.js +2 -2
- package/dist-server/service/appliance/appliance-types.js.map +1 -1
- package/dist-server/service/appliance/appliance.d.ts +3 -1
- package/dist-server/service/appliance/appliance.js +51 -8
- package/dist-server/service/appliance/appliance.js.map +1 -1
- package/dist-server/service/appliance/index.d.ts +3 -3
- package/dist-server/service/appliance/index.js +5 -5
- package/dist-server/service/appliance/index.js.map +1 -1
- package/dist-server/service/application/application-mutation.d.ts +8 -8
- package/dist-server/service/application/application-mutation.js +20 -20
- package/dist-server/service/application/application-mutation.js.map +1 -1
- package/dist-server/service/application/application-query.d.ts +2 -2
- package/dist-server/service/application/application-query.js +16 -16
- package/dist-server/service/application/application-query.js.map +1 -1
- package/dist-server/service/application/application-types.d.ts +1 -1
- package/dist-server/service/application/application-types.js +4 -4
- package/dist-server/service/application/application-types.js.map +1 -1
- package/dist-server/service/application/application.d.ts +1 -1
- package/dist-server/service/application/application.js +12 -12
- package/dist-server/service/application/application.js.map +1 -1
- package/dist-server/service/application/index.d.ts +3 -3
- package/dist-server/service/application/index.js +5 -5
- package/dist-server/service/application/index.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-mutation.d.ts +2 -2
- package/dist-server/service/auth-provider/auth-provider-mutation.js +20 -20
- package/dist-server/service/auth-provider/auth-provider-mutation.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-query.d.ts +3 -3
- package/dist-server/service/auth-provider/auth-provider-query.js +20 -20
- package/dist-server/service/auth-provider/auth-provider-query.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-type.d.ts +1 -1
- package/dist-server/service/auth-provider/auth-provider-type.js +2 -2
- package/dist-server/service/auth-provider/auth-provider-type.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider.d.ts +3 -3
- package/dist-server/service/auth-provider/auth-provider.js +12 -12
- package/dist-server/service/auth-provider/auth-provider.js.map +1 -1
- package/dist-server/service/auth-provider/index.d.ts +3 -3
- package/dist-server/service/auth-provider/index.js +5 -5
- package/dist-server/service/auth-provider/index.js.map +1 -1
- package/dist-server/service/domain-generator/domain-generator-mutation.d.ts +1 -1
- package/dist-server/service/domain-generator/domain-generator-mutation.js +11 -11
- package/dist-server/service/domain-generator/domain-generator-mutation.js.map +1 -1
- package/dist-server/service/domain-generator/domain-generator-types.d.ts +1 -1
- package/dist-server/service/domain-generator/domain-generator-types.js +3 -3
- package/dist-server/service/domain-generator/domain-generator-types.js.map +1 -1
- package/dist-server/service/domain-generator/index.d.ts +1 -1
- package/dist-server/service/domain-generator/index.js +2 -2
- package/dist-server/service/domain-generator/index.js.map +1 -1
- package/dist-server/service/domain-link/domain-link-mutation.d.ts +9 -0
- package/dist-server/service/domain-link/domain-link-mutation.js +116 -0
- package/dist-server/service/domain-link/domain-link-mutation.js.map +1 -0
- package/dist-server/service/domain-link/domain-link-query.d.ts +11 -0
- package/dist-server/service/domain-link/domain-link-query.js +75 -0
- package/dist-server/service/domain-link/domain-link-query.js.map +1 -0
- package/dist-server/service/domain-link/domain-link-types.d.ts +18 -0
- package/dist-server/service/domain-link/domain-link-types.js +66 -0
- package/dist-server/service/domain-link/domain-link-types.js.map +1 -0
- package/dist-server/service/domain-link/domain-link.d.ts +28 -0
- package/dist-server/service/domain-link/domain-link.js +105 -0
- package/dist-server/service/domain-link/domain-link.js.map +1 -0
- package/dist-server/service/domain-link/index.d.ts +6 -0
- package/dist-server/service/domain-link/index.js +10 -0
- package/dist-server/service/domain-link/index.js.map +1 -0
- package/dist-server/service/granted-role/granted-role-mutation.d.ts +3 -3
- package/dist-server/service/granted-role/granted-role-mutation.js +17 -17
- package/dist-server/service/granted-role/granted-role-mutation.js.map +1 -1
- package/dist-server/service/granted-role/granted-role-query.d.ts +2 -2
- package/dist-server/service/granted-role/granted-role-query.js +13 -13
- package/dist-server/service/granted-role/granted-role-query.js.map +1 -1
- package/dist-server/service/granted-role/granted-role.d.ts +1 -1
- package/dist-server/service/granted-role/granted-role.js +3 -3
- package/dist-server/service/granted-role/granted-role.js.map +1 -1
- package/dist-server/service/granted-role/index.d.ts +3 -3
- package/dist-server/service/granted-role/index.js +5 -5
- package/dist-server/service/granted-role/index.js.map +1 -1
- package/dist-server/service/index.d.ts +27 -25
- package/dist-server/service/index.js +75 -70
- package/dist-server/service/index.js.map +1 -1
- package/dist-server/service/invitation/index.d.ts +3 -3
- package/dist-server/service/invitation/index.js +5 -5
- package/dist-server/service/invitation/index.js.map +1 -1
- package/dist-server/service/invitation/invitation-mutation.d.ts +2 -2
- package/dist-server/service/invitation/invitation-mutation.js +10 -10
- package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
- package/dist-server/service/invitation/invitation-query.d.ts +1 -1
- package/dist-server/service/invitation/invitation-query.js +7 -7
- package/dist-server/service/invitation/invitation-query.js.map +1 -1
- package/dist-server/service/invitation/invitation-types.d.ts +1 -1
- package/dist-server/service/invitation/invitation-types.js +2 -2
- package/dist-server/service/invitation/invitation-types.js.map +1 -1
- package/dist-server/service/invitation/invitation.d.ts +1 -1
- package/dist-server/service/invitation/invitation.js +5 -5
- package/dist-server/service/invitation/invitation.js.map +1 -1
- package/dist-server/service/login-history/index.d.ts +2 -2
- package/dist-server/service/login-history/index.js +4 -4
