@things-factory/auth-base 8.0.38 → 9.0.0-9.0.0-beta.59.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/config/config.development.js +46 -0
- package/config/config.production.js +45 -0
- package/dist-client/bootstrap.d.ts +1 -1
- package/dist-client/bootstrap.js +4 -4
- package/dist-client/bootstrap.js.map +1 -1
- package/dist-client/directive/privileged.d.ts +1 -1
- package/dist-client/directive/privileged.js +1 -1
- package/dist-client/directive/privileged.js.map +1 -1
- package/dist-client/index.d.ts +4 -3
- package/dist-client/index.js +4 -3
- package/dist-client/index.js.map +1 -1
- package/dist-client/profiled.js +1 -1
- package/dist-client/profiled.js.map +1 -1
- package/dist-client/reducers/auth.js +1 -1
- package/dist-client/reducers/auth.js.map +1 -1
- package/dist-client/tsconfig.tsbuildinfo +1 -1
- package/dist-client/verify-webauthn.d.ts +13 -0
- package/dist-client/verify-webauthn.js +72 -0
- package/dist-client/verify-webauthn.js.map +1 -0
- package/dist-server/controllers/auth.d.ts +5 -5
- package/dist-server/controllers/auth.js +5 -5
- package/dist-server/controllers/auth.js.map +1 -1
- package/dist-server/controllers/change-pwd.js +19 -19
- package/dist-server/controllers/change-pwd.js.map +1 -1
- package/dist-server/controllers/checkin.js +4 -4
- package/dist-server/controllers/checkin.js.map +1 -1
- package/dist-server/controllers/delete-user.js +10 -15
- package/dist-server/controllers/delete-user.js.map +1 -1
- package/dist-server/controllers/invitation.js +20 -25
- package/dist-server/controllers/invitation.js.map +1 -1
- package/dist-server/controllers/profile.d.ts +5 -5
- package/dist-server/controllers/profile.js +10 -10
- package/dist-server/controllers/profile.js.map +1 -1
- package/dist-server/controllers/reset-password.js +24 -24
- package/dist-server/controllers/reset-password.js.map +1 -1
- package/dist-server/controllers/signin.d.ts +1 -1
- package/dist-server/controllers/signin.js +25 -30
- package/dist-server/controllers/signin.js.map +1 -1
- package/dist-server/controllers/signup.d.ts +1 -1
- package/dist-server/controllers/signup.js +14 -19
- package/dist-server/controllers/signup.js.map +1 -1
- package/dist-server/controllers/unlock-user.js +17 -17
- package/dist-server/controllers/unlock-user.js.map +1 -1
- package/dist-server/controllers/utils/password-rule.js +4 -4
- package/dist-server/controllers/utils/password-rule.js.map +1 -1
- package/dist-server/controllers/utils/save-invitation-token.d.ts +1 -1
- package/dist-server/controllers/utils/save-invitation-token.js +2 -2
- package/dist-server/controllers/utils/save-invitation-token.js.map +1 -1
- package/dist-server/controllers/utils/save-verification-token.d.ts +1 -1
- package/dist-server/controllers/utils/save-verification-token.js +3 -3
- package/dist-server/controllers/utils/save-verification-token.js.map +1 -1
- package/dist-server/controllers/verification.js +23 -23
- package/dist-server/controllers/verification.js.map +1 -1
- package/dist-server/errors/auth-error.js +1 -1
- package/dist-server/errors/auth-error.js.map +1 -1
- package/dist-server/errors/index.d.ts +2 -2
- package/dist-server/errors/index.js +2 -2
- package/dist-server/errors/index.js.map +1 -1
- package/dist-server/errors/user-domain-not-match-error.d.ts +1 -1
- package/dist-server/errors/user-domain-not-match-error.js +8 -8
- package/dist-server/errors/user-domain-not-match-error.js.map +1 -1
- package/dist-server/index.d.ts +16 -16
- package/dist-server/index.js +18 -18
- package/dist-server/index.js.map +1 -1
- package/dist-server/middlewares/authenticate-401-middleware.js +11 -11
- package/dist-server/middlewares/authenticate-401-middleware.js.map +1 -1
- package/dist-server/middlewares/bypass-signin-middleware.d.ts +1 -0
- package/dist-server/middlewares/bypass-signin-middleware.js +20 -0
- package/dist-server/middlewares/bypass-signin-middleware.js.map +1 -0
- package/dist-server/middlewares/domain-authenticate-middleware.d.ts +1 -1
- package/dist-server/middlewares/domain-authenticate-middleware.js +9 -9
- package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/graphql-authenticate-middleware.js +4 -4
- package/dist-server/middlewares/graphql-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/index.d.ts +5 -5
- package/dist-server/middlewares/index.js +24 -19
- package/dist-server/middlewares/index.js.map +1 -1
- package/dist-server/middlewares/jwt-authenticate-middleware.js +15 -15
- package/dist-server/middlewares/jwt-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/signin-middleware.js +2 -2
- package/dist-server/middlewares/signin-middleware.js.map +1 -1
- package/dist-server/middlewares/verify-recaptcha-middleware.d.ts +3 -0
- package/dist-server/middlewares/verify-recaptcha-middleware.js +95 -0
- package/dist-server/middlewares/verify-recaptcha-middleware.js.map +1 -0
- package/dist-server/middlewares/webauthn-middleware.js +7 -7
- package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
- package/dist-server/migrations/1548206416130-SeedUser.js +6 -6
- package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
- package/dist-server/migrations/1566805283882-SeedPrivilege.js +2 -2
- package/dist-server/migrations/1566805283882-SeedPrivilege.js.map +1 -1
- package/dist-server/migrations/index.js.map +1 -1
- package/dist-server/router/auth-checkin-router.js +17 -20
- package/dist-server/router/auth-checkin-router.js.map +1 -1
- package/dist-server/router/auth-private-process-router.js +16 -23
- package/dist-server/router/auth-private-process-router.js.map +1 -1
- package/dist-server/router/auth-public-process-router.js +30 -35
- package/dist-server/router/auth-public-process-router.js.map +1 -1
- package/dist-server/router/auth-signin-router.js +7 -13
- package/dist-server/router/auth-signin-router.js.map +1 -1
- package/dist-server/router/auth-signup-router.js +13 -9
- package/dist-server/router/auth-signup-router.js.map +1 -1
- package/dist-server/router/index.d.ts +9 -9
- package/dist-server/router/index.js +9 -9
- package/dist-server/router/index.js.map +1 -1
- package/dist-server/router/oauth2/index.d.ts +2 -2
- package/dist-server/router/oauth2/index.js +2 -2
- package/dist-server/router/oauth2/index.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-authorize-router.js +6 -6
