@things-factory/auth-base 8.0.5 → 8.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/client/auth.ts +0 -4
- package/dist-client/auth.js +0 -3
- package/dist-client/auth.js.map +1 -1
- package/dist-client/tsconfig.tsbuildinfo +1 -1
- package/dist-server/constants/error-code.d.ts +2 -0
- package/dist-server/constants/error-code.js +3 -1
- package/dist-server/constants/error-code.js.map +1 -1
- package/dist-server/controllers/change-pwd.js +2 -2
- package/dist-server/controllers/change-pwd.js.map +1 -1
- package/dist-server/controllers/delete-user.js +13 -12
- package/dist-server/controllers/delete-user.js.map +1 -1
- package/dist-server/controllers/invitation.d.ts +2 -1
- package/dist-server/controllers/invitation.js +30 -5
- package/dist-server/controllers/invitation.js.map +1 -1
- package/dist-server/controllers/profile.d.ts +4 -3
- package/dist-server/controllers/profile.js +20 -2
- package/dist-server/controllers/profile.js.map +1 -1
- package/dist-server/controllers/signin.d.ts +4 -1
- package/dist-server/controllers/signin.js +17 -1
- package/dist-server/controllers/signin.js.map +1 -1
- package/dist-server/controllers/signup.js +13 -4
- package/dist-server/controllers/signup.js.map +1 -1
- package/dist-server/controllers/unlock-user.js +1 -0
- package/dist-server/controllers/unlock-user.js.map +1 -1
- package/dist-server/controllers/verification.js +1 -0
- package/dist-server/controllers/verification.js.map +1 -1
- package/dist-server/middlewares/domain-authenticate-middleware.js +0 -4
- package/dist-server/middlewares/domain-authenticate-middleware.js.map +1 -1
- package/dist-server/middlewares/signin-middleware.js +5 -4
- package/dist-server/middlewares/signin-middleware.js.map +1 -1
- package/dist-server/middlewares/webauthn-middleware.js +9 -6
- package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
- package/dist-server/migrations/1548206416130-SeedUser.js +2 -1
- package/dist-server/migrations/1548206416130-SeedUser.js.map +1 -1
- package/dist-server/router/auth-checkin-router.js +16 -9
- package/dist-server/router/auth-checkin-router.js.map +1 -1
- package/dist-server/router/auth-private-process-router.js +24 -11
- package/dist-server/router/auth-private-process-router.js.map +1 -1
- package/dist-server/router/auth-public-process-router.js +20 -9
- package/dist-server/router/auth-public-process-router.js.map +1 -1
- package/dist-server/router/auth-signin-router.js +10 -4
- package/dist-server/router/auth-signin-router.js.map +1 -1
- package/dist-server/router/webauthn-router.js.map +1 -1
- package/dist-server/routes.js +2 -2
- package/dist-server/routes.js.map +1 -1
- package/dist-server/service/invitation/invitation-mutation.d.ts +3 -2
- package/dist-server/service/invitation/invitation-mutation.js +20 -8
- package/dist-server/service/invitation/invitation-mutation.js.map +1 -1
- package/dist-server/service/user/user-mutation.d.ts +10 -9
- package/dist-server/service/user/user-mutation.js +112 -54
- package/dist-server/service/user/user-mutation.js.map +1 -1
- package/dist-server/service/user/user-types.d.ts +1 -0
- package/dist-server/service/user/user-types.js +4 -0
- package/dist-server/service/user/user-types.js.map +1 -1
- package/dist-server/service/user/user.d.ts +1 -0
- package/dist-server/service/user/user.js +40 -14
- package/dist-server/service/user/user.js.map +1 -1
- package/dist-server/service/web-auth-credential/web-auth-credential.js.map +1 -1
- package/dist-server/templates/account-unlock-email.d.ts +2 -1
- package/dist-server/templates/account-unlock-email.js +1 -1
- package/dist-server/templates/account-unlock-email.js.map +1 -1
- package/dist-server/templates/invitation-email.d.ts +2 -1
- package/dist-server/templates/invitation-email.js +1 -1
- package/dist-server/templates/invitation-email.js.map +1 -1
- package/dist-server/templates/verification-email.d.ts +2 -1
- package/dist-server/templates/verification-email.js +1 -1
- package/dist-server/templates/verification-email.js.map +1 -1
- package/dist-server/tsconfig.tsbuildinfo +1 -1
- package/dist-server/utils/access-token-cookie.js +0 -9
- package/dist-server/utils/access-token-cookie.js.map +1 -1
- package/dist-server/utils/check-user-has-role.d.ts +1 -1
- package/dist-server/utils/check-user-has-role.js +2 -2
- package/dist-server/utils/check-user-has-role.js.map +1 -1
- package/dist-server/utils/get-user-domains.d.ts +1 -2
- package/dist-server/utils/get-user-domains.js +27 -23
- package/dist-server/utils/get-user-domains.js.map +1 -1
- package/package.json +9 -9
- package/server/constants/error-code.ts +2 -0
- package/server/controllers/change-pwd.ts +3 -2
- package/server/controllers/delete-user.ts +16 -13
- package/server/controllers/invitation.ts +36 -5
- package/server/controllers/profile.ts +29 -2
- package/server/controllers/signin.ts +21 -2
- package/server/controllers/signup.ts +16 -4
- package/server/controllers/unlock-user.ts +1 -0
- package/server/controllers/verification.ts +1 -0
- package/server/middlewares/domain-authenticate-middleware.ts +0 -5
- package/server/middlewares/signin-middleware.ts +5 -4
- package/server/middlewares/webauthn-middleware.ts +14 -10
- package/server/migrations/1548206416130-SeedUser.ts +2 -1
- package/server/router/auth-checkin-router.ts +19 -11
- package/server/router/auth-private-process-router.ts +26 -11
- package/server/router/auth-public-process-router.ts +22 -10
- package/server/router/auth-signin-router.ts +27 -16
- package/server/router/webauthn-router.ts +6 -8
- package/server/routes.ts +6 -2
- package/server/service/invitation/invitation-mutation.ts +24 -9
- package/server/service/user/user-mutation.ts +123 -54
- package/server/service/user/user-types.ts +3 -0
- package/server/service/user/user.ts +41 -14
- package/server/service/web-auth-credential/web-auth-credential.ts +0 -1
- package/server/templates/account-unlock-email.ts +1 -1
- package/server/templates/invitation-email.ts +1 -1
- package/server/templates/verification-email.ts +1 -1
- package/server/utils/access-token-cookie.ts +0 -11
- package/server/utils/check-user-has-role.ts +2 -2
- package/server/utils/get-user-domains.ts +30 -27
- package/translations/en.json +5 -1
- package/translations/ja.json +5 -1
- package/translations/ko.json +6 -3
- package/translations/ms.json +5 -1
- package/translations/zh.json +5 -1
- package/dist-server/utils/get-domain-from-hostname.d.ts +0 -1
- package/dist-server/utils/get-domain-from-hostname.js +0 -9
- package/dist-server/utils/get-domain-from-hostname.js.map +0 -1
- package/server/utils/get-domain-from-hostname.ts +0 -7
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-checkin-router.js","sourceRoot":"","sources":["../../server/router/auth-checkin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA+F;AAE/F,0EAAqE;AAErE,8CAA0C;AAC1C,sEAAqE;AACrE,gEAA0D;AAE1D,MAAM,
|
|
1
|
+
{"version":3,"file":"auth-checkin-router.js","sourceRoot":"","sources":["../../server/router/auth-checkin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA+F;AAE/F,0EAAqE;AAErE,8CAA0C;AAC1C,sEAAqE;AACrE,gEAA0D;AAE1D,MAAM,WAAW,GAAG,YAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;AAEhC,QAAA,iBAAiB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE7C,yBAAiB,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzE,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;IAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAElC,IAAI,OAAO,GAAsB,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IAC3D,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAA;IAC9E,CAAC;IAED,IAAI,CAAC,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QAClD,yCAAyC;QACzC,IAAI,CAAC;YACH,IAAI,CAAC,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA,CAAC,qCAAqC;YACrH,MAAM,aAAa,GAAgC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAA,CAAC,wCAAwC;YACxI,IAAI,CAAC,aAAa;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;YAEnF,MAAM,OAAO,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;YAC3C,OAAO,CAAC,IAAI,GAAG,IAAI,CAAA;QACrB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,MAAM,CAAC,CAAA;QACT,CAAC;IACH,CAAC;SAAM,CAAC;QACN,qCAAqC;QACrC,MAAM,EAAE,WAAW,EAAE,UAAU,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEvD,IAAI,CAAC;YACH,IAAI,OAAe,CAAA;YAEnB,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,6CAA6C;gBAC7C,SAAS,GAAG,IAAA,6BAAqB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YACxD,CAAC;YAED,IAAI,aAA8B,CAAA;YAClC,IAAI,SAAS,EAAE,CAAC;gBACd,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;gBAC3D,IAAI,CAAC,aAAa;oBAAE,OAAO,GAAG,CAAC,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAA;YAC5E,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAChC,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;YAC5B,CAAC;YAED,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,MAAM,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YAC1D,CAAC;YAED,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,cAAc;gBAC3B,aAAa,EAAE,kBAAkB;gBACjC,IAAI,EAAE;oBACJ,IAAI,EAAE;wBACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;wBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB;oBACD,OAAO;oBACP,WAAW;oBACX,UAAU;oBACV,OAAO;iBACR;aACF,CAAC,CAAA;QACJ,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,OAAO,CAAC,QAAQ,CACd,yBAAyB,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAC3G,CAAA;QACH,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,yBAAiB,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,EAAC,OAAO,EAAC,EAAE;IACrD,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,OAAO,GAAG,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IACxC,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,WAAW,CAAC,CAAA;IACzD,CAAC;IAED,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,KAAK,UAAU,OAAO,CACpB,aAA8B,EAC9B,UAAyB,EACzB,OAAwB;IAExB,MAAM,EAAE,IAAI,EAAE,GAAmB,OAAO,CAAC,KAAK,CAAA;IAC9C,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC;QAC1D,CAAC,CAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;QACzE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,CAAA;IAExC,MAAM,4BAAY,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,EAAE,aAAa,CAAC,CAAA;IAE5D,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,OAAO,CAAC,QAAQ,CAAC,IAAA,gCAAwB,EAAC,OAAO,EAAE,aAAa,EAAE,UAAU,CAAC,CAAC,CAAA;IACvF,CAAC;AACH,CAAC","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, findSubdomainFromPath, getRedirectSubdomainPath } from '@things-factory/shell'\n\nimport { LoginHistory } from '../service/login-history/login-history'\nimport { User } from '../service/user/user'\nimport { accepts } from '../utils/accepts'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst domainTypes = config.get('domainTypes')\n\nexport const authCheckinRouter = new Router()\n\nauthCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {\n const { request, t } = context\n const header = request.header\n const { user } = context.state\n let { subdomain } = context.params\n\n let domains: Partial<Domain>[] = await getUserDomains(user)\n