npm - @things-factory/auth-base - Versions diffs - 9.0.0-beta.76 → 9.0.0 - Mend

@things-factory/auth-base 9.0.0-beta.76 → 9.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (135) hide show

package/dist-server/service/user/user.js CHANGED Viewed

@@ -1,4 +1,6 @@
 "use strict";
+// This file defines the User entity and its GraphQL schema for authentication and authorization.
+// It includes user fields, status enum, and utility methods for password and privilege management.
 var User_1;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.User = exports.UserStatus = void 0;
@@ -28,7 +30,7 @@ var UserStatus;
     UserStatus["DELETED"] = "deleted";
     UserStatus["LOCKED"] = "locked";
     UserStatus["BANNED"] = "banned";
-    UserStatus["PWD_RESET_REQUIRED"] = "password_reset_required";
+    UserStatus["PWD_RESET_REQUIRED"] = "password_reset_required"; // The user must reset their password before logging in.
 })(UserStatus || (exports.UserStatus = UserStatus = {}));
 let User = User_1 = class User {
     /* signing for jsonwebtoken */
@@ -72,7 +74,7 @@ let User = User_1 = class User {
                     .digest('base64'));
     }
     static async checkAuthWithEmail(decoded) {
-        if (!(decoded === null || decoded === void 0 ? void 0 : decoded.email)) {
+        if (!decoded?.email) {
             throw new auth_error_js_1.AuthError({
                 errorCode: auth_error_js_1.AuthError.ERROR_CODES.USER_NOT_FOUND
             });
@@ -214,33 +216,33 @@ let User = User_1 = class User {
 exports.User = User;
 tslib_1.__decorate([
     (0, typeorm_1.PrimaryGeneratedColumn)('uuid'),
-    (0, type_graphql_1.Field)(type => type_graphql_1.ID),
+    (0, type_graphql_1.Field)(type => type_graphql_1.ID, { description: 'Unique identifier for the user.' }),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "id", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)({ nullable: true }),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Unique username for the user.' }),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "username", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Full name of the user.' }),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "name", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)({ nullable: true }),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Optional description or note about the user.' }),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "description", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.ManyToMany)(type => shell_1.Domain),
     (0, typeorm_1.JoinTable)({ name: 'users_domains' }),
-    (0, type_graphql_1.Field)(type => [shell_1.Domain]),
+    (0, type_graphql_1.Field)(type => [shell_1.Domain], { description: 'Domains (organizations, companies, etc.) the user belongs to.' }),
     tslib_1.__metadata("design:type", Array)
 ], User.prototype, "domains", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)(),
-    (0, type_graphql_1.Field)(type => graphql_scalars_1.GraphQLEmailAddress),
+    (0, type_graphql_1.Field)(type => graphql_scalars_1.GraphQLEmailAddress, { description: 'Email address of the user.' }),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "email", void 0);
 tslib_1.__decorate([
@@ -261,17 +263,17 @@ tslib_1.__decorate([
 tslib_1.__decorate([
     (0, typeorm_1.ManyToMany)(type => role_js_1.Role, role => role.users),
     (0, typeorm_1.JoinTable)({ name: 'users_roles' }),
-    (0, type_graphql_1.Field)(type => [role_js_1.Role]),
+    (0, type_graphql_1.Field)(type => [role_js_1.Role], { description: 'Roles assigned to the user.' }),
     tslib_1.__metadata("design:type", Array)
 ], User.prototype, "roles", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)({ nullable: true }),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Type or category of the user (e.g., user, application, appliance).' }),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "userType", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)({ nullable: true }),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Reference information for the user (external system, etc.).' }),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "reference", void 0);
 tslib_1.__decorate([
@@ -281,13 +283,13 @@ tslib_1.__decorate([
 ], User.prototype, "salt", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)({ nullable: true }),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Locale or language preference for the user.' }),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "locale", void 0);
 tslib_1.__decorate([
     (0, type_graphql_1.Directive)('@privilege(category: "security", privilege: "query", domainOwnerGranted: true)'),
     (0, typeorm_1.Column)({ nullable: true }),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Single sign-on (SSO) identifier for federated authentication.' }),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "ssoId", void 0);
 tslib_1.__decorate([
@@ -303,7 +305,7 @@ tslib_1.__decorate([
         length: DATABASE_TYPE == 'postgres' || DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb' ? undefined : 32,
         default: UserStatus.INACTIVE
     }),
-    (0, type_graphql_1.Field)(type => String),
+    (0, type_graphql_1.Field)(type => String, { description: 'Current status of the user account.' }),
     tslib_1.__metadata("design:type", String)
 ], User.prototype, "status", void 0);
 tslib_1.__decorate([
@@ -312,10 +314,11 @@ tslib_1.__decorate([
 ], User.prototype, "failCount", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)({ nullable: true }),
-    tslib_1.__metadata("design:type", Date)
+    tslib_1.__metadata("design:type", Date // Last time the password was updated
+    )
 ], User.prototype, "passwordUpdatedAt", void 0);
 tslib_1.__decorate([
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Whether the user is the owner of the domain (not persisted in DB).' }),
     tslib_1.__metadata("design:type", Boolean)
 ], User.prototype, "owner", void 0);
 tslib_1.__decorate([
@@ -324,12 +327,12 @@ tslib_1.__decorate([
 ], User.prototype, "credentials", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.OneToMany)(() => users_auth_providers_js_1.UsersAuthProviders, usersAuthProviders => usersAuthProviders.user),
-    (0, type_graphql_1.Field)(type => [users_auth_providers_js_1.UsersAuthProviders], { nullable: true }),
+    (0, type_graphql_1.Field)(type => [users_auth_providers_js_1.UsersAuthProviders], { nullable: true, description: 'External authentication providers linked to the user.' }),
     tslib_1.__metadata("design:type", Array)
 ], User.prototype, "usersAuthProviders", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.ManyToOne)(type => User, { nullable: true }),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'User who created this user account.' }),
     tslib_1.__metadata("design:type", User)
 ], User.prototype, "creator", void 0);
 tslib_1.__decorate([
@@ -338,7 +341,7 @@ tslib_1.__decorate([
 ], User.prototype, "creatorId", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.ManyToOne)(type => User, { nullable: true }),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'User who last updated this user account.' }),
     tslib_1.__metadata("design:type", User)
 ], User.prototype, "updater", void 0);
 tslib_1.__decorate([
@@ -347,12 +350,12 @@ tslib_1.__decorate([
 ], User.prototype, "updaterId", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.CreateDateColumn)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Timestamp when the user account was created.' }),
     tslib_1.__metadata("design:type", Date)
 ], User.prototype, "createdAt", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.UpdateDateColumn)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Timestamp when the user account was last updated.' }),
     tslib_1.__metadata("design:type", Date
     /* signing for jsonwebtoken */
     )
@@ -366,6 +369,6 @@ exports.User = User = User_1 = tslib_1.__decorate([
         unique: true,
         where: '"username" IS NOT NULL'
     }),
-    (0, type_graphql_1.ObjectType)()
+    (0, type_graphql_1.ObjectType)({ description: 'Represents a user account in the system, including authentication, roles, and domain associations.' })
 ], User);
 //# sourceMappingURL=user.js.map

