npm - @things-factory/auth-base - Versions diffs - 9.0.0-beta.5 → 9.0.0-beta.8 - Mend

@things-factory/auth-base 9.0.0-beta.5 → 9.0.0-beta.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (329) hide show

package/dist-server/middlewares/verify-recaptcha-middleware.js ADDED Viewed

@@ -0,0 +1,95 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyRecaptcaMiddleware = verifyRecaptcaMiddleware;
+const recaptcha_enterprise_1 = require("@google-cloud/recaptcha-enterprise");
+const env_1 = require("@things-factory/env");
+const recaptchaConfig = env_1.config.get('recaptcha') || {};
+const { serviceAccount, siteKey } = recaptchaConfig || {};
+var client, projectPath;
+if (serviceAccount) {
+    try {
+        env_1.logger.info('creating reCAPTCHA service client...');
+        client = new recaptcha_enterprise_1.RecaptchaEnterpriseServiceClient({
+            projectId: serviceAccount.project_id,
+            credentials: serviceAccount
+        });
+        projectPath = client.projectPath(serviceAccount.project_id);
+        env_1.logger.info('reCAPTCHA service client created');
+    }
+    catch (err) {
+        env_1.logger.error('incorrect reCAPTCHA configuration');
+        env_1.logger.error(err);
+    }
+}
+/**
+ * Creates an assessment to analyze the risk of a UI action.
+ *
+ * projectID: The Google Cloud project ID.
+ * token: The generated token obtained from the client.
+ * recaptchaAction: The action name corresponding to the token.
+ */
+async function createReCaptchaAssessment({ token, recaptchaAction }) {
+    // Create the assessment request.
+    const request = {
+        assessment: {
+            event: {
+                token: token,
+                siteKey
+            }
+        },
+        parent: projectPath
+    };
+    const [response] = await client.createAssessment(request);
+    // Verify if the token is valid.
+    if (!response.tokenProperties.valid) {
+        console.log(`The CreateAssessment call failed because the token was: ${response.tokenProperties.invalidReason}`);
+        return null;
+    }
+    if (response.tokenProperties.action === recaptchaAction) {
+        // Get the risk score and reasons.
+        // For more details on interpreting the assessment, see:
+        // https://cloud.google.com/recaptcha-enterprise/docs/interpret-assessment
+        console.log(`The reCAPTCHA score is: ${response.riskAnalysis.score}`);
+        response.riskAnalysis.reasons.forEach(reason => {
+            console.log(reason);
+        });
+        return response.riskAnalysis.score;
+    }
+    else {
+        console.log('The action attribute in your reCAPTCHA tag does not match the action you are expecting to score');
+        return null;
+    }
+}
+function verifyRecaptcaMiddleware({ action }) {
+    return async (context, next) => {
+        if (!client) {
+            if (siteKey) {
+                console.error(`The RecaptchaEnterpriseServiceClient creation failed. Please check the service account configuration.`);
+            }
+            await next();
+            return;
+        }
+        const { 'recaptcha-response': recaptchaToken } = context.request.body;
+        // Handle error if token does not exist
+        if (!recaptchaToken) {
+            context.status = 400;
+            context.body = { message: 'reCAPTCHA token is required' };
+            return;
+        }
+        // Google reCAPTCHA assessment request
+        const score = await createReCaptchaAssessment({
+            token: recaptchaToken,
+            recaptchaAction: action
+        });
+        if (score === null || score < 0.5) {
+            // Treat as spam if the score is low
+            context.status = 400;
+            context.body = { message: 'Spam behavior detected. Please try again.' };
+            return;
+        }
+        // Continue processing the request if the score is valid
+        console.log(`reCAPTCHA score: ${score}`);
+        await next();
+    };
+}
+//# sourceMappingURL=verify-recaptcha-middleware.js.map

package/dist-server/middlewares/verify-recaptcha-middleware.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"verify-recaptcha-middleware.js","sourceRoot":"","sources":["../../server/middlewares/verify-recaptcha-middleware.ts"],"names":[],"mappings":";;AAqEA,4DAwCC;AA7GD,6EAAqF;AACrF,6CAAoD;AAEpD,MAAM,eAAe,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,CAAA;AACrD,MAAM,EAAE,cAAc,EAAE,OAAO,EAAE,GAAG,eAAe,IAAI,EAAE,CAAA;AAEzD,IAAI,MAAM,EAAE,WAAW,CAAA;AAEvB,IAAI,cAAc,EAAE,CAAC;IACnB,IAAI,CAAC;QACH,YAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAA;QAEnD,MAAM,GAAG,IAAI,uDAAgC,CAAC;YAC5C,SAAS,EAAE,cAAc,CAAC,UAAU;YACpC,WAAW,EAAE,cAAc;SAC5B,CAAC,CAAA;QAEF,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,cAAc,CAAC,UAAU,CAAC,CAAA;QAE3D,YAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAA;IACjD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,YAAM,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAA;QACjD,YAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACnB,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,yBAAyB,CAAC,EAAE,KAAK,EAAE,eAAe,EAA8C;IAC7G,iCAAiC;IACjC,MAAM,OAAO,GAAG;QACd,UAAU,EAAE;YACV,KAAK,EAAE;gBACL,KAAK,EAAE,KAAK;gBACZ,OAAO;aACR;SACF;QACD,MAAM,EAAE,WAAW;KACpB,CAAA;IAED,MAAM,CAAC,QAAQ,CAAC,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAA;IAEzD,gCAAgC;IAChC,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,2DAA2D,QAAQ,CAAC,eAAe,CAAC,aAAa,EAAE,CAAC,CAAA;QAChH,OAAO,IAAI,CAAA;IACb,CAAC;IAED,IAAI,QAAQ,CAAC,eAAe,CAAC,MAAM,KAAK,eAAe,EAAE,CAAC;QACxD,kCAAkC;QAClC,wDAAwD;QACxD,0EAA0E;QAC1E,OAAO,CAAC,GAAG,CAAC,2BAA2B,QAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC,CAAA;QACrE,QAAQ,CAAC,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;YAC7C,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACrB,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAC,YAAY,CAAC,KAAK,CAAA;IACpC,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,iGAAiG,CAAC,CAAA;QAC9G,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED,SAAgB,wBAAwB,CAAC,EAAE,MAAM,EAAsB;IACrE,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QAC7B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,KAAK,CACX,uGAAuG,CACxG,CAAA;YACH,CAAC;YAED,MAAM,IAAI,EAAE,CAAA;YACZ,OAAM;QACR,CAAC;QAED,MAAM,EAAE,oBAAoB,EAAE,cAAc,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;QAErE,uCAAuC;QACvC,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;YACpB,OAAO,CAAC,IAAI,GAAG,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAA;YACzD,OAAM;QACR,CAAC;QAED,sCAAsC;QACtC,MAAM,KAAK,GAAG,MAAM,yBAAyB,CAAC;YAC5C,KAAK,EAAE,cAAc;YACrB,eAAe,EAAE,MAAM;SACxB,CAAC,CAAA;QAEF,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,GAAG,GAAG,EAAE,CAAC;YAClC,oCAAoC;YACpC,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;YACpB,OAAO,CAAC,IAAI,GAAG,EAAE,OAAO,EAAE,2CAA2C,EAAE,CAAA;YACvE,OAAM;QACR,CAAC;QAED,wDAAwD;QACxD,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,EAAE,CAAC,CAAA;QAExC,MAAM,IAAI,EAAE,CAAA;IACd,CAAC,CAAA;AACH,CAAC","sourcesContent":["import { RecaptchaEnterpriseServiceClient } from '@google-cloud/recaptcha-enterprise'\nimport { config, logger } from '@things-factory/env'\n\nconst recaptchaConfig = config.get('recaptcha') || {}\nconst { serviceAccount, siteKey } = recaptchaConfig || {}\n\nvar client, projectPath\n\nif (serviceAccount) {\n try {\n logger.info('creating reCAPTCHA service client...')\n\n client = new RecaptchaEnterpriseServiceClient({\n projectId: serviceAccount.project_id,\n credentials: serviceAccount\n })\n\n projectPath = client.projectPath(serviceAccount.project_id)\n\n logger.info('reCAPTCHA service client created')\n } catch (err) {\n logger.error('incorrect reCAPTCHA configuration')\n logger.error(err)\n }\n}\n\n/**\n * Creates an assessment to analyze the risk of a UI action.\n *\n * projectID: The Google Cloud project ID.\n * token: The generated token obtained from the client.\n * recaptchaAction: The action name corresponding to the token.\n */\nasync function createReCaptchaAssessment({ token, recaptchaAction }: { token: string; recaptchaAction: string }) {\n // Create the assessment request.\n const request = {\n assessment: {\n event: {\n token: token,\n siteKey\n }\n },\n parent: projectPath\n }\n\n const [response] = await client.createAssessment(request)\n\n // Verify if the token is valid.\n if (!response.tokenProperties.valid) {\n console.log(`The CreateAssessment call failed because the token was: ${response.tokenProperties.invalidReason}`)\n return null\n }\n\n if (response.tokenProperties.action === recaptchaAction) {\n // Get the risk score and reasons.\n // For more details on interpreting the assessment, see:\n // https://cloud.google.com/recaptcha-enterprise/docs/interpret-assessment\n console.log(`The reCAPTCHA score is: ${response.riskAnalysis.score}`)\n response.riskAnalysis.reasons.forEach(reason => {\n console.log(reason)\n })\n\n return response.riskAnalysis.score\n } else {\n console.log('The action attribute in your reCAPTCHA tag does not match the action you are expecting to score')\n return null\n }\n}\n\nexport function verifyRecaptcaMiddleware({ action }: { action: string }) {\n return async (context, next) => {\n if (!client) {\n if (siteKey) {\n console.error(\n `The RecaptchaEnterpriseServiceClient creation failed. Please check the service account configuration.`\n )\n }\n\n await next()\n return\n }\n\n const { 'recaptcha-response': recaptchaToken } = context.request.body\n\n // Handle error if token does not exist\n if (!recaptchaToken) {\n context.status = 400\n context.body = { message: 'reCAPTCHA token is required' }\n return\n }\n\n // Google reCAPTCHA assessment request\n const score = await createReCaptchaAssessment({\n token: recaptchaToken,\n recaptchaAction: action\n })\n\n if (score === null || score < 0.5) {\n // Treat as spam if the score is low\n context.status = 400\n context.body = { message: 'Spam behavior detected. Please try again.' }\n return\n }\n\n // Continue processing the request if the score is valid\n console.log(`reCAPTCHA score: ${score}`)\n\n await next()\n }\n}\n"]}

