npm - @things-factory/auth-base - Versions diffs - 8.0.38 → 9.0.0-9.0.0-beta.59.0 - Mend

@things-factory/auth-base 8.0.38 → 9.0.0-9.0.0-beta.59.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (489) hide show

package/server/controllers/invitation.ts DELETED Viewed

@@ -1,168 +0,0 @@
-import { ILike } from 'typeorm'
-import { URL } from 'url'
-import { sendEmail } from '@things-factory/email-base'
-import { Domain, getRepository } from '@things-factory/shell'
-import { Invitation } from '../service/invitation/invitation'
-import { User, UserStatus } from '../service/user/user'
-import { getInvitationEmailForm } from '../templates/invitation-email'
-import { makeInvitationToken } from './utils/make-invitation-token'
-import { saveInvitationToken } from './utils/save-invitation-token'
-export async function invite(attrs, withEmailInvitation?: Boolean) {
-  const { username, reference, type, context } = attrs
-  const repository = getRepository(User)
-  var user = await repository.findOne({
-    where: { username },
-    relations: ['domains']
-  })
-  /*
-    정확한 이메일 정규표현식은 /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username) 이지만,
-    appliance 용으로 사용된 이메일로 {{uuid}}@{{domain slugger}} 식으로 사용했으므로
-    email 유효성 판단에 /^[^\s@]+@[^\s@]+$/.test(username) 를 사용함.
-  */
-  if (!user && /^[^\s@]+@[^\s@]+$/.test(username)) {
-    user = await repository.findOne({
-      where: { email: ILike(username) },
-      relations: ['domains']
-    })
-  }
-  var domains = user.domains
-  // TODO reference should not be a domain.id (security reason)
-  if (user) {
-    const domain = domains.find(domain => domain.id == reference)
-    if (domain) {
-      const msg = `user already a member of the ${type}.`
-      throw new Error(msg)
-    }
-  }
-  if (withEmailInvitation) {
-    const email = user.email
-    // TODO 초대장의 유효기간을 설정할 수 있어야 함.
-    var invitation = await getRepository(Invitation).findOneBy({
-      email: ILike(email),
-      reference,
-      type
-    })
-    if (!invitation) {
-      invitation = await getRepository(Invitation).save({
-        email,
-        reference,
-        type
-      })
-    }
-    return await sendInvitationEmail({
-      invitation,
-      user,
-      context
-    })
-  }
-  if (user) {
-    user.domains = [...domains, await getRepository(Domain).findOneBy({ id: reference })]
-    await getRepository(User).save(user)
-  } else {
-    // TODO need to signup
-  }
-}
-export async function acceptInvitation(token) {
-  var invitation = await getRepository(Invitation).findOneBy({
-    token
-  })
-  if (!invitation) {
-    throw new Error(`not found invitation.`)
-  }
-  var { email, reference, type } = invitation
-  var user = await getRepository(User).findOne({ where: { email: ILike(email) }, relations: ['domains'] })
-  if (user) {
-    var domains = user.domains
-    const domain = domains.find(domain => domain.id == reference)
-    if (domain) {
-      const msg = `user already a member of the ${type}.`
-      throw new Error(msg)
-    }
-    user.domains = [...domains, await getRepository(Domain).findOneBy({ id: reference })]
-    await getRepository(User).save(user)
-    await getRepository(Invitation).delete(invitation.id)
-  } else {
-    // TODO goto signup
-  }
-  return true
-}
-export async function sendInvitationEmail({ invitation, user, context }) {
-  try {
-    var token = makeInvitationToken()
-    var verifaction = await saveInvitationToken(invitation.id, token)
-    if (verifaction) {
-      var serviceUrl = new URL(`/auth/accept/${token}`, context.header.referer)
-      await sendEmail({
-        receiver: invitation.email,
-        subject: 'Invitation',
-        content: getInvitationEmailForm({
-          username: user.username,
-          email: invitation.email,
-          acceptUrl: serviceUrl
-        })
-      })
-      return true
-    }
-  } catch (e) {
-    return false
-  }
-}
-export async function resendInvitationEmail(
-  { email, reference, type }: { email: string; reference: string; type: string },
-  context
-) {
-  var invitation = await getRepository(Invitation).findOneBy({
-    email: ILike(email),
-    reference,
-    type
-  })
-  if (!invitation) {
-    throw new Error(`not found invitation.`)
-  }
-  var user = await getRepository(User).findOne({
-    where: {
-      email: ILike(email),
-      status: UserStatus.ACTIVATED
-    }
-  })
-  if (!user) {
-    throw new Error(`user not found: ${email}`)
-  }
-  return await sendInvitationEmail({
-    invitation,
-    user,
-    context
-  })
-}

