npm - @things-factory/auth-base - Versions diffs - 9.0.0-beta.8 → 9.0.0 - Mend

@things-factory/auth-base 9.0.0-beta.8 → 9.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (168) hide show

package/dist-server/controllers/reset-password.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"reset-password.js","sourceRoot":"","sources":["../../server/controllers/reset-password.ts"],"names":[],"mappings":";;AAiBA,wDAqBC;AAED,sCAqFC;AA7HD,6BAAyB;AAEzB,2DAAsD;AACtD,6CAA4C;AAC5C,iDAAqD;AAErD,8DAA+D;AAC/D,2DAAmD;AACnD,yFAAiF;AACjF,qDAA8C;AAC9C,+FAA8G;AAC9G,kFAAgF;AAChF,mFAA0E;AAC1E,mFAA0E;AAE1E,MAAM,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,OAAO,CAAA;AAE5D,KAAK,UAAU,sBAAsB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE;IAC5D,IAAI,CAAC;QACH,IAAI,KAAK,GAAG,IAAA,kDAAqB,GAAE,CAAA;QACnC,IAAI,WAAW,GAAG,MAAM,IAAA,kDAAqB,EAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,6CAAqB,CAAC,cAAc,CAAC,CAAA;QAEnG,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,UAAU,GAAG,IAAI,SAAG,CAAC,8BAA8B,KAAK,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YACvF,MAAM,IAAA,sBAAS,EAAC;gBACd,QAAQ,EAAE,IAAI,CAAC,KAAK;gBACpB,OAAO,EAAE,qBAAqB;gBAC9B,OAAO,EAAE,IAAA,mDAAyB,EAAC;oBACjC,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,QAAQ,EAAE,UAAU;iBACrB,CAAC;aACH,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,aAAa,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO;IAC1D,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAErB,MAAM,iBAAiB,GAAG,MAAM,IAAA,qBAAa,EAAC,yCAAiB,CAAC,CAAC,OAAO,CAAC;QACvE,KAAK,EAAE;YACL,KAAK;YACL,IAAI,EAAE,6CAAqB,CAAC,cAAc;SAC3C;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAA;IACvD,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,iBAAiB,CAAA;IACpC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAA;IACvD,CAAC;IAED,IAAI,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;IAC9D,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAA;IAC5C,CAAC;IAED,4CAA4C;IAC5C,6CAA6C;IAC7C,IAAI;IAEJ,6CAA6C;IAC7C,cAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,~~aAAP~~,~~OAAO,uBAAP,OAAO,CAAE,~~GAAG,CAAC,CAAA;IAEnD,IAAI,CAAC,QAAQ,GAAG,cAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IAEhD,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QACrB,IAAI,eAAe,GAAoB,MAAM,IAAA,qBAAa,EAAC,qCAAe,CAAC,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,CAAA;QAC1G,IAAI,OAAO,GAAG,EAAE,CAAA;QAEhB,IAAI,eAAe,EAAE,CAAC;YACpB,IAAI,CAAC;gBACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,CAAC,CAAA;gBAC7C,IAAI,CAAC,CAAC,OAAO,YAAY,KAAK,CAAC,EAAE,CAAC;oBAChC,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAA;oBAChE,OAAO,GAAG,EAAE,CAAA;gBACd,CAAC;YACH,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAA;YAC/D,CAAC;YAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBACpD,OAAO,cAAI,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAA;YAClD,CAAC,CAAC,CAAA;YAEF,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,IAAI,yBAAS,CAAC;oBAClB,SAAS,EAAE,kCAAkB;iBAC9B,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,IAAI,~~iCACzB~~,IAAI,~~KACP,~~iBAAiB,EAAE,IAAI,IAAI,EAAE,~~IAC7B~~,CAAA;IAEF,MAAM,IAAA,qBAAa,EAAC,yCAAiB,CAAC,CAAC,MAAM,CAAC;QAC5C,MAAM;QACN,KAAK;QACL,IAAI,EAAE,6CAAqB,CAAC,cAAc;KAC3C,CAAC,CAAA;IAEF,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,GAAG;YACR;gBACE,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB;YACD,GAAG,OAAO;SACX,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAA;QAExB,MAAM,IAAA,qBAAa,EAAC,qCAAe,CAAC,CAAC,IAAI,CAAC;YACxC,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;SACjC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { URL } from 'url'\n\nimport { sendEmail } from '@things-factory/email-base'\nimport { config } from '@things-factory/env'\nimport { getRepository } from '@things-factory/shell'\n\nimport { PASSWORD_USED_PAST } from '../constants/error-code.js'\nimport { AuthError } from '../errors/auth-error.js'\nimport { PasswordHistory } from '../service/password-history/password-history.js'\nimport { User } from '../service/user/user.js'\nimport { VerificationToken, VerificationTokenType } from '../service/verification-token/verification-token.js'\nimport { getResetPasswordEmailForm } from '../templates/reset-password-email.js'\nimport { makeVerificationToken } from './utils/make-verification-token.js'\nimport { saveVerificationToken } from './utils/save-verification-token.js'\n\nconst HISTORY_SIZE = config.get('password', { history: 0 }).history\n\nexport async function sendPasswordResetEmail({ user, context }) {\n try {\n var token = makeVerificationToken()\n var verifaction = await saveVerificationToken(user.id, token, VerificationTokenType.PASSWORD_RESET)\n\n if (verifaction) {\n var serviceUrl = new URL(`/auth/reset-password?token=${token}`, context.header.referer)\n await sendEmail({\n receiver: user.email,\n subject: 'Reset your password',\n content: getResetPasswordEmailForm({\n name: user.name,\n resetUrl: serviceUrl\n })\n })\n\n return true\n }\n } catch (e) {\n return false\n }\n}\n\nexport async function resetPassword(token, password, context) {\n const { t } = context\n\n const verificationToken = await getRepository(VerificationToken).findOne({\n where: {\n token,\n type: VerificationTokenType.PASSWORD_RESET\n }\n })\n\n if (!verificationToken) {\n throw new Error(t('text.invalid verification token'))\n }\n\n const { userId } = verificationToken\n if (!userId) {\n throw new Error(t('text.invalid verification token'))\n }\n\n var user = await getRepository(User).findOneBy({ id: userId })\n if (!user) {\n throw new Error(t('error.user not found'))\n }\n\n // if (user.status == UserStatus.INACTIVE) {\n // throw new Error(t('text.inactive user'))\n // }\n\n /* check if password is following the rule */\n User.validatePasswordByRule(password, context?.lng)\n\n user.password = User.encode(password, user.salt)\n\n if (HISTORY_SIZE > 0) {\n var passwordHistory: PasswordHistory = await getRepository(PasswordHistory).findOneBy({ userId: user.id })\n var history = []\n\n if (passwordHistory) {\n try {\n history = JSON.parse(passwordHistory.history)\n if (!(history instanceof Array)) {\n console.error('password history maybe currupted - not an array')\n history = []\n }\n } catch (e) {\n console.error('password history currupted - not json format')\n }\n\n const found = history.slice(0, HISTORY_SIZE).find(h => {\n return User.verify(h.password, password, h.salt)\n })\n\n if (found) {\n throw new AuthError({\n errorCode: PASSWORD_USED_PAST\n })\n }\n }\n }\n\n await getRepository(User).save({\n ...user,\n passwordUpdatedAt: new Date()\n })\n\n await getRepository(VerificationToken).delete({\n userId,\n token,\n type: VerificationTokenType.PASSWORD_RESET\n })\n\n if (HISTORY_SIZE > 0) {\n history = [\n {\n password: user.password,\n salt: user.salt\n },\n ...history\n ].slice(0, HISTORY_SIZE)\n\n await getRepository(PasswordHistory).save({\n userId: user.id,\n history: JSON.stringify(history)\n })\n }\n}\n"]}
1	+ {"version":3,"file":"reset-password.js","sourceRoot":"","sources":["../../server/controllers/reset-password.ts"],"names":[],"mappings":";;AAiBA,wDAqBC;AAED,sCAqFC;AA7HD,6BAAyB;AAEzB,2DAAsD;AACtD,6CAA4C;AAC5C,iDAAqD;AAErD,8DAA+D;AAC/D,2DAAmD;AACnD,yFAAiF;AACjF,qDAA8C;AAC9C,+FAA8G;AAC9G,kFAAgF;AAChF,mFAA0E;AAC1E,mFAA0E;AAE1E,MAAM,YAAY,GAAG,YAAM,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,OAAO,CAAA;AAE5D,KAAK,UAAU,sBAAsB,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE;IAC5D,IAAI,CAAC;QACH,IAAI,KAAK,GAAG,IAAA,kDAAqB,GAAE,CAAA;QACnC,IAAI,WAAW,GAAG,MAAM,IAAA,kDAAqB,EAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,6CAAqB,CAAC,cAAc,CAAC,CAAA;QAEnG,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,UAAU,GAAG,IAAI,SAAG,CAAC,8BAA8B,KAAK,EAAE,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YACvF,MAAM,IAAA,sBAAS,EAAC;gBACd,QAAQ,EAAE,IAAI,CAAC,KAAK;gBACpB,OAAO,EAAE,qBAAqB;gBAC9B,OAAO,EAAE,IAAA,mDAAyB,EAAC;oBACjC,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,QAAQ,EAAE,UAAU;iBACrB,CAAC;aACH,CAAC,CAAA;YAEF,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,aAAa,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO;IAC1D,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAErB,MAAM,iBAAiB,GAAG,MAAM,IAAA,qBAAa,EAAC,yCAAiB,CAAC,CAAC,OAAO,CAAC;QACvE,KAAK,EAAE;YACL,KAAK;YACL,IAAI,EAAE,6CAAqB,CAAC,cAAc;SAC3C;KACF,CAAC,CAAA;IAEF,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAA;IACvD,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,iBAAiB,CAAA;IACpC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAA;IACvD,CAAC;IAED,IAAI,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;IAC9D,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAA;IAC5C,CAAC;IAED,4CAA4C;IAC5C,6CAA6C;IAC7C,IAAI;IAEJ,6CAA6C;IAC7C,cAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,CAAC,CAAA;IAEnD,IAAI,CAAC,QAAQ,GAAG,cAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IAEhD,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QACrB,IAAI,eAAe,GAAoB,MAAM,IAAA,qBAAa,EAAC,qCAAe,CAAC,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,CAAA;QAC1G,IAAI,OAAO,GAAG,EAAE,CAAA;QAEhB,IAAI,eAAe,EAAE,CAAC;YACpB,IAAI,CAAC;gBACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,OAAO,CAAC,CAAA;gBAC7C,IAAI,CAAC,CAAC,OAAO,YAAY,KAAK,CAAC,EAAE,CAAC;oBAChC,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAA;oBAChE,OAAO,GAAG,EAAE,CAAA;gBACd,CAAC;YACH,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAA;YAC/D,CAAC;YAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBACpD,OAAO,cAAI,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAA;YAClD,CAAC,CAAC,CAAA;YAEF,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,IAAI,yBAAS,CAAC;oBAClB,SAAS,EAAE,kCAAkB;iBAC9B,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,IAAI,CAAC;QAC7B,GAAG,IAAI;QACP,iBAAiB,EAAE,IAAI,IAAI,EAAE;KAC9B,CAAC,CAAA;IAEF,MAAM,IAAA,qBAAa,EAAC,yCAAiB,CAAC,CAAC,MAAM,CAAC;QAC5C,MAAM;QACN,KAAK;QACL,IAAI,EAAE,6CAAqB,CAAC,cAAc;KAC3C,CAAC,CAAA;IAEF,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,GAAG;YACR;gBACE,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,IAAI,EAAE,IAAI,CAAC,IAAI;aAChB;YACD,GAAG,OAAO;SACX,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAA;QAExB,MAAM,IAAA,qBAAa,EAAC,qCAAe,CAAC,CAAC,IAAI,CAAC;YACxC,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;SACjC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC","sourcesContent":["import { URL } from 'url'\n\nimport { sendEmail } from '@things-factory/email-base'\nimport { config } from '@things-factory/env'\nimport { getRepository } from '@things-factory/shell'\n\nimport { PASSWORD_USED_PAST } from '../constants/error-code.js'\nimport { AuthError } from '../errors/auth-error.js'\nimport { PasswordHistory } from '../service/password-history/password-history.js'\nimport { User } from '../service/user/user.js'\nimport { VerificationToken, VerificationTokenType } from '../service/verification-token/verification-token.js'\nimport { getResetPasswordEmailForm } from '../templates/reset-password-email.js'\nimport { makeVerificationToken } from './utils/make-verification-token.js'\nimport { saveVerificationToken } from './utils/save-verification-token.js'\n\nconst HISTORY_SIZE = config.get('password', { history: 0 }).history\n\nexport async function sendPasswordResetEmail({ user, context }) {\n try {\n var token = makeVerificationToken()\n var verifaction = await saveVerificationToken(user.id, token, VerificationTokenType.PASSWORD_RESET)\n\n if (verifaction) {\n var serviceUrl = new URL(`/auth/reset-password?token=${token}`, context.header.referer)\n await sendEmail({\n receiver: user.email,\n subject: 'Reset your password',\n content: getResetPasswordEmailForm({\n name: user.name,\n resetUrl: serviceUrl\n })\n })\n\n return true\n }\n } catch (e) {\n return false\n }\n}\n\nexport async function resetPassword(token, password, context) {\n const { t } = context\n\n const verificationToken = await getRepository(VerificationToken).findOne({\n where: {\n token,\n type: VerificationTokenType.PASSWORD_RESET\n }\n })\n\n if (!verificationToken) {\n throw new Error(t('text.invalid verification token'))\n }\n\n const { userId } = verificationToken\n if (!userId) {\n throw new Error(t('text.invalid verification token'))\n }\n\n var user = await getRepository(User).findOneBy({ id: userId })\n if (!user) {\n throw new Error(t('error.user not found'))\n }\n\n // if (user.status == UserStatus.INACTIVE) {\n // throw new Error(t('text.inactive user'))\n // }\n\n /* check if password is following the rule */\n User.validatePasswordByRule(password, context?.lng)\n\n user.password = User.encode(password, user.salt)\n\n if (HISTORY_SIZE > 0) {\n var passwordHistory: PasswordHistory = await getRepository(PasswordHistory).findOneBy({ userId: user.id })\n var history = []\n\n if (passwordHistory) {\n try {\n history = JSON.parse(passwordHistory.history)\n if (!(history instanceof Array)) {\n console.error('password history maybe currupted - not an array')\n history = []\n }\n } catch (e) {\n console.error('password history currupted - not json format')\n }\n\n const found = history.slice(0, HISTORY_SIZE).find(h => {\n return User.verify(h.password, password, h.salt)\n })\n\n if (found) {\n throw new AuthError({\n errorCode: PASSWORD_USED_PAST\n })\n }\n }\n }\n\n await getRepository(User).save({\n ...user,\n passwordUpdatedAt: new Date()\n })\n\n await getRepository(VerificationToken).delete({\n userId,\n token,\n type: VerificationTokenType.PASSWORD_RESET\n })\n\n if (HISTORY_SIZE > 0) {\n history = [\n {\n password: user.password,\n salt: user.salt\n },\n ...history\n ].slice(0, HISTORY_SIZE)\n\n await getRepository(PasswordHistory).save({\n userId: user.id,\n history: JSON.stringify(history)\n })\n }\n}\n"]}

