dexie-cloud-addon 4.0.1-beta.54 → 4.0.1-beta.56

package/dist/modern/service-worker.js

@@ -8,7 +8,7 @@
  *
  * ==========================================================================
  *
- * Version 4.0.1-beta.54, Mon Dec 18 2023
+ * Version 4.0.1-beta.56, Wed Jan 31 2024
  *
  * https://dexie.org
  *
@@ -2333,7 +2333,28 @@ function alertUser(userInteraction, title, ...alerts) {
 function promptForEmail(userInteraction, title, emailHint) {
     return __awaiter(this, void 0, void 0, function* () {
         let email = emailHint || '';
-        while (!email || !/^[\w-+.]+@([\w-]+\.)+[\w-]{2,10}$/.test(email)) {
+        // Regular expression for email validation
+        // ^[\w-+.]+@([\w-]+\.)+[\w-]{2,10}(\sas\s[\w-+.]+@([\w-]+\.)+[\w-]{2,10})?$
+        //
+        // ^[\w-+.]+ : Matches the start of the string. Allows one or more word characters
+        // (a-z, A-Z, 0-9, and underscore), hyphen, plus, or dot.
+        //
+        // @ : Matches the @ symbol.
+        // ([\w-]+\.)+ : Matches one or more word characters or hyphens followed by a dot.
+        //   The plus sign outside the parentheses means this pattern can repeat one or more times,
+        //   allowing for subdomains.
+        // [\w-]{2,10} : Matches between 2 and 10 word characters or hyphens. This is typically for
+        //   the domain extension like .com, .net, etc.
+        // (\sas\s[\w-+.]+@([\w-]+\.)+[\w-]{2,10})?$ : This part is optional (due to the ? at the end).
+        //   If present, it matches " as " followed by another valid email address. This allows for the
+        //   input to be either a single email address or two email addresses separated by " as ". 
+        //
+        // The use case for "<email1> as <email2>"" is for when a database owner with full access to the
+        // database needs to impersonate another user in the database in order to troubleshoot. This
+        // format will only be possible to use when email1 is the owner of an API client with GLOBAL_READ
+        // and GLOBAL_WRITE permissions on the database. The email will be checked on the server before
+        // allowing it and giving out a token for email2, using the OTP sent to email1.
+        while (!email || !/^[\w-+.]+@([\w-]+\.)+[\w-]{2,10}(\sas\s[\w-+.]+@([\w-]+\.)+[\w-]{2,10})?$/.test(email)) {
             email = (yield interactWithUser(userInteraction, {
                 type: 'email',
                 title,
@@ -4217,6 +4238,19 @@ function otpFetchTokenCallback(db) {
                     demo_user,
                     grant_type: 'demo',
                     scopes: ['ACCESS_DB'],
+                    public_key
+                };
+            }
+            else if ((hints === null || hints === void 0 ? void 0 : hints.otpId) && hints.otp) {
+                // User provided OTP ID and OTP code. This means that the OTP email
+                // has already gone out and the user may have clicked a magic link
+                // in the email with otp and otpId in query and the app has picked
+                // up those values and passed them to db.cloud.login().
+                tokenRequest = {
+                    grant_type: 'otp',
+                    otp_id: hints.otpId,
+                    otp: hints.otp,
+                    scopes: ['ACCESS_DB'],
                     public_key,
                 };
             }
@@ -4226,7 +4260,6 @@ function otpFetchTokenCallback(db) {
                     email,
                     grant_type: 'otp',
                     scopes: ['ACCESS_DB'],
-                    public_key,
                 };
             }
             const res1 = yield fetch(`${url}/token`, {
@@ -4250,28 +4283,27 @@ function otpFetchTokenCallback(db) {
                 // Error can also be returned right away.
                 return response;
             }
-            else if (tokenRequest.grant_type === 'otp') {
+            else if (tokenRequest.grant_type === 'otp' && 'email' in tokenRequest) {
                 if (response.type !== 'otp-sent')
                     throw new Error(`Unexpected response from ${url}/token`);
                 const otp = yield promptForOTP(userInteraction, tokenRequest.email);
-                tokenRequest.otp = otp || '';
-                tokenRequest.otp_id = response.otp_id;
+                const tokenRequest2 = Object.assign(Object.assign({}, tokenRequest), { otp: otp || '', otp_id: response.otp_id });
                 let res2 = yield fetch(`${url}/token`, {
-                    body: JSON.stringify(tokenRequest),
+                    body: JSON.stringify(tokenRequest2),
                     method: 'post',
                     headers: { 'Content-Type': 'application/json' },
                     mode: 'cors',
                 });
                 while (res2.status === 401) {
                     const errorText = yield res2.text();
-                    tokenRequest.otp = yield promptForOTP(userInteraction, tokenRequest.email, {
+                    tokenRequest2.otp = yield promptForOTP(userInteraction, tokenRequest.email, {
                         type: 'error',
                         messageCode: 'INVALID_OTP',
                         message: errorText,
                         messageParams: {}
                     });
                     res2 = yield fetch(`${url}/token`, {
-                        body: JSON.stringify(tokenRequest),
+                        body: JSON.stringify(tokenRequest2),
                         method: 'post',
                         headers: { 'Content-Type': 'application/json' },
                         mode: 'cors',
@@ -6225,7 +6257,7 @@ function dexieCloud(dexie) {
     const syncComplete = new Subject();
     dexie.cloud = {
         // @ts-ignore
-        version: "4.0.1-beta.54",
+        version: "4.0.1-beta.56",
         options: Object.assign({}, DEFAULT_OPTIONS),
         schema: null,
         get currentUserId() {
@@ -6502,7 +6534,7 @@ function dexieCloud(dexie) {
     }
 }
 // @ts-ignore
-dexieCloud.version = "4.0.1-beta.54";
+dexieCloud.version = "4.0.1-beta.56";
 Dexie.Cloud = dexieCloud;
 
 // In case the SW lives for a while, let it reuse already opened connections: