@volcanicminds/backend 2.2.7 → 2.2.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +85 -22
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +100 -51
- package/dist/index.js.map +1 -1
- package/dist/lib/api/auth/controller/auth.d.ts +10 -0
- package/dist/lib/api/auth/controller/auth.d.ts.map +1 -1
- package/dist/lib/api/auth/controller/auth.js +26 -4
- package/dist/lib/api/auth/controller/auth.js.map +1 -1
- package/dist/lib/api/token/controller/token.d.ts +1 -1
- package/dist/lib/api/token/controller/token.d.ts.map +1 -1
- package/dist/lib/api/token/controller/token.js +7 -5
- package/dist/lib/api/token/controller/token.js.map +1 -1
- package/dist/lib/api/users/controller/user.d.ts +2 -2
- package/dist/lib/api/users/controller/user.d.ts.map +1 -1
- package/dist/lib/api/users/controller/user.js +14 -4
- package/dist/lib/api/users/controller/user.js.map +1 -1
- package/dist/lib/apollo/resolvers.d.ts +1 -1
- package/dist/lib/apollo/resolvers.d.ts.map +1 -1
- package/dist/lib/apollo/resolvers.js +1 -1
- package/dist/lib/apollo/resolvers.js.map +1 -1
- package/dist/lib/config/general.d.ts +1 -0
- package/dist/lib/config/general.d.ts.map +1 -1
- package/dist/lib/config/general.js +2 -1
- package/dist/lib/config/general.js.map +1 -1
- package/dist/lib/hooks/onError.d.ts +1 -1
- package/dist/lib/hooks/onError.d.ts.map +1 -1
- package/dist/lib/hooks/onError.js +5 -3
- package/dist/lib/hooks/onError.js.map +1 -1
- package/dist/lib/hooks/onRequest.d.ts.map +1 -1
- package/dist/lib/hooks/onRequest.js +18 -2
- package/dist/lib/hooks/onRequest.js.map +1 -1
- package/dist/lib/hooks/onResponse.d.ts.map +1 -1
- package/dist/lib/hooks/onResponse.js +9 -1
- package/dist/lib/hooks/onResponse.js.map +1 -1
- package/dist/lib/loader/general.js +4 -2
- package/dist/lib/loader/general.js.map +1 -1
- package/dist/lib/loader/hooks.d.ts.map +1 -1
- package/dist/lib/loader/hooks.js +8 -4
- package/dist/lib/loader/hooks.js.map +1 -1
- package/dist/lib/loader/plugins.d.ts.map +1 -1
- package/dist/lib/loader/plugins.js +6 -3
- package/dist/lib/loader/plugins.js.map +1 -1
- package/dist/lib/loader/roles.js +4 -2
- package/dist/lib/loader/roles.js.map +1 -1
- package/dist/lib/loader/router.d.ts.map +1 -1
- package/dist/lib/loader/router.js +31 -16
- package/dist/lib/loader/router.js.map +1 -1
- package/dist/lib/loader/schedules.d.ts.map +1 -1
- package/dist/lib/loader/schedules.js +19 -10
- package/dist/lib/loader/schedules.js.map +1 -1
- package/dist/lib/loader/schemas.d.ts.map +1 -1
- package/dist/lib/loader/schemas.js +18 -9
- package/dist/lib/loader/schemas.js.map +1 -1
- package/dist/lib/loader/tracking.d.ts.map +1 -1
- package/dist/lib/loader/tracking.js +6 -3
- package/dist/lib/loader/tracking.js.map +1 -1
- package/dist/lib/loader/translation.d.ts.map +1 -1
- package/dist/lib/loader/translation.js.map +1 -1
- package/dist/lib/middleware/isAdmin.d.ts.map +1 -1
- package/dist/lib/middleware/isAdmin.js +2 -1
- package/dist/lib/middleware/isAdmin.js.map +1 -1
- package/dist/lib/middleware/isAuthenticated.d.ts.map +1 -1
- package/dist/lib/middleware/isAuthenticated.js +3 -2
- package/dist/lib/middleware/isAuthenticated.js.map +1 -1
- package/dist/lib/middleware/preAuth.d.ts +1 -1
- package/dist/lib/middleware/preAuth.d.ts.map +1 -1
- package/dist/lib/middleware/preAuth.js +1 -1
- package/dist/lib/middleware/preAuth.js.map +1 -1
- package/dist/lib/middleware/preForgotPasswordHandler.d.ts +1 -1
- package/dist/lib/middleware/preForgotPasswordHandler.d.ts.map +1 -1
- package/dist/lib/middleware/preForgotPasswordHandler.js +1 -1
- package/dist/lib/middleware/preForgotPasswordHandler.js.map +1 -1
- package/dist/lib/schemas/auth.d.ts +3 -0
- package/dist/lib/schemas/auth.d.ts.map +1 -1
- package/dist/lib/schemas/auth.js +1 -0
- package/dist/lib/schemas/auth.js.map +1 -1
- package/dist/lib/util/common.d.ts.map +1 -1
- package/dist/lib/util/common.js.map +1 -1
- package/dist/lib/util/errors.d.ts.map +1 -1
- package/dist/lib/util/errors.js.map +1 -1
- package/dist/lib/util/logger.js +1 -1
- package/dist/lib/util/logger.js.map +1 -1
- package/dist/lib/util/mark.d.ts.map +1 -1
- package/dist/lib/util/mark.js +34 -17
- package/dist/lib/util/mark.js.map +1 -1
- package/dist/lib/util/regexp.d.ts.map +1 -1
- package/dist/lib/util/regexp.js +3 -3
- package/dist/lib/util/regexp.js.map +1 -1
- package/dist/lib/util/tracker.d.ts +2 -2
- package/dist/lib/util/tracker.d.ts.map +1 -1
- package/dist/lib/util/tracker.js +6 -4
- package/dist/lib/util/tracker.js.map +1 -1
- package/dist/lib/util/yn.d.ts.map +1 -1
- package/dist/lib/util/yn.js.map +1 -1
- package/dist/server.js.map +1 -1
- package/lib/api/auth/controller/auth.ts +36 -4
- package/lib/api/token/controller/token.ts +7 -5
- package/lib/api/users/controller/user.ts +17 -4
- package/lib/apollo/resolvers.ts +2 -1
- package/lib/config/general.ts +2 -1
- package/lib/hooks/onError.ts +4 -3
- package/lib/hooks/onRequest.ts +21 -14
- package/lib/hooks/onResponse.ts +10 -4
- package/lib/loader/general.ts +2 -2
- package/lib/loader/hooks.ts +6 -4
- package/lib/loader/plugins.ts +4 -3
- package/lib/loader/roles.ts +2 -2
- package/lib/loader/router.ts +21 -24
- package/lib/loader/schedules.ts +23 -26
- package/lib/loader/schemas.ts +10 -9
- package/lib/loader/tracking.ts +4 -3
- package/lib/loader/translation.ts +2 -0
- package/lib/middleware/isAdmin.ts +2 -1
- package/lib/middleware/isAuthenticated.ts +3 -2
- package/lib/middleware/preAuth.ts +1 -1
- package/lib/middleware/preForgotPasswordHandler.ts +1 -1
- package/lib/schemas/auth.ts +1 -0
- package/lib/util/common.ts +1 -0
- package/lib/util/errors.ts +1 -0
- package/lib/util/logger.ts +1 -1
- package/lib/util/mark.ts +18 -17
- package/lib/util/regexp.ts +3 -3
- package/lib/util/tracker.ts +6 -4
- package/lib/util/yn.ts +1 -0
- package/package.json +11 -2
package/README.md
CHANGED
|
@@ -41,6 +41,8 @@ And, what you see in [package.json](package.json).
|
|
|
41
41
|
npm install @volcanicminds/backend
|
|
42
42
|
```
|
|
43
43
|
|
|
44
|
+
````
|
|
45
|
+
|
|
44
46
|
For database interactions, it is highly recommended to also install the companion package:
|
|
45
47
|
|
|
46
48
|
```sh
|
|
@@ -176,6 +178,9 @@ SWAGGER_HOST=myawesome.backend.com
|
|
|
176
178
|
SWAGGER_TITLE=API Documentation
|
|
177
179
|
SWAGGER_DESCRIPTION=List of available APIs and schemas to use
|
|
178
180
|
SWAGGER_VERSION=0.1.0
|
|
181
|
+
|
|
182
|
+
# MFA
|
|
183
|
+
MFA_POLICY=OPTIONAL
|
|
179
184
|
```
|
|
180
185
|
|
|
181
186
|
For docker may be useful set HOST as 0.0.0.0 (instead 127.0.0.1).
|
|
@@ -205,28 +210,31 @@ Refer to jest for more options.
