@things-factory/auth-base 8.0.5 → 8.0.13

package/server/service/user/user-mutation.ts

@@ -10,6 +10,7 @@ import { buildDomainUsersQueryBuilder } from '../../utils/get-domain-users'
 import { Role } from '../role/role'
 import { User, UserStatus } from './user'
 import { NewUser, UserPatch } from './user-types'
+import { USERNAME_ALREADY_EXISTS, EMAIL_ALREADY_EXISTS } from '../../constants/error-code'
 
 @Resolver(User)
 export class UserMutation {
@@ -19,17 +20,27 @@ export class UserMutation {
   async createUser(@Arg('user') user: NewUser, @Ctx() context: ResolverContext) {
     const { domain, tx } = context.state
     const { defaultPassword } = config.get('password')
-    const { email } = user
+    const { username, email } = user
+    const userRepository = getRepository(User, tx)
 
+    user.username = username.trim()
     user.email = email.trim()
 
-    const oldUser: User = await getRepository(User, tx).findOne({ where: { email: ILike(user.email) } })
-    if (oldUser) {
-      throw new Error(context.t('error.x already exists in y', { x: context.t('field.user'), y: 'operato' }))
+    if (await userRepository.findOne({ where: { username: user.username } })) {
+      throw new Error(context.t(USERNAME_ALREADY_EXISTS))
+    }
+
+    if (await userRepository.findOne({ where: { email: ILike(user.email) } })) {
+      throw new Error(context.t(EMAIL_ALREADY_EXISTS))
     }
 
     if (!user.password && !defaultPassword) {
-      throw new Error(context.t('error.initial password or default password should be supported'))
+      throw new Error('initial password or default password should be supported.')
+    }
+
+    // TODO username은 다음 패턴을 따라야 한다. pattern="^[A-Za-z0-9]*$"
+    if (!/^[A-Za-z0-9]*$/.test(user.username)) {
+      throw new Error(context.t('error.invalid x', { x: context.t('field.username') }))
     }
 
     // consider if validation password rule is required
@@ -38,7 +49,7 @@ export class UserMutation {
 
     const salt = User.generateSalt()
 
-    return await getRepository(User, tx).save({
+    return await userRepository.save({
       creator: context.state.user,
       updater: context.state.user,
       ...user,
@@ -185,10 +196,10 @@ export class UserMutation {
   @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
   @Directive('@transaction')
   @Mutation(returns => Boolean, { description: 'To delete a user' })
-  async deleteUser(@Arg('email', type => GraphQLEmailAddress) email: string, @Ctx() context: ResolverContext) {
+  async deleteUser(@Arg('username') username: string, @Ctx() context: ResolverContext) {
     const { tx } = context.state
 
-    await commonDeleteUser({ email }, tx)
+    await commonDeleteUser({ username }, tx)
 
     return true
   }
@@ -196,25 +207,31 @@ export class UserMutation {
   @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
   @Directive('@transaction')
   @Mutation(returns => Boolean, { description: 'To delete some users' })
-  async deleteUsers(@Arg('emails', type => [String]) emails: string[], @Ctx() context: ResolverContext) {
+  async deleteUsers(@Arg('usernames', type => [String]) usernames: string[], @Ctx() context: ResolverContext) {
     const { tx } = context.state
-    await commonDeleteUsers({ emails }, tx)
+    await commonDeleteUsers({ usernames }, tx)
 
     return true
   }
 
   @Directive('@transaction')
   @Mutation(returns => Boolean, { description: 'To invite new user' })
-  async inviteUser(
-    @Arg('email', type => GraphQLEmailAddress) email: string,
-    @Ctx() context: ResolverContext
-  ): Promise<boolean> {
+  async inviteUser(@Arg('username') username: string, @Ctx() context: ResolverContext): Promise<boolean> {
     const { domain, tx } = context.state
-    const invitee: User = await getRepository(User, tx).findOne({
-      where: { email: ILike(email) },
+    const userRepository = getRepository(User, tx)
+
+    var invitee: User = await userRepository.findOne({
+      where: { username },
       relations: ['domains']
     })
 