- package/dist-server/router/oauth2/oauth2-authorize-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-router.d.ts +1 -1
- package/dist-server/router/oauth2/oauth2-router.js +21 -21
- package/dist-server/router/oauth2/oauth2-router.js.map +1 -1
- package/dist-server/router/oauth2/oauth2-server.js +21 -21
- package/dist-server/router/oauth2/oauth2-server.js.map +1 -1
- package/dist-server/router/site-root-router.js +4 -4
- package/dist-server/router/site-root-router.js.map +1 -1
- package/dist-server/router/webauthn-router.js +58 -8
- package/dist-server/router/webauthn-router.js.map +1 -1
- package/dist-server/routes.js +75 -50
- package/dist-server/routes.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-mutation.js +4 -4
- package/dist-server/service/app-binding/app-binding-mutation.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-query.d.ts +4 -4
- package/dist-server/service/app-binding/app-binding-query.js +22 -22
- package/dist-server/service/app-binding/app-binding-query.js.map +1 -1
- package/dist-server/service/app-binding/app-binding-types.d.ts +1 -1
- package/dist-server/service/app-binding/app-binding-types.js +2 -2
- package/dist-server/service/app-binding/app-binding-types.js.map +1 -1
- package/dist-server/service/app-binding/app-binding.d.ts +2 -2
- package/dist-server/service/app-binding/app-binding.js +4 -4
- package/dist-server/service/app-binding/app-binding.js.map +1 -1
- package/dist-server/service/app-binding/index.d.ts +2 -2
- package/dist-server/service/app-binding/index.js +3 -3
- package/dist-server/service/app-binding/index.js.map +1 -1
- package/dist-server/service/appliance/appliance-mutation.d.ts +2 -2
- package/dist-server/service/appliance/appliance-mutation.js +32 -45
- package/dist-server/service/appliance/appliance-mutation.js.map +1 -1
- package/dist-server/service/appliance/appliance-query.d.ts +3 -3
- package/dist-server/service/appliance/appliance-query.js +17 -17
- package/dist-server/service/appliance/appliance-query.js.map +1 -1
- package/dist-server/service/appliance/appliance-types.d.ts +1 -1
- package/dist-server/service/appliance/appliance-types.js +2 -2
- package/dist-server/service/appliance/appliance-types.js.map +1 -1
- package/dist-server/service/appliance/appliance.d.ts +3 -1
- package/dist-server/service/appliance/appliance.js +51 -8
- package/dist-server/service/appliance/appliance.js.map +1 -1
- package/dist-server/service/appliance/index.d.ts +3 -3
- package/dist-server/service/appliance/index.js +5 -5
- package/dist-server/service/appliance/index.js.map +1 -1
- package/dist-server/service/application/application-mutation.d.ts +8 -8
- package/dist-server/service/application/application-mutation.js +20 -20
- package/dist-server/service/application/application-mutation.js.map +1 -1
- package/dist-server/service/application/application-query.d.ts +2 -2
- package/dist-server/service/application/application-query.js +16 -16
- package/dist-server/service/application/application-query.js.map +1 -1
- package/dist-server/service/application/application-types.d.ts +1 -1
- package/dist-server/service/application/application-types.js +4 -4
- package/dist-server/service/application/application-types.js.map +1 -1
- package/dist-server/service/application/application.d.ts +1 -1
- package/dist-server/service/application/application.js +12 -12
- package/dist-server/service/application/application.js.map +1 -1
- package/dist-server/service/application/index.d.ts +3 -3
- package/dist-server/service/application/index.js +5 -5
- package/dist-server/service/application/index.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-mutation.d.ts +2 -2
- package/dist-server/service/auth-provider/auth-provider-mutation.js +20 -20
- package/dist-server/service/auth-provider/auth-provider-mutation.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-query.d.ts +3 -3
- package/dist-server/service/auth-provider/auth-provider-query.js +20 -20
- package/dist-server/service/auth-provider/auth-provider-query.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider-type.d.ts +1 -1
- package/dist-server/service/auth-provider/auth-provider-type.js +2 -2
- package/dist-server/service/auth-provider/auth-provider-type.js.map +1 -1
- package/dist-server/service/auth-provider/auth-provider.d.ts +3 -3
- package/dist-server/service/auth-provider/auth-provider.js +12 -12
- package/dist-server/service/auth-provider/auth-provider.js.map +1 -1
- package/dist-server/service/auth-provider/index.d.ts +3 -3
- package/dist-server/service/auth-provider/index.js +5 -5
- package/dist-server/service/auth-provider/index.js.map +1 -1
- package/dist-server/service/domain-generator/domain-generator-mutation.d.ts +1 -1
- package/dist-server/service/domain-generator/domain-generator-mutation.js +11 -11
- package/dist-server/service/domain-generator/domain-generator-mutation.js.map +1 -1
- package/dist-server/service/domain-generator/domain-generator-types.d.ts +1 -1
- package/dist-server/service/domain-generator/domain-generator-types.js +3 -3
- package/dist-server/service/domain-generator/domain-generator-types.js.map +1 -1
- package/dist-server/service/domain-generator/index.d.ts +1 -1
- package/dist-server/service/domain-generator/index.js +2 -2
- package/dist-server/service/domain-generator/index.js.map +1 -1
- package/dist-server/service/domain-link/domain-link-mutation.d.ts +9 -0
- package/dist-server/service/domain-link/domain-link-mutation.js +116 -0
- package/dist-server/service/domain-link/domain-link-mutation.js.map +1 -0
- package/dist-server/service/domain-link/domain-link-query.d.ts +11 -0
- package/dist-server/service/domain-link/domain-link-query.js +75 -0
- package/dist-server/service/domain-link/domain-link-query.js.map +1 -0
- package/dist-server/service/domain-link/domain-link-types.d.ts +18 -0
- package/dist-server/service/domain-link/domain-link-types.js +66 -0
- package/dist-server/service/domain-link/domain-link-types.js.map +1 -0
- package/dist-server/service/domain-link/domain-link.d.ts +28 -0
- package/dist-server/service/domain-link/domain-link.js +105 -0
- package/dist-server/service/domain-link/domain-link.js.map +1 -0