|
|
|
205
210
|
|
|
206
211
|
The framework is configured via `.env` variables. Below is a comprehensive list:
|
|
207
212
|
|
|
208
|
-
| Variable
|
|
209
|
-
|
|
|
210
|
-
| `NODE_ENV`
|
|
211
|
-
| `HOST`
|
|
212
|
-
| `PORT`
|
|
213
|
-
| `JWT_SECRET`
|
|
214
|
-
| `JWT_EXPIRES_IN`
|
|
215
|
-
| `JWT_REFRESH`
|
|
216
|
-
| `JWT_REFRESH_SECRET`
|
|
217
|
-
| `JWT_REFRESH_EXPIRES_IN`
|
|
218
|
-
| `LOG_LEVEL`
|
|
219
|
-
| `LOG_COLORIZE`
|
|
220
|
-
| `LOG_TIMESTAMP`
|
|
221
|
-
| `LOG_TIMESTAMP_READABLE`
|
|
222
|
-
| `LOG_FASTIFY`
|
|
223
|
-
| `GRAPHQL`
|
|
224
|
-
| `SWAGGER`
|
|
225
|
-
| `SWAGGER_HOST`
|
|
226
|
-
| `SWAGGER_TITLE`
|
|
227
|
-
| `SWAGGER_DESCRIPTION`
|
|
228
|
-
| `SWAGGER_VERSION`
|
|
229
|
-
| `SWAGGER_PREFIX_URL`
|
|
213
|
+
| Variable | Description | Required | Default |
|
|
214
|
+
| ------------------------------ | ----------------------------------------------------------------------- | :------: | ------------------- |
|
|
215
|
+
| `NODE_ENV` | The application environment. | No | `development` |
|
|
216
|
+
| `HOST` | The host address for the server to listen on. Use `0.0.0.0` for Docker. | No | `0.0.0.0` |
|
|
217
|
+
| `PORT` | The port for the server to listen on. | No | `2230` |
|
|
218
|
+
| `JWT_SECRET` | Secret key for signing JWTs. | **Yes** | |
|
|
219
|
+
| `JWT_EXPIRES_IN` | Expiration time for JWTs (e.g., `5d`, `12h`). | No | `5d` |
|
|
220
|
+
| `JWT_REFRESH` | Enable refresh tokens. | No | `true` |
|
|
221
|
+
| `JWT_REFRESH_SECRET` | Secret key for signing refresh tokens. | **Yes**¹ | |
|
|
222
|
+
| `JWT_REFRESH_EXPIRES_IN` | Expiration time for refresh tokens. | No | `180d` |
|
|
223
|
+
| `LOG_LEVEL` | Logging verbosity (`trace`, `debug`, `info`, `warn`, `error`, `fatal`). | No | `info` |
|
|
224
|
+
| `LOG_COLORIZE` | Enable colorized log output. | No | `true` |
|
|
225
|
+
| `LOG_TIMESTAMP` | Enable timestamps in logs. | No | `true` |
|
|
226
|
+
| `LOG_TIMESTAMP_READABLE` | Use a human-readable timestamp format. | No | `true` |
|
|
227
|
+
| `LOG_FASTIFY` | Enable Fastify's built-in logger. | No | `false` |
|
|
228
|
+
| `GRAPHQL` | Enable the Apollo Server for GraphQL. | No | `false` |
|
|
229
|
+
| `SWAGGER` | Enable Swagger/OpenAPI documentation. | No | `true` |
|
|
230
|
+
| `SWAGGER_HOST` | The base URL for the API, used in Swagger docs. | No | `localhost:2230` |
|
|
231
|
+
| `SWAGGER_TITLE` | The title of the API documentation. | No | `API Documentation` |
|
|
232
|
+
| `SWAGGER_DESCRIPTION` | The description for the API documentation. | No | |
|
|
233
|
+
| `SWAGGER_VERSION` | The version of the API. | No | `0.1.0` |
|
|
234
|
+
| `SWAGGER_PREFIX_URL` | The path where Swagger UI is available. | No | `/api-docs` |
|
|
235
|
+
| `MFA_POLICY` | MFA Security Policy (`OPTIONAL`, `MANDATORY`, `ONE_WAY`) | No | `OPTIONAL` |
|
|
236
|
+
| `MFA_ADMIN_FORCED_RESET_EMAIL` | Admin email for emergency MFA reset | No | |
|
|
237
|
+
| `MFA_ADMIN_FORCED_RESET_UNTIL` | ISO Date string until which the reset is active | No | |
|
|
230
238
|
|
|
231
239
|
¹ Required if `JWT_REFRESH` is enabled.
|
|
232
240
|
|
|
@@ -685,6 +693,60 @@ export default {
|
|
|
685
693
|
}
|
|
686
694
|
```
|
|
687
695
|
|
|
696
|
+
## Multi-Factor Authentication (MFA)
|
|
697
|
+
|
|
698
|
+
The framework provides a robust, built-in Multi-Factor Authentication system based on TOTP (Time-Based One-Time Password). It is designed with a "Gatekeeper" architecture that isolates pending verifications using temporary tokens.
|
|
699
|
+
|
|
700
|
+
### Configuration
|
|
701
|
+
|
|
702
|
+
MFA behavior is controlled via Environment Variables or `src/config/general.ts`:
|
|
703
|
+
|
|
704
|
+
```ts
|
|
705
|
+
// src/config/general.ts
|
|
706
|
+
export default {
|
|
707
|
+
name: 'general',
|
|
708
|
+
enable: true,
|
|
709
|
+
options: {
|
|
710
|
+
// ...
|
|
711
|
+
mfa_policy: process.env.MFA_POLICY || 'OPTIONAL' // 'OPTIONAL' | 'MANDATORY' | 'ONE_WAY'
|
|
712
|
+
}
|
|
713
|
+
}
|
|
714
|
+
```
|
|
715
|
+
|
|
716
|
+
### MFA Policies
|
|
717
|
+
|
|
718
|
+
- **OPTIONAL** (Default): Users can choose to enable or disable MFA from their profile.
|
|
719
|
+
- **MANDATORY**: MFA is enforced for all users.
|
|
720
|
+
- If a user has not set up MFA yet, upon login, they receive a `202 Accepted` response with a temporary token and must complete the setup to proceed.
|
|
721
|
+
- Users cannot disable MFA.
|
|
722
|
+
- **ONE_WAY**: MFA is optional to start with, but once enabled, the user cannot disable it themselves. Only an admin can reset it.
|
|
723
|
+
|
|
724
|
+
### Security Architecture
|
|
725
|
+
|
|
726
|
+
When MFA is required (either because it's enabled for the user or the policy is MANDATORY), the login endpoint does **not** return a standard access token.
|
|
727
|
+
|
|
728
|
+
1. **Temporary Token**: Returns a JWT with a specific role: `pre-auth-mfa`.
|
|
729
|
+
2. **Gatekeeper**: Middleware automatically blocks any request made with a `pre-auth-mfa` token, **except** for specific whitelisted routes:
|
|
730
|
+
- `/auth/mfa/setup`
|
|
731
|
+
- `/auth/mfa/enable`
|
|
732
|
+
- `/auth/mfa/verify`
|
|
733
|
+
- `/auth/logout`
|
|
734
|
+
3. **Verification**: Only after successfully calling `/auth/mfa/verify` (or `enable` during setup) does the server issue the final, fully privileged Access Token.
|
|
735
|
+
|
|
736
|
+
### Emergency Admin Reset
|
|
737
|
+
|
|
738
|
+
If an administrator loses their MFA device and cannot log in, a filesystem/env-based emergency reset mechanism is available. This configuration is **only** available via Environment Variables to ensure security and easy rotation in production environments.
|
|
739
|
+
|
|
740
|
+
1. Set the environment variables in your server configuration (e.g., `.env` or Docker config):
|
|
741
|
+
```bash
|
|
742
|
+
MFA_ADMIN_FORCED_RESET_EMAIL=admin@company.com
|
|
743
|
+
MFA_ADMIN_FORCED_RESET_UNTIL=2025-12-31T18:30:00.000Z # A timestamp slightly in the future
|
|
744
|
+
```
|
|
745
|
+
2. Restart the server.
|
|
746
|
+
|
|
747
|
+
On startup, the server will check these variables. If the email matches an existing user and the current time is before the `UNTIL` timestamp, it will forcibly disable MFA for that specific user, allowing a standard login.
|
|
748
|
+
**Important:** Remove these variables after the reset is complete to avoid security risks.
|
|
749
|
+
|
|
688
750
|
## Disable embedded authorization
|
|
689
751
|
|
|
690
752
|
Out-of-the-box, the framework automatically secures all routes by checking for a valid (Bearer) JWT token if roles are defined for that route. However, if you want to disable this automatic authorization check and handle it manually within your controllers or middleware, you can do so by setting the `embedded_auth` option to `false`.
