dbgate-api-premium 7.0.4 → 7.1.0

package/src/controllers/storage.js

@@ -16,6 +16,7 @@ const {
   storageSaveDetailPermissionsDiff,
   saveStorageTeamFilesPermissions,
   saveStorageTeamFoldersPermissions,
+  storageSqlCommandFmt,
 } = require('./storageDb');
 const { hasPermission, loadPermissionsFromRequest } = require('../utility/hasPermission');
 const { changeSetToSql, removeSchemaFromChangeSet } = require('dbgate-datalib');
@@ -28,9 +29,10 @@ const {
   getPredefinedPermissions,
   runQueryOnDriver,
   safeJsonParse,
+  extractErrorLogData,
 } = require('dbgate-tools');
 const socket = require('../utility/socket');
-const { obtainRefreshedLicense } = require('../utility/authProxy');
+const { obtainRefreshedLicense, sendEmailViaApi } = require('../utility/authProxy');
 const { datadir } = require('../utility/directories');
 const {
   loadEncryptionKeyFromExternal,
@@ -43,6 +45,7 @@ const dataReplicator = require('../shell/dataReplicator');
 const storageReplicatorItems = require('../utility/storageReplicatorItems');
 const { sendToAuditLog } = require('../utility/auditlog');
 const { extractImportEntitiesFromEnv, createStorageFromEnvReplicatorItems } = require('../utility/envtools');
+const { format } = require('date-fns');
 
 const logger = getLogger('storage');
 
@@ -1150,4 +1153,133 @@ module.exports = {
     });
     socket.emitChanged('connection-list-changed');
   },
+
+  requestPasswordReset_meta: true,
+  async requestPasswordReset({ email }, req) {
+    // Check if user exists with this email
+    const users = await storageSelectFmt('select * from ~users where ~email = %v', email);
+
+    if (users.length === 0) {
+      // Don't reveal whether user exists or not for security reasons
+      return { success: true };
+    }
+
+    const user = users[0];
+
+    // Generate a secure random token
+    const token = crypto.randomBytes(32).toString('hex');
+    const now = new Date();
+    const expiresAt = new Date(now.getTime() + 60 * 60 * 1000); // 1 hour expiry
+
+    // Store token in database
+    await storageSqlCommandFmt(
+      'insert into ~user_password_reset_tokens (~user_id, ~token, ~created_at, ~expires_at) values (%v, %v, %v, %v)',
+      user.id,
+      token,
+      format(now, "yyyy-MM-dd'T'HH:mm:ss"),
+      format(expiresAt, "yyyy-MM-dd'T'HH:mm:ss")
+    );
+
+    // Generate reset link
+    const resetUrl = `${req.headers.origin || 'http://localhost:3000'}/reset-password.html?token=${token}`;
+
+    // Send email via api.dbgate.io
+    try {
+      await sendEmailViaApi({
+        receiver: email,
+        subject: 'DbGate Password Reset',
+        body: `
+Hello,
+
+You requested a password reset for your DbGate account.
+
+Click the following link to reset your password:
+${resetUrl}
+
+This link will expire in 1 hour.
+
+If you did not request this password reset, please ignore this email.
+
+Best regards,
+DbGate Team
+        `.trim(),
+      });
+
+      sendToAuditLog(req, {
+        category: 'auth',
+        component: 'StorageController',
+        action: 'requestPasswordReset',
+        event: 'password.resetRequested',
+        severity: 'info',
+        detail: { email },
+        message: 'Password reset requested',
+      });
+    } catch (err) {
+      logger.error(extractErrorLogData(err), 'DBGM-00270 Failed to send password reset email');
+      // Cleanup: delete the password reset token that was inserted before sending the email
+      try {
+        await storageSqlCommandFmt(
+          'delete from ~user_password_reset_tokens where ~token = %v and ~used_at is null',
+          token
+        );
+      } catch (cleanupErr) {
+        logger.error(
+          extractErrorLogData(cleanupErr),
+          'DBGM-00274 Failed to clean up password reset token after email failure'
+        );
+      }
+      return { error: 'Failed to send email' };
+    }
+
+    return { success: true };
+  },
+
+  resetPassword_meta: true,
+  async resetPassword({ token, newPassword }, req) {
+    // Find valid token
+    const tokens = await storageSelectFmt(
+      'select * from ~user_password_reset_tokens where ~token = %v and ~used_at is null and ~expires_at > %v',
+      token,
+      format(new Date(), "yyyy-MM-dd'T'HH:mm:ss")
+    );
+
+    if (tokens.length === 0) {
+      return { error: 'Invalid or expired token' };
+    }
+
+    const resetToken = tokens[0];
+
+    // Get user
+    const users = await storageSelectFmt('select * from ~users where ~id = %v', resetToken.user_id);
+    if (users.length === 0) {
+      return { error: 'User not found' };
+    }
+
+    const user = users[0];
+
+    await storageSqlCommandFmt(
+      'update ~users set ~password = %v where ~id = %v',
+      encryptPasswordString(newPassword),
+      user.id
+    );
+
+    // Mark token as used
+    await storageSqlCommandFmt(
+      'update ~user_password_reset_tokens set ~used_at = %v where ~id = %v',
+      format(new Date(), "yyyy-MM-dd'T'HH:mm:ss"),
+      resetToken.id
+    );
+
+    sendToAuditLog(req, {
+      category: 'auth',
+      component: 'StorageController',
+      action: 'resetPassword',
+      event: 'password.resetCompleted',
+      severity: 'info',
+      detail: { userId: user.id, login: user.login },
+      message: 'Password reset completed',
+    });
+
+    return { success: true };
+  },
 };