- package/dist-server/service/login-history/index.js.map +1 -1
- package/dist-server/service/login-history/login-history-query.d.ts +3 -3
- package/dist-server/service/login-history/login-history-query.js +11 -11
- package/dist-server/service/login-history/login-history-query.js.map +1 -1
- package/dist-server/service/login-history/login-history-type.d.ts +1 -1
- package/dist-server/service/login-history/login-history-type.js +2 -2
- package/dist-server/service/login-history/login-history-type.js.map +1 -1
- package/dist-server/service/login-history/login-history.d.ts +1 -1
- package/dist-server/service/login-history/login-history.js +4 -4
- package/dist-server/service/login-history/login-history.js.map +1 -1
- package/dist-server/service/partner/index.d.ts +3 -3
- package/dist-server/service/partner/index.js +5 -5
- package/dist-server/service/partner/index.js.map +1 -1
- package/dist-server/service/partner/partner-mutation.js +8 -8
- package/dist-server/service/partner/partner-mutation.js.map +1 -1
- package/dist-server/service/partner/partner-query.d.ts +3 -3
- package/dist-server/service/partner/partner-query.js +17 -17
- package/dist-server/service/partner/partner-query.js.map +1 -1
- package/dist-server/service/partner/partner-types.d.ts +1 -1
- package/dist-server/service/partner/partner-types.js +2 -2
- package/dist-server/service/partner/partner-types.js.map +1 -1
- package/dist-server/service/partner/partner.d.ts +1 -1
- package/dist-server/service/partner/partner.js +5 -5
- package/dist-server/service/partner/partner.js.map +1 -1
- package/dist-server/service/password-history/index.d.ts +1 -1
- package/dist-server/service/password-history/index.js +2 -2
- package/dist-server/service/password-history/index.js.map +1 -1
- package/dist-server/service/privilege/index.d.ts +3 -3
- package/dist-server/service/privilege/index.js +5 -5
- package/dist-server/service/privilege/index.js.map +1 -1
- package/dist-server/service/privilege/privilege-directive.js +2 -2
- package/dist-server/service/privilege/privilege-directive.js.map +1 -1
- package/dist-server/service/privilege/privilege-mutation.d.ts +2 -2
- package/dist-server/service/privilege/privilege-mutation.js +15 -15
- package/dist-server/service/privilege/privilege-mutation.js.map +1 -1
- package/dist-server/service/privilege/privilege-query.d.ts +4 -4
- package/dist-server/service/privilege/privilege-query.js +20 -20
- package/dist-server/service/privilege/privilege-query.js.map +1 -1
- package/dist-server/service/privilege/privilege-types.d.ts +1 -1
- package/dist-server/service/privilege/privilege-types.js +2 -2
- package/dist-server/service/privilege/privilege-types.js.map +1 -1
- package/dist-server/service/privilege/privilege.d.ts +2 -2
- package/dist-server/service/privilege/privilege.js +10 -10
- package/dist-server/service/privilege/privilege.js.map +1 -1
- package/dist-server/service/role/index.d.ts +3 -3
- package/dist-server/service/role/index.js +5 -5
- package/dist-server/service/role/index.js.map +1 -1
- package/dist-server/service/role/role-mutation.d.ts +2 -2
- package/dist-server/service/role/role-mutation.js +19 -19
- package/dist-server/service/role/role-mutation.js.map +1 -1
- package/dist-server/service/role/role-query.d.ts +9 -5
- package/dist-server/service/role/role-query.js +38 -31
- package/dist-server/service/role/role-query.js.map +1 -1
- package/dist-server/service/role/role-types.d.ts +1 -1
- package/dist-server/service/role/role-types.js +2 -2
- package/dist-server/service/role/role-types.js.map +1 -1
- package/dist-server/service/role/role.d.ts +2 -2
- package/dist-server/service/role/role.js +12 -12
- package/dist-server/service/role/role.js.map +1 -1
- package/dist-server/service/user/domain-query.d.ts +1 -1
- package/dist-server/service/user/domain-query.js +3 -3
- package/dist-server/service/user/domain-query.js.map +1 -1
- package/dist-server/service/user/index.d.ts +4 -4
- package/dist-server/service/user/index.js +6 -6
- package/dist-server/service/user/index.js.map +1 -1
- package/dist-server/service/user/user-mutation.d.ts +3 -3
- package/dist-server/service/user/user-mutation.js +49 -84
- package/dist-server/service/user/user-mutation.js.map +1 -1
- package/dist-server/service/user/user-query.d.ts +4 -3
- package/dist-server/service/user/user-query.js +31 -21
- package/dist-server/service/user/user-query.js.map +1 -1
- package/dist-server/service/user/user-types.d.ts +1 -1
- package/dist-server/service/user/user-types.js +2 -2
- package/dist-server/service/user/user-types.js.map +1 -1
- package/dist-server/service/user/user.d.ts +3 -3
- package/dist-server/service/user/user.js +41 -46
- package/dist-server/service/user/user.js.map +1 -1
- package/dist-server/service/users-auth-providers/index.d.ts +1 -1
- package/dist-server/service/users-auth-providers/index.js +2 -2
- package/dist-server/service/users-auth-providers/index.js.map +1 -1
- package/dist-server/service/users-auth-providers/users-auth-providers.d.ts +2 -2
- package/dist-server/service/users-auth-providers/users-auth-providers.js +8 -8
- package/dist-server/service/users-auth-providers/users-auth-providers.js.map +1 -1
- package/dist-server/service/verification-token/index.d.ts +1 -1
- package/dist-server/service/verification-token/index.js +2 -2
- package/dist-server/service/verification-token/index.js.map +1 -1
- package/dist-server/service/web-auth-credential/index.d.ts +1 -1
- package/dist-server/service/web-auth-credential/index.js +2 -2
- package/dist-server/service/web-auth-credential/index.js.map +1 -1
- package/dist-server/service/web-auth-credential/web-auth-credential.d.ts +1 -1
- package/dist-server/service/web-auth-credential/web-auth-credential.js +10 -10
- package/dist-server/service/web-auth-credential/web-auth-credential.js.map +1 -1
- package/dist-server/tsconfig.tsbuildinfo +1 -1
- package/dist-server/types.d.ts +1 -1
- package/dist-server/types.js.map +1 -1
- package/dist-server/utils/access-token-cookie.js +2 -2
- package/dist-server/utils/access-token-cookie.js.map +1 -1
- package/dist-server/utils/check-permission.d.ts +2 -2
- package/dist-server/utils/check-permission.js +3 -3
- package/dist-server/utils/check-permission.js.map +1 -1
- package/dist-server/utils/check-user-belongs-domain.d.ts +1 -1