package/dist-server/controllers/signin.js CHANGED Viewed

@@ -7,7 +7,7 @@ const unlock_user_js_1 = require("../controllers/unlock-user.js");
 const auth_error_js_1 = require("../errors/auth-error.js");
 const user_js_1 = require("../service/user/user.js");
 async function signin(attrs, context) {
-    const { domain } = (context === null || context === void 0 ? void 0 : context.state) || {};
+    const { domain } = context?.state || {};
     const { username } = attrs;
     const repository = (0, shell_1.getRepository)(user_js_1.User);
     var user = await repository.findOne({
@@ -86,7 +86,7 @@ async function signin(attrs, context) {
     }
     return {
         user,
-        token: await user.sign({ subdomain: domain === null || domain === void 0 ? void 0 : domain.subdomain }),
+        token: await user.sign({ subdomain: domain?.subdomain }),
         domains: user.domains || []
     };
 }

package/dist-server/controllers/signin.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"signin.js","sourceRoot":"","sources":["../../server/controllers/signin.ts"],"names":[],"mappings":";;AAOA,wBA0FC;AAjGD,qCAA+B;AAC/B,iDAAqD;AAErD,kEAAmE;AACnE,2DAAmD;AACnD,qDAA0D;AAEnD,KAAK,UAAU,MAAM,CAAC,KAA6C,EAAE,OAAQ;IAClF,MAAM,EAAE,MAAM,EAAE,GAAG,~~CAAA,~~OAAO,~~aAAP~~,~~OAAO,uBAAP,OAAO,CAAE,~~KAAK,~~KAAI~~,EAAE,CAAA;IACvC,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAA;IAE1B,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;IAEtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,IAAI,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAC9B,KAAK,EAAE;gBACL,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC;aACvB;YACD,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,IAAI;QACP,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;SAChD,CAAC,CAAA;IAEJ,IAAI,IAAI,CAAC,MAAM,IAAI,oBAAU,CAAC,OAAO,EAAE,CAAC;QACtC,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,YAAY;SAC9C,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,IAAI,oBAAU,CAAC,MAAM,EAAE,CAAC;QACrC,IAAA,oCAAmB,EAAC;YAClB,IAAI;YACJ,OAAO;SACR,CAAC,CAAA;QACF,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,WAAW;YAC5C,MAAM,EAAE;gBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;SACF,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,cAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3D,IAAI,CAAC,SAAS,EAAE,CAAA;QAChB,IAAI,IAAI,CAAC,SAAS,IAAI,CAAC;YAAE,IAAI,CAAC,MAAM,GAAG,oBAAU,CAAC,MAAM,CAAA;QACxD,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC3B,IAAI,IAAI,CAAC,MAAM,IAAI,oBAAU,CAAC,MAAM,EAAE,CAAC;YACrC,IAAA,oCAAmB,EAAC;gBAClB,IAAI;gBACJ,OAAO;aACR,CAAC,CAAA;YACF,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,WAAW;gBAC5C,MAAM,EAAE;oBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;iBAClB;aACF,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,oBAAoB;YACrD,MAAM,EAAE;gBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B;SACF,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,SAAS,GAAG,CAAC,CAAA;QAClB,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC7B,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,IAAI,oBAAU,CAAC,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;YACnD,MAAM,EAAE;gBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;SACF,CAAC,CAAA;IACJ,CAAC;IAED,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,~~aAAN~~,~~MAAM,uBAAN,MAAM,CAAE,~~SAAS,EAAE,CAAC;QACxD,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE;KAC5B,CAAA;AACH,CAAC","sourcesContent":["import { ILike } from 'typeorm'\nimport { getRepository } from '@things-factory/shell'\n\nimport { sendUnlockUserEmail } from '../controllers/unlock-user.js'\nimport { AuthError } from '../errors/auth-error.js'\nimport { User, UserStatus } from '../service/user/user.js'\n\nexport async function signin(attrs: { username: string; password: string }, context?) {\n const { domain } = context?.state \|\| {}\n const { username } = attrs\n\n const repository = getRepository(User)\n\n var user = await repository.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!user && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: {\n email: ILike(username)\n },\n relations: ['domains']\n })\n }\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n\n if (user.status == UserStatus.DELETED) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n if (user.status == UserStatus.LOCKED) {\n sendUnlockUserEmail({\n user,\n context\n })\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n username: user.username,\n email: user.email\n }\n })\n }\n\n if (!User.verify(user.password, attrs.password, user.salt)) {\n user.failCount++\n if (user.failCount >= 5) user.status = UserStatus.LOCKED\n await repository.save(user)\n if (user.status == UserStatus.LOCKED) {\n sendUnlockUserEmail({\n user,\n context\n })\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n username: user.username,\n email: user.email\n }\n })\n }\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.PASSWORD_NOT_MATCHED,\n detail: {\n username: user.username,\n email: user.email,\n failCount: user.failCount\n }\n })\n } else {\n user.failCount = 0\n await repository.save(user)\n }\n\n if (user.status == UserStatus.INACTIVE) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n username: user.username,\n email: user.email\n }\n })\n }\n\n return {\n user,\n token: await user.sign({ subdomain: domain?.subdomain }),\n domains: user.domains \|\| []\n }\n}\n"]}
1	+ {"version":3,"file":"signin.js","sourceRoot":"","sources":["../../server/controllers/signin.ts"],"names":[],"mappings":";;AAOA,wBA0FC;AAjGD,qCAA+B;AAC/B,iDAAqD;AAErD,kEAAmE;AACnE,2DAAmD;AACnD,qDAA0D;AAEnD,KAAK,UAAU,MAAM,CAAC,KAA6C,EAAE,OAAQ;IAClF,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,EAAE,KAAK,IAAI,EAAE,CAAA;IACvC,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAA;IAE1B,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;IAEtC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;QAClC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,IAAI,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAC9B,KAAK,EAAE;gBACL,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC;aACvB;YACD,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,IAAI;QACP,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,cAAc;SAChD,CAAC,CAAA;IAEJ,IAAI,IAAI,CAAC,MAAM,IAAI,oBAAU,CAAC,OAAO,EAAE,CAAC;QACtC,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,YAAY;SAC9C,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,IAAI,oBAAU,CAAC,MAAM,EAAE,CAAC;QACrC,IAAA,oCAAmB,EAAC;YAClB,IAAI;YACJ,OAAO;SACR,CAAC,CAAA;QACF,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,WAAW;YAC5C,MAAM,EAAE;gBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;SACF,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,cAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3D,IAAI,CAAC,SAAS,EAAE,CAAA;QAChB,IAAI,IAAI,CAAC,SAAS,IAAI,CAAC;YAAE,IAAI,CAAC,MAAM,GAAG,oBAAU,CAAC,MAAM,CAAA;QACxD,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC3B,IAAI,IAAI,CAAC,MAAM,IAAI,oBAAU,CAAC,MAAM,EAAE,CAAC;YACrC,IAAA,oCAAmB,EAAC;gBAClB,IAAI;gBACJ,OAAO;aACR,CAAC,CAAA;YACF,MAAM,IAAI,yBAAS,CAAC;gBAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,WAAW;gBAC5C,MAAM,EAAE;oBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;iBAClB;aACF,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,oBAAoB;YACrD,MAAM,EAAE;gBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B;SACF,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,SAAS,GAAG,CAAC,CAAA;QAClB,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC7B,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,IAAI,oBAAU,CAAC,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;YACnD,MAAM,EAAE;gBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB;SACF,CAAC,CAAA;IACJ,CAAC;IAED,OAAO;QACL,IAAI;QACJ,KAAK,EAAE,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;QACxD,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE;KAC5B,CAAA;AACH,CAAC","sourcesContent":["import { ILike } from 'typeorm'\nimport { getRepository } from '@things-factory/shell'\n\nimport { sendUnlockUserEmail } from '../controllers/unlock-user.js'\nimport { AuthError } from '../errors/auth-error.js'\nimport { User, UserStatus } from '../service/user/user.js'\n\nexport async function signin(attrs: { username: string; password: string }, context?) {\n const { domain } = context?.state \|\| {}\n const { username } = attrs\n\n const repository = getRepository(User)\n\n var user = await repository.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!user && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: {\n email: ILike(username)\n },\n relations: ['domains']\n })\n }\n\n if (!user)\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND\n })\n\n if (user.status == UserStatus.DELETED) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_DELETED\n })\n }\n\n if (user.status == UserStatus.LOCKED) {\n sendUnlockUserEmail({\n user,\n context\n })\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n username: user.username,\n email: user.email\n }\n })\n }\n\n if (!User.verify(user.password, attrs.password, user.salt)) {\n user.failCount++\n if (user.failCount >= 5) user.status = UserStatus.LOCKED\n await repository.save(user)\n if (user.status == UserStatus.LOCKED) {\n sendUnlockUserEmail({\n user,\n context\n })\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_LOCKED,\n detail: {\n username: user.username,\n email: user.email\n }\n })\n }\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.PASSWORD_NOT_MATCHED,\n detail: {\n username: user.username,\n email: user.email,\n failCount: user.failCount\n }\n })\n } else {\n user.failCount = 0\n await repository.save(user)\n }\n\n if (user.status == UserStatus.INACTIVE) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.USER_NOT_ACTIVATED,\n detail: {\n username: user.username,\n email: user.email\n }\n })\n }\n\n return {\n user,\n token: await user.sign({ subdomain: domain?.subdomain }),\n domains: user.domains \|\| []\n }\n}\n"]}

package/dist-server/controllers/signup.js CHANGED Viewed

@@ -33,7 +33,14 @@ async function signup(attrs, withEmailVerification) {
         });
     }
     const salt = user_js_1.User.generateSalt();
-    var user = await repository.save(Object.assign(Object.assign({ userType: 'user' }, attrs), { salt, password: user_js_1.User.encode(password, salt), passwordUpdatedAt: new Date(), domains: domain ? [domain] : [] }));
+    var user = await repository.save({
+        userType: 'user',
+        ...attrs,
+        salt,
+        password: user_js_1.User.encode(password, salt),
+        passwordUpdatedAt: new Date(),
+        domains: domain ? [domain] : []
+    });
     var succeed = false;
     if (withEmailVerification) {
         succeed = await (0, verification_js_1.sendVerificationEmail)({