- package/dist-server/service/domain-link/index.d.ts +6 -0
- package/dist-server/service/domain-link/index.js +10 -0
- package/dist-server/service/domain-link/index.js.map +1 -0
- package/dist-server/service/granted-role/granted-role-mutation.d.ts +3 -3
- package/dist-server/service/granted-role/granted-role-mutation.js +17 -17
- package/dist-server/service/granted-role/granted-role-mutation.js.map +1 -1
- package/dist-server/service/granted-role/granted-role-query.d.ts +2 -2
- package/dist-server/service/granted-role/granted-role-query.js +13 -13
- package/dist-server/service/granted-role/granted-role-query.js.map +1 -1
- package/dist-server/service/granted-role/granted-role.d.ts +1 -1
- package/dist-server/service/granted-role/granted-role.js +3 -3
- package/dist-server/service/granted-role/granted-role.js.map +1 -1
- package/dist-server/service/granted-role/index.d.ts +3 -3
- package/dist-server/service/granted-role/index.js +5 -5
- package/dist-server/service/granted-role/index.js.map +1 -1
- package/dist-server/service/index.d.ts +27 -25
- package/dist-server/service/index.js +75 -70
- package/dist-server/service/index.js.map +1 -1
- package/dist-server/service/invitation/index.d.ts +3 -3
- package/dist-server/service/invitation/index.js +5 -5
- package/dist-server/service/invitation/index.js.map +1 -1
- package/dist-server/service/invitation/invitation-mutation.d.ts +2 -2
- package/dist-server/service/invitation/invitation-mutation.js +10 -10
- package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
- package/dist-server/service/invitation/invitation-query.d.ts +1 -1
- package/dist-server/service/invitation/invitation-query.js +7 -7
- package/dist-server/service/invitation/invitation-query.js.map +1 -1
- package/dist-server/service/invitation/invitation-types.d.ts +1 -1
- package/dist-server/service/invitation/invitation-types.js +2 -2
- package/dist-server/service/invitation/invitation-types.js.map +1 -1
- package/dist-server/service/invitation/invitation.d.ts +1 -1
- package/dist-server/service/invitation/invitation.js +5 -5
- package/dist-server/service/invitation/invitation.js.map +1 -1
- package/dist-server/service/login-history/index.d.ts +2 -2
- package/dist-server/service/login-history/index.js +4 -4
- package/dist-server/service/login-history/index.js.map +1 -1
- package/dist-server/service/login-history/login-history-query.d.ts +3 -3
- package/dist-server/service/login-history/login-history-query.js +11 -11
- package/dist-server/service/login-history/login-history-query.js.map +1 -1
- package/dist-server/service/login-history/login-history-type.d.ts +1 -1
- package/dist-server/service/login-history/login-history-type.js +2 -2
- package/dist-server/service/login-history/login-history-type.js.map +1 -1
- package/dist-server/service/login-history/login-history.d.ts +1 -1
- package/dist-server/service/login-history/login-history.js +4 -4
- package/dist-server/service/login-history/login-history.js.map +1 -1
- package/dist-server/service/partner/index.d.ts +3 -3
- package/dist-server/service/partner/index.js +5 -5
- package/dist-server/service/partner/index.js.map +1 -1
- package/dist-server/service/partner/partner-mutation.js +8 -8
- package/dist-server/service/partner/partner-mutation.js.map +1 -1
- package/dist-server/service/partner/partner-query.d.ts +3 -3
- package/dist-server/service/partner/partner-query.js +17 -17
- package/dist-server/service/partner/partner-query.js.map +1 -1
- package/dist-server/service/partner/partner-types.d.ts +1 -1
- package/dist-server/service/partner/partner-types.js +2 -2
- package/dist-server/service/partner/partner-types.js.map +1 -1
- package/dist-server/service/partner/partner.d.ts +1 -1
- package/dist-server/service/partner/partner.js +5 -5
- package/dist-server/service/partner/partner.js.map +1 -1
- package/dist-server/service/password-history/index.d.ts +1 -1
- package/dist-server/service/password-history/index.js +2 -2
- package/dist-server/service/password-history/index.js.map +1 -1
- package/dist-server/service/privilege/index.d.ts +3 -3
- package/dist-server/service/privilege/index.js +5 -5
- package/dist-server/service/privilege/index.js.map +1 -1
- package/dist-server/service/privilege/privilege-directive.js +2 -2
- package/dist-server/service/privilege/privilege-directive.js.map +1 -1
- package/dist-server/service/privilege/privilege-mutation.d.ts +2 -2
- package/dist-server/service/privilege/privilege-mutation.js +15 -15
- package/dist-server/service/privilege/privilege-mutation.js.map +1 -1
- package/dist-server/service/privilege/privilege-query.d.ts +4 -4
- package/dist-server/service/privilege/privilege-query.js +20 -20
- package/dist-server/service/privilege/privilege-query.js.map +1 -1
- package/dist-server/service/privilege/privilege-types.d.ts +1 -1
- package/dist-server/service/privilege/privilege-types.js +2 -2
- package/dist-server/service/privilege/privilege-types.js.map +1 -1
- package/dist-server/service/privilege/privilege.d.ts +2 -2
- package/dist-server/service/privilege/privilege.js +10 -10
- package/dist-server/service/privilege/privilege.js.map +1 -1
- package/dist-server/service/role/index.d.ts +3 -3
- package/dist-server/service/role/index.js +5 -5
- package/dist-server/service/role/index.js.map +1 -1
- package/dist-server/service/role/role-mutation.d.ts +2 -2
- package/dist-server/service/role/role-mutation.js +19 -19
- package/dist-server/service/role/role-mutation.js.map +1 -1
- package/dist-server/service/role/role-query.d.ts +9 -5
- package/dist-server/service/role/role-query.js +38 -31
- package/dist-server/service/role/role-query.js.map +1 -1
- package/dist-server/service/role/role-types.d.ts +1 -1
- package/dist-server/service/role/role-types.js +2 -2
- package/dist-server/service/role/role-types.js.map +1 -1
- package/dist-server/service/role/role.d.ts +2 -2
- package/dist-server/service/role/role.js +12 -12
- package/dist-server/service/role/role.js.map +1 -1
- package/dist-server/service/user/domain-query.d.ts +1 -1
- package/dist-server/service/user/domain-query.js +3 -3
- package/dist-server/service/user/domain-query.js.map +1 -1
- package/dist-server/service/user/index.d.ts +4 -4
- package/dist-server/service/user/index.js +6 -6