package/dist-server/service/user/user.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"user.js","sourceRoot":"","sources":["../../../server/service/user/user.ts"],"names":[],"mappings":";;;;;AAAA,4DAA2B;AAC3B,wEAA8B;AAC9B,+CAA+D;AAC/D,qDAAqD;AACrD,qCAagB;AAEhB,6CAA4C;AAC5C,iDAA6D;AAE7D,+EAAiF;AACjF,8DAAsD;AACtD,6DAAkD;AAClD,6CAAsC;AACtC,4DAAqD;AACrD,0FAAiF;AACjF,6FAAoF;AACpF,yEAAyE;AAEzE,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;AAC7C,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAA;AAEpC,MAAM,oBAAoB,GAAG,MAAM,CAAC,YAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,IAAI,IAAI,CAAA;AAEhF,IAAY,UAOX;AAPD,WAAY,UAAU;IACpB,mCAAqB,CAAA;IACrB,qCAAuB,CAAA;IACvB,iCAAmB,CAAA;IACnB,+BAAiB,CAAA;IACjB,+BAAiB,CAAA;IACjB,4DAA8C,CAAA;AAChD,CAAC,EAPW,UAAU,0BAAV,UAAU,QAOrB;AAWM,IAAM,IAAI,YAAV,MAAM,IAAI;IA0Hf,8BAA8B;IAC9B,KAAK,CAAC,IAAI,CAAC,OAAQ;QACjB,IAAI,EAAE,SAAS,GAAG,oBAAoB,EAAE,GAAG,OAAO,IAAI,EAAE,CAAA;QAExD,IAAI,IAAI,GAAG;YACT,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,KAAK;SACtC,CAAA;QAED,OAAO,MAAM,sBAAG,CAAC,IAAI,CAAC,IAAI,EAAE,sBAAM,EAAE;YAClC,SAAS;YACT,MAAM,EAAE,cAAc;YACtB,OAAO,EAAE,MAAM;SAChB,CAAC,CAAA;IACJ,CAAC;IAED,6CAA6C;IAC7C,MAAM,CAAC,sBAAsB,CAAC,QAAQ,EAAE,GAAG;QACzC,IAAA,yCAAsB,EAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;IACvC,CAAC;IAED,mBAAmB;IACnB,MAAM,CAAC,YAAY;QACjB,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC/C,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,QAAgB,EAAE,IAAI;QAClC,OAAO,gBAAM;aACV,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,sBAAM,CAAC;aACpC,MAAM,CAAC,QAAQ,CAAC;aAChB,MAAM,CAAC,QAAQ,CAAC,CAAA;IACrB,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI;QAClC,OAAO,CACL,MAAM;YACJ,gBAAM;iBACH,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,sBAAM,CAAC;iBACpC,MAAM,CAAC,QAAQ,CAAC;iBAChB,MAAM,CAAC,QAAQ,CAAC;YACrB,MAAM;gBACJ,gBAAM;qBACH,UAAU,CAAC,MAAM,EAAE,IAAI,IAAI,sBAAM,CAAC;qBAClC,MAAM,CAAC,QAAQ,CAAC;qBAChB,MAAM,CAAC,QAAQ,CAAC,CACtB,CAAA;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,OAAO;QACrC,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,CAAA,EAAE,CAAC;YACpB,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE;YAC/B,SAAS,EAAE,CAAC,SAAS,CAAC;YACtB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC,CAAC;YACJ,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBACpB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;YACN,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO;QAC5B,2BAA2B;QAC3B,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,GAAG,OAAO,IAAI,EAAE,CAAA;QAEtC,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,EAAE,EAAE,CAAC;YACP,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;gBAClC,KAAK,EAAE,EAAE,EAAE,EAAE;gBACb,SAAS,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;gBACrC,KAAK,EAAE,IAAI;aACZ,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;gBAClC,KAAK,EAAE,EAAE,QAAQ,EAAE;gBACnB,SAAS,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;gBACrC,KAAK,EAAE,IAAI;aACZ,CAAC,CAAA;YAEF,IAAI,CAAC,IAAI,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACzD,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;oBAC9B,KAAK,EAAE;wBACL,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC;qBACvB;oBACD,SAAS,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;oBACrC,KAAK,EAAE,IAAI;iBACZ,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC,CAAC;YACJ,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBACpB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;YACN,CAAC;YAED,MAAM,EAAE,eAAe,EAAE,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAElD,IAAI,eAAe,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjF,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAA;YAC7C,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,SAAiB,EAAE,QAAgB,EAAE,MAAc,EAAE,IAAU;QACvF,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC;aAC1C,kBAAkB,CAAC,WAAW,CAAC;aAC/B,SAAS,CAAC,iBAAiB,EAAE,MAAM,CAAC;aACpC,SAAS,CAAC,YAAY,EAAE,MAAM,CAAC;aAC/B,KAAK,CAAC,gCAAgC,EAAE,EAAE,QAAQ,EAAE,CAAC;aACrD,QAAQ,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,CAAC;aACtD,QAAQ,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAClD,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;aAC/D,QAAQ,EAAE,CAAA;QAEb,OAAO,MAAM,GAAG,CAAC,CAAA;IACnB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAU,EAAE,MAAc;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,MAAI,CAAC;aACrC,kBAAkB,CAAC,MAAM,CAAC;aAC1B,iBAAiB,CAAC,YAAY,EAAE,MAAM,CAAC;aACvC,iBAAiB,CAAC,iBAAiB,EAAE,WAAW,CAAC;aACjD,MAAM,CAAC,CAAC,6BAA6B,EAAE,gCAAgC,CAAC,CAAC;aACzE,KAAK,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAC/C,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;aAC/D,OAAO,CAAC,oBAAoB,CAAC;aAC7B,UAAU,CAAC,gBAAgB,CAAC;aAC5B,UAAU,EAAE,CAAA;QAEf,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE;YAC9C,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;YAChC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACxF,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;YACnB,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAAE,CAAC,CAAA;QAEN,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,SAAiB,EAAE,QAAgB,EAAE,IAAU;QAClF,OAAO,IAAA,6CAAuB,EAAC,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAA;IAC3D,CAAC;CACF,CAAA;AAtUY,oBAAI;AAGN;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;gCACC;AAInB;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;sCACV;AAIhB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kCACd;AAIZ;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;yCACP;AAKnB;IAHC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IAC1B,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC;IACpC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAM,CAAC,CAAC;;qCACN;AAIlB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,qCAAmB,CAAC;;mCACtB;AAeb;IAbC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;QACd,IAAI,EACF,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACpD,CAAC,CAAC,UAAU;YACZ,CAAC,CAAC,aAAa,IAAI,QAAQ;gBACzB,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,aAAa,IAAI,OAAO;oBACxB,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS;QACnB,MAAM,EAAE,aAAa,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;KACrD,CAAC;;sCACc;AAKhB;IAHC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;IAC5C,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;IAClC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAI,CAAC,CAAC;;mCACR;AAId;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;sCACV;AAIhB;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;uCACT;AAIjB;IAFC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kCACf;AAIZ;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;oCACZ;AAKd;IAHC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;mCACb;AAiBb;IAfC,IAAA,gBAAM,EAAC;QACN,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACnF,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,aAAa,IAAI,QAAQ;gBACzB,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,aAAa,IAAI,OAAO;oBACxB,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS;QACnB,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QAChH,MAAM,EAAE,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE;QAC9G,OAAO,EAAE,UAAU,CAAC,QAAQ;KAC7B,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC;;oCACJ;AAGlB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;;uCACxB;AAGjB;IADC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACR,IAAI;+CAAA;AAGvB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;mCACZ;AAGd;IADC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,0CAAiB,EAAE,UAAU,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;;yCAClC;AAIhC;IAFC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,4CAAkB,EAAE,kBAAkB,CAAC,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;IAClF,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,4CAAkB,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;gDAChB;AAIxC;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,IAAI;qCAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAIjB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACjB,IAAI;qCAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAIjB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;uCAAA;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACf,IAAI;IAEf,8BAA8B;;uCAFf;eAxHJ,IAAI;IAThB,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EAAC,WAAW,EAAE,CAAC,IAAU,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;QAChD,MAAM,EAAE,IAAI;KACb,CAAC;IACD,IAAA,eAAK,EAAC,WAAW,EAAE,CAAC,IAAU,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;QACnD,MAAM,EAAE,IAAI;QACZ,KAAK,EAAE,wBAAwB;KAChC,CAAC;IACD,IAAA,yBAAU,GAAE;GACA,IAAI,CAsUhB","sourcesContent":["import crypto from 'crypto'\nimport jwt from 'jsonwebtoken'\nimport { Directive, Field, ID, ObjectType } from 'type-graphql'\nimport { GraphQLEmailAddress } from 'graphql-scalars'\nimport {\n Column,\n CreateDateColumn,\n Entity,\n ILike,\n Index,\n JoinTable,\n ManyToMany,\n ManyToOne,\n OneToMany,\n PrimaryGeneratedColumn,\n RelationId,\n UpdateDateColumn\n} from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { validatePasswordByRule } from '../../controllers/utils/password-rule.js'\nimport { AuthError } from '../../errors/auth-error.js'\nimport { SECRET } from '../../utils/get-secret.js'\nimport { Role } from '../role/role.js'\nimport { Privilege } from '../privilege/privilege.js'\nimport { WebAuthCredential } from '../web-auth-credential/web-auth-credential.js'\nimport { UsersAuthProviders } from '../users-auth-providers/users-auth-providers.js'\nimport { getDomainsWithPrivilege } from '../../utils/get-user-domains.js'\n\nconst ORMCONFIG = config.get('ormconfig', {})\nconst DATABASE_TYPE = ORMCONFIG.type\n\nconst sessionExpirySeconds = Number(config.get('session/expirySeconds')) \|\| '7d'\n\nexport enum UserStatus {\n INACTIVE = 'inactive',\n ACTIVATED = 'activated',\n DELETED = 'deleted',\n LOCKED = 'locked',\n BANNED = 'banned',\n PWD_RESET_REQUIRED = 'password_reset_required'\n}\n\n@Entity()\n@Index('ix_user_0', (user: User) => [user.email], {\n unique: true\n})\n@Index('ix_user_1', (user: User) => [user.username], {\n unique: true,\n where: '\"username\" IS NOT NULL'\n})\n@ObjectType()\nexport class User {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n username: string\n\n @Column()\n @Field({ nullable: true })\n name: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n description: string\n\n @ManyToMany(type => Domain)\n @JoinTable({ name: 'users_domains' })\n @Field(type => [Domain])\n domains?: Domain[]\n\n @Column()\n @Field(type => GraphQLEmailAddress)\n email: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({\n nullable: true,\n type:\n DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? 