package/dist-server/controllers/signup.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"signup.js","sourceRoot":"","sources":["../../server/controllers/signup.ts"],"names":[],"mappings":";;AASA,wBA8DC;AAvED,qCAA+B;AAC/B,iDAAqD;AAErD,8DAA4D;AAC5D,2DAAmD;AACnD,qDAA8C;AAC9C,2CAAoC;AACpC,uDAAyD;AAElD,KAAK,UAAU,MAAM,CAAC,KAAK,EAAE,qBAA+B;IACjE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAA;IAE3D,6CAA6C;IAC7C,cAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAA;IAElD,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;IAEtC,IAAI,UAAU,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;QACxC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,UAAU,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/D,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAC9B,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC,EAAE;YACjC,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,+BAAe;YAC1B,MAAM,EAAE;gBACN,IAAI;gBACJ,QAAQ;aACT;SACF,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,cAAI,CAAC,YAAY,EAAE,CAAA;IAEhC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI~~,+BAC9B~~,QAAQ,EAAE,MAAM,~~IACb~~,KAAK,~~KACR,~~IAAI,~~EACJ,~~QAAQ,EAAE,cAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,~~EACrC,~~iBAAiB,EAAE,IAAI,IAAI,EAAE,~~EAC7B,~~OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,~~IAC/B~~,CAAA;IAEF,IAAI,OAAO,GAAG,KAAK,CAAA;IACnB,IAAI,qBAAqB,EAAE,CAAC;QAC1B,OAAO,GAAG,MAAM,IAAA,uCAAqB,EAAC;YACpC,OAAO;YACP,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC;QACH,OAAO;YACL,KAAK,EAAE,MAAM,IAAA,kBAAM,EACjB;gBACE,QAAQ;gBACR,QAAQ;aACT,EACD,EAAE,MAAM,EAAE,CACX;SACF,CAAA;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;IACxB,CAAC;AACH,CAAC","sourcesContent":["import { ILike } from 'typeorm'\nimport { getRepository } from '@things-factory/shell'\n\nimport { USER_DUPLICATED } from '../constants/error-code.js'\nimport { AuthError } from '../errors/auth-error.js'\nimport { User } from '../service/user/user.js'\nimport { signin } from './signin.js'\nimport { sendVerificationEmail } from './verification.js'\n\nexport async function signup(attrs, withEmailVerification?: Boolean) {\n const { name, username, password, domain, context } = attrs\n\n /* check if password is following the rule */\n User.validatePasswordByRule(password, context.lng)\n\n const repository = getRepository(User)\n\n var duplicated = await repository.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!duplicated && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: { email: ILike(username) },\n relations: ['domains']\n })\n }\n\n if (duplicated) {\n throw new AuthError({\n errorCode: USER_DUPLICATED,\n detail: {\n name,\n username\n }\n })\n }\n\n const salt = User.generateSalt()\n\n var user = await repository.save({\n userType: 'user',\n ...attrs,\n salt,\n password: User.encode(password, salt),\n passwordUpdatedAt: new Date(),\n domains: domain ? [domain] : []\n })\n\n var succeed = false\n if (withEmailVerification) {\n succeed = await sendVerificationEmail({\n context,\n user\n })\n }\n\n try {\n return {\n token: await signin(\n {\n username,\n password\n },\n { domain }\n )\n }\n } catch (e) {\n return { token: null }\n }\n}\n"]}
1	+ {"version":3,"file":"signup.js","sourceRoot":"","sources":["../../server/controllers/signup.ts"],"names":[],"mappings":";;AASA,wBA8DC;AAvED,qCAA+B;AAC/B,iDAAqD;AAErD,8DAA4D;AAC5D,2DAAmD;AACnD,qDAA8C;AAC9C,2CAAoC;AACpC,uDAAyD;AAElD,KAAK,UAAU,MAAM,CAAC,KAAK,EAAE,qBAA+B;IACjE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAA;IAE3D,6CAA6C;IAC7C,cAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,CAAA;IAElD,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;IAEtC,IAAI,UAAU,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;QACxC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,IAAI,CAAC,UAAU,IAAI,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/D,IAAI,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC;YAC9B,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,QAAQ,CAAC,EAAE;YACjC,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,+BAAe;YAC1B,MAAM,EAAE;gBACN,IAAI;gBACJ,QAAQ;aACT;SACF,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,cAAI,CAAC,YAAY,EAAE,CAAA;IAEhC,IAAI,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC;QAC/B,QAAQ,EAAE,MAAM;QAChB,GAAG,KAAK;QACR,IAAI;QACJ,QAAQ,EAAE,cAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC;QACrC,iBAAiB,EAAE,IAAI,IAAI,EAAE;QAC7B,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;KAChC,CAAC,CAAA;IAEF,IAAI,OAAO,GAAG,KAAK,CAAA;IACnB,IAAI,qBAAqB,EAAE,CAAC;QAC1B,OAAO,GAAG,MAAM,IAAA,uCAAqB,EAAC;YACpC,OAAO;YACP,IAAI;SACL,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC;QACH,OAAO;YACL,KAAK,EAAE,MAAM,IAAA,kBAAM,EACjB;gBACE,QAAQ;gBACR,QAAQ;aACT,EACD,EAAE,MAAM,EAAE,CACX;SACF,CAAA;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAA;IACxB,CAAC;AACH,CAAC","sourcesContent":["import { ILike } from 'typeorm'\nimport { getRepository } from '@things-factory/shell'\n\nimport { USER_DUPLICATED } from '../constants/error-code.js'\nimport { AuthError } from '../errors/auth-error.js'\nimport { User } from '../service/user/user.js'\nimport { signin } from './signin.js'\nimport { sendVerificationEmail } from './verification.js'\n\nexport async function signup(attrs, withEmailVerification?: Boolean) {\n const { name, username, password, domain, context } = attrs\n\n /* check if password is following the rule */\n User.validatePasswordByRule(password, context.lng)\n\n const repository = getRepository(User)\n\n var duplicated = await repository.findOne({\n where: { username },\n relations: ['domains']\n })\n\n if (!duplicated && /^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/.test(username)) {\n user = await repository.findOne({\n where: { email: ILike(username) },\n relations: ['domains']\n })\n }\n\n if (duplicated) {\n throw new AuthError({\n errorCode: USER_DUPLICATED,\n detail: {\n name,\n username\n }\n })\n }\n\n const salt = User.generateSalt()\n\n var user = await repository.save({\n userType: 'user',\n ...attrs,\n salt,\n password: User.encode(password, salt),\n passwordUpdatedAt: new Date(),\n domains: domain ? [domain] : []\n })\n\n var succeed = false\n if (withEmailVerification) {\n succeed = await sendVerificationEmail({\n context,\n user\n })\n }\n\n try {\n return {\n token: await signin(\n {\n username,\n password\n },\n { domain }\n )\n }\n } catch (e) {\n return { token: null }\n }\n}\n"]}

package/dist-server/errors/auth-error.js CHANGED Viewed

@@ -5,7 +5,9 @@ const tslib_1 = require("tslib");
 const ERROR_CODES = tslib_1.__importStar(require("../constants/error-code.js"));
 class AuthError extends Error {
     static get ERROR_CODES() {
-        return Object.assign({}, ERROR_CODES);
+        return {
+            ...ERROR_CODES
+        };
     }
     constructor({ errorCode, detail }) {
         super(errorCode);

package/dist-server/errors/auth-error.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth-error.js","sourceRoot":"","sources":["../../server/errors/auth-error.ts"],"names":[],"mappings":";;;;AAAA,gFAAyD;AAMzD,MAAa,SAAU,SAAQ,KAAK;IAClC,MAAM,KAAK,WAAW;QACpB,~~yBACK~~,WAAW,~~EACf~~;IACH,CAAC;IAKD,YAAY,EAAE,SAAS,EAAE,MAAM,EAAqB;QAClD,KAAK,CAAC,SAAS,CAAC,CAAA;QAEhB,IAAI,CAAC,IAAI,GAAG,YAAY,CAAA;QACxB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;QAC1B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;CACF;AAjBD,8BAiBC","sourcesContent":["import * as ERROR_CODES from '../constants/error-code.js'\n\ntype AuthErrorArgument = {\n errorCode: string\n detail?: Object\n}\nexport class AuthError extends Error {\n static get ERROR_CODES(): any {\n return {\n ...ERROR_CODES\n }\n }\n\n errorCode: any\n detail: Object\n\n constructor({ errorCode, detail }: AuthErrorArgument) {\n super(errorCode)\n\n this.name = 'auth-error'\n this.errorCode = errorCode\n this.detail = detail\n }\n}\n"]}
1	+ {"version":3,"file":"auth-error.js","sourceRoot":"","sources":["../../server/errors/auth-error.ts"],"names":[],"mappings":";;;;AAAA,gFAAyD;AAMzD,MAAa,SAAU,SAAQ,KAAK;IAClC,MAAM,KAAK,WAAW;QACpB,OAAO;YACL,GAAG,WAAW;SACf,CAAA;IACH,CAAC;IAKD,YAAY,EAAE,SAAS,EAAE,MAAM,EAAqB;QAClD,KAAK,CAAC,SAAS,CAAC,CAAA;QAEhB,IAAI,CAAC,IAAI,GAAG,YAAY,CAAA;QACxB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;QAC1B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;CACF;AAjBD,8BAiBC","sourcesContent":["import * as ERROR_CODES from '../constants/error-code.js'\n\ntype AuthErrorArgument = {\n errorCode: string\n detail?: Object\n}\nexport class AuthError extends Error {\n static get ERROR_CODES(): any {\n return {\n ...ERROR_CODES\n }\n }\n\n errorCode: any\n detail: Object\n\n constructor({ errorCode, detail }: AuthErrorArgument) {\n super(errorCode)\n\n this.name = 'auth-error'\n this.errorCode = errorCode\n this.detail = detail\n }\n}\n"]}

package/dist-server/middlewares/authenticate-401-middleware.js CHANGED Viewed

@@ -18,7 +18,7 @@ async function authenticate401Middleware(context, next) {
             message = (context.t && context.t(`error.${err.errorCode}`, err.detail || {})) || err.errorCode;
         }
         else {
-            if ((err === null || err === void 0 ? void 0 : err.status) !== 401) {
+            if (err?.status !== 401) {
                 throw err;
             }
             message = err.message;
@@ -50,40 +50,53 @@ async function authenticate401Middleware(context, next) {
                 return await context.render('auth-page', {
                     pageElement: 'auth-activate',
                     elementScript: '/auth/activate.js',
-                    data: Object.assign(Object.assign({}, err.detail), { message,
+                    data: {
+                        ...err.detail,
+                        message,
                         redirectTo,
                         disableUserSignupProcess,
                         disableUserFavoredLanguage,
-                        languages })
+                        languages
+                    }
                 });
             case error_code_js_1.USER_NOT_ACTIVATED:
                 return await context.render('auth-page', {
                     pageElement: 'auth-activate',
                     elementScript: '/auth/activate.js',
-                    data: Object.assign(Object.assign({}, err.detail), { message,
+                    data: {
+                        ...err.detail,
+                        message,
                         redirectTo,
                         disableUserSignupProcess,
                         disableUserFavoredLanguage,
-                        languages })
+                        languages
+                    }
                 });
             case error_code_js_1.USER_DUPLICATED:
                 return await context.render('auth-page', {
                     pageElement: 'auth-signup',
                     elementScript: '/auth/signup.js',
-                    data: Object.assign(Object.assign({}, err.detail), { message,
+                    data: {
+                        ...err.detail,
+                        message,
                         redirectTo,
                         disableUserSignupProcess,
                         disableUserFavoredLanguage,
-                        languages })
+                        languages
+                    }
                 });
             default:
                 return await context.render('auth-page', {
                     pageElement: 'auth-signin',
                     elementScript: '/auth/signin.js',
-                    data: Object.assign(Object.assign({}, err.detail), { message: err instanceof auth_error_js_1.AuthError ? message : '', redirectTo,
+                    data: {
+                        ...err.detail,
+                        message: err instanceof auth_error_js_1.AuthError ? message : '',
+                        redirectTo,
                         disableUserSignupProcess,
                         disableUserFavoredLanguage,
-                        languages })
+                        languages
+                    }
                 });
         }
     }

