adapt-authoring-auth-local 2.3.1 → 2.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/.github/workflows/standardjs.yml +2 -1
  2. package/lib/LocalAuthModule.js +2 -2
  3. package/lib/PasswordUtils.js +2 -10
  4. package/package.json +1 -1
package/.github/workflows/standardjs.yml CHANGED
@@ -1,4 +1,4 @@
1
- name: Standard.js
1
+ name: Lint
2
2
  on: push
3
3
  jobs:
4
4
  default:
@@ -10,3 +10,4 @@ jobs:
10
10
  node-version: 'lts/*'
11
11
  - run: npm install
12
12
  - run: npx standard
13
+
package/lib/LocalAuthModule.js CHANGED
@@ -99,7 +99,7 @@ class LocalAuthModule extends AbstractAuthModule {
99
99
  */
100
100
  async registerSuper (data) {
101
101
  const [roles, users] = await this.app.waitForModule('roles', 'users')
102
- const [superRole] = await roles.find({ shortName: 'superuser' })
102
+ const superRole = await roles.findOne({ shortName: 'superuser' })
103
103
  const superUsers = await users.find({ roles: [superRole._id] })
104
104
  if (superUsers.length) {
105
105
  throw this.app.errors.SUPER_USER_EXISTS
@@ -256,7 +256,7 @@ class LocalAuthModule extends AbstractAuthModule {
256
256
  // allow for a specific email to be passed via body, falling back to the email from the auth data
257
257
  email = req.body.email || req.auth.user.email
258
258
  // validate the existing password for security
259
- const [user] = await this.users.find({ email })
259
+ const user = await this.users.findOne({ email })
260
260
  await compare(req.body.oldPassword, user.password)
261
261
  } else { // no authenticated, so should expect body data
262
262
  const tokenData = await PasswordUtils.validateReset(req.body.token)
package/lib/PasswordUtils.js CHANGED
@@ -69,11 +69,7 @@ class PasswordUtils {
69
69
  */
70
70
  static async createReset (email, lifespan) {
71
71
  const [mongodb, users] = await App.instance.waitForModule('mongodb', 'users')
72
- const [user] = await users.find({ email })
73
- if (!user) {
74
- throw App.instance.errors.NOT_FOUND
75
- .setData({ type: 'user', id: email })
76
- }
72
+ const user = await users.findOne({ email })
77
73
  if (user.authType !== 'local') {
78
74
  const authlocal = await App.instance.waitForModule('auth-local')
79
75
  authlocal.log('error', `Failed to reset ${user._id} password, not authenticated with local auth`)
@@ -128,11 +124,7 @@ class PasswordUtils {
128
124
  if (new Date(tokenData.expiresAt) < new Date()) {
129
125
  throw App.instance.errors.AUTH_TOKEN_EXPIRED
130
126
  }
131
- const [user] = await users.find({ email: tokenData.email })
132
- if (!user) {
133
- throw App.instance.errors.NOT_FOUND
134
- .setData({ type: 'user', id: tokenData.email })
135
- }
127
+ const user = await users.findOne({ email: tokenData.email })
136
128
  return tokenData
137
129
  }
138
130
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "adapt-authoring-auth-local",
3
- "version": "2.3.1",
3
+ "version": "2.3.2",
4
4
  "description": "Module which implements username/password (local) authentication",
5
5
  "homepage": "https://github.com/adapt-security/adapt-authoring-auth-local",
6
6
  "license": "GPL-3.0",