package/dist-server/middlewares/webauthn-middleware.js CHANGED Viewed

@@ -5,8 +5,8 @@ const tslib_1 = require("tslib");
 const koa_passport_1 = tslib_1.__importDefault(require("koa-passport"));
 const passport_custom_1 = require("passport-custom");
 const shell_1 = require("@things-factory/shell");
-const auth_error_1 = require("../errors/auth-error");
-const web_auth_credential_1 = require("../service/web-auth-credential/web-auth-credential");
+const auth_error_js_1 = require("../errors/auth-error.js");
+const web_auth_credential_js_1 = require("../service/web-auth-credential/web-auth-credential.js");
 const server_1 = require("@simplewebauthn/server");
 koa_passport_1.default.use('webauthn-register', new passport_custom_1.Strategy(async (context, done) => {
     const { body, session, user, hostname, origin } = context;
@@ -26,7 +26,7 @@ koa_passport_1.default.use('webauthn-register', new passport_custom_1.Strategy(a
             return done(null, false);
         }
         if (user) {
-            const webAuthRepository = (0, shell_1.getRepository)(web_auth_credential_1.WebAuthCredential);
+            const webAuthRepository = (0, shell_1.getRepository)(web_auth_credential_js_1.WebAuthCredential);
             await webAuthRepository.save({
                 user,
                 credentialId: registrationInfo.credential.id,
@@ -47,7 +47,7 @@ koa_passport_1.default.use('webauthn-login', new passport_custom_1.Strategy(asyn
         const { body, session, origin, hostname } = context;
         const challenge = session.challenge;
         const assertionResponse = body;
-        const credential = await (0, shell_1.getRepository)(web_auth_credential_1.WebAuthCredential).findOne({
+        const credential = await (0, shell_1.getRepository)(web_auth_credential_js_1.WebAuthCredential).findOne({
             where: {
                 credentialId: assertionResponse.id
             },
@@ -71,7 +71,7 @@ koa_passport_1.default.use('webauthn-login', new passport_custom_1.Strategy(asyn
         if (verification.verified) {
             const { authenticationInfo } = verification;
             credential.counter = authenticationInfo.newCounter;
-            await (0, shell_1.getRepository)(web_auth_credential_1.WebAuthCredential).save(credential);
+            await (0, shell_1.getRepository)(web_auth_credential_js_1.WebAuthCredential).save(credential);
             const user = credential.user;
             return done(null, user);
         }
@@ -87,8 +87,8 @@ function createWebAuthnMiddleware(strategy) {
     return async function webAuthnMiddleware(context, next) {
         return koa_passport_1.default.authenticate(strategy, { session: true, failureMessage: true, failWithError: true }, async (err, user) => {
             if (err || !user) {
-                throw new auth_error_1.AuthError({
-                    errorCode: auth_error_1.AuthError.ERROR_CODES.AUTHN_VERIFICATION_FAILED,
+                throw new auth_error_js_1.AuthError({
+                    errorCode: auth_error_js_1.AuthError.ERROR_CODES.AUTHN_VERIFICATION_FAILED,
                     detail: err
                 });
             }