package/server/controllers/profile.ts DELETED Viewed

@@ -1,55 +0,0 @@
-import { ILike } from 'typeorm'
-import { getRepository } from '@things-factory/shell'
-import { USER_NOT_FOUND } from '../constants/error-code'
-import { AuthError } from '../errors/auth-error'
-import { User } from '../service/user/user'
-export async function updateProfile({ id }, newProfiles) {
-  const repository = getRepository(User)
-  const user = await repository.findOneBy({ id })
-  if (!user) {
-    throw new AuthError({
-      errorCode: USER_NOT_FOUND
-    })
-  }
-  /* only 'username', 'name', 'email' and 'locale' attributes can be changed */
-  var allowed: {
-    username?: string
-    name?: string
-    email?: string
-    locale?: string
-  } = ['username', 'name', 'email', 'locale']
-    .filter(attr => attr in newProfiles)
-    .reduce((sum, attr) => {
-      sum[attr] = newProfiles[attr]
-      return sum
-    }, {})
-  /* check if email and username is unique */
-  if ('email' in allowed) {
-    var found: User = await repository.findOne({ where: { email: ILike(allowed.email) } })
-    if (found && found.id != id) {
-      throw new AuthError({
-        errorCode: AuthError.ERROR_CODES.EMAIL_ALREADY_EXISTS
-      })
-    }
-  }
-  if ('username' in allowed) {
-    var found: User = await repository.findOne({ where: { username: allowed.username } })
-    if (found && found.id != id) {
-      throw new AuthError({
-        errorCode: AuthError.ERROR_CODES.USERNAME_ALREADY_EXISTS
-      })
-    }
-  }
-  return await repository.save({
-    ...user,
-    ...allowed
-  })
-}

package/server/controllers/reset-password.ts DELETED Viewed

@@ -1,126 +0,0 @@
-import { URL } from 'url'
-import { sendEmail } from '@things-factory/email-base'
-import { config } from '@things-factory/env'
-import { getRepository } from '@things-factory/shell'
-import { PASSWORD_USED_PAST } from '../constants/error-code'
-import { AuthError } from '../errors/auth-error'
-import { PasswordHistory } from '../service/password-history/password-history'
-import { User } from '../service/user/user'
-import { VerificationToken, VerificationTokenType } from '../service/verification-token/verification-token'
-import { getResetPasswordEmailForm } from '../templates/reset-password-email'
-import { makeVerificationToken } from './utils/make-verification-token'
-import { saveVerificationToken } from './utils/save-verification-token'
-const HISTORY_SIZE = config.get('password', { history: 0 }).history
-export async function sendPasswordResetEmail({ user, context }) {
-  try {
-    var token = makeVerificationToken()
-    var verifaction = await saveVerificationToken(user.id, token, VerificationTokenType.PASSWORD_RESET)
-    if (verifaction) {
-      var serviceUrl = new URL(`/auth/reset-password?token=${token}`, context.header.referer)
-      await sendEmail({
-        receiver: user.email,
-        subject: 'Reset your password',
-        content: getResetPasswordEmailForm({
-          name: user.name,
-          resetUrl: serviceUrl
-        })
-      })
-      return true
-    }
-  } catch (e) {
-    return false
-  }
-}
-export async function resetPassword(token, password, context) {
-  const { t } = context
-  const verificationToken = await getRepository(VerificationToken).findOne({
-    where: {
-      token,
-      type: VerificationTokenType.PASSWORD_RESET
-    }
-  })
-  if (!verificationToken) {
-    throw new Error(t('text.invalid verification token'))
-  }
-  const { userId } = verificationToken
-  if (!userId) {
-    throw new Error(t('text.invalid verification token'))
-  }
-  var user = await getRepository(User).findOneBy({ id: userId })
-  if (!user) {
-    throw new Error(t('error.user not found'))
-  }
-  // if (user.status == UserStatus.INACTIVE) {
-  //   throw new Error(t('text.inactive user'))
-  // }
-  /* check if password is following the rule */
-  User.validatePasswordByRule(password, context?.lng)
-  user.password = User.encode(password, user.salt)
-  if (HISTORY_SIZE > 0) {
-    var passwordHistory: PasswordHistory = await getRepository(PasswordHistory).findOneBy({ userId: user.id })
-    var history = []
-    if (passwordHistory) {
-      try {
-        history = JSON.parse(passwordHistory.history)
-        if (!(history instanceof Array)) {
-          console.error('password history maybe currupted - not an array')
-          history = []
-        }
-      } catch (e) {
-        console.error('password history currupted - not json format')
-      }
-      const found = history.slice(0, HISTORY_SIZE).find(h => {
-        return User.verify(h.password, password, h.salt)
-      })
-      if (found) {
-        throw new AuthError({
-          errorCode: PASSWORD_USED_PAST
-        })
-      }
-    }
-  }
-  await getRepository(User).save({
-    ...user,
-    passwordUpdatedAt: new Date()
-  })
-  await getRepository(VerificationToken).delete({
-    userId,
-    token,
-    type: VerificationTokenType.PASSWORD_RESET
-  })
-  if (HISTORY_SIZE > 0) {
-    history = [
-      {
-        password: user.password,
-        salt: user.salt
-      },
-      ...history
-    ].slice(0, HISTORY_SIZE)
-    await getRepository(PasswordHistory).save({
-      userId: user.id,
-      history: JSON.stringify(history)
-    })
-  }
-}

