npm - @things-factory/auth-base - Versions diffs - 8.0.5 → 9.0.0-beta.12 - Mend

@things-factory/auth-base 8.0.5 → 9.0.0-beta.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (493) hide show

package/dist-server/service/user/user.js CHANGED Viewed

@@ -10,14 +10,14 @@ const graphql_scalars_1 = require("graphql-scalars");
 const typeorm_1 = require("typeorm");
 const env_1 = require("@things-factory/env");
 const shell_1 = require("@things-factory/shell");
-const password_rule_1 = require("../../controllers/utils/password-rule");
-const auth_error_1 = require("../../errors/auth-error");
-const get_secret_1 = require("../../utils/get-secret");
-const role_1 = require("../role/role");
-const privilege_1 = require("../privilege/privilege");
-const web_auth_credential_1 = require("../web-auth-credential/web-auth-credential");
-const users_auth_providers_1 = require("../users-auth-providers/users-auth-providers");
-const get_user_domains_1 = require("../../utils/get-user-domains");
+const password_rule_js_1 = require("../../controllers/utils/password-rule.js");
+const auth_error_js_1 = require("../../errors/auth-error.js");
+const get_secret_js_1 = require("../../utils/get-secret.js");
+const role_js_1 = require("../role/role.js");
+const privilege_js_1 = require("../privilege/privilege.js");
+const web_auth_credential_js_1 = require("../web-auth-credential/web-auth-credential.js");
+const users_auth_providers_js_1 = require("../users-auth-providers/users-auth-providers.js");
+const get_user_domains_js_1 = require("../../utils/get-user-domains.js");
 const ORMCONFIG = env_1.config.get('ormconfig', {});
 const DATABASE_TYPE = ORMCONFIG.type;
 const sessionExpirySeconds = Number(env_1.config.get('session/expirySeconds')) || '7d';
@@ -33,16 +33,11 @@ var UserStatus;
 let User = User_1 = class User {
     /* signing for jsonwebtoken */
     async sign(options) {
-        var { expiresIn = sessionExpirySeconds, subdomain } = options || {};
+        var { expiresIn = sessionExpirySeconds } = options || {};
         var user = {
-            id: this.id,
-            userType: this.userType,
-            status: this.status,
-            domain: {
-                subdomain
-            }
+            username: this.username || this.email
         };
-        return await jsonwebtoken_1.default.sign(user, get_secret_1.SECRET, {
+        return await jsonwebtoken_1.default.sign(user, get_secret_js_1.SECRET, {
             expiresIn,
             issuer: 'hatiolab.com',
             subject: 'user'
@@ -50,7 +45,7 @@ let User = User_1 = class User {
     }
     /* validate password through password rule */
     static validatePasswordByRule(password, lng) {
-        (0, password_rule_1.validatePasswordByRule)(password, lng);
+        (0, password_rule_js_1.validatePasswordByRule)(password, lng);
     }
     /* generate salt */
     static generateSalt() {
@@ -59,7 +54,7 @@ let User = User_1 = class User {
     /* encode password */
     static encode(password, salt) {
         return crypto_1.default
-            .createHmac('sha256', salt || get_secret_1.SECRET)
+            .createHmac('sha256', salt || get_secret_js_1.SECRET)
             .update(password)
             .digest('base64');
     }
@@ -67,19 +62,19 @@ let User = User_1 = class User {
     static verify(hashed, password, salt) {
         return (hashed ==
             crypto_1.default
-                .createHmac('sha256', salt || get_secret_1.SECRET)
+                .createHmac('sha256', salt || get_secret_js_1.SECRET)
                 .update(password)
                 .digest('base64') ||
             hashed ==
                 crypto_1.default
-                    .createHmac('sha1', salt || get_secret_1.SECRET)
+                    .createHmac('sha1', salt || get_secret_js_1.SECRET)
                     .update(password)
                     .digest('base64'));
     }
     static async checkAuthWithEmail(decoded) {
         if (!(decoded === null || decoded === void 0 ? void 0 : decoded.email)) {
-            throw new auth_error_1.AuthError({
-                errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_FOUND
+            throw new auth_error_js_1.AuthError({
+                errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_NOT_FOUND
             });
         }
         const repository = (0, shell_1.getRepository)(User_1);
@@ -89,68 +84,88 @@ let User = User_1 = class User {
             cache: true
         });
         if (!user)
-            throw new auth_error_1.AuthError({
-                errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_FOUND
+            throw new auth_error_js_1.AuthError({
+                errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_NOT_FOUND
             });
         else {
             switch (user.status) {
                 case UserStatus.INACTIVE:
-                    throw new auth_error_1.AuthError({
-                        errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_ACTIVATED,
+                    throw new auth_error_js_1.AuthError({
+                        errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_NOT_ACTIVATED,
                         detail: {
                             email: user.email
                         }
                     });
                 case UserStatus.LOCKED:
-                    throw new auth_error_1.AuthError({
-                        errorCode: auth_error_1.AuthError.ERROR_CODES.USER_LOCKED,
+                    throw new auth_error_js_1.AuthError({
+                        errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_LOCKED,
                         detail: {
                             email: user.email
                         }
                     });
                 case UserStatus.DELETED:
-                    throw new auth_error_1.AuthError({
-                        errorCode: auth_error_1.AuthError.ERROR_CODES.USER_DELETED
+                    throw new auth_error_js_1.AuthError({
+                        errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_DELETED
                     });
             }
             return user;
         }
     }
     static async checkAuth(decoded) {
-        if ((decoded === null || decoded === void 0 ? void 0 : decoded.id) === undefined) {
-            throw new auth_error_1.AuthError({
-                errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_FOUND
+        // id 는 하위호환성을 위해 단기적으로 유지함
+        const { id, username } = decoded || {};
+        if (!id && !username) {
+            throw new auth_error_js_1.AuthError({
+                errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_NOT_FOUND
             });
         }
         const repository = (0, shell_1.getRepository)(User_1);
-        var user = await repository.findOne({
-            where: { id: decoded.id },
-            relations: ['domains', 'credentials'],
-            cache: true
-        });
+        if (id) {
+            var user = await repository.findOne({
+                where: { id },
+                relations: ['domains', 'credentials'],
+                cache: true
+            });
+        }
+        else {
+            var user = await repository.findOne({
+                where: { username },
+                relations: ['domains', 'credentials'],
+                cache: true
+            });
+            if (!user && /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(username)) {
+                user = await repository.findOne({
+                    where: {
+                        email: (0, typeorm_1.ILike)(username)
+                    },
+                    relations: ['domains', 'credentials'],
+                    cache: true
+                });
+            }
+        }
         if (!user)
-            throw new auth_error_1.AuthError({
-                errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_FOUND
+            throw new auth_error_js_1.AuthError({
+                errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_NOT_FOUND
             });
         else {
             switch (user.status) {
                 case UserStatus.INACTIVE:
-                    throw new auth_error_1.AuthError({
-                        errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_ACTIVATED,
+                    throw new auth_error_js_1.AuthError({
+                        errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_NOT_ACTIVATED,
                         detail: {
                             email: user.email
                         }
                     });
                 case UserStatus.LOCKED:
-                    throw new auth_error_1.AuthError({
-                        errorCode: auth_error_1.AuthError.ERROR_CODES.USER_LOCKED,
+                    throw new auth_error_js_1.AuthError({
+                        errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_LOCKED,
                         detail: {
                             email: user.email
                         }
                     });
                 case UserStatus.DELETED:
-                    throw new auth_error_1.AuthError({
-                        errorCode: auth_error_1.AuthError.ERROR_CODES.USER_DELETED
+                    throw new auth_error_js_1.AuthError({
+                        errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_DELETED
                     });
             }
             const { defaultPassword } = env_1.config.get('password');
@@ -161,7 +176,7 @@ let User = User_1 = class User {
         }
     }
     static async hasPrivilege(privilege, category, domain, user) {
-        const result = await (0, shell_1.getRepository)(privilege_1.Privilege)
+        const result = await (0, shell_1.getRepository)(privilege_js_1.Privilege)
             .createQueryBuilder('privilege')
             .innerJoin('privilege.roles', 'role')
             .innerJoin('role.users', 'user')
@@ -193,7 +208,7 @@ let User = User_1 = class User {
         return distinct;
     }
     static async getDomainsWithPrivilege(privilege, category, user) {
-        return (0, get_user_domains_1.getDomainsWithPrivilege)(user, privilege, category);
+        return (0, get_user_domains_js_1.getDomainsWithPrivilege)(user, privilege, category);
     }
 };
 exports.User = User;
@@ -202,6 +217,11 @@ tslib_1.__decorate([
     (0, type_graphql_1.Field)(type => type_graphql_1.ID),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "id", void 0);
+tslib_1.__decorate([
+    (0, typeorm_1.Column)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true }),
+    tslib_1.__metadata("design:type", String)
+], User.prototype, "username", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)(),
     (0, type_graphql_1.Field)({ nullable: true }),
@@ -239,9 +259,9 @@ tslib_1.__decorate([
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "password", void 0);
 tslib_1.__decorate([
-    (0, typeorm_1.ManyToMany)(type => role_1.Role, role => role.users),
+    (0, typeorm_1.ManyToMany)(type => role_js_1.Role, role => role.users),
     (0, typeorm_1.JoinTable)({ name: 'users_roles' }),
-    (0, type_graphql_1.Field)(type => [role_1.Role]),
+    (0, type_graphql_1.Field)(type => [role_js_1.Role]),
     tslib_1.__metadata("design:type", Array)
 ], User.prototype, "roles", void 0);
 tslib_1.__decorate([
@@ -299,12 +319,12 @@ tslib_1.__decorate([
     tslib_1.__metadata("design:type", Boolean)
 ], User.prototype, "owner", void 0);
 tslib_1.__decorate([
-    (0, typeorm_1.OneToMany)(() => web_auth_credential_1.WebAuthCredential, credential => credential.user),
+    (0, typeorm_1.OneToMany)(() => web_auth_credential_js_1.WebAuthCredential, credential => credential.user),
     tslib_1.__metadata("design:type", Array)
 ], User.prototype, "credentials", void 0);
 tslib_1.__decorate([
-    (0, typeorm_1.OneToMany)(() => users_auth_providers_1.UsersAuthProviders, usersAuthProviders => usersAuthProviders.user),
-    (0, type_graphql_1.Field)(type => [users_auth_providers_1.UsersAuthProviders], { nullable: true }),
+    (0, typeorm_1.OneToMany)(() => users_auth_providers_js_1.UsersAuthProviders, usersAuthProviders => usersAuthProviders.user),
+    (0, type_graphql_1.Field)(type => [users_auth_providers_js_1.UsersAuthProviders], { nullable: true }),
     tslib_1.__metadata("design:type", Array)
 ], User.prototype, "usersAuthProviders", void 0);
 tslib_1.__decorate([
@@ -339,7 +359,13 @@ tslib_1.__decorate([
 ], User.prototype, "updatedAt", void 0);
 exports.User = User = User_1 = tslib_1.__decorate([
     (0, typeorm_1.Entity)(),
-    (0, typeorm_1.Index)('ix_user_0', (user) => [user.email], { unique: true }),
+    (0, typeorm_1.Index)('ix_user_0', (user) => [user.email], {
+        unique: true
+    }),
+    (0, typeorm_1.Index)('ix_user_1', (user) => [user.username], {
+        unique: true,
+        where: '"username" IS NOT NULL'
+    }),
     (0, type_graphql_1.ObjectType)()
 ], User);
 //# sourceMappingURL=user.js.map