package/dist-server/middlewares/authenticate-401-middleware.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authenticate-401-middleware.js","sourceRoot":"","sources":["../../server/middlewares/authenticate-401-middleware.ts"],"names":[],"mappings":";;AAUA,8DAuGC;AAjHD,6CAA4C;AAE5C,8DAAiH;AACjH,2DAAmD;AACnD,oDAA6C;AAE7C,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AAE9C,KAAK,UAAU,yBAAyB,CAAC,OAAO,EAAE,IAAI;IAC3D,IAAI,CAAC;QACH,MAAM,IAAI,EAAE,CAAA;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,OAAO,CAAA;QAEX,IAAI,GAAG,YAAY,yBAAS,EAAE,CAAC;YAC7B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,SAAS,EAAE,EAAE,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,SAAS,CAAA;QACjG,CAAC;aAAM,CAAC;YACN,IAAI,~~CAAA,~~GAAG,~~aAAH~~,~~GAAG,uBAAH,GAAG,CAAE,~~MAAM,~~MAAK~~,GAAG,EAAE,CAAC;gBACxB,MAAM,GAAG,CAAA;YACX,CAAC;YAED,OAAO,GAAG,GAAG,CAAC,OAAO,CAAA;QACvB,CAAC;QAED,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;QAEtB;;;;WAIG;QAEH,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,OAAO,CAAA;QAErD,IAAI,MAAM,IAAI,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACpD,IAAI,GAAG,CAAC,SAAS,IAAI,kCAAkB,EAAE,CAAC;gBACxC,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;YACtB,CAAC;YACD,OAAM;QACR,CAAC;QAED,IAAI,CAAC,IAAA,oBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YAClD,OAAM;QACR,CAAC;QAED,MAAM,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACrC,MAAM,EAAE,UAAU,GAAG,WAAW,IAAI,WAAW,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAA;QAE9E,QAAQ,GAAG,CAAC,SAAS,EAAE,CAAC;YACtB,KAAK,kCAAkB;gBACrB,OAAO,CAAC,QAAQ,CAAC,6BAA6B,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAA;gBAC/E,MAAK;YAEP,KAAK,2BAAW;gBACd,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,eAAe;oBAC5B,aAAa,EAAE,mBAAmB;oBAClC,IAAI,~~kCACC~~,GAAG,CAAC,MAAM,~~KACb,~~OAAO;wBACP,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS~~,GACV~~;iBACF,CAAC,CAAA;YAEJ,KAAK,kCAAkB;gBACrB,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,eAAe;oBAC5B,aAAa,EAAE,mBAAmB;oBAClC,IAAI,~~kCACC~~,GAAG,CAAC,MAAM,~~KACb,~~OAAO;wBACP,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS~~,GACV~~;iBACF,CAAC,CAAA;YAEJ,KAAK,+BAAe;gBAClB,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,aAAa;oBAC1B,aAAa,EAAE,iBAAiB;oBAChC,IAAI,~~kCACC~~,GAAG,CAAC,MAAM,~~KACb,~~OAAO;wBACP,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS~~,GACV~~;iBACF,CAAC,CAAA;YAEJ;gBACE,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,aAAa;oBAC1B,aAAa,EAAE,iBAAiB;oBAChC,IAAI,~~kCACC~~,GAAG,CAAC,MAAM,~~KACb,~~OAAO,EAAE,GAAG,YAAY,yBAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,~~EAChD,~~UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS~~,GACV~~;iBACF,CAAC,CAAA;QACN,CAAC;IACH,CAAC;AACH,CAAC","sourcesContent":["import { config } from '@things-factory/env'\n\nimport { SUBDOMAIN_NOTFOUND, USER_DUPLICATED, USER_LOCKED, USER_NOT_ACTIVATED } from '../constants/error-code.js'\nimport { AuthError } from '../errors/auth-error.js'\nimport { accepts } from '../utils/accepts.js'\n\nconst disableUserSignupProcess = config.get('disableUserSignupProcess', false)\nconst disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)\nconst languages = config.get('i18n/languages', false)\n\nexport async function authenticate401Middleware(context, next) {\n try {\n await next()\n } catch (err) {\n var message\n\n if (err instanceof AuthError) {\n message = (context.t && context.t(`error.${err.errorCode}`, err.detail \|\| {})) \|\| err.errorCode\n } else {\n if (err?.status !== 401) {\n throw err\n }\n\n message = err.message\n }\n\n context.status = 401\n context.body = message\n\n /\n 클라이언트 라우팅을 위한 ApiHistoryFallback의 상황과,\n * 서버라우팅의 상황에서 발생하는 던져지는 401 에러인 경우에는\n * error code에 맞춰서 적절하게 rewriting 되도록 한다.\n /\n\n const { method, header, path, originalUrl } = context\n\n if (method == 'POST' && path.startsWith('/graphql')) {\n if (err.errorCode == SUBDOMAIN_NOTFOUND) {\n context.status = 403\n }\n return\n }\n\n if (!accepts(header.accept, ['text/html', '/*'])) {\n return\n }\n\n const { redirect_to } = context.query\n const { redirectTo = redirect_to \|\| originalUrl } = context.request.body \|\| {}\n\n switch (err.errorCode) {\n case SUBDOMAIN_NOTFOUND:\n context.redirect(`/auth/checkin?redirect_to=${encodeURIComponent(redirectTo)}`)\n break\n\n case USER_LOCKED:\n return await context.render('auth-page', {\n pageElement: 'auth-activate',\n elementScript: '/auth/activate.js',\n data: {\n ...err.detail,\n message,\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n\n case USER_NOT_ACTIVATED:\n return await context.render('auth-page', {\n pageElement: 'auth-activate',\n elementScript: '/auth/activate.js',\n data: {\n ...err.detail,\n message,\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n\n case USER_DUPLICATED:\n return await context.render('auth-page', {\n pageElement: 'auth-signup',\n elementScript: '/auth/signup.js',\n data: {\n ...err.detail,\n message,\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n\n default:\n return await context.render('auth-page', {\n pageElement: 'auth-signin',\n elementScript: '/auth/signin.js',\n data: {\n ...err.detail,\n message: err instanceof AuthError ? message : '',\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n }\n}\n"]}
1	+ {"version":3,"file":"authenticate-401-middleware.js","sourceRoot":"","sources":["../../server/middlewares/authenticate-401-middleware.ts"],"names":[],"mappings":";;AAUA,8DAuGC;AAjHD,6CAA4C;AAE5C,8DAAiH;AACjH,2DAAmD;AACnD,oDAA6C;AAE7C,MAAM,wBAAwB,GAAG,YAAM,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAA;AAC9E,MAAM,0BAA0B,GAAG,YAAM,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAA;AACvF,MAAM,SAAS,GAAG,YAAM,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAA;AAE9C,KAAK,UAAU,yBAAyB,CAAC,OAAO,EAAE,IAAI;IAC3D,IAAI,CAAC;QACH,MAAM,IAAI,EAAE,CAAA;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,OAAO,CAAA;QAEX,IAAI,GAAG,YAAY,yBAAS,EAAE,CAAC;YAC7B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,SAAS,EAAE,EAAE,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,SAAS,CAAA;QACjG,CAAC;aAAM,CAAC;YACN,IAAI,GAAG,EAAE,MAAM,KAAK,GAAG,EAAE,CAAC;gBACxB,MAAM,GAAG,CAAA;YACX,CAAC;YAED,OAAO,GAAG,GAAG,CAAC,OAAO,CAAA;QACvB,CAAC;QAED,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;QACpB,OAAO,CAAC,IAAI,GAAG,OAAO,CAAA;QAEtB;;;;WAIG;QAEH,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,OAAO,CAAA;QAErD,IAAI,MAAM,IAAI,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACpD,IAAI,GAAG,CAAC,SAAS,IAAI,kCAAkB,EAAE,CAAC;gBACxC,OAAO,CAAC,MAAM,GAAG,GAAG,CAAA;YACtB,CAAC;YACD,OAAM;QACR,CAAC;QAED,IAAI,CAAC,IAAA,oBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;YAClD,OAAM;QACR,CAAC;QAED,MAAM,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QACrC,MAAM,EAAE,UAAU,GAAG,WAAW,IAAI,WAAW,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAA;QAE9E,QAAQ,GAAG,CAAC,SAAS,EAAE,CAAC;YACtB,KAAK,kCAAkB;gBACrB,OAAO,CAAC,QAAQ,CAAC,6BAA6B,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAA;gBAC/E,MAAK;YAEP,KAAK,2BAAW;gBACd,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,eAAe;oBAC5B,aAAa,EAAE,mBAAmB;oBAClC,IAAI,EAAE;wBACJ,GAAG,GAAG,CAAC,MAAM;wBACb,OAAO;wBACP,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS;qBACV;iBACF,CAAC,CAAA;YAEJ,KAAK,kCAAkB;gBACrB,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,eAAe;oBAC5B,aAAa,EAAE,mBAAmB;oBAClC,IAAI,EAAE;wBACJ,GAAG,GAAG,CAAC,MAAM;wBACb,OAAO;wBACP,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS;qBACV;iBACF,CAAC,CAAA;YAEJ,KAAK,+BAAe;gBAClB,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,aAAa;oBAC1B,aAAa,EAAE,iBAAiB;oBAChC,IAAI,EAAE;wBACJ,GAAG,GAAG,CAAC,MAAM;wBACb,OAAO;wBACP,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS;qBACV;iBACF,CAAC,CAAA;YAEJ;gBACE,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;oBACvC,WAAW,EAAE,aAAa;oBAC1B,aAAa,EAAE,iBAAiB;oBAChC,IAAI,EAAE;wBACJ,GAAG,GAAG,CAAC,MAAM;wBACb,OAAO,EAAE,GAAG,YAAY,yBAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;wBAChD,UAAU;wBACV,wBAAwB;wBACxB,0BAA0B;wBAC1B,SAAS;qBACV;iBACF,CAAC,CAAA;QACN,CAAC;IACH,CAAC;AACH,CAAC","sourcesContent":["import { config } from '@things-factory/env'\n\nimport { SUBDOMAIN_NOTFOUND, USER_DUPLICATED, USER_LOCKED, USER_NOT_ACTIVATED } from '../constants/error-code.js'\nimport { AuthError } from '../errors/auth-error.js'\nimport { accepts } from '../utils/accepts.js'\n\nconst disableUserSignupProcess = config.get('disableUserSignupProcess', false)\nconst disableUserFavoredLanguage = config.get('i18n/disableUserFavoredLanguage', false)\nconst languages = config.get('i18n/languages', false)\n\nexport async function authenticate401Middleware(context, next) {\n try {\n await next()\n } catch (err) {\n var message\n\n if (err instanceof AuthError) {\n message = (context.t && context.t(`error.${err.errorCode}`, err.detail \|\| {})) \|\| err.errorCode\n } else {\n if (err?.status !== 401) {\n throw err\n }\n\n message = err.message\n }\n\n context.status = 401\n context.body = message\n\n /\n 클라이언트 라우팅을 위한 ApiHistoryFallback의 상황과,\n * 서버라우팅의 상황에서 발생하는 던져지는 401 에러인 경우에는\n * error code에 맞춰서 적절하게 rewriting 되도록 한다.\n /\n\n const { method, header, path, originalUrl } = context\n\n if (method == 'POST' && path.startsWith('/graphql')) {\n if (err.errorCode == SUBDOMAIN_NOTFOUND) {\n context.status = 403\n }\n return\n }\n\n if (!accepts(header.accept, ['text/html', '/*'])) {\n return\n }\n\n const { redirect_to } = context.query\n const { redirectTo = redirect_to \|\| originalUrl } = context.request.body \|\| {}\n\n switch (err.errorCode) {\n case SUBDOMAIN_NOTFOUND:\n context.redirect(`/auth/checkin?redirect_to=${encodeURIComponent(redirectTo)}`)\n break\n\n case USER_LOCKED:\n return await context.render('auth-page', {\n pageElement: 'auth-activate',\n elementScript: '/auth/activate.js',\n data: {\n ...err.detail,\n message,\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n\n case USER_NOT_ACTIVATED:\n return await context.render('auth-page', {\n pageElement: 'auth-activate',\n elementScript: '/auth/activate.js',\n data: {\n ...err.detail,\n message,\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n\n case USER_DUPLICATED:\n return await context.render('auth-page', {\n pageElement: 'auth-signup',\n elementScript: '/auth/signup.js',\n data: {\n ...err.detail,\n message,\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n\n default:\n return await context.render('auth-page', {\n pageElement: 'auth-signin',\n elementScript: '/auth/signin.js',\n data: {\n ...err.detail,\n message: err instanceof AuthError ? message : '',\n redirectTo,\n disableUserSignupProcess,\n disableUserFavoredLanguage,\n languages\n }\n })\n }\n }\n}\n"]}

package/dist-server/middlewares/bypass-signin-middleware.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export declare function bypassSigninMiddleware(context: any, next: any): Promise<void>;

package/dist-server/middlewares/bypass-signin-middleware.js ADDED Viewed

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.bypassSigninMiddleware = bypassSigninMiddleware;
+const shell_1 = require("@things-factory/shell");
+const user_js_1 = require("../service/user/user.js");
+const access_token_cookie_js_1 = require("../utils/access-token-cookie.js");
+async function bypassSigninMiddleware(context, next) {
+    const systemDomain = await (0, shell_1.getRepository)(shell_1.Domain).findOne({
+        where: { systemFlag: true }
+    });
+    const admin = await (0, shell_1.getRepository)(user_js_1.User).findOne({
+        where: { id: systemDomain.owner },
+        relations: ['domains']
+    });
+    context.state.user = admin;
+    const token = await admin.sign();
+    (0, access_token_cookie_js_1.setAccessTokenCookie)(context, token);
+    await next();
+}
+//# sourceMappingURL=bypass-signin-middleware.js.map

package/dist-server/middlewares/bypass-signin-middleware.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"bypass-signin-middleware.js","sourceRoot":"","sources":["../../server/middlewares/bypass-signin-middleware.ts"],"names":[],"mappings":";;AAKA,wDAgBC;AArBD,iDAA6D;AAE7D,qDAA8C;AAC9C,4EAAsE;AAE/D,KAAK,UAAU,sBAAsB,CAAC,OAAO,EAAE,IAAI;IACxD,MAAM,YAAY,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAC,OAAO,CAAC;QACvD,KAAK,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE;KAC5B,CAAC,CAAA;IAEF,MAAM,KAAK,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,OAAO,CAAC;QAC9C,KAAK,EAAE,EAAE,EAAE,EAAE,YAAY,CAAC,KAAK,EAAE;QACjC,SAAS,EAAE,CAAC,SAAS,CAAC;KACvB,CAAC,CAAA;IAEF,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,KAAK,CAAA;IAE1B,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,IAAI,EAAE,CAAA;IAChC,IAAA,6CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAEpC,MAAM,IAAI,EAAE,CAAA;AACd,CAAC","sourcesContent":["import { Domain, getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user.js'\nimport { setAccessTokenCookie } from '../utils/access-token-cookie.js'\n\nexport async function bypassSigninMiddleware(context, next) {\n const systemDomain = await getRepository(Domain).findOne({\n where: { systemFlag: true }\n })\n\n const admin = await getRepository(User).findOne({\n where: { id: systemDomain.owner },\n relations: ['domains']\n })\n\n context.state.user = admin\n\n const token = await admin.sign()\n setAccessTokenCookie(context, token)\n\n await next()\n}\n"]}

package/dist-server/middlewares/domain-authenticate-middleware.js CHANGED Viewed

@@ -1,14 +1,10 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.domainAuthenticateMiddleware = domainAuthenticateMiddleware;
-const env_1 = require("@things-factory/env");
 const shell_1 = require("@things-factory/shell");
 const auth_error_js_1 = require("../errors/auth-error.js");
 const user_js_1 = require("../service/user/user.js");
 const get_user_domains_js_1 = require("../utils/get-user-domains.js");
-const useVirtualHostBasedDomain = !!env_1.config.get('useVirtualHostBasedDomain');
-const fixed = env_1.config.get('subdomain');
-const subdomainOffset = env_1.config.getNumber('subdomainOffset', 2);
 process.domainOwnerGranted = async (domain, user) => {
     return user && domain && domain.owner === user.id;
 };
@@ -40,7 +36,7 @@ process.superUserGranted = async (domain, user) => {
 async function domainAuthenticateMiddleware(context, next) {
     const { t } = context;
     const { domain, user } = context.state;
-    const subdomain = domain === null || domain === void 0 ? void 0 : domain.subdomain;
+    const subdomain = domain?.subdomain;
     // 1. 현재 subdomain 이 결정되지 않은 경우.
     // - checkin로 이동한다.
     if (!subdomain) {