- package/dist-server/utils/check-user-belongs-domain.js +2 -2
- package/dist-server/utils/check-user-belongs-domain.js.map +1 -1
- package/dist-server/utils/get-domain-users.d.ts +1 -1
- package/dist-server/utils/get-domain-users.js +2 -2
- package/dist-server/utils/get-domain-users.js.map +1 -1
- package/dist-server/utils/get-user-domains.d.ts +2 -2
- package/dist-server/utils/get-user-domains.js +7 -5
- package/dist-server/utils/get-user-domains.js.map +1 -1
- package/helps/config/recaptcha.ja.md +49 -0
- package/helps/config/recaptcha.ko.md +49 -0
- package/helps/config/recaptcha.md +49 -0
- package/helps/config/recaptcha.ms.md +49 -0
- package/helps/config/recaptcha.zh.md +49 -0
- package/package.json +7 -6
- package/client/actions/auth.ts +0 -24
- package/client/auth.ts +0 -268
- package/client/bootstrap.ts +0 -47
- package/client/directive/privileged.ts +0 -28
- package/client/index.ts +0 -3
- package/client/profiled.ts +0 -83
- package/client/reducers/auth.ts +0 -31
- package/server/constants/error-code.ts +0 -22
- package/server/constants/error-message.ts +0 -0
- package/server/constants/max-age.ts +0 -1
- package/server/controllers/auth.ts +0 -5
- package/server/controllers/change-pwd.ts +0 -100
- package/server/controllers/checkin.ts +0 -21
- package/server/controllers/delete-user.ts +0 -76
- package/server/controllers/invitation.ts +0 -168
- package/server/controllers/profile.ts +0 -55
- package/server/controllers/reset-password.ts +0 -126
- package/server/controllers/signin.ts +0 -103
- package/server/controllers/signup.ts +0 -77
- package/server/controllers/unlock-user.ts +0 -62
- package/server/controllers/utils/make-invitation-token.ts +0 -5
- package/server/controllers/utils/make-verification-token.ts +0 -4
- package/server/controllers/utils/password-rule.ts +0 -120
- package/server/controllers/utils/save-invitation-token.ts +0 -10
- package/server/controllers/utils/save-verification-token.ts +0 -12
- package/server/controllers/verification.ts +0 -84
- package/server/errors/auth-error.ts +0 -24
- package/server/errors/index.ts +0 -2
- package/server/errors/user-domain-not-match-error.ts +0 -29
- package/server/index.ts +0 -37
- package/server/middlewares/authenticate-401-middleware.ts +0 -114
- package/server/middlewares/domain-authenticate-middleware.ts +0 -73
- package/server/middlewares/graphql-authenticate-middleware.ts +0 -13
- package/server/middlewares/index.ts +0 -67
- package/server/middlewares/jwt-authenticate-middleware.ts +0 -84
- package/server/middlewares/signin-middleware.ts +0 -56
- package/server/middlewares/webauthn-middleware.ts +0 -131
- package/server/migrations/1548206416130-SeedUser.ts +0 -60
- package/server/migrations/1566805283882-SeedPrivilege.ts +0 -28
- package/server/migrations/index.ts +0 -9
- package/server/router/auth-checkin-router.ts +0 -115
- package/server/router/auth-private-process-router.ts +0 -127
- package/server/router/auth-public-process-router.ts +0 -319
- package/server/router/auth-signin-router.ts +0 -76
- package/server/router/auth-signup-router.ts +0 -95
- package/server/router/index.ts +0 -9
- package/server/router/oauth2/index.ts +0 -2
- package/server/router/oauth2/oauth2-authorize-router.ts +0 -81
- package/server/router/oauth2/oauth2-router.ts +0 -165
- package/server/router/oauth2/oauth2-server.ts +0 -262
- package/server/router/oauth2/passport-oauth2-client-password.ts +0 -87
- package/server/router/oauth2/passport-refresh-token.ts +0 -87
- package/server/router/path-base-domain-router.ts +0 -8
- package/server/router/site-root-router.ts +0 -48
- package/server/router/webauthn-router.ts +0 -85
- package/server/routes.ts +0 -89
- package/server/service/app-binding/app-binding-mutation.ts +0 -22
- package/server/service/app-binding/app-binding-query.ts +0 -92
- package/server/service/app-binding/app-binding-types.ts +0 -11
- package/server/service/app-binding/app-binding.ts +0 -17
- package/server/service/app-binding/index.ts +0 -4
- package/server/service/appliance/appliance-mutation.ts +0 -113
- package/server/service/appliance/appliance-query.ts +0 -76
- package/server/service/appliance/appliance-types.ts +0 -56
- package/server/service/appliance/appliance.ts +0 -133
- package/server/service/appliance/index.ts +0 -6
- package/server/service/application/application-mutation.ts +0 -104
- package/server/service/application/application-query.ts +0 -98
- package/server/service/application/application-types.ts +0 -76
- package/server/service/application/application.ts +0 -216
- package/server/service/application/index.ts +0 -6
- package/server/service/auth-provider/auth-provider-mutation.ts +0 -159
- package/server/service/auth-provider/auth-provider-parameter-spec.ts +0 -24
- package/server/service/auth-provider/auth-provider-query.ts +0 -88
- package/server/service/auth-provider/auth-provider-type.ts +0 -67
- package/server/service/auth-provider/auth-provider.ts +0 -155
- package/server/service/auth-provider/index.ts +0 -7
- package/server/service/domain-generator/domain-generator-mutation.ts +0 -117
- package/server/service/domain-generator/domain-generator-types.ts +0 -46
- package/server/service/domain-generator/index.ts +0 -3
- package/server/service/granted-role/granted-role-mutation.ts +0 -156
- package/server/service/granted-role/granted-role-query.ts +0 -60
- package/server/service/granted-role/granted-role.ts +0 -27
- package/server/service/granted-role/index.ts +0 -6
- package/server/service/index.ts +0 -90
- package/server/service/invitation/index.ts +0 -6
- package/server/service/invitation/invitation-mutation.ts +0 -78
- package/server/service/invitation/invitation-query.ts +0 -33
- package/server/service/invitation/invitation-types.ts +0 -11
- package/server/service/invitation/invitation.ts +0 -63
- package/server/service/login-history/index.ts +0 -5
- package/server/service/login-history/login-history-query.ts +0 -51
- package/server/service/login-history/login-history-type.ts +0 -12
- package/server/service/login-history/login-history.ts +0 -45
- package/server/service/partner/index.ts +0 -6
- package/server/service/partner/partner-mutation.ts +0 -61
- package/server/service/partner/partner-query.ts +0 -102
- package/server/service/partner/partner-types.ts +0 -11
