corebasic 1.0.18 → 1.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/libs/auth.js +29 -35
- package/package.json +1 -1
package/libs/auth.js
CHANGED
|
@@ -13,53 +13,47 @@ module.exports.validate = (callback, errMessage) => {
|
|
|
13
13
|
module.exports.start = (app, successCallback) => {
|
|
14
14
|
app.post("/login", async (req, res) => {
|
|
15
15
|
if (validateFn && !validateFn(req)) {
|
|
16
|
-
res.json({mode: 'login', success: false, msg: validateErrMessage ?? 'Validation Failed'})
|
|
16
|
+
res.status(406).json({ mode: 'login', success: false, msg: validateErrMessage ?? 'Validation Failed' })
|
|
17
17
|
return
|
|
18
18
|
}
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
19
|
+
try {
|
|
20
|
+
let login = await attemptLogin(req, res)
|
|
21
|
+
if (login.mode === 'verify' && login.success) {
|
|
22
|
+
let tokens = Session.generateAccessToken(login.userId, req.body.clientId)
|
|
23
|
+
let response = {...login, tokens}
|
|
24
|
+
if (successCallback)
|
|
25
|
+
await successCallback(req, res, response)
|
|
26
|
+
else
|
|
27
|
+
res.json(response)
|
|
28
|
+
} else
|
|
29
|
+
res.json(login)
|
|
30
|
+
} catch (err) {
|
|
31
|
+
return res.status(406).json(err)
|
|
32
|
+
}
|
|
31
33
|
})
|
|
32
34
|
}
|
|
33
35
|
|
|
34
|
-
|
|
35
36
|
async function attemptLogin(req, res) {
|
|
37
|
+
let expiry = 300000
|
|
36
38
|
let phone = req.body.phone
|
|
37
39
|
let time = new Date().getTime()
|
|
38
40
|
let collection = (req.body.app ? req.body.app + '.' : '') + "auth.login"
|
|
39
41
|
if (req.body.otp) { // verify login
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
throw false
|
|
45
|
-
} catch {
|
|
46
|
-
return {mode: 'verify', success: false}
|
|
47
|
-
}
|
|
48
|
-
|
|
42
|
+
let res = await Elabase.query(collection, { _id: phone.trim(), otp: req.body.otp, time: { $gt: time - expiry } })
|
|
43
|
+
if (res.length)
|
|
44
|
+
return {mode: 'verify', success: true, userId: res[0].userId}
|
|
45
|
+
throw {mode: 'verify', success: false, msg: "Invalid OTP"}
|
|
49
46
|
} else { // generate login
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
}
|
|
59
|
-
throw false
|
|
60
|
-
} catch {
|
|
61
|
-
return {mode: 'login', success: false}
|
|
47
|
+
let otp = phone === '0123456789' ? '1234' : otpGenerator.generate(4, { upperCaseAlphabets: false, specialChars: false, digital: true, lowerCaseAlphabets: false });
|
|
48
|
+
if (await sendOtp(phone, otp)) {
|
|
49
|
+
let userId = req.body.userId ?? Utils.uid()
|
|
50
|
+
let now = Utils.now().toISOString()
|
|
51
|
+
let data = res.body.data ?? {}
|
|
52
|
+
let meta = {createdAt: now, updatedAt: now, pos: req.body.pos ?? undefined, ...data}
|
|
53
|
+
await Elabase.update(collection, { _id: phone.trim() }, { $set: { otp, time, updatedAt: now }, $setOnInsert: { _id: phone.trim(), otp, time, userId, ...meta } }, { upsert: true })
|
|
54
|
+
return {mode: 'login', success: true, userId, expiry}
|
|
62
55
|
}
|
|
56
|
+
throw {mode: 'login', success: false, msg: "Login Server Error"}
|
|
63
57
|
}
|
|
64
58
|
}
|
|
65
59
|
|