+    if (!invitee && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
+      invitee = await userRepository.findOne({
+        where: { email: ILike(username) },
+        relations: ['domains']
+      })
+    }
+
     if (!invitee) {
       throw new Error(context.t('error.failed to find x', { x: context.t('field.user') }))
     }
@@ -223,8 +240,9 @@ export class UserMutation {
     if (existingDomains.find((d: Domain) => d.id === domain.id)) {
       throw new Error(context.t('error.x already exists in y', { x: context.t('field.user'), y: domain.name }))
     }
+
     invitee.domains = [...existingDomains, domain]
-    await getRepository(User, tx).save(invitee)
+    await userRepository.save(invitee)
 
     return true
   }
@@ -232,16 +250,22 @@ export class UserMutation {
   @Directive('@transaction')
   @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
   @Mutation(returns => Boolean, { description: 'To delete domain user' })
-  async deleteDomainUser(
-    @Arg('email', type => GraphQLEmailAddress) email: string,
-    @Ctx() context: ResolverContext
-  ): Promise<boolean> {
+  async deleteDomainUser(@Arg('username') username: string, @Ctx() context: ResolverContext): Promise<boolean> {
     const { tx, domain } = context.state
+    const userRepository = getRepository(User, tx)
 
-    let user: User = await getRepository(User, tx).findOne({
-      where: { email: ILike(email) },
-      relations: ['domains', 'roles', 'roles.domain']
+    var user: User = await userRepository.findOne({
+      where: { username },
+      relations: ['domains', 'roles']
     })
+
+    if (!user && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
+      user = await userRepository.findOne({
+        where: { email: ILike(username) },
+        relations: ['domains', 'roles']
+      })
+    }
+
     if (!user) {
       throw new Error(context.t('error.failed to find x', { x: context.t('field.user') }))
     }
@@ -255,9 +279,9 @@ export class UserMutation {
     user.domains.splice(targetDomainIdx, 1)
 
     // Remove domain's roles that user has
-    user.roles = user.roles.filter((role: Role) => role.domain.id !== domain.id)
+    user.roles = user.roles.filter((role: Role) => role.domainId !== domain.id)
 
-    await getRepository(User, tx).save(user)
+    await userRepository.save(user)
 
     return true
   }
@@ -265,18 +289,24 @@ export class UserMutation {
   @Directive('@privilege(domainOwnerGranted: true, superUserGranted: true)')
   @Directive('@transaction')
   @Mutation(returns => Boolean, { description: 'To transfer owner of domain' })
-  async transferOwner(
-    @Arg('email', type => GraphQLEmailAddress) email: string,
-    @Ctx() context: ResolverContext
-  ): Promise<boolean> {
+  async transferOwner(@Arg('username') username: string, @Ctx() context: ResolverContext): Promise<boolean> {
     const { domain, tx } = context.state
-    const user: User = await getRepository(User, tx).findOne({
-      where: { email: ILike(email) },
-      relations: ['domains', 'roles']
+    const userRepository = getRepository(User, tx)
+
+    var user: User = await userRepository.findOne({
+      where: { username },
+      relations: ['domains']
     })
 
+    if (!user && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
+      user = await userRepository.findOne({
+        where: { email: ILike(username) },
+        relations: ['domains']
+      })
+    }
+
     if (!user) {
-      throw new Error('Failed to find user')
+      throw new Error(context.t('error.failed to find x', { x: context.t('field.user') }))
     }
 
     if (user.status !== UserStatus.ACTIVATED) {
@@ -300,15 +330,24 @@ export class UserMutation {
   @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
   @Directive('@transaction')
   @Mutation(returns => Boolean, { description: 'To activate user' })
-  async activateUser(@Arg('userId') userId: string, @Ctx() context: ResolverContext): Promise<boolean> {
+  async activateUser(@Arg('username') username: string, @Ctx() context: ResolverContext): Promise<boolean> {
     const { tx, domain } = context.state
+    const userRepository = getRepository(User, tx)
 
-    const targetUser: User = await getRepository(User, tx).findOne({
-      where: { id: userId },
+    var targetUser: User = await userRepository.findOne({
+      where: { username },
       relations: ['domains']
     })
+
+    if (!targetUser && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
+      targetUser = await userRepository.findOne({
+        where: { email: ILike(username) },
+        relations: ['domains']
+      })
+    }
+
     if (!targetUser) {
-      throw new Error('No user found')
+      throw new Error(context.t('error.failed to find x', { x: context.t('field.user') }))
     }
 
     if (!targetUser?.domains?.find((userDomain: Domain) => userDomain.id === domain.id)) {
@@ -318,7 +357,7 @@ export class UserMutation {
     targetUser.failCount = 0
     targetUser.status = UserStatus.ACTIVATED
 