package/dist-server/middlewares/webauthn-middleware.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"webauthn-middleware.js","sourceRoot":"","sources":["../../server/middlewares/webauthn-middleware.ts"],"names":[],"mappings":";;AA4GA,4DAqBC;;AAjID,wEAAmC;AACnC,qDAA4D;AAE5D,iDAAqD;AAErD,~~qDAAgD~~;~~AAEhD~~,~~4FAAsF~~;~~AACtF~~,mDAI+B;AAE/B,sBAAQ,CAAC,GAAG,CACV,mBAAmB,EACnB,IAAI,0BAAc,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAc,CAAA;IAEhE,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAEnC,MAAM,YAAY,GAAG,MAAM,IAAA,mCAA0B,EAAC;QACpD,QAAQ,EAAE,IAAI;QACd,iBAAiB,EAAE,SAAS;QAC5B,cAAc,EAAE,MAAM;QACtB,YAAY,EAAE,QAAQ;QACtB,YAAY,EAAE,iBAAiB;QAC/B,uBAAuB,EAAE,KAAK;KAC/B,CAAC,CAAA;IAEF,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,EAAE,gBAAgB,EAAE,GAAG,YAAY,CAAA;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QACvF,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC1B,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAC,~~uCAAiB~~,CAAC,CAAA;YAC1D,MAAM,iBAAiB,CAAC,IAAI,CAAC;gBAC3B,IAAI;gBACJ,YAAY,EAAE,gBAAgB,CAAC,UAAU,CAAC,EAAE;gBAC5C,SAAS;gBACT,OAAO,EAAE,gBAAgB,CAAC,UAAU,CAAC,OAAO;gBAC5C,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,IAAI;aACd,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;IAC1B,CAAC;AACH,CAAC,CAAC,CACH,CAAA;AAED,sBAAQ,CAAC,GAAG,CACV,gBAAgB,EAChB,IAAI,0BAAc,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzC,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAc,CAAA;QAE1D,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;QAEnC,MAAM,iBAAiB,GAAG,IAGzB,CAAA;QAED,MAAM,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,~~uCAAiB~~,CAAC,CAAC,OAAO,CAAC;YAChE,KAAK,EAAE;gBACL,YAAY,EAAE,iBAAiB,CAAC,EAAE;aACnC;YACD,SAAS,EAAE,CAAC,MAAM,CAAC;SACpB,CAAC,CAAA;QAEF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC1B,CAAC;QAED,MAAM,YAAY,GAAG,MAAM,IAAA,qCAA4B,EAAC;YACtD,QAAQ,EAAE,IAAI;YACd,iBAAiB,EAAE,SAAS;YAC5B,cAAc,EAAE,MAAM;YACtB,YAAY,EAAE,QAAQ;YACtB,uBAAuB,EAAE,KAAK;YAC9B,UAAU,EAAE;gBACV,EAAE,EAAE,UAAU,CAAC,YAAY;gBAC3B,SAAS,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;gBACtE,OAAO,EAAE,UAAU,CAAC,OAAO;aAC5B;SACF,CAAC,CAAA;QAEF,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;YAC1B,MAAM,EAAE,kBAAkB,EAAE,GAAG,YAAY,CAAA;YAC3C,UAAU,CAAC,OAAO,GAAG,kBAAkB,CAAC,UAAU,CAAA;YAClD,MAAM,IAAA,qBAAa,EAAC,~~uCAAiB~~,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;YAEvD,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAA;YAC5B,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IAC3B,CAAC;AACH,CAAC,CAAC,CACH,CAAA;AAED,SAAgB,wBAAwB,CAAC,QAAgD;IACvF,OAAO,KAAK,UAAU,kBAAkB,CAAC,OAAO,EAAE,IAAI;QACpD,OAAO,sBAAQ,CAAC,YAAY,CAC1B,QAAQ,EACR,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,EAC5D,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YAClB,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,~~sBAAS~~,CAAC;oBAClB,SAAS,EAAE,~~sBAAS~~,CAAC,WAAW,CAAC,yBAAyB;oBAC1D,MAAM,EAAE,GAAG;iBACZ,CAAC,CAAA;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;gBAEzB,OAAO,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAA;YACzC,CAAC;YAED,MAAM,IAAI,EAAE,CAAA;QACd,CAAC,CACF,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;IAClB,CAAC,CAAA;AACH,CAAC","sourcesContent":["import passport from 'koa-passport'\nimport { Strategy as CustomStrategy } from 'passport-custom'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { AuthError } from '../errors/auth-error'\n\nimport { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'\nimport {\n AuthenticatorAssertionResponse,\n verifyRegistrationResponse,\n verifyAuthenticationResponse\n} from '@simplewebauthn/server'\n\npassport.use(\n 'webauthn-register',\n new CustomStrategy(async (context, done) => {\n const { body, session, user, hostname, origin } = context as any\n\n const challenge = session.challenge\n\n const verification = await verifyRegistrationResponse({\n response: body,\n expectedChallenge: challenge,\n expectedOrigin: origin,\n expectedRPID: hostname,\n expectedType: 'webauthn.create',\n requireUserVerification: false\n })\n\n if (verification.verified) {\n const { registrationInfo } = verification\n const publicKey = Buffer.from(registrationInfo.credential.publicKey).toString('base64')\n if (!registrationInfo) {\n return done(null, false)\n }\n if (user) {\n const webAuthRepository = getRepository(WebAuthCredential)\n await webAuthRepository.save({\n user,\n credentialId: registrationInfo.credential.id,\n publicKey,\n counter: registrationInfo.credential.counter,\n creator: user,\n updater: user\n })\n }\n\n return done(null, user)\n } else {\n return done(null, false)\n }\n })\n)\n\npassport.use(\n 'webauthn-login',\n new CustomStrategy(async (context, done) => {\n try {\n const { body, session, origin, hostname } = context as any\n\n const challenge = session.challenge\n\n const assertionResponse = body as {\n id: string\n response: AuthenticatorAssertionResponse\n }\n\n const credential = await getRepository(WebAuthCredential).findOne({\n where: {\n credentialId: assertionResponse.id\n },\n relations: ['user']\n })\n\n if (!credential) {\n return done(null, false)\n }\n\n const verification = await verifyAuthenticationResponse({\n response: body,\n expectedChallenge: challenge,\n expectedOrigin: origin,\n expectedRPID: hostname,\n requireUserVerification: false,\n credential: {\n id: credential.credentialId,\n publicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),\n counter: credential.counter\n }\n })\n\n if (verification.verified) {\n const { authenticationInfo } = verification\n credential.counter = authenticationInfo.newCounter\n await getRepository(WebAuthCredential).save(credential)\n\n const user = credential.user\n return done(null, user)\n } else {\n return done(verification, false)\n }\n } catch (error) {\n return done(error, false)\n }\n })\n)\n\nexport function createWebAuthnMiddleware(strategy: 'webauthn-register' \| 'webauthn-login') {\n return async function webAuthnMiddleware(context, next) {\n return passport.authenticate(\n strategy,\n { session: true, failureMessage: true, failWithError: true },\n async (err, user) => {\n if (err \|\| !user) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.AUTHN_VERIFICATION_FAILED,\n detail: err\n })\n } else {\n context.state.user = user\n\n context.body = { user, verified: true }\n }\n\n await next()\n }\n )(context, next)\n }\n}\n"]}
1	+ {"version":3,"file":"webauthn-middleware.js","sourceRoot":"","sources":["../../server/middlewares/webauthn-middleware.ts"],"names":[],"mappings":";;AA4GA,4DAqBC;;AAjID,wEAAmC;AACnC,qDAA4D;AAE5D,iDAAqD;AAErD,2DAAmD;AAEnD,kGAAyF;AACzF,mDAI+B;AAE/B,sBAAQ,CAAC,GAAG,CACV,mBAAmB,EACnB,IAAI,0BAAc,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAc,CAAA;IAEhE,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAEnC,MAAM,YAAY,GAAG,MAAM,IAAA,mCAA0B,EAAC;QACpD,QAAQ,EAAE,IAAI;QACd,iBAAiB,EAAE,SAAS;QAC5B,cAAc,EAAE,MAAM;QACtB,YAAY,EAAE,QAAQ;QACtB,YAAY,EAAE,iBAAiB;QAC/B,uBAAuB,EAAE,KAAK;KAC/B,CAAC,CAAA;IAEF,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,EAAE,gBAAgB,EAAE,GAAG,YAAY,CAAA;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QACvF,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC1B,CAAC;QACD,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAC,0CAAiB,CAAC,CAAA;YAC1D,MAAM,iBAAiB,CAAC,IAAI,CAAC;gBAC3B,IAAI;gBACJ,YAAY,EAAE,gBAAgB,CAAC,UAAU,CAAC,EAAE;gBAC5C,SAAS;gBACT,OAAO,EAAE,gBAAgB,CAAC,UAAU,CAAC,OAAO;gBAC5C,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,IAAI;aACd,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;IAC1B,CAAC;AACH,CAAC,CAAC,CACH,CAAA;AAED,sBAAQ,CAAC,GAAG,CACV,gBAAgB,EAChB,IAAI,0BAAc,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzC,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAc,CAAA;QAE1D,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;QAEnC,MAAM,iBAAiB,GAAG,IAGzB,CAAA;QAED,MAAM,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,0CAAiB,CAAC,CAAC,OAAO,CAAC;YAChE,KAAK,EAAE;gBACL,YAAY,EAAE,iBAAiB,CAAC,EAAE;aACnC;YACD,SAAS,EAAE,CAAC,MAAM,CAAC;SACpB,CAAC,CAAA;QAEF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC1B,CAAC;QAED,MAAM,YAAY,GAAG,MAAM,IAAA,qCAA4B,EAAC;YACtD,QAAQ,EAAE,IAAI;YACd,iBAAiB,EAAE,SAAS;YAC5B,cAAc,EAAE,MAAM;YACtB,YAAY,EAAE,QAAQ;YACtB,uBAAuB,EAAE,KAAK;YAC9B,UAAU,EAAE;gBACV,EAAE,EAAE,UAAU,CAAC,YAAY;gBAC3B,SAAS,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;gBACtE,OAAO,EAAE,UAAU,CAAC,OAAO;aAC5B;SACF,CAAC,CAAA;QAEF,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;YAC1B,MAAM,EAAE,kBAAkB,EAAE,GAAG,YAAY,CAAA;YAC3C,UAAU,CAAC,OAAO,GAAG,kBAAkB,CAAC,UAAU,CAAA;YAClD,MAAM,IAAA,qBAAa,EAAC,0CAAiB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;YAEvD,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAA;YAC5B,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IAC3B,CAAC;AACH,CAAC,CAAC,CACH,CAAA;AAED,SAAgB,wBAAwB,CAAC,QAAgD;IACvF,OAAO,KAAK,UAAU,kBAAkB,CAAC,OAAO,EAAE,IAAI;QACpD,OAAO,sBAAQ,CAAC,YAAY,CAC1B,QAAQ,EACR,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,EAC5D,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YAClB,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,yBAAS,CAAC;oBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,yBAAyB;oBAC1D,MAAM,EAAE,GAAG;iBACZ,CAAC,CAAA;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;gBAEzB,OAAO,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAA;YACzC,CAAC;YAED,MAAM,IAAI,EAAE,CAAA;QACd,CAAC,CACF,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;IAClB,CAAC,CAAA;AACH,CAAC","sourcesContent":["import passport from 'koa-passport'\nimport { Strategy as CustomStrategy } from 'passport-custom'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { AuthError } from '../errors/auth-error.js'\n\nimport { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential.js'\nimport {\n AuthenticatorAssertionResponse,\n verifyRegistrationResponse,\n verifyAuthenticationResponse\n} from '@simplewebauthn/server'\n\npassport.use(\n 'webauthn-register',\n new CustomStrategy(async (context, done) => {\n const { body, session, user, hostname, origin } = context as any\n\n const challenge = session.challenge\n\n const verification = await verifyRegistrationResponse({\n response: body,\n expectedChallenge: challenge,\n expectedOrigin: origin,\n expectedRPID: hostname,\n expectedType: 'webauthn.create',\n requireUserVerification: false\n })\n\n if (verification.verified) {\n const { registrationInfo } = verification\n const publicKey = Buffer.from(registrationInfo.credential.publicKey).toString('base64')\n if (!registrationInfo) {\n return done(null, false)\n }\n if (user) {\n const webAuthRepository = getRepository(WebAuthCredential)\n await webAuthRepository.save({\n user,\n credentialId: registrationInfo.credential.id,\n publicKey,\n counter: registrationInfo.credential.counter,\n creator: user,\n updater: user\n })\n }\n\n return done(null, user)\n } else {\n return done(null, false)\n }\n })\n)\n\npassport.use(\n 'webauthn-login',\n new CustomStrategy(async (context, done) => {\n try {\n const { body, session, origin, hostname } = context as any\n\n const challenge = session.challenge\n\n const assertionResponse = body as {\n id: string\n response: AuthenticatorAssertionResponse\n }\n\n const credential = await getRepository(WebAuthCredential).findOne({\n where: {\n credentialId: assertionResponse.id\n },\n relations: ['user']\n })\n\n if (!credential) {\n return done(null, false)\n }\n\n const verification = await verifyAuthenticationResponse({\n response: body,\n expectedChallenge: challenge,\n expectedOrigin: origin,\n expectedRPID: hostname,\n requireUserVerification: false,\n credential: {\n id: credential.credentialId,\n publicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),\n counter: credential.counter\n }\n })\n\n if (verification.verified) {\n const { authenticationInfo } = verification\n credential.counter = authenticationInfo.newCounter\n await getRepository(WebAuthCredential).save(credential)\n\n const user = credential.user\n return done(null, user)\n } else {\n return done(verification, false)\n }\n } catch (error) {\n return done(error, false)\n }\n })\n)\n\nexport function createWebAuthnMiddleware(strategy: 'webauthn-register' \| 'webauthn-login') {\n return async function webAuthnMiddleware(context, next) {\n return passport.authenticate(\n strategy,\n { session: true, failureMessage: true, failWithError: true },\n async (err, user) => {\n if (err \|\| !user) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.AUTHN_VERIFICATION_FAILED,\n detail: err\n })\n } else {\n context.state.user = user\n\n context.body = { user, verified: true }\n }\n\n await next()\n }\n )(context, next)\n }\n}\n"]}