- package/dist-server/service/user/index.js.map +1 -1
- package/dist-server/service/user/user-mutation.d.ts +3 -3
- package/dist-server/service/user/user-mutation.js +49 -84
- package/dist-server/service/user/user-mutation.js.map +1 -1
- package/dist-server/service/user/user-query.d.ts +4 -3
- package/dist-server/service/user/user-query.js +31 -21
- package/dist-server/service/user/user-query.js.map +1 -1
- package/dist-server/service/user/user-types.d.ts +1 -1
- package/dist-server/service/user/user-types.js +2 -2
- package/dist-server/service/user/user-types.js.map +1 -1
- package/dist-server/service/user/user.d.ts +3 -3
- package/dist-server/service/user/user.js +41 -46
- package/dist-server/service/user/user.js.map +1 -1
- package/dist-server/service/users-auth-providers/index.d.ts +1 -1
- package/dist-server/service/users-auth-providers/index.js +2 -2
- package/dist-server/service/users-auth-providers/index.js.map +1 -1
- package/dist-server/service/users-auth-providers/users-auth-providers.d.ts +2 -2
- package/dist-server/service/users-auth-providers/users-auth-providers.js +8 -8
- package/dist-server/service/users-auth-providers/users-auth-providers.js.map +1 -1
- package/dist-server/service/verification-token/index.d.ts +1 -1
- package/dist-server/service/verification-token/index.js +2 -2
- package/dist-server/service/verification-token/index.js.map +1 -1
- package/dist-server/service/web-auth-credential/index.d.ts +1 -1
- package/dist-server/service/web-auth-credential/index.js +2 -2
- package/dist-server/service/web-auth-credential/index.js.map +1 -1
- package/dist-server/service/web-auth-credential/web-auth-credential.d.ts +1 -1
- package/dist-server/service/web-auth-credential/web-auth-credential.js +10 -10
- package/dist-server/service/web-auth-credential/web-auth-credential.js.map +1 -1
- package/dist-server/tsconfig.tsbuildinfo +1 -1
- package/dist-server/types.d.ts +1 -1
- package/dist-server/types.js.map +1 -1
- package/dist-server/utils/access-token-cookie.js +2 -2
- package/dist-server/utils/access-token-cookie.js.map +1 -1
- package/dist-server/utils/check-permission.d.ts +2 -2
- package/dist-server/utils/check-permission.js +3 -3
- package/dist-server/utils/check-permission.js.map +1 -1
- package/dist-server/utils/check-user-belongs-domain.d.ts +1 -1
- package/dist-server/utils/check-user-belongs-domain.js +2 -2
- package/dist-server/utils/check-user-belongs-domain.js.map +1 -1
- package/dist-server/utils/get-domain-users.d.ts +1 -1
- package/dist-server/utils/get-domain-users.js +2 -2
- package/dist-server/utils/get-domain-users.js.map +1 -1
- package/dist-server/utils/get-user-domains.d.ts +2 -2
- package/dist-server/utils/get-user-domains.js +7 -5
- package/dist-server/utils/get-user-domains.js.map +1 -1
- package/helps/config/recaptcha.ja.md +49 -0
- package/helps/config/recaptcha.ko.md +49 -0
- package/helps/config/recaptcha.md +49 -0
- package/helps/config/recaptcha.ms.md +49 -0
- package/helps/config/recaptcha.zh.md +49 -0
- package/package.json +7 -6
- package/client/actions/auth.ts +0 -24
- package/client/auth.ts +0 -268
- package/client/bootstrap.ts +0 -47
- package/client/directive/privileged.ts +0 -28
- package/client/index.ts +0 -3
- package/client/profiled.ts +0 -83
- package/client/reducers/auth.ts +0 -31
- package/server/constants/error-code.ts +0 -22
- package/server/constants/error-message.ts +0 -0
- package/server/constants/max-age.ts +0 -1
- package/server/controllers/auth.ts +0 -5
- package/server/controllers/change-pwd.ts +0 -100
- package/server/controllers/checkin.ts +0 -21
- package/server/controllers/delete-user.ts +0 -76
- package/server/controllers/invitation.ts +0 -168
- package/server/controllers/profile.ts +0 -55
- package/server/controllers/reset-password.ts +0 -126
- package/server/controllers/signin.ts +0 -103
- package/server/controllers/signup.ts +0 -77
- package/server/controllers/unlock-user.ts +0 -62
- package/server/controllers/utils/make-invitation-token.ts +0 -5
- package/server/controllers/utils/make-verification-token.ts +0 -4
- package/server/controllers/utils/password-rule.ts +0 -120
- package/server/controllers/utils/save-invitation-token.ts +0 -10
- package/server/controllers/utils/save-verification-token.ts +0 -12
- package/server/controllers/verification.ts +0 -84
- package/server/errors/auth-error.ts +0 -24
- package/server/errors/index.ts +0 -2
- package/server/errors/user-domain-not-match-error.ts +0 -29
- package/server/index.ts +0 -37
- package/server/middlewares/authenticate-401-middleware.ts +0 -114
- package/server/middlewares/domain-authenticate-middleware.ts +0 -73
- package/server/middlewares/graphql-authenticate-middleware.ts +0 -13
- package/server/middlewares/index.ts +0 -67
- package/server/middlewares/jwt-authenticate-middleware.ts +0 -84
- package/server/middlewares/signin-middleware.ts +0 -56
- package/server/middlewares/webauthn-middleware.ts +0 -131
- package/server/migrations/1548206416130-SeedUser.ts +0 -60
- package/server/migrations/1566805283882-SeedPrivilege.ts +0 -28
- package/server/migrations/index.ts +0 -9
- package/server/router/auth-checkin-router.ts +0 -115
- package/server/router/auth-private-process-router.ts +0 -127
- package/server/router/auth-public-process-router.ts +0 -319
- package/server/router/auth-signin-router.ts +0 -76
- package/server/router/auth-signup-router.ts +0 -95
- package/server/router/index.ts +0 -9
- package/server/router/oauth2/index.ts +0 -2
- package/server/router/oauth2/oauth2-authorize-router.ts +0 -81
- package/server/router/oauth2/oauth2-router.ts +0 -165
- package/server/router/oauth2/oauth2-server.ts +0 -262
- package/server/router/oauth2/passport-oauth2-client-password.ts +0 -87
- package/server/router/oauth2/passport-refresh-token.ts +0 -87
- package/server/router/path-base-domain-router.ts +0 -8
- package/server/router/site-root-router.ts +0 -48
- package/server/router/webauthn-router.ts +0 -85
- package/server/routes.ts +0 -89
- package/server/service/app-binding/app-binding-mutation.ts +0 -22
- package/server/service/app-binding/app-binding-query.ts +0 -92
- package/server/service/app-binding/app-binding-types.ts +0 -11
- package/server/service/app-binding/app-binding.ts +0 -17
- package/server/service/app-binding/index.ts +0 -4