if (domainTypes) {\n domains = domains.filter(d => !d.extType || domainTypes.includes(d.extType))\n }\n\n if (!accepts(header.accept, ['text/html', '*/*'])) {\n // When request expects non html response\n try {\n if (!subdomain) throw new Error(t('error.domain not specified', { subdomain })) // When params doesn't have subdomain\n const checkInDomain: Partial<Domain> | undefined = domains.find(d => d.subdomain === subdomain) // When no matched domain with subdomain\n if (!checkInDomain) throw new Error(t('error.domain not specified', { subdomain }))\n\n await checkIn(checkInDomain, null, context)\n context.body = true\n } catch (e) {\n clearAccessTokenCookie(context)\n throw e\n }\n } else {\n // When request expects html response\n const { redirect_to: redirectTo = '/' } = context.query\n\n try {\n let message: string\n\n if (!subdomain) {\n /* try to find domain from redirectTo path */\n subdomain = findSubdomainFromPath(context, redirectTo)\n }\n\n let checkInDomain: Partial<Domain>\n if (subdomain) {\n checkInDomain = domains.find(d => d.subdomain == subdomain)\n if (!checkInDomain) message = t('error.domain not allowed', { subdomain })\n } else if (domains.length === 1) {\n checkInDomain = domains[0]\n }\n\n if (checkInDomain) {\n return await checkIn(checkInDomain, redirectTo, context)\n }\n\n await context.render('auth-page', {\n pageElement: 'auth-checkin',\n elementScript: '/auth/checkin.js',\n data: {\n user: {\n username: user.username,\n email: user.email,\n locale: user.locale,\n name: user.name,\n userType: user.userType\n },\n domains,\n domainTypes,\n redirectTo,\n message\n }\n })\n } catch (e) {\n clearAccessTokenCookie(context)\n context.redirect(\n `/auth/signin?username=${encodeURIComponent(user.username)}&redirect_to=${encodeURIComponent(redirectTo)}`\n )\n }\n }\n})\n\nauthCheckinRouter.get('/auth/domains', async context => {\n const { user } = context.state\n var domains = await getUserDomains(user)\n if (domainTypes) {\n domains = domains.filter(d => d.extType == domainTypes)\n }\n\n context.body = domains\n})\n\nasync function checkIn(\n checkInDomain: Partial<Domain>,\n redirectTo: string | null,\n context: ResolverContext\n): Promise<void> {\n const { user }: { user: User } = context.state\n const remoteAddress = context.req.headers['x-forwarded-for']\n ? (context.req.headers['x-forwarded-for'] as string).split(',')[0].trim()\n : context.req.connection.remoteAddress\n\n await LoginHistory.stamp(checkInDomain, user, remoteAddress)\n\n if (redirectTo) {\n return context.redirect(getRedirectSubdomainPath(context, checkInDomain, redirectTo))\n }\n}\n"]}
|
|
@@ -12,7 +12,7 @@ const profile_1 = require("../controllers/profile");
|
|
|
12
12
|
const user_1 = require("../service/user/user");
|
|
13
13
|
const access_token_cookie_1 = require("../utils/access-token-cookie");
|
|
14
14
|
const get_user_domains_1 = require("../utils/get-user-domains");
|
|
15
|
-
const
|
|
15
|
+
const domainTypes = env_1.config.get('domainTypes');
|
|
16
16
|
const languages = env_1.config.get('i18n/languages') || [];
|
|
17
17
|
exports.authPrivateProcessRouter = new koa_router_1.default({
|
|
18
18
|
prefix: '/auth'
|
|
@@ -39,16 +39,20 @@ exports.authPrivateProcessRouter
|
|
|
39
39
|
.post('/delete-user', async (context, next) => {
|
|
40
40
|
const { t, session } = context;
|
|
41
41
|
var { user } = context.state;
|
|
42
|
-
var {
|
|
43
|
-
var { password,
|
|
42
|
+
var { id: userId } = user;
|
|
43
|
+
var { password, username } = context.request.body;
|
|
44
44
|
const userRepo = (0, shell_1.getRepository)(user_1.User);
|
|
45
|
-
|
|
46
|
-
where: {
|
|
47
|
-
email: (0, typeorm_1.ILike)(userEmail)
|
|
48
|
-
},
|
|
45
|
+
var userInfo = await userRepo.findOne({
|
|
46
|
+
where: { username },
|
|
49
47
|
relations: ['domains']
|
|
50
48
|
});
|
|
51
|
-
if (
|
|
49
|
+
if (!userInfo && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
|
|
50
|
+
userInfo = await userRepo.findOne({
|
|
51
|
+
where: { email: (0, typeorm_1.ILike)(username) },
|
|
52
|
+
relations: ['domains']
|
|
53
|
+
});
|
|
54
|
+
}
|
|
55
|
+
if (userInfo.id != userId || !user_1.User.verify(userInfo.password, password, userInfo.salt)) {
|
|
52
56
|
context.status = 401;
|
|
53
57
|
context.body = t('error.user validation failed');
|
|
54
58
|
return;
|
|
@@ -66,7 +70,7 @@ exports.authPrivateProcessRouter
|
|
|
66
70
|
return;
|
|
67
71
|
}
|
|
68
72
|
let domains = await (0, get_user_domains_1.getUserDomains)(user);
|
|
69
|
-
domains = domains.filter((d) => d.extType
|
|
73
|
+
domains = domains.filter((d) => !d.extType || domainTypes.includes(d.extType));
|
|
70
74
|
var privileges = await user_1.User.getPrivilegesByDomain(user, domain);
|
|
71
75
|
if (prohibitedPrivileges) {
|
|
72
76
|
prohibitedPrivileges.forEach(({ category, privilege }) => {
|
|
@@ -75,6 +79,7 @@ exports.authPrivateProcessRouter
|
|
|
75
79
|
}
|
|
76
80
|
context.body = {
|
|
77
81
|
user: {
|
|
82
|
+
username: user.username,
|
|
78
83
|
email: user.email,
|
|
79
84
|
name: user.name,
|
|
80
85
|
userType: user.userType,
|
|
@@ -83,10 +88,18 @@ exports.authPrivateProcessRouter
|
|
|
83
88
|
unsafeIP,
|
|
84
89
|
privileges
|
|
85
90
|
},
|
|
86
|
-
domains,
|
|
91
|
+
domains: domains.map(({ id, name, description, subdomain, extType, brandName, brandImage }) => {
|
|
92
|
+
return {
|
|
93
|
+
name,
|
|
94
|
+
description,
|
|
95
|
+
subdomain,
|
|
96
|
+
extType
|
|
97
|
+
};
|
|
98
|
+
}),
|
|
87
99
|
domain: domain && {
|
|
88
100
|
name: domain.name,
|
|
89
|
-
subdomain: domain.subdomain
|
|
101
|
+
subdomain: domain.subdomain,
|
|
102
|
+
type: domain.extType
|
|
90
103
|
},
|
|
91
104
|
languages
|
|
92
105
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-private-process-router.js","sourceRoot":"","sources":["../../server/router/auth-private-process-router.ts"],"names":[],"mappings":";;;;AAAA,qCAA+B;AAC/B,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA6D;AAE7D,0DAAqD;AACrD,4DAAuD;AACvD,oDAAsD;AACtD,+CAA2C;AAC3C,sEAA2F;AAC3F,gEAA0D;AAE1D,MAAM,
|
|
1
|
+
{"version":3,"file":"auth-private-process-router.js","sourceRoot":"","sources":["../../server/router/auth-private-process-router.ts"],"names":[],"mappings":";;;;AAAA,qCAA+B;AAC/B,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA6D;AAE7D,0DAAqD;AACrD,4DAAuD;AACvD,oDAAsD;AACtD,+CAA2C;AAC3C,sEAA2F;AAC3F,gEAA0D;AAE1D,MAAM,WAAW,GAAG,YAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;AAC7C,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAA;AAEvC,QAAA,wBAAwB,GAAG,IAAI,oBAAM,CAAC;IACjD,MAAM,EAAE,OAAO;CAChB,CAAC,CAAA;AAEF,gCAAwB;KACrB,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEnE,MAAM,KAAK,GAAG,MAAM,IAAA,sBAAS,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAA;IAEhG,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;IAEtD,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;AACtC,CAAC,CAAC;KACD,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/C,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IACxC,MAAM,IAAA,uBAAa,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;IAEpD,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,mCAAmC,CAAC,CAAA;IAC3F,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,mCAAmC,CAAC,CAAA;IACvD,CAAC;AACH,CAAC,CAAC;KACD,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC9B,IAAI,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC5B,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,IAAI,CAAA;IAEzB,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEjD,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IAEpC,IAAI,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QACpC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,QAAQ,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7D,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;YAChC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC,EAAE;YACjC,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,QAAQ,CAAC,EAAE,IAAI,MAAM,IAAI,CAAC,WAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACtF,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;QAChD,OAAM;IACR,CAAC;IAED,MAAM,IAAA,wBAAU,EAAC,IAAI,CAAC,CAAA;IAEtB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;IAC/C,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;AACjC,CAAC,CAAC;KACD,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACvC,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,oBAAoB,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtE,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;QAChD,OAAM;IACR,CAAC;IAED,IAAI,OAAO,GAAsB,MAAM,IAAA,iCAAc,EAAC,IAAI,CAAC,CAAA;IAC3D,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAA;IAEtF,IAAI,UAAU,GAAG,MAAM,WAAI,CAAC,qBAAqB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IAE/D,IAAI,oBAAoB,EAAE,CAAC;QACzB,oBAAoB,CAAC,OAAO,CAAC,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE;YACvD,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,IAAI,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;QACzF,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,CAAC,IAAI,GAAG;QACb,IAAI,EAAE;YACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC;YACrD,KAAK,EAAE,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC;YACnD,QAAQ;YACR,UAAU;SACX;QACD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,EAAE;YAC5F,OAAO;gBACL,IAAI;gBACJ,WAAW;gBACX,SAAS;gBACT,OAAO;aACR,CAAA;QACH,CAAC,CAAC;QACF,MAAM,EAAE,MAAM,IAAI;YAChB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,IAAI,EAAE,MAAM,CAAC,OAAO;SACrB;QACD,SAAS;KACV,CAAA;AACH,CAAC,CAAC,CAAA","sourcesContent":["import { ILike } from 'typeorm'\nimport Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { changePwd } from '../controllers/change-pwd'\nimport { deleteUser } from '../controllers/delete-user'\nimport { updateProfile } from '../controllers/profile'\nimport { User } from '../service/user/user'\nimport { clearAccessTokenCookie, setAccessTokenCookie } from '../utils/access-token-cookie'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst domainTypes = config.get('domainTypes')\nconst languages = config.get('i18n/languages') || []\n\nexport const authPrivateProcessRouter = new Router({\n prefix: '/auth'\n})\n\nauthPrivateProcessRouter\n .post('/change-pass', async (context, next) => {\n const { t } = context\n let { current_pass, new_pass, confirm_pass } = context.request.body\n\n const token = await changePwd(context.state.user, current_pass, new_pass, confirm_pass, context)\n\n context.body = t('text.password changed successfully')\n\n setAccessTokenCookie(context, token)\n })\n .post('/update-profile', async (context, next) => {\n const { i18next, t } = context\n const newProfiles = context.request.body\n await updateProfile(context.state.user, newProfiles)\n\n if (newProfiles.locale) {\n context.body = i18next.getFixedT(newProfiles.locale)('text.profile changed successfully')\n } else {\n context.body = t('text.profile changed successfully')\n }\n })\n .post('/delete-user', async (context, next) => {\n const { t, session } = context\n var { user } = context.state\n var { id: userId } = user\n\n var { password, username } = context.request.body\n\n const userRepo = getRepository(User)\n\n var userInfo = await userRepo.