- package/server/service/partner/partner.ts +0 -57
- package/server/service/password-history/index.ts +0 -3
- package/server/service/password-history/password-history.ts +0 -16
- package/server/service/privilege/index.ts +0 -6
- package/server/service/privilege/privilege-directive.ts +0 -77
- package/server/service/privilege/privilege-mutation.ts +0 -92
- package/server/service/privilege/privilege-query.ts +0 -94
- package/server/service/privilege/privilege-types.ts +0 -60
- package/server/service/privilege/privilege.ts +0 -102
- package/server/service/role/index.ts +0 -6
- package/server/service/role/role-mutation.ts +0 -109
- package/server/service/role/role-query.ts +0 -155
- package/server/service/role/role-types.ts +0 -81
- package/server/service/role/role.ts +0 -72
- package/server/service/user/domain-query.ts +0 -24
- package/server/service/user/index.ts +0 -7
- package/server/service/user/user-mutation.ts +0 -517
- package/server/service/user/user-query.ts +0 -145
- package/server/service/user/user-types.ts +0 -100
- package/server/service/user/user.ts +0 -386
- package/server/service/users-auth-providers/index.ts +0 -5
- package/server/service/users-auth-providers/users-auth-providers.ts +0 -71
- package/server/service/verification-token/index.ts +0 -3
- package/server/service/verification-token/verification-token.ts +0 -60
- package/server/service/web-auth-credential/index.ts +0 -3
- package/server/service/web-auth-credential/web-auth-credential.ts +0 -66
- package/server/templates/account-unlock-email.ts +0 -65
- package/server/templates/invitation-email.ts +0 -66
- package/server/templates/reset-password-email.ts +0 -65
- package/server/templates/verification-email.ts +0 -66
- package/server/types.ts +0 -21
- package/server/utils/accepts.ts +0 -11
- package/server/utils/access-token-cookie.ts +0 -50
- package/server/utils/check-permission.ts +0 -52
- package/server/utils/check-user-belongs-domain.ts +0 -19
- package/server/utils/check-user-has-role.ts +0 -29
- package/server/utils/encrypt-state.ts +0 -22
- package/server/utils/get-aes-256-key.ts +0 -13
- package/server/utils/get-domain-users.ts +0 -38
- package/server/utils/get-secret.ts +0 -13
- package/server/utils/get-user-domains.ts +0 -115
package/client/auth.ts
DELETED
|
@@ -1,268 +0,0 @@
|
|
|
1
|
-
/* [ AUTH PATH ]
|
|
2
|
-
signinPath = '/auth/signin'
|
|
3
|
-
signoutPath = '/auth/signout'
|
|
4
|
-
profilePath = '/auth/profile'
|
|
5
|
-
updateProfilePath = '/auth/update-profile'
|
|
6
|
-
changepassPath = '/auth/change-pass'
|
|
7
|
-
deleteUserPath = '/auth/delete-user'
|
|
8
|
-
*/
|
|
9
|
-
|
|
10
|
-
const HEADER_JSON = {
|
|
11
|
-
'Content-Type': 'application/json',
|
|
12
|
-
Accept: 'application/json'
|
|
13
|
-
}
|
|
14
|
-
type AuthEventName = 'profile' | 'signin' | 'signout' | 'presignout' | 'passwordchange' | 'error'
|
|
15
|
-
type AuthEventHandler = (e?: {
|
|
16
|
-
accessToken?: string
|
|
17
|
-
credential?: string
|
|
18
|
-
domains: any[]
|
|
19
|
-
domain: any
|
|
20
|
-
languages?: { code: string; display: string }[]
|
|
21
|
-
}) => void
|
|
22
|
-
type AuthErrorHandler = (err: any) => void
|
|
23
|
-
|
|
24
|
-
class ClientAuth {
|
|
25
|
-
private listeners: {
|
|
26
|
-
profile: AuthEventHandler[]
|
|
27
|
-
signout: AuthEventHandler[]
|
|
28
|
-
signin: AuthEventHandler[]
|
|
29
|
-
presignout: AuthEventHandler[]
|
|
30
|
-
passwordchange: AuthEventHandler[]
|
|
31
|
-
error: AuthErrorHandler[]
|
|
32
|
-
} = {
|
|
33
|
-
profile: [],
|
|
34
|
-
signout: [],
|
|
35
|
-
signin: [],
|
|
36
|
-
presignout: [],
|
|
37
|
-
passwordchange: [],
|
|
38
|
-
error: []
|
|
39
|
-
}
|
|
40
|
-
|
|
41
|
-
private authRequiredEventListener = this.onAuthRequired.bind(this)
|
|
42
|
-
private activateRequiredEventListener = this.onActivateRequired.bind(this)
|
|
43
|
-
|
|
44
|
-
private _credential: any
|
|
45
|
-
private accessToken?: string
|
|
46
|
-
private domains: any[] = []
|
|
47
|
-
private domain: any
|
|
48
|
-
private languages: { code: string; display: string }[] = []
|
|
49
|
-
|
|
50
|
-
constructor() {
|
|
51
|
-
document.addEventListener('auth-required', this.authRequiredEventListener)
|
|
52
|
-
document.addEventListener('activate-required', this.activateRequiredEventListener)
|
|
53
|
-
}
|
|
54
|
-
|
|
55
|
-
on(event: AuthEventName, handler: AuthEventHandler | AuthErrorHandler) {
|
|
56
|
-
var listeners = this.listeners[event]
|
|
57
|
-
if (listeners) {
|
|
58
|
-
listeners.push(handler)
|
|
59
|
-
} else {
|
|
60
|
-
console.log('unknown event', event)
|
|
61
|
-
}
|
|
62
|
-
|
|
63
|
-
if (event == 'profile' && this._credential) {
|
|
64
|
-
/*
|
|
65
|
-
특별히 event 가 profile 인 경우에는 이미 fetch된 credential이 있다면, 콜백을 해준다.
|
|
66
|
-
시스템 bootstrap에서 profile 이벤트가 사용되는 경우가 많은데, profile도 매우 초기에 fetch 되므로 레이스컨디션이 발생할 수 있기 때문에, 확실하게 event 콜백을 보장하기 위해서이다.
|
|
67
|
-
*/
|
|
68
|
-
handler({ credential: this._credential, domains: this.domains, domain: this.domain, languages: this.languages })
|
|
69
|
-
}
|
|
70
|
-
}
|
|
71
|
-
|
|
72
|
-
off(event: AuthEventName, handler: AuthEventHandler | AuthErrorHandler) {
|
|
73
|
-
var listeners = this.listeners[event]
|
|
74
|
-
if (listeners) {
|
|
75
|
-
let idx = listeners.indexOf(handler)
|
|
76
|
-
idx >= 0 && listeners.splice(idx, 1)
|
|
77
|
-
} else {
|
|
78
|
-
console.log('unknown event', event)
|
|
79
|
-
}
|
|
80
|
-
}
|
|
81
|
-
|
|
82
|
-
dispose() {
|
|
83
|
-
document.removeEventListener('auth-required', this.authRequiredEventListener)
|
|
84
|
-
document.removeEventListener('activate-required', this.activateRequiredEventListener)
|
|
85
|
-
|
|
86
|
-
this.listeners = {
|
|
87
|
-
profile: [],
|
|
88
|
-
signin: [],
|
|
89
|
-
signout: [],
|
|
90
|
-
presignout: [],
|
|
91
|
-
passwordchange: [],
|
|
92
|
-
error: []
|
|
93
|
-
}
|
|
94
|
-
}
|
|
95
|
-
|
|
96
|
-
private onProfileFetched({ credential, accessToken, domains, domain, languages }) {
|
|
97
|
-
this._credential = credential
|
|
98
|
-
this.domains = domains
|
|
99
|
-
this.domain = domain
|
|
100
|
-
this.languages = languages
|
|
101
|
-
|
|
102
|
-
if (accessToken && !this.accessToken) {
|
|
103
|
-
/*
|
|
104
|
-
기존에 세션을 가지거나, 액세스토큰으로 인증된 경우,
|
|
105
|
-
이 경우는 signin 이벤트리스너들을 호출해서 authenticated 상태로 되도록 유도한다.
