npm - @tomei/sso - Versions diffs - 0.64.1 → 0.66.0 - Mend

@tomei/sso 0.64.1 → 0.66.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@tomei/sso",
-  "version": "0.64.1",
+  "version": "0.66.0",
   "description": "Tomei SSO Package",
   "main": "dist/index.js",
   "scripts": {
@@ -71,7 +71,7 @@
     "sequelize-cli": "^6.6.3",
     "sequelize-typescript": "^2.1.6",
     "speakeasy": "^2.0.0",
-    "uuid": "^9.0.1"
+    "uuid": "^11.1.0"
   },
   "lint-staged": {
     "*/**/*.{js,ts,tsx}": [
@@ -83,5 +83,8 @@
     "reportPath": "coverage",
     "reportFile": "test-report.xml",
     "indent": 2
+  },
+  "dependencies": {
+    "axios": "^1.13.2"
   }
 }

package/src/components/login-user/login-user.ts CHANGED Viewed

@@ -12,7 +12,8 @@ import { createHash, randomBytes, randomUUID } from 'crypto';
 import { UserGroupRepository } from '../user-group/user-group.repository';
 import GroupSystemAccessModel from '../../models/group-system-access.entity';
 import SystemModel from '../../models/system.entity';
-import { ApplicationConfig } from '@tomei/config';
+import { ApplicationConfig, ComponentConfig } from '@tomei/config';
+import axios from 'axios';
 export class LoginUser extends User implements ILoginUser {
   session = {
@@ -26,20 +27,24 @@ export class LoginUser extends User implements ILoginUser {
   ): Promise<LoginUser> {
     User._RedisService = await RedisService.init();
     if (userId) {
-      if (dbTransaction) {
-        User._Repository = new UserRepository();
-      }
-      const user = await User._Repository.findOne({
-        where: {
-          UserId: userId,
-        },
-        include: [
-          {
-            model: Staff,
+      const loginApiEndpoint = ComponentConfig.getComponentConfigValue(
+        '@tomei/sso',
+        'loginApiEndpoint',
+      );
+      let payload = { UserId: userId };
+      const { data } = await axios.post(
+        `${loginApiEndpoint.baseUrl}${loginApiEndpoint.getProfile}`,
+        payload,
+        {
+          headers: {
+            'Content-Type': 'application/json',
+            'x-api-key': loginApiEndpoint.apiKey,
           },
-        ],
-        transaction: dbTransaction,
-      });
+        },
+      );
+      const user = data.loginUser;
       if (!user) {
         throw new Error('Invalid credentials.');
@@ -54,21 +59,21 @@ export class LoginUser extends User implements ILoginUser {
           IDType: user?.IdType || null,
           ContactNo: user?.ContactNo || null,
           Email: user.Email,
-          Password: user.Password,
+          Password: null,
           Status: user.Status,
-          DefaultPasswordChangedYN: user.DefaultPasswordChangedYN,
-          FirstLoginAt: user.FirstLoginAt,
-          LastLoginAt: user.LastLoginAt,
-          MFAEnabled: user.MFAEnabled,
-          MFAConfig: user.MFAConfig,
-          MFABypassYN: user.MFABypassYN,
-          RecoveryEmail: user.RecoveryEmail,
-          FailedLoginAttemptCount: user.FailedLoginAttemptCount,
-          LastFailedLoginAt: user.LastFailedLoginAt,
-          LastPasswordChangedAt: user.LastPasswordChangedAt,
-          NeedToChangePasswordYN: user.NeedToChangePasswordYN,
-          PasscodeHash: user.PasscodeHash,
-          PasscodeUpdatedAt: user.PasscodeUpdatedAt,
+          DefaultPasswordChangedYN: null,
+          FirstLoginAt: null,
+          LastLoginAt: null,
+          MFAEnabled: null,
+          MFAConfig: null,
+          MFABypassYN: null,
+          RecoveryEmail: null,
+          FailedLoginAttemptCount: null,
+          LastFailedLoginAt: null,
+          LastPasswordChangedAt: null,
+          NeedToChangePasswordYN: null,
+          PasscodeHash: null,
+          PasscodeUpdatedAt: null,
           CreatedById: user.CreatedById,
           CreatedAt: user.CreatedAt,
           UpdatedById: user.UpdatedById,
@@ -99,21 +104,28 @@ export class LoginUser extends User implements ILoginUser {
         throw new Error('Session name is not set');
       }
-      const userSession = await this._SessionService.retrieveUserSession(
-        this.ObjectId,
-        sessionName,
+      const loginApiEndpoint = ComponentConfig.getComponentConfigValue(
+        '@tomei/sso',
+        'loginApiEndpoint',
       );
-      const systemLogin = userSession.systemLogins.find(
-        (system) => system.code === systemCode,
+      let payload = {
+        SystemCode: systemCode,
+        SessionName: sessionName,
+        PrivilegeName: privilegeName,
+        UserId: this.ObjectId,
+      };
+      const { data } = await axios.post(