package/dist-server/middlewares/domain-authenticate-middleware.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"domain-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/domain-authenticate-middleware.ts"],"names":[],"mappings":";;~~AAsDA~~,oEAuBC;~~AA7ED~~,~~6CAA4C;AAC5C,~~iDAA6D;AAE7D,2DAAmD;AACnD,qDAA8C;AAC9C,sEAA6D;~~AAE7D~~,~~MAAM,yBAAyB,GAAG,CAAC,CAAC,YAAM,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAA;AAC3E,MAAM,KAAK,GAAG,YAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;AACrC,MAAM,eAAe,GAAG,YAAM,CAAC,SAAS,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAA;AAW9D,~~OAAO,CAAC,kBAAkB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAClF,OAAO,IAAI,IAAI,MAAM,IAAI,MAAM,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACnD,CAAC,CAAA;AAED,OAAO,CAAC,gBAAgB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAChF,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,KAAK,CAAA;IACd,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACzB,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,OAAO,CAAC;YACvC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,YAAY,GAAW,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAA;IACjG,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,YAAY,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACvC,CAAC,CAAA;AAED;;;;;;;;GAQG;AAEI,KAAK,UAAU,4BAA4B,CAAC,OAAY,EAAE,IAAS;IACxE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,MAAM,SAAS,GAAW,MAAM,~~aAAN~~,~~MAAM,uBAAN,MAAM,CAAE,~~SAAS,CAAA;IAE3C,gCAAgC;IAChC,mBAAmB;IACnB,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,4BAA4B;IAC5B,MAAM,WAAW,GAAsB,MAAM,IAAA,oCAAc,EAAC,IAAI,CAAC,CAAA;IACjE,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;QAChH,OAAO,MAAM,IAAI,EAAE,CAAA;IACrB,CAAC;IAED,MAAM,IAAI,yBAAS,CAAC;QAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;KACpD,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { ~~config } from '@things-factory/env'\nimport {~~ Domain, getRepository } from '@things-factory/shell'\n\nimport { AuthError } from '../errors/auth-error.js'\nimport { User } from '../service/user/user.js'\nimport { getUserDomains } from '../utils/get-user-domains.js'\n\~~nconst useVirtualHostBasedDomain = !!config.get('useVirtualHostBasedDomain')\nconst fixed = config.get('subdomain')\nconst subdomainOffset = config.getNumber('subdomainOffset', 2)\n\~~ndeclare global {\n namespace NodeJS {\n interface Process {\n domainOwnerGranted: (domain: Domain, user: User) => Promise<boolean>\n superUserGranted: (domain: Domain, user: User) => Promise<boolean>\n }\n }\n}\n\nprocess.domainOwnerGranted = async (domain: Domain, user: User): Promise<boolean> => {\n return user && domain && domain.owner === user.id\n}\n\nprocess.superUserGranted = async (domain: Domain, user: User): Promise<boolean> => {\n if (!user) {\n return false\n }\n\n if (!user.domains.length) {\n user = await getRepository(User).findOne({\n where: { id: user.id },\n relations: ['domains']\n })\n }\n\n const systemDomain: Domain = user.domains.find((domain: Domain) => domain.subdomain === 'system')\n if (!systemDomain) {\n return false\n }\n\n return systemDomain.owner === user.id\n}\n\n/\n 현재 subdomain 과 user의 domain list와의 비교를 통해서,\n * 인증 성공 또는 인증 에러를 발생시킬 것인지를 결정한다.\n * 1. 현재 subdomain 이 결정되지 않은 경우.\n * - checkin로 이동한다.\n * 2. superUser 판단\n * 3. 현재 subdomain 이 결정된 경우.\n * - user의 domains 리스트에 해당 subdomain이 없다면, 인증 오류를 발생한다.\n */\n\nexport async function domainAuthenticateMiddleware(context: any, next: any) {\n const { t } = context\n const { domain, user } = context.state\n\n const subdomain: string = domain?.subdomain\n\n // 1. 현재 subdomain 이 결정되지 않은 경우.\n // - checkin로 이동한다.\n if (!subdomain) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n }\n\n // 2. 현재 subdomain 이 결정된 경우.\n const userDomains: Partial<Domain>[] = await getUserDomains(user)\n if (userDomains.find(domain => domain.subdomain == subdomain) \|\| (await process.superUserGranted(domain, user))) {\n return await next()\n }\n\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n}\n"]}
1	+ {"version":3,"file":"domain-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/domain-authenticate-middleware.ts"],"names":[],"mappings":";;AAiDA,oEAuBC;AAxED,iDAA6D;AAE7D,2DAAmD;AACnD,qDAA8C;AAC9C,sEAA6D;AAW7D,OAAO,CAAC,kBAAkB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAClF,OAAO,IAAI,IAAI,MAAM,IAAI,MAAM,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACnD,CAAC,CAAA;AAED,OAAO,CAAC,gBAAgB,GAAG,KAAK,EAAE,MAAc,EAAE,IAAU,EAAoB,EAAE;IAChF,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,KAAK,CAAA;IACd,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACzB,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAC,OAAO,CAAC;YACvC,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,SAAS,EAAE,CAAC,SAAS,CAAC;SACvB,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,YAAY,GAAW,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAA;IACjG,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,YAAY,CAAC,KAAK,KAAK,IAAI,CAAC,EAAE,CAAA;AACvC,CAAC,CAAA;AAED;;;;;;;;GAQG;AAEI,KAAK,UAAU,4BAA4B,CAAC,OAAY,EAAE,IAAS;IACxE,MAAM,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IACrB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAEtC,MAAM,SAAS,GAAW,MAAM,EAAE,SAAS,CAAA;IAE3C,gCAAgC;IAChC,mBAAmB;IACnB,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,yBAAS,CAAC;YAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,4BAA4B;IAC5B,MAAM,WAAW,GAAsB,MAAM,IAAA,oCAAc,EAAC,IAAI,CAAC,CAAA;IACjE,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC;QAChH,OAAO,MAAM,IAAI,EAAE,CAAA;IACrB,CAAC;IAED,MAAM,IAAI,yBAAS,CAAC;QAClB,SAAS,EAAE,yBAAS,CAAC,WAAW,CAAC,kBAAkB;KACpD,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { Domain, getRepository } from '@things-factory/shell'\n\nimport { AuthError } from '../errors/auth-error.js'\nimport { User } from '../service/user/user.js'\nimport { getUserDomains } from '../utils/get-user-domains.js'\n\ndeclare global {\n namespace NodeJS {\n interface Process {\n domainOwnerGranted: (domain: Domain, user: User) => Promise<boolean>\n superUserGranted: (domain: Domain, user: User) => Promise<boolean>\n }\n }\n}\n\nprocess.domainOwnerGranted = async (domain: Domain, user: User): Promise<boolean> => {\n return user && domain && domain.owner === user.id\n}\n\nprocess.superUserGranted = async (domain: Domain, user: User): Promise<boolean> => {\n if (!user) {\n return false\n }\n\n if (!user.domains.length) {\n user = await getRepository(User).findOne({\n where: { id: user.id },\n relations: ['domains']\n })\n }\n\n const systemDomain: Domain = user.domains.find((domain: Domain) => domain.subdomain === 'system')\n if (!systemDomain) {\n return false\n }\n\n return systemDomain.owner === user.id\n}\n\n/\n 현재 subdomain 과 user의 domain list와의 비교를 통해서,\n * 인증 성공 또는 인증 에러를 발생시킬 것인지를 결정한다.\n * 1. 현재 subdomain 이 결정되지 않은 경우.\n * - checkin로 이동한다.\n * 2. superUser 판단\n * 3. 현재 subdomain 이 결정된 경우.\n * - user의 domains 리스트에 해당 subdomain이 없다면, 인증 오류를 발생한다.\n */\n\nexport async function domainAuthenticateMiddleware(context: any, next: any) {\n const { t } = context\n const { domain, user } = context.state\n\n const subdomain: string = domain?.subdomain\n\n // 1. 현재 subdomain 이 결정되지 않은 경우.\n // - checkin로 이동한다.\n if (!subdomain) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n }\n\n // 2. 현재 subdomain 이 결정된 경우.\n const userDomains: Partial<Domain>[] = await getUserDomains(user)\n if (userDomains.find(domain => domain.subdomain == subdomain) \|\| (await process.superUserGranted(domain, user))) {\n return await next()\n }\n\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.SUBDOMAIN_NOTFOUND\n })\n}\n"]}

package/dist-server/middlewares/index.js CHANGED Viewed

@@ -10,10 +10,15 @@ const authenticate_401_middleware_js_1 = require("./authenticate-401-middleware.
 const domain_authenticate_middleware_js_1 = require("./domain-authenticate-middleware.js");
 const graphql_authenticate_middleware_js_1 = require("./graphql-authenticate-middleware.js");
 const jwt_authenticate_middleware_js_1 = require("./jwt-authenticate-middleware.js");
+const bypass_signin_middleware_js_1 = require("./bypass-signin-middleware.js");
 const user_js_1 = require("../service/user/user.js");
 const max_age_js_1 = require("../constants/max-age.js");
-const accessTokenCookieKey = env_1.config.get('accessTokenCookieKey', 'access_token');
+const bypassUserSigninProcess = env_1.config.get('bypassUserSigninProcess', false);
 function initMiddlewares(app) {
+    if (bypassUserSigninProcess) {
+        app.use(bypass_signin_middleware_js_1.bypassSigninMiddleware);
+        return;
+    }
     /* oauth2orize-koa 에서 oauth 트랜잭션 관리를 위해서 session을 사용함. */
     app.keys = [get_secret_js_1.SECRET];
     app.use((0, koa_session_1.default)({

package/dist-server/middlewares/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/middlewares/index.ts"],"names":[],"mappings":";;~~AAgBA~~,~~0CAwCC~~;;~~AAxDD~~,sEAAiC;AACjC,wEAAmC;AAEnC,6CAA4C;AAC5C,0DAA+C;AAE/C,qFAA4E;AAC5E,2FAAkF;AAClF,6FAAoF;AACpF,qFAA4E;~~AAE5E~~,qDAA8C;AAC9C,wDAAiD;AAEjD,MAAM,~~oBAAoB~~,GAAG,YAAM,CAAC,GAAG,CAAC,~~sBAAsB~~,EAAE,~~cAAc~~,CAAC,CAAA;~~AAE/E~~,SAAgB,eAAe,CAAC,GAAQ;IACtC,yDAAyD;IACzD,GAAG,CAAC,IAAI,GAAG,CAAC,sBAAM,CAAC,CAAA;IACnB,GAAG,CAAC,GAAG,CACL,IAAA,qBAAO,EACL;QACE,GAAG,EAAE,WAAW;QAChB,MAAM,EAAE,oBAAO;QACf,SAAS,EAAE,IAAI;QACf,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,IAAI;QACZ,OAAO,EAAE,KAAK;QACd,KAAK,EAAE,KAAK;KACb,EACD,GAAG,CACJ,CACF,CAAA;IAED,sBAAQ,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE;QACvC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;IACrB,CAAC,CAAC,CAAA;IAEF,sBAAQ,CAAC,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QAC/C,IAAI,CAAC,IAAI,EAAE,MAAM,cAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAA;IAC3C,CAAC,CAAC,CAAA;IAEF,yBAAyB;IACzB,GAAG,CAAC,GAAG,CAAC,sBAAQ,CAAC,UAAU,EAAE,CAAC,CAAA;IAE9B,kDAAkD;IAClD,GAAG,CAAC,GAAG,CAAC,sBAAQ,CAAC,OAAO,EAAE,CAAC,CAAA;IAE3B,mCAAmC;IACnC,GAAG,CAAC,GAAG,CAAC,0DAAyB,CAAC,CAAA;IAElC;;;OAGG;IACH,GAAG,CAAC,GAAG,CAAC,kEAA6B,CAAC,CAAA;AACxC,CAAC;AAED,OAAO,CAAC,EAAE,CAAC,+BAAsC,EAAE,CAAC,GAAG,EAAE,sBAAsB,EAAE,EAAE;IACjF,sBAAsB,CAAC,IAAI,CAAC,0DAAyB,EAAE,gEAA4B,CAAC,CAAA;AACtF,CAAC,CAAC,CAAA;AAEF,2EAAgD;AAChD,8EAAmD;AACnD,iEAAsC;AACtC,mEAAwC;AACxC,2EAAgD","sourcesContent":["import session from 'koa-session'\nimport passport from 'koa-passport'\n\nimport { config } from '@things-factory/env'\nimport { SECRET } from '../utils/get-secret.js'\n\nimport { authenticate401Middleware } from './authenticate-401-middleware.js'\nimport { domainAuthenticateMiddleware } from './domain-authenticate-middleware.js'\nimport { graphqlAuthenticateMiddleware } from './graphql-authenticate-middleware.js'\nimport { jwtAuthenticateMiddleware } from './jwt-authenticate-middleware.js'\n\nimport { User } from '../service/user/user.js'\nimport { MAX_AGE } from '../constants/max-age.js'\n\nconst ~~accessTokenCookieKey~~ = config.get('~~accessTokenCookieKey~~', ~~'access_token'~~)\n\nexport function initMiddlewares(app: any) {\n /* oauth2orize-koa 에서 oauth 트랜잭션 관리를 위해서 session을 사용함. /\n app.keys = [SECRET]\n app.use(\n session(\n {\n key: 'tfsession',\n maxAge: MAX_AGE,\n overwrite: true,\n httpOnly: true,\n signed: true,\n rolling: false,\n renew: false\n },\n app\n )\n )\n\n passport.serializeUser((profile, done) => {\n done(null, profile)\n })\n\n passport.deserializeUser(async (profile, done) => {\n done(null, await User.checkAuth(profile))\n })\n\n / passport initialize /\n app.use(passport.initialize())\n\n / passport use session - for oauth transaction /\n app.use(passport.session())\n\n / authentication error handling /\n app.use(authenticate401Middleware)\n\n /\n * post:graphql 에 대해서는 graphqlAuthenticationMiddleware를 적용한다.\n * graphql app을 router에 적용하지 못하기 때문임.\n /\n app.use(graphqlAuthenticateMiddleware)\n}\n\nprocess.on('bootstrap-module-subscription' as any, (app, subscriptionMiddleware) => {\n subscriptionMiddleware.push(jwtAuthenticateMiddleware, domainAuthenticateMiddleware)\n})\n\nexport from './jwt-authenticate-middleware.js'\nexport * from './domain-authenticate-middleware.js'\nexport * from './signin-middleware.js'\nexport * from './webauthn-middleware.js'\nexport * from './authenticate-401-middleware.js'\n"]}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../server/middlewares/index.ts"],"names":[],"mappings":";;AAiBA,0CA6CC;;AA9DD,sEAAiC;AACjC,wEAAmC;AAEnC,6CAA4C;AAC5C,0DAA+C;AAE/C,qFAA4E;AAC5E,2FAAkF;AAClF,6FAAoF;AACpF,qFAA4E;AAC5E,+EAAsE;AAEtE,qDAA8C;AAC9C,wDAAiD;AAEjD,MAAM,uBAAuB,GAAG,YAAM,CAAC,GAAG,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAA;AAE5E,SAAgB,eAAe,CAAC,GAAQ;IACtC,IAAI,uBAAuB,EAAE,CAAC;QAC5B,GAAG,CAAC,GAAG,CAAC,oDAAsB,CAAC,CAAA;QAC/B,OAAM;IACR,CAAC;IAED,yDAAyD;IACzD,GAAG,CAAC,IAAI,GAAG,CAAC,sBAAM,CAAC,CAAA;IACnB,GAAG,CAAC,GAAG,CACL,IAAA,qBAAO,EACL;QACE,GAAG,EAAE,WAAW;QAChB,MAAM,EAAE,oBAAO;QACf,SAAS,EAAE,IAAI;QACf,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,IAAI;QACZ,OAAO,EAAE,KAAK;QACd,KAAK,EAAE,KAAK;KACb,EACD,GAAG,CACJ,CACF,CAAA;IAED,sBAAQ,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,EAAE;QACvC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;IACrB,CAAC,CAAC,CAAA;IAEF,sBAAQ,CAAC,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QAC/C,IAAI,CAAC,IAAI,EAAE,MAAM,cAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAA;IAC3C,CAAC,CAAC,CAAA;IAEF,yBAAyB;IACzB,GAAG,CAAC,GAAG,CAAC,sBAAQ,CAAC,UAAU,EAAE,CAAC,CAAA;IAE9B,kDAAkD;IAClD,GAAG,CAAC,GAAG,CAAC,sBAAQ,CAAC,OAAO,EAAE,CAAC,CAAA;IAE3B,mCAAmC;IACnC,GAAG,CAAC,GAAG,CAAC,0DAAyB,CAAC,CAAA;IAElC;;;OAGG;IACH,GAAG,CAAC,GAAG,CAAC,kEAA6B,CAAC,CAAA;AACxC,CAAC;AAED,OAAO,CAAC,EAAE,CAAC,+BAAsC,EAAE,CAAC,GAAG,EAAE,sBAAsB,EAAE,EAAE;IACjF,sBAAsB,CAAC,IAAI,CAAC,0DAAyB,EAAE,gEAA4B,CAAC,CAAA;AACtF,CAAC,CAAC,CAAA;AAEF,2EAAgD;AAChD,8EAAmD;AACnD,iEAAsC;AACtC,mEAAwC;AACxC,2EAAgD","sourcesContent":["import session from 'koa-session'\nimport passport from 'koa-passport'\n\nimport { config } from '@things-factory/env'\nimport { SECRET } from '../utils/get-secret.js'\n\nimport { authenticate401Middleware } from './authenticate-401-middleware.js'\nimport { domainAuthenticateMiddleware } from './domain-authenticate-middleware.js'\nimport { graphqlAuthenticateMiddleware } from './graphql-authenticate-middleware.js'\nimport { jwtAuthenticateMiddleware } from './jwt-authenticate-middleware.js'\nimport { bypassSigninMiddleware } from './bypass-signin-middleware.js'\n\nimport { User } from '../service/user/user.js'\nimport { MAX_AGE } from '../constants/max-age.js'\n\nconst bypassUserSigninProcess = config.get('bypassUserSigninProcess', false)\n\nexport function initMiddlewares(app: any) {\n if (bypassUserSigninProcess) {\n app.use(bypassSigninMiddleware)\n return\n }\n\n /* oauth2orize-koa 에서 oauth 트랜잭션 관리를 위해서 session을 사용함. /\n app.keys = [SECRET]\n app.use(\n session(\n {\n key: 'tfsession',\n maxAge: MAX_AGE,\n overwrite: true,\n httpOnly: true,\n signed: true,\n rolling: false,\n renew: false\n },\n app\n )\n )\n\n passport.serializeUser((profile, done) => {\n done(null, profile)\n })\n\n passport.deserializeUser(async (profile, done) => {\n done(null, await User.checkAuth(profile))\n })\n\n / passport initialize /\n app.use(passport.initialize())\n\n / passport use session - for oauth transaction /\n app.use(passport.session())\n\n / authentication error handling /\n app.use(authenticate401Middleware)\n\n /\n * post:graphql 에 대해서는 graphqlAuthenticationMiddleware를 적용한다.\n * graphql app을 router에 적용하지 못하기 때문임.\n /\n app.use(graphqlAuthenticateMiddleware)\n}\n\nprocess.on('bootstrap-module-subscription' as any, (app, subscriptionMiddleware) => {\n subscriptionMiddleware.push(jwtAuthenticateMiddleware, domainAuthenticateMiddleware)\n})\n\nexport from './jwt-authenticate-middleware.js'\nexport * from './domain-authenticate-middleware.js'\nexport * from './signin-middleware.js'\nexport * from './webauthn-middleware.js'\nexport * from './authenticate-401-middleware.js'\n"]}

