@volcanicminds/backend 2.0.4 → 2.1.0

package/dist/lib/api/auth/controller/auth.js

@@ -1,347 +1,259 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __rest = (this && this.__rest) || function (s, e) {
-    var t = {};
-    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
-        t[p] = s[p];
-    if (s != null && typeof Object.getOwnPropertySymbols === "function")
-        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
-            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
-                t[p[i]] = s[p[i]];
-        }
-    return t;
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.register = register;
-exports.unregister = unregister;
-exports.validatePassword = validatePassword;
-exports.changePassword = changePassword;
-exports.forgotPassword = forgotPassword;
-exports.confirmEmail = confirmEmail;
-exports.resetPassword = resetPassword;
-exports.login = login;
-exports.refreshToken = refreshToken;
-exports.invalidateTokens = invalidateTokens;
-exports.block = block;
-exports.unblock = unblock;
-const regExp = __importStar(require("../../../util/regexp"));
-function register(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        var _a, _b, _c;
-        const _d = req.data(), { password1: password, password2 } = _d, data = __rest(_d, ["password1", "password2"]);
-        if (!req.server['userManager'].isImplemented()) {
-            throw new Error('Not implemented');
-        }
-        if (!data.username) {
-            return reply.status(400).send(new Error('Username not valid'));
-        }
-        if (!data.email || !regExp.email.test(data.email)) {
-            return reply.status(400).send(new Error('Email not valid'));
-        }
-        if (!password || !regExp.password.test(password)) {
-            return reply.status(400).send(new Error('Password not valid'));
-        }
-        if (!password2 || password2 !== password) {
-            return reply.status(400).send(new Error('Repeated password not match'));
-        }
-        let existings = yield req.server['userManager'].retrieveUserByEmail(data.email);
-        if (existings) {
-            return reply.status(400).send(new Error('Email already registered'));
-        }
-        if ((data.requiredRoles || []).includes('admin')) {
-            existings = yield req.server['userManager'].findQuery({ 'roles:in': 'admin' });
-            if ((_a = existings === null || existings === void 0 ? void 0 : existings.records) === null || _a === void 0 ? void 0 : _a.length) {
-                return reply.status(400).send(new Error('User admin already registered'));
-            }
-        }
-        const publicRole = ((_c = (_b = global.roles) === null || _b === void 0 ? void 0 : _b.public) === null || _c === void 0 ? void 0 : _c.code) || 'public';
-        data.roles = (data.requiredRoles || []).map((r) => { var _a; return (_a = global.roles[r]) === null || _a === void 0 ? void 0 : _a.code; }).filter((r) => !!r);
-        if (!data.roles.includes(publicRole)) {
-            data.roles.push(publicRole);
-        }
-        const user = yield req.server['userManager'].createUser(Object.assign(Object.assign({}, data), { password: password }));
-        if (!user) {
-            return reply.status(400).send(new Error('User not registered'));
+import * as regExp from '../../../util/regexp.js';
+export async function register(req, reply) {
+    const { password1: password, password2, ...data } = req.data();
+    if (!req.server['userManager'].isImplemented()) {
+        throw new Error('Not implemented');
+    }
+    if (!data.username) {
+        return reply.status(400).send(new Error('Username not valid'));
+    }
+    if (!data.email || !regExp.email.test(data.email)) {
+        return reply.status(400).send(new Error('Email not valid'));
+    }
+    if (!password || !regExp.password.test(password)) {
+        return reply.status(400).send(new Error('Password not valid'));
+    }
+    if (!password2 || password2 !== password) {
+        return reply.status(400).send(new Error('Repeated password not match'));
+    }
+    let existings = await req.server['userManager'].retrieveUserByEmail(data.email);
+    if (existings) {
+        return reply.status(400).send(new Error('Email already registered'));
+    }
