npm - @things-factory/auth-base - Versions diffs - 8.0.5 → 9.0.0-beta.12 - Mend

@things-factory/auth-base 8.0.5 → 9.0.0-beta.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (493) hide show

package/server/router/auth-public-process-router.ts DELETED Viewed

@@ -1,302 +0,0 @@
-import Router from 'koa-router'
-import { config } from '@things-factory/env'
-import { getRepository, getSiteRootPath } from '@things-factory/shell'
-import { resendInvitationEmail } from '../controllers/invitation'
-import { resetPassword, sendPasswordResetEmail } from '../controllers/reset-password'
-import { unlockUser } from '../controllers/unlock-user'
-import { resendVerificationEmail, verify } from '../controllers/verification'
-import { User } from '../service/user/user'
-import { accepts } from '../utils/accepts'
-import { clearAccessTokenCookie } from '../utils/access-token-cookie'
-const disableUserSignupProcess = config.get('disableUserSignupProcess', false)
-const disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)
-const languages = config.get('i18n/languages', false)
-const passwordRule = config.get('password') || {
-  lowerCase: true,
-  upperCase: true,
-  digit: true,
-  specialCharacter: true,
-  allowRepeat: false,
-  useTightPattern: true,
-  useLoosePattern: false,
-  tightCharacterLength: 8,
-  looseCharacterLength: 15
-}
-export const authPublicProcessRouter = new Router({
-  prefix: '/auth'
-})
-authPublicProcessRouter.post('/join', async (context, next) => {
-  const { email } = context.request.body || {}
-  const user: User = await getRepository(User).findOneBy({
-    email
-  })
-  if (user) {
-    context.redirect(`/auth/signin?email=${email}`)
-  } else {
-    context.redirect(`/auth/signup?email=${email}`)
-  }
-})
-authPublicProcessRouter.all('/signout', async (context, next) => {
-  const { header, t } = context
-  clearAccessTokenCookie(context)
-  context.body = t('text.signout successfully')
-  if (accepts(header.accept, ['text/html', '*/*'])) {
-    context.redirect(getSiteRootPath(context))
-  }
-})
-authPublicProcessRouter.get('/forgot-password', async (context, next) => {
-  const { email } = context.request.query
-  await context.render('auth-page', {
-    pageElement: 'forgot-password',
-    elementScript: '/auth/forgot-password.js',
-    data: {
-      email,
-      disableUserSignupProcess,
-      disableUserFavoredLanguage,
-      languages
-    }
-  })
-})
-authPublicProcessRouter.get('/reset-password', async (context, next) => {
-  const { token } = context.request.query
-  await context.render('auth-page', {
-    pageElement: 'reset-password',
-    elementScript: '/auth/reset-password.js',
-    data: {
-      token,
-      passwordRule,
-      disableUserSignupProcess,
-      disableUserFavoredLanguage,
-      languages
-    }
-  })
-})
-authPublicProcessRouter.get('/unlock-user', async (context, next) => {
-  const { token } = context.request.query
-  await context.render('auth-page', {
-    pageElement: 'unlock-user',
-    elementScript: '/auth/unlock-user.js',
-    data: {
-      token,
-      disableUserSignupProcess,
-      disableUserFavoredLanguage,
-      languages
-    }
-  })
-})
-authPublicProcessRouter.get('/activate/:email', async (context, next) => {
-  const { email } = context.params
-  await context.render('auth-page', {
-    pageElement: 'auth-activate',
-    elementScript: '/auth/activate.js',
-    data: {
-      email,
-      disableUserSignupProcess,
-      disableUserFavoredLanguage,
-      languages
-    }
-  })
-})
-authPublicProcessRouter.get('/verify/:token', async (context, next) => {
-  const { header, t } = context
-  var token = context.params.token
-  await verify(token)
-  var message = t('text.user activated successfully')
-  context.body = message
-  if (accepts(header.accept, ['text/html', '*/*'])) {
-    await context.render('auth-page', {
-      pageElement: 'auth-result',
-      elementScript: '/auth/result.js',