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!userInfo && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n userInfo = await userRepo.findOne({\n where: { email: ILike(username) },\n relations: ['domains']\n })\n }\n\n if (userInfo.id != userId || !User.verify(userInfo.password, password, userInfo.salt)) {\n context.status = 401\n context.body = t('error.user validation failed')\n return\n }\n\n await deleteUser(user)\n\n context.body = t('text.delete account succeed')\n clearAccessTokenCookie(context)\n })\n .get('/profile', async (context, next) => {\n const { t } = context\n const { domain, user, unsafeIP, prohibitedPrivileges } = context.state\n\n if (!domain) {\n context.status = 401\n context.body = t('error.user validation failed')\n return\n }\n\n let domains: Partial<Domain>[] = await getUserDomains(user)\n domains = domains.filter((d: Domain) => !d.extType || domainTypes.includes(d.extType))\n\n var privileges = await User.getPrivilegesByDomain(user, domain)\n\n if (prohibitedPrivileges) {\n prohibitedPrivileges.forEach(({ category, privilege }) => {\n privileges = privileges.filter(p => p.category != category || p.privilege != privilege)\n })\n }\n\n context.body = {\n user: {\n username: user.username,\n email: user.email,\n name: user.name,\n userType: user.userType,\n owner: await process.domainOwnerGranted(domain, user),\n super: await process.superUserGranted(domain, user),\n unsafeIP,\n privileges\n },\n domains: domains.map(({ id, name, description, subdomain, extType, brandName, brandImage }) => {\n return {\n name,\n description,\n subdomain,\n extType\n }\n }),\n domain: domain && {\n name: domain.name,\n subdomain: domain.subdomain,\n type: domain.extType\n },\n languages\n }\n })\n"]}
|
|
@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.authPublicProcessRouter = void 0;
|
|
4
4
|
const tslib_1 = require("tslib");
|
|
5
5
|
const koa_router_1 = tslib_1.__importDefault(require("koa-router"));
|
|
6
|
+
const typeorm_1 = require("typeorm");
|
|
6
7
|
const env_1 = require("@things-factory/env");
|
|
7
8
|
const shell_1 = require("@things-factory/shell");
|
|
8
9
|
const invitation_1 = require("../controllers/invitation");
|
|
@@ -30,15 +31,23 @@ exports.authPublicProcessRouter = new koa_router_1.default({
|
|
|
30
31
|
prefix: '/auth'
|
|
31
32
|
});
|
|
32
33
|
exports.authPublicProcessRouter.post('/join', async (context, next) => {
|
|
33
|
-
const {
|
|
34
|
-
const
|
|
35
|
-
|
|
34
|
+
const { username } = context.request.body || {};
|
|
35
|
+
const repository = (0, shell_1.getRepository)(user_1.User);
|
|
36
|
+
var user = await repository.findOne({
|
|
37
|
+
where: { username },
|
|
38
|
+
relations: ['domains']
|
|
36
39
|
});
|
|
40
|
+
if (!user && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
|
|
41
|
+
user = await repository.findOne({
|
|
42
|
+
where: { email: (0, typeorm_1.ILike)(username) },
|
|
43
|
+
relations: ['domains']
|
|
44
|
+
});
|
|
45
|
+
}
|
|
37
46
|
if (user) {
|
|
38
|
-
context.redirect(`/auth/signin?
|
|
47
|
+
context.redirect(`/auth/signin?username=${username}`);
|
|
39
48
|
}
|
|
40
49
|
else {
|
|
41
|
-
context.redirect(`/auth/signup?
|
|
50
|
+
context.redirect(`/auth/signup?username=${username}`);
|
|
42
51
|
}
|
|
43
52
|
});
|
|
44
53
|
exports.authPublicProcessRouter.all('/signout', async (context, next) => {
|
|
@@ -167,8 +176,8 @@ exports.authPublicProcessRouter.post('/forgot-password', async (context, next) =
|
|
|
167
176
|
});
|
|
168
177
|
exports.authPublicProcessRouter.post('/reset-password', async (context, next) => {
|
|
169
178
|
const { header, t } = context;
|
|
179
|
+
const { password, token } = context.request.body;
|
|
170
180
|
try {
|
|
171
|
-
const { password, token } = context.request.body;
|
|
172
181
|
if (!(token && password)) {
|
|
173
182
|
let message = t('error.token or password is invalid');
|
|
174
183
|
context.status = 404;
|
|
@@ -192,7 +201,7 @@ exports.authPublicProcessRouter.post('/reset-password', async (context, next) =>
|
|
|
192
201
|
return;
|
|
193
202
|
}
|
|
194
203
|
await (0, reset_password_1.resetPassword)(token, password, context);
|
|
195
|
-
var message = t('text.password
|
|
204
|
+
var message = t('text.password changed successfully');
|
|
196
205
|
context.body = message;
|
|
197
206
|
(0, access_token_cookie_1.clearAccessTokenCookie)(context);
|
|
198
207
|
if ((0, accepts_1.accepts)(header.accept, ['text/html', '*/*'])) {
|
|
@@ -213,10 +222,12 @@ exports.authPublicProcessRouter.post('/reset-password', async (context, next) =>
|
|
|
213
222
|
context.body = e.message;
|
|
214
223
|
if ((0, accepts_1.accepts)(header.accept, ['text/html', '*/*'])) {
|
|
215
224
|
await context.render('auth-page', {
|
|
216
|
-
pageElement: '
|
|
217
|
-
elementScript: '/auth/
|
|
225
|
+
pageElement: 'reset-password',
|
|
226
|
+
elementScript: '/auth/reset-password.js',
|
|
218
227
|
data: {
|
|
228
|
+
token,
|
|
219
229
|
message: e.message,
|
|
230
|
+
passwordRule,
|
|
220
231
|
disableUserSignupProcess,
|
|
221
232
|
disableUserFavoredLanguage,
|
|
222
233
|
languages
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-public-process-router.js","sourceRoot":"","sources":["../../server/router/auth-public-process-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAAsE;AAEtE,0DAAiE;AACjE,kEAAqF;AACrF,4DAAuD;AACvD,8DAA6E;AAC7E,+CAA2C;AAC3C,8CAA0C;AAC1C,sEAAqE;AAErE,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AACrD,MAAM,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI;IAC7C,SAAS,EAAE,IAAI;IACf,SAAS,EAAE,IAAI;IACf,KAAK,EAAE,IAAI;IACX,gBAAgB,EAAE,IAAI;IACtB,WAAW,EAAE,KAAK;IAClB,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,KAAK;IACtB,oBAAoB,EAAE,CAAC;IACvB,oBAAoB,EAAE,EAAE;CACzB,CAAA;AAEY,QAAA,uBAAuB,GAAG,IAAI,oBAAM,CAAC;IAChD,MAAM,EAAE,OAAO;CAChB,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5D,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAA;IAE5C,MAAM,IAAI,GAAS,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,SAAS,CAAC;QACrD,KAAK;KACN,CAAC,CAAA;IAEF,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,CAAC,QAAQ,CAAC,sBAAsB,KAAK,EAAE,CAAC,CAAA;IACjD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,QAAQ,CAAC,sBAAsB,KAAK,EAAE,CAAC,CAAA;IACjD,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC9D,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;IAE/B,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,2BAA2B,CAAC,CAAA;IAE7C,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,OAAO,CAAC,QAAQ,CAAC,IAAA,uBAAe,EAAC,OAAO,CAAC,CAAC,CAAA;IAC5C,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,iBAAiB;QAC9B,aAAa,EAAE,0BAA0B;QACzC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACrE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,gBAAgB;QAC7B,aAAa,EAAE,yBAAyB;QACxC,IAAI,EAAE;YACJ,KAAK;YACL,YAAY;YACZ,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAClE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,aAAa;QAC1B,aAAa,EAAE,sBAAsB;QACrC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAEhC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,eAAe;QAC5B,aAAa,EAAE,mBAAmB;QAClC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACpE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,IAAI,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAA;IAEhC,MAAM,IAAA,qBAAM,EAAC,KAAK,CAAC,CAAA;IAEnB,IAAI,OAAO,GAAG,CAAC,CAAC,kCAAkC,CAAC,CAAA;IAEnD,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IAEtB,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,aAAa;YAC1B,aAAa,EAAE,iBAAiB;YAChC,IAAI,EAAE;gBACJ,OAAO;gBACP,wBAAwB;gBACxB,0BAA0B;gBAC1B,SAAS;aACV;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACjF,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEtC,IAAI,OAAO,GAAG,MAAM,IAAA,sCAAuB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAA;IAC3D,IAAI,OAAO,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;IAE/C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IACxB,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/E,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEvD,IAAI,OAAO,GAAG,MAAM,IAAA,kCAAqB,EACvC;QACE,KAAK;QACL,SAAS;QACT,IAAI;KACL,EACD,OAAO,CACR,CAAA;IAED,IAAI,OAAO,GAAG,CAAC,CAAC,4BAA4B,CAAC,CAAA;IAE7C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IACxB,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACvE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEtC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,EAAE,CAAA;IAEzB,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE;YACL,KAAK;SACN;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,MAAM,IAAA,uCAAsB,EAAC;QAC3C,IAAI;QACJ,OAAO;KACR,CAAC,CAAA;IAEF,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,gCAAgC,CAAC,CAAA;IACpD,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAE7B,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;QAEhD,IAAI,CAAC,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,CAAC;YACzB,IAAI,OAAO,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;YAErD,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;YACpB,OAAO,CAAC,IAAI,GAAG;gBACb,OAAO;aACR,CAAA;YAED,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;gBACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBAChC,WAAW,EAAE,gBAAgB;oBAC7B,aAAa,EAAE,yBAAyB;oBACxC,IAAI,EAAE;wBACJ,KAAK;wBACL,OAAO;wBACP,YAAY;wBACZ,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS;qBACV;iBACF,CAAC,CAAA;YACJ,CAAC;YAED,OAAM;QACR,CAAC;QAED,MAAM,IAAA,8BAAa,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAA;QAE7C,IAAI,OAAO,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;QAC9C,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;QAEtB,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;QAE/B,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,aAAa;gBAC1B,aAAa,EAAE,iBAAiB;gBAChC,IAAI,EAAE;oBACJ,OAAO;oBACP,wBAAwB;oBACxB,0BAA0B;oBAC1B,SAAS;iBACV;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,OAAO,CAAA;QAExB,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,aAAa;gBAC1B,aAAa,EAAE,iBAAiB;gBAChC,IAAI,EAAE;oBACJ,OAAO,EAAE,CAAC,CAAC,OAAO;oBAClB,wBAAwB;oBACxB,0BAA0B;oBAC1B,SAAS;iBACV;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACnE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEhD,IAAI,CAAC,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;QAEtD,OAAM;IACR,CAAC;IAED,IAAI,OAAO,GAAG,MAAM,IAAA,wBAAU,EAAC,KAAK,EAAE,QAAQ,CAAC,CAAA;IAE/C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;QAE/C,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;IACjC,CAAC;IAED,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,aAAa;YAC1B,aAAa,EAAE,iBAAiB;YAChC,IAAI,EAAE;gBACJ,OAAO,EAAE,CAAC,CAAC,6BAA6B,CAAC;gBACzC,wBAAwB;gBACxB,0BAA0B;gBAC1B,SAAS;aACV;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { getRepository, getSiteRootPath } from '@things-factory/shell'\n\nimport { resendInvitationEmail } from '../controllers/invitation'\nimport { resetPassword, sendPasswordResetEmail } from '../controllers/reset-password'\nimport { unlockUser } from '../controllers/unlock-user'\nimport { resendVerificationEmail, verify } from '../controllers/verification'\nimport { User } from '../service/user/user'\nimport { accepts } from '../utils/accepts'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie'\n\nconst disableUserSignupProcess = config.get('disableUserSignupProcess', false)\nconst disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)\nconst languages = config.get('i18n/languages', false)\nconst passwordRule = config.get('password') || {\n lowerCase: true,\n upperCase: true,\n digit: true,\n specialCharacter: true,\n allowRepeat: false,\n useTightPattern: true,\n useLoosePattern: false,\n tightCharacterLength: 8,\n looseCharacterLength: 15\n}\n\nexport const authPublicProcessRouter = new Router({\n prefix: '/auth'\n})\n\nauthPublicProcessRouter.post('/join', async (context, next) => {\n const { email } = context.request.body || {}\n\n const user: User = await getRepository(User).findOneBy({\n email\n })\n\n if (user) {\n context.redirect(`/auth/signin?email=${email}`)\n } else {\n context.redirect(`/auth/signup?email=${email}`)\n }\n})\n\nauthPublicProcessRouter.all('/signout', async (context, next) => {\n const { header, t } = context\n clearAccessTokenCookie(context)\n\n context.body = t('text.signout successfully')\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n context.redirect(getSiteRootPath(context))\n }\n})\n\nauthPublicProcessRouter.get('/forgot-password', async (context, next) => {\n const { email } = context.request.query\n\n await context.render('auth-page', {\n pageElement: 'forgot-password',\n elementScript: '/auth/forgot-password.js',\n data: {\n email,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n})\n\nauthPublicProcessRouter.get('/reset-password', async (context, next) => {\n const { token } = context.request.query\n\n await context.render('auth-page', {\n pageElement: 'reset-password',\n elementScript: '/auth/reset-password.js',\n data: {\n token,\n passwordRule,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n})\n\nauthPublicProcessRouter.get('/unlock-user', async (context, next) => {\n const { token } = context.request.query\n\n await context.render('auth-page', {\n pageElement: 'unlock-user',\n elementScript: '/auth/unlock-user.js',\n data: {\n token,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n})\n\nauthPublicProcessRouter.get('/activate/:email', async (context, next) => {\n const { email } = context.params\n\n await context.render('auth-page', {\n pageElement: 'auth-activate',\n elementScript: '/auth/activate.js',\n data: {\n email,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n})\n\nauthPublicProcessRouter.get('/verify/:token', async (context, next) => {\n const { header, t } = context\n var token = context.params.token\n\n await verify(token)\n\n var message = t('text.user activated successfully')\n\n context.body = message\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n await context.render('auth-page', {\n pageElement: 'auth-result',\n elementScript: '/auth/result.js',\n data: {\n message,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n})\n\nauthPublicProcessRouter.post('/resend-verification-email', async (context, next) => {\n const { t } = context\n const { email } = context.request.body\n\n var succeed = await resendVerificationEmail(email, context)\n var message = t('text.verification email sent')\n\n if (succeed) {\n context.status = 200\n context.body = message\n }\n})\n\nauthPublicProcessRouter.post('/resend-invitation-email', async (context, next) => {\n const { t } = context\n const { email, reference, type } = context.request.body\n\n var succeed = await resendInvitationEmail(\n {\n email,\n reference,\n type\n },\n context\n )\n\n var message = t('text.invitation email sent')\n\n if (succeed) {\n context.status = 200\n context.body = message\n }\n})\n\nauthPublicProcessRouter.post('/forgot-password', async (context, next) => {\n const { t } = context\n const { email } = context.request.body\n\n if (!email) return next()\n\n const userRepo = getRepository(User)\n const user = await userRepo.findOne({\n where: {\n email\n }\n })\n\n const succeed = await sendPasswordResetEmail({\n user,\n context\n })\n\n if (succeed) {\n context.status = 200\n context.body = t('text.password reset email sent')\n }\n})\n\nauthPublicProcessRouter.post('/reset-password', async (context, next) => {\n const { header, t } = context\n\n try {\n const { password, token } = context.request.body\n\n if (!(token && password)) {\n let message = t('error.token or password is invalid')\n\n context.status = 404\n context.body = {\n message\n }\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n await context.render('auth-page', {\n pageElement: 'reset-password',\n elementScript: '/auth/reset-password.js',\n data: {\n token,\n message,\n passwordRule,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n\n return\n }\n\n await resetPassword(token, password, context)\n\n var message = t('text.password reset succeed')\n context.body = message\n\n clearAccessTokenCookie(context)\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n await context.render('auth-page', {\n pageElement: 'auth-result',\n elementScript: '/auth/result.js',\n data: {\n message,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n } catch (e) {\n context.status = 404\n context.body = e.message\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n await context.render('auth-page', {\n pageElement: 'auth-result',\n elementScript: '/auth/result.js',\n data: {\n message: e.message,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n }\n})\n\nauthPublicProcessRouter.post('/unlock-user', async (context, next) => {\n const { header, t } = context\n const { password, token } = context.request.body\n\n if (!(token || password)) {\n context.status = 404\n context.body = t('error.token or password is invalid')\n\n return\n }\n\n var succeed = await unlockUser(token, password)\n\n if (succeed) {\n context.body = t('text.password reset succeed')\n\n clearAccessTokenCookie(context)\n }\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n await context.render('auth-page', {\n pageElement: 'auth-result',\n elementScript: '/auth/result.js',\n data: {\n message: t('text.account is reactivated'),\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n})\n"]}
|
|
1
|
+
{"version":3,"file":"auth-public-process-router.js","sourceRoot":"","sources":["../../server/router/auth-public-process-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAC/B,qCAA+B;AAE/B,6CAA4C;AAC5C,iDAAsE;AAEtE,0DAAiE;AACjE,kEAAqF;AACrF,4DAAuD;AACvD,8DAA6E;AAC7E,+CAA2C;AAC3C,8CAA0C;AAC1C,sEAAqE;AAErE,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AACrD,MAAM,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI;IAC7C,SAAS,EAAE,IAAI;IACf,SAAS,EAAE,IAAI;IACf,KAAK,EAAE,IAAI;IACX,gBAAgB,EAAE,IAAI;IACtB,WAAW,EAAE,KAAK;IAClB,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,KAAK;IACtB,oBAAoB,EAAE,CAAC;IACvB,oBAAoB,EAAE,EAAE;CACzB,CAAA;AAEY,QAAA,uBAAuB,GAAG,IAAI,oBAAM,CAAC;IAChD,MAAM,EAAE,OAAO;CAChB,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5D,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAA;IAE/C,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IAEtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,IAAI,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAC9B,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC,EAAE;YACjC,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,CAAC,QAAQ,CAAC,yBAAyB,QAAQ,EAAE,CAAC,CAAA;IACvD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,QAAQ,CAAC,yBAAyB,QAAQ,EAAE,CAAC,CAAA;IACvD,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC9D,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;IAE/B,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,2BAA2B,CAAC,CAAA;IAE7C,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,OAAO,CAAC,QAAQ,CAAC,IAAA,uBAAe,EAAC,OAAO,CAAC,CAAC,CAAA;IAC5C,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,iBAAiB;QAC9B,aAAa,EAAE,0BAA0B;QACzC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACrE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,gBAAgB;QAC7B,aAAa,EAAE,yBAAyB;QACxC,IAAI,EAAE;YACJ,KAAK;YACL,YAAY;YACZ,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAClE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAA;IAEvC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,aAAa;QAC1B,aAAa,EAAE,sBAAsB;QACrC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAEhC,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,eAAe;QAC5B,aAAa,EAAE,mBAAmB;QAClC,IAAI,EAAE;YACJ,KAAK;YACL,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACpE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,IAAI,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAA;IAEhC,MAAM,IAAA,qBAAM,EAAC,KAAK,CAAC,CAAA;IAEnB,IAAI,OAAO,GAAG,CAAC,CAAC,kCAAkC,CAAC,CAAA;IAEnD,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IAEtB,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,aAAa;YAC1B,aAAa,EAAE,iBAAiB;YAChC,IAAI,EAAE;gBACJ,OAAO;gBACP,wBAAwB;gBACxB,0BAA0B;gBAC1B,SAAS;aACV;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACjF,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEtC,IAAI,OAAO,GAAG,MAAM,IAAA,sCAAuB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAA;IAC3D,IAAI,OAAO,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;IAE/C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IACxB,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/E,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEvD,IAAI,OAAO,GAAG,MAAM,IAAA,kCAAqB,EACvC;QACE,KAAK;QACL,SAAS;QACT,IAAI;KACL,EACD,OAAO,CACR,CAAA;IAED,IAAI,OAAO,GAAG,CAAC,CAAC,4BAA4B,CAAC,CAAA;IAE7C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;IACxB,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACvE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEtC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,EAAE,CAAA;IAEzB,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAA;IACpC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE;YACL,KAAK;SACN;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GAAG,MAAM,IAAA,uCAAsB,EAAC;QAC3C,IAAI;QACJ,OAAO;KACR,CAAC,CAAA;IAEF,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,gCAAgC,CAAC,CAAA;IACpD,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEhD,IAAI,CAAC;QACH,IAAI,CAAC,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,CAAC;YACzB,IAAI,OAAO,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;YAErD,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;YACpB,OAAO,CAAC,IAAI,GAAG;gBACb,OAAO;aACR,CAAA;YAED,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;gBACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBAChC,WAAW,EAAE,gBAAgB;oBAC7B,aAAa,EAAE,yBAAyB;oBACxC,IAAI,EAAE;wBACJ,KAAK;wBACL,OAAO;wBACP