'longtext'\n : DATABASE_TYPE == 'oracle'\n ? 'clob'\n : DATABASE_TYPE == 'mssql'\n ? 'nvarchar'\n : 'varchar',\n length: DATABASE_TYPE == 'mssql' ? 'MAX' : undefined\n })\n password: string\n\n @ManyToMany(type => Role, role => role.users)\n @JoinTable({ name: 'users_roles' })\n @Field(type => [Role])\n roles?: Role[]\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n userType: string // default: 'user', enum: 'user', 'application', 'appliance'\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n reference: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({ nullable: true })\n salt: string\n\n @Column({ nullable: true })\n @Field({ nullable: true })\n locale: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({ nullable: true })\n @Field({ nullable: true })\n ssoId: string\n\n @Column({\n type:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? 'enum'\n : DATABASE_TYPE == 'oracle'\n ? 'varchar2'\n : DATABASE_TYPE == 'mssql'\n ? 'nvarchar'\n : 'varchar',\n enum:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb' ? UserStatus : undefined,\n length: DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb' ? undefined : 32,\n default: UserStatus.INACTIVE\n })\n @Field(type => String)\n status: UserStatus\n\n @Column({ type: 'smallint', default: 0 })\n failCount: number\n\n @Column({ nullable: true })\n passwordUpdatedAt: Date\n\n @Field({ nullable: true })\n owner: boolean /* should not be a column /\n\n @OneToMany(() => WebAuthCredential, credential => credential.user)\n credentials: WebAuthCredential[]\n\n @OneToMany(() => UsersAuthProviders, usersAuthProviders => usersAuthProviders.user)\n @Field(type => [UsersAuthProviders], { nullable: true })\n usersAuthProviders: UsersAuthProviders[]\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n creator: User\n\n @RelationId((user: User) => user.creator)\n creatorId: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true })\n updater: User\n\n @RelationId((user: User) => user.updater)\n updaterId: string\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt: Date\n\n / signing for jsonwebtoken /\n async sign(options?) {\n var { expiresIn = sessionExpirySeconds } = options \|\| {}\n\n var user = {\n username: this.username \|\| this.email\n }\n\n return await jwt.sign(user, SECRET, {\n expiresIn,\n issuer: 'hatiolab.com',\n subject: 'user'\n })\n }\n\n / validate password through password rule /\n static validatePasswordByRule(password, lng) {\n validatePasswordByRule(password, lng)\n }\n\n / generate salt /\n static generateSalt() {\n return crypto.randomBytes(16).toString('hex')\n }\n\n / encode password /\n static encode(password: string, salt) {\n return crypto\n .createHmac('sha256', salt \|\| SECRET)\n .update(password)\n .digest('base64')\n }\n\n / verify password */\n static verify(hashed, password, salt) {\n return (\n hashed ==\n crypto\n .createHmac('sha256', salt \|\| SECRET)\n .update(password)\n .digest('base64') \|\|\n hashed ==\n crypto\n .createHmac('sha1', salt \|\| SECRET)\n .update(password)\n .digest('base64')\n )\n }\n\n static async checkAuthWithEmail(decoded) {\n if (!decoded?.email) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n var user = await repository.findOne({\n where: { email: decoded.email },\n relations: ['domains'],\n cache: true\n })\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n return user\n }\n }\n\n static async checkAuth(decoded) {\n // id 는 하위호환성을 위해 단기적으로 유지함\n const { id, username } = decoded \|\| {}\n\n if (!id && !username) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n if (id) {\n var user = await repository.findOne({\n where: { id },\n relations: ['domains', 'credentials'],\n cache: true\n })\n } else {\n var user = await repository.findOne({\n where: { username },\n relations: ['domains', 'credentials'],\n cache: true\n })\n\n if (!user && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: {\n email: ILike(username)\n },\n relations: ['domains', 'credentials'],\n cache: true\n })\n }\n }\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n const { defaultPassword } = config.get('password')\n\n if (defaultPassword && user.password === this.encode(defaultPassword, user.salt)) {\n user.status = UserStatus.PWD_RESET_REQUIRED\n }\n\n return user\n }\n }\n\n static async hasPrivilege(privilege: string, category: string, domain: Domain, user: User): Promise<boolean> {\n const result = await getRepository(Privilege)\n .createQueryBuilder('privilege')\n .innerJoin('privilege.roles', 'role')\n .innerJoin('role.users', 'user')\n .where('privilege.category = :category', { category })\n .andWhere('privilege.name = :privilege', { privilege })\n .andWhere('user.id = :userId', { userId: user.id })\n .andWhere('role.domain.id = :domainId', { domainId: domain.id })\n .getCount()\n\n return result > 0\n }\n\n static async getPrivilegesByDomain(user: User, domain: Domain): Promise<{ category: string; privilege: string }[]> {\n const result = await getRepository(User)\n .createQueryBuilder('user')\n .leftJoinAndSelect('user.roles', 'role')\n .leftJoinAndSelect('role.privileges', 'privilege')\n .select(['privilege.name AS privilege', 'privilege.category AS category'])\n .where('user.id = :userId', { userId: user.id })\n .andWhere('role.domain.id = :domainId', { domainId: domain.id })\n .orderBy('privilege.category')\n .addOrderBy('privilege.name')\n .getRawMany()\n\n const distinct = result.reduce((acc, current) => {\n const last = acc[acc.length - 1]\n if (!last \|\| last.privilege !== current.privilege \|\| last.category !== current.category) {\n acc.push(current)\n }\n return acc\n }, [])\n\n return distinct\n }\n\n static async getDomainsWithPrivilege(privilege: string, category: string, user: User) {\n return getDomainsWithPrivilege(user, privilege, category)\n }\n}\n"]}
1	+ {"version":3,"file":"user.js","sourceRoot":"","sources":["../../../server/service/user/user.ts"],"names":[],"mappings":";AAAA,iGAAiG;AACjG,mGAAmG;;;;;AAEnG,4DAA2B;AAC3B,wEAA8B;AAC9B,+CAA+D;AAC/D,qDAAqD;AACrD,qCAagB;AAEhB,6CAA4C;AAC5C,iDAA6D;AAE7D,+EAAiF;AACjF,8DAAsD;AACtD,6DAAkD;AAClD,6CAAsC;AACtC,4DAAqD;AACrD,0FAAiF;AACjF,6FAAoF;AACpF,yEAAyE;AAEzE,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;AAC7C,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAA;AAEpC,MAAM,oBAAoB,GAAG,MAAM,CAAC,YAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,IAAI,IAAI,CAAA;AAEhF,IAAY,UAOX;AAPD,WAAY,UAAU;IACpB,mCAAqB,CAAA;IACrB,qCAAuB,CAAA;IACvB,iCAAmB,CAAA;IACnB,+BAAiB,CAAA;IACjB,+BAAiB,CAAA;IACjB,4DAA8C,CAAA,CAAC,wDAAwD;AACzG,CAAC,EAPW,UAAU,0BAAV,UAAU,QAOrB;AAWM,IAAM,IAAI,YAAV,MAAM,IAAI;IA0Hf,8BAA8B;IAC9B,KAAK,CAAC,IAAI,CAAC,OAAQ;QACjB,IAAI,EAAE,SAAS,GAAG,oBAAoB,EAAE,GAAG,OAAO,IAAI,EAAE,CAAA;QAExD,IAAI,IAAI,GAAG;YACT,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,KAAK;SACtC,CAAA;QAED,OAAO,MAAM,sBAAG,CAAC,IAAI,CAAC,IAAI,EAAE,sBAAM,EAAE;YAClC,SAAS;YACT,MAAM,EAAE,cAAc;YACtB,OAAO,EAAE,MAAM;SAChB,CAAC,CAAA;IACJ,CAAC;IAED,6CAA6C;IAC7C,MAAM,CAAC,sBAAsB,CAAC,QAAQ,EAAE,GAAG;QACzC,IAAA,yCAAsB,EAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;IACvC,CAAC;IAED,mBAAmB;IACnB,MAAM,CAAC,YAAY;QACjB,OAAO,gBAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC/C,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,QAAgB,EAAE,IAAI;QAClC,OAAO,gBAAM;aACV,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,sBAAM,CAAC;aACpC,MAAM,CAAC,QAAQ,CAAC;aAChB,MAAM,CAAC,QAAQ,CAAC,CAAA;IACrB,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI;QAClC,OAAO,CACL,MAAM;YACJ,gBAAM;iBACH,UAAU,CAAC,QAAQ,EAAE,IAAI,IAAI,sBAAM,CAAC;iBACpC,MAAM,CAAC,QAAQ,CAAC;iBAChB,MAAM,CAAC,QAAQ,CAAC;YACrB,MAAM;gBACJ,gBAAM;qBACH,UAAU,CAAC,MAAM,EAAE,IAAI,IAAI,sBAAM,CAAC;qBAClC,MAAM,CAAC,QAAQ,CAAC;qBAChB,MAAM,CAAC,QAAQ,CAAC,CACtB,CAAA;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,OAAO;QACrC,IAAI,CAAC,OAAO,EAAE,KAAK,EAAE,CAAC;YACpB,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE;YAC/B,SAAS,EAAE,CAAC,SAAS,CAAC;YACtB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAA;QAEF,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC,CAAC;YACJ,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBACpB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;YACN,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO;QAC5B,2BAA2B;QAC3B,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,GAAG,OAAO,IAAI,EAAE,CAAA;QAEtC,IAAI,CAAC,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,MAAI,CAAC,CAAA;QACtC,IAAI,EAAE,EAAE,CAAC;YACP,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;gBAClC,KAAK,EAAE,EAAE,EAAE,EAAE;gBACb,SAAS,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;gBACrC,KAAK,EAAE,IAAI;aACZ,CAAC,CAAA;QACJ,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;gBAClC,KAAK,EAAE,EAAE,QAAQ,EAAE;gBACnB,SAAS,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;gBACrC,KAAK,EAAE,IAAI;aACZ,CAAC,CAAA;YAEF,IAAI,CAAC,IAAI,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACzD,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;oBAC9B,KAAK,EAAE;wBACL,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC;qBACvB;oBACD,SAAS,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;oBACrC,KAAK,EAAE,IAAI;iBACZ,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,IAAI;YACP,