package/dist-server/middlewares/jwt-authenticate-middleware.js CHANGED Viewed

@@ -23,7 +23,7 @@ koa_passport_1.default.use(new passport_jwt_1.Strategy({
         passport_jwt_1.ExtractJwt.fromBodyField('access_token'),
         req => {
             var token = null;
-            token = (0, access_token_cookie_js_1.getAccessTokenCookie)(req === null || req === void 0 ? void 0 : req.ctx);
+            token = (0, access_token_cookie_js_1.getAccessTokenCookie)(req?.ctx);
             return token;
         }
     ])

package/dist-server/middlewares/jwt-authenticate-middleware.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"jwt-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/jwt-authenticate-middleware.ts"],"names":[],"mappings":";;AA0CA,8DAyCC;;AAnFD,wEAAmC;AACnC,+CAAkE;AAElE,6CAA4C;AAE5C,gGAAuF;AACvF,gGAAuF;AACvF,qDAA0D;AAC1D,+FAA2F;AAC3F,4EAAoH;AACpH,0DAA+C;AAE/C,MAAM,mBAAmB,GAAG,YAAM,CAAC,GAAG,CAAC,sBAAsB,EAAE,OAAO,CAAC,CAAA;AAEvE,sBAAQ,CAAC,GAAG,CACV,IAAI,uBAAW,CACb;IACE,WAAW,EAAE,sBAAM;IACnB,iBAAiB,EAAE,IAAI;IACvB,cAAc,EAAE,yBAAU,CAAC,cAAc,CAAC;QACxC,yBAAU,CAAC,2BAA2B,EAAE;QACxC,yBAAU,CAAC,UAAU,CAAC,eAAe,CAAC;QACtC,yBAAU,CAAC,UAAU,CAAC,gBAAgB,CAAC;QACvC,yBAAU,CAAC,qBAAqB,CAAC,cAAc,CAAC;QAChD,yBAAU,CAAC,aAAa,CAAC,cAAc,CAAC;QACxC,GAAG,CAAC,EAAE;YACJ,IAAI,KAAK,GAAG,IAAI,CAAA;YAChB,KAAK,GAAG,IAAA,6CAAoB,EAAC,GAAG,~~aAAH~~,GAAG,~~uBAAH,GAAG,CAAE,GAAG,~~CAAC,CAAA;YACtC,OAAO,KAAK,CAAA;QACd,CAAC;KACF,CAAC;CACH,EACD,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/B,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;IAC5B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,CAAC,KAAK,CAAC,CAAA;IACpB,CAAC;AACH,CAAC,CACF,CACF,CAAA;AAEM,KAAK,UAAU,yBAAyB,CAAC,OAAO,EAAE,IAAI;IAC3D,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAA;IACxB,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,MAAM,IAAI,EAAE,CAAA;IACrB,CAAC;IAED,OAAO,MAAM,sBAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QACzF,IAAI,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,IAAI,IAAI,CAAC,CAAA;YAE7C,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;YAE/B,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,CAAA;QAC/B,CAAC;aAAM,CAAC;YACN,MAAM,UAAU,GAAG,MAAM,cAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;YAEhD,IAAI,UAAU,CAAC,MAAM,KAAK,oBAAU,CAAC,kBAAkB,EAAE,CAAC;gBACxD,IAAI,CAAC;oBACH,MAAM,KAAK,GAAG,IAAA,kDAAqB,GAAE,CAAA;oBACrC,MAAM,IAAA,kDAAqB,EAAC,UAAU,CAAC,EAAE,EAAE,KAAK,EAAE,6CAAqB,CAAC,cAAc,CAAC,CAAA;oBACvF,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;oBAC/B,OAAO,CAAC,QAAQ,CAAC,8BAA8B,KAAK,EAAE,CAAC,CAAA;gBACzD,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,GAAG,CAAA;gBACX,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,UAAU,CAAA;gBAC/B,OAAO,CAAC,KAAK,CAAC,YAAY,GAAG,OAAO,CAAA;gBAEpC,IAAI,mBAAmB,IAAI,SAAS,EAAE,CAAC;oBACrC,6FAA6F;oBAE7F,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,IAAI,EAAE,CAAA;oBACrC,IAAA,6CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;gBACtC,CAAC;gBAED,MAAM,IAAI,EAAE,CAAA;YACd,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACnB,CAAC","sourcesContent":["import passport from 'koa-passport'\nimport { ExtractJwt, Strategy as JWTstrategy } from 'passport-jwt'\n\nimport { config } from '@things-factory/env'\n\nimport { makeVerificationToken } from '../controllers/utils/make-verification-token.js'\nimport { saveVerificationToken } from '../controllers/utils/save-verification-token.js'\nimport { User, UserStatus } from '../service/user/user.js'\nimport { VerificationTokenType } from '../service/verification-token/verification-token.js'\nimport { clearAccessTokenCookie, getAccessTokenCookie, setAccessTokenCookie } from '../utils/access-token-cookie.js'\nimport { SECRET } from '../utils/get-secret.js'\n\nconst sessionExpiryPolicy = config.get('session/expiryPolicy', 'fixed')\n\npassport.use(\n new JWTstrategy(\n {\n secretOrKey: SECRET,\n passReqToCallback: true,\n jwtFromRequest: ExtractJwt.fromExtractors([\n ExtractJwt.fromAuthHeaderAsBearerToken(),\n ExtractJwt.fromHeader('authorization'),\n ExtractJwt.fromHeader('x-access-token'),\n ExtractJwt.fromUrlQueryParameter('access_token'),\n ExtractJwt.fromBodyField('access_token'),\n req => {\n var token = null\n token = getAccessTokenCookie(req?.ctx)\n return token\n }\n ])\n },\n async (request, decoded, done) => {\n try {\n return done(null, decoded)\n } catch (error) {\n return done(error)\n }\n }\n )\n)\n\nexport async function jwtAuthenticateMiddleware(context, next) {\n const { path } = context\n const { user } = context.state\n if (user) {\n return await next()\n }\n\n return await passport.authenticate('jwt', { session: false }, async (err, decoded, info) => {\n if (err \|\| !decoded) {\n const e = (context.state.error = err \|\| info)\n\n clearAccessTokenCookie(context)\n\n context.throw(401, e.message)\n } else {\n const userEntity = await User.checkAuth(decoded)\n\n if (userEntity.status === UserStatus.PWD_RESET_REQUIRED) {\n try {\n const token = makeVerificationToken()\n await saveVerificationToken(userEntity.id, token, VerificationTokenType.PASSWORD_RESET)\n clearAccessTokenCookie(context)\n context.redirect(`/auth/reset-password?token=${token}`)\n } catch (e) {\n throw err\n }\n } else {\n context.state.user = userEntity\n context.state.decodedToken = decoded\n\n if (sessionExpiryPolicy == 'rolling') {\n /* To renew the expiry time on each request, a token is issued and the session is updated. */\n\n const token = await userEntity.sign()\n setAccessTokenCookie(context, token)\n }\n\n await next()\n }\n }\n })(context, next)\n}\n"]}
1	+ {"version":3,"file":"jwt-authenticate-middleware.js","sourceRoot":"","sources":["../../server/middlewares/jwt-authenticate-middleware.ts"],"names":[],"mappings":";;AA0CA,8DAyCC;;AAnFD,wEAAmC;AACnC,+CAAkE;AAElE,6CAA4C;AAE5C,gGAAuF;AACvF,gGAAuF;AACvF,qDAA0D;AAC1D,+FAA2F;AAC3F,4EAAoH;AACpH,0DAA+C;AAE/C,MAAM,mBAAmB,GAAG,YAAM,CAAC,GAAG,CAAC,sBAAsB,EAAE,OAAO,CAAC,CAAA;AAEvE,sBAAQ,CAAC,GAAG,CACV,IAAI,uBAAW,CACb;IACE,WAAW,EAAE,sBAAM;IACnB,iBAAiB,EAAE,IAAI;IACvB,cAAc,EAAE,yBAAU,CAAC,cAAc,CAAC;QACxC,yBAAU,CAAC,2BAA2B,EAAE;QACxC,yBAAU,CAAC,UAAU,CAAC,eAAe,CAAC;QACtC,yBAAU,CAAC,UAAU,CAAC,gBAAgB,CAAC;QACvC,yBAAU,CAAC,qBAAqB,CAAC,cAAc,CAAC;QAChD,yBAAU,CAAC,aAAa,CAAC,cAAc,CAAC;QACxC,GAAG,CAAC,EAAE;YACJ,IAAI,KAAK,GAAG,IAAI,CAAA;YAChB,KAAK,GAAG,IAAA,6CAAoB,EAAC,GAAG,EAAE,GAAG,CAAC,CAAA;YACtC,OAAO,KAAK,CAAA;QACd,CAAC;KACF,CAAC;CACH,EACD,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC/B,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;IAC5B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,CAAC,KAAK,CAAC,CAAA;IACpB,CAAC;AACH,CAAC,CACF,CACF,CAAA;AAEM,KAAK,UAAU,yBAAyB,CAAC,OAAO,EAAE,IAAI;IAC3D,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAA;IACxB,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,MAAM,IAAI,EAAE,CAAA;IACrB,CAAC;IAED,OAAO,MAAM,sBAAQ,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QACzF,IAAI,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,IAAI,IAAI,CAAC,CAAA;YAE7C,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;YAE/B,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,CAAA;QAC/B,CAAC;aAAM,CAAC;YACN,MAAM,UAAU,GAAG,MAAM,cAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;YAEhD,IAAI,UAAU,CAAC,MAAM,KAAK,oBAAU,CAAC,kBAAkB,EAAE,CAAC;gBACxD,IAAI,CAAC;oBACH,MAAM,KAAK,GAAG,IAAA,kDAAqB,GAAE,CAAA;oBACrC,MAAM,IAAA,kDAAqB,EAAC,UAAU,CAAC,EAAE,EAAE,KAAK,EAAE,6CAAqB,CAAC,cAAc,CAAC,CAAA;oBACvF,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;oBAC/B,OAAO,CAAC,QAAQ,CAAC,8BAA8B,KAAK,EAAE,CAAC,CAAA;gBACzD,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,GAAG,CAAA;gBACX,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,UAAU,CAAA;gBAC/B,OAAO,CAAC,KAAK,CAAC,YAAY,GAAG,OAAO,CAAA;gBAEpC,IAAI,mBAAmB,IAAI,SAAS,EAAE,CAAC;oBACrC,6FAA6F;oBAE7F,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,IAAI,EAAE,CAAA;oBACrC,IAAA,6CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;gBACtC,CAAC;gBAED,MAAM,IAAI,EAAE,CAAA;YACd,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AACnB,CAAC","sourcesContent":["import passport from 'koa-passport'\nimport { ExtractJwt, Strategy as JWTstrategy } from 'passport-jwt'\n\nimport { config } from '@things-factory/env'\n\nimport { makeVerificationToken } from '../controllers/utils/make-verification-token.js'\nimport { saveVerificationToken } from '../controllers/utils/save-verification-token.js'\nimport { User, UserStatus } from '../service/user/user.js'\nimport { VerificationTokenType } from '../service/verification-token/verification-token.js'\nimport { clearAccessTokenCookie, getAccessTokenCookie, setAccessTokenCookie } from '../utils/access-token-cookie.js'\nimport { SECRET } from '../utils/get-secret.js'\n\nconst sessionExpiryPolicy = config.get('session/expiryPolicy', 'fixed')\n\npassport.use(\n new JWTstrategy(\n {\n secretOrKey: SECRET,\n passReqToCallback: true,\n jwtFromRequest: ExtractJwt.fromExtractors([\n ExtractJwt.fromAuthHeaderAsBearerToken(),\n ExtractJwt.fromHeader('authorization'),\n ExtractJwt.fromHeader('x-access-token'),\n ExtractJwt.fromUrlQueryParameter('access_token'),\n ExtractJwt.fromBodyField('access_token'),\n req => {\n var token = null\n token = getAccessTokenCookie(req?.ctx)\n return token\n }\n ])\n },\n async (request, decoded, done) => {\n try {\n return done(null, decoded)\n } catch (error) {\n return done(error)\n }\n }\n )\n)\n\nexport async function jwtAuthenticateMiddleware(context, next) {\n const { path } = context\n const { user } = context.state\n if (user) {\n return await next()\n }\n\n return await passport.authenticate('jwt', { session: false }, async (err, decoded, info) => {\n if (err \|\| !decoded) {\n const e = (context.state.error = err \|\| info)\n\n clearAccessTokenCookie(context)\n\n context.throw(401, e.message)\n } else {\n const userEntity = await User.checkAuth(decoded)\n\n if (userEntity.status === UserStatus.PWD_RESET_REQUIRED) {\n try {\n const token = makeVerificationToken()\n await saveVerificationToken(userEntity.id, token, VerificationTokenType.PASSWORD_RESET)\n clearAccessTokenCookie(context)\n context.redirect(`/auth/reset-password?token=${token}`)\n } catch (e) {\n throw err\n }\n } else {\n context.state.user = userEntity\n context.state.decodedToken = decoded\n\n if (sessionExpiryPolicy == 'rolling') {\n /* To renew the expiry time on each request, a token is issued and the session is updated. */\n\n const token = await userEntity.sign()\n setAccessTokenCookie(context, token)\n }\n\n await next()\n }\n }\n })(context, next)\n}\n"]}