+    if ((data.requiredRoles || []).includes('admin')) {
+        existings = await req.server['userManager'].findQuery({ 'roles:in': 'admin' });
+        if (existings?.records?.length) {
+            return reply.status(400).send(new Error('User admin already registered'));
         }
-        return user;
-    });
+    }
+    const publicRole = global.roles?.public?.code || 'public';
+    data.roles = (data.requiredRoles || []).map((r) => global.roles[r]?.code).filter((r) => !!r);
+    if (!data.roles.includes(publicRole)) {
+        data.roles.push(publicRole);
+    }
+    const user = await req.server['userManager'].createUser({ ...data, password: password });
+    if (!user) {
+        return reply.status(400).send(new Error('User not registered'));
+    }
+    return user;
 }
-function unregister(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const { email, password } = req.data();
-        let user = yield req.server['userManager'].retrieveUserByPassword(email, password);
-        let isValid = yield req.server['userManager'].isValidUser(user);
-        if (!isValid) {
-            return reply.status(403).send(new Error('Wrong credentials'));
-        }
-        if (user.blocked) {
-            return reply.status(403).send(new Error('User blocked'));
-        }
-        user = yield req.server['userManager'].disableUserById(user.getId());
-        isValid = yield req.server['userManager'].isValidUser(user);
-        if (!isValid) {
-            return reply.status(400).send(new Error('User not valid'));
-        }
-        return { ok: true };
-    });
+export async function unregister(req, reply) {
+    const { email, password } = req.data();
+    let user = await req.server['userManager'].retrieveUserByPassword(email, password);
+    let isValid = await req.server['userManager'].isValidUser(user);
+    if (!isValid) {
+        return reply.status(403).send(new Error('Wrong credentials'));
+    }
+    if (user.blocked) {
+        return reply.status(403).send(new Error('User blocked'));
+    }
+    user = await req.server['userManager'].disableUserById(user.getId());
+    isValid = await req.server['userManager'].isValidUser(user);
+    if (!isValid) {
+        return reply.status(400).send(new Error('User not valid'));
+    }
+    return { ok: true };
 }
-function validatePassword(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const { password } = req.data();
-        if (!password) {
-            return reply.status(400).send(new Error('Password cannot be null'));
-        }
-        const match = regExp.password.test(password);
-        if (!match) {
-            return reply.status(400).send(new Error('Password is not valid'));
-        }
-        return { ok: match };
-    });
+export async function validatePassword(req, reply) {
+    const { password } = req.data();
+    if (!password) {
+        return reply.status(400).send(new Error('Password cannot be null'));
+    }
+    const match = regExp.password.test(password);
+    if (!match) {
+        return reply.status(400).send(new Error('Password is not valid'));
+    }
+    return { ok: match };
 }
-function changePassword(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const { email, oldPassword, newPassword1, newPassword2 } = req.data();
-        if (!req.server['userManager'].isImplemented()) {
-            throw new Error('Not implemented');
-        }
-        if (!newPassword1 || !regExp.password.test(newPassword1)) {
-            return reply.status(400).send(new Error('New password is not valid'));
-        }
-        if (!newPassword2 || newPassword2 !== newPassword1) {
-            return reply.status(400).send(new Error('Repeated new password not match'));
-        }
-        let user = yield req.server['userManager'].retrieveUserByPassword(email, oldPassword);
-        let isValid = yield req.server['userManager'].isValidUser(user);
-        if (!isValid) {
-            return reply.status(403).send(new Error('Wrong credentials'));
-        }
-        if (user.blocked) {
-            return reply.status(403).send(new Error('User blocked'));
-        }
-        user = yield req.server['userManager'].changePassword(email, newPassword1, oldPassword);
-        isValid = yield req.server['userManager'].isValidUser(user);
-        return { ok: isValid };