package/dist-server/service/user/user.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"user.js","sourceRoot":"","sources":["../../../server/service/user/user.ts"],"names":[],"mappings":";;;;;AAAA,4DAA2B;AAC3B,wEAA8B;AAC9B,+CAA+D;AAC/D,qDAAqD;AACrD,qCAYgB;AAEhB,6CAA4C;AAC5C,iDAA6D;AAE7D,yEAA8E;AAC9E,wDAAmD;AACnD,uDAA+C;AAC/C,uCAAmC;AACnC,sDAAkD;AAClD,oFAA8E;AAC9E,uFAAiF;AACjF,mEAAsE;AAEtE,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;AAC7C,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAA;AAEpC,MAAM,oBAAoB,GAAG,MAAM,CAAC,YAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,IAAI,IAAI,CAAA;AAEhF,IAAY,UAOX;AAPD,WAAY,UAAU;IACpB,mCAAqB,CAAA;IACrB,qCAAuB,CAAA;IACvB,iCAAmB,CAAA;IACnB,+BAAiB,CAAA;IACjB,+BAAiB,CAAA;IACjB,4DAA8C,CAAA;AAChD,CAAC,EAPW,UAAU,0BAAV,UAAU,QAOrB;AAKM,IAAM,IAAI,YAAV,MAAM,IAAI;IAsHf,8BAA8B;IAC9B,KAAK,CAAC,IAAI,CAAC,OAAQ;QACjB,IAAI,EAAE,SAAS,GAAG,oBAAoB,EAAE,SAAS,EAAE,GAAG,OAAO,IAAI,EAAE,CAAA;QAEnE,IAAI,IAAI,GAAG;YACT,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,MAAM,EAAE;gBACN,SAAS;aACV;SACF,CAAA;QAED,OAAO,MAAM,sBAAG,CAAC,IAAI,CAAC,IAAI,EAAE,mBAAM,EAAE;YAClC,SAAS;YACT,MAAM,EAAE,cAAc;YACtB,OAAO,EAAE,MAAM;SAChB,CAAC,CAAA;IACJ,CAAC;IAED,6CAA6C;IAC7C,MAAM,CAAC,sBAAsB,CAAC,QAAQ,EAAE,GAAG;QACzC,IAAA,sCAAsB,EAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;IACvC,CAAC;IAED,mBAAmB;IACnB,MAAM,CAAC,YAAY;QACjB,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC/C,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,QAAgB,EAAE,IAAI;QAClC,OAAO,gBAAM;aACV,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,mBAAM,CAAC;aACpC,MAAM,CAAC,QAAQ,CAAC;aAChB,MAAM,CAAC,QAAQ,CAAC,CAAA;IACrB,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI;QAClC,OAAO,CACL,MAAM;YACJ,gBAAM;iBACH,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,mBAAM,CAAC;iBACpC,MAAM,CAAC,QAAQ,CAAC;iBAChB,MAAM,CAAC,QAAQ,CAAC;YACrB,MAAM;gBACJ,gBAAM;qBACH,UAAU,CAAC,MAAM,EAAE,IAAI,IAAI,mBAAM,CAAC;qBAClC,MAAM,CAAC,QAAQ,CAAC;qBAChB,MAAM,CAAC,QAAQ,CAAC,CACtB,CAAA;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,OAAO;QACrC,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,EAAE,CAAC;YACpB,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE;YAC/B,SAAS,EAAE,CAAC,SAAS,CAAC;YACtB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC,CAAC;YACJ,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBACpB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;YACN,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO;QAC5B,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,MAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,EAAE;YACzB,SAAS,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;YACrC,KAAK,EAAE,IAAI;SACZ,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,sBAAS,CAAC;gBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC,CAAC;YACJ,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBACpB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,sBAAS,CAAC;wBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;YACN,CAAC;YAED,MAAM,EAAE,eAAe,EAAE,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAElD,IAAI,eAAe,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjF,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAA;YAC7C,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,SAAiB,EAAE,QAAgB,EAAE,MAAc,EAAE,IAAU;QACvF,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,qBAAS,CAAC;aAC1C,kBAAkB,CAAC,WAAW,CAAC;aAC/B,SAAS,CAAC,iBAAiB,EAAE,MAAM,CAAC;aACpC,SAAS,CAAC,YAAY,EAAE,MAAM,CAAC;aAC/B,KAAK,CAAC,gCAAgC,EAAE,EAAE,QAAQ,EAAE,CAAC;aACrD,QAAQ,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,CAAC;aACtD,QAAQ,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAClD,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;aAC/D,QAAQ,EAAE,CAAA;QAEb,OAAO,MAAM,GAAG,CAAC,CAAA;IACnB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAU,EAAE,MAAc;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,MAAI,CAAC;aACrC,kBAAkB,CAAC,MAAM,CAAC;aAC1B,iBAAiB,CAAC,YAAY,EAAE,MAAM,CAAC;aACvC,iBAAiB,CAAC,iBAAiB,EAAE,WAAW,CAAC;aACjD,MAAM,CAAC,CAAC,6BAA6B,EAAE,gCAAgC,CAAC,CAAC;aACzE,KAAK,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAC/C,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;aAC/D,OAAO,CAAC,oBAAoB,CAAC;aAC7B,UAAU,CAAC,gBAAgB,CAAC;aAC5B,UAAU,EAAE,CAAA;QAEf,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE;YAC9C,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;YAChC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACxF,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;YACnB,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAAE,CAAC,CAAA;QAEN,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,SAAiB,EAAE,QAAgB,EAAE,IAAU;QAClF,OAAO,IAAA,0CAAuB,EAAC,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAA;IAC3D,CAAC;CACF,CAAA;AAlTY,oBAAI;AAGN;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;gCACC;AAInB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kCACd;AAIZ;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;yCACP;AAKnB;IAHC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IAC1B,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC;IACpC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAM,CAAC,CAAC;;qCACN;AAIlB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC;;mCACtB;AAeb;IAbC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;QACd,IAAI,EACF,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACpD,CAAC,CAAC,UAAU;YACZ,CAAC,CAAC,aAAa,IAAI,QAAQ;gBACzB,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,aAAa,IAAI,OAAO;oBACxB,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS;QACnB,MAAM,EAAE,aAAa,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;KACrD,CAAC;;sCACc;AAKhB;IAHC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,WAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;IAC5C,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;IAClC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,WAAI,CAAC,CAAC;;mCACR;AAId;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;sCACV;AAIhB;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;uCACT;AAIjB;IAFC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kCACf;AAIZ;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;oCACZ;AAKd;IAHC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;mCACb;AAiBb;IAfC,IAAA,gBAAM,EAAC;QACN,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACnF,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,aAAa,IAAI,QAAQ;gBACzB,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,aAAa,IAAI,OAAO;oBACxB,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS;QACnB,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QAChH,MAAM,EAAE,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE;QAC9G,OAAO,EAAE,UAAU,CAAC,QAAQ;KAC7B,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC;;oCACJ;AAGlB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;;uCACxB;AAGjB;IADC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACR,IAAI;+CAAA;AAGvB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;mCACZ;AAGd;IADC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,uCAAiB,EAAE,UAAU,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;;yCAClC;AAIhC;IAFC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,yCAAkB,EAAE,kBAAkB,CAAC,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;IAClF,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,yCAAkB,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;gDAChB;AAIxC;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,IAAI;qCAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAIjB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,IAAI;qCAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAIjB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;uCAAA;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;IAEf,8BAA8B;;uCAFf;eApHJ,IAAI;IAHhB,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EAAC,WAAW,EAAE,CAAC,IAAU,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;IAClE,IAAA,yBAAU,GAAE;GACA,IAAI,CAkThB","sourcesContent":["import