package/server/controllers/signin.ts DELETED Viewed

@@ -1,103 +0,0 @@
-import { ILike } from 'typeorm'
-import { getRepository } from '@things-factory/shell'
-import { sendUnlockUserEmail } from '../controllers/unlock-user'
-import { AuthError } from '../errors/auth-error'
-import { User, UserStatus } from '../service/user/user'
-export async function signin(attrs: { username: string; password: string }, context?) {
-  const { domain } = context?.state || {}
-  const { username } = attrs
-  const repository = getRepository(User)
-  var user = await repository.findOne({
-    where: { username },
-    relations: ['domains']
-  })
-  /*
-    정확한 이메일 정규표현식은 /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username) 이지만,
-    appliance 용으로 사용된 이메일로 {{uuid}}@{{domain slugger}} 식으로 사용했으므로
-    email 유효성 판단에 /^[^\s@]+@[^\s@]+$/.test(username) 를 사용함.
-  */
-  if (!user && /^[^\s@]+@[^\s@]+$/.test(username)) {
-    user = await repository.findOne({
-      where: {
-        email: ILike(username)
-      },
-      relations: ['domains']
-    })
-  }
-  if (!user)
-    throw new AuthError({
-      errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND
-    })
-  if (user.status == UserStatus.DELETED) {
-    throw new AuthError({
-      errorCode: AuthError.ERROR_CODES.USER_DELETED
-    })
-  }
-  if (user.status == UserStatus.LOCKED) {
-    sendUnlockUserEmail({
-      user,
-      context
-    })
-    throw new AuthError({
-      errorCode: AuthError.ERROR_CODES.USER_LOCKED,
-      detail: {
-        username: user.username,
-        email: user.email
-      }
-    })
-  }
-  if (!User.verify(user.password, attrs.password, user.salt)) {
-    user.failCount++
-    if (user.failCount >= 5) user.status = UserStatus.LOCKED
-    await repository.save(user)
-    if (user.status == UserStatus.LOCKED) {
-      sendUnlockUserEmail({
-        user,
-        context
-      })
-      throw new AuthError({
-        errorCode: AuthError.ERROR_CODES.USER_LOCKED,
-        detail: {
-          username: user.username,
-          email: user.email
-        }
-      })
-    }
-    throw new AuthError({
-      errorCode: AuthError.ERROR_CODES.PASSWORD_NOT_MATCHED,
-      detail: {
-        username: user.username,
-        email: user.email,
-        failCount: user.failCount
-      }
-    })
-  } else {
-    user.failCount = 0
-    await repository.save(user)
-  }
-  if (user.status == UserStatus.INACTIVE) {
-    throw new AuthError({
-      errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,
-      detail: {
-        username: user.username,
-        email: user.email
-      }
-    })
-  }
-  return {
-    user,
-    token: await user.sign({ subdomain: domain?.subdomain }),
-    domains: user.domains || []
-  }
-}