-      data: {
-        message,
-        disableUserSignupProcess,
-        disableUserFavoredLanguage,
-        languages
-      }
-    })
-  }
-})
-authPublicProcessRouter.post('/resend-verification-email', async (context, next) => {
-  const { t } = context
-  const { email } = context.request.body
-  var succeed = await resendVerificationEmail(email, context)
-  var message = t('text.verification email sent')
-  if (succeed) {
-    context.status = 200
-    context.body = message
-  }
-})
-authPublicProcessRouter.post('/resend-invitation-email', async (context, next) => {
-  const { t } = context
-  const { email, reference, type } = context.request.body
-  var succeed = await resendInvitationEmail(
-    {
-      email,
-      reference,
-      type
-    },
-    context
-  )
-  var message = t('text.invitation email sent')
-  if (succeed) {
-    context.status = 200
-    context.body = message
-  }
-})
-authPublicProcessRouter.post('/forgot-password', async (context, next) => {
-  const { t } = context
-  const { email } = context.request.body
-  if (!email) return next()
-  const userRepo = getRepository(User)
-  const user = await userRepo.findOne({
-    where: {
-      email
-    }
-  })
-  const succeed = await sendPasswordResetEmail({
-    user,
-    context
-  })
-  if (succeed) {
-    context.status = 200
-    context.body = t('text.password reset email sent')
-  }
-})
-authPublicProcessRouter.post('/reset-password', async (context, next) => {
-  const { header, t } = context
-  try {
-    const { password, token } = context.request.body
-    if (!(token && password)) {
-      let message = t('error.token or password is invalid')
-      context.status = 404
-      context.body = {
-        message
-      }
-      if (accepts(header.accept, ['text/html', '*/*'])) {
-        await context.render('auth-page', {
-          pageElement: 'reset-password',
-          elementScript: '/auth/reset-password.js',
-          data: {
-            token,
-            message,
-            passwordRule,
-            disableUserSignupProcess,
-            disableUserFavoredLanguage,
-            languages
-          }
-        })
-      }
-      return
-    }
-    await resetPassword(token, password, context)
-    var message = t('text.password reset succeed')
-    context.body = message
-    clearAccessTokenCookie(context)
-    if (accepts(header.accept, ['text/html', '*/*'])) {
-      await context.render('auth-page', {
-        pageElement: 'auth-result',
-        elementScript: '/auth/result.js',
-        data: {
-          message,
-          disableUserSignupProcess,
-          disableUserFavoredLanguage,
-          languages
-        }
-      })
-    }
-  } catch (e) {
-    context.status = 404
-    context.body = e.message
-    if (accepts(header.accept, ['text/html', '*/*'])) {
-      await context.render('auth-page', {
-        pageElement: 'auth-result',
-        elementScript: '/auth/result.js',
-        data: {
-          message: e.message,
-          disableUserSignupProcess,
-          disableUserFavoredLanguage,
-          languages
-        }
-      })
-    }
-  }
-})
-authPublicProcessRouter.post('/unlock-user', async (context, next) => {
-  const { header, t } = context
-  const { password, token } = context.request.body
-  if (!(token || password)) {
-    context.status = 404
-    context.body = t('error.token or password is invalid')
-    return
-  }
-  var succeed = await unlockUser(token, password)
-  if (succeed) {
-    context.body = t('text.password reset succeed')
-    clearAccessTokenCookie(context)
-  }
-  if (accepts(header.accept, ['text/html', '*/*'])) {
-    await context.render('auth-page', {
-      pageElement: 'auth-result',
-      elementScript: '/auth/result.js',
-      data: {
-        message: t('text.account is reactivated'),
-        disableUserSignupProcess,
-        disableUserFavoredLanguage,
-        languages
-      }
-    })
-  }
-})

