@things-factory/auth-base 8.0.5 → 8.0.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/client/auth.ts +0 -4
- package/dist-client/auth.js +0 -3
- package/dist-client/auth.js.map +1 -1
- package/dist-client/tsconfig.tsbuildinfo +1 -1
- package/dist-server/constants/error-code.d.ts +2 -0
- package/dist-server/constants/error-code.js +3 -1
- package/dist-server/constants/error-code.js.map +1 -1
- package/dist-server/controllers/change-pwd.js +2 -2
- package/dist-server/controllers/change-pwd.js.map +1 -1
- package/dist-server/controllers/delete-user.js +13 -12
- package/dist-server/controllers/delete-user.js.map +1 -1
- package/dist-server/controllers/invitation.d.ts +2 -1
- package/dist-server/controllers/invitation.js +30 -5
- package/dist-server/controllers/invitation.js.map +1 -1
- package/dist-server/controllers/profile.d.ts +4 -3
- package/dist-server/controllers/profile.js +20 -2
- package/dist-server/controllers/profile.js.map +1 -1
- package/dist-server/controllers/signin.d.ts +4 -1
- package/dist-server/controllers/signin.js +17 -1
- package/dist-server/controllers/signin.js.map +1 -1
- package/dist-server/controllers/signup.js +13 -4
- package/dist-server/controllers/signup.js.map +1 -1
- package/dist-server/controllers/unlock-user.js +1 -0
- package/dist-server/controllers/unlock-user.js.map +1 -1
- package/dist-server/controllers/verification.js +1 -0
- package/dist-server/controllers/verification.js.map +1 -1
- package/dist-server/middlewares/domain-authenticate-middleware.js +0 -4
- package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/signin-middleware.js +5 -4
- package/dist-server/middlewares/signin-middleware.js.map +1 -1
- package/dist-server/middlewares/webauthn-middleware.js +9 -6
- package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
- package/dist-server/migrations/1548206416130-SeedUser.js +2 -1
- package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
- package/dist-server/router/auth-checkin-router.js +16 -9
- package/dist-server/router/auth-checkin-router.js.map +1 -1
- package/dist-server/router/auth-private-process-router.js +24 -11
- package/dist-server/router/auth-private-process-router.js.map +1 -1
- package/dist-server/router/auth-public-process-router.js +20 -9
- package/dist-server/router/auth-public-process-router.js.map +1 -1
- package/dist-server/router/auth-signin-router.js +10 -4
- package/dist-server/router/auth-signin-router.js.map +1 -1
- package/dist-server/router/webauthn-router.js.map +1 -1
- package/dist-server/routes.js +5 -4
- package/dist-server/routes.js.map +1 -1
- package/dist-server/service/invitation/invitation-mutation.d.ts +3 -2
- package/dist-server/service/invitation/invitation-mutation.js +20 -8
- package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
- package/dist-server/service/user/user-mutation.d.ts +10 -9
- package/dist-server/service/user/user-mutation.js +112 -54
- package/dist-server/service/user/user-mutation.js.map +1 -1
- package/dist-server/service/user/user-types.d.ts +1 -0
- package/dist-server/service/user/user-types.js +4 -0
- package/dist-server/service/user/user-types.js.map +1 -1
- package/dist-server/service/user/user.d.ts +1 -0
- package/dist-server/service/user/user.js +40 -14
- package/dist-server/service/user/user.js.map +1 -1
- package/dist-server/service/web-auth-credential/web-auth-credential.js.map +1 -1
- package/dist-server/templates/account-unlock-email.d.ts +2 -1
- package/dist-server/templates/account-unlock-email.js +1 -1
- package/dist-server/templates/account-unlock-email.js.map +1 -1
- package/dist-server/templates/invitation-email.d.ts +2 -1
- package/dist-server/templates/invitation-email.js +1 -1
- package/dist-server/templates/invitation-email.js.map +1 -1
- package/dist-server/templates/verification-email.d.ts +2 -1
- package/dist-server/templates/verification-email.js +1 -1
- package/dist-server/templates/verification-email.js.map +1 -1
- package/dist-server/tsconfig.tsbuildinfo +1 -1
- package/dist-server/utils/access-token-cookie.js +0 -9
- package/dist-server/utils/access-token-cookie.js.map +1 -1
- package/dist-server/utils/check-user-has-role.d.ts +1 -1
- package/dist-server/utils/check-user-has-role.js +2 -2
- package/dist-server/utils/check-user-has-role.js.map +1 -1
- package/dist-server/utils/get-user-domains.d.ts +1 -2
- package/dist-server/utils/get-user-domains.js +27 -23
- package/dist-server/utils/get-user-domains.js.map +1 -1
- package/package.json +9 -9
- package/server/constants/error-code.ts +2 -0
- package/server/controllers/change-pwd.ts +3 -2
- package/server/controllers/delete-user.ts +16 -13
- package/server/controllers/invitation.ts +36 -5
- package/server/controllers/profile.ts +29 -2
- package/server/controllers/signin.ts +21 -2
- package/server/controllers/signup.ts +16 -4
- package/server/controllers/unlock-user.ts +1 -0
- package/server/controllers/verification.ts +1 -0
- package/server/middlewares/domain-authenticate-middleware.ts +0 -5
- package/server/middlewares/signin-middleware.ts +5 -4
- package/server/middlewares/webauthn-middleware.ts +14 -10
- package/server/migrations/1548206416130-SeedUser.ts +2 -1
- package/server/router/auth-checkin-router.ts +19 -11
- package/server/router/auth-private-process-router.ts +26 -11
- package/server/router/auth-public-process-router.ts +22 -10
- package/server/router/auth-signin-router.ts +27 -16
- package/server/router/webauthn-router.ts +6 -8
- package/server/routes.ts +13 -4
- package/server/service/invitation/invitation-mutation.ts +24 -9
- package/server/service/user/user-mutation.ts +123 -54
- package/server/service/user/user-types.ts +3 -0
- package/server/service/user/user.ts +41 -14
- package/server/service/web-auth-credential/web-auth-credential.ts +0 -1
- package/server/templates/account-unlock-email.ts +1 -1
- package/server/templates/invitation-email.ts +1 -1
- package/server/templates/verification-email.ts +1 -1
- package/server/utils/access-token-cookie.ts +0 -11
- package/server/utils/check-user-has-role.ts +2 -2
- package/server/utils/get-user-domains.ts +30 -27
- package/translations/en.json +5 -1
- package/translations/ja.json +5 -1
- package/translations/ko.json +6 -3
- package/translations/ms.json +5 -1
- package/translations/zh.json +5 -1
- package/dist-server/utils/get-domain-from-hostname.d.ts +0 -1
- package/dist-server/utils/get-domain-from-hostname.js +0 -9
- package/dist-server/utils/get-domain-from-hostname.js.map +0 -1
- package/server/utils/get-domain-from-hostname.ts +0 -7
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"invitation.js","sourceRoot":"","sources":["../../server/controllers/invitation.ts"],"names":[],"mappings":";;AAYA,
|
|
1
|
+
{"version":3,"file":"invitation.js","sourceRoot":"","sources":["../../server/controllers/invitation.ts"],"names":[],"mappings":";;AAYA,wBA4DC;AAED,4CA+BC;AAED,kDAuBC;AAED,sDA8BC;AAlKD,qCAA+B;AAC/B,6BAAyB;AAEzB,2DAAsD;AACtD,iDAA6D;AAE7D,iEAA6D;AAC7D,+CAAuD;AACvD,oEAAsE;AACtE,yEAAmE;AACnE,yEAAmE;AAE5D,KAAK,UAAU,MAAM,CAAC,KAAK,EAAE,mBAA6B;IAC/D,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,KAAK,CAAA;IACpD,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IAEtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,IAAI,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAC9B,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC,EAAE;YACjC,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;IAE1B,6DAA6D;IAE7D,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,IAAI,SAAS,CAAC,CAAA;QAE7D,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,gCAAgC,IAAI,GAAG,CAAA;YACnD,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAA;QACtB,CAAC;IACH,CAAC;IAED,IAAI,mBAAmB,EAAE,CAAC;QACxB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAA;QAExB,+BAA+B;QAC/B,IAAI,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAC,SAAS,CAAC;YACzD,KAAK,EAAE,IAAA,eAAK,EAAC,KAAK,CAAC;YACnB,SAAS;YACT,IAAI;SACL,CAAC,CAAA;QAEF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAC,IAAI,CAAC;gBAChD,KAAK;gBACL,SAAS;gBACT,IAAI;aACL,