-    await getRepository(User, tx).save(targetUser)
+    await userRepository.save(targetUser)
 
     return true
   }
@@ -326,15 +365,24 @@ export class UserMutation {
   @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
   @Directive('@transaction')
   @Mutation(returns => Boolean, { description: 'To inactivate user' })
-  async inactivateUser(@Arg('userId') userId: string, @Ctx() context: ResolverContext): Promise<boolean> {
+  async inactivateUser(@Arg('username') username: string, @Ctx() context: ResolverContext): Promise<boolean> {
     const { tx, domain } = context.state
+    const userRepository = getRepository(User, tx)
 
-    const targetUser: User = await getRepository(User, tx).findOne({
-      where: { id: userId },
+    var targetUser: User = await userRepository.findOne({
+      where: { username },
       relations: ['domains']
     })
+
+    if (!targetUser && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
+      targetUser = await userRepository.findOne({
+        where: { email: ILike(username) },
+        relations: ['domains']
+      })
+    }
+
     if (!targetUser) {
-      throw new Error('No user found')
+      throw new Error(context.t('error.failed to find x', { x: context.t('field.user') }))
     }
 
     if (!targetUser?.domains?.find((userDomain: Domain) => userDomain.id === domain.id)) {
@@ -347,7 +395,7 @@ export class UserMutation {
 
     targetUser.status = UserStatus.INACTIVE
 
-    await getRepository(User, tx).save(targetUser)
+    await userRepository.save(targetUser)
 
     return true
   }
@@ -355,7 +403,7 @@ export class UserMutation {
   @Directive('@privilege(category: "user", privilege: "mutation", domainOwnerGranted: true)')
   @Directive('@transaction')
   @Mutation(returns => Boolean, { description: 'To reset password to default' })
-  async resetPasswordToDefault(@Arg('userId') userId: string, @Ctx() context: ResolverContext): Promise<boolean> {
+  async resetPasswordToDefault(@Arg('username') username: string, @Ctx() context: ResolverContext): Promise<boolean> {
     const { tx, domain } = context.state
 
     const { defaultPassword } = config.get('password')
@@ -363,12 +411,22 @@ export class UserMutation {
       throw new Error('No default password found')
     }
 
-    const targetUser: User = await getRepository(User, tx).findOne({
-      where: { id: userId },
+    const userRepository = getRepository(User, tx)
+
+    var targetUser: User = await userRepository.findOne({
+      where: { username },
       relations: ['domains']
     })
+
+    if (!targetUser && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
+      targetUser = await userRepository.findOne({
+        where: { email: ILike(username) },
+        relations: ['domains']
+      })
+    }
+
     if (!targetUser) {
-      throw new Error('No user found')
+      throw new Error(context.t('error.failed to find x', { x: context.t('field.user') }))
     }
 
     if (!targetUser?.domains?.find((userDomain: Domain) => userDomain.id === domain.id)) {
@@ -377,7 +435,8 @@ export class UserMutation {
 
     targetUser.salt = User.generateSalt()
     targetUser.password = User.encode(defaultPassword, targetUser.salt)
-    await getRepository(User, tx).save(targetUser)
+
+    await userRepository.save(targetUser)
 
     return true
   }
@@ -386,18 +445,28 @@ export class UserMutation {
   @Directive('@transaction')
   @Mutation(returns => User, { description: 'To update roles for a user' })
   async updateUserRoles(
-    @Arg('userId') userId: string,
+    @Arg('username') username: string,
     @Arg('availableRoles', type => [ObjectRef]) availableRoles: ObjectRef[],
     @Arg('selectedRoles', type => [ObjectRef]) selectedRoles: ObjectRef[],
     @Ctx() context: ResolverContext
   ) {
     const { domain, tx } = context.state
-    let user: User = await getRepository(User, tx).findOne({
-      where: { id: userId },
+    const userRepository = getRepository(User, tx)
+
+    var user: User = await userRepository.findOne({
+      where: { username },
       relations: ['domains', 'roles']
     })
+
+    if (!user && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
+      user = await userRepository.findOne({
+        where: { email: ILike(username) },
+        relations: ['domains', 'roles']
+      })
+    }
+
     if (!user) {
-      throw new Error('Failed to find user')
+      throw new Error(context.t('error.failed to find x', { x: context.t('field.user') }))
     }
 
     if (user.domains.map((d: Domain) => d.id).indexOf(domain.id) < 0) {
@@ -408,6 +477,6 @@ export class UserMutation {
     user.roles = user.roles.filter((r: Role) => availableRoleIds.indexOf(r.id) < 0)
     user.roles = user.roles.concat(selectedRoles as Role[])
 