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;aAChD,CAAC,CAAA;aACC,CAAC;YACJ,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;gBACpB,KAAK,UAAU,CAAC,QAAQ;oBACtB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;wBACnD,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,MAAM;oBACpB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,WAAW;wBAC5C,MAAM,EAAE;4BACN,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB;qBACF,CAAC,CAAA;gBACJ,KAAK,UAAU,CAAC,OAAO;oBACrB,MAAM,IAAI,yBAAS,CAAC;wBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,YAAY;qBAC9C,CAAC,CAAA;YACN,CAAC;YAED,MAAM,EAAE,eAAe,EAAE,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAElD,IAAI,eAAe,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjF,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,kBAAkB,CAAA;YAC7C,CAAC;YAED,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,SAAiB,EAAE,QAAgB,EAAE,MAAc,EAAE,IAAU;QACvF,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,wBAAS,CAAC;aAC1C,kBAAkB,CAAC,WAAW,CAAC;aAC/B,SAAS,CAAC,iBAAiB,EAAE,MAAM,CAAC;aACpC,SAAS,CAAC,YAAY,EAAE,MAAM,CAAC;aAC/B,KAAK,CAAC,gCAAgC,EAAE,EAAE,QAAQ,EAAE,CAAC;aACrD,QAAQ,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,CAAC;aACtD,QAAQ,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAClD,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;aAC/D,QAAQ,EAAE,CAAA;QAEb,OAAO,MAAM,GAAG,CAAC,CAAA;IACnB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAU,EAAE,MAAc;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAa,EAAC,MAAI,CAAC;aACrC,kBAAkB,CAAC,MAAM,CAAC;aAC1B,iBAAiB,CAAC,YAAY,EAAE,MAAM,CAAC;aACvC,iBAAiB,CAAC,iBAAiB,EAAE,WAAW,CAAC;aACjD,MAAM,CAAC,CAAC,6BAA6B,EAAE,gCAAgC,CAAC,CAAC;aACzE,KAAK,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;aAC/C,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC;aAC/D,OAAO,CAAC,oBAAoB,CAAC;aAC7B,UAAU,CAAC,gBAAgB,CAAC;aAC5B,UAAU,EAAE,CAAA;QAEf,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE;YAC9C,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;YAChC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,SAAS,KAAK,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACxF,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;YACnB,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC,EAAE,EAAE,CAAC,CAAA;QAEN,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,SAAiB,EAAE,QAAgB,EAAE,IAAU;QAClF,OAAO,IAAA,6CAAuB,EAAC,IAAI,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAA;IAC3D,CAAC;CACF,CAAA;AAtUY,oBAAI;AAGN;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,EAAE,EAAE,WAAW,EAAE,iCAAiC,EAAE,CAAC;;gCACnD;AAInB;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,+BAA+B,EAAE,CAAC;;sCACxD;AAIhB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC;;kCACrD;AAIZ;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,8CAA8C,EAAE,CAAC;;yCACpE;AAKnB;IAHC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IAC1B,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC;IACpC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAM,CAAC,EAAE,EAAE,WAAW,EAAE,+DAA+D,EAAE,CAAC;;qCACxF;AAIlB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,qCAAmB,EAAE,EAAE,WAAW,EAAE,4BAA4B,EAAE,CAAC;;mCACrE;AAeb;IAbC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;QACd,IAAI,EACF,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACpD,CAAC,CAAC,UAAU;YACZ,CAAC,CAAC,aAAa,IAAI,QAAQ;gBACzB,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,aAAa,IAAI,OAAO;oBACxB,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS;QACnB,MAAM,EAAE,aAAa,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;KACrD,CAAC;;sCACc;AAKhB;IAHC,IAAA,oBAAU,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;IAC5C,IAAA,mBAAS,EAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;IAClC,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,cAAI,CAAC,EAAE,EAAE,WAAW,EAAE,6BAA6B,EAAE,CAAC;;mCACxD;AAId;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,oEAAoE,EAAE,CAAC;;sCAC7F;AAIhB;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,6DAA6D,EAAE,CAAC;;uCACrF;AAIjB;IAFC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;kCACf;AAIZ;IAFC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,6CAA6C,EAAE,CAAC;;oCACxE;AAKd;IAHC,IAAA,wBAAS,EAAC,gFAAgF,CAAC;IAC3F,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC1B,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,+DAA+D,EAAE,CAAC;;mCAC3F;AAiBb;IAfC,IAAA,gBAAM,EAAC;QACN,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACnF,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,aAAa,IAAI,QAAQ;gBACzB,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,aAAa,IAAI,OAAO;oBACxB,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS;QACnB,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QAChH,MAAM,EAAE,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE;QAC9G,OAAO,EAAE,UAAU,CAAC,QAAQ;KAC7B,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,WAAW,EAAE,qCAAqC,EAAE,CAAC;;oCAC5D;AAGlB;IADC,IAAA,gBAAM,EAAC,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;;uCACxB;AAGjB;IADC,IAAA,gBAAM,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;sCACR,IAAI,CAAC,qCAAqC;;+CAAtC;AAGvB;IADC,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,oEAAoE,EAAE,CAAC;;mCAC/F;AAGd;IADC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,0CAAiB,EAAE,UAAU,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;;yCAClC;AAIhC;IAFC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,4CAAkB,EAAE,kBAAkB,CAAC,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;IAClF,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC,4CAAkB,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,uDAAuD,EAAE,CAAC;;gDACtF;AAIxC;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,qCAAqC,EAAE,CAAC;sCACrE,IAAI;qCAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAIjB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,0CAA0C,EAAE,CAAC;sCAC1E,IAAI;qCAAA;AAGb;IADC,IAAA,oBAAU,EAAC,CAAC,IAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC;;uCACxB;AAIjB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,8CAA8C,EAAE,CAAC;sCAC5E,IAAI;uCAAA;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,mDAAmD,EAAE,CAAC;sCACjF,IAAI;IAEf,8BAA8B;;uCAFf;eAxHJ,IAAI;IAThB,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EAAC,WAAW,EAAE,CAAC,IAAU,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;QAChD,MAAM,EAAE,IAAI;KACb,CAAC;IACD,IAAA,eAAK,EAAC,WAAW,EAAE,CAAC,IAAU,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;QACnD,MAAM,EAAE,IAAI;QACZ,KAAK,EAAE,wBAAwB;KAChC,CAAC;IACD,IAAA,yBAAU,EAAC,EAAE,WAAW,EAAE,oGAAoG,EAAE,CAAC;GACrH,IAAI,CAsUhB","sourcesContent":["// This file defines the User entity and its GraphQL schema for authentication and authorization.\n// It includes user fields, status enum, and utility methods for password and privilege management.\n\nimport crypto from 'crypto'\nimport jwt from 'jsonwebtoken'\nimport { Directive, Field, ID, ObjectType } from 'type-graphql'\nimport { GraphQLEmailAddress } from 'graphql-scalars'\nimport {\n Column,\n CreateDateColumn,\n Entity,\n ILike,\n Index,\n JoinTable,\n ManyToMany,\n ManyToOne,\n OneToMany,\n PrimaryGeneratedColumn,\n RelationId,\n UpdateDateColumn\n} from 'typeorm'\n\nimport { config } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { validatePasswordByRule } from '../../controllers/utils/password-rule.js'\nimport { AuthError } from '../../errors/auth-error.js'\nimport { SECRET } from '../../utils/get-secret.js'\nimport { Role } from '../role/role.js'\nimport { Privilege } from '../privilege/privilege.js'\nimport { WebAuthCredential } from '../web-auth-credential/web-auth-credential.js'\nimport { UsersAuthProviders } from '../users-auth-providers/users-auth-providers.js'\nimport { getDomainsWithPrivilege } from '../../utils/get-user-domains.js'\n\nconst ORMCONFIG = config.get('ormconfig', {})\nconst DATABASE_TYPE = ORMCONFIG.type\n\nconst sessionExpirySeconds = Number(config.get('session/expirySeconds')) \|\| '7d'\n\nexport enum UserStatus {\n INACTIVE = 'inactive', // The user account is inactive and cannot log in.\n ACTIVATED = 'activated', // The user account is active and can log in.\n DELETED = 'deleted', // The user account has been deleted.\n LOCKED = 'locked', // The user account is locked due to security reasons.\n BANNED = 'banned', // The user account is banned from the system.\n PWD_RESET_REQUIRED = 'password_reset_required' // The user must reset their password before logging in.\n}\n\n@Entity()\n@Index('ix_user_0', (user: User) => [user.email], {\n unique: true\n})\n@Index('ix_user_1', (user: User) => [user.username], {\n unique: true,\n where: '\"username\" IS NOT NULL'\n})\n@ObjectType({ description: 'Represents a user account in the system, including authentication, roles, and domain associations.' })\nexport class User {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID, { description: 'Unique identifier for the user.' })\n readonly id: string\n\n @Column({ nullable: true })\n @Field({ nullable: true, description: 'Unique username for the user.' })\n username: string\n\n @Column()\n @Field({ nullable: true, description: 'Full name of the user.' })\n name: string\n\n @Column({ nullable: true })\n @Field({ nullable: true, description: 'Optional description or note about the user.' })\n description: string\n\n @ManyToMany(type => Domain)\n @JoinTable({ name: 'users_domains' })\n @Field(type => [Domain], { description: 'Domains (organizations, companies, etc.) the user belongs to.' })\n domains?: Domain[]\n\n @Column()\n @Field(type => GraphQLEmailAddress, { description: 'Email address of the user.' })\n email: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({\n nullable: true,\n type:\n DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? 