|
|
106
|
-
*/
|
|
107
|
-
this.accessToken = accessToken
|
|
108
|
-
this.listeners.signin.forEach(handler => handler({ accessToken, domains, domain, languages }))
|
|
109
|
-
}
|
|
110
|
-
accessToken && (this.accessToken = accessToken)
|
|
111
|
-
this.listeners.profile.forEach(handler => handler({ credential, domains, domain, languages }))
|
|
112
|
-
}
|
|
113
|
-
|
|
114
|
-
private async onPreSignout() {
|
|
115
|
-
for (let onpresignout of this.listeners.presignout) {
|
|
116
|
-
await onpresignout()
|
|
117
|
-
}
|
|
118
|
-
}
|
|
119
|
-
|
|
120
|
-
private onAuthError(error) {
|
|
121
|
-
/* signin, signup 과정에서 에러가 발생한 경우 */
|
|
122
|
-
this.listeners?.error.forEach(handler => handler(error))
|
|
123
|
-
}
|
|
124
|
-
|
|
125
|
-
private onPasswordChanged(result) {
|
|
126
|
-
//event is passwordchange, handler is result
|
|
127
|
-
this.listeners?.passwordchange.forEach(handler => handler(result))
|
|
128
|
-
}
|
|
129
|
-
|
|
130
|
-
private onAuthRequired(e) {
|
|
131
|
-
console.warn('authentication required')
|
|
132
|
-
let url = new URL(window.location.href)
|
|
133
|
-
url.pathname = '/auth/signin'
|
|
134
|
-
url.searchParams.append('redirect_to', window.location.href)
|
|
135
|
-
|
|
136
|
-
window.location.href = url.href
|
|
137
|
-
}
|
|
138
|
-
|
|
139
|
-
private onActivateRequired(e) {
|
|
140
|
-
console.warn('activate required')
|
|
141
|
-
var params = new URLSearchParams()
|
|
142
|
-
params.append('email', e.email)
|
|
143
|
-
|
|
144
|
-
window.location.replace(`/auth/activate?${params}`)
|
|
145
|
-
}
|
|
146
|
-
|
|
147
|
-
get credential() {
|
|
148
|
-
return this._credential
|
|
149
|
-
}
|
|
150
|
-
|
|
151
|
-
route(path, redirected) {
|
|
152
|
-
/* history에 남긴다. redirected된 상태임을 남긴다. */
|
|
153
|
-
const location = window.location
|
|
154
|
-
const origin = location.origin || location.protocol + '//' + location.host
|
|
155
|
-
const href = `${origin}${path}`
|
|
156
|
-
|
|
157
|
-
if (location.pathname === path) return
|
|
158
|
-
|
|
159
|
-
// popstate 이벤트가 history.back() 에서만 발생하므로
|
|
160
|
-
// 히스토리에 두번을 넣고 back()을 호출하는 편법을 사용함.
|
|
161
|
-
// forward history가 한번 남는 문제가 있으나 signin 프로세스 중에만 발생하므로 큰 문제는 아님.
|
|
162
|
-
// 이 로직은 login process가 어플리케이션 구조에 종속되는 것을 최소화하기 위함임.
|
|
163
|
-
// 예를 들면, redux 구조에 들어가지 않아도 로그인 프로세스가 동작하도록 한 것임.
|
|
164
|
-
window.history.pushState({ redirected }, '', href)
|
|
165
|
-
window.history.pushState({}, '', href)
|
|
166
|
-
|
|
167
|
-
window.history.back()
|
|
168
|
-
}
|
|
169
|
-
|
|
170
|
-
async updateProfile(formProps) {
|
|
171
|
-
const response = await fetch('/auth/update-profile', {
|
|
172
|
-
method: 'POST',
|
|
173
|
-
credentials: 'include',
|
|
174
|
-
headers: HEADER_JSON,
|
|
175
|
-
body: JSON.stringify(formProps)
|
|
176
|
-
})
|
|
177
|
-
|
|
178
|
-
const message = await response.text()
|
|
179
|
-
if (response.ok) {
|
|
180
|
-
return message
|
|
181
|
-
}
|
|
182
|
-
|
|
183
|
-
throw new Error(message)
|
|
184
|
-
}
|
|
185
|
-
|
|
186
|
-
async changePassword(formProps) {
|
|
187
|
-
try {
|
|
188
|
-
const response = await fetch('/auth/change-pass', {
|
|
189
|
-
method: 'POST',
|
|
190
|
-
credentials: 'include',
|
|
191
|
-
headers: HEADER_JSON,
|
|
192
|
-
body: JSON.stringify(formProps)
|
|
193
|
-
})
|
|
194
|
-
|
|
195
|
-
const message = await response.text()
|
|
196
|
-
if (response.ok) {
|
|
197
|
-
this.onPasswordChanged({ message })
|
|
198
|
-
} else {
|
|
199
|
-
this.onAuthError({ message })
|
|
200
|
-
}
|
|
201
|
-
} catch (e) {
|
|
202
|
-
this.onAuthError(e)
|
|
203
|
-
}
|
|
204
|
-
}
|
|
205
|
-
|
|
206
|
-
async deleteUser(params) {
|
|
207
|
-
const response = await fetch('/auth/delete-user', {
|
|
208
|
-
method: 'POST',
|
|
209
|
-
credentials: 'include',
|
|
210
|
-
headers: HEADER_JSON,
|
|
211
|
-
body: JSON.stringify(params)
|
|
212
|
-
})
|
|
213
|
-
|
|
214
|
-
const message = await response.text()
|
|
215
|
-
if (response.ok) {
|
|
216
|
-
return message
|
|
217
|
-
} else {
|
|
218
|
-
throw new Error(message)
|
|
219
|
-
}
|
|
220
|
-
}
|
|
221
|
-
|
|
222
|
-
async profile() {
|
|
223
|
-
try {
|
|
224
|
-
var searchParams = new URLSearchParams(location.search)
|
|
225
|
-
var token = searchParams.get('token')
|
|
226
|
-
var headers = JSON.parse(JSON.stringify(HEADER_JSON))
|
|
227
|
-
|
|
228
|
-
if (token) {
|
|
229
|
-
headers.authorization = `Bearer ${token}`
|
|
230
|
-
}
|
|
231
|
-
|
|
232
|
-
const response = await fetch('/auth/profile', {
|
|
233
|
-
method: 'GET',
|
|
234
|
-
credentials: 'include',
|
|
235
|
-
headers
|
|
236
|
-
})
|
|
237
|
-
|
|
238
|
-
if (response.ok) {
|
|
239
|
-
if (response.redirected) {
|
|
240
|
-
location.href = response.url
|
|
241
|
-
return
|
|
242