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,MAAM,mBAAmB,CAAC;YAC/B,UAAU;YACV,IAAI;YACJ,OAAO;SACR,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,IAAI,EAAE,CAAC;QACT,IAAI,CAAC,OAAO,GAAG,CAAC,GAAG,OAAO,EAAE,MAAM,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;QACrF,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACtC,CAAC;SAAM,CAAC;QACN,sBAAsB;IACxB,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,gBAAgB,CAAC,KAAK;IAC1C,IAAI,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAC,SAAS,CAAC;QACzD,KAAK;KACN,CAAC,CAAA;IAEF,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAA;IAC1C,CAAC;IAED,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,UAAU,CAAA;IAE3C,IAAI,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,KAAK,CAAC,EAAE,EAAE,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAA;IAExG,IAAI,IAAI,EAAE,CAAC;QACT,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC1B,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,IAAI,SAAS,CAAC,CAAA;QAE7D,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,gCAAgC,IAAI,GAAG,CAAA;YACnD,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAA;QACtB,CAAC;QAED,IAAI,CAAC,OAAO,GAAG,CAAC,GAAG,OAAO,EAAE,MAAM,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;QACrF,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAEpC,MAAM,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC,CAAA;IACvD,CAAC;SAAM,CAAC;QACN,mBAAmB;IACrB,CAAC;IAED,OAAO,IAAI,CAAA;AACb,CAAC;AAEM,KAAK,UAAU,mBAAmB,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,OAAO,EAAE;IACrE,IAAI,CAAC;QACH,IAAI,KAAK,GAAG,IAAA,2CAAmB,GAAE,CAAA;QACjC,IAAI,WAAW,GAAG,MAAM,IAAA,2CAAmB,EAAC,UAAU,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;QAEjE,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,UAAU,GAAG,IAAI,SAAG,CAAC,gBAAgB,KAAK,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YAEzE,MAAM,IAAA,sBAAS,EAAC;gBACd,QAAQ,EAAE,UAAU,CAAC,KAAK;gBAC1B,OAAO,EAAE,YAAY;gBACrB,OAAO,EAAE,IAAA,yCAAsB,EAAC;oBAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,KAAK,EAAE,UAAU,CAAC,KAAK;oBACvB,SAAS,EAAE,UAAU;iBACtB,CAAC;aACH,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,qBAAqB,CACzC,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAsD,EAC9E,OAAO;IAEP,IAAI,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAC,SAAS,CAAC;QACzD,KAAK,EAAE,IAAA,eAAK,EAAC,KAAK,CAAC;QACnB,SAAS;QACT,IAAI;KACL,CAAC,CAAA;IAEF,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAA;IAC1C,CAAC;IAED,IAAI,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC;QAC3C,KAAK,EAAE;YACL,KAAK,EAAE,IAAA,eAAK,EAAC,KAAK,CAAC;YACnB,MAAM,EAAE,iBAAU,CAAC,SAAS;SAC7B;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,mBAAmB,KAAK,EAAE,CAAC,CAAA;IAC7C,CAAC;IAED,OAAO,MAAM,mBAAmB,CAAC;QAC/B,UAAU;QACV,IAAI;QACJ,OAAO;KACR,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { ILike } from 'typeorm'\nimport { URL } from 'url'\n\nimport { sendEmail } from '@things-factory/email-base'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { Invitation } from '../service/invitation/invitation'\nimport { User, UserStatus } from '../service/user/user'\nimport { getInvitationEmailForm } from '../templates/invitation-email'\nimport { makeInvitationToken } from './utils/make-invitation-token'\nimport { saveInvitationToken } from './utils/save-invitation-token'\n\nexport async function invite(attrs, withEmailInvitation?: Boolean) {\n const { username, reference, type, context } = attrs\n const repository = getRepository(User)\n\n var user = await repository.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!user && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: { email: ILike(username) },\n relations: ['domains']\n })\n }\n\n var domains = user.domains\n\n // TODO reference should not be a domain.id (security reason)\n\n if (user) {\n const domain = domains.find(domain => domain.id == reference)\n\n if (domain) {\n const msg = `user already a member of the ${type}.`\n throw new Error(msg)\n }\n }\n\n if (withEmailInvitation) {\n const email = user.email\n\n // TODO 초대장의 유효기간을 설정할 수 있어야 함.\n var invitation = await getRepository(Invitation).findOneBy({\n email: ILike(email),\n reference,\n type\n })\n\n if (!invitation) {\n invitation = await getRepository(Invitation).save({\n email,\n reference,\n type\n })\n }\n\n return await sendInvitationEmail({\n invitation,\n user,\n context\n })\n }\n\n if (user) {\n user.domains = [...domains, await getRepository(Domain).findOneBy({ id: reference })]\n await getRepository(User).save(user)\n } else {\n // TODO need to signup\n }\n}\n\nexport async function acceptInvitation(token) {\n var invitation = await getRepository(Invitation).findOneBy({\n token\n })\n\n if (!invitation) {\n throw new Error(`not found invitation.`)\n }\n\n var { email, reference, type } = invitation\n\n var user = await getRepository(User).findOne({ where: { email: ILike(email) }, relations: ['domains'] })\n\n if (user) {\n var domains = user.domains\n const domain = domains.find(domain => domain.id == reference)\n\n if (domain) {\n const msg = `user already a member of the ${type}.`\n throw new Error(msg)\n }\n\n user.domains = [...domains, await getRepository(Domain).findOneBy({ id: reference })]\n await getRepository(User).save(user)\n\n await getRepository(Invitation).delete(invitation.id)\n } else {\n // TODO goto signup\n }\n\n return true\n}\n\nexport async function sendInvitationEmail({ invitation, user, context }) {\n try {\n var token = makeInvitationToken()\n var verifaction = await saveInvitationToken(invitation.id, token)\n\n if (verifaction) {\n var serviceUrl = new URL(`/auth/accept/${token}`, context.header.referer)\n\n await sendEmail({\n receiver: invitation.email,\n subject: 'Invitation',\n content: getInvitationEmailForm({\n username: user.username,\n email: invitation.email,\n acceptUrl: serviceUrl\n })\n })\n\n return true\n }\n } catch (e) {\n return false\n }\n}\n\nexport async function resendInvitationEmail(\n { email, reference, type }: { email: string; reference: string; type: string },\n context\n) {\n var invitation = await getRepository(Invitation).findOneBy({\n email: ILike(email),\n reference,\n type\n })\n\n if (!invitation) {\n throw new Error(`not found invitation.`)\n }\n\n var user = await getRepository(User).findOne({\n where: {\n email: ILike(email),\n status: UserStatus.ACTIVATED\n }\n })\n\n if (!user) {\n throw new Error(`user not found: ${email}`)\n }\n\n return await sendInvitationEmail({\n invitation,\n user,\n context\n })\n}\n"]}
|
|
@@ -2,17 +2,18 @@ import { User } from '../service/user/user';
|
|
|
2
2
|
export declare function updateProfile({ id }: {
|
|
3
3
|
id: any;
|
|
4
4
|
}, newProfiles: any): Promise<{
|
|
5
|
-
|
|
5
|
+
username: string;
|
|
6
6
|
name: string;
|
|
7
|
+
email: string;
|
|
8
|
+
locale: string;
|
|
9
|
+
id: string;
|
|
7
10
|
description: string;
|
|
8
11
|
domains?: import("@things-factory/shell").Domain[];
|
|
9
|
-
email: string;
|
|
10
12
|
password: string;
|
|
11
13
|
roles?: import("..").Role[];
|
|
12
14
|
userType: string;
|
|
13
15
|
reference: string;
|
|
14
16
|
salt: string;
|
|
15
|
-
locale: string;
|
|
16
17
|
ssoId: string;
|
|
17
18
|
status: import("../service/user/user").UserStatus;
|
|
18
19
|
failCount: number;
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.updateProfile = updateProfile;
|
|
4
|
+
const typeorm_1 = require("typeorm");
|
|
4
5
|
const shell_1 = require("@things-factory/shell");
|
|
5
6
|
const error_code_1 = require("../constants/error-code");
|
|
6
7
|
const auth_error_1 = require("../errors/auth-error");
|
|
@@ -13,13 +14,30 @@ async function updateProfile({ id }, newProfiles) {
|
|
|
13
14
|
errorCode: error_code_1.USER_NOT_FOUND
|
|
14
15
|
});
|
|
15
16
|
}
|
|
16
|
-
/* only 'name', 'email' and 'locale' attributes can be changed */
|
|
17
|
-
var allowed = ['name', 'email', 'locale']
|
|
17
|
+
/* only 'username', 'name', 'email' and 'locale' attributes can be changed */
|
|
18
|
+
var allowed = ['username', 'name', 'email', 'locale']
|
|
18
19
|
.filter(attr => attr in newProfiles)
|
|
19
20
|