|
|
@@ -948,3 +1010,4 @@ A simple note: in the example below, you can see rawBody enabled on the `/exampl
|
|
|
948
1010
|
}
|
|
949
1011
|
}
|
|
950
1012
|
```
|
|
1013
|
+
````
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAGjC,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAA;AAWtD,OAAO,OAA4B,MAAM,SAAS,CAAA;AAqIlD,QAAA,MAAM,KAAK,GAAU,eAAe,6NAyRnC,CAAA;AAED,YAAY,EACV,MAAM,EACN,YAAY,EACZ,cAAc,EACd,iBAAiB,EACjB,kBAAkB,EAClB,IAAI,EACJ,IAAI,EACJ,KAAK,EACL,KAAK,EACL,WAAW,EACX,eAAe,EACf,cAAc,EACd,eAAe,EACf,kBAAkB,EAClB,aAAa,EACb,WAAW,EACZ,MAAM,mBAAmB,CAAA;AAE1B,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
import dotenv from 'dotenv';
|
|
3
3
|
dotenv.config();
|
|
4
|
+
import dayjs from 'dayjs';
|
|
4
5
|
import yn from './lib/util/yn.js';
|
|
5
6
|
import logger from './lib/util/logger.js';
|
|
6
7
|
import * as mark from './lib/util/mark.js';
|
|
@@ -68,8 +69,9 @@ async function addFastifySwagger(server) {
|
|
|
68
69
|
try {
|
|
69
70
|
content = fs.readFileSync(logoPath, { encoding: 'base64' });
|
|
70
71
|
}
|
|
71
|
-
catch (
|
|
72
|
-
log.w
|
|
72
|
+
catch (_e) {
|
|
73
|
+
if (log.w)
|
|
74
|
+
log.warn('Swagger logo not found at ' + logoPath);
|
|
73
75
|
}
|
|
74
76
|
await server.register(swagger, {
|
|
75
77
|
swagger: {
|
|
@@ -137,7 +139,6 @@ const start = async (decorators = {}) => {
|
|
|
137
139
|
const { tracking, trackingConfig } = await loaderTracking.load();
|
|
138
140
|
global.tracking = tracking;
|
|
139
141
|
global.trackingConfig = trackingConfig;
|
|
140
|
-
const opts = yn(process.env.LOG_FASTIFY, false) ? { logger: { development: logger } } : { logger: true };
|
|
141
142
|
const server = fastify();
|
|
142
143
|
global.server = server;
|
|
143
144
|
const { HOST: host = '0.0.0.0', PORT: port = '2230', GRAPHQL } = process.env;
|
|
@@ -145,8 +146,10 @@ const start = async (decorators = {}) => {
|
|
|
145
146
|
const loadRefreshJWT = yn(JWT_REFRESH, true);
|
|
146
147
|
const loadApollo = yn(GRAPHQL, false);
|
|
147
148
|
const plugins = await loaderPlugins.load();
|
|
148
|
-
|
|
149
|
-
|
|
149
|
+
if (plugins?.rawBody)
|
|
150
|
+
await server.register(rawBody, plugins.rawBody || {});
|
|
151
|
+
if (!loadApollo && plugins?.helmet)
|
|
152
|
+
await server.register(helmet, plugins.helmet || {});
|
|
150
153
|
if (plugins?.rateLimit) {
|
|
151
154
|
await server.register(rateLimit, plugins.rateLimit || {});
|
|
152
155
|
server.setNotFoundHandler({
|
|
@@ -154,14 +157,18 @@ const start = async (decorators = {}) => {
|
|
|
154
157
|
max: 30,
|
|
155
158
|
timeWindow: 30000
|
|
156
159
|
})
|
|
157
|
-
}, function (
|
|
160
|
+
}, function (_req, reply) {
|
|
158
161
|
reply.code(404).send();
|
|
159
162
|
});
|
|
160
163
|
}
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
164
|
+
if (plugins?.multipart)
|
|
165
|
+
await server.register(multipart, plugins.multipart || {});
|
|
166
|
+
if (plugins?.cors)
|
|
167
|
+
await server.register(cors, plugins.cors || {});
|
|
168
|
+
if (plugins?.compress)
|
|
169
|
+
await server.register(compress, plugins.compress || {});
|
|
170
|
+
if (log.t)
|
|
171
|
+
log.trace(`Add JWT - expiresIn: ${JWT_EXPIRES_IN}`);
|
|
165
172
|
await server.register(jwtValidator, {
|
|
166
173
|
secret: JWT_SECRET,
|
|
167
174
|
sign: { expiresIn: JWT_EXPIRES_IN }
|
|
@@ -184,79 +191,82 @@ const start = async (decorators = {}) => {
|
|
|
184
191
|
isImplemented() {
|
|
185
192
|
return false;
|
|
186
193
|
},
|
|
187
|
-
isValidUser(
|
|
194
|
+
isValidUser(_data) {
|
|
188
195
|
throw new Error('Not implemented.');
|
|
189
196
|
},
|
|
190
|
-
createUser(
|
|
197
|
+
createUser(_data) {
|
|
191
198
|
throw new Error('Not implemented.');
|
|
192
199
|
},
|
|
193
|
-
deleteUser(
|
|
200
|
+
deleteUser(_data) {
|
|
194
201
|
throw new Error('Not implemented.');
|
|
195
202
|
},
|
|
196
|
-
resetExternalId(
|
|
203
|
+
resetExternalId(_data) {
|
|
197
204
|
throw new Error('Not implemented.');
|
|
198
205
|
},
|
|
199
|
-
updateUserById(
|
|
206
|
+
updateUserById(_id, _user) {
|
|
200
207
|
throw new Error('Not implemented.');
|
|
201
208
|
},
|
|
202
|
-
retrieveUserById(
|
|
209
|
+
retrieveUserById(_id) {
|
|
203
210
|
throw new Error('Not implemented.');
|
|
204
211
|
},
|
|
205
|
-
retrieveUserByEmail(
|
|
212
|
+
retrieveUserByEmail(_email) {
|
|
206
213
|
throw new Error('Not implemented.');
|
|
207
214
|
},
|
|
208
|
-
retrieveUserByConfirmationToken(
|
|
215
|
+
retrieveUserByConfirmationToken(_code) {
|
|
209
216
|
throw new Error('Not implemented.');
|
|
210
217
|
},
|
|
211
|
-
retrieveUserByResetPasswordToken(
|
|
218
|
+
retrieveUserByResetPasswordToken(_code) {
|
|
212
219
|
throw new Error('Not implemented.');
|
|
213
220
|
},
|
|
214
|
-
retrieveUserByUsername(
|
|
221
|
+
retrieveUserByUsername(_username) {
|
|
215
222
|
throw new Error('Not implemented.');
|
|
216
223
|
},
|
|
217
|
-
retrieveUserByExternalId(
|
|
224
|
+
retrieveUserByExternalId(_externalId) {
|
|
218
225
|
throw new Error('Not implemented.');
|
|
219
226
|
},
|
|
220
|
-
retrieveUserByPassword(
|
|
227
|
+
retrieveUserByPassword(_email, _password) {
|
|
221
228
|
throw new Error('Not implemented.');
|
|
222
229
|
},
|
|
223
|
-
changePassword(
|
|
230
|
+
changePassword(_email, _password, _oldPassword) {
|
|
224
231
|
throw new Error('Not implemented.');
|
|
225
232
|
},
|
|
226
|
-
forgotPassword(
|
|
233
|
+
forgotPassword(_email) {
|
|
227
234
|
throw new Error('Not implemented.');
|
|
228
235
|
},
|
|
229
|
-
userConfirmation(
|
|
236
|
+
userConfirmation(_user) {
|
|
230
237
|
throw new Error('Not implemented.');
|
|
231
238
|
},
|
|
232
|
-
resetPassword(
|
|
239
|
+
resetPassword(_user, _password) {
|
|
233
240
|
throw new Error('Not implemented.');
|
|
234
241
|
},
|
|
235
|
-
blockUserById(
|
|
242
|
+
blockUserById(_id, _reason) {
|
|
236
243
|
throw new Error('Not implemented.');
|
|
237
244
|
},
|
|
238
|
-
unblockUserById(
|
|
245
|
+
unblockUserById(_data) {
|
|
239
246
|
throw new Error('Not implemented.');
|
|
240
247
|
},
|
|
241
|
-
countQuery(
|
|
248
|
+
countQuery(_data) {
|
|
242
249
|
throw new Error('Not implemented.');
|
|
243
250
|
},
|
|
244
|
-
findQuery(
|
|
251
|
+
findQuery(_data) {
|
|
245
252
|
throw new Error('Not implemented.');
|
|
246
253
|
},
|
|
247
|
-
disableUserById(
|
|
254
|
+
disableUserById(_id) {
|
|
248
255
|
throw new Error('Not implemented.');
|
|
249
256
|
},
|
|
250
|
-
saveMfaSecret(
|
|
257
|
+
saveMfaSecret(_userId, _secret) {
|
|
251
258
|
throw new Error('Not implemented.');
|
|
252
259
|
},
|
|
253
|
-
retrieveMfaSecret(
|
|
260
|
+
retrieveMfaSecret(_userId) {
|
|
254
261
|
throw new Error('Not implemented.');
|
|
255
262
|
},
|
|
256
|
-
enableMfa(
|
|
263
|
+
enableMfa(_userId) {
|
|
257
264
|
throw new Error('Not implemented.');
|
|
258
265
|
},
|
|
259
|
-
disableMfa(
|
|
266
|
+
disableMfa(_userId) {
|
|
267
|
+
throw new Error('Not implemented.');
|
|
268
|
+
},
|
|
269
|
+
forceDisableMfaForAdmin(_email) {
|
|
260
270
|
throw new Error('Not implemented.');
|
|
261
271