'longtext'\n : DATABASE_TYPE == 'oracle'\n ? 'clob'\n : DATABASE_TYPE == 'mssql'\n ? 'nvarchar'\n : 'varchar',\n length: DATABASE_TYPE == 'mssql' ? 'MAX' : undefined\n })\n password: string // Hashed password for authentication\n\n @ManyToMany(type => Role, role => role.users)\n @JoinTable({ name: 'users_roles' })\n @Field(type => [Role], { description: 'Roles assigned to the user.' })\n roles?: Role[]\n\n @Column({ nullable: true })\n @Field({ nullable: true, description: 'Type or category of the user (e.g., user, application, appliance).' })\n userType: string\n\n @Column({ nullable: true })\n @Field({ nullable: true, description: 'Reference information for the user (external system, etc.).' })\n reference: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({ nullable: true })\n salt: string // Salt used for password hashing\n\n @Column({ nullable: true })\n @Field({ nullable: true, description: 'Locale or language preference for the user.' })\n locale: string\n\n @Directive('@privilege(category: \"security\", privilege: \"query\", domainOwnerGranted: true)')\n @Column({ nullable: true })\n @Field({ nullable: true, description: 'Single sign-on (SSO) identifier for federated authentication.' })\n ssoId: string\n\n @Column({\n type:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? 'enum'\n : DATABASE_TYPE == 'oracle'\n ? 'varchar2'\n : DATABASE_TYPE == 'mssql'\n ? 'nvarchar'\n : 'varchar',\n enum:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb' ? UserStatus : undefined,\n length: DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb' ? undefined : 32,\n default: UserStatus.INACTIVE\n })\n @Field(type => String, { description: 'Current status of the user account.' })\n status: UserStatus\n\n @Column({ type: 'smallint', default: 0 })\n failCount: number // Number of failed login attempts\n\n @Column({ nullable: true })\n passwordUpdatedAt: Date // Last time the password was updated\n\n @Field({ nullable: true, description: 'Whether the user is the owner of the domain (not persisted in DB).' })\n owner: boolean /* should not be a column /\n\n @OneToMany(() => WebAuthCredential, credential => credential.user)\n credentials: WebAuthCredential[]\n\n @OneToMany(() => UsersAuthProviders, usersAuthProviders => usersAuthProviders.user)\n @Field(type => [UsersAuthProviders], { nullable: true, description: 'External authentication providers linked to the user.' })\n usersAuthProviders: UsersAuthProviders[]\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true, description: 'User who created this user account.' })\n creator: User\n\n @RelationId((user: User) => user.creator)\n creatorId: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field({ nullable: true, description: 'User who last updated this user account.' })\n updater: User\n\n @RelationId((user: User) => user.updater)\n updaterId: string\n\n @CreateDateColumn()\n @Field({ nullable: true, description: 'Timestamp when the user account was created.' })\n createdAt: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true, description: 'Timestamp when the user account was last updated.' })\n updatedAt: Date\n\n / signing for jsonwebtoken /\n async sign(options?) {\n var { expiresIn = sessionExpirySeconds } = options \|\| {}\n\n var user = {\n username: this.username \|\| this.email\n }\n\n return await jwt.sign(user, SECRET, {\n expiresIn,\n issuer: 'hatiolab.com',\n subject: 'user'\n })\n }\n\n / validate password through password rule /\n static validatePasswordByRule(password, lng) {\n validatePasswordByRule(password, lng)\n }\n\n / generate salt /\n static generateSalt() {\n return crypto.randomBytes(16).toString('hex')\n }\n\n / encode password /\n static encode(password: string, salt) {\n return crypto\n .createHmac('sha256', salt \|\| SECRET)\n .update(password)\n .digest('base64')\n }\n\n / verify password */\n static verify(hashed, password, salt) {\n return (\n hashed ==\n crypto\n .createHmac('sha256', salt \|\| SECRET)\n .update(password)\n .digest('base64') \|\|\n hashed ==\n crypto\n .createHmac('sha1', salt \|\| SECRET)\n .update(password)\n .digest('base64')\n )\n }\n\n static async checkAuthWithEmail(decoded) {\n if (!decoded?.email) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n var user = await repository.findOne({\n where: { email: decoded.email },\n relations: ['domains'],\n cache: true\n })\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n return user\n }\n }\n\n static async checkAuth(decoded) {\n // id 는 하위호환성을 위해 단기적으로 유지함\n const { id, username } = decoded \|\| {}\n\n if (!id && !username) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n }\n\n const repository = getRepository(User)\n if (id) {\n var user = await repository.findOne({\n where: { id },\n relations: ['domains', 'credentials'],\n cache: true\n })\n } else {\n var user = await repository.findOne({\n where: { username },\n relations: ['domains', 'credentials'],\n cache: true\n })\n\n if (!user && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: {\n email: ILike(username)\n },\n relations: ['domains', 'credentials'],\n cache: true\n })\n }\n }\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n else {\n switch (user.status) {\n case UserStatus.INACTIVE:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.LOCKED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n email: user.email\n }\n })\n case UserStatus.DELETED:\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n const { defaultPassword } = config.get('password')\n\n if (defaultPassword && user.password === this.encode(defaultPassword, user.salt)) {\n user.status = UserStatus.PWD_RESET_REQUIRED\n }\n\n return user\n }\n }\n\n static async hasPrivilege(privilege: string, category: string, domain: Domain, user: User): Promise<boolean> {\n const result = await getRepository(Privilege)\n .createQueryBuilder('privilege')\n .innerJoin('privilege.roles', 'role')\n .innerJoin('role.users', 'user')\n .where('privilege.category = :category', { category })\n .andWhere('privilege.name = :privilege', { privilege })\n .andWhere('user.id = :userId', { userId: user.id })\n .andWhere('role.domain.id = :domainId', { domainId: domain.id })\n .getCount()\n\n return result > 0\n }\n\n static async getPrivilegesByDomain(user: User, domain: Domain): Promise<{ category: string; privilege: string }[]> {\n const result = await getRepository(User)\n .createQueryBuilder('user')\n .leftJoinAndSelect('user.roles', 'role')\n .leftJoinAndSelect('role.privileges', 'privilege')\n .select(['privilege.name AS privilege', 'privilege.category AS category'])\n .where('user.id = :userId', { userId: user.id })\n .andWhere('role.domain.id = :domainId', { domainId: domain.id })\n .orderBy('privilege.category')\n .addOrderBy('privilege.name')\n .getRawMany()\n\n const distinct = result.reduce((acc, current) => {\n const last = acc[acc.length - 1]\n if (!last \|\| last.privilege !== current.privilege \|\| last.category !== current.category) {\n acc.push(current)\n }\n return acc\n }, [])\n\n return distinct\n }\n\n static async getDomainsWithPrivilege(privilege: string, category: string, user: User) {\n return getDomainsWithPrivilege(user, privilege, category)\n }\n}\n"]}

package/dist-server/service/users-auth-providers/users-auth-providers.js CHANGED Viewed

@@ -12,12 +12,12 @@ let UsersAuthProviders = class UsersAuthProviders {
 exports.UsersAuthProviders = UsersAuthProviders;
 tslib_1.__decorate([
     (0, typeorm_1.PrimaryGeneratedColumn)('uuid'),
-    (0, type_graphql_1.Field)(type => type_graphql_1.ID),
+    (0, type_graphql_1.Field)(type => type_graphql_1.ID, { description: 'Unique identifier for the user-provider link.' }),
     tslib_1.__metadata("design:type", String)
 ], UsersAuthProviders.prototype, "id", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.ManyToOne)(type => shell_1.Domain),
-    (0, type_graphql_1.Field)(type => shell_1.Domain),
+    (0, type_graphql_1.Field)(type => shell_1.Domain, { description: 'The domain to which this link belongs.' }),
     tslib_1.__metadata("design:type", shell_1.Domain)
 ], UsersAuthProviders.prototype, "domain", void 0);
 tslib_1.__decorate([
@@ -28,7 +28,7 @@ tslib_1.__decorate([
     (0, typeorm_1.ManyToOne)(() => user_js_1.User, user => user.usersAuthProviders, {
         onDelete: 'CASCADE'
     }),
-    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true }),
+    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true, description: 'The user associated with this link.' }),
     tslib_1.__metadata("design:type", user_js_1.User)
 ], UsersAuthProviders.prototype, "user", void 0);
 tslib_1.__decorate([
@@ -39,7 +39,10 @@ tslib_1.__decorate([
     (0, typeorm_1.ManyToOne)(() => auth_provider_js_1.AuthProvider, authProvider => authProvider.usersAuthProviders, {
         onDelete: 'CASCADE'
     }),
-    (0, type_graphql_1.Field)(type => auth_provider_js_1.AuthProvider, { nullable: true }),
+    (0, type_graphql_1.Field)(type => auth_provider_js_1.AuthProvider, {
+        nullable: true,
+        description: 'The authentication provider associated with this link.'