|
-
}
|
|
243
|
-
|
|
244
|
-
const data = await response.json()
|
|
245
|
-
|
|
246
|
-
this.onProfileFetched({
|
|
247
|
-
credential: data.user,
|
|
248
|
-
accessToken: data.token,
|
|
249
|
-
domains: data.domains,
|
|
250
|
-
domain: data.domain,
|
|
251
|
-
languages: data.languages
|
|
252
|
-
})
|
|
253
|
-
|
|
254
|
-
return
|
|
255
|
-
}
|
|
256
|
-
} catch (e) {
|
|
257
|
-
this.onAuthError(e)
|
|
258
|
-
}
|
|
259
|
-
}
|
|
260
|
-
|
|
261
|
-
async signout() {
|
|
262
|
-
await this.onPreSignout()
|
|
263
|
-
|
|
264
|
-
window.location.href = '/auth/signout'
|
|
265
|
-
}
|
|
266
|
-
}
|
|
267
|
-
|
|
268
|
-
export const auth = new ClientAuth()
|
package/client/bootstrap.ts
DELETED
|
@@ -1,47 +0,0 @@
|
|
|
1
|
-
import { store, updateDomains } from '@operato/shell'
|
|
2
|
-
|
|
3
|
-
import { updateAuthenticated, updateUser } from './actions/auth'
|
|
4
|
-
import { auth } from './auth'
|
|
5
|
-
import reducerAuth from './reducers/auth'
|
|
6
|
-
|
|
7
|
-
import './directive/privileged' /* directive 초기화를 보장하기 위해서 호출함. */
|
|
8
|
-
|
|
9
|
-
export default function bootstrap() {
|
|
10
|
-
store.addReducers({
|
|
11
|
-
auth: reducerAuth
|
|
12
|
-
})
|
|
13
|
-
|
|
14
|
-
auth.on('profile', ({ credential, domains, domain, languages }) => {
|
|
15
|
-
store.dispatch(
|
|
16
|
-
updateAuthenticated({
|
|
17
|
-
authenticated: true
|
|
18
|
-
}) as any
|
|
19
|
-
)
|
|
20
|
-
store.dispatch(updateUser(credential) as any)
|
|
21
|
-
store.dispatch(updateDomains(domains, domain) as any)
|
|
22
|
-
})
|
|
23
|
-
|
|
24
|
-
auth.on('passwordchange', result => {
|
|
25
|
-
let message = result.message
|
|
26
|
-
|
|
27
|
-
document.dispatchEvent(
|
|
28
|
-
new CustomEvent('notify', {
|
|
29
|
-
detail: {
|
|
30
|
-
level: result.error ? 'error' : 'info',
|
|
31
|
-
message
|
|
32
|
-
}
|
|
33
|
-
})
|
|
34
|
-
)
|
|
35
|
-
})
|
|
36
|
-
|
|
37
|
-
auth.on('error', ex => {
|
|
38
|
-
document.dispatchEvent(
|
|
39
|
-
new CustomEvent('notify', {
|
|
40
|
-
detail: {
|
|
41
|
-
level: 'error',
|
|
42
|
-
message: ex.message
|
|
43
|
-
}
|
|
44
|
-
})
|
|
45
|
-
)
|
|
46
|
-
})
|
|
47
|
-
}
|
|
@@ -1,28 +0,0 @@
|
|
|
1
|
-
import { nothing } from 'lit'
|
|
2
|
-
import { directive, AsyncDirective } from 'lit/async-directive.js'
|
|
3
|
-
import { hasPrivilege } from '../profiled'
|
|
4
|
-
|
|
5
|
-
class PrivilegedDirective extends AsyncDirective {
|
|
6
|
-
render(
|
|
7
|
-
privilege: {
|
|
8
|
-
privilege?: string
|
|
9
|
-
category?: string
|
|
10
|
-
domainOwnerGranted?: boolean
|
|
11
|
-
superUserGranted?: boolean
|
|
12
|
-
},
|
|
13
|
-
trueResult: any,
|
|
14
|
-
falseResult: any = nothing
|
|
15
|
-
) {
|
|
16
|
-
this.setValue(nothing)
|
|
17
|
-
|
|
18
|
-
hasPrivilege(privilege).then(result => {
|
|
19
|
-
if (result) {
|
|
20
|
-
this.setValue(trueResult)
|
|
21
|
-
} else {
|
|
22
|
-
this.setValue(falseResult)
|
|
23
|
-
}
|
|
24
|
-
})
|
|
25
|
-
}
|
|
26
|
-
}
|
|
27
|
-
|
|
28
|
-
export const privileged = directive(PrivilegedDirective)
|
package/client/index.ts
DELETED
package/client/profiled.ts
DELETED
|
@@ -1,83 +0,0 @@
|
|
|
1
|
-
import { auth } from './auth'
|
|
2
|
-
|
|
3
|
-
var profileResolved = false
|
|
4
|
-
var user
|
|
5
|
-
var languages
|
|
6
|
-
var domain
|
|
7
|
-
var domains
|
|
8
|
-
|
|
9
|
-
const profileReady = new Promise<void>(resolve => {
|
|
10
|
-
auth.on('profile', (data: { credential; domains; domain; languages }) => {
|
|
11
|
-
profileResolved = true
|
|
12
|
-
|
|
13
|
-
user = data.credential
|
|
14
|
-
languages = data.languages
|
|
15
|
-
domain = data.domain
|
|
16
|
-
domains = data.domains
|
|
17
|
-
|
|
18
|
-
resolve()
|
|
19
|
-
})
|
|
20
|
-
})
|
|
21
|
-
|
|
22
|
-
export async function hasPrivilege({
|
|
23
|
-
privilege,
|
|
24
|
-
category,
|
|
25
|
-
domainOwnerGranted,
|
|
26
|
-
superUserGranted
|
|
27
|
-
}: {
|
|
28
|
-
privilege?: string
|
|
29
|
-
category?: string
|
|
30
|
-
domainOwnerGranted?: boolean
|
|
31
|
-
superUserGranted?: boolean
|
|
32
|
-
}) {
|
|
33
|
-
if (!profileResolved) {
|
|
34
|
-
await profileReady
|
|
35
|
-
}
|
|
36
|
-
|
|
37
|
-
const { privileges, owner, super: superUser, unsafeIP } = user
|
|
38
|
-
|
|
39
|
-
if (unsafeIP) {
|
|
40
|
-
if (privilege && category) {
|
|
41
|
-
// unsafeIP 상황에서는 ownership granted는 적용되지 않는다.
|
|
42
|
-
return (privileges || []).find(p => p.privilege == privilege && p.category == category)
|
|
43
|
-
}
|
|
44
|
-
|
|
45
|
-
// privileage, category가 설정되지 않은 경우에는 ownership granted가 설정되었다면 허가하지 않는다.
|
|
46
|
-
return !domainOwnerGranted && !superUserGranted
|
|
47
|
-
} else {
|
|
48
|
-
if (!privilege || !category) {
|
|
49
|
-
// privileage, category가 설정되지 않은 경우에는 ownership granted만을 적용한다.