,YAAY;wBACZ,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS;qBACV;iBACF,CAAC,CAAA;YACJ,CAAC;YAED,OAAM;QACR,CAAC;QAED,MAAM,IAAA,8BAAa,EAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAA;QAE7C,IAAI,OAAO,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;QACrD,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;QAEtB,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;QAE/B,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,aAAa;gBAC1B,aAAa,EAAE,iBAAiB;gBAChC,IAAI,EAAE;oBACJ,OAAO;oBACP,wBAAwB;oBACxB,0BAA0B;oBAC1B,SAAS;iBACV;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,OAAO,CAAA;QAExB,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,gBAAgB;gBAC7B,aAAa,EAAE,yBAAyB;gBACxC,IAAI,EAAE;oBACJ,KAAK;oBACL,OAAO,EAAE,CAAC,CAAC,OAAO;oBAClB,YAAY;oBACZ,wBAAwB;oBACxB,0BAA0B;oBAC1B,SAAS;iBACV;aACF,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,+BAAuB,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACnE,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC7B,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEhD,IAAI,CAAC,CAAC,KAAK,IAAI,QAAQ,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;QAEtD,OAAM;IACR,CAAC;IAED,IAAI,OAAO,GAAG,MAAM,IAAA,wBAAU,EAAC,KAAK,EAAE,QAAQ,CAAC,CAAA;IAE/C,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;QAE/C,IAAA,4CAAsB,EAAC,OAAO,CAAC,CAAA;IACjC,CAAC;IAED,IAAI,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACjD,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;YAChC,WAAW,EAAE,aAAa;YAC1B,aAAa,EAAE,iBAAiB;YAChC,IAAI,EAAE;gBACJ,OAAO,EAAE,CAAC,CAAC,6BAA6B,CAAC;gBACzC,wBAAwB;gBACxB,0BAA0B;gBAC1B,SAAS;aACV;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA","sourcesContent":["import Router from 'koa-router'\nimport { ILike } from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { getRepository, getSiteRootPath } from '@things-factory/shell'\n\nimport { resendInvitationEmail } from '../controllers/invitation'\nimport { resetPassword, sendPasswordResetEmail } from '../controllers/reset-password'\nimport { unlockUser } from '../controllers/unlock-user'\nimport { resendVerificationEmail, verify } from '../controllers/verification'\nimport { User } from '../service/user/user'\nimport { accepts } from '../utils/accepts'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie'\n\nconst disableUserSignupProcess = config.get('disableUserSignupProcess', false)\nconst disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)\nconst languages = config.get('i18n/languages', false)\nconst passwordRule = config.get('password') || {\n lowerCase: true,\n upperCase: true,\n digit: true,\n specialCharacter: true,\n allowRepeat: false,\n useTightPattern: true,\n useLoosePattern: false,\n tightCharacterLength: 8,\n looseCharacterLength: 15\n}\n\nexport const authPublicProcessRouter = new Router({\n prefix: '/auth'\n})\n\nauthPublicProcessRouter.post('/join', async (context, next) => {\n const { username } = context.request.body || {}\n\n const repository = getRepository(User)\n\n var user = await repository.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!user && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: { email: ILike(username) },\n relations: ['domains']\n })\n }\n\n if (user) {\n context.redirect(`/auth/signin?username=${username}`)\n } else {\n context.redirect(`/auth/signup?username=${username}`)\n }\n})\n\nauthPublicProcessRouter.all('/signout', async (context, next) => {\n const { header, t } = context\n clearAccessTokenCookie(context)\n\n context.body = t('text.signout successfully')\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n context.redirect(getSiteRootPath(context))\n }\n})\n\nauthPublicProcessRouter.get('/forgot-password', async (context, next) => {\n const { email } = context.request.query\n\n await context.render('auth-page', {\n pageElement: 'forgot-password',\n elementScript: '/auth/forgot-password.js',\n data: {\n email,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n})\n\nauthPublicProcessRouter.get('/reset-password', async (context, next) => {\n const { token } = context.request.query\n\n await context.render('auth-page', {\n pageElement: 'reset-password',\n elementScript: '/auth/reset-password.js',\n data: {\n token,\n passwordRule,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n})\n\nauthPublicProcessRouter.get('/unlock-user', async (context, next) => {\n const { token } = context.request.query\n\n await context.render('auth-page', {\n pageElement: 'unlock-user',\n elementScript: '/auth/unlock-user.js',\n data: {\n token,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n})\n\nauthPublicProcessRouter.get('/activate/:email', async (context, next) => {\n const { email } = context.params\n\n await context.render('auth-page', {\n pageElement: 'auth-activate',\n elementScript: '/auth/activate.js',\n data: {\n email,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n})\n\nauthPublicProcessRouter.get('/verify/:token', async (context, next) => {\n const { header, t } = context\n var token = context.params.token\n\n await verify(token)\n\n var message = t('text.user activated successfully')\n\n context.body = message\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n await context.render('auth-page', {\n pageElement: 'auth-result',\n elementScript: '/auth/result.js',\n data: {\n message,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n})\n\nauthPublicProcessRouter.post('/resend-verification-email', async (context, next) => {\n const { t } = context\n const { email } = context.request.body\n\n var succeed = await resendVerificationEmail(email, context)\n var message = t('text.verification email sent')\n\n if (succeed) {\n context.status = 200\n context.body = message\n }\n})\n\nauthPublicProcessRouter.post('/resend-invitation-email', async (context, next) => {\n const { t } = context\n const { email, reference, type } = context.request.body\n\n var succeed = await resendInvitationEmail(\n {\n email,\n reference,\n type\n },\n context\n )\n\n var message = t('text.invitation email sent')\n\n if (succeed) {\n context.status = 200\n context.body = message\n }\n})\n\nauthPublicProcessRouter.post('/forgot-password', async (context, next) => {\n const { t } = context\n const { email } = context.request.body\n\n if (!email) return next()\n\n const userRepo = getRepository(User)\n const user = await userRepo.findOne({\n where: {\n email\n }\n })\n\n const succeed = await sendPasswordResetEmail({\n user,\n context\n })\n\n if (succeed) {\n context.status = 200\n context.body = t('text.password reset email sent')\n }\n})\n\nauthPublicProcessRouter.post('/reset-password', async (context, next) => {\n const { header, t } = context\n const { password, token } = context.request.body\n\n try {\n if (!(token && password)) {\n let message = t('error.token or password is invalid')\n\n context.status = 404\n context.body = {\n message\n }\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n await context.render('auth-page', {\n pageElement: 'reset-password',\n elementScript: '/auth/reset-password.js',\n data: {\n token,\n message,\n passwordRule,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n\n return\n }\n\n await resetPassword(token, password, context)\n\n var message = t('text.password changed successfully')\n context.body = message\n\n clearAccessTokenCookie(context)\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n await context.render('auth-page', {\n pageElement: 'auth-result',\n elementScript: '/auth/result.js',\n data: {\n message,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n } catch (e) {\n context.status = 404\n context.body = e.message\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n await context.render('auth-page', {\n pageElement: 'reset-password',\n elementScript: '/auth/reset-password.js',\n data: {\n token,\n message: e.message,\n passwordRule,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n }\n})\n\nauthPublicProcessRouter.post('/unlock-user', async (context, next) => {\n const { header, t } = context\n const { password, token } = context.request.body\n\n if (!(token || password)) {\n context.status = 404\n context.body = t('error.token or password is invalid')\n\n return\n }\n\n var succeed = await unlockUser(token, password)\n\n if (succeed) {\n context.body = t('text.password reset succeed')\n\n clearAccessTokenCookie(context)\n }\n\n if (accepts(header.accept, ['text/html', '*/*'])) {\n await context.render('auth-page', {\n pageElement: 'auth-result',\n elementScript: '/auth/result.js',\n data: {\n message: t('text.account is reactivated'),\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n})\n"]}
|
|
@@ -24,12 +24,12 @@ exports.authSigninRouter.get('/auth/signin', async (ctx, next) => {
|
|
|
24
24
|
}
|
|
25
25
|
await next();
|
|
26
26
|
}, async (context, next) => {
|
|
27
|
-
const { redirect_to,
|
|
27
|
+
const { redirect_to, username } = context.query;
|
|
28
28
|
await context.render('auth-page', {
|
|
29
29
|
pageElement: 'auth-signin',
|
|
30
30
|
elementScript: '/auth/signin.js',
|
|
31
31
|
data: {
|
|
32
|
-
|
|
32
|
+
username,
|
|
33
33
|
redirectTo: redirect_to,
|
|
34
34
|
ssoLinks: SSOLinks,
|
|
35
35
|
disableUserSignupProcess,
|
|
@@ -38,9 +38,15 @@ exports.authSigninRouter.get('/auth/signin', async (ctx, next) => {
|
|
|
38
38
|
}
|
|
39
39
|
});
|
|
40
40
|
});
|
|
41
|
-
exports.authSigninRouter.post('/auth/signin',
|
|
41
|
+
exports.authSigninRouter.post('/auth/signin', async (ctx, next) => {
|
|
42
|
+
/* For backward compatibility, cover the case of logging in with email instead of username */
|
|
43
|
+
if (!ctx.request.body.username && ctx.request.body.email) {
|
|
44
|
+
ctx.request.body.username = ctx.request.body.email;
|
|
45
|
+
}
|
|
46
|
+
await next();
|
|
47
|
+
}, middlewares_1.signinMiddleware, async (context, next) => {
|
|
42
48
|
const { request, t } = context;
|
|
43
|
-
const { token,
|
|
49
|
+
const { token, domain } = context.state;
|
|
44
50
|
const { body: reqBody, header } = request;
|
|
45
51
|
if (!(0, accepts_1.accepts)(header.accept, ['text/html', '*/*'])) {
|
|
46
52
|
context.body = token;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth-signin-router.js","sourceRoot":"","sources":["../../server/router/auth-signin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,gDAAiD;AACjD,8CAA0C;AAC1C,sEAAmE;AAEnE,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AAErD,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,KAAK,EAAE,EAAS,CAAC,CAAA;AAC9C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC;KACtC,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC;KAC1C,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;IACvB,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAA;AACxB,CAAC,CAAC,CAAA;AAES,QAAA,gBAAgB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE5C,wBAAgB,CAAC,GAAG,CAClB,cAAc,EACd,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAClB,4FAA4F;IAC5F,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACzD,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAA;IACpD,CAAC;IACD,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,EACD,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtB,MAAM,EAAE,WAAW,EAAE,