- package/server/service/appliance/appliance-mutation.ts +0 -113
- package/server/service/appliance/appliance-query.ts +0 -76
- package/server/service/appliance/appliance-types.ts +0 -56
- package/server/service/appliance/appliance.ts +0 -133
- package/server/service/appliance/index.ts +0 -6
- package/server/service/application/application-mutation.ts +0 -104
- package/server/service/application/application-query.ts +0 -98
- package/server/service/application/application-types.ts +0 -76
- package/server/service/application/application.ts +0 -216
- package/server/service/application/index.ts +0 -6
- package/server/service/auth-provider/auth-provider-mutation.ts +0 -159
- package/server/service/auth-provider/auth-provider-parameter-spec.ts +0 -24
- package/server/service/auth-provider/auth-provider-query.ts +0 -88
- package/server/service/auth-provider/auth-provider-type.ts +0 -67
- package/server/service/auth-provider/auth-provider.ts +0 -155
- package/server/service/auth-provider/index.ts +0 -7
- package/server/service/domain-generator/domain-generator-mutation.ts +0 -117
- package/server/service/domain-generator/domain-generator-types.ts +0 -46
- package/server/service/domain-generator/index.ts +0 -3
- package/server/service/granted-role/granted-role-mutation.ts +0 -156
- package/server/service/granted-role/granted-role-query.ts +0 -60
- package/server/service/granted-role/granted-role.ts +0 -27
- package/server/service/granted-role/index.ts +0 -6
- package/server/service/index.ts +0 -90
- package/server/service/invitation/index.ts +0 -6
- package/server/service/invitation/invitation-mutation.ts +0 -78
- package/server/service/invitation/invitation-query.ts +0 -33
- package/server/service/invitation/invitation-types.ts +0 -11
- package/server/service/invitation/invitation.ts +0 -63
- package/server/service/login-history/index.ts +0 -5
- package/server/service/login-history/login-history-query.ts +0 -51
- package/server/service/login-history/login-history-type.ts +0 -12
- package/server/service/login-history/login-history.ts +0 -45
- package/server/service/partner/index.ts +0 -6
- package/server/service/partner/partner-mutation.ts +0 -61
- package/server/service/partner/partner-query.ts +0 -102
- package/server/service/partner/partner-types.ts +0 -11
- package/server/service/partner/partner.ts +0 -57
- package/server/service/password-history/index.ts +0 -3
- package/server/service/password-history/password-history.ts +0 -16
- package/server/service/privilege/index.ts +0 -6
- package/server/service/privilege/privilege-directive.ts +0 -77
- package/server/service/privilege/privilege-mutation.ts +0 -92
- package/server/service/privilege/privilege-query.ts +0 -94
- package/server/service/privilege/privilege-types.ts +0 -60
- package/server/service/privilege/privilege.ts +0 -102
- package/server/service/role/index.ts +0 -6
- package/server/service/role/role-mutation.ts +0 -109
- package/server/service/role/role-query.ts +0 -155
- package/server/service/role/role-types.ts +0 -81
- package/server/service/role/role.ts +0 -72
- package/server/service/user/domain-query.ts +0 -24
- package/server/service/user/index.ts +0 -7
- package/server/service/user/user-mutation.ts +0 -517
- package/server/service/user/user-query.ts +0 -145
- package/server/service/user/user-types.ts +0 -100
- package/server/service/user/user.ts +0 -386
- package/server/service/users-auth-providers/index.ts +0 -5
- package/server/service/users-auth-providers/users-auth-providers.ts +0 -71
- package/server/service/verification-token/index.ts +0 -3
- package/server/service/verification-token/verification-token.ts +0 -60
- package/server/service/web-auth-credential/index.ts +0 -3
- package/server/service/web-auth-credential/web-auth-credential.ts +0 -66
- package/server/templates/account-unlock-email.ts +0 -65
- package/server/templates/invitation-email.ts +0 -66
- package/server/templates/reset-password-email.ts +0 -65
- package/server/templates/verification-email.ts +0 -66
- package/server/types.ts +0 -21
- package/server/utils/accepts.ts +0 -11
- package/server/utils/access-token-cookie.ts +0 -50
- package/server/utils/check-permission.ts +0 -52
- package/server/utils/check-user-belongs-domain.ts +0 -19
- package/server/utils/check-user-has-role.ts +0 -29
- package/server/utils/encrypt-state.ts +0 -22
- package/server/utils/get-aes-256-key.ts +0 -13
- package/server/utils/get-domain-users.ts +0 -38
- package/server/utils/get-secret.ts +0 -13
- package/server/utils/get-user-domains.ts +0 -115
|
@@ -1,319 +0,0 @@
|
|
|
1
|
-
import Router from 'koa-router'
|
|
2
|
-
import { ILike } from 'typeorm'
|
|
3
|
-
|
|
4
|
-
import { config } from '@things-factory/env'
|
|
5
|
-
import { getRepository, getSiteRootPath } from '@things-factory/shell'
|
|
6
|
-
|
|
7
|
-
import { resendInvitationEmail } from '../controllers/invitation'
|
|
8
|
-
import { resetPassword, sendPasswordResetEmail } from '../controllers/reset-password'
|
|
9
|
-
import { unlockUser } from '../controllers/unlock-user'
|
|
10
|
-
import { resendVerificationEmail, verify } from '../controllers/verification'
|
|
11
|
-
import { User } from '../service/user/user'
|
|
12
|
-
import { accepts } from '../utils/accepts'
|
|
13
|
-
import { clearAccessTokenCookie } from '../utils/access-token-cookie'
|
|
14
|
-
|
|
15
|
-
const disableUserSignupProcess = config.get('disableUserSignupProcess', false)
|
|
16
|
-
const disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)
|
|
17
|
-
const languages = config.get('i18n/languages', false)
|
|
18
|
-
const passwordRule = config.get('password') || {
|
|
19
|
-
lowerCase: true,
|
|
20
|
-
upperCase: true,
|
|
21
|
-
digit: true,
|
|
22
|
-
specialCharacter: true,
|
|
23
|
-
allowRepeat: false,
|
|
24
|
-
useTightPattern: true,
|
|
25
|
-
useLoosePattern: false,
|
|
26
|
-
tightCharacterLength: 8,
|
|
27
|
-
looseCharacterLength: 15
|
|
28
|
-
}
|
|
29
|
-
|
|
30
|
-
export const authPublicProcessRouter = new Router({
|
|
31
|
-
prefix: '/auth'
|
|
32
|
-
})
|
|
33
|
-
|
|
34
|
-
authPublicProcessRouter.post('/join', async (context, next) => {
|
|
35
|
-
const { username } = context.request.body || {}
|
|
36
|
-
|
|
37
|
-
const repository = getRepository(User)