crypto from 'crypto'\nimport jwt from 'jsonwebtoken'\nimport { Directive, Field, ID, ObjectType } from 'type-graphql'\nimport { GraphQLEmailAddress } from 'graphql-scalars'\nimport {\n Column,\n CreateDateColumn,\n Entity,\n Index,\n JoinTable,\n ManyToMany,\n ManyToOne,\n OneToMany,\n PrimaryGeneratedColumn,\n RelationId,\n UpdateDateColumn\n} from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { validatePasswordByRule } from '../../controllers/utils/password-rule'\nimport { AuthError } from '../../errors/auth-error'\nimport { SECRET } from '../../utils/get-secret'\nimport { Role } from '../role/role'\nimport { Privilege } from '../privilege/privilege'\nimport { WebAuthCredential } from '../web-auth-credential/web-auth-credential'\nimport { UsersAuthProviders } from '../users-auth-providers/users-auth-providers'\nimport { getDomainsWithPrivilege } from '../../utils/get-user-domains'\n\nconst ORMCONFIG = config.get('ormconfig', {})\nconst DATABASE_TYPE = ORMCONFIG.type\n\nconst sessionExpirySeconds = Number(config.get('session/expirySeconds')) \|\| '7d'\n\nexport enum UserStatus {\n INACTIVE = 'inactive',\n ACTIVATED = 'activated',\n DELETED = 'deleted',\n LOCKED = 'locked',\n BANNED = 'banned',\n PWD_RESET_REQUIRED = 'password_reset_required'\n}\n\n@Entity()\n@Index('ix_user_0', (user: User) => [user.email], { unique: true })\n@ObjectType()\nexport class User {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @Column()\n @Field({ nullable: true })\n name: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n description: string\n\n @ManyToMany(type => Domain)\n @JoinTable({ name: 'users_domains' })\n @Field(type => [Domain])\n domains?: Domain[]\n\n @Column()\n @Field(type => GraphQLEmailAddress)\n email: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({\n nullable: true,\n type:\n DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? 'longtext'\n : DATABASE_TYPE == 'oracle'\n ? 'clob'\n : DATABASE_TYPE == 'mssql'\n ? 'nvarchar'\n : 'varchar',\n length: DATABASE_TYPE == 'mssql' ? 'MAX' : undefined\n })\n password: string\n\n @ManyToMany(type => Role, role => role.users)\n @JoinTable({ name: 'users_roles' })\n @Field(type => [Role])\n roles?: Role[]\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n userType: string // default: 'user', enum: 'user', 'application', 'appliance'\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n reference: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({ nullable: true })\n salt: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n locale: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({ nullable: true })\n @Field({ nullable: true })\n ssoId: string\n\n @Column({\n type:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? 'enum'\n : DATABASE_TYPE == 'oracle'\n ? 'varchar2'\n : DATABASE_TYPE == 'mssql'\n ? 'nvarchar'\n : 'varchar',\n enum:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb' ? UserStatus : undefined,\n length: DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb' ? undefined : 32,\n default: UserStatus.INACTIVE\n })\n @Field(type => String)\n status: UserStatus\n\n @Column({ type: 'smallint', default: 0 })\n failCount: number\n\n @Column({ nullable: true })\n passwordUpdatedAt: Date\n\n @Field({ nullable: true })\n owner: boolean /* should not be a column /\n\n @OneToMany(() => WebAuthCredential, credential => credential.user)\n credentials: WebAuthCredential[]\n\n @OneToMany(() => UsersAuthProviders, usersAuthProviders => usersAuthProviders.user)\n @Field(type => [UsersAuthProviders], { nullable: true })\n usersAuthProviders: UsersAuthProviders[]\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n creator: User\n\n @RelationId((user: User) => user.creator)\n creatorId: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n updater: User\n\n @RelationId((user: User) => user.updater)\n updaterId: string\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt: Date\n\n / signing for jsonwebtoken /\n async sign(options?) {\n var { expiresIn = sessionExpirySeconds, subdomain } = options \|\| {}\n\n var user = {\n id: this.id,\n userType: this.userType,\n status: this.status,\n domain: {\n subdomain\n }\n }\n\n return await jwt.sign(user, SECRET, {\n expiresIn,\n issuer: 'hatiolab.com',\n subject: 'user'\n })\n }\n\n / validate password through password rule /\n static validatePasswordByRule(password, lng) {\n validatePasswordByRule(password, lng)\n }\n\n / generate salt /\n static generateSalt() {\n return crypto.randomBytes(16).toString('hex')\n }\n\n / encode password /\n static encode(password: string, salt) {\n return crypto\n .createHmac('sha256', salt \|\| SECRET)\n .update(password)\n .digest('base64')\n }\n\n / verify password */\n static verify(hashed, password, salt) {\n return (\n hashed ==\n crypto\n .createHmac('sha256', salt \|\| SECRET)\n .update(password)\n .digest('base64') \|\|\n hashed ==\n crypto\n .createHmac('sha1', salt \|\| SECRET)\n .update(password)\n .digest('base64')\n )\n }\n\n static async checkAuthWithEmail(decoded) {\n if (!decoded?.email) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n var user = await repository.findOne({\n where: { email: decoded.email },\n relations: ['domains'],\n cache: true\n })\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n return user\n }\n }\n\n static async checkAuth(decoded) {\n if (decoded?.id === undefined) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n var user = await repository.findOne({\n where: { id: decoded.id },\n relations: ['domains', 'credentials'],\n cache: true\n })\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n const { defaultPassword } = config.get('password')\n\n if (defaultPassword && user.password === this.encode(defaultPassword, user.salt)) {\n user.status = UserStatus.PWD_RESET_REQUIRED\n }\n\n return user\n }\n }\n\n static async hasPrivilege(privilege: string, category: string, domain: Domain, user: User): Promise<boolean> {\n const result = await getRepository(Privilege)\n .createQueryBuilder('privilege')\n .innerJoin('privilege.roles', 'role')\n .innerJoin('role.users', 'user')\n .where('privilege.category = :category', { category })\n .andWhere('privilege.name = :privilege', { privilege })\n .andWhere('user.id = :userId', { userId: user.id })\n .andWhere('role.domain.id = :domainId', { domainId: domain.id })\n .getCount()\n\n return result > 0\n }\n\n static async getPrivilegesByDomain(user: User, domain: Domain): Promise<{ category: string; privilege: string }[]> {\n const result = await getRepository(User)\n .createQueryBuilder('user')\n .leftJoinAndSelect('user.roles', 'role')\n .leftJoinAndSelect('role.privileges', 'privilege')\n .select(['privilege.name AS privilege', 'privilege.category AS category'])\n .where('user.id = :userId', { userId: user.id })\n .andWhere('role.domain.id = :domainId', { domainId: domain.id })\n .orderBy('privilege.category')\n .addOrderBy('privilege.name')\n .getRawMany()\n\n const distinct = result.reduce((acc, current) => {\n const last = acc[acc.length - 1]\n if (!last \|\| last.privilege !== current.privilege \|\| last.category !== current.category) {\n acc.push(current)\n }\n return acc\n }, [])\n\n return distinct\n }\n\n static async getDomainsWithPrivilege(privilege: string, category: string, user: User) {\n return getDomainsWithPrivilege(user, privilege, category)\n }\n}\n"]}