package/server/controllers/signup.ts DELETED Viewed

@@ -1,77 +0,0 @@
-import { ILike } from 'typeorm'
-import { getRepository } from '@things-factory/shell'
-import { USER_DUPLICATED } from '../constants/error-code'
-import { AuthError } from '../errors/auth-error'
-import { User } from '../service/user/user'
-import { signin } from './signin'
-import { sendVerificationEmail } from './verification'
-export async function signup(attrs, withEmailVerification?: Boolean) {
-  const { name, username, password, domain, context } = attrs
-  /* check if password is following the rule */
-  User.validatePasswordByRule(password, context.lng)
-  const repository = getRepository(User)
-  var duplicated = await repository.findOne({
-    where: { username },
-    relations: ['domains']
-  })
-  /*
-    정확한 이메일 정규표현식은 /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username) 이지만,
-    appliance 용으로 사용된 이메일로 {{uuid}}@{{domain slugger}} 식으로 사용했으므로
-    email 유효성 판단에 /^[^\s@]+@[^\s@]+$/.test(username) 를 사용함.
-  */
-  if (!duplicated && /^[^\s@]+@[^\s@]+$/.test(username)) {
-    user = await repository.findOne({
-      where: { email: ILike(username) },
-      relations: ['domains']
-    })
-  }
-  if (duplicated) {
-    throw new AuthError({
-      errorCode: USER_DUPLICATED,
-      detail: {
-        name,
-        username
-      }
-    })
-  }
-  const salt = User.generateSalt()
-  var user = await repository.save({
-    userType: 'user',
-    ...attrs,
-    salt,
-    password: User.encode(password, salt),
-    passwordUpdatedAt: new Date(),
-    domains: domain ? [domain] : []
-  })
-  var succeed = false
-  if (withEmailVerification) {
-    succeed = await sendVerificationEmail({
-      context,
-      user
-    })
-  }
-  try {
-    return {
-      token: await signin(
-        {
-          username,
-          password
-        },
-        { domain }
-      )
-    }
-  } catch (e) {
-    return { token: null }
-  }
-}

package/server/controllers/unlock-user.ts DELETED Viewed

@@ -1,62 +0,0 @@
-import { URL } from 'url'
-import { sendEmail } from '@things-factory/email-base'
-import { getRepository } from '@things-factory/shell'
-import { User, UserStatus } from '../service/user/user'
-import { VerificationToken, VerificationTokenType } from '../service/verification-token/verification-token'
-import { getUnlockUserEmailForm } from '../templates/account-unlock-email'
-import { makeVerificationToken } from './utils/make-verification-token'
-import { saveVerificationToken } from './utils/save-verification-token'
-export async function sendUnlockUserEmail({ user, context }) {
-  try {
-    var token = makeVerificationToken()
-    var verifaction = await saveVerificationToken(user.id, token, VerificationTokenType.UNLOCK)
-    if (verifaction) {
-      var serviceUrl = new URL(`/auth/unlock-user?token=${token}`, context.header.referer)
-      await sendEmail({
-        receiver: user.email,
-        subject: 'Your account is locked',
-        content: getUnlockUserEmailForm({
-          username: user.username,
-          name: user.name,
-          resetUrl: serviceUrl
-        })
-      })
-      return true
-    }
-  } catch (e) {
-    return false
-  }
-}
-export async function unlockUser(token, password) {
-  var { userId } = await getRepository(VerificationToken).findOne({
-    where: {
-      token,
-      type: VerificationTokenType.UNLOCK
-    }
-  })
-  if (!userId) return false
-  var userInfo = await getRepository(User).findOneBy({ id: userId })
-  if (!userInfo) return false
-  if (userInfo.status != UserStatus.LOCKED) return false
-  userInfo.status = UserStatus.ACTIVATED
-  userInfo.password = User.encode(password, userInfo.salt)
-  userInfo.failCount = 0
-  await getRepository(User).save(userInfo)
-  await getRepository(VerificationToken).delete({
-    userId,
-    token,
-    type: VerificationTokenType.UNLOCK
-  })
-  return true
-}

package/server/controllers/utils/make-invitation-token.ts DELETED Viewed

@@ -1,5 +0,0 @@
-import crypto from 'crypto'
-export function makeInvitationToken() {
-  return crypto.randomBytes(16).toString('hex')
-}

package/server/controllers/utils/make-verification-token.ts DELETED Viewed

@@ -1,4 +0,0 @@
-import crypto from 'crypto'
-export function makeVerificationToken() {
-  return crypto.randomBytes(16).toString('hex')
-}