|
|
38
|
-
|
|
39
|
-
var user = await repository.findOne({
|
|
40
|
-
where: { username },
|
|
41
|
-
relations: ['domains']
|
|
42
|
-
})
|
|
43
|
-
|
|
44
|
-
/*
|
|
45
|
-
정확한 이메일 정규표현식은 /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username) 이지만,
|
|
46
|
-
appliance 용으로 사용된 이메일로 {{uuid}}@{{domain slugger}} 식으로 사용했으므로
|
|
47
|
-
email 유효성 판단에 /^[^\s@]+@[^\s@]+$/.test(username) 를 사용함.
|
|
48
|
-
*/
|
|
49
|
-
if (!user && /^[^\s@]+@[^\s@]+$/.test(username)) {
|
|
50
|
-
user = await repository.findOne({
|
|
51
|
-
where: { email: ILike(username) },
|
|
52
|
-
relations: ['domains']
|
|
53
|
-
})
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
if (user) {
|
|
57
|
-
context.redirect(`/auth/signin?username=${username}`)
|
|
58
|
-
} else {
|
|
59
|
-
context.redirect(`/auth/signup?username=${username}`)
|
|
60
|
-
}
|
|
61
|
-
})
|
|
62
|
-
|
|
63
|
-
authPublicProcessRouter.all('/signout', async (context, next) => {
|
|
64
|
-
const { header, t } = context
|
|
65
|
-
clearAccessTokenCookie(context)
|
|
66
|
-
|
|
67
|
-
context.body = t('text.signout successfully')
|
|
68
|
-
|
|
69
|
-
if (accepts(header.accept, ['text/html', '*/*'])) {
|
|
70
|
-
context.redirect(getSiteRootPath(context))
|
|
71
|
-
}
|
|
72
|
-
})
|
|
73
|
-
|
|
74
|
-
authPublicProcessRouter.get('/forgot-password', async (context, next) => {
|
|
75
|
-
const { email } = context.request.query
|
|
76
|
-
|
|
77
|
-
await context.render('auth-page', {
|
|
78
|
-
pageElement: 'forgot-password',
|
|
79
|
-
elementScript: '/auth/forgot-password.js',
|
|
80
|
-
data: {
|
|
81
|
-
email,
|
|
82
|
-
disableUserSignupProcess,
|
|
83
|
-
disableUserFavoredLanguage,
|
|
84
|
-
languages
|
|
85
|
-
}
|
|
86
|
-
})
|
|
87
|
-
})
|
|
88
|
-
|
|
89
|
-
authPublicProcessRouter.get('/reset-password', async (context, next) => {
|
|
90
|
-
const { token } = context.request.query
|
|
91
|
-
|
|
92
|
-
await context.render('auth-page', {
|
|
93
|
-
pageElement: 'reset-password',
|
|
94
|
-
elementScript: '/auth/reset-password.js',
|
|
95
|
-
data: {
|
|
96
|
-
token,
|
|
97
|
-
passwordRule,
|
|
98
|
-
disableUserSignupProcess,
|
|
99
|
-
disableUserFavoredLanguage,
|
|
100
|
-
languages
|
|
101
|
-
}
|
|
102
|
-
})
|
|
103
|
-
})
|
|
104
|
-
|
|
105
|
-
authPublicProcessRouter.get('/unlock-user', async (context, next) => {
|
|
106
|
-
const { token } = context.request.query
|
|
107
|
-
|
|
108
|
-
await context.render('auth-page', {
|
|
109
|
-
pageElement: 'unlock-user',
|
|
110
|
-
elementScript: '/auth/unlock-user.js',
|
|
111
|
-
data: {
|
|
112
|
-
token,
|
|
113
|
-
disableUserSignupProcess,
|
|
114
|
-
disableUserFavoredLanguage,
|
|
115
|
-
languages
|
|
116
|
-
}
|
|
117
|
-
})
|
|
118
|
-
})
|
|
119
|
-
|
|
120
|
-
authPublicProcessRouter.get('/activate/:email', async (context, next) => {
|
|
121
|
-
const { email } = context.params
|
|
122
|
-
|
|
123
|
-
await context.render('auth-page', {
|
|
124
|
-
pageElement: 'auth-activate',
|
|
125
|
-
elementScript: '/auth/activate.js',
|
|
126
|
-
data: {
|
|
127
|
-
email,
|
|
128
|
-
disableUserSignupProcess,
|
|
129
|
-
disableUserFavoredLanguage,
|
|
130
|
-
languages
|
|
131
|
-
}
|
|
132
|
-
})
|
|
133
|
-
})
|
|
134
|
-
|
|
135
|
-
authPublicProcessRouter.get('/verify/:token', async (context, next) => {
|
|
136
|
-
const { header, t } = context
|
|
137
|
-
var token = context.params.token
|
|
138
|
-
|
|
139
|
-
await verify(token)
|
|
140
|
-
|
|
141
|
-
var message = t('text.user activated successfully')
|
|
142
|
-
|
|
143
|
-
context.body = message
|
|
144
|
-
|
|
145
|
-
if (accepts(header.accept, ['text/html', '*/*'])) {
|
|
146
|
-
await context.render('auth-page', {
|
|
147
|
-
pageElement: 'auth-result',
|
|
148
|
-
elementScript: '/auth/result.js',
|
|
149
|
-
data: {
|
|
150
|
-
message,
|
|
151
|
-
disableUserSignupProcess,
|
|
152
|
-
disableUserFavoredLanguage,
|
|
153
|
-
languages
|
|
154
|
-
}
|
|
155
|
-
})
|
|
156
|
-
}
|
|
157
|
-
})
|
|
158
|
-
|
|
159
|
-
authPublicProcessRouter.post('/resend-verification-email', async (context, next) => {
|
|
160
|
-
const { t } = context
|
|
161
|
-
const { email } = context.request.body
|
|
162
|
-
|
|
163
|
-
var succeed = await resendVerificationEmail(email, context)
|
|
164
|
-
var message = t('text.verification email sent')
|
|
165
|
-
|
|
166
|
-
if (succeed) {
|
|
167
|
-
context.status = 200
|
|
168
|
-
context.body = message
|
|
169
|
-
}
|
|
170
|
-
})
|
|
171
|
-
|
|
172
|
-
authPublicProcessRouter.post('/resend-invitation-email', async (context, next) => {
|
|
173
|
-
const { t } = context
|
|
174
|
-
const { email, reference, type } = context.request.body
|
|
175
|
-
|
|
176
|
-
var succeed = await resendInvitationEmail(
|
|
177
|
-
{
|
|
178
|
-
email,
|
|
179
|
-
reference,
|
|
180
|
-
type
|
|
181
|
-
},
|
|
182
|
-
context
|
|
183
|
-
)
|
|
184
|
-
|
|
185
|
-
var message = t('text.invitation email sent')
|
|
186
|
-
|
|
187
|
-
if (succeed) {
|
|
188
|
-
context.status = 200
|
|
189
|
-
context.body = message
|
|
190
|
-
}
|
|
191
|
-
})
|
|
192
|
-
|
|
193
|
-
authPublicProcessRouter.post('/forgot-password', async (context, next) => {
|
|
194
|
-
const { t } = context
|
|
195
|
-
const { email } = context.request.body
|
|
196
|
-
|
|
197
|
-
if (!email) return next()
|
|
198
|
-
|
|
199
|
-
const userRepo = getRepository(User)
|
|
200
|
-
const user = await userRepo.findOne({
|
|
201
|
-
where: {
|
|
202
|
-
email
|
|
203
|
-
}
|
|
204
|
-
})
|
|
205
|
-
|
|
206
|
-
const succeed = await sendPasswordResetEmail({
|
|
207
|
-
user,
|
|
208
|
-
context
|
|
209
|
-
})
|
|
210
|
-
|
|
211
|
-
if (succeed) {
|
|
212
|
-
context.status = 200
|
|
213
|
-
context.body = t('text.password reset email sent')
|
|
214
|
-
}
|
|
215
|
-
})
|
|
216
|
-
|
|
217
|
-
authPublicProcessRouter.post('/reset-password', async (context, next) => {
|
|
218
|
-
const { header, t } = context
|
|
219
|
-
const { password, token } = context.request.body
|
|
220
|
-
|
|
221
|
-
try {
|
|
222
|
-
if (!(token && password)) {
|
|
223
|
-
let message = t('error.token or password is invalid')
|
|
224
|
-
|
|
225
|
-
context.status = 404
|
|
226
|
-
context.body = {
|
|
227
|
-
message
|
|
228
|
-
}
|
|
229
|
-
|
|
230
|
-
if (accepts(header.accept, ['text/html', '*/*'])) {