package/dist-server/migrations/1548206416130-SeedUser.js CHANGED Viewed

@@ -4,7 +4,7 @@ exports.SeedUsers1548206416130 = void 0;
 const typeorm_1 = require("typeorm");
 const env_1 = require("@things-factory/env");
 const shell_1 = require("@things-factory/shell");
-const user_1 = require("../service/user/user");
+const user_js_1 = require("../service/user/user.js");
 const ADMIN_ACCOUNT = env_1.config.get('adminAccount', {
     username: 'admin',
     name: 'Admin',
@@ -12,18 +12,18 @@ const ADMIN_ACCOUNT = env_1.config.get('adminAccount', {
     password: 'admin'
 });
 const SEED_USERS = [
-    Object.assign(Object.assign({}, ADMIN_ACCOUNT), { userType: 'user', status: user_1.UserStatus.ACTIVATED })
+    Object.assign(Object.assign({}, ADMIN_ACCOUNT), { userType: 'user', status: user_js_1.UserStatus.ACTIVATED })
 ];
 class SeedUsers1548206416130 {
     async up(queryRunner) {
-        const userRepository = (0, shell_1.getRepository)(user_1.User);
+        const userRepository = (0, shell_1.getRepository)(user_js_1.User);
         const domainRepository = (0, shell_1.getRepository)(shell_1.Domain);
         const domain = await domainRepository.findOne({ where: { name: 'SYSTEM' } });
         try {
             for (let i = 0; i < SEED_USERS.length; i++) {
                 const user = SEED_USERS[i];
-                const salt = user_1.User.generateSalt();
-                const password = user_1.User.encode(user.password, salt);
+                const salt = user_js_1.User.generateSalt();
+                const password = user_js_1.User.encode(user.password, salt);
                 await userRepository.save(Object.assign(Object.assign({}, user), { salt,
                     password, domains: [domain] }));
             }
@@ -36,7 +36,7 @@ class SeedUsers1548206416130 {
         await domainRepository.save(domain);
     }
     async down(queryRunner) {
-        const repository = (0, shell_1.getRepository)(user_1.User);
+        const repository = (0, shell_1.getRepository)(user_js_1.User);
         SEED_USERS.reverse().forEach(async (user) => {
             let record = await repository.findOneBy({ email: (0, typeorm_1.ILike)(user.email) });
             await repository.remove(record);

package/dist-server/migrations/1548206416130-SeedUser.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"1548206416130-SeedUser.js","sourceRoot":"","sources":["../../server/migrations/1548206416130-SeedUser.ts"],"names":[],"mappings":";;;AAAA,qCAAgE;AAEhE,6CAAoD;AACpD,iDAA6D;AAE7D~~,+CAAuD~~;~~AAEvD~~,MAAM,aAAa,GAAG,YAAM,CAAC,GAAG,CAAC,cAAc,EAAE;IAC/C,QAAQ,EAAE,OAAO;IACjB,IAAI,EAAE,OAAO;IACb,KAAK,EAAE,oBAAoB;IAC3B,QAAQ,EAAE,OAAO;CAClB,CAAC,CAAA;AAEF,MAAM,UAAU,GAAG;oCAEZ,aAAa,KAChB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,~~iBAAU~~,CAAC,SAAS;CAE/B,CAAA;AACD,MAAa,sBAAsB;IAC1B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,cAAc,GAAG,IAAA,qBAAa,EAAC,~~WAAI~~,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAA;QAE9C,MAAM,MAAM,GAAW,MAAM,gBAAgB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAEpF,IAAI,CAAC;YACH,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC1B,MAAM,IAAI,GAAG,~~WAAI~~,CAAC,YAAY,EAAE,CAAA;gBAChC,MAAM,QAAQ,GAAG,~~WAAI~~,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;gBAEjD,MAAM,cAAc,CAAC,IAAI,iCACpB,IAAI,KACP,IAAI;oBACJ,QAAQ,EACR,OAAO,EAAE,CAAC,MAAM,CAAC,IACjB,CAAA;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAA;QAC5F,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,EAAE,CAAA;QAEvB,MAAM,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACxC,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,~~WAAI~~,CAAC,CAAA;QAEtC,UAAU,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;YACxC,IAAI,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;YACrE,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QACjC,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAtCD,wDAsCC","sourcesContent":["import { ILike, MigrationInterface, QueryRunner } from 'typeorm'\n\nimport { config, logger } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { User, UserStatus } from '../service/user/user'\n\nconst ADMIN_ACCOUNT = config.get('adminAccount', {\n username: 'admin',\n name: 'Admin',\n email: 'admin@hatiolab.com',\n password: 'admin'\n})\n\nconst SEED_USERS = [\n {\n ...ADMIN_ACCOUNT,\n userType: 'user',\n status: UserStatus.ACTIVATED\n }\n]\nexport class SeedUsers1548206416130 implements MigrationInterface {\n public async up(queryRunner: QueryRunner): Promise<any> {\n const userRepository = getRepository(User)\n const domainRepository = getRepository(Domain)\n\n const domain: Domain = await domainRepository.findOne({ where: { name: 'SYSTEM' } })\n\n try {\n for (let i = 0; i < SEED_USERS.length; i++) {\n const user = SEED_USERS[i]\n const salt = User.generateSalt()\n const password = User.encode(user.password, salt)\n\n await userRepository.save({\n ...user,\n salt,\n password,\n domains: [domain]\n })\n }\n } catch (e) {\n logger.error(e)\n }\n\n const admin = await userRepository.findOne({ where: { email: ILike(ADMIN_ACCOUNT.email) } })\n domain.owner = admin.id\n\n await domainRepository.save(domain)\n }\n\n public async down(queryRunner: QueryRunner): Promise<any> {\n const repository = getRepository(User)\n\n SEED_USERS.reverse().forEach(async user => {\n let record = await repository.findOneBy({ email: ILike(user.email) })\n await repository.remove(record)\n })\n }\n}\n"]}
1	+ {"version":3,"file":"1548206416130-SeedUser.js","sourceRoot":"","sources":["../../server/migrations/1548206416130-SeedUser.ts"],"names":[],"mappings":";;;AAAA,qCAAgE;AAEhE,6CAAoD;AACpD,iDAA6D;AAE7D,qDAA0D;AAE1D,MAAM,aAAa,GAAG,YAAM,CAAC,GAAG,CAAC,cAAc,EAAE;IAC/C,QAAQ,EAAE,OAAO;IACjB,IAAI,EAAE,OAAO;IACb,KAAK,EAAE,oBAAoB;IAC3B,QAAQ,EAAE,OAAO;CAClB,CAAC,CAAA;AAEF,MAAM,UAAU,GAAG;oCAEZ,aAAa,KAChB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,oBAAU,CAAC,SAAS;CAE/B,CAAA;AACD,MAAa,sBAAsB;IAC1B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,cAAc,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAA;QAE9C,MAAM,MAAM,GAAW,MAAM,gBAAgB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAEpF,IAAI,CAAC;YACH,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC1B,MAAM,IAAI,GAAG,cAAI,CAAC,YAAY,EAAE,CAAA;gBAChC,MAAM,QAAQ,GAAG,cAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;gBAEjD,MAAM,cAAc,CAAC,IAAI,iCACpB,IAAI,KACP,IAAI;oBACJ,QAAQ,EACR,OAAO,EAAE,CAAC,MAAM,CAAC,IACjB,CAAA;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAA;QAC5F,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,EAAE,CAAA;QAEvB,MAAM,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACxC,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;QAEtC,UAAU,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;YACxC,IAAI,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;YACrE,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QACjC,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAtCD,wDAsCC","sourcesContent":["import { ILike, MigrationInterface, QueryRunner } from 'typeorm'\n\nimport { config, logger } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { User, UserStatus } from '../service/user/user.js'\n\nconst ADMIN_ACCOUNT = config.get('adminAccount', {\n username: 'admin',\n name: 'Admin',\n email: 'admin@hatiolab.com',\n password: 'admin'\n})\n\nconst SEED_USERS = [\n {\n ...ADMIN_ACCOUNT,\n userType: 'user',\n status: UserStatus.ACTIVATED\n }\n]\nexport class SeedUsers1548206416130 implements MigrationInterface {\n public async up(queryRunner: QueryRunner): Promise<any> {\n const userRepository = getRepository(User)\n const domainRepository = getRepository(Domain)\n\n const domain: Domain = await domainRepository.findOne({ where: { name: 'SYSTEM' } })\n\n try {\n for (let i = 0; i < SEED_USERS.length; i++) {\n const user = SEED_USERS[i]\n const salt = User.generateSalt()\n const password = User.encode(user.password, salt)\n\n await userRepository.save({\n ...user,\n salt,\n password,\n domains: [domain]\n })\n }\n } catch (e) {\n logger.error(e)\n }\n\n const admin = await userRepository.findOne({ where: { email: ILike(ADMIN_ACCOUNT.email) } })\n domain.owner = admin.id\n\n await domainRepository.save(domain)\n }\n\n public async down(queryRunner: QueryRunner): Promise<any> {\n const repository = getRepository(User)\n\n SEED_USERS.reverse().forEach(async user => {\n let record = await repository.findOneBy({ email: ILike(user.email) })\n await repository.remove(record)\n })\n }\n}\n"]}

package/dist-server/migrations/1566805283882-SeedPrivilege.js CHANGED Viewed

@@ -3,10 +3,10 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.SeedPrivilege1566805283882 = void 0;
 const env_1 = require("@things-factory/env");
 const shell_1 = require("@things-factory/shell");
-const privilege_1 = require("../service/privilege/privilege");
+const privilege_js_1 = require("../service/privilege/privilege.js");
 class SeedPrivilege1566805283882 {
     async up(queryRunner) {
-        const privilegeRepository = (0, shell_1.getRepository)(privilege_1.Privilege);
+        const privilegeRepository = (0, shell_1.getRepository)(privilege_js_1.Privilege);
         const { schema } = require('@things-factory/shell/dist-server/schema');
         await schema();
         const privileges = process['PRIVILEGES'];

