@tomei/sso 0.48.3 → 0.49.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tomei/sso",
-  "version": "0.48.3",
+  "version": "0.49.0",
   "description": "Tomei SSO Package",
   "main": "dist/index.js",
   "scripts": {

package/src/components/login-user/login-user.ts

@@ -7,6 +7,7 @@ import { RedisService } from '../../redis-client/redis.service';
 import { UserRepository } from './user.repository';
 import { IUserAttr, IUserInfo } from './interfaces/user-info.interface';
 import Staff from '../../models/staff.entity';
+import { createHash, randomBytes } from 'crypto';
 
 export class LoginUser extends User implements ILoginUser {
   session = {

package/src/components/login-user/user.ts

@@ -32,7 +32,7 @@ import { LoginStatusEnum } from '../../enum/login-status.enum';
 import { RedisService } from '../../redis-client/redis.service';
 import { LoginUser } from './login-user';
 import { SessionService } from '../../session/session.service';
-import { randomUUID } from 'crypto';
+import { createHash, randomBytes, randomUUID } from 'crypto';
 
 export class User extends UserBase {
   ObjectId: string;
@@ -1271,6 +1271,112 @@ export class User extends UserBase {
     }
   }
 
+  public async generateAuthorizationToken(): Promise<{
+    plaintextToken: string;
+    hashedToken: string;
+  }> {
+    // Generate a random token
+    const plaintextToken = randomBytes(32).toString('hex'); // 64-character hex string
+
+    // Hash the token using SHA-256
+    const hashedToken = createHash('sha256')
+      .update(plaintextToken)
+      .digest('hex');
+
+    // Save the hashed token to Redis
+    this._SessionService.setAuthorizationCode(
+      this.ObjectId,
+      hashedToken,
+      60 * 60 * 24,
+    ); // 24 hours
+
+    // Return the plaintext token for the user to use
+    return { plaintextToken, hashedToken };
+  }
+
+  public async validateAuthorizationToken(
+    autorizationToken: string,
+  ): Promise<boolean> {
+    try {
+      const hashedSubmittedToken = createHash('sha256')
+        .update(autorizationToken)
+        .digest('hex');
+
+      // Check if the token exists in Redis
+      const userId = await this._SessionService.retrieveAuthorizationCode(
+        hashedSubmittedToken,
+      );
+      if (!userId) {
+        return false;
+      }
+
+      await this._SessionService.deleteAuthorizationCode(hashedSubmittedToken);
+      return true;
+    } catch (error) {
+      throw error;
+    }
+  }
+
+  public static async resetPassword(
+    sessionService: ISessionService,
+    autorizationToken: string,
+    password: string,
+    dbTransaction: any,
+  ): Promise<void> {
+    try {
+      const hashedSubmittedToken = createHash('sha256')
+        .update(autorizationToken)
+        .digest('hex');
+
+      // Check if the token exists in Redis
+      const userId = await sessionService.retrieveAuthorizationCode(
+        hashedSubmittedToken,
+      );
+      if (!userId) {
+        // Token is not valid, throw an error
+        throw new ClassError(
+          'LoginUser',
+          'LoginUserErrMsg0X',
+          'Invalid token',
+          'setupFirstPassword',
+          401,
+        );
+      }
+
+      await sessionService.deleteAuthorizationCode(hashedSubmittedToken);
+      console.log(`Token verified for user: ${userId}`);
+
+      //Instantiate user
+      const user = await User.init(
+        sessionService,
+        parseInt(userId),
+        dbTransaction,
+      );
+
+      //Set new password
+      await User.setPassword(dbTransaction, user, password);
+
+      //Update user record
+      await User._Repository.update(
+        {
+          Password: user._Password,
+          DefaultPasswordChangedYN: YN.Yes,
+          NeedToChangePasswordYN: YN.No,
+        },
+        {
+          where: {
+            UserId: user.UserId,
+          },
+          transaction: dbTransaction,
+        },
+      );
+    } catch (error) {
+      throw error;
+    }
+  }
+
+  public async;
+
   public static async create(
     loginUser: User,
     dbTransaction: any,

package/src/components/system-privilege/system-privilege.ts

@@ -196,7 +196,9 @@ export class SystemPrivilege extends ObjectBase {
           CreatedAt: newSystemPrivilege._CreatedAt,
           UpdatedAt: newSystemPrivilege._UpdatedAt,
         },
-        dbTransaction,
+        {
+          transaction: dbTransaction,
+        },
       );
 
       //Part 4: Record Create Privilege Activity

package/src/components/user-group/user-group.ts

@@ -357,7 +357,7 @@ export class UserGroup extends ObjectBase {
       const userGroups = await UserGroup._Repository.findAll({
         where: {
           UserId,
-          InheritGroupSystemAccessYN: 'Y',
+          Status: 'Active',
         },
         include: [
           {

package/src/redis-client/redis.service.ts

@@ -57,6 +57,14 @@ export class RedisService {
     }
   }
 
+  public async del(key: string): Promise<void> {
+    try {
+      await RedisService.client.del(key);
+    } catch (error) {
+      throw error;
+    }
+  }
+
   public static async close(): Promise<void> {
     try {
       await RedisService.client.disconnect();

package/src/session/interfaces/session-service.interface.ts

@@ -4,4 +4,11 @@ export interface ISessionService {
   retrieveUserSession(userId: string): Promise<IUserSession>;
   setUserSession(userId: string, sessionData: IUserSession): Promise<void>;
   refreshDuration(userId: string): Promise<void>;
+  setAuthorizationCode(
+    token: string,
+    value: string,
+    expire: number,
+  ): Promise<void>;
+  retrieveAuthorizationCode(token: string): Promise<string>;
+  deleteAuthorizationCode(token: string): Promise<void>;
 }

package/src/session/session.service.ts

@@ -51,4 +51,35 @@ export class SessionService implements ISessionService {
       throw error;
     }
   }
+
+  async setAuthorizationCode(
+    token: string,
+    value: string,
+    expire: number,
+  ): Promise<void> {
+    try {
+      const key = `tomei-auth-code:${token}`;
+      await SessionService._RedisService.set(key, value, expire);
+    } catch (error) {
+      throw error;
+    }
+  }
+
+  async retrieveAuthorizationCode(token: string): Promise<string> {
+    try {
+      const key = `tomei-auth-code:${token}`;
+      return await SessionService._RedisService.get(key);
+    } catch (error) {
+      throw error;
+    }
+  }
+
+  async deleteAuthorizationCode(token: string): Promise<void> {
+    try {
+      const key = `tomei-auth-code:${token}`;
+      await SessionService._RedisService.del(key);
+    } catch (error) {
+      throw error;
+    }
+  }
 }