|
}
|
|
262
272
|
},
|
|
@@ -264,37 +274,37 @@ const start = async (decorators = {}) => {
|
|
|
264
274
|
isImplemented() {
|
|
265
275
|
return false;
|
|
266
276
|
},
|
|
267
|
-
isValidToken(
|
|
277
|
+
isValidToken(_data) {
|
|
268
278
|
throw new Error('Not implemented.');
|
|
269
279
|
},
|
|
270
|
-
createToken(
|
|
280
|
+
createToken(_data) {
|
|
271
281
|
throw new Error('Not implemented.');
|
|
272
282
|
},
|
|
273
|
-
resetExternalId(
|
|
283
|
+
resetExternalId(_id) {
|
|
274
284
|
throw new Error('Not implemented.');
|
|
275
285
|
},
|
|
276
|
-
updateTokenById(
|
|
286
|
+
updateTokenById(_id, _token) {
|
|
277
287
|
throw new Error('Not implemented.');
|
|
278
288
|
},
|
|
279
|
-
retrieveTokenById(
|
|
289
|
+
retrieveTokenById(_id) {
|
|
280
290
|
throw new Error('Not implemented.');
|
|
281
291
|
},
|
|
282
|
-
retrieveTokenByExternalId(
|
|
292
|
+
retrieveTokenByExternalId(_id) {
|
|
283
293
|
throw new Error('Not implemented.');
|
|
284
294
|
},
|
|
285
|
-
blockTokenById(
|
|
295
|
+
blockTokenById(_id, _reason) {
|
|
286
296
|
throw new Error('Not implemented.');
|
|
287
297
|
},
|
|
288
|
-
unblockTokenById(
|
|
298
|
+
unblockTokenById(_id) {
|
|
289
299
|
throw new Error('Not implemented.');
|
|
290
300
|
},
|
|
291
|
-
countQuery(
|
|
301
|
+
countQuery(_data) {
|
|
292
302
|
throw new Error('Not implemented.');
|
|
293
303
|
},
|
|
294
|
-
findQuery(
|
|
304
|
+
findQuery(_data) {
|
|
295
305
|
throw new Error('Not implemented.');
|
|
296
306
|
},
|
|
297
|
-
removeTokenById(
|
|
307
|
+
removeTokenById(_id) {
|
|
298
308
|
throw new Error('Not implemented.');
|
|
299
309
|
}
|
|
300
310
|
},
|
|
@@ -305,18 +315,18 @@ const start = async (decorators = {}) => {
|
|
|
305
315
|
synchronizeSchemas() {
|
|
306
316
|
throw new Error('Not implemented.');
|
|
307
317
|
},
|
|
308
|
-
retrieveBy(
|
|
318
|
+
retrieveBy(_entityName, _entityId) {
|
|
309
319
|
throw new Error('Not implemented.');
|
|
310
320
|
},
|
|
311
|
-
addChange(
|
|
321
|
+
addChange(_entityName, _entityId, _status, _userId, _contents, _changeEntity) {
|
|
312
322
|
throw new Error('Not implemented.');
|
|
313
323
|
}
|
|
314
324
|
},
|
|
315
325
|
mfaManager: {
|
|
316
|
-
generateSetup(
|
|
326
|
+
generateSetup(_appName, _email) {
|
|
317
327
|
throw new Error('Not implemented.');
|
|
318
328
|
},
|
|
319
|
-
verify(
|
|
329
|
+
verify(_token, _secret) {
|
|
320
330
|
throw new Error('Not implemented.');
|
|
321
331
|
}
|
|
322
332
|
},
|
|
@@ -325,6 +335,44 @@ const start = async (decorators = {}) => {
|
|
|
325
335
|
await Promise.all(Object.keys(decorators || {}).map(async (key) => {
|
|
326
336
|
await server.decorate(key, decorators[key]);
|
|
327
337
|
}));
|
|
338
|
+
const resetEmail = process.env.MFA_ADMIN_FORCED_RESET_EMAIL;
|
|
339
|
+
const resetUntil = process.env.MFA_ADMIN_FORCED_RESET_UNTIL;
|
|
340
|
+
if (resetEmail && resetUntil) {
|
|
341
|
+
const now = dayjs();
|
|
342
|
+
const untilDate = dayjs(resetUntil);
|
|
343
|
+
if (untilDate.isValid()) {
|
|
344
|
+
const diffMinutes = untilDate.diff(now, 'minute');
|
|
345
|
+
if (diffMinutes < 0) {
|
|
346
|
+
if (log.i)
|
|
347
|
+
log.info('Startup: MFA Admin Reset window expired. Ignoring.');
|
|
348
|
+
}
|
|
349
|
+
else if (diffMinutes > 10) {
|
|
350
|
+
if (log.f)
|
|
351
|
+
log.fatal(`Startup Error: MFA_ADMIN_FORCED_RESET_UNTIL is too far in the future (>10 min). Fix configuration.`);
|
|
352
|
+
process.exit(1);
|
|
353
|
+
}
|
|
354
|
+
else {
|
|
355
|
+
if (log.w)
|
|
356
|
+
log.warn(`Startup: executing FORCE MFA RESET for admin ${resetEmail}`);
|
|
357
|
+
try {
|
|
358
|
+
if (server['userManager'] && server['userManager'].isImplemented()) {
|
|
359
|
+
await server['userManager'].forceDisableMfaForAdmin(resetEmail);
|
|
360
|
+
if (log.w)
|
|
361
|
+
log.warn(`Startup: MFA RESET SUCCESSFUL for ${resetEmail}`);
|
|
362
|
+
}
|
|
363
|
+
else {
|
|
364
|
+
if (log.e)
|
|
365
|
+
log.error('Startup: userManager not found or not implemented, cannot reset MFA');
|
|
366
|
+
}
|
|
367
|
+
}
|
|
368
|
+
catch (e) {
|
|
369
|
+
const message = e instanceof Error ? e.message : String(e);
|
|
370
|
+
if (log.e)
|
|
371
|
+
log.error(`Startup: MFA RESET FAILED: ${message}`);
|
|
372
|
+
}
|
|
373
|
+
}
|
|
374
|
+
}
|
|
375
|
+
}
|
|
328
376
|
await server
|
|
329
377
|
.listen({
|
|
330
378
|
port: Number(port),
|
|
@@ -335,7 +383,8 @@ const start = async (decorators = {}) => {
|
|
|
335
383
|
log.info(`All stuff loaded in ${elapsed} sec`);
|
|
336
384
|
log.info(`Server ready 🚀 at ${address}`);
|
|
337
385
|
const loadSwagger = yn(process.env.SWAGGER, false);
|
|
338
|
-
|
|
386
|
+
if (loadSwagger)
|
|
387
|
+
log.info(`Swagger ready ✨ at ${address}${process.env.SWAGGER_PREFIX_URL || '/api-docs'}`);
|
|
339
388
|
});
|
|
340
389
|
await loaderSchedules.start(server, schedules);
|
|
341
390
|
return server;
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAAA,YAAY,CAAA;AAEZ,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,MAAM,CAAC,MAAM,EAAE,CAAA;AAEf,OAAO,EAAE,MAAM,kBAAkB,CAAA;AACjC,OAAO,MAAM,MAAM,sBAAsB,CAAA;AACzC,OAAO,KAAK,IAAI,MAAM,oBAAoB,CAAA;AAC1C,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAA;AACtD,OAAO,KAAK,aAAa,MAAM,yBAAyB,CAAA;AACxD,OAAO,KAAK,WAAW,MAAM,uBAAuB,CAAA;AACpD,OAAO,KAAK,YAAY,MAAM,wBAAwB,CAAA;AACtD,OAAO,KAAK,WAAW,MAAM,uBAAuB,CAAA;AACpD,OAAO,KAAK,aAAa,MAAM,yBAAyB,CAAA;AACxD,OAAO,KAAK,cAAc,MAAM,0BAA0B,CAAA;AAC1D,OAAO,KAAK,iBAAiB,MAAM,6BAA6B,CAAA;AAChE,OAAO,KAAK,YAAY,MAAM,yBAAyB,CAAA;AACvD,OAAO,KAAK,eAAe,MAAM,2BAA2B,CAAA;AAE5D,OAAO,OAA4B,MAAM,SAAS,CAAA;AAClD,OAAO,YAAY,MAAM,cAAc,CAAA;AACvC,OAAO,OAAO,MAAM,kBAAkB,CAAA;AACtC,OAAO,SAAS,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAEnD,OAAO,IAAI,MAAM,eAAe,CAAA;AAChC,OAAO,MAAM,MAAM,iBAAiB,CAAA;AACpC,OAAO,QAAQ,MAAM,mBAAmB,CAAA;AACxC,OAAO,SAAS,MAAM,qBAAqB,CAAA;AAC3C,OAAO,SAAS,MAAM,oBAAoB,CAAA;AAC1C,OAAO,OAAO,MAAM,kBAAkB,CAAA;AAEtC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,aAAa,EAAE,EAAE,wBAAwB,EAAE,MAAM,0BAA0B,CAAA;AAClF,OAAO,EAAE,iBAAiB,EAAa,MAAM,yBAAyB,CAAA;AACtE,OAAO,SAAS,MAAM,2BAA2B,CAAA;AACjD,OAAO,QAAQ,MAAM,2BAA2B,CAAA;AAChD,OAAO,OAAO,MAAM,uBAAuB,CAAA;AAI3C,MAAM,CAAC,GAAG,GAAG,MAAM,CAAA;AAEnB,KAAK,UAAU,YAAY,CAAC,MAAuB;IACjD,GAAG,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAA;IAC1C,MAAM,MAAM,GAAG,IAAI,YAAY,CAAY;QACzC,QAAQ;QACR,SAAS;QACT,OAAO,EAAE,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;KAC5C,CAAC,CAAA;IAEF,MAAM,MAAM,CAAC,KAAK,EAAE,CAAA;IAEpB,OAAO,MAAM,CAAA;AACf,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,MAAuB,EAAE,MAAsC;IAC7F,IAAI,MAAM,EAAE,CAAC;QACX,GAAG,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAA;QAC/B,MAAM,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE;YAC3C,OAAO,EAAE,iBAAiB;SAC3B,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,MAAuB;IACtD,GAAG,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAA;IAE9B,MAAM,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IAC/B,MAAM,aAAa,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IACjC,MAAM,YAAY,