+        `${loginApiEndpoint.baseUrl}${loginApiEndpoint.checkPrivileges}`,
+        payload,
+        {
+          headers: {
+            'Content-Type': 'application/json',
+            'x-api-key': loginApiEndpoint.apiKey,
+          },
+        },
       );
+      const hasPrivilege = data.hasPrivilege;
-      if (!systemLogin) {
-        return false;
-      }
-      const privileges = systemLogin.privileges;
-      const hasPrivilege = privileges.includes(privilegeName);
       return hasPrivilege;
     } catch (error) {
       throw error;
@@ -131,28 +143,27 @@ export class LoginUser extends User implements ILoginUser {
       if (!sessionName) {
         throw new Error('Session name is not set');
       }
-      const userSession = await this._SessionService.retrieveUserSession(
-        userId,
-        sessionName,
+      const loginApiEndpoint = ComponentConfig.getComponentConfigValue(
+        '@tomei/sso',
+        'loginApiEndpoint',
       );
-      if (userSession.systemLogins.length === 0) {
-        throw new Error('Session expired.');
-      }
-      const systemLogin = userSession.systemLogins.find(
-        (sl) => sl.code === systemCode,
+      let payload = {
+        SystemCode: systemCode,
+        SessionName: sessionName,
+        SessionId: sessionId,
+        UserId: userId,
+      };
+      const { data } = await axios.post(
+        `${loginApiEndpoint.baseUrl}${loginApiEndpoint.checkSession}`,
+        payload,
+        {
+          headers: {
+            'Content-Type': 'application/json',
+            'x-api-key': loginApiEndpoint.apiKey,
+          },
+        },
       );
-      if (!systemLogin) {
-        throw new Error('Session expired.');
-      }
-      if (systemLogin.sessionId !== sessionId) {
-        throw new Error('Session expired.');
-      }
-      await this._SessionService.refreshDuration(userId, sessionName);
+      const systemLogin = data.systemLogin;
       return systemLogin;
     } catch (error) {
@@ -328,36 +339,26 @@ export class LoginUser extends User implements ILoginUser {
       throw new Error('Session name is not set in the configuration');
     }
-    const userSession = await this._SessionService.retrieveUserSession(
-      this.ObjectId,
-      sessionName,
+    const loginApiEndpoint = ComponentConfig.getComponentConfigValue(
+      '@tomei/sso',
+      'loginApiEndpoint',
     );
-    const systemLogin = userSession.systemLogins.find(
-      (system) => system.code === systemCode,
-    );
-    if (systemLogin) {
-      const privileges = await this.getPrivileges(systemCode, dbTransaction);
-      systemLogin.sessionId = sessionId;
-      systemLogin.privileges = privileges;
-      userSession.systemLogins.map((system) =>
-        system.code === systemCode ? systemLogin : system,
-      );
-    } else {
-      // if not, add new system login into the userSession
-      const newLogin = {
-        id: systemCode,
-        code: systemCode,
-        sessionId: sessionId,
-        privileges: await this.getPrivileges(systemCode, dbTransaction),
-      };
-      userSession.systemLogins.push(newLogin);
-    }
-    // then update userSession inside the redis storage with 1 day duration of time-to-live
-    this._SessionService.setUserSession(
-      this.ObjectId,
-      userSession,
-      sessionName,
+    let payload = {
+      SystemCode: systemCode,
+      SessionName: sessionName,
+      SessionId: sessionId,
+      UserId: this.ObjectId,
+    };
+    await axios.post(
+      `${loginApiEndpoint.baseUrl}${loginApiEndpoint.setSession}`,
+      payload,
+      {
+        headers: {
+          'Content-Type': 'application/json',
+          'x-api-key': loginApiEndpoint.apiKey,
+        },
+      },
     );
   }
 }

package/src/components/login-user/user.ts CHANGED Viewed

@@ -1826,7 +1826,7 @@ export class User extends UserBase {
     // Part 2: Retrieve Parent Group System Access If Applicable
     // 2.1 Check if Params.group.InheritParentSystemAccessYN is "Y" and Params.group.ParentGroupCode is not empty
-    if (group.InheritParentPrivilegeYN === 'Y' && group.ParentGroupCode) {
+    if (group.InheritParentSystemAccessYN === 'Y' && group.ParentGroupCode) {
       const GroupCode = group.ParentGroupCode;
       const parentGroup = await User._GroupRepo.findByPk(
         GroupCode,

package/src/index.ts CHANGED Viewed

@@ -6,3 +6,4 @@ export * from './session';
 export * from './enum';
 export * as ssoDb from './database';
 export * from './types';
+export * from './models/user.entity';