|
|
231
|
-
await context.render('auth-page', {
|
|
232
|
-
pageElement: 'reset-password',
|
|
233
|
-
elementScript: '/auth/reset-password.js',
|
|
234
|
-
data: {
|
|
235
|
-
token,
|
|
236
|
-
message,
|
|
237
|
-
passwordRule,
|
|
238
|
-
disableUserSignupProcess,
|
|
239
|
-
disableUserFavoredLanguage,
|
|
240
|
-
languages
|
|
241
|
-
}
|
|
242
|
-
})
|
|
243
|
-
}
|
|
244
|
-
|
|
245
|
-
return
|
|
246
|
-
}
|
|
247
|
-
|
|
248
|
-
await resetPassword(token, password, context)
|
|
249
|
-
|
|
250
|
-
var message = t('text.password changed successfully')
|
|
251
|
-
context.body = message
|
|
252
|
-
|
|
253
|
-
clearAccessTokenCookie(context)
|
|
254
|
-
|
|
255
|
-
if (accepts(header.accept, ['text/html', '*/*'])) {
|
|
256
|
-
await context.render('auth-page', {
|
|
257
|
-
pageElement: 'auth-result',
|
|
258
|
-
elementScript: '/auth/result.js',
|
|
259
|
-
data: {
|
|
260
|
-
message,
|
|
261
|
-
disableUserSignupProcess,
|
|
262
|
-
disableUserFavoredLanguage,
|
|
263
|
-
languages
|
|
264
|
-
}
|
|
265
|
-
})
|
|
266
|
-
}
|
|
267
|
-
} catch (e) {
|
|
268
|
-
context.status = 404
|
|
269
|
-
context.body = e.message
|
|
270
|
-
|
|
271
|
-
if (accepts(header.accept, ['text/html', '*/*'])) {
|
|
272
|
-
await context.render('auth-page', {
|
|
273
|
-
pageElement: 'reset-password',
|
|
274
|
-
elementScript: '/auth/reset-password.js',
|
|
275
|
-
data: {
|
|
276
|
-
token,
|
|
277
|
-
message: e.message,
|
|
278
|
-
passwordRule,
|
|
279
|
-
disableUserSignupProcess,
|
|
280
|
-
disableUserFavoredLanguage,
|
|
281
|
-
languages
|
|
282
|
-
}
|
|
283
|
-
})
|
|
284
|
-
}
|
|
285
|
-
}
|
|
286
|
-
})
|
|
287
|
-
|
|
288
|
-
authPublicProcessRouter.post('/unlock-user', async (context, next) => {
|
|
289
|
-
const { header, t } = context
|
|
290
|
-
const { password, token } = context.request.body
|
|
291
|
-
|
|
292
|
-
if (!(token || password)) {
|
|
293
|
-
context.status = 404
|
|
294
|
-
context.body = t('error.token or password is invalid')
|
|
295
|
-
|
|
296
|
-
return
|
|
297
|
-
}
|
|
298
|
-
|
|
299
|
-
var succeed = await unlockUser(token, password)
|
|
300
|
-
|
|
301
|
-
if (succeed) {
|
|
302
|
-
context.body = t('text.password reset succeed')
|
|
303
|
-
|
|
304
|
-
clearAccessTokenCookie(context)
|
|
305
|
-
}
|
|
306
|
-
|
|
307
|
-
if (accepts(header.accept, ['text/html', '*/*'])) {
|
|
308
|
-
await context.render('auth-page', {
|
|
309
|
-
pageElement: 'auth-result',
|
|
310
|
-
elementScript: '/auth/result.js',
|
|
311
|
-
data: {
|
|
312
|
-
message: t('text.account is reactivated'),
|
|
313
|
-
disableUserSignupProcess,
|
|
314
|
-
disableUserFavoredLanguage,
|
|
315
|
-
languages
|
|
316
|
-
}
|
|
317
|
-
})
|
|
318
|
-
}
|
|
319
|
-
})
|
|
@@ -1,76 +0,0 @@
|
|
|
1
|
-
import Router from 'koa-router'
|
|
2
|
-
|
|
3
|
-
import { config } from '@things-factory/env'
|
|
4
|
-
import { signinMiddleware } from '../middlewares'
|
|
5
|
-
import { accepts } from '../utils/accepts'
|
|
6
|
-
import { setAccessTokenCookie } from '../utils/access-token-cookie'
|
|
7
|
-
|
|
8
|
-
const disableUserSignupProcess = config.get('disableUserSignupProcess', false)
|
|
9
|
-
const disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)
|
|
10
|
-
const languages = config.get('i18n/languages', false)
|
|
11
|
-
|
|
12
|
-
const SSOConfig = config.get('sso', {} as any)
|
|
13
|
-
const SSOLinks = Object.values(SSOConfig)
|
|
14
|
-
.filter(({ link, title }) => link && title)
|
|
15
|
-
.map(({ link, title }) => {
|
|
16
|
-
return { link, title }
|
|
17
|
-
})
|
|
18
|
-
|
|
19
|
-
export const authSigninRouter = new Router()
|
|
20
|
-
|
|
21
|
-
authSigninRouter.get(
|
|
22
|
-
'/auth/signin',
|
|
23
|
-
async (ctx, next) => {
|
|
24
|
-
/* For forward compatibility, cover the case of logging in with username instead of email */
|
|
25
|
-
if (!ctx.request.body.email && ctx.request.body.username) {
|
|
26
|
-
ctx.request.body.email = ctx.request.body.username
|
|
27
|
-
}
|
|
28
|
-
await next()
|
|
29
|
-
},
|
|
30
|
-
async (context, next) => {
|
|
31
|
-
const { redirect_to, username } = context.query
|
|
32
|
-
|
|
33
|
-
await context.render('auth-page', {
|
|
34
|
-
pageElement: 'auth-signin',
|
|
35
|
-
elementScript: '/auth/signin.js',
|
|
36
|
-
data: {
|
|
37
|
-
username,
|
|
38
|
-
redirectTo: redirect_to,
|
|
39
|
-
ssoLinks: SSOLinks,
|
|
40
|
-
disableUserSignupProcess,
|
|
41
|
-
disableUserFavoredLanguage,
|
|
42
|
-
languages
|
|
43
|
-
}
|
|
44
|
-
})
|
|
45
|
-
}
|
|
46
|
-
)
|
|
47
|
-
|
|
48
|
-
authSigninRouter.post(
|
|
49
|
-
'/auth/signin',
|
|
50
|
-
async (ctx, next) => {
|
|
51
|
-
/* For backward compatibility, cover the case of logging in with email instead of username */
|
|
52
|
-
if (!ctx.request.body.username && ctx.request.body.email) {
|
|
53
|
-
ctx.request.body.username = ctx.request.body.email
|
|
54
|
-
}
|
|
55
|
-
await next()
|
|
56
|
-
},
|
|
57
|
-
signinMiddleware,
|
|
58
|
-
async (context, next) => {
|
|
59
|
-
const { request, t } = context
|
|
60
|
-
const { token, domain } = context.state
|
|
61
|
-
const { body: reqBody, header } = request
|
|
62
|
-
|
|
63
|
-
if (!accepts(header.accept, ['text/html', '*/*'])) {
|
|
64
|
-
context.body = token
|
|
65
|
-
return
|
|
66
|
-
}
|
|
67
|
-
|
|
68
|
-
var redirectTo = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(
|
|
69
|
-
reqBody.redirectTo || '/'
|
|
70
|
-
)}`
|
|
71
|
-
|
|
72
|
-
setAccessTokenCookie(context, token)
|
|
73
|
-
|
|
74
|
-
context.redirect(redirectTo)
|
|
75
|
-
}
|
|
76
|
-
)
|
|
@@ -1,95 +0,0 @@
|
|
|
1
|
-
import Router from 'koa-router'
|
|
2
|
-
|
|
3
|
-
import { config } from '@things-factory/env'
|
|
4
|
-
|
|
5
|
-
import { signup } from '../controllers/signup'
|
|
6
|
-
import { accepts } from '../utils/accepts'
|
|
7
|
-
import { setAccessTokenCookie } from '../utils/access-token-cookie'
|
|
8
|
-
|
|
9
|
-
const disableUserSignupProcess = config.get('disableUserSignupProcess', false)
|
|
10
|
-
const disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)
|
|
11
|
-
const languages = config.get('i18n/languages', false)
|
|
12
|
-
|
|
13
|
-
const passwordRule = config.get('password') || {
|
|
14
|
-
lowerCase: true,
|
|
15
|
-
upperCase: true,
|
|
16
|
-