package/src/currentVersion.js

@@ -1,5 +1,5 @@
 
 module.exports = { 
-  version: '7.0.4',
-  buildTime: '2026-02-09T14:41:54.930Z'
+  version: '7.1.0',
+  buildTime: '2026-02-24T14:21:05.674Z'
 };

package/src/main.js

@@ -14,6 +14,7 @@ const socket = require('./utility/socket');
 const connections = require('./controllers/connections');
 const serverConnections = require('./controllers/serverConnections');
 const databaseConnections = require('./controllers/databaseConnections');
+const restConnections = require('./controllers/restConnections');
 const metadata = require('./controllers/metadata');
 const sessions = require('./controllers/sessions');
 const runners = require('./controllers/runners');
@@ -267,6 +268,7 @@ function useAllControllers(app, electron) {
   useController(app, electron, '/auth', auth);
   useController(app, electron, '/cloud', cloud);
   useController(app, electron, '/team-files', teamFiles);
+  useController(app, electron, '/rest-connections', restConnections);
 }
 
 function setElectronSender(electronSender) {

package/src/proc/connectProcess.js

@@ -1,6 +1,6 @@
 const childProcessChecker = require('../utility/childProcessChecker');
 const requireEngineDriver = require('../utility/requireEngineDriver');
-const { connectUtility } = require('../utility/connectUtility');
+const { connectUtility, getRestAuthFromConnection } = require('../utility/connectUtility');
 const { handleProcessCommunication } = require('../utility/processComm');
 const { pickSafeConnectionInfo } = require('../utility/crypting');
 const _ = require('lodash');
@@ -29,6 +29,9 @@ function start() {
     try {
       const driver = requireEngineDriver(connection);
       const connectionChanged = driver?.beforeConnectionSave ? driver.beforeConnectionSave(connection) : connection;
+      if (driver?.databaseEngineTypes?.includes('rest')) {
+        connectionChanged.restAuth = getRestAuthFromConnection(connection);
+      }
 
       if (!connection.isVolatileResolved) {
         if (connectionChanged.useRedirectDbLogin) {

package/src/proc/index.js

@@ -1,6 +1,7 @@
 const connectProcess = require('./connectProcess');
 const databaseConnectionProcess = require('./databaseConnectionProcess');
 const serverConnectionProcess = require('./serverConnectionProcess');
+const restConnectionProcess = require('./restConnectionProcess');
 const sessionProcess = require('./sessionProcess');
 const jslDatastoreProcess = require('./jslDatastoreProcess');
 const sshForwardProcess = require('./sshForwardProcess');
@@ -9,6 +10,7 @@ module.exports = {
   connectProcess,
   databaseConnectionProcess,
   serverConnectionProcess,
+  restConnectionProcess,
   sessionProcess,
   jslDatastoreProcess,
   sshForwardProcess,