-    });
+export async function changePassword(req, reply) {
+    const { email, oldPassword, newPassword1, newPassword2 } = req.data();
+    if (!req.server['userManager'].isImplemented()) {
+        throw new Error('Not implemented');
+    }
+    if (!newPassword1 || !regExp.password.test(newPassword1)) {
+        return reply.status(400).send(new Error('New password is not valid'));
+    }
+    if (!newPassword2 || newPassword2 !== newPassword1) {
+        return reply.status(400).send(new Error('Repeated new password not match'));
+    }
+    let user = await req.server['userManager'].retrieveUserByPassword(email, oldPassword);
+    let isValid = await req.server['userManager'].isValidUser(user);
+    if (!isValid) {
+        return reply.status(403).send(new Error('Wrong credentials'));
+    }
+    if (user.blocked) {
+        return reply.status(403).send(new Error('User blocked'));
+    }
+    user = await req.server['userManager'].changePassword(email, newPassword1, oldPassword);
+    isValid = await req.server['userManager'].isValidUser(user);
+    return { ok: isValid };
 }
-function forgotPassword(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const { username, email } = req.data();
-        if (!req.server['userManager'].isImplemented()) {
-            throw new Error('Not implemented');
-        }
-        if (!username && (!email || (email && !regExp.email.test(email)))) {
-            return reply.status(400).send(new Error('Missing a valid user identifier'));
-        }
-        let user = null;
-        if (email) {
-            user = yield req.server['userManager'].retrieveUserByEmail(email);
-        }
-        else if (username) {
-            user = yield req.server['userManager'].retrieveUserByUsername(username);
-        }
-        let isValid = yield req.server['userManager'].isValidUser(user);
-        if (!isValid) {
-            return reply.status(403).send(new Error('Wrong credentials'));
-        }
-        if (user === null || user === void 0 ? void 0 : user.blocked) {
-            return reply.status(403).send(new Error('User blocked'));
-        }
-        user = yield req.server['userManager'].forgotPassword(user.email);
-        isValid = yield req.server['userManager'].isValidUser(user);
-        return { ok: isValid };
-    });
+export async function forgotPassword(req, reply) {
+    const { username, email } = req.data();
+    if (!req.server['userManager'].isImplemented()) {
+        throw new Error('Not implemented');
+    }
+    if (!username && (!email || (email && !regExp.email.test(email)))) {
+        return reply.status(400).send(new Error('Missing a valid user identifier'));
+    }
+    let user = null;
+    if (email) {
+        user = await req.server['userManager'].retrieveUserByEmail(email);
+    }
+    else if (username) {
+        user = await req.server['userManager'].retrieveUserByUsername(username);
+    }
+    let isValid = await req.server['userManager'].isValidUser(user);
+    if (!isValid) {
+        return reply.status(403).send(new Error('Wrong credentials'));
+    }
+    if (user?.blocked) {
+        return reply.status(403).send(new Error('User blocked'));
+    }
+    user = await req.server['userManager'].forgotPassword(user.email);
+    isValid = await req.server['userManager'].isValidUser(user);
+    return { ok: isValid };
 }
-function confirmEmail(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const { code } = req.data();
-        if (!code) {
-            return reply.status(400).send(new Error('Missing the confirm email token'));
-        }
-        let user = yield req.server['userManager'].retrieveUserByConfirmationToken(code);
-        let isValid = yield req.server['userManager'].isValidUser(user);
-        if (!isValid) {
-            return reply.status(403).send(new Error('Wrong credentials'));
-        }
-        if (user.blocked) {
-            return reply.status(403).send(new Error('User blocked'));
-        }
-        user = yield req.server['userManager'].userConfirmation(user);
-        isValid = yield req.server['userManager'].isValidUser(user);
-        return { ok: isValid };
-    });
+export async function confirmEmail(req, reply) {
+    const { code } = req.data();
+    if (!code) {