.reduce((sum, attr) => {
|
|
20
21
|
sum[attr] = newProfiles[attr];
|
|
21
22
|
return sum;
|
|
22
23
|
}, {});
|
|
24
|
+
/* check if email and username is unique */
|
|
25
|
+
if ('email' in allowed) {
|
|
26
|
+
var found = await repository.findOne({ where: { email: (0, typeorm_1.ILike)(allowed.email) } });
|
|
27
|
+
if (found && found.id != id) {
|
|
28
|
+
throw new auth_error_1.AuthError({
|
|
29
|
+
errorCode: auth_error_1.AuthError.ERROR_CODES.EMAIL_ALREADY_EXISTS
|
|
30
|
+
});
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
if ('username' in allowed) {
|
|
34
|
+
var found = await repository.findOne({ where: { username: allowed.username } });
|
|
35
|
+
if (found && found.id != id) {
|
|
36
|
+
throw new auth_error_1.AuthError({
|
|
37
|
+
errorCode: auth_error_1.AuthError.ERROR_CODES.USERNAME_ALREADY_EXISTS
|
|
38
|
+
});
|
|
39
|
+
}
|
|
40
|
+
}
|
|
23
41
|
return await repository.save(Object.assign(Object.assign({}, user), allowed));
|
|
24
42
|
}
|
|
25
43
|
//# sourceMappingURL=profile.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"profile.js","sourceRoot":"","sources":["../../server/controllers/profile.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"profile.js","sourceRoot":"","sources":["../../server/controllers/profile.ts"],"names":[],"mappings":";;AAQA,sCA8CC;AAtDD,qCAA+B;AAE/B,iDAAqD;AAErD,wDAAwD;AACxD,qDAAgD;AAChD,+CAA2C;AAEpC,KAAK,UAAU,aAAa,CAAC,EAAE,EAAE,EAAE,EAAE,WAAW;IACrD,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACtC,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;IAC/C,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,2BAAc;SAC1B,CAAC,CAAA;IACJ,CAAC;IAED,6EAA6E;IAC7E,IAAI,OAAO,GAKP,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC;SACxC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,IAAI,WAAW,CAAC;SACnC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;QACpB,GAAG,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,IAAI,CAAC,CAAA;QAC7B,OAAO,GAAG,CAAA;IACZ,CAAC,EAAE,EAAE,CAAC,CAAA;IAER,2CAA2C;IAC3C,IAAI,OAAO,IAAI,OAAO,EAAE,CAAC;QACvB,IAAI,KAAK,GAAS,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,OAAO,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAA;QAEtF,IAAI,KAAK,IAAI,KAAK,CAAC,EAAE,IAAI,EAAE,EAAE,CAAC;YAC5B,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,oBAAoB;aACtD,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,IAAI,UAAU,IAAI,OAAO,EAAE,CAAC;QAC1B,IAAI,KAAK,GAAS,MAAM,UAAU,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;QACrF,IAAI,KAAK,IAAI,KAAK,CAAC,EAAE,IAAI,EAAE,EAAE,CAAC;YAC5B,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,uBAAuB;aACzD,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,OAAO,MAAM,UAAU,CAAC,IAAI,iCACvB,IAAI,GACJ,OAAO,EACV,CAAA;AACJ,CAAC","sourcesContent":["import { ILike } from 'typeorm'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { USER_NOT_FOUND } from '../constants/error-code'\nimport { AuthError } from '../errors/auth-error'\nimport { User } from '../service/user/user'\n\nexport async function updateProfile({ id }, newProfiles) {\n const repository = getRepository(User)\n const user = await repository.findOneBy({ id })\n if (!user) {\n throw new AuthError({\n errorCode: USER_NOT_FOUND\n })\n }\n\n /* only 'username', 'name', 'email' and 'locale' attributes can be changed */\n var allowed: {\n username?: string\n name?: string\n email?: string\n locale?: string\n } = ['username', 'name', 'email', 'locale']\n .filter(attr => attr in newProfiles)\n .reduce((sum, attr) => {\n sum[attr] = newProfiles[attr]\n return sum\n }, {})\n\n /* check if email and username is unique */\n if ('email' in allowed) {\n var found: User = await repository.findOne({ where: { email: ILike(allowed.email) } })\n\n if (found && found.id != id) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.EMAIL_ALREADY_EXISTS\n })\n }\n }\n\n if ('username' in allowed) {\n var found: User = await repository.findOne({ where: { username: allowed.username } })\n if (found && found.id != id) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USERNAME_ALREADY_EXISTS\n })\n }\n }\n\n return await repository.save({\n ...user,\n ...allowed\n })\n}\n"]}
|
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
import { User } from '../service/user/user';
|
|
2
|
-
export declare function signin(attrs:
|
|
2
|
+
export declare function signin(attrs: {
|
|
3
|
+
username: string;
|
|
4
|
+
password: string;
|
|
5
|
+
}, context?: any): Promise<{
|
|
3
6
|
user: User;
|
|
4
7
|
token: string;
|
|
5
8
|
domains: import("@things-factory/shell").Domain[];
|
|
@@ -8,8 +8,20 @@ const auth_error_1 = require("../errors/auth-error");
|
|
|
8
8
|
const user_1 = require("../service/user/user");
|
|
9
9
|
async function signin(attrs, context) {
|
|
10
10
|
const { domain } = (context === null || context === void 0 ? void 0 : context.state) || {};
|
|
11
|
+
const { username } = attrs;
|
|
11
12
|
const repository = (0, shell_1.getRepository)(user_1.User);
|
|
12
|
-
|
|
13
|
+
var user = await repository.findOne({
|
|
14
|
+
where: { username },
|
|
15
|
+
relations: ['domains']
|
|
16
|
+
});
|
|
17
|
+
if (!user && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
|
|
18
|
+
user = await repository.findOne({
|
|
19
|
+
where: {
|
|
20
|
+
email: (0, typeorm_1.ILike)(username)
|
|
21
|
+
},
|
|
22
|
+
relations: ['domains']
|
|
23
|
+
});
|
|
24
|
+
}
|
|
13
25
|
if (!user)
|
|
14
26
|
throw new auth_error_1.AuthError({
|
|
15
27
|
errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_FOUND
|
|
@@ -27,6 +39,7 @@ async function signin(attrs, context) {
|
|
|
27
39
|
throw new auth_error_1.AuthError({
|
|
28
40
|
errorCode: auth_error_1.AuthError.ERROR_CODES.USER_LOCKED,
|
|
29
41
|
detail: {
|
|
42
|
+
username: user.username,
|
|
30
43
|
email: user.email
|
|
31
44
|
}
|
|
32
45
|
});
|
|
@@ -44,6 +57,7 @@ async function signin(attrs, context) {
|
|
|
44
57
|
throw new auth_error_1.AuthError({
|
|
45
58
|
errorCode: auth_error_1.AuthError.ERROR_CODES.USER_LOCKED,
|
|
46
59
|
detail: {
|
|
60
|
+
username: user.username,
|
|
47
61
|
email: user.email
|
|
48
62
|
}
|
|
49
63
|
});
|
|
@@ -51,6 +65,7 @@ async function signin(attrs, context) {
|
|
|
51
65
|
throw new auth_error_1.AuthError({
|
|
52
66
|
errorCode: auth_error_1.AuthError.ERROR_CODES.PASSWORD_NOT_MATCHED,
|
|
53
67
|
detail: {
|
|
68
|
+
username: user.username,
|
|
54
69
|
email: user.email,
|
|
55
70
|
failCount: user.failCount
|
|
56
71
|
}
|
|
@@ -64,6 +79,7 @@ async function signin(attrs, context) {
|
|
|
64
79
|
throw new auth_error_1.AuthError({
|
|
65
80
|
errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_ACTIVATED,
|
|
66
81
|
detail: {
|
|
82
|
+
username: user.username,
|
|
67
83
|
email: user.email
|
|
68
84
|
}
|
|
69
85
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signin.js","sourceRoot":"","sources":["../../server/controllers/signin.ts"],"names":[],"mappings":";;AAOA,
|
|
1
|
+