|
|
1
|
+
{"version":3,"file":"auth-signin-router.js","sourceRoot":"","sources":["../../server/router/auth-signin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,gDAAiD;AACjD,8CAA0C;AAC1C,sEAAmE;AAEnE,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AAErD,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,KAAK,EAAE,EAAS,CAAC,CAAA;AAC9C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC;KACtC,MAAM,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC;KAC1C,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;IACvB,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAA;AACxB,CAAC,CAAC,CAAA;AAES,QAAA,gBAAgB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE5C,wBAAgB,CAAC,GAAG,CAClB,cAAc,EACd,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAClB,4FAA4F;IAC5F,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACzD,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAA;IACpD,CAAC;IACD,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,EACD,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtB,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAE/C,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;QAChC,WAAW,EAAE,aAAa;QAC1B,aAAa,EAAE,iBAAiB;QAChC,IAAI,EAAE;YACJ,QAAQ;YACR,UAAU,EAAE,WAAW;YACvB,QAAQ,EAAE,QAAQ;YAClB,wBAAwB;YACxB,0BAA0B;YAC1B,SAAS;SACV;KACF,CAAC,CAAA;AACJ,CAAC,CACF,CAAA;AAED,wBAAgB,CAAC,IAAI,CACnB,cAAc,EACd,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAClB,6FAA6F;IAC7F,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QACzD,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAA;IACpD,CAAC;IACD,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,EACD,8BAAgB,EAChB,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtB,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IACvC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAA;IAEzC,IAAI,CAAC,IAAA,iBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QAClD,OAAO,CAAC,IAAI,GAAG,KAAK,CAAA;QACpB,OAAM;IACR,CAAC;IAED,IAAI,UAAU,GAAG,gBAAgB,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,kBAAkB,CACrG,OAAO,CAAC,UAAU,IAAI,GAAG,CAC1B,EAAE,CAAA;IAEH,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAEpC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;AAC9B,CAAC,CACF,CAAA","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { signinMiddleware } from '../middlewares'\nimport { accepts } from '../utils/accepts'\nimport { setAccessTokenCookie } from '../utils/access-token-cookie'\n\nconst disableUserSignupProcess = config.get('disableUserSignupProcess', false)\nconst disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)\nconst languages = config.get('i18n/languages', false)\n\nconst SSOConfig = config.get('sso', {} as any)\nconst SSOLinks = Object.values(SSOConfig)\n .filter(({ link, title }) => link && title)\n .map(({ link, title }) => {\n return { link, title }\n })\n\nexport const authSigninRouter = new Router()\n\nauthSigninRouter.get(\n '/auth/signin',\n async (ctx, next) => {\n /* For forward compatibility, cover the case of logging in with username instead of email */\n if (!ctx.request.body.email && ctx.request.body.username) {\n ctx.request.body.email = ctx.request.body.username\n }\n await next()\n },\n async (context, next) => {\n const { redirect_to, username } = context.query\n\n await context.render('auth-page', {\n pageElement: 'auth-signin',\n elementScript: '/auth/signin.js',\n data: {\n username,\n redirectTo: redirect_to,\n ssoLinks: SSOLinks,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n)\n\nauthSigninRouter.post(\n '/auth/signin',\n async (ctx, next) => {\n /* For backward compatibility, cover the case of logging in with email instead of username */\n if (!ctx.request.body.username && ctx.request.body.email) {\n ctx.request.body.username = ctx.request.body.email\n }\n await next()\n },\n signinMiddleware,\n async (context, next) => {\n const { request, t } = context\n const { token, domain } = context.state\n const { body: reqBody, header } = request\n\n if (!accepts(header.accept, ['text/html', '*/*'])) {\n context.body = token\n return\n }\n\n var redirectTo = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(\n reqBody.redirectTo || '/'\n )}`\n\n setAccessTokenCookie(context, token)\n\n context.redirect(redirectTo)\n }\n)\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webauthn-router.js","sourceRoot":"","sources":["../../server/router/webauthn-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAC/B,iDAAqD;AACrD,6CAAgD;AAEhD,mDAAmG;AAEnG,4FAAsF;
|
|
1
|
+
{"version":3,"file":"webauthn-router.js","sourceRoot":"","sources":["../../server/router/webauthn-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAC/B,iDAAqD;AACrD,6CAAgD;AAEhD,mDAAmG;AAEnG,4FAAsF;AACtF,sEAAmE;AACnE,4EAA6E;AAEhE,QAAA,0BAA0B,GAAG,IAAI,oBAAM,EAAE,CAAA;AACzC,QAAA,2BAA2B,GAAG,IAAI,oBAAM,EAAE,CAAA;AAEvD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,gBAAiB,CAAA;AAE1C,mCAA2B,CAAC,GAAG,CAAC,mCAAmC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC3F,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAA;IAE7B,MAAM,kBAAkB,GAAG,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,IAAI,CAAC;QACrE,KAAK,EAAE;YACL,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;SACtB;KACF,CAAC,CAAA;IAEF,MAAM,OAAO,GAA2C,MAAM,IAAA,oCAA2B,EAAC;QACxF,MAAM;QACN,IAAI;QACJ,QAAQ,EAAE,IAAI,CAAC,KAAK;QACpB,eAAe,EAAE,IAAI,CAAC,IAAI;QAC1B,wEAAwE;QACxE,gCAAgC;QAChC,eAAe,EAAE,MAAM;QACvB,4DAA4D;QAC5D,kBAAkB,EAAE,kBAAkB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;YACxD,EAAE,EAAE,UAAU,CAAC,YAAY;YAC3B,WAAW;YACX,oCAAoC;SACrC,CAAC,CAAC;QACH,sBAAsB,EAAE;YACtB,WAAW;YACX,WAAW,EAAE,WAAW;YACxB,gBAAgB,EAAE,WAAW;YAC7B,WAAW;YACX,uBAAuB,EAAE,UAAU;SACpC;KACF,CAAC,CAAA;IAEF,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAC7C,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,mCAA2B,CAAC,IAAI,CAAC,2BAA2B,EAAE,IAAA,8CAAwB,EAAC,mBAAmB,CAAC,CAAC,CAAA;AAE5G,kCAA0B,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACxF,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAA;IAE7B,MAAM,OAAO,GAAG,MAAM,IAAA,sCAA6B,EAAC;QAClD,IAAI;QACJ,gBAAgB,EAAE,WAAW;KAC9B,CAAC,CAAA;IAEF,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAC7C,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,kCAA0B,CAAC,IAAI,CAC7B,uBAAuB,EACvB,IAAA,8CAAwB,EAAC,gBAAgB,CAAC,EAC1C,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACtB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IACtC,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC3B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAEjC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC,CAAA;IAC/D,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAEpC,IAAI,WAAW,GAAG,gBAAgB,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,kBAAkB,CAAC,OAAO,CAAC,UAAU,IAAI,GAAG,CAAC,EAAE,CAAA;IAErI,yGAAyG;IACzG,OAAO,CAAC,IAAI,GAAG,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAA;IAE9C,MAAM,IAAI,EAAE,CAAA;AACd,CAAC,CACF,CAAA","sourcesContent":["import Router from 'koa-router'\nimport { getRepository } from '@things-factory/shell'\nimport { appPackage } from '@things-factory/env'\n\nimport { generateRegistrationOptions, generateAuthenticationOptions } from '@simplewebauthn/server'\n\nimport { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'\nimport { setAccessTokenCookie } from '../utils/access-token-cookie'\nimport { createWebAuthnMiddleware } from '../middlewares/webauthn-middleware'\n\nexport const webAuthnGlobalPublicRouter = new Router()\nexport const webAuthnGlobalPrivateRouter = new Router()\n\nconst { name: rpName } = appPackage as any\n\nwebAuthnGlobalPrivateRouter.get('/auth/register-webauthn/challenge', async (context, next) => {\n const { user } = context.state\n const rpID = context.hostname\n\n const webAuthCredentials = await getRepository(WebAuthCredential).find({\n where: {\n user: { id: user.id }\n }\n })\n\n const options: PublicKeyCredentialCreationOptionsJSON = await generateRegistrationOptions({\n rpName,\n rpID,\n userName: user.email,\n userDisplayName: user.name,\n // Don't prompt users for additional information about the authenticator\n // (Recommended for smoother UX)\n attestationType: 'none',\n // Prevent users from re-registering existing authenticators\n excludeCredentials: webAuthCredentials.map(credential => ({\n id: credential.credentialId\n // Optional\n // transports: credential.transports\n })),\n authenticatorSelection: {\n // Defaults\n residentKey: 'preferred',\n userVerification: 'preferred',\n // Optional\n authenticatorAttachment: 'platform'\n }\n })\n\n context.session.challenge = options.challenge\n context.body = options\n})\n\nwebAuthnGlobalPrivateRouter.post('/auth/verify-registration', createWebAuthnMiddleware('webauthn-register'))\n\nwebAuthnGlobalPublicRouter.get('/auth/signin-webauthn/challenge', async (context, next) => {\n const rpID = context.hostname\n\n const options = await generateAuthenticationOptions({\n rpID,\n userVerification: 'preferred'\n })\n\n context.session.challenge = options.challenge\n context.body = options\n})\n\nwebAuthnGlobalPublicRouter.post(\n '/auth/signin-webauthn',\n createWebAuthnMiddleware('webauthn-login'),\n async (context, next) => {\n const { domain, user } = context.state\n const { request } = context\n const { body: reqBody } = request\n\n const token = await user.sign({ subdomain: domain?.subdomain })\n setAccessTokenCookie(context, token)\n\n var redirectURL = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(reqBody.redirectTo || '/')}`\n\n /* 2단계 인터렉션 때문에 브라우저에서 fetch(...)로 진행될 것이므로, redirect(3xx) 응답으로 처리할 수 없다. 따라서, 데이타로 redirectURL를 응답한다. */\n context.body = { redirectURL, verified: true }\n\n await next()\n }\n)\n"]}
|
package/dist-server/routes.js
CHANGED
|
@@ -4,7 +4,7 @@ const env_1 = require("@things-factory/env");
|
|
|
4
4
|
const middlewares_1 = require("./middlewares");
|
|
5
5
|
const router_1 = require("./router");
|
|
6
6
|
const access_token_cookie_1 = require("./utils/access-token-cookie");
|
|
7
|
-
const isPathBaseDomain = !env_1.config.get('subdomain')
|
|
7
|
+
const isPathBaseDomain = !env_1.config.get('subdomain');
|
|
8
8
|
process.on('bootstrap-module-global-public-route', (app, globalPublicRouter) => {
|
|
9
9
|
globalPublicRouter.use(router_1.siteRootRouter.routes(), router_1.siteRootRouter.allowedMethods());
|
|
10
10
|
globalPublicRouter.use(router_1.authPublicProcessRouter.routes(), router_1.authPublicProcessRouter.allowedMethods());
|
|
@@ -41,7 +41,7 @@ process.on('bootstrap-module-domain-private-route', (app, domainPrivateRouter) =
|
|
|
41
41
|
// pathBaseDomainRouter는 history-fallback의 경우에 인증 처리를 하기 위한 라우터이다.
|
|
42
42
|
// (보통, URL 링크등을 통해서 domain path URL로 바로 요청하는 경우에 해당한다.)
|
|
43
43
|
// pathBaseDomainRouter는 domain path를 domain-private-router를 사용하는 것을 전제로 한다.