digit: true,
|
|
17
|
-
specialCharacter: true,
|
|
18
|
-
allowRepeat: false,
|
|
19
|
-
useTightPattern: true,
|
|
20
|
-
useLoosePattern: false,
|
|
21
|
-
tightCharacterLength: 8,
|
|
22
|
-
looseCharacterLength: 15
|
|
23
|
-
}
|
|
24
|
-
|
|
25
|
-
export const authSignupRouter = new Router()
|
|
26
|
-
|
|
27
|
-
if (!disableUserSignupProcess) {
|
|
28
|
-
authSignupRouter.get('/auth/signup', async (context, next) => {
|
|
29
|
-
const { email } = context.query
|
|
30
|
-
|
|
31
|
-
await context.render('auth-page', {
|
|
32
|
-
pageElement: 'auth-signup',
|
|
33
|
-
elementScript: '/auth/signup.js',
|
|
34
|
-
data: {
|
|
35
|
-
email,
|
|
36
|
-
passwordRule,
|
|
37
|
-
disableUserSignupProcess,
|
|
38
|
-
disableUserFavoredLanguage,
|
|
39
|
-
languages
|
|
40
|
-
}
|
|
41
|
-
})
|
|
42
|
-
})
|
|
43
|
-
|
|
44
|
-
authSignupRouter.post('/auth/signup', async (context, next) => {
|
|
45
|
-
const { header, t } = context
|
|
46
|
-
const { domain } = context.state
|
|
47
|
-
const user = context.request.body
|
|
48
|
-
|
|
49
|
-
// try {
|
|
50
|
-
const { token } = await signup(
|
|
51
|
-
{
|
|
52
|
-
...user,
|
|
53
|
-
context,
|
|
54
|
-
domain
|
|
55
|
-
},
|
|
56
|
-
true
|
|
57
|
-
)
|
|
58
|
-
|
|
59
|
-
const message = t('text.user registered successfully')
|
|
60
|
-
context.body = {
|
|
61
|
-
message,
|
|
62
|
-
token
|
|
63
|
-
}
|
|
64
|
-
|
|
65
|
-
setAccessTokenCookie(context, token)
|
|
66
|
-
|
|
67
|
-
if (accepts(header.accept, ['text/html', '*/*'])) {
|
|
68
|
-
await context.render('auth-page', {
|
|
69
|
-
pageElement: 'auth-result',
|
|
70
|
-
elementScript: '/auth/result.js',
|
|
71
|
-
data: {
|
|
72
|
-
message,
|
|
73
|
-
disableUserSignupProcess,
|
|
74
|
-
disableUserFavoredLanguage,
|
|
75
|
-
languages
|
|
76
|
-
}
|
|
77
|
-
})
|
|
78
|
-
}
|
|
79
|
-
// } catch (e) {
|
|
80
|
-
// context.status = 401
|
|
81
|
-
// context.body = e.message
|
|
82
|
-
|
|
83
|
-
// if (accepts(header.accept, ['text/html', '*/*'])) {
|
|
84
|
-
// await context.render('auth-page', {
|
|
85
|
-
// pageElement: 'auth-signup',
|
|
86
|
-
// elementScript: '/auth/signup.js',
|
|
87
|
-
// data: {
|
|
88
|
-
// message: e instanceof AuthError ? t(`error.${e.message}`) : e.message,
|
|
89
|
-
// passwordRule
|
|
90
|
-
// }
|
|
91
|
-
// })
|
|
92
|
-
// }
|
|
93
|
-
// }
|
|
94
|
-
})
|
|
95
|
-
}
|
package/server/router/index.ts
DELETED
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
export * from './auth-private-process-router'
|
|
2
|
-
export * from './auth-public-process-router'
|
|
3
|
-
export * from './path-base-domain-router'
|
|
4
|
-
export * from './site-root-router'
|
|
5
|
-
export * from './oauth2'
|
|
6
|
-
export * from './auth-checkin-router'
|
|
7
|
-
export * from './auth-signin-router'
|
|
8
|
-
export * from './auth-signup-router'
|
|
9
|
-
export * from './webauthn-router'
|
|
@@ -1,81 +0,0 @@
|
|
|
1
|
-
import Router from 'koa-router'
|
|
2
|
-
|
|
3
|
-
import { getRepository } from '@things-factory/shell'
|
|
4
|
-
import { config } from '@things-factory/env'
|
|
5
|
-
|
|
6
|
-
import { Application } from '../../service/application/application'
|
|
7
|
-
import { NonClient, server as oauth2orizeServer } from './oauth2-server'
|
|
8
|
-
|
|
9
|
-
export const oauth2AuthorizeRouter = new Router()
|
|
10
|
-
|
|
11
|
-
const disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)
|
|
12
|
-
const languages = config.get('i18n/languages', false)
|
|
13
|
-
|
|
14
|
-
// user authorization endpoint
|
|
15
|
-
//
|
|
16
|
-
// `authorization` middleware accepts a `validate` callback which is
|
|
17
|
-
// responsible for validating the client making the authorization request. In
|
|
18
|
-
// doing so, is recommended that the `redirectURI` be checked against a
|
|
19
|
-
// registered value, although security requirements may vary accross
|
|
20
|
-
// implementations. Once validated, the `done` callback must be invoked with
|
|
21
|
-
// a `client` instance, as well as the `redirectURI` to which the user will be
|
|
22
|
-
// redirected after an authorization decision is obtained.
|
|
23
|
-
//
|
|
24
|
-
// This middleware simply initializes a new authorization transaction. It is
|
|
25
|
-
// the application's responsibility to authenticate the user and render a dialog
|
|
26
|
-
// to obtain their approval (displaying details about the client requesting
|
|
27
|
-
// authorization). We accomplish that here by routing through `ensureLoggedIn()`
|
|
28
|
-
// first, and rendering the `dialog` view.
|
|
29
|
-
|
|
30
|
-
oauth2AuthorizeRouter.get(
|
|
31
|
-
'/authorize',
|
|
32
|
-
oauth2orizeServer.authorize(async function (clientID, redirectURI) {
|
|
33
|
-
const client = await getRepository(Application).findOneBy({
|
|
34
|
-
appKey: clientID
|
|
35
|
-
})
|
|
36
|
-
// CONFIRM-ME redirectUrl 의 허용 범위는 ?
|
|
37
|
-
// if (!client.redirectUrl != redirectURI) {
|
|
38
|
-
// return false
|
|
39
|
-
// }
|
|
40
|
-
|
|
41
|
-
return [client || NonClient, redirectURI]
|
|
42
|
-
}),
|
|
43
|
-
async function (context, next) {
|
|
44
|
-
const { oauth2, user, domain } = context.state
|
|
45
|
-
|
|
46
|
-
let pageElement: string = 'oauth2-decision'
|
|
47
|
-
let elementScript: string = '/oauth2/oauth2-decision-page.js'
|
|
48
|
-
|
|
49
|
-
if (oauth2.client.id === NonClient.id) {
|
|
50
|
-
pageElement = 'oauth2-decision-error'
|
|
51
|
-
elementScript = '/oauth2/oauth2-decision-error-page.js'
|
|
52
|
-
}
|
|
53
|
-
|
|
54
|
-
try {
|
|
55
|
-
await context.render('oauth2-page', {
|
|
56
|
-
pageElement,
|
|
57
|
-
elementScript,
|
|
58
|
-
data: {
|
|
59
|
-
domain,
|
|
60
|
-
oauth2: {
|
|
61
|
-
...oauth2,
|
|
62
|
-
user: {
|
|
63
|
-
id: oauth2.user.id,
|
|
64
|
-
name: oauth2.user.name,
|
|
65
|
-
email: oauth2.user.email
|
|
66
|
-
}
|
|
67
|
-
},
|
|
68
|
-
disableUserFavoredLanguage,
|
|
69
|
-
languages
|
|
70
|
-
}
|
|
71
|
-
})
|
|
72
|
-
// await context.render(decisionPage, {
|
|
73
|
-
// domain: domain,
|
|
74
|
-
// ...oauth2, // client, redirectURI, req { type, clientID, redirectURI, scope, state}, user, transactionID, info, locals
|
|
75
|
-
// availableScopes
|
|
76
|
-
// })
|
|
77
|
-
} catch (e) {
|
|
78
|
-
throw e
|
|
79
|
-
}
|
|
80
|
-
}
|
|
81
|
-
)
|