{"version":3,"file":"signin.js","sourceRoot":"","sources":["../../server/controllers/signin.ts"],"names":[],"mappings":";;AAOA,wBA0FC;AAjGD,qCAA+B;AAC/B,iDAAqD;AAErD,4DAAgE;AAChE,qDAAgD;AAChD,+CAAuD;AAEhD,KAAK,UAAU,MAAM,CAAC,KAA6C,EAAE,OAAQ;IAClF,MAAM,EAAE,MAAM,EAAE,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,KAAI,EAAE,CAAA;IACvC,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAA;IAE1B,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IAEtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,IAAI,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAC9B,KAAK,EAAE;gBACL,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC;aACvB;YACD,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,IAAI;QACP,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;SAChD,CAAC,CAAA;IAEJ,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,OAAO,EAAE,CAAC;QACtC,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,YAAY;SAC9C,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,MAAM,EAAE,CAAC;QACrC,IAAA,iCAAmB,EAAC;YAClB,IAAI;YACJ,OAAO;SACR,CAAC,CAAA;QACF,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;YAC5C,MAAM,EAAE;gBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;SACF,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,WAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3D,IAAI,CAAC,SAAS,EAAE,CAAA;QAChB,IAAI,IAAI,CAAC,SAAS,IAAI,CAAC;YAAE,IAAI,CAAC,MAAM,GAAG,iBAAU,CAAC,MAAM,CAAA;QACxD,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC3B,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,MAAM,EAAE,CAAC;YACrC,IAAA,iCAAmB,EAAC;gBAClB,IAAI;gBACJ,OAAO;aACR,CAAC,CAAA;YACF,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;gBAC5C,MAAM,EAAE;oBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;iBAClB;aACF,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,oBAAoB;YACrD,MAAM,EAAE;gBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B;SACF,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,SAAS,GAAG,CAAC,CAAA;QAClB,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC7B,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;YACnD,MAAM,EAAE;gBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;SACF,CAAC,CAAA;IACJ,CAAC;IAED,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC;QACxD,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE;KAC5B,CAAA;AACH,CAAC","sourcesContent":["import { ILike } from 'typeorm'\nimport { getRepository } from '@things-factory/shell'\n\nimport { sendUnlockUserEmail } from '../controllers/unlock-user'\nimport { AuthError } from '../errors/auth-error'\nimport { User, UserStatus } from '../service/user/user'\n\nexport async function signin(attrs: { username: string; password: string }, context?) {\n const { domain } = context?.state || {}\n const { username } = attrs\n\n const repository = getRepository(User)\n\n var user = await repository.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!user && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: {\n email: ILike(username)\n },\n relations: ['domains']\n })\n }\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n\n if (user.status == UserStatus.DELETED) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n if (user.status == UserStatus.LOCKED) {\n sendUnlockUserEmail({\n user,\n context\n })\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n username: user.username,\n email: user.email\n }\n })\n }\n\n if (!User.verify(user.password, attrs.password, user.salt)) {\n user.failCount++\n if (user.failCount >= 5) user.status = UserStatus.LOCKED\n await repository.save(user)\n if (user.status == UserStatus.LOCKED) {\n sendUnlockUserEmail({\n user,\n context\n })\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n username: user.username,\n email: user.email\n }\n })\n }\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.PASSWORD_NOT_MATCHED,\n detail: {\n username: user.username,\n email: user.email,\n failCount: user.failCount\n }\n })\n } else {\n user.failCount = 0\n await repository.save(user)\n }\n\n if (user.status == UserStatus.INACTIVE) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n username: user.username,\n email: user.email\n }\n })\n }\n\n return {\n user,\n token: await user.sign({ subdomain: domain?.subdomain }),\n domains: user.domains || []\n }\n}\n"]}
|
|
@@ -9,17 +9,26 @@ const user_1 = require("../service/user/user");
|
|
|
9
9
|
const signin_1 = require("./signin");
|
|
10
10
|
const verification_1 = require("./verification");
|
|
11
11
|
async function signup(attrs, withEmailVerification) {
|
|
12
|
-
const { name,
|
|
12
|
+
const { name, username, password, domain, context } = attrs;
|
|
13
13
|
/* check if password is following the rule */
|
|
14
14
|
user_1.User.validatePasswordByRule(password, context.lng);
|
|
15
15
|
const repository = (0, shell_1.getRepository)(user_1.User);
|
|
16
|
-
|
|
16
|
+
var duplicated = await repository.findOne({
|
|
17
|
+
where: { username },
|
|
18
|
+
relations: ['domains']
|
|
19
|
+
});
|
|
20
|
+
if (!duplicated && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
|
|
21
|
+
user = await repository.findOne({
|
|
22
|
+
where: { email: (0, typeorm_1.ILike)(username) },
|
|
23
|
+
relations: ['domains']
|
|
24
|
+
});
|
|
25
|
+
}
|
|
17
26
|
if (duplicated) {
|
|
18
27
|
throw new auth_error_1.AuthError({
|
|
19
28
|
errorCode: error_code_1.USER_DUPLICATED,
|
|
20
29
|
detail: {
|
|
21
30
|
name,
|
|
22
|
-
|
|
31
|
+
username
|
|
23
32
|
}
|
|
24
33
|
});
|
|
25
34
|
}
|
|
@@ -35,7 +44,7 @@ async function signup(attrs, withEmailVerification) {
|
|
|
35
44
|
try {
|
|
36
45
|
return {
|
|
37
46
|
token: await (0, signin_1.signin)({
|
|
38
|
-
|
|
47
|
+
username,
|
|
39
48
|
password
|
|
40
49
|
}, { domain })
|
|
41
50
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signup.js","sourceRoot":"","sources":["../../server/controllers/signup.ts"],"names":[],"mappings":";;AASA,
|
|
1
|
+
{"version":3,"file":"signup.js","sourceRoot":"","sources":["../../server/controllers/signup.ts"],"names":[],"mappings":";;AASA,wBA8DC;AAvED,qCAA+B;AAC/B,iDAAqD;AAErD,wDAAyD;AACzD,qDAAgD;AAChD,+CAA2C;AAC3C,qCAAiC;AACjC,iDAAsD;AAE/C,KAAK,UAAU,MAAM,CAAC,KAAK,EAAE,qBAA+B;IACjE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAA;IAE3D,6CAA6C;IAC7C,WAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAA;IAElD,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IAEtC,IAAI,UAAU,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;QACxC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,UAAU,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/D,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAC9B,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC,EAAE;YACjC,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,4BAAe;YAC1B,MAAM,EAAE;gBACN,IAAI;gBACJ,QAAQ;aACT;SACF,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,WAAI,CAAC,YAAY,EAAE,CAAA;IAEhC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI,+BAC9B,QAAQ,EAAE,MAAM,IACb,KAAK,KACR,IAAI,EACJ,QAAQ,EAAE,WAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,EACrC,iBAAiB,EAAE,IAAI,IAAI,EAAE,EAC7B,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,IAC/B,CAAA;IAEF,IAAI,OAAO,GAAG,KAAK,CAAA;IACnB,IAAI,qBAAqB,EAAE,CAAC;QAC1B,OAAO,GAAG,MAAM,IAAA,oCAAqB,EAAC;YACpC,OAAO;YACP,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC;QACH,OAAO;YACL,KAAK,EAAE,MAAM,IAAA,eAAM,EACjB;gBACE,QAAQ;gBACR,QAAQ;aACT,EACD,EAAE,MAAM,EAAE,CACX;SACF,CAAA;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;IACxB,CAAC;AACH,CAAC","sourcesContent":["import { ILike } from 'typeorm'\nimport { getRepository } from '@things-factory/shell'\n\nimport { USER_DUPLICATED } from '../constants/error-code'\nimport { AuthError } from '../errors/auth-error'\nimport { User } from '../service/user/user'\nimport { signin } from './signin'\nimport { sendVerificationEmail } from './verification'\n\nexport async function signup(attrs, withEmailVerification?: Boolean) {\n const { name, username, password, domain, context } = attrs\n\n /* check if password is following the rule */\n User.validatePasswordByRule(password, context.lng)\n\n const repository = getRepository(User)\n\n var duplicated = await repository.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!duplicated && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: { email: ILike(username) },\n relations: ['domains']\n })\n }\n\n if (duplicated) {\n throw new AuthError({\n errorCode: USER_DUPLICATED,\n detail: {\n name,\n username\n }\n })\n }\n\n const salt = User.generateSalt()\n\n var user = await repository.save({\n userType: 'user',\n ...attrs,\n salt,\n password: User.encode(password, salt),\n passwordUpdatedAt: new Date(),\n domains: domain ? [domain] : []\n })\n\n var succeed = false\n if (withEmailVerification) {\n succeed = await sendVerificationEmail({\n context,\n user\n })\n }\n\n try {\n return {\n token: await signin(\n {\n username,\n password\n },\n { domain }\n )\n }\n } catch (e) {\n return { token: null }\n }\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"unlock-user.js","sourceRoot":"","sources":["../../server/controllers/unlock-user.ts"],"names":[],"mappings":";;AAWA,
|
|
1
|
+