package/dist-server/migrations/1566805283882-SeedPrivilege.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"1566805283882-SeedPrivilege.js","sourceRoot":"","sources":["../../server/migrations/1566805283882-SeedPrivilege.ts"],"names":[],"mappings":";;;AAEA,6CAA4C;AAC5C,iDAAqD;AAErD,~~8DAA0D~~;~~AAE1D~~,MAAa,0BAA0B;IAC9B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,mBAAmB,GAAG,IAAA,qBAAa,EAAC,~~qBAAS~~,CAAC,CAAA;QAEpD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,0CAA0C,CAAC,CAAA;QACtE,MAAM,MAAM,EAAE,CAAA;QACd,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;QAExC,IAAI,CAAC;YACH,KAAK,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAA8B,CAAC,EAAE,CAAC;gBAC7E,IAAI,CAAC,IAAI,CAAC,MAAM,mBAAmB,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;oBAC1E,MAAM,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;gBACpD,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB,IAAiB,CAAC;CAC7D;AApBD,gEAoBC","sourcesContent":["import { MigrationInterface, QueryRunner } from 'typeorm'\n\nimport { logger } from '@things-factory/env'\nimport { getRepository } from '@things-factory/shell'\n\nimport { Privilege } from '../service/privilege/privilege'\n\nexport class SeedPrivilege1566805283882 implements MigrationInterface {\n public async up(queryRunner: QueryRunner): Promise<any> {\n const privilegeRepository = getRepository(Privilege)\n\n const { schema } = require('@things-factory/shell/dist-server/schema')\n await schema()\n const privileges = process['PRIVILEGES']\n\n try {\n for (const [category, name] of Object.values(privileges as [string, string])) {\n if (0 == (await privilegeRepository.count({ where: { category, name } }))) {\n await privilegeRepository.save({ category, name })\n }\n }\n } catch (e) {\n logger.error(e)\n }\n }\n\n public async down(queryRunner: QueryRunner): Promise<any> {}\n}\n"]}
1	+ {"version":3,"file":"1566805283882-SeedPrivilege.js","sourceRoot":"","sources":["../../server/migrations/1566805283882-SeedPrivilege.ts"],"names":[],"mappings":";;;AAEA,6CAA4C;AAC5C,iDAAqD;AAErD,oEAA6D;AAE7D,MAAa,0BAA0B;IAC9B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,mBAAmB,GAAG,IAAA,qBAAa,EAAC,wBAAS,CAAC,CAAA;QAEpD,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,0CAA0C,CAAC,CAAA;QACtE,MAAM,MAAM,EAAE,CAAA;QACd,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;QAExC,IAAI,CAAC;YACH,KAAK,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,UAA8B,CAAC,EAAE,CAAC;gBAC7E,IAAI,CAAC,IAAI,CAAC,MAAM,mBAAmB,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC;oBAC1E,MAAM,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;gBACpD,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB,IAAiB,CAAC;CAC7D;AApBD,gEAoBC","sourcesContent":["import { MigrationInterface, QueryRunner } from 'typeorm'\n\nimport { logger } from '@things-factory/env'\nimport { getRepository } from '@things-factory/shell'\n\nimport { Privilege } from '../service/privilege/privilege.js'\n\nexport class SeedPrivilege1566805283882 implements MigrationInterface {\n public async up(queryRunner: QueryRunner): Promise<any> {\n const privilegeRepository = getRepository(Privilege)\n\n const { schema } = require('@things-factory/shell/dist-server/schema')\n await schema()\n const privileges = process['PRIVILEGES']\n\n try {\n for (const [category, name] of Object.values(privileges as [string, string])) {\n if (0 == (await privilegeRepository.count({ where: { category, name } }))) {\n await privilegeRepository.save({ category, name })\n }\n }\n } catch (e) {\n logger.error(e)\n }\n }\n\n public async down(queryRunner: QueryRunner): Promise<any> {}\n}\n"]}

package/dist-server/migrations/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/migrations/index.ts"],"names":[],"mappings":";;;AAAA,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAEjB,QAAA,UAAU,GAAG,EAAE,CAAA;AAE1B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,~~UAAS~~,IAAI;~~IACzE~~,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAAE,OAAM;IAC3C,kBAAU,GAAG,kBAAU,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;AAClF,CAAC,CAAC,CAAA","sourcesContent":["const glob = require('glob')\nconst path = require('path')\n\nexport var migrations = []\n\nglob.sync(path.resolve(__dirname, '.', '*', '.js')).forEach(function(file) {\n if (file.indexOf('index.js') !== -1) return\n migrations = migrations.concat(Object.values(require(path.resolve(file))) \|\| [])\n})\n"]}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/migrations/index.ts"],"names":[],"mappings":";;;AAAA,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;AAEjB,QAAA,UAAU,GAAG,EAAE,CAAA;AAE1B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,IAAI;IAC1E,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAAE,OAAM;IAC3C,kBAAU,GAAG,kBAAU,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;AAClF,CAAC,CAAC,CAAA","sourcesContent":["const glob = require('glob')\nconst path = require('path')\n\nexport var migrations = []\n\nglob.sync(path.resolve(__dirname, '.', '*', '.js')).forEach(function (file) {\n if (file.indexOf('index.js') !== -1) return\n migrations = migrations.concat(Object.values(require(path.resolve(file))) \|\| [])\n})\n"]}

package/dist-server/router/auth-checkin-router.js CHANGED Viewed

@@ -5,10 +5,10 @@ const tslib_1 = require("tslib");
 const koa_router_1 = tslib_1.__importDefault(require("koa-router"));
 const env_1 = require("@things-factory/env");
 const shell_1 = require("@things-factory/shell");
-const login_history_1 = require("../service/login-history/login-history");
-const accepts_1 = require("../utils/accepts");
-const access_token_cookie_1 = require("../utils/access-token-cookie");
-const get_user_domains_1 = require("../utils/get-user-domains");
+const login_history_js_1 = require("../service/login-history/login-history.js");
+const accepts_js_1 = require("../utils/accepts.js");
+const access_token_cookie_js_1 = require("../utils/access-token-cookie.js");
+const get_user_domains_js_1 = require("../utils/get-user-domains.js");
 const domainType = env_1.config.get('domainType');
 exports.authCheckinRouter = new koa_router_1.default();
 exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {
@@ -16,10 +16,10 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
     const header = request.header;
     const { user } = context.state;
     let { subdomain } = context.params;
-    let domains = await (0, get_user_domains_1.getUserDomains)(user);
+    let domains = await (0, get_user_domains_js_1.getUserDomains)(user);
     if (domainType)
         domains = domains.filter(d => d.extType == domainType);
-    if (!(0, accepts_1.accepts)(header.accept, ['text/html', '*/*'])) {
+    if (!(0, accepts_js_1.accepts)(header.accept, ['text/html', '*/*'])) {
         // When request expects non html response
         try {
             if (!subdomain)
@@ -31,7 +31,7 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
             context.body = true;
         }
         catch (e) {
-            (0, access_token_cookie_1.clearAccessTokenCookie)(context);
+            (0, access_token_cookie_js_1.clearAccessTokenCookie)(context);
             throw e;
         }
     }
@@ -75,14 +75,14 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
             });
         }
         catch (e) {
-            (0, access_token_cookie_1.clearAccessTokenCookie)(context);
+            (0, access_token_cookie_js_1.clearAccessTokenCookie)(context);
             context.redirect(`/auth/signin?username=${encodeURIComponent(user.username)}&redirect_to=${encodeURIComponent(redirectTo)}`);
         }
     }
 });
 exports.authCheckinRouter.get('/auth/domains', async (context) => {
     const { user } = context.state;
-    var domains = await (0, get_user_domains_1.getUserDomains)(user);
+    var domains = await (0, get_user_domains_js_1.getUserDomains)(user);
     if (domainType) {
         domains = domains.filter(d => d.extType == domainType);
     }
@@ -93,7 +93,7 @@ async function checkIn(checkInDomain, redirectTo, context) {
     const remoteAddress = context.req.headers['x-forwarded-for']
         ? context.req.headers['x-forwarded-for'].split(',')[0].trim()
         : context.req.connection.remoteAddress;
-    await login_history_1.LoginHistory.stamp(checkInDomain, user, remoteAddress);
+    await login_history_js_1.LoginHistory.stamp(checkInDomain, user, remoteAddress);
     if (redirectTo) {
         return context.redirect((0, shell_1.getRedirectSubdomainPath)(context, checkInDomain.subdomain, redirectTo));
     }