+    }),
     tslib_1.__metadata("design:type", auth_provider_js_1.AuthProvider)
 ], UsersAuthProviders.prototype, "authProvider", void 0);
 tslib_1.__decorate([
@@ -48,17 +51,17 @@ tslib_1.__decorate([
 ], UsersAuthProviders.prototype, "authProviderId", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'The unique identifier for the user from the external provider (SSO ID).' }),
     tslib_1.__metadata("design:type", String)
 ], UsersAuthProviders.prototype, "ssoId", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.CreateDateColumn)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'The timestamp when this link was created.' }),
     tslib_1.__metadata("design:type", Date)
 ], UsersAuthProviders.prototype, "createdAt", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.UpdateDateColumn)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'The timestamp when this link was last updated.' }),
     tslib_1.__metadata("design:type", Date)
 ], UsersAuthProviders.prototype, "updatedAt", void 0);
 exports.UsersAuthProviders = UsersAuthProviders = tslib_1.__decorate([
@@ -68,6 +71,6 @@ exports.UsersAuthProviders = UsersAuthProviders = tslib_1.__decorate([
         usersAuthProviders.user,
         usersAuthProviders.authProvider
     ], { unique: true }),
-    (0, type_graphql_1.ObjectType)({ description: 'Entity for UsersAuthProviders' })
+    (0, type_graphql_1.ObjectType)({ description: 'Represents the link between a user and an external authentication provider.' })
 ], UsersAuthProviders);
 //# sourceMappingURL=users-auth-providers.js.map

package/dist-server/service/users-auth-providers/users-auth-providers.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"users-auth-providers.js","sourceRoot":"","sources":["../../../server/service/users-auth-providers/users-auth-providers.ts"],"names":[],"mappings":";;;;AAAA,qCAWgB;AAChB,+CAA2E;AAE3E,iDAA8C;AAC9C,6CAAsC;AACtC,wEAAgE;AAazD,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;~~CAyC9B~~,CAAA;~~AAzCY~~,gDAAkB;AAGpB;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;~~8CACC~~;AAInB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IACzB,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;~~sCACb~~,cAAM;kDAAA;AAGf;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC;;oDACjE;AAMjB;IAJC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,cAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,kBAAkB,EAAE;QACtD,QAAQ,EAAE,SAAS;KACpB,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;~~sCAClC~~,cAAI;gDAAA;AAGV;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;;kDACjE;~~AAMf~~;~~IAJC~~,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,+BAAY,EAAE,YAAY,CAAC,EAAE,CAAC,YAAY,CAAC,kBAAkB,EAAE;QAC9E,QAAQ,EAAE,SAAS;KACpB,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,+BAAY,EAAE,~~EAAE,~~QAAQ,EAAE,IAAI,EAAE,CAAC;~~sCAClC~~,+BAAY;wDAAA;AAG1B;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,YAAY,CAAC;;0DACjE;AAIvB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;~~iDACb~~;AAIb;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;~~sCACd~~,IAAI;qDAAA;AAIhB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;~~sCACf~~,IAAI;qDAAA;~~6BAxCJ~~,kBAAkB;IAX9B,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EACJ,2BAA2B,EAC3B,CAAC,kBAAsC,EAAE,EAAE,CAAC;QAC1C,kBAAkB,CAAC,MAAM;QACzB,kBAAkB,CAAC,IAAI;QACvB,kBAAkB,CAAC,YAAY;KAChC,EACD,EAAE,MAAM,EAAE,IAAI,EAAE,CACjB;IACA,IAAA,yBAAU,EAAC,EAAE,WAAW,EAAE~~,+BAA+B~~,EAAE,CAAC;~~GAChD~~,kBAAkB,~~CAyC9B~~","sourcesContent":["import {\n CreateDateColumn,\n UpdateDateColumn,\n DeleteDateColumn,\n Entity,\n Index,\n Column,\n RelationId,\n ManyToOne,\n PrimaryGeneratedColumn,\n VersionColumn\n} from 'typeorm'\nimport { ObjectType, Field, Int, ID, registerEnumType } from 'type-graphql'\n\nimport { Domain } from '@things-factory/shell'\nimport { User } from '../user/user.js'\nimport { AuthProvider } from '../auth-provider/auth-provider.js'\n\n@Entity()\n@Index(\n 'ix_users_auth_providers_0',\n (usersAuthProviders: UsersAuthProviders) => [\n usersAuthProviders.domain,\n usersAuthProviders.user,\n usersAuthProviders.authProvider\n ],\n { unique: true }\n)\n@ObjectType({ description: '~~Entity~~ ~~for~~ ~~UsersAuthProviders~~' })\nexport class UsersAuthProviders {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @ManyToOne(type => Domain)\n @Field(type => Domain)\n domain?: Domain\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.domain)\n domainId?: string\n\n @ManyToOne(() => User, user => user.usersAuthProviders, {\n onDelete: 'CASCADE'\n })\n @Field(type => User, { nullable: true })\n user: User\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.user)\n userId?: string\n\n @ManyToOne(() => AuthProvider, authProvider => authProvider.usersAuthProviders, {\n onDelete: 'CASCADE'\n })\n @Field(type => AuthProvider, { nullable: true })\n authProvider: AuthProvider\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.authProvider)\n authProviderId?: string\n\n @Column()\n @Field({ nullable: true })\n ssoId: string\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt?: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt: Date\n}\n"]}
1	+ {"version":3,"file":"users-auth-providers.js","sourceRoot":"","sources":["../../../server/service/users-auth-providers/users-auth-providers.ts"],"names":[],"mappings":";;;;AAAA,qCAWgB;AAChB,+CAA2E;AAE3E,iDAA8C;AAC9C,6CAAsC;AACtC,wEAAgE;AAazD,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;CA4C9B,CAAA;AA5CY,gDAAkB;AAGpB;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,EAAE,EAAE,WAAW,EAAE,+CAA+C,EAAE,CAAC;;8CACjE;AAInB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,CAAC;IACzB,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAM,EAAE,EAAE,WAAW,EAAE,wCAAwC,EAAE,CAAC;sCACxE,cAAM;kDAAA;AAGf;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC;;oDACjE;AAMjB;IAJC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,cAAI,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,kBAAkB,EAAE;QACtD,QAAQ,EAAE,SAAS;KACpB,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,qCAAqC,EAAE,CAAC;sCACtF,cAAI;gDAAA;AAGV;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;;kDACjE;AASf;IAPC,IAAA,mBAAS,EAAC,GAAG,EAAE,CAAC,+BAAY,EAAE,YAAY,CAAC,EAAE,CAAC,YAAY,CAAC,kBAAkB,EAAE;QAC9E,QAAQ,EAAE,SAAS;KACpB,CAAC;IACD,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,+BAAY,EAAE;QAC3B,QAAQ,EAAE,IAAI;QACd,WAAW,EAAE,wDAAwD;KACtE,CAAC;sCACY,+BAAY;wDAAA;AAG1B;IADC,IAAA,oBAAU,EAAC,CAAC,kBAAsC,EAAE,EAAE,CAAC,kBAAkB,CAAC,YAAY,CAAC;;0DACjE;AAIvB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,yEAAyE,EAAE,CAAC;;iDACrG;AAIb;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,2CAA2C,EAAE,CAAC;sCACxE,IAAI;qDAAA;AAIhB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,gDAAgD,EAAE,CAAC;sCAC9E,IAAI;qDAAA;6BA3CJ,kBAAkB;IAX9B,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EACJ,2BAA2B,EAC3B,CAAC,kBAAsC,EAAE,EAAE,CAAC;QAC1C,kBAAkB,CAAC,MAAM;QACzB,kBAAkB,CAAC,IAAI;QACvB,kBAAkB,CAAC,YAAY;KAChC,EACD,EAAE,MAAM,EAAE,IAAI,EAAE,CACjB;IACA,IAAA,yBAAU,EAAC,EAAE,WAAW,EAAE,6EAA6E,EAAE,CAAC;GAC9F,kBAAkB,CA4C9B","sourcesContent":["import {\n CreateDateColumn,\n UpdateDateColumn,\n DeleteDateColumn,\n Entity,\n Index,\n Column,\n RelationId,\n ManyToOne,\n PrimaryGeneratedColumn,\n VersionColumn\n} from 'typeorm'\nimport { ObjectType, Field, Int, ID, registerEnumType } from 'type-graphql'\n\nimport { Domain } from '@things-factory/shell'\nimport { User } from '../user/user.js'\nimport { AuthProvider } from '../auth-provider/auth-provider.js'\n\n@Entity()\n@Index(\n 'ix_users_auth_providers_0',\n (usersAuthProviders: UsersAuthProviders) => [\n usersAuthProviders.domain,\n usersAuthProviders.user,\n usersAuthProviders.authProvider\n ],\n { unique: true }\n)\n@ObjectType({ description: 'Represents the link between a user and an external authentication provider.' })\nexport class UsersAuthProviders {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID, { description: 'Unique identifier for the user-provider link.' })\n readonly id: string\n\n @ManyToOne(type => Domain)\n @Field(type => Domain, { description: 'The domain to which this link belongs.' })\n domain?: Domain\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.domain)\n domainId?: string\n\n @ManyToOne(() => User, user => user.usersAuthProviders, {\n onDelete: 'CASCADE'\n })\n @Field(type => User, { nullable: true, description: 'The user associated with this link.' })\n user: User\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.user)\n userId?: string\n\n @ManyToOne(() => AuthProvider, authProvider => authProvider.usersAuthProviders, {\n onDelete: 'CASCADE'\n })\n @Field(type => AuthProvider, {\n nullable: true,\n description: 'The authentication provider associated with this link.'\n })\n authProvider: AuthProvider\n\n @RelationId((usersAuthProviders: UsersAuthProviders) => usersAuthProviders.authProvider)\n authProviderId?: string\n\n @Column()\n @Field({ nullable: true, description: 'The unique identifier for the user from the external provider (SSO ID).' })\n ssoId: string\n\n @CreateDateColumn()\n @Field({ nullable: true, description: 'The timestamp when this link was created.' })\n createdAt?: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true, description: 'The timestamp when this link was last updated.' })\n updatedAt: Date\n}\n"]}

package/dist-server/service/verification-token/verification-token.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 export declare enum VerificationTokenType {
-    ACTIVATION = "activation",
-    PASSWORD_RESET = "password-reset",
-    UNLOCK = "unlock",
+    ACTIVATION = "activation",// Token to activate a new user account.
+    PASSWORD_RESET = "password-reset",// Token to reset a user's password.
+    UNLOCK = "unlock",// Token to unlock a locked user account.
     REQUEST_ACCESS_TOKEN = "access-token"
 }
 export declare class VerificationToken {

package/dist-server/service/verification-token/verification-token.js CHANGED Viewed

@@ -12,21 +12,21 @@ var VerificationTokenType;
     VerificationTokenType["ACTIVATION"] = "activation";
     VerificationTokenType["PASSWORD_RESET"] = "password-reset";
     VerificationTokenType["UNLOCK"] = "unlock";
-    VerificationTokenType["REQUEST_ACCESS_TOKEN"] = "access-token";
+    VerificationTokenType["REQUEST_ACCESS_TOKEN"] = "access-token"; // Token to request a new access token.