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;AAClC,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,MAAuB;IACtD,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,eAAe,EAAE,kBAAkB,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,GAAG,CAAA;IAEtH,MAAM,WAAW,GAAG,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IACtC,IAAI,WAAW,EAAE,CAAC;QAChB,GAAG,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAA;QAE/B,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;QACxB,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,eAAe,CAAC,CAAA;QAE7D,IAAI,OAAO,GAAG,EAAE,CAAA;QAChB,IAAI,CAAC;YACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAA;QAC7D,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,4BAA4B,GAAG,QAAQ,CAAC,CAAA;QAC5D,CAAC;QAED,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE;YAC7B,OAAO,EAAE;gBACP,IAAI,EAAE;oBACJ,KAAK,EAAE,aAAa,IAAI,4BAA4B;oBACpD,WAAW,EAAE,mBAAmB,IAAI,2CAA2C;oBAC/E,OAAO,EAAE,eAAe,IAAI,OAAO;iBACpC;gBACD,IAAI,EAAE,YAAY,IAAI,gBAAgB;gBACtC,OAAO,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;gBAC1B,QAAQ,EAAE,CAAC,kBAAkB,CAAC;gBAC9B,QAAQ,EAAE,CAAC,kBAAkB,CAAC;aAC/B;YACD,OAAO,EAAE;gBACP,IAAI,EAAE;oBACJ,KAAK,EAAE,aAAa,IAAI,4BAA4B;oBACpD,WAAW,EAAE,mBAAmB,IAAI,2CAA2C;oBAC/E,OAAO,EAAE,eAAe,IAAI,OAAO;iBACpC;gBACD,OAAO,EAAE;oBACP;wBACE,GAAG,EAAE,YAAY,IAAI,uBAAuB;qBAC7C;iBACF;gBACD,UAAU,EAAE;oBACV,eAAe,EAAE;wBACf,MAAM,EAAE;4BACN,IAAI,EAAE,MAAM;4BACZ,MAAM,EAAE,QAAQ;yBACjB;qBACF;iBACF;aACF;SACF,CAAC,CAAA;QAEF,MAAM,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE;YAC/B,WAAW,EAAE,kBAAkB,IAAI,WAAW;YAC9C,QAAQ,EAAE;gBACR,YAAY,EAAE,MAAM;gBACpB,WAAW,EAAE,IAAI;gBACjB,wBAAwB,EAAE,CAAC;aAC5B;YACD,IAAI,EAAE;gBACJ,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC;aACxC;YACD,KAAK,EAAE;gBACL,KAAK,EAAE,aAAa;aACrB;SACK,CAAC,CAAA;IACX,CAAC;AACH,CAAC;AAED,KAAK,UAAU,kBAAkB,CAAC,MAAuB;IACvD,MAAM,EAAE,SAAS,GAAG,KAAK,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,IAAI,EAAE,CAAA;IAC1D,IAAI,SAAS,EAAE,CAAC;QACd,GAAG,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAA;QAEjC,MAAM,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAA;IACxC,CAAC;AACH,CAAC;AAED,MAAM,KAAK,GAAG,KAAK,EAAE,UAAU,GAAG,EAAE,EAAE,EAAE;IACtC,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;IAClC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IAElB,MAAM,CAAC,MAAM,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,CAAA;IACzC,MAAM,CAAC,KAAK,GAAG,MAAM,WAAW,CAAC,IAAI,EAAE,CAAA;IACvC,MAAM,CAAC,CAAC,GAAG,iBAAiB,CAAC,IAAI,EAAE,CAAA;IAEnC,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,CAAA;IAChE,MAAM,CAAC,QAAQ,GAAG,QAAQ,CAAA;IAC1B,MAAM,CAAC,cAAc,GAAG,cAAc,CAAA;IAEtC,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,WAAW,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAA;IACxG,MAAM,MAAM,GAAoB,OAAO,EAAE,CAAA;IACzC,MAAM,CAAC,MAAM,GAAG,MAAM,CAAA;IAEtB,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,IAAI,EAAE,IAAI,GAAG,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,GAAG,CAAA;IAC5E,MAAM,EACJ,UAAU,GAAG,EAAE,EACf,cAAc,GAAG,KAAK,EACtB,WAAW,GAAG,MAAM,EACpB,kBAAkB,GAAG,EAAE,EACvB,sBAAsB,GAAG,MAAM,EAChC,GAAG,OAAO,CAAC,GAAG,CAAA;IAEf,MAAM,cAAc,GAAG,EAAE,CAAC,WAAW,EAAE,IAAI,CAAC,CAAA;IAC5C,MAAM,UAAU,GAAG,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IACrC,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,IAAI,EAAE,CAAA;IAE1C,OAAO,EAAE,OAAO,IAAI,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAA;IAC3E,CAAC,UAAU,IAAI,OAAO,EAAE,MAAM,IAAI,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAA;IAEvF,IAAI,OAAO,EAAE,SAAS,EAAE,CAAC;QACvB,MAAM,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC,CAAA;QACzD,MAAM,CAAC,kBAAkB,CACvB;YACE,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC;gBAC3B,GAAG,EAAE,EAAE;gBACP,UAAU,EAAE,KAAK;aAClB,CAAC;SACH,EACD,UAAU,GAAG,EAAE,KAAK;YAClB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAA;QACxB,CAAC,CACF,CAAA;IACH,CAAC;IAED,OAAO,EAAE,SAAS,IAAI,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAA;IACjF,OAAO,EAAE,IAAI,IAAI,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAA;IAClE,OAAO,EAAE,QAAQ,IAAI,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,CAAA;IAE9E,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,wBAAwB,cAAc,EAAE,CAAC,CAAA;IAC5D,MAAM,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE;QAClC,MAAM,EAAE,UAAU;QAClB,IAAI,EAAE,EAAE,SAAS,EAAE,cAAc,EAAE;KACpC,CAAC,CAAA;IAEF,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE;YAClC,SAAS,EAAE,cAAc;YACzB,MAAM,EAAE,kBAAkB,IAAI,UAAU;YACxC,IAAI,EAAE,EAAE,SAAS,EAAE,sBAAsB,EAAE;SAC5C,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,CAAC,MAAM,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAC7D,MAAM,iBAAiB,CAAC,MAAM,CAAC,CAAA;IAC/B,MAAM,gBAAgB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IACtC,MAAM,iBAAiB,CAAC,MAAM,CAAC,CAAA;IAC/B,MAAM,kBAAkB,CAAC,MAAM,CAAC,CAAA;IAEhC,MAAM,SAAS,GAAG,eAAe,CAAC,IAAI,EAAE,CAAA;IAExC,UAAU,GAAG;QACX,WAAW,EAAE;YACX,aAAa;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;YACD,WAAW,CAAC,IAAS;gBACnB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,IAAS;gBAClB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,IAAS;gBAClB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,IAAS;gBACvB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,cAAc,CAAC,EAAU,EAAE,IAAS;gBAClC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,gBAAgB,CAAC,EAAU;gBACzB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,mBAAmB,CAAC,KAAa;gBAC/B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,+BAA+B,CAAC,IAAY;gBAC1C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,gCAAgC,CAAC,IAAY;gBAC3C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,sBAAsB,CAAC,QAAgB;gBACrC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,wBAAwB,CAAC,UAAkB;gBACzC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,sBAAsB,CAAC,KAAa,EAAE,QAAgB;gBACpD,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,cAAc,CAAC,KAAa,EAAE,QAAgB,EAAE,WAAmB;gBACjE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,cAAc,CAAC,KAAa;gBAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,gBAAgB,CAAC,IAAS;gBACxB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,aAAa,CAAC,IAAS,EAAE,QAAgB;gBACvC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,aAAa,CAAC,EAAU,EAAE,MAAc;gBACtC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,IAAS;gBACvB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,IAAS;gBAClB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,SAAS,CAAC,IAAS;gBACjB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,EAAU;gBACxB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,aAAa,CAAC,MAAc,EAAE,MAAc;gBAC1C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,iBAAiB,CAAC,MAAc;gBAC9B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,SAAS,CAAC,MAAc;gBACtB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,MAAc;gBACvB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;SACgB;QACnB,YAAY,EAAE;YACZ,aAAa;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;YACD,YAAY,CAAC,IAAS;gBACpB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,WAAW,CAAC,IAAS;gBACnB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,EAAU;gBACxB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,EAAU,EAAE,KAAU;gBACpC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,iBAAiB,CAAC,EAAU;gBAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,yBAAyB,CAAC,EAAU;gBAClC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,cAAc,CAAC,EAAU,EAAE,MAAc;gBACvC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,gBAAgB,CAAC,EAAU;gBACzB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,IAAS;gBAClB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,SAAS,CAAC,IAAS;gBACjB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,EAAU;gBACxB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;SACiB;QACpB,eAAe,EAAE;YACf,aAAa;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;YACD,kBAAkB;gBAChB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,UAAU,EAAE,QAAQ;gBAC7B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,SAAS,CAAC,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY;gBACpE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;SACoB;QACvB,UAAU,EAAE;YACV,aAAa,CAAC,OAAe,EAAE,KAAa;gBAC1C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,MAAM,CAAC,KAAa,EAAE,MAAc;gBAClC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;SACe;QAClB,GAAG,UAAU;KACd,CAAA;IAED,MAAM,OAAO,CAAC,GAAG,CACf,MAAM,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAC9C,MAAM,MAAM,CAAC,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAA;IAC7C,CAAC,CAAC,CACH,CAAA;IAED,MAAM,MAAM;SACT,MAAM,CAAC;QACN,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;QAClB,IAAI,EAAE,IAAI;KACX,CAAC;SACD,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;QAChB,MAAM,OAAO,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,KAAK,CAAC,GAAG,GAAG,CAAA;QACpD,GAAG,CAAC,IAAI,CAAC,uBAAuB,OAAO,MAAM,CAAC,CAAA;QAC9C,GAAG,CAAC,IAAI,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAA;QAEzC,MAAM,WAAW,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;QAClD,WAAW,IAAI,GAAG,CAAC,IAAI,CAAC,sBAAsB,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,WAAW,EAAE,CAAC,CAAA;IAC1G,CAAC,CAAC,CAAA;IAEJ,MAAM,eAAe,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;IAC9C,OAAO,MAAM,CAAA;AACf,CAAC,CAAA;AAqBD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":"AAAA,YAAY,CAAA;AAEZ,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,MAAM,CAAC,MAAM,EAAE,CAAA;AAEf,OAAO,KAAK,MAAM,OAAO,CAAA;AACzB,OAAO,EAAE,MAAM,kBAAkB,CAAA;AACjC,OAAO,MAAM,MAAM,sBAAsB,CAAA;AACzC,OAAO,KAAK,IAAI,MAAM,oBAAoB,CAAA;AAC1C,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAA;AACtD,OAAO,KAAK,aAAa,MAAM,yBAAyB,CAAA;AACxD,OAAO,KAAK,WAAW,MAAM,uBAAuB,CAAA;AACpD,OAAO,KAAK,YAAY,MAAM,wBAAwB,CAAA;AACtD,OAAO,KAAK,WAAW,MAAM,uBAAuB,CAAA;AACpD,OAAO,KAAK,aAAa,MAAM,yBAAyB,CAAA;AACxD,OAAO,KAAK,cAAc,MAAM,0BAA0B,CAAA;AAC1D,OAAO,KAAK,iBAAiB,MAAM,6BAA6B,CAAA;AAChE,OAAO,KAAK,YAAY,MAAM,yBAAyB,CAAA;AACvD,OAAO,KAAK,eAAe,MAAM,2BAA2B,CAAA;AAE5D,OAAO,OAA4B,MAAM,SAAS,CAAA;AAClD,OAAO,YAAY,MAAM,cAAc,CAAA;AACvC,OAAO,OAAO,MAAM,kBAAkB,CAAA;AACtC,OAAO,SAAS,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AAEnD,OAAO,IAAI,MAAM,eAAe,CAAA;AAChC,OAAO,MAAM,MAAM,iBAAiB,CAAA;AACpC,OAAO,QAAQ,MAAM,mBAAmB,CAAA;AACxC,OAAO,SAAS,MAAM,qBAAqB,CAAA;AAC3C,OAAO,SAAS,MAAM,oBAAoB,CAAA;AAC1C,OAAO,OAAO,MAAM,kBAAkB,CAAA;AAEtC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,aAAa,EAAE,EAAE,wBAAwB,EAAE,MAAM,0BAA0B,CAAA;AAClF,OAAO,EAAE,iBAAiB,EAAa,MAAM,yBAAyB,CAAA;AACtE,OAAO,SAAS,MAAM,2BAA2B,CAAA;AACjD,OAAO,QAAQ,MAAM,2BAA2B,CAAA;AAChD,OAAO,OAAO,MAAM,uBAAuB,CAAA;AAI3C,MAAM,CAAC,GAAG,GAAG,MAAM,CAAA;AAEnB,KAAK,UAAU,YAAY,CAAC,MAAuB;IACjD,GAAG,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAA;IAC1C,MAAM,MAAM,GAAG,IAAI,YAAY,CAAY;QACzC,QAAQ;QACR,SAAS;QACT,OAAO,EAAE,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;KAC5C,CAAC,CAAA;IAEF,MAAM,MAAM,CAAC,KAAK,EAAE,CAAA;IAEpB,OAAO,MAAM,CAAA;AACf,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,MAAuB,EAAE,MAAsC;IAC7F,IAAI,MAAM,EAAE,CAAC;QACX,GAAG,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAA;QAC/B,MAAM,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE;YAC3C,OAAO,EAAE,iBAAiB;SAC3B,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,MAAuB;IACtD,GAAG,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAA;IAE9B,MAAM,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IAC/B,MAAM,aAAa,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IACjC,MAAM,YAAY,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;AAClC,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,MAAuB;IACtD,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,eAAe,EAAE,kBAAkB,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,GAAG,CAAA;IAEtH,MAAM,WAAW,GAAG,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IACtC,IAAI,WAAW,EAAE,CAAC;QAChB,GAAG,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAA;QAE/B,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;QACxB,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,eAAe,CAAC,CAAA;QAE7D,IAAI,OAAO,GAAG,EAAE,CAAA;QAChB,IAAI,CAAC;YACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAA;QAC7D,CAAC;QAAC,OAAO,EAAE,EAAE,CAAC;YACZ,IAAI,GAAG,CAAC,CAAC;gBAAE,GAAG,CAAC,IAAI,CAAC,4BAA4B,GAAG,QAAQ,CAAC,CAAA;QAC9D,CAAC;QAED,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE;YAC7B,OAAO,EAAE;gBACP,IAAI,EAAE;oBACJ,KAAK,EAAE,aAAa,IAAI,4BAA4B;oBACpD,WAAW,EAAE,mBAAmB,IAAI,2CAA2C;oBAC/E,OAAO,EAAE,eAAe,IAAI,OAAO;iBACpC;gBACD,IAAI,EAAE,YAAY,IAAI,gBAAgB;gBACtC,OAAO,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;gBAC1B,QAAQ,EAAE,CAAC,kBAAkB,CAAC;gBAC9B,QAAQ,EAAE,CAAC,kBAAkB,CAAC;aAC/B;YACD,OAAO,EAAE;gBACP,IAAI,EAAE;oBACJ,KAAK,EAAE,aAAa,IAAI,4BAA4B;oBACpD,WAAW,EAAE,mBAAmB,IAAI,2CAA2C;oBAC/E,OAAO,EAAE,eAAe,IAAI,OAAO;iBACpC;gBACD,OAAO,EAAE;oBACP;wBACE,GAAG,EAAE,YAAY,IAAI,uBAAuB;qBAC7C;iBACF;gBACD,UAAU,EAAE;oBACV,eAAe,EAAE;wBACf,MAAM,EAAE;4BACN,IAAI,EAAE,MAAM;4BACZ,MAAM,EAAE,QAAQ;yBACjB;qBACF;iBACF;aACF;SACF,CAAC,CAAA;QAEF,MAAM,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE;YAC/B,WAAW,EAAE,kBAAkB,IAAI,WAAW;YAC9C,QAAQ,EAAE;gBACR,YAAY,EAAE,MAAM;gBACpB,WAAW,EAAE,IAAI;gBACjB,wBAAwB,EAAE,CAAC;aAC5B;YACD,IAAI,EAAE;gBACJ,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC;aACxC;YACD,KAAK,EAAE;gBACL,KAAK,EAAE,aAAa;aACrB;SACF,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,kBAAkB,CAAC,MAAuB;IACvD,MAAM,EAAE,SAAS,GAAG,KAAK,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,IAAI,EAAE,CAAA;IAC1D,IAAI,SAAS,EAAE,CAAC;QACd,GAAG,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAA;QAEjC,MAAM,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAA;IACxC,CAAC;AACH,CAAC;AAED,MAAM,KAAK,GAAG,KAAK,EAAE,UAAU,GAAG,EAAE,EAAE,EAAE;IACtC,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;IAClC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IAElB,MAAM,CAAC,MAAM,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,CAAA;IACzC,MAAM,CAAC,KAAK,GAAG,MAAM,WAAW,CAAC,IAAI,EAAE,CAAA;IACvC,MAAM,CAAC,CAAC,GAAG,iBAAiB,CAAC,IAAI,EAAE,CAAA;IAEnC,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,CAAA;IAChE,MAAM,CAAC,QAAQ,GAAG,QAAQ,CAAA;IAC1B,MAAM,CAAC,cAAc,GAAG,cAAc,CAAA;IAGtC,MAAM,MAAM,GAAoB,OAAO,EAAE,CAAA;IACzC,MAAM,CAAC,MAAM,GAAG,MAAM,CAAA;IAEtB,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,SAAS,EAAE,IAAI,EAAE,IAAI,GAAG,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,GAAG,CAAA;IAC5E,MAAM,EACJ,UAAU,GAAG,EAAE,EACf,cAAc,GAAG,KAAK,EACtB,WAAW,GAAG,MAAM,EACpB,kBAAkB,GAAG,EAAE,EACvB,sBAAsB,GAAG,MAAM,EAChC,GAAG,OAAO,CAAC,GAAG,CAAA;IAEf,MAAM,cAAc,GAAG,EAAE,CAAC,WAAW,EAAE,IAAI,CAAC,CAAA;IAC5C,MAAM,UAAU,GAAG,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IACrC,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,IAAI,EAAE,CAAA;IAE1C,IAAI,OAAO,EAAE,OAAO;QAAE,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAA;IAC3E,IAAI,CAAC,UAAU,IAAI,OAAO,EAAE,MAAM;QAAE,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAA;IAEvF,IAAI,OAAO,EAAE,SAAS,EAAE,CAAC;QACvB,MAAM,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC,CAAA;QACzD,MAAM,CAAC,kBAAkB,CACvB;YACE,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC;gBAC3B,GAAG,EAAE,EAAE;gBACP,UAAU,EAAE,KAAK;aAClB,CAAC;SACH,EACD,UAAU,IAAI,EAAE,KAAK;YACnB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAA;QACxB,CAAC,CACF,CAAA;IACH,CAAC;IAED,IAAI,OAAO,EAAE,SAAS;QAAE,MAAM,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC,CAAA;IACjF,IAAI,OAAO,EAAE,IAAI;QAAE,MAAM,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAA;IAClE,IAAI,OAAO,EAAE,QAAQ;QAAE,MAAM,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAA;IAE9E,IAAI,GAAG,CAAC,CAAC;QAAE,GAAG,CAAC,KAAK,CAAC,wBAAwB,cAAc,EAAE,CAAC,CAAA;IAC9D,MAAM,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE;QAClC,MAAM,EAAE,UAAU;QAClB,IAAI,EAAE,EAAE,SAAS,EAAE,cAAc,EAAE;KACpC,CAAC,CAAA;IAEF,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE;YAClC,SAAS,EAAE,cAAc;YACzB,MAAM,EAAE,kBAAkB,IAAI,UAAU;YACxC,IAAI,EAAE,EAAE,SAAS,EAAE,sBAAsB,EAAE;SAC5C,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,CAAC,MAAM,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAC7D,MAAM,iBAAiB,CAAC,MAAM,CAAC,CAAA;IAC/B,MAAM,gBAAgB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IACtC,MAAM,iBAAiB,CAAC,MAAM,CAAC,CAAA;IAC/B,MAAM,kBAAkB,CAAC,MAAM,CAAC,CAAA;IAEhC,MAAM,SAAS,GAAG,eAAe,CAAC,IAAI,EAAE,CAAA;IAExC,UAAU,GAAG;QACX,WAAW,EAAE;YACX,aAAa;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;YACD,WAAW,CAAC,KAAc;gBACxB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,KAAc;gBACvB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,KAAc;gBACvB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,KAAc;gBAC5B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,cAAc,CAAC,GAAW,EAAE,KAAc;gBACxC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,gBAAgB,CAAC,GAAW;gBAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,mBAAmB,CAAC,MAAc;gBAChC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,+BAA+B,CAAC,KAAa;gBAC3C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,gCAAgC,CAAC,KAAa;gBAC5C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,sBAAsB,CAAC,SAAiB;gBACtC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,wBAAwB,CAAC,WAAmB;gBAC1C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,sBAAsB,CAAC,MAAc,EAAE,SAAiB;gBACtD,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,cAAc,CAAC,MAAc,EAAE,SAAiB,EAAE,YAAoB;gBACpE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,cAAc,CAAC,MAAc;gBAC3B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,gBAAgB,CAAC,KAAc;gBAC7B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,aAAa,CAAC,KAAc,EAAE,SAAiB;gBAC7C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,aAAa,CAAC,GAAW,EAAE,OAAe;gBACxC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,KAAc;gBAC5B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,KAAc;gBACvB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,SAAS,CAAC,KAAc;gBACtB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,GAAW;gBACzB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,aAAa,CAAC,OAAe,EAAE,OAAe;gBAC5C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,iBAAiB,CAAC,OAAe;gBAC/B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,SAAS,CAAC,OAAe;gBACvB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,OAAe;gBACxB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,uBAAuB,CAAC,MAAc;gBACpC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;SACgB;QACnB,YAAY,EAAE;YACZ,aAAa;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;YACD,YAAY,CAAC,KAAc;gBACzB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,WAAW,CAAC,KAAc;gBACxB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,GAAW;gBACzB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,GAAW,EAAE,MAAe;gBAC1C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,iBAAiB,CAAC,GAAW;gBAC3B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,yBAAyB,CAAC,GAAW;gBACnC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,cAAc,CAAC,GAAW,EAAE,OAAe;gBACzC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,gBAAgB,CAAC,GAAW;gBAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,KAAc;gBACvB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,SAAS,CAAC,KAAc;gBACtB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,eAAe,CAAC,GAAW;gBACzB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;SACiB;QACpB,eAAe,EAAE;YACf,aAAa;gBACX,OAAO,KAAK,CAAA;YACd,CAAC;YACD,kBAAkB;gBAChB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,UAAU,CAAC,WAAW,EAAE,SAAS;gBAC/B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,SAAS,CAAC,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa;gBAC1E,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;SACoB;QACvB,UAAU,EAAE;YACV,aAAa,CAAC,QAAgB,EAAE,MAAc;gBAC5C,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YACD,MAAM,CAAC,MAAc,EAAE,OAAe;gBACpC,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;SACe;QAClB,GAAG,UAAU;KACd,CAAA;IAED,MAAM,OAAO,CAAC,GAAG,CACf,MAAM,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAC9C,MAAM,MAAM,CAAC,QAAQ,CAAC,GAAG,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAA;IAC7C,CAAC,CAAC,CACH,CAAA;IAID,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAA;IAC3D,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAA;IAE3D,IAAI,UAAU,IAAI,UAAU,EAAE,CAAC;QAC7B,MAAM,GAAG,GAAG,KAAK,EAAE,CAAA;QACnB,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,CAAC,CAAA;QAEnC,IAAI,SAAS,CAAC,OAAO,EAAE,EAAE,CAAC;YACxB,MAAM,WAAW,GAAG,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;YAEjD,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;gBACpB,IAAI,GAAG,CAAC,CAAC;oBAAE,GAAG,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAA;YAC3E,CAAC;iBAAM,IAAI,WAAW,GAAG,EAAE,EAAE,CAAC;gBAC5B,IAAI,GAAG,CAAC,CAAC;oBACP,GAAG,CAAC,KAAK,CACP,oGAAoG,CACrG,CAAA;gBACH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;YACjB,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,CAAC;oBAAE,GAAG,CAAC,IAAI,CAAC,gDAAgD,UAAU,EAAE,CAAC,CAAA;gBACjF,IAAI,CAAC;oBAEH,IAAI,MAAM,CAAC,aAAa,CAAC,IAAI,MAAM,CAAC,aAAa,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC;wBACnE,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAA;wBAC/D,IAAI,GAAG,CAAC,CAAC;4BAAE,GAAG,CAAC,IAAI,CAAC,qCAAqC,UAAU,EAAE,CAAC,CAAA;oBACxE,CAAC;yBAAM,CAAC;wBACN,IAAI,GAAG,CAAC,CAAC;4BAAE,GAAG,CAAC,KAAK,CAAC,qEAAqE,CAAC,CAAA;oBAC7F,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,MAAM,OAAO,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;oBAC1D,IAAI,GAAG,CAAC,CAAC;wBAAE,GAAG,CAAC,KAAK,CAAC,8BAA8B,OAAO,EAAE,CAAC,CAAA;gBAC/D,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAGD,MAAM,MAAM;SACT,MAAM,CAAC;QACN,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;QAClB,IAAI,EAAE,IAAI;KACX,CAAC;SACD,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;QAChB,MAAM,OAAO,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,KAAK,CAAC,GAAG,GAAG,CAAA;QACpD,GAAG,CAAC,IAAI,CAAC,uBAAuB,OAAO,MAAM,CAAC,CAAA;QAC9C,GAAG,CAAC,IAAI,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAA;QAEzC,MAAM,WAAW,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;QAClD,IAAI,WAAW;YAAE,GAAG,CAAC,IAAI,CAAC,sBAAsB,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,WAAW,EAAE,CAAC,CAAA;IAC5G,CAAC,CAAC,CAAA;IAEJ,MAAM,eAAe,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;IAC9C,OAAO,MAAM,CAAA;AACf,CAAC,CAAA;AAqBD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAA"}
|
|
@@ -35,6 +35,16 @@ export declare function unblock(req: FastifyRequest, reply: FastifyReply): Promi
|
|
|
35
35
|
export declare function mfaSetup(req: FastifyRequest, reply: FastifyReply): Promise<any>;
|
|
36
36
|
export declare function mfaEnable(req: FastifyRequest, reply: FastifyReply): Promise<{
|
|
37
37
|
ok: boolean;
|
|
38
|
+
token: string;
|
|
39
|
+
refreshToken: any;
|
|
40
|
+
user: {
|
|
41
|
+
mfaEnabled: boolean;
|
|
42
|
+
roles: (string | import("../../../../types/global.js").Role)[];
|
|
43
|
+
getId(): any;
|
|
44
|
+
username: string;
|
|
45
|
+
email: string;
|
|
46
|
+
externalId: string;
|
|
47
|
+
};
|
|
38
48
|
}>;
|
|
39
49
|
export declare function mfaVerify(req: FastifyRequest, reply: FastifyReply): Promise<any>;
|
|
40
50
|
export declare function mfaDisable(req: FastifyRequest, reply: FastifyReply): Promise<{
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../../../lib/api/auth/controller/auth.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../../../lib/api/auth/controller/auth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAA;AAItD,wBAAsB,QAAQ,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY,gBA6CtE;AAED,wBAAsB,UAAU,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GAsBxE;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GAa9E;AAED,wBAAsB,cAAc,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GA6B5E;AAED,wBAAsB,cAAc,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GAgC5E;AAED,wBAAsB,YAAY,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GAsB1E;AAED,wBAAsB,aAAa,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;;GA6B3E;AAED,wBAAsB,KAAK,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY,gBAsEnE;AAED,wBAAsB,YAAY,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GA8B1E;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GAS9E;AAED,wBAAsB,KAAK,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GAenE;AAED,wBAAsB,OAAO,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GAcrE;AAED,wBAAsB,QAAQ,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY,gBAatE;AAED,wBAAsB,SAAS,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;;;;;;;;;;;GAuCvE;AAED,wBAAsB,SAAS,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY,gBA8CvE;AAED,wBAAsB,UAAU,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GAgBxE;AAED,wBAAsB,QAAQ,CAAC,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,YAAY;;GAkBtE"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import * as regExp from '../../../util/regexp.js';
|
|
2
|
+
import { MfaPolicy } from '../../../../types/global.js';
|
|
2
3
|
export async function register(req, reply) {
|
|
3
4
|
const { password1: password, password2, ...data } = req.data();
|
|
4
5
|
if (!req.server['userManager'].isImplemented()) {
|
|
@@ -156,6 +157,7 @@ export async function resetPassword(req, reply) {
|
|
|
156
157
|
}
|
|
157
158
|
export async function login(req, reply) {
|
|
158
159
|
const { email, password } = req.data();
|
|
160
|
+
const { mfa_policy = MfaPolicy.OPTIONAL } = global.config.options || {};
|
|
159
161
|
if (!req.server['userManager'].isImplemented()) {
|
|
160
162
|
throw new Error('Not implemented');
|
|
161
163
|
}
|
|
@@ -183,10 +185,13 @@ export async function login(req, reply) {
|
|
|
183
185
|
if (user.blocked) {
|
|
184
186
|
return reply.status(403).send(new Error('User blocked'));
|
|
185
187
|
}
|
|
186
|
-
|
|
188
|
+
const isMfaEnabled = user.mfaEnabled;
|
|
189
|
+
const isMandatory = mfa_policy === MfaPolicy.MANDATORY;
|
|
190
|
+
if (isMfaEnabled || isMandatory) {
|
|
187
191
|
const tempToken = await reply.jwtSign({ sub: user.externalId, role: 'pre-auth-mfa' }, { expiresIn: '5m' });
|
|
188
192
|
return reply.status(202).send({
|
|
189
|
-
mfaRequired:
|
|
193
|
+
mfaRequired: isMfaEnabled,
|
|
194
|
+
mfaSetupRequired: isMandatory && !isMfaEnabled,
|
|
190
195
|
tempToken: tempToken
|
|
191
196
|
});
|
|
192
197
|
}
|
|
@@ -289,7 +294,20 @@ export async function mfaEnable(req, reply) {
|
|
|
289
294
|
}
|
|
290
295
|
await req.server['userManager'].saveMfaSecret(user.getId(), secret);
|
|
291
296
|
await req.server['userManager'].enableMfa(user.getId());
|
|
292
|
-
|
|
297
|
+
const finalToken = await reply.jwtSign({ sub: user.externalId });
|
|
298
|
+
const refreshToken = reply.server.jwt['refreshToken']
|
|
299
|
+
? await reply.server.jwt['refreshToken'].sign({ sub: user.externalId })
|
|
300
|
+
: undefined;
|
|
301
|
+
return {
|
|
302
|
+
ok: true,
|
|
303
|
+
token: finalToken,
|
|
304
|
+
refreshToken: refreshToken,
|
|
305
|
+
user: {
|
|
306
|
+
...user,
|
|
307
|
+
mfaEnabled: true,
|
|
308
|
+
roles: (user.roles || [global.role?.public?.code || 'public']).map((r) => r?.code || r)
|
|
309
|
+
}
|
|
310
|
+
};
|
|
293
311
|
}
|
|
294
312
|
catch (error) {
|
|
295
313
|
req.log.error({ err: error }, 'MFA Enable failed');
|
|
@@ -305,7 +323,7 @@ export async function mfaVerify(req, reply) {
|
|
|
305
323
|
try {
|
|
306
324
|
decoded = req.server.jwt.verify(tokenStr);
|
|
307
325
|
}
|
|
308
|
-
catch (
|
|
326
|
+
catch (_e) {
|
|
309
327
|
return reply.status(401).send(new Error('Invalid token'));
|
|
310
328
|
}
|
|
311
329
|
if (decoded.role !== 'pre-auth-mfa' && (!req.user || !req.user.getId())) {
|
|
@@ -342,6 +360,10 @@ export async function mfaDisable(req, reply) {
|
|
|
342
360
|
const user = req.user;
|
|
343
361
|
if (!user)
|
|
344
362
|
return reply.status(401).send(new Error('Unauthorized'));
|
|
363
|
+
const { mfa_policy = MfaPolicy.OPTIONAL } = global.config.options || {};
|
|
364
|
+
if (mfa_policy === MfaPolicy.MANDATORY || mfa_policy === MfaPolicy.ONE_WAY) {
|
|
365
|
+
return reply.status(403).send(new Error('MFA disable is not allowed by security policy'));
|
|
366
|
+
}
|
|
345
367
|
try {
|
|
346
368
|
await req.server['userManager'].disableMfa(user.getId());
|
|
347
369
|
return { ok: true };
|