package/dist-server/router/auth-checkin-router.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth-checkin-router.js","sourceRoot":"","sources":["../../server/router/auth-checkin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA+F;AAE/F,~~0EAAqE~~;~~AAErE~~,~~8CAA0C~~;~~AAC1C~~,~~sEAAqE~~;~~AACrE~~,~~gEAA0D~~;~~AAE1D~~,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;AAE9B,QAAA,iBAAiB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE7C,yBAAiB,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzE,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;IAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAElC,IAAI,OAAO,GAAsB,MAAM,IAAA,~~iCAAc~~,EAAC,IAAI,CAAC,CAAA;IAC3D,IAAI,UAAU;QAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IAEtE,IAAI,CAAC,IAAA,~~iBAAO~~,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QAClD,yCAAyC;QACzC,IAAI,CAAC;YACH,IAAI,CAAC,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA,CAAC,qCAAqC;YACrH,MAAM,aAAa,GAAgC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAA,CAAC,wCAAwC;YACxI,IAAI,CAAC,aAAa;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;YAEnF,MAAM,OAAO,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;YAC3C,OAAO,CAAC,IAAI,GAAG,IAAI,CAAA;QACrB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAA,~~4CAAsB,~~EAAC,OAAO,CAAC,CAAA;YAC/B,MAAM,CAAC,CAAA;QACT,CAAC;IACH,CAAC;SAAM,CAAC;QACN,qCAAqC;QACrC,MAAM,EAAE,WAAW,EAAE,UAAU,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEvD,IAAI,CAAC;YACH,IAAI,OAAe,CAAA;YAEnB,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,6CAA6C;gBAC7C,SAAS,GAAG,IAAA,6BAAqB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YACxD,CAAC;YAED,IAAI,aAA8B,CAAA;YAClC,IAAI,SAAS,EAAE,CAAC;gBACd,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;gBAC3D,IAAI,CAAC,aAAa;oBAAE,OAAO,GAAG,CAAC,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAA;YAC5E,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAChC,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;YAC5B,CAAC;YAED,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,MAAM,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YAC1D,CAAC;YAED,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,cAAc;gBAC3B,aAAa,EAAE,kBAAkB;gBACjC,IAAI,EAAE;oBACJ,IAAI,EAAE;wBACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;wBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB;oBACD,OAAO;oBACP,UAAU;oBACV,UAAU;oBACV,OAAO;iBACR;aACF,CAAC,CAAA;QACJ,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAA,~~4CAAsB,~~EAAC,OAAO,CAAC,CAAA;YAC/B,OAAO,CAAC,QAAQ,CACd,yBAAyB,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAC3G,CAAA;QACH,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,yBAAiB,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,EAAC,OAAO,EAAC,EAAE;IACrD,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,OAAO,GAAG,MAAM,IAAA,~~iCAAc~~,EAAC,IAAI,CAAC,CAAA;IACxC,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IACxD,CAAC;IAED,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,KAAK,UAAU,OAAO,CACpB,aAA8B,EAC9B,UAAyB,EACzB,OAAwB;IAExB,MAAM,EAAE,IAAI,EAAE,GAAmB,OAAO,CAAC,KAAK,CAAA;IAC9C,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC;QAC1D,CAAC,CAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;QACzE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,CAAA;IAExC,MAAM,~~4BAAY,~~CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,EAAE,aAAa,CAAC,CAAA;IAE5D,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,OAAO,CAAC,QAAQ,CAAC,IAAA,gCAAwB,EAAC,OAAO,EAAE,aAAa,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAA;IACjG,CAAC;AACH,CAAC","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, findSubdomainFromPath, getRedirectSubdomainPath } from '@things-factory/shell'\n\nimport { LoginHistory } from '../service/login-history/login-history'\nimport { User } from '../service/user/user'\nimport { accepts } from '../utils/accepts'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst domainType = config.get('domainType')\n\nexport const authCheckinRouter = new Router()\n\nauthCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {\n const { request, t } = context\n const header = request.header\n const { user } = context.state\n let { subdomain } = context.params\n\n let domains: Partial<Domain>[] = await getUserDomains(user)\n if (domainType) domains = domains.filter(d => d.extType == domainType)\n\n if (!accepts(header.accept, ['text/html', '/'])) {\n // When request expects non html response\n try {\n if (!subdomain) throw new Error(t('error.domain not specified', { subdomain })) // When params doesn't have subdomain\n const checkInDomain: Partial<Domain> \| undefined = domains.find(d => d.subdomain === subdomain) // When no matched domain with subdomain\n if (!checkInDomain) throw new Error(t('error.domain not specified', { subdomain }))\n\n await checkIn(checkInDomain, null, context)\n context.body = true\n } catch (e) {\n clearAccessTokenCookie(context)\n throw e\n }\n } else {\n // When request expects html response\n const { redirect_to: redirectTo = '/' } = context.query\n\n try {\n let message: string\n\n if (!subdomain) {\n /* try to find domain from redirectTo path */\n subdomain = findSubdomainFromPath(context, redirectTo)\n }\n\n let checkInDomain: Partial<Domain>\n if (subdomain) {\n checkInDomain = domains.find(d => d.subdomain == subdomain)\n if (!checkInDomain) message = t('error.domain not allowed', { subdomain })\n } else if (domains.length === 1) {\n checkInDomain = domains[0]\n }\n\n if (checkInDomain) {\n return await checkIn(checkInDomain, redirectTo, context)\n }\n\n await context.render('auth-page', {\n pageElement: 'auth-checkin',\n elementScript: '/auth/checkin.js',\n data: {\n user: {\n username: user.username,\n email: user.email,\n locale: user.locale,\n name: user.name,\n userType: user.userType\n },\n domains,\n domainType,\n redirectTo,\n message\n }\n })\n } catch (e) {\n clearAccessTokenCookie(context)\n context.redirect(\n `/auth/signin?username=${encodeURIComponent(user.username)}&redirect_to=${encodeURIComponent(redirectTo)}`\n )\n }\n }\n})\n\nauthCheckinRouter.get('/auth/domains', async context => {\n const { user } = context.state\n var domains = await getUserDomains(user)\n if (domainType) {\n domains = domains.filter(d => d.extType == domainType)\n }\n\n context.body = domains\n})\n\nasync function checkIn(\n checkInDomain: Partial<Domain>,\n redirectTo: string \| null,\n context: ResolverContext\n): Promise<void> {\n const { user }: { user: User } = context.state\n const remoteAddress = context.req.headers['x-forwarded-for']\n ? (context.req.headers['x-forwarded-for'] as string).split(',')[0].trim()\n : context.req.connection.remoteAddress\n\n await LoginHistory.stamp(checkInDomain, user, remoteAddress)\n\n if (redirectTo) {\n return context.redirect(getRedirectSubdomainPath(context, checkInDomain.subdomain, redirectTo))\n }\n}\n"]}
1	+ {"version":3,"file":"auth-checkin-router.js","sourceRoot":"","sources":["../../server/router/auth-checkin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA+F;AAE/F,gFAAwE;AAExE,oDAA6C;AAC7C,4EAAwE;AACxE,sEAA6D;AAE7D,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;AAE9B,QAAA,iBAAiB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE7C,yBAAiB,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzE,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;IAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAElC,IAAI,OAAO,GAAsB,MAAM,IAAA,oCAAc,EAAC,IAAI,CAAC,CAAA;IAC3D,IAAI,UAAU;QAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IAEtE,IAAI,CAAC,IAAA,oBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QAClD,yCAAyC;QACzC,IAAI,CAAC;YACH,IAAI,CAAC,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA,CAAC,qCAAqC;YACrH,MAAM,aAAa,GAAgC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAA,CAAC,wCAAwC;YACxI,IAAI,CAAC,aAAa;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;YAEnF,MAAM,OAAO,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;YAC3C,OAAO,CAAC,IAAI,GAAG,IAAI,CAAA;QACrB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,MAAM,CAAC,CAAA;QACT,CAAC;IACH,CAAC;SAAM,CAAC;QACN,qCAAqC;QACrC,MAAM,EAAE,WAAW,EAAE,UAAU,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEvD,IAAI,CAAC;YACH,IAAI,OAAe,CAAA;YAEnB,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,6CAA6C;gBAC7C,SAAS,GAAG,IAAA,6BAAqB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YACxD,CAAC;YAED,IAAI,aAA8B,CAAA;YAClC,IAAI,SAAS,EAAE,CAAC;gBACd,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;gBAC3D,IAAI,CAAC,aAAa;oBAAE,OAAO,GAAG,CAAC,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAA;YAC5E,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAChC,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;YAC5B,CAAC;YAED,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,MAAM,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YAC1D,CAAC;YAED,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,cAAc;gBAC3B,aAAa,EAAE,kBAAkB;gBACjC,IAAI,EAAE;oBACJ,IAAI,EAAE;wBACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;wBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB;oBACD,OAAO;oBACP,UAAU;oBACV,UAAU;oBACV,OAAO;iBACR;aACF,CAAC,CAAA;QACJ,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,OAAO,CAAC,QAAQ,CACd,yBAAyB,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAC3G,CAAA;QACH,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,yBAAiB,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,EAAC,OAAO,EAAC,EAAE;IACrD,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,OAAO,GAAG,MAAM,IAAA,oCAAc,EAAC,IAAI,CAAC,CAAA;IACxC,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IACxD,CAAC;IAED,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;AACxB,CAAC,CAAC,CAAA;AAEF,KAAK,UAAU,OAAO,CACpB,aAA8B,EAC9B,UAAyB,EACzB,OAAwB;IAExB,MAAM,EAAE,IAAI,EAAE,GAAmB,OAAO,CAAC,KAAK,CAAA;IAC9C,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC;QAC1D,CAAC,CAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;QACzE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,CAAA;IAExC,MAAM,+BAAY,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,EAAE,aAAa,CAAC,CAAA;IAE5D,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,OAAO,CAAC,QAAQ,CAAC,IAAA,gCAAwB,EAAC,OAAO,EAAE,aAAa,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAA;IACjG,CAAC;AACH,CAAC","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, findSubdomainFromPath, getRedirectSubdomainPath } from '@things-factory/shell'\n\nimport { LoginHistory } from '../service/login-history/login-history.js'\nimport { User } from '../service/user/user.js'\nimport { accepts } from '../utils/accepts.js'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie.js'\nimport { getUserDomains } from '../utils/get-user-domains.js'\n\nconst domainType = config.get('domainType')\n\nexport const authCheckinRouter = new Router()\n\nauthCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {\n const { request, t } = context\n const header = request.header\n const { user } = context.state\n let { subdomain } = context.params\n\n let domains: Partial<Domain>[] = await getUserDomains(user)\n if (domainType) domains = domains.filter(d => d.extType == domainType)\n\n if (!accepts(header.accept, ['text/html', '/'])) {\n // When request expects non html response\n try {\n if (!subdomain) throw new Error(t('error.domain not specified', { subdomain })) // When params doesn't have subdomain\n const checkInDomain: Partial<Domain> \| undefined = domains.find(d => d.subdomain === subdomain) // When no matched domain with subdomain\n if (!checkInDomain) throw new Error(t('error.domain not specified', { subdomain }))\n\n await checkIn(checkInDomain, null, context)\n context.body = true\n } catch (e) {\n clearAccessTokenCookie(context)\n throw e\n }\n } else {\n // When request expects html response\n const { redirect_to: redirectTo = '/' } = context.query\n\n try {\n let message: string\n\n if (!subdomain) {\n /* try to find domain from redirectTo path */\n subdomain = findSubdomainFromPath(context, redirectTo)\n }\n\n let checkInDomain: Partial<Domain>\n if (subdomain) {\n checkInDomain = domains.find(d => d.subdomain == subdomain)\n if (!checkInDomain) message = t('error.domain not allowed', { subdomain })\n } else if (domains.length === 1) {\n checkInDomain = domains[0]\n }\n\n if (checkInDomain) {\n return await checkIn(checkInDomain, redirectTo, context)\n }\n\n await context.render('auth-page', {\n pageElement: 'auth-checkin',\n elementScript: '/auth/checkin.js',\n data: {\n user: {\n username: user.username,\n email: user.email,\n locale: user.locale,\n name: user.name,\n userType: user.userType\n },\n domains,\n domainType,\n redirectTo,\n message\n }\n })\n } catch (e) {\n clearAccessTokenCookie(context)\n context.redirect(\n `/auth/signin?username=${encodeURIComponent(user.username)}&redirect_to=${encodeURIComponent(redirectTo)}`\n )\n }\n }\n})\n\nauthCheckinRouter.get('/auth/domains', async context => {\n const { user } = context.state\n var domains = await getUserDomains(user)\n if (domainType) {\n domains = domains.filter(d => d.extType == domainType)\n }\n\n context.body = domains\n})\n\nasync function checkIn(\n checkInDomain: Partial<Domain>,\n redirectTo: string \| null,\n context: ResolverContext\n): Promise<void> {\n const { user }: { user: User } = context.state\n const remoteAddress = context.req.headers['x-forwarded-for']\n ? (context.req.headers['x-forwarded-for'] as string).split(',')[0].trim()\n : context.req.connection.remoteAddress\n\n await LoginHistory.stamp(checkInDomain, user, remoteAddress)\n\n if (redirectTo) {\n return context.redirect(getRedirectSubdomainPath(context, checkInDomain.subdomain, redirectTo))\n }\n}\n"]}