package/server/router/auth-signin-router.ts DELETED Viewed

@@ -1,65 +0,0 @@
-import Router from 'koa-router'
-import { config } from '@things-factory/env'
-import { signinMiddleware } from '../middlewares'
-import { accepts } from '../utils/accepts'
-import { setAccessTokenCookie } from '../utils/access-token-cookie'
-const disableUserSignupProcess = config.get('disableUserSignupProcess', false)
-const disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)
-const languages = config.get('i18n/languages', false)
-const SSOConfig = config.get('sso', {} as any)
-const SSOLinks = Object.values(SSOConfig)
-  .filter(({ link, title }) => link && title)
-  .map(({ link, title }) => {
-    return { link, title }
-  })
-export const authSigninRouter = new Router()
-authSigninRouter.get(
-  '/auth/signin',
-  async (ctx, next) => {
-    /* For forward compatibility, cover the case of logging in with username instead of email */
-    if (!ctx.request.body.email && ctx.request.body.username) {
-      ctx.request.body.email = ctx.request.body.username
-    }
-    await next()
-  },
-  async (context, next) => {
-    const { redirect_to, email } = context.query
-    await context.render('auth-page', {
-      pageElement: 'auth-signin',
-      elementScript: '/auth/signin.js',
-      data: {
-        email,
-        redirectTo: redirect_to,
-        ssoLinks: SSOLinks,
-        disableUserSignupProcess,
-        disableUserFavoredLanguage,
-        languages
-      }
-    })
-  }
-)
-authSigninRouter.post('/auth/signin', signinMiddleware, async (context, next) => {
-  const { request, t } = context
-  const { token, user, domain } = context.state
-  const { body: reqBody, header } = request
-  if (!accepts(header.accept, ['text/html', '*/*'])) {
-    context.body = token
-    return
-  }
-  var redirectTo = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(
-    reqBody.redirectTo || '/'
-  )}`
-  setAccessTokenCookie(context, token)
-  context.redirect(redirectTo)
-})

package/server/router/auth-signup-router.ts DELETED Viewed

@@ -1,95 +0,0 @@
-import Router from 'koa-router'
-import { config } from '@things-factory/env'
-import { signup } from '../controllers/signup'
-import { accepts } from '../utils/accepts'
-import { setAccessTokenCookie } from '../utils/access-token-cookie'
-const disableUserSignupProcess = config.get('disableUserSignupProcess', false)
-const disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)
-const languages = config.get('i18n/languages', false)
-const passwordRule = config.get('password') || {
-  lowerCase: true,
-  upperCase: true,
-  digit: true,
-  specialCharacter: true,
-  allowRepeat: false,
-  useTightPattern: true,
-  useLoosePattern: false,
-  tightCharacterLength: 8,
-  looseCharacterLength: 15
-}
-export const authSignupRouter = new Router()
-if (!disableUserSignupProcess) {
-  authSignupRouter.get('/auth/signup', async (context, next) => {
-    const { email } = context.query
-    await context.render('auth-page', {
-      pageElement: 'auth-signup',
-      elementScript: '/auth/signup.js',
-      data: {
-        email,
-        passwordRule,
-        disableUserSignupProcess,
-        disableUserFavoredLanguage,
-        languages
-      }
-    })
-  })
-  authSignupRouter.post('/auth/signup', async (context, next) => {
-    const { header, t } = context
-    const { domain } = context.state
-    const user = context.request.body
-    // try {
-    const { token } = await signup(
-      {
-        ...user,
-        context,
-        domain
-      },
-      true
-    )
-    const message = t('text.user registered successfully')
-    context.body = {
-      message,
-      token
-    }
-    setAccessTokenCookie(context, token)
-    if (accepts(header.accept, ['text/html', '*/*'])) {
-      await context.render('auth-page', {
-        pageElement: 'auth-result',
-        elementScript: '/auth/result.js',
-        data: {
-          message,
-          disableUserSignupProcess,
-          disableUserFavoredLanguage,
-          languages
-        }
-      })
-    }
-    // } catch (e) {
-    //   context.status = 401
-    //   context.body = e.message
-    //   if (accepts(header.accept, ['text/html', '*/*'])) {
-    //     await context.render('auth-page', {
-    //       pageElement: 'auth-signup',
-    //       elementScript: '/auth/signup.js',
-    //       data: {
-    //         message: e instanceof AuthError ? t(`error.${e.message}`) : e.message,
-    //         passwordRule
-    //       }
-    //     })
-    //   }
-    // }
-  })
-}