1	+ {"version":3,"file":"user.js","sourceRoot":"","sources":["../../../server/service/user/user.ts"],"names":[],"mappings":";;;;;AAAA,4DAA2B;AAC3B,wEAA8B;AAC9B,+CAA+D;AAC/D,qDAAqD;AACrD,qCAagB;AAEhB,6CAA4C;AAC5C,iDAA6D;AAE7D,+EAAiF;AACjF,8DAAsD;AACtD,6DAAkD;AAClD,6CAAsC;AACtC,4DAAqD;AACrD,0FAAiF;AACjF,6FAAoF;AACpF,yEAAyE;AAEzE,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;AAC7C,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAA;AAEpC,MAAM,oBAAoB,GAAG,MAAM,CAAC,YAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,IAAI,IAAI,CAAA;AAEhF,IAAY,UAOX;AAPD,WAAY,UAAU;IACpB,mCAAqB,CAAA;IACrB,qCAAuB,CAAA;IACvB,iCAAmB,CAAA;IACnB,+BAAiB,CAAA;IACjB,+BAAiB,CAAA;IACjB,4DAA8C,CAAA;AAChD,CAAC,EAPW,UAAU,0BAAV,UAAU,QAOrB;AAWM,IAAM,IAAI,YAAV,MAAM,IAAI;IA0Hf,8BAA8B;IAC9B,KAAK,CAAC,IAAI,CAAC,OAAQ;QACjB,IAAI,EAAE,SAAS,GAAG,oBAAoB,EAAE,GAAG,OAAO,IAAI,EAAE,CAAA;QAExD,IAAI,IAAI,GAAG;YACT,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,KAAK;SACtC,CAAA;QAED,OAAO,MAAM,sBAAG,CAAC,IAAI,CAAC,IAAI,EAAE,sBAAM,EAAE;YAClC,SAAS;YACT,MAAM,EAAE,cAAc;YACtB,OAAO,EAAE,MAAM;SAChB,CAAC,CAAA;IACJ,CAAC;IAED,6CAA6C;IAC7C,MAAM,CAAC,sBAAsB,CAAC,QAAQ,EAAE,GAAG;QACzC,IAAA,yCAAsB,EAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;IACvC,CAAC;IAED,mBAAmB;IACnB,MAAM,CAAC,YAAY;QACjB,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC/C,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,QAAgB,EAAE,IAAI;QAClC,OAAO,gBAAM;aACV,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,sBAAM,CAAC;aACpC,MAAM,CAAC,QAAQ,CAAC;aAChB,MAAM,CAAC,QAAQ,CAAC,CAAA;IACrB,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI;QAClC,OAAO,CACL,MAAM;YACJ,gBAAM;iBACH,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,sBAAM,CAAC;iBACpC,MAAM,CAAC,QAAQ,CAAC;iBAChB,MAAM,CAAC,QAAQ,CAAC;YACrB,MAAM;gBACJ,gBAAM;qBACH,UAAU,CAAC,MAAM,EAAE,IAAI,IAAI,sBAAM,CAAC;qBAClC,MAAM,CAAC,QAAQ,CAAC;qBAChB,MAAM,CAAC,QAAQ,CAAC,CACtB,CAAA;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,OAAO;QACrC,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,EAAE,CAAC;YACpB,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE;YAC/B,SAAS,EAAE,CAAC,SAAS,CAAC;YACtB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC,CAAC;YACJ,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBACpB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;YACN,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO;QAC5B,2BAA2B;QAC3B,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,GAAG,OAAO,IAAI,EAAE,CAAA;QAEtC,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,EAAE,EAAE,CAAC;YACP,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;gBAClC,KAAK,EAAE,EAAE,EAAE,EAAE;gBACb,SAAS,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;gBACrC,KAAK,EAAE,IAAI;aACZ,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;gBAClC,KAAK,EAAE,EAAE,QAAQ,EAAE;gBACnB,SAAS,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;gBACrC,KAAK,EAAE,IAAI;aACZ,CAAC,CAAA;YAEF,IAAI,CAAC,IAAI,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACzD,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;oBAC9B,KAAK,EAAE;wBACL,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC;qBACvB;oBACD,SAAS,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;oBACrC,KAAK,EAAE,IAAI;iBACZ,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC,CAAC;YACJ,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBACpB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;YACN,CAAC;YAED,MAAM,EAAE,eAAe,EAAE,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAElD,IAAI,eAAe,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjF,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAA;YAC7C,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,SAAiB,EAAE,QAAgB,EAAE,MAAc,EAAE,IAAU;QACvF,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC;aAC1C,kBAAkB,CAAC,WAAW,CAAC;aAC/B,SAAS,CAAC,iBAAiB,EAAE,MAAM,CAAC;aACpC,SAAS,CAAC,YAAY,EAAE,MAAM,CAAC;aAC/B,KAAK,CAAC,gCAAgC,EAAE,EAAE,QAAQ,EAAE,CAAC;aACrD,QAAQ,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,CAAC;aACtD,QAAQ,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAClD,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;aAC/D,QAAQ,EAAE,CAAA;QAEb,OAAO,MAAM,GAAG,CAAC,CAAA;IACnB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAU,EAAE,MAAc;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,MAAI,CAAC;aACrC,kBAAkB,CAAC,MAAM,CAAC;aAC1B,iBAAiB,CAAC,YAAY,EAAE,MAAM,CAAC;aACvC,iBAAiB,CAAC,iBAAiB,EAAE,WAAW,CAAC;aACjD,MAAM,CAAC,CAAC,6BAA6B,EAAE,gCAAgC,CAAC,CAAC;aACzE,KAAK,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAC/C,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;aAC/D,OAAO,CAAC,oBAAoB,CAAC;aAC7B,UAAU,CAAC,gBAAgB,CAAC;aAC5B,UAAU,EAAE,CAAA;QAEf,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE;YAC9C,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;YAChC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACxF,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;YACnB,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAAE,CAAC,CAAA;QAEN,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,SAAiB,EAAE,QAAgB,EAAE,IAAU;QAClF,OAAO,IAAA,6CAAuB,EAAC,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAA;IAC3D,CAAC;CACF,CAAA;AAtUY,oBAAI;AAGN;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;gCACC;AAInB;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;sCACV;AAIhB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kCACd;AAIZ;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;yCACP;AAKnB;IAHC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IAC1B,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC;IACpC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAM,CAAC,CAAC;;qCACN;AAIlB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC;;mCACtB;AAeb;IAbC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;QACd,IAAI,EACF,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACpD,CAAC,CAAC,UAAU;YACZ,CAAC,CAAC,aAAa,IAAI,QAAQ;gBACzB,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,aAAa,IAAI,OAAO;oBACxB,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS;QACnB,MAAM,EAAE,aAAa,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;KACrD,CAAC;;sCACc;AAKhB;IAHC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;IAC5C,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;IAClC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAI,CAAC,CAAC;;mCACR;AAId;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;sCACV;AAIhB;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;uCACT;AAIjB;IAFC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kCACf;AAIZ;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;oCACZ;AAKd;IAHC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;mCACb;AAiBb;IAfC,IAAA,gBAAM,EAAC;QACN,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACnF,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,aAAa,IAAI,QAAQ;gBACzB,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,aAAa,IAAI,OAAO;oBACxB,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS;QACnB,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QAChH,MAAM,EAAE,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE;QAC9G,OAAO,EAAE,UAAU,CAAC,QAAQ;KAC7B,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC;;oCACJ;AAGlB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;;uCACxB;AAGjB;IADC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACR,IAAI;+CAAA;AAGvB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;mCACZ;AAGd;IADC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,0CAAiB,EAAE,UAAU,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;;yCAClC;AAIhC;IAFC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,4CAAkB,EAAE,kBAAkB,CAAC,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;IAClF,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,4CAAkB,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;gDAChB;AAIxC;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,IAAI;qCAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAIjB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,IAAI;qCAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAIjB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;uCAAA;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;IAEf,8BAA8B;;uCAFf;eAxHJ,IAAI;IAThB,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EAAC,WAAW,EAAE,CAAC,IAAU,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;QAChD,MAAM,EAAE,IAAI;KACb,CAAC;IACD,IAAA,eAAK,EAAC,WAAW,EAAE,CAAC,IAAU,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;QACnD,MAAM,EAAE,IAAI;QACZ,KAAK,EAAE,wBAAwB;KAChC,CAAC;IACD,IAAA,yBAAU,GAAE;GACA,IAAI,CAsUhB","sourcesContent":["import