package/dist-server/migrations/1548206416130-SeedUser.js CHANGED Viewed

@@ -12,7 +12,11 @@ const ADMIN_ACCOUNT = env_1.config.get('adminAccount', {
     password: 'admin'
 });
 const SEED_USERS = [
-    Object.assign(Object.assign({}, ADMIN_ACCOUNT), { userType: 'user', status: user_js_1.UserStatus.ACTIVATED })
+    {
+        ...ADMIN_ACCOUNT,
+        userType: 'user',
+        status: user_js_1.UserStatus.ACTIVATED
+    }
 ];
 class SeedUsers1548206416130 {
     async up(queryRunner) {
@@ -24,8 +28,12 @@ class SeedUsers1548206416130 {
                 const user = SEED_USERS[i];
                 const salt = user_js_1.User.generateSalt();
                 const password = user_js_1.User.encode(user.password, salt);
-                await userRepository.save(Object.assign(Object.assign({}, user), { salt,
-                    password, domains: [domain] }));
+                await userRepository.save({
+                    ...user,
+                    salt,
+                    password,
+                    domains: [domain]
+                });
             }
         }
         catch (e) {

package/dist-server/migrations/1548206416130-SeedUser.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"1548206416130-SeedUser.js","sourceRoot":"","sources":["../../server/migrations/1548206416130-SeedUser.ts"],"names":[],"mappings":";;;AAAA,qCAAgE;AAEhE,6CAAoD;AACpD,iDAA6D;AAE7D,qDAA0D;AAE1D,MAAM,aAAa,GAAG,YAAM,CAAC,GAAG,CAAC,cAAc,EAAE;IAC/C,QAAQ,EAAE,OAAO;IACjB,IAAI,EAAE,OAAO;IACb,KAAK,EAAE,oBAAoB;IAC3B,QAAQ,EAAE,OAAO;CAClB,CAAC,CAAA;AAEF,MAAM,UAAU,GAAG;~~oCAEZ~~,aAAa,~~KAChB,~~QAAQ,EAAE,MAAM,~~EAChB,~~MAAM,EAAE,oBAAU,CAAC,SAAS;~~CAE/B~~,CAAA;AACD,MAAa,sBAAsB;IAC1B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,cAAc,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAA;QAE9C,MAAM,MAAM,GAAW,MAAM,gBAAgB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAEpF,IAAI,CAAC;YACH,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC1B,MAAM,IAAI,GAAG,cAAI,CAAC,YAAY,EAAE,CAAA;gBAChC,MAAM,QAAQ,GAAG,cAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;gBAEjD,MAAM,cAAc,CAAC,IAAI,~~iCACpB~~,IAAI,~~KACP,~~IAAI;oBACJ,QAAQ,~~EACR,~~OAAO,EAAE,CAAC,MAAM,CAAC,~~IACjB~~,CAAA;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAA;QAC5F,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,EAAE,CAAA;QAEvB,MAAM,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACxC,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;QAEtC,UAAU,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;YACxC,IAAI,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;YACrE,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QACjC,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAtCD,wDAsCC","sourcesContent":["import { ILike, MigrationInterface, QueryRunner } from 'typeorm'\n\nimport { config, logger } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { User, UserStatus } from '../service/user/user.js'\n\nconst ADMIN_ACCOUNT = config.get('adminAccount', {\n username: 'admin',\n name: 'Admin',\n email: 'admin@hatiolab.com',\n password: 'admin'\n})\n\nconst SEED_USERS = [\n {\n ...ADMIN_ACCOUNT,\n userType: 'user',\n status: UserStatus.ACTIVATED\n }\n]\nexport class SeedUsers1548206416130 implements MigrationInterface {\n public async up(queryRunner: QueryRunner): Promise<any> {\n const userRepository = getRepository(User)\n const domainRepository = getRepository(Domain)\n\n const domain: Domain = await domainRepository.findOne({ where: { name: 'SYSTEM' } })\n\n try {\n for (let i = 0; i < SEED_USERS.length; i++) {\n const user = SEED_USERS[i]\n const salt = User.generateSalt()\n const password = User.encode(user.password, salt)\n\n await userRepository.save({\n ...user,\n salt,\n password,\n domains: [domain]\n })\n }\n } catch (e) {\n logger.error(e)\n }\n\n const admin = await userRepository.findOne({ where: { email: ILike(ADMIN_ACCOUNT.email) } })\n domain.owner = admin.id\n\n await domainRepository.save(domain)\n }\n\n public async down(queryRunner: QueryRunner): Promise<any> {\n const repository = getRepository(User)\n\n SEED_USERS.reverse().forEach(async user => {\n let record = await repository.findOneBy({ email: ILike(user.email) })\n await repository.remove(record)\n })\n }\n}\n"]}
1	+ {"version":3,"file":"1548206416130-SeedUser.js","sourceRoot":"","sources":["../../server/migrations/1548206416130-SeedUser.ts"],"names":[],"mappings":";;;AAAA,qCAAgE;AAEhE,6CAAoD;AACpD,iDAA6D;AAE7D,qDAA0D;AAE1D,MAAM,aAAa,GAAG,YAAM,CAAC,GAAG,CAAC,cAAc,EAAE;IAC/C,QAAQ,EAAE,OAAO;IACjB,IAAI,EAAE,OAAO;IACb,KAAK,EAAE,oBAAoB;IAC3B,QAAQ,EAAE,OAAO;CAClB,CAAC,CAAA;AAEF,MAAM,UAAU,GAAG;IACjB;QACE,GAAG,aAAa;QAChB,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,oBAAU,CAAC,SAAS;KAC7B;CACF,CAAA;AACD,MAAa,sBAAsB;IAC1B,KAAK,CAAC,EAAE,CAAC,WAAwB;QACtC,MAAM,cAAc,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAA,qBAAa,EAAC,cAAM,CAAC,CAAA;QAE9C,MAAM,MAAM,GAAW,MAAM,gBAAgB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAA;QAEpF,IAAI,CAAC;YACH,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC1B,MAAM,IAAI,GAAG,cAAI,CAAC,YAAY,EAAE,CAAA;gBAChC,MAAM,QAAQ,GAAG,cAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;gBAEjD,MAAM,cAAc,CAAC,IAAI,CAAC;oBACxB,GAAG,IAAI;oBACP,IAAI;oBACJ,QAAQ;oBACR,OAAO,EAAE,CAAC,MAAM,CAAC;iBAClB,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,YAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,CAAA;QAC5F,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC,EAAE,CAAA;QAEvB,MAAM,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACrC,CAAC;IAEM,KAAK,CAAC,IAAI,CAAC,WAAwB;QACxC,MAAM,UAAU,GAAG,IAAA,qBAAa,EAAC,cAAI,CAAC,CAAA;QAEtC,UAAU,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,EAAC,IAAI,EAAC,EAAE;YACxC,IAAI,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,IAAA,eAAK,EAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;YACrE,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QACjC,CAAC,CAAC,CAAA;IACJ,CAAC;CACF;AAtCD,wDAsCC","sourcesContent":["import { ILike, MigrationInterface, QueryRunner } from 'typeorm'\n\nimport { config, logger } from '@things-factory/env'\nimport { Domain, getRepository } from '@things-factory/shell'\n\nimport { User, UserStatus } from '../service/user/user.js'\n\nconst ADMIN_ACCOUNT = config.get('adminAccount', {\n username: 'admin',\n name: 'Admin',\n email: 'admin@hatiolab.com',\n password: 'admin'\n})\n\nconst SEED_USERS = [\n {\n ...ADMIN_ACCOUNT,\n userType: 'user',\n status: UserStatus.ACTIVATED\n }\n]\nexport class SeedUsers1548206416130 implements MigrationInterface {\n public async up(queryRunner: QueryRunner): Promise<any> {\n const userRepository = getRepository(User)\n const domainRepository = getRepository(Domain)\n\n const domain: Domain = await domainRepository.findOne({ where: { name: 'SYSTEM' } })\n\n try {\n for (let i = 0; i < SEED_USERS.length; i++) {\n const user = SEED_USERS[i]\n const salt = User.generateSalt()\n const password = User.encode(user.password, salt)\n\n await userRepository.save({\n ...user,\n salt,\n password,\n domains: [domain]\n })\n }\n } catch (e) {\n logger.error(e)\n }\n\n const admin = await userRepository.findOne({ where: { email: ILike(ADMIN_ACCOUNT.email) } })\n domain.owner = admin.id\n\n await domainRepository.save(domain)\n }\n\n public async down(queryRunner: QueryRunner): Promise<any> {\n const repository = getRepository(User)\n\n SEED_USERS.reverse().forEach(async user => {\n let record = await repository.findOneBy({ email: ILike(user.email) })\n await repository.remove(record)\n })\n }\n}\n"]}

package/dist-server/router/auth-checkin-router.js CHANGED Viewed

@@ -9,7 +9,7 @@ const login_history_js_1 = require("../service/login-history/login-history.js");
 const accepts_js_1 = require("../utils/accepts.js");
 const access_token_cookie_js_1 = require("../utils/access-token-cookie.js");
 const get_user_domains_js_1 = require("../utils/get-user-domains.js");
-const domainType = env_1.config.get('domainType');
+const domainTypes = env_1.config.get('domainTypes');
 exports.authCheckinRouter = new koa_router_1.default();
 exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {
     const { request, t } = context;
@@ -17,8 +17,6 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
     const { user } = context.state;
     let { subdomain } = context.params;
     let domains = await (0, get_user_domains_js_1.getUserDomains)(user);
-    if (domainType)
-        domains = domains.filter(d => d.extType == domainType);
     if (!(0, accepts_js_1.accepts)(header.accept, ['text/html', '*/*'])) {
         // When request expects non html response
         try {
@@ -68,7 +66,7 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
                         userType: user.userType
                     },
                     domains,
-                    domainType,
+                    domainTypes,
                     redirectTo,
                     message
                 }
@@ -80,14 +78,14 @@ exports.authCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next)
         }
     }
 });
-exports.authCheckinRouter.get('/auth/domains', async (context) => {
-    const { user } = context.state;
-    var domains = await (0, get_user_domains_js_1.getUserDomains)(user);
-    if (domainType) {
-        domains = domains.filter(d => d.extType == domainType);
-    }
-    context.body = domains;
-});
+// authCheckinRouter.get('/auth/domains', async context => {
+//   const { user } = context.state
+//   var domains = await getUserDomains(user)
+//   if (domainTypes) {
+//     domains = domains.filter(d => d.extType == domainTypes)
+//   }
+//   context.body = domains
+// })
 async function checkIn(checkInDomain, redirectTo, context) {
     const { user } = context.state;
     const remoteAddress = context.req.headers['x-forwarded-for']
@@ -95,7 +93,7 @@ async function checkIn(checkInDomain, redirectTo, context) {
         : context.req.connection.remoteAddress;
     await login_history_js_1.LoginHistory.stamp(checkInDomain, user, remoteAddress);
     if (redirectTo) {
-        return context.redirect((0, shell_1.getRedirectSubdomainPath)(context, checkInDomain.subdomain, redirectTo));
+        return context.redirect((0, shell_1.getRedirectSubdomainPath)(context, checkInDomain, redirectTo));
     }
 }
 //# sourceMappingURL=auth-checkin-router.js.map