package/dist-server/router/auth-private-process-router.js CHANGED Viewed

@@ -6,12 +6,12 @@ const typeorm_1 = require("typeorm");
 const koa_router_1 = tslib_1.__importDefault(require("koa-router"));
 const env_1 = require("@things-factory/env");
 const shell_1 = require("@things-factory/shell");
-const change_pwd_1 = require("../controllers/change-pwd");
-const delete_user_1 = require("../controllers/delete-user");
-const profile_1 = require("../controllers/profile");
-const user_1 = require("../service/user/user");
-const access_token_cookie_1 = require("../utils/access-token-cookie");
-const get_user_domains_1 = require("../utils/get-user-domains");
+const change_pwd_js_1 = require("../controllers/change-pwd.js");
+const delete_user_js_1 = require("../controllers/delete-user.js");
+const profile_js_1 = require("../controllers/profile.js");
+const user_js_1 = require("../service/user/user.js");
+const access_token_cookie_js_1 = require("../utils/access-token-cookie.js");
+const get_user_domains_js_1 = require("../utils/get-user-domains.js");
 const domainType = env_1.config.get('domainType');
 const languages = env_1.config.get('i18n/languages') || [];
 exports.authPrivateProcessRouter = new koa_router_1.default({
@@ -21,14 +21,14 @@ exports.authPrivateProcessRouter
     .post('/change-pass', async (context, next) => {
     const { t } = context;
     let { current_pass, new_pass, confirm_pass } = context.request.body;
-    const token = await (0, change_pwd_1.changePwd)(context.state.user, current_pass, new_pass, confirm_pass, context);
+    const token = await (0, change_pwd_js_1.changePwd)(context.state.user, current_pass, new_pass, confirm_pass, context);
     context.body = t('text.password changed successfully');
-    (0, access_token_cookie_1.setAccessTokenCookie)(context, token);
+    (0, access_token_cookie_js_1.setAccessTokenCookie)(context, token);
 })
     .post('/update-profile', async (context, next) => {
     const { i18next, t } = context;
     const newProfiles = context.request.body;
-    await (0, profile_1.updateProfile)(context.state.user, newProfiles);
+    await (0, profile_js_1.updateProfile)(context.state.user, newProfiles);
     if (newProfiles.locale) {
         context.body = i18next.getFixedT(newProfiles.locale)('text.profile changed successfully');
     }
@@ -41,7 +41,7 @@ exports.authPrivateProcessRouter
     var { user } = context.state;
     var { id: userId } = user;
     var { password, username } = context.request.body;
-    const userRepo = (0, shell_1.getRepository)(user_1.User);
+    const userRepo = (0, shell_1.getRepository)(user_js_1.User);
     var userInfo = await userRepo.findOne({
         where: { username },
         relations: ['domains']
@@ -52,14 +52,14 @@ exports.authPrivateProcessRouter
             relations: ['domains']
         });
     }
-    if (userInfo.id != userId || !user_1.User.verify(userInfo.password, password, userInfo.salt)) {
+    if (userInfo.id != userId || !user_js_1.User.verify(userInfo.password, password, userInfo.salt)) {
         context.status = 401;
         context.body = t('error.user validation failed');
         return;
     }
-    await (0, delete_user_1.deleteUser)(user);
+    await (0, delete_user_js_1.deleteUser)(user);
     context.body = t('text.delete account succeed');
-    (0, access_token_cookie_1.clearAccessTokenCookie)(context);
+    (0, access_token_cookie_js_1.clearAccessTokenCookie)(context);
 })
     .get('/profile', async (context, next) => {
     const { t } = context;
@@ -69,9 +69,9 @@ exports.authPrivateProcessRouter
         context.body = t('error.user validation failed');
         return;
     }
-    let domains = await (0, get_user_domains_1.getUserDomains)(user);
+    let domains = await (0, get_user_domains_js_1.getUserDomains)(user);
     domains = domains.filter((d) => d.extType == domainType);
-    var privileges = await user_1.User.getPrivilegesByDomain(user, domain);
+    var privileges = await user_js_1.User.getPrivilegesByDomain(user, domain);
     if (prohibitedPrivileges) {
         prohibitedPrivileges.forEach(({ category, privilege }) => {
             privileges = privileges.filter(p => p.category != category || p.privilege != privilege);