-    return await getRepository(User, tx).save(user)
+    return await userRepository.save(user)
   }
 }

package/server/service/user/user-types.ts

@@ -35,6 +35,9 @@ export class PasswordRule {
 
 @InputType()
 export class NewUser {
+  @Field()
+  username: string
+
   @Field()
   name: string
 

package/server/service/user/user.ts

@@ -6,6 +6,7 @@ import {
   Column,
   CreateDateColumn,
   Entity,
+  ILike,
   Index,
   JoinTable,
   ManyToMany,
@@ -43,13 +44,23 @@ export enum UserStatus {
 }
 
 @Entity()
-@Index('ix_user_0', (user: User) => [user.email], { unique: true })
+@Index('ix_user_0', (user: User) => [user.email], {
+  unique: true
+})
+@Index('ix_user_1', (user: User) => [user.username], {
+  unique: true,
+  where: '"username" IS NOT NULL'
+})
 @ObjectType()
 export class User {
   @PrimaryGeneratedColumn('uuid')
   @Field(type => ID)
   readonly id: string
 
+  @Column({ nullable: true })
+  @Field({ nullable: true })
+  username: string
+
   @Column()
   @Field({ nullable: true })
   name: string
@@ -165,15 +176,10 @@ export class User {
 
   /* signing for jsonwebtoken */
   async sign(options?) {
-    var { expiresIn = sessionExpirySeconds, subdomain } = options || {}
+    var { expiresIn = sessionExpirySeconds } = options || {}
 
     var user = {
-      id: this.id,
-      userType: this.userType,
-      status: this.status,
-      domain: {
-        subdomain
-      }
+      username: this.username || this.email
     }
 
     return await jwt.sign(user, SECRET, {
@@ -262,18 +268,39 @@ export class User {
   }
 
   static async checkAuth(decoded) {
-    if (decoded?.id === undefined) {
+    // id 는 하위호환성을 위해 단기적으로 유지함
+    const { id, username } = decoded || {}
+
+    if (!id && !username) {
       throw new AuthError({
         errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND
       })
     }
 
     const repository = getRepository(User)
-    var user = await repository.findOne({
-      where: { id: decoded.id },
-      relations: ['domains', 'credentials'],
-      cache: true
-    })
+    if (id) {
+      var user = await repository.findOne({
+        where: { id },
+        relations: ['domains', 'credentials'],
+        cache: true
+      })
+    } else {
+      var user = await repository.findOne({
+        where: { username },
+        relations: ['domains', 'credentials'],
+        cache: true
+      })
+
+      if (!user && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
+        user = await repository.findOne({
+          where: {
+            email: ILike(username)
+          },
+          relations: ['domains', 'credentials'],
+          cache: true
+        })
+      }
+    }
 
     if (!user)
       throw new AuthError({

package/server/service/web-auth-credential/web-auth-credential.ts

@@ -11,7 +11,6 @@ import {
 } from 'typeorm'
 
 import { User } from '../user/user'
-import { AuthenticatorTransportFuture } from '@simplewebauthn/server/script/deps'
 
 @Entity()
 @Index(

package/server/templates/account-unlock-email.ts

@@ -1,4 +1,4 @@
-export function getUnlockUserEmailForm({ name, resetUrl }) {
+export function getUnlockUserEmailForm({ username, name, resetUrl }) {
   return `
   <html lang="en">
     <head>

package/server/templates/invitation-email.ts

@@ -1,4 +1,4 @@
-export function getInvitationEmailForm({ email, acceptUrl }) {
+export function getInvitationEmailForm({ username, email, acceptUrl }) {
   return `
   <html lang="en">
     <head>

package/server/templates/verification-email.ts

@@ -1,4 +1,4 @@
-export function getVerificationEmailForm({ name, verifyUrl }) {
+export function getVerificationEmailForm({ username, name, verifyUrl }) {
   return `
   <html lang="en">
     <head>

package/server/utils/access-token-cookie.ts

@@ -1,4 +1,3 @@
-import { getCookieDomainFromHostname } from '@things-factory/shell'
 import { config } from '@things-factory/env'
 import { MAX_AGE } from '../constants/max-age'
 