crypto from 'crypto'\nimport jwt from 'jsonwebtoken'\nimport { Directive, Field, ID, ObjectType } from 'type-graphql'\nimport { GraphQLEmailAddress } from 'graphql-scalars'\nimport {\n Column,\n CreateDateColumn,\n Entity,\n ILike,\n Index,\n JoinTable,\n ManyToMany,\n ManyToOne,\n OneToMany,\n PrimaryGeneratedColumn,\n RelationId,\n UpdateDateColumn\n} from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { validatePasswordByRule } from '../../controllers/utils/password-rule.js'\nimport { AuthError } from '../../errors/auth-error.js'\nimport { SECRET } from '../../utils/get-secret.js'\nimport { Role } from '../role/role.js'\nimport { Privilege } from '../privilege/privilege.js'\nimport { WebAuthCredential } from '../web-auth-credential/web-auth-credential.js'\nimport { UsersAuthProviders } from '../users-auth-providers/users-auth-providers.js'\nimport { getDomainsWithPrivilege } from '../../utils/get-user-domains.js'\n\nconst ORMCONFIG = config.get('ormconfig', {})\nconst DATABASE_TYPE = ORMCONFIG.type\n\nconst sessionExpirySeconds = Number(config.get('session/expirySeconds')) \|\| '7d'\n\nexport enum UserStatus {\n INACTIVE = 'inactive',\n ACTIVATED = 'activated',\n DELETED = 'deleted',\n LOCKED = 'locked',\n BANNED = 'banned',\n PWD_RESET_REQUIRED = 'password_reset_required'\n}\n\n@Entity()\n@Index('ix_user_0', (user: User) => [user.email], {\n unique: true\n})\n@Index('ix_user_1', (user: User) => [user.username], {\n unique: true,\n where: '\"username\" IS NOT NULL'\n})\n@ObjectType()\nexport class User {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n username: string\n\n @Column()\n @Field({ nullable: true })\n name: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n description: string\n\n @ManyToMany(type => Domain)\n @JoinTable({ name: 'users_domains' })\n @Field(type => [Domain])\n domains?: Domain[]\n\n @Column()\n @Field(type => GraphQLEmailAddress)\n email: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({\n nullable: true,\n type:\n DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? 'longtext'\n : DATABASE_TYPE == 'oracle'\n ? 'clob'\n : DATABASE_TYPE == 'mssql'\n ? 'nvarchar'\n : 'varchar',\n length: DATABASE_TYPE == 'mssql' ? 'MAX' : undefined\n })\n password: string\n\n @ManyToMany(type => Role, role => role.users)\n @JoinTable({ name: 'users_roles' })\n @Field(type => [Role])\n roles?: Role[]\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n userType: string // default: 'user', enum: 'user', 'application', 'appliance'\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n reference: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({ nullable: true })\n salt: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n locale: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({ nullable: true })\n @Field({ nullable: true })\n ssoId: string\n\n @Column({\n type:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? 'enum'\n : DATABASE_TYPE == 'oracle'\n ? 'varchar2'\n : DATABASE_TYPE == 'mssql'\n ? 'nvarchar'\n : 'varchar',\n enum:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb' ? UserStatus : undefined,\n length: DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb' ? undefined : 32,\n default: UserStatus.INACTIVE\n })\n @Field(type => String)\n status: UserStatus\n\n @Column({ type: 'smallint', default: 0 })\n failCount: number\n\n @Column({ nullable: true })\n passwordUpdatedAt: Date\n\n @Field({ nullable: true })\n owner: boolean /* should not be a column /\n\n @OneToMany(() => WebAuthCredential, credential => credential.user)\n credentials: WebAuthCredential[]\n\n @OneToMany(() => UsersAuthProviders, usersAuthProviders => usersAuthProviders.user)\n @Field(type => [UsersAuthProviders], { nullable: true })\n usersAuthProviders: UsersAuthProviders[]\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n creator: User\n\n @RelationId((user: User) => user.creator)\n creatorId: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n updater: User\n\n @RelationId((user: User) => user.updater)\n updaterId: string\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt: Date\n\n / signing for jsonwebtoken /\n async sign(options?) {\n var { expiresIn = sessionExpirySeconds } = options \|\| {}\n\n var user = {\n username: this.username \|\| this.email\n }\n\n return await jwt.sign(user, SECRET, {\n expiresIn,\n issuer: 'hatiolab.com',\n subject: 'user'\n })\n }\n\n / validate password through password rule /\n static validatePasswordByRule(password, lng) {\n validatePasswordByRule(password, lng)\n }\n\n / generate salt /\n static generateSalt() {\n return crypto.randomBytes(16).toString('hex')\n }\n\n / encode password /\n static encode(password: string, salt) {\n return crypto\n .createHmac('sha256', salt \|\| SECRET)\n .update(password)\n .digest('base64')\n }\n\n / verify password */\n static verify(hashed, password, salt) {\n return (\n hashed ==\n crypto\n .createHmac('sha256', salt \|\| SECRET)\n .update(password)\n .digest('base64') \|\|\n hashed ==\n crypto\n .createHmac('sha1', salt \|\| SECRET)\n .update(password)\n .digest('base64')\n )\n }\n\n static async checkAuthWithEmail(decoded) {\n if (!decoded?.email) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n var user = await repository.findOne({\n where: { email: decoded.email },\n relations: ['domains'],\n cache: true\n })\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n return user\n }\n }\n\n static async checkAuth(decoded) {\n // id 는 하위호환성을 위해 단기적으로 유지함\n const { id, username } = decoded \|\| {}\n\n if (!id && !username) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n if (id) {\n var user = await repository.findOne({\n where: { id },\n relations: ['domains', 'credentials'],\n cache: true\n })\n } else {\n var user = await repository.findOne({\n where: { username },\n relations: ['domains', 'credentials'],\n cache: true\n })\n\n if (!user && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: {\n email: ILike(username)\n },\n relations: ['domains', 'credentials'],\n cache: true\n })\n }\n }\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n const { defaultPassword } = config.get('password')\n\n if (defaultPassword && user.password === this.encode(defaultPassword, user.salt)) {\n user.status = UserStatus.PWD_RESET_REQUIRED\n }\n\n return user\n }\n }\n\n static async hasPrivilege(privilege: string, category: string, domain: Domain, user: User): Promise<boolean> {\n const result = await getRepository(Privilege)\n .createQueryBuilder('privilege')\n .innerJoin('privilege.roles', 'role')\n .innerJoin('role.users', 'user')\n .where('privilege.category = :category', { category })\n .andWhere('privilege.name = :privilege', { privilege })\n .andWhere('user.id = :userId', { userId: user.id })\n .andWhere('role.domain.id = :domainId', { domainId: domain.id })\n .getCount()\n\n return result > 0\n }\n\n static async getPrivilegesByDomain(user: User, domain: Domain): Promise<{ category: string; privilege: string }[]> {\n const result = await getRepository(User)\n .createQueryBuilder('user')\n .leftJoinAndSelect('user.roles', 'role')\n .leftJoinAndSelect('role.privileges', 'privilege')\n .select(['privilege.name AS privilege', 'privilege.category AS category'])\n .where('user.id = :userId', { userId: user.id })\n .andWhere('role.domain.id = :domainId', { domainId: domain.id })\n .orderBy('privilege.category')\n .addOrderBy('privilege.name')\n .getRawMany()\n\n const distinct = result.reduce((acc, current) => {\n const last = acc[acc.length - 1]\n if (!last \|\| last.privilege !== current.privilege \|\| last.category !== current.category) {\n acc.push(current)\n }\n return acc\n }, [])\n\n return distinct\n }\n\n static async getDomainsWithPrivilege(privilege: string, category: string, user: User) {\n return getDomainsWithPrivilege(user, privilege, category)\n }\n}\n"]}