+        return reply.status(400).send(new Error('Missing the confirm email token'));
+    }
+    let user = await req.server['userManager'].retrieveUserByConfirmationToken(code);
+    let isValid = await req.server['userManager'].isValidUser(user);
+    if (!isValid) {
+        return reply.status(403).send(new Error('Wrong credentials'));
+    }
+    if (user.blocked) {
+        return reply.status(403).send(new Error('User blocked'));
+    }
+    user = await req.server['userManager'].userConfirmation(user);
+    isValid = await req.server['userManager'].isValidUser(user);
+    return { ok: isValid };
 }
-function resetPassword(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const { code, newPassword1, newPassword2 } = req.data();
-        if (!req.server['userManager'].isImplemented()) {
-            throw new Error('Not implemented');
-        }
-        if (!newPassword1 || !regExp.password.test(newPassword1)) {
-            return reply.status(400).send(new Error('New password not valid'));
-        }
-        if (!newPassword2 || newPassword2 !== newPassword1) {
-            return reply.status(400).send(new Error('Repeated new password not match'));
-        }
-        let user = yield req.server['userManager'].retrieveUserByResetPasswordToken(code);
-        let isValid = yield req.server['userManager'].isValidUser(user);
-        if (!isValid) {
-            return reply.status(403).send(new Error('Wrong credentials'));
-        }
-        if (user.blocked) {
-            return reply.status(403).send(new Error('User blocked'));
-        }
-        user = yield req.server['userManager'].resetPassword(user, newPassword1);
-        isValid = yield req.server['userManager'].isValidUser(user);
-        return { ok: isValid, user };
-    });
+export async function resetPassword(req, reply) {
+    const { code, newPassword1, newPassword2 } = req.data();
+    if (!req.server['userManager'].isImplemented()) {
+        throw new Error('Not implemented');
+    }
+    if (!newPassword1 || !regExp.password.test(newPassword1)) {
+        return reply.status(400).send(new Error('New password not valid'));
+    }
+    if (!newPassword2 || newPassword2 !== newPassword1) {
+        return reply.status(400).send(new Error('Repeated new password not match'));
+    }
+    let user = await req.server['userManager'].retrieveUserByResetPasswordToken(code);
+    let isValid = await req.server['userManager'].isValidUser(user);
+    if (!isValid) {
+        return reply.status(403).send(new Error('Wrong credentials'));
+    }
+    if (user.blocked) {
+        return reply.status(403).send(new Error('User blocked'));
+    }
+    user = await req.server['userManager'].resetPassword(user, newPassword1);
+    isValid = await req.server['userManager'].isValidUser(user);
+    return { ok: isValid, user };
 }
-function login(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        var _a, _b;
-        const { email, password } = req.data();
-        if (!req.server['userManager'].isImplemented()) {
-            throw new Error('Not implemented');
-        }
-        if (!email || !regExp.email.test(email)) {
-            return reply.status(400).send(new Error('Email not valid'));
-        }
-        if (!password || !regExp.password.test(password)) {
-            return reply.status(400).send(new Error('Password not valid'));
-        }
-        let user = yield req.server['userManager'].retrieveUserByPassword(email, password);
-        if (!user) {
-            return reply.status(403).send(new Error('Wrong credentials'));
-        }
-        const isValid = yield req.server['userManager'].isValidUser(user);
-        if (!isValid) {
-            return reply.status(403).send(new Error('Wrong credentials'));
-        }
-        if (!(user.confirmed === true)) {
-            return reply.status(403).send(new Error('User email unconfirmed'));
-        }
-        const isPasswordToBeChanged = req.server['userManager'].isPasswordToBeChanged(user);
-        if (isPasswordToBeChanged) {
-            return reply.status(403).send({ statusCode: 403, code: 'PASSWORD_TO_BE_CHANGED', message: 'Password is expired' });
-        }
-        if (user.blocked) {
-            return reply.status(403).send(new Error('User blocked'));
-        }
-        if (config.enable && config.options.reset_external_id_on_login) {