@@ -18,11 +17,6 @@ export function setAccessTokenCookie(context, token) {
     sameSite: 'Lax'
   }
 
-  const cookieDomain = getCookieDomainFromHostname(context.hostname)
-  if (cookieDomain) {
-    cookie['domain'] = cookieDomain
-  }
-
   context.cookies.set(accessTokenCookieKey, token, cookie)
 }
 
@@ -46,11 +40,6 @@ export function clearAccessTokenCookie(context) {
     sameSite: 'Lax'
   }
 
-  const cookieDomain = getCookieDomainFromHostname(context.hostname)
-  if (cookieDomain) {
-    cookie['domain'] = cookieDomain
-  }
-
   context.cookies.set(accessTokenCookieKey, '', cookie)
   /*
    * TODO clear i18next cookie as well - need to support domain

package/server/utils/check-user-has-role.ts

@@ -1,7 +1,7 @@
 import { Domain, getRepository } from '@things-factory/shell'
 
-import { User } from '../service/user/user'
-import { Role } from 'service'
+import { User } from '../service/user/user.js'
+import { Role } from '../service/role/role.js'
 
 /**
  * @description 사용자가 특정 도메인 또는 상위 도메인에서 특정 역할을 가지고 있는지 확인합니다.

package/server/utils/get-user-domains.ts

@@ -4,7 +4,7 @@ import { Domain, getRepository } from '@things-factory/shell'
 
 import { User } from '../service/user/user'
 
-export async function getUserDomains(user: User): Promise<Partial<Domain>[]> {
+export async function getUserDomains(user: User, extType?: string): Promise<Partial<Domain>[]> {
   return (
     await getRepository(Domain)
       .createQueryBuilder('DOMAIN')
@@ -31,34 +31,37 @@ export async function getUserDomains(user: User): Promise<Partial<Domain>[]> {
       })
       .orderBy('DOMAIN.name', 'ASC')
       .getMany()
-  ).map(domain => {
-    const { id, name, description, subdomain, extType, brandName, brandImage } = domain
-    return { id, name, description, subdomain, extType, brandName, brandImage }
-  })
+  )
+    .filter(domain => !extType || domain.extType == extType)
+    .map(domain => {
+      const { id, name, description, subdomain, extType, brandName, brandImage } = domain
+      /* do not remove id column for result */
+      return { id, name, description, subdomain, extType, brandName, brandImage }
+    })
 }
 
-export async function getRoleBasedDomains(user: User): Promise<Partial<Domain>[]> {
-  return (
-    await getRepository(Domain)
-      .createQueryBuilder('DOMAIN')
-      .where(qb => {
-        const subQuery = qb
-          .subQuery()
-          .distinct(true)
-          .select('DOMAIN.id')
-          .from(User, 'USER')
-          .leftJoin('USER.roles', 'ROLE')
-          .leftJoin('ROLE.domain', 'DOMAIN')
-          .where('USER.id = :userId', { userId: user.id })
-          .getQuery()
-        return 'DOMAIN.id IN ' + subQuery
-      })
-      .getMany()
-  ).map(domain => {
-    const { id, name, description, subdomain, extType, brandName, brandImage } = domain
-    return { id, name, description, subdomain, extType, brandName, brandImage }
-  })
-}
+// export async function getRoleBasedDomains(user: User): Promise<Partial<Domain>[]> {
+//   return (
+//     await getRepository(Domain)
+//       .createQueryBuilder('DOMAIN')
+//       .where(qb => {
+//         const subQuery = qb
+//           .subQuery()
+//           .distinct(true)
+//           .select('DOMAIN.id')
+//           .from(User, 'USER')
+//           .leftJoin('USER.roles', 'ROLE')
+//           .leftJoin('ROLE.domain', 'DOMAIN')
+//           .where('USER.id = :userId', { userId: user.id })
+//           .getQuery()
+//         return 'DOMAIN.id IN ' + subQuery
+//       })
+//       .getMany()
+//   ).map(domain => {
+//     const { id, name, description, subdomain, extType, brandName, brandImage } = domain
+//     return { id, name, description, subdomain, extType, brandName, brandImage }
+//   })
+// }
 