|
|
50
|
-
return (domainOwnerGranted && owner) || (superUserGranted && superUser)
|
|
51
|
-
}
|
|
52
|
-
|
|
53
|
-
if ((domainOwnerGranted && owner) || (superUserGranted && superUser)) {
|
|
54
|
-
return true
|
|
55
|
-
}
|
|
56
|
-
|
|
57
|
-
return (privileges || []).find(p => p.privilege == privilege && p.category == category)
|
|
58
|
-
}
|
|
59
|
-
}
|
|
60
|
-
|
|
61
|
-
export async function getLanguages() {
|
|
62
|
-
if (!profileResolved) {
|
|
63
|
-
await profileReady
|
|
64
|
-
}
|
|
65
|
-
|
|
66
|
-
return languages
|
|
67
|
-
}
|
|
68
|
-
|
|
69
|
-
export async function getDomain() {
|
|
70
|
-
if (!profileResolved) {
|
|
71
|
-
await profileReady
|
|
72
|
-
}
|
|
73
|
-
|
|
74
|
-
return domain
|
|
75
|
-
}
|
|
76
|
-
|
|
77
|
-
export async function getDomains() {
|
|
78
|
-
if (!profileResolved) {
|
|
79
|
-
await profileReady
|
|
80
|
-
}
|
|
81
|
-
|
|
82
|
-
return domains
|
|
83
|
-
}
|
package/client/reducers/auth.ts
DELETED
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
import { SET_AUTH, SET_PROFILE } from '../actions/auth'
|
|
2
|
-
|
|
3
|
-
const INITIAL_STATE = {
|
|
4
|
-
authenticated: false,
|
|
5
|
-
accessToken: '',
|
|
6
|
-
user: null
|
|
7
|
-
}
|
|
8
|
-
|
|
9
|
-
const auth = (state = INITIAL_STATE, action) => {
|
|
10
|
-
switch (action.type) {
|
|
11
|
-
case SET_AUTH:
|
|
12
|
-
let auth = action.auth
|
|
13
|
-
|
|
14
|
-
return {
|
|
15
|
-
...state,
|
|
16
|
-
authenticated: auth.authenticated,
|
|
17
|
-
accessToken: auth.accessToken
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
case SET_PROFILE:
|
|
21
|
-
return {
|
|
22
|
-
...state,
|
|
23
|
-
user: action.user
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
default:
|
|
27
|
-
return state
|
|
28
|
-
}
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
export default auth
|
|
@@ -1,22 +0,0 @@
|
|
|
1
|
-
export const USER_NOT_FOUND = 'user not found'
|
|
2
|
-
export const PASSWORD_NOT_MATCHED = 'password-not-matched'
|
|
3
|
-
export const USER_NOT_ACTIVATED = 'user not activated'
|
|
4
|
-
export const USER_LOCKED = 'user-locked'
|
|
5
|
-
export const USER_DELETED = 'user-deleted'
|
|
6
|
-
export const NO_AVAILABLE_DOMAIN = 'no-available-domain'
|
|
7
|
-
export const UNAVAILABLE_DOMAIN = 'unavailable-domain'
|
|
8
|
-
export const NO_SELECTED_DOMAIN = 'no-selected-domain'
|
|
9
|
-
export const REDIRECT_TO_DEFAULT_DOMAIN = 'redirect-to-default-domain'
|
|
10
|
-
export const TOKEN_INVALID = 'token-invalid'
|
|
11
|
-
export const AUTH_INVALID = 'auth-invalid'
|
|
12
|
-
export const SUBDOMAIN_NOTFOUND = 'subdomain not found'
|
|
13
|
-
export const CONFIRM_PASSWORD_NOT_MATCHED = 'confirm password not matched'
|
|
14
|
-
export const PASSWORD_PATTERN_NOT_MATCHED = 'password should match the rule'
|
|
15
|
-
export const USER_DUPLICATED = 'user duplicated'
|
|
16
|
-
export const PASSWORD_USED_PAST = 'password used in the past'
|
|
17
|
-
export const VERIFICATION_ERROR = 'user or verification token not found'
|
|
18
|
-
export const AUTHN_VERIFICATION_FAILED = 'authn verification failed'
|
|
19
|
-
export const USER_CREDENTIAL_NOT_FOUND = 'user credential not found'
|
|
20
|
-
export const EMAIL_ALREADY_EXISTS = 'email already exists'
|
|
21
|
-
export const USERNAME_ALREADY_EXISTS = 'email already exists'
|
|
22
|
-
export const AUTH_ERROR = 'auth error'
|
|
File without changes
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export const MAX_AGE = 7 * 24 * 3600 * 1000
|
|
@@ -1,100 +0,0 @@
|
|
|
1
|
-
import { config } from '@things-factory/env'
|
|
2
|
-
import { getRepository } from '@things-factory/shell'
|
|
3
|
-
|
|
4
|
-
import {
|
|
5
|
-
CONFIRM_PASSWORD_NOT_MATCHED,
|
|
6
|
-
PASSWORD_NOT_MATCHED,
|
|
7
|
-
PASSWORD_USED_PAST,
|
|
8
|
-
USER_NOT_FOUND
|
|
9
|
-
} from '../constants/error-code'
|
|
10
|
-
import { AuthError } from '../errors/auth-error'
|
|
11
|
-
import { PasswordHistory } from '../service/password-history/password-history'
|
|
12
|
-
import { User } from '../service/user/user'
|
|
13
|
-
|
|
14
|
-
const HISTORY_SIZE = config.get('password', { history: 0 }).history
|
|
15
|
-
|
|
16
|
-
export async function changePwd(attrs, currentPass, newPass, confirmPass, context) {
|
|
17
|
-
const { domain } = context.state
|
|
18
|
-
|
|
19
|
-
// TODO 이 사용자가 이 도메인에 속한 사용자인지 확인해야함.