 })(VerificationTokenType || (exports.VerificationTokenType = VerificationTokenType = {}));
 let VerificationToken = class VerificationToken {
 };
 exports.VerificationToken = VerificationToken;
 tslib_1.__decorate([
     (0, typeorm_1.PrimaryColumn)(),
-    (0, type_graphql_1.Field)(type => type_graphql_1.ID),
+    (0, type_graphql_1.Field)(type => type_graphql_1.ID, { description: 'The ID of the user to whom this token belongs.' }),
     tslib_1.__metadata("design:type", String)
 ], VerificationToken.prototype, "userId", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)({
         nullable: false
     }),
-    (0, type_graphql_1.Field)(),
+    (0, type_graphql_1.Field)({ description: 'The verification token string.' }),
     tslib_1.__metadata("design:type", String)
 ], VerificationToken.prototype, "token", void 0);
 tslib_1.__decorate([
@@ -45,28 +45,28 @@ tslib_1.__decorate([
         length: DATABASE_TYPE == 'postgres' || DATABASE_TYPE == 'mysql' || DATABASE_TYPE == 'mariadb' ? undefined : 32,
         default: VerificationTokenType.ACTIVATION
     }),
-    (0, type_graphql_1.Field)(),
+    (0, type_graphql_1.Field)({ description: 'The type of action this token is for.' }),
     tslib_1.__metadata("design:type", String)
 ], VerificationToken.prototype, "type", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)({
         nullable: true
     }),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'Supplementary data associated with the token.' }),
     tslib_1.__metadata("design:type", String)
 ], VerificationToken.prototype, "suppliment", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.CreateDateColumn)(),
-    (0, type_graphql_1.Field)(),
+    (0, type_graphql_1.Field)({ description: 'The timestamp when the token was created.' }),
     tslib_1.__metadata("design:type", Date)
 ], VerificationToken.prototype, "createdAt", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.UpdateDateColumn)(),
-    (0, type_graphql_1.Field)(),
+    (0, type_graphql_1.Field)({ description: 'The timestamp when the token was last updated.' }),
     tslib_1.__metadata("design:type", Date)
 ], VerificationToken.prototype, "updatedAt", void 0);
 exports.VerificationToken = VerificationToken = tslib_1.__decorate([
     (0, typeorm_1.Entity)(),
-    (0, type_graphql_1.ObjectType)()
+    (0, type_graphql_1.ObjectType)({ description: 'A token used for verifying user actions like account activation or password reset.' })
 ], VerificationToken);
 //# sourceMappingURL=verification-token.js.map

package/dist-server/service/verification-token/verification-token.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"verification-token.js","sourceRoot":"","sources":["../../../server/service/verification-token/verification-token.ts"],"names":[],"mappings":";;;;AAAA,qCAA2F;AAC3F,6CAA4C;AAC5C,+CAAoD;AACpD,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;AAC7C,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAA;AAEpC,IAAY,qBAKX;AALD,WAAY,qBAAqB;IAC/B,kDAAyB,CAAA;IACzB,0DAAiC,CAAA;IACjC,0CAAiB,CAAA;IACjB,8DAAqC,CAAA;~~AACvC~~,CAAC,EALW,qBAAqB,qCAArB,qBAAqB,QAKhC;AAIM,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;CA4C7B,CAAA;AA5CY,8CAAiB;AAG5B;IAFC,IAAA,uBAAa,GAAE;IACf,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;~~iDACJ~~;AAMd;IAJC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,KAAK;KAChB,CAAC;IACD,IAAA,oBAAK,~~GAAE~~;;~~gDACK~~;AAoBb;IAlBC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,KAAK;QACf,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACnF,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,aAAa,IAAI,QAAQ;gBACzB,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,aAAa,IAAI,OAAO;oBACxB,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS;QACnB,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACnF,CAAC,CAAC,qBAAqB;YACvB,CAAC,CAAC,SAAS;QACf,MAAM,EAAE,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE;QAC9G,OAAO,EAAE,qBAAqB,CAAC,UAAU;KAC1C,CAAC;IACD,IAAA,oBAAK,~~GAAE~~;;+~~CACmB~~;AAM3B;IAJC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;~~qDACR~~;AAIlB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,~~GAAE~~;~~sCACG~~,IAAI;oDAAA;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,~~GAAE~~;~~sCACG~~,IAAI;oDAAA;4BA3CJ,iBAAiB;IAF7B,IAAA,gBAAM,GAAE;IACR,IAAA,yBAAU,~~GAAE~~;~~GACA~~,iBAAiB,CA4C7B","sourcesContent":["import { Column, CreateDateColumn, Entity, PrimaryColumn, UpdateDateColumn } from 'typeorm'\nimport { config } from '@things-factory/env'\nimport { ObjectType, Field, ID } from 'type-graphql'\nconst ORMCONFIG = config.get('ormconfig', {})\nconst DATABASE_TYPE = ORMCONFIG.type\n\nexport enum VerificationTokenType {\n ACTIVATION = 'activation',\n PASSWORD_RESET = 'password-reset',\n UNLOCK = 'unlock',\n REQUEST_ACCESS_TOKEN = 'access-token'\n}\n\n@Entity()\n@ObjectType()\nexport class VerificationToken {\n @PrimaryColumn()\n @Field(type => ID)\n userId: string\n\n @Column({\n nullable: false\n })\n @Field()\n token: string\n\n @Column({\n nullable: false,\n type:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? 'enum'\n : DATABASE_TYPE == 'oracle'\n ? 'varchar2'\n : DATABASE_TYPE == 'mssql'\n ? 'nvarchar'\n : 'varchar',\n enum:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? VerificationTokenType\n : undefined,\n length: DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb' ? undefined : 32,\n default: VerificationTokenType.ACTIVATION\n })\n @Field()\n type: VerificationTokenType\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true })\n suppliment: string\n\n @CreateDateColumn()\n @Field()\n createdAt: Date\n\n @UpdateDateColumn()\n @Field()\n updatedAt: Date\n}\n"]}
1	+ {"version":3,"file":"verification-token.js","sourceRoot":"","sources":["../../../server/service/verification-token/verification-token.ts"],"names":[],"mappings":";;;;AAAA,qCAA2F;AAC3F,6CAA4C;AAC5C,+CAAoD;AACpD,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;AAC7C,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAA;AAEpC,IAAY,qBAKX;AALD,WAAY,qBAAqB;IAC/B,kDAAyB,CAAA;IACzB,0DAAiC,CAAA;IACjC,0CAAiB,CAAA;IACjB,8DAAqC,CAAA,CAAC,uCAAuC;AAC/E,CAAC,EALW,qBAAqB,qCAArB,qBAAqB,QAKhC;AAIM,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;CA4C7B,CAAA;AA5CY,8CAAiB;AAG5B;IAFC,IAAA,uBAAa,GAAE;IACf,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,EAAE,EAAE,WAAW,EAAE,gDAAgD,EAAE,CAAC;;iDACvE;AAMd;IAJC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,KAAK;KAChB,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE,CAAC;;gDAC5C;AAoBb;IAlBC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,KAAK;QACf,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACnF,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,aAAa,IAAI,QAAQ;gBACzB,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,aAAa,IAAI,OAAO;oBACxB,CAAC,CAAC,UAAU;oBACZ,CAAC,CAAC,SAAS;QACnB,IAAI,EACF,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS;YACnF,CAAC,CAAC,qBAAqB;YACvB,CAAC,CAAC,SAAS;QACf,MAAM,EAAE,aAAa,IAAI,UAAU,IAAI,aAAa,IAAI,OAAO,IAAI,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE;QAC9G,OAAO,EAAE,qBAAqB,CAAC,UAAU;KAC1C,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,WAAW,EAAE,uCAAuC,EAAE,CAAC;;+CACrC;AAM3B;IAJC,IAAA,gBAAM,EAAC;QACN,QAAQ,EAAE,IAAI;KACf,CAAC;IACD,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,+CAA+C,EAAE,CAAC;;qDACtE;AAIlB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE,CAAC;sCACzD,IAAI;oDAAA;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,WAAW,EAAE,gDAAgD,EAAE,CAAC;sCAC9D,IAAI;oDAAA;4BA3CJ,iBAAiB;IAF7B,IAAA,gBAAM,GAAE;IACR,IAAA,yBAAU,EAAC,EAAE,WAAW,EAAE,oFAAoF,EAAE,CAAC;GACrG,iBAAiB,CA4C7B","sourcesContent":["import { Column, CreateDateColumn, Entity, PrimaryColumn, UpdateDateColumn } from 'typeorm'\nimport { config } from '@things-factory/env'\nimport { ObjectType, Field, ID } from 'type-graphql'\nconst ORMCONFIG = config.get('ormconfig', {})\nconst DATABASE_TYPE = ORMCONFIG.type\n\nexport enum VerificationTokenType {\n ACTIVATION = 'activation', // Token to activate a new user account.\n PASSWORD_RESET = 'password-reset', // Token to reset a user's password.\n UNLOCK = 'unlock', // Token to unlock a locked user account.\n REQUEST_ACCESS_TOKEN = 'access-token' // Token to request a new access token.\n}\n\n@Entity()\n@ObjectType({ description: 'A token used for verifying user actions like account activation or password reset.' })\nexport class VerificationToken {\n @PrimaryColumn()\n @Field(type => ID, { description: 'The ID of the user to whom this token belongs.' })\n userId: string\n\n @Column({\n nullable: false\n })\n @Field({ description: 'The verification token string.' })\n token: string\n\n @Column({\n nullable: false,\n type:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? 'enum'\n : DATABASE_TYPE == 'oracle'\n ? 'varchar2'\n : DATABASE_TYPE == 'mssql'\n ? 'nvarchar'\n : 'varchar',\n enum:\n DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb'\n ? VerificationTokenType\n : undefined,\n length: DATABASE_TYPE == 'postgres' \|\| DATABASE_TYPE == 'mysql' \|\| DATABASE_TYPE == 'mariadb' ? undefined : 32,\n default: VerificationTokenType.ACTIVATION\n })\n @Field({ description: 'The type of action this token is for.' })\n type: VerificationTokenType\n\n @Column({\n nullable: true\n })\n @Field({ nullable: true, description: 'Supplementary data associated with the token.' })\n suppliment: string\n\n @CreateDateColumn()\n @Field({ description: 'The timestamp when the token was created.' })\n createdAt: Date\n\n @UpdateDateColumn()\n @Field({ description: 'The timestamp when the token was last updated.' })\n updatedAt: Date\n}\n"]}

package/dist-server/service/web-auth-credential/web-auth-credential.js CHANGED Viewed

@@ -10,12 +10,12 @@ let WebAuthCredential = class WebAuthCredential {
 exports.WebAuthCredential = WebAuthCredential;
 tslib_1.__decorate([
     (0, typeorm_1.PrimaryGeneratedColumn)('uuid'),
-    (0, type_graphql_1.Field)(type => type_graphql_1.ID),
+    (0, type_graphql_1.Field)(type => type_graphql_1.ID, { description: 'Unique identifier for the credential.' }),
     tslib_1.__metadata("design:type", String)