package/dist-server/service/users-auth-providers/index.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { UsersAuthProviders } from './users-auth-providers';
+import { UsersAuthProviders } from './users-auth-providers.js';
 export declare const entities: (typeof UsersAuthProviders)[];
 export declare const resolvers: any[];
 export declare const subscribers: any[];

package/dist-server/service/users-auth-providers/index.js CHANGED Viewed

@@ -1,8 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.subscribers = exports.resolvers = exports.entities = void 0;
-const users_auth_providers_1 = require("./users-auth-providers");
-exports.entities = [users_auth_providers_1.UsersAuthProviders];
+const users_auth_providers_js_1 = require("./users-auth-providers.js");
+exports.entities = [users_auth_providers_js_1.UsersAuthProviders];
 exports.resolvers = [];
 exports.subscribers = [];
 //# sourceMappingURL=index.js.map

package/dist-server/service/users-auth-providers/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../server/service/users-auth-providers/index.ts"],"names":[],"mappings":";;;AAAA,~~iEAA2D~~;~~AAE9C~~,QAAA,QAAQ,GAAG,CAAC,~~yCAAkB~~,CAAC,CAAA;AAC/B,QAAA,SAAS,GAAG,EAAE,CAAA;AACd,QAAA,WAAW,GAAG,EAAE,CAAA","sourcesContent":["import { UsersAuthProviders } from './users-auth-providers'\n\nexport const entities = [UsersAuthProviders]\nexport const resolvers = []\nexport const subscribers = []\n"]}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../server/service/users-auth-providers/index.ts"],"names":[],"mappings":";;;AAAA,uEAA8D;AAEjD,QAAA,QAAQ,GAAG,CAAC,4CAAkB,CAAC,CAAA;AAC/B,QAAA,SAAS,GAAG,EAAE,CAAA;AACd,QAAA,WAAW,GAAG,EAAE,CAAA","sourcesContent":["import { UsersAuthProviders } from './users-auth-providers.js'\n\nexport const entities = [UsersAuthProviders]\nexport const resolvers = []\nexport const subscribers = []\n"]}

package/dist-server/service/users-auth-providers/users-auth-providers.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { Domain } from '@things-factory/shell';
-import { User } from '../user/user';
-import { AuthProvider } from '../auth-provider/auth-provider';
+import { User } from '../user/user.js';
+import { AuthProvider } from '../auth-provider/auth-provider.js';
 export declare class UsersAuthProviders {
     readonly id: string;
     domain?: Domain;

package/dist-server/service/users-auth-providers/users-auth-providers.js CHANGED Viewed

@@ -5,8 +5,8 @@ const tslib_1 = require("tslib");
 const typeorm_1 = require("typeorm");
 const type_graphql_1 = require("type-graphql");
 const shell_1 = require("@things-factory/shell");
-const user_1 = require("../user/user");
-const auth_provider_1 = require("../auth-provider/auth-provider");
+const user_js_1 = require("../user/user.js");
+const auth_provider_js_1 = require("../auth-provider/auth-provider.js");
 let UsersAuthProviders = class UsersAuthProviders {
 };
 exports.UsersAuthProviders = UsersAuthProviders;
@@ -25,22 +25,22 @@ tslib_1.__decorate([
     tslib_1.__metadata("design:type", String)
 ], UsersAuthProviders.prototype, "domainId", void 0);
 tslib_1.__decorate([
-    (0, typeorm_1.ManyToOne)(() => user_1.User, user => user.usersAuthProviders, {
+    (0, typeorm_1.ManyToOne)(() => user_js_1.User, user => user.usersAuthProviders, {
         onDelete: 'CASCADE'
     }),
-    (0, type_graphql_1.Field)(type => user_1.User, { nullable: true }),
-    tslib_1.__metadata("design:type", user_1.User)
+    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true }),
+    tslib_1.__metadata("design:type", user_js_1.User)
 ], UsersAuthProviders.prototype, "user", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.RelationId)((usersAuthProviders) => usersAuthProviders.user),
     tslib_1.__metadata("design:type", String)
 ], UsersAuthProviders.prototype, "userId", void 0);
 tslib_1.__decorate([
-    (0, typeorm_1.ManyToOne)(() => auth_provider_1.AuthProvider, authProvider => authProvider.usersAuthProviders, {
+    (0, typeorm_1.ManyToOne)(() => auth_provider_js_1.AuthProvider, authProvider => authProvider.usersAuthProviders, {
         onDelete: 'CASCADE'
     }),
-    (0, type_graphql_1.Field)(type => auth_provider_1.AuthProvider, { nullable: true }),
-    tslib_1.__metadata("design:type", auth_provider_1.AuthProvider)
+    (0, type_graphql_1.Field)(type => auth_provider_js_1.AuthProvider, { nullable: true }),
+    tslib_1.__metadata("design:type", auth_provider_js_1.AuthProvider)
 ], UsersAuthProviders.prototype, "authProvider", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.RelationId)((usersAuthProviders) => usersAuthProviders.authProvider),

