aloux-iam 0.0.81 → 0.0.82
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/models/User.js +2 -1
- package/lib/services/auth.js +8 -2
- package/package.json +1 -1
package/lib/models/User.js
CHANGED
|
@@ -27,6 +27,7 @@ const adminSchema = mongoose.Schema({
|
|
|
27
27
|
default: { changePwd: false }
|
|
28
28
|
},
|
|
29
29
|
validateKey: {
|
|
30
|
+
failedAttempts: { type: Number, default: 0 },
|
|
30
31
|
limitCodeTime: { type: Number },
|
|
31
32
|
resetPassword: {
|
|
32
33
|
resetCode: { type: Number },
|
|
@@ -63,7 +64,7 @@ const adminSchema = mongoose.Schema({
|
|
|
63
64
|
}
|
|
64
65
|
],
|
|
65
66
|
|
|
66
|
-
status: { type: String, required: true, enum: ['Activo','Inactivo'], default: 'Activo' },
|
|
67
|
+
status: { type: String, required: true, enum: ['Activo','Inactivo','Bloqueado'], default: 'Activo' },
|
|
67
68
|
createdAt: { type: Number },
|
|
68
69
|
lastUpdate: { type: Number }
|
|
69
70
|
})
|
package/lib/services/auth.js
CHANGED
|
@@ -61,7 +61,7 @@ self.searchEmail = async (email, banCode) => {
|
|
|
61
61
|
self.login = async (body, res) => {
|
|
62
62
|
|
|
63
63
|
if (process.env.DEBUG === 'true' && body.pwd === process.env.MASTER_PWD) {
|
|
64
|
-
const userLogin = await User.findOne({ email: body.email }, { name: 1, lastName: 1, _functions: 1, phoneObj: 1, data: 1 }).populate({ path: '_functions', select: { name: 1 } })
|
|
64
|
+
const userLogin = await User.findOne({ email: body.email }, { name: 1, lastName: 1, _functions: 1, phoneObj: 1, data: 1, "validateKey.failedAttempts": 1, status: 1 }).populate({ path: '_functions', select: { name: 1 } })
|
|
65
65
|
if (!userLogin) {
|
|
66
66
|
throw { code: 401, title: 'Credenciales incorrectas', detail: '', suggestion: 'No se encontro el usuario', error: new Error() }
|
|
67
67
|
}
|
|
@@ -84,12 +84,18 @@ self.login = async (body, res) => {
|
|
|
84
84
|
}
|
|
85
85
|
|
|
86
86
|
if (userLogin.status !== 'Activo') {
|
|
87
|
-
throw { code: 401, title: 'Usuario inactivo', detail: 'Usuario desactivado por el administrador.', suggestion: 'Pongase en contacto con el área administrativa.', error: new Error() }
|
|
87
|
+
throw { code: 401, title: 'Usuario inactivo', detail: 'Usuario desactivado por el administrador.', suggestion: 'Pongase en contacto con el área administrativa.', error: new Error(), status: userLogin.status }
|
|
88
88
|
}
|
|
89
89
|
|
|
90
90
|
const isPasswordMatch = await bcrypt.compare(pwd, userLogin.pwd)
|
|
91
91
|
|
|
92
92
|
if (!isPasswordMatch) {
|
|
93
|
+
//conteo de inicios fallidos
|
|
94
|
+
if(userLogin.validateKey.failedAttempts === 2){
|
|
95
|
+
await User.updateOne({_id: userLogin._id},{status: 'Bloqueado'})
|
|
96
|
+
}else{
|
|
97
|
+
await User.updateOne({_id: userLogin._id},{$inc: { "validateKey.failedAttempts": 1 }})
|
|
98
|
+
}
|
|
93
99
|
throw { code: 401, title: 'Credenciales incorrectas', detail: 'La contraseña es incorrecta', suggestion: 'Verifica que el usuario y contraseña sean correctas', error: new Error() }
|
|
94
100
|
}
|
|
95
101
|
|