 ], WebAuthCredential.prototype, "id", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.ManyToOne)(type => user_js_1.User, { nullable: true }),
-    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true }),
+    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true, description: 'The user associated with this credential.' }),
     tslib_1.__metadata("design:type", user_js_1.User)
 ], WebAuthCredential.prototype, "user", void 0);
 tslib_1.__decorate([
@@ -24,32 +24,32 @@ tslib_1.__decorate([
 ], WebAuthCredential.prototype, "userId", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'The unique ID for this credential, provided by the authenticator.' }),
     tslib_1.__metadata("design:type", String)
 ], WebAuthCredential.prototype, "credentialId", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'The public key of the credential.' }),
     tslib_1.__metadata("design:type", String)
 ], WebAuthCredential.prototype, "publicKey", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.Column)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'The signature counter, used to prevent replay attacks.' }),
     tslib_1.__metadata("design:type", Number)
 ], WebAuthCredential.prototype, "counter", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.CreateDateColumn)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'The timestamp when the credential was created.' }),
     tslib_1.__metadata("design:type", Date)
 ], WebAuthCredential.prototype, "createdAt", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.UpdateDateColumn)(),
-    (0, type_graphql_1.Field)({ nullable: true }),
+    (0, type_graphql_1.Field)({ nullable: true, description: 'The timestamp when the credential was last updated.' }),
     tslib_1.__metadata("design:type", Date)
 ], WebAuthCredential.prototype, "updatedAt", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.ManyToOne)(type => user_js_1.User, { nullable: true }),
-    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true }),
+    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true, description: 'The user who created the credential.' }),
     tslib_1.__metadata("design:type", user_js_1.User)
 ], WebAuthCredential.prototype, "creator", void 0);
 tslib_1.__decorate([
@@ -58,7 +58,7 @@ tslib_1.__decorate([
 ], WebAuthCredential.prototype, "creatorId", void 0);
 tslib_1.__decorate([
     (0, typeorm_1.ManyToOne)(type => user_js_1.User, { nullable: true }),
-    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true }),
+    (0, type_graphql_1.Field)(type => user_js_1.User, { nullable: true, description: 'The user who last updated the credential.' }),
     tslib_1.__metadata("design:type", user_js_1.User)
 ], WebAuthCredential.prototype, "updater", void 0);
 tslib_1.__decorate([
@@ -67,6 +67,7 @@ tslib_1.__decorate([
 ], WebAuthCredential.prototype, "updaterId", void 0);
 exports.WebAuthCredential = WebAuthCredential = tslib_1.__decorate([
     (0, typeorm_1.Entity)(),
-    (0, typeorm_1.Index)('ix_web_auth_credential_0', (webAuthCredential) => [webAuthCredential.user, webAuthCredential.credentialId], { unique: true })
+    (0, typeorm_1.Index)('ix_web_auth_credential_0', (webAuthCredential) => [webAuthCredential.user, webAuthCredential.credentialId], { unique: true }),
+    (0, type_graphql_1.ObjectType)({ description: 'Represents a WebAuthn credential for passwordless authentication.' })
 ], WebAuthCredential);
 //# sourceMappingURL=web-auth-credential.js.map

package/dist-server/service/web-auth-credential/web-auth-credential.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"web-auth-credential.js","sourceRoot":"","sources":["../../../server/service/web-auth-credential/web-auth-credential.ts"],"names":[],"mappings":";;;;AAAA,+~~CAAwC~~;~~AACxC~~,qCASgB;AAEhB,6CAAsC;~~AAQ~~/B,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;CA6C7B,CAAA;AA7CY,8CAAiB;AAGnB;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,CAAC;;~~6CACC~~;AAInB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;~~sCACjC~~,cAAI;+CAAA;AAGX;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC;;iDAC9D;AAIf;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;~~uDACN~~;AAIpB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;~~oDACT~~;AAIjB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;;~~kDACX~~;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;~~sCACd~~,IAAI;oDAAA;AAIhB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;~~sCACd~~,IAAI;oDAAA;AAIhB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;~~sCAC9B~~,cAAI;kDAAA;AAGd;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC;;oDAC9D;AAIlB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;~~sCAC9B~~,cAAI;kDAAA;AAGd;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC;;oDAC9D;4BA5CP,iBAAiB;~~IAN7B~~,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EACJ,0BAA0B,EAC1B,CAAC,iBAAoC,EAAE,EAAE,CAAC,CAAC,iBAAiB,CAAC,IAAI,EAAE,iBAAiB,CAAC,YAAY,CAAC,EAClG,EAAE,MAAM,EAAE,IAAI,EAAE,CACjB;~~GACY~~,iBAAiB,CA6C7B","sourcesContent":["import { Field, ID } from 'type-graphql'\nimport {\n CreateDateColumn,\n UpdateDateColumn,\n Entity,\n Index,\n Column,\n RelationId,\n ManyToOne,\n PrimaryGeneratedColumn\n} from 'typeorm'\n\nimport { User } from '../user/user.js'\n\n@Entity()\n@Index(\n 'ix_web_auth_credential_0',\n (webAuthCredential: WebAuthCredential) => [webAuthCredential.user, webAuthCredential.credentialId],\n { unique: true }\n)\nexport class WebAuthCredential {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID)\n readonly id: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n user?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.user)\n userId?: string\n\n @Column()\n @Field({ nullable: true })\n credentialId: string\n\n @Column()\n @Field({ nullable: true })\n publicKey: string\n\n @Column()\n @Field({ nullable: true })\n counter: number\n\n @CreateDateColumn()\n @Field({ nullable: true })\n createdAt?: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true })\n updatedAt?: Date\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n creator?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.creator)\n creatorId?: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true })\n updater?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.updater)\n updaterId?: string\n}\n"]}
1	+ {"version":3,"file":"web-auth-credential.js","sourceRoot":"","sources":["../../../server/service/web-auth-credential/web-auth-credential.ts"],"names":[],"mappings":";;;;AAAA,+CAAoD;AACpD,qCASgB;AAEhB,6CAAsC;AAS/B,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;CA6C7B,CAAA;AA7CY,8CAAiB;AAGnB;IAFR,IAAA,gCAAsB,EAAC,MAAM,CAAC;IAC9B,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,iBAAE,EAAE,EAAE,WAAW,EAAE,uCAAuC,EAAE,CAAC;;6CACzD;AAInB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,2CAA2C,EAAE,CAAC;sCAC3F,cAAI;+CAAA;AAGX;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC;;iDAC9D;AAIf;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,mEAAmE,EAAE,CAAC;;uDACxF;AAIpB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,mCAAmC,EAAE,CAAC;;oDAC3D;AAIjB;IAFC,IAAA,gBAAM,GAAE;IACR,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,wDAAwD,EAAE,CAAC;;kDAClF;AAIf;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,gDAAgD,EAAE,CAAC;sCAC7E,IAAI;oDAAA;AAIhB;IAFC,IAAA,0BAAgB,GAAE;IAClB,IAAA,oBAAK,EAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,qDAAqD,EAAE,CAAC;sCAClF,IAAI;oDAAA;AAIhB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,sCAAsC,EAAE,CAAC;sCACnF,cAAI;kDAAA;AAGd;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC;;oDAC9D;AAIlB;IAFC,IAAA,mBAAS,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAC3C,IAAA,oBAAK,EAAC,IAAI,CAAC,EAAE,CAAC,cAAI,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,2CAA2C,EAAE,CAAC;sCACxF,cAAI;kDAAA;AAGd;IADC,IAAA,oBAAU,EAAC,CAAC,iBAAoC,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC;;oDAC9D;4BA5CP,iBAAiB;IAP7B,IAAA,gBAAM,GAAE;IACR,IAAA,eAAK,EACJ,0BAA0B,EAC1B,CAAC,iBAAoC,EAAE,EAAE,CAAC,CAAC,iBAAiB,CAAC,IAAI,EAAE,iBAAiB,CAAC,YAAY,CAAC,EAClG,EAAE,MAAM,EAAE,IAAI,EAAE,CACjB;IACA,IAAA,yBAAU,EAAC,EAAE,WAAW,EAAE,mEAAmE,EAAE,CAAC;GACpF,iBAAiB,CA6C7B","sourcesContent":["import { Field, ID, ObjectType } from 'type-graphql'\nimport {\n CreateDateColumn,\n UpdateDateColumn,\n Entity,\n Index,\n Column,\n RelationId,\n ManyToOne,\n PrimaryGeneratedColumn\n} from 'typeorm'\n\nimport { User } from '../user/user.js'\n\n@Entity()\n@Index(\n 'ix_web_auth_credential_0',\n (webAuthCredential: WebAuthCredential) => [webAuthCredential.user, webAuthCredential.credentialId],\n { unique: true }\n)\n@ObjectType({ description: 'Represents a WebAuthn credential for passwordless authentication.' })\nexport class WebAuthCredential {\n @PrimaryGeneratedColumn('uuid')\n @Field(type => ID, { description: 'Unique identifier for the credential.' })\n readonly id: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true, description: 'The user associated with this credential.' })\n user?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.user)\n userId?: string\n\n @Column()\n @Field({ nullable: true, description: 'The unique ID for this credential, provided by the authenticator.' })\n credentialId: string\n\n @Column()\n @Field({ nullable: true, description: 'The public key of the credential.' })\n publicKey: string\n\n @Column()\n @Field({ nullable: true, description: 'The signature counter, used to prevent replay attacks.' })\n counter: number\n\n @CreateDateColumn()\n @Field({ nullable: true, description: 'The timestamp when the credential was created.' })\n createdAt?: Date\n\n @UpdateDateColumn()\n @Field({ nullable: true, description: 'The timestamp when the credential was last updated.' })\n updatedAt?: Date\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true, description: 'The user who created the credential.' })\n creator?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.creator)\n creatorId?: string\n\n @ManyToOne(type => User, { nullable: true })\n @Field(type => User, { nullable: true, description: 'The user who last updated the credential.' })\n updater?: User\n\n @RelationId((webAuthCredential: WebAuthCredential) => webAuthCredential.updater)\n updaterId?: string\n}\n"]}