|
|
44
|
-
domainPrivateRouter.use('
|
|
44
|
+
domainPrivateRouter.use('/:domainType/:domain/oauth', router_1.oauth2AuthorizeRouter.routes(), router_1.oauth2AuthorizeRouter.allowedMethods());
|
|
45
45
|
domainPrivateRouter.use('/domain', router_1.pathBaseDomainRouter.routes(), router_1.pathBaseDomainRouter.allowedMethods());
|
|
46
46
|
}
|
|
47
47
|
// Client Routing : path 확장자가 없는 경우는 대부분 client 라우팅에 해당한다.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"routes.js","sourceRoot":"","sources":["../server/routes.ts"],"names":[],"mappings":";;AAAA,6CAA4C;AAE5C,+CAAuF;AACvF,qCAYiB;AAEjB,qEAAkE;AAElE,MAAM,gBAAgB,GAAG,CAAC,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,
|
|
1
|
+
{"version":3,"file":"routes.js","sourceRoot":"","sources":["../server/routes.ts"],"names":[],"mappings":";;AAAA,6CAA4C;AAE5C,+CAAuF;AACvF,qCAYiB;AAEjB,qEAAkE;AAElE,MAAM,gBAAgB,GAAG,CAAC,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;AAEjD,OAAO,CAAC,EAAE,CAAC,sCAA6C,EAAE,CAAC,GAAG,EAAE,kBAAkB,EAAE,EAAE;IACpF,kBAAkB,CAAC,GAAG,CAAC,uBAAc,CAAC,MAAM,EAAE,EAAE,uBAAc,CAAC,cAAc,EAAE,CAAC,CAAA;IAChF,kBAAkB,CAAC,GAAG,CAAC,gCAAuB,CAAC,MAAM,EAAE,EAAE,gCAAuB,CAAC,cAAc,EAAE,CAAC,CAAA;IAElG,yDAAyD;IACzD,IAAI,GAAG,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,yBAAgB,CAAC,GAAG,CAAC,kBAAkB,EAAE,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,KAAK,EAAC,OAAO,EAAC,EAAE;YAC9E,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;YAE9B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,CAAA;YAC/B,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;YAEpC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAA;QACnC,CAAC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,OAAO,CAAC,EAAE,CAAC,uCAA8C,EAAE,CAAC,GAAG,EAAE,mBAAmB,EAAE,EAAE;IACtF,mBAAmB,CAAC,GAAG,CAAC,uCAAyB,CAAC,CAAA;IAElD,8CAA8C;IAC9C,mBAAmB,CAAC,GAAG,CAAC,0BAAiB,CAAC,MAAM,EAAE,EAAE,0BAAiB,CAAC,cAAc,EAAE,CAAC,CAAA;IACvF,mBAAmB,CAAC,GAAG,CAAC,iCAAwB,CAAC,MAAM,EAAE,EAAE,iCAAwB,CAAC,cAAc,EAAE,CAAC,CAAA;IACrG,mBAAmB,CAAC,GAAG,CAAC,oCAA2B,CAAC,MAAM,EAAE,EAAE,oCAA2B,CAAC,cAAc,EAAE,CAAC,CAAA;AAC7G,CAAC,CAAC,CAAA;AAEF,OAAO,CAAC,EAAE,CAAC,sCAA6C,EAAE,CAAC,GAAG,EAAE,kBAAkB,EAAE,EAAE;IACpF,6CAA6C;IAC7C,kBAAkB,CAAC,GAAG,CAAC,yBAAgB,CAAC,MAAM,EAAE,EAAE,yBAAgB,CAAC,cAAc,EAAE,CAAC,CAAA;IACpF,kBAAkB,CAAC,GAAG,CAAC,yBAAgB,CAAC,MAAM,EAAE,EAAE,yBAAgB,CAAC,cAAc,EAAE,CAAC,CAAA;IACpF,kBAAkB,CAAC,GAAG,CAAC,mCAA0B,CAAC,MAAM,EAAE,EAAE,mCAA0B,CAAC,cAAc,EAAE,CAAC,CAAA;IAExG,oGAAoG;IACpG,kBAAkB,CAAC,GAAG,CAAC,QAAQ,EAAE,qBAAY,CAAC,MAAM,EAAE,EAAE,qBAAY,CAAC,cAAc,EAAE,CAAC,CAAA,CAAC,mBAAmB;AAC5G,CAAC,CAAC,CAAA;AAEF,OAAO,CAAC,EAAE,CAAC,uCAA8C,EAAE,CAAC,GAAG,EAAE,mBAAmB,EAAE,EAAE;IACtF,mBAAmB,CAAC,GAAG,CAAC,uCAAyB,CAAC,CAAA;IAClD,mBAAmB,CAAC,GAAG,CAAC,0CAA4B,CAAC,CAAA;IAErD,8CAA8C;IAC9C,IAAI,gBAAgB,EAAE,CAAC;QACrB,kEAAkE;QAClE,wDAAwD;QACxD,4EAA4E;QAC5E,mBAAmB,CAAC,GAAG,CACrB,4BAA4B,EAC5B,8BAAqB,CAAC,MAAM,EAAE,EAC9B,8BAAqB,CAAC,cAAc,EAAE,CACvC,CAAA;QACD,mBAAmB,CAAC,GAAG,CAAC,SAAS,EAAE,6BAAoB,CAAC,MAAM,EAAE,EAAE,6BAAoB,CAAC,cAAc,EAAE,CAAC,CAAA;IAC1G,CAAC;IAED,0DAA0D;IAC1D,4EAA4E;IAC5E,gDAAgD;IAChD,iDAAiD;IACjD,sFAAsF;IACtF,qEAAqE;IACrE,mBAAmB,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QAC1D,MAAM,IAAI,EAAE,CAAA;IACd,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA","sourcesContent":["import { config } from '@things-factory/env'\n\nimport { domainAuthenticateMiddleware, jwtAuthenticateMiddleware } from './middlewares'\nimport {\n authCheckinRouter,\n authPrivateProcessRouter,\n authPublicProcessRouter,\n authSigninRouter,\n authSignupRouter,\n oauth2AuthorizeRouter,\n oauth2Router,\n pathBaseDomainRouter,\n siteRootRouter,\n webAuthnGlobalPublicRouter,\n webAuthnGlobalPrivateRouter\n} from './router'\n\nimport { setAccessTokenCookie } from './utils/access-token-cookie'\n\nconst isPathBaseDomain = !config.get('subdomain')\n\nprocess.on('bootstrap-module-global-public-route' as any, (app, globalPublicRouter) => {\n globalPublicRouter.use(siteRootRouter.routes(), siteRootRouter.allowedMethods())\n globalPublicRouter.use(authPublicProcessRouter.routes(), authPublicProcessRouter.allowedMethods())\n\n /* ssoMiddleware가 정의되어있다면, /auth/sso-signin 패스를 활성화한다. */\n if (app.ssoMiddlewares.length > 0) {\n authSigninRouter.get('/auth/sso-signin', app.ssoMiddlewares[0], async context => {\n const { user } = context.state\n\n const token = await user.sign()\n setAccessTokenCookie(context, token)\n\n context.redirect('/auth/checkin')\n })\n }\n})\n\nprocess.on('bootstrap-module-global-private-route' as any, (app, globalPrivateRouter) => {\n globalPrivateRouter.use(jwtAuthenticateMiddleware)\n\n /* globalPrivateRouter based nested-routers */\n globalPrivateRouter.use(authCheckinRouter.routes(), authCheckinRouter.allowedMethods())\n globalPrivateRouter.use(authPrivateProcessRouter.routes(), authPrivateProcessRouter.allowedMethods())\n globalPrivateRouter.use(webAuthnGlobalPrivateRouter.routes(), webAuthnGlobalPrivateRouter.allowedMethods())\n})\n\nprocess.on('bootstrap-module-domain-public-route' as any, (app, domainPublicRouter) => {\n /* domainPublicRouter based nested-routers */\n domainPublicRouter.use(authSigninRouter.routes(), authSigninRouter.allowedMethods())\n domainPublicRouter.use(authSignupRouter.routes(), authSignupRouter.allowedMethods())\n domainPublicRouter.use(webAuthnGlobalPublicRouter.routes(), webAuthnGlobalPublicRouter.allowedMethods())\n\n /* path '/admin/oauth/...' is deprecated. should use path '/oauth/...' for oauth2 related routing */\n domainPublicRouter.use('/oauth', oauth2Router.routes(), oauth2Router.allowedMethods()) // if i use context\n})\n\nprocess.on('bootstrap-module-domain-private-route' as any, (app, domainPrivateRouter) => {\n domainPrivateRouter.use(jwtAuthenticateMiddleware)\n domainPrivateRouter.use(domainAuthenticateMiddleware)\n\n /* domainPrivateRouter based nested-routers */\n if (isPathBaseDomain) {\n // pathBaseDomainRouter는 history-fallback의 경우에 인증 처리를 하기 위한 라우터이다.\n // (보통, URL 링크등을 통해서 domain path URL로 바로 요청하는 경우에 해당한다.)\n // pathBaseDomainRouter는 domain path를 domain-private-router를 사용하는 것을 전제로 한다.\n domainPrivateRouter.use(\n '/:domainType/:domain/oauth',\n oauth2AuthorizeRouter.routes(),\n oauth2AuthorizeRouter.allowedMethods()\n )\n domainPrivateRouter.use('/domain', pathBaseDomainRouter.routes(), pathBaseDomainRouter.allowedMethods())\n }\n\n // Client Routing : path 확장자가 없는 경우는 대부분 client 라우팅에 해당한다.\n // 즉, browser-history-fallback 으로 index.html을 send 하는 경우에, 사용자 로그인이 필요한 경우에,\n // 화면깜박임없이 signin page로 redirect 하고자하는 목적의 설정이다.\n // domain-private 라우트를 통과하고 싶지 않다면, regexp를 조정한다.\n // '(.[^.]+)' 은 '', '/'는 제외하고, '/xxx', '/yyy/zzz' 등 모두를 포함하지만, path에 '.'가 있는 경우는 제외한다.\n // (테스트는 여기서 : http://forbeslindesay.github.io/express-route-tester/)\n domainPrivateRouter.get('(.[^.]+)', async (context, next) => {\n await next()\n })\n})\n"]}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { User } from '../../service/user/user';
|
|
1
2
|
import { Invitation } from './invitation';
|
|
2
3
|
export declare class InvitationMutation {
|
|
3
4
|
cancelInvitation(email: string, reference: string, type: string): Promise<boolean>;
|
|
@@ -5,12 +6,12 @@ export declare class InvitationMutation {
|
|
|
5
6
|
email: string;
|
|
6
7
|
reference: string;
|
|
7
8
|
type: string;
|
|
8
|
-
|
|
9
|
-
updater: import("..").User;
|
|
9
|
+
updater: User;
|
|
10
10
|
id: string;
|
|
11
11
|
token: string;
|
|
12
12
|
createdAt: Date;
|
|
13
13
|
updatedAt: Date;
|
|
14
|
+
creator: User;
|
|
14
15
|
creatorId: string;
|
|
15
16
|
updaterId: string;
|
|
16
17
|
} & Invitation>;
|
|
@@ -2,9 +2,11 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.InvitationMutation = void 0;
|
|
4
4
|
const tslib_1 = require("tslib");
|
|
5
|
+
const typeorm_1 = require("typeorm");
|
|
5
6
|
const type_graphql_1 = require("type-graphql");
|
|
6
7
|