{"version":3,"file":"unlock-user.js","sourceRoot":"","sources":["../../server/controllers/unlock-user.ts"],"names":[],"mappings":";;AAWA,kDAsBC;AAED,gCA0BC;AA7DD,6BAAyB;AAEzB,2DAAsD;AACtD,iDAAqD;AAErD,+CAAuD;AACvD,yFAA2G;AAC3G,4EAA0E;AAC1E,6EAAuE;AACvE,6EAAuE;AAEhE,KAAK,UAAU,mBAAmB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE;IACzD,IAAI,CAAC;QACH,IAAI,KAAK,GAAG,IAAA,+CAAqB,GAAE,CAAA;QACnC,IAAI,WAAW,GAAG,MAAM,IAAA,+CAAqB,EAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,0CAAqB,CAAC,MAAM,CAAC,CAAA;QAE3F,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,UAAU,GAAG,IAAI,SAAG,CAAC,2BAA2B,KAAK,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YACpF,MAAM,IAAA,sBAAS,EAAC;gBACd,QAAQ,EAAE,IAAI,CAAC,KAAK;gBACpB,OAAO,EAAE,wBAAwB;gBACjC,OAAO,EAAE,IAAA,6CAAsB,EAAC;oBAC9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,QAAQ,EAAE,UAAU;iBACrB,CAAC;aACH,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,UAAU,CAAC,KAAK,EAAE,QAAQ;IAC9C,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAC,OAAO,CAAC;QAC9D,KAAK,EAAE;YACL,KAAK;YACL,IAAI,EAAE,0CAAqB,CAAC,MAAM;SACnC;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAA;IAEzB,IAAI,QAAQ,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;IAClE,IAAI,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC3B,IAAI,QAAQ,CAAC,MAAM,IAAI,iBAAU,CAAC,MAAM;QAAE,OAAO,KAAK,CAAA;IAEtD,QAAQ,CAAC,MAAM,GAAG,iBAAU,CAAC,SAAS,CAAA;IACtC,QAAQ,CAAC,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;IACxD,QAAQ,CAAC,SAAS,GAAG,CAAC,CAAA;IAEtB,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACxC,MAAM,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAC,MAAM,CAAC;QAC5C,MAAM;QACN,KAAK;QACL,IAAI,EAAE,0CAAqB,CAAC,MAAM;KACnC,CAAC,CAAA;IAEF,OAAO,IAAI,CAAA;AACb,CAAC","sourcesContent":["import { URL } from 'url'\n\nimport { sendEmail } from '@things-factory/email-base'\nimport { getRepository } from '@things-factory/shell'\n\nimport { User, UserStatus } from '../service/user/user'\nimport { VerificationToken, VerificationTokenType } from '../service/verification-token/verification-token'\nimport { getUnlockUserEmailForm } from '../templates/account-unlock-email'\nimport { makeVerificationToken } from './utils/make-verification-token'\nimport { saveVerificationToken } from './utils/save-verification-token'\n\nexport async function sendUnlockUserEmail({ user, context }) {\n try {\n var token = makeVerificationToken()\n var verifaction = await saveVerificationToken(user.id, token, VerificationTokenType.UNLOCK)\n\n if (verifaction) {\n var serviceUrl = new URL(`/auth/unlock-user?token=${token}`, context.header.referer)\n await sendEmail({\n receiver: user.email,\n subject: 'Your account is locked',\n content: getUnlockUserEmailForm({\n username: user.username,\n name: user.name,\n resetUrl: serviceUrl\n })\n })\n\n return true\n }\n } catch (e) {\n return false\n }\n}\n\nexport async function unlockUser(token, password) {\n var { userId } = await getRepository(VerificationToken).findOne({\n where: {\n token,\n type: VerificationTokenType.UNLOCK\n }\n })\n\n if (!userId) return false\n\n var userInfo = await getRepository(User).findOneBy({ id: userId })\n if (!userInfo) return false\n if (userInfo.status != UserStatus.LOCKED) return false\n\n userInfo.status = UserStatus.ACTIVATED\n userInfo.password = User.encode(password, userInfo.salt)\n userInfo.failCount = 0\n\n await getRepository(User).save(userInfo)\n await getRepository(VerificationToken).delete({\n userId,\n token,\n type: VerificationTokenType.UNLOCK\n })\n\n return true\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verification.js","sourceRoot":"","sources":["../../server/controllers/verification.ts"],"names":[],"mappings":";;AAYA,
|
|
1
|
+
{"version":3,"file":"verification.js","sourceRoot":"","sources":["../../server/controllers/verification.ts"],"names":[],"mappings":";;AAYA,sDAsBC;AAED,wBA+BC;AAED,0DAcC;AAnFD,6BAAyB;AAEzB,2DAAsD;AACtD,iDAAqD;AAErD,qDAAgD;AAChD,+CAAuD;AACvD,yFAAoF;AACpF,wEAA0E;AAC1E,6EAAuE;AACvE,6EAAuE;AAEhE,KAAK,UAAU,qBAAqB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE;IAC3D,IAAI,CAAC;QACH,IAAI,KAAK,GAAG,IAAA,+CAAqB,GAAE,CAAA;QACnC,IAAI,WAAW,GAAG,MAAM,IAAA,+CAAqB,EAAC,IAAI,CAAC,EAAE,EAAE,KAAK,CAAC,CAAA;QAE7D,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,UAAU,GAAG,IAAI,SAAG,CAAC,gBAAgB,KAAK,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YACzE,MAAM,IAAA,sBAAS,EAAC;gBACd,QAAQ,EAAE,IAAI,CAAC,KAAK;gBACpB,OAAO,EAAE,mBAAmB;gBAC5B,OAAO,EAAE,IAAA,6CAAwB,EAAC;oBAChC,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,SAAS,EAAE,UAAU;iBACtB,CAAC;aACH,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,MAAM,CAAC,KAAK;IAChC,IAAI,YAAY,GAAG,MAAM,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAC,OAAO,CAAC;QAChE,KAAK,EAAE;YACL,KAAK;SACN;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,QAAQ,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC,CAAA;IAC/E,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,IAAI,iBAAU,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,IAAI,iBAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACtF,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,QAAQ,CAAC,MAAM,GAAG,iBAAU,CAAC,SAAS,CAAA;IACtC,QAAQ,CAAC,SAAS,GAAG,CAAC,CAAA;IAEtB,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACxC,MAAM,IAAA,qBAAa,EAAC,sCAAiB,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;AAC7D,CAAC;AAEM,KAAK,UAAU,uBAAuB,CAAC,KAAK,EAAE,OAAO;IAC1D,IAAI,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC;QAC3C,KAAK,EAAE;YACL,KAAK;SACN;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAA;IACvB,IAAI,IAAI,CAAC,MAAM,IAAI,iBAAU,CAAC,SAAS;QAAE,OAAO,KAAK,CAAA;IAErD,OAAO,MAAM,qBAAqB,CAAC;QACjC,IAAI;QACJ,OAAO;KACR,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { URL } from 'url'\n\nimport { sendEmail } from '@things-factory/email-base'\nimport { getRepository } from '@things-factory/shell'\n\nimport { AuthError } from '../errors/auth-error'\nimport { User, UserStatus } from '../service/user/user'\nimport { VerificationToken } from '../service/verification-token/verification-token'\nimport { getVerificationEmailForm } from '../templates/verification-email'\nimport { makeVerificationToken } from './utils/make-verification-token'\nimport { saveVerificationToken } from './utils/save-verification-token'\n\nexport async function sendVerificationEmail({ user, context }) {\n try {\n var token = makeVerificationToken()\n var verifaction = await saveVerificationToken(user.id, token)\n\n if (verifaction) {\n var serviceUrl = new URL(`/auth/verify/${token}`, context.header.referer)\n await sendEmail({\n receiver: user.email,\n subject: 'Verify your email',\n content: getVerificationEmailForm({\n username: user.username,\n name: user.name,\n verifyUrl: serviceUrl\n })\n })\n\n return true\n }\n } catch (e) {\n return false\n }\n}\n\nexport async function verify(token) {\n var verification = await getRepository(VerificationToken).findOne({\n where: {\n token\n }\n })\n\n if (!verification) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.VERIFICATION_ERROR\n })\n }\n\n var userInfo = await getRepository(User).findOneBy({ id: verification.userId })\n if (!userInfo) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.VERIFICATION_ERROR\n })\n }\n\n if (!(userInfo.status == UserStatus.INACTIVE || userInfo.status == UserStatus.LOCKED)) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.VERIFICATION_ERROR\n })\n }\n\n userInfo.status = UserStatus.ACTIVATED\n userInfo.failCount = 0\n\n await getRepository(User).save(userInfo)\n await getRepository(VerificationToken).delete(verification)\n}\n\nexport async function resendVerificationEmail(email, context) {\n var user = await getRepository(User).findOne({\n where: {\n email\n }\n })\n\n if (!user) return false\n if (user.status == UserStatus.ACTIVATED) return false\n\n return await sendVerificationEmail({\n user,\n context\n })\n}\n"]}
|
|
@@ -1,14 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.domainAuthenticateMiddleware = domainAuthenticateMiddleware;
|
|
4
|
-
const env_1 = require("@things-factory/env");
|
|
5
4
|
const shell_1 = require("@things-factory/shell");
|
|
6
5
|