-            user = yield req.server['userManager'].resetExternalId(user.getId());
-        }
-        const token = yield reply.jwtSign({ sub: user.externalId });
-        const refreshToken = reply.server.jwt['refreshToken']
-            ? yield reply.server.jwt['refreshToken'].sign({ sub: user.externalId })
-            : undefined;
-        return Object.assign(Object.assign({}, user), { roles: (user.roles || [((_b = (_a = global.role) === null || _a === void 0 ? void 0 : _a.public) === null || _b === void 0 ? void 0 : _b.code) || 'public']).map((r) => (r === null || r === void 0 ? void 0 : r.code) || r), token: token, refreshToken });
-    });
+export async function login(req, reply) {
+    const { email, password } = req.data();
+    if (!req.server['userManager'].isImplemented()) {
+        throw new Error('Not implemented');
+    }
+    if (!email || !regExp.email.test(email)) {
+        return reply.status(400).send(new Error('Email not valid'));
+    }
+    if (!password || !regExp.password.test(password)) {
+        return reply.status(400).send(new Error('Password not valid'));
+    }
+    let user = await req.server['userManager'].retrieveUserByPassword(email, password);
+    if (!user) {
+        return reply.status(403).send(new Error('Wrong credentials'));
+    }
+    const isValid = await req.server['userManager'].isValidUser(user);
+    if (!isValid) {
+        return reply.status(403).send(new Error('Wrong credentials'));
+    }
+    if (!(user.confirmed === true)) {
+        return reply.status(403).send(new Error('User email unconfirmed'));
+    }
+    const isPasswordToBeChanged = req.server['userManager'].isPasswordToBeChanged(user);
+    if (isPasswordToBeChanged) {
+        return reply.status(403).send({ statusCode: 403, code: 'PASSWORD_TO_BE_CHANGED', message: 'Password is expired' });
+    }
+    if (user.blocked) {
+        return reply.status(403).send(new Error('User blocked'));
+    }
+    if (config.enable && config.options.reset_external_id_on_login) {
+        user = await req.server['userManager'].resetExternalId(user.getId());
+    }
+    const token = await reply.jwtSign({ sub: user.externalId });
+    const refreshToken = reply.server.jwt['refreshToken']
+        ? await reply.server.jwt['refreshToken'].sign({ sub: user.externalId })
+        : undefined;
+    return {
+        ...user,
+        roles: (user.roles || [global.role?.public?.code || 'public']).map((r) => r?.code || r),
+        token: token,
+        refreshToken
+    };
 }
-function refreshToken(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const { token, refreshToken } = req.data();
-        if (!req.server['userManager'].isImplemented()) {
-            throw new Error('Not implemented');
-        }
-        const tokenData = (yield reply.server.jwt.decode(token));
-        const minAccettable = Math.floor(Date.now() / 1000) - 2592000;
-        if ((tokenData === null || tokenData === void 0 ? void 0 : tokenData.sub) > 0 && (tokenData === null || tokenData === void 0 ? void 0 : tokenData.sub) > minAccettable) {
-            return reply.status(403).send(new Error('Token too old'));
-        }
-        const refreshTokenData = yield reply.server.jwt['refreshToken'].verify(refreshToken);
-        if ((tokenData === null || tokenData === void 0 ? void 0 : tokenData.sub) && (tokenData === null || tokenData === void 0 ? void 0 : tokenData.sub) !== (refreshTokenData === null || refreshTokenData === void 0 ? void 0 : refreshTokenData.sub)) {
-            return reply.status(403).send(new Error('Mismatched tokens'));
-        }
-        const user = yield req.server['userManager'].retrieveUserByExternalId(tokenData.sub);
-        const isValid = yield req.server['userManager'].isValidUser(user);
-        if (!isValid) {
-            return reply.status(403).send(new Error('Wrong refresh token'));
-        }
-        const newToken = yield reply.jwtSign({ sub: user.externalId });
-        return {
-            token: newToken
-        };
-    });
+export async function refreshToken(req, reply) {
+    const { token, refreshToken } = req.data();
+    if (!req.server['userManager'].isImplemented()) {
+        throw new Error('Not implemented');
+    }
+    const tokenData = (await reply.server.jwt.decode(token));