 export async function getDomainsWithPrivilege(
   user: User,

package/translations/en.json

@@ -4,6 +4,7 @@
   "error.confirm password not matched": "new password and confirm password is not matched",
   "error.domain mismatch": "certificate is not for this domain",
   "error.domain not allowed": "user not allowed domain `{subdomain}`",
+  "error.email already exists": "email already used by another user",
   "error.failed to find x": "failed to find {x}",
   "error.password should be supported": "initial password or default password should be supported",
   "error.password should match the rule": "password should match following rule. ${rule}",
@@ -11,13 +12,15 @@
   "error.subdomain not found": "domain not found",
   "error.token or password is invalid": "token or password is invalid",
   "error.unavailable-domain": "unavailable domain",
+  "error.user credential not found": "user credential not found. You need to register device to use biometric authentication.",
   "error.user credential registeration failed": "user credential registration failed. It may be an already registered credential.",
   "error.user credential registration not allowed": "user credential registration failed. The registration timed out or was not allowed.",
-  "error.user duplicated": "user duplicated",
+  "error.user duplicated.": "there is a user account using same email or user ID.",
   "error.user not activated": "user is not activated",
   "error.user not found": "user not found",
   "error.user or verification token not found": "user or verification token not found",
   "error.user validation failed": "user validation failed",
+  "error.username already exists": "username already used by another user",
   "error.x is not a member of y": "{x} is not a member of {y}",
   "field.active": "active",
   "field.appliance_id": "appliance id",
@@ -56,6 +59,7 @@
   "text.signout successfully": "signout successfully",
   "text.user activated successfully": "user activated successfully",
   "text.user credential registered successfully": "device registration has been successfully completed. You can now use biometric authentication.",
+  "text.user inactivated successfully": "user inactivated successfully",
   "text.user registered successfully": "user registered successfully. find your email to activate account",
   "text.verification email sent": "verification email sent"
 }

package/translations/ja.json

@@ -4,6 +4,7 @@
   "error.confirm password not matched": "新しいパスワードと確認パスワードが一致しません.",
   "error.domain mismatch": "証明書のドメインと現在のドメインが一致しません.",
   "error.domain not allowed": "'{subdomain}' 領域はこのユーザに許可されていません.",
+  "error.email already exists": "メールはすでに他のユーザーによって使用されています.",
   "error.failed to find x": "{x}が見つかりません.",
   "error.password should be supported": "初期パスワードまたはデフォルトパスワードがサポートされるべきです",
   "error.password should match the rule": "パスワードは次の規則を守らなければなりません. {rule}",
@@ -11,13 +12,15 @@
   "error.subdomain not found": "サブドメインが見つかりません.",
   "error.token or password is invalid": "トークンまたはパスワードが無効です.",
   "error.unavailable-domain": "使用できないドメインです.",
+  "error.user credential not found": "ユーザー資格情報が見つかりません. 生体認証を使用するにはデバイスを登録する必要があります.",
   "error.user credential registeration failed": "ユーザー資格情報の登録に失敗しました。既に登録されている資格情報の可能性があります。",
   "error.user credential registration not allowed": "ユーザー資格情報の登録に失敗しました。登録のタイムアウトまたは登録が許可されていません。",
-  "error.user duplicated": "同じメールで登録されたアカウントが存在します.",
+  "error.user duplicated.": "ユーザーが重複しています.",
   "error.user not activated": "ユーザーがアクティブ化されていません.",
   "error.user not found": "ユーザーが存在しません.",
   "error.user or verification token not found": "ユーザーまたは確認トークンが見つかりません.",
   "error.user validation failed": "ユーザー確認に失敗しました.",
+  "error.username already exists": "ユーザー名はすでに他のユーザーによって使用されています.",
   "error.x is not a member of y": "{x}は{y}のメンバーではありません.",
   "field.active": "アクティブ",
   "field.appliance_id": "器具ID",
@@ -56,6 +59,7 @@
   "text.signout successfully": "ログアウトに成功しました.",
   "text.user activated successfully": "ユーザーが正常に活性化されました.",
   "text.user credential registered successfully": "デバイスの登録が正常に完了しました。今後は生体認証を使用できます。",
+  "text.user inactivated successfully": "ユーザーが正常に非アクティブ化されました.",
   "text.user registered successfully": "ユーザーが正常に登録されました. 確認メールでアカウントを有効にしてください.",
   "text.verification email sent": "確認メールを送りました."
 }