package/dist-server/router/auth-private-process-router.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth-private-process-router.js","sourceRoot":"","sources":["../../server/router/auth-private-process-router.ts"],"names":[],"mappings":";;;;AAAA,qCAA+B;AAC/B,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA6D;AAE7D,~~0DAAqD~~;~~AACrD~~,~~4DAAuD~~;~~AACvD~~,~~oDAAsD~~;~~AACtD,+CAA2C~~;~~AAC3C~~,~~sEAA2F~~;~~AAC3F~~,~~gEAA0D~~;~~AAE1D~~,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;AAC3C,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAA;AAEvC,QAAA,wBAAwB,GAAG,IAAI,oBAAM,CAAC;IACjD,MAAM,EAAE,OAAO;CAChB,CAAC,CAAA;AAEF,gCAAwB;KACrB,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEnE,MAAM,KAAK,GAAG,MAAM,IAAA,~~sBAAS~~,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAA;IAEhG,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;IAEtD,IAAA,~~0CAAoB~~,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;AACtC,CAAC,CAAC;KACD,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/C,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IACxC,MAAM,IAAA,~~uBAAa~~,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;IAEpD,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,mCAAmC,CAAC,CAAA;IAC3F,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,mCAAmC,CAAC,CAAA;IACvD,CAAC;AACH,CAAC,CAAC;KACD,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC9B,IAAI,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC5B,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,IAAI,CAAA;IAEzB,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEjD,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,~~WAAI~~,CAAC,CAAA;IAEpC,IAAI,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QACpC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,QAAQ,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7D,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;YAChC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC,EAAE;YACjC,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,QAAQ,CAAC,EAAE,IAAI,MAAM,IAAI,CAAC,~~WAAI~~,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACtF,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;QAChD,OAAM;IACR,CAAC;IAED,MAAM,IAAA,~~wBAAU~~,EAAC,IAAI,CAAC,CAAA;IAEtB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;IAC/C,IAAA,~~4CAAsB,~~EAAC,OAAO,CAAC,CAAA;AACjC,CAAC,CAAC;KACD,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACvC,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,oBAAoB,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtE,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;QAChD,OAAM;IACR,CAAC;IAED,IAAI,OAAO,GAAsB,MAAM,IAAA,~~iCAAc~~,EAAC,IAAI,CAAC,CAAA;IAC3D,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IAEhE,IAAI,UAAU,GAAG,MAAM,~~WAAI~~,CAAC,qBAAqB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IAE/D,IAAI,oBAAoB,EAAE,CAAC;QACzB,oBAAoB,CAAC,OAAO,CAAC,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE;YACvD,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,IAAI,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;QACzF,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,CAAC,IAAI,GAAG;QACb,IAAI,EAAE;YACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC;YACrD,KAAK,EAAE,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC;YACnD,QAAQ;YACR,UAAU;SACX;QACD,OAAO;QACP,MAAM,EAAE,MAAM,IAAI;YAChB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B;QACD,SAAS;KACV,CAAA;AACH,CAAC,CAAC,CAAA","sourcesContent":["import { ILike } from 'typeorm'\nimport Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { changePwd } from '../controllers/change-pwd'\nimport { deleteUser } from '../controllers/delete-user'\nimport { updateProfile } from '../controllers/profile'\nimport { User } from '../service/user/user'\nimport { clearAccessTokenCookie, setAccessTokenCookie } from '../utils/access-token-cookie'\nimport { getUserDomains } from '../utils/get-user-domains'\n\nconst domainType = config.get('domainType')\nconst languages = config.get('i18n/languages') \|\| []\n\nexport const authPrivateProcessRouter = new Router({\n prefix: '/auth'\n})\n\nauthPrivateProcessRouter\n .post('/change-pass', async (context, next) => {\n const { t } = context\n let { current_pass, new_pass, confirm_pass } = context.request.body\n\n const token = await changePwd(context.state.user, current_pass, new_pass, confirm_pass, context)\n\n context.body = t('text.password changed successfully')\n\n setAccessTokenCookie(context, token)\n })\n .post('/update-profile', async (context, next) => {\n const { i18next, t } = context\n const newProfiles = context.request.body\n await updateProfile(context.state.user, newProfiles)\n\n if (newProfiles.locale) {\n context.body = i18next.getFixedT(newProfiles.locale)('text.profile changed successfully')\n } else {\n context.body = t('text.profile changed successfully')\n }\n })\n .post('/delete-user', async (context, next) => {\n const { t, session } = context\n var { user } = context.state\n var { id: userId } = user\n\n var { password, username } = context.request.body\n\n const userRepo = getRepository(User)\n\n var userInfo = await userRepo.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!userInfo && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n userInfo = await userRepo.findOne({\n where: { email: ILike(username) },\n relations: ['domains']\n })\n }\n\n if (userInfo.id != userId \|\| !User.verify(userInfo.password, password, userInfo.salt)) {\n context.status = 401\n context.body = t('error.user validation failed')\n return\n }\n\n await deleteUser(user)\n\n context.body = t('text.delete account succeed')\n clearAccessTokenCookie(context)\n })\n .get('/profile', async (context, next) => {\n const { t } = context\n const { domain, user, unsafeIP, prohibitedPrivileges } = context.state\n\n if (!domain) {\n context.status = 401\n context.body = t('error.user validation failed')\n return\n }\n\n let domains: Partial<Domain>[] = await getUserDomains(user)\n domains = domains.filter((d: Domain) => d.extType == domainType)\n\n var privileges = await User.getPrivilegesByDomain(user, domain)\n\n if (prohibitedPrivileges) {\n prohibitedPrivileges.forEach(({ category, privilege }) => {\n privileges = privileges.filter(p => p.category != category \|\| p.privilege != privilege)\n })\n }\n\n context.body = {\n user: {\n username: user.username,\n email: user.email,\n name: user.name,\n userType: user.userType,\n owner: await process.domainOwnerGranted(domain, user),\n super: await process.superUserGranted(domain, user),\n unsafeIP,\n privileges\n },\n domains,\n domain: domain && {\n name: domain.name,\n subdomain: domain.subdomain\n },\n languages\n }\n })\n"]}
1	+ {"version":3,"file":"auth-private-process-router.js","sourceRoot":"","sources":["../../server/router/auth-private-process-router.ts"],"names":[],"mappings":";;;;AAAA,qCAA+B;AAC/B,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA6D;AAE7D,gEAAwD;AACxD,kEAA0D;AAC1D,0DAAyD;AACzD,qDAA8C;AAC9C,4EAA8F;AAC9F,sEAA6D;AAE7D,MAAM,UAAU,GAAG,YAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;AAC3C,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAA;AAEvC,QAAA,wBAAwB,GAAG,IAAI,oBAAM,CAAC;IACjD,MAAM,EAAE,OAAO;CAChB,CAAC,CAAA;AAEF,gCAAwB;KACrB,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEnE,MAAM,KAAK,GAAG,MAAM,IAAA,yBAAS,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAA;IAEhG,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,oCAAoC,CAAC,CAAA;IAEtD,IAAA,6CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;AACtC,CAAC,CAAC;KACD,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/C,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IACxC,MAAM,IAAA,0BAAa,EAAC,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;IAEpD,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,mCAAmC,CAAC,CAAA;IAC3F,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,mCAAmC,CAAC,CAAA;IACvD,CAAC;AACH,CAAC,CAAC;KACD,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5C,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC9B,IAAI,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC5B,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,IAAI,CAAA;IAEzB,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAA;IAEjD,MAAM,QAAQ,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;IAEpC,IAAI,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QACpC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,QAAQ,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7D,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;YAChC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC,EAAE;YACjC,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,QAAQ,CAAC,EAAE,IAAI,MAAM,IAAI,CAAC,cAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACtF,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;QAChD,OAAM;IACR,CAAC;IAED,MAAM,IAAA,2BAAU,EAAC,IAAI,CAAC,CAAA;IAEtB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,6BAA6B,CAAC,CAAA;IAC/C,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;AACjC,CAAC,CAAC;KACD,GAAG,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACvC,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,oBAAoB,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtE,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,8BAA8B,CAAC,CAAA;QAChD,OAAM;IACR,CAAC;IAED,IAAI,OAAO,GAAsB,MAAM,IAAA,oCAAc,EAAC,IAAI,CAAC,CAAA;IAC3D,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IAEhE,IAAI,UAAU,GAAG,MAAM,cAAI,CAAC,qBAAqB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IAE/D,IAAI,oBAAoB,EAAE,CAAC;QACzB,oBAAoB,CAAC,OAAO,CAAC,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE;YACvD,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,IAAI,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;QACzF,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,CAAC,IAAI,GAAG;QACb,IAAI,EAAE;YACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK,EAAE,MAAM,OAAO,CAAC,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC;YACrD,KAAK,EAAE,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC;YACnD,QAAQ;YACR,UAAU;SACX;QACD,OAAO;QACP,MAAM,EAAE,MAAM,IAAI;YAChB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B;QACD,SAAS;KACV,CAAA;AACH,CAAC,CAAC,CAAA","sourcesContent":["import { ILike } from 'typeorm'\nimport Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { changePwd } from '../controllers/change-pwd.js'\nimport { deleteUser } from '../controllers/delete-user.js'\nimport { updateProfile } from '../controllers/profile.js'\nimport { User } from '../service/user/user.js'\nimport { clearAccessTokenCookie, setAccessTokenCookie } from '../utils/access-token-cookie.js'\nimport { getUserDomains } from '../utils/get-user-domains.js'\n\nconst domainType = config.get('domainType')\nconst languages = config.get('i18n/languages') \|\| []\n\nexport const authPrivateProcessRouter = new Router({\n prefix: '/auth'\n})\n\nauthPrivateProcessRouter\n .post('/change-pass', async (context, next) => {\n const { t } = context\n let { current_pass, new_pass, confirm_pass } = context.request.body\n\n const token = await changePwd(context.state.user, current_pass, new_pass, confirm_pass, context)\n\n context.body = t('text.password changed successfully')\n\n setAccessTokenCookie(context, token)\n })\n .post('/update-profile', async (context, next) => {\n const { i18next, t } = context\n const newProfiles = context.request.body\n await updateProfile(context.state.user, newProfiles)\n\n if (newProfiles.locale) {\n context.body = i18next.getFixedT(newProfiles.locale)('text.profile changed successfully')\n } else {\n context.body = t('text.profile changed successfully')\n }\n })\n .post('/delete-user', async (context, next) => {\n const { t, session } = context\n var { user } = context.state\n var { id: userId } = user\n\n var { password, username } = context.request.body\n\n const userRepo = getRepository(User)\n\n var userInfo = await userRepo.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!userInfo && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n userInfo = await userRepo.findOne({\n where: { email: ILike(username) },\n relations: ['domains']\n })\n }\n\n if (userInfo.id != userId \|\| !User.verify(userInfo.password, password, userInfo.salt)) {\n context.status = 401\n context.body = t('error.user validation failed')\n return\n }\n\n await deleteUser(user)\n\n context.body = t('text.delete account succeed')\n clearAccessTokenCookie(context)\n })\n .get('/profile', async (context, next) => {\n const { t } = context\n const { domain, user, unsafeIP, prohibitedPrivileges } = context.state\n\n if (!domain) {\n context.status = 401\n context.body = t('error.user validation failed')\n return\n }\n\n let domains: Partial<Domain>[] = await getUserDomains(user)\n domains = domains.filter((d: Domain) => d.extType == domainType)\n\n var privileges = await User.getPrivilegesByDomain(user, domain)\n\n if (prohibitedPrivileges) {\n prohibitedPrivileges.forEach(({ category, privilege }) => {\n privileges = privileges.filter(p => p.category != category \|\| p.privilege != privilege)\n })\n }\n\n context.body = {\n user: {\n username: user.username,\n email: user.email,\n name: user.name,\n userType: user.userType,\n owner: await process.domainOwnerGranted(domain, user),\n super: await process.superUserGranted(domain, user),\n unsafeIP,\n privileges\n },\n domains,\n domain: domain && {\n name: domain.name,\n subdomain: domain.subdomain\n },\n languages\n }\n })\n"]}