const auth_error_1 = require("../errors/auth-error");
|
|
7
6
|
const user_1 = require("../service/user/user");
|
|
8
7
|
const get_user_domains_1 = require("../utils/get-user-domains");
|
|
9
|
-
const useVirtualHostBasedDomain = !!env_1.config.get('useVirtualHostBasedDomain');
|
|
10
|
-
const fixed = env_1.config.get('subdomain');
|
|
11
|
-
const subdomainOffset = env_1.config.getNumber('subdomainOffset', 2);
|
|
12
8
|
process.domainOwnerGranted = async (domain, user) => {
|
|
13
9
|
return user && domain && domain.owner === user.id;
|
|
14
10
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"domain-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/domain-authenticate-middleware.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"domain-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/domain-authenticate-middleware.ts"],"names":[],"mappings":";;AAiDA,oEAuBC;AAxED,iDAA6D;AAE7D,qDAAgD;AAChD,+CAA2C;AAC3C,gEAA0D;AAW1D,OAAO,CAAC,kBAAkB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAClF,OAAO,IAAI,IAAI,MAAM,IAAI,MAAM,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACnD,CAAC,CAAA;AAED,OAAO,CAAC,gBAAgB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAChF,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,KAAK,CAAA;IACd,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACzB,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC;YACvC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,YAAY,GAAW,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAA;IACjG,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,YAAY,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACvC,CAAC,CAAA;AAED;;;;;;;;GAQG;AAEI,KAAK,UAAU,4BAA4B,CAAC,OAAY,EAAE,IAAS;IACxE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,MAAM,SAAS,GAAW,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,CAAA;IAE3C,gCAAgC;IAChC,mBAAmB;IACnB,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,sBAAS,CAAC;YAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,4BAA4B;IAC5B,MAAM,WAAW,GAAsB,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IACjE,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;QAChH,OAAO,MAAM,IAAI,EAAE,CAAA;IACrB,CAAC;IAED,MAAM,IAAI,sBAAS,CAAC;QAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;KACpD,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { Domain, getRepository } from '@things-factory/shell'\n\nimport { AuthError } from '../errors/auth-error'\nimport { User } from '../service/user/user'\nimport { getUserDomains } from '../utils/get-user-domains'\n\ndeclare global {\n namespace NodeJS {\n interface Process {\n domainOwnerGranted: (domain: Domain, user: User) => Promise<boolean>\n superUserGranted: (domain: Domain, user: User) => Promise<boolean>\n }\n }\n}\n\nprocess.domainOwnerGranted = async (domain: Domain, user: User): Promise<boolean> => {\n return user && domain && domain.owner === user.id\n}\n\nprocess.superUserGranted = async (domain: Domain, user: User): Promise<boolean> => {\n if (!user) {\n return false\n }\n\n if (!user.domains.length) {\n user = await getRepository(User).findOne({\n where: { id: user.id },\n relations: ['domains']\n })\n }\n\n const systemDomain: Domain = user.domains.find((domain: Domain) => domain.subdomain === 'system')\n if (!systemDomain) {\n return false\n }\n\n return systemDomain.owner === user.id\n}\n\n/*\n * 현재 subdomain 과 user의 domain list와의 비교를 통해서,\n * 인증 성공 또는 인증 에러를 발생시킬 것인지를 결정한다.\n * 1. 현재 subdomain 이 결정되지 않은 경우.\n * - checkin로 이동한다.\n * 2. superUser 판단\n * 3. 현재 subdomain 이 결정된 경우.\n * - user의 domains 리스트에 해당 subdomain이 없다면, 인증 오류를 발생한다.\n */\n\nexport async function domainAuthenticateMiddleware(context: any, next: any) {\n const { t } = context\n const { domain, user } = context.state\n\n const subdomain: string = domain?.subdomain\n\n // 1. 현재 subdomain 이 결정되지 않은 경우.\n // - checkin로 이동한다.\n if (!subdomain) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n }\n\n // 2. 현재 subdomain 이 결정된 경우.\n const userDomains: Partial<Domain>[] = await getUserDomains(user)\n if (userDomains.find(domain => domain.subdomain == subdomain) || (await process.superUserGranted(domain, user))) {\n return await next()\n }\n\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n}\n"]}
|
|
@@ -6,12 +6,13 @@ const koa_passport_1 = tslib_1.__importDefault(require("koa-passport"));
|
|
|
6
6
|
const passport_local_1 = require("passport-local");
|
|
7
7
|
const signin_1 = require("../controllers/signin");
|
|
8
8
|
koa_passport_1.default.use('signin', new passport_local_1.Strategy({
|
|
9
|
-
usernameField: '
|
|
10
|
-
passwordField: 'password'
|
|
11
|
-
|
|
9
|
+
usernameField: 'username',
|
|
10
|
+
passwordField: 'password',
|
|
11
|
+
passReqToCallback: true
|
|
12
|
+
}, async (req, username, password, done) => {
|
|
12
13
|
try {
|
|
13
14
|
const { user: userInfo, token, domains } = await (0, signin_1.signin)({
|
|
14
|
-
|
|
15
|
+
username,
|
|
15
16
|
password
|
|
16
17
|
});
|
|
17
18
|
return done(null, {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"signin-middleware.js","sourceRoot":"","sources":["../../server/middlewares/signin-middleware.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"signin-middleware.js","sourceRoot":"","sources":["../../server/middlewares/signin-middleware.ts"],"names":[],"mappings":";;AA0CA,4CAaC;;AAvDD,wEAAmC;AACnC,mDAA0D;AAE1D,kDAA8C;AAE9C,sBAAQ,CAAC,GAAG,CACV,QAAQ,EACR,IAAI,yBAAa,CACf;IACE,aAAa,EAAE,UAAU;IACzB,aAAa,EAAE,UAAU;IACzB,iBAAiB,EAAE,IAAI;CACxB,EACD,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE;IACtC,IAAI,CAAC;QACH,MAAM,EACJ,IAAI,EAAE,QAAQ,EACd,KAAK,EACL,OAAO,EACR,GAAG,MAAM,IAAA,eAAM,EAAC;YACf,QAAQ;YACR,QAAQ;SACT,CAAC,CAAA;QAEF,OAAO,IAAI,CACT,IAAI,EACJ;YACE,IAAI,EAAE,QAAQ;YACd,KAAK;YACL,OAAO;SACR,EACD;YACE,OAAO,EAAE,wBAAwB;SAClC,CACF,CAAA;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,CAAC,KAAK,CAAC,CAAA;IACpB,CAAC;AACH,CAAC,CACF,CACF,CAAA;AAEM,KAAK,UAAU,gBAAgB,CAAC,OAAO,EAAE,IAAI;IAClD,OAAO,sBAAQ,CAAC,YAAY,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;QACnF,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,GAAG,CAAA;QACX,CAAC;aAAM,CAAC;YACN,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;YAEtC,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,QAAQ,CAAA;YAC7B,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,KAAK,CAAA;YAE3B,MAAM,IAAI,EAAE,CAAA;QACd,CAAC;IACH,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACnB,CAAC","sourcesContent":["import passport from 'koa-passport'\nimport { Strategy as localStrategy } from 'passport-local'\n\nimport { signin } from '../controllers/signin'\n\npassport.use(\n 'signin',\n new localStrategy(\n {\n usernameField: 'username',\n passwordField: 'password',\n passReqToCallback: true\n },\n async (req, username, password, done) => {\n try {\n const {\n user: userInfo,\n token,\n domains\n } = await signin({\n username,\n password\n })\n\n return done(\n null,\n {\n user: userInfo,\n token,\n domains\n },\n {\n message: 'Logged in Successfully'\n }\n )\n } catch (error) {\n return done(error)\n }\n }\n )\n)\n\nexport async function signinMiddleware(context, next) {\n return passport.authenticate('signin', { session: false }, async (err, user, info) => {\n if (err || !user) {\n throw err\n } else {\n const { user: userInfo, token } = user\n\n context.state.user = userInfo\n context.state.token = token\n\n await next()\n }\n })(context, next)\n}\n"]}
|
|
@@ -21,14 +21,17 @@ koa_passport_1.default.use('webauthn-register', new passport_custom_1.Strategy(a
|
|
|
21
21
|
});
|
|
22
22
|
if (verification.verified) {
|
|
23
23
|
const { registrationInfo } = verification;
|
|
24
|
-
const publicKey = Buffer.from(registrationInfo.
|
|
24
|
+
const publicKey = Buffer.from(registrationInfo.credential.publicKey).toString('base64');
|
|
25
|
+
if (!registrationInfo) {
|
|
26
|
+
return done(null, false);
|
|
27
|
+
}
|
|
25
28
|
if (user) {
|
|
26
29
|
const webAuthRepository = (0, shell_1.getRepository)(web_auth_credential_1.WebAuthCredential);
|
|
27
30
|
await webAuthRepository.save({
|
|
28
31
|
user,
|
|
29
|
-
credentialId: registrationInfo.