+    const minAccettable = Math.floor(Date.now() / 1000) - 2592000;
+    if (tokenData?.sub > 0 && tokenData?.sub > minAccettable) {
+        return reply.status(403).send(new Error('Token too old'));
+    }
+    const refreshTokenData = await reply.server.jwt['refreshToken'].verify(refreshToken);
+    if (tokenData?.sub && tokenData?.sub !== refreshTokenData?.sub) {
+        return reply.status(403).send(new Error('Mismatched tokens'));
+    }
+    const user = await req.server['userManager'].retrieveUserByExternalId(tokenData.sub);
+    const isValid = await req.server['userManager'].isValidUser(user);
+    if (!isValid) {
+        return reply.status(403).send(new Error('Wrong refresh token'));
+    }
+    const newToken = await reply.jwtSign({ sub: user.externalId });
+    return {
+        token: newToken
+    };
 }
-function invalidateTokens(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        let isValid = yield req.server['userManager'].isValidUser(req.user);
-        if (!req.user || !isValid) {
-            return reply.status(403).send(new Error('User not linked'));
-        }
-        const user = yield req.server['userManager'].resetExternalId(req.user.getId());
-        isValid = yield req.server['userManager'].isValidUser(user);
-        return { ok: isValid };
-    });
+export async function invalidateTokens(req, reply) {
+    let isValid = await req.server['userManager'].isValidUser(req.user);
+    if (!req.user || !isValid) {
+        return reply.status(403).send(new Error('User not linked'));
+    }
+    const user = await req.server['userManager'].resetExternalId(req.user.getId());
+    isValid = await req.server['userManager'].isValidUser(user);
+    return { ok: isValid };
 }
-function block(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        if (!req.server['userManager'].isImplemented()) {
-            throw new Error('Not implemented');
-        }
-        if (!req.hasRole(roles.admin) && !req.hasRole(roles.backoffice)) {
-            return reply.status(403).send({ statusCode: 403, code: 'ROLE_NOT_ALLOWED', message: 'Not allowed to block a user' });
-        }
-        const { id: userId } = req.parameters();
-        const { reason } = req.data();
-        let user = yield req.server['userManager'].blockUserById(userId, reason);
-        user = yield req.server['userManager'].resetExternalId(user.getId());
-        return { ok: !!user.getId() };
-    });
+export async function block(req, reply) {
+    if (!req.server['userManager'].isImplemented()) {
+        throw new Error('Not implemented');
+    }
+    if (!req.hasRole(roles.admin) && !req.hasRole(roles.backoffice)) {
+        return reply.status(403).send({ statusCode: 403, code: 'ROLE_NOT_ALLOWED', message: 'Not allowed to block a user' });
+    }
+    const { id: userId } = req.parameters();
+    const { reason } = req.data();
+    let user = await req.server['userManager'].blockUserById(userId, reason);
+    user = await req.server['userManager'].resetExternalId(user.getId());
+    return { ok: !!user.getId() };
 }
-function unblock(req, reply) {
-    return __awaiter(this, void 0, void 0, function* () {
-        if (!req.server['userManager'].isImplemented()) {
-            throw new Error('Not implemented');
-        }
-        if (!req.hasRole(roles.admin) && !req.hasRole(roles.backoffice)) {
-            return reply
-                .status(403)
-                .send({ statusCode: 403, code: 'ROLE_NOT_ALLOWED', message: 'Not allowed to unblock a user' });
-        }
-        const { id: userId } = req.parameters();
-        const user = yield req.server['userManager'].unblockUserById(userId);
-        return { ok: !!user.getId() };
-    });
+export async function unblock(req, reply) {
+    if (!req.server['userManager'].isImplemented()) {
+        throw new Error('Not implemented');
+    }
+    if (!req.hasRole(roles.admin) && !req.hasRole(roles.backoffice)) {
+        return reply
+            .status(403)
+            .send({ statusCode: 403, code: 'ROLE_NOT_ALLOWED', message: 'Not allowed to unblock a user' });
+    }
+    const { id: userId } = req.parameters();
+    const user = await req.server['userManager'].unblockUserById(userId);
+    return { ok: !!user.getId() };
 }
 //# sourceMappingURL=auth.js.map