package/dist-server/service/users-auth-providers/users-auth-providers.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"users-auth-providers.js","sourceRoot":"","sources":["../../../server/service/users-auth-providers/users-auth-providers.ts"],"names":[],"mappings":";;;;AAAA,qCAWgB;AAChB,+CAA2E;AAE3E,iDAA8C;AAC9C,~~uCAAmC~~;~~AACnC~~,~~kEAA6D~~;~~AAatD~~,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;CAyC9B,CAAA;AAzCY,gDAAkB;AAGpB;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;8CACC;AAInB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IACzB,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;sCACb,cAAM;kDAAA;AAGf;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC;;oDACjE;AAMjB;IAJC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,~~WAAI~~,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,kBAAkB,EAAE;QACtD,QAAQ,EAAE,SAAS;KACpB,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,~~WAAI~~,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCAClC,~~WAAI~~;gDAAA;AAGV;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;;kDACjE;AAMf;IAJC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,~~4BAAY,~~EAAE,YAAY,CAAC,EAAE,CAAC,YAAY,CAAC,kBAAkB,EAAE;QAC9E,QAAQ,EAAE,SAAS;KACpB,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,~~4BAAY,~~EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCAClC~~,4BAAY~~;wDAAA;AAG1B;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,YAAY,CAAC;;0DACjE;AAIvB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;iDACb;AAIb;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACd,IAAI;qDAAA;AAIhB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;qDAAA;6BAxCJ,kBAAkB;IAX9B,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EACJ,2BAA2B,EAC3B,CAAC,kBAAsC,EAAE,EAAE,CAAC;QAC1C,kBAAkB,CAAC,MAAM;QACzB,kBAAkB,CAAC,IAAI;QACvB,kBAAkB,CAAC,YAAY;KAChC,EACD,EAAE,MAAM,EAAE,IAAI,EAAE,CACjB;IACA,IAAA,yBAAU,EAAC,EAAE,WAAW,EAAE,+BAA+B,EAAE,CAAC;GAChD,kBAAkB,CAyC9B","sourcesContent":["import {\n CreateDateColumn,\n UpdateDateColumn,\n DeleteDateColumn,\n Entity,\n Index,\n Column,\n RelationId,\n ManyToOne,\n PrimaryGeneratedColumn,\n VersionColumn\n} from 'typeorm'\nimport { ObjectType, Field, Int, ID, registerEnumType } from 'type-graphql'\n\nimport { Domain } from '@things-factory/shell'\nimport { User } from '../user/user'\nimport { AuthProvider } from '../auth-provider/auth-provider'\n\n@Entity()\n@Index(\n 'ix_users_auth_providers_0',\n (usersAuthProviders: UsersAuthProviders) => [\n usersAuthProviders.domain,\n usersAuthProviders.user,\n usersAuthProviders.authProvider\n ],\n { unique: true }\n)\n@ObjectType({ description: 'Entity for UsersAuthProviders' })\nexport class UsersAuthProviders {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @ManyToOne(type => Domain)\n @Field(type => Domain)\n domain?: Domain\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.domain)\n domainId?: string\n\n @ManyToOne(() => User, user => user.usersAuthProviders, {\n onDelete: 'CASCADE'\n })\n @Field(type => User, { nullable: true })\n user: User\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.user)\n userId?: string\n\n @ManyToOne(() => AuthProvider, authProvider => authProvider.usersAuthProviders, {\n onDelete: 'CASCADE'\n })\n @Field(type => AuthProvider, { nullable: true })\n authProvider: AuthProvider\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.authProvider)\n authProviderId?: string\n\n @Column()\n @Field({ nullable: true })\n ssoId: string\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt?: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt: Date\n}\n"]}
1	+ {"version":3,"file":"users-auth-providers.js","sourceRoot":"","sources":["../../../server/service/users-auth-providers/users-auth-providers.ts"],"names":[],"mappings":";;;;AAAA,qCAWgB;AAChB,+CAA2E;AAE3E,iDAA8C;AAC9C,6CAAsC;AACtC,wEAAgE;AAazD,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;CAyC9B,CAAA;AAzCY,gDAAkB;AAGpB;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;8CACC;AAInB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IACzB,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;sCACb,cAAM;kDAAA;AAGf;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC;;oDACjE;AAMjB;IAJC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,cAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,kBAAkB,EAAE;QACtD,QAAQ,EAAE,SAAS;KACpB,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCAClC,cAAI;gDAAA;AAGV;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;;kDACjE;AAMf;IAJC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,+BAAY,EAAE,YAAY,CAAC,EAAE,CAAC,YAAY,CAAC,kBAAkB,EAAE;QAC9E,QAAQ,EAAE,SAAS;KACpB,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,+BAAY,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCAClC,+BAAY;wDAAA;AAG1B;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,YAAY,CAAC;;0DACjE;AAIvB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;iDACb;AAIb;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACd,IAAI;qDAAA;AAIhB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;qDAAA;6BAxCJ,kBAAkB;IAX9B,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EACJ,2BAA2B,EAC3B,CAAC,kBAAsC,EAAE,EAAE,CAAC;QAC1C,kBAAkB,CAAC,MAAM;QACzB,kBAAkB,CAAC,IAAI;QACvB,kBAAkB,CAAC,YAAY;KAChC,EACD,EAAE,MAAM,EAAE,IAAI,EAAE,CACjB;IACA,IAAA,yBAAU,EAAC,EAAE,WAAW,EAAE,+BAA+B,EAAE,CAAC;GAChD,kBAAkB,CAyC9B","sourcesContent":["import {\n CreateDateColumn,\n UpdateDateColumn,\n DeleteDateColumn,\n Entity,\n Index,\n Column,\n RelationId,\n ManyToOne,\n PrimaryGeneratedColumn,\n VersionColumn\n} from 'typeorm'\nimport { ObjectType, Field, Int, ID, registerEnumType } from 'type-graphql'\n\nimport { Domain } from '@things-factory/shell'\nimport { User } from '../user/user.js'\nimport { AuthProvider } from '../auth-provider/auth-provider.js'\n\n@Entity()\n@Index(\n 'ix_users_auth_providers_0',\n (usersAuthProviders: UsersAuthProviders) => [\n usersAuthProviders.domain,\n usersAuthProviders.user,\n usersAuthProviders.authProvider\n ],\n { unique: true }\n)\n@ObjectType({ description: 'Entity for UsersAuthProviders' })\nexport class UsersAuthProviders {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @ManyToOne(type => Domain)\n @Field(type => Domain)\n domain?: Domain\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.domain)\n domainId?: string\n\n @ManyToOne(() => User, user => user.usersAuthProviders, {\n onDelete: 'CASCADE'\n })\n @Field(type => User, { nullable: true })\n user: User\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.user)\n userId?: string\n\n @ManyToOne(() => AuthProvider, authProvider => authProvider.usersAuthProviders, {\n onDelete: 'CASCADE'\n })\n @Field(type => AuthProvider, { nullable: true })\n authProvider: AuthProvider\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.authProvider)\n authProviderId?: string\n\n @Column()\n @Field({ nullable: true })\n ssoId: string\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt?: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt: Date\n}\n"]}

package/dist-server/service/verification-token/index.d.ts CHANGED Viewed

@@ -1,2 +1,2 @@
-import { VerificationToken, VerificationTokenType } from './verification-token';
+import { VerificationToken, VerificationTokenType } from './verification-token.js';
 export declare const entities: (typeof VerificationToken | typeof VerificationTokenType)[];

package/dist-server/service/verification-token/index.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.entities = void 0;
-const verification_token_1 = require("./verification-token");
-exports.entities = [verification_token_1.VerificationToken, verification_token_1.VerificationTokenType];
+const verification_token_js_1 = require("./verification-token.js");
+exports.entities = [verification_token_js_1.VerificationToken, verification_token_js_1.VerificationTokenType];
 //# sourceMappingURL=index.js.map

package/dist-server/service/verification-token/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../server/service/verification-token/index.ts"],"names":[],"mappings":";;;AAAA,~~6DAA+E~~;~~AAElE~~,QAAA,QAAQ,GAAG,CAAC,~~sCAAiB~~,EAAE,~~0CAAqB~~,CAAC,CAAA","sourcesContent":["import { VerificationToken, VerificationTokenType } from './verification-token'\n\nexport const entities = [VerificationToken, VerificationTokenType]\n"]}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../server/service/verification-token/index.ts"],"names":[],"mappings":";;;AAAA,mEAAkF;AAErE,QAAA,QAAQ,GAAG,CAAC,yCAAiB,EAAE,6CAAqB,CAAC,CAAA","sourcesContent":["import { VerificationToken, VerificationTokenType } from './verification-token.js'\n\nexport const entities = [VerificationToken, VerificationTokenType]\n"]}

package/dist-server/service/web-auth-credential/index.d.ts CHANGED Viewed

@@ -1,2 +1,2 @@
-import { WebAuthCredential } from './web-auth-credential';
+import { WebAuthCredential } from './web-auth-credential.js';
 export declare const entities: (typeof WebAuthCredential)[];

package/dist-server/service/web-auth-credential/index.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.entities = void 0;
-const web_auth_credential_1 = require("./web-auth-credential");
-exports.entities = [web_auth_credential_1.WebAuthCredential];
+const web_auth_credential_js_1 = require("./web-auth-credential.js");
+exports.entities = [web_auth_credential_js_1.WebAuthCredential];
 //# sourceMappingURL=index.js.map

package/dist-server/service/web-auth-credential/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../server/service/web-auth-credential/index.ts"],"names":[],"mappings":";;;AAAA~~,+DAAyD~~;~~AAE5C~~,QAAA,QAAQ,GAAG,CAAC,~~uCAAiB~~,CAAC,CAAA","sourcesContent":["import { WebAuthCredential } from './web-auth-credential'\n\nexport const entities = [WebAuthCredential]\n"]}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../server/service/web-auth-credential/index.ts"],"names":[],"mappings":";;;AAAA,qEAA4D;AAE/C,QAAA,QAAQ,GAAG,CAAC,0CAAiB,CAAC,CAAA","sourcesContent":["import { WebAuthCredential } from './web-auth-credential.js'\n\nexport const entities = [WebAuthCredential]\n"]}

package/dist-server/service/web-auth-credential/web-auth-credential.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { User } from '../user/user';
+import { User } from '../user/user.js';
 export declare class WebAuthCredential {
     readonly id: string;
     user?: User;

package/dist-server/service/web-auth-credential/web-auth-credential.js CHANGED Viewed