|
|
20
|
-
const repository = getRepository(User)
|
|
21
|
-
|
|
22
|
-
const user: User = await repository.findOne({ where: { id: attrs.id } })
|
|
23
|
-
|
|
24
|
-
if (!user) {
|
|
25
|
-
throw new AuthError({
|
|
26
|
-
errorCode: USER_NOT_FOUND
|
|
27
|
-
})
|
|
28
|
-
}
|
|
29
|
-
|
|
30
|
-
if (newPass !== confirmPass) {
|
|
31
|
-
throw new AuthError({
|
|
32
|
-
errorCode: CONFIRM_PASSWORD_NOT_MATCHED
|
|
33
|
-
})
|
|
34
|
-
}
|
|
35
|
-
|
|
36
|
-
if (!User.verify(user.password, currentPass, user.salt)) {
|
|
37
|
-
throw new AuthError({
|
|
38
|
-
errorCode: PASSWORD_NOT_MATCHED,
|
|
39
|
-
detail: {
|
|
40
|
-
username: user.username,
|
|
41
|
-
email: user.email,
|
|
42
|
-
failCount: user.failCount
|
|
43
|
-
}
|
|
44
|
-
})
|
|
45
|
-
}
|
|
46
|
-
|
|
47
|
-
/* check if password is following the rule */
|
|
48
|
-
User.validatePasswordByRule(newPass, context?.lng)
|
|
49
|
-
|
|
50
|
-
user.password = User.encode(newPass, user.salt)
|
|
51
|
-
|
|
52
|
-
if (HISTORY_SIZE > 0) {
|
|
53
|
-
var passwordHistory: PasswordHistory = await getRepository(PasswordHistory).findOneBy({ userId: user.id })
|
|
54
|
-
var history = []
|
|
55
|
-
|
|
56
|
-
if (passwordHistory) {
|
|
57
|
-
try {
|
|
58
|
-
history = JSON.parse(passwordHistory.history)
|
|
59
|
-
if (!(history instanceof Array)) {
|
|
60
|
-
console.error('password history maybe currupted - not an array')
|
|
61
|
-
history = []
|
|
62
|
-
}
|
|
63
|
-
} catch (e) {
|
|
64
|
-
console.error('password history currupted - not json format')
|
|
65
|
-
}
|
|
66
|
-
|
|
67
|
-
const found = history.slice(0, HISTORY_SIZE).find(h => {
|
|
68
|
-
return User.verify(h.password, newPass, h.salt)
|
|
69
|
-
})
|
|
70
|
-
|
|
71
|
-
if (found) {
|
|
72
|
-
throw new AuthError({
|
|
73
|
-
errorCode: PASSWORD_USED_PAST
|
|
74
|
-
})
|
|
75
|
-
}
|
|
76
|
-
}
|
|
77
|
-
}
|
|
78
|
-
|
|
79
|
-
await repository.save({
|
|
80
|
-
...user,
|
|
81
|
-
passwordUpdatedAt: new Date()
|
|
82
|
-
})
|
|
83
|
-
|
|
84
|
-
if (HISTORY_SIZE > 0) {
|
|
85
|
-
history = [
|
|
86
|
-
{
|
|
87
|
-
password: user.password,
|
|
88
|
-
salt: user.salt
|
|
89
|
-
},
|
|
90
|
-
...history
|
|
91
|
-
].slice(0, HISTORY_SIZE)
|
|
92
|
-
|
|
93
|
-
await getRepository(PasswordHistory).save({
|
|
94
|
-
userId: user.id,
|
|
95
|
-
history: JSON.stringify(history)
|
|
96
|
-
})
|
|
97
|
-
}
|
|
98
|
-
|
|
99
|
-
return await user.sign({ subdomain: domain.subdomain })
|
|
100
|
-
}
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
import { Domain, getRepository } from '@things-factory/shell'
|
|
2
|
-
|
|
3
|
-
import { User } from '../service/user/user'
|
|
4
|
-
import { getUserDomains } from '../utils/get-user-domains'
|
|
5
|
-
|
|
6
|
-
export async function checkin({ userId, subdomain }) {
|
|
7
|
-
const userRepo = getRepository(User)
|
|
8
|
-
const user = await userRepo.findOne({ where: { id: userId } })
|
|
9
|
-
const domains: Partial<Domain>[] = await getUserDomains(user)
|
|
10
|
-
|
|
11
|
-
if (!domains?.length) {
|
|
12
|
-
return false
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
const domain = domains.find(domain => domain.subdomain == subdomain)
|
|
16
|
-
if (!domain) {
|
|
17
|
-
return false
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
return await user.sign({ subdomain })
|
|
21
|
-
}
|
|
@@ -1,76 +0,0 @@
|
|
|
1
|
-
import { EntityManager, ILike, In } from 'typeorm'
|
|
2
|
-
import { User, UserStatus } from '../service/user/user'
|
|
3
|
-
import { AuthError } from '../errors/auth-error'
|
|
4
|
-
import { USER_NOT_FOUND } from '../constants/error-code'
|
|
5
|
-
|
|
6
|
-
export async function deleteUser(attrs, tx?: EntityManager) {
|
|
7
|
-
// TODO 이 사용자가 이 도메인에 속한 사용자인지 확인해야함.
|
|
8
|
-
// TODO 다른 도메인에도 포함되어있다면, domains-users 관게와 해당 도메인 관련 정보만 삭제해야 함.
|
|
9
|
-
|
|
10
|
-
const repository = tx?.getRepository(User)
|
|
11
|
-
const { username } = attrs
|
|
12
|
-
|
|
13
|
-
var user = await repository.findOne({
|
|
14
|
-
where: { username },
|
|
15
|
-
relations: ['domains']
|
|
16
|
-
})
|
|
17
|
-
|
|
18
|
-
/*
|
|
19
|
-
정확한 이메일 정규표현식은 /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username) 이지만,
|
|
20
|
-
appliance 용으로 사용된 이메일로 {{uuid}}@{{domain slugger}} 식으로 사용했으므로
|
|
21
|
-
email 유효성 판단에 /^[^\s@]+@[^\s@]+$/.test(username) 를 사용함.
|
|
22
|
-
*/
|
|
23
|
-
if (!user && /^[^\s@]+@[^\s@]+$/.test(username)) {
|
|
24
|
-
user = await repository.findOne({
|
|
25
|
-
where: { email: ILike(username) },
|
|
26
|
-
relations: ['domains']
|
|
27
|
-
})
|
|
28
|
-
}
|
|
29
|
-
|
|
30
|
-
if (!user) {
|
|
31
|
-
throw new AuthError({
|
|
32
|
-
errorCode: USER_NOT_FOUND
|
|
33
|
-
})
|
|
34
|
-
}
|
|
35
|
-
|
|
36
|
-
user.status = UserStatus.DELETED
|
|
37
|
-
user.domains = []
|
|
38
|
-
|
|
39
|
-
await repository.save(user)
|
|
40
|
-
}
|
|
41
|
-
|
|
42
|
-
export async function deleteUsers(attrs, tx?: EntityManager) {
|
|
43
|
-
// TODO 이 사용자가 이 도메인에 속한 사용자인지 확인해야함.
|
|
44
|
-
// TODO 다른 도메인에도 포함되어있다면, domains-users 관게와 해당 도메인 관련 정보만 삭제해야 함.
|
|
45
|
-
|
|
46
|
-
const { usernames } = attrs
|
|
47
|
-
|
|
48
|
-
const repo = tx?.getRepository(User)
|
|
49
|
-
|
|
50
|
-
const users = await repo.find({
|
|
51
|
-
where: {
|
|
52
|
-
username: In(usernames)
|
|
53
|
-
}
|
|
54
|
-
})
|
|
55
|
-
|
|
56
|
-
const userIds = []
|
|
57
|
-
users.forEach(user => {
|
|
58
|
-
user.status = UserStatus.DELETED
|
|
59
|
-
user.domains = []
|
|
60
|
-
|
|
61
|
-
userIds.push(user.id)
|
|
62
|
-
})
|
|
63
|
-
|
|
64
|
-
await repo.save(users)
|
|
65
|
-
|
|
66
|
-
// repository api는 작동하지 않음.
|
|
67
|
-
// await txManager
|
|
68
|
-
// .createQueryBuilder()
|
|
69
|
-
// .delete()
|
|
70
|
-
// .from('users_domains')
|
|
71
|
-
// .where({
|
|
72
|
-
// usersId: In(userIds)
|
|
73
|
-
// })
|
|
74
|
-
// .execute()
|
|
75
|
-
return true
|
|
76
|
-
}
|