package/dist-server/router/auth-checkin-router.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auth-checkin-router.js","sourceRoot":"","sources":["../../server/router/auth-checkin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA+F;AAE/F,gFAAwE;AAExE,oDAA6C;AAC7C,4EAAwE;AACxE,sEAA6D;AAE7D,MAAM,~~UAAU~~,GAAG,YAAM,CAAC,GAAG,CAAC,~~YAAY~~,CAAC,CAAA;~~AAE9B~~,QAAA,iBAAiB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE7C,yBAAiB,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzE,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;IAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAElC,IAAI,OAAO,GAAsB,MAAM,IAAA,oCAAc,EAAC,IAAI,CAAC,CAAA;~~IAC3D~~,IAAI,~~UAAU;QAAE,OAAO,GAAG,OAAO,~~CAAC,~~MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA;IAEtE,IAAI,CAAC,~~IAAA,oBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QAClD,yCAAyC;QACzC,IAAI,CAAC;YACH,IAAI,CAAC,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA,CAAC,qCAAqC;YACrH,MAAM,aAAa,GAAgC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAA,CAAC,wCAAwC;YACxI,IAAI,CAAC,aAAa;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;YAEnF,MAAM,OAAO,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;YAC3C,OAAO,CAAC,IAAI,GAAG,IAAI,CAAA;QACrB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,MAAM,CAAC,CAAA;QACT,CAAC;IACH,CAAC;SAAM,CAAC;QACN,qCAAqC;QACrC,MAAM,EAAE,WAAW,EAAE,UAAU,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEvD,IAAI,CAAC;YACH,IAAI,OAAe,CAAA;YAEnB,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,6CAA6C;gBAC7C,SAAS,GAAG,IAAA,6BAAqB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YACxD,CAAC;YAED,IAAI,aAA8B,CAAA;YAClC,IAAI,SAAS,EAAE,CAAC;gBACd,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;gBAC3D,IAAI,CAAC,aAAa;oBAAE,OAAO,GAAG,CAAC,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAA;YAC5E,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAChC,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;YAC5B,CAAC;YAED,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,MAAM,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YAC1D,CAAC;YAED,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,cAAc;gBAC3B,aAAa,EAAE,kBAAkB;gBACjC,IAAI,EAAE;oBACJ,IAAI,EAAE;wBACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;wBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB;oBACD,OAAO;oBACP,~~UAAU~~;~~oBACV~~,UAAU;oBACV,OAAO;iBACR;aACF,CAAC,CAAA;QACJ,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,OAAO,CAAC,QAAQ,CACd,yBAAyB,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAC3G,CAAA;QACH,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,~~yBAAiB~~,~~CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,EAAC,OAAO,EAAC,EAAE~~;~~IACrD~~,~~MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA~~;~~IAC9B~~,~~IAAI,OAAO,GAAG,MAAM,IAAA,oCAAc,EAAC,IAAI,CAAC,CAAA~~;~~IACxC~~,~~IAAI,UAAU,EAAE,CAAC~~;~~QACf~~,~~OAAO,GAAG,OAAO,CAAC,~~MAAM~~,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,UAAU,CAAC,CAAA~~;~~IACxD~~,~~CAAC~~;~~IAED~~,~~OAAO,CAAC,IAAI,GAAG,OAAO,CAAA~~;~~AACxB~~,~~CAAC,CAAC,CAAA;AAEF,~~KAAK,UAAU,OAAO,CACpB,aAA8B,EAC9B,UAAyB,EACzB,OAAwB;IAExB,MAAM,EAAE,IAAI,EAAE,GAAmB,OAAO,CAAC,KAAK,CAAA;IAC9C,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC;QAC1D,CAAC,CAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;QACzE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,CAAA;IAExC,MAAM,+BAAY,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,EAAE,aAAa,CAAC,CAAA;IAE5D,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,OAAO,CAAC,QAAQ,CAAC,IAAA,gCAAwB,EAAC,OAAO,EAAE,aAAa,~~CAAC,SAAS,~~EAAE,UAAU,CAAC,CAAC,CAAA;~~IACjG~~,CAAC;AACH,CAAC","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, findSubdomainFromPath, getRedirectSubdomainPath } from '@things-factory/shell'\n\nimport { LoginHistory } from '../service/login-history/login-history.js'\nimport { User } from '../service/user/user.js'\nimport { accepts } from '../utils/accepts.js'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie.js'\nimport { getUserDomains } from '../utils/get-user-domains.js'\n\nconst ~~domainType~~ = config.get('~~domainType~~')\n\nexport const authCheckinRouter = new Router()\n\nauthCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {\n const { request, t } = context\n const header = request.header\n const { user } = context.state\n let { subdomain } = context.params\n\n let domains: Partial<Domain>[] = await getUserDomains(user)\n ~~if (domainType) domains = domains.filter(d => d.extType == domainType)~~\n\n if (!accepts(header.accept, ['text/html', '/'])) {\n // When request expects non html response\n try {\n if (!subdomain) throw new Error(t('error.domain not specified', { subdomain })) // When params doesn't have subdomain\n const checkInDomain: Partial<Domain> \| undefined = domains.find(d => d.subdomain === subdomain) // When no matched domain with subdomain\n if (!checkInDomain) throw new Error(t('error.domain not specified', { subdomain }))\n\n await checkIn(checkInDomain, null, context)\n context.body = true\n } catch (e) {\n clearAccessTokenCookie(context)\n throw e\n }\n } else {\n // When request expects html response\n const { redirect_to: redirectTo = '/' } = context.query\n\n try {\n let message: string\n\n if (!subdomain) {\n /* try to find domain from redirectTo path */\n subdomain = findSubdomainFromPath(context, redirectTo)\n }\n\n let checkInDomain: Partial<Domain>\n if (subdomain) {\n checkInDomain = domains.find(d => d.subdomain == subdomain)\n if (!checkInDomain) message = t('error.domain not allowed', { subdomain })\n } else if (domains.length === 1) {\n checkInDomain = domains[0]\n }\n\n if (checkInDomain) {\n return await checkIn(checkInDomain, redirectTo, context)\n }\n\n await context.render('auth-page', {\n pageElement: 'auth-checkin',\n elementScript: '/auth/checkin.js',\n data: {\n user: {\n username: user.username,\n email: user.email,\n locale: user.locale,\n name: user.name,\n userType: user.userType\n },\n domains,\n ~~domainType~~,\n redirectTo,\n message\n }\n })\n } catch (e) {\n clearAccessTokenCookie(context)\n context.redirect(\n `/auth/signin?username=${encodeURIComponent(user.username)}&redirect_to=${encodeURIComponent(redirectTo)}`\n )\n }\n }\n})\n\~~nauthCheckinRouter~~.get('/auth/domains', async context => {\n const { user } = context.state\n var domains = await getUserDomains(user)\n if (~~domainType~~) {\n domains = domains.filter(d => d.extType == ~~domainType~~)\n }\n\n context.body = domains\n})\n\nasync function checkIn(\n checkInDomain: Partial<Domain>,\n redirectTo: string \| null,\n context: ResolverContext\n): Promise<void> {\n const { user }: { user: User } = context.state\n const remoteAddress = context.req.headers['x-forwarded-for']\n ? (context.req.headers['x-forwarded-for'] as string).split(',')[0].trim()\n : context.req.connection.remoteAddress\n\n await LoginHistory.stamp(checkInDomain, user, remoteAddress)\n\n if (redirectTo) {\n return context.redirect(getRedirectSubdomainPath(context, checkInDomain~~.subdomain~~, redirectTo))\n }\n}\n"]}
1	+ {"version":3,"file":"auth-checkin-router.js","sourceRoot":"","sources":["../../server/router/auth-checkin-router.ts"],"names":[],"mappings":";;;;AAAA,oEAA+B;AAE/B,6CAA4C;AAC5C,iDAA+F;AAE/F,gFAAwE;AAExE,oDAA6C;AAC7C,4EAAwE;AACxE,sEAA6D;AAE7D,MAAM,WAAW,GAAG,YAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;AAEhC,QAAA,iBAAiB,GAAG,IAAI,oBAAM,EAAE,CAAA;AAE7C,yBAAiB,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzE,MAAM,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,OAAO,CAAA;IAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;IAC7B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,IAAI,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAA;IAElC,IAAI,OAAO,GAAsB,MAAM,IAAA,oCAAc,EAAC,IAAI,CAAC,CAAA;IAE3D,IAAI,CAAC,IAAA,oBAAO,EAAC,MAAM,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QAClD,yCAAyC;QACzC,IAAI,CAAC;YACH,IAAI,CAAC,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA,CAAC,qCAAqC;YACrH,MAAM,aAAa,GAAgC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAA,CAAC,wCAAwC;YACxI,IAAI,CAAC,aAAa;gBAAE,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;YAEnF,MAAM,OAAO,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAA;YAC3C,OAAO,CAAC,IAAI,GAAG,IAAI,CAAA;QACrB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,MAAM,CAAC,CAAA;QACT,CAAC;IACH,CAAC;SAAM,CAAC;QACN,qCAAqC;QACrC,MAAM,EAAE,WAAW,EAAE,UAAU,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;QAEvD,IAAI,CAAC;YACH,IAAI,OAAe,CAAA;YAEnB,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,6CAA6C;gBAC7C,SAAS,GAAG,IAAA,6BAAqB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YACxD,CAAC;YAED,IAAI,aAA8B,CAAA;YAClC,IAAI,SAAS,EAAE,CAAC;gBACd,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,CAAA;gBAC3D,IAAI,CAAC,aAAa;oBAAE,OAAO,GAAG,CAAC,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,CAAC,CAAA;YAC5E,CAAC;iBAAM,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAChC,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;YAC5B,CAAC;YAED,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,MAAM,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YAC1D,CAAC;YAED,MAAM,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE;gBAChC,WAAW,EAAE,cAAc;gBAC3B,aAAa,EAAE,kBAAkB;gBACjC,IAAI,EAAE;oBACJ,IAAI,EAAE;wBACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;wBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB;oBACD,OAAO;oBACP,WAAW;oBACX,UAAU;oBACV,OAAO;iBACR;aACF,CAAC,CAAA;QACJ,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,IAAA,+CAAsB,EAAC,OAAO,CAAC,CAAA;YAC/B,OAAO,CAAC,QAAQ,CACd,yBAAyB,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAC3G,CAAA;QACH,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,4DAA4D;AAC5D,mCAAmC;AACnC,6CAA6C;AAC7C,uBAAuB;AACvB,8DAA8D;AAC9D,MAAM;AAEN,2BAA2B;AAC3B,KAAK;AAEL,KAAK,UAAU,OAAO,CACpB,aAA8B,EAC9B,UAAyB,EACzB,OAAwB;IAExB,MAAM,EAAE,IAAI,EAAE,GAAmB,OAAO,CAAC,KAAK,CAAA;IAC9C,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC;QAC1D,CAAC,CAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;QACzE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,CAAA;IAExC,MAAM,+BAAY,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,EAAE,aAAa,CAAC,CAAA;IAE5D,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,OAAO,CAAC,QAAQ,CAAC,IAAA,gCAAwB,EAAC,OAAO,EAAE,aAAa,EAAE,UAAU,CAAC,CAAC,CAAA;IACvF,CAAC;AACH,CAAC","sourcesContent":["import Router from 'koa-router'\n\nimport { config } from '@things-factory/env'\nimport { Domain, findSubdomainFromPath, getRedirectSubdomainPath } from '@things-factory/shell'\n\nimport { LoginHistory } from '../service/login-history/login-history.js'\nimport { User } from '../service/user/user.js'\nimport { accepts } from '../utils/accepts.js'\nimport { clearAccessTokenCookie } from '../utils/access-token-cookie.js'\nimport { getUserDomains } from '../utils/get-user-domains.js'\n\nconst domainTypes = config.get('domainTypes')\n\nexport const authCheckinRouter = new Router()\n\nauthCheckinRouter.get('/auth/checkin/:subdomain?', async (context, next) => {\n const { request, t } = context\n const header = request.header\n const { user } = context.state\n let { subdomain } = context.params\n\n let domains: Partial<Domain>[] = await getUserDomains(user)\n\n if (!accepts(header.accept, ['text/html', '/'])) {\n // When request expects non html response\n try {\n if (!subdomain) throw new Error(t('error.domain not specified', { subdomain })) // When params doesn't have subdomain\n const checkInDomain: Partial<Domain> \| undefined = domains.find(d => d.subdomain === subdomain) // When no matched domain with subdomain\n if (!checkInDomain) throw new Error(t('error.domain not specified', { subdomain }))\n\n await checkIn(checkInDomain, null, context)\n context.body = true\n } catch (e) {\n clearAccessTokenCookie(context)\n throw e\n }\n } else {\n // When request expects html response\n const { redirect_to: redirectTo = '/' } = context.query\n\n try {\n let message: string\n\n if (!subdomain) {\n /* try to find domain from redirectTo path */\n subdomain = findSubdomainFromPath(context, redirectTo)\n }\n\n let checkInDomain: Partial<Domain>\n if (subdomain) {\n checkInDomain = domains.find(d => d.subdomain == subdomain)\n if (!checkInDomain) message = t('error.domain not allowed', { subdomain })\n } else if (domains.length === 1) {\n checkInDomain = domains[0]\n }\n\n if (checkInDomain) {\n return await checkIn(checkInDomain, redirectTo, context)\n }\n\n await context.render('auth-page', {\n pageElement: 'auth-checkin',\n elementScript: '/auth/checkin.js',\n data: {\n user: {\n username: user.username,\n email: user.email,\n locale: user.locale,\n name: user.name,\n userType: user.userType\n },\n domains,\n domainTypes,\n redirectTo,\n message\n }\n })\n } catch (e) {\n clearAccessTokenCookie(context)\n context.redirect(\n `/auth/signin?username=${encodeURIComponent(user.username)}&redirect_to=${encodeURIComponent(redirectTo)}`\n )\n }\n }\n})\n\n// authCheckinRouter.get('/auth/domains', async context => {\n// const { user } = context.state\n// var domains = await getUserDomains(user)\n// if (domainTypes) {\n// domains = domains.filter(d => d.extType == domainTypes)\n// }\n\n// context.body = domains\n// })\n\nasync function checkIn(\n checkInDomain: Partial<Domain>,\n redirectTo: string \| null,\n context: ResolverContext\n): Promise<void> {\n const { user }: { user: User } = context.state\n const remoteAddress = context.req.headers['x-forwarded-for']\n ? (context.req.headers['x-forwarded-for'] as string).split(',')[0].trim()\n : context.req.connection.remoteAddress\n\n await LoginHistory.stamp(checkInDomain, user, remoteAddress)\n\n if (redirectTo) {\n return context.redirect(getRedirectSubdomainPath(context, checkInDomain, redirectTo))\n }\n}\n"]}

package/dist-server/router/auth-private-process-router.js CHANGED Viewed

@@ -12,7 +12,6 @@ const profile_js_1 = require("../controllers/profile.js");
 const user_js_1 = require("../service/user/user.js");
 const access_token_cookie_js_1 = require("../utils/access-token-cookie.js");
 const get_user_domains_js_1 = require("../utils/get-user-domains.js");
-const domainType = env_1.config.get('domainType');
 const languages = env_1.config.get('i18n/languages') || [];
 exports.authPrivateProcessRouter = new koa_router_1.default({
     prefix: '/auth'
@@ -70,7 +69,6 @@ exports.authPrivateProcessRouter
         return;
     }
     let domains = await (0, get_user_domains_js_1.getUserDomains)(user);
-    domains = domains.filter((d) => d.extType == domainType);
     var privileges = await user_js_1.User.getPrivilegesByDomain(user, domain);
     if (prohibitedPrivileges) {
         prohibitedPrivileges.forEach(({ category, privilege }) => {
@@ -88,10 +86,18 @@ exports.authPrivateProcessRouter
             unsafeIP,
             privileges
         },
-        domains,
+        domains: domains.map(({ id, name, description, subdomain, extType, brandName, brandImage }) => {
+            return {
+                name,
+                description,
+                subdomain,
+                extType
+            };
+        }),
         domain: domain && {
             name: domain.name,
-            subdomain: domain.subdomain
+            subdomain: domain.subdomain,
+            type: domain.extType
         },
         languages
     };