@@ -4,7 +4,7 @@ exports.WebAuthCredential = void 0;
 const tslib_1 = require("tslib");
 const type_graphql_1 = require("type-graphql");
 const typeorm_1 = require("typeorm");
-const user_1 = require("../user/user");
+const user_js_1 = require("../user/user.js");
 let WebAuthCredential = class WebAuthCredential {
 };
 exports.WebAuthCredential = WebAuthCredential;
@@ -14,9 +14,9 @@ tslib_1.__decorate([
     tslib_1.__metadata("design:type", String)
 ], WebAuthCredential.prototype, "id", void 0);
 tslib_1.__decorate([
-    (0, typeorm_1.ManyToOne)(type => user_1.User, { nullable: true }),
-    (0, type_graphql_1.Field)(type => user_1.User, { nullable: true }),
-    tslib_1.__metadata("design:type", user_1.User)
+    (0, typeorm_1.ManyToOne)(type => user_js_1.User, { nullable: true }),
+    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true }),
+    tslib_1.__metadata("design:type", user_js_1.User)
 ], WebAuthCredential.prototype, "user", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.RelationId)((webAuthCredential) => webAuthCredential.user),
@@ -48,18 +48,18 @@ tslib_1.__decorate([
     tslib_1.__metadata("design:type", Date)
 ], WebAuthCredential.prototype, "updatedAt", void 0);
 tslib_1.__decorate([
-    (0, typeorm_1.ManyToOne)(type => user_1.User, { nullable: true }),
-    (0, type_graphql_1.Field)(type => user_1.User, { nullable: true }),
-    tslib_1.__metadata("design:type", user_1.User)
+    (0, typeorm_1.ManyToOne)(type => user_js_1.User, { nullable: true }),
+    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true }),
+    tslib_1.__metadata("design:type", user_js_1.User)
 ], WebAuthCredential.prototype, "creator", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.RelationId)((webAuthCredential) => webAuthCredential.creator),
     tslib_1.__metadata("design:type", String)
 ], WebAuthCredential.prototype, "creatorId", void 0);
 tslib_1.__decorate([
-    (0, typeorm_1.ManyToOne)(type => user_1.User, { nullable: true }),
-    (0, type_graphql_1.Field)(type => user_1.User, { nullable: true }),
-    tslib_1.__metadata("design:type", user_1.User)
+    (0, typeorm_1.ManyToOne)(type => user_js_1.User, { nullable: true }),
+    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true }),
+    tslib_1.__metadata("design:type", user_js_1.User)
 ], WebAuthCredential.prototype, "updater", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.RelationId)((webAuthCredential) => webAuthCredential.updater),

package/dist-server/service/web-auth-credential/web-auth-credential.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"web-auth-credential.js","sourceRoot":"","sources":["../../../server/service/web-auth-credential/web-auth-credential.ts"],"names":[],"mappings":";;;;AAAA,+CAAwC;AACxC,qCASgB;AAEhB,~~uCAAmC~~;~~AAS5B~~,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;CA6C7B,CAAA;AA7CY,8CAAiB;AAGnB;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;6CACC;AAInB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,~~WAAI~~,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,~~WAAI~~,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjC,~~WAAI~~;+CAAA;AAGX;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC;;iDAC9D;AAIf;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;uDACN;AAIpB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;oDACT;AAIjB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kDACX;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACd,IAAI;oDAAA;AAIhB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACd,IAAI;oDAAA;AAIhB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,~~WAAI~~,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,~~WAAI~~,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCAC9B,~~WAAI~~;kDAAA;AAGd;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC;;oDAC9D;AAIlB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,~~WAAI~~,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,~~WAAI~~,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCAC9B,~~WAAI~~;kDAAA;AAGd;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC;;oDAC9D;4BA5CP,iBAAiB;IAN7B,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EACJ,0BAA0B,EAC1B,CAAC,iBAAoC,EAAE,EAAE,CAAC,CAAC,iBAAiB,CAAC,IAAI,EAAE,iBAAiB,CAAC,YAAY,CAAC,EAClG,EAAE,MAAM,EAAE,IAAI,EAAE,CACjB;GACY,iBAAiB,CA6C7B","sourcesContent":["import { Field, ID } from 'type-graphql'\nimport {\n CreateDateColumn,\n UpdateDateColumn,\n Entity,\n Index,\n Column,\n RelationId,\n ManyToOne,\n PrimaryGeneratedColumn\n} from 'typeorm'\n\nimport { User } from '../user/user'\~~nimport { AuthenticatorTransportFuture } from '@simplewebauthn/server/script/deps'\~~n\n@Entity()\n@Index(\n 'ix_web_auth_credential_0',\n (webAuthCredential: WebAuthCredential) => [webAuthCredential.user, webAuthCredential.credentialId],\n { unique: true }\n)\nexport class WebAuthCredential {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n user?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.user)\n userId?: string\n\n @Column()\n @Field({ nullable: true })\n credentialId: string\n\n @Column()\n @Field({ nullable: true })\n publicKey: string\n\n @Column()\n @Field({ nullable: true })\n counter: number\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt?: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt?: Date\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n creator?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.creator)\n creatorId?: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n updater?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.updater)\n updaterId?: string\n}\n"]}
1	+ {"version":3,"file":"web-auth-credential.js","sourceRoot":"","sources":["../../../server/service/web-auth-credential/web-auth-credential.ts"],"names":[],"mappings":";;;;AAAA,+CAAwC;AACxC,qCASgB;AAEhB,6CAAsC;AAQ/B,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;CA6C7B,CAAA;AA7CY,8CAAiB;AAGnB;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;6CACC;AAInB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjC,cAAI;+CAAA;AAGX;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC;;iDAC9D;AAIf;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;uDACN;AAIpB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;oDACT;AAIjB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kDACX;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACd,IAAI;oDAAA;AAIhB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACd,IAAI;oDAAA;AAIhB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCAC9B,cAAI;kDAAA;AAGd;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC;;oDAC9D;AAIlB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCAC9B,cAAI;kDAAA;AAGd;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC;;oDAC9D;4BA5CP,iBAAiB;IAN7B,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EACJ,0BAA0B,EAC1B,CAAC,iBAAoC,EAAE,EAAE,CAAC,CAAC,iBAAiB,CAAC,IAAI,EAAE,iBAAiB,CAAC,YAAY,CAAC,EAClG,EAAE,MAAM,EAAE,IAAI,EAAE,CACjB;GACY,iBAAiB,CA6C7B","sourcesContent":["import { Field, ID } from 'type-graphql'\nimport {\n CreateDateColumn,\n UpdateDateColumn,\n Entity,\n Index,\n Column,\n RelationId,\n ManyToOne,\n PrimaryGeneratedColumn\n} from 'typeorm'\n\nimport { User } from '../user/user.js'\n\n@Entity()\n@Index(\n 'ix_web_auth_credential_0',\n (webAuthCredential: WebAuthCredential) => [webAuthCredential.user, webAuthCredential.credentialId],\n { unique: true }\n)\nexport class WebAuthCredential {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n user?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.user)\n userId?: string\n\n @Column()\n @Field({ nullable: true })\n credentialId: string\n\n @Column()\n @Field({ nullable: true })\n publicKey: string\n\n @Column()\n @Field({ nullable: true })\n counter: number\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt?: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt?: Date\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n creator?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.creator)\n creatorId?: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n updater?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.updater)\n updaterId?: string\n}\n"]}

package/dist-server/templates/account-unlock-email.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
-export declare function getUnlockUserEmailForm({ name, resetUrl }: {
+export declare function getUnlockUserEmailForm({ username, name, resetUrl }: {
+    username: any;
     name: any;
     resetUrl: any;
 }): string;

package/dist-server/templates/account-unlock-email.js CHANGED Viewed

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getUnlockUserEmailForm = getUnlockUserEmailForm;
-function getUnlockUserEmailForm({ name, resetUrl }) {
+function getUnlockUserEmailForm({ username, name, resetUrl }) {
     return `
   <html lang="en">
     <head>