package/server/router/index.ts DELETED Viewed

@@ -1,9 +0,0 @@
-export * from './auth-private-process-router'
-export * from './auth-public-process-router'
-export * from './path-base-domain-router'
-export * from './site-root-router'
-export * from './oauth2'
-export * from './auth-checkin-router'
-export * from './auth-signin-router'
-export * from './auth-signup-router'
-export * from './webauthn-router'

package/server/router/oauth2/index.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export * from './oauth2-authorize-router'
2	- export * from './oauth2-router'

package/server/router/oauth2/oauth2-authorize-router.ts DELETED Viewed

@@ -1,81 +0,0 @@
-import Router from 'koa-router'
-import { getRepository } from '@things-factory/shell'
-import { config } from '@things-factory/env'
-import { Application } from '../../service/application/application'
-import { NonClient, server as oauth2orizeServer } from './oauth2-server'
-export const oauth2AuthorizeRouter = new Router()
-const disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)
-const languages = config.get('i18n/languages', false)
-// user authorization endpoint
-//
-// `authorization` middleware accepts a `validate` callback which is
-// responsible for validating the client making the authorization request.  In
-// doing so, is recommended that the `redirectURI` be checked against a
-// registered value, although security requirements may vary accross
-// implementations.  Once validated, the `done` callback must be invoked with
-// a `client` instance, as well as the `redirectURI` to which the user will be
-// redirected after an authorization decision is obtained.
-//
-// This middleware simply initializes a new authorization transaction.  It is
-// the application's responsibility to authenticate the user and render a dialog
-// to obtain their approval (displaying details about the client requesting
-// authorization).  We accomplish that here by routing through `ensureLoggedIn()`
-// first, and rendering the `dialog` view.
-oauth2AuthorizeRouter.get(
-  '/authorize',
-  oauth2orizeServer.authorize(async function (clientID, redirectURI) {
-    const client = await getRepository(Application).findOneBy({
-      appKey: clientID
-    })
-    // CONFIRM-ME redirectUrl 의 허용 범위는 ?
-    // if (!client.redirectUrl != redirectURI) {
-    //   return false
-    // }
-    return [client || NonClient, redirectURI]
-  }),
-  async function (context, next) {
-    const { oauth2, user, domain } = context.state
-    let pageElement: string = 'oauth2-decision'
-    let elementScript: string = '/oauth2/oauth2-decision-page.js'
-    if (oauth2.client.id === NonClient.id) {
-      pageElement = 'oauth2-decision-error'
-      elementScript = '/oauth2/oauth2-decision-error-page.js'
-    }
-    try {
-      await context.render('oauth2-page', {
-        pageElement,
-        elementScript,
-        data: {
-          domain,
-          oauth2: {
-            ...oauth2,
-            user: {
-              id: oauth2.user.id,
-              name: oauth2.user.name,
-              email: oauth2.user.email
-            }
-          },
-          disableUserFavoredLanguage,
-          languages
-        }
-      })
-      // await context.render(decisionPage, {
-      //   domain: domain,
-      //   ...oauth2, // client, redirectURI, req { type, clientID, redirectURI, scope, state}, user, transactionID, info, locals
-      //   availableScopes
-      // })
-    } catch (e) {
-      throw e
-    }
-  }
-)