const graphql_scalars_1 = require("graphql-scalars");
|
|
7
8
|
const shell_1 = require("@things-factory/shell");
|
|
9
|
+
const user_1 = require("../../service/user/user");
|
|
8
10
|
const invitation_1 = require("../../controllers/invitation");
|
|
9
11
|
const invitation_2 = require("./invitation");
|
|
10
12
|
let InvitationMutation = class InvitationMutation {
|
|
@@ -18,26 +20,36 @@ let InvitationMutation = class InvitationMutation {
|
|
|
18
20
|
return true;
|
|
19
21
|
}
|
|
20
22
|
async sendInvitation(email, reference, type, context) {
|
|
21
|
-
const
|
|
22
|
-
const
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
23
|
+
const { user: updater } = context.state;
|
|
24
|
+
const invitationRepository = (0, shell_1.getRepository)(invitation_2.Invitation);
|
|
25
|
+
var user = await (0, shell_1.getRepository)(user_1.User).findOne({
|
|
26
|
+
where: {
|
|
27
|
+
email: (0, typeorm_1.ILike)(email),
|
|
28
|
+
status: user_1.UserStatus.ACTIVATED
|
|
29
|
+
}
|
|
26
30
|
});
|
|
27
|
-
|
|
31
|
+
if (!user) {
|
|
32
|
+
throw new Error(`user not found: ${email}`);
|
|
33
|
+
}
|
|
28
34
|
await (0, invitation_1.sendInvitationEmail)({
|
|
29
35
|
invitation: {
|
|
30
36
|
email,
|
|
31
37
|
reference,
|
|
32
38
|
type
|
|
33
39
|
},
|
|
40
|
+
user,
|
|
34
41
|
context
|
|
35
42
|
});
|
|
43
|
+
const oldone = await invitationRepository.findOneBy({
|
|
44
|
+
email,
|
|
45
|
+
type,
|
|
46
|
+
reference
|
|
47
|
+
});
|
|
36
48
|
// update or create
|
|
37
|
-
return await
|
|
49
|
+
return await invitationRepository.save(Object.assign(Object.assign({ creator: updater }, oldone), { // take only id from oldone for update
|
|
38
50
|
email,
|
|
39
51
|
reference,
|
|
40
|
-
type,
|
|
52
|
+
type, updater: updater }));
|
|
41
53
|
}
|
|
42
54
|
};
|
|
43
55
|
exports.InvitationMutation = InvitationMutation;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"invitation-mutation.js","sourceRoot":"","sources":["../../../server/service/invitation/invitation-mutation.ts"],"names":[],"mappings":";;;;AAAA,+CAA2D;AAC3D,qDAAqD;AAErD,iDAAqD;AAErD,6DAAkE;AAClE,6CAAyC;AAGlC,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAEvB,AAAN,KAAK,CAAC,gBAAgB,CACuB,KAAa,EACtC,SAAiB,EACtB,IAAY;QAEzB,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAA;QAE5C,MAAM,UAAU,CAAC,MAAM,CAAC;YACtB,KAAK;YACL,SAAS;YACT,IAAI;SACL,CAAC,CAAA;QAEF,OAAO,IAAI,CAAA;IACb,CAAC;IAGK,AAAN,KAAK,CAAC,cAAc,CACyB,KAAa,EACtC,SAAiB,EACtB,IAAY,EAClB,OAAwB;QAE/B,MAAM,
|
|
1
|
+
{"version":3,"file":"invitation-mutation.js","sourceRoot":"","sources":["../../../server/service/invitation/invitation-mutation.ts"],"names":[],"mappings":";;;;AAAA,qCAA+B;AAE/B,+CAA2D;AAC3D,qDAAqD;AAErD,iDAAqD;AAErD,kDAA0D;AAC1D,6DAAkE;AAClE,6CAAyC;AAGlC,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAEvB,AAAN,KAAK,CAAC,gBAAgB,CACuB,KAAa,EACtC,SAAiB,EACtB,IAAY;QAEzB,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAA;QAE5C,MAAM,UAAU,CAAC,MAAM,CAAC;YACtB,KAAK;YACL,SAAS;YACT,IAAI;SACL,CAAC,CAAA;QAEF,OAAO,IAAI,CAAA;IACb,CAAC;IAGK,AAAN,KAAK,CAAC,cAAc,CACyB,KAAa,EACtC,SAAiB,EACtB,IAAY,EAClB,OAAwB;QAE/B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACvC,MAAM,oBAAoB,GAAG,IAAA,qBAAa,EAAC,uBAAU,CAAC,CAAA;QAEtD,IAAI,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC;YAC3C,KAAK,EAAE;gBACL,KAAK,EAAE,IAAA,eAAK,EAAC,KAAK,CAAC;gBACnB,MAAM,EAAE,iBAAU,CAAC,SAAS;aAC7B;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,mBAAmB,KAAK,EAAE,CAAC,CAAA;QAC7C,CAAC;QAED,MAAM,IAAA,gCAAmB,EAAC;YACxB,UAAU,EAAE;gBACV,KAAK;gBACL,SAAS;gBACT,IAAI;aACL;YACD,IAAI;YACJ,OAAO;SACR,CAAC,CAAA;QAEF,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,SAAS,CAAC;YAClD,KAAK;YACL,IAAI;YACJ,SAAS;SACV,CAAC,CAAA;QAEF,mBAAmB;QACnB,OAAO,MAAM,oBAAoB,CAAC,IAAI,+BACpC,OAAO,EAAE,OAAO,IACb,MAAM,KAAE,sCAAsC;YACjD,KAAK;YACL,SAAS;YACT,IAAI,EACJ,OAAO,EAAE,OAAO,IAChB,CAAA;IACJ,CAAC;CACF,CAAA;AAjEY,gDAAkB;AAEvB;IADL,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC;IAE1B,mBAAA,IAAA,kBAAG,EAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC,CAAA;IACzC,mBAAA,IAAA,kBAAG,EAAC,WAAW,CAAC,CAAA;IAChB,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;;;;0DAWb;AAGK;IADL,IAAA,uBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,uBAAU,CAAC;IAE7B,mBAAA,IAAA,kBAAG,EAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC,CAAA;IACzC,mBAAA,IAAA,kBAAG,EAAC,WAAW,CAAC,CAAA;IAChB,mBAAA,IAAA,kBAAG,EAAC,MAAM,CAAC,CAAA;IACX,mBAAA,IAAA,kBAAG,GAAE,CAAA;;;;wDAyCP;6BAhEU,kBAAkB;IAD9B,IAAA,uBAAQ,EAAC,uBAAU,CAAC;GACR,kBAAkB,CAiE9B","sourcesContent":["import { ILike } from 'typeorm'\n\nimport { Arg, Ctx, Mutation, Resolver } from 'type-graphql'\nimport { GraphQLEmailAddress } from 'graphql-scalars'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { User, UserStatus } from '../../service/user/user'\nimport { sendInvitationEmail } from '../../controllers/invitation'\nimport { Invitation } from './invitation'\n\n@Resolver(Invitation)\nexport class InvitationMutation {\n @Mutation(returns => Boolean)\n async cancelInvitation(\n @Arg('email', type => GraphQLEmailAddress) email: string,\n @Arg('reference') reference: string,\n @Arg('type') type: string\n ) {\n const repository = getRepository(Invitation)\n\n await repository.delete({\n email,\n reference,\n type\n })\n\n return true\n }\n\n @Mutation(returns => Invitation)\n async sendInvitation(\n @Arg('email', type => GraphQLEmailAddress) email: string,\n @Arg('reference') reference: string,\n @Arg('type') type: string,\n @Ctx() context: ResolverContext\n ) {\n const { user: updater } = context.state\n const invitationRepository = getRepository(Invitation)\n\n var user = await getRepository(User).findOne({\n where: {\n email: ILike(email),\n status: UserStatus.ACTIVATED\n }\n })\n\n if (!user) {\n throw new Error(`user not found: ${email}`)\n }\n\n await sendInvitationEmail({\n invitation: {\n email,\n reference,\n type\n },\n user,\n context\n })\n\n const oldone = await invitationRepository.findOneBy({\n email,\n type,\n reference\n })\n\n // update or create\n return await invitationRepository.save({\n creator: updater,\n ...oldone, // take only id from oldone for update\n email,\n reference,\n type,\n updater: updater\n })\n }\n}\n"]}
|
|
@@ -9,6 +9,7 @@ export declare class UserMutation {
|
|
|
9
9
|
salt: string;
|
|
10
10
|
passwordUpdatedAt: Date;
|
|
11
11
|
password: string;
|
|
12
|
+
username: string;
|
|
12
13
|
name: string;
|
|
13
14
|
description?: string;
|
|
14
15
|
email: string;
|
|
@@ -18,13 +19,13 @@ export declare class UserMutation {
|
|
|
18
19
|
} & User>;
|
|
19
20
|
updateUser(email: string, patch: UserPatch, context: ResolverContext): Promise<any>;
|
|
20
21
|
updateMultipleUser(patches: UserPatch[], context: ResolverContext): Promise<any[]>;
|
|
21
|
-
deleteUser(
|
|
22
|
-
deleteUsers(
|
|
23
|
-
inviteUser(
|
|
24
|
-
deleteDomainUser(
|
|
25
|
-
transferOwner(
|
|
26
|
-
activateUser(
|
|
27
|
-
inactivateUser(
|
|
28
|
-
resetPasswordToDefault(
|
|
29
|
-
updateUserRoles(
|
|
22
|
+
deleteUser(username: string, context: ResolverContext): Promise<boolean>;
|
|
23
|
+
deleteUsers(usernames: string[], context: ResolverContext): Promise<boolean>;
|
|
24
|
+
inviteUser(username: string, context: ResolverContext): Promise<boolean>;
|
|
25
|
+
deleteDomainUser(username: string, context: ResolverContext): Promise<boolean>;
|
|
26
|
+
transferOwner(username: string, context: ResolverContext): Promise<boolean>;
|
|
27
|
+
activateUser(username: string, context: ResolverContext): Promise<boolean>;
|
|
28
|
+
inactivateUser(username: string, context: ResolverContext): Promise<boolean>;
|
|
29
|
+
resetPasswordToDefault(username: string, context: ResolverContext): Promise<boolean>;
|
|
30
|
+
updateUserRoles(username: string, availableRoles: ObjectRef[], selectedRoles: ObjectRef[], context: ResolverContext): Promise<User>;
|
|
30
31
|
}
|