|
|
32
|
+
credentialId: registrationInfo.credential.id,
|
|
30
33
|
publicKey,
|
|
31
|
-
counter: registrationInfo.counter,
|
|
34
|
+
counter: registrationInfo.credential.counter,
|
|
32
35
|
creator: user,
|
|
33
36
|
updater: user
|
|
34
37
|
});
|
|
@@ -59,9 +62,9 @@ koa_passport_1.default.use('webauthn-login', new passport_custom_1.Strategy(asyn
|
|
|
59
62
|
expectedOrigin: origin,
|
|
60
63
|
expectedRPID: hostname,
|
|
61
64
|
requireUserVerification: false,
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
+
credential: {
|
|
66
|
+
id: credential.credentialId,
|
|
67
|
+
publicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),
|
|
65
68
|
counter: credential.counter
|
|
66
69
|
}
|
|
67
70
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webauthn-middleware.js","sourceRoot":"","sources":["../../server/middlewares/webauthn-middleware.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"webauthn-middleware.js","sourceRoot":"","sources":["../../server/middlewares/webauthn-middleware.ts"],"names":[],"mappings":";;AA6GA,4DAqBC;;AAlID,wEAAmC;AACnC,qDAA4D;AAE5D,iDAAqD;AAGrD,qDAAgD;AAEhD,4FAAsF;AACtF,mDAI+B;AAE/B,sBAAQ,CAAC,GAAG,CACV,mBAAmB,EACnB,IAAI,0BAAc,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAc,CAAA;IAEhE,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAEnC,MAAM,YAAY,GAAG,MAAM,IAAA,mCAA0B,EAAC;QACpD,QAAQ,EAAE,IAAI;QACd,iBAAiB,EAAE,SAAS;QAC5B,cAAc,EAAE,MAAM;QACtB,YAAY,EAAE,QAAQ;QACtB,YAAY,EAAE,iBAAiB;QAC/B,uBAAuB,EAAE,KAAK;KAC/B,CAAC,CAAA;IAEF,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,EAAE,gBAAgB,EAAE,GAAG,YAAY,CAAA;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QACvF,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC1B,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAA;YAC1D,MAAM,iBAAiB,CAAC,IAAI,CAAC;gBAC3B,IAAI;gBACJ,YAAY,EAAE,gBAAgB,CAAC,UAAU,CAAC,EAAE;gBAC5C,SAAS;gBACT,OAAO,EAAE,gBAAgB,CAAC,UAAU,CAAC,OAAO;gBAC5C,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,IAAI;aACd,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;IAC1B,CAAC;AACH,CAAC,CAAC,CACH,CAAA;AAED,sBAAQ,CAAC,GAAG,CACV,gBAAgB,EAChB,IAAI,0BAAc,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzC,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAc,CAAA;QAE1D,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;QAEnC,MAAM,iBAAiB,GAAG,IAGzB,CAAA;QAED,MAAM,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,OAAO,CAAC;YAChE,KAAK,EAAE;gBACL,YAAY,EAAE,iBAAiB,CAAC,EAAE;aACnC;YACD,SAAS,EAAE,CAAC,MAAM,CAAC;SACpB,CAAC,CAAA;QAEF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC1B,CAAC;QAED,MAAM,YAAY,GAAG,MAAM,IAAA,qCAA4B,EAAC;YACtD,QAAQ,EAAE,IAAI;YACd,iBAAiB,EAAE,SAAS;YAC5B,cAAc,EAAE,MAAM;YACtB,YAAY,EAAE,QAAQ;YACtB,uBAAuB,EAAE,KAAK;YAC9B,UAAU,EAAE;gBACV,EAAE,EAAE,UAAU,CAAC,YAAY;gBAC3B,SAAS,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;gBACtE,OAAO,EAAE,UAAU,CAAC,OAAO;aAC5B;SACF,CAAC,CAAA;QAEF,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;YAC1B,MAAM,EAAE,kBAAkB,EAAE,GAAG,YAAY,CAAA;YAC3C,UAAU,CAAC,OAAO,GAAG,kBAAkB,CAAC,UAAU,CAAA;YAClD,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;YAEvD,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAA;YAC5B,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IAAC,OAAM,KAAK,EAAE,CAAC;QACd,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IAC3B,CAAC;AACH,CAAC,CAAC,CACH,CAAA;AAED,SAAgB,wBAAwB,CAAC,QAAgD;IACvF,OAAO,KAAK,UAAU,kBAAkB,CAAC,OAAO,EAAE,IAAI;QACpD,OAAO,sBAAQ,CAAC,YAAY,CAC1B,QAAQ,EACR,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,EAC5D,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YAClB,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,sBAAS,CAAC;oBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,yBAAyB;oBAC1D,MAAM,EAAE,GAAG;iBACZ,CAAC,CAAA;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;gBAEzB,OAAO,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAA;YACzC,CAAC;YAED,MAAM,IAAI,EAAE,CAAA;QACd,CAAC,CACF,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;IAClB,CAAC,CAAA;AACH,CAAC","sourcesContent":["import passport from 'koa-passport'\nimport { Strategy as CustomStrategy } from 'passport-custom'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user'\nimport { AuthError } from '../errors/auth-error'\n\nimport { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'\nimport {\n AuthenticatorAssertionResponse,\n verifyRegistrationResponse,\n verifyAuthenticationResponse\n} from '@simplewebauthn/server'\n\npassport.use(\n 'webauthn-register',\n new CustomStrategy(async (context, done) => {\n const { body, session, user, hostname, origin } = context as any\n\n const challenge = session.challenge\n\n const verification = await verifyRegistrationResponse({\n response: body,\n expectedChallenge: challenge,\n expectedOrigin: origin,\n expectedRPID: hostname,\n expectedType: 'webauthn.create',\n requireUserVerification: false\n })\n\n if (verification.verified) {\n const { registrationInfo } = verification\n const publicKey = Buffer.from(registrationInfo.credential.publicKey).toString('base64')\n if (!registrationInfo) {\n return done(null, false)\n }\n if (user) {\n const webAuthRepository = getRepository(WebAuthCredential)\n await webAuthRepository.save({\n user,\n credentialId: registrationInfo.credential.id,\n publicKey,\n counter: registrationInfo.credential.counter,\n creator: user,\n updater: user\n })\n }\n\n return done(null, user)\n } else {\n return done(null, false)\n }\n })\n)\n\npassport.use(\n 'webauthn-login',\n new CustomStrategy(async (context, done) => {\n try {\n const { body, session, origin, hostname } = context as any\n\n const challenge = session.challenge\n \n const assertionResponse = body as {\n id: string\n response: AuthenticatorAssertionResponse\n }\n \n const credential = await getRepository(WebAuthCredential).findOne({\n where: {\n credentialId: assertionResponse.id\n },\n relations: ['user']\n })\n \n if (!credential) {\n return done(null, false)\n }\n \n const verification = await verifyAuthenticationResponse({\n response: body,\n expectedChallenge: challenge,\n expectedOrigin: origin,\n expectedRPID: hostname,\n requireUserVerification: false,\n credential: {\n id: credential.credentialId,\n publicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),\n counter: credential.counter\n }\n })\n \n if (verification.verified) {\n const { authenticationInfo } = verification\n credential.counter = authenticationInfo.newCounter\n await getRepository(WebAuthCredential).save(credential)\n \n const user = credential.user\n return done(null, user)\n } else {\n return done(verification, false)\n }\n } catch(error) {\n return done(error, false)\n }\n })\n)\n\nexport function createWebAuthnMiddleware(strategy: 'webauthn-register' | 'webauthn-login') {\n return async function webAuthnMiddleware(context, next) {\n return passport.authenticate(\n strategy,\n { session: true, failureMessage: true, failWithError: true },\n async (err, user) => {\n if (err || !user) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.AUTHN_VERIFICATION_FAILED,\n detail: err\n })\n } else {\n context.state.user = user\n\n context.body = { user, verified: true }\n }\n\n await next()\n }\n )(context, next)\n }\n}\n"]}
|
|
@@ -6,6 +6,7 @@ const env_1 = require("@things-factory/env");
|
|
|
6
6
|
const shell_1 = require("@things-factory/shell");
|
|
7
7
|
const user_1 = require("../service/user/user");
|
|
8
8
|
const ADMIN_ACCOUNT = env_1.config.get('adminAccount', {
|
|
9
|
+
username: 'admin',
|
|
9
10
|
name: 'Admin',
|
|
10
11
|
email: 'admin@hatiolab.com',
|
|
11
12
|
password: 'admin'
|
|
@@ -30,7 +31,7 @@ class SeedUsers1548206416130 {
|
|
|
30
31
|
catch (e) {
|
|
31
32
|
env_1.logger.error(e);
|
|
32
33
|
}
|
|
33
|
-
const admin = await userRepository.findOne({ where: { email: (0, typeorm_1.ILike)(
|
|
34
|
+
const admin = await userRepository.findOne({ where: { email: (0, typeorm_1.ILike)(ADMIN_ACCOUNT.email) } });
|
|
34
35
|
domain.owner = admin.id;
|
|
35
36
|
await domainRepository.save(domain);
|
|
36
37
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"1548206416130-SeedUser.js","sourceRoot":"","sources":["../../server/migrations/1548206416130-SeedUser.ts"],"names":[],"mappings":";;;AAAA,qCAAgE;AAEhE,6CAAoD;AACpD,iDAA6D;AAE7D,+CAAuD;AAEvD,MAAM,aAAa,GAAG,YAAM,CAAC,GAAG,CAAC,cAAc,EAAE;IAC/C,IAAI,EAAE,OAAO;IACb,KAAK,EAAE,oBAAoB;IAC3B,QAAQ,EAAE,OAAO;CAClB,CAAC,CAAA;AAEF,MAAM,UAAU,GAAG;oCAEZ,aAAa,KAChB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,iBAAU,CAAC,SAAS;CAE/B,CAAA;AACD,MAAa,sBAAsB;IAC1B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,cAAc,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAA;QAE9C,MAAM,MAAM,GAAW,MAAM,gBAAgB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAEpF,IAAI,CAAC;YACH,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC1B,MAAM,IAAI,GAAG,WAAI,CAAC,YAAY,EAAE,CAAA;gBAChC,MAAM,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;gBAEjD,MAAM,cAAc,CAAC,IAAI,iCACpB,IAAI,KACP,IAAI;oBACJ,QAAQ,EACR,OAAO,EAAE,CAAC,MAAM,CAAC,IACjB,CAAA;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,
|
|
1
|
+
{"version":3,"file":"1548206416130-SeedUser.js","sourceRoot":"","sources":["../../server/migrations/1548206416130-SeedUser.ts"],"names":[],"mappings":";;;AAAA,qCAAgE;AAEhE,6CAAoD;AACpD,iDAA6D;AAE7D,+CAAuD;AAEvD,MAAM,aAAa,GAAG,YAAM,CAAC,GAAG,CAAC,cAAc,EAAE;IAC/C,QAAQ,EAAE,OAAO;IACjB,IAAI,EAAE,OAAO;IACb,KAAK,EAAE,oBAAoB;IAC3B,QAAQ,EAAE,OAAO;CAClB,CAAC,CAAA;AAEF,MAAM,UAAU,GAAG;oCAEZ,aAAa,KAChB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,iBAAU,CAAC,SAAS;CAE/B,CAAA;AACD,MAAa,sBAAsB;IAC1B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,cAAc,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAA;QAE9C,MAAM,MAAM,GAAW,MAAM,gBAAgB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAEpF,IAAI,CAAC;YACH,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC1B,MAAM,IAAI,GAAG,WAAI,CAAC,YAAY,EAAE,CAAA;gBAChC,MAAM,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;gBAEjD,MAAM,cAAc,CAAC,IAAI,iCACpB,IAAI,KACP,IAAI;oBACJ,QAAQ,EACR,OAAO,EAAE,CAAC,MAAM,CAAC,IACjB,CAAA;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAA;QAC5F,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,EAAE,CAAA;QAEvB,MAAM,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACxC,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;QAEtC,UAAU,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;YACxC,IAAI,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;YACrE,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QACjC,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAtCD,wDAsCC","sourcesContent":["import { ILike, MigrationInterface, QueryRunner } from 'typeorm'\n\nimport { config, logger } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { User, UserStatus } from '../service/user/user'\n\nconst ADMIN_ACCOUNT = config.get('adminAccount', {\n username: 'admin',\n name: 'Admin',\n email: 'admin@hatiolab.com',\n password: 'admin'\n})\n\nconst SEED_USERS = [\n {\n ...ADMIN_ACCOUNT,\n userType: 'user',\n status: UserStatus.ACTIVATED\n }\n]\nexport class SeedUsers1548206416130 implements MigrationInterface {\n public async up(queryRunner: QueryRunner): Promise<any> {\n const userRepository = getRepository(User)\n const domainRepository = getRepository(Domain)\n\n const domain: Domain = await domainRepository.findOne({ where: { name: 'SYSTEM' } })\n\n try {\n for (let i = 0; i < SEED_USERS.length; i++) {\n const user = SEED_USERS[i]\n const salt = User.generateSalt()\n const password = User.encode(user.password, salt)\n\n await userRepository.save({\n ...user,\n salt,\n password,\n domains: [domain]\n })\n }\n } catch (e) {\n logger.error(e)\n }\n\n const admin = await userRepository.findOne({ where: { email: ILike(ADMIN_ACCOUNT.email) } })\n domain.owner = admin.id\n\n await domainRepository.save(domain)\n }\n\n public async down(queryRunner: QueryRunner): Promise<any> {\n const repository = getRepository(User)\n\n SEED_USERS.reverse().forEach(async user => {\n let record = await repository.findOneBy({ email: ILike(user.email) })\n await repository.remove(record)\n })\n }\n}\n"]}
|
|
@@ -9,7 +9,7 @@ const login_history_1 = require("../service/login-history/login-history");
|
|
|
9
9
|
const accepts_1 = require("../utils/accepts");
|
|
10
10
|
const access_token_cookie_1 = require("../utils/access-token-cookie");
|
|
11
11
|
const get_user_domains_1 = require("../utils/get-user-domains");
|
|
12
|
-
const
|
|
12
|
+
const domainTypes = env_1.config.get('domainTypes');
|
|
13
13
|
exports.authCheckinRouter = new koa_router_1.default();
|
|
14
14
|
exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {
|
|
15
15
|
const { request, t } = context;
|
|
@@ -17,8 +17,9 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
|
|
|
17
17
|
const { user } = context.state;
|
|
18
18
|
let { subdomain } = context.params;
|
|
19
19
|
let domains = await (0, get_user_domains_1.getUserDomains)(user);
|
|
20
|
-
if (
|
|
21
|
-
domains = domains.filter(d => d.extType
|
|
20
|
+
if (domainTypes) {
|
|
21
|
+
domains = domains.filter(d => !d.extType || domainTypes.includes(d.extType));
|
|
22
|
+
}
|
|
22
23
|
if (!(0, accepts_1.accepts)(header.accept, ['text/html', '*/*'])) {
|
|
23
24
|
// When request expects non html response
|
|
24
25
|
try {
|
|
@@ -60,9 +61,15 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
|
|
|
60
61
|
pageElement: 'auth-checkin',
|
|
61
62
|
elementScript: '/auth/checkin.js',
|
|
62
63
|
data: {
|
|
63
|
-
user: {
|
|
64
|
+
user: {
|
|
65
|
+
username: user.username,
|
|
66
|
+
email: user.email,
|
|
67
|
+
locale: user.locale,
|
|
68
|
+
name: user.name,
|
|
69
|
+
userType: user.userType
|
|
70
|
+
},
|
|
64
71
|
domains,
|
|
65
|
-
|
|
72
|
+
domainTypes,
|
|
66
73
|
redirectTo,
|
|
67
74
|
message
|
|
68
75
|
}
|
|
@@ -70,15 +77,15 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
|
|
|
70
77
|
}
|
|
71
78
|
catch (e) {
|
|
72
79
|
(0, access_token_cookie_1.clearAccessTokenCookie)(context);
|
|
73
|
-
context.redirect(`/auth/signin?
|
|
80
|
+
context.redirect(`/auth/signin?username=${encodeURIComponent(user.username)}&redirect_to=${encodeURIComponent(redirectTo)}`);
|
|
74
81
|
}
|
|
75
82
|
}
|
|
76
83
|
});
|
|
77
84
|
exports.authCheckinRouter.get('/auth/domains', async (context) => {
|
|
78
85
|
const { user } = context.state;
|
|
79
86
|
var domains = await (0, get_user_domains_1.getUserDomains)(user);
|
|
80
|
-
if (
|
|
81
|
-
domains = domains.filter(d => d.extType ==
|
|
87
|
+
if (domainTypes) {
|
|
88
|
+
domains = domains.filter(d => d.extType == domainTypes);
|
|
82
89
|
}
|
|
83
90
|
context.body = domains;
|
|
84
91
|
});
|
|
@@ -89,7 +96,7 @@ async function checkIn(checkInDomain, redirectTo, context) {
|
|
|
89
96
|
: context.req.connection.remoteAddress;
|
|
90
97
|
await login_history_1.LoginHistory.stamp(checkInDomain, user, remoteAddress);
|
|
91
98
|
if (redirectTo) {
|
|
92
|
-
return context.redirect((0, shell_1.getRedirectSubdomainPath)(context, checkInDomain
|
|
99
|
+
return context.redirect((0, shell_1.getRedirectSubdomainPath)(context, checkInDomain, redirectTo));
|
|
93
100
|
}
|
|
94
101
|
}
|
|
95
102
